From 5222ed64e8dcdd3587948cdd674424fda560af81 Mon Sep 17 00:00:00 2001 From: Mario Fetka Date: Thu, 22 Mar 2018 15:54:03 +0100 Subject: [PATCH] Imported Upstream version 0.058 --- Changes | 150 +- CryptX.xs | 811 +- MANIFEST | 117 +- META.json | 10 +- META.yml | 4 +- Makefile.PL | 108 +- README | 68 - README.md | 73 + inc/CryptX_AuthEnc_CCM.xs.inc | 272 +- inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc | 154 +- inc/CryptX_AuthEnc_EAX.xs.inc | 142 +- inc/CryptX_AuthEnc_GCM.xs.inc | 158 +- inc/CryptX_AuthEnc_OCB.xs.inc | 194 +- inc/CryptX_BigInt_LTM.xs.inc | 1 + inc/CryptX_Checksum_Adler32.xs.inc | 81 +- inc/CryptX_Checksum_CRC32.xs.inc | 81 +- inc/CryptX_Cipher.xs.inc | 213 +- inc/CryptX_Digest.xs.inc | 191 +- inc/CryptX_Digest_SHAKE.xs.inc | 33 +- inc/CryptX_KeyDerivation.xs.inc | 197 +- inc/CryptX_Mac_BLAKE2b.xs.inc | 162 +- inc/CryptX_Mac_BLAKE2s.xs.inc | 162 +- inc/CryptX_Mac_F9.xs.inc | 167 +- inc/CryptX_Mac_HMAC.xs.inc | 167 +- inc/CryptX_Mac_OMAC.xs.inc | 167 +- inc/CryptX_Mac_PMAC.xs.inc | 167 +- inc/CryptX_Mac_Pelican.xs.inc | 162 +- inc/CryptX_Mac_Poly1305.xs.inc | 161 +- inc/CryptX_Mac_XCBC.xs.inc | 167 +- inc/CryptX_Mode_CBC.xs.inc | 405 +- inc/CryptX_Mode_CFB.xs.inc | 80 +- inc/CryptX_Mode_CTR.xs.inc | 80 +- inc/CryptX_Mode_ECB.xs.inc | 405 +- inc/CryptX_Mode_OFB.xs.inc | 80 +- inc/CryptX_PK_DH.xs.inc | 277 +- inc/CryptX_PK_DSA.xs.inc | 163 +- inc/CryptX_PK_ECC.xs.inc | 271 +- inc/CryptX_PK_RSA.xs.inc | 186 +- inc/CryptX_PRNG.xs.inc | 171 +- inc/CryptX_Stream_ChaCha.xs.inc | 67 +- inc/CryptX_Stream_RC4.xs.inc | 52 +- inc/CryptX_Stream_Rabbit.xs.inc | 104 + inc/CryptX_Stream_Salsa20.xs.inc | 101 + inc/CryptX_Stream_Sober128.xs.inc | 59 +- inc/CryptX_Stream_Sosemanuk.xs.inc | 107 + lib/Crypt/AuthEnc.pm | 10 +- lib/Crypt/AuthEnc/CCM.pm | 100 +- lib/Crypt/AuthEnc/ChaCha20Poly1305.pm | 101 +- lib/Crypt/AuthEnc/EAX.pm | 103 +- lib/Crypt/AuthEnc/GCM.pm | 95 +- lib/Crypt/AuthEnc/OCB.pm | 115 +- lib/Crypt/Checksum.pm | 222 +- lib/Crypt/Checksum/Adler32.pm | 133 +- lib/Crypt/Checksum/CRC32.pm | 133 +- lib/Crypt/Cipher.pm | 94 +- lib/Crypt/Cipher/AES.pm | 25 +- lib/Crypt/Cipher/Anubis.pm | 25 +- lib/Crypt/Cipher/Blowfish.pm | 25 +- lib/Crypt/Cipher/CAST5.pm | 25 +- lib/Crypt/Cipher/Camellia.pm | 25 +- lib/Crypt/Cipher/DES.pm | 25 +- lib/Crypt/Cipher/DES_EDE.pm | 25 +- lib/Crypt/Cipher/IDEA.pm | 118 + lib/Crypt/Cipher/KASUMI.pm | 25 +- lib/Crypt/Cipher/Khazad.pm | 25 +- lib/Crypt/Cipher/MULTI2.pm | 25 +- lib/Crypt/Cipher/Noekeon.pm | 25 +- lib/Crypt/Cipher/RC2.pm | 25 +- lib/Crypt/Cipher/RC5.pm | 25 +- lib/Crypt/Cipher/RC6.pm | 25 +- lib/Crypt/Cipher/SAFERP.pm | 25 +- lib/Crypt/Cipher/SAFER_K128.pm | 25 +- lib/Crypt/Cipher/SAFER_K64.pm | 25 +- lib/Crypt/Cipher/SAFER_SK128.pm | 25 +- lib/Crypt/Cipher/SAFER_SK64.pm | 25 +- lib/Crypt/Cipher/SEED.pm | 25 +- lib/Crypt/Cipher/Serpent.pm | 118 + lib/Crypt/Cipher/Skipjack.pm | 25 +- lib/Crypt/Cipher/Twofish.pm | 25 +- lib/Crypt/Cipher/XTEA.pm | 25 +- lib/Crypt/Digest.pm | 94 +- lib/Crypt/Digest/BLAKE2b_160.pm | 32 +- lib/Crypt/Digest/BLAKE2b_256.pm | 32 +- lib/Crypt/Digest/BLAKE2b_384.pm | 32 +- lib/Crypt/Digest/BLAKE2b_512.pm | 32 +- lib/Crypt/Digest/BLAKE2s_128.pm | 32 +- lib/Crypt/Digest/BLAKE2s_160.pm | 32 +- lib/Crypt/Digest/BLAKE2s_224.pm | 32 +- lib/Crypt/Digest/BLAKE2s_256.pm | 32 +- lib/Crypt/Digest/CHAES.pm | 30 +- lib/Crypt/Digest/Keccak224.pm | 223 + lib/Crypt/Digest/Keccak256.pm | 223 + lib/Crypt/Digest/Keccak384.pm | 223 + lib/Crypt/Digest/Keccak512.pm | 223 + lib/Crypt/Digest/MD2.pm | 30 +- lib/Crypt/Digest/MD4.pm | 30 +- lib/Crypt/Digest/MD5.pm | 30 +- lib/Crypt/Digest/RIPEMD128.pm | 30 +- lib/Crypt/Digest/RIPEMD160.pm | 30 +- lib/Crypt/Digest/RIPEMD256.pm | 30 +- lib/Crypt/Digest/RIPEMD320.pm | 30 +- lib/Crypt/Digest/SHA1.pm | 30 +- lib/Crypt/Digest/SHA224.pm | 30 +- lib/Crypt/Digest/SHA256.pm | 30 +- lib/Crypt/Digest/SHA384.pm | 30 +- lib/Crypt/Digest/SHA3_224.pm | 30 +- lib/Crypt/Digest/SHA3_256.pm | 30 +- lib/Crypt/Digest/SHA3_384.pm | 30 +- lib/Crypt/Digest/SHA3_512.pm | 30 +- lib/Crypt/Digest/SHA512.pm | 30 +- lib/Crypt/Digest/SHA512_224.pm | 30 +- lib/Crypt/Digest/SHA512_256.pm | 30 +- lib/Crypt/Digest/SHAKE.pm | 6 +- lib/Crypt/Digest/Tiger192.pm | 30 +- lib/Crypt/Digest/Whirlpool.pm | 30 +- lib/Crypt/KeyDerivation.pm | 56 +- lib/Crypt/Mac.pm | 28 +- lib/Crypt/Mac/BLAKE2b.pm | 13 +- lib/Crypt/Mac/BLAKE2s.pm | 13 +- lib/Crypt/Mac/F9.pm | 13 +- lib/Crypt/Mac/HMAC.pm | 32 +- lib/Crypt/Mac/OMAC.pm | 15 +- lib/Crypt/Mac/PMAC.pm | 15 +- lib/Crypt/Mac/Pelican.pm | 13 +- lib/Crypt/Mac/Poly1305.pm | 13 +- lib/Crypt/Mac/XCBC.pm | 15 +- lib/Crypt/Misc.pm | 331 +- lib/Crypt/Mode.pm | 65 +- lib/Crypt/Mode/CBC.pm | 46 +- lib/Crypt/Mode/CFB.pm | 56 +- lib/Crypt/Mode/CTR.pm | 62 +- lib/Crypt/Mode/ECB.pm | 46 +- lib/Crypt/Mode/OFB.pm | 56 +- lib/Crypt/PK.pm | 6 +- lib/Crypt/PK/DH.pm | 321 +- lib/Crypt/PK/DSA.pm | 121 +- lib/Crypt/PK/ECC.pm | 731 +- lib/Crypt/PK/RSA.pm | 140 +- lib/Crypt/PRNG.pm | 43 +- lib/Crypt/PRNG/ChaCha20.pm | 5 +- lib/Crypt/PRNG/Fortuna.pm | 5 +- lib/Crypt/PRNG/RC4.pm | 5 +- lib/Crypt/PRNG/Sober128.pm | 5 +- lib/Crypt/PRNG/Yarrow.pm | 4 +- lib/Crypt/Stream/ChaCha.pm | 6 +- lib/Crypt/Stream/RC4.pm | 6 +- lib/Crypt/Stream/Rabbit.pm | 72 + lib/Crypt/Stream/Salsa20.pm | 72 + lib/Crypt/Stream/Sober128.pm | 6 +- lib/Crypt/Stream/Sosemanuk.pm | 69 + lib/CryptX.pm | 57 +- lib/Math/BigInt/LTM.pm | 4 +- ppport.h | 366 +- src/Makefile | 186 +- src/Makefile.nmake | 179 +- src/ltc/ciphers/aes/aes.c | 27 +- src/ltc/ciphers/aes/aes_tab.c | 8 +- src/ltc/ciphers/anubis.c | 15 +- src/ltc/ciphers/blowfish.c | 11 +- src/ltc/ciphers/camellia.c | 26 +- src/ltc/ciphers/cast5.c | 11 +- src/ltc/ciphers/des.c | 14 +- src/ltc/ciphers/idea.c | 260 + src/ltc/ciphers/kasumi.c | 11 +- src/ltc/ciphers/khazad.c | 13 +- src/ltc/ciphers/kseed.c | 26 +- src/ltc/ciphers/multi2.c | 14 +- src/ltc/ciphers/noekeon.c | 27 +- src/ltc/ciphers/rc2.c | 10 +- src/ltc/ciphers/rc5.c | 11 +- src/ltc/ciphers/rc6.c | 28 +- src/ltc/ciphers/safer/safer.c | 22 +- src/ltc/ciphers/safer/safer_tab.c | 8 +- src/ltc/ciphers/safer/saferp.c | 11 +- src/ltc/ciphers/serpent.c | 727 + src/ltc/ciphers/skipjack.c | 11 +- src/ltc/ciphers/twofish/twofish.c | 14 +- src/ltc/ciphers/twofish/twofish_tab.c | 8 +- src/ltc/ciphers/xtea.c | 27 +- src/ltc/encauth/ccm/ccm_add_aad.c | 6 +- src/ltc/encauth/ccm/ccm_add_nonce.c | 6 +- src/ltc/encauth/ccm/ccm_done.c | 6 +- src/ltc/encauth/ccm/ccm_init.c | 6 +- src/ltc/encauth/ccm/ccm_memory.c | 36 +- src/ltc/encauth/ccm/ccm_process.c | 12 +- src/ltc/encauth/ccm/ccm_reset.c | 6 +- .../chachapoly/chacha20poly1305_add_aad.c | 4 + .../chachapoly/chacha20poly1305_decrypt.c | 6 +- .../chachapoly/chacha20poly1305_done.c | 6 +- .../chachapoly/chacha20poly1305_encrypt.c | 6 +- .../chachapoly/chacha20poly1305_init.c | 4 + .../chachapoly/chacha20poly1305_memory.c | 14 +- .../chachapoly/chacha20poly1305_setiv.c | 6 +- .../chacha20poly1305_setiv_rfc7905.c | 6 +- src/ltc/encauth/eax/eax_addheader.c | 8 +- src/ltc/encauth/eax/eax_decrypt.c | 8 +- .../encauth/eax/eax_decrypt_verify_memory.c | 13 +- src/ltc/encauth/eax/eax_done.c | 8 +- src/ltc/encauth/eax/eax_encrypt.c | 8 +- .../eax/eax_encrypt_authenticate_memory.c | 8 +- src/ltc/encauth/eax/eax_init.c | 8 +- src/ltc/encauth/gcm/gcm_add_aad.c | 10 +- src/ltc/encauth/gcm/gcm_add_iv.c | 8 +- src/ltc/encauth/gcm/gcm_done.c | 17 +- src/ltc/encauth/gcm/gcm_gf_mult.c | 12 +- src/ltc/encauth/gcm/gcm_init.c | 8 +- src/ltc/encauth/gcm/gcm_memory.c | 12 +- src/ltc/encauth/gcm/gcm_mult_h.c | 8 +- src/ltc/encauth/gcm/gcm_process.c | 13 +- src/ltc/encauth/gcm/gcm_reset.c | 8 +- src/ltc/encauth/ocb3/ocb3_add_aad.c | 41 +- src/ltc/encauth/ocb3/ocb3_decrypt.c | 14 +- src/ltc/encauth/ocb3/ocb3_decrypt_last.c | 13 +- .../encauth/ocb3/ocb3_decrypt_verify_memory.c | 26 +- src/ltc/encauth/ocb3/ocb3_done.c | 22 +- src/ltc/encauth/ocb3/ocb3_encrypt.c | 14 +- .../ocb3/ocb3_encrypt_authenticate_memory.c | 21 +- src/ltc/encauth/ocb3/ocb3_encrypt_last.c | 13 +- src/ltc/encauth/ocb3/ocb3_init.c | 84 +- src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c | 49 - .../encauth/ocb3/ocb3_int_calc_offset_zero.c | 72 - src/ltc/encauth/ocb3/ocb3_int_ntz.c | 8 +- src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c | 6 +- src/ltc/hashes/blake2b.c | 26 +- src/ltc/hashes/blake2s.c | 26 +- src/ltc/hashes/chc/chc.c | 30 +- src/ltc/hashes/helper/hash_file.c | 8 +- src/ltc/hashes/helper/hash_filehandle.c | 13 +- src/ltc/hashes/helper/hash_memory.c | 8 +- src/ltc/hashes/helper/hash_memory_multi.c | 8 +- src/ltc/hashes/md2.c | 19 +- src/ltc/hashes/md4.c | 29 +- src/ltc/hashes/md5.c | 12 +- src/ltc/hashes/rmd128.c | 28 +- src/ltc/hashes/rmd160.c | 28 +- src/ltc/hashes/rmd256.c | 25 +- src/ltc/hashes/rmd320.c | 25 +- src/ltc/hashes/sha1.c | 12 +- src/ltc/hashes/sha2/sha224.c | 12 +- src/ltc/hashes/sha2/sha256.c | 12 +- src/ltc/hashes/sha2/sha384.c | 12 +- src/ltc/hashes/sha2/sha512.c | 12 +- src/ltc/hashes/sha2/sha512_224.c | 12 +- src/ltc/hashes/sha2/sha512_256.c | 12 +- src/ltc/hashes/sha3.c | 129 +- src/ltc/hashes/sha3_test.c | 419 +- src/ltc/hashes/tiger.c | 12 +- src/ltc/hashes/whirl/whirl.c | 17 +- src/ltc/hashes/whirl/whirltab.c | 15 +- src/ltc/headers/tomcrypt.h | 28 +- src/ltc/headers/tomcrypt_argchk.h | 17 +- src/ltc/headers/tomcrypt_cfg.h | 87 +- src/ltc/headers/tomcrypt_cipher.h | 136 +- src/ltc/headers/tomcrypt_custom.h | 128 +- src/ltc/headers/tomcrypt_hash.h | 59 +- src/ltc/headers/tomcrypt_mac.h | 222 +- src/ltc/headers/tomcrypt_macros.h | 14 +- src/ltc/headers/tomcrypt_math.h | 147 +- src/ltc/headers/tomcrypt_misc.h | 50 +- src/ltc/headers/tomcrypt_pk.h | 407 +- src/ltc/headers/tomcrypt_pkcs.h | 24 +- src/ltc/headers/tomcrypt_prng.h | 18 +- src/ltc/mac/blake2/blake2bmac.c | 5 + src/ltc/mac/blake2/blake2bmac_file.c | 9 + src/ltc/mac/blake2/blake2bmac_memory.c | 4 + src/ltc/mac/blake2/blake2bmac_memory_multi.c | 8 +- src/ltc/mac/blake2/blake2smac.c | 5 + src/ltc/mac/blake2/blake2smac_file.c | 9 + src/ltc/mac/blake2/blake2smac_memory.c | 4 + src/ltc/mac/blake2/blake2smac_memory_multi.c | 8 +- src/ltc/mac/f9/f9_done.c | 8 +- src/ltc/mac/f9/f9_file.c | 14 +- src/ltc/mac/f9/f9_init.c | 8 +- src/ltc/mac/f9/f9_memory.c | 8 +- src/ltc/mac/f9/f9_memory_multi.c | 8 +- src/ltc/mac/f9/f9_process.c | 8 +- src/ltc/mac/hmac/hmac_done.c | 9 +- src/ltc/mac/hmac/hmac_file.c | 14 +- src/ltc/mac/hmac/hmac_init.c | 24 +- src/ltc/mac/hmac/hmac_memory.c | 8 +- src/ltc/mac/hmac/hmac_memory_multi.c | 8 +- src/ltc/mac/hmac/hmac_process.c | 8 +- src/ltc/mac/omac/omac_done.c | 8 +- src/ltc/mac/omac/omac_file.c | 14 +- src/ltc/mac/omac/omac_init.c | 8 +- src/ltc/mac/omac/omac_memory.c | 8 +- src/ltc/mac/omac/omac_memory_multi.c | 8 +- src/ltc/mac/omac/omac_process.c | 8 +- src/ltc/mac/pelican/pelican.c | 16 +- src/ltc/mac/pelican/pelican_memory.c | 8 +- src/ltc/mac/pmac/pmac_done.c | 8 +- src/ltc/mac/pmac/pmac_file.c | 14 +- src/ltc/mac/pmac/pmac_init.c | 8 +- src/ltc/mac/pmac/pmac_memory.c | 8 +- src/ltc/mac/pmac/pmac_memory_multi.c | 8 +- src/ltc/mac/pmac/pmac_ntz.c | 8 +- src/ltc/mac/pmac/pmac_process.c | 8 +- src/ltc/mac/pmac/pmac_shift_xor.c | 8 +- src/ltc/mac/poly1305/poly1305.c | 8 +- src/ltc/mac/poly1305/poly1305_file.c | 9 + src/ltc/mac/poly1305/poly1305_memory.c | 4 + src/ltc/mac/poly1305/poly1305_memory_multi.c | 8 +- src/ltc/mac/xcbc/xcbc_done.c | 8 +- src/ltc/mac/xcbc/xcbc_file.c | 14 +- src/ltc/mac/xcbc/xcbc_init.c | 8 +- src/ltc/mac/xcbc/xcbc_memory.c | 8 +- src/ltc/mac/xcbc/xcbc_memory_multi.c | 8 +- src/ltc/mac/xcbc/xcbc_process.c | 8 +- src/ltc/math/fp/ltc_ecc_fp_mulmod.c | 64 +- src/ltc/math/ltm_desc.c | 22 +- src/ltc/math/multi.c | 25 +- src/ltc/math/radix_to_bin.c | 62 + src/ltc/math/rand_bn.c | 16 +- src/ltc/math/rand_prime.c | 10 +- src/ltc/math/tfm_desc.c | 137 +- src/ltc/misc/adler32.c | 16 +- src/ltc/misc/base32/base32_decode.c | 122 + src/ltc/misc/base32/base32_encode.c | 95 + src/ltc/misc/base64/base64_decode.c | 8 +- src/ltc/misc/base64/base64_encode.c | 8 +- src/ltc/misc/burn_stack.c | 8 +- src/ltc/misc/compare_testvector.c | 91 + src/ltc/misc/copy_or_zeromem.c | 61 + src/ltc/misc/crc32.c | 16 +- src/ltc/misc/crypt/crypt.c | 76 +- src/ltc/misc/crypt/crypt_argchk.c | 10 +- src/ltc/misc/crypt/crypt_cipher_descriptor.c | 8 +- src/ltc/misc/crypt/crypt_cipher_is_valid.c | 8 +- src/ltc/misc/crypt/crypt_constants.c | 296 + src/ltc/misc/crypt/crypt_find_cipher.c | 8 +- src/ltc/misc/crypt/crypt_find_cipher_any.c | 16 +- src/ltc/misc/crypt/crypt_find_cipher_id.c | 8 +- src/ltc/misc/crypt/crypt_find_hash.c | 8 +- src/ltc/misc/crypt/crypt_find_hash_any.c | 8 +- src/ltc/misc/crypt/crypt_find_hash_id.c | 8 +- src/ltc/misc/crypt/crypt_find_hash_oid.c | 8 +- src/ltc/misc/crypt/crypt_find_prng.c | 8 +- src/ltc/misc/crypt/crypt_fsa.c | 8 +- src/ltc/misc/crypt/crypt_hash_descriptor.c | 8 +- src/ltc/misc/crypt/crypt_hash_is_valid.c | 8 +- src/ltc/misc/crypt/crypt_inits.c | 67 +- src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c | 9 +- src/ltc/misc/crypt/crypt_prng_descriptor.c | 8 +- src/ltc/misc/crypt/crypt_prng_is_valid.c | 8 +- .../misc/crypt/crypt_prng_rng_descriptor.c | 17 + .../misc/crypt/crypt_register_all_ciphers.c | 106 + .../misc/crypt/crypt_register_all_hashes.c | 105 + src/ltc/misc/crypt/crypt_register_all_prngs.c | 48 + src/ltc/misc/crypt/crypt_register_cipher.c | 8 +- src/ltc/misc/crypt/crypt_register_hash.c | 8 +- src/ltc/misc/crypt/crypt_register_prng.c | 8 +- src/ltc/misc/crypt/crypt_sizes.c | 371 + src/ltc/misc/crypt/crypt_unregister_cipher.c | 8 +- src/ltc/misc/crypt/crypt_unregister_hash.c | 8 +- src/ltc/misc/crypt/crypt_unregister_prng.c | 8 +- src/ltc/misc/error_to_string.c | 15 +- src/ltc/misc/hkdf/hkdf.c | 27 +- src/ltc/misc/mem_neq.c | 19 +- src/ltc/misc/pk_get_oid.c | 9 +- src/ltc/misc/pkcs5/pkcs_5_1.c | 10 +- src/ltc/misc/pkcs5/pkcs_5_2.c | 10 +- src/ltc/misc/zeromem.c | 8 +- src/ltc/modes/cbc/cbc_decrypt.c | 8 +- src/ltc/modes/cbc/cbc_done.c | 8 +- src/ltc/modes/cbc/cbc_encrypt.c | 8 +- src/ltc/modes/cbc/cbc_getiv.c | 14 +- src/ltc/modes/cbc/cbc_setiv.c | 12 +- src/ltc/modes/cbc/cbc_start.c | 10 +- src/ltc/modes/cfb/cfb_decrypt.c | 8 +- src/ltc/modes/cfb/cfb_done.c | 8 +- src/ltc/modes/cfb/cfb_encrypt.c | 8 +- src/ltc/modes/cfb/cfb_getiv.c | 14 +- src/ltc/modes/cfb/cfb_setiv.c | 12 +- src/ltc/modes/cfb/cfb_start.c | 10 +- src/ltc/modes/ctr/ctr_decrypt.c | 8 +- src/ltc/modes/ctr/ctr_done.c | 8 +- src/ltc/modes/ctr/ctr_encrypt.c | 10 +- src/ltc/modes/ctr/ctr_getiv.c | 14 +- src/ltc/modes/ctr/ctr_setiv.c | 12 +- src/ltc/modes/ctr/ctr_start.c | 10 +- src/ltc/modes/ecb/ecb_decrypt.c | 8 +- src/ltc/modes/ecb/ecb_done.c | 8 +- src/ltc/modes/ecb/ecb_encrypt.c | 8 +- src/ltc/modes/ecb/ecb_start.c | 8 +- src/ltc/modes/ofb/ofb_decrypt.c | 8 +- src/ltc/modes/ofb/ofb_done.c | 8 +- src/ltc/modes/ofb/ofb_encrypt.c | 8 +- src/ltc/modes/ofb/ofb_getiv.c | 14 +- src/ltc/modes/ofb/ofb_setiv.c | 12 +- src/ltc/modes/ofb/ofb_start.c | 10 +- .../pk/asn1/der/bit/der_decode_bit_string.c | 33 +- .../asn1/der/bit/der_decode_raw_bit_string.c | 48 +- .../pk/asn1/der/bit/der_encode_bit_string.c | 23 +- .../asn1/der/bit/der_encode_raw_bit_string.c | 35 +- .../pk/asn1/der/bit/der_length_bit_string.c | 26 +- .../pk/asn1/der/boolean/der_decode_boolean.c | 8 +- .../pk/asn1/der/boolean/der_encode_boolean.c | 8 +- .../pk/asn1/der/boolean/der_length_boolean.c | 8 +- .../pk/asn1/der/choice/der_decode_choice.c | 20 +- .../der/custom_type/der_decode_custom_type.c | 420 + .../der/custom_type/der_encode_custom_type.c | 238 + .../der/custom_type/der_length_custom_type.c | 213 + src/ltc/pk/asn1/der/general/der_asn1_maps.c | 167 + .../der/general/der_decode_asn1_identifier.c | 133 + .../asn1/der/general/der_decode_asn1_length.c | 67 + .../der/general/der_encode_asn1_identifier.c | 97 + .../asn1/der/general/der_encode_asn1_length.c | 127 + .../der/general/der_length_asn1_identifier.c | 33 + .../asn1/der/general/der_length_asn1_length.c | 32 + .../der_decode_generalizedtime.c | 18 +- .../der_encode_generalizedtime.c | 12 +- .../der_length_generalizedtime.c | 10 +- .../pk/asn1/der/ia5/der_decode_ia5_string.c | 33 +- .../pk/asn1/der/ia5/der_encode_ia5_string.c | 28 +- .../pk/asn1/der/ia5/der_length_ia5_string.c | 26 +- .../pk/asn1/der/integer/der_decode_integer.c | 56 +- .../pk/asn1/der/integer/der_encode_integer.c | 31 +- .../pk/asn1/der/integer/der_length_integer.c | 34 +- .../der_decode_object_identifier.c | 54 +- .../der_encode_object_identifier.c | 23 +- .../der_length_object_identifier.c | 8 +- .../asn1/der/octet/der_decode_octet_string.c | 32 +- .../asn1/der/octet/der_encode_octet_string.c | 28 +- .../asn1/der/octet/der_length_octet_string.c | 28 +- .../der_decode_printable_string.c | 33 +- .../der_encode_printable_string.c | 28 +- .../der_length_printable_string.c | 26 +- .../der/sequence/der_decode_sequence_ex.c | 313 +- .../der/sequence/der_decode_sequence_flexi.c | 227 +- .../der/sequence/der_decode_sequence_multi.c | 91 +- .../der/sequence/der_encode_sequence_ex.c | 62 +- .../der/sequence/der_encode_sequence_multi.c | 18 +- .../asn1/der/sequence/der_length_sequence.c | 61 +- .../pk/asn1/der/sequence/der_sequence_free.c | 8 +- .../asn1/der/sequence/der_sequence_shrink.c | 50 + src/ltc/pk/asn1/der/set/der_encode_set.c | 41 +- src/ltc/pk/asn1/der/set/der_encode_setof.c | 12 +- .../short_integer/der_decode_short_integer.c | 8 +- .../short_integer/der_encode_short_integer.c | 8 +- .../short_integer/der_length_short_integer.c | 32 +- .../der_decode_teletex_string.c | 33 +- .../der_length_teletex_string.c | 26 +- .../pk/asn1/der/utctime/der_decode_utctime.c | 16 +- .../pk/asn1/der/utctime/der_encode_utctime.c | 8 +- .../pk/asn1/der/utctime/der_length_utctime.c | 8 +- .../pk/asn1/der/utf8/der_decode_utf8_string.c | 46 +- .../pk/asn1/der/utf8/der_encode_utf8_string.c | 51 +- .../pk/asn1/der/utf8/der_length_utf8_string.c | 26 +- .../x509_decode_subject_public_key_info.c} | 38 +- .../x509_encode_subject_public_key_info.c} | 16 +- src/ltc/pk/dh/dh.c | 698 +- src/ltc/pk/dh/dh_check_pubkey.c | 65 + src/ltc/pk/dh/dh_export.c | 62 + src/ltc/pk/dh/dh_export_key.c | 47 + src/ltc/pk/dh/dh_free.c | 28 + src/ltc/pk/dh/dh_generate_key.c | 102 + src/ltc/pk/dh/dh_import.c | 99 + src/ltc/pk/dh/dh_set.c | 124 + src/ltc/pk/dh/dh_set_pg_dhparam.c | 54 + src/ltc/pk/dh/dh_shared_secret.c | 80 + src/ltc/pk/dh/dh_static.c | 165 - src/ltc/pk/dh/dh_static.h | 129 - src/ltc/pk/dh/dh_sys.c | 487 - src/ltc/pk/dsa/dsa_decrypt_key.c | 15 +- src/ltc/pk/dsa/dsa_encrypt_key.c | 24 +- src/ltc/pk/dsa/dsa_export.c | 10 +- src/ltc/pk/dsa/dsa_free.c | 11 +- src/ltc/pk/dsa/dsa_generate_key.c | 47 + src/ltc/pk/dsa/dsa_generate_pqg.c | 244 + src/ltc/pk/dsa/dsa_import.c | 53 +- src/ltc/pk/dsa/dsa_import_radix.c | 67 - src/ltc/pk/dsa/dsa_make_key.c | 251 +- src/ltc/pk/dsa/dsa_set.c | 112 + src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c | 67 + src/ltc/pk/dsa/dsa_shared_secret.c | 8 +- src/ltc/pk/dsa/dsa_sign_hash.c | 8 +- src/ltc/pk/dsa/dsa_verify_hash.c | 34 +- src/ltc/pk/dsa/dsa_verify_key.c | 197 +- src/ltc/pk/ecc/ecc.c | 447 +- src/ltc/pk/ecc/ecc_ansi_x963_export.c | 16 +- src/ltc/pk/ecc/ecc_ansi_x963_import.c | 74 +- src/ltc/pk/ecc/ecc_decrypt_key.c | 23 +- src/ltc/pk/ecc/ecc_dp_clear.c | 36 - src/ltc/pk/ecc/ecc_dp_fill_from_sets.c | 76 - src/ltc/pk/ecc/ecc_dp_from_oid.c | 86 - src/ltc/pk/ecc/ecc_dp_from_params.c | 86 - src/ltc/pk/ecc/ecc_dp_init.c | 36 - src/ltc/pk/ecc/ecc_dp_set.c | 100 - src/ltc/pk/ecc/ecc_encrypt_key.c | 23 +- src/ltc/pk/ecc/ecc_export.c | 17 +- ...ecc_export_full.c => ecc_export_openssl.c} | 80 +- src/ltc/pk/ecc/ecc_free.c | 20 +- .../ecc/{ecc_export_raw.c => ecc_get_key.c} | 31 +- src/ltc/pk/ecc/ecc_get_set.c | 40 + src/ltc/pk/ecc/ecc_get_size.c | 20 +- src/ltc/pk/ecc/ecc_import.c | 66 +- src/ltc/pk/ecc/ecc_import_full.c | 154 - src/ltc/pk/ecc/ecc_import_openssl.c | 157 + src/ltc/pk/ecc/ecc_import_pkcs8.c | 698 +- src/ltc/pk/ecc/ecc_import_raw.c | 100 - src/ltc/pk/ecc/ecc_import_x509.c | 59 + src/ltc/pk/ecc/ecc_make_key.c | 109 +- src/ltc/pk/ecc/ecc_set_dp.c | 97 + src/ltc/pk/ecc/ecc_set_dp_internal.c | 150 + src/ltc/pk/ecc/ecc_set_key.c | 67 + src/ltc/pk/ecc/ecc_shared_secret.c | 33 +- src/ltc/pk/ecc/ecc_sign_hash.c | 47 +- src/ltc/pk/ecc/ecc_sizes.c | 42 +- src/ltc/pk/ecc/ecc_verify_hash.c | 87 +- src/ltc/pk/ecc/ltc_ecc_export_point.c | 9 +- src/ltc/pk/ecc/ltc_ecc_import_point.c | 9 +- src/ltc/pk/ecc/ltc_ecc_is_point.c | 43 +- src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c | 8 +- src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c | 44 - src/ltc/pk/ecc/ltc_ecc_map.c | 13 +- src/ltc/pk/ecc/ltc_ecc_mul2add.c | 33 +- src/ltc/pk/ecc/ltc_ecc_mulmod.c | 56 +- src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c | 51 +- src/ltc/pk/ecc/ltc_ecc_points.c | 11 +- src/ltc/pk/ecc/ltc_ecc_projective_add_point.c | 15 +- src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c | 19 +- ...{ecc_verify_key.c => ltc_ecc_verify_key.c} | 31 +- src/ltc/pk/pkcs1/pkcs_1_i2osp.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_mgf1.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_oaep_encode.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_os2ip.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_pss_decode.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_pss_encode.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_v1_5_decode.c | 8 +- src/ltc/pk/pkcs1/pkcs_1_v1_5_encode.c | 8 +- src/ltc/pk/rsa/rsa_decrypt_key.c | 8 +- src/ltc/pk/rsa/rsa_encrypt_key.c | 8 +- src/ltc/pk/rsa/rsa_export.c | 10 +- src/ltc/pk/rsa/rsa_exptmod.c | 19 +- src/ltc/pk/rsa/rsa_free.c | 10 +- src/ltc/pk/rsa/rsa_get_size.c | 8 +- src/ltc/pk/rsa/rsa_import.c | 24 +- src/ltc/pk/rsa/rsa_import_pkcs8.c | 22 +- src/ltc/pk/rsa/rsa_import_radix.c | 64 - src/ltc/pk/rsa/rsa_import_x509.c | 17 +- src/ltc/pk/rsa/rsa_make_key.c | 15 +- src/ltc/pk/rsa/rsa_set.c | 134 + src/ltc/pk/rsa/rsa_sign_hash.c | 84 +- src/ltc/pk/rsa/rsa_sign_saltlen_get.c | 8 +- src/ltc/pk/rsa/rsa_verify_hash.c | 99 +- src/ltc/prngs/chacha20.c | 9 +- src/ltc/prngs/fortuna.c | 25 +- src/ltc/prngs/rc4.c | 8 +- src/ltc/prngs/rng_get_bytes.c | 20 +- src/ltc/prngs/rng_make_prng.c | 8 +- src/ltc/prngs/sober128.c | 9 +- src/ltc/prngs/sprng.c | 6 +- src/ltc/prngs/yarrow.c | 7 +- src/ltc/stream/chacha/chacha_crypt.c | 12 +- src/ltc/stream/chacha/chacha_done.c | 4 + src/ltc/stream/chacha/chacha_ivctr32.c | 6 +- src/ltc/stream/chacha/chacha_ivctr64.c | 6 +- src/ltc/stream/chacha/chacha_keystream.c | 4 + src/ltc/stream/chacha/chacha_setup.c | 6 + src/ltc/stream/rabbit/rabbit.c | 446 + src/ltc/stream/rc4/{rc4.c => rc4_stream.c} | 4 + src/ltc/stream/salsa20/salsa20_crypt.c | 96 + src/ltc/stream/salsa20/salsa20_done.c | 30 + src/ltc/stream/salsa20/salsa20_ivctr64.c | 48 + src/ltc/stream/salsa20/salsa20_keystream.c | 39 + src/ltc/stream/salsa20/salsa20_setup.c | 69 + .../{sober128.c => sober128_stream.c} | 14 +- src/ltc/stream/sober128/sober128tab.c | 15 +- src/ltc/stream/sosemanuk/sosemanuk.c | 822 + src/ltm/bn_error.c | 26 +- src/ltm/bn_fast_mp_invmod.c | 231 +- src/ltm/bn_fast_mp_montgomery_reduce.c | 256 +- src/ltm/bn_fast_s_mp_mul_digs.c | 92 +- src/ltm/bn_fast_s_mp_mul_high_digs.c | 82 +- src/ltm/bn_fast_s_mp_sqr.c | 86 +- src/ltm/bn_mp_2expt.c | 35 +- src/ltm/bn_mp_abs.c | 31 +- src/ltm/bn_mp_add.c | 54 +- src/ltm/bn_mp_add_d.c | 144 +- src/ltm/bn_mp_addmod.c | 33 +- src/ltm/bn_mp_and.c | 62 +- src/ltm/bn_mp_clamp.c | 31 +- src/ltm/bn_mp_clear.c | 37 +- src/ltm/bn_mp_clear_multi.c | 24 +- src/ltm/bn_mp_cmp.c | 41 +- src/ltm/bn_mp_cmp_d.c | 40 +- src/ltm/bn_mp_cmp_mag.c | 58 +- src/ltm/bn_mp_cnt_lsb.c | 18 +- src/ltm/bn_mp_copy.c | 73 +- src/ltm/bn_mp_count_bits.c | 41 +- src/ltm/bn_mp_div.c | 459 +- src/ltm/bn_mp_div_2.c | 76 +- src/ltm/bn_mp_div_2d.c | 117 +- src/ltm/bn_mp_div_3.c | 93 +- src/ltm/bn_mp_div_d.c | 134 +- src/ltm/bn_mp_dr_is_modulus.c | 14 +- src/ltm/bn_mp_dr_reduce.c | 93 +- src/ltm/bn_mp_dr_setup.c | 11 +- src/ltm/bn_mp_exch.c | 19 +- src/ltm/bn_mp_export.c | 103 +- src/ltm/bn_mp_expt_d.c | 10 +- src/ltm/bn_mp_expt_d_ex.c | 105 +- src/ltm/bn_mp_exptmod.c | 120 +- src/ltm/bn_mp_exptmod_fast.c | 481 +- src/ltm/bn_mp_exteuclid.c | 109 +- src/ltm/bn_mp_fread.c | 44 +- src/ltm/bn_mp_fwrite.c | 32 +- src/ltm/bn_mp_gcd.c | 146 +- src/ltm/bn_mp_get_int.c | 36 +- src/ltm/bn_mp_get_long.c | 28 +- src/ltm/bn_mp_get_long_long.c | 28 +- src/ltm/bn_mp_grow.c | 62 +- src/ltm/bn_mp_import.c | 80 +- src/ltm/bn_mp_init.c | 38 +- src/ltm/bn_mp_init_copy.c | 23 +- src/ltm/bn_mp_init_multi.c | 67 +- src/ltm/bn_mp_init_set.c | 20 +- src/ltm/bn_mp_init_set_int.c | 18 +- src/ltm/bn_mp_init_size.c | 42 +- src/ltm/bn_mp_invmod.c | 28 +- src/ltm/bn_mp_invmod_slow.c | 259 +- src/ltm/bn_mp_is_square.c | 143 +- src/ltm/bn_mp_jacobi.c | 158 +- src/ltm/bn_mp_karatsuba_mul.c | 231 +- src/ltm/bn_mp_karatsuba_sqr.c | 160 +- src/ltm/bn_mp_lcm.c | 62 +- src/ltm/bn_mp_lshd.c | 78 +- src/ltm/bn_mp_mod.c | 43 +- src/ltm/bn_mp_mod_2d.c | 57 +- src/ltm/bn_mp_mod_d.c | 11 +- src/ltm/bn_mp_montgomery_calc_normalization.c | 56 +- src/ltm/bn_mp_montgomery_reduce.c | 172 +- src/ltm/bn_mp_montgomery_setup.c | 51 +- src/ltm/bn_mp_mul.c | 68 +- src/ltm/bn_mp_mul_2.c | 108 +- src/ltm/bn_mp_mul_2d.c | 106 +- src/ltm/bn_mp_mul_d.c | 87 +- src/ltm/bn_mp_mulmod.c | 32 +- src/ltm/bn_mp_n_root.c | 10 +- src/ltm/bn_mp_n_root_ex.c | 174 +- src/ltm/bn_mp_neg.c | 32 +- src/ltm/bn_mp_or.c | 53 +- src/ltm/bn_mp_prime_fermat.c | 57 +- src/ltm/bn_mp_prime_is_divisible.c | 42 +- src/ltm/bn_mp_prime_is_prime.c | 83 +- src/ltm/bn_mp_prime_miller_rabin.c | 139 +- src/ltm/bn_mp_prime_next_prime.c | 100 +- src/ltm/bn_mp_prime_rabin_miller_trials.c | 32 +- src/ltm/bn_mp_prime_random_ex.c | 46 +- src/ltm/bn_mp_radix_size.c | 92 +- src/ltm/bn_mp_radix_smap.c | 20 +- src/ltm/bn_mp_rand.c | 80 +- src/ltm/bn_mp_read_radix.c | 110 +- src/ltm/bn_mp_read_signed_bin.c | 32 +- src/ltm/bn_mp_read_unsigned_bin.c | 52 +- src/ltm/bn_mp_reduce.c | 120 +- src/ltm/bn_mp_reduce_2k.c | 10 +- src/ltm/bn_mp_reduce_2k_l.c | 8 +- src/ltm/bn_mp_reduce_2k_setup.c | 16 +- src/ltm/bn_mp_reduce_2k_setup_l.c | 16 +- src/ltm/bn_mp_reduce_is_2k.c | 28 +- src/ltm/bn_mp_reduce_is_2k_l.c | 18 +- src/ltm/bn_mp_reduce_setup.c | 20 +- src/ltm/bn_mp_rshd.c | 82 +- src/ltm/bn_mp_set.c | 14 +- src/ltm/bn_mp_set_int.c | 44 +- src/ltm/bn_mp_set_long.c | 6 +- src/ltm/bn_mp_set_long_long.c | 8 +- src/ltm/bn_mp_shrink.c | 38 +- src/ltm/bn_mp_signed_bin_size.c | 10 +- src/ltm/bn_mp_sqr.c | 55 +- src/ltm/bn_mp_sqrmod.c | 33 +- src/ltm/bn_mp_sqrt.c | 96 +- src/ltm/bn_mp_sqrtmod_prime.c | 192 +- src/ltm/bn_mp_sub.c | 65 +- src/ltm/bn_mp_sub_d.c | 120 +- src/ltm/bn_mp_submod.c | 33 +- src/ltm/bn_mp_to_signed_bin.c | 20 +- src/ltm/bn_mp_to_signed_bin_n.c | 10 +- src/ltm/bn_mp_to_unsigned_bin.c | 48 +- src/ltm/bn_mp_to_unsigned_bin_n.c | 10 +- src/ltm/bn_mp_toom_mul.c | 462 +- src/ltm/bn_mp_toom_sqr.c | 367 +- src/ltm/bn_mp_toradix.c | 90 +- src/ltm/bn_mp_toradix_n.c | 114 +- src/ltm/bn_mp_unsigned_bin_size.c | 12 +- src/ltm/bn_mp_xor.c | 54 +- src/ltm/bn_mp_zero.c | 24 +- src/ltm/bn_prime_tab.c | 72 +- src/ltm/bn_reverse.c | 31 +- src/ltm/bn_s_mp_add.c | 161 +- src/ltm/bn_s_mp_exptmod.c | 408 +- src/ltm/bn_s_mp_mul_digs.c | 112 +- src/ltm/bn_s_mp_mul_high_digs.c | 91 +- src/ltm/bn_s_mp_sqr.c | 102 +- src/ltm/bn_s_mp_sub.c | 107 +- src/ltm/bncore.c | 12 +- src/ltm/tommath.h | 360 +- src/ltm/tommath_class.h | 1315 +- src/ltm/tommath_private.h | 74 +- src/ltm/tommath_superclass.h | 108 +- t/001_compile.t | 83 +- t/002_all_pm.t | 37 +- t/003_all_pm_pod.t | 5 +- t/004_all_pm_pod_spelling.t | 32 + t/005_all_pm_pod_coverage.t | 53 + t/auth_enc_ccm.t | 36 +- t/auth_enc_ccm_test_vector_ltc.t | 14 +- t/auth_enc_eax_test_vector_ltc.t | 16 +- t/auth_enc_gcm_test_vector_ltc.t | 22 +- t/auth_enc_ocb.t | 8 +- t/auth_enc_ocb_test_vectors_ietf.t | 178 +- t/checksum.t | 134 +- t/cipher_aes_test_vectors_bc.t | 2 +- t/cipher_idea.t | 65 + t/cipher_idea_compat.t | 50 + t/cipher_seed_test_vectors_bc.t | 2 +- t/cipher_serpent.t | 65 + t/cipher_serpent_compat.t | 29 + t/cipher_stream.t | 80 +- t/cipher_stream_rabbit.t | 36 + t/cipher_stream_salsa20.t | 14380 ++++++++++++++++ t/cipher_test_vectors_ltc.t | 4 +- t/cipher_test_vectors_openssl.t | 92 +- t/cipher_twofish_test_vectors_bc.t | 2 +- t/cipher_xtea_test_vectors_bc.t | 2 +- t/crypt-misc.t | 95 +- t/data/cryptx_priv_dh1.bin | Bin 529 -> 317 bytes t/data/cryptx_priv_dh2.bin | Bin 529 -> 317 bytes t/data/cryptx_priv_dh_pg1.bin | Bin 791 -> 317 bytes t/data/cryptx_priv_dh_pg2.bin | Bin 791 -> 317 bytes t/data/cryptx_pub_dh1.bin | Bin 269 -> 536 bytes t/data/cryptx_pub_dh2.bin | Bin 269 -> 535 bytes t/data/cryptx_pub_dh_pg1.bin | Bin 531 -> 535 bytes t/data/cryptx_pub_dh_pg2.bin | Bin 531 -> 535 bytes t/data/openssl_rsa-x509.der | Bin 0 -> 759 bytes t/data/openssl_rsa-x509.pem | 18 + t/digest_blake2b_160.t | 13 +- t/digest_blake2b_256.t | 13 +- t/digest_blake2b_384.t | 13 +- t/digest_blake2b_512.t | 13 +- t/digest_blake2s_128.t | 13 +- t/digest_blake2s_160.t | 13 +- t/digest_blake2s_224.t | 13 +- t/digest_blake2s_256.t | 13 +- t/digest_chaes.t | 13 +- t/digest_keccak224.t | 116 + t/digest_keccak256.t | 116 + t/digest_keccak384.t | 116 + t/digest_keccak512.t | 116 + t/digest_md2.t | 13 +- t/digest_md4.t | 13 +- t/digest_md5.t | 13 +- t/digest_ripemd128.t | 13 +- t/digest_ripemd160.t | 13 +- t/digest_ripemd256.t | 13 +- t/digest_ripemd320.t | 13 +- t/digest_sha1.t | 13 +- t/digest_sha224.t | 13 +- t/digest_sha256.t | 13 +- t/digest_sha384.t | 13 +- t/digest_sha3_224.t | 13 +- t/digest_sha3_256.t | 13 +- t/digest_sha3_384.t | 13 +- t/digest_sha3_512.t | 13 +- t/digest_sha512.t | 13 +- t/digest_sha512_224.t | 13 +- t/digest_sha512_256.t | 13 +- t/digest_test_vectors_ltc.t | 2 +- t/digest_tiger192.t | 13 +- t/digest_whirlpool.t | 13 +- t/jwk.t | 12 +- t/key_derivation.t | 14 +- t/mac_blake2b.t | 11 +- t/mac_blake2s.t | 11 +- t/mac_f9.t | 11 +- t/mac_hmac.t | 11 +- t/mac_hmac_nist.t | 206 + t/mac_hmac_test_vectors_ltc.t | 6 +- t/mac_omac.t | 11 +- t/mac_omac_test_vectors_ltc.t | 6 +- t/mac_pelican.t | 11 +- t/mac_pmac.t | 11 +- t/mac_pmac_test_vectors_ltc.t | 6 +- t/mac_poly1305.t | 11 +- t/mac_xcbc.t | 11 +- t/mbi_ltm_01load.t | 2 +- t/mbi_ltm_bigfltpm.t | 2 +- t/mbi_ltm_biglog.t | 20 +- t/mbi_ltm_bigroot.t | 3 +- t/mbi_ltm_bugs.t | 0 t/mode_cbc.t | 14 +- t/mode_cfb.t | 12 +- t/mode_ctr.t | 24 +- t/mode_ecb.t | 14 +- t/mode_ofb.t | 12 +- t/pk_dh.t | 167 +- t/pk_dsa.t | 125 +- t/pk_ecc.t | 69 +- t/pk_ecc_test_vectors_openssl.t | 2 +- t/pk_rsa.t | 34 +- t/pkcs8.t | 13 +- t/prng.t | 14 +- t/prng_chacha20.t | 14 +- t/prng_fortuna.t | 14 +- t/prng_rc4.t | 14 +- t/prng_sober128.t | 14 +- t/prng_yarrow.t | 14 +- t/wycheproof.t | 244 + t/wycheproof/aes_gcm_test.json | 669 + t/wycheproof/dsa_test.json | 1494 ++ t/wycheproof/ecdh_webcrypto_test.json | 1300 ++ t/wycheproof/ecdsa_test.json | 2254 +++ t/wycheproof/ecdsa_webcrypto_test.json | 1594 ++ t/wycheproof/rsa_signature_test.json | 3289 ++++ typemap | 3 + 817 files changed, 54952 insertions(+), 19422 deletions(-) delete mode 100644 README create mode 100644 README.md create mode 100644 inc/CryptX_Stream_Rabbit.xs.inc create mode 100644 inc/CryptX_Stream_Salsa20.xs.inc create mode 100644 inc/CryptX_Stream_Sosemanuk.xs.inc create mode 100644 lib/Crypt/Cipher/IDEA.pm create mode 100644 lib/Crypt/Cipher/Serpent.pm create mode 100644 lib/Crypt/Digest/Keccak224.pm create mode 100644 lib/Crypt/Digest/Keccak256.pm create mode 100644 lib/Crypt/Digest/Keccak384.pm create mode 100644 lib/Crypt/Digest/Keccak512.pm create mode 100644 lib/Crypt/Stream/Rabbit.pm create mode 100644 lib/Crypt/Stream/Salsa20.pm create mode 100644 lib/Crypt/Stream/Sosemanuk.pm create mode 100644 src/ltc/ciphers/idea.c create mode 100644 src/ltc/ciphers/serpent.c delete mode 100644 src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c delete mode 100644 src/ltc/encauth/ocb3/ocb3_int_calc_offset_zero.c create mode 100644 src/ltc/math/radix_to_bin.c create mode 100644 src/ltc/misc/base32/base32_decode.c create mode 100644 src/ltc/misc/base32/base32_encode.c create mode 100644 src/ltc/misc/compare_testvector.c create mode 100644 src/ltc/misc/copy_or_zeromem.c create mode 100644 src/ltc/misc/crypt/crypt_constants.c create mode 100644 src/ltc/misc/crypt/crypt_prng_rng_descriptor.c create mode 100644 src/ltc/misc/crypt/crypt_register_all_ciphers.c create mode 100644 src/ltc/misc/crypt/crypt_register_all_hashes.c create mode 100644 src/ltc/misc/crypt/crypt_register_all_prngs.c create mode 100644 src/ltc/misc/crypt/crypt_sizes.c create mode 100644 src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c create mode 100644 src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c create mode 100644 src/ltc/pk/asn1/der/custom_type/der_length_custom_type.c create mode 100644 src/ltc/pk/asn1/der/general/der_asn1_maps.c create mode 100644 src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c create mode 100644 src/ltc/pk/asn1/der/general/der_decode_asn1_length.c create mode 100644 src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c create mode 100644 src/ltc/pk/asn1/der/general/der_encode_asn1_length.c create mode 100644 src/ltc/pk/asn1/der/general/der_length_asn1_identifier.c create mode 100644 src/ltc/pk/asn1/der/general/der_length_asn1_length.c create mode 100644 src/ltc/pk/asn1/der/sequence/der_sequence_shrink.c rename src/ltc/pk/asn1/{der/sequence/der_decode_subject_public_key_info.c => x509/x509_decode_subject_public_key_info.c} (74%) rename src/ltc/pk/asn1/{der/sequence/der_encode_subject_public_key_info.c => x509/x509_encode_subject_public_key_info.c} (82%) create mode 100644 src/ltc/pk/dh/dh_check_pubkey.c create mode 100644 src/ltc/pk/dh/dh_export.c create mode 100644 src/ltc/pk/dh/dh_export_key.c create mode 100644 src/ltc/pk/dh/dh_free.c create mode 100644 src/ltc/pk/dh/dh_generate_key.c create mode 100644 src/ltc/pk/dh/dh_import.c create mode 100644 src/ltc/pk/dh/dh_set.c create mode 100644 src/ltc/pk/dh/dh_set_pg_dhparam.c create mode 100644 src/ltc/pk/dh/dh_shared_secret.c delete mode 100644 src/ltc/pk/dh/dh_static.c delete mode 100644 src/ltc/pk/dh/dh_static.h delete mode 100644 src/ltc/pk/dh/dh_sys.c create mode 100644 src/ltc/pk/dsa/dsa_generate_key.c create mode 100644 src/ltc/pk/dsa/dsa_generate_pqg.c delete mode 100644 src/ltc/pk/dsa/dsa_import_radix.c create mode 100644 src/ltc/pk/dsa/dsa_set.c create mode 100644 src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_clear.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_fill_from_sets.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_from_oid.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_from_params.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_init.c delete mode 100644 src/ltc/pk/ecc/ecc_dp_set.c rename src/ltc/pk/ecc/{ecc_export_full.c => ecc_export_openssl.c} (68%) rename src/ltc/pk/ecc/{ecc_export_raw.c => ecc_get_key.c} (71%) create mode 100644 src/ltc/pk/ecc/ecc_get_set.c delete mode 100644 src/ltc/pk/ecc/ecc_import_full.c create mode 100644 src/ltc/pk/ecc/ecc_import_openssl.c delete mode 100644 src/ltc/pk/ecc/ecc_import_raw.c create mode 100644 src/ltc/pk/ecc/ecc_import_x509.c create mode 100644 src/ltc/pk/ecc/ecc_set_dp.c create mode 100644 src/ltc/pk/ecc/ecc_set_dp_internal.c create mode 100644 src/ltc/pk/ecc/ecc_set_key.c delete mode 100644 src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c rename src/ltc/pk/ecc/{ecc_verify_key.c => ltc_ecc_verify_key.c} (60%) delete mode 100644 src/ltc/pk/rsa/rsa_import_radix.c create mode 100644 src/ltc/pk/rsa/rsa_set.c create mode 100644 src/ltc/stream/rabbit/rabbit.c rename src/ltc/stream/rc4/{rc4.c => rc4_stream.c} (96%) create mode 100644 src/ltc/stream/salsa20/salsa20_crypt.c create mode 100644 src/ltc/stream/salsa20/salsa20_done.c create mode 100644 src/ltc/stream/salsa20/salsa20_ivctr64.c create mode 100644 src/ltc/stream/salsa20/salsa20_keystream.c create mode 100644 src/ltc/stream/salsa20/salsa20_setup.c rename src/ltc/stream/sober128/{sober128.c => sober128_stream.c} (96%) create mode 100644 src/ltc/stream/sosemanuk/sosemanuk.c create mode 100644 t/004_all_pm_pod_spelling.t create mode 100644 t/005_all_pm_pod_coverage.t create mode 100644 t/cipher_idea.t create mode 100644 t/cipher_idea_compat.t create mode 100644 t/cipher_serpent.t create mode 100644 t/cipher_serpent_compat.t create mode 100644 t/cipher_stream_rabbit.t create mode 100644 t/cipher_stream_salsa20.t create mode 100644 t/data/openssl_rsa-x509.der create mode 100644 t/data/openssl_rsa-x509.pem create mode 100644 t/digest_keccak224.t create mode 100644 t/digest_keccak256.t create mode 100644 t/digest_keccak384.t create mode 100644 t/digest_keccak512.t create mode 100644 t/mac_hmac_nist.t mode change 100755 => 100644 t/mbi_ltm_bugs.t create mode 100644 t/wycheproof.t create mode 100644 t/wycheproof/aes_gcm_test.json create mode 100644 t/wycheproof/dsa_test.json create mode 100644 t/wycheproof/ecdh_webcrypto_test.json create mode 100644 t/wycheproof/ecdsa_test.json create mode 100644 t/wycheproof/ecdsa_webcrypto_test.json create mode 100644 t/wycheproof/rsa_signature_test.json diff --git a/Changes b/Changes index 2b15929..71176ab 100644 --- a/Changes +++ b/Changes @@ -1,15 +1,57 @@ Changes for CryptX -TODO: - - add support for PKCS#8 encrypted RSA+ECC private keys "-----BEGIN ENCRYPTED PRIVATE KEY-----" - - RSA|DSA|ECC: verify_key($level) (basic check + extented primality test) - - better primality testing: http://questhub.io/realm/perl/quest/519032ee1088c76505000035 (idea: mp_prime_lucas) - - DSA: generate_key($p, $q, $g), generate_key(\$dsa_params_der), generate_key($dsa_params_file) - - XS croaks should report the "real caller" (Crypt::Mac::*, Crypt::Mode::*, ...) - - maybe: add CCM interface for new-add-add-done mode - - maybe: add encode_b32/decode_b32 +0.059 2018-03-XX + - new Crypt::Digest::Keccak(224|256|384|512) + - new sign_hash_rfc7518 + verify_hash_rfc7518 (Crypt::PK::ECC) + - improved import of pkcs#8 private keys (Crypt::PK::ECC) + - fix #28 Apple's APNS pkcs8 auth key import fails (Crypt::PK::ECC) + - fix cpantesters failure (5.8.1 related) -0.048 2017/05/31 +0.058 2018-02-27 + - fix: decode_b58b + invalid input + +0.057 2018-01-31 + - significant speed-up (more stuff handled on XS level) + - Crypt::Checksum is deprecated in favour of Crypt::Checksum::Adler32|CRC32 + +0.056 2017-12-22 + - new Crypt::Stream::Rabbit + +0.055 2017-11-28 + - new Crypt::Cipher::IDEA + - new Crypt::Cipher::Serpent + - new Crypt::Stream::Salsa20 + - new Crypt::Stream::Sosemanuk + - added CCM object oriented interface: new-add-add-done + - fix #39 accept CFLAGS and CPPFLAGS from the environment + - fix #40 typos in POD + - fix HMAC+SHA3 (now compliant with NIST test vectors) + +0.054 2017-10-12 + - fix Crypt::PK::DSA verify + - libtomcrypt updated to 1.18 (+ some extra patches) + - documentation fixes + +0.053 2017-09-15 + - fix Crypt::PK::DSA generate_key + +0.051 2017-08-08 + - INCOMPATIBLE CHANGE: Crypt::AuthEnc::OCB is now compliant with RFC 7253 + +0.050 2017-07-18 + - fix cpantesters failures/warnings + +0.049 2017-07-18 + - libtomcrypt updated to 1.18-rc2 (+ some extra patches) + - REMOVED: Crypt::PK::DH encrypt decrypt sign_message verify_message sign_hash verify_hash + - NEW: Crypt::Misc - encode_b32*, decode_b32*, encode_b58*, decode_b58* + - Crypt::PK::RSA: import public key from X509 certificate + - Crypt::PK::DSA: improved generate_key() + - Crypt::PK::DH: improved generate_key() + - fix #36 aad_add is obsolete for all EncAuth algs (correct is adata_add) + - fix #37 GCM - Encryption of the empty string + +0.048 2017-05-31 - NEW: Crypt::Digest::SHA3_224 - NEW: Crypt::Digest::SHA3_256 - NEW: Crypt::Digest::SHA3_384 @@ -34,43 +76,43 @@ TODO: - NEW: functions in Crypt::Misc - increment_octets_be, increment_octets_le - Crypt::PRNG now uses chacha20 prng by default -0.047 2017/04/05 +0.047 2017-04-05 - fix #32 Compile "ar" step fails when Perl built with -flto (better version) - fix #33 build fails on freebsd 9.2 and 10.0 (ar: fatal: Numeric group ID too large) -0.046 2017/04/04 +0.046 2017-04-04 - fix #32 Compile "ar" step fails when Perl built with -flto -0.045 2017/03/31 +0.045 2017-03-31 - sync with libtomcrypt/develop - fix #30 fix on SPARC+SolarisStudio - fix #31 Fails tests without '.' in @INC - polish compiler warnings -0.044 2016/11/28 +0.044 2016-11-28 - fix #27 Math::BigInt::LTM compatibility with older Math::BigInt -0.043 2016/11/27 +0.043 2016-11-27 - fix #26 Math::BigInt::LTM compatibility with Math::BigInt 1.999801+ -0.042 2016/11/12 +0.042 2016-11-12 - RSA: sign/verify functions now support 'none' padding (INSECURE!) - RC2: min keylen 40bit, used to be 64bit (INSECURE!) -0.041 2016/10/12 +0.041 2016-10-12 - ECC: ltc_ecc_is_point memory leak - DSA: properly handle FIPS 186-4 (4.6 + 4.7) - GCM: counter incrementation isn't stopped at 2^32 blocks, which breaks GCM - fix issue #24 Crypt::PK::ECC needs $VERSION (all *.pm have $VERSION) -0.040 2016/09/12 +0.040 2016-09-12 - fix file permissions - fix compiler warnings -0.039 2016/08/02 +0.039 2016-08-02 - fix build troubles for MacOS / PPC -0.038 2016/07/06 +0.038 2016-07-06 - fix issue #20 DSA/RSA/ECC/DH key2hash - hexadecimal numbers are missing leading zero - Math::BigInt::LTM fixed mp_invmod(a,b,c) for b == 1 - Math::BigInt::LTM fixed _log_int() @@ -78,30 +120,30 @@ TODO: - fix 'Please specify prototyping behavior for CryptX.xs' - libtomcrypt (renaming *tab.c > *tab.c.inc not needed anymore) -0.037 2016/06/16 +0.037 2016-06-16 - fix issue #18 Minor issue with comment syntax - fix issue #19 t/checksum.t fails on AIX-5.3 -0.036 2016/06/07 +0.036 2016-06-07 - fix issue #17 ability to export ecc keys in short/oid form -0.035 2016/06/03 +0.035 2016-06-03 - fix issue #14 Ensure Crypt::PK::ECC->key2hash()->{curve_name} is lowercase - fix issue #15 OpenSSL interoperability broken -0.034 2016/05/11 +0.034 2016-05-11 - Prevent RSA import_key() from altering a JWK hash reference -0.033 2016/05/09 +0.033 2016-05-09 - MSVC6 related fixes (needed for older ActivePerl@MSWin32) -0.032 2016/05/04 +0.032 2016-05-04 - Crypt::PK::DH - accept base/prime values - new: DH methods export_key_raw, import_key_raw, params2hash - enhanced: DH method generate_key - new: Crypt::Checksum, Crypt::Checksum::CRC32, Crypt::Checksum::Adler32 -0.031 2016/05/01 +0.031 2016-05-01 - new: RSA+ECC method export_key_jwk_thumbprint() - new: Crypt::Misc functions random_v4uuid + is_v4uuid - fix: RSA+ECC export_key_jwk produces canonical JSON @@ -109,18 +151,18 @@ TODO: public keys exported be previous version can still be imported - fix: ECC import_key now accepts non-standard JWK curve names e.g. "secp112r1", "secp521r1" -0.030 2016/04/13 +0.030 2016-04-13 - fix: 0.029 + 0.028 by mistake installed *.inc files to perl/(lib|site|vendor) -0.029 2016/04/13 +0.029 2016-04-13 - NEW module: Math::BigInt::LTM - NEW module: Crypt::Misc -0.028 2016/03/23 +0.028 2016-03-23 - IMPORTANT: switch from Module::Build to ExtUtils::MakeMaker - fix for broken DSA key (ssh format) loading -0.027 2016/01/25 +0.027 2016-01-25 - sync with https://github.com/libtom/libtomcrypt (branch develop) - sync with https://github.com/libtom/libtommath (branch develop) - HP-UX related fixes @@ -128,26 +170,26 @@ TODO: - skip jwk.t if no JSON::* module available - does not require MIME::Base64 (we use base64 routines from libtomcrypt) -0.026 2015/11/28 +0.026 2015-11-28 - switch to JSON::MaybeXS - Crypt::PRNG - rand/irand related cosmetics - consistently using UNIX newlines -0.025 2015/07/07 +0.025 2015-07-07 - Crypt::PK::ECC+RSA export_key_jwk() allows to export a perl HASH with JWK structure -0.024 2015/06/29 +0.024 2015-06-29 - new Crypt::PK::ECC methods verify_message_rfc7518() sign_message_rfc7518() curve2hash() - fix for Crypt::PK::RSA - bug in loading private key in JWK format -0.023 2015/06/10 +0.023 2015-06-10 - support for older compilers (gcc3, vc6) - typo in documentation (by tomhukins) -0.022 2015/05/22 +0.022 2015-05-22 - new: Crypt::PK::ECC+RSA export_key_jwk() - exporting JWK format - new: Crypt::Digest::SHA512_224 - new: Crypt::Digest::SHA512_256 @@ -161,12 +203,12 @@ TODO: - libtommath updated to the latest develop branch, commit 0fd5e6c17f Dec 11 14:59:35 2014 +0100 - documentation fixes -0.021 2014/01/23 +0.021 2014-01-23 - fixed asm(...) related compiler failures - dsa_encrypt_key small correction - optimized ecc_encrypt_key -0.020 2014/01/18 +0.020 2014-01-18 - INCOMPATIBLE CHANGE: huge redesign of Crypt::PK::ECC - ECC now supports curves y^2 = x^3 + a*x + b - ECC you can use custom curves @@ -174,13 +216,13 @@ TODO: - enabling compile options ASM + ECC_TIMING_RESISTANT - added many test vectors (RSA, DSA, EC) for interoperability with openssl -0.019 2013/10/20 +0.019 2013-10-20 - fixed broken CAMELLIA implementation -0.018 2013/10/18 +0.018 2013-10-18 - DSA: make_key + sign_hash fixes -0.017 2013/09/24 +0.017 2013-09-24 - lowering MIME::Base64 version requirement - support for import/export of password protected RSA/DSA keys - RSA: added - export_key_pem('public_x509') @@ -188,62 +230,62 @@ TODO: - added openssl test vectors - fixed compiler warnings (RSA/DSA/ECC/DH) -0.016 2013/09/15 +0.016 2013-09-15 - added missing test for key2hash, sign_hash, verify_hash - fixed build failures on VC6 -0.015 2013/09/12 +0.015 2013-09-12 - only documentation fixes -0.014 2013/09/11 +0.014 2013-09-11 - Crypt::Digest::NNN + Crypt::Mac::NNN - can produce Base64-URL-Safe encoded digest/mac - Crypt::PRNG + Crypt::PRNG::NNN - Base64-URL-Safe encoded random bytes (random_bytes_b64u/bytes_b64u) - Crypt::PK::RSA/DSA/DH/ECC - sign/verify replaced by sign_message/verify_message + sign_hash/verify_hash - Crypt::PK::RSA/DSA/DH/ECC - new method key2hash - documentation fixes -0.013 2013/08/28 +0.013 2013-08-28 - DSA/RSA/ECC/DH - importing keys from string changed - now: $pk->import_key(\$buffer_with_key) - DSA/RSA/ECC/DH - size() and is_private() now return undef if no key loaded - improved RSA doc -0.012 2013/06/17 +0.012 2013-06-17 - README, LICENSE etc. to improve CPANTS score - somehow works with perl 5.6.2 -0.011 2013/06/15 +0.011 2013-06-15 - fixing various compiler warnings -0.009 2013/05/19 +0.009 2013-05-19 - doc fixes - requires perl 5.8.8 or higher - INCOMPATIBILITY: all digest related 'xxx_base64' functions renamed to 'xxx_b64' -0.008 2013/05/02 +0.008 2013-05-02 - fixed prng test failures - Crypt::Digest::* croaks with the "real caller" (not a nice solution) -0.007 2013/04/23 +0.007 2013-04-23 - Crypt::PRNG supports add_entropy() - without params - Crypt::PRNG fork-safe & thread-safe - random_string has default $len = 20 - doc fixes - cpan tester failure fix for pk_dsa.t -0.006 2013/04/19 +0.006 2013-04-19 - added Crypt::KeyDerivation - Win64 compatibility -0.005 2013/04/18 +0.005 2013-04-18 - added Crypt::PRNG::Fortuna|RC4|Sober128|Yarrow - added Crypt::PK::RSA|DSA|ECC|DH -0.004 2013/04/16 +0.004 2013-04-16 - removing illegal Crypt::Random -0.003 2013/04/16 +0.003 2013-04-16 - added Crypt::Mode::CBC|CFB|CTR|ECB|OFB - added Crypt::AuthEnc::CCM|EAX|GCM|OCB -0.002 2013/04/11 +0.002 2013-04-11 - first release on CPAN diff --git a/CryptX.xs b/CryptX.xs index 404d0da..41f2135 100644 --- a/CryptX.xs +++ b/CryptX.xs @@ -1,3 +1,4 @@ +#define PERL_NO_GET_CONTEXT /* we want efficiency */ #include "EXTERN.h" #include "perl.h" #include "XSUB.h" @@ -7,22 +8,53 @@ #define NEED_newRV_noinc_GLOBAL #include "ppport.h" +/* assert_not_ROK is broken in 5.8.1 */ +#if PERL_VERSION == 8 && PERL_SUBVERSION == 1 +# undef assert_not_ROK +# if defined(__GNUC__) && !defined(PERL_GCC_BRACE_GROUPS_FORBIDDEN) +# define assert_not_ROK(sv) ({assert(!SvROK(sv) || !SvRV(sv));}), +# else +# define assert_not_ROK(sv) +# endif +#endif + #undef LTC_SOURCE #include "tomcrypt.h" #include "tommath.h" -typedef adler32_state *Crypt__Checksum__Adler32; -typedef crc32_state *Crypt__Checksum__CRC32; +typedef adler32_state *Crypt__Checksum__Adler32; +typedef crc32_state *Crypt__Checksum__CRC32; + +typedef ccm_state *Crypt__AuthEnc__CCM; +typedef eax_state *Crypt__AuthEnc__EAX; +typedef gcm_state *Crypt__AuthEnc__GCM; +typedef chacha20poly1305_state *Crypt__AuthEnc__ChaCha20Poly1305; +typedef ocb3_state *Crypt__AuthEnc__OCB; + +typedef chacha_state *Crypt__Stream__ChaCha; +typedef salsa20_state *Crypt__Stream__Salsa20; +typedef sosemanuk_state *Crypt__Stream__Sosemanuk; +typedef rabbit_state *Crypt__Stream__Rabbit; +typedef rc4_state *Crypt__Stream__RC4; +typedef sober128_state *Crypt__Stream__Sober128; + +typedef f9_state *Crypt__Mac__F9; +typedef hmac_state *Crypt__Mac__HMAC; +typedef omac_state *Crypt__Mac__OMAC; +typedef pelican_state *Crypt__Mac__Pelican; +typedef pmac_state *Crypt__Mac__PMAC; +typedef xcbc_state *Crypt__Mac__XCBC; +typedef poly1305_state *Crypt__Mac__Poly1305; +typedef blake2smac_state *Crypt__Mac__BLAKE2s; +typedef blake2bmac_state *Crypt__Mac__BLAKE2b; typedef struct cipher_struct { /* used by Crypt::Cipher */ symmetric_key skey; - int id; struct ltc_cipher_descriptor *desc; } *Crypt__Cipher; typedef struct digest_struct { /* used by Crypt::Digest */ hash_state state; - int id; struct ltc_hash_descriptor *desc; } *Crypt__Digest; @@ -31,91 +63,6 @@ typedef struct digest_shake_struct { /* used by Crypt::Digest::SHAKE */ int num; } *Crypt__Digest__SHAKE; -typedef struct ccm_struct { /* used by Crypt::AuthEnc::CCM */ - ccm_state state; - int id; -} *Crypt__AuthEnc__CCM; - -typedef struct eax_struct { /* used by Crypt::AuthEnc::EAX */ - eax_state state; - int id; -} *Crypt__AuthEnc__EAX; - -typedef struct gcm_struct { /* used by Crypt::AuthEnc::GCM */ - gcm_state state; - int id; -} *Crypt__AuthEnc__GCM; - -typedef struct chacha20poly1305_struct {/* used by Crypt::AuthEnc::ChaCha20Poly1305 */ - chacha20poly1305_state state; - int id; -} *Crypt__AuthEnc__ChaCha20Poly1305; - -typedef struct ocb_struct { /* used by Crypt::AuthEnc::OCB */ - ocb3_state state; - int id; -} *Crypt__AuthEnc__OCB; - -typedef struct chacha_struct { /* used by Crypt::Stream::ChaCha */ - chacha_state state; - int id; -} *Crypt__Stream__ChaCha; - -typedef struct rc4_struct { /* used by Crypt::Stream::RC4 */ - rc4_state state; - int id; -} *Crypt__Stream__RC4; - -typedef struct sober128_struct { /* used by Crypt::Stream::Sober128 */ - sober128_state state; - int id; -} *Crypt__Stream__Sober128; - -typedef struct f9_struct { /* used by Crypt::Mac::F9 */ - f9_state state; - int id; -} *Crypt__Mac__F9; - -typedef struct hmac_struct { /* used by Crypt::Mac::HMAC */ - hmac_state state; - int id; -} *Crypt__Mac__HMAC; - -typedef struct omac_struct { /* used by Crypt::Mac::OMAC */ - omac_state state; - int id; -} *Crypt__Mac__OMAC; - -typedef struct pelican_struct { /* used by Crypt::Mac::Pelican */ - pelican_state state; - int id; -} *Crypt__Mac__Pelican; - -typedef struct pmac_struct { /* used by Crypt::Mac::PMAC */ - pmac_state state; - int id; -} *Crypt__Mac__PMAC; - -typedef struct xcbc_struct { /* used by Crypt::Mac::XCBC */ - xcbc_state state; - int id; -} *Crypt__Mac__XCBC; - -typedef struct poly1305_struct { /* used by Crypt::Mac::Poly1305 */ - poly1305_state state; - int id; -} *Crypt__Mac__Poly1305; - -typedef struct blake2s_struct { /* used by Crypt::Mac::BLAKE2s */ - blake2smac_state state; - int id; -} *Crypt__Mac__BLAKE2s; - -typedef struct blake2b_struct { /* used by Crypt::Mac::BLAKE2b */ - blake2bmac_state state; - int id; -} *Crypt__Mac__BLAKE2b; - typedef struct cbc_struct { /* used by Crypt::Mode::CBC */ int cipher_id, cipher_rounds; symmetric_CBC state; @@ -123,7 +70,6 @@ typedef struct cbc_struct { /* used by Crypt::Mode::CBC */ int padlen; int padding_mode; int direction; - int id; } *Crypt__Mode__CBC; typedef struct ecb_struct { /* used by Crypt::Mode::ECB */ @@ -133,14 +79,12 @@ typedef struct ecb_struct { /* used by Crypt::Mode::ECB */ int padlen; int padding_mode; int direction; - int id; } *Crypt__Mode__ECB; typedef struct cfb_struct { /* used by Crypt::Mode::CFB */ int cipher_id, cipher_rounds; symmetric_CFB state; int direction; - int id; } *Crypt__Mode__CFB; typedef struct ctr_struct { /* used by Crypt::Mode::CTR */ @@ -148,174 +92,302 @@ typedef struct ctr_struct { /* used by Crypt::Mode::CTR */ int ctr_mode_param; symmetric_CTR state; int direction; - int id; } *Crypt__Mode__CTR; typedef struct f8_struct { /* used by Crypt::Mode::F8 */ int cipher_id, cipher_rounds; symmetric_F8 state; int direction; - int id; } *Crypt__Mode__F8; typedef struct lrw_struct { /* used by Crypt::Mode::LRW */ int cipher_id, cipher_rounds; symmetric_LRW state; int direction; - int id; } *Crypt__Mode__LRW; typedef struct ofb_struct { /* used by Crypt::Mode::OFB */ int cipher_id, cipher_rounds; symmetric_OFB state; int direction; - int id; } *Crypt__Mode__OFB; typedef struct xts_struct { /* used by Crypt::Mode::XTS */ int cipher_id, cipher_rounds; symmetric_xts state; int direction; - int id; } *Crypt__Mode__XTS; typedef struct prng_struct { /* used by Crypt::PRNG */ prng_state state; struct ltc_prng_descriptor *desc; IV last_pid; - int id; } *Crypt__PRNG; typedef struct rsa_struct { /* used by Crypt::PK::RSA */ prng_state pstate; int pindex; rsa_key key; - int id; } *Crypt__PK__RSA; typedef struct dsa_struct { /* used by Crypt::PK::DSA */ prng_state pstate; int pindex; dsa_key key; - int id; } *Crypt__PK__DSA; typedef struct dh_struct { /* used by Crypt::PK::DH */ prng_state pstate; int pindex; dh_key key; - int id; } *Crypt__PK__DH; typedef struct ecc_struct { /* used by Crypt::PK::ECC */ prng_state pstate; int pindex; ecc_key key; - ltc_ecc_set_type dp; - int id; } *Crypt__PK__ECC; -int str_add_leading_zero(char *str, int maxlen, int minlen) { - int len; - len = (int)strlen(str); - if (len > 0 && len % 2 && len < maxlen-2) { - memmove(str+1, str, len+1); /* incl. NUL byte */ - *str = '0'; /* add leading zero */ - } - len = (int)strlen(str); - if (len < minlen && minlen < maxlen-1) { - memmove(str+(minlen-len), str, len+1); /* incl. NUL byte */ - memset(str, '0', minlen-len); /* add leading zero */ - } - return MP_OKAY; -} - int mp_tohex_with_leading_zero(mp_int * a, char *str, int maxlen, int minlen) { - int rv; + int len, rv; + if (mp_isneg(a) == MP_YES) { *str = '\0'; return MP_VAL; } + rv = mp_toradix_n(a, str, 16, maxlen); if (rv != MP_OKAY) { *str = '\0'; return rv; } - return str_add_leading_zero(str, maxlen, minlen); + + len = (int)strlen(str); + if (len > 0 && len % 2 && len < maxlen-2) { + memmove(str+1, str, len+1); /* incl. NUL byte */ + *str = '0'; /* add leading zero */ + } + + len = (int)strlen(str); + if (len < minlen && minlen < maxlen-1) { + memmove(str+(minlen-len), str, len+1); /* incl. NUL byte */ + memset(str, '0', minlen-len); /* add leading zero */ + } + + return MP_OKAY; +} + +int _base16_encode(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) +{ + unsigned long i; + const char alphabet[] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}; + + if (*outlen < inlen * 2) { + *outlen = inlen * 2; + return CRYPT_BUFFER_OVERFLOW; + } + + for (i = 0; i < inlen; i++) { + out[i*2] = (unsigned char)alphabet[in[i] >> 4]; + out[i*2+1] = (unsigned char)alphabet[in[i] & 0xF]; + } + + *outlen = inlen * 2; + return CRYPT_OK; +} + +size_t _find_start(const char *name, char *ltcname, size_t ltclen) +{ + size_t i, start = 0; + if (name == NULL || strlen(name) + 1 > ltclen) croak("FATAL: invalid name") ; + /* normalize */ + for (i = 0; i < ltclen && name[i] > 0; i++) { + if (name[i] >= 'A' && name[i] <= 'Z') { + ltcname[i] = name[i] + 32; /* lowecase */ + } + else if (name[i] == '_') { + ltcname[i] = '-'; + } + else { + ltcname[i] = name[i]; + } + if (name[i] == ':') start = i + 1; + } + return start; +} + +int _find_hash(const char *name) +{ + char ltcname[100] = { 0 }; + size_t start = _find_start(name, ltcname, sizeof(ltcname) - 1); + /* special cases */ + if (strcmp(ltcname + start, "ripemd128") == 0) return find_hash("rmd128"); + if (strcmp(ltcname + start, "ripemd160") == 0) return find_hash("rmd160"); + if (strcmp(ltcname + start, "ripemd256") == 0) return find_hash("rmd256"); + if (strcmp(ltcname + start, "ripemd320") == 0) return find_hash("rmd320"); + if (strcmp(ltcname + start, "tiger192") == 0) return find_hash("tiger"); + if (strcmp(ltcname + start, "chaes") == 0) return find_hash("chc_hash"); + if (strcmp(ltcname + start, "chc-hash") == 0) return find_hash("chc_hash"); + return find_hash(ltcname + start); +} + +int _find_cipher(const char *name) +{ + char ltcname[100] = { 0 }; + size_t start = _find_start(name, ltcname, sizeof(ltcname) - 1); + /* special cases */ + if (strcmp(ltcname + start, "des-ede") == 0) return find_cipher("3des"); + if (strcmp(ltcname + start, "saferp") == 0) return find_cipher("safer+"); + return find_cipher(ltcname + start); +} + +int _find_prng(const char *name) +{ + char ltcname[100] = { 0 }; + size_t start = _find_start(name, ltcname, sizeof(ltcname) - 1); + return find_prng(ltcname + start); } /* Math::BigInt::LTM related */ typedef mp_int * Math__BigInt__LTM; STATIC SV * sv_from_mpi(mp_int *mpi) { + dTHX; /* fetch context */ SV *obj = newSV(0); sv_setref_pv(obj, "Math::BigInt::LTM", (void*)mpi); return obj; } -ltc_ecc_set_type* _ecc_set_dp_from_SV(ltc_ecc_set_type *dp, SV *curve) +void _ecc_oid_lookup(ecc_key *key) { - HV *h; - SV *param, **pref; - SV **sv_cofactor, **sv_prime, **sv_A, **sv_B, **sv_order, **sv_Gx, **sv_Gy; - int err; + int err; + unsigned i; + void *tmp; + const ltc_ecc_set_type *set; + + key->dp.oidlen = 0; + if ((err = ltc_mp.init(&tmp)) != CRYPT_OK) return; + for (set = ltc_ecc_sets; set->name != NULL; set++) { + if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; + if (key->dp.cofactor != set->cofactor) continue; + break; /* found */ + } + ltc_mp.deinit(tmp); + if (set->name != NULL) { + key->dp.oidlen = set->oidlen; + for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; + } +} + +int _ecc_set_dp_from_SV(ecc_key *key, SV *curve) +{ + dTHX; /* fetch context */ + HV *hc, *hl, *h; + SV *sv_crv, **pref; + SV **sv_cofactor, **sv_prime, **sv_A, **sv_B, **sv_order, **sv_Gx, **sv_Gy, **sv_oid; char *ch_name; - STRLEN l_name; + STRLEN l_name, i, j; + int err; + + if (!SvOK(curve)) croak("FATAL: undefined curve"); if (SvPOK(curve)) { + /* string */ ch_name = SvPV(curve, l_name); - if ((h = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: generate_key_ex: no curve register"); - if ((pref = hv_fetch(h, ch_name, (U32)l_name, 0)) == NULL) croak("FATAL: generate_key_ex: unknown curve/1 '%s'", ch_name); - if (!SvOK(*pref)) croak("FATAL: generate_key_ex: unknown curve/2 '%s'", ch_name); - param = *pref; + if ((hl = get_hv("Crypt::PK::ECC::curve2ltc", 0)) == NULL) croak("FATAL: no curve2ltc register"); + pref = hv_fetch(hl, ch_name, (U32)l_name, 0); + if (pref && SvOK(*pref)) { + sv_crv = *pref; /* found in %cutve2ltc */ + } + else { + if ((hc = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: no curve register"); + pref = hv_fetch(hc, ch_name, (U32)l_name, 0); + if (pref && SvOK(*pref)) { + sv_crv = *pref; /* found in %curve */ + } + else { + sv_crv = curve; + } + } } else if (SvROK(curve)) { - param = curve; + /* hashref */ + sv_crv = curve; } else { croak("FATAL: curve has to be a string or a hashref"); } - if ((h = (HV*)(SvRV(param))) == NULL) croak("FATAL: ecparams: param is not valid hashref"); - - if ((sv_prime = hv_fetchs(h, "prime", 0)) == NULL) croak("FATAL: ecparams: missing param prime"); - if ((sv_A = hv_fetchs(h, "A", 0)) == NULL) croak("FATAL: ecparams: missing param A"); - if ((sv_B = hv_fetchs(h, "B", 0)) == NULL) croak("FATAL: ecparams: missing param B"); - if ((sv_order = hv_fetchs(h, "order", 0)) == NULL) croak("FATAL: ecparams: missing param order"); - if ((sv_Gx = hv_fetchs(h, "Gx", 0)) == NULL) croak("FATAL: ecparams: missing param Gx"); - if ((sv_Gy = hv_fetchs(h, "Gy", 0)) == NULL) croak("FATAL: ecparams: missing param Gy"); - if ((sv_cofactor = hv_fetchs(h, "cofactor", 0)) == NULL) croak("FATAL: ecparams: missing param cofactor"); - - if (!SvOK(*sv_prime )) croak("FATAL: ecparams: undefined param prime"); - if (!SvOK(*sv_A )) croak("FATAL: ecparams: undefined param A"); - if (!SvOK(*sv_B )) croak("FATAL: ecparams: undefined param B"); - if (!SvOK(*sv_order )) croak("FATAL: ecparams: undefined param order"); - if (!SvOK(*sv_Gx )) croak("FATAL: ecparams: undefined param Gx"); - if (!SvOK(*sv_Gy )) croak("FATAL: ecparams: undefined param Gy"); - if (!SvOK(*sv_cofactor)) croak("FATAL: ecparams: undefined param cofactor"); - - err = ecc_dp_set( dp, - SvPV_nolen(*sv_prime), - SvPV_nolen(*sv_A), - SvPV_nolen(*sv_B), - SvPV_nolen(*sv_order), - SvPV_nolen(*sv_Gx), - SvPV_nolen(*sv_Gy), - (unsigned long)SvUV(*sv_cofactor), - NULL, /* we intentionally don't allow setting custom names */ - NULL /* we intentionally don't allow setting custom OIDs */ - ); - return err == CRYPT_OK ? dp : NULL; -} - -void _ecc_free_key(ecc_key *key, ltc_ecc_set_type *dp) -{ - if(dp) { - ecc_dp_clear(dp); + if (SvPOK(sv_crv)) { + /* string - curve name */ + const ltc_ecc_set_type *dp; + ch_name = SvPV(sv_crv, l_name); + if (ecc_get_set_by_name(ch_name, &dp) != CRYPT_OK) croak("FATAL: ecparams: unknown curve '%s'", ch_name); + return ecc_set_dp(dp, key); } - if (key->type != -1) { - ecc_free(key); - key->type = -1; - key->dp = NULL; + else { + /* hashref */ + ltc_ecc_set_type set = { 0 }; + + if ((h = (HV*)(SvRV(sv_crv))) == NULL) croak("FATAL: ecparams: param is not valid hashref"); + + if ((sv_prime = hv_fetchs(h, "prime", 0)) == NULL) croak("FATAL: ecparams: missing param prime"); + if ((sv_A = hv_fetchs(h, "A", 0)) == NULL) croak("FATAL: ecparams: missing param A"); + if ((sv_B = hv_fetchs(h, "B", 0)) == NULL) croak("FATAL: ecparams: missing param B"); + if ((sv_order = hv_fetchs(h, "order", 0)) == NULL) croak("FATAL: ecparams: missing param order"); + if ((sv_Gx = hv_fetchs(h, "Gx", 0)) == NULL) croak("FATAL: ecparams: missing param Gx"); + if ((sv_Gy = hv_fetchs(h, "Gy", 0)) == NULL) croak("FATAL: ecparams: missing param Gy"); + if ((sv_cofactor = hv_fetchs(h, "cofactor", 0)) == NULL) croak("FATAL: ecparams: missing param cofactor"); + + if (!SvOK(*sv_prime )) croak("FATAL: ecparams: undefined param prime"); + if (!SvOK(*sv_A )) croak("FATAL: ecparams: undefined param A"); + if (!SvOK(*sv_B )) croak("FATAL: ecparams: undefined param B"); + if (!SvOK(*sv_order )) croak("FATAL: ecparams: undefined param order"); + if (!SvOK(*sv_Gx )) croak("FATAL: ecparams: undefined param Gx"); + if (!SvOK(*sv_Gy )) croak("FATAL: ecparams: undefined param Gy"); + if (!SvOK(*sv_cofactor)) croak("FATAL: ecparams: undefined param cofactor"); + + set.prime = SvPV_nolen(*sv_prime); + set.A = SvPV_nolen(*sv_A); + set.B = SvPV_nolen(*sv_B); + set.order = SvPV_nolen(*sv_order); + set.Gx = SvPV_nolen(*sv_Gx); + set.Gy = SvPV_nolen(*sv_Gy); + set.cofactor = (unsigned long)SvUV(*sv_cofactor), + set.name = NULL; + set.oidlen = 0; + + sv_oid = hv_fetchs(h, "oid", 0); + if (sv_oid && SvPOK(*sv_oid)) { + ch_name = SvPV(*sv_oid, l_name); + for (i = 0, j = 0; i < l_name; i++) { + if (ch_name[i] == '.') { + if (++j >= 16) return CRYPT_ERROR; + } + else if(ch_name[i] >= '0' && ch_name[i] <= '9') { + set.oid[j] = set.oid[j] * 10 + (ch_name[i] - '0'); + } + else { + return CRYPT_ERROR; + } + } + if (j == 0) return CRYPT_ERROR; + set.oidlen = j + 1; + } + + if ((err = ecc_set_dp(&set, key)) != CRYPT_OK) return err; + if (key->dp.oidlen == 0) _ecc_oid_lookup(key); + return CRYPT_OK; } } @@ -324,208 +396,320 @@ MODULE = CryptX PACKAGE = CryptX PREFIX = CryptX_ PROTOTYPES: DISABLE BOOT: - if(register_cipher(&blowfish_desc)==-1) { croak("FATAL: cannot register_cipher blowfish"); } - if(register_cipher(&rc5_desc)==-1) { croak("FATAL: cannot register_cipher rc5"); } - if(register_cipher(&rc6_desc)==-1) { croak("FATAL: cannot register_cipher rc6"); } - if(register_cipher(&rc2_desc)==-1) { croak("FATAL: cannot register_cipher rc2"); } - if(register_cipher(&saferp_desc)==-1) { croak("FATAL: cannot register_cipher saferp"); } - if(register_cipher(&safer_k64_desc)==-1) { croak("FATAL: cannot register_cipher safer_k64"); } - if(register_cipher(&safer_k128_desc)==-1) { croak("FATAL: cannot register_cipher safer_k128"); } - if(register_cipher(&safer_sk64_desc)==-1) { croak("FATAL: cannot register_cipher safer_sk64"); } - if(register_cipher(&safer_sk128_desc)==-1) { croak("FATAL: cannot register_cipher safer_sk128"); } - if(register_cipher(&aes_desc)==-1) { croak("FATAL: cannot register_cipher aes"); } - if(register_cipher(&xtea_desc)==-1) { croak("FATAL: cannot register_cipher xtea"); } - if(register_cipher(&twofish_desc)==-1) { croak("FATAL: cannot register_cipher twofish"); } - if(register_cipher(&des_desc)==-1) { croak("FATAL: cannot register_cipher des"); } - if(register_cipher(&des3_desc)==-1) { croak("FATAL: cannot register_cipher des3"); } - if(register_cipher(&cast5_desc)==-1) { croak("FATAL: cannot register_cipher cast5"); } - if(register_cipher(&noekeon_desc)==-1) { croak("FATAL: cannot register_cipher noekeon"); } - if(register_cipher(&skipjack_desc)==-1) { croak("FATAL: cannot register_cipher skipjack"); } - if(register_cipher(&khazad_desc)==-1) { croak("FATAL: cannot register_cipher khazad"); } - if(register_cipher(&anubis_desc)==-1) { croak("FATAL: cannot register_cipher anubis"); } - if(register_cipher(&kseed_desc)==-1) { croak("FATAL: cannot register_cipher kseed"); } - if(register_cipher(&kasumi_desc)==-1) { croak("FATAL: cannot register_cipher kasumi"); } - if(register_cipher(&multi2_desc)==-1) { croak("FATAL: cannot register_cipher multi2"); } - if(register_cipher(&camellia_desc)==-1) { croak("FATAL: cannot register_cipher camellia"); } - /* --- */ - if(register_hash(&chc_desc)==-1) { croak("FATAL: cannot register_hash chc_hash"); } - if(register_hash(&md2_desc)==-1) { croak("FATAL: cannot register_hash md2"); } - if(register_hash(&md4_desc)==-1) { croak("FATAL: cannot register_hash md4"); } - if(register_hash(&md5_desc)==-1) { croak("FATAL: cannot register_hash md5"); } - if(register_hash(&rmd128_desc)==-1) { croak("FATAL: cannot register_hash rmd128"); } - if(register_hash(&rmd160_desc)==-1) { croak("FATAL: cannot register_hash rmd160"); } - if(register_hash(&rmd256_desc)==-1) { croak("FATAL: cannot register_hash rmd256"); } - if(register_hash(&rmd320_desc)==-1) { croak("FATAL: cannot register_hash rmd320"); } - if(register_hash(&sha1_desc)==-1) { croak("FATAL: cannot register_hash sha1"); } - if(register_hash(&sha224_desc)==-1) { croak("FATAL: cannot register_hash sha224"); } - if(register_hash(&sha256_desc)==-1) { croak("FATAL: cannot register_hash sha256"); } - if(register_hash(&sha384_desc)==-1) { croak("FATAL: cannot register_hash sha384"); } - if(register_hash(&sha512_desc)==-1) { croak("FATAL: cannot register_hash sha512"); } - if(register_hash(&sha512_224_desc)==-1) { croak("FATAL: cannot register_hash sha512_224"); } - if(register_hash(&sha512_256_desc)==-1) { croak("FATAL: cannot register_hash sha512_256"); } - if(register_hash(&sha3_224_desc)==-1) { croak("FATAL: cannot register_hash sha3_224"); } - if(register_hash(&sha3_256_desc)==-1) { croak("FATAL: cannot register_hash sha3_256"); } - if(register_hash(&sha3_384_desc)==-1) { croak("FATAL: cannot register_hash sha3_384"); } - if(register_hash(&sha3_512_desc)==-1) { croak("FATAL: cannot register_hash sha3_512"); } - if(register_hash(&tiger_desc)==-1) { croak("FATAL: cannot register_hash tiger"); } - if(register_hash(&whirlpool_desc)==-1) { croak("FATAL: cannot register_hash whirlpool"); } - if(register_hash(&blake2b_160_desc)==-1) { croak("FATAL: cannot register_hash blake2b_160"); } - if(register_hash(&blake2b_256_desc)==-1) { croak("FATAL: cannot register_hash blake2b_256"); } - if(register_hash(&blake2b_384_desc)==-1) { croak("FATAL: cannot register_hash blake2b_384"); } - if(register_hash(&blake2b_512_desc)==-1) { croak("FATAL: cannot register_hash blake2b_512"); } - if(register_hash(&blake2s_128_desc)==-1) { croak("FATAL: cannot register_hash blake2s_128"); } - if(register_hash(&blake2s_160_desc)==-1) { croak("FATAL: cannot register_hash blake2s_160"); } - if(register_hash(&blake2s_224_desc)==-1) { croak("FATAL: cannot register_hash blake2s_224"); } - if(register_hash(&blake2s_256_desc)==-1) { croak("FATAL: cannot register_hash blake2s_256"); } - /* --- */ - if(chc_register(find_cipher("aes"))==-1) { croak("FATAL: chc_register failed"); } - /* --- */ - if(register_prng(&fortuna_desc)==-1) { croak("FATAL: cannot register_prng fortuna"); } - if(register_prng(&yarrow_desc)==-1) { croak("FATAL: cannot register_prng yarrow"); } - if(register_prng(&rc4_desc)==-1) { croak("FATAL: cannot register_prng rc4"); } - if(register_prng(&sober128_desc)==-1) { croak("FATAL: cannot register_prng sober128"); } - if(register_prng(&chacha20_prng_desc)==-1) { croak("FATAL: cannot register_prng chacha20"); } - /* --- */ -#ifdef TFM_DESC - ltc_mp = tfm_desc; -#else - ltc_mp = ltm_desc; -#endif + if(register_all_ciphers() != CRYPT_OK) { croak("FATAL: register_all_ciphers failed"); } + if(register_all_hashes() != CRYPT_OK) { croak("FATAL: register_all_hashes failed"); } + if(register_all_prngs() != CRYPT_OK) { croak("FATAL: register_all_prngs failed"); } + if(crypt_mp_init("ltm") != CRYPT_OK) { croak("FATAL: crypt_mp_init failed"); } SV * -CryptX__encode_base64url(SV * in) +CryptX__ltc_build_settings() + CODE: + RETVAL = newSVpv(crypt_build_settings, 0); + OUTPUT: + RETVAL + +SV * +CryptX__ltc_mp_name() + CODE: + RETVAL = newSVpv(ltc_mp.name, 0); + OUTPUT: + RETVAL + +int +CryptX__ltc_mp_bits_per_digit() + CODE: + RETVAL = ltc_mp.bits_per_digit; + OUTPUT: + RETVAL + +MODULE = CryptX PACKAGE = Crypt::Misc + +PROTOTYPES: DISABLE + +SV * +_radix_to_bin(char *in, int radix) CODE: { - STRLEN in_len; - unsigned long out_len; - unsigned char *out_data, *in_data; - int rv; + STRLEN len; + unsigned char *out_data; + mp_int mpi; - if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *) SvPVbyte(in, in_len); - out_len = (unsigned long)(4 * ((in_len + 2) / 3) + 1); - Newz(0, out_data, out_len, unsigned char); - if (!out_data) croak("FATAL: Newz failed [%ld]", out_len); - rv = base64url_encode(in_data, (unsigned long)in_len, out_data, &out_len); - RETVAL = (rv == CRYPT_OK) ? newSVpvn((char *)out_data, out_len) : newSVpvn(NULL, 0); - Safefree(out_data); + if (in == NULL) XSRETURN_UNDEF; + if (mp_init(&mpi) != CRYPT_OK) XSRETURN_UNDEF; + if (strlen(in) == 0) { + RETVAL = newSVpvn("", 0); + } + else if (mp_read_radix(&mpi, in, radix) == CRYPT_OK) { + len = mp_unsigned_bin_size(&mpi); + if (len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, len); + out_data = (unsigned char *)SvPVX(RETVAL); + mp_to_unsigned_bin(&mpi, out_data); + } + } + else { + RETVAL = newSVpvn(NULL, 0); /* undef */ + } + mp_clear(&mpi); } OUTPUT: RETVAL SV * -CryptX__decode_base64url(SV * in) +_bin_to_radix(SV *in, int radix) CODE: { - STRLEN in_len; - unsigned long out_len; - unsigned char *out_data, *in_data; - int rv; + STRLEN len; + unsigned char *in_data; + char *out_data; + mp_int mpi, tmp; + mp_digit d; + int digits = 0; - if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *) SvPVbyte(in, in_len); - out_len = (unsigned long)in_len; - Newz(0, out_data, out_len, unsigned char); - if (!out_data) croak("FATAL: Newz failed [%ld]", out_len); - rv = base64url_decode(in_data, (unsigned long)in_len, out_data, &out_len); - RETVAL = (rv == CRYPT_OK) ? newSVpvn((char *)out_data, out_len) : newSVpvn(NULL, 0); - Safefree(out_data); + if (!SvPOK(in) || radix < 2 || radix > 64) XSRETURN_UNDEF; + in_data = (unsigned char *) SvPVbyte(in, len); + mp_init_multi(&mpi, &tmp, NULL); + if (len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + if (mp_read_unsigned_bin(&mpi, in_data, (unsigned long)len) == CRYPT_OK) { + mp_copy(&mpi, &tmp); + while (mp_iszero(&tmp) == MP_NO) { + mp_div_d(&tmp, (mp_digit)radix, &tmp, &d); + digits++; + } + if (digits == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, digits + 2); /* +2 for sign and NUL byte */ + SvPOK_only(RETVAL); + out_data = SvPVX(RETVAL); + mp_toradix(&mpi, out_data, radix); + SvCUR_set(RETVAL, strlen(out_data)); + } + } + else { + RETVAL = newSVpvn(NULL, 0); /* undef */ + } + } + mp_clear_multi(&tmp, &mpi, NULL); } OUTPUT: RETVAL SV * -CryptX__encode_base64(SV * in) +encode_b64(SV * in) + ALIAS: + encode_b64u = 1 CODE: { + int rv; STRLEN in_len; unsigned long out_len; unsigned char *out_data, *in_data; - int rv; if (!SvPOK(in)) XSRETURN_UNDEF; in_data = (unsigned char *) SvPVbyte(in, in_len); - out_len = (unsigned long)(4 * ((in_len + 2) / 3) + 1); - Newz(0, out_data, out_len, unsigned char); - if (!out_data) croak("FATAL: Newz failed [%ld]", out_len); - rv = base64_encode(in_data, (unsigned long)in_len, out_data, &out_len); - RETVAL = (rv == CRYPT_OK) ? newSVpvn((char *)out_data, out_len) : newSVpvn(NULL, 0); - Safefree(out_data); + if (in_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + out_len = (unsigned long)(4 * ((in_len + 2) / 3) + 1); + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + out_data = (unsigned char *)SvPVX(RETVAL); + if (ix == 1) + rv = base64url_encode(in_data, (unsigned long)in_len, out_data, &out_len); + else + rv = base64_encode(in_data, (unsigned long)in_len, out_data, &out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + XSRETURN_UNDEF; + } + SvCUR_set(RETVAL, out_len); + } } OUTPUT: RETVAL SV * -CryptX__decode_base64(SV * in) +decode_b64(SV * in) + ALIAS: + decode_b64u = 1 CODE: { + int rv; STRLEN in_len; unsigned long out_len; unsigned char *out_data, *in_data; - int rv; if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *) SvPVbyte(in, in_len); - out_len = (unsigned long)in_len; - Newz(0, out_data, out_len, unsigned char); - if (!out_data) croak("FATAL: Newz failed [%ld]", out_len); - rv = base64_decode(in_data, (unsigned long)in_len, out_data, &out_len); - RETVAL = (rv == CRYPT_OK) ? newSVpvn((char *)out_data, out_len) : newSVpvn(NULL, 0); - Safefree(out_data); + in_data = (unsigned char *)SvPVbyte(in, in_len); + if (in_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + out_len = (unsigned long)in_len; + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + out_data = (unsigned char *)SvPVX(RETVAL); + if (ix == 1) + rv = base64url_decode(in_data, (unsigned long)in_len, out_data, &out_len); + else + rv = base64_decode(in_data, (unsigned long)in_len, out_data, &out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + XSRETURN_UNDEF; + } + SvCUR_set(RETVAL, out_len); + } } OUTPUT: RETVAL SV * -CryptX__increment_octets_le(SV * in) +encode_b32r(SV *in) + ALIAS: + encode_b32b = 1 + encode_b32z = 2 + encode_b32c = 3 + CODE: + { + STRLEN in_len; + unsigned long out_len; + unsigned char *out_data, *in_data; + int id = -1; + + if (!SvPOK(in)) XSRETURN_UNDEF; + if (ix == 0) id = BASE32_RFC4648; + if (ix == 1) id = BASE32_BASE32HEX; + if (ix == 2) id = BASE32_ZBASE32; + if (ix == 3) id = BASE32_CROCKFORD; + if (id == -1) XSRETURN_UNDEF; + in_data = (unsigned char *) SvPVbyte(in, in_len); + if (in_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + out_len = (unsigned long)((8 * in_len + 4) / 5); + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + out_data = (unsigned char *)SvPVX(RETVAL); + if (base32_encode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + XSRETURN_UNDEF; + } + SvCUR_set(RETVAL, out_len); + } + } + OUTPUT: + RETVAL + +SV * +decode_b32r(SV *in) + ALIAS: + decode_b32b = 1 + decode_b32z = 2 + decode_b32c = 3 + CODE: + { + STRLEN in_len; + unsigned long out_len; + unsigned char *out_data, *in_data; + int id = -1; + + if (!SvPOK(in)) XSRETURN_UNDEF; + if (ix == 0) id = BASE32_RFC4648; + if (ix == 1) id = BASE32_BASE32HEX; + if (ix == 2) id = BASE32_ZBASE32; + if (ix == 3) id = BASE32_CROCKFORD; + if (id == -1) XSRETURN_UNDEF; + in_data = (unsigned char *)SvPVbyte(in, in_len); + if (in_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + out_len = (unsigned long)in_len; + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + out_data = (unsigned char *)SvPVX(RETVAL); + if (base32_decode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + XSRETURN_UNDEF; + } + SvCUR_set(RETVAL, out_len); + } + } + OUTPUT: + RETVAL + +SV * +increment_octets_le(SV * in) CODE: { STRLEN len, i = 0; unsigned char *out_data, *in_data; - int rv; if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *) SvPVbyte(in, len); - if (len == 0) XSRETURN_UNDEF; - - RETVAL = NEWSV(0, len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - Copy(in_data, out_data, len, unsigned char); - while (i < len) { - out_data[i]++; - if (0 != out_data[i]) break; - i++; + in_data = (unsigned char *)SvPVbyte(in, len); + if (len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, len); + out_data = (unsigned char *)SvPVX(RETVAL); + Copy(in_data, out_data, len, unsigned char); + while (i < len) { + out_data[i]++; + if (0 != out_data[i]) break; + i++; + } + if (i == len) { + SvREFCNT_dec(RETVAL); + croak("FATAL: increment_octets_le overflow"); + } } - if (i == len) croak("FATAL: increment_octets_le overflow"); } OUTPUT: RETVAL SV * -CryptX__increment_octets_be(SV * in) +increment_octets_be(SV * in) CODE: { STRLEN len, i = 0; unsigned char *out_data, *in_data; - int rv; if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *) SvPVbyte(in, len); - if (len == 0) XSRETURN_UNDEF; - - RETVAL = NEWSV(0, len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - Copy(in_data, out_data, len, unsigned char); - while (i < len) { - out_data[len - 1 - i]++; - if (0 != out_data[len - 1 - i]) break; - i++; + in_data = (unsigned char *)SvPVbyte(in, len); + if (len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, len); + out_data = (unsigned char *)SvPVX(RETVAL); + Copy(in_data, out_data, len, unsigned char); + while (i < len) { + out_data[len - 1 - i]++; + if (0 != out_data[len - 1 - i]) break; + i++; + } + if (i == len) { + SvREFCNT_dec(RETVAL); + croak("FATAL: increment_octets_be overflow"); + } } - if (i == len) croak("FATAL: increment_octets_le overflow"); } OUTPUT: RETVAL @@ -533,7 +717,7 @@ CryptX__increment_octets_be(SV * in) ############################################################################### INCLUDE: inc/CryptX_Digest.xs.inc -INCLUDE: inc/CryptX_Digest_SHAKE.xs.inc +INCLUDE: inc/CryptX_Digest_SHAKE.xs.inc INCLUDE: inc/CryptX_Cipher.xs.inc INCLUDE: inc/CryptX_Checksum_Adler32.xs.inc @@ -546,8 +730,11 @@ INCLUDE: inc/CryptX_AuthEnc_CCM.xs.inc INCLUDE: inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc INCLUDE: inc/CryptX_Stream_ChaCha.xs.inc +INCLUDE: inc/CryptX_Stream_Salsa20.xs.inc INCLUDE: inc/CryptX_Stream_RC4.xs.inc INCLUDE: inc/CryptX_Stream_Sober128.xs.inc +INCLUDE: inc/CryptX_Stream_Sosemanuk.xs.inc +INCLUDE: inc/CryptX_Stream_Rabbit.xs.inc INCLUDE: inc/CryptX_Mac_F9.xs.inc INCLUDE: inc/CryptX_Mac_HMAC.xs.inc diff --git a/MANIFEST b/MANIFEST index 1cf5a5e..86a49bb 100644 --- a/MANIFEST +++ b/MANIFEST @@ -32,8 +32,11 @@ inc/CryptX_PK_ECC.xs.inc inc/CryptX_PK_RSA.xs.inc inc/CryptX_PRNG.xs.inc inc/CryptX_Stream_ChaCha.xs.inc +inc/CryptX_Stream_Rabbit.xs.inc inc/CryptX_Stream_RC4.xs.inc +inc/CryptX_Stream_Salsa20.xs.inc inc/CryptX_Stream_Sober128.xs.inc +inc/CryptX_Stream_Sosemanuk.xs.inc lib/Crypt/AuthEnc.pm lib/Crypt/AuthEnc/CCM.pm lib/Crypt/AuthEnc/ChaCha20Poly1305.pm @@ -51,6 +54,7 @@ lib/Crypt/Cipher/Camellia.pm lib/Crypt/Cipher/CAST5.pm lib/Crypt/Cipher/DES.pm lib/Crypt/Cipher/DES_EDE.pm +lib/Crypt/Cipher/IDEA.pm lib/Crypt/Cipher/KASUMI.pm lib/Crypt/Cipher/Khazad.pm lib/Crypt/Cipher/MULTI2.pm @@ -64,6 +68,7 @@ lib/Crypt/Cipher/SAFER_SK128.pm lib/Crypt/Cipher/SAFER_SK64.pm lib/Crypt/Cipher/SAFERP.pm lib/Crypt/Cipher/SEED.pm +lib/Crypt/Cipher/Serpent.pm lib/Crypt/Cipher/Skipjack.pm lib/Crypt/Cipher/Twofish.pm lib/Crypt/Cipher/XTEA.pm @@ -77,6 +82,10 @@ lib/Crypt/Digest/BLAKE2s_160.pm lib/Crypt/Digest/BLAKE2s_224.pm lib/Crypt/Digest/BLAKE2s_256.pm lib/Crypt/Digest/CHAES.pm +lib/Crypt/Digest/Keccak224.pm +lib/Crypt/Digest/Keccak256.pm +lib/Crypt/Digest/Keccak384.pm +lib/Crypt/Digest/Keccak512.pm lib/Crypt/Digest/MD2.pm lib/Crypt/Digest/MD4.pm lib/Crypt/Digest/MD5.pm @@ -128,8 +137,11 @@ lib/Crypt/PRNG/RC4.pm lib/Crypt/PRNG/Sober128.pm lib/Crypt/PRNG/Yarrow.pm lib/Crypt/Stream/ChaCha.pm +lib/Crypt/Stream/Rabbit.pm lib/Crypt/Stream/RC4.pm +lib/Crypt/Stream/Salsa20.pm lib/Crypt/Stream/Sober128.pm +lib/Crypt/Stream/Sosemanuk.pm lib/CryptX.pm lib/Math/BigInt/LTM.pm LICENSE @@ -138,7 +150,7 @@ MANIFEST This list of files META.json META.yml ppport.h -README +README.md src/ltc/ciphers/aes/aes.c src/ltc/ciphers/aes/aes_tab.c src/ltc/ciphers/anubis.c @@ -146,6 +158,7 @@ src/ltc/ciphers/blowfish.c src/ltc/ciphers/camellia.c src/ltc/ciphers/cast5.c src/ltc/ciphers/des.c +src/ltc/ciphers/idea.c src/ltc/ciphers/kasumi.c src/ltc/ciphers/khazad.c src/ltc/ciphers/kseed.c @@ -157,6 +170,7 @@ src/ltc/ciphers/rc6.c src/ltc/ciphers/safer/safer.c src/ltc/ciphers/safer/safer_tab.c src/ltc/ciphers/safer/saferp.c +src/ltc/ciphers/serpent.c src/ltc/ciphers/skipjack.c src/ltc/ciphers/twofish/twofish.c src/ltc/ciphers/twofish/twofish_tab.c @@ -201,8 +215,6 @@ src/ltc/encauth/ocb3/ocb3_encrypt.c src/ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.c src/ltc/encauth/ocb3/ocb3_encrypt_last.c src/ltc/encauth/ocb3/ocb3_init.c -src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c -src/ltc/encauth/ocb3/ocb3_int_calc_offset_zero.c src/ltc/encauth/ocb3/ocb3_int_ntz.c src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c src/ltc/hashes/blake2b.c @@ -293,18 +305,24 @@ src/ltc/mac/xcbc/xcbc_process.c src/ltc/math/fp/ltc_ecc_fp_mulmod.c src/ltc/math/ltm_desc.c src/ltc/math/multi.c +src/ltc/math/radix_to_bin.c src/ltc/math/rand_bn.c src/ltc/math/rand_prime.c src/ltc/math/tfm_desc.c src/ltc/misc/adler32.c +src/ltc/misc/base32/base32_decode.c +src/ltc/misc/base32/base32_encode.c src/ltc/misc/base64/base64_decode.c src/ltc/misc/base64/base64_encode.c src/ltc/misc/burn_stack.c +src/ltc/misc/compare_testvector.c +src/ltc/misc/copy_or_zeromem.c src/ltc/misc/crc32.c src/ltc/misc/crypt/crypt.c src/ltc/misc/crypt/crypt_argchk.c src/ltc/misc/crypt/crypt_cipher_descriptor.c src/ltc/misc/crypt/crypt_cipher_is_valid.c +src/ltc/misc/crypt/crypt_constants.c src/ltc/misc/crypt/crypt_find_cipher.c src/ltc/misc/crypt/crypt_find_cipher_any.c src/ltc/misc/crypt/crypt_find_cipher_id.c @@ -320,9 +338,14 @@ src/ltc/misc/crypt/crypt_inits.c src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c src/ltc/misc/crypt/crypt_prng_descriptor.c src/ltc/misc/crypt/crypt_prng_is_valid.c +src/ltc/misc/crypt/crypt_prng_rng_descriptor.c +src/ltc/misc/crypt/crypt_register_all_ciphers.c +src/ltc/misc/crypt/crypt_register_all_hashes.c +src/ltc/misc/crypt/crypt_register_all_prngs.c src/ltc/misc/crypt/crypt_register_cipher.c src/ltc/misc/crypt/crypt_register_hash.c src/ltc/misc/crypt/crypt_register_prng.c +src/ltc/misc/crypt/crypt_sizes.c src/ltc/misc/crypt/crypt_unregister_cipher.c src/ltc/misc/crypt/crypt_unregister_hash.c src/ltc/misc/crypt/crypt_unregister_prng.c @@ -370,6 +393,16 @@ src/ltc/pk/asn1/der/boolean/der_decode_boolean.c src/ltc/pk/asn1/der/boolean/der_encode_boolean.c src/ltc/pk/asn1/der/boolean/der_length_boolean.c src/ltc/pk/asn1/der/choice/der_decode_choice.c +src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c +src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c +src/ltc/pk/asn1/der/custom_type/der_length_custom_type.c +src/ltc/pk/asn1/der/general/der_asn1_maps.c +src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c +src/ltc/pk/asn1/der/general/der_decode_asn1_length.c +src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c +src/ltc/pk/asn1/der/general/der_encode_asn1_length.c +src/ltc/pk/asn1/der/general/der_length_asn1_identifier.c +src/ltc/pk/asn1/der/general/der_length_asn1_length.c src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c @@ -391,12 +424,11 @@ src/ltc/pk/asn1/der/printable_string/der_length_printable_string.c src/ltc/pk/asn1/der/sequence/der_decode_sequence_ex.c src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c -src/ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.c src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c -src/ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.c src/ltc/pk/asn1/der/sequence/der_length_sequence.c src/ltc/pk/asn1/der/sequence/der_sequence_free.c +src/ltc/pk/asn1/der/sequence/der_sequence_shrink.c src/ltc/pk/asn1/der/set/der_encode_set.c src/ltc/pk/asn1/der/set/der_encode_setof.c src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c @@ -410,17 +442,28 @@ src/ltc/pk/asn1/der/utctime/der_length_utctime.c src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c src/ltc/pk/asn1/der/utf8/der_encode_utf8_string.c src/ltc/pk/asn1/der/utf8/der_length_utf8_string.c +src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c +src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c src/ltc/pk/dh/dh.c -src/ltc/pk/dh/dh_static.c -src/ltc/pk/dh/dh_static.h -src/ltc/pk/dh/dh_sys.c +src/ltc/pk/dh/dh_check_pubkey.c +src/ltc/pk/dh/dh_export.c +src/ltc/pk/dh/dh_export_key.c +src/ltc/pk/dh/dh_free.c +src/ltc/pk/dh/dh_generate_key.c +src/ltc/pk/dh/dh_import.c +src/ltc/pk/dh/dh_set.c +src/ltc/pk/dh/dh_set_pg_dhparam.c +src/ltc/pk/dh/dh_shared_secret.c src/ltc/pk/dsa/dsa_decrypt_key.c src/ltc/pk/dsa/dsa_encrypt_key.c src/ltc/pk/dsa/dsa_export.c src/ltc/pk/dsa/dsa_free.c +src/ltc/pk/dsa/dsa_generate_key.c +src/ltc/pk/dsa/dsa_generate_pqg.c src/ltc/pk/dsa/dsa_import.c -src/ltc/pk/dsa/dsa_import_radix.c src/ltc/pk/dsa/dsa_make_key.c +src/ltc/pk/dsa/dsa_set.c +src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c src/ltc/pk/dsa/dsa_shared_secret.c src/ltc/pk/dsa/dsa_sign_hash.c src/ltc/pk/dsa/dsa_verify_hash.c @@ -429,33 +472,29 @@ src/ltc/pk/ecc/ecc.c src/ltc/pk/ecc/ecc_ansi_x963_export.c src/ltc/pk/ecc/ecc_ansi_x963_import.c src/ltc/pk/ecc/ecc_decrypt_key.c -src/ltc/pk/ecc/ecc_dp_clear.c -src/ltc/pk/ecc/ecc_dp_fill_from_sets.c -src/ltc/pk/ecc/ecc_dp_from_oid.c -src/ltc/pk/ecc/ecc_dp_from_params.c -src/ltc/pk/ecc/ecc_dp_init.c -src/ltc/pk/ecc/ecc_dp_set.c src/ltc/pk/ecc/ecc_encrypt_key.c src/ltc/pk/ecc/ecc_export.c -src/ltc/pk/ecc/ecc_export_full.c -src/ltc/pk/ecc/ecc_export_raw.c +src/ltc/pk/ecc/ecc_export_openssl.c src/ltc/pk/ecc/ecc_free.c +src/ltc/pk/ecc/ecc_get_key.c +src/ltc/pk/ecc/ecc_get_set.c src/ltc/pk/ecc/ecc_get_size.c src/ltc/pk/ecc/ecc_import.c -src/ltc/pk/ecc/ecc_import_full.c +src/ltc/pk/ecc/ecc_import_openssl.c src/ltc/pk/ecc/ecc_import_pkcs8.c -src/ltc/pk/ecc/ecc_import_raw.c +src/ltc/pk/ecc/ecc_import_x509.c src/ltc/pk/ecc/ecc_make_key.c +src/ltc/pk/ecc/ecc_set_dp.c +src/ltc/pk/ecc/ecc_set_dp_internal.c +src/ltc/pk/ecc/ecc_set_key.c src/ltc/pk/ecc/ecc_shared_secret.c src/ltc/pk/ecc/ecc_sign_hash.c src/ltc/pk/ecc/ecc_sizes.c src/ltc/pk/ecc/ecc_verify_hash.c -src/ltc/pk/ecc/ecc_verify_key.c src/ltc/pk/ecc/ltc_ecc_export_point.c src/ltc/pk/ecc/ltc_ecc_import_point.c src/ltc/pk/ecc/ltc_ecc_is_point.c src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c -src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c src/ltc/pk/ecc/ltc_ecc_map.c src/ltc/pk/ecc/ltc_ecc_mul2add.c src/ltc/pk/ecc/ltc_ecc_mulmod.c @@ -463,6 +502,7 @@ src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c src/ltc/pk/ecc/ltc_ecc_points.c src/ltc/pk/ecc/ltc_ecc_projective_add_point.c src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c +src/ltc/pk/ecc/ltc_ecc_verify_key.c src/ltc/pk/pkcs1/pkcs_1_i2osp.c src/ltc/pk/pkcs1/pkcs_1_mgf1.c src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c @@ -480,9 +520,9 @@ src/ltc/pk/rsa/rsa_free.c src/ltc/pk/rsa/rsa_get_size.c src/ltc/pk/rsa/rsa_import.c src/ltc/pk/rsa/rsa_import_pkcs8.c -src/ltc/pk/rsa/rsa_import_radix.c src/ltc/pk/rsa/rsa_import_x509.c src/ltc/pk/rsa/rsa_make_key.c +src/ltc/pk/rsa/rsa_set.c src/ltc/pk/rsa/rsa_sign_hash.c src/ltc/pk/rsa/rsa_sign_saltlen_get.c src/ltc/pk/rsa/rsa_verify_hash.c @@ -500,9 +540,16 @@ src/ltc/stream/chacha/chacha_ivctr32.c src/ltc/stream/chacha/chacha_ivctr64.c src/ltc/stream/chacha/chacha_keystream.c src/ltc/stream/chacha/chacha_setup.c -src/ltc/stream/rc4/rc4.c -src/ltc/stream/sober128/sober128.c +src/ltc/stream/rabbit/rabbit.c +src/ltc/stream/rc4/rc4_stream.c +src/ltc/stream/salsa20/salsa20_crypt.c +src/ltc/stream/salsa20/salsa20_done.c +src/ltc/stream/salsa20/salsa20_ivctr64.c +src/ltc/stream/salsa20/salsa20_keystream.c +src/ltc/stream/salsa20/salsa20_setup.c +src/ltc/stream/sober128/sober128_stream.c src/ltc/stream/sober128/sober128tab.c +src/ltc/stream/sosemanuk/sosemanuk.c src/ltm/bn_error.c src/ltm/bn_fast_mp_invmod.c src/ltm/bn_fast_mp_montgomery_reduce.c @@ -640,6 +687,8 @@ src/Makefile.nmake t/001_compile.t t/002_all_pm.t t/003_all_pm_pod.t +t/004_all_pm_pod_spelling.t +t/005_all_pm_pod_coverage.t t/auth_enc_ccm.t t/auth_enc_ccm_test_vector_ltc.t t/auth_enc_chacha20poly1305.t @@ -658,6 +707,8 @@ t/cipher_camellia.t t/cipher_cast5.t t/cipher_des.t t/cipher_des_ede.t +t/cipher_idea.t +t/cipher_idea_compat.t t/cipher_kasumi.t t/cipher_khazad.t t/cipher_multi2.t @@ -673,8 +724,12 @@ t/cipher_safer_sk64.t t/cipher_saferp.t t/cipher_seed.t t/cipher_seed_test_vectors_bc.t +t/cipher_serpent.t +t/cipher_serpent_compat.t t/cipher_skipjack.t t/cipher_stream.t +t/cipher_stream_rabbit.t +t/cipher_stream_salsa20.t t/cipher_test_vectors_ltc.t t/cipher_test_vectors_openssl.t t/cipher_twofish.t @@ -765,6 +820,8 @@ t/data/openssl_ec1.pub.der t/data/openssl_ec1.pub.pem t/data/openssl_ec1.pubc.der t/data/openssl_ec1.pubc.pem +t/data/openssl_rsa-x509.der +t/data/openssl_rsa-x509.pem t/data/openssl_rsa1.der t/data/openssl_rsa1.pem t/data/openssl_rsa1.pubonly.der @@ -858,6 +915,10 @@ t/digest_blake2s_160.t t/digest_blake2s_224.t t/digest_blake2s_256.t t/digest_chaes.t +t/digest_keccak224.t +t/digest_keccak256.t +t/digest_keccak384.t +t/digest_keccak512.t t/digest_md2.t t/digest_md4.t t/digest_md5.t @@ -886,6 +947,7 @@ t/mac_blake2b.t t/mac_blake2s.t t/mac_f9.t t/mac_hmac.t +t/mac_hmac_nist.t t/mac_hmac_test_vectors_ltc.t t/mac_omac.t t/mac_omac_test_vectors_ltc.t @@ -926,4 +988,11 @@ t/prng_rc4.t t/prng_sober128.t t/prng_yarrow.t t/sshkey.t +t/wycheproof.t +t/wycheproof/aes_gcm_test.json +t/wycheproof/dsa_test.json +t/wycheproof/ecdh_webcrypto_test.json +t/wycheproof/ecdsa_test.json +t/wycheproof/ecdsa_webcrypto_test.json +t/wycheproof/rsa_signature_test.json typemap diff --git a/META.json b/META.json index 9813b1f..30a7f78 100644 --- a/META.json +++ b/META.json @@ -4,13 +4,13 @@ "Karel Miko" ], "dynamic_config" : 1, - "generated_by" : "ExtUtils::MakeMaker version 7.24, CPAN::Meta::Converter version 2.150010", + "generated_by" : "ExtUtils::MakeMaker version 7.3, CPAN::Meta::Converter version 2.150010", "license" : [ "perl_5" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", - "version" : "2" + "version" : 2 }, "name" : "CryptX", "no_index" : { @@ -36,7 +36,7 @@ } } }, - "release_status" : "stable", + "release_status" : "unstable", "resources" : { "bugtracker" : { "web" : "https://github.com/DCIT/perl-CryptX/issues" @@ -45,6 +45,6 @@ "url" : "https://github.com/DCIT/perl-CryptX" } }, - "version" : "0.048", - "x_serialization_backend" : "JSON::PP version 2.27400" + "version" : "0.058_002", + "x_serialization_backend" : "JSON::PP version 2.94" } diff --git a/META.yml b/META.yml index e904536..7fc789c 100644 --- a/META.yml +++ b/META.yml @@ -7,7 +7,7 @@ build_requires: configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 1 -generated_by: 'ExtUtils::MakeMaker version 7.24, CPAN::Meta::Converter version 2.150010' +generated_by: 'ExtUtils::MakeMaker version 7.3, CPAN::Meta::Converter version 2.150010' license: perl meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html @@ -22,5 +22,5 @@ requires: resources: bugtracker: https://github.com/DCIT/perl-CryptX/issues repository: https://github.com/DCIT/perl-CryptX -version: '0.048' +version: 0.058_002 x_serialization_backend: 'CPAN::Meta::YAML version 0.018' diff --git a/Makefile.PL b/Makefile.PL index bbe42fb..11f9956 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -3,26 +3,58 @@ use warnings; use ExtUtils::MakeMaker; use Config; -my @myobjs = map { s|.c$|$Config{obj_ext}|; $_ } grep { $_ !~ m|^src/ltc/\.*tab\.c$| } ( - glob('src/ltm/*.c'), - glob('src/ltc/*/*.c'), - glob('src/ltc/*/*/*.c'), - glob('src/ltc/*/*/*/*.c'), - glob('src/ltc/*/*/*/*/*.c'), -); -my $myextlib = "src/liballinone$Config{lib_ext}"; -my $mycflags = "$Config{cccdlflags} $Config{ccflags} $Config{optimize} -Iltm -Iltc/headers -DLTC_SOURCE -DLTC_NO_TEST -DLTC_NO_PROTOTYPES -DLTM_DESC"; +my (@EUMM_INC_LIB, $myarflags, $mycflags); -#FIX: gcc with -flto is a trouble maker see https://github.com/DCIT/perl-CryptX/issues/32 -$mycflags =~ s/-flto\b//g; +if ($ENV{CRYPTX_CFLAGS} || $ENV{CRYPTX_LDFLAGS}) { + # EXPERIMENTAL: use system libraries libtomcrypt + libtommath + # e.g. + # CRYPTX_LDFLAGS='-L/usr/local/lib -ltommath -ltomcrypt' CRYPTX_CFLAGS='-DLTM_DESC -I/usr/local/include' perl Makefile.PL + print "CRYPTX_CFLAGS = $ENV{CRYPTX_CFLAGS}\n" if $ENV{CRYPTX_CFLAGS}; + print "CRYPTX_LDFLAGS = $ENV{CRYPTX_LDFLAGS}\n" if $ENV{CRYPTX_LDFLAGS}; + @EUMM_INC_LIB = ( + INC => $ENV{CRYPTX_CFLAGS}, + LIBS => [ $ENV{CRYPTX_LDFLAGS} ], + ); +} +else { + # PREFERRED: use bundled libtomcrypt + libtommath (from ./src subdir) + my @myobjs = map { s|.c$|$Config{obj_ext}|; $_ } grep { $_ !~ m|^src/ltc/\.*tab\.c$| } ( + glob('src/ltm/*.c'), + glob('src/ltc/*/*.c'), + glob('src/ltc/*/*/*.c'), + glob('src/ltc/*/*/*/*.c'), + glob('src/ltc/*/*/*/*/*.c'), + ); + $mycflags = "$Config{ccflags} $Config{cccdlflags} $Config{optimize}"; -#FIX: avoid "ar: fatal: Numeric group ID too large" see https://github.com/DCIT/perl-CryptX/issues/33 -my $myarflags = '$(AR_STATIC_ARGS)'; -if ($^O ne 'MSWin32' && $Config{ar}) { - # for ar's "deterministic mode" we need GNU binutils 2.20+ (2009-10-16) - my $arver = `$Config{ar} --version`; - my ($maj, $min) = $arver =~ /^GNU ar [^\d]*(\d)\.(\d+)\.\d+/s; - $myarflags = 'rcD' if ($maj && $min && $maj >= 2 && $min >= 20) || $arver=~ /^BSD ar /; + #FIX: this is particularly useful for Debian https://github.com/DCIT/perl-CryptX/pull/39 + $mycflags .= " $ENV{CFLAGS}" if $ENV{CFLAGS}; + $mycflags .= " $ENV{CPPFLAGS}" if $ENV{CPPFLAGS}; + + #FIX: gcc with -flto is a trouble maker see https://github.com/DCIT/perl-CryptX/issues/32 + $mycflags =~ s/-flto\b//g; + + #FIX: avoid -Wwrite-strings -Wcast-qual -pedantic -pedantic-errors -ansi -std=c89 + $mycflags =~ s/-pedantic\b//g; + $mycflags =~ s/-pedantic-errors\b//g; + $mycflags =~ s/-std=c89\b//g; + $mycflags =~ s/-ansi\b//g; + $mycflags =~ s/-Wwrite-strings\b//g; + $mycflags =~ s/-Wcast-qual\b//g; + + #FIX: avoid "ar: fatal: Numeric group ID too large" see https://github.com/DCIT/perl-CryptX/issues/33 + $myarflags = '$(AR_STATIC_ARGS)'; + if ($^O ne 'MSWin32' && $Config{ar}) { + # for ar's "deterministic mode" we need GNU binutils 2.20+ (2009-10-16) + my $arver = `$Config{ar} --version 2>/dev/null`; + my ($maj, $min) = $arver =~ /^GNU ar [^\d]*(\d)\.(\d+)\.\d+/s; + $myarflags = 'rcD' if ($maj && $min && $maj >= 2 && $min >= 20) || $arver=~ /^BSD ar /; + } + @EUMM_INC_LIB = ( + INC => '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm', + MYEXTLIB => "src/liballinone$Config{lib_ext}", + clean => { 'FILES' => join(' ', @myobjs, "src/liballinone$Config{lib_ext}") }, + ); } my %eumm_args = ( @@ -33,14 +65,11 @@ my %eumm_args = ( MIN_PERL_VERSION => '5.006', LICENSE => 'perl_5', META_MERGE => { resources => { repository => 'https://github.com/DCIT/perl-CryptX', bugtracker => 'https://github.com/DCIT/perl-CryptX/issues' } }, - DEFINE => '-DLTC_SOURCE -DLTC_NO_TEST -DLTC_NO_PROTOTYPES -DLTM_DESC', - INC => '-Isrc/ltc/headers -Isrc/ltm', - LIBS => [''], - MYEXTLIB => $myextlib, - clean => { 'FILES' => join(' ', @myobjs, $myextlib) }, + dist => { 'PREOP' => 'perldoc -u lib/CryptX.pm | pod2markdown > README.md' }, + @EUMM_INC_LIB ); -my $eumm_ver = eval $ExtUtils::MakeMaker::VERSION; +my $eumm_ver = eval $ExtUtils::MakeMaker::VERSION; delete $eumm_args{MIN_PERL_VERSION} if $eumm_ver < 6.48; delete $eumm_args{META_ADD} if $eumm_ver < 6.46; delete $eumm_args{META_MERGE} if $eumm_ver < 6.46; @@ -48,40 +77,49 @@ delete $eumm_args{LICENSE} if $eumm_ver < 6.31; WriteMakefile(%eumm_args); -# ARFLAGS=\$(AR_STATIC_ARGS) RANLIB=\$(RANLIB) AR=\$(AR) - sub MY::postamble { - my $myextlib = qq{ + return "" unless $mycflags && $myarflags; + + my $extra_targets = qq{ \$(MYEXTLIB): src/Makefile cd src && \$(MAKE) ARFLAGS="$myarflags" RANLIB="\$(RANLIB)" AR="\$(AR)" CC="\$(CC)" LIB_EXT=\$(LIB_EXT) OBJ_EXT=\$(OBJ_EXT) CFLAGS="$mycflags" }; - $myextlib = qq{ + $extra_targets = qq{ \$(MYEXTLIB): src/Makefile cd src && \$(MAKE) -f Makefile.nmake CFLAGS="$mycflags" } if $^O eq 'MSWin32' && $Config{make} =~ /nmake/ && $Config{cc} =~ /cl/; - $myextlib = qq{ + $extra_targets = qq{ \$(MYEXTLIB): src/Makefile cd src && \$(MAKE) CC="$Config{cc}" CFLAGS="$mycflags" } if $^O eq 'MSWin32' && $Config{cc} =~ /gcc/; - my $version_patch = q{ + $extra_targets .= q{ versionsync: $(NOECHO) perl _generators/version_patch.pl sync - versioninc: $(NOECHO) perl _generators/version_patch.pl inc - versionincdev: $(NOECHO) perl _generators/version_patch.pl incdev - versiondec: $(NOECHO) perl _generators/version_patch.pl dec - versiondecdev: $(NOECHO) perl _generators/version_patch.pl decdev +gencode: + $(NOECHO) perl _generators/gen.pl gencode +gentest: all + $(NOECHO) perl _generators/gen.pl gentest +openssltest: all + $(NOECHO) perl -Mblib t/openssl/dsa-test.pl + $(NOECHO) perl -Mblib t/openssl/ecc-test.pl + $(NOECHO) perl -Mblib t/openssl/rsa-test.pl +rebuild-pre: + $(RM_F) src/liballinone.a + $(TOUCH) CryptX.xs +rebuild: rebuild-pre all + }; - return "$myextlib\n$version_patch"; + return $extra_targets; } diff --git a/README b/README deleted file mode 100644 index 63f661b..0000000 --- a/README +++ /dev/null @@ -1,68 +0,0 @@ -NAME - CryptX - Crypto toolkit (self-contained no external libraries needed) - -DESCRIPTION - Cryptography in CryptX is based on - - - Currently available modules: - - * Ciphers - see Crypt::Cipher and related modules - - Crypt::Cipher::AES, Crypt::Cipher::Anubis, Crypt::Cipher::Blowfish, - Crypt::Cipher::Camellia, Crypt::Cipher::CAST5, Crypt::Cipher::DES, - Crypt::Cipher::DES_EDE, Crypt::Cipher::KASUMI, - Crypt::Cipher::Khazad, Crypt::Cipher::MULTI2, - Crypt::Cipher::Noekeon, Crypt::Cipher::RC2, Crypt::Cipher::RC5, - Crypt::Cipher::RC6, Crypt::Cipher::SAFERP, - Crypt::Cipher::SAFER_K128, Crypt::Cipher::SAFER_K64, - Crypt::Cipher::SAFER_SK128, Crypt::Cipher::SAFER_SK64, - Crypt::Cipher::SEED, Crypt::Cipher::Skipjack, - Crypt::Cipher::Twofish, Crypt::Cipher::XTEA - - * Block cipher modes - - Crypt::Mode::CBC, Crypt::Mode::CFB, Crypt::Mode::CTR, - Crypt::Mode::ECB, Crypt::Mode::OFB - - * Authenticated encryption modes - - Crypt::AuthEnc::CCM, Crypt::AuthEnc::EAX, Crypt::AuthEnc::GCM, - Crypt::AuthEnc::OCB - - * Hash Functions - see Crypt::Digest and related modules - - Crypt::Digest::CHAES, Crypt::Digest::MD2, Crypt::Digest::MD4, - Crypt::Digest::MD5, Crypt::Digest::RIPEMD128, - Crypt::Digest::RIPEMD160, Crypt::Digest::RIPEMD256, - Crypt::Digest::RIPEMD320, Crypt::Digest::SHA1, - Crypt::Digest::SHA224, Crypt::Digest::SHA256, Crypt::Digest::SHA384, - Crypt::Digest::SHA512, Crypt::Digest::SHA512_224, - Crypt::Digest::SHA512_256, Crypt::Digest::Tiger192, - Crypt::Digest::Whirlpool - - * Message Authentication Codes - - Crypt::Mac::F9, Crypt::Mac::HMAC, Crypt::Mac::OMAC, - Crypt::Mac::Pelican, Crypt::Mac::PMAC, Crypt::Mac::XCBC - - * Public key cryptography - - Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::ECC, Crypt::PK::DH - - * Cryptographically secure random number generators - - Crypt::PRNG, Crypt::PRNG::Fortuna, Crypt::PRNG::Yarrow, - Crypt::PRNG::RC4, Crypt::PRNG::Sober128 - - * Key derivation functions - PBKDF1, PBKFD2 and HKDF - - Crypt::KeyDerivation - -LICENSE - This program is free software; you can redistribute it and/or modify it - under the same terms as Perl itself. - -COPYRIGHT - Copyright (c) 2013-2015 DCIT, a.s. / Karel Miko - diff --git a/README.md b/README.md new file mode 100644 index 0000000..65cdc1d --- /dev/null +++ b/README.md @@ -0,0 +1,73 @@ +# NAME + +CryptX - Cryptographic toolkit (self-contained, no external libraries needed) + +# DESCRIPTION + +Cryptography in CryptX is based on [https://github.com/libtom/libtomcrypt](https://github.com/libtom/libtomcrypt) + +Available modules: + +- Symmetric ciphers - see [Crypt::Cipher](https://metacpan.org/pod/Crypt::Cipher) and related modules + + [Crypt::Cipher::AES](https://metacpan.org/pod/Crypt::Cipher::AES), [Crypt::Cipher::Anubis](https://metacpan.org/pod/Crypt::Cipher::Anubis), [Crypt::Cipher::Blowfish](https://metacpan.org/pod/Crypt::Cipher::Blowfish), [Crypt::Cipher::Camellia](https://metacpan.org/pod/Crypt::Cipher::Camellia), [Crypt::Cipher::CAST5](https://metacpan.org/pod/Crypt::Cipher::CAST5), [Crypt::Cipher::DES](https://metacpan.org/pod/Crypt::Cipher::DES), + [Crypt::Cipher::DES\_EDE](https://metacpan.org/pod/Crypt::Cipher::DES_EDE), [Crypt::Cipher::IDEA](https://metacpan.org/pod/Crypt::Cipher::IDEA), [Crypt::Cipher::KASUMI](https://metacpan.org/pod/Crypt::Cipher::KASUMI), [Crypt::Cipher::Khazad](https://metacpan.org/pod/Crypt::Cipher::Khazad), [Crypt::Cipher::MULTI2](https://metacpan.org/pod/Crypt::Cipher::MULTI2), [Crypt::Cipher::Noekeon](https://metacpan.org/pod/Crypt::Cipher::Noekeon), + [Crypt::Cipher::RC2](https://metacpan.org/pod/Crypt::Cipher::RC2), [Crypt::Cipher::RC5](https://metacpan.org/pod/Crypt::Cipher::RC5), [Crypt::Cipher::RC6](https://metacpan.org/pod/Crypt::Cipher::RC6), [Crypt::Cipher::SAFERP](https://metacpan.org/pod/Crypt::Cipher::SAFERP), [Crypt::Cipher::SAFER\_K128](https://metacpan.org/pod/Crypt::Cipher::SAFER_K128), [Crypt::Cipher::SAFER\_K64](https://metacpan.org/pod/Crypt::Cipher::SAFER_K64), + [Crypt::Cipher::SAFER\_SK128](https://metacpan.org/pod/Crypt::Cipher::SAFER_SK128), [Crypt::Cipher::SAFER\_SK64](https://metacpan.org/pod/Crypt::Cipher::SAFER_SK64), [Crypt::Cipher::SEED](https://metacpan.org/pod/Crypt::Cipher::SEED), [Crypt::Cipher::Serpent](https://metacpan.org/pod/Crypt::Cipher::Serpent), [Crypt::Cipher::Skipjack](https://metacpan.org/pod/Crypt::Cipher::Skipjack), + [Crypt::Cipher::Twofish](https://metacpan.org/pod/Crypt::Cipher::Twofish), [Crypt::Cipher::XTEA](https://metacpan.org/pod/Crypt::Cipher::XTEA) + +- Block cipher modes + + [Crypt::Mode::CBC](https://metacpan.org/pod/Crypt::Mode::CBC), [Crypt::Mode::CFB](https://metacpan.org/pod/Crypt::Mode::CFB), [Crypt::Mode::CTR](https://metacpan.org/pod/Crypt::Mode::CTR), [Crypt::Mode::ECB](https://metacpan.org/pod/Crypt::Mode::ECB), [Crypt::Mode::OFB](https://metacpan.org/pod/Crypt::Mode::OFB) + +- Stream ciphers + + [Crypt::Stream::RC4](https://metacpan.org/pod/Crypt::Stream::RC4), [Crypt::Stream::ChaCha](https://metacpan.org/pod/Crypt::Stream::ChaCha), [Crypt::Stream::Salsa20](https://metacpan.org/pod/Crypt::Stream::Salsa20), [Crypt::Stream::Sober128](https://metacpan.org/pod/Crypt::Stream::Sober128), + [Crypt::Stream::Sosemanuk](https://metacpan.org/pod/Crypt::Stream::Sosemanuk), [Crypt::Stream::Rabbit](https://metacpan.org/pod/Crypt::Stream::Rabbit) + +- Authenticated encryption modes + + [Crypt::AuthEnc::CCM](https://metacpan.org/pod/Crypt::AuthEnc::CCM), [Crypt::AuthEnc::EAX](https://metacpan.org/pod/Crypt::AuthEnc::EAX), [Crypt::AuthEnc::GCM](https://metacpan.org/pod/Crypt::AuthEnc::GCM), [Crypt::AuthEnc::OCB](https://metacpan.org/pod/Crypt::AuthEnc::OCB), [Crypt::AuthEnc::ChaCha20Poly1305](https://metacpan.org/pod/Crypt::AuthEnc::ChaCha20Poly1305) + +- Hash Functions - see [Crypt::Digest](https://metacpan.org/pod/Crypt::Digest) and related modules + + [Crypt::Digest::BLAKE2b\_160](https://metacpan.org/pod/Crypt::Digest::BLAKE2b_160), [Crypt::Digest::BLAKE2b\_256](https://metacpan.org/pod/Crypt::Digest::BLAKE2b_256), [Crypt::Digest::BLAKE2b\_384](https://metacpan.org/pod/Crypt::Digest::BLAKE2b_384), [Crypt::Digest::BLAKE2b\_512](https://metacpan.org/pod/Crypt::Digest::BLAKE2b_512), + [Crypt::Digest::BLAKE2s\_128](https://metacpan.org/pod/Crypt::Digest::BLAKE2s_128), [Crypt::Digest::BLAKE2s\_160](https://metacpan.org/pod/Crypt::Digest::BLAKE2s_160), [Crypt::Digest::BLAKE2s\_224](https://metacpan.org/pod/Crypt::Digest::BLAKE2s_224), [Crypt::Digest::BLAKE2s\_256](https://metacpan.org/pod/Crypt::Digest::BLAKE2s_256), + [Crypt::Digest::CHAES](https://metacpan.org/pod/Crypt::Digest::CHAES), [Crypt::Digest::MD2](https://metacpan.org/pod/Crypt::Digest::MD2), [Crypt::Digest::MD4](https://metacpan.org/pod/Crypt::Digest::MD4), [Crypt::Digest::MD5](https://metacpan.org/pod/Crypt::Digest::MD5), [Crypt::Digest::RIPEMD128](https://metacpan.org/pod/Crypt::Digest::RIPEMD128), [Crypt::Digest::RIPEMD160](https://metacpan.org/pod/Crypt::Digest::RIPEMD160), + [Crypt::Digest::RIPEMD256](https://metacpan.org/pod/Crypt::Digest::RIPEMD256), [Crypt::Digest::RIPEMD320](https://metacpan.org/pod/Crypt::Digest::RIPEMD320), [Crypt::Digest::SHA1](https://metacpan.org/pod/Crypt::Digest::SHA1), [Crypt::Digest::SHA224](https://metacpan.org/pod/Crypt::Digest::SHA224), [Crypt::Digest::SHA256](https://metacpan.org/pod/Crypt::Digest::SHA256), [Crypt::Digest::SHA384](https://metacpan.org/pod/Crypt::Digest::SHA384), + [Crypt::Digest::SHA512](https://metacpan.org/pod/Crypt::Digest::SHA512), [Crypt::Digest::SHA512\_224](https://metacpan.org/pod/Crypt::Digest::SHA512_224), [Crypt::Digest::SHA512\_256](https://metacpan.org/pod/Crypt::Digest::SHA512_256), [Crypt::Digest::Tiger192](https://metacpan.org/pod/Crypt::Digest::Tiger192), [Crypt::Digest::Whirlpool](https://metacpan.org/pod/Crypt::Digest::Whirlpool), + [Crypt::Digest::Keccak224](https://metacpan.org/pod/Crypt::Digest::Keccak224), [Crypt::Digest::Keccak256](https://metacpan.org/pod/Crypt::Digest::Keccak256), [Crypt::Digest::Keccak384](https://metacpan.org/pod/Crypt::Digest::Keccak384), [Crypt::Digest::Keccak512](https://metacpan.org/pod/Crypt::Digest::Keccak512), + [Crypt::Digest::SHA3\_224](https://metacpan.org/pod/Crypt::Digest::SHA3_224), [Crypt::Digest::SHA3\_256](https://metacpan.org/pod/Crypt::Digest::SHA3_256), [Crypt::Digest::SHA3\_384](https://metacpan.org/pod/Crypt::Digest::SHA3_384), [Crypt::Digest::SHA3\_512](https://metacpan.org/pod/Crypt::Digest::SHA3_512), [Crypt::Digest::SHAKE](https://metacpan.org/pod/Crypt::Digest::SHAKE) + +- Checksums + + [Crypt::Checksum::Adler32](https://metacpan.org/pod/Crypt::Checksum::Adler32), [Crypt::Checksum::CRC32](https://metacpan.org/pod/Crypt::Checksum::CRC32) + +- Message Authentication Codes + + [Crypt::Mac::BLAKE2b](https://metacpan.org/pod/Crypt::Mac::BLAKE2b), [Crypt::Mac::BLAKE2s](https://metacpan.org/pod/Crypt::Mac::BLAKE2s), [Crypt::Mac::F9](https://metacpan.org/pod/Crypt::Mac::F9), [Crypt::Mac::HMAC](https://metacpan.org/pod/Crypt::Mac::HMAC), [Crypt::Mac::OMAC](https://metacpan.org/pod/Crypt::Mac::OMAC), + [Crypt::Mac::Pelican](https://metacpan.org/pod/Crypt::Mac::Pelican), [Crypt::Mac::PMAC](https://metacpan.org/pod/Crypt::Mac::PMAC), [Crypt::Mac::XCBC](https://metacpan.org/pod/Crypt::Mac::XCBC), [Crypt::Mac::Poly1305](https://metacpan.org/pod/Crypt::Mac::Poly1305) + +- Public key cryptography + + [Crypt::PK::RSA](https://metacpan.org/pod/Crypt::PK::RSA), [Crypt::PK::DSA](https://metacpan.org/pod/Crypt::PK::DSA), [Crypt::PK::ECC](https://metacpan.org/pod/Crypt::PK::ECC), [Crypt::PK::DH](https://metacpan.org/pod/Crypt::PK::DH) + +- Cryptographically secure random number generators - see [Crypt::PRNG](https://metacpan.org/pod/Crypt::PRNG) and related modules + + [Crypt::PRNG::Fortuna](https://metacpan.org/pod/Crypt::PRNG::Fortuna), [Crypt::PRNG::Yarrow](https://metacpan.org/pod/Crypt::PRNG::Yarrow), [Crypt::PRNG::RC4](https://metacpan.org/pod/Crypt::PRNG::RC4), [Crypt::PRNG::Sober128](https://metacpan.org/pod/Crypt::PRNG::Sober128), [Crypt::PRNG::ChaCha20](https://metacpan.org/pod/Crypt::PRNG::ChaCha20) + +- Key derivation functions - PBKDF1, PBKDF2 and HKDF + + [Crypt::KeyDerivation](https://metacpan.org/pod/Crypt::KeyDerivation) + +- Other handy functions related to cryptography + + [Crypt::Misc](https://metacpan.org/pod/Crypt::Misc) + +# LICENSE + +This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. + +# COPYRIGHT + +Copyright (c) 2013+ DCIT, a.s. [https://www.dcit.cz](https://www.dcit.cz) / Karel Miko diff --git a/inc/CryptX_AuthEnc_CCM.xs.inc b/inc/CryptX_AuthEnc_CCM.xs.inc index 13171b2..312feeb 100644 --- a/inc/CryptX_AuthEnc_CCM.xs.inc +++ b/inc/CryptX_AuthEnc_CCM.xs.inc @@ -1,90 +1,230 @@ MODULE = CryptX PACKAGE = Crypt::AuthEnc::CCM +PROTOTYPES: DISABLE + +Crypt::AuthEnc::CCM +new(Class, char * cipher_name, SV * key, SV * nonce, SV * adata, int tag_len, int pt_len) + CODE: + { + unsigned char *k=NULL; + STRLEN k_len=0; + unsigned char *n=NULL; + STRLEN n_len=0; + unsigned char *h=NULL; + STRLEN h_len=0; + int rv, id; + + if (tag_len < 1 || tag_len > MAXBLOCKSIZE) croak("FATAL: invalid tag_len %d", tag_len); + if (pt_len < 0) croak("FATAL: invalid pt_len"); + if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); + k = (unsigned char *) SvPVbyte(key, k_len); + if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); + n = (unsigned char *) SvPVbyte(nonce, n_len); + if (!SvPOK(adata)) croak("FATAL: adata must be string/buffer scalar"); + h = (unsigned char *) SvPVbyte(adata, h_len); + + id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + + Newz(0, RETVAL, 1, ccm_state); + if (!RETVAL) croak("FATAL: Newz failed"); + + rv = ccm_init(RETVAL, id, k, (int)k_len, (int)pt_len, (int)tag_len, (int)h_len); /* XXX-TODO why int? */ + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: ccm_init failed: %s", error_to_string(rv)); + } + rv = ccm_add_nonce(RETVAL, n, (unsigned long)n_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: ccm_add_nonce failed: %s", error_to_string(rv)); + } + rv = ccm_add_aad(RETVAL, h, (unsigned long)h_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: ccm_add_aad failed: %s", error_to_string(rv)); + } + } + OUTPUT: + RETVAL + void -_memory_encrypt(char *cipher_name, SV *key, SV *nonce, SV *header, unsigned long tag_len, SV *plaintext) +DESTROY(Crypt::AuthEnc::CCM self) + CODE: + Safefree(self); + +Crypt::AuthEnc::CCM +clone(Crypt::AuthEnc::CCM self) + CODE: + Newz(0, RETVAL, 1, ccm_state); + if (!RETVAL) croak("FATAL: Newz failed"); + Copy(self, RETVAL, 1, ccm_state); + OUTPUT: + RETVAL + +SV * +encrypt_add(Crypt::AuthEnc::CCM self, SV * data) + CODE: + { + int rv; + STRLEN in_data_len; + unsigned char *in_data, *out_data; + + in_data = (unsigned char *)SvPVbyte(data, in_data_len); + if (in_data_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ccm_process(self, in_data, (unsigned long)in_data_len, out_data, CCM_ENCRYPT); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ccm_process failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL + +SV * +decrypt_add(Crypt::AuthEnc::CCM self, SV * data) + CODE: + { + int rv; + STRLEN in_data_len; + unsigned char *in_data, *out_data; + + in_data = (unsigned char *)SvPVbyte(data, in_data_len); + if (in_data_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ccm_process(self, out_data, (unsigned long)in_data_len, in_data, CCM_DECRYPT); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ccm_process failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL + +void +encrypt_done(Crypt::AuthEnc::CCM self) PPCODE: { - STRLEN k_len, n_len, h_len, pt_len; - unsigned char *k, *n, *h, *pt; - int rv, id; + int rv; unsigned char tag[MAXBLOCKSIZE]; - SV *ct; - - if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); - if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); - if (!SvPOK(header)) croak("FATAL: header must be string/buffer scalar"); - if (!SvPOK(plaintext)) croak("FATAL: plaintext must be string/buffer scalar"); - k = (unsigned char *) SvPVbyte(key, k_len); - n = (unsigned char *) SvPVbyte(nonce, n_len); - h = (unsigned char *) SvPVbyte(header, h_len); - pt = (unsigned char *) SvPVbyte(plaintext, pt_len); - - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - ct = NEWSV(0, pt_len); - SvPOK_only(ct); - SvCUR_set(ct, pt_len); - - if(tag_len<4 || tag_len>16) tag_len = 16; - - rv = ccm_memory(id, k, (unsigned long)k_len, NULL, n, (unsigned long)n_len, h, (unsigned long)h_len, - pt, (unsigned long)pt_len, (unsigned char *)SvPV_nolen(ct), tag, &tag_len, CCM_ENCRYPT); - if (rv != CRYPT_OK) croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); - - XPUSHs(sv_2mortal(ct)); - XPUSHs(sv_2mortal(newSVpvn((char*)tag,tag_len))); - - /* int ccm_memory( int cipher, - const unsigned char *key, unsigned long keylen, - symmetric_key *uskey, - const unsigned char *nonce, unsigned long noncelen, - const unsigned char *header, unsigned long headerlen, - unsigned char *pt, unsigned long ptlen, - unsigned char *ct, - unsigned char *tag, unsigned long *taglen, - int direction); */ + unsigned long tag_len = MAXBLOCKSIZE; + rv = ccm_done(self, tag, &tag_len); + if (rv != CRYPT_OK) croak("FATAL: ccm_done failed: %s", error_to_string(rv)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } void -_memory_decrypt(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tag) +decrypt_done(Crypt::AuthEnc::CCM self, ...) PPCODE: { - STRLEN k_len, n_len, h_len, ct_len, t_len; - unsigned char *k, *n, *h, *ct, *t; + int rv; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len = MAXBLOCKSIZE; + STRLEN expected_tag_len; + unsigned char *expected_tag; + + rv = ccm_done(self, tag, &tag_len); + if (rv != CRYPT_OK) croak("FATAL: ccm_done failed: %s", error_to_string(rv)); + if (items == 1) { + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + else { + if (!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); + expected_tag = (unsigned char *) SvPVbyte(ST(1), expected_tag_len); + if (expected_tag_len!=tag_len) { + XPUSHs(sv_2mortal(newSViv(0))); /* false */ + } + else if (memNE(expected_tag, tag, tag_len)) { + XPUSHs(sv_2mortal(newSViv(0))); /* false */ + } + else { + XPUSHs(sv_2mortal(newSViv(1))); /* true */ + } + } + } + +void +ccm_encrypt_authenticate(char *cipher_name, SV *key, SV *nonce, SV *header, unsigned long tag_len, SV *plaintext) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, pt_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *pt = NULL; int rv, id; - unsigned char xtag[MAXBLOCKSIZE]; - unsigned long xtag_len; - SV *pt; + unsigned char tag[MAXBLOCKSIZE]; + SV *output; - if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); - if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); - if (!SvPOK(header)) croak("FATAL: header must be string/buffer scalar"); - if (!SvPOK(ciphertext)) croak("FATAL: ciphertext must be string/buffer scalar"); - if (!SvPOK(tag)) croak("FATAL: tag must be string/buffer scalar"); - k = (unsigned char *) SvPVbyte(key, k_len); - n = (unsigned char *) SvPVbyte(nonce, n_len); - h = (unsigned char *) SvPVbyte(header, h_len); - ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); - t = (unsigned char *) SvPVbyte(tag, t_len); + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); - id = find_cipher(cipher_name); + id = _find_cipher(cipher_name); if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - pt = NEWSV(0, ct_len); - SvPOK_only(pt); - SvCUR_set(pt, ct_len); - - xtag_len = (unsigned long)t_len; - Copy(t, xtag, t_len, unsigned char); + output = NEWSV(0, pt_len > 0 ? pt_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, pt_len); + if(tag_len < 4 || tag_len > 16) tag_len = 16; rv = ccm_memory(id, k, (unsigned long)k_len, NULL, n, (unsigned long)n_len, h, (unsigned long)h_len, - (unsigned char *)SvPV_nolen(pt), (unsigned long)ct_len, ct, xtag, &xtag_len, CCM_DECRYPT); + pt, (unsigned long)pt_len, (unsigned char *)SvPVX(output), tag, &tag_len, CCM_ENCRYPT); + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); + } + XPUSHs(sv_2mortal(output)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + +void +ccm_decrypt_verify(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tagsv) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, ct_len = 0, t_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *ct = NULL, *t = NULL; + int rv, id; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(ciphertext)) ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); + if (SvPOK(tagsv)) t = (unsigned char *) SvPVbyte(tagsv, t_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, ct_len > 0 ? ct_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, ct_len); + tag_len = (unsigned long)t_len; + Copy(t, tag, t_len, unsigned char); + + rv = ccm_memory(id, k, (unsigned long)k_len, NULL, n, (unsigned long)n_len, h, (unsigned long)h_len, + (unsigned char *)SvPVX(output), (unsigned long)ct_len, ct, tag, &tag_len, CCM_DECRYPT); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ } else { - XPUSHs(sv_2mortal(pt)); + XPUSHs(sv_2mortal(output)); } } diff --git a/inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc b/inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc index 3e8ed07..8a32ef4 100644 --- a/inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc +++ b/inc/CryptX_AuthEnc_ChaCha20Poly1305.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::AuthEnc::ChaCha20Poly1305 +PROTOTYPES: DISABLE + Crypt::AuthEnc::ChaCha20Poly1305 -_new(SV * key, SV * nonce = NULL) +new(Class, SV * key, SV * nonce = NULL) CODE: { int rv; @@ -15,15 +17,21 @@ _new(SV * key, SV * nonce = NULL) iv = (unsigned char *) SvPVbyte(nonce, iv_len); } - Newz(0, RETVAL, 1, struct chacha20poly1305_struct); + Newz(0, RETVAL, 1, chacha20poly1305_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = chacha20poly1305_init(&RETVAL->state, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_init failed: %s", error_to_string(rv)); + rv = chacha20poly1305_init(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: chacha20poly1305_init failed: %s", error_to_string(rv)); + } if (iv && iv_len > 0) { - rv = chacha20poly1305_setiv(&RETVAL->state, iv, (unsigned long)iv_len); - if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_setiv failed: %s", error_to_string(rv)); + rv = chacha20poly1305_setiv(RETVAL, iv, (unsigned long)iv_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: chacha20poly1305_setiv failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -37,15 +45,15 @@ DESTROY(Crypt::AuthEnc::ChaCha20Poly1305 self) Crypt::AuthEnc::ChaCha20Poly1305 clone(Crypt::AuthEnc::ChaCha20Poly1305 self) CODE: - Newz(0, RETVAL, 1, struct chacha20poly1305_struct); + Newz(0, RETVAL, 1, chacha20poly1305_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct chacha20poly1305_struct); + Copy(self, RETVAL, 1, chacha20poly1305_state); OUTPUT: RETVAL -int +void set_iv(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * nonce) - CODE: + PPCODE: { int rv; STRLEN iv_len=0; @@ -53,16 +61,14 @@ set_iv(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * nonce) if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); iv = (unsigned char *) SvPVbyte(nonce, iv_len); - rv = chacha20poly1305_setiv(&self->state, iv, (unsigned long)iv_len); + rv = chacha20poly1305_setiv(self, iv, (unsigned long)iv_len); if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_setiv failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */; } - OUTPUT: - RETVAL -int +void set_iv_rfc7905(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * nonce, UV seqnum) - CODE: + PPCODE: { int rv; STRLEN iv_len=0; @@ -70,28 +76,24 @@ set_iv_rfc7905(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * nonce, UV seqnum) if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); iv = (unsigned char *) SvPVbyte(nonce, iv_len); - rv = chacha20poly1305_setiv_rfc7905(&self->state, iv, (unsigned long)iv_len, (ulong64)seqnum); + rv = chacha20poly1305_setiv_rfc7905(self, iv, (unsigned long)iv_len, (ulong64)seqnum); if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_setiv_rfc7905 failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */ } - OUTPUT: - RETVAL -int +void adata_add(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * data) - CODE: + PPCODE: { int rv; STRLEN in_data_len; unsigned char *in_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - rv = chacha20poly1305_add_aad(&self->state, in_data, (unsigned long)in_data_len); + rv = chacha20poly1305_add_aad(self, in_data, (unsigned long)in_data_len); if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_add_aad failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */ } - OUTPUT: - RETVAL SV * decrypt_add(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * data) @@ -102,16 +104,19 @@ decrypt_add(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = chacha20poly1305_decrypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_decrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = chacha20poly1305_decrypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: chacha20poly1305_decrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -126,16 +131,19 @@ encrypt_add(Crypt::AuthEnc::ChaCha20Poly1305 self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = chacha20poly1305_encrypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_encrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = chacha20poly1305_encrypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: chacha20poly1305_encrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -149,7 +157,7 @@ encrypt_done(Crypt::AuthEnc::ChaCha20Poly1305 self) unsigned char tag[MAXBLOCKSIZE]; unsigned long tag_len = sizeof(tag); - rv = chacha20poly1305_done(&self->state, tag, &tag_len); + rv = chacha20poly1305_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_done failed: %s", error_to_string(rv)); XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } @@ -164,13 +172,13 @@ decrypt_done(Crypt::AuthEnc::ChaCha20Poly1305 self, ...) STRLEN expected_tag_len; unsigned char *expected_tag; - rv = chacha20poly1305_done(&self->state, tag, &tag_len); + rv = chacha20poly1305_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: chacha20poly1305_done failed: %s", error_to_string(rv)); if (items == 1) { XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } else { - if(!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); + if (!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); expected_tag = (unsigned char *) SvPVbyte(ST(1), expected_tag_len); if (expected_tag_len!=tag_len) { XPUSHs(sv_2mortal(newSViv(0))); /* false */ @@ -183,3 +191,71 @@ decrypt_done(Crypt::AuthEnc::ChaCha20Poly1305 self, ...) } } } + +void +chacha20poly1305_encrypt_authenticate(SV *key, SV *nonce, SV *header, SV *plaintext) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, pt_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *pt = NULL; + int rv; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len = sizeof(tag); + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + output = NEWSV(0, pt_len > 0 ? pt_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, pt_len); + + rv = chacha20poly1305_memory(k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len, + pt, (unsigned long)pt_len, (unsigned char *)SvPVX(output), tag, &tag_len, + CHACHA20POLY1305_ENCRYPT); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); + } + XPUSHs(sv_2mortal(output)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + +void +chacha20poly1305_decrypt_verify(SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tagsv) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, ct_len = 0, t_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *ct = NULL, *t = NULL; + int rv; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(ciphertext)) ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); + if (SvPOK(tagsv)) t = (unsigned char *) SvPVbyte(tagsv, t_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + output = NEWSV(0, ct_len > 0 ? ct_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, ct_len); + tag_len = (unsigned long)t_len; + Copy(t, tag, t_len, unsigned char); + + rv = chacha20poly1305_memory(k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len, + ct, (unsigned long)ct_len, (unsigned char *)SvPVX(output), tag, &tag_len, + CHACHA20POLY1305_DECRYPT); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ + } + else { + XPUSHs(sv_2mortal(output)); + } + } diff --git a/inc/CryptX_AuthEnc_EAX.xs.inc b/inc/CryptX_AuthEnc_EAX.xs.inc index 6a80c08..54762e2 100644 --- a/inc/CryptX_AuthEnc_EAX.xs.inc +++ b/inc/CryptX_AuthEnc_EAX.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::AuthEnc::EAX +PROTOTYPES: DISABLE + Crypt::AuthEnc::EAX -_new(char * cipher_name, SV * key, SV * nonce, SV * adata=&PL_sv_undef) +new(Class, char * cipher_name, SV * key, SV * nonce, SV * adata=&PL_sv_undef) CODE: { STRLEN k_len=0; @@ -10,25 +12,27 @@ _new(char * cipher_name, SV * key, SV * nonce, SV * adata=&PL_sv_undef) STRLEN n_len=0; unsigned char *h=NULL; STRLEN h_len=0; - int id; + int rv, id; if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); k = (unsigned char *) SvPVbyte(key, k_len); if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); n = (unsigned char *) SvPVbyte(nonce, n_len); - if(SvOK(adata)) { /* adata is optional param */ - if(!SvPOK(adata)) croak("FATAL: adata must be string/buffer scalar"); + if (SvOK(adata)) { /* adata is optional param */ + if (!SvPOK(adata)) croak("FATAL: adata must be string/buffer scalar"); h = (unsigned char *) SvPVbyte(adata, h_len); } - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - Newz(0, RETVAL, 1, struct eax_struct); + Newz(0, RETVAL, 1, eax_state); if (!RETVAL) croak("FATAL: Newz failed"); - if (eax_init(&RETVAL->state, id, k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len) != CRYPT_OK) { - croak("FATAL: eax setup failed"); + rv = eax_init(RETVAL, id, k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: eax setup failed: %s", error_to_string(rv)); } } OUTPUT: @@ -42,9 +46,9 @@ DESTROY(Crypt::AuthEnc::EAX self) Crypt::AuthEnc::EAX clone(Crypt::AuthEnc::EAX self) CODE: - Newz(0, RETVAL, 1, struct eax_struct); + Newz(0, RETVAL, 1, eax_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct eax_struct); + Copy(self, RETVAL, 1, eax_state); OUTPUT: RETVAL @@ -57,16 +61,19 @@ encrypt_add(Crypt::AuthEnc::EAX self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = eax_encrypt(&self->state, in_data, out_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: eax_encrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = eax_encrypt(self, in_data, out_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: eax_encrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -81,16 +88,19 @@ decrypt_add(Crypt::AuthEnc::EAX self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = eax_decrypt(&self->state, in_data, out_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: eax_decrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = eax_decrypt(self, in_data, out_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: eax_decrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -104,7 +114,7 @@ encrypt_done(Crypt::AuthEnc::EAX self) unsigned char tag[MAXBLOCKSIZE]; unsigned long tag_len = sizeof(tag); - rv = eax_done(&self->state, tag, &tag_len); + rv = eax_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: eax_done failed: %s", error_to_string(rv)); XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } @@ -119,13 +129,13 @@ decrypt_done(Crypt::AuthEnc::EAX self, ...) STRLEN expected_tag_len; unsigned char *expected_tag; - rv = eax_done(&self->state, tag, &tag_len); + rv = eax_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: eax_done failed: %s", error_to_string(rv)); if (items == 1) { XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } else { - if(!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); + if (!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); expected_tag = (unsigned char *) SvPVbyte(ST(1), expected_tag_len); if (expected_tag_len!=tag_len) { XPUSHs(sv_2mortal(newSViv(0))); /* false */ @@ -139,14 +149,86 @@ decrypt_done(Crypt::AuthEnc::EAX self, ...) } } -int -aad_add(Crypt::AuthEnc::EAX self, SV * adata) - CODE: +void +adata_add(Crypt::AuthEnc::EAX self, SV * adata) + PPCODE: { STRLEN h_len; + int rv; unsigned char *h; h = (unsigned char *)SvPVbyte(adata, h_len); - RETVAL = eax_addheader(&self->state, h, (unsigned long)h_len); + rv = eax_addheader(self, h, (unsigned long)h_len); + if (rv != CRYPT_OK) croak("FATAL: eax_addheader failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ + } + +void +eax_encrypt_authenticate(char *cipher_name, SV *key, SV *nonce, SV *header, SV *plaintext) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, pt_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *pt = NULL; + int rv, id; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len = sizeof(tag); + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, pt_len > 0 ? pt_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, pt_len); + + rv = eax_encrypt_authenticate_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, + h, (unsigned long)h_len, pt, (unsigned long)pt_len, + (unsigned char *)SvPVX(output), tag, &tag_len); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); + } + XPUSHs(sv_2mortal(output)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + +void +eax_decrypt_verify(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tagsv) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, ct_len = 0, t_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *ct = NULL, *t = NULL; + int rv, id, stat = 0; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(ciphertext)) ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); + if (SvPOK(tagsv)) t = (unsigned char *) SvPVbyte(tagsv, t_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, ct_len > 0 ? ct_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, ct_len); + tag_len = (unsigned long)t_len; + Copy(t, tag, t_len, unsigned char); + + rv = eax_decrypt_verify_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len, + ct, (unsigned long)ct_len, (unsigned char *)SvPVX(output), tag, tag_len, &stat); + + if (rv != CRYPT_OK || stat != 1) { + SvREFCNT_dec(output); + XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ + } + else { + XPUSHs(sv_2mortal(output)); + } } - OUTPUT: - RETVAL diff --git a/inc/CryptX_AuthEnc_GCM.xs.inc b/inc/CryptX_AuthEnc_GCM.xs.inc index 232f973..0618a2c 100644 --- a/inc/CryptX_AuthEnc_GCM.xs.inc +++ b/inc/CryptX_AuthEnc_GCM.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::AuthEnc::GCM +PROTOTYPES: DISABLE + Crypt::AuthEnc::GCM -_new(char * cipher_name, SV * key, SV * nonce = NULL) +new(Class, char * cipher_name, SV * key, SV * nonce = NULL) CODE: { STRLEN k_len = 0, iv_len = 0; @@ -15,18 +17,24 @@ _new(char * cipher_name, SV * key, SV * nonce = NULL) iv = (unsigned char *)SvPVbyte(nonce, iv_len); } - id = find_cipher(cipher_name); + id = _find_cipher(cipher_name); if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - Newz(0, RETVAL, 1, struct gcm_struct); + Newz(0, RETVAL, 1, gcm_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = gcm_init(&RETVAL->state, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: gcm_init failed: %s", error_to_string(rv)); + rv = gcm_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: gcm_init failed: %s", error_to_string(rv)); + } if (iv && iv_len > 0) { - rv = gcm_add_iv(&RETVAL->state, iv, (unsigned long)iv_len); - if (rv != CRYPT_OK) croak("FATAL: gcm_add_iv failed: %s", error_to_string(rv)); + rv = gcm_add_iv(RETVAL, iv, (unsigned long)iv_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: gcm_add_iv failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -40,23 +48,21 @@ DESTROY(Crypt::AuthEnc::GCM self) Crypt::AuthEnc::GCM clone(Crypt::AuthEnc::GCM self) CODE: - Newz(0, RETVAL, 1, struct gcm_struct); + Newz(0, RETVAL, 1, gcm_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct gcm_struct); + Copy(self, RETVAL, 1, gcm_state); OUTPUT: RETVAL -int +void reset(Crypt::AuthEnc::GCM self) - CODE: + PPCODE: { int rv; - rv = gcm_reset(&self->state); + rv = gcm_reset(self); if (rv != CRYPT_OK) croak("FATAL: gcm_reset failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */ } - OUTPUT: - RETVAL SV * encrypt_add(Crypt::AuthEnc::GCM self, SV * data) @@ -67,53 +73,52 @@ encrypt_add(Crypt::AuthEnc::GCM self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = gcm_process(&self->state, in_data, (unsigned long)in_data_len, out_data, GCM_ENCRYPT); - if (rv != CRYPT_OK) croak("FATAL: encrypt_add/gcm_process failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = gcm_process(self, in_data, (unsigned long)in_data_len, out_data, GCM_ENCRYPT); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: encrypt_add/gcm_process failed: %s", error_to_string(rv)); + } } } OUTPUT: RETVAL -int +void iv_add(Crypt::AuthEnc::GCM self, SV * data) - CODE: + PPCODE: { int rv; STRLEN in_data_len; unsigned char *in_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - rv = gcm_add_iv(&self->state, in_data, (unsigned long)in_data_len); + rv = gcm_add_iv(self, in_data, (unsigned long)in_data_len); if (rv != CRYPT_OK) croak("FATAL: gcm_add_iv failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */ } - OUTPUT: - RETVAL -int +void adata_add(Crypt::AuthEnc::GCM self, SV * data) - CODE: + PPCODE: { int rv; STRLEN in_data_len; unsigned char *in_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - rv = gcm_add_aad(&self->state, in_data, (unsigned long)in_data_len); + rv = gcm_add_aad(self, in_data, (unsigned long)in_data_len); if (rv != CRYPT_OK) croak("FATAL: gcm_add_aad failed: %s", error_to_string(rv)); - RETVAL = rv; + XPUSHs(ST(0)); /* return self */ } - OUTPUT: - RETVAL SV * decrypt_add(Crypt::AuthEnc::GCM self, SV * data) @@ -124,16 +129,19 @@ decrypt_add(Crypt::AuthEnc::GCM self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = gcm_process(&self->state, out_data, (unsigned long)in_data_len, in_data, GCM_DECRYPT); - if (rv != CRYPT_OK) croak("FATAL: encrypt_add/gcm_process failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = gcm_process(self, out_data, (unsigned long)in_data_len, in_data, GCM_DECRYPT); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: encrypt_add/gcm_process failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -148,7 +156,7 @@ encrypt_done(Crypt::AuthEnc::GCM self) unsigned char tag[MAXBLOCKSIZE]; unsigned long tag_len = sizeof(tag); - rv = gcm_done(&self->state, tag, &tag_len); + rv = gcm_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: gcm_done failed: %s", error_to_string(rv)); XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } @@ -163,13 +171,13 @@ decrypt_done(Crypt::AuthEnc::GCM self, ...) STRLEN expected_tag_len; unsigned char *expected_tag; - rv = gcm_done(&self->state, tag, &tag_len); + rv = gcm_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: gcm_done failed: %s", error_to_string(rv)); if (items == 1) { XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } else { - if(!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); + if (!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); expected_tag = (unsigned char *) SvPVbyte(ST(1), expected_tag_len); if (expected_tag_len!=tag_len) { XPUSHs(sv_2mortal(newSViv(0))); /* false */ @@ -182,3 +190,73 @@ decrypt_done(Crypt::AuthEnc::GCM self, ...) } } } + +void +gcm_encrypt_authenticate(char *cipher_name, SV *key, SV *nonce, SV *header = NULL, SV *plaintext) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, pt_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *pt = NULL; + int rv, id; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len = sizeof(tag); + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, pt_len > 0 ? pt_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, pt_len); + + rv = gcm_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len, + pt, (unsigned long)pt_len, (unsigned char *)SvPVX(output), tag, &tag_len, GCM_ENCRYPT); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); + } + XPUSHs(sv_2mortal(output)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + +void +gcm_decrypt_verify(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tagsv) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, ct_len = 0, t_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *ct = NULL, *t = NULL; + int rv, id; + unsigned char tag[MAXBLOCKSIZE]; + unsigned long tag_len; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(ciphertext)) ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); + if (SvPOK(tagsv)) t = (unsigned char *) SvPVbyte(tagsv, t_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, ct_len > 0 ? ct_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, ct_len); + tag_len = (unsigned long)t_len; + Copy(t, tag, t_len, unsigned char); + + rv = gcm_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, h, (unsigned long)h_len, + (unsigned char *)SvPVX(output), (unsigned long)ct_len, ct, tag, &tag_len, GCM_DECRYPT); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ + } + else { + XPUSHs(sv_2mortal(output)); + } + } diff --git a/inc/CryptX_AuthEnc_OCB.xs.inc b/inc/CryptX_AuthEnc_OCB.xs.inc index 4e6ba09..8d06e34 100644 --- a/inc/CryptX_AuthEnc_OCB.xs.inc +++ b/inc/CryptX_AuthEnc_OCB.xs.inc @@ -1,28 +1,32 @@ MODULE = CryptX PACKAGE = Crypt::AuthEnc::OCB +PROTOTYPES: DISABLE + Crypt::AuthEnc::OCB -_new(char * cipher_name, SV * key, SV * nonce) +new(Class, char * cipher_name, SV * key, SV * nonce, unsigned long taglen) CODE: { STRLEN k_len=0; unsigned char *k=NULL; unsigned char *n=NULL; STRLEN n_len=0; - int id; + int rv, id; if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); k = (unsigned char *) SvPVbyte(key, k_len); if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); n = (unsigned char *) SvPVbyte(nonce, n_len); - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - Newz(0, RETVAL, 1, struct ocb_struct); + Newz(0, RETVAL, 1, ocb3_state); if (!RETVAL) croak("FATAL: Newz failed"); - if (ocb3_init(&RETVAL->state, id, k, (unsigned long)k_len, n, (unsigned long)n_len) != CRYPT_OK) { - croak("FATAL: ocb setup failed"); + rv = ocb3_init(RETVAL, id, k, (unsigned long)k_len, n, (unsigned long)n_len, taglen); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: ocb setup failed: %s", error_to_string(rv)); } } OUTPUT: @@ -36,15 +40,15 @@ DESTROY(Crypt::AuthEnc::OCB self) Crypt::AuthEnc::OCB clone(Crypt::AuthEnc::OCB self) CODE: - Newz(0, RETVAL, 1, struct ocb_struct); + Newz(0, RETVAL, 1, ocb3_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct ocb_struct); + Copy(self, RETVAL, 1, ocb3_state); OUTPUT: RETVAL void -aad_add(Crypt::AuthEnc::OCB self, SV * data) - CODE: +adata_add(Crypt::AuthEnc::OCB self, SV * data) + PPCODE: { int rv; STRLEN in_data_len; @@ -53,9 +57,10 @@ aad_add(Crypt::AuthEnc::OCB self, SV * data) in_data = (unsigned char *)SvPVbyte(data, in_data_len); if (in_data_len>0) { - rv = ocb3_add_aad(&self->state, in_data, (unsigned long)in_data_len); + rv = ocb3_add_aad(self, in_data, (unsigned long)in_data_len); if (rv != CRYPT_OK) croak("FATAL: ocb3_add_aad failed: %s", error_to_string(rv)); } + XPUSHs(ST(0)); /* return self */ } SV * @@ -67,20 +72,22 @@ encrypt_add(Crypt::AuthEnc::OCB self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + if (in_data_len % 16) { + croak ("FATAL: sizeof(data) should be multiple of 16"); + } + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (in_data_len % (&self->state)->block_len) - croak ("FATAL: sizeof(data) should be multiple of blocksize (%d)", (&self->state)->block_len); - - rv = ocb3_encrypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: ocb3_encrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ocb3_encrypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ocb3_encrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -95,18 +102,24 @@ encrypt_last(Crypt::AuthEnc::OCB self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - RETVAL = NEWSV(0, in_data_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); + if (in_data_len == 0) { + rv = ocb3_encrypt_last(self, in_data, 0, NULL); + if (rv != CRYPT_OK) { + croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); + } + RETVAL = newSVpvn("", 0); } else { - RETVAL = newSVpvn("", 0); - out_data = NULL; + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ocb3_encrypt_last(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); + } } - rv = ocb3_encrypt_last(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); } OUTPUT: RETVAL @@ -120,20 +133,22 @@ decrypt_add(Crypt::AuthEnc::OCB self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + if (in_data_len % 16) { + croak ("FATAL: sizeof(data) should be multiple of 16"); + } + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (in_data_len % (&self->state)->block_len) - croak ("FATAL: sizeof(data) should be multiple of blocksize (%d)", (&self->state)->block_len); - - rv = ocb3_decrypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: ocb3_decrypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ocb3_decrypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ocb3_decrypt failed: %s", error_to_string(rv)); + } } } OUTPUT: @@ -148,18 +163,24 @@ decrypt_last(Crypt::AuthEnc::OCB self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - RETVAL = NEWSV(0, in_data_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); + if (in_data_len == 0) { + rv = ocb3_decrypt_last(self, in_data, 0, NULL); + if (rv != CRYPT_OK) { + croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); + } + RETVAL = newSVpvn("", 0); } else { - RETVAL = newSVpvn("", 0); - out_data = NULL; + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = ocb3_decrypt_last(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); + } } - rv = ocb3_decrypt_last(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: ocb3_encrypt_last failed: %s", error_to_string(rv)); } OUTPUT: RETVAL @@ -172,7 +193,7 @@ encrypt_done(Crypt::AuthEnc::OCB self) unsigned char tag[MAXBLOCKSIZE]; unsigned long tag_len = sizeof(tag); - rv = ocb3_done(&self->state, tag, &tag_len); + rv = ocb3_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: ocb3_done_encrypt failed: %s", error_to_string(rv)); XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); @@ -188,13 +209,13 @@ decrypt_done(Crypt::AuthEnc::OCB self, ...) STRLEN expected_tag_len; unsigned char *expected_tag; - rv = ocb3_done(&self->state, tag, &tag_len); + rv = ocb3_done(self, tag, &tag_len); if (rv != CRYPT_OK) croak("FATAL: ocb3_done_decrypt failed: %s", error_to_string(rv)); if (items == 1) { XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); } else { - if(!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); + if (!SvPOK(ST(1))) croak("FATAL: expected_tag must be string/buffer scalar"); expected_tag = (unsigned char *) SvPVbyte(ST(1), expected_tag_len); if (expected_tag_len!=tag_len) { XPUSHs(sv_2mortal(newSViv(0))); /* false */ @@ -208,11 +229,70 @@ decrypt_done(Crypt::AuthEnc::OCB self, ...) } } -int -blocksize(Crypt::AuthEnc::OCB self) - CODE: +void +ocb_encrypt_authenticate(char *cipher_name, SV *key, SV *nonce, SV *header, unsigned long tag_len, SV *plaintext) + PPCODE: { - RETVAL = (&self->state)->block_len; + STRLEN k_len = 0, n_len = 0, h_len = 0, pt_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *pt = NULL; + int rv, id; + unsigned char tag[MAXBLOCKSIZE]; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(plaintext)) pt = (unsigned char *) SvPVbyte(plaintext, pt_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, pt_len > 0 ? pt_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, pt_len); + if(tag_len < 4 || tag_len > 16) tag_len = 16; + + rv = ocb3_encrypt_authenticate_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, + h, (unsigned long)h_len, pt, (unsigned long)pt_len, + (unsigned char *)SvPVX(output), tag, &tag_len); + + if (rv != CRYPT_OK) { + SvREFCNT_dec(output); + croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); + } + XPUSHs(sv_2mortal(output)); + XPUSHs(sv_2mortal(newSVpvn((char*)tag, tag_len))); + } + +void +ocb_decrypt_verify(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tagsv) + PPCODE: + { + STRLEN k_len = 0, n_len = 0, h_len = 0, ct_len = 0, t_len = 0; + unsigned char *k = NULL, *n = NULL, *h = NULL, *ct = NULL, *t = NULL; + int rv, id, stat = 0; + SV *output; + + if (SvPOK(key)) k = (unsigned char *) SvPVbyte(key, k_len); + if (SvPOK(nonce)) n = (unsigned char *) SvPVbyte(nonce, n_len); + if (SvPOK(ciphertext)) ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); + if (SvPOK(tagsv)) t = (unsigned char *) SvPVbyte(tagsv, t_len); + if (SvPOK(header)) h = (unsigned char *) SvPVbyte(header, h_len); + + id = _find_cipher(cipher_name); + if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + output = NEWSV(0, ct_len > 0 ? ct_len : 1); /* avoid zero! */ + SvPOK_only(output); + SvCUR_set(output, ct_len); + + rv = ocb3_decrypt_verify_memory(id, k, (unsigned long)k_len, n, (unsigned long)n_len, + h, (unsigned long)h_len, ct, (unsigned long)ct_len, + (unsigned char *)SvPVX(output), t, (unsigned long)t_len, &stat); + + if (rv != CRYPT_OK || stat != 1) { + SvREFCNT_dec(output); + XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ + } + else { + XPUSHs(sv_2mortal(output)); + } } - OUTPUT: - RETVAL diff --git a/inc/CryptX_BigInt_LTM.xs.inc b/inc/CryptX_BigInt_LTM.xs.inc index e321c38..db76010 100644 --- a/inc/CryptX_BigInt_LTM.xs.inc +++ b/inc/CryptX_BigInt_LTM.xs.inc @@ -1,5 +1,6 @@ MODULE = CryptX PACKAGE = Math::BigInt::LTM +PROTOTYPES: DISABLE ############################################################################## # _new() diff --git a/inc/CryptX_Checksum_Adler32.xs.inc b/inc/CryptX_Checksum_Adler32.xs.inc index 5a95e72..eb30b81 100644 --- a/inc/CryptX_Checksum_Adler32.xs.inc +++ b/inc/CryptX_Checksum_Adler32.xs.inc @@ -1,11 +1,15 @@ MODULE = CryptX PACKAGE = Crypt::Checksum::Adler32 +PROTOTYPES: DISABLE + Crypt::Checksum::Adler32 new(Class) CODE: + { Newz(0, RETVAL, 1, adler32_state); if (!RETVAL) croak("FATAL: Newz failed"); - adler32_init(RETVAL); + adler32_init(RETVAL); /* returns void */ + } OUTPUT: RETVAL @@ -16,8 +20,11 @@ DESTROY(Crypt::Checksum::Adler32 self) void reset(Crypt::Checksum::Adler32 self) - CODE: - adler32_init(self); + PPCODE: + { + adler32_init(self); /* returns void */ + XPUSHs(ST(0)); /* return self */ + } Crypt::Checksum::Adler32 clone(Crypt::Checksum::Adler32 self) @@ -37,34 +44,76 @@ add(Crypt::Checksum::Adler32 self, ...) unsigned char *in; for(i=1; i0) adler32_update(self, in, (unsigned long)inlen); + if (inlen > 0) { + adler32_update(self, in, (unsigned long)inlen); /* returns void */ + } } XPUSHs(ST(0)); /* return self */ } SV * digest(Crypt::Checksum::Adler32 self) + ALIAS: + hexdigest = 1 + intdigest = 2 CODE: { - unsigned char hash[4]; - adler32_finish(self, hash, 4); - RETVAL = newSVpvn((char *) hash, 4); + int rv; + unsigned char hash[4], out[8]; + unsigned long outlen = 8; + unsigned int ui32; + + adler32_finish(self, hash, 4); /* returns void */ + if (ix == 1) { + rv = _base16_encode(hash, 4, out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *)out, outlen); + } + else if (ix == 2) { + LOAD32H(ui32, hash); + RETVAL = newSVuv(ui32); + } + else { + RETVAL = newSVpvn((char *) hash, 4); + } } OUTPUT: RETVAL SV * -hexdigest(Crypt::Checksum::Adler32 self) +adler32_data(...) + ALIAS: + adler32_data_hex = 1 + adler32_data_int = 2 CODE: { - unsigned long i; - unsigned char hash[4]; - char hash_hex[4*2 + 1]; - adler32_finish(self, hash, 4); - hash_hex[0] = '\0'; - for(i=0; i<4; i++) sprintf(&hash_hex[2*i], "%02x", hash[i]); - RETVAL = newSVpvn(hash_hex, strlen(hash_hex)); + adler32_state st; + int rv, j; + unsigned char hash[4], out[8], *in; + unsigned long outlen = 8; + unsigned int ui32; + STRLEN inlen; + + adler32_init(&st); + for(j = 0; j < items; j++) { + in = (unsigned char *)SvPVbyte(ST(j), inlen); + if (inlen > 0) { + adler32_update(&st, in, (unsigned long)inlen); /* returns void */ + } + } + adler32_finish(&st, hash, 4); /* returns void */ + if (ix == 1) { + rv = _base16_encode(hash, 4, out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *)out, outlen); + } + else if (ix == 2) { + LOAD32H(ui32, hash); + RETVAL = newSVuv(ui32); + } + else { + RETVAL = newSVpvn((char *) hash, 4); + } } OUTPUT: RETVAL - diff --git a/inc/CryptX_Checksum_CRC32.xs.inc b/inc/CryptX_Checksum_CRC32.xs.inc index 42e47ea..3c86e7c 100644 --- a/inc/CryptX_Checksum_CRC32.xs.inc +++ b/inc/CryptX_Checksum_CRC32.xs.inc @@ -1,11 +1,15 @@ MODULE = CryptX PACKAGE = Crypt::Checksum::CRC32 +PROTOTYPES: DISABLE + Crypt::Checksum::CRC32 new(Class) CODE: + { Newz(0, RETVAL, 1, crc32_state); if (!RETVAL) croak("FATAL: Newz failed"); - crc32_init(RETVAL); + crc32_init(RETVAL); /* returns void */ + } OUTPUT: RETVAL @@ -16,8 +20,11 @@ DESTROY(Crypt::Checksum::CRC32 self) void reset(Crypt::Checksum::CRC32 self) - CODE: - crc32_init(self); + PPCODE: + { + crc32_init(self); /* returns void */ + XPUSHs(ST(0)); /* return self */ + } Crypt::Checksum::CRC32 clone(Crypt::Checksum::CRC32 self) @@ -37,34 +44,76 @@ add(Crypt::Checksum::CRC32 self, ...) unsigned char *in; for(i=1; i0) crc32_update(self, in, (unsigned long)inlen); + if (inlen > 0) { + crc32_update(self, in, (unsigned long)inlen); /* returns void */ + } } XPUSHs(ST(0)); /* return self */ } SV * digest(Crypt::Checksum::CRC32 self) + ALIAS: + hexdigest = 1 + intdigest = 2 CODE: { - unsigned char hash[4]; - crc32_finish(self, hash, 4); - RETVAL = newSVpvn((char *) hash, 4); + int rv; + unsigned char hash[4], out[8]; + unsigned long outlen = 8; + unsigned int ui32; + + crc32_finish(self, hash, 4); /* returns void */ + if (ix == 1) { + rv = _base16_encode(hash, 4, out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *)out, outlen); + } + else if (ix == 2) { + LOAD32H(ui32, hash); + RETVAL = newSVuv(ui32); + } + else { + RETVAL = newSVpvn((char *) hash, 4); + } } OUTPUT: RETVAL SV * -hexdigest(Crypt::Checksum::CRC32 self) +crc32_data(...) + ALIAS: + crc32_data_hex = 1 + crc32_data_int = 2 CODE: { - unsigned long i; - unsigned char hash[4]; - char hash_hex[4*2 + 1]; - crc32_finish(self, hash, 4); - hash_hex[0] = '\0'; - for(i=0; i<4; i++) sprintf(&hash_hex[2*i], "%02x", hash[i]); - RETVAL = newSVpvn(hash_hex, strlen(hash_hex)); + crc32_state st; + int rv, j; + unsigned char hash[4], out[8], *in; + unsigned long outlen = 8; + unsigned int ui32; + STRLEN inlen; + + crc32_init(&st); + for(j = 0; j < items; j++) { + in = (unsigned char *)SvPVbyte(ST(j), inlen); + if (inlen > 0) { + crc32_update(&st, in, (unsigned long)inlen); /* returns void */ + } + } + crc32_finish(&st, hash, 4); /* returns void */ + if (ix == 1) { + rv = _base16_encode(hash, 4, out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *)out, outlen); + } + else if (ix == 2) { + LOAD32H(ui32, hash); + RETVAL = newSVuv(ui32); + } + else { + RETVAL = newSVpvn((char *) hash, 4); + } } OUTPUT: RETVAL - diff --git a/inc/CryptX_Cipher.xs.inc b/inc/CryptX_Cipher.xs.inc index 3f24acf..70d30d4 100644 --- a/inc/CryptX_Cipher.xs.inc +++ b/inc/CryptX_Cipher.xs.inc @@ -1,188 +1,187 @@ MODULE = CryptX PACKAGE = Crypt::Cipher +PROTOTYPES: DISABLE + Crypt::Cipher -_new(cipher_name, key, rounds=0) - char * cipher_name - SV * key - int rounds +new(char * class, ...) CODE: { STRLEN key_len; - unsigned char *key_data=NULL; - int rv; - int id; + unsigned char *key_data = NULL; + SV *key; + char *cipher_name; + int rv, id, rounds = 0, idx; + + /* we need to handle: + Crypt::Cipher->new('AES'); + Crypt::Cipher::AES->new(); + */ + idx = strcmp("Crypt::Cipher", class) == 0 ? 1 : 0; + if (idx + 1 > items) croak("FATAL: missing argument"); + cipher_name = SvPVX(ST(idx)); + key = ST(idx + 1); + if (idx + 3 <= items) rounds = (int)SvIV(ST(idx + 2)); if (!SvPOK (key)) croak("FATAL: key must be string scalar"); key_data = (unsigned char *)SvPVbyte(key, key_len); - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); Newz(0, RETVAL, 1, struct cipher_struct); if (!RETVAL) croak("FATAL: Newz failed"); - RETVAL->id = id; RETVAL->desc = &cipher_descriptor[id]; rv = RETVAL->desc->setup(key_data, (int)key_len, rounds, &RETVAL->skey); - if(rv!=CRYPT_OK) croak("FATAL: cipher setup failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: cipher setup failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL void -DESTROY(self) - Crypt::Cipher self +DESTROY(Crypt::Cipher self) CODE: Safefree(self); -int -_max_keysize(self, ...) - Crypt::Cipher self - CODE: - RETVAL = self->desc->max_key_length; - OUTPUT: - RETVAL - -int -_min_keysize(self, ...) - Crypt::Cipher self - CODE: - RETVAL = self->desc->min_key_length; - OUTPUT: - RETVAL - -int -_blocksize(self, ...) - Crypt::Cipher self - CODE: - RETVAL = self->desc->block_length; - OUTPUT: - RETVAL - -int -_default_rounds(self, ...) - Crypt::Cipher self - CODE: - RETVAL = self->desc->default_rounds; - OUTPUT: - RETVAL - SV * -encrypt(self, data) - Crypt::Cipher self - SV * data +encrypt(Crypt::Cipher self, SV * data) CODE: { int rv; STRLEN len; void *plaintext = SvPVbyte(data, len); - if (len==0) + if (len == 0) { RETVAL = newSVpvn("", 0); - else if (len % self->desc->block_length) - croak ("FATAL: sizeof(data) should be multiple of blocksize (%d)", self->desc->block_length); - else { - /* idea from Crypt::Rijndael */ - RETVAL = NEWSV(0, len); + } + else if (len == (STRLEN)self->desc->block_length) { + RETVAL = NEWSV(0, len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, len); - rv = self->desc->ecb_encrypt((unsigned char *)plaintext, (unsigned char *)SvPV_nolen(RETVAL), &self->skey); - if (rv!=CRYPT_OK) croak("FATAL: encrypt failed: %s", error_to_string(rv)); + rv = self->desc->ecb_encrypt((unsigned char *)plaintext, (unsigned char *)SvPVX(RETVAL), &self->skey); + if (rv!=CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: encrypt failed: %s", error_to_string(rv)); + } + } + else { + croak ("FATAL: input size not equal to blocksize (%d)", self->desc->block_length); } } OUTPUT: RETVAL SV * -decrypt(self, data) - Crypt::Cipher self - SV * data +decrypt(Crypt::Cipher self, SV * data) CODE: { int rv; STRLEN len; void *ciphertext = SvPVbyte(data, len); - if (len==0) + if (len == 0) { RETVAL = newSVpvn("", 0); - else if (len % self->desc->block_length) - croak ("FATAL: sizeof(data) should be multiple of blocksize (%d)", self->desc->block_length); - else { - /* idea from Crypt::Rijndael */ - RETVAL = NEWSV(0, len); + } + else if (len == (STRLEN)self->desc->block_length) { + RETVAL = NEWSV(0, len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, len); - rv = self->desc->ecb_decrypt((unsigned char *)ciphertext, (unsigned char *)SvPV_nolen(RETVAL), &self->skey); - if (rv!=CRYPT_OK) croak("FATAL: decrypt failed: %s", error_to_string(rv)); + rv = self->desc->ecb_decrypt((unsigned char *)ciphertext, (unsigned char *)SvPVX(RETVAL), &self->skey); + if (rv!=CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: decrypt failed: %s", error_to_string(rv)); + } + } + else { + croak ("FATAL: input size not equal to blocksize (%d)", self->desc->block_length); } } OUTPUT: RETVAL int -_block_length_by_name(cipher_name) - char * cipher_name +blocksize(SV * param, char * extra = NULL) CODE: { - int rv, id; - - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - rv = cipher_descriptor[id].block_length; - if (!rv) XSRETURN_UNDEF; - RETVAL = rv; + if (sv_isobject(param) && sv_derived_from(param, "Crypt::Cipher")) { + IV tmp = SvIV((SV*)SvRV(param)); + Crypt__Cipher obj = INT2PTR(Crypt__Cipher, tmp); + RETVAL = obj->desc->block_length; + } + else { + char *name = SvPOK(param) && strcmp(SvPVX(param), "Crypt::Cipher") ? SvPVX(param) : extra; + int rv, id = _find_cipher(name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", name); + rv = cipher_descriptor[id].block_length; + if (!rv) croak("FATAL: invalid block_length for '%s'", name); + RETVAL = rv; + } } OUTPUT: RETVAL int -_min_key_length_by_name(cipher_name) - char * cipher_name +max_keysize(SV * param, char * extra = NULL) CODE: { - int rv, id; - - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - rv = cipher_descriptor[id].min_key_length; - if (!rv) XSRETURN_UNDEF; - RETVAL = rv; + if (sv_isobject(param) && sv_derived_from(param, "Crypt::Cipher")) { + IV tmp = SvIV((SV*)SvRV(param)); + Crypt__Cipher obj = INT2PTR(Crypt__Cipher, tmp); + RETVAL = obj->desc->max_key_length; + } + else { + char *name = SvPOK(param) && strcmp(SvPVX(param), "Crypt::Cipher") ? SvPVX(param) : extra; + int rv, id = _find_cipher(name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", name); + rv = cipher_descriptor[id].max_key_length; + if (!rv) croak("FATAL: invalid max_key_length for '%s'", name); + RETVAL = rv; + } } OUTPUT: RETVAL int -_max_key_length_by_name(cipher_name) - char * cipher_name +min_keysize(SV * param, char * extra = NULL) CODE: { - int rv, id; - - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - rv = cipher_descriptor[id].max_key_length; - if (!rv) XSRETURN_UNDEF; - RETVAL = rv; + if (sv_isobject(param) && sv_derived_from(param, "Crypt::Cipher")) { + IV tmp = SvIV((SV*)SvRV(param)); + Crypt__Cipher obj = INT2PTR(Crypt__Cipher, tmp); + RETVAL = obj->desc->min_key_length; + } + else { + char *name = SvPOK(param) && strcmp(SvPVX(param), "Crypt::Cipher") ? SvPVX(param) : extra; + int rv, id = _find_cipher(name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", name); + rv = cipher_descriptor[id].min_key_length; + if (!rv) croak("FATAL: invalid min_key_length for '%s'", name); + RETVAL = rv; + } } OUTPUT: RETVAL int -_default_rounds_by_name(cipher_name) - char * cipher_name +default_rounds(SV * param, char * extra = NULL) CODE: { - int rv, id; - - id = find_cipher(cipher_name); - if(id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); - - rv = cipher_descriptor[id].default_rounds; - if (!rv) XSRETURN_UNDEF; - RETVAL = rv; + if (sv_isobject(param) && sv_derived_from(param, "Crypt::Cipher")) { + IV tmp = SvIV((SV*)SvRV(param)); + Crypt__Cipher obj = INT2PTR(Crypt__Cipher, tmp); + RETVAL = obj->desc->default_rounds; + } + else { + char *name = SvPOK(param) && strcmp(SvPVX(param), "Crypt::Cipher") ? SvPVX(param) : extra; + int rv, id = _find_cipher(name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", name); + rv = cipher_descriptor[id].default_rounds; + if (!rv) XSRETURN_UNDEF; + RETVAL = rv; + } } OUTPUT: RETVAL diff --git a/inc/CryptX_Digest.xs.inc b/inc/CryptX_Digest.xs.inc index 26e63ce..8a97c1a 100644 --- a/inc/CryptX_Digest.xs.inc +++ b/inc/CryptX_Digest.xs.inc @@ -1,48 +1,51 @@ MODULE = CryptX PACKAGE = Crypt::Digest +PROTOTYPES: DISABLE + Crypt::Digest -_new(digest_name) - char * digest_name +new(char * cname, char * pname = NULL) CODE: { int rv; int id; + char *digest_name = strcmp(cname, "Crypt::Digest") == 0 ? pname : cname; - id = find_hash(digest_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", digest_name); + id = _find_hash(digest_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", digest_name); Newz(0, RETVAL, 1, struct digest_struct); if (!RETVAL) croak("FATAL: Newz failed"); - RETVAL->id = id; RETVAL->desc = &hash_descriptor[id]; rv = RETVAL->desc->init(&RETVAL->state); - if(rv!=CRYPT_OK) croak("FATAL: digest setup failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: digest setup failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL void -DESTROY(self) - Crypt::Digest self +DESTROY(Crypt::Digest self) CODE: Safefree(self); void -reset(self) - Crypt::Digest self - CODE: +reset(Crypt::Digest self) + PPCODE: { int rv; rv = self->desc->init(&self->state); if (rv != CRYPT_OK) croak("FATAL: digest init failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ } Crypt::Digest -clone(self) - Crypt::Digest self +clone(Crypt::Digest self) CODE: Newz(0, RETVAL, 1, struct digest_struct); + if (!RETVAL) croak("FATAL: Newz failed"); Copy(&self->state, &RETVAL->state, 1, struct digest_struct); OUTPUT: RETVAL @@ -55,9 +58,9 @@ add(Crypt::Digest self, ...) int rv, i; unsigned char *in; - for(i=1; i0) { + if (inlen > 0) { rv = self->desc->process(&self->state, in, (unsigned long)inlen); if (rv != CRYPT_OK) croak("FATAL: digest process failed: %s", error_to_string(rv)); } @@ -66,104 +69,118 @@ add(Crypt::Digest self, ...) } SV * -digest(self) - Crypt::Digest self - CODE: - { - unsigned char hash[MAXBLOCKSIZE]; - int rv; - - rv = self->desc->done(&self->state, hash); - if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) hash, self->desc->hashsize); - } - OUTPUT: - RETVAL - -SV * -hexdigest(self) - Crypt::Digest self - CODE: - { - int rv; - unsigned long i; - unsigned char hash[MAXBLOCKSIZE]; - char hash_hex[MAXBLOCKSIZE*2 + 1]; - - rv = self->desc->done(&self->state, hash); - if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); - - hash_hex[0] = '\0'; - for(i=0; idesc->hashsize; i++) - sprintf(&hash_hex[2*i], "%02x", hash[i]); - RETVAL = newSVpvn(hash_hex, strlen(hash_hex)); - } - OUTPUT: - RETVAL - -SV * -b64digest(self) - Crypt::Digest self +digest(Crypt::Digest self) + ALIAS: + hexdigest = 1 + b64digest = 2 + b64udigest = 3 CODE: { int rv; unsigned long outlen; unsigned char hash[MAXBLOCKSIZE]; - char hash_base64[MAXBLOCKSIZE*2 + 1]; + char out[MAXBLOCKSIZE*2]; rv = self->desc->done(&self->state, hash); if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); - outlen = sizeof(hash_base64); - rv = base64_encode(hash, self->desc->hashsize, (unsigned char *)hash_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(hash_base64, outlen); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else if (ix == 2) { + rv = base64_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else if (ix == 1) { + rv = _base16_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char *) hash, self->desc->hashsize); + } } OUTPUT: RETVAL SV * -b64udigest(self) - Crypt::Digest self +digest_data(char * digest_name, ...) + ALIAS: + digest_data_hex = 1 + digest_data_b64 = 2 + digest_data_b64u = 3 CODE: { - int rv; - unsigned long outlen; - unsigned char hash[MAXBLOCKSIZE]; - char hash_base64[MAXBLOCKSIZE*2 + 1]; + STRLEN inlen; + int rv, id, i; + unsigned char *in, hash[MAXBLOCKSIZE]; + unsigned long len = sizeof(hash), outlen; + char out[MAXBLOCKSIZE*2]; + hash_state md; - rv = self->desc->done(&self->state, hash); + id = _find_hash(digest_name); + if (id == -1) croak("FATAL: find_digest failed for '%s'", digest_name); + + /* digest_data("SHA1", $data1, $data2, $data3); */ + len = hash_descriptor[id].hashsize; + rv = hash_descriptor[id].init(&md); + if (rv != CRYPT_OK) croak("FATAL: digest init failed: %s", error_to_string(rv)); + for (i = 1; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = hash_descriptor[id].process(&md, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: digest process failed: %s", error_to_string(rv)); + } + } + rv = hash_descriptor[id].done(&md, hash); if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); - outlen = sizeof(hash_base64); - rv = base64url_encode(hash, self->desc->hashsize, (unsigned char *)hash_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(hash_base64, outlen); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(hash, len, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *) out, outlen); + } + else if (ix == 2) { + rv = base64_encode(hash, len, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *) out, outlen); + } + else if (ix == 1) { + rv = _base16_encode(hash, len, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char *) out, outlen); + } + else { + RETVAL = newSVpvn((char *) hash, len); + } } OUTPUT: RETVAL int -_hashsize(self) - Crypt::Digest self - CODE: - RETVAL = self->desc->hashsize; - OUTPUT: - RETVAL - -int -_hashsize_by_name(digest_name) - char * digest_name +hashsize(SV * param, char * extra = NULL) CODE: { - int rv, id; - - id = find_hash(digest_name); - if(id==-1) croak("FATAL: find_digest failed for '%s'", digest_name); - - rv = hash_descriptor[id].hashsize; - if (!rv) croak("FATAL: invalid hashsize for '%s'", digest_name);; - RETVAL = rv; + if (sv_isobject(param) && sv_derived_from(param, "Crypt::Digest")) { + IV tmp = SvIV((SV*)SvRV(param)); + Crypt__Digest obj = INT2PTR(Crypt__Digest, tmp); + RETVAL = obj->desc->hashsize; + } + else { + char *digest_name; + int rv, id; + digest_name = SvPOK(param) && strcmp(SvPVX(param), "Crypt::Digest") ? SvPVX(param) : extra; + id = _find_hash(digest_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", digest_name); + rv = hash_descriptor[id].hashsize; + if (!rv) croak("FATAL: invalid hashsize for '%s'", digest_name);; + RETVAL = rv; + } } OUTPUT: RETVAL diff --git a/inc/CryptX_Digest_SHAKE.xs.inc b/inc/CryptX_Digest_SHAKE.xs.inc index aa5335f..0762666 100644 --- a/inc/CryptX_Digest_SHAKE.xs.inc +++ b/inc/CryptX_Digest_SHAKE.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::Digest::SHAKE +PROTOTYPES: DISABLE + Crypt::Digest::SHAKE -_new(int num) +new(Class, int num) CODE: { int rv; @@ -11,7 +13,10 @@ _new(int num) RETVAL->num = num; rv = sha3_shake_init(&RETVAL->state, RETVAL->num); - if (rv != CRYPT_OK) croak("FATAL: sha3_shake_init failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: sha3_shake_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -23,17 +28,19 @@ DESTROY(Crypt::Digest::SHAKE self) void reset(Crypt::Digest::SHAKE self) - CODE: + PPCODE: { int rv; rv = sha3_shake_init(&self->state, self->num); if (rv != CRYPT_OK) croak("FATAL: sha3_shake_init failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ } Crypt::Digest::SHAKE clone(Crypt::Digest::SHAKE self) CODE: Newz(0, RETVAL, 1, struct digest_shake_struct); + if (!RETVAL) croak("FATAL: Newz failed"); Copy(&self->state, &RETVAL->state, 1, struct digest_shake_struct); OUTPUT: RETVAL @@ -63,12 +70,20 @@ done(Crypt::Digest::SHAKE self, STRLEN out_len) int rv; unsigned char *out_data; - RETVAL = NEWSV(0, out_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, out_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = sha3_shake_done(&self->state, out_data, out_len); - if (rv != CRYPT_OK) croak("FATAL: sha3_shake_done failed: %s", error_to_string(rv)); + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = sha3_shake_done(&self->state, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: sha3_shake_done failed: %s", error_to_string(rv)); + } + } } OUTPUT: RETVAL diff --git a/inc/CryptX_KeyDerivation.xs.inc b/inc/CryptX_KeyDerivation.xs.inc index 7bc4303..9ae7920 100644 --- a/inc/CryptX_KeyDerivation.xs.inc +++ b/inc/CryptX_KeyDerivation.xs.inc @@ -1,102 +1,97 @@ MODULE = CryptX PACKAGE = Crypt::KeyDerivation +PROTOTYPES: DISABLE + SV * -_pkcs_5_alg1(SV * password, SV * salt, int iteration_count, char * hash_name, int len) +pbkdf1(SV * password, SV * salt, int iteration_count = 5000, const char * hash_name = "SHA256", unsigned long output_len = 32) CODE: { - /* - int pkcs_5_alg1(const unsigned char *password, unsigned long password_len, - const unsigned char *salt, - int iteration_count, int hash_idx, - unsigned char *out, unsigned long *outlen) - */ int rv, id; - unsigned long output_len; unsigned char *output; unsigned char *password_ptr=NULL; STRLEN password_len=0; unsigned char *salt_ptr=NULL; STRLEN salt_len=0; - id = find_hash(hash_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + if (output_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); - password_ptr = (unsigned char *)SvPVbyte(password, password_len); - salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); - if (salt_len < 8) croak("FATAL: salt_len has to be 8"); + password_ptr = (unsigned char *)SvPVbyte(password, password_len); + salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); + if (salt_len < 8) croak("FATAL: salt_len has to be 8"); - output_len = len; - Newz(0, output, output_len, unsigned char); - if (!output) croak("FATAL: Newz failed [%ld]", output_len); + RETVAL = NEWSV(0, output_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len); + output = (unsigned char *)SvPVX(RETVAL); - rv = pkcs_5_alg1(password_ptr, (unsigned long)password_len, salt_ptr, iteration_count, id, output, &output_len); - if (rv != CRYPT_OK) croak("FATAL: pkcs_5_alg1 process failed: %s", error_to_string(rv)); - - RETVAL = newSVpvn((char *)output, output_len); - Safefree(output); + rv = pkcs_5_alg1(password_ptr, (unsigned long)password_len, salt_ptr, iteration_count, id, output, &output_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: pkcs_5_alg1 process failed: %s", error_to_string(rv)); + } + SvCUR_set(RETVAL, output_len); + } } OUTPUT: RETVAL SV * -_pkcs_5_alg2(SV * password, SV * salt, int iteration_count, char * hash_name, int len) +pbkdf2(SV * password, SV * salt, int iteration_count = 5000, const char * hash_name = "SHA256", unsigned long output_len = 32) CODE: { - /* - int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, - const unsigned char *salt, unsigned long salt_len, - int iteration_count, int hash_idx, - unsigned char *out, unsigned long *outlen) - */ int rv, id; - unsigned long output_len; unsigned char *output; unsigned char *password_ptr=NULL; STRLEN password_len=0; unsigned char *salt_ptr=NULL; STRLEN salt_len=0; - id = find_hash(hash_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + if (output_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); - password_ptr = (unsigned char *)SvPVbyte(password, password_len); - salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); + password_ptr = (unsigned char *)SvPVbyte(password, password_len); + salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); - output_len = len; - Newz(0, output, output_len, unsigned char); - if (!output) croak("FATAL: Newz failed [%ld]", output_len); + RETVAL = NEWSV(0, output_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len); + output = (unsigned char *)SvPVX(RETVAL); - rv = pkcs_5_alg2(password_ptr, (unsigned long)password_len, salt_ptr, (unsigned long)salt_len, iteration_count, id, output, &output_len); - if (rv != CRYPT_OK) croak("FATAL: pkcs_5_alg2 process failed: %s", error_to_string(rv)); - - RETVAL = newSVpvn((char *)output, output_len); - Safefree(output); + rv = pkcs_5_alg2(password_ptr, (unsigned long)password_len, salt_ptr, (unsigned long)salt_len, iteration_count, id, output, &output_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: pkcs_5_alg2 process failed: %s", error_to_string(rv)); + } + SvCUR_set(RETVAL, output_len); + } } OUTPUT: RETVAL SV * -_hkdf_extract(char * hash_name, SV * salt, SV * in) +hkdf_extract(SV * in, SV * salt = &PL_sv_undef, const char * hash_name = "SHA256") CODE: { - /* - int hkdf_extract(int hash_idx, const unsigned char *salt, unsigned long saltlen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) - */ int rv, id; unsigned char output[MAXBLOCKSIZE]; unsigned long output_len; - unsigned char *in_ptr=NULL; - STRLEN in_len=0; - unsigned char *salt_ptr=NULL; - STRLEN salt_len=0; + unsigned char *in_ptr = NULL, *salt_ptr = NULL; + STRLEN in_len = 0, salt_len = 0; - id = find_hash(hash_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); - in_ptr = (unsigned char *)SvPVbyte(in, in_len); - salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); + if (SvPOK(in)) in_ptr = (unsigned char *)SvPVbyte(in, in_len); + if (SvPOK(salt)) salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); output_len = sizeof(output); rv = hkdf_extract(id, salt_ptr, (unsigned long)salt_len, in_ptr, (unsigned long)in_len, output, &output_len); @@ -108,74 +103,72 @@ _hkdf_extract(char * hash_name, SV * salt, SV * in) RETVAL SV * -_hkdf_expand(char * hash_name, SV * info, SV * in, unsigned long output_len) +hkdf_expand(SV * in, const char * hash_name = "SHA256", unsigned long output_len = 32, SV * info = &PL_sv_undef) CODE: { - /* - int hkdf_expand(int hash_idx, const unsigned char *info, unsigned long infolen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long outlen) - */ int rv, id; unsigned char *output; - unsigned char *in_ptr=NULL; - STRLEN in_len=0; - unsigned char *info_ptr=NULL; - STRLEN info_len=0; + unsigned char *in_ptr = NULL, *info_ptr = NULL; + STRLEN in_len = 0, info_len = 0; - id = find_hash(hash_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + if (output_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); - in_ptr = (unsigned char *)SvPVbyte(in, in_len); - info_ptr = (unsigned char *)SvPVbyte(info, info_len); + if (SvPOK(in)) in_ptr = (unsigned char *)SvPVbyte(in, in_len); + if (SvPOK(info)) info_ptr = (unsigned char *)SvPVbyte(info, info_len); - Newz(0, output, output_len, unsigned char); - if (!output) croak("FATAL: Newz failed [%ld]", output_len); + RETVAL = NEWSV(0, output_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len); + output = (unsigned char *)SvPVX(RETVAL); - rv = hkdf_expand(id, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len); - if (rv != CRYPT_OK) croak("FATAL: hkdf_expand process failed: %s", error_to_string(rv)); - - RETVAL = newSVpvn((char *)output, output_len); - Safefree(output); + rv = hkdf_expand(id, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: hkdf_expand process failed: %s", error_to_string(rv)); + } + SvCUR_set(RETVAL, output_len); + } } OUTPUT: RETVAL SV * -_hkdf(char * hash_name, SV * salt, SV * info, SV * in, unsigned long output_len) +hkdf(SV * in, SV * salt, const char * hash_name = "SHA256", unsigned long output_len = 32, SV * info = &PL_sv_undef) CODE: { - /* - int hkdf(int hash_idx, const unsigned char *salt, unsigned long saltlen, - const unsigned char *info, unsigned long infolen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long outlen) - */ int rv, id; unsigned char *output; - unsigned char *in_ptr=NULL; - STRLEN in_len=0; - unsigned char *info_ptr=NULL; - STRLEN info_len=0; - unsigned char *salt_ptr=NULL; - STRLEN salt_len=0; + unsigned char *in_ptr = NULL, *info_ptr = NULL, *salt_ptr = NULL; + STRLEN in_len = 0, info_len = 0, salt_len = 0; - id = find_hash(hash_name); - if(id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + if (output_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); - in_ptr = (unsigned char *)SvPVbyte(in, in_len); - info_ptr = (unsigned char *)SvPVbyte(info, info_len); - salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); + if (SvPOK(in)) in_ptr = (unsigned char *)SvPVbyte(in, in_len); + if (SvPOK(info)) info_ptr = (unsigned char *)SvPVbyte(info, info_len); + if (SvPOK(salt)) salt_ptr = (unsigned char *)SvPVbyte(salt, salt_len); - Newz(0, output, output_len, unsigned char); - if (!output) croak("FATAL: Newz failed [%ld]", output_len); + RETVAL = NEWSV(0, output_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len); + output = (unsigned char *)SvPVX(RETVAL); - rv = hkdf(id, salt_ptr, (unsigned long)salt_len, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len); - if (rv != CRYPT_OK) croak("FATAL: hkdf_expand process failed: %s", error_to_string(rv)); - - RETVAL = newSVpvn((char *)output, output_len); - Safefree(output); + rv = hkdf(id, salt_ptr, (unsigned long)salt_len, info_ptr, (unsigned long)info_len, in_ptr, (unsigned long)in_len, output, output_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: hkdf_expand process failed: %s", error_to_string(rv)); + } + SvCUR_set(RETVAL, output_len); + } } OUTPUT: RETVAL - diff --git a/inc/CryptX_Mac_BLAKE2b.xs.inc b/inc/CryptX_Mac_BLAKE2b.xs.inc index 298c2a9..6d27e3e 100644 --- a/inc/CryptX_Mac_BLAKE2b.xs.inc +++ b/inc/CryptX_Mac_BLAKE2b.xs.inc @@ -1,9 +1,11 @@ MODULE = CryptX PACKAGE = Crypt::Mac::BLAKE2b +PROTOTYPES: DISABLE + ### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! Crypt::Mac::BLAKE2b -_new(int size, SV * key) +new(Class, unsigned long size, SV * key) CODE: { STRLEN k_len=0; @@ -13,11 +15,14 @@ _new(int size, SV * key) if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); k = (unsigned char *) SvPVbyte(key, k_len); - Newz(0, RETVAL, 1, struct blake2b_struct); + Newz(0, RETVAL, 1, blake2bmac_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = blake2bmac_init(&RETVAL->state, size, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: blake2b_init failed: %s", error_to_string(rv)); + rv = blake2bmac_init(RETVAL, size, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: blake2b_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -30,101 +35,118 @@ DESTROY(Crypt::Mac::BLAKE2b self) Crypt::Mac::BLAKE2b clone(Crypt::Mac::BLAKE2b self) CODE: - Newz(0, RETVAL, 1, struct blake2b_struct); + Newz(0, RETVAL, 1, blake2bmac_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct blake2b_struct); + Copy(self, RETVAL, 1, blake2bmac_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::BLAKE2b self, SV * data) - CODE: +add(Crypt::Mac::BLAKE2b self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = blake2bmac_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: blake2b_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = blake2bmac_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: blake2b_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::BLAKE2b self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = blake2bmac_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = blake2bmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::BLAKE2b self) +blake2b(unsigned long size, SV * key, ...) + ALIAS: + blake2b_hex = 1 + blake2b_b64 = 2 + blake2b_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + blake2bmac_state st; - mac_len = sizeof(mac); - rv = blake2bmac_done(&self->state, mac, &mac_len); + if (size < len) len = size; + rv = blake2bmac_init(&st, len, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: blake2bmac_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = blake2bmac_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: blake2bmac_process failed: %s", error_to_string(rv)); + } + } + rv = blake2bmac_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::BLAKE2b self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = blake2bmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::BLAKE2b self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = blake2bmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, size, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: blake2s_init failed: %s", error_to_string(rv)); + rv = blake2smac_init(RETVAL, size, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: blake2s_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -30,101 +35,118 @@ DESTROY(Crypt::Mac::BLAKE2s self) Crypt::Mac::BLAKE2s clone(Crypt::Mac::BLAKE2s self) CODE: - Newz(0, RETVAL, 1, struct blake2s_struct); + Newz(0, RETVAL, 1, blake2smac_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct blake2s_struct); + Copy(self, RETVAL, 1, blake2smac_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::BLAKE2s self, SV * data) - CODE: +add(Crypt::Mac::BLAKE2s self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = blake2smac_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: blake2s_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = blake2smac_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: blake2s_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::BLAKE2s self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = blake2smac_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = blake2smac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::BLAKE2s self) +blake2s(unsigned long size, SV * key, ...) + ALIAS: + blake2s_hex = 1 + blake2s_b64 = 2 + blake2s_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + blake2smac_state st; - mac_len = sizeof(mac); - rv = blake2smac_done(&self->state, mac, &mac_len); + if (size < len) len = size; + rv = blake2smac_init(&st, len, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: blake2smac_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = blake2smac_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: blake2smac_process failed: %s", error_to_string(rv)); + } + } + rv = blake2smac_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::BLAKE2s self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = blake2smac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::BLAKE2s self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = blake2smac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: f9_init failed: %s", error_to_string(rv)); + rv = f9_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: f9_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -34,101 +39,119 @@ DESTROY(Crypt::Mac::F9 self) Crypt::Mac::F9 clone(Crypt::Mac::F9 self) CODE: - Newz(0, RETVAL, 1, struct f9_struct); + Newz(0, RETVAL, 1, f9_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct f9_struct); + Copy(self, RETVAL, 1, f9_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::F9 self, SV * data) - CODE: +add(Crypt::Mac::F9 self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = f9_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: f9_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = f9_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: f9_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::F9 self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = f9_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = f9_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::F9 self) +f9(char * cipher_name, SV * key, ...) + ALIAS: + f9_hex = 1 + f9_b64 = 2 + f9_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + f9_state st; - mac_len = sizeof(mac); - rv = f9_done(&self->state, mac, &mac_len); + int id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", cipher_name); + rv = f9_init(&st, id, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: f9_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = f9_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: f9_process failed: %s", error_to_string(rv)); + } + } + rv = f9_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::F9 self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = f9_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::F9 self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = f9_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: hmac_init failed: %s", error_to_string(rv)); + rv = hmac_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: hmac_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -34,101 +39,119 @@ DESTROY(Crypt::Mac::HMAC self) Crypt::Mac::HMAC clone(Crypt::Mac::HMAC self) CODE: - Newz(0, RETVAL, 1, struct hmac_struct); + Newz(0, RETVAL, 1, hmac_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct hmac_struct); + Copy(self, RETVAL, 1, hmac_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::HMAC self, SV * data) - CODE: +add(Crypt::Mac::HMAC self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = hmac_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: hmac_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = hmac_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: hmac_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::HMAC self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = hmac_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = hmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::HMAC self) +hmac(char * hash_name, SV * key, ...) + ALIAS: + hmac_hex = 1 + hmac_b64 = 2 + hmac_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + hmac_state st; - mac_len = sizeof(mac); - rv = hmac_done(&self->state, mac, &mac_len); + int id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_digest failed for '%s'", hash_name); + rv = hmac_init(&st, id, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: hmac_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = hmac_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: hmac_process failed: %s", error_to_string(rv)); + } + } + rv = hmac_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::HMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = hmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::HMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = hmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: omac_init failed: %s", error_to_string(rv)); + rv = omac_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: omac_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -34,101 +39,119 @@ DESTROY(Crypt::Mac::OMAC self) Crypt::Mac::OMAC clone(Crypt::Mac::OMAC self) CODE: - Newz(0, RETVAL, 1, struct omac_struct); + Newz(0, RETVAL, 1, omac_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct omac_struct); + Copy(self, RETVAL, 1, omac_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::OMAC self, SV * data) - CODE: +add(Crypt::Mac::OMAC self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = omac_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: omac_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = omac_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: omac_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::OMAC self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = omac_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = omac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::OMAC self) +omac(char * cipher_name, SV * key, ...) + ALIAS: + omac_hex = 1 + omac_b64 = 2 + omac_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + omac_state st; - mac_len = sizeof(mac); - rv = omac_done(&self->state, mac, &mac_len); + int id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", cipher_name); + rv = omac_init(&st, id, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: omac_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = omac_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: omac_process failed: %s", error_to_string(rv)); + } + } + rv = omac_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::OMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = omac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::OMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = omac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: pmac_init failed: %s", error_to_string(rv)); + rv = pmac_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: pmac_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -34,101 +39,119 @@ DESTROY(Crypt::Mac::PMAC self) Crypt::Mac::PMAC clone(Crypt::Mac::PMAC self) CODE: - Newz(0, RETVAL, 1, struct pmac_struct); + Newz(0, RETVAL, 1, pmac_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct pmac_struct); + Copy(self, RETVAL, 1, pmac_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::PMAC self, SV * data) - CODE: +add(Crypt::Mac::PMAC self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = pmac_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: pmac_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = pmac_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: pmac_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::PMAC self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = pmac_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = pmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::PMAC self) +pmac(char * cipher_name, SV * key, ...) + ALIAS: + pmac_hex = 1 + pmac_b64 = 2 + pmac_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + pmac_state st; - mac_len = sizeof(mac); - rv = pmac_done(&self->state, mac, &mac_len); + int id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", cipher_name); + rv = pmac_init(&st, id, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: pmac_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = pmac_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: pmac_process failed: %s", error_to_string(rv)); + } + } + rv = pmac_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::PMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = pmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::PMAC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = pmac_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: pelican_init failed: %s", error_to_string(rv)); + rv = pelican_init(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: pelican_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -30,101 +35,118 @@ DESTROY(Crypt::Mac::Pelican self) Crypt::Mac::Pelican clone(Crypt::Mac::Pelican self) CODE: - Newz(0, RETVAL, 1, struct pelican_struct); + Newz(0, RETVAL, 1, pelican_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct pelican_struct); + Copy(self, RETVAL, 1, pelican_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::Pelican self, SV * data) - CODE: +add(Crypt::Mac::Pelican self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = pelican_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: pelican_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = pelican_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: pelican_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::Pelican self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = 16; - rv = pelican_done(&self->state, (unsigned char*)mac); + maclen = 16; + rv = pelican_done(self, mac); if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::Pelican self) +pelican(SV * key, ...) + ALIAS: + pelican_hex = 1 + pelican_b64 = 2 + pelican_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + pelican_state st; - mac_len = 16; - rv = pelican_done(&self->state, mac); + len = 16; + rv = pelican_init(&st, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: pelican_init failed: %s", error_to_string(rv)); + for (i = 1; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = pelican_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: pelican_process failed: %s", error_to_string(rv)); + } + } + rv = pelican_done(&st, mac); if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::Pelican self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = 16; - rv = pelican_done(&self->state, mac); - if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::Pelican self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = 16; - rv = pelican_done(&self->state, mac); - if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: poly1305_init failed: %s", error_to_string(rv)); + rv = poly1305_init(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: poly1305_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -30,101 +35,117 @@ DESTROY(Crypt::Mac::Poly1305 self) Crypt::Mac::Poly1305 clone(Crypt::Mac::Poly1305 self) CODE: - Newz(0, RETVAL, 1, struct poly1305_struct); + Newz(0, RETVAL, 1, poly1305_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct poly1305_struct); + Copy(self, RETVAL, 1, poly1305_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::Poly1305 self, SV * data) - CODE: +add(Crypt::Mac::Poly1305 self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = poly1305_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: poly1305_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = poly1305_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: poly1305_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::Poly1305 self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = poly1305_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = poly1305_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::Poly1305 self) +poly1305(SV * key, ...) + ALIAS: + poly1305_hex = 1 + poly1305_b64 = 2 + poly1305_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + poly1305_state st; - mac_len = sizeof(mac); - rv = poly1305_done(&self->state, mac, &mac_len); + rv = poly1305_init(&st, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: poly1305_init failed: %s", error_to_string(rv)); + for (i = 1; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = poly1305_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: poly1305_process failed: %s", error_to_string(rv)); + } + } + rv = poly1305_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::Poly1305 self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = poly1305_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::Poly1305 self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = poly1305_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; istate, id, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: xcbc_init failed: %s", error_to_string(rv)); + rv = xcbc_init(RETVAL, id, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: xcbc_init failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -34,101 +39,119 @@ DESTROY(Crypt::Mac::XCBC self) Crypt::Mac::XCBC clone(Crypt::Mac::XCBC self) CODE: - Newz(0, RETVAL, 1, struct xcbc_struct); + Newz(0, RETVAL, 1, xcbc_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct xcbc_struct); + Copy(self, RETVAL, 1, xcbc_state); OUTPUT: RETVAL void -_add_single(Crypt::Mac::XCBC self, SV * data) - CODE: +add(Crypt::Mac::XCBC self, ...) + PPCODE: { - int rv; + int rv, i; STRLEN in_data_len; unsigned char *in_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len>0) { - rv = xcbc_process(&self->state, in_data, (unsigned long)in_data_len); - if (rv != CRYPT_OK) croak("FATAL: xcbc_process failed: %s", error_to_string(rv)); + for(i = 1; i < items; i++) { + in_data = (unsigned char *)SvPVbyte(ST(i), in_data_len); + if (in_data_len > 0) { + rv = xcbc_process(self, in_data, (unsigned long)in_data_len); + if (rv != CRYPT_OK) croak("FATAL: xcbc_process failed: %s", error_to_string(rv)); + } } + XPUSHs(ST(0)); /* return self */ } SV * mac(Crypt::Mac::XCBC self) + ALIAS: + hexmac = 1 + b64mac = 2 + b64umac = 3 CODE: { - char mac[MAXBLOCKSIZE]; - unsigned long mac_len; + unsigned char mac[MAXBLOCKSIZE]; + unsigned long maclen, outlen; int rv; + char out[MAXBLOCKSIZE*2]; - mac_len = sizeof(mac); - rv = xcbc_done(&self->state, (unsigned char*)mac, &mac_len); + maclen = sizeof(mac); + rv = xcbc_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac, mac_len); + outlen = sizeof(out); + if (ix == 3) { + rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 2) { + rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + if (ix == 1) { + rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); + RETVAL = newSVpvn(out, outlen); + } + else { + RETVAL = newSVpvn((char * )mac, maclen); + } } OUTPUT: RETVAL SV * -b64mac(Crypt::Mac::XCBC self) +xcbc(char * cipher_name, SV * key, ...) + ALIAS: + xcbc_hex = 1 + xcbc_b64 = 2 + xcbc_b64u = 3 CODE: { + STRLEN inlen, klen; + unsigned char *in; + unsigned char *k = (unsigned char *)SvPVbyte(key, klen); + int rv, i; unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; + unsigned long len = sizeof(mac), outlen; + char out[MAXBLOCKSIZE*2]; + xcbc_state st; - mac_len = sizeof(mac); - rv = xcbc_done(&self->state, mac, &mac_len); + int id = _find_cipher(cipher_name); + if (id == -1) croak("FATAL: find_cipher failed for '%s'", cipher_name); + rv = xcbc_init(&st, id, k, (unsigned long)klen); + if (rv != CRYPT_OK) croak("FATAL: xcbc_init failed: %s", error_to_string(rv)); + for (i = 2; i < items; i++) { + in = (unsigned char *)SvPVbyte(ST(i), inlen); + if (inlen > 0) { + rv = xcbc_process(&st, in, (unsigned long)inlen); + if (rv != CRYPT_OK) croak("FATAL: xcbc_process failed: %s", error_to_string(rv)); + } + } + rv = xcbc_done(&st, mac, &len); if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -b64umac(Crypt::Mac::XCBC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len; - int rv; - unsigned long outlen; - char mac_base64[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = xcbc_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); - outlen = sizeof(mac_base64); - rv = base64url_encode(mac, mac_len, (unsigned char*)mac_base64, &outlen); - if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn(mac_base64, outlen); - } - OUTPUT: - RETVAL - -SV * -hexmac(Crypt::Mac::XCBC self) - CODE: - { - unsigned char mac[MAXBLOCKSIZE]; - unsigned long mac_len, i; - int rv; - char mac_hex[MAXBLOCKSIZE*2 + 1]; - - mac_len = sizeof(mac); - rv = xcbc_done(&self->state, mac, &mac_len); - if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); - mac_hex[0] = '\0'; - for(i=0; ipadlen = 0; RETVAL->direction = 0; RETVAL->cipher_rounds = rounds; - RETVAL->cipher_id = find_cipher(cipher_name); - if(RETVAL->cipher_id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + RETVAL->cipher_id = _find_cipher(cipher_name); + if (RETVAL->cipher_id == -1) { + Safefree(RETVAL); + croak("FATAL: find_cipfer failed for '%s'", cipher_name); + } } OUTPUT: RETVAL @@ -23,16 +28,11 @@ DESTROY(Crypt::Mode::CBC self) CODE: Safefree(self); -int -_get_dir(Crypt::Mode::CBC self) - CODE: - RETVAL = self->direction; - OUTPUT: - RETVAL - void -_start(Crypt::Mode::CBC self, int dir, SV * key, SV * iv) - CODE: +start_decrypt(Crypt::Mode::CBC self, SV * key, SV * iv) + ALIAS: + start_encrypt = 1 + PPCODE: { int rv; STRLEN k_len=0; @@ -53,106 +53,211 @@ _start(Crypt::Mode::CBC self, int dir, SV * key, SV * iv) croak("FATAL: cbc_start failed: %s", error_to_string(rv)); } - self->direction = dir; + self->direction = ix == 1 ? 1 : -1; self->padlen = 0; + XPUSHs(ST(0)); /* return self */ } SV * -_encrypt(Crypt::Mode::CBC self, SV * data) +add(Crypt::Mode::CBC self, ...) CODE: { - int rv, has_tmp_block, blen; + int rv, has_tmp_block, blen, j; unsigned long i; - - STRLEN in_data_len, in_data_start; + STRLEN in_data_len, in_data_start, out_len = 0; unsigned char *in_data, *out_data, tmp_block[MAXBLOCKSIZE]; - if (self->direction != 1) croak("FATAL: encrypt error, call start_encrypt first (%d)", self->direction); + RETVAL = newSVpvn("", 0); + for (j = 1; j < items; j++) { + in_data = (unsigned char *)SvPVbyte(ST(j), in_data_len); + blen = (&self->state)->blocklen; + in_data_start = 0; + has_tmp_block = 0; + if (in_data_len > 0) { + if (self->direction == 1) { + /* handle non-empty self->pad buffer */ + if (self->padlen > 0) { + i = (blen - self->padlen); + if (in_data_len >= i) { /* enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, i, unsigned char); + in_data_len -= i; + in_data_start = i; + rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } + else { /* not enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); + self->padlen += (int)in_data_len; + in_data_len = 0; + } + } - blen = (&self->state)->blocklen; - in_data_start = 0; - has_tmp_block = 0; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - if(self->padlen > 0) { - i = (blen - self->padlen); - if (in_data_len >= i) { /* enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, i, unsigned char); - in_data_len -= i; - in_data_start = i; - rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; + i = (unsigned long)(in_data_len % blen); + if (in_data_len > 0 && i > 0) { /* save tail of data into pad */ + Copy(in_data + in_data_start + in_data_len - i, self->pad, i, unsigned char); + self->padlen = i; + in_data_len -= i; + } + + if (in_data_len > 0) { + i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); + out_data = (unsigned char*)SvGROW(RETVAL, out_len + i + 1) + out_len; + out_len += i; + if (has_tmp_block) { + Copy(tmp_block, out_data, blen, unsigned char); + out_data += blen; + } + rv = cbc_encrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + } + } /* in_data_len > 0 */ + else if (has_tmp_block) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + blen + 1) + out_len; + out_len += blen; + Copy(tmp_block, out_data, blen, unsigned char); + } } - else { /* not enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); - self->padlen += (int)in_data_len; - in_data_len = 0; + else if (self->direction == -1) { + if (self->padlen == blen) { + rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } /* padlen == blen */ + else if (self->padlen > 0) { + i = (blen - self->padlen); /* remaining bytes in padding buffer */ + if (in_data_len >= i) { /* enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, i, unsigned char); + self->padlen += i; + in_data_len -= i; + in_data_start = i; + if (in_data_len>0 || self->padding_mode == 0) { + rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } + } + else { /* not enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); + self->padlen += (int)in_data_len; + in_data_len = 0; + } + } /* padlen > 0 */ + + /* here: a/ padlen == 1..16 && in_data_len == 0; b/ padlen == 0 && in_data_len > 0 */ + if (in_data_len>0) { + i = (unsigned long)(in_data_len % blen); + if (i>0) { /* save tail of data into pad */ + Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); + self->padlen = i; + in_data_len -= i; + } + } + + if (in_data_len>0) { + if (self->padlen == 0 && self->padding_mode !=0) { + /* in case of padding keep full pad if no more data */ + Copy(in_data+in_data_start+in_data_len-blen, self->pad, blen, unsigned char); + self->padlen = blen; + in_data_len -= blen; + } + i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); + if (i > 0) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + i + 1) + out_len; + out_len += i; + if (has_tmp_block) { + Copy(tmp_block, out_data, blen, unsigned char); + out_data += blen; + } + rv = cbc_decrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); + } + } + } /* in_data_len>0 */ + else if (has_tmp_block) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + blen + 1) + out_len; + out_len += blen; + Copy(tmp_block, out_data, blen, unsigned char); + } } - } /* padlen > 0 */ - - i = (unsigned long)(in_data_len % blen); - if (in_data_len>0 && i>0) { /* save tail of data into pad */ - Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); - self->padlen = i; - in_data_len -= i; - } - - if (in_data_len>0) { - i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); - RETVAL = NEWSV(0, i); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, i); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (has_tmp_block) { - Copy(tmp_block, out_data, blen, unsigned char); - out_data += blen; + else { + SvREFCNT_dec(RETVAL); + croak("FATAL: call start_decryt or start_encrpyt first (%d)", self->direction); } - rv = cbc_encrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); - } /* in_data_len>0 */ - else if (has_tmp_block) { - RETVAL = newSVpvn((char*)tmp_block, blen); - } - else { - RETVAL = newSVpvn("", 0); } } + if (out_len > 0) SvCUR_set(RETVAL, out_len); } OUTPUT: RETVAL SV * -_finish_enc(Crypt::Mode::CBC self) +finish(Crypt::Mode::CBC self) CODE: { - unsigned char tmp_block[MAXBLOCKSIZE]; - int rv, blen, i, j; + unsigned char tmp_block[MAXBLOCKSIZE], ch; + int i, j, rv, blen = (&self->state)->blocklen; - blen = (&self->state)->blocklen; - if (self->padlen<0 || self->padlen>=blen) croak("FATAL: invalid padlen"); - - if(self->padding_mode == 1) { /* pkcs5|7 padding */ - i = blen - self->padlen; - if (i == 0) i = blen; - for(j=self->padlen; jpad[j] = (unsigned char)i; - rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + if (self->direction == 1) { + if (self->padlen<0 || self->padlen>=blen) croak("FATAL: invalid padlen"); + if (self->padding_mode == 1) { /* pkcs5|7 padding */ + i = blen - self->padlen; + if (i == 0) i = blen; + for(j=self->padlen; jpad[j] = (unsigned char)i; + rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + } + else if (self->padding_mode == 2) { /* oneandzeroes padding */ + self->pad[self->padlen] = 0x80; + for(j=self->padlen+1; jpad[j] = 0; + rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + } + else { + if (self->padlen>0) croak("FATAL: cbc_encrypt, input data length not multiple of %d", blen); + blen = 0; + } } - else if(self->padding_mode == 2) { /* oneandzeroes padding */ - self->pad[self->padlen] = 0x80; - for(j=self->padlen+1; jpad[j] = 0; - rv = cbc_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_encrypt failed: %s", error_to_string(rv)); + else if (self->direction == -1) { + if (self->padlen > 0) { + if (self->padlen != blen) croak("FATAL: cipher text length has to be multiple of %d (%d)", blen, self->padlen); + rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); + if (self->padding_mode == 0) { /* no padding */ + /* we already have blen */ + } + else if (self->padding_mode == 1) { /* pkcs5|7 padding */ + ch = tmp_block[blen-1]; + blen = blen - (ch > blen ? blen : ch); + } + else if (self->padding_mode == 2) { /* oneandzeroes padding */ + while ((unsigned char)tmp_block[blen - 1] == 0x00) blen--; + if ((unsigned char)tmp_block[blen - 1] == 0x80) blen--; + if (blen < 0) blen = 0; + } + } + else { + blen = 0; + } } else { - if (self->padlen>0) croak("FATAL: cbc_encrypt, input data length not multiple of %d", blen); - blen = 0; + XSRETURN_UNDEF; } self->direction = 0; @@ -160,131 +265,3 @@ _finish_enc(Crypt::Mode::CBC self) } OUTPUT: RETVAL - -SV * -_decrypt(Crypt::Mode::CBC self, SV * data) - CODE: - { - int rv, has_tmp_block, blen; - unsigned long i; - STRLEN in_data_len, in_data_start; - unsigned char *in_data, *out_data, tmp_block[MAXBLOCKSIZE]; - - if (self->direction != -1) croak("FATAL: decrypt error, call start_decryt first (%d)", self->direction); - - blen = (&self->state)->blocklen; - in_data_start = 0; - has_tmp_block = 0; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - - if(self->padlen == blen) { - rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; - } /* padlen == blen */ - else if(self->padlen > 0) { - i = (blen - self->padlen); /* remaining bytes in padding buffer */ - if (in_data_len >= i) { /* enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, i, unsigned char); - self->padlen += i; - in_data_len -= i; - in_data_start = i; - if (in_data_len>0 || self->padding_mode == 0) { - rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; - } - } - else { /* not enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); - self->padlen += (int)in_data_len; - in_data_len = 0; - } - } /* padlen > 0 */ - - /* here: a/ padlen==1..16 && in_data_len==0; b/ padlen==0 && in_data_len>0 */ - if (in_data_len>0) { - i = (unsigned long)(in_data_len % blen); - if (i>0) { /* save tail of data into pad */ - Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); - self->padlen = i; - in_data_len -= i; - } - } - - if (in_data_len>0) { - if(self->padlen == 0 && self->padding_mode !=0) { - /* in case of padding keep full pad if no more data */ - Copy(in_data+in_data_start+in_data_len-blen, self->pad, blen, unsigned char); - self->padlen = blen; - in_data_len -= blen; - } - i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); - if (i == 0) { - RETVAL = newSVpvn("", 0); - } - else { - RETVAL = NEWSV(0, i); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, i); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - if (has_tmp_block) { - Copy(tmp_block, out_data, blen, unsigned char); - out_data += blen; - } - rv = cbc_decrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); - } - } /* in_data_len>0 */ - else if (has_tmp_block) { - RETVAL = newSVpvn((char*)tmp_block, blen); - } - else { - RETVAL = newSVpvn("", 0); - } - } - - } - OUTPUT: - RETVAL - -SV * -_finish_dec(Crypt::Mode::CBC self) - CODE: - { - unsigned char tmp_block[MAXBLOCKSIZE]; - unsigned char i; - int rv, rv_len, blen; - - rv_len = 0; - if (self->padlen > 0) { - blen = (&self->state)->blocklen; - if (self->padlen != blen) croak("FATAL: cipher text length has to be multiple of %d (%d)", blen, self->padlen); - rv = cbc_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cbc_decrypt failed: %s", error_to_string(rv)); - if(self->padding_mode == 0) { /* no padding */ - rv_len = blen; - } - else if(self->padding_mode == 1) { /* pkcs5|7 padding */ - i = tmp_block[blen-1]; - rv_len = blen - (i>blen ? blen : i); - } - else if(self->padding_mode == 2) { /* oneandzeroes padding */ - rv_len = blen; - while ((unsigned char)tmp_block[rv_len-1] == 0x00) rv_len--; - if ((unsigned char)tmp_block[rv_len-1] == 0x80) rv_len--; - if (rv_len<0) rv_len = 0; - } - } - - self->direction = 0; - RETVAL = newSVpvn((char*)tmp_block, rv_len); - } - OUTPUT: - RETVAL diff --git a/inc/CryptX_Mode_CFB.xs.inc b/inc/CryptX_Mode_CFB.xs.inc index da36e31..283ebf9 100644 --- a/inc/CryptX_Mode_CFB.xs.inc +++ b/inc/CryptX_Mode_CFB.xs.inc @@ -1,17 +1,22 @@ MODULE = CryptX PACKAGE = Crypt::Mode::CFB +PROTOTYPES: DISABLE + ### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! Crypt::Mode::CFB -_new(char * cipher_name, int rounds=0) +new(Class, char * cipher_name, int rounds=0) CODE: { Newz(0, RETVAL, 1, struct cfb_struct); if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->direction = 0; RETVAL->cipher_rounds = rounds; - RETVAL->cipher_id = find_cipher(cipher_name); - if(RETVAL->cipher_id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + RETVAL->cipher_id = _find_cipher(cipher_name); + if (RETVAL->cipher_id == -1) { + Safefree(RETVAL); + croak("FATAL: find_cipfer failed for '%s'", cipher_name); + } } OUTPUT: RETVAL @@ -21,16 +26,11 @@ DESTROY(Crypt::Mode::CFB self) CODE: Safefree(self); -int -_get_dir(Crypt::Mode::CFB self) - CODE: - RETVAL = self->direction; - OUTPUT: - RETVAL - void -_start(Crypt::Mode::CFB self, int dir, SV * key, SV * iv) - CODE: +start_decrypt(Crypt::Mode::CFB self, SV * key, SV * iv) + ALIAS: + start_encrypt = 1 + PPCODE: { STRLEN k_len=0; unsigned char *k=NULL; @@ -52,45 +52,51 @@ _start(Crypt::Mode::CFB self, int dir, SV * key, SV * iv) croak("FATAL: cfb_start failed: %s", error_to_string(rv)); } - self->direction = dir; + self->direction = ix == 1 ? 1 : -1; + XPUSHs(ST(0)); /* return self */ } SV * -_crypt(Crypt::Mode::CFB self, SV * data) +add(Crypt::Mode::CFB self, ...) CODE: { - int rv; - STRLEN in_data_len; + int rv, j; + STRLEN in_data_len, out_len = 0; unsigned char *in_data, *out_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - RETVAL = NEWSV(0, in_data_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (self->direction == 1) { - rv = cfb_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cfb_encrypt failed: %s", error_to_string(rv)); - } - else if (self->direction == -1) { - rv = cfb_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: cfb_decrypt failed: %s", error_to_string(rv)); - } - else { - croak("FATAL: cfb_crypt failed: call start_encrypt or start_decrypt first"); + RETVAL = newSVpvn("", 0); + for (j = 1; j < items; j++) { + in_data = (unsigned char *)SvPVbyte(ST(j), in_data_len); + if (in_data_len > 0) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + in_data_len + 1) + out_len; + out_len += in_data_len; + if (self->direction == 1) { + rv = cfb_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cfb_encrypt failed: %s", error_to_string(rv)); + } + } + else if (self->direction == -1) { + rv = cfb_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: cfb_decrypt failed: %s", error_to_string(rv)); + } + } + else { + SvREFCNT_dec(RETVAL); + croak("FATAL: cfb_crypt failed: call start_encrypt or start_decrypt first"); + } } } + if (out_len > 0) SvCUR_set(RETVAL, out_len); } OUTPUT: RETVAL SV * -_finish(Crypt::Mode::CFB self) +finish(Crypt::Mode::CFB self) CODE: self->direction = 0; RETVAL = newSVpvn("", 0); diff --git a/inc/CryptX_Mode_CTR.xs.inc b/inc/CryptX_Mode_CTR.xs.inc index d27af91..baeb661 100644 --- a/inc/CryptX_Mode_CTR.xs.inc +++ b/inc/CryptX_Mode_CTR.xs.inc @@ -1,17 +1,22 @@ MODULE = CryptX PACKAGE = Crypt::Mode::CTR +PROTOTYPES: DISABLE + ### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! Crypt::Mode::CTR -_new(char * cipher_name, int ctr_mode=0, int ctr_width=0, int rounds=0) +new(Class, char * cipher_name, int ctr_mode=0, int ctr_width=0, int rounds=0) CODE: { Newz(0, RETVAL, 1, struct ctr_struct); if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->direction = 0; RETVAL->cipher_rounds = rounds; - RETVAL->cipher_id = find_cipher(cipher_name); - if(RETVAL->cipher_id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + RETVAL->cipher_id = _find_cipher(cipher_name); + if (RETVAL->cipher_id == -1) { + Safefree(RETVAL); + croak("FATAL: find_cipfer failed for '%s'", cipher_name); + } if (ctr_mode == 0) RETVAL->ctr_mode_param = CTR_COUNTER_LITTLE_ENDIAN; if (ctr_mode == 1) RETVAL->ctr_mode_param = CTR_COUNTER_BIG_ENDIAN; if (ctr_mode == 2) RETVAL->ctr_mode_param = CTR_COUNTER_LITTLE_ENDIAN|LTC_CTR_RFC3686; @@ -26,16 +31,11 @@ DESTROY(Crypt::Mode::CTR self) CODE: Safefree(self); -int -_get_dir(Crypt::Mode::CTR self) - CODE: - RETVAL = self->direction; - OUTPUT: - RETVAL - void -_start(Crypt::Mode::CTR self, int dir, SV * key, SV * iv) - CODE: +start_decrypt(Crypt::Mode::CTR self, SV * key, SV * iv) + ALIAS: + start_encrypt = 1 + PPCODE: { STRLEN k_len=0; unsigned char *k=NULL; @@ -57,45 +57,51 @@ _start(Crypt::Mode::CTR self, int dir, SV * key, SV * iv) croak("FATAL: ctr_start failed: %s", error_to_string(rv)); } - self->direction = dir; + self->direction = ix == 1 ? 1 : -1; + XPUSHs(ST(0)); /* return self */ } SV * -_crypt(Crypt::Mode::CTR self, SV * data) +add(Crypt::Mode::CTR self, ...) CODE: { - int rv; - STRLEN in_data_len; + int rv, j; + STRLEN in_data_len, out_len = 0; unsigned char *in_data, *out_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - RETVAL = NEWSV(0, in_data_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (self->direction == 1) { - rv = ctr_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ctr_encrypt failed: %s", error_to_string(rv)); - } - else if (self->direction == -1) { - rv = ctr_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ctr_decrypt failed: %s", error_to_string(rv)); - } - else { - croak("FATAL: ctr_crypt failed: call start_encrypt or start_decrypt first"); + RETVAL = newSVpvn("", 0); + for (j = 1; j < items; j++) { + in_data = (unsigned char *)SvPVbyte(ST(j), in_data_len); + if (in_data_len > 0) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + in_data_len + 1) + out_len; + out_len += in_data_len; + if (self->direction == 1) { + rv = ctr_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ctr_encrypt failed: %s", error_to_string(rv)); + } + } + else if (self->direction == -1) { + rv = ctr_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ctr_decrypt failed: %s", error_to_string(rv)); + } + } + else { + SvREFCNT_dec(RETVAL); + croak("FATAL: ctr_crypt failed: call start_encrypt or start_decrypt first"); + } } } + if (out_len > 0) SvCUR_set(RETVAL, out_len); } OUTPUT: RETVAL SV * -_finish(Crypt::Mode::CTR self) +finish(Crypt::Mode::CTR self) CODE: self->direction = 0; RETVAL = newSVpvn("", 0); diff --git a/inc/CryptX_Mode_ECB.xs.inc b/inc/CryptX_Mode_ECB.xs.inc index 90ab26a..8d34adb 100644 --- a/inc/CryptX_Mode_ECB.xs.inc +++ b/inc/CryptX_Mode_ECB.xs.inc @@ -1,9 +1,11 @@ MODULE = CryptX PACKAGE = Crypt::Mode::ECB +PROTOTYPES: DISABLE + ### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! Crypt::Mode::ECB -_new(char * cipher_name, int padding=1, int rounds=0) +new(Class, char * cipher_name, int padding=1, int rounds=0) CODE: { Newz(0, RETVAL, 1, struct ecb_struct); @@ -12,8 +14,11 @@ _new(char * cipher_name, int padding=1, int rounds=0) RETVAL->padlen = 0; RETVAL->direction = 0; RETVAL->cipher_rounds = rounds; - RETVAL->cipher_id = find_cipher(cipher_name); - if(RETVAL->cipher_id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + RETVAL->cipher_id = _find_cipher(cipher_name); + if (RETVAL->cipher_id == -1) { + Safefree(RETVAL); + croak("FATAL: find_cipfer failed for '%s'", cipher_name); + } } OUTPUT: RETVAL @@ -23,16 +28,11 @@ DESTROY(Crypt::Mode::ECB self) CODE: Safefree(self); -int -_get_dir(Crypt::Mode::ECB self) - CODE: - RETVAL = self->direction; - OUTPUT: - RETVAL - void -_start(Crypt::Mode::ECB self, int dir, SV * key) - CODE: +start_decrypt(Crypt::Mode::ECB self, SV * key) + ALIAS: + start_encrypt = 1 + PPCODE: { int rv; STRLEN k_len=0; @@ -46,106 +46,211 @@ _start(Crypt::Mode::ECB self, int dir, SV * key) croak("FATAL: ecb_start failed: %s", error_to_string(rv)); } - self->direction = dir; + self->direction = ix == 1 ? 1 : -1; self->padlen = 0; + XPUSHs(ST(0)); /* return self */ } SV * -_encrypt(Crypt::Mode::ECB self, SV * data) +add(Crypt::Mode::ECB self, ...) CODE: { - int rv, has_tmp_block, blen; + int rv, has_tmp_block, blen, j; unsigned long i; - - STRLEN in_data_len, in_data_start; + STRLEN in_data_len, in_data_start, out_len = 0; unsigned char *in_data, *out_data, tmp_block[MAXBLOCKSIZE]; - if (self->direction != 1) croak("FATAL: encrypt error, call start_encrypt first (%d)", self->direction); + RETVAL = newSVpvn("", 0); + for (j = 1; j < items; j++) { + in_data = (unsigned char *)SvPVbyte(ST(j), in_data_len); + blen = (&self->state)->blocklen; + in_data_start = 0; + has_tmp_block = 0; + if (in_data_len > 0) { + if (self->direction == 1) { + /* handle non-empty self->pad buffer */ + if (self->padlen > 0) { + i = (blen - self->padlen); + if (in_data_len >= i) { /* enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, i, unsigned char); + in_data_len -= i; + in_data_start = i; + rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } + else { /* not enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); + self->padlen += (int)in_data_len; + in_data_len = 0; + } + } - blen = (&self->state)->blocklen; - in_data_start = 0; - has_tmp_block = 0; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - if(self->padlen > 0) { - i = (blen - self->padlen); - if (in_data_len >= i) { /* enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, i, unsigned char); - in_data_len -= i; - in_data_start = i; - rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; + i = (unsigned long)(in_data_len % blen); + if (in_data_len > 0 && i > 0) { /* save tail of data into pad */ + Copy(in_data + in_data_start + in_data_len - i, self->pad, i, unsigned char); + self->padlen = i; + in_data_len -= i; + } + + if (in_data_len > 0) { + i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); + out_data = (unsigned char*)SvGROW(RETVAL, out_len + i + 1) + out_len; + out_len += i; + if (has_tmp_block) { + Copy(tmp_block, out_data, blen, unsigned char); + out_data += blen; + } + rv = ecb_encrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + } + } /* in_data_len > 0 */ + else if (has_tmp_block) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + blen + 1) + out_len; + out_len += blen; + Copy(tmp_block, out_data, blen, unsigned char); + } } - else { /* not enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); - self->padlen += (int)in_data_len; - in_data_len = 0; + else if (self->direction == -1) { + if (self->padlen == blen) { + rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } /* padlen == blen */ + else if (self->padlen > 0) { + i = (blen - self->padlen); /* remaining bytes in padding buffer */ + if (in_data_len >= i) { /* enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, i, unsigned char); + self->padlen += i; + in_data_len -= i; + in_data_start = i; + if (in_data_len>0 || self->padding_mode == 0) { + rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); + } + self->padlen = 0; + has_tmp_block = 1; + } + } + else { /* not enough data to fill pad */ + Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); + self->padlen += (int)in_data_len; + in_data_len = 0; + } + } /* padlen > 0 */ + + /* here: a/ padlen == 1..16 && in_data_len == 0; b/ padlen == 0 && in_data_len > 0 */ + if (in_data_len>0) { + i = (unsigned long)(in_data_len % blen); + if (i>0) { /* save tail of data into pad */ + Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); + self->padlen = i; + in_data_len -= i; + } + } + + if (in_data_len>0) { + if (self->padlen == 0 && self->padding_mode !=0) { + /* in case of padding keep full pad if no more data */ + Copy(in_data+in_data_start+in_data_len-blen, self->pad, blen, unsigned char); + self->padlen = blen; + in_data_len -= blen; + } + i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); + if (i > 0) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + i + 1) + out_len; + out_len += i; + if (has_tmp_block) { + Copy(tmp_block, out_data, blen, unsigned char); + out_data += blen; + } + rv = ecb_decrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); + } + } + } /* in_data_len>0 */ + else if (has_tmp_block) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + blen + 1) + out_len; + out_len += blen; + Copy(tmp_block, out_data, blen, unsigned char); + } } - } /* padlen > 0 */ - - i = (unsigned long)(in_data_len % blen); - if (in_data_len>0 && i>0) { /* save tail of data into pad */ - Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); - self->padlen = i; - in_data_len -= i; - } - - if (in_data_len>0) { - i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); - RETVAL = NEWSV(0, i); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, i); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (has_tmp_block) { - Copy(tmp_block, out_data, blen, unsigned char); - out_data += blen; + else { + SvREFCNT_dec(RETVAL); + croak("FATAL: call start_decryt or start_encrpyt first (%d)", self->direction); } - rv = ecb_encrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); - } /* in_data_len>0 */ - else if (has_tmp_block) { - RETVAL = newSVpvn((char*)tmp_block, blen); - } - else { - RETVAL = newSVpvn("", 0); } } + if (out_len > 0) SvCUR_set(RETVAL, out_len); } OUTPUT: RETVAL SV * -_finish_enc(Crypt::Mode::ECB self) +finish(Crypt::Mode::ECB self) CODE: { - unsigned char tmp_block[MAXBLOCKSIZE]; - int rv, blen, i, j; + unsigned char tmp_block[MAXBLOCKSIZE], ch; + int i, j, rv, blen = (&self->state)->blocklen; - blen = (&self->state)->blocklen; - if (self->padlen<0 || self->padlen>=blen) croak("FATAL: invalid padlen"); - - if(self->padding_mode == 1) { /* pkcs5|7 padding */ - i = blen - self->padlen; - if (i == 0) i = blen; - for(j=self->padlen; jpad[j] = (unsigned char)i; - rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + if (self->direction == 1) { + if (self->padlen<0 || self->padlen>=blen) croak("FATAL: invalid padlen"); + if (self->padding_mode == 1) { /* pkcs5|7 padding */ + i = blen - self->padlen; + if (i == 0) i = blen; + for(j=self->padlen; jpad[j] = (unsigned char)i; + rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + } + else if (self->padding_mode == 2) { /* oneandzeroes padding */ + self->pad[self->padlen] = 0x80; + for(j=self->padlen+1; jpad[j] = 0; + rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + } + else { + if (self->padlen>0) croak("FATAL: ecb_encrypt, input data length not multiple of %d", blen); + blen = 0; + } } - else if(self->padding_mode == 2) { /* oneandzeroes padding */ - self->pad[self->padlen] = 0x80; - for(j=self->padlen+1; jpad[j] = 0; - rv = ecb_encrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_encrypt failed: %s", error_to_string(rv)); + else if (self->direction == -1) { + if (self->padlen > 0) { + if (self->padlen != blen) croak("FATAL: cipher text length has to be multiple of %d (%d)", blen, self->padlen); + rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); + if (rv != CRYPT_OK) croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); + if (self->padding_mode == 0) { /* no padding */ + /* we already have blen */ + } + else if (self->padding_mode == 1) { /* pkcs5|7 padding */ + ch = tmp_block[blen-1]; + blen = blen - (ch > blen ? blen : ch); + } + else if (self->padding_mode == 2) { /* oneandzeroes padding */ + while ((unsigned char)tmp_block[blen - 1] == 0x00) blen--; + if ((unsigned char)tmp_block[blen - 1] == 0x80) blen--; + if (blen < 0) blen = 0; + } + } + else { + blen = 0; + } } else { - if (self->padlen>0) croak("FATAL: ecb_encrypt, input data length not multiple of %d", blen); - blen = 0; + XSRETURN_UNDEF; } self->direction = 0; @@ -153,131 +258,3 @@ _finish_enc(Crypt::Mode::ECB self) } OUTPUT: RETVAL - -SV * -_decrypt(Crypt::Mode::ECB self, SV * data) - CODE: - { - int rv, has_tmp_block, blen; - unsigned long i; - STRLEN in_data_len, in_data_start; - unsigned char *in_data, *out_data, tmp_block[MAXBLOCKSIZE]; - - if (self->direction != -1) croak("FATAL: decrypt error, call start_decryt first (%d)", self->direction); - - blen = (&self->state)->blocklen; - in_data_start = 0; - has_tmp_block = 0; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - - if(self->padlen == blen) { - rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; - } /* padlen == blen */ - else if(self->padlen > 0) { - i = (blen - self->padlen); /* remaining bytes in padding buffer */ - if (in_data_len >= i) { /* enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, i, unsigned char); - self->padlen += i; - in_data_len -= i; - in_data_start = i; - if (in_data_len>0 || self->padding_mode == 0) { - rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); - self->padlen = 0; - has_tmp_block = 1; - } - } - else { /* not enough data to fill pad */ - Copy(in_data, self->pad+self->padlen, in_data_len, unsigned char); - self->padlen += (int)in_data_len; - in_data_len = 0; - } - } /* padlen > 0 */ - - /* here: a/ padlen==1..16 && in_data_len==0; b/ padlen==0 && in_data_len>0 */ - if (in_data_len>0) { - i = (unsigned long)(in_data_len % blen); - if (i>0) { /* save tail of data into pad */ - Copy(in_data+in_data_start+in_data_len-i, self->pad, i, unsigned char); - self->padlen = i; - in_data_len -= i; - } - } - - if (in_data_len>0) { - if(self->padlen == 0 && self->padding_mode !=0) { - /* in case of padding keep full pad if no more data */ - Copy(in_data+in_data_start+in_data_len-blen, self->pad, blen, unsigned char); - self->padlen = blen; - in_data_len -= blen; - } - i = (unsigned long)(has_tmp_block ? in_data_len + blen : in_data_len); - if (i == 0) { - RETVAL = newSVpvn("", 0); - } - else { - RETVAL = NEWSV(0, i); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, i); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - if (has_tmp_block) { - Copy(tmp_block, out_data, blen, unsigned char); - out_data += blen; - } - rv = ecb_decrypt(in_data+in_data_start, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); - } - } /* in_data_len>0 */ - else if (has_tmp_block) { - RETVAL = newSVpvn((char*)tmp_block, blen); - } - else { - RETVAL = newSVpvn("", 0); - } - } - - } - OUTPUT: - RETVAL - -SV * -_finish_dec(Crypt::Mode::ECB self) - CODE: - { - unsigned char tmp_block[MAXBLOCKSIZE]; - unsigned char i; - int rv, rv_len, blen; - - rv_len = 0; - if (self->padlen > 0) { - blen = (&self->state)->blocklen; - if (self->padlen != blen) croak("FATAL: cipher text length has to be multiple of %d (%d)", blen, self->padlen); - rv = ecb_decrypt(self->pad, tmp_block, blen, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ecb_decrypt failed: %s", error_to_string(rv)); - if(self->padding_mode == 0) { /* no padding */ - rv_len = blen; - } - else if(self->padding_mode == 1) { /* pkcs5|7 padding */ - i = tmp_block[blen-1]; - rv_len = blen - (i>blen ? blen : i); - } - else if(self->padding_mode == 2) { /* oneandzeroes padding */ - rv_len = blen; - while ((unsigned char)tmp_block[rv_len-1] == 0x00) rv_len--; - if ((unsigned char)tmp_block[rv_len-1] == 0x80) rv_len--; - if (rv_len<0) rv_len = 0; - } - } - - self->direction = 0; - RETVAL = newSVpvn((char*)tmp_block, rv_len); - } - OUTPUT: - RETVAL diff --git a/inc/CryptX_Mode_OFB.xs.inc b/inc/CryptX_Mode_OFB.xs.inc index 0d6ce30..1a3447b 100644 --- a/inc/CryptX_Mode_OFB.xs.inc +++ b/inc/CryptX_Mode_OFB.xs.inc @@ -1,17 +1,22 @@ MODULE = CryptX PACKAGE = Crypt::Mode::OFB +PROTOTYPES: DISABLE + ### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! Crypt::Mode::OFB -_new(char * cipher_name, int rounds=0) +new(Class, char * cipher_name, int rounds=0) CODE: { Newz(0, RETVAL, 1, struct ofb_struct); if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->direction = 0; RETVAL->cipher_rounds = rounds; - RETVAL->cipher_id = find_cipher(cipher_name); - if(RETVAL->cipher_id==-1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); + RETVAL->cipher_id = _find_cipher(cipher_name); + if (RETVAL->cipher_id == -1) { + Safefree(RETVAL); + croak("FATAL: find_cipfer failed for '%s'", cipher_name); + } } OUTPUT: RETVAL @@ -21,16 +26,11 @@ DESTROY(Crypt::Mode::OFB self) CODE: Safefree(self); -int -_get_dir(Crypt::Mode::OFB self) - CODE: - RETVAL = self->direction; - OUTPUT: - RETVAL - void -_start(Crypt::Mode::OFB self, int dir, SV * key, SV * iv) - CODE: +start_decrypt(Crypt::Mode::OFB self, SV * key, SV * iv) + ALIAS: + start_encrypt = 1 + PPCODE: { STRLEN k_len=0; unsigned char *k=NULL; @@ -52,45 +52,51 @@ _start(Crypt::Mode::OFB self, int dir, SV * key, SV * iv) croak("FATAL: ofb_start failed: %s", error_to_string(rv)); } - self->direction = dir; + self->direction = ix == 1 ? 1 : -1; + XPUSHs(ST(0)); /* return self */ } SV * -_crypt(Crypt::Mode::OFB self, SV * data) +add(Crypt::Mode::OFB self, ...) CODE: { - int rv; - STRLEN in_data_len; + int rv, j; + STRLEN in_data_len, out_len = 0; unsigned char *in_data, *out_data; - in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { - RETVAL = newSVpvn("", 0); - } - else { - RETVAL = NEWSV(0, in_data_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - - if (self->direction == 1) { - rv = ofb_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ofb_encrypt failed: %s", error_to_string(rv)); - } - else if (self->direction == -1) { - rv = ofb_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); - if (rv != CRYPT_OK) croak("FATAL: ofb_decrypt failed: %s", error_to_string(rv)); - } - else { - croak("FATAL: ofb_crypt failed: call start_encrypt or start_decrypt first"); + RETVAL = newSVpvn("", 0); + for (j = 1; j < items; j++) { + in_data = (unsigned char *)SvPVbyte(ST(j), in_data_len); + if (in_data_len > 0) { + out_data = (unsigned char*)SvGROW(RETVAL, out_len + in_data_len + 1) + out_len; + out_len += in_data_len; + if (self->direction == 1) { + rv = ofb_encrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ofb_encrypt failed: %s", error_to_string(rv)); + } + } + else if (self->direction == -1) { + rv = ofb_decrypt(in_data, out_data, (unsigned long)in_data_len, &self->state); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: ofb_decrypt failed: %s", error_to_string(rv)); + } + } + else { + SvREFCNT_dec(RETVAL); + croak("FATAL: ofb_crypt failed: call start_encrypt or start_decrypt first"); + } } } + if (out_len > 0) SvCUR_set(RETVAL, out_len); } OUTPUT: RETVAL SV * -_finish(Crypt::Mode::OFB self) +finish(Crypt::Mode::OFB self) CODE: self->direction = 0; RETVAL = newSVpvn("", 0); diff --git a/inc/CryptX_PK_DH.xs.inc b/inc/CryptX_PK_DH.xs.inc index 6ec1105..4040800 100644 --- a/inc/CryptX_PK_DH.xs.inc +++ b/inc/CryptX_PK_DH.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::PK::DH +PROTOTYPES: DISABLE + Crypt::PK::DH -_new() +_new(Class) CODE: { int rv; @@ -9,40 +11,68 @@ _new() if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->key.type = -1; RETVAL->pindex = find_prng("chacha20"); - if(RETVAL->pindex==-1) croak("FATAL: find_prng('chacha20') failed"); + if (RETVAL->pindex == -1) { + Safefree(RETVAL); + croak("FATAL: find_prng('chacha20') failed"); + } rv = rng_make_prng(320, RETVAL->pindex, &RETVAL->pstate, NULL); /* 320bits = 40bytes */ - if (rv != CRYPT_OK) croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL void -_generate_key(Crypt::PK::DH self, int key_size=256) +_generate_key_size(Crypt::PK::DH self, int groupsize=256) PPCODE: { int rv; - /* gen the key */ - rv = dh_make_key(&self->pstate, self->pindex, key_size, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_make_key failed: %s", error_to_string(rv)); + rv = dh_set_pg_groupsize(groupsize, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_pg_groupsize failed: %s", error_to_string(rv)); + rv = dh_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_generate_key failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } void -_generate_key_ex(Crypt::PK::DH self, SV * g, SV * p) +_generate_key_gp(Crypt::PK::DH self, char *g, char *p) PPCODE: { int rv; - STRLEN p_len = 0; - STRLEN g_len = 0; - unsigned char *p_ptr=NULL; - unsigned char *g_ptr=NULL; + unsigned char pbin[1024], gbin[512]; + unsigned long plen=sizeof(pbin), glen=sizeof(gbin); - p_ptr = (unsigned char *)SvPVbyte(p, p_len); - g_ptr = (unsigned char *)SvPVbyte(g, g_len); + if (p && strlen(p) > 0 && g && strlen(g) > 0) { + rv = radix_to_bin(p, 16, pbin, &plen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv)); + rv = radix_to_bin(g, 16, gbin, &glen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(g) failed: %s", error_to_string(rv)); + rv = dh_set_pg(pbin, plen, gbin, glen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_pg failed: %s", error_to_string(rv)); + rv = dh_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_generate_key failed: %s", error_to_string(rv)); + } + + XPUSHs(ST(0)); /* return self */ + } + +void +_generate_key_dhparam(Crypt::PK::DH self, SV * dhparam) + PPCODE: + { + int rv; + unsigned char *data=NULL; + STRLEN data_len=0; + data = (unsigned char *)SvPVbyte(dhparam, data_len); + /* load d p q */ + rv = dh_set_pg_dhparam(data, (unsigned long)data_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_pg_dhparam failed: %s", error_to_string(rv)); /* gen the key */ - rv = dh_make_key_ex(&self->pstate, self->pindex, (const char *) g_ptr, (const char *) p_ptr, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_make_key_ex failed: %s", error_to_string(rv)); + rv = dh_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_generate_key failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } @@ -68,21 +98,34 @@ _import_raw(Crypt::PK::DH self, SV * raw_key, int type, char * g, char * p) int rv; unsigned char *data=NULL; STRLEN data_len=0; + unsigned char pbin[1024], gbin[512]; + unsigned long plen=sizeof(pbin), glen=sizeof(gbin); data = (unsigned char *)SvPVbyte(raw_key, data_len); if (self->key.type != -1) { dh_free(&self->key); self->key.type = -1; } - /* public */ - if (type == 0) { - rv = dh_import_raw(data, (unsigned long)data_len, PK_PUBLIC, g, p, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_import_raw failed: %s", error_to_string(rv)); - } - /* private */ - else if (type == 1) { - rv = dh_import_raw(data, (unsigned long)data_len, PK_PRIVATE, g, p, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_import_raw failed: %s", error_to_string(rv)); - } - else { - croak("FATAL: import_raw invalid type '%d'", type); + + if (p && strlen(p) > 0 && g && strlen(g) > 0) { + rv = radix_to_bin(p, 16, pbin, &plen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv)); + rv = radix_to_bin(g, 16, gbin, &glen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(g) failed: %s", error_to_string(rv)); + + rv = dh_set_pg(pbin, plen, gbin, glen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_pg failed: %s", error_to_string(rv)); + + if (type == 0) { + /* public */ + rv = dh_set_key(data, (unsigned long)data_len, PK_PUBLIC, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_key failed: %s", error_to_string(rv)); + } + else if (type == 1) { + /* private */ + rv = dh_set_key(data, (unsigned long)data_len, PK_PRIVATE, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_set_key failed: %s", error_to_string(rv)); + } + else { + croak("FATAL: import_raw invalid type '%d'", type); + } } XPUSHs(ST(0)); /* return self */ @@ -100,7 +143,7 @@ int size(Crypt::PK::DH self) CODE: if (self->key.type == -1) XSRETURN_UNDEF; - RETVAL = dh_get_size(&self->key); + RETVAL = dh_get_groupsize(&self->key); OUTPUT: RETVAL @@ -114,7 +157,7 @@ key2hash(Crypt::PK::DH self) CODE: if (self->key.type == -1) XSRETURN_UNDEF; rv_hash = newHV(); - /* =====> x */ + /* x */ siz = (self->key.x) ? mp_unsigned_bin_size(self->key.x) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'x' too big number"); @@ -126,7 +169,7 @@ key2hash(Crypt::PK::DH self) else{ not_used = hv_store(rv_hash, "x", 1, newSVpv("", 0), 0); } - /* =====> y */ + /* y */ siz = (self->key.y) ? mp_unsigned_bin_size(self->key.y) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'y' too big number"); @@ -138,7 +181,7 @@ key2hash(Crypt::PK::DH self) else{ not_used = hv_store(rv_hash, "y", 1, newSVpv("", 0), 0); } - /* =====> p */ + /* p */ siz = (self->key.prime) ? mp_unsigned_bin_size(self->key.prime) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'p' too big number"); @@ -151,7 +194,7 @@ key2hash(Crypt::PK::DH self) not_used = hv_store(rv_hash, "p", 1, newSVpv("", 0), 0); } - /* =====> g */ + /* g */ siz = (self->key.base) ? mp_unsigned_bin_size(self->key.base) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'g' too big number"); @@ -163,11 +206,11 @@ key2hash(Crypt::PK::DH self) else { not_used = hv_store(rv_hash, "g", 1, newSVpv("", 0), 0); } - /* =====> size */ - not_used = hv_store(rv_hash, "size", 4, newSViv(dh_get_size(&self->key)), 0); - /* =====> type */ + /* size */ + not_used = hv_store(rv_hash, "size", 4, newSViv(dh_get_groupsize(&self->key)), 0); + /* type */ not_used = hv_store(rv_hash, "type", 4, newSViv(self->key.type), 0); - if (not_used) not_used = NULL; /* just silence the warning: variable 'not_used' set but not used */ + LTC_UNUSED_PARAM(not_used); RETVAL = newRV_noinc((SV*)rv_hash); OUTPUT: RETVAL @@ -182,7 +225,7 @@ params2hash(Crypt::PK::DH self) CODE: if (self->key.type == -1) XSRETURN_UNDEF; rv_hash = newHV(); - /* =====> p */ + /* p */ siz = (self->key.prime) ? mp_unsigned_bin_size(self->key.prime) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'p' too big number"); @@ -195,7 +238,7 @@ params2hash(Crypt::PK::DH self) not_used = hv_store(rv_hash, "p", 1, newSVpv("", 0), 0); } - /* =====> g */ + /* g */ siz = (self->key.base) ? mp_unsigned_bin_size(self->key.base) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'g' too big number"); @@ -238,89 +281,6 @@ export_key(Crypt::PK::DH self, char * type) OUTPUT: RETVAL -SV * -_encrypt(Crypt::PK::DH self, SV * data, char * hash_name) - CODE: - { - int rv, hash_id; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned long buffer_len = 1024; - unsigned char buffer[1024]; - - data_ptr = (unsigned char *)SvPVbyte(data, data_len); - - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); - rv = dh_encrypt_key(data_ptr, (unsigned long)data_len, buffer, &buffer_len, - &self->pstate, self->pindex, - hash_id, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_encrypt_key failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char*)buffer, buffer_len); - } - OUTPUT: - RETVAL - -SV * -_decrypt(Crypt::PK::DH self, SV * data) - CODE: - { - int rv; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned long buffer_len = 1024; - unsigned char buffer[1024]; - - data_ptr = (unsigned char *)SvPVbyte(data, data_len); - - rv = dh_decrypt_key(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_decrypt_key failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char*)buffer, buffer_len); - } - OUTPUT: - RETVAL - -SV * -_sign(Crypt::PK::DH self, SV * data) - CODE: - { - int rv; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned long buffer_len = 1024; - unsigned char buffer[1024]; - - data_ptr = (unsigned char *)SvPVbyte(data, data_len); - - rv = dh_sign_hash(data_ptr, (unsigned long)data_len, buffer, &buffer_len, - &self->pstate, self->pindex, - &self->key); - if (rv != CRYPT_OK) croak("FATAL: dh_sign_hash failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char*)buffer, buffer_len); - } - OUTPUT: - RETVAL - -int -_verify(Crypt::PK::DH self, SV * sig, SV * data) - CODE: - { - int rv, stat; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char *sig_ptr=NULL; - STRLEN sig_len=0; - - data_ptr = (unsigned char *)SvPVbyte(data, data_len); - sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len); - - RETVAL = 1; - rv = dh_verify_hash(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, &stat, &self->key); - if (rv != CRYPT_OK || stat != 1) RETVAL = 0; - } - OUTPUT: - RETVAL - SV * shared_secret(Crypt::PK::DH self, Crypt::PK::DH pubkey) CODE: @@ -341,79 +301,23 @@ export_key_raw(Crypt::PK::DH self, char * type) CODE: { int rv; - unsigned long len, buffer_len = 1024; - unsigned char buffer[1024]; - void *key; + unsigned char out[1024]; + unsigned long out_len = 1024; RETVAL = newSVpvn(NULL, 0); /* undef */ if (strnEQ(type, "private", 7)) { - key = self->key.x; + rv = dh_export_key(out, &out_len, PK_PRIVATE, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_export_key(PK_PRIVATE) failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "public", 6)) { - key = self->key.y; + rv = dh_export_key(out, &out_len, PK_PUBLIC, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dh_export_key(PK_PUBLIC) failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char*)out, out_len); } else { croak("FATAL: export_key_raw: invalid type '%s'", type); } - - len = (unsigned long)mp_unsigned_bin_size(key); - if (buffer_len < len) { - croak("FATAL: %s", error_to_string(CRYPT_BUFFER_OVERFLOW)); - } - rv = mp_to_unsigned_bin(key, buffer); - if (rv != CRYPT_OK) croak("FATAL: %s", error_to_string(rv)); - RETVAL = newSVpvn((char*)buffer, len); - } - OUTPUT: - RETVAL - -int -_is_pubkey_valid(Crypt::PK::DH self); - CODE: - { - int rv, i, bits_set = 0; - mp_int one, two, p1, *y; - mp_digit digit; - - if ((rv = mp_init_multi(&one, &two, &p1, NULL)) != MP_OKAY) { - croak("FATAL: %s", error_to_string(rv)); - } - - y = self->key.y; - mp_set(&one, 1); - mp_set(&two, 2); - - /* p1 = p-1 */ - if ((rv = mp_sub(self->key.prime, &one, &p1)) != MP_OKAY) { - croak("FATAL: %s", error_to_string(rv)); - } - /* valid public key cannot be negative */ - if (y->sign == MP_NEG) { - RETVAL = 0; - } - /* valid public key != 1 */ - else if (mp_cmp(y, &one) == MP_EQ) { - RETVAL = 0; - } - /* public key cannot be > p-1 */ - else if (mp_cmp(y, &p1) == MP_GT) { - RETVAL = 0; - } - /* if base == 2, public must have more than one bit set */ - else if (mp_cmp(self->key.base, &two) == MP_EQ) { - for (i = 0; i < y->used; i++) { - digit = y->dp[i]; - while (digit > ((mp_digit) 0)) { - if (digit & ((mp_digit) 1)) - bits_set++; - digit >>= ((mp_digit) 1); - } - } - if (bits_set > 1) - RETVAL = 1; - else RETVAL = 0; - } - else RETVAL = 1; } OUTPUT: RETVAL @@ -423,4 +327,3 @@ DESTROY(Crypt::PK::DH self) CODE: if (self->key.type != -1) { dh_free(&self->key); self->key.type = -1; } Safefree(self); - diff --git a/inc/CryptX_PK_DSA.xs.inc b/inc/CryptX_PK_DSA.xs.inc index 0e1622d..d1673f4 100644 --- a/inc/CryptX_PK_DSA.xs.inc +++ b/inc/CryptX_PK_DSA.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::PK::DSA +PROTOTYPES: DISABLE + Crypt::PK::DSA -_new() +_new(Class) CODE: { int rv; @@ -9,15 +11,21 @@ _new() if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->key.type = -1; RETVAL->pindex = find_prng("chacha20"); - if(RETVAL->pindex==-1) croak("FATAL: find_prng('chacha20') failed"); + if (RETVAL->pindex == -1) { + Safefree(RETVAL); + croak("FATAL: find_prng('chacha20') failed"); + } rv = rng_make_prng(320, RETVAL->pindex, &RETVAL->pstate, NULL); /* 320bits = 40bytes */ - if (rv != CRYPT_OK) croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL void -generate_key(Crypt::PK::DSA self, int group_size=30, int modulus_size=256) +_generate_key_size(Crypt::PK::DSA self, int group_size=30, int modulus_size=256) PPCODE: { int rv; @@ -27,6 +35,48 @@ generate_key(Crypt::PK::DSA self, int group_size=30, int modulus_size=256) XPUSHs(ST(0)); /* return self */ } +void +_generate_key_dsaparam(Crypt::PK::DSA self, SV * dsaparam) + PPCODE: + { + int rv; + unsigned char *data=NULL; + STRLEN data_len=0; + data = (unsigned char *)SvPVbyte(dsaparam, data_len); + /* load d p q */ + rv = dsa_set_pqg_dsaparam(data, (unsigned long)data_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_set_pqg_dsaparam failed: %s", error_to_string(rv)); + /* gen the key */ + rv = dsa_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_generate_key failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ + } + +void +_generate_key_pqg_hex(Crypt::PK::DSA self, char *p, char *q, char *g) + PPCODE: + { + int rv; + unsigned char pbin[512], qbin[512], gbin[512]; + unsigned long plen=sizeof(pbin), qlen=sizeof(qbin), glen=sizeof(gbin); + if (!p || !strlen(p) || !q || !strlen(q) || !g || !strlen(g)) { + croak("FATAL: generate_key_pqg_hex incomplete args"); + } + /* set p q g */ + rv = radix_to_bin(p, 16, pbin, &plen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv)); + rv = radix_to_bin(q, 16, qbin, &qlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(q) failed: %s", error_to_string(rv)); + rv = radix_to_bin(g, 16, gbin, &glen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(g) failed: %s", error_to_string(rv)); + rv = dsa_set_pqg(pbin, plen, qbin, qlen, gbin, glen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_set_pqg failed: %s", error_to_string(rv)); + /* gen the key */ + rv = dsa_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_generate_key failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ + } + void _import(Crypt::PK::DSA self, SV * key_data) PPCODE: @@ -47,9 +97,37 @@ _import_hex(Crypt::PK::DSA self, char *p, char *q, char *g, char *x, char *y) PPCODE: { int rv; + unsigned char pbin[512], qbin[512], gbin[512], xbin[512], ybin[512]; + unsigned long plen=sizeof(pbin), qlen=sizeof(qbin), glen=sizeof(gbin), xlen=sizeof(xbin), ylen=sizeof(ybin); + if (self->key.type != -1) { dsa_free(&self->key); self->key.type = -1; } - rv = dsa_import_radix(16, p, q, g, x, y, &self->key); - if (rv != CRYPT_OK) croak("FATAL: dsa_import_radix failed: %s", error_to_string(rv)); + + if (p && strlen(p) > 0 && q && strlen(q) > 0 && g && strlen(g) > 0 && y && strlen(y) > 0) { + rv = radix_to_bin(p, 16, pbin, &plen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv)); + rv = radix_to_bin(q, 16, qbin, &qlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(q) failed: %s", error_to_string(rv)); + rv = radix_to_bin(g, 16, gbin, &glen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(g) failed: %s", error_to_string(rv)); + rv = dsa_set_pqg(pbin, plen, qbin, qlen, gbin, glen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_set_pqg failed: %s", error_to_string(rv)); + + rv = radix_to_bin(y, 16, ybin, &ylen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(y) failed: %s", error_to_string(rv)); + if (x && strlen(x) > 0) { + /* private */ + rv = radix_to_bin(x, 16, xbin, &xlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(x) failed: %s", error_to_string(rv)); + rv = dsa_set_key(xbin, xlen, PK_PRIVATE, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_set_key failed: %s", error_to_string(rv)); + } + else { + /* public */ + rv = dsa_set_key(ybin, ylen, PK_PUBLIC, &self->key); + if (rv != CRYPT_OK) croak("FATAL: dsa_set_key failed: %s", error_to_string(rv)); + } + } + XPUSHs(ST(0)); /* return self */ } @@ -65,7 +143,7 @@ int size(Crypt::PK::DSA self) CODE: if (self->key.type == -1 || self->key.qord <= 0) XSRETURN_UNDEF; - RETVAL = mp_unsigned_bin_size(self->key.g); + RETVAL = mp_unsigned_bin_size(self->key.p); OUTPUT: RETVAL @@ -73,7 +151,7 @@ int size_q(Crypt::PK::DSA self) CODE: if (self->key.type == -1 || self->key.qord <= 0) XSRETURN_UNDEF; - RETVAL = self->key.qord; + RETVAL = mp_unsigned_bin_size(self->key.q); OUTPUT: RETVAL @@ -89,7 +167,7 @@ key2hash(Crypt::PK::DSA self) qsize = mp_unsigned_bin_size(self->key.q); psize = mp_unsigned_bin_size(self->key.p); rv_hash = newHV(); - /* =====> g */ + /* g */ siz = (self->key.g) ? mp_unsigned_bin_size(self->key.g) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'g' too big number"); @@ -101,7 +179,7 @@ key2hash(Crypt::PK::DSA self) else{ not_used = hv_store(rv_hash, "g", 1, newSVpv("", 0), 0); } - /* =====> q */ + /* q */ siz = (self->key.q) ? mp_unsigned_bin_size(self->key.q) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'q' too big number"); @@ -113,7 +191,7 @@ key2hash(Crypt::PK::DSA self) else{ not_used = hv_store(rv_hash, "q", 1, newSVpv("", 0), 0); } - /* =====> p */ + /* p */ siz = (self->key.p) ? mp_unsigned_bin_size(self->key.p) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'p' too big number"); @@ -125,7 +203,7 @@ key2hash(Crypt::PK::DSA self) else{ not_used = hv_store(rv_hash, "p", 1, newSVpv("", 0), 0); } - /* =====> x */ + /* x */ siz = (self->key.x) ? mp_unsigned_bin_size(self->key.x) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'x' too big number"); @@ -137,7 +215,7 @@ key2hash(Crypt::PK::DSA self) else{ not_used = hv_store(rv_hash, "x", 1, newSVpv("", 0), 0); } - /* =====> y */ + /* y */ siz = (self->key.y) ? mp_unsigned_bin_size(self->key.y) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'y' too big number"); @@ -149,11 +227,11 @@ key2hash(Crypt::PK::DSA self) else{ not_used = hv_store(rv_hash, "y", 1, newSVpv("", 0), 0); } - /* =====> size */ + /* size */ not_used = hv_store(rv_hash, "size", 4, newSViv(qsize), 0); - /* =====> type */ + /* type */ not_used = hv_store(rv_hash, "type", 4, newSViv(self->key.type), 0); - if (not_used) not_used = NULL; /* just silence the warning: variable 'not_used' set but not used */ + LTC_UNUSED_PARAM(not_used); RETVAL = newRV_noinc((SV*)rv_hash); OUTPUT: RETVAL @@ -185,7 +263,7 @@ export_key_der(Crypt::PK::DSA self, char * type) RETVAL SV * -_encrypt(Crypt::PK::DSA self, SV * data, char * hash_name) +encrypt(Crypt::PK::DSA self, SV * data, const char * hash_name = "SHA1") CODE: { int rv, hash_id; @@ -196,8 +274,8 @@ _encrypt(Crypt::PK::DSA self, SV * data, char * hash_name) data_ptr = (unsigned char *)SvPVbyte(data, data_len); - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = dsa_encrypt_key(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &self->pstate, self->pindex, hash_id, &self->key); @@ -208,7 +286,7 @@ _encrypt(Crypt::PK::DSA self, SV * data, char * hash_name) RETVAL SV * -_decrypt(Crypt::PK::DSA self, SV * data) +decrypt(Crypt::PK::DSA self, SV * data) CODE: { int rv; @@ -227,17 +305,25 @@ _decrypt(Crypt::PK::DSA self, SV * data) RETVAL SV * -_sign(Crypt::PK::DSA self, SV * data) +sign_hash(Crypt::PK::DSA self, SV * data, const char * hash_name = "SHA1") + ALIAS: + sign_message = 1 CODE: { - int rv; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char buffer[1024]; - unsigned long buffer_len = 1024; + int rv, id; + unsigned char buffer[1024], tmp[MAXBLOCKSIZE], *data_ptr = NULL; + unsigned long tmp_len = MAXBLOCKSIZE, buffer_len = 1024; + STRLEN data_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); - + if (ix == 1) { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } rv = dsa_sign_hash(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &self->pstate, self->pindex, &self->key); @@ -248,19 +334,28 @@ _sign(Crypt::PK::DSA self, SV * data) RETVAL int -_verify(Crypt::PK::DSA self, SV * sig, SV * data) +verify_hash(Crypt::PK::DSA self, SV * sig, SV * data, const char * hash_name = "SHA1") + ALIAS: + verify_message = 1 CODE: { - int rv, stat; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char *sig_ptr=NULL; - STRLEN sig_len=0; + int rv, stat, id; + unsigned char tmp[MAXBLOCKSIZE], *data_ptr = NULL, *sig_ptr = NULL; + unsigned long tmp_len = MAXBLOCKSIZE; + STRLEN data_len = 0, sig_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len); - + if (ix == 1) { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } RETVAL = 1; + stat = 0; rv = dsa_verify_hash(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, &stat, &self->key); if (rv != CRYPT_OK || stat != 1) RETVAL = 0; } diff --git a/inc/CryptX_PK_ECC.xs.inc b/inc/CryptX_PK_ECC.xs.inc index e3db8ff..751b7d8 100644 --- a/inc/CryptX_PK_ECC.xs.inc +++ b/inc/CryptX_PK_ECC.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::PK::ECC +PROTOTYPES: DISABLE + Crypt::PK::ECC -_new() +_new(Class) CODE: { int rv; @@ -9,10 +11,15 @@ _new() if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->pindex = find_prng("chacha20"); RETVAL->key.type = -1; - ecc_dp_init(&RETVAL->dp); - if(RETVAL->pindex==-1) croak("FATAL: find_prng('chacha20') failed"); + if (RETVAL->pindex == -1) { + Safefree(RETVAL); + croak("FATAL: find_prng('chacha20') failed"); + } rv = rng_make_prng(320, RETVAL->pindex, &RETVAL->pstate, NULL); /* 320bits = 40bytes */ - if (rv != CRYPT_OK) croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -23,10 +30,11 @@ generate_key(Crypt::PK::ECC self, SV *curve) { int rv; /* setup dp structure */ - _ecc_set_dp_from_SV(&self->dp, curve); /* croaks on error */ + rv = _ecc_set_dp_from_SV(&self->key, curve); /* croaks on error */ + if (rv != CRYPT_OK) croak("FATAL: ecc_set_dp failed: %s", error_to_string(rv)); /* gen the key */ - rv = ecc_make_key_ex(&self->pstate, self->pindex, &self->key, &self->dp); - if (rv != CRYPT_OK) croak("FATAL: ecc_make_key_ex failed: %s", error_to_string(rv)); + rv = ecc_generate_key(&self->pstate, self->pindex, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_generate_key failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } @@ -39,14 +47,32 @@ _import(Crypt::PK::ECC self, SV * key_data) STRLEN data_len=0; data = (unsigned char *)SvPVbyte(key_data, data_len); - _ecc_free_key(&self->key, &self->dp); - rv = ecc_import_full(data, (unsigned long)data_len, &self->key, &self->dp); - if (rv != CRYPT_OK) croak("FATAL: ecc_import_full failed: %s", error_to_string(rv)); + if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; } + rv = ecc_import_openssl(data, (unsigned long)data_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_import_openssl failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } void -_import_pkcs8(Crypt::PK::ECC self, SV * key_data) +_import_pkcs8(Crypt::PK::ECC self, SV * key_data, SV * passwd) + PPCODE: + { + int rv; + unsigned char *data=NULL, *pwd=NULL; + STRLEN data_len=0, pwd_len=0; + + data = (unsigned char *)SvPVbyte(key_data, data_len); + if (SvOK(passwd)) { + pwd = (unsigned char *)SvPVbyte(passwd, pwd_len); + } + if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; } + rv = ecc_import_pkcs8(data, (unsigned long)data_len, pwd, (unsigned long)pwd_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_import_pkcs8 failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ + } + +void +_import_x509(Crypt::PK::ECC self, SV * key_data) PPCODE: { int rv; @@ -54,9 +80,9 @@ _import_pkcs8(Crypt::PK::ECC self, SV * key_data) STRLEN data_len=0; data = (unsigned char *)SvPVbyte(key_data, data_len); - _ecc_free_key(&self->key, &self->dp); - rv = ecc_import_pkcs8(data, (unsigned long)data_len, NULL, 0, &self->key, &self->dp); - if (rv != CRYPT_OK) croak("FATAL: ecc_import_pkcs8 failed: %s", error_to_string(rv)); + if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; } + rv = ecc_import_x509(data, (unsigned long)data_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_import_x509 failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } @@ -64,17 +90,19 @@ void import_key_raw(Crypt::PK::ECC self, SV * key_data, SV * curve) PPCODE: { - int rv; + int rv, type; unsigned char *data=NULL; STRLEN data_len=0; data = (unsigned char *)SvPVbyte(key_data, data_len); - _ecc_free_key(&self->key, &self->dp); - - _ecc_set_dp_from_SV(&self->dp, curve); /* croaks on error */ - - rv = ecc_import_raw(data, (unsigned long)data_len, &self->key, &self->dp); - if (rv != CRYPT_OK) croak("FATAL: ecc_import_raw failed: %s", error_to_string(rv)); + if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; } + /* setup dp structure */ + rv = _ecc_set_dp_from_SV(&self->key, curve); /* croaks on error */ + if (rv != CRYPT_OK) croak("FATAL: ecc_set_dp failed: %s", error_to_string(rv)); + /* import key */ + type = (data_len == (STRLEN)ecc_get_size(&self->key)) ? PK_PRIVATE : PK_PUBLIC; + rv = ecc_set_key(data, (unsigned long)data_len, type, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_set_key failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } @@ -105,7 +133,7 @@ key2hash(Crypt::PK::ECC self) if (self->key.type == -1) XSRETURN_UNDEF; esize = ecc_get_size(&self->key); rv_hash = newHV(); - /* =====> k */ + /* k */ siz = (self->key.k) ? mp_unsigned_bin_size(self->key.k) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'k' too big number"); @@ -117,7 +145,7 @@ key2hash(Crypt::PK::ECC self) else{ not_used = hv_store(rv_hash, "k", 1, newSVpv("", 0), 0); } - /* =====> pub_x */ + /* pub_x */ siz = (self->key.pubkey.x) ? mp_unsigned_bin_size(self->key.pubkey.x) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'pub_x' too big number"); @@ -129,7 +157,7 @@ key2hash(Crypt::PK::ECC self) else{ not_used = hv_store(rv_hash, "pub_x", 5, newSVpv("", 0), 0); } - /* =====> pub_y */ + /* pub_y */ siz = (self->key.pubkey.y) ? mp_unsigned_bin_size(self->key.pubkey.y) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'pub_y' too big number"); @@ -141,62 +169,56 @@ key2hash(Crypt::PK::ECC self) else{ not_used = hv_store(rv_hash, "pub_y", 5, newSVpv("", 0), 0); } - /* =====> curve_... */ - if (self->key.dp) { - not_used = hv_store(rv_hash, "curve_cofactor", 14, newSViv(self->key.dp->cofactor), 0); - /* prepend leading zero if we have odd number of hexadecimal digits */ - strncpy(buf, self->key.dp->prime, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_prime", 11, newSVpv(buf, strlen(buf)), 0); - strncpy(buf, self->key.dp->A, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_A", 7, newSVpv(buf, strlen(buf)), 0); - strncpy(buf, self->key.dp->B, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_B", 7, newSVpv(buf, strlen(buf)), 0); - strncpy(buf, self->key.dp->order, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_order", 11, newSVpv(buf, strlen(buf)), 0); - strncpy(buf, self->key.dp->Gx, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_Gx", 8, newSVpv(buf, strlen(buf)), 0); - strncpy(buf, self->key.dp->Gy, 20000); str_add_leading_zero(buf, 20000, 0); - not_used = hv_store(rv_hash, "curve_Gy", 8, newSVpv(buf, strlen(buf)), 0); - /* OLD approach - not_used = hv_store(rv_hash, "curve_prime", 11, newSVpv(self->key.dp->prime, strlen(self->key.dp->prime)), 0); - not_used = hv_store(rv_hash, "curve_A", 7, newSVpv(self->key.dp->A, strlen(self->key.dp->A)), 0); - not_used = hv_store(rv_hash, "curve_B", 7, newSVpv(self->key.dp->B, strlen(self->key.dp->B)), 0); - not_used = hv_store(rv_hash, "curve_order", 11, newSVpv(self->key.dp->order, strlen(self->key.dp->order)), 0); - not_used = hv_store(rv_hash, "curve_Gx", 8, newSVpv(self->key.dp->Gx, strlen(self->key.dp->Gx)), 0); - not_used = hv_store(rv_hash, "curve_Gy", 8, newSVpv(self->key.dp->Gy, strlen(self->key.dp->Gy)), 0); - */ - { - mp_int p_num; - mp_init(&p_num); - mp_read_radix(&p_num, self->key.dp->prime, 16); - not_used = hv_store(rv_hash, "curve_bytes", 11, newSViv(mp_unsigned_bin_size(&p_num)), 0); - not_used = hv_store(rv_hash, "curve_bits", 10, newSViv(mp_count_bits(&p_num)), 0); - mp_clear(&p_num); - } - { - unsigned long i; - SV *name; - char *name_ptr; - STRLEN name_len; + /* curve_... */ + { + not_used = hv_store(rv_hash, "curve_cofactor", 14, newSViv(self->key.dp.cofactor), 0); + mp_tohex_with_leading_zero(self->key.dp.prime, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_prime", 11, newSVpv(buf, strlen(buf)), 0); + mp_tohex_with_leading_zero(self->key.dp.A, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_A", 7, newSVpv(buf, strlen(buf)), 0); + mp_tohex_with_leading_zero(self->key.dp.B, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_B", 7, newSVpv(buf, strlen(buf)), 0); + mp_tohex_with_leading_zero(self->key.dp.order, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_order", 11, newSVpv(buf, strlen(buf)), 0); + mp_tohex_with_leading_zero(self->key.dp.base.x, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_Gx", 8, newSVpv(buf, strlen(buf)), 0); + mp_tohex_with_leading_zero(self->key.dp.base.y, buf, 20000, 0); + not_used = hv_store(rv_hash, "curve_Gy", 8, newSVpv(buf, strlen(buf)), 0); + not_used = hv_store(rv_hash, "curve_bytes", 11, newSViv(mp_unsigned_bin_size(self->key.dp.prime)), 0); + not_used = hv_store(rv_hash, "curve_bits", 10, newSViv(mp_count_bits(self->key.dp.prime)), 0); - name = newSVpv(self->key.dp->name, strlen(self->key.dp->name)); - name_ptr = SvPV(name, name_len); - for (i=0; i0; i++) name_ptr[i] = toLOWER(name_ptr[i]); - not_used = hv_store(rv_hash, "curve_name", 10, name, 0); - } - if (self->key.dp->oid.OIDlen > 0) { + if (self->key.dp.oidlen > 0) { unsigned long i; + HV *h; + SV **pref, *cname; + char *cname_ptr, *oid_ptr; + STRLEN cname_len; + + /* OID -> "curve_oid" */ SV *oid = newSVpv("", 0); - for(i = 0; i < self->key.dp->oid.OIDlen - 1; i++) sv_catpvf(oid, "%lu.", self->key.dp->oid.OID[i]); - sv_catpvf(oid, "%lu", self->key.dp->oid.OID[i]); + for(i = 0; i < self->key.dp.oidlen - 1; i++) sv_catpvf(oid, "%lu.", self->key.dp.oid[i]); + sv_catpvf(oid, "%lu", self->key.dp.oid[i]); + oid_ptr = SvPVX(oid); not_used = hv_store(rv_hash, "curve_oid", 9, oid, 0); + + /* curve name -> "curve_name" */ + if ((h = get_hv("Crypt::PK::ECC::curve2ltc", 0)) != NULL) { + pref = hv_fetch(h, oid_ptr, (U32)strlen(oid_ptr), 0); + if (pref) { + cname_ptr = SvPV(*pref, cname_len); + cname = newSVpv(cname_ptr, cname_len); + cname_ptr = SvPVX(cname); + for (i=0; i0; i++) cname_ptr[i] = toLOWER(cname_ptr[i]); + not_used = hv_store(rv_hash, "curve_name", 10, cname, 0); + } + } } } - /* =====> size */ + /* size */ not_used = hv_store(rv_hash, "size", 4, newSViv(esize), 0); - /* =====> type */ + /* type */ not_used = hv_store(rv_hash, "type", 4, newSViv(self->key.type), 0); - if (not_used) not_used = NULL; /* just silence the warning: variable 'not_used' set but not used */ + LTC_UNUSED_PARAM(not_used); RETVAL = newRV_noinc((SV*)rv_hash); OUTPUT: RETVAL @@ -209,25 +231,35 @@ export_key_der(Crypt::PK::ECC self, char * type) unsigned char out[4096]; unsigned long int out_len = 4096; - RETVAL = newSVpvn(NULL, 0); /* undef */ + if (self->key.type == -1) croak("FATAL: export_key_der no key"); if (strnEQ(type, "private_short", 16)) { - rv = ecc_export_full(out, &out_len, PK_PRIVATE|PK_CURVEOID, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export(PK_PRIVATE|PK_CURVEOID) failed: %s", error_to_string(rv)); + rv = ecc_export_openssl(out, &out_len, PK_PRIVATE|PK_CURVEOID, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PRIVATE|PK_CURVEOID) failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char*)out, out_len); + } + else if (strnEQ(type, "private_compressed", 16)) { + rv = ecc_export_openssl(out, &out_len, PK_PRIVATE|PK_CURVEOID|PK_COMPRESSED, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PRIVATE|PK_CURVEOID|PK_COMPRESSED) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "private", 7)) { - rv = ecc_export_full(out, &out_len, PK_PRIVATE, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export(PK_PRIVATE) failed: %s", error_to_string(rv)); + rv = ecc_export_openssl(out, &out_len, PK_PRIVATE, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PRIVATE) failed: %s", error_to_string(rv)); + RETVAL = newSVpvn((char*)out, out_len); + } + else if (strnEQ(type, "public_compressed", 15)) { + rv = ecc_export_openssl(out, &out_len, PK_PUBLIC|PK_CURVEOID|PK_COMPRESSED, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PUBLIC|PK_CURVEOID|PK_COMPRESSED) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "public_short", 15)) { - rv = ecc_export_full(out, &out_len, PK_PUBLIC|PK_CURVEOID, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export(PK_PUBLIC|PK_CURVEOID) failed: %s", error_to_string(rv)); + rv = ecc_export_openssl(out, &out_len, PK_PUBLIC|PK_CURVEOID, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PUBLIC|PK_CURVEOID) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "public", 6)) { - rv = ecc_export_full(out, &out_len, PK_PUBLIC, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export(PK_PUBLIC) failed: %s", error_to_string(rv)); + rv = ecc_export_openssl(out, &out_len, PK_PUBLIC, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_export_openssl(PK_PUBLIC) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else { @@ -245,20 +277,20 @@ export_key_raw(Crypt::PK::ECC self, char * type) unsigned char out[4096]; unsigned long int out_len = sizeof(out); - RETVAL = newSVpvn(NULL, 0); /* undef */ + if (self->key.type == -1) croak("FATAL: export_key_der no key"); if (strnEQ(type, "private", 7)) { - rv = ecc_export_raw(out, &out_len, PK_PRIVATE, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export_raw(private) failed: %s", error_to_string(rv)); + rv = ecc_get_key(out, &out_len, PK_PRIVATE, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_get_key(private) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "public_compressed", 17)) { - rv = ecc_export_raw(out, &out_len, PK_PUBLIC_COMPRESSED, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export_raw(public_compressed) failed: %s", error_to_string(rv)); + rv = ecc_get_key(out, &out_len, PK_PUBLIC|PK_COMPRESSED, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_get_key(public_compressed) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else if (strnEQ(type, "public", 6)) { - rv = ecc_export_raw(out, &out_len, PK_PUBLIC, &self->key); - if (rv != CRYPT_OK) croak("FATAL: ecc_export_raw(public) failed: %s", error_to_string(rv)); + rv = ecc_get_key(out, &out_len, PK_PUBLIC, &self->key); + if (rv != CRYPT_OK) croak("FATAL: ecc_get_key(public) failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char*)out, out_len); } else { @@ -269,7 +301,7 @@ export_key_raw(Crypt::PK::ECC self, char * type) RETVAL SV * -_encrypt(Crypt::PK::ECC self, SV * data, char * hash_name) +encrypt(Crypt::PK::ECC self, SV * data, const char * hash_name = "SHA1") CODE: { int rv, hash_id; @@ -280,8 +312,8 @@ _encrypt(Crypt::PK::ECC self, SV * data, char * hash_name) data_ptr = (unsigned char *)SvPVbyte(data, data_len); - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = ecc_encrypt_key(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &self->pstate, self->pindex, hash_id, &self->key); @@ -292,7 +324,7 @@ _encrypt(Crypt::PK::ECC self, SV * data, char * hash_name) RETVAL SV * -_decrypt(Crypt::PK::ECC self, SV * data) +decrypt(Crypt::PK::ECC self, SV * data) CODE: { int rv; @@ -311,20 +343,28 @@ _decrypt(Crypt::PK::ECC self, SV * data) RETVAL SV * -_sign(Crypt::PK::ECC self, SV * data) +sign_hash(Crypt::PK::ECC self, SV * data, const char * hash_name = "SHA1") ALIAS: - _sign_rfc7518 = 1 + sign_hash_rfc7518 = 3 + sign_message = 1 + sign_message_rfc7518 = 2 CODE: { - int rv; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char buffer[1024]; - unsigned long buffer_len = 1024; + int rv, id; + unsigned char buffer[1024], tmp[MAXBLOCKSIZE], *data_ptr = NULL; + unsigned long tmp_len = MAXBLOCKSIZE, buffer_len = 1024; + STRLEN data_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); - - if (ix == 1) { + if (ix == 1 || ix == 2) { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } + if (ix == 2 || ix == 3) { rv = ecc_sign_hash_rfc7518(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &self->pstate, self->pindex, &self->key); @@ -341,22 +381,31 @@ _sign(Crypt::PK::ECC self, SV * data) RETVAL int -_verify(Crypt::PK::ECC self, SV * sig, SV * data) +verify_hash(Crypt::PK::ECC self, SV * sig, SV * data, const char * hash_name = "SHA1") ALIAS: - _verify_rfc7518 = 1 + verify_hash_rfc7518 = 3 + verify_message = 1 + verify_message_rfc7518 = 2 CODE: { - int rv, stat; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char *sig_ptr=NULL; - STRLEN sig_len=0; + int rv, stat, id; + unsigned char tmp[MAXBLOCKSIZE], *data_ptr = NULL, *sig_ptr = NULL; + unsigned long tmp_len = MAXBLOCKSIZE; + STRLEN data_len = 0, sig_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len); - + if (ix == 1 || ix == 2) { + id = _find_hash(hash_name); + if (id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } RETVAL = 1; - if (ix == 1) { + stat = 0; + if (ix == 2 || ix == 3) { rv = ecc_verify_hash_rfc7518(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, &stat, &self->key); } else { @@ -385,6 +434,6 @@ shared_secret(Crypt::PK::ECC self, Crypt::PK::ECC pubkey) void DESTROY(Crypt::PK::ECC self) CODE: - _ecc_free_key(&self->key, &self->dp); + if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; } Safefree(self); diff --git a/inc/CryptX_PK_RSA.xs.inc b/inc/CryptX_PK_RSA.xs.inc index 91bcc6e..ef33f10 100644 --- a/inc/CryptX_PK_RSA.xs.inc +++ b/inc/CryptX_PK_RSA.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::PK::RSA +PROTOTYPES: DISABLE + Crypt::PK::RSA -_new() +_new(Class) CODE: { int rv; @@ -9,9 +11,15 @@ _new() if (!RETVAL) croak("FATAL: Newz failed"); RETVAL->key.type = -1; RETVAL->pindex = find_prng("chacha20"); - if(RETVAL->pindex==-1) croak("FATAL: find_prng('chacha20') failed"); + if (RETVAL->pindex == -1) { + Safefree(RETVAL); + croak("FATAL: find_prng('chacha20') failed"); + } rv = rng_make_prng(320, RETVAL->pindex, &RETVAL->pstate, NULL); /* 320bits = 40bytes */ - if (rv != CRYPT_OK) croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rng_make_prng failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -44,7 +52,25 @@ _import(Crypt::PK::RSA self, SV * key_data) } void -_import_pkcs8(Crypt::PK::RSA self, SV * key_data) +_import_pkcs8(Crypt::PK::RSA self, SV * key_data, SV * passwd) + PPCODE: + { + int rv; + unsigned char *data=NULL, *pwd=NULL; + STRLEN data_len=0, pwd_len=0; + + data = (unsigned char *)SvPVbyte(key_data, data_len); + if (SvOK(passwd)) { + pwd = (unsigned char *)SvPVbyte(passwd, pwd_len); + } + if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; } + rv = rsa_import_pkcs8(data, (unsigned long)data_len, pwd, (unsigned long)pwd_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_import_pkcs8 failed: %s", error_to_string(rv)); + XPUSHs(ST(0)); /* return self */ + } + +void +_import_x509(Crypt::PK::RSA self, SV * key_data) PPCODE: { int rv; @@ -53,8 +79,8 @@ _import_pkcs8(Crypt::PK::RSA self, SV * key_data) data = (unsigned char *)SvPVbyte(key_data, data_len); if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; } - rv = rsa_import_pkcs8(data, (unsigned long)data_len, NULL, 0, &self->key); - if (rv != CRYPT_OK) croak("FATAL: rsa_import_pkcs8 failed: %s", error_to_string(rv)); + rv = rsa_import_x509(data, (unsigned long)data_len, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_import_x509 failed: %s", error_to_string(rv)); XPUSHs(ST(0)); /* return self */ } @@ -63,9 +89,50 @@ _import_hex(Crypt::PK::RSA self, char *N, char *e, char *d=NULL, char *p=NULL, c PPCODE: { int rv; - if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; } - rv = rsa_import_radix(16, N, e, d, p, q, dP, dQ, qP, &self->key); - if (rv != CRYPT_OK) croak("FATAL: rsa_import_radix failed: %s", error_to_string(rv)); + unsigned char Nbin[1024], ebin[128], dbin[1024], pbin[512], qbin[512], dPbin[512], dQbin[512], qPbin[512]; + unsigned long Nlen=sizeof(Nbin), elen=sizeof(ebin), dlen=sizeof(dbin), plen=sizeof(pbin), + qlen=sizeof(qbin), dPlen=sizeof(dPbin), dQlen=sizeof(dQbin), qPlen=sizeof(qPbin); + + rv = radix_to_bin(N, 16, Nbin, &Nlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(N) failed: %s", error_to_string(rv)); + rv = radix_to_bin(e, 16, ebin, &elen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(e) failed: %s", error_to_string(rv)); + + if (d && strlen(d) > 0) { + /* private */ + rv = radix_to_bin(d, 16, dbin, &dlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(d) failed: %s", error_to_string(rv)); + rv = rsa_set_key(Nbin, Nlen, ebin, elen, dbin, dlen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_set_key failed: %s", error_to_string(rv)); + } + else { + /* public */ + rv = rsa_set_key(Nbin, Nlen, ebin, elen, NULL, 0, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_set_key failed: %s", error_to_string(rv)); + } + + if (p && strlen(p) > 0 && q && strlen(q) > 0) { + /* private only */ + rv = radix_to_bin(p, 16, pbin, &plen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv)); + rv = radix_to_bin(q, 16, qbin, &qlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(q) failed: %s", error_to_string(rv)); + rv = rsa_set_factors(pbin, plen, qbin, qlen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_set_factors failed: %s", error_to_string(rv)); + } + + if (dP && strlen(dP) > 0 && dQ && strlen(dQ) > 0 && qP && strlen(qP) > 0) { + /* private only */ + rv = radix_to_bin(dP, 16, dPbin, &dPlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(dP) failed: %s", error_to_string(rv)); + rv = radix_to_bin(dQ, 16, dQbin, &dQlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(dQ) failed: %s", error_to_string(rv)); + rv = radix_to_bin(qP, 16, qPbin, &qPlen); + if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(qP) failed: %s", error_to_string(rv)); + rv = rsa_set_crt_params(dPbin, dPlen, dQbin, dQlen, qPbin, qPlen, &self->key); + if (rv != CRYPT_OK) croak("FATAL: rsa_set_crt_params failed: %s", error_to_string(rv)); + } + XPUSHs(ST(0)); /* return self */ } @@ -96,7 +163,7 @@ key2hash(Crypt::PK::RSA self) if (self->key.type == -1 || self->key.N == NULL) XSRETURN_UNDEF; nsize = mp_unsigned_bin_size(self->key.N); rv_hash = newHV(); - /* =====> e */ + /* e */ siz = (self->key.e) ? mp_unsigned_bin_size(self->key.e) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'e' too big number"); @@ -108,7 +175,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "e", 1, newSVpv("", 0), 0); } - /* =====> d */ + /* d */ siz = (self->key.d) ? mp_unsigned_bin_size(self->key.d) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'd' too big number"); @@ -120,7 +187,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "d", 1, newSVpv("", 0), 0); } - /* =====> N */ + /* N */ siz = (self->key.N) ? nsize : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'N' too big number"); @@ -132,7 +199,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "N", 1, newSVpv("", 0), 0); } - /* =====> q */ + /* q */ siz = (self->key.q) ? mp_unsigned_bin_size(self->key.q) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'q' too big number"); @@ -144,7 +211,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "q", 1, newSVpv("", 0), 0); } - /* =====> p */ + /* p */ siz = (self->key.p) ? mp_unsigned_bin_size(self->key.p) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'p' too big number"); @@ -156,7 +223,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "p", 1, newSVpv("", 0), 0); } - /* =====> qP */ + /* qP */ siz = (self->key.qP) ? mp_unsigned_bin_size(self->key.qP) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'qP' too big number"); @@ -168,7 +235,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "qP", 2, newSVpv("", 0), 0); } - /* =====> dP */ + /* dP */ siz = (self->key.dP) ? mp_unsigned_bin_size(self->key.dP) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'dP' too big number"); @@ -180,7 +247,7 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "dP", 2, newSVpv("", 0), 0); } - /* =====> dQ */ + /* dQ */ siz = (self->key.dQ) ? mp_unsigned_bin_size(self->key.dQ) : 0; if (siz>10000) { croak("FATAL: key2hash failed - 'dQ' too big number"); @@ -192,11 +259,11 @@ key2hash(Crypt::PK::RSA self) else{ not_used = hv_store(rv_hash, "dQ", 2, newSVpv("", 0), 0); } - /* =====> size */ + /* size */ not_used = hv_store(rv_hash, "size", 4, newSViv(nsize), 0); - /* =====> type */ + /* type */ not_used = hv_store(rv_hash, "type", 4, newSViv(self->key.type), 0); - if (not_used) not_used = NULL; /* just silence the warning: variable 'not_used' set but not used */ + LTC_UNUSED_PARAM(not_used); RETVAL = newRV_noinc((SV*)rv_hash); OUTPUT: RETVAL @@ -207,7 +274,7 @@ export_key_der(Crypt::PK::RSA self, char * type) { int rv; unsigned char out[4096]; - unsigned long int out_len = 4096; + unsigned long out_len = 4096; RETVAL = newSVpvn(NULL, 0); /* undef */ if (strnEQ(type, "private", 7)) { @@ -228,7 +295,7 @@ export_key_der(Crypt::PK::RSA self, char * type) RETVAL SV * -_encrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * oaep_lparam) +encrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * oaep_hash = "SHA1", SV * oaep_lparam = NULL) CODE: { int rv, hash_id; @@ -243,9 +310,9 @@ _encrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * RETVAL = newSVpvn(NULL, 0); /* undef */ if (strnEQ(padding, "oaep", 4)) { - hash_id = find_hash(oaep_hash); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", oaep_hash); - lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len); + hash_id = _find_hash(oaep_hash); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", oaep_hash); + if (oaep_lparam) lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len); rv = rsa_encrypt_key_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, lparam_ptr, (unsigned long)lparam_len, &self->pstate, self->pindex, hash_id, LTC_PKCS_1_OAEP, &self->key); @@ -273,7 +340,7 @@ _encrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * RETVAL SV * -_decrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * oaep_lparam) +decrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * oaep_hash = "SHA1", SV * oaep_lparam = NULL) CODE: { int rv, hash_id, stat; @@ -288,9 +355,9 @@ _decrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * RETVAL = newSVpvn(NULL, 0); /* undef */ if (strnEQ(padding, "oaep", 4)) { - hash_id = find_hash(oaep_hash); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", oaep_hash); - lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len); + hash_id = _find_hash(oaep_hash); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", oaep_hash); + if (oaep_lparam) lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len); rv = rsa_decrypt_key_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, lparam_ptr, (unsigned long)lparam_len, hash_id, LTC_PKCS_1_OAEP, &stat, &self->key); if (rv != CRYPT_OK) croak("FATAL: rsa_decrypt_key_ex failed: %s", error_to_string(rv)); @@ -318,21 +385,28 @@ _decrypt(Crypt::PK::RSA self, SV * data, char * padding, char * oaep_hash, SV * RETVAL SV * -_sign(Crypt::PK::RSA self, SV * data, char * padding, char * hash_name=NULL, unsigned long saltlen=12) +sign_hash(Crypt::PK::RSA self, SV * data, const char * hash_name = "SHA1", const char * padding = "pss", unsigned long saltlen=12) + ALIAS: + sign_message = 1 CODE: { int rv, hash_id; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char buffer[1024]; - unsigned long buffer_len = 1024; + unsigned char buffer[1024], tmp[MAXBLOCKSIZE], *data_ptr = NULL; + unsigned long tmp_len = MAXBLOCKSIZE, buffer_len = 1024; + STRLEN data_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); - - RETVAL = newSVpvn(NULL, 0); /* undef */ + if (ix == 1) { + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(hash_id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } if (strnEQ(padding, "pss", 3)) { - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = rsa_sign_hash_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, LTC_PKCS_1_PSS, &self->pstate, self->pindex, hash_id, saltlen, &self->key); @@ -340,8 +414,8 @@ _sign(Crypt::PK::RSA self, SV * data, char * padding, char * hash_name=NULL, uns RETVAL = newSVpvn((char*)buffer, buffer_len); } else if (strnEQ(padding, "v1.5", 4)) { - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = rsa_sign_hash_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, LTC_PKCS_1_V1_5, &self->pstate, self->pindex, hash_id, 0, &self->key); @@ -362,31 +436,38 @@ _sign(Crypt::PK::RSA self, SV * data, char * padding, char * hash_name=NULL, uns RETVAL int -_verify(Crypt::PK::RSA self, SV * sig, SV * data, char * padding, char * hash_name=NULL, unsigned long saltlen=12) +verify_hash(Crypt::PK::RSA self, SV * sig, SV * data, const char * hash_name = "SHA1", const char * padding = "pss", unsigned long saltlen = 12) + ALIAS: + verify_message = 1 CODE: { int rv, hash_id, stat; - unsigned char *data_ptr=NULL; - STRLEN data_len=0; - unsigned char *sig_ptr=NULL; - STRLEN sig_len=0; - unsigned char buffer[1024]; - unsigned long i, buffer_len = 1024; + unsigned char tmp[MAXBLOCKSIZE], buffer[1024], *data_ptr = NULL, *sig_ptr = NULL; + unsigned long i, tmp_len = MAXBLOCKSIZE, buffer_len = 1024; + STRLEN data_len = 0, sig_len = 0; data_ptr = (unsigned char *)SvPVbyte(data, data_len); sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len); - + if (ix == 1) { + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); + rv = hash_memory(hash_id, data_ptr, (unsigned long)data_len, tmp, &tmp_len); + if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv)); + data_ptr = tmp; + data_len = tmp_len; + } RETVAL = 1; + stat = 0; if (strnEQ(padding, "pss", 3)) { - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = rsa_verify_hash_ex(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, LTC_PKCS_1_PSS, hash_id, saltlen, &stat, &self->key); if (rv != CRYPT_OK || stat != 1) RETVAL = 0; } else if (strnEQ(padding, "v1.5", 4)) { - hash_id = find_hash(hash_name); - if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name); + hash_id = _find_hash(hash_name); + if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name); rv = rsa_verify_hash_ex(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, LTC_PKCS_1_V1_5, hash_id, 0, &stat, &self->key); if (rv != CRYPT_OK || stat != 1) RETVAL = 0; @@ -416,4 +497,3 @@ DESTROY(Crypt::PK::RSA self) CODE: if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; } Safefree(self); - diff --git a/inc/CryptX_PRNG.xs.inc b/inc/CryptX_PRNG.xs.inc index a5b07a7..9345311 100644 --- a/inc/CryptX_PRNG.xs.inc +++ b/inc/CryptX_PRNG.xs.inc @@ -1,38 +1,68 @@ MODULE = CryptX PACKAGE = Crypt::PRNG +PROTOTYPES: DISABLE + Crypt::PRNG -_new(IV curpid, char * prng_name, SV * entropy=&PL_sv_undef) +new(char * class, ...) CODE: { - int rv, id; + IV curpid = (IV)PerlProc_getpid(); + int rv, id, idx; unsigned char *ent=NULL; STRLEN ent_len=0; unsigned char entropy_buf[40]; + char *prng_name = (char *)"ChaCha20"; + SV *entropy = &PL_sv_undef; + + /* we need to handle: + Crypt::PRNG->new('RC4'); + Crypt::Cipher::RC4->new(); + */ + idx = strcmp("Crypt::PRNG", class) == 0 ? 1 : 0; + if (idx + 1 <= items) prng_name = SvPVX(ST(idx)); + if (idx + 2 <= items) entropy = ST(idx + 1); Newz(0, RETVAL, 1, struct prng_struct); if (!RETVAL) croak("FATAL: Newz failed"); - id = find_prng(prng_name); - if(id==-1) croak("FATAL: find_prng failed for '%s'", prng_name); - RETVAL->id = id; + id = _find_prng(prng_name); + if (id == -1) { + Safefree(RETVAL); + croak("FATAL: find_prng failed for '%s'", prng_name); + } RETVAL->last_pid = curpid; RETVAL->desc = &prng_descriptor[id]; rv = RETVAL->desc->start(&RETVAL->state); - if (rv != CRYPT_OK) croak("FATAL: PRNG_start failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: PRNG_start failed: %s", error_to_string(rv)); + } - if(SvOK(entropy)) { + if (SvOK(entropy)) { ent = (unsigned char *) SvPVbyte(entropy, ent_len); rv = RETVAL->desc->add_entropy(ent, (unsigned long)ent_len, &RETVAL->state); - if (rv != CRYPT_OK) croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); + } } else { - if (rng_get_bytes(entropy_buf, 40, NULL) != 40) croak("FATAL: rng_get_bytes failed: %s", error_to_string(rv)); + if (rng_get_bytes(entropy_buf, 40, NULL) != 40) { + Safefree(RETVAL); + croak("FATAL: rng_get_bytes failed: %s", error_to_string(rv)); + } rv = RETVAL->desc->add_entropy(entropy_buf, 40, &RETVAL->state); - if (rv != CRYPT_OK) croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); + } } rv = RETVAL->desc->ready(&RETVAL->state); - if (rv != CRYPT_OK) croak("FATAL: PRNG_ready failed: %s", error_to_string(rv)); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: PRNG_ready failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -40,9 +70,7 @@ _new(IV curpid, char * prng_name, SV * entropy=&PL_sv_undef) void DESTROY(Crypt::PRNG self) CODE: - { Safefree(self); - } void add_entropy(Crypt::PRNG self, SV * entropy=&PL_sv_undef) @@ -50,16 +78,16 @@ add_entropy(Crypt::PRNG self, SV * entropy=&PL_sv_undef) { STRLEN in_len=0; unsigned char *in_buffer=NULL; - unsigned char entropy_buf[32]; + unsigned char entropy_buf[40]; int rv; - if(SvOK(entropy)) { + if (SvOK(entropy)) { in_buffer = (unsigned char *) SvPVbyte(entropy, in_len); rv = self->desc->add_entropy(in_buffer, (unsigned long)in_len, &self->state); if (rv != CRYPT_OK) croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); } else { - if (rng_get_bytes(entropy_buf, 32, NULL) != 32) croak("FATAL: rng_get_bytes failed"); - rv = self->desc->add_entropy(entropy_buf, 32, &self->state); + if (rng_get_bytes(entropy_buf, 40, NULL) != 40) croak("FATAL: rng_get_bytes failed"); + rv = self->desc->add_entropy(entropy_buf, 40, &self->state); if (rv != CRYPT_OK) croak("FATAL: PRNG_add_entropy failed: %s", error_to_string(rv)); } rv = self->desc->ready(&self->state); @@ -67,41 +95,96 @@ add_entropy(Crypt::PRNG self, SV * entropy=&PL_sv_undef) } SV * -_bytes(Crypt::PRNG self, IV curpid, STRLEN output_len) +bytes(Crypt::PRNG self, unsigned long output_len) + ALIAS: + bytes_hex = 1 + bytes_b64 = 2 + bytes_b64u = 3 CODE: { - int rv_len; - unsigned char *rdata; - unsigned char entropy_buf[32]; + IV curpid = (IV)PerlProc_getpid(); + int rv_len, rv; + unsigned long len; + unsigned char *rdata, *tmp; + unsigned char entropy_buf[40]; - if (self->last_pid != curpid) { - rng_get_bytes(entropy_buf, 32, NULL); - self->desc->add_entropy(entropy_buf, 32, &self->state); - self->desc->ready(&self->state); - self->last_pid = curpid; + if (output_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + if (self->last_pid != curpid) { + if (rng_get_bytes(entropy_buf, 40, NULL) != 40) croak("FATAL: rng_get_bytes failed"); + self->desc->add_entropy(entropy_buf, 40, &self->state); + self->desc->ready(&self->state); + self->last_pid = curpid; + } + if (ix == 1) { + /* HEX */ + Newz(0, tmp, output_len, unsigned char); + if (tmp == NULL) croak("FATAL: Newz failed"); + rv_len = (self->desc->read)(tmp, (unsigned long)output_len, &self->state); + if ((UV)rv_len != output_len) croak("FATAL: PRNG_read failed"); + RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len * 2); + rdata = (unsigned char *)SvPVX(RETVAL); + len = output_len * 2; + rv = _base16_encode(tmp, output_len, rdata, &len); + Safefree(tmp); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: base16_encode failed"); + } + } + else if (ix == 2 || ix == 3) { + /* BASE64 or BASE64URL */ + Newz(0, tmp, output_len, unsigned char); + if (tmp == NULL) croak("FATAL: Newz failed"); + rv_len = (self->desc->read)(tmp, (unsigned long)output_len, &self->state); + if ((UV)rv_len != output_len) croak("FATAL: PRNG_read failed"); + RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len * 2); + rdata = (unsigned char *)SvPVX(RETVAL); + len = output_len * 2; + rv = ix == 3 ? base64url_encode(tmp, output_len, rdata, &len) : + base64_encode(tmp, output_len, rdata, &len); + SvCUR_set(RETVAL, len); + Safefree(tmp); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak(ix == 3 ? "FATAL: base64url_encode failed" : "FATAL: base64_encode failed"); + } + } + else { + /* RAW BYTES */ + RETVAL = NEWSV(0, output_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, output_len); + rdata = (unsigned char *)SvPVX(RETVAL); + rv_len = (self->desc->read)(rdata, (unsigned long)output_len, &self->state); + if ((UV)rv_len != output_len) { + SvREFCNT_dec(RETVAL); + croak("FATAL: PRNG_read failed"); + } + } } - - RETVAL = NEWSV(0, output_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, output_len); - rdata = (unsigned char *)SvPV_nolen(RETVAL); - rv_len = (self->desc->read)(rdata, (unsigned long)output_len, &self->state); - if ((UV)rv_len != output_len) croak("FATAL: PRNG_read failed"); } OUTPUT: RETVAL UV -_int32(Crypt::PRNG self, IV curpid) +int32(Crypt::PRNG self) CODE: { + IV curpid = (IV)PerlProc_getpid(); int i; unsigned char rdata[4]; - unsigned char entropy_buf[32]; + unsigned char entropy_buf[40]; if (self->last_pid != curpid) { - rng_get_bytes(entropy_buf, 32, NULL); - self->desc->add_entropy(entropy_buf, 32, &self->state); + if (rng_get_bytes(entropy_buf, 40, NULL) != 40) croak("FATAL: rng_get_bytes failed"); + self->desc->add_entropy(entropy_buf, 40, &self->state); self->desc->ready(&self->state); self->last_pid = curpid; } @@ -114,18 +197,18 @@ _int32(Crypt::PRNG self, IV curpid) RETVAL NV -_double(Crypt::PRNG self, IV curpid, ...) +double(Crypt::PRNG self, SV * limit_sv = NULL) CODE: { + IV curpid = (IV)PerlProc_getpid(); int i; unsigned long a, b; /* 32bit is enough */ unsigned char rdata[7]; /* for double we need 53 bits */ - unsigned char entropy_buf[32]; - NV limit; + unsigned char entropy_buf[40]; if (self->last_pid != curpid) { - rng_get_bytes(entropy_buf, 32, NULL); - self->desc->add_entropy(entropy_buf, 32, &self->state); + if (rng_get_bytes(entropy_buf, 40, NULL) != 40) croak("FATAL: rng_get_bytes failed"); + self->desc->add_entropy(entropy_buf, 40, &self->state); self->desc->ready(&self->state); self->last_pid = curpid; } @@ -135,8 +218,8 @@ _double(Crypt::PRNG self, IV curpid, ...) a = (((unsigned long)(rdata[0])<<16) + ((unsigned long)(rdata[1])<<8) + ((unsigned long)(rdata[2]))) & 0x1FFFFF; /* 21 bits */ b = ((unsigned long)(rdata[3])<<24) + ((unsigned long)(rdata[4])<<16) + ((unsigned long)(rdata[5])<<8) + ((unsigned long)(rdata[6])); /* 32 bits */ RETVAL = ( (NV)a * 4294967296.0 + (NV)b ) / 9007199254740992.0; /* (a * 2^32 + b) / 2^53 */ - if (items>2 && SvOK(ST(2))) { - limit = SvNV(ST(2)); + if (limit_sv && SvOK(limit_sv)) { + NV limit = SvNV(limit_sv); if (limit > 0 || limit < 0) RETVAL = RETVAL * limit; } } diff --git a/inc/CryptX_Stream_ChaCha.xs.inc b/inc/CryptX_Stream_ChaCha.xs.inc index 5beb836..e1287b6 100644 --- a/inc/CryptX_Stream_ChaCha.xs.inc +++ b/inc/CryptX_Stream_ChaCha.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::Stream::ChaCha +PROTOTYPES: DISABLE + Crypt::Stream::ChaCha -_new(SV * key, SV * nonce, UV counter = 0, int rounds = 20) +new(Class, SV * key, SV * nonce, UV counter = 0, int rounds = 20) CODE: { int rv; @@ -13,21 +15,31 @@ _new(SV * key, SV * nonce, UV counter = 0, int rounds = 20) k = (unsigned char *) SvPVbyte(key, k_len); iv = (unsigned char *) SvPVbyte(nonce, iv_len); - Newz(0, RETVAL, 1, struct chacha_struct); + Newz(0, RETVAL, 1, chacha_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = chacha_setup(&RETVAL->state, k, (unsigned long)k_len, rounds); - if (rv != CRYPT_OK) croak("FATAL: chacha_setup failed: %s", error_to_string(rv)); + rv = chacha_setup(RETVAL, k, (unsigned long)k_len, rounds); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: chacha_setup failed: %s", error_to_string(rv)); + } if (iv_len == 12) { - rv = chacha_ivctr32(&RETVAL->state, iv, (unsigned long)iv_len, (ulong32)counter); - if (rv != CRYPT_OK) croak("FATAL: chacha_ivctr32 failed: %s", error_to_string(rv)); + rv = chacha_ivctr32(RETVAL, iv, (unsigned long)iv_len, (ulong32)counter); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: chacha_ivctr32 failed: %s", error_to_string(rv)); + } } else if (iv_len == 8) { - rv = chacha_ivctr64(&RETVAL->state, iv, (unsigned long)iv_len, (ulong64)counter); - if (rv != CRYPT_OK) croak("FATAL: chacha_ivctr64 failed: %s", error_to_string(rv)); + rv = chacha_ivctr64(RETVAL, iv, (unsigned long)iv_len, (ulong64)counter); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: chacha_ivctr64 failed: %s", error_to_string(rv)); + } } else { + Safefree(RETVAL); croak("FATAL: chacha IV length must be 8 or 12 bytes"); } } @@ -37,15 +49,15 @@ _new(SV * key, SV * nonce, UV counter = 0, int rounds = 20) void DESTROY(Crypt::Stream::ChaCha self) CODE: - chacha_done(&self->state); + chacha_done(self); Safefree(self); Crypt::Stream::ChaCha clone(Crypt::Stream::ChaCha self) CODE: - Newz(0, RETVAL, 1, struct chacha_struct); + Newz(0, RETVAL, 1, chacha_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct chacha_struct); + Copy(self, RETVAL, 1, chacha_state); OUTPUT: RETVAL @@ -56,12 +68,20 @@ keystream(Crypt::Stream::ChaCha self, STRLEN out_len) int rv; unsigned char *out_data; - RETVAL = NEWSV(0, out_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, out_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = chacha_keystream(&self->state, out_data, out_len); - if (rv != CRYPT_OK) croak("FATAL: chacha_keystream failed: %s", error_to_string(rv)); + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = chacha_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: chacha_keystream failed: %s", error_to_string(rv)); + } + } } OUTPUT: RETVAL @@ -75,16 +95,19 @@ crypt(Crypt::Stream::ChaCha self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = chacha_crypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: chacha_crypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = chacha_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: chacha_crypt failed: %s", error_to_string(rv)); + } } } OUTPUT: diff --git a/inc/CryptX_Stream_RC4.xs.inc b/inc/CryptX_Stream_RC4.xs.inc index 45a047d..eb48b90 100644 --- a/inc/CryptX_Stream_RC4.xs.inc +++ b/inc/CryptX_Stream_RC4.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::Stream::RC4 +PROTOTYPES: DISABLE + Crypt::Stream::RC4 -_new(SV * key) +new(Class, SV * key) CODE: { int rv; @@ -11,11 +13,14 @@ _new(SV * key) if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); k = (unsigned char *) SvPVbyte(key, k_len); - Newz(0, RETVAL, 1, struct rc4_struct); + Newz(0, RETVAL, 1, rc4_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = rc4_stream_setup(&RETVAL->state, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: rc4_stream_setup failed: %s", error_to_string(rv)); + rv = rc4_stream_setup(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rc4_stream_setup failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -23,15 +28,15 @@ _new(SV * key) void DESTROY(Crypt::Stream::RC4 self) CODE: - rc4_stream_done(&self->state); + rc4_stream_done(self); Safefree(self); Crypt::Stream::RC4 clone(Crypt::Stream::RC4 self) CODE: - Newz(0, RETVAL, 1, struct rc4_struct); + Newz(0, RETVAL, 1, rc4_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct rc4_struct); + Copy(self, RETVAL, 1, rc4_state); OUTPUT: RETVAL @@ -42,12 +47,20 @@ keystream(Crypt::Stream::RC4 self, STRLEN out_len) int rv; unsigned char *out_data; - RETVAL = NEWSV(0, out_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, out_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = rc4_stream_keystream(&self->state, out_data, out_len); - if (rv != CRYPT_OK) croak("FATAL: rc4_stream_keystream failed: %s", error_to_string(rv)); + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = rc4_stream_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: rc4_stream_keystream failed: %s", error_to_string(rv)); + } + } } OUTPUT: RETVAL @@ -61,16 +74,19 @@ crypt(Crypt::Stream::RC4 self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = rc4_stream_crypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: rc4_stream_crypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = rc4_stream_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: rc4_stream_crypt failed: %s", error_to_string(rv)); + } } } OUTPUT: diff --git a/inc/CryptX_Stream_Rabbit.xs.inc b/inc/CryptX_Stream_Rabbit.xs.inc new file mode 100644 index 0000000..fe083bc --- /dev/null +++ b/inc/CryptX_Stream_Rabbit.xs.inc @@ -0,0 +1,104 @@ +MODULE = CryptX PACKAGE = Crypt::Stream::Rabbit + +PROTOTYPES: DISABLE + +Crypt::Stream::Rabbit +new(Class, SV * key, SV * nonce=&PL_sv_undef) + CODE: + { + int rv; + STRLEN iv_len=0, k_len=0; + unsigned char *iv=NULL, *k=NULL; + + if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); + k = (unsigned char *)SvPVbyte(key, k_len); + + Newz(0, RETVAL, 1, rabbit_state); + if (!RETVAL) croak("FATAL: Newz failed"); + + rv = rabbit_setup(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rabbit_setup failed: %s", error_to_string(rv)); + } + + if (SvOK(nonce)) { + if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); + iv = (unsigned char *)SvPVbyte(nonce, iv_len); + rv = rabbit_setiv(RETVAL, iv, (unsigned long)iv_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: rabbit_setiv failed: %s", error_to_string(rv)); + } + } + + } + OUTPUT: + RETVAL + +void +DESTROY(Crypt::Stream::Rabbit self) + CODE: + rabbit_done(self); + Safefree(self); + +Crypt::Stream::Rabbit +clone(Crypt::Stream::Rabbit self) + CODE: + Newz(0, RETVAL, 1, rabbit_state); + if (!RETVAL) croak("FATAL: Newz failed"); + Copy(self, RETVAL, 1, rabbit_state); + OUTPUT: + RETVAL + +SV * +keystream(Crypt::Stream::Rabbit self, STRLEN out_len) + CODE: + { + int rv; + unsigned char *out_data; + + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = rabbit_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: rabbit_keystream failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL + +SV * +crypt(Crypt::Stream::Rabbit self, SV * data) + CODE: + { + int rv; + STRLEN in_data_len; + unsigned char *in_data, *out_data; + + in_data = (unsigned char *)SvPVbyte(data, in_data_len); + if (in_data_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = rabbit_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: rabbit_crypt failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL diff --git a/inc/CryptX_Stream_Salsa20.xs.inc b/inc/CryptX_Stream_Salsa20.xs.inc new file mode 100644 index 0000000..65c0d58 --- /dev/null +++ b/inc/CryptX_Stream_Salsa20.xs.inc @@ -0,0 +1,101 @@ +MODULE = CryptX PACKAGE = Crypt::Stream::Salsa20 + +PROTOTYPES: DISABLE + +Crypt::Stream::Salsa20 +new(Class, SV * key, SV * nonce, UV counter = 0, int rounds = 20) + CODE: + { + int rv; + STRLEN iv_len=0, k_len=0; + unsigned char *iv=NULL, *k=NULL; + + if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); + if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); + k = (unsigned char *)SvPVbyte(key, k_len); + iv = (unsigned char *)SvPVbyte(nonce, iv_len); + + Newz(0, RETVAL, 1, salsa20_state); + if (!RETVAL) croak("FATAL: Newz failed"); + + rv = salsa20_setup(RETVAL, k, (unsigned long)k_len, rounds); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: salsa20_setup failed: %s", error_to_string(rv)); + } + + rv = salsa20_ivctr64(RETVAL, iv, (unsigned long)iv_len, (ulong64)counter); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: salsa20_ivctr64 failed: %s", error_to_string(rv)); + } + } + OUTPUT: + RETVAL + +void +DESTROY(Crypt::Stream::Salsa20 self) + CODE: + salsa20_done(self); + Safefree(self); + +Crypt::Stream::Salsa20 +clone(Crypt::Stream::Salsa20 self) + CODE: + Newz(0, RETVAL, 1, salsa20_state); + if (!RETVAL) croak("FATAL: Newz failed"); + Copy(self, RETVAL, 1, salsa20_state); + OUTPUT: + RETVAL + +SV * +keystream(Crypt::Stream::Salsa20 self, STRLEN out_len) + CODE: + { + int rv; + unsigned char *out_data; + + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = salsa20_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: salsa20_keystream failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL + +SV * +crypt(Crypt::Stream::Salsa20 self, SV * data) + CODE: + { + int rv; + STRLEN in_data_len; + unsigned char *in_data, *out_data; + + in_data = (unsigned char *)SvPVbyte(data, in_data_len); + if (in_data_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = salsa20_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: salsa20_crypt failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL diff --git a/inc/CryptX_Stream_Sober128.xs.inc b/inc/CryptX_Stream_Sober128.xs.inc index 5269afc..5e03ba4 100644 --- a/inc/CryptX_Stream_Sober128.xs.inc +++ b/inc/CryptX_Stream_Sober128.xs.inc @@ -1,7 +1,9 @@ MODULE = CryptX PACKAGE = Crypt::Stream::Sober128 +PROTOTYPES: DISABLE + Crypt::Stream::Sober128 -_new(SV * key, SV * nonce) +new(Class, SV * key, SV * nonce) CODE: { int rv; @@ -13,14 +15,20 @@ _new(SV * key, SV * nonce) k = (unsigned char *) SvPVbyte(key, k_len); iv = (unsigned char *) SvPVbyte(nonce, iv_len); - Newz(0, RETVAL, 1, struct sober128_struct); + Newz(0, RETVAL, 1, sober128_state); if (!RETVAL) croak("FATAL: Newz failed"); - rv = sober128_stream_setup(&RETVAL->state, k, (unsigned long)k_len); - if (rv != CRYPT_OK) croak("FATAL: sober128_stream_setup failed: %s", error_to_string(rv)); + rv = sober128_stream_setup(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: sober128_stream_setup failed: %s", error_to_string(rv)); + } - rv = sober128_stream_setiv(&RETVAL->state, iv, (unsigned long)iv_len); - if (rv != CRYPT_OK) croak("FATAL: sober128_stream_setiv failed: %s", error_to_string(rv)); + rv = sober128_stream_setiv(RETVAL, iv, (unsigned long)iv_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: sober128_stream_setiv failed: %s", error_to_string(rv)); + } } OUTPUT: RETVAL @@ -28,15 +36,15 @@ _new(SV * key, SV * nonce) void DESTROY(Crypt::Stream::Sober128 self) CODE: - sober128_stream_done(&self->state); + sober128_stream_done(self); Safefree(self); Crypt::Stream::Sober128 clone(Crypt::Stream::Sober128 self) CODE: - Newz(0, RETVAL, 1, struct sober128_struct); + Newz(0, RETVAL, 1, sober128_state); if (!RETVAL) croak("FATAL: Newz failed"); - Copy(&self->state, &RETVAL->state, 1, struct sober128_struct); + Copy(self, RETVAL, 1, sober128_state); OUTPUT: RETVAL @@ -47,12 +55,20 @@ keystream(Crypt::Stream::Sober128 self, STRLEN out_len) int rv; unsigned char *out_data; - RETVAL = NEWSV(0, out_len); - SvPOK_only(RETVAL); - SvCUR_set(RETVAL, out_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = sober128_stream_keystream(&self->state, out_data, out_len); - if (rv != CRYPT_OK) croak("FATAL: sober128_stream_keystream failed: %s", error_to_string(rv)); + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = sober128_stream_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: sober128_stream_keystream failed: %s", error_to_string(rv)); + } + } } OUTPUT: RETVAL @@ -66,16 +82,19 @@ crypt(Crypt::Stream::Sober128 self, SV * data) unsigned char *in_data, *out_data; in_data = (unsigned char *)SvPVbyte(data, in_data_len); - if (in_data_len==0) { + if (in_data_len == 0) { RETVAL = newSVpvn("", 0); } else { - RETVAL = NEWSV(0, in_data_len); + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, in_data_len); - out_data = (unsigned char *)SvPV_nolen(RETVAL); - rv = sober128_stream_crypt(&self->state, in_data, (unsigned long)in_data_len, out_data); - if (rv != CRYPT_OK) croak("FATAL: sober128_stream_crypt failed: %s", error_to_string(rv)); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = sober128_stream_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: sober128_stream_crypt failed: %s", error_to_string(rv)); + } } } OUTPUT: diff --git a/inc/CryptX_Stream_Sosemanuk.xs.inc b/inc/CryptX_Stream_Sosemanuk.xs.inc new file mode 100644 index 0000000..da5fcfb --- /dev/null +++ b/inc/CryptX_Stream_Sosemanuk.xs.inc @@ -0,0 +1,107 @@ +MODULE = CryptX PACKAGE = Crypt::Stream::Sosemanuk + +PROTOTYPES: DISABLE + +Crypt::Stream::Sosemanuk +new(Class, SV * key, SV * nonce=&PL_sv_undef) + CODE: + { + int rv; + STRLEN iv_len=0, k_len=0; + unsigned char *iv=NULL, *k=NULL; + + if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); + k = (unsigned char *)SvPVbyte(key, k_len); + + Newz(0, RETVAL, 1, sosemanuk_state); + if (!RETVAL) croak("FATAL: Newz failed"); + + rv = sosemanuk_setup(RETVAL, k, (unsigned long)k_len); + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: sosemanuk_setup failed: %s", error_to_string(rv)); + } + + if (SvOK(nonce)) { + if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); + iv = (unsigned char *)SvPVbyte(nonce, iv_len); + rv = sosemanuk_setiv(RETVAL, iv, (unsigned long)iv_len); + } + else { + rv = sosemanuk_setiv(RETVAL, NULL, 0); + } + if (rv != CRYPT_OK) { + Safefree(RETVAL); + croak("FATAL: sosemanuk_setiv failed: %s", error_to_string(rv)); + } + + } + OUTPUT: + RETVAL + +void +DESTROY(Crypt::Stream::Sosemanuk self) + CODE: + sosemanuk_done(self); + Safefree(self); + +Crypt::Stream::Sosemanuk +clone(Crypt::Stream::Sosemanuk self) + CODE: + Newz(0, RETVAL, 1, sosemanuk_state); + if (!RETVAL) croak("FATAL: Newz failed"); + Copy(self, RETVAL, 1, sosemanuk_state); + OUTPUT: + RETVAL + +SV * +keystream(Crypt::Stream::Sosemanuk self, STRLEN out_len) + CODE: + { + int rv; + unsigned char *out_data; + + if (out_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, out_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, out_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = sosemanuk_keystream(self, out_data, (unsigned long)out_len); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: sosemanuk_keystream failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL + +SV * +crypt(Crypt::Stream::Sosemanuk self, SV * data) + CODE: + { + int rv; + STRLEN in_data_len; + unsigned char *in_data, *out_data; + + in_data = (unsigned char *)SvPVbyte(data, in_data_len); + if (in_data_len == 0) { + RETVAL = newSVpvn("", 0); + } + else { + RETVAL = NEWSV(0, in_data_len); /* avoid zero! */ + SvPOK_only(RETVAL); + SvCUR_set(RETVAL, in_data_len); + out_data = (unsigned char *)SvPVX(RETVAL); + rv = sosemanuk_crypt(self, in_data, (unsigned long)in_data_len, out_data); + if (rv != CRYPT_OK) { + SvREFCNT_dec(RETVAL); + croak("FATAL: sosemanuk_crypt failed: %s", error_to_string(rv)); + } + } + } + OUTPUT: + RETVAL diff --git a/lib/Crypt/AuthEnc.pm b/lib/Crypt/AuthEnc.pm index b596078..2ec901e 100644 --- a/lib/Crypt/AuthEnc.pm +++ b/lib/Crypt/AuthEnc.pm @@ -2,16 +2,16 @@ package Crypt::AuthEnc; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -sub CLONE_SKIP { 1 } # prevent cloning +### not used 1; -__END__ - +=pod + =head1 NAME Crypt::AuthEnc - [internal only] -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/AuthEnc/CCM.pm b/lib/Crypt/AuthEnc/CCM.pm index 0ba3e39..618a7e5 100644 --- a/lib/Crypt/AuthEnc/CCM.pm +++ b/lib/Crypt/AuthEnc/CCM.pm @@ -2,39 +2,18 @@ package Crypt::AuthEnc::CCM; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Crypt::AuthEnc Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ccm_encrypt_authenticate ccm_decrypt_verify )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -use Crypt::Cipher; -### the following functions are implemented in XS: -# - _memory_encrypt -# - _memory_decrypt - -sub ccm_encrypt_authenticate { - my $cipher_name = shift; - my $key = shift; - my $nonce = shift; - my $adata = shift; - my $tag_len = shift; - my $plaintext = shift; - return _memory_encrypt(Crypt::Cipher::_trans_cipher_name($cipher_name), $key, $nonce, $adata, $tag_len, $plaintext); -} - -sub ccm_decrypt_verify { - my $cipher_name = shift; - my $key = shift; - my $nonce = shift; - my $adata = shift; - my $ciphertext = shift; - my $tag = shift; - return _memory_decrypt(Crypt::Cipher::_trans_cipher_name($cipher_name), $key, $nonce, $adata, $ciphertext, $tag); -} +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -46,15 +25,36 @@ Crypt::AuthEnc::CCM - Authenticated encryption in CCM mode =head1 SYNOPSIS + ### OO interface + use Crypt::AuthEnc::CCM; + + # encrypt and authenticate + my $ae = Crypt::AuthEnc::CCM->new("AES", $key, $iv, $adata, $tag_len, $pt_len); + my $ct = $ae->encrypt_add('data1'); + $ct .= $ae->encrypt_add('data2'); + $ct .= $ae->encrypt_add('data3'); + my $tag = $ae->encrypt_done(); + + # decrypt and verify + my $ae = Crypt::AuthEnc::CCM->new("AES", $key, $iv, $adata, $tag_len, $pt_len); + my $pt = $ae->decrypt_add('ciphertext1'); + $pt .= $ae->decrypt_add('ciphertext2'); + $pt .= $ae->decrypt_add('ciphertext3'); + my $tag = $ae->decrypt_done(); + die "decrypt failed" unless $tag eq $expected_tag; + + #or + my $result = $ae->decrypt_done($expected_tag); # 0 or 1 + ### functional interface use Crypt::AuthEnc::CCM qw(ccm_encrypt_authenticate ccm_decrypt_verify); - my ($ciphertext, $tag) = ccm_encrypt_authenticate('AES', $key, $nonce, $adata, $tag_len, $plaintext); - my $plaintext = ccm_decrypt_verify('AES', $key, $nonce, $adata, $ciphertext, $tag); + ($ciphertext, $tag) = ccm_encrypt_authenticate('AES', $key, $nonce, $adata, $tag_len, $plaintext); + $plaintext = ccm_decrypt_verify('AES', $key, $nonce, $adata, $ciphertext, $tag); =head1 DESCRIPTION -CCM is a encrypt+authenticate mode that is centered around using AES (or any 16-byte cipher) as aprimitive. +CCM is a encrypt+authenticate mode that is centered around using AES (or any 16-byte cipher) as a primitive. Unlike EAX and OCB mode, it is only meant for packet mode where the length of the input is known in advance. =head1 EXPORT @@ -63,7 +63,7 @@ Nothing is exported by default. You can export selected functions: - use Crypt::AuthEnc::CCM qw(ccm_encrypt_authenticate ccm_decrypt_verify); + use Crypt::AuthEnc::CCM qw(ccm_encrypt_authenticate ccm_decrypt_verify); =head1 FUNCTIONS @@ -85,9 +85,43 @@ CCM parameters should follow Lnew($cipher, $key, $nonce, $adata, $tag_len, $pt_len); + + # $cipher .. 'AES' or name of any other cipher with 16-byte block len + # $key ..... key of proper length (e.g. 128/192/256bits for AES) + # $nonce ... unique nonce/salt (no need to keep it secret) + # $adata ... additional authenticated data + # $tag_len . required length of output tag + # $pt_len .. expected length of plaintext/ciphertext to encrypt/decrypt + +=head2 encrypt_add + + $ciphertext = $ae->encrypt_add($data); # can be called multiple times + +=head2 encrypt_done + + my $tag = $ae->encrypt_done; # returns $tag value + +=head2 decrypt_add + + $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times + +=head2 decrypt_done + + my $tag = $ae->decrypt_done; # returns $tag value + #or + my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) + +=head2 clone + + my $ae_new = $ae->clone; =head1 SEE ALSO @@ -98,3 +132,5 @@ CCM parameters should follow L =back + +=cut diff --git a/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm b/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm index c134a54..80175a5 100644 --- a/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm +++ b/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm @@ -2,42 +2,18 @@ package Crypt::AuthEnc::ChaCha20Poly1305; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Crypt::AuthEnc Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -sub new { my $class = shift; _new(@_) } - -sub chacha20poly1305_encrypt_authenticate { - my $key = shift; - my $iv = shift; - my $adata = shift; - my $plaintext = shift; - - my $m = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); - $m->adata_add(defined $adata ? $adata : ''); #XXX-TODO if no aad we have to pass empty string - my $ct = $m->encrypt_add($plaintext); - my $tag = $m->encrypt_done; - return ($ct, $tag); -} - -sub chacha20poly1305_decrypt_verify { - my $key = shift; - my $iv = shift; - my $adata = shift; - my $ciphertext = shift; - my $tag = shift; - - my $m = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); - $m->adata_add(defined $adata ? $adata : ''); #XXX-TODO if no aad we have to pass empty string - my $ct = $m->decrypt_add($ciphertext); - return $m->decrypt_done($tag) ? $ct : undef; -} +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -45,7 +21,7 @@ sub chacha20poly1305_decrypt_verify { =head1 NAME -Crypt::AuthEnc::ChaCha20Poly1305 - Authenticated encryption in ChaCha20Poly1305 mode +Crypt::AuthEnc::ChaCha20Poly1305 - Authenticated encryption in ChaCha20-Poly1305 mode =head1 SYNOPSIS @@ -54,25 +30,25 @@ Crypt::AuthEnc::ChaCha20Poly1305 - Authenticated encryption in ChaCha20Poly1305 # encrypt and authenticate my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $ct = $ae->encrypt_add('data1'); - $ct = $ae->encrypt_add('data2'); - $ct = $ae->encrypt_add('data3'); - $tag = $ae->encrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $ct = $ae->encrypt_add('data1'); + $ct .= $ae->encrypt_add('data2'); + $ct .= $ae->encrypt_add('data3'); + my $tag = $ae->encrypt_done(); # decrypt and verify my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $pt = $ae->decrypt_add('ciphertext1'); - $pt = $ae->decrypt_add('ciphertext2'); - $pt = $ae->decrypt_add('ciphertext3'); - $tag = $ae->decrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $pt = $ae->decrypt_add('ciphertext1'); + $pt .= $ae->decrypt_add('ciphertext2'); + $pt .= $ae->decrypt_add('ciphertext3'); + my $tag = $ae->decrypt_done(); die "decrypt failed" unless $tag eq $expected_tag; #or - my $result = $ae->decrypt_done($expected_tag) die "decrypt failed"; + my $result = $ae->decrypt_done($expected_tag); # 0 or 1 ### functional interface use Crypt::AuthEnc::ChaCha20Poly1305 qw(chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify); @@ -105,7 +81,6 @@ You can export selected functions: =head2 chacha20poly1305_decrypt_verify my $plaintext = chacha20poly1305_decrypt_verify($key, $iv, $adata, $ciphertext, $tag); - # on error returns undef =head1 METHODS @@ -117,42 +92,48 @@ You can export selected functions: # $key ..... encryption key of proper length (128 or 256 bits / 16 or 32 bytes) # $iv ...... initialization vector (64 or 96 bits / 8 or 12 bytes) -=head2 aad_add +=head2 adata_add +Add B. Can be called before the first C or C; - $ae->aad_add($aad_data); #can be called multiple times + $ae->adata_add($aad_data); # can be called multiple times =head2 encrypt_add - $ciphertext = $ae->encrypt_add($data); #can be called multiple times + $ciphertext = $ae->encrypt_add($data); # can be called multiple times =head2 encrypt_done - $tag = $ae->encrypt_done(); + $tag = $ae->encrypt_done(); # returns $tag value =head2 decrypt_add - $plaintext = $ae->decrypt_add($ciphertext); #can be called multiple times + $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times =head2 decrypt_done - my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) - #or my $tag = $ae->decrypt_done; # returns $tag value + #or + my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) + +=head2 set_iv + + my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key)->set_iv($iv); + # $iv ...... initialization vector (64 or 96 bits / 8 or 12 bytes) + +=head2 set_iv_rfc7905 + +See L + + my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key)->set_iv_rfc7905($iv, $seqnum); + # $iv ...... initialization vector (96 bits / 12 bytes) + # $seqnum .. 64bit integer (sequence number) =head2 clone my $ae_new = $ae->clone; -=head2 set_iv - - $ae->set_iv($iv); - -=head2 set_iv_rfc7905 - - $ae->set_iv_rfc7905($iv, $seqnum); - =head1 SEE ALSO =over @@ -162,3 +143,5 @@ Can be called before the first C or C; =item * L =back + +=cut diff --git a/lib/Crypt/AuthEnc/EAX.pm b/lib/Crypt/AuthEnc/EAX.pm index e5e7095..9f873fb 100644 --- a/lib/Crypt/AuthEnc/EAX.pm +++ b/lib/Crypt/AuthEnc/EAX.pm @@ -2,60 +2,22 @@ package Crypt::AuthEnc::EAX; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Crypt::AuthEnc Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -use Crypt::Cipher; -### the following methods/functions are implemented in XS: -# - _new -# - DESTROY -# - clone -# - encrypt_add -# - encrypt_done -# - decrypt_add -# - decrypt_done -# - aad_add +# obsolete, only for backwards compatibility +sub header_add { goto &adata_add } +sub aad_add { goto &adata_add } -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } - -sub eax_encrypt_authenticate { - my $cipher_name = shift; - my $key = shift; - my $iv = shift; - my $adata = shift; - my $plaintext = shift; - - my $m = Crypt::AuthEnc::EAX->new($cipher_name, $key, $iv); - $m->aad_add($adata) if defined $adata; - my $ct = $m->encrypt_add($plaintext); - my $tag = $m->encrypt_done; - return ($ct, $tag); -} - -sub eax_decrypt_verify { - my $cipher_name = shift; - my $key = shift; - my $iv = shift; - my $adata = shift; - my $ciphertext = shift; - my $tag = shift; - - my $m = Crypt::AuthEnc::EAX->new($cipher_name, $key, $iv); - $m->aad_add($adata) if defined $adata; - my $ct = $m->decrypt_add($ciphertext); - return $m->decrypt_done($tag) ? $ct : undef; -} - -sub header_add { - # obsolete, only for backwards compatibility - shift->aad_add(@_); -} +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -72,25 +34,25 @@ Crypt::AuthEnc::EAX - Authenticated encryption in EAX mode # encrypt and authenticate my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $ct = $ae->encrypt_add('data1'); - $ct = $ae->encrypt_add('data2'); - $ct = $ae->encrypt_add('data3'); - $tag = $ae->encrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $ct = $ae->encrypt_add('data1'); + $ct .= $ae->encrypt_add('data2'); + $ct .= $ae->encrypt_add('data3'); + my $tag = $ae->encrypt_done(); # decrypt and verify my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $pt = $ae->decrypt_add('ciphertext1'); - $pt = $ae->decrypt_add('ciphertext2'); - $pt = $ae->decrypt_add('ciphertext3'); - $tag = $ae->decrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $pt = $ae->decrypt_add('ciphertext1'); + $pt .= $ae->decrypt_add('ciphertext2'); + $pt .= $ae->decrypt_add('ciphertext3'); + my $tag = $ae->decrypt_done(); die "decrypt failed" unless $tag eq $expected_tag; #or - my $result = $ae->decrypt_done($expected_tag) die "decrypt failed"; + my $result = $ae->decrypt_done($expected_tag); # 0 or 1 ### functional interface use Crypt::AuthEnc::EAX qw(eax_encrypt_authenticate eax_decrypt_verify); @@ -101,7 +63,7 @@ Crypt::AuthEnc::EAX - Authenticated encryption in EAX mode =head1 DESCRIPTION EAX is a mode that requires a cipher, CTR and OMAC support and provides encryption and authentication. -It is initialized with a random IV that can be shared publicly, additional authenticated data which can +It is initialized with a random IV that can be shared publicly, additional authenticated data which can be fixed and public, and a random secret symmetric key. =head1 EXPORT @@ -125,9 +87,8 @@ You can export selected functions: =head2 eax_decrypt_verify - my $plaintext = eax_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag); - - # on error returns undef + my $plaintext = eax_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag); + # on error returns undef =head1 METHODS @@ -142,27 +103,27 @@ You can export selected functions: # $iv ...... unique initialization vector (no need to keep it secret) # $adata ... additional authenticated data (optional) -=head2 aad_add +=head2 adata_add - $ae->aad_add($adata); #can be called multiple times + $ae->adata_add($adata); # can be called multiple times =head2 encrypt_add - $ciphertext = $ae->encrypt_add($data); #can be called multiple times + $ciphertext = $ae->encrypt_add($data); # can be called multiple times =head2 encrypt_done - $tag = $ae->encrypt_done(); + $tag = $ae->encrypt_done(); # returns $tag value =head2 decrypt_add - $plaintext = $ae->decrypt_add($ciphertext); #can be called multiple times + $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times =head2 decrypt_done - my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) - #or my $tag = $ae->decrypt_done; # returns $tag value + #or + my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) =head2 clone @@ -177,3 +138,5 @@ You can export selected functions: =item * L =back + +=cut diff --git a/lib/Crypt/AuthEnc/GCM.pm b/lib/Crypt/AuthEnc/GCM.pm index 4d9b98f..b3f2fa6 100644 --- a/lib/Crypt/AuthEnc/GCM.pm +++ b/lib/Crypt/AuthEnc/GCM.pm @@ -2,53 +2,18 @@ package Crypt::AuthEnc::GCM; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Crypt::AuthEnc Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -use Crypt::Cipher; -sub new { - my ($class, $cipher, $key, $iv) = @_; - my $self = _new(Crypt::Cipher::_trans_cipher_name($cipher), $key); - # for backwards compatibility the $iv is optional - $self->iv_add($iv) if defined $iv; - return $self; -} - -sub gcm_encrypt_authenticate { - my $cipher_name = shift; - my $key = shift; - my $iv = shift; - my $adata = shift; - my $plaintext = shift; - - my $m = Crypt::AuthEnc::GCM->new($cipher_name, $key); - $m->iv_add($iv); - $m->adata_add(defined $adata ? $adata : ''); #XXX-TODO if no aad we have to pass empty string - my $ct = $m->encrypt_add($plaintext); - my $tag = $m->encrypt_done; - return ($ct, $tag); -} - -sub gcm_decrypt_verify { - my $cipher_name = shift; - my $key = shift; - my $iv = shift; - my $adata = shift; - my $ciphertext = shift; - my $tag = shift; - - my $m = Crypt::AuthEnc::GCM->new($cipher_name, $key); - $m->iv_add($iv); - $m->adata_add(defined $adata ? $adata : ''); #XXX-TODO if no aad we have to pass empty string - my $ct = $m->decrypt_add($ciphertext); - return $m->decrypt_done($tag) ? $ct : undef; -} +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -65,25 +30,25 @@ Crypt::AuthEnc::GCM - Authenticated encryption in GCM mode # encrypt and authenticate my $ae = Crypt::AuthEnc::GCM->new("AES", $key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $ct = $ae->encrypt_add('data1'); - $ct = $ae->encrypt_add('data2'); - $ct = $ae->encrypt_add('data3'); - $tag = $ae->encrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $ct = $ae->encrypt_add('data1'); + $ct .= $ae->encrypt_add('data2'); + $ct .= $ae->encrypt_add('data3'); + my $tag = $ae->encrypt_done(); # decrypt and verify my $ae = Crypt::AuthEnc::GCM->new("AES", $key, $iv); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $pt = $ae->decrypt_add('ciphertext1'); - $pt = $ae->decrypt_add('ciphertext2'); - $pt = $ae->decrypt_add('ciphertext3'); - $tag = $ae->decrypt_done(); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $pt = $ae->decrypt_add('ciphertext1'); + $pt .= $ae->decrypt_add('ciphertext2'); + $pt .= $ae->decrypt_add('ciphertext3'); + my $tag = $ae->decrypt_done(); die "decrypt failed" unless $tag eq $expected_tag; #or - my $result = $ae->decrypt_done($expected_tag) die "decrypt failed"; + my $result = $ae->decrypt_done($expected_tag); # 0 or 1 ### functional interface use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify); @@ -117,7 +82,6 @@ You can export selected functions: =head2 gcm_decrypt_verify my $plaintext = gcm_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag); - # on error returns undef =head1 METHODS @@ -134,31 +98,34 @@ You can export selected functions: =head2 iv_add - $ae->iv_add($iv_data); #can be called multiple times +Set initialization vector (IV). -=head2 aad_add + $ae->iv_add($iv_data); #can be called multiple times -Can be called B all C calls but before the first C or C; +=head2 adata_add - $ae->aad_add($aad_data); #can be called multiple times +Add B. +Can be called B all C calls but before the first C or C. + + $ae->adata_add($aad_data); # can be called multiple times =head2 encrypt_add - $ciphertext = $ae->encrypt_add($data); #can be called multiple times + $ciphertext = $ae->encrypt_add($data); # can be called multiple times =head2 encrypt_done - $tag = $ae->encrypt_done(); + $tag = $ae->encrypt_done(); # returns $tag value =head2 decrypt_add - $plaintext = $ae->decrypt_add($ciphertext); #can be called multiple times + $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times =head2 decrypt_done - my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) - #or my $tag = $ae->decrypt_done; # returns $tag value + #or + my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) =head2 reset @@ -177,3 +144,5 @@ Can be called B all C calls but before the first C o =item * L =back + +=cut diff --git a/lib/Crypt/AuthEnc/OCB.pm b/lib/Crypt/AuthEnc/OCB.pm index aabab36..cf892d3 100644 --- a/lib/Crypt/AuthEnc/OCB.pm +++ b/lib/Crypt/AuthEnc/OCB.pm @@ -2,50 +2,22 @@ package Crypt::AuthEnc::OCB; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Crypt::AuthEnc Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -use Crypt::Cipher; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +# obsolete, only for backwards compatibility +sub aad_add { goto &adata_add } +sub blocksize { return 16 } -sub ocb_encrypt_authenticate { - my $cipher_name = shift; - my $key = shift; - my $nonce = shift; - my $adata = shift; - my $plaintext = shift; - - my $m = Crypt::AuthEnc::OCB->new($cipher_name, $key, $nonce); - $m->aad_add($adata) if defined $adata; - my $ct = $m->encrypt_last($plaintext); - my $tag = $m->encrypt_done; - return ($ct, $tag); -} - -sub ocb_decrypt_verify { - my $cipher_name = shift; - my $key = shift; - my $nonce = shift; - my $adata = shift; - my $ciphertext = shift; - my $tag = shift; - - my $m = Crypt::AuthEnc::OCB->new($cipher_name, $key, $nonce); - $m->aad_add($adata) if defined $adata; - my $ct = $m->decrypt_last($ciphertext); - return $m->decrypt_done($tag) ? $ct : undef; -} - -sub adata_add { - # obsolete, only for backwards compatibility - shift->aad_add(@_); -} +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -61,34 +33,38 @@ Crypt::AuthEnc::OCB - Authenticated encryption in OCBv3 mode use Crypt::AuthEnc::OCB; # encrypt and authenticate - my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $ct = $ae->encrypt_add('data1'); - $ct = $ae->encrypt_add('data2'); - $ct = $ae->encrypt_add('data3'); - $ct = $ae->encrypt_last('rest of data'); - ($ct,$tag) = $ae->encrypt_done(); + my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $ct = $ae->encrypt_add('data1'); + $ct .= $ae->encrypt_add('data2'); + $ct .= $ae->encrypt_add('data3'); + $ct .= $ae->encrypt_last('rest of data'); + my $tag = $ae->encrypt_done(); # decrypt and verify - my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce); - $ae->aad_add('additional_authenticated_data1'); - $ae->aad_add('additional_authenticated_data2'); - $pt = $ae->decrypt_add('ciphertext1'); - $pt = $ae->decrypt_add('ciphertext2'); - $pt = $ae->decrypt_add('ciphertext3'); - $pt = $ae->decrypt_last('rest of data'); - ($pt,$tag) = $ae->decrypt_done(); + my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len); + $ae->adata_add('additional_authenticated_data1'); + $ae->adata_add('additional_authenticated_data2'); + my $pt = $ae->decrypt_add('ciphertext1'); + $pt .= $ae->decrypt_add('ciphertext2'); + $pt .= $ae->decrypt_add('ciphertext3'); + $pt .= $ae->decrypt_last('rest of data'); + my $tag = $ae->decrypt_done(); + die "decrypt failed" unless $tag eq $expected_tag; + + #or + my $result = $ae->decrypt_done($expected_tag); # 0 or 1 ### functional interface use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify); - my ($ciphertext, $tag) = ocb_encrypt_authenticate('AES', $key, $nonce, $adata, $plaintext); + my ($ciphertext, $tag) = ocb_encrypt_authenticate('AES', $key, $nonce, $adata, $tag_len, $plaintext); my $plaintext = ocb_decrypt_verify('AES', $key, $nonce, $adata, $ciphertext, $tag); =head1 DESCRIPTION -This module implements OCB version 3 according http://datatracker.ietf.org/doc/draft-irtf-cfrg-ocb/ +This module implements OCB v3 according to L =head1 EXPORT @@ -102,36 +78,37 @@ You can export selected functions: =head2 ocb_encrypt_authenticate - my ($ciphertext, $tag) = ocb_encrypt_authenticate($cipher, $key, $nonce, $adata, $plaintext); + my ($ciphertext, $tag) = ocb_encrypt_authenticate($cipher, $key, $nonce, $adata, $tag_len, $plaintext); # $cipher .. 'AES' or name of any other cipher with 16-byte block len # $key ..... AES key of proper length (128/192/256bits) # $nonce ... unique nonce/salt (no need to keep it secret) # $adata ... additional authenticated data + # $tag_len . required length of output tag =head2 ocb_decrypt_verify my $plaintext = ocb_decrypt_verify($cipher, $key, $nonce, $adata, $ciphertext, $tag); - # on error returns undef =head1 METHODS =head2 new - my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce); + my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce, $tag_len); # $cipher .. 'AES' or name of any other cipher with 16-byte block len # $key ..... AES key of proper length (128/192/256bits) # $nonce ... unique nonce/salt (no need to keep it secret) + # $tag_len . required length of output tag -=head2 aad_add +=head2 adata_add - $ae->aad_add($adata); #can be called multiple times + $ae->adata_add($adata); #can be called multiple times =head2 encrypt_add - $ciphertext = $ae->encrypt_add($data); #can be called multiple times + $ciphertext = $ae->encrypt_add($data); # can be called multiple times #BEWARE: size of $data has to be multiple of blocklen (16 for AES) @@ -141,23 +118,23 @@ You can export selected functions: =head2 encrypt_done - $tag = $ae->encrypt_done(); + $tag = $ae->encrypt_done(); # returns $tag value =head2 decrypt_add - $plaintext = $ae->decrypt_add($ciphertext); #can be called multiple times + $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times #BEWARE: size of $ciphertext has to be multiple of blocklen (16 for AES) -=head2 encrypt_last +=head2 decrypt_last $plaintext = $ae->decrypt_last($data); =head2 decrypt_done - my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) - #or my $tag = $ae->decrypt_done; # returns $tag value + #or + my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure) =head2 clone @@ -169,6 +146,10 @@ You can export selected functions: =item * L, L, L, L -=item * L +=item * L -=back \ No newline at end of file +=item * L + +=back + +=cut diff --git a/lib/Crypt/Checksum.pm b/lib/Crypt/Checksum.pm index 23d2351..fa7df5f 100644 --- a/lib/Crypt/Checksum.pm +++ b/lib/Crypt/Checksum.pm @@ -2,32 +2,57 @@ package Crypt::Checksum; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; -our %EXPORT_TAGS = ( all => [qw/ - adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int - crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int - /] ); +our %EXPORT_TAGS = ( all => [qw/ adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int + crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int /] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use Carp; -use Crypt::Checksum::Adler32; -use Crypt::Checksum::CRC32; +$Carp::Internal{(__PACKAGE__)}++; -sub adler32_data { Crypt::Checksum::Adler32->new->add(@_)->digest } -sub adler32_data_hex { Crypt::Checksum::Adler32->new->add(@_)->hexdigest } -sub adler32_data_int { unpack("N", Crypt::Checksum::Adler32->new->add(@_)->digest) } -sub adler32_file { Crypt::Checksum::Adler32->new->addfile(@_)->digest } -sub adler32_file_hex { Crypt::Checksum::Adler32->new->addfile(@_)->hexdigest } -sub adler32_file_int { unpack("N", Crypt::Checksum::Adler32->new->addfile(@_)->digest) } -sub crc32_data { Crypt::Checksum::CRC32->new->add(@_)->digest } -sub crc32_data_hex { Crypt::Checksum::CRC32->new->add(@_)->hexdigest } -sub crc32_data_int { unpack("N", Crypt::Checksum::CRC32->new->add(@_)->digest) } -sub crc32_file { Crypt::Checksum::CRC32->new->addfile(@_)->digest } -sub crc32_file_hex { Crypt::Checksum::CRC32->new->addfile(@_)->hexdigest } -sub crc32_file_int { unpack("N", Crypt::Checksum::CRC32->new->addfile(@_)->digest) } +# obsolete since v0.057, only for backwards compatibility +use Crypt::Checksum::CRC32; +use Crypt::Checksum::Adler32; +sub adler32_data { goto \&Crypt::Checksum::Adler32::adler32_data } +sub adler32_data_hex { goto \&Crypt::Checksum::Adler32::adler32_data_hex } +sub adler32_data_int { goto \&Crypt::Checksum::Adler32::adler32_data_int } +sub adler32_file { goto \&Crypt::Checksum::Adler32::adler32_file } +sub adler32_file_hex { goto \&Crypt::Checksum::Adler32::adler32_file_hex } +sub adler32_file_int { goto \&Crypt::Checksum::Adler32::adler32_file_int } +sub crc32_data { goto \&Crypt::Checksum::CRC32::crc32_data } +sub crc32_data_hex { goto \&Crypt::Checksum::CRC32::crc32_data_hex } +sub crc32_data_int { goto \&Crypt::Checksum::CRC32::crc32_data_int } +sub crc32_file { goto \&Crypt::Checksum::CRC32::crc32_file } +sub crc32_file_hex { goto \&Crypt::Checksum::CRC32::crc32_file_hex } +sub crc32_file_int { goto \&Crypt::Checksum::CRC32::crc32_file_int } + +sub addfile { + my ($self, $file) = @_; + + my $handle; + if (ref(\$file) eq 'SCALAR') { #filename + open($handle, "<", $file) || croak "FATAL: cannot open '$file': $!"; + binmode($handle); + } + else { #handle + $handle = $file + } + croak "FATAL: invalid handle" unless defined $handle; + + my $n; + my $buf = ""; + while (($n = read($handle, $buf, 32*1024))) { + $self->add($buf) + } + croak "FATAL: read failed: $!" unless defined $n; + + return $self; +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -35,163 +60,10 @@ sub crc32_file_int { unpack("N", Crypt::Checksum::CRC32->new->addfile(@_)-> =head1 NAME -Crypt::Checksum - functional interface to CRC32 and Adler32 checksums +Crypt::Checksum - [internal only] -=head1 SYNOPSIS - - use Crypt::Checksum ':all'; - - # calculate Adler32 checksum from string/buffer - $checksum_raw = adler32_data($data); - $checksum_hex = adler32_data_hex($data); - - # calculate Adler32 checksum from file - $checksum_raw = adler32_file('filename.dat'); - $checksum_hex = adler32_file_hex('filename.dat'); - - # calculate Adler32 checksum from filehandle - $checksum_raw = adler32_file(*FILEHANDLE); - $checksum_hex = adler32_file_hex(*FILEHANDLE); - - # calculate CRC32 checksum from string/buffer - $checksum_raw = crc32_data($data); - $checksum_hex = crc32_data_hex($data); - - # calculate CRC32 checksum from file - $checksum_raw = crc32_file('filename.dat'); - $checksum_hex = crc32_file_hex('filename.dat'); - - # calculate CRC32 checksum from filehandle - $checksum_raw = crc32_file(*FILEHANDLE); - $checksum_hex = crc32_file_hex(*FILEHANDLE); - =head1 DESCRIPTION -Calculating CRC32 and Adler32 checksums (functional interface); +You are probably looking for L or L. -I - -=head1 EXPORT - -Nothing is exported by default. - -You can export selected functions: - - use Crypt::Checksum qw( adler32_data adler32_data_hex adler32_file adler32_file_hex - crc32_data crc32_data_hex crc32_file crc32_file_hex ); - -Or all of them at once: - - use Crypt::Checksum ':all'; - -=head1 FUNCTIONS - -=head2 adler32_data - -Returns checksum as raw octects. - - $checksum_raw = adler32_data('data string'); - #or - $checksum_raw = adler32_data('any data', 'more data', 'even more data'); - -=head2 adler32_data_hex - -Returns checksum as a hexadecimal string. - - $checksum_hex = adler32_data_hex('data string'); - #or - $checksum_hex = adler32_data_hex('any data', 'more data', 'even more data'); - -=head2 adler32_data_int - -Returns checksum as unsingned 32bit integer. - - $checksum_hex = adler32_data_int('data string'); - #or - $checksum_hex = adler32_data_int('any data', 'more data', 'even more data'); - -=head2 adler32_file - -Returns checksum as raw octects. - - $checksum_raw = adler32_file('filename.dat'); - #or - $checksum_raw = adler32_file(*FILEHANDLE); - -=head2 adler32_file_hex - -Returns checksum as a hexadecimal string. - - $checksum_hex = adler32_file_hex('filename.dat'); - #or - $checksum_hex = adler32_file_hex(*FILEHANDLE); - -=head2 adler32_file_int - -Returns checksum as unsingned 32bit integer. - - $checksum_hex = adler32_file_int('data string'); - #or - $checksum_hex = adler32_file_int('any data', 'more data', 'even more data'); - -=head2 crc32_data - -Returns checksum as raw octects. - - $checksum_raw = crc32_data('data string'); - #or - $checksum_raw = crc32_data('any data', 'more data', 'even more data'); - -=head2 crc32_data_hex - -Returns checksum as a hexadecimal string. - - $checksum_hex = crc32_data_hex('data string'); - #or - $checksum_hex = crc32_data_hex('any data', 'more data', 'even more data'); - -=head2 crc32_data_int - -Returns checksum as unsingned 32bit integer. - - $checksum_hex = crc32_data_int('data string'); - #or - $checksum_hex = crc32_data_int('any data', 'more data', 'even more data'); - -=head2 crc32_file - -Returns checksum as raw octects. - - $checksum_raw = crc32_file('filename.dat'); - #or - $checksum_raw = crc32_file(*FILEHANDLE); - -=head2 crc32_file_hex - -Returns checksum as a hexadecimal string. - - $checksum_hex = crc32_file_hex('filename.dat'); - #or - $checksum_hex = crc32_file_hex(*FILEHANDLE); - -=head2 crc32_file_int - -Returns checksum as unsingned 32bit integer. - - $checksum_hex = crc32_file_int('data string'); - #or - $checksum_hex = crc32_file_int('any data', 'more data', 'even more data'); - -=head1 SEE ALSO - -=over - -=item * L, L, L - -=item * L - -=item * L - -=back - -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/Checksum/Adler32.pm b/lib/Crypt/Checksum/Adler32.pm index 5691805..904f47d 100644 --- a/lib/Crypt/Checksum/Adler32.pm +++ b/lib/Crypt/Checksum/Adler32.pm @@ -2,34 +2,20 @@ package Crypt::Checksum::Adler32; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Checksum Exporter); +our %EXPORT_TAGS = ( all => [qw( adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -sub addfile { - my ($self, $file) = @_; - - my $handle; - if (ref(\$file) eq 'SCALAR') { #filename - open($handle, "<", $file) || croak "FATAL: cannot open '$file': $!"; - binmode($handle); - } - else { #handle - $handle = $file - } - croak "FATAL: invalid handle" unless defined $handle; - - my $n; - my $buf = ""; - while (($n = read($handle, $buf, 32*1024))) { - $self->add($buf) - } - croak "FATAL: read failed: $!" unless defined $n; - - return $self; -} - -sub CLONE_SKIP { 1 } # prevent cloning +sub adler32_file { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::Adler32->new->addfile(@_)->digest } +sub adler32_file_hex { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::Adler32->new->addfile(@_)->hexdigest } +sub adler32_file_int { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::Adler32->new->addfile(@_)->intdigest } 1; @@ -41,20 +27,101 @@ Crypt::Checksum::Adler32 - Compute Adler32 checksum =head1 SYNOPSIS + ### Functional interface: + use Crypt::Checksum::Adler32 ':all'; + + # calculate Adler32 checksum from string/buffer + $checksum_raw = adler32_data($data); + $checksum_hex = adler32_data_hex($data); + $checksum_int = adler32_data_int($data); + # calculate Adler32 checksum from file + $checksum_raw = adler32_file('filename.dat'); + $checksum_hex = adler32_file_hex('filename.dat'); + $checksum_int = adler32_file_int('filename.dat'); + # calculate Adler32 checksum from filehandle + $checksum_raw = adler32_file(*FILEHANDLE); + $checksum_hex = adler32_file_hex(*FILEHANDLE); + $checksum_int = adler32_file_int(*FILEHANDLE); + + ### OO interface: use Crypt::Checksum::Adler32; $d = Crypt::Checksum::Adler32->new; $d->add('any data'); + $d->add('another data'); $d->addfile('filename.dat'); $d->addfile(*FILEHANDLE); - $checksum_raw = $d->digest; # raw bytes + $checksum_raw = $d->digest; # raw 4 bytes $checksum_hex = $d->hexdigest; # hexadecimal form + $checksum_int = $d->intdigest; # 32bit unsigned integer =head1 DESCRIPTION -Calculating Adler32 checksums (OO interface); +Calculating Adler32 checksums. -I +I + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Checksum::Adler32 qw(adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int); + +Or all of them at once: + + use Crypt::Checksum::Adler32 ':all'; + +=head1 FUNCTIONS + +=head2 adler32_data + +Returns checksum as raw octects. + + $checksum_raw = adler32_data('data string'); + #or + $checksum_raw = adler32_data('any data', 'more data', 'even more data'); + +=head2 adler32_data_hex + +Returns checksum as a hexadecimal string. + + $checksum_hex = adler32_data_hex('data string'); + #or + $checksum_hex = adler32_data_hex('any data', 'more data', 'even more data'); + +=head2 adler32_data_int + +Returns checksum as unsigned 32bit integer. + + $checksum_int = adler32_data_int('data string'); + #or + $checksum_int = adler32_data_int('any data', 'more data', 'even more data'); + +=head2 adler32_file + +Returns checksum as raw octects. + + $checksum_raw = adler32_file('filename.dat'); + #or + $checksum_raw = adler32_file(*FILEHANDLE); + +=head2 adler32_file_hex + +Returns checksum as a hexadecimal string. + + $checksum_hex = adler32_file_hex('filename.dat'); + #or + $checksum_hex = adler32_file_hex(*FILEHANDLE); + +=head2 adler32_file_int + +Returns checksum as unsigned 32bit integer. + + $checksum_int = adler32_file_int('filename.dat'); + #or + $checksum_int = adler32_file_int(*FILEHANDLE); =head1 METHODS @@ -108,14 +175,20 @@ Returns the checksum encoded as a hexadecimal string. $result_hex = $d->hexdigest(); +=head2 intdigest + +Returns the checksum encoded as unsigned 32bit integer. + + $result_int = $d->intdigest(); + =head1 SEE ALSO =over -=item * L, L +=item * L =item * L =back -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/Checksum/CRC32.pm b/lib/Crypt/Checksum/CRC32.pm index 72cd662..0932b56 100644 --- a/lib/Crypt/Checksum/CRC32.pm +++ b/lib/Crypt/Checksum/CRC32.pm @@ -2,34 +2,20 @@ package Crypt::Checksum::CRC32; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Checksum Exporter); +our %EXPORT_TAGS = ( all => [qw( crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -sub addfile { - my ($self, $file) = @_; - - my $handle; - if (ref(\$file) eq 'SCALAR') { #filename - open($handle, "<", $file) || croak "FATAL: cannot open '$file': $!"; - binmode($handle); - } - else { #handle - $handle = $file - } - croak "FATAL: invalid handle" unless defined $handle; - - my $n; - my $buf = ""; - while (($n = read($handle, $buf, 32*1024))) { - $self->add($buf) - } - croak "FATAL: read failed: $!" unless defined $n; - - return $self; -} - -sub CLONE_SKIP { 1 } # prevent cloning +sub crc32_file { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::CRC32->new->addfile(@_)->digest } +sub crc32_file_hex { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::CRC32->new->addfile(@_)->hexdigest } +sub crc32_file_int { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Checksum::CRC32->new->addfile(@_)->intdigest } 1; @@ -41,20 +27,101 @@ Crypt::Checksum::CRC32 - Compute CRC32 checksum =head1 SYNOPSIS + ### Functional interface: + use Crypt::Checksum::CRC32 ':all'; + + # calculate CRC32 checksum from string/buffer + $checksum_raw = crc32_data($data); + $checksum_hex = crc32_data_hex($data); + $checksum_int = crc32_data_int($data); + # calculate CRC32 checksum from file + $checksum_raw = crc32_file('filename.dat'); + $checksum_hex = crc32_file_hex('filename.dat'); + $checksum_int = crc32_file_int('filename.dat'); + # calculate CRC32 checksum from filehandle + $checksum_raw = crc32_file(*FILEHANDLE); + $checksum_hex = crc32_file_hex(*FILEHANDLE); + $checksum_int = crc32_file_int(*FILEHANDLE); + + ### OO interface: use Crypt::Checksum::CRC32; $d = Crypt::Checksum::CRC32->new; $d->add('any data'); + $d->add('another data'); $d->addfile('filename.dat'); $d->addfile(*FILEHANDLE); - $checksum_raw = $d->digest; # raw bytes + $checksum_raw = $d->digest; # raw 4 bytes $checksum_hex = $d->hexdigest; # hexadecimal form + $checksum_int = $d->intdigest; # 32bit unsigned integer =head1 DESCRIPTION -Calculating CRC32 checksums (OO interface); +Calculating CRC32 checksums. -I +I + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Checksum::CRC32 qw(crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int); + +Or all of them at once: + + use Crypt::Checksum::CRC32 ':all'; + +=head1 FUNCTIONS + +=head2 crc32_data + +Returns checksum as raw octects. + + $checksum_raw = crc32_data('data string'); + #or + $checksum_raw = crc32_data('any data', 'more data', 'even more data'); + +=head2 crc32_data_hex + +Returns checksum as a hexadecimal string. + + $checksum_hex = crc32_data_hex('data string'); + #or + $checksum_hex = crc32_data_hex('any data', 'more data', 'even more data'); + +=head2 crc32_data_int + +Returns checksum as unsigned 32bit integer. + + $checksum_int = crc32_data_int('data string'); + #or + $checksum_int = crc32_data_int('any data', 'more data', 'even more data'); + +=head2 crc32_file + +Returns checksum as raw octects. + + $checksum_raw = crc32_file('filename.dat'); + #or + $checksum_raw = crc32_file(*FILEHANDLE); + +=head2 crc32_file_hex + +Returns checksum as a hexadecimal string. + + $checksum_hex = crc32_file_hex('filename.dat'); + #or + $checksum_hex = crc32_file_hex(*FILEHANDLE); + +=head2 crc32_file_int + +Returns checksum as unsigned 32bit integer. + + $checksum_int = crc32_file_int('filename.dat'); + #or + $checksum_int = crc32_file_int(*FILEHANDLE); =head1 METHODS @@ -108,14 +175,20 @@ Returns the checksum encoded as a hexadecimal string. $result_hex = $d->hexdigest(); +=head2 intdigest + +Returns the checksum encoded as unsigned 32bit integer. + + $result_int = $d->intdigest(); + =head1 SEE ALSO =over -=item * L, L +=item * L =item * L =back -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/Cipher.pm b/lib/Crypt/Cipher.pm index 686780f..0258cc7 100644 --- a/lib/Crypt/Cipher.pm +++ b/lib/Crypt/Cipher.pm @@ -2,83 +2,23 @@ package Crypt::Cipher; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; + +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; ### the following methods/functions are implemented in XS: -# - _new +# - new # - DESTROY -# - _keysize -# - _max_keysize -# - _min_keysize -# - _blocksize -# - _default_rounds -# - encrypt +# - blocksize # - decrypt -#functions, not methods: -# - _block_length_by_name -# - _min_key_length_by_name -# - _max_key_length_by_name -# - _default_rounds_by_name +# - default_rounds +# - encrypt +# - max_keysize +# - min_keysize -sub _trans_cipher_name { - my $name = shift; - my %trans = ( - DES_EDE => '3des', - SAFERP => 'safer+', - SAFER_K128 => 'safer-k128', - SAFER_K64 => 'safer-k64', - SAFER_SK128 => 'safer-sk128', - SAFER_SK64 => 'safer-sk64', - ); - $name =~ s/^Crypt::Cipher:://; - return $trans{uc($name)} if defined $trans{uc($name)}; - return lc($name); -} - -### METHODS - -sub new { - my $pkg = shift; - my $cipher_name = $pkg eq __PACKAGE__ ? _trans_cipher_name(shift) : _trans_cipher_name($pkg); - return _new($cipher_name, @_); -} - -sub blocksize { - my $self = shift; - return $self->_blocksize if ref($self); - $self = _trans_cipher_name(shift) if $self eq __PACKAGE__; - return _block_length_by_name(_trans_cipher_name($self)); -} - -sub keysize { - max_keysize(@_); -} - -sub max_keysize -{ - my $self = shift; - return unless defined $self; - return $self->_max_keysize if ref($self); - $self = _trans_cipher_name(shift) if $self eq __PACKAGE__; - return _max_key_length_by_name(_trans_cipher_name($self)); -} - -sub min_keysize { - my $self = shift; - return unless defined $self; - return $self->_min_keysize if ref($self); - $self = _trans_cipher_name(shift) if $self eq __PACKAGE__; - return _min_key_length_by_name(_trans_cipher_name($self)); -} - -sub default_rounds { - my $self = shift; - return unless defined $self; - return $self->_default_rounds if ref($self); - $self = _trans_cipher_name(shift) if $self eq __PACKAGE__; - return _default_rounds_by_name(_trans_cipher_name($self)); -} +sub keysize { goto \&max_keysize; } # for Crypt::CBC compatibility sub CLONE_SKIP { 1 } # prevent cloning @@ -121,7 +61,7 @@ Crypt::Cipher - Generic interface to cipher functions =head1 DESCRIPTION -Provides an interface to various symetric cipher algorithms. +Provides an interface to various symmetric cipher algorithms. B This module implements just elementary "one-block-(en|de)cryption" operation - if you want to encrypt/decrypt generic data you have to use some of the cipher block modes - check for example @@ -138,11 +78,11 @@ Constructor, returns a reference to the cipher object. # $name = one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', - # 'SEED', 'Skipjack', 'Twofish', 'XTEA' - # simply any for which there exists Crypt::Cipher:: + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: # $key = binary key (keysize should comply with selected cipher requirements) - ## some of the ciphers (e.g. MULTI2, RC5, SAFER) allows to set number of rounds + ## some of the ciphers (e.g. MULTI2, RC5, SAFER) allow one to set number of rounds $d = Crypt::Cipher->new('MULTI2', $key, $rounds); # $rounds = positive integer (should comply with selected cipher requirements) @@ -194,7 +134,7 @@ Returns block size (in bytes) for given cipher. =head2 default_rounds -Returns default number of rounds for given cipher. NOTE: only some cipher (e.g. MULTI2, RC5, SAFER) allows to set number of rounds via new(). +Returns default number of rounds for given cipher. NOTE: only some ciphers (e.g. MULTI2, RC5, SAFER) allow one to set number of rounds via new(). $d->default_rounds; #or @@ -213,5 +153,3 @@ Returns default number of rounds for given cipher. NOTE: only some cipher (e.g. =back =cut - -__END__ diff --git a/lib/Crypt/Cipher/AES.pm b/lib/Crypt/Cipher/AES.pm index 1d4e97d..a5ac16b 100644 --- a/lib/Crypt/Cipher/AES.pm +++ b/lib/Crypt/Cipher/AES.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::AES; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('AES') } +sub keysize { Crypt::Cipher::keysize('AES') } +sub max_keysize { Crypt::Cipher::max_keysize('AES') } +sub min_keysize { Crypt::Cipher::min_keysize('AES') } +sub default_rounds { Crypt::Cipher::default_rounds('AES') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::AES - Symetric cipher AES (aka Rijndael), key size: 128/192/256 bits (Crypt::CBC compliant) +Crypt::Cipher::AES - Symmetric cipher AES (aka Rijndael), key size: 128/192/256 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::AES - Symetric cipher AES (aka Rijndael), key size: 128/192/256 b my $cbc = Crypt::Mode::CBC->new('AES'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::AES; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Anubis.pm b/lib/Crypt/Cipher/Anubis.pm index e06b5cd..88125f2 100644 --- a/lib/Crypt/Cipher/Anubis.pm +++ b/lib/Crypt/Cipher/Anubis.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Anubis; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Anubis') } +sub keysize { Crypt::Cipher::keysize('Anubis') } +sub max_keysize { Crypt::Cipher::max_keysize('Anubis') } +sub min_keysize { Crypt::Cipher::min_keysize('Anubis') } +sub default_rounds { Crypt::Cipher::default_rounds('Anubis') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Anubis - Symetric cipher Anubis, key size: 128-320 bits (Crypt::CBC compliant) +Crypt::Cipher::Anubis - Symmetric cipher Anubis, key size: 128-320 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Anubis - Symetric cipher Anubis, key size: 128-320 bits (Crypt::C my $cbc = Crypt::Mode::CBC->new('Anubis'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Anubis; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Blowfish.pm b/lib/Crypt/Cipher/Blowfish.pm index 0e98a2c..bf6f9f2 100644 --- a/lib/Crypt/Cipher/Blowfish.pm +++ b/lib/Crypt/Cipher/Blowfish.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Blowfish; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Blowfish') } +sub keysize { Crypt::Cipher::keysize('Blowfish') } +sub max_keysize { Crypt::Cipher::max_keysize('Blowfish') } +sub min_keysize { Crypt::Cipher::min_keysize('Blowfish') } +sub default_rounds { Crypt::Cipher::default_rounds('Blowfish') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Blowfish - Symetric cipher Blowfish, key size: 64-448 bits (Crypt::CBC compliant) +Crypt::Cipher::Blowfish - Symmetric cipher Blowfish, key size: 64-448 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Blowfish - Symetric cipher Blowfish, key size: 64-448 bits (Crypt my $cbc = Crypt::Mode::CBC->new('Blowfish'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Blowfish; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/CAST5.pm b/lib/Crypt/Cipher/CAST5.pm index fbfd240..ececc8b 100644 --- a/lib/Crypt/Cipher/CAST5.pm +++ b/lib/Crypt/Cipher/CAST5.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::CAST5; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('CAST5') } +sub keysize { Crypt::Cipher::keysize('CAST5') } +sub max_keysize { Crypt::Cipher::max_keysize('CAST5') } +sub min_keysize { Crypt::Cipher::min_keysize('CAST5') } +sub default_rounds { Crypt::Cipher::default_rounds('CAST5') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::CAST5 - Symetric cipher CAST5 (aka CAST-128), key size: 40-128 bits (Crypt::CBC compliant) +Crypt::Cipher::CAST5 - Symmetric cipher CAST5 (aka CAST-128), key size: 40-128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::CAST5 - Symetric cipher CAST5 (aka CAST-128), key size: 40-128 bi my $cbc = Crypt::Mode::CBC->new('CAST5'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::CAST5; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Camellia.pm b/lib/Crypt/Cipher/Camellia.pm index 0415ef2..8d1af9e 100644 --- a/lib/Crypt/Cipher/Camellia.pm +++ b/lib/Crypt/Cipher/Camellia.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Camellia; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Camellia') } +sub keysize { Crypt::Cipher::keysize('Camellia') } +sub max_keysize { Crypt::Cipher::max_keysize('Camellia') } +sub min_keysize { Crypt::Cipher::min_keysize('Camellia') } +sub default_rounds { Crypt::Cipher::default_rounds('Camellia') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Camellia - Symetric cipher Camellia, key size: 128/192/256 bits (Crypt::CBC compliant) +Crypt::Cipher::Camellia - Symmetric cipher Camellia, key size: 128/192/256 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Camellia - Symetric cipher Camellia, key size: 128/192/256 bits ( my $cbc = Crypt::Mode::CBC->new('Camellia'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Camellia; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/DES.pm b/lib/Crypt/Cipher/DES.pm index 486cae8..78e3e35 100644 --- a/lib/Crypt/Cipher/DES.pm +++ b/lib/Crypt/Cipher/DES.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::DES; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('DES') } +sub keysize { Crypt::Cipher::keysize('DES') } +sub max_keysize { Crypt::Cipher::max_keysize('DES') } +sub min_keysize { Crypt::Cipher::min_keysize('DES') } +sub default_rounds { Crypt::Cipher::default_rounds('DES') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::DES - Symetric cipher DES, key size: 64[56] bits (Crypt::CBC compliant) +Crypt::Cipher::DES - Symmetric cipher DES, key size: 64[56] bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::DES - Symetric cipher DES, key size: 64[56] bits (Crypt::CBC comp my $cbc = Crypt::Mode::CBC->new('DES'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::DES; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/DES_EDE.pm b/lib/Crypt/Cipher/DES_EDE.pm index ea4b31d..78786d8 100644 --- a/lib/Crypt/Cipher/DES_EDE.pm +++ b/lib/Crypt/Cipher/DES_EDE.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::DES_EDE; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('DES_EDE') } +sub keysize { Crypt::Cipher::keysize('DES_EDE') } +sub max_keysize { Crypt::Cipher::max_keysize('DES_EDE') } +sub min_keysize { Crypt::Cipher::min_keysize('DES_EDE') } +sub default_rounds { Crypt::Cipher::default_rounds('DES_EDE') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::DES_EDE - Symetric cipher DES_EDE (aka Tripple-DES, 3DES), key size: 192[168] bits (Crypt::CBC compliant) +Crypt::Cipher::DES_EDE - Symmetric cipher DES_EDE (aka Triple-DES, 3DES), key size: 192[168] bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::DES_EDE - Symetric cipher DES_EDE (aka Tripple-DES, 3DES), key si my $cbc = Crypt::Mode::CBC->new('DES_EDE'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::DES_EDE; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/IDEA.pm b/lib/Crypt/Cipher/IDEA.pm new file mode 100644 index 0000000..75fbb8c --- /dev/null +++ b/lib/Crypt/Cipher/IDEA.pm @@ -0,0 +1,118 @@ +package Crypt::Cipher::IDEA; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Cipher); + +sub blocksize { Crypt::Cipher::blocksize('IDEA') } +sub keysize { Crypt::Cipher::keysize('IDEA') } +sub max_keysize { Crypt::Cipher::max_keysize('IDEA') } +sub min_keysize { Crypt::Cipher::min_keysize('IDEA') } +sub default_rounds { Crypt::Cipher::default_rounds('IDEA') } + +1; + +=pod + +=head1 NAME + +Crypt::Cipher::IDEA - Symmetric cipher IDEA, key size: 128 bits (Crypt::CBC compliant) + +=head1 SYNOPSIS + + ### example 1 + use Crypt::Mode::CBC; + + my $key = '...'; # length has to be valid key size for this cipher + my $iv = '...'; # 16 bytes + my $cbc = Crypt::Mode::CBC->new('IDEA'); + my $ciphertext = $cbc->encrypt("secret data", $key, $iv); + + ### example 2 (slower) + use Crypt::CBC; + use Crypt::Cipher::IDEA; + + my $key = '...'; # length has to be valid key size for this cipher + my $iv = '...'; # 16 bytes + my $cbc = Crypt::CBC->new( -cipher=>'Cipher::IDEA', -key=>$key, -iv=>$iv ); + my $ciphertext = $cbc->encrypt("secret data"); + +=head1 DESCRIPTION + +This module implements the IDEA cipher. Provided interface is compliant with L module. + +B This module implements just elementary "one-block-(en|de)cryption" operation - if you want to +encrypt/decrypt generic data you have to use some of the cipher block modes - check for example +L, L or L (which will be slower). + +=head1 METHODS + +=head2 new + + $c = Crypt::Cipher::IDEA->new($key); + #or + $c = Crypt::Cipher::IDEA->new($key, $rounds); + +=head2 encrypt + + $ciphertext = $c->encrypt($plaintext); + +=head2 decrypt + + $plaintext = $c->decrypt($ciphertext); + +=head2 keysize + + $c->keysize; + #or + Crypt::Cipher::IDEA->keysize; + #or + Crypt::Cipher::IDEA::keysize; + +=head2 blocksize + + $c->blocksize; + #or + Crypt::Cipher::IDEA->blocksize; + #or + Crypt::Cipher::IDEA::blocksize; + +=head2 max_keysize + + $c->max_keysize; + #or + Crypt::Cipher::IDEA->max_keysize; + #or + Crypt::Cipher::IDEA::max_keysize; + +=head2 min_keysize + + $c->min_keysize; + #or + Crypt::Cipher::IDEA->min_keysize; + #or + Crypt::Cipher::IDEA::min_keysize; + +=head2 default_rounds + + $c->default_rounds; + #or + Crypt::Cipher::IDEA->default_rounds; + #or + Crypt::Cipher::IDEA::default_rounds; + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Cipher/KASUMI.pm b/lib/Crypt/Cipher/KASUMI.pm index f1dc727..fe1d941 100644 --- a/lib/Crypt/Cipher/KASUMI.pm +++ b/lib/Crypt/Cipher/KASUMI.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::KASUMI; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('KASUMI') } +sub keysize { Crypt::Cipher::keysize('KASUMI') } +sub max_keysize { Crypt::Cipher::max_keysize('KASUMI') } +sub min_keysize { Crypt::Cipher::min_keysize('KASUMI') } +sub default_rounds { Crypt::Cipher::default_rounds('KASUMI') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::KASUMI - Symetric cipher KASUMI, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::KASUMI - Symmetric cipher KASUMI, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::KASUMI - Symetric cipher KASUMI, key size: 128 bits (Crypt::CBC c my $cbc = Crypt::Mode::CBC->new('KASUMI'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::KASUMI; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Khazad.pm b/lib/Crypt/Cipher/Khazad.pm index bc6217f..b9194fb 100644 --- a/lib/Crypt/Cipher/Khazad.pm +++ b/lib/Crypt/Cipher/Khazad.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Khazad; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Khazad') } +sub keysize { Crypt::Cipher::keysize('Khazad') } +sub max_keysize { Crypt::Cipher::max_keysize('Khazad') } +sub min_keysize { Crypt::Cipher::min_keysize('Khazad') } +sub default_rounds { Crypt::Cipher::default_rounds('Khazad') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Khazad - Symetric cipher Khazad, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::Khazad - Symmetric cipher Khazad, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Khazad - Symetric cipher Khazad, key size: 128 bits (Crypt::CBC c my $cbc = Crypt::Mode::CBC->new('Khazad'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Khazad; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/MULTI2.pm b/lib/Crypt/Cipher/MULTI2.pm index 895b242..0c340d5 100644 --- a/lib/Crypt/Cipher/MULTI2.pm +++ b/lib/Crypt/Cipher/MULTI2.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::MULTI2; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('MULTI2') } +sub keysize { Crypt::Cipher::keysize('MULTI2') } +sub max_keysize { Crypt::Cipher::max_keysize('MULTI2') } +sub min_keysize { Crypt::Cipher::min_keysize('MULTI2') } +sub default_rounds { Crypt::Cipher::default_rounds('MULTI2') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::MULTI2 - Symetric cipher MULTI2, key size: 320 bits (Crypt::CBC compliant) +Crypt::Cipher::MULTI2 - Symmetric cipher MULTI2, key size: 320 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::MULTI2 - Symetric cipher MULTI2, key size: 320 bits (Crypt::CBC c my $cbc = Crypt::Mode::CBC->new('MULTI2'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::MULTI2; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Noekeon.pm b/lib/Crypt/Cipher/Noekeon.pm index 4a73159..42db556 100644 --- a/lib/Crypt/Cipher/Noekeon.pm +++ b/lib/Crypt/Cipher/Noekeon.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Noekeon; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Noekeon') } +sub keysize { Crypt::Cipher::keysize('Noekeon') } +sub max_keysize { Crypt::Cipher::max_keysize('Noekeon') } +sub min_keysize { Crypt::Cipher::min_keysize('Noekeon') } +sub default_rounds { Crypt::Cipher::default_rounds('Noekeon') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Noekeon - Symetric cipher Noekeon, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::Noekeon - Symmetric cipher Noekeon, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Noekeon - Symetric cipher Noekeon, key size: 128 bits (Crypt::CBC my $cbc = Crypt::Mode::CBC->new('Noekeon'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Noekeon; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/RC2.pm b/lib/Crypt/Cipher/RC2.pm index 8529a4b..42bcaf3 100644 --- a/lib/Crypt/Cipher/RC2.pm +++ b/lib/Crypt/Cipher/RC2.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::RC2; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('RC2') } +sub keysize { Crypt::Cipher::keysize('RC2') } +sub max_keysize { Crypt::Cipher::max_keysize('RC2') } +sub min_keysize { Crypt::Cipher::min_keysize('RC2') } +sub default_rounds { Crypt::Cipher::default_rounds('RC2') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::RC2 - Symetric cipher RC2, key size: 64-1024 bits (Crypt::CBC compliant) +Crypt::Cipher::RC2 - Symmetric cipher RC2, key size: 40-1024 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::RC2 - Symetric cipher RC2, key size: 64-1024 bits (Crypt::CBC com my $cbc = Crypt::Mode::CBC->new('RC2'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::RC2; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/RC5.pm b/lib/Crypt/Cipher/RC5.pm index f358c25..a88cbd3 100644 --- a/lib/Crypt/Cipher/RC5.pm +++ b/lib/Crypt/Cipher/RC5.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::RC5; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('RC5') } +sub keysize { Crypt::Cipher::keysize('RC5') } +sub max_keysize { Crypt::Cipher::max_keysize('RC5') } +sub min_keysize { Crypt::Cipher::min_keysize('RC5') } +sub default_rounds { Crypt::Cipher::default_rounds('RC5') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::RC5 - Symetric cipher RC5, key size: 64-1024 bits (Crypt::CBC compliant) +Crypt::Cipher::RC5 - Symmetric cipher RC5, key size: 64-1024 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::RC5 - Symetric cipher RC5, key size: 64-1024 bits (Crypt::CBC com my $cbc = Crypt::Mode::CBC->new('RC5'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::RC5; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/RC6.pm b/lib/Crypt/Cipher/RC6.pm index f185f3b..809851e 100644 --- a/lib/Crypt/Cipher/RC6.pm +++ b/lib/Crypt/Cipher/RC6.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::RC6; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('RC6') } +sub keysize { Crypt::Cipher::keysize('RC6') } +sub max_keysize { Crypt::Cipher::max_keysize('RC6') } +sub min_keysize { Crypt::Cipher::min_keysize('RC6') } +sub default_rounds { Crypt::Cipher::default_rounds('RC6') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::RC6 - Symetric cipher RC6, key size: 64-1024 bits (Crypt::CBC compliant) +Crypt::Cipher::RC6 - Symmetric cipher RC6, key size: 64-1024 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::RC6 - Symetric cipher RC6, key size: 64-1024 bits (Crypt::CBC com my $cbc = Crypt::Mode::CBC->new('RC6'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::RC6; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SAFERP.pm b/lib/Crypt/Cipher/SAFERP.pm index 05f989f..d775807 100644 --- a/lib/Crypt/Cipher/SAFERP.pm +++ b/lib/Crypt/Cipher/SAFERP.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SAFERP; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SAFERP') } +sub keysize { Crypt::Cipher::keysize('SAFERP') } +sub max_keysize { Crypt::Cipher::max_keysize('SAFERP') } +sub min_keysize { Crypt::Cipher::min_keysize('SAFERP') } +sub default_rounds { Crypt::Cipher::default_rounds('SAFERP') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SAFERP - Symetric cipher SAFER+, key size: 128/192/256 bits (Crypt::CBC compliant) +Crypt::Cipher::SAFERP - Symmetric cipher SAFER+, key size: 128/192/256 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SAFERP - Symetric cipher SAFER+, key size: 128/192/256 bits (Cryp my $cbc = Crypt::Mode::CBC->new('SAFERP'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SAFERP; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SAFER_K128.pm b/lib/Crypt/Cipher/SAFER_K128.pm index c373260..2e7a5d1 100644 --- a/lib/Crypt/Cipher/SAFER_K128.pm +++ b/lib/Crypt/Cipher/SAFER_K128.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SAFER_K128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SAFER_K128') } +sub keysize { Crypt::Cipher::keysize('SAFER_K128') } +sub max_keysize { Crypt::Cipher::max_keysize('SAFER_K128') } +sub min_keysize { Crypt::Cipher::min_keysize('SAFER_K128') } +sub default_rounds { Crypt::Cipher::default_rounds('SAFER_K128') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SAFER_K128 - Symetric cipher SAFER_K128, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::SAFER_K128 - Symmetric cipher SAFER_K128, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SAFER_K128 - Symetric cipher SAFER_K128, key size: 128 bits (Cryp my $cbc = Crypt::Mode::CBC->new('SAFER_K128'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SAFER_K128; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SAFER_K64.pm b/lib/Crypt/Cipher/SAFER_K64.pm index 52741af..9662f23 100644 --- a/lib/Crypt/Cipher/SAFER_K64.pm +++ b/lib/Crypt/Cipher/SAFER_K64.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SAFER_K64; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SAFER_K64') } +sub keysize { Crypt::Cipher::keysize('SAFER_K64') } +sub max_keysize { Crypt::Cipher::max_keysize('SAFER_K64') } +sub min_keysize { Crypt::Cipher::min_keysize('SAFER_K64') } +sub default_rounds { Crypt::Cipher::default_rounds('SAFER_K64') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SAFER_K64 - Symetric cipher SAFER_K64, key size: 64 bits (Crypt::CBC compliant) +Crypt::Cipher::SAFER_K64 - Symmetric cipher SAFER_K64, key size: 64 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SAFER_K64 - Symetric cipher SAFER_K64, key size: 64 bits (Crypt:: my $cbc = Crypt::Mode::CBC->new('SAFER_K64'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SAFER_K64; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SAFER_SK128.pm b/lib/Crypt/Cipher/SAFER_SK128.pm index 32193ff..d85eb13 100644 --- a/lib/Crypt/Cipher/SAFER_SK128.pm +++ b/lib/Crypt/Cipher/SAFER_SK128.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SAFER_SK128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SAFER_SK128') } +sub keysize { Crypt::Cipher::keysize('SAFER_SK128') } +sub max_keysize { Crypt::Cipher::max_keysize('SAFER_SK128') } +sub min_keysize { Crypt::Cipher::min_keysize('SAFER_SK128') } +sub default_rounds { Crypt::Cipher::default_rounds('SAFER_SK128') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SAFER_SK128 - Symetric cipher SAFER_SK128, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::SAFER_SK128 - Symmetric cipher SAFER_SK128, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SAFER_SK128 - Symetric cipher SAFER_SK128, key size: 128 bits (Cr my $cbc = Crypt::Mode::CBC->new('SAFER_SK128'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SAFER_SK128; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SAFER_SK64.pm b/lib/Crypt/Cipher/SAFER_SK64.pm index 73ac371..4ea8f33 100644 --- a/lib/Crypt/Cipher/SAFER_SK64.pm +++ b/lib/Crypt/Cipher/SAFER_SK64.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SAFER_SK64; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SAFER_SK64') } +sub keysize { Crypt::Cipher::keysize('SAFER_SK64') } +sub max_keysize { Crypt::Cipher::max_keysize('SAFER_SK64') } +sub min_keysize { Crypt::Cipher::min_keysize('SAFER_SK64') } +sub default_rounds { Crypt::Cipher::default_rounds('SAFER_SK64') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SAFER_SK64 - Symetric cipher SAFER_SK64, key size: 64 bits (Crypt::CBC compliant) +Crypt::Cipher::SAFER_SK64 - Symmetric cipher SAFER_SK64, key size: 64 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SAFER_SK64 - Symetric cipher SAFER_SK64, key size: 64 bits (Crypt my $cbc = Crypt::Mode::CBC->new('SAFER_SK64'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SAFER_SK64; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/SEED.pm b/lib/Crypt/Cipher/SEED.pm index c81553b..9f1abea 100644 --- a/lib/Crypt/Cipher/SEED.pm +++ b/lib/Crypt/Cipher/SEED.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::SEED; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('SEED') } +sub keysize { Crypt::Cipher::keysize('SEED') } +sub max_keysize { Crypt::Cipher::max_keysize('SEED') } +sub min_keysize { Crypt::Cipher::min_keysize('SEED') } +sub default_rounds { Crypt::Cipher::default_rounds('SEED') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::SEED - Symetric cipher SEED, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::SEED - Symmetric cipher SEED, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::SEED - Symetric cipher SEED, key size: 128 bits (Crypt::CBC compl my $cbc = Crypt::Mode::CBC->new('SEED'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::SEED; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Serpent.pm b/lib/Crypt/Cipher/Serpent.pm new file mode 100644 index 0000000..e7fe8f5 --- /dev/null +++ b/lib/Crypt/Cipher/Serpent.pm @@ -0,0 +1,118 @@ +package Crypt::Cipher::Serpent; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Cipher); + +sub blocksize { Crypt::Cipher::blocksize('Serpent') } +sub keysize { Crypt::Cipher::keysize('Serpent') } +sub max_keysize { Crypt::Cipher::max_keysize('Serpent') } +sub min_keysize { Crypt::Cipher::min_keysize('Serpent') } +sub default_rounds { Crypt::Cipher::default_rounds('Serpent') } + +1; + +=pod + +=head1 NAME + +Crypt::Cipher::Serpent - Symmetric cipher Serpent, key size: 128/192/256 bits (Crypt::CBC compliant) + +=head1 SYNOPSIS + + ### example 1 + use Crypt::Mode::CBC; + + my $key = '...'; # length has to be valid key size for this cipher + my $iv = '...'; # 16 bytes + my $cbc = Crypt::Mode::CBC->new('Serpent'); + my $ciphertext = $cbc->encrypt("secret data", $key, $iv); + + ### example 2 (slower) + use Crypt::CBC; + use Crypt::Cipher::Serpent; + + my $key = '...'; # length has to be valid key size for this cipher + my $iv = '...'; # 16 bytes + my $cbc = Crypt::CBC->new( -cipher=>'Cipher::Serpent', -key=>$key, -iv=>$iv ); + my $ciphertext = $cbc->encrypt("secret data"); + +=head1 DESCRIPTION + +This module implements the Serpent cipher. Provided interface is compliant with L module. + +B This module implements just elementary "one-block-(en|de)cryption" operation - if you want to +encrypt/decrypt generic data you have to use some of the cipher block modes - check for example +L, L or L (which will be slower). + +=head1 METHODS + +=head2 new + + $c = Crypt::Cipher::Serpent->new($key); + #or + $c = Crypt::Cipher::Serpent->new($key, $rounds); + +=head2 encrypt + + $ciphertext = $c->encrypt($plaintext); + +=head2 decrypt + + $plaintext = $c->decrypt($ciphertext); + +=head2 keysize + + $c->keysize; + #or + Crypt::Cipher::Serpent->keysize; + #or + Crypt::Cipher::Serpent::keysize; + +=head2 blocksize + + $c->blocksize; + #or + Crypt::Cipher::Serpent->blocksize; + #or + Crypt::Cipher::Serpent::blocksize; + +=head2 max_keysize + + $c->max_keysize; + #or + Crypt::Cipher::Serpent->max_keysize; + #or + Crypt::Cipher::Serpent::max_keysize; + +=head2 min_keysize + + $c->min_keysize; + #or + Crypt::Cipher::Serpent->min_keysize; + #or + Crypt::Cipher::Serpent::min_keysize; + +=head2 default_rounds + + $c->default_rounds; + #or + Crypt::Cipher::Serpent->default_rounds; + #or + Crypt::Cipher::Serpent::default_rounds; + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Cipher/Skipjack.pm b/lib/Crypt/Cipher/Skipjack.pm index 41f6f2c..f433002 100644 --- a/lib/Crypt/Cipher/Skipjack.pm +++ b/lib/Crypt/Cipher/Skipjack.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Skipjack; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Skipjack') } +sub keysize { Crypt::Cipher::keysize('Skipjack') } +sub max_keysize { Crypt::Cipher::max_keysize('Skipjack') } +sub min_keysize { Crypt::Cipher::min_keysize('Skipjack') } +sub default_rounds { Crypt::Cipher::default_rounds('Skipjack') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Skipjack - Symetric cipher Skipjack, key size: 80 bits (Crypt::CBC compliant) +Crypt::Cipher::Skipjack - Symmetric cipher Skipjack, key size: 80 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Skipjack - Symetric cipher Skipjack, key size: 80 bits (Crypt::CB my $cbc = Crypt::Mode::CBC->new('Skipjack'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Skipjack; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/Twofish.pm b/lib/Crypt/Cipher/Twofish.pm index 85a20d2..91b111a 100644 --- a/lib/Crypt/Cipher/Twofish.pm +++ b/lib/Crypt/Cipher/Twofish.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::Twofish; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('Twofish') } +sub keysize { Crypt::Cipher::keysize('Twofish') } +sub max_keysize { Crypt::Cipher::max_keysize('Twofish') } +sub min_keysize { Crypt::Cipher::min_keysize('Twofish') } +sub default_rounds { Crypt::Cipher::default_rounds('Twofish') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::Twofish - Symetric cipher Twofish, key size: 128/192/256 bits (Crypt::CBC compliant) +Crypt::Cipher::Twofish - Symmetric cipher Twofish, key size: 128/192/256 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::Twofish - Symetric cipher Twofish, key size: 128/192/256 bits (Cr my $cbc = Crypt::Mode::CBC->new('Twofish'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::Twofish; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Cipher/XTEA.pm b/lib/Crypt/Cipher/XTEA.pm index ce325ba..bff3e80 100644 --- a/lib/Crypt/Cipher/XTEA.pm +++ b/lib/Crypt/Cipher/XTEA.pm @@ -4,16 +4,15 @@ package Crypt::Cipher::XTEA; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use CryptX; -use base 'Crypt::Cipher'; +use base qw(Crypt::Cipher); -sub blocksize { Crypt::Cipher::blocksize(__PACKAGE__) } -sub keysize { Crypt::Cipher::keysize(__PACKAGE__) } -sub max_keysize { Crypt::Cipher::max_keysize(__PACKAGE__) } -sub min_keysize { Crypt::Cipher::min_keysize(__PACKAGE__) } -sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } +sub blocksize { Crypt::Cipher::blocksize('XTEA') } +sub keysize { Crypt::Cipher::keysize('XTEA') } +sub max_keysize { Crypt::Cipher::max_keysize('XTEA') } +sub min_keysize { Crypt::Cipher::min_keysize('XTEA') } +sub default_rounds { Crypt::Cipher::default_rounds('XTEA') } 1; @@ -21,7 +20,7 @@ sub default_rounds { Crypt::Cipher::default_rounds(__PACKAGE__) } =head1 NAME -Crypt::Cipher::XTEA - Symetric cipher XTEA, key size: 128 bits (Crypt::CBC compliant) +Crypt::Cipher::XTEA - Symmetric cipher XTEA, key size: 128 bits (Crypt::CBC compliant) =head1 SYNOPSIS @@ -33,7 +32,7 @@ Crypt::Cipher::XTEA - Symetric cipher XTEA, key size: 128 bits (Crypt::CBC compl my $cbc = Crypt::Mode::CBC->new('XTEA'); my $ciphertext = $cbc->encrypt("secret data", $key, $iv); - ### example 2 + ### example 2 (slower) use Crypt::CBC; use Crypt::Cipher::XTEA; @@ -110,12 +109,10 @@ L, L or L< =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest.pm b/lib/Crypt/Digest.pm index a1ec914..3f04e31 100644 --- a/lib/Crypt/Digest.pm +++ b/lib/Crypt/Digest.pm @@ -2,7 +2,7 @@ package Crypt::Digest; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u )] ); @@ -14,70 +14,22 @@ $Carp::Internal{(__PACKAGE__)}++; use CryptX; ### the following methods/functions are implemented in XS: -# - _new -# - _hashsize -# - _hashsize_by_name (function, not method) +# - new +# - hashsize # - clone # - reset # - digest # - hexdigest # - b64digest # - add +# - digest_data +# - digest_data_hex +# - digest_data_b64 +# - digest_data_b64u # - DESTROY -sub _trans_digest_name { - my $name = shift; - my %trans = ( - CHAES => 'chc_hash', - RIPEMD128 => 'rmd128', - RIPEMD160 => 'rmd160', - RIPEMD256 => 'rmd256', - RIPEMD320 => 'rmd320', - TIGER192 => 'tiger', - SHA512_224 => 'sha512-224', - SHA512_256 => 'sha512-256', - SHA3_224 => 'sha3-224', - SHA3_256 => 'sha3-256', - SHA3_384 => 'sha3-384', - SHA3_512 => 'sha3-512', - BLAKE2B_160 => 'blake2b-160', - BLAKE2B_256 => 'blake2b-256', - BLAKE2B_384 => 'blake2b-384', - BLAKE2B_512 => 'blake2b-512', - BLAKE2S_128 => 'blake2s-128', - BLAKE2S_160 => 'blake2s-160', - BLAKE2S_224 => 'blake2s-224', - BLAKE2S_256 => 'blake2s-256', - ); - $name =~ s/^Crypt::Digest:://i; - return $trans{uc($name)} if defined $trans{uc($name)}; - return lc($name); -} - ### METHODS -sub new { - my $pkg = shift; - unshift @_, ($pkg eq 'Crypt::Digest' ? _trans_digest_name(shift) : _trans_digest_name($pkg)); - ###return _new(@_); - goto \&_new; # keep the real caller for croak() -} - -sub hashsize { - return unless defined $_[0]; - - if (ref $_[0]) { - ###return _hashsize(@_); - goto \&_hashsize if ref $_[0]; # keep the real caller for croak() - } - else { - my $pkg = shift; - unshift @_, ($pkg eq 'Crypt::Digest' ? _trans_digest_name(shift) : _trans_digest_name($pkg)); - ###return _hashsize_by_name(@_); - goto \&_hashsize_by_name; # keep the real caller for croak() - } -} - sub addfile { my ($self, $file) = @_; @@ -105,22 +57,10 @@ sub CLONE_SKIP { 1 } # prevent cloning ### FUNCTIONS -sub digest_data { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->digest}; _croak($@); $rv } -sub digest_data_hex { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->hexdigest}; _croak($@); $rv } -sub digest_data_b64 { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->b64digest}; _croak($@); $rv } -sub digest_data_b64u { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->b64udigest}; _croak($@); $rv } - -sub digest_file { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->digest}; _croak($@); $rv } -sub digest_file_hex { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->hexdigest}; _croak($@); $rv } -sub digest_file_b64 { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->b64digest}; _croak($@); $rv } -sub digest_file_b64u { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->b64udigest}; _croak($@); $rv } - -sub _croak { #XXX-FIXME ugly hack for reporting real caller from XS croaks - if ($_[0]) { - $_[0] =~ s/ at .*?\.pm line \d+.[\n\r]*$//g; - croak $_[0]; - } -} +sub digest_file { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->digest } +sub digest_file_hex { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->hexdigest } +sub digest_file_b64 { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->b64digest } +sub digest_file_b64u { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->b64udigest } 1; @@ -183,14 +123,16 @@ Or all of them at once: =head1 FUNCTIONS -Please note that all functions take as its first argument the algoritm name, supported values are: +Please note that all functions take as its first argument the algorithm name, supported values are: 'CHAES', 'MD2', 'MD4', 'MD5', 'RIPEMD128', 'RIPEMD160', 'RIPEMD256', 'RIPEMD320', 'SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512', 'SHA512_224', 'SHA512_256', 'Tiger192', 'Whirlpool', - 'SHA3_224', 'SHA3_256', 'SHA3_384', 'SHA3_512' + 'SHA3_224', 'SHA3_256', 'SHA3_384', 'SHA3_512', + 'BLAKE2b_160', 'BLAKE2b_256', 'BLAKE2b_384', 'BLAKE2b_512', + 'BLAKE2s_128', 'BLAKE2s_160', 'BLAKE2s_224', 'BLAKE2s_256' - (simply any for which there is Crypt::Digest:: module) + (simply any for which there is Crypt::Digest:: module) =head2 digest_data @@ -355,7 +297,7 @@ Returns the digest encoded as a hexadecimal string. =head2 b64digest Returns the digest encoded as a Base64 string, B trailing '=' padding (B this padding -style might differ from other Digest::SOMETHING modules on CPAN). +style might differ from other Digest:: modules on CPAN). $result_b64 = $d->b64digest(); @@ -378,5 +320,3 @@ Returns the digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2b_160.pm b/lib/Crypt/Digest/BLAKE2b_160.pm index bb829e1..050753a 100644 --- a/lib/Crypt/Digest/BLAKE2b_160.pm +++ b/lib/Crypt/Digest/BLAKE2b_160.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2b_160; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2b_160 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2b_160_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2b_160_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2b_160_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2b_160_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2b_160_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2b_160_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2b_160_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2b_160') } +sub blake2b_160 { Crypt::Digest::digest_data('BLAKE2b_160', @_) } +sub blake2b_160_hex { Crypt::Digest::digest_data_hex('BLAKE2b_160', @_) } +sub blake2b_160_b64 { Crypt::Digest::digest_data_b64('BLAKE2b_160', @_) } +sub blake2b_160_b64u { Crypt::Digest::digest_data_b64u('BLAKE2b_160', @_) } +sub blake2b_160_file { Crypt::Digest::digest_file('BLAKE2b_160', @_) } +sub blake2b_160_file_hex { Crypt::Digest::digest_file_hex('BLAKE2b_160', @_) } +sub blake2b_160_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2b_160', @_) } +sub blake2b_160_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2b_160', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2b_256.pm b/lib/Crypt/Digest/BLAKE2b_256.pm index c9a5a2a..701a7b5 100644 --- a/lib/Crypt/Digest/BLAKE2b_256.pm +++ b/lib/Crypt/Digest/BLAKE2b_256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2b_256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2b_256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2b_256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2b_256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2b_256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2b_256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2b_256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2b_256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2b_256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2b_256') } +sub blake2b_256 { Crypt::Digest::digest_data('BLAKE2b_256', @_) } +sub blake2b_256_hex { Crypt::Digest::digest_data_hex('BLAKE2b_256', @_) } +sub blake2b_256_b64 { Crypt::Digest::digest_data_b64('BLAKE2b_256', @_) } +sub blake2b_256_b64u { Crypt::Digest::digest_data_b64u('BLAKE2b_256', @_) } +sub blake2b_256_file { Crypt::Digest::digest_file('BLAKE2b_256', @_) } +sub blake2b_256_file_hex { Crypt::Digest::digest_file_hex('BLAKE2b_256', @_) } +sub blake2b_256_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2b_256', @_) } +sub blake2b_256_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2b_256', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2b_384.pm b/lib/Crypt/Digest/BLAKE2b_384.pm index 3657a35..ebd7f71 100644 --- a/lib/Crypt/Digest/BLAKE2b_384.pm +++ b/lib/Crypt/Digest/BLAKE2b_384.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2b_384; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2b_384 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2b_384_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2b_384_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2b_384_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2b_384_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2b_384_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2b_384_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2b_384_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2b_384') } +sub blake2b_384 { Crypt::Digest::digest_data('BLAKE2b_384', @_) } +sub blake2b_384_hex { Crypt::Digest::digest_data_hex('BLAKE2b_384', @_) } +sub blake2b_384_b64 { Crypt::Digest::digest_data_b64('BLAKE2b_384', @_) } +sub blake2b_384_b64u { Crypt::Digest::digest_data_b64u('BLAKE2b_384', @_) } +sub blake2b_384_file { Crypt::Digest::digest_file('BLAKE2b_384', @_) } +sub blake2b_384_file_hex { Crypt::Digest::digest_file_hex('BLAKE2b_384', @_) } +sub blake2b_384_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2b_384', @_) } +sub blake2b_384_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2b_384', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2b_512.pm b/lib/Crypt/Digest/BLAKE2b_512.pm index fd06784..f9854ae 100644 --- a/lib/Crypt/Digest/BLAKE2b_512.pm +++ b/lib/Crypt/Digest/BLAKE2b_512.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2b_512; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2b_512 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2b_512_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2b_512_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2b_512_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2b_512_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2b_512_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2b_512_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2b_512_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2b_512') } +sub blake2b_512 { Crypt::Digest::digest_data('BLAKE2b_512', @_) } +sub blake2b_512_hex { Crypt::Digest::digest_data_hex('BLAKE2b_512', @_) } +sub blake2b_512_b64 { Crypt::Digest::digest_data_b64('BLAKE2b_512', @_) } +sub blake2b_512_b64u { Crypt::Digest::digest_data_b64u('BLAKE2b_512', @_) } +sub blake2b_512_file { Crypt::Digest::digest_file('BLAKE2b_512', @_) } +sub blake2b_512_file_hex { Crypt::Digest::digest_file_hex('BLAKE2b_512', @_) } +sub blake2b_512_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2b_512', @_) } +sub blake2b_512_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2b_512', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2s_128.pm b/lib/Crypt/Digest/BLAKE2s_128.pm index 54b873c..8f454db 100644 --- a/lib/Crypt/Digest/BLAKE2s_128.pm +++ b/lib/Crypt/Digest/BLAKE2s_128.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2s_128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2s_128 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2s_128_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2s_128_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2s_128_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2s_128_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2s_128_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2s_128_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2s_128_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2s_128') } +sub blake2s_128 { Crypt::Digest::digest_data('BLAKE2s_128', @_) } +sub blake2s_128_hex { Crypt::Digest::digest_data_hex('BLAKE2s_128', @_) } +sub blake2s_128_b64 { Crypt::Digest::digest_data_b64('BLAKE2s_128', @_) } +sub blake2s_128_b64u { Crypt::Digest::digest_data_b64u('BLAKE2s_128', @_) } +sub blake2s_128_file { Crypt::Digest::digest_file('BLAKE2s_128', @_) } +sub blake2s_128_file_hex { Crypt::Digest::digest_file_hex('BLAKE2s_128', @_) } +sub blake2s_128_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2s_128', @_) } +sub blake2s_128_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2s_128', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2s_160.pm b/lib/Crypt/Digest/BLAKE2s_160.pm index 97c33b4..704e1b4 100644 --- a/lib/Crypt/Digest/BLAKE2s_160.pm +++ b/lib/Crypt/Digest/BLAKE2s_160.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2s_160; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2s_160 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2s_160_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2s_160_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2s_160_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2s_160_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2s_160_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2s_160_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2s_160_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2s_160') } +sub blake2s_160 { Crypt::Digest::digest_data('BLAKE2s_160', @_) } +sub blake2s_160_hex { Crypt::Digest::digest_data_hex('BLAKE2s_160', @_) } +sub blake2s_160_b64 { Crypt::Digest::digest_data_b64('BLAKE2s_160', @_) } +sub blake2s_160_b64u { Crypt::Digest::digest_data_b64u('BLAKE2s_160', @_) } +sub blake2s_160_file { Crypt::Digest::digest_file('BLAKE2s_160', @_) } +sub blake2s_160_file_hex { Crypt::Digest::digest_file_hex('BLAKE2s_160', @_) } +sub blake2s_160_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2s_160', @_) } +sub blake2s_160_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2s_160', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2s_224.pm b/lib/Crypt/Digest/BLAKE2s_224.pm index c47e810..63363f0 100644 --- a/lib/Crypt/Digest/BLAKE2s_224.pm +++ b/lib/Crypt/Digest/BLAKE2s_224.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2s_224; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2s_224 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2s_224_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2s_224_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2s_224_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2s_224_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2s_224_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2s_224_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2s_224_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2s_224') } +sub blake2s_224 { Crypt::Digest::digest_data('BLAKE2s_224', @_) } +sub blake2s_224_hex { Crypt::Digest::digest_data_hex('BLAKE2s_224', @_) } +sub blake2s_224_b64 { Crypt::Digest::digest_data_b64('BLAKE2s_224', @_) } +sub blake2s_224_b64u { Crypt::Digest::digest_data_b64u('BLAKE2s_224', @_) } +sub blake2s_224_file { Crypt::Digest::digest_file('BLAKE2s_224', @_) } +sub blake2s_224_file_hex { Crypt::Digest::digest_file_hex('BLAKE2s_224', @_) } +sub blake2s_224_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2s_224', @_) } +sub blake2s_224_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2s_224', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/BLAKE2s_256.pm b/lib/Crypt/Digest/BLAKE2s_256.pm index 5c15cfd..8b8af26 100644 --- a/lib/Crypt/Digest/BLAKE2s_256.pm +++ b/lib/Crypt/Digest/BLAKE2s_256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::BLAKE2s_256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub blake2s_256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub blake2s_256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub blake2s_256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub blake2s_256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub blake2s_256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub blake2s_256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub blake2s_256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub blake2s_256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('BLAKE2s_256') } +sub blake2s_256 { Crypt::Digest::digest_data('BLAKE2s_256', @_) } +sub blake2s_256_hex { Crypt::Digest::digest_data_hex('BLAKE2s_256', @_) } +sub blake2s_256_b64 { Crypt::Digest::digest_data_b64('BLAKE2s_256', @_) } +sub blake2s_256_b64u { Crypt::Digest::digest_data_b64u('BLAKE2s_256', @_) } +sub blake2s_256_file { Crypt::Digest::digest_file('BLAKE2s_256', @_) } +sub blake2s_256_file_hex { Crypt::Digest::digest_file_hex('BLAKE2s_256', @_) } +sub blake2s_256_file_b64 { Crypt::Digest::digest_file_b64('BLAKE2s_256', @_) } +sub blake2s_256_file_b64u { Crypt::Digest::digest_file_b64u('BLAKE2s_256', @_) } 1; @@ -216,14 +214,12 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/CHAES.pm b/lib/Crypt/Digest/CHAES.pm index 7ae167e..94d001d 100644 --- a/lib/Crypt/Digest/CHAES.pm +++ b/lib/Crypt/Digest/CHAES.pm @@ -4,7 +4,7 @@ package Crypt::Digest::CHAES; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub chaes { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub chaes_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub chaes_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub chaes_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub chaes_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub chaes_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub chaes_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub chaes_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('CHAES') } +sub chaes { Crypt::Digest::digest_data('CHAES', @_) } +sub chaes_hex { Crypt::Digest::digest_data_hex('CHAES', @_) } +sub chaes_b64 { Crypt::Digest::digest_data_b64('CHAES', @_) } +sub chaes_b64u { Crypt::Digest::digest_data_b64u('CHAES', @_) } +sub chaes_file { Crypt::Digest::digest_file('CHAES', @_) } +sub chaes_file_hex { Crypt::Digest::digest_file_hex('CHAES', @_) } +sub chaes_file_b64 { Crypt::Digest::digest_file_b64('CHAES', @_) } +sub chaes_file_b64u { Crypt::Digest::digest_file_b64u('CHAES', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/Keccak224.pm b/lib/Crypt/Digest/Keccak224.pm new file mode 100644 index 0000000..a741fdf --- /dev/null +++ b/lib/Crypt/Digest/Keccak224.pm @@ -0,0 +1,223 @@ +package Crypt::Digest::Keccak224; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Digest Exporter); +our %EXPORT_TAGS = ( all => [qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + +use Carp; +$Carp::Internal{(__PACKAGE__)}++; +use Crypt::Digest; + +sub hashsize { Crypt::Digest::hashsize('Keccak224') } +sub keccak224 { Crypt::Digest::digest_data('Keccak224', @_) } +sub keccak224_hex { Crypt::Digest::digest_data_hex('Keccak224', @_) } +sub keccak224_b64 { Crypt::Digest::digest_data_b64('Keccak224', @_) } +sub keccak224_b64u { Crypt::Digest::digest_data_b64u('Keccak224', @_) } +sub keccak224_file { Crypt::Digest::digest_file('Keccak224', @_) } +sub keccak224_file_hex { Crypt::Digest::digest_file_hex('Keccak224', @_) } +sub keccak224_file_b64 { Crypt::Digest::digest_file_b64('Keccak224', @_) } +sub keccak224_file_b64u { Crypt::Digest::digest_file_b64u('Keccak224', @_) } + +1; + +=pod + +=head1 NAME + +Crypt::Digest::Keccak224 - Hash function Keccak-224 [size: 224 bits] + +=head1 SYNOPSIS + + ### Functional interface: + use Crypt::Digest::Keccak224 qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u + keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u ); + + # calculate digest from string/buffer + $keccak224_raw = keccak224('data string'); + $keccak224_hex = keccak224_hex('data string'); + $keccak224_b64 = keccak224_b64('data string'); + $keccak224_b64u = keccak224_b64u('data string'); + # calculate digest from file + $keccak224_raw = keccak224_file('filename.dat'); + $keccak224_hex = keccak224_file_hex('filename.dat'); + $keccak224_b64 = keccak224_file_b64('filename.dat'); + $keccak224_b64u = keccak224_file_b64u('filename.dat'); + # calculate digest from filehandle + $keccak224_raw = keccak224_file(*FILEHANDLE); + $keccak224_hex = keccak224_file_hex(*FILEHANDLE); + $keccak224_b64 = keccak224_file_b64(*FILEHANDLE); + $keccak224_b64u = keccak224_file_b64u(*FILEHANDLE); + + ### OO interface: + use Crypt::Digest::Keccak224; + + $d = Crypt::Digest::Keccak224->new; + $d->add('any data'); + $d->addfile('filename.dat'); + $d->addfile(*FILEHANDLE); + $result_raw = $d->digest; # raw bytes + $result_hex = $d->hexdigest; # hexadecimal form + $result_b64 = $d->b64digest; # Base64 form + $result_b64u = $d->b64udigest; # Base64 URL Safe form + +=head1 DESCRIPTION + +Provides an interface to the Keccak224 digest algorithm. + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Digest::Keccak224 qw(keccak224 keccak224_hex keccak224_b64 keccak224_b64u + keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u); + +Or all of them at once: + + use Crypt::Digest::Keccak224 ':all'; + +=head1 FUNCTIONS + +=head2 keccak224 + +Logically joins all arguments into a single string, and returns its Keccak224 digest encoded as a binary string. + + $keccak224_raw = keccak224('data string'); + #or + $keccak224_raw = keccak224('any data', 'more data', 'even more data'); + +=head2 keccak224_hex + +Logically joins all arguments into a single string, and returns its Keccak224 digest encoded as a hexadecimal string. + + $keccak224_hex = keccak224_hex('data string'); + #or + $keccak224_hex = keccak224_hex('any data', 'more data', 'even more data'); + +=head2 keccak224_b64 + +Logically joins all arguments into a single string, and returns its Keccak224 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak224_b64 = keccak224_b64('data string'); + #or + $keccak224_b64 = keccak224_b64('any data', 'more data', 'even more data'); + +=head2 keccak224_b64u + +Logically joins all arguments into a single string, and returns its Keccak224 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak224_b64url = keccak224_b64u('data string'); + #or + $keccak224_b64url = keccak224_b64u('any data', 'more data', 'even more data'); + +=head2 keccak224_file + +Reads file (defined by filename or filehandle) content, and returns its Keccak224 digest encoded as a binary string. + + $keccak224_raw = keccak224_file('filename.dat'); + #or + $keccak224_raw = keccak224_file(*FILEHANDLE); + +=head2 keccak224_file_hex + +Reads file (defined by filename or filehandle) content, and returns its Keccak224 digest encoded as a hexadecimal string. + + $keccak224_hex = keccak224_file_hex('filename.dat'); + #or + $keccak224_hex = keccak224_file_hex(*FILEHANDLE); + +B You have to make sure that the filehandle is in binary mode before you pass it as argument to the addfile() method. + +=head2 keccak224_file_b64 + +Reads file (defined by filename or filehandle) content, and returns its Keccak224 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak224_b64 = keccak224_file_b64('filename.dat'); + #or + $keccak224_b64 = keccak224_file_b64(*FILEHANDLE); + +=head2 keccak224_file_b64u + +Reads file (defined by filename or filehandle) content, and returns its Keccak224 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak224_b64url = keccak224_file_b64u('filename.dat'); + #or + $keccak224_b64url = keccak224_file_b64u(*FILEHANDLE); + +=head1 METHODS + +The OO interface provides the same set of functions as L. + +=head2 new + + $d = Crypt::Digest::Keccak224->new(); + +=head2 clone + + $d->clone(); + +=head2 reset + + $d->reset(); + +=head2 add + + $d->add('any data'); + #or + $d->add('any data', 'more data', 'even more data'); + +=head2 addfile + + $d->addfile('filename.dat'); + #or + $d->addfile(*FILEHANDLE); + +=head2 add_bits + + $d->add_bits($bit_string); # e.g. $d->add_bits("111100001010"); + #or + $d->add_bits($data, $nbits); # e.g. $d->add_bits("\xF0\xA0", 16); + +=head2 hashsize + + $d->hashsize; + #or + Crypt::Digest::Keccak224->hashsize(); + #or + Crypt::Digest::Keccak224::hashsize(); + +=head2 digest + + $result_raw = $d->digest(); + +=head2 hexdigest + + $result_hex = $d->hexdigest(); + +=head2 b64digest + + $result_b64 = $d->b64digest(); + +=head2 b64udigest + + $result_b64url = $d->b64udigest(); + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Digest/Keccak256.pm b/lib/Crypt/Digest/Keccak256.pm new file mode 100644 index 0000000..b644e73 --- /dev/null +++ b/lib/Crypt/Digest/Keccak256.pm @@ -0,0 +1,223 @@ +package Crypt::Digest::Keccak256; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Digest Exporter); +our %EXPORT_TAGS = ( all => [qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + +use Carp; +$Carp::Internal{(__PACKAGE__)}++; +use Crypt::Digest; + +sub hashsize { Crypt::Digest::hashsize('Keccak256') } +sub keccak256 { Crypt::Digest::digest_data('Keccak256', @_) } +sub keccak256_hex { Crypt::Digest::digest_data_hex('Keccak256', @_) } +sub keccak256_b64 { Crypt::Digest::digest_data_b64('Keccak256', @_) } +sub keccak256_b64u { Crypt::Digest::digest_data_b64u('Keccak256', @_) } +sub keccak256_file { Crypt::Digest::digest_file('Keccak256', @_) } +sub keccak256_file_hex { Crypt::Digest::digest_file_hex('Keccak256', @_) } +sub keccak256_file_b64 { Crypt::Digest::digest_file_b64('Keccak256', @_) } +sub keccak256_file_b64u { Crypt::Digest::digest_file_b64u('Keccak256', @_) } + +1; + +=pod + +=head1 NAME + +Crypt::Digest::Keccak256 - Hash function Keccak-256 [size: 256 bits] + +=head1 SYNOPSIS + + ### Functional interface: + use Crypt::Digest::Keccak256 qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u + keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u ); + + # calculate digest from string/buffer + $keccak256_raw = keccak256('data string'); + $keccak256_hex = keccak256_hex('data string'); + $keccak256_b64 = keccak256_b64('data string'); + $keccak256_b64u = keccak256_b64u('data string'); + # calculate digest from file + $keccak256_raw = keccak256_file('filename.dat'); + $keccak256_hex = keccak256_file_hex('filename.dat'); + $keccak256_b64 = keccak256_file_b64('filename.dat'); + $keccak256_b64u = keccak256_file_b64u('filename.dat'); + # calculate digest from filehandle + $keccak256_raw = keccak256_file(*FILEHANDLE); + $keccak256_hex = keccak256_file_hex(*FILEHANDLE); + $keccak256_b64 = keccak256_file_b64(*FILEHANDLE); + $keccak256_b64u = keccak256_file_b64u(*FILEHANDLE); + + ### OO interface: + use Crypt::Digest::Keccak256; + + $d = Crypt::Digest::Keccak256->new; + $d->add('any data'); + $d->addfile('filename.dat'); + $d->addfile(*FILEHANDLE); + $result_raw = $d->digest; # raw bytes + $result_hex = $d->hexdigest; # hexadecimal form + $result_b64 = $d->b64digest; # Base64 form + $result_b64u = $d->b64udigest; # Base64 URL Safe form + +=head1 DESCRIPTION + +Provides an interface to the Keccak256 digest algorithm. + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Digest::Keccak256 qw(keccak256 keccak256_hex keccak256_b64 keccak256_b64u + keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u); + +Or all of them at once: + + use Crypt::Digest::Keccak256 ':all'; + +=head1 FUNCTIONS + +=head2 keccak256 + +Logically joins all arguments into a single string, and returns its Keccak256 digest encoded as a binary string. + + $keccak256_raw = keccak256('data string'); + #or + $keccak256_raw = keccak256('any data', 'more data', 'even more data'); + +=head2 keccak256_hex + +Logically joins all arguments into a single string, and returns its Keccak256 digest encoded as a hexadecimal string. + + $keccak256_hex = keccak256_hex('data string'); + #or + $keccak256_hex = keccak256_hex('any data', 'more data', 'even more data'); + +=head2 keccak256_b64 + +Logically joins all arguments into a single string, and returns its Keccak256 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak256_b64 = keccak256_b64('data string'); + #or + $keccak256_b64 = keccak256_b64('any data', 'more data', 'even more data'); + +=head2 keccak256_b64u + +Logically joins all arguments into a single string, and returns its Keccak256 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak256_b64url = keccak256_b64u('data string'); + #or + $keccak256_b64url = keccak256_b64u('any data', 'more data', 'even more data'); + +=head2 keccak256_file + +Reads file (defined by filename or filehandle) content, and returns its Keccak256 digest encoded as a binary string. + + $keccak256_raw = keccak256_file('filename.dat'); + #or + $keccak256_raw = keccak256_file(*FILEHANDLE); + +=head2 keccak256_file_hex + +Reads file (defined by filename or filehandle) content, and returns its Keccak256 digest encoded as a hexadecimal string. + + $keccak256_hex = keccak256_file_hex('filename.dat'); + #or + $keccak256_hex = keccak256_file_hex(*FILEHANDLE); + +B You have to make sure that the filehandle is in binary mode before you pass it as argument to the addfile() method. + +=head2 keccak256_file_b64 + +Reads file (defined by filename or filehandle) content, and returns its Keccak256 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak256_b64 = keccak256_file_b64('filename.dat'); + #or + $keccak256_b64 = keccak256_file_b64(*FILEHANDLE); + +=head2 keccak256_file_b64u + +Reads file (defined by filename or filehandle) content, and returns its Keccak256 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak256_b64url = keccak256_file_b64u('filename.dat'); + #or + $keccak256_b64url = keccak256_file_b64u(*FILEHANDLE); + +=head1 METHODS + +The OO interface provides the same set of functions as L. + +=head2 new + + $d = Crypt::Digest::Keccak256->new(); + +=head2 clone + + $d->clone(); + +=head2 reset + + $d->reset(); + +=head2 add + + $d->add('any data'); + #or + $d->add('any data', 'more data', 'even more data'); + +=head2 addfile + + $d->addfile('filename.dat'); + #or + $d->addfile(*FILEHANDLE); + +=head2 add_bits + + $d->add_bits($bit_string); # e.g. $d->add_bits("111100001010"); + #or + $d->add_bits($data, $nbits); # e.g. $d->add_bits("\xF0\xA0", 16); + +=head2 hashsize + + $d->hashsize; + #or + Crypt::Digest::Keccak256->hashsize(); + #or + Crypt::Digest::Keccak256::hashsize(); + +=head2 digest + + $result_raw = $d->digest(); + +=head2 hexdigest + + $result_hex = $d->hexdigest(); + +=head2 b64digest + + $result_b64 = $d->b64digest(); + +=head2 b64udigest + + $result_b64url = $d->b64udigest(); + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Digest/Keccak384.pm b/lib/Crypt/Digest/Keccak384.pm new file mode 100644 index 0000000..ac8b5eb --- /dev/null +++ b/lib/Crypt/Digest/Keccak384.pm @@ -0,0 +1,223 @@ +package Crypt::Digest::Keccak384; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Digest Exporter); +our %EXPORT_TAGS = ( all => [qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + +use Carp; +$Carp::Internal{(__PACKAGE__)}++; +use Crypt::Digest; + +sub hashsize { Crypt::Digest::hashsize('Keccak384') } +sub keccak384 { Crypt::Digest::digest_data('Keccak384', @_) } +sub keccak384_hex { Crypt::Digest::digest_data_hex('Keccak384', @_) } +sub keccak384_b64 { Crypt::Digest::digest_data_b64('Keccak384', @_) } +sub keccak384_b64u { Crypt::Digest::digest_data_b64u('Keccak384', @_) } +sub keccak384_file { Crypt::Digest::digest_file('Keccak384', @_) } +sub keccak384_file_hex { Crypt::Digest::digest_file_hex('Keccak384', @_) } +sub keccak384_file_b64 { Crypt::Digest::digest_file_b64('Keccak384', @_) } +sub keccak384_file_b64u { Crypt::Digest::digest_file_b64u('Keccak384', @_) } + +1; + +=pod + +=head1 NAME + +Crypt::Digest::Keccak384 - Hash function Keccak-384 [size: 384 bits] + +=head1 SYNOPSIS + + ### Functional interface: + use Crypt::Digest::Keccak384 qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u + keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u ); + + # calculate digest from string/buffer + $keccak384_raw = keccak384('data string'); + $keccak384_hex = keccak384_hex('data string'); + $keccak384_b64 = keccak384_b64('data string'); + $keccak384_b64u = keccak384_b64u('data string'); + # calculate digest from file + $keccak384_raw = keccak384_file('filename.dat'); + $keccak384_hex = keccak384_file_hex('filename.dat'); + $keccak384_b64 = keccak384_file_b64('filename.dat'); + $keccak384_b64u = keccak384_file_b64u('filename.dat'); + # calculate digest from filehandle + $keccak384_raw = keccak384_file(*FILEHANDLE); + $keccak384_hex = keccak384_file_hex(*FILEHANDLE); + $keccak384_b64 = keccak384_file_b64(*FILEHANDLE); + $keccak384_b64u = keccak384_file_b64u(*FILEHANDLE); + + ### OO interface: + use Crypt::Digest::Keccak384; + + $d = Crypt::Digest::Keccak384->new; + $d->add('any data'); + $d->addfile('filename.dat'); + $d->addfile(*FILEHANDLE); + $result_raw = $d->digest; # raw bytes + $result_hex = $d->hexdigest; # hexadecimal form + $result_b64 = $d->b64digest; # Base64 form + $result_b64u = $d->b64udigest; # Base64 URL Safe form + +=head1 DESCRIPTION + +Provides an interface to the Keccak384 digest algorithm. + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Digest::Keccak384 qw(keccak384 keccak384_hex keccak384_b64 keccak384_b64u + keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u); + +Or all of them at once: + + use Crypt::Digest::Keccak384 ':all'; + +=head1 FUNCTIONS + +=head2 keccak384 + +Logically joins all arguments into a single string, and returns its Keccak384 digest encoded as a binary string. + + $keccak384_raw = keccak384('data string'); + #or + $keccak384_raw = keccak384('any data', 'more data', 'even more data'); + +=head2 keccak384_hex + +Logically joins all arguments into a single string, and returns its Keccak384 digest encoded as a hexadecimal string. + + $keccak384_hex = keccak384_hex('data string'); + #or + $keccak384_hex = keccak384_hex('any data', 'more data', 'even more data'); + +=head2 keccak384_b64 + +Logically joins all arguments into a single string, and returns its Keccak384 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak384_b64 = keccak384_b64('data string'); + #or + $keccak384_b64 = keccak384_b64('any data', 'more data', 'even more data'); + +=head2 keccak384_b64u + +Logically joins all arguments into a single string, and returns its Keccak384 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak384_b64url = keccak384_b64u('data string'); + #or + $keccak384_b64url = keccak384_b64u('any data', 'more data', 'even more data'); + +=head2 keccak384_file + +Reads file (defined by filename or filehandle) content, and returns its Keccak384 digest encoded as a binary string. + + $keccak384_raw = keccak384_file('filename.dat'); + #or + $keccak384_raw = keccak384_file(*FILEHANDLE); + +=head2 keccak384_file_hex + +Reads file (defined by filename or filehandle) content, and returns its Keccak384 digest encoded as a hexadecimal string. + + $keccak384_hex = keccak384_file_hex('filename.dat'); + #or + $keccak384_hex = keccak384_file_hex(*FILEHANDLE); + +B You have to make sure that the filehandle is in binary mode before you pass it as argument to the addfile() method. + +=head2 keccak384_file_b64 + +Reads file (defined by filename or filehandle) content, and returns its Keccak384 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak384_b64 = keccak384_file_b64('filename.dat'); + #or + $keccak384_b64 = keccak384_file_b64(*FILEHANDLE); + +=head2 keccak384_file_b64u + +Reads file (defined by filename or filehandle) content, and returns its Keccak384 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak384_b64url = keccak384_file_b64u('filename.dat'); + #or + $keccak384_b64url = keccak384_file_b64u(*FILEHANDLE); + +=head1 METHODS + +The OO interface provides the same set of functions as L. + +=head2 new + + $d = Crypt::Digest::Keccak384->new(); + +=head2 clone + + $d->clone(); + +=head2 reset + + $d->reset(); + +=head2 add + + $d->add('any data'); + #or + $d->add('any data', 'more data', 'even more data'); + +=head2 addfile + + $d->addfile('filename.dat'); + #or + $d->addfile(*FILEHANDLE); + +=head2 add_bits + + $d->add_bits($bit_string); # e.g. $d->add_bits("111100001010"); + #or + $d->add_bits($data, $nbits); # e.g. $d->add_bits("\xF0\xA0", 16); + +=head2 hashsize + + $d->hashsize; + #or + Crypt::Digest::Keccak384->hashsize(); + #or + Crypt::Digest::Keccak384::hashsize(); + +=head2 digest + + $result_raw = $d->digest(); + +=head2 hexdigest + + $result_hex = $d->hexdigest(); + +=head2 b64digest + + $result_b64 = $d->b64digest(); + +=head2 b64udigest + + $result_b64url = $d->b64udigest(); + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Digest/Keccak512.pm b/lib/Crypt/Digest/Keccak512.pm new file mode 100644 index 0000000..c0818f7 --- /dev/null +++ b/lib/Crypt/Digest/Keccak512.pm @@ -0,0 +1,223 @@ +package Crypt::Digest::Keccak512; + +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use base qw(Crypt::Digest Exporter); +our %EXPORT_TAGS = ( all => [qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u )] ); +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); +our @EXPORT = qw(); + +use Carp; +$Carp::Internal{(__PACKAGE__)}++; +use Crypt::Digest; + +sub hashsize { Crypt::Digest::hashsize('Keccak512') } +sub keccak512 { Crypt::Digest::digest_data('Keccak512', @_) } +sub keccak512_hex { Crypt::Digest::digest_data_hex('Keccak512', @_) } +sub keccak512_b64 { Crypt::Digest::digest_data_b64('Keccak512', @_) } +sub keccak512_b64u { Crypt::Digest::digest_data_b64u('Keccak512', @_) } +sub keccak512_file { Crypt::Digest::digest_file('Keccak512', @_) } +sub keccak512_file_hex { Crypt::Digest::digest_file_hex('Keccak512', @_) } +sub keccak512_file_b64 { Crypt::Digest::digest_file_b64('Keccak512', @_) } +sub keccak512_file_b64u { Crypt::Digest::digest_file_b64u('Keccak512', @_) } + +1; + +=pod + +=head1 NAME + +Crypt::Digest::Keccak512 - Hash function Keccak-512 [size: 512 bits] + +=head1 SYNOPSIS + + ### Functional interface: + use Crypt::Digest::Keccak512 qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u + keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u ); + + # calculate digest from string/buffer + $keccak512_raw = keccak512('data string'); + $keccak512_hex = keccak512_hex('data string'); + $keccak512_b64 = keccak512_b64('data string'); + $keccak512_b64u = keccak512_b64u('data string'); + # calculate digest from file + $keccak512_raw = keccak512_file('filename.dat'); + $keccak512_hex = keccak512_file_hex('filename.dat'); + $keccak512_b64 = keccak512_file_b64('filename.dat'); + $keccak512_b64u = keccak512_file_b64u('filename.dat'); + # calculate digest from filehandle + $keccak512_raw = keccak512_file(*FILEHANDLE); + $keccak512_hex = keccak512_file_hex(*FILEHANDLE); + $keccak512_b64 = keccak512_file_b64(*FILEHANDLE); + $keccak512_b64u = keccak512_file_b64u(*FILEHANDLE); + + ### OO interface: + use Crypt::Digest::Keccak512; + + $d = Crypt::Digest::Keccak512->new; + $d->add('any data'); + $d->addfile('filename.dat'); + $d->addfile(*FILEHANDLE); + $result_raw = $d->digest; # raw bytes + $result_hex = $d->hexdigest; # hexadecimal form + $result_b64 = $d->b64digest; # Base64 form + $result_b64u = $d->b64udigest; # Base64 URL Safe form + +=head1 DESCRIPTION + +Provides an interface to the Keccak512 digest algorithm. + +=head1 EXPORT + +Nothing is exported by default. + +You can export selected functions: + + use Crypt::Digest::Keccak512 qw(keccak512 keccak512_hex keccak512_b64 keccak512_b64u + keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u); + +Or all of them at once: + + use Crypt::Digest::Keccak512 ':all'; + +=head1 FUNCTIONS + +=head2 keccak512 + +Logically joins all arguments into a single string, and returns its Keccak512 digest encoded as a binary string. + + $keccak512_raw = keccak512('data string'); + #or + $keccak512_raw = keccak512('any data', 'more data', 'even more data'); + +=head2 keccak512_hex + +Logically joins all arguments into a single string, and returns its Keccak512 digest encoded as a hexadecimal string. + + $keccak512_hex = keccak512_hex('data string'); + #or + $keccak512_hex = keccak512_hex('any data', 'more data', 'even more data'); + +=head2 keccak512_b64 + +Logically joins all arguments into a single string, and returns its Keccak512 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak512_b64 = keccak512_b64('data string'); + #or + $keccak512_b64 = keccak512_b64('any data', 'more data', 'even more data'); + +=head2 keccak512_b64u + +Logically joins all arguments into a single string, and returns its Keccak512 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak512_b64url = keccak512_b64u('data string'); + #or + $keccak512_b64url = keccak512_b64u('any data', 'more data', 'even more data'); + +=head2 keccak512_file + +Reads file (defined by filename or filehandle) content, and returns its Keccak512 digest encoded as a binary string. + + $keccak512_raw = keccak512_file('filename.dat'); + #or + $keccak512_raw = keccak512_file(*FILEHANDLE); + +=head2 keccak512_file_hex + +Reads file (defined by filename or filehandle) content, and returns its Keccak512 digest encoded as a hexadecimal string. + + $keccak512_hex = keccak512_file_hex('filename.dat'); + #or + $keccak512_hex = keccak512_file_hex(*FILEHANDLE); + +B You have to make sure that the filehandle is in binary mode before you pass it as argument to the addfile() method. + +=head2 keccak512_file_b64 + +Reads file (defined by filename or filehandle) content, and returns its Keccak512 digest encoded as a Base64 string, B trailing '=' padding. + + $keccak512_b64 = keccak512_file_b64('filename.dat'); + #or + $keccak512_b64 = keccak512_file_b64(*FILEHANDLE); + +=head2 keccak512_file_b64u + +Reads file (defined by filename or filehandle) content, and returns its Keccak512 digest encoded as a Base64 URL Safe string (see RFC 4648 section 5). + + $keccak512_b64url = keccak512_file_b64u('filename.dat'); + #or + $keccak512_b64url = keccak512_file_b64u(*FILEHANDLE); + +=head1 METHODS + +The OO interface provides the same set of functions as L. + +=head2 new + + $d = Crypt::Digest::Keccak512->new(); + +=head2 clone + + $d->clone(); + +=head2 reset + + $d->reset(); + +=head2 add + + $d->add('any data'); + #or + $d->add('any data', 'more data', 'even more data'); + +=head2 addfile + + $d->addfile('filename.dat'); + #or + $d->addfile(*FILEHANDLE); + +=head2 add_bits + + $d->add_bits($bit_string); # e.g. $d->add_bits("111100001010"); + #or + $d->add_bits($data, $nbits); # e.g. $d->add_bits("\xF0\xA0", 16); + +=head2 hashsize + + $d->hashsize; + #or + Crypt::Digest::Keccak512->hashsize(); + #or + Crypt::Digest::Keccak512::hashsize(); + +=head2 digest + + $result_raw = $d->digest(); + +=head2 hexdigest + + $result_hex = $d->hexdigest(); + +=head2 b64digest + + $result_b64 = $d->b64digest(); + +=head2 b64udigest + + $result_b64url = $d->b64udigest(); + +=head1 SEE ALSO + +=over + +=item * L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Digest/MD2.pm b/lib/Crypt/Digest/MD2.pm index 12d3441..d53dab7 100644 --- a/lib/Crypt/Digest/MD2.pm +++ b/lib/Crypt/Digest/MD2.pm @@ -4,7 +4,7 @@ package Crypt::Digest::MD2; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub md2 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub md2_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub md2_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub md2_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub md2_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub md2_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub md2_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub md2_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('MD2') } +sub md2 { Crypt::Digest::digest_data('MD2', @_) } +sub md2_hex { Crypt::Digest::digest_data_hex('MD2', @_) } +sub md2_b64 { Crypt::Digest::digest_data_b64('MD2', @_) } +sub md2_b64u { Crypt::Digest::digest_data_b64u('MD2', @_) } +sub md2_file { Crypt::Digest::digest_file('MD2', @_) } +sub md2_file_hex { Crypt::Digest::digest_file_hex('MD2', @_) } +sub md2_file_b64 { Crypt::Digest::digest_file_b64('MD2', @_) } +sub md2_file_b64u { Crypt::Digest::digest_file_b64u('MD2', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/MD4.pm b/lib/Crypt/Digest/MD4.pm index 0725cde..1fd6588 100644 --- a/lib/Crypt/Digest/MD4.pm +++ b/lib/Crypt/Digest/MD4.pm @@ -4,7 +4,7 @@ package Crypt::Digest::MD4; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub md4 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub md4_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub md4_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub md4_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub md4_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub md4_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub md4_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub md4_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('MD4') } +sub md4 { Crypt::Digest::digest_data('MD4', @_) } +sub md4_hex { Crypt::Digest::digest_data_hex('MD4', @_) } +sub md4_b64 { Crypt::Digest::digest_data_b64('MD4', @_) } +sub md4_b64u { Crypt::Digest::digest_data_b64u('MD4', @_) } +sub md4_file { Crypt::Digest::digest_file('MD4', @_) } +sub md4_file_hex { Crypt::Digest::digest_file_hex('MD4', @_) } +sub md4_file_b64 { Crypt::Digest::digest_file_b64('MD4', @_) } +sub md4_file_b64u { Crypt::Digest::digest_file_b64u('MD4', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/MD5.pm b/lib/Crypt/Digest/MD5.pm index ef82f7a..c7e44ab 100644 --- a/lib/Crypt/Digest/MD5.pm +++ b/lib/Crypt/Digest/MD5.pm @@ -4,7 +4,7 @@ package Crypt::Digest::MD5; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub md5 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub md5_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub md5_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub md5_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub md5_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub md5_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub md5_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub md5_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('MD5') } +sub md5 { Crypt::Digest::digest_data('MD5', @_) } +sub md5_hex { Crypt::Digest::digest_data_hex('MD5', @_) } +sub md5_b64 { Crypt::Digest::digest_data_b64('MD5', @_) } +sub md5_b64u { Crypt::Digest::digest_data_b64u('MD5', @_) } +sub md5_file { Crypt::Digest::digest_file('MD5', @_) } +sub md5_file_hex { Crypt::Digest::digest_file_hex('MD5', @_) } +sub md5_file_b64 { Crypt::Digest::digest_file_b64('MD5', @_) } +sub md5_file_b64u { Crypt::Digest::digest_file_b64u('MD5', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/RIPEMD128.pm b/lib/Crypt/Digest/RIPEMD128.pm index ec91f8b..0332359 100644 --- a/lib/Crypt/Digest/RIPEMD128.pm +++ b/lib/Crypt/Digest/RIPEMD128.pm @@ -4,7 +4,7 @@ package Crypt::Digest::RIPEMD128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub ripemd128 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub ripemd128_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub ripemd128_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub ripemd128_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub ripemd128_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub ripemd128_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub ripemd128_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub ripemd128_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('RIPEMD128') } +sub ripemd128 { Crypt::Digest::digest_data('RIPEMD128', @_) } +sub ripemd128_hex { Crypt::Digest::digest_data_hex('RIPEMD128', @_) } +sub ripemd128_b64 { Crypt::Digest::digest_data_b64('RIPEMD128', @_) } +sub ripemd128_b64u { Crypt::Digest::digest_data_b64u('RIPEMD128', @_) } +sub ripemd128_file { Crypt::Digest::digest_file('RIPEMD128', @_) } +sub ripemd128_file_hex { Crypt::Digest::digest_file_hex('RIPEMD128', @_) } +sub ripemd128_file_b64 { Crypt::Digest::digest_file_b64('RIPEMD128', @_) } +sub ripemd128_file_b64u { Crypt::Digest::digest_file_b64u('RIPEMD128', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/RIPEMD160.pm b/lib/Crypt/Digest/RIPEMD160.pm index b13d948..bf23ae6 100644 --- a/lib/Crypt/Digest/RIPEMD160.pm +++ b/lib/Crypt/Digest/RIPEMD160.pm @@ -4,7 +4,7 @@ package Crypt::Digest::RIPEMD160; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub ripemd160 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub ripemd160_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub ripemd160_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub ripemd160_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub ripemd160_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub ripemd160_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub ripemd160_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub ripemd160_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('RIPEMD160') } +sub ripemd160 { Crypt::Digest::digest_data('RIPEMD160', @_) } +sub ripemd160_hex { Crypt::Digest::digest_data_hex('RIPEMD160', @_) } +sub ripemd160_b64 { Crypt::Digest::digest_data_b64('RIPEMD160', @_) } +sub ripemd160_b64u { Crypt::Digest::digest_data_b64u('RIPEMD160', @_) } +sub ripemd160_file { Crypt::Digest::digest_file('RIPEMD160', @_) } +sub ripemd160_file_hex { Crypt::Digest::digest_file_hex('RIPEMD160', @_) } +sub ripemd160_file_b64 { Crypt::Digest::digest_file_b64('RIPEMD160', @_) } +sub ripemd160_file_b64u { Crypt::Digest::digest_file_b64u('RIPEMD160', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/RIPEMD256.pm b/lib/Crypt/Digest/RIPEMD256.pm index d1ed349..5757874 100644 --- a/lib/Crypt/Digest/RIPEMD256.pm +++ b/lib/Crypt/Digest/RIPEMD256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::RIPEMD256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub ripemd256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub ripemd256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub ripemd256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub ripemd256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub ripemd256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub ripemd256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub ripemd256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub ripemd256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('RIPEMD256') } +sub ripemd256 { Crypt::Digest::digest_data('RIPEMD256', @_) } +sub ripemd256_hex { Crypt::Digest::digest_data_hex('RIPEMD256', @_) } +sub ripemd256_b64 { Crypt::Digest::digest_data_b64('RIPEMD256', @_) } +sub ripemd256_b64u { Crypt::Digest::digest_data_b64u('RIPEMD256', @_) } +sub ripemd256_file { Crypt::Digest::digest_file('RIPEMD256', @_) } +sub ripemd256_file_hex { Crypt::Digest::digest_file_hex('RIPEMD256', @_) } +sub ripemd256_file_b64 { Crypt::Digest::digest_file_b64('RIPEMD256', @_) } +sub ripemd256_file_b64u { Crypt::Digest::digest_file_b64u('RIPEMD256', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/RIPEMD320.pm b/lib/Crypt/Digest/RIPEMD320.pm index 816ad93..66d95a8 100644 --- a/lib/Crypt/Digest/RIPEMD320.pm +++ b/lib/Crypt/Digest/RIPEMD320.pm @@ -4,7 +4,7 @@ package Crypt::Digest::RIPEMD320; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub ripemd320 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub ripemd320_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub ripemd320_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub ripemd320_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub ripemd320_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub ripemd320_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub ripemd320_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub ripemd320_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('RIPEMD320') } +sub ripemd320 { Crypt::Digest::digest_data('RIPEMD320', @_) } +sub ripemd320_hex { Crypt::Digest::digest_data_hex('RIPEMD320', @_) } +sub ripemd320_b64 { Crypt::Digest::digest_data_b64('RIPEMD320', @_) } +sub ripemd320_b64u { Crypt::Digest::digest_data_b64u('RIPEMD320', @_) } +sub ripemd320_file { Crypt::Digest::digest_file('RIPEMD320', @_) } +sub ripemd320_file_hex { Crypt::Digest::digest_file_hex('RIPEMD320', @_) } +sub ripemd320_file_b64 { Crypt::Digest::digest_file_b64('RIPEMD320', @_) } +sub ripemd320_file_b64u { Crypt::Digest::digest_file_b64u('RIPEMD320', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA1.pm b/lib/Crypt/Digest/SHA1.pm index 80e6afa..fb6389b 100644 --- a/lib/Crypt/Digest/SHA1.pm +++ b/lib/Crypt/Digest/SHA1.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA1; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha1 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha1_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha1_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha1_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha1_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha1_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha1_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha1_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA1') } +sub sha1 { Crypt::Digest::digest_data('SHA1', @_) } +sub sha1_hex { Crypt::Digest::digest_data_hex('SHA1', @_) } +sub sha1_b64 { Crypt::Digest::digest_data_b64('SHA1', @_) } +sub sha1_b64u { Crypt::Digest::digest_data_b64u('SHA1', @_) } +sub sha1_file { Crypt::Digest::digest_file('SHA1', @_) } +sub sha1_file_hex { Crypt::Digest::digest_file_hex('SHA1', @_) } +sub sha1_file_b64 { Crypt::Digest::digest_file_b64('SHA1', @_) } +sub sha1_file_b64u { Crypt::Digest::digest_file_b64u('SHA1', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA224.pm b/lib/Crypt/Digest/SHA224.pm index 9d34257..2e89d2d 100644 --- a/lib/Crypt/Digest/SHA224.pm +++ b/lib/Crypt/Digest/SHA224.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA224; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha224 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha224_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha224_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha224_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha224_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha224_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha224_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha224_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA224') } +sub sha224 { Crypt::Digest::digest_data('SHA224', @_) } +sub sha224_hex { Crypt::Digest::digest_data_hex('SHA224', @_) } +sub sha224_b64 { Crypt::Digest::digest_data_b64('SHA224', @_) } +sub sha224_b64u { Crypt::Digest::digest_data_b64u('SHA224', @_) } +sub sha224_file { Crypt::Digest::digest_file('SHA224', @_) } +sub sha224_file_hex { Crypt::Digest::digest_file_hex('SHA224', @_) } +sub sha224_file_b64 { Crypt::Digest::digest_file_b64('SHA224', @_) } +sub sha224_file_b64u { Crypt::Digest::digest_file_b64u('SHA224', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA256.pm b/lib/Crypt/Digest/SHA256.pm index 4e68b95..a187b08 100644 --- a/lib/Crypt/Digest/SHA256.pm +++ b/lib/Crypt/Digest/SHA256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA256') } +sub sha256 { Crypt::Digest::digest_data('SHA256', @_) } +sub sha256_hex { Crypt::Digest::digest_data_hex('SHA256', @_) } +sub sha256_b64 { Crypt::Digest::digest_data_b64('SHA256', @_) } +sub sha256_b64u { Crypt::Digest::digest_data_b64u('SHA256', @_) } +sub sha256_file { Crypt::Digest::digest_file('SHA256', @_) } +sub sha256_file_hex { Crypt::Digest::digest_file_hex('SHA256', @_) } +sub sha256_file_b64 { Crypt::Digest::digest_file_b64('SHA256', @_) } +sub sha256_file_b64u { Crypt::Digest::digest_file_b64u('SHA256', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA384.pm b/lib/Crypt/Digest/SHA384.pm index f8ddfe2..4ff3294 100644 --- a/lib/Crypt/Digest/SHA384.pm +++ b/lib/Crypt/Digest/SHA384.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA384; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha384 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha384_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha384_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha384_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha384_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha384_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha384_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha384_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA384') } +sub sha384 { Crypt::Digest::digest_data('SHA384', @_) } +sub sha384_hex { Crypt::Digest::digest_data_hex('SHA384', @_) } +sub sha384_b64 { Crypt::Digest::digest_data_b64('SHA384', @_) } +sub sha384_b64u { Crypt::Digest::digest_data_b64u('SHA384', @_) } +sub sha384_file { Crypt::Digest::digest_file('SHA384', @_) } +sub sha384_file_hex { Crypt::Digest::digest_file_hex('SHA384', @_) } +sub sha384_file_b64 { Crypt::Digest::digest_file_b64('SHA384', @_) } +sub sha384_file_b64u { Crypt::Digest::digest_file_b64u('SHA384', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA3_224.pm b/lib/Crypt/Digest/SHA3_224.pm index 192c044..7e383ad 100644 --- a/lib/Crypt/Digest/SHA3_224.pm +++ b/lib/Crypt/Digest/SHA3_224.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA3_224; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha3_224 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha3_224_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha3_224_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha3_224_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha3_224_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha3_224_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha3_224_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha3_224_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA3_224') } +sub sha3_224 { Crypt::Digest::digest_data('SHA3_224', @_) } +sub sha3_224_hex { Crypt::Digest::digest_data_hex('SHA3_224', @_) } +sub sha3_224_b64 { Crypt::Digest::digest_data_b64('SHA3_224', @_) } +sub sha3_224_b64u { Crypt::Digest::digest_data_b64u('SHA3_224', @_) } +sub sha3_224_file { Crypt::Digest::digest_file('SHA3_224', @_) } +sub sha3_224_file_hex { Crypt::Digest::digest_file_hex('SHA3_224', @_) } +sub sha3_224_file_b64 { Crypt::Digest::digest_file_b64('SHA3_224', @_) } +sub sha3_224_file_b64u { Crypt::Digest::digest_file_b64u('SHA3_224', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA3_256.pm b/lib/Crypt/Digest/SHA3_256.pm index 9a13a52..c4df5af 100644 --- a/lib/Crypt/Digest/SHA3_256.pm +++ b/lib/Crypt/Digest/SHA3_256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA3_256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha3_256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha3_256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha3_256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha3_256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha3_256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha3_256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha3_256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha3_256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA3_256') } +sub sha3_256 { Crypt::Digest::digest_data('SHA3_256', @_) } +sub sha3_256_hex { Crypt::Digest::digest_data_hex('SHA3_256', @_) } +sub sha3_256_b64 { Crypt::Digest::digest_data_b64('SHA3_256', @_) } +sub sha3_256_b64u { Crypt::Digest::digest_data_b64u('SHA3_256', @_) } +sub sha3_256_file { Crypt::Digest::digest_file('SHA3_256', @_) } +sub sha3_256_file_hex { Crypt::Digest::digest_file_hex('SHA3_256', @_) } +sub sha3_256_file_b64 { Crypt::Digest::digest_file_b64('SHA3_256', @_) } +sub sha3_256_file_b64u { Crypt::Digest::digest_file_b64u('SHA3_256', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA3_384.pm b/lib/Crypt/Digest/SHA3_384.pm index cf98a9e..94e6d71 100644 --- a/lib/Crypt/Digest/SHA3_384.pm +++ b/lib/Crypt/Digest/SHA3_384.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA3_384; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha3_384 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha3_384_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha3_384_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha3_384_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha3_384_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha3_384_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha3_384_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha3_384_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA3_384') } +sub sha3_384 { Crypt::Digest::digest_data('SHA3_384', @_) } +sub sha3_384_hex { Crypt::Digest::digest_data_hex('SHA3_384', @_) } +sub sha3_384_b64 { Crypt::Digest::digest_data_b64('SHA3_384', @_) } +sub sha3_384_b64u { Crypt::Digest::digest_data_b64u('SHA3_384', @_) } +sub sha3_384_file { Crypt::Digest::digest_file('SHA3_384', @_) } +sub sha3_384_file_hex { Crypt::Digest::digest_file_hex('SHA3_384', @_) } +sub sha3_384_file_b64 { Crypt::Digest::digest_file_b64('SHA3_384', @_) } +sub sha3_384_file_b64u { Crypt::Digest::digest_file_b64u('SHA3_384', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA3_512.pm b/lib/Crypt/Digest/SHA3_512.pm index 3762a6b..c1aa6ab 100644 --- a/lib/Crypt/Digest/SHA3_512.pm +++ b/lib/Crypt/Digest/SHA3_512.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA3_512; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha3_512 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha3_512_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha3_512_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha3_512_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha3_512_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha3_512_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha3_512_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha3_512_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA3_512') } +sub sha3_512 { Crypt::Digest::digest_data('SHA3_512', @_) } +sub sha3_512_hex { Crypt::Digest::digest_data_hex('SHA3_512', @_) } +sub sha3_512_b64 { Crypt::Digest::digest_data_b64('SHA3_512', @_) } +sub sha3_512_b64u { Crypt::Digest::digest_data_b64u('SHA3_512', @_) } +sub sha3_512_file { Crypt::Digest::digest_file('SHA3_512', @_) } +sub sha3_512_file_hex { Crypt::Digest::digest_file_hex('SHA3_512', @_) } +sub sha3_512_file_b64 { Crypt::Digest::digest_file_b64('SHA3_512', @_) } +sub sha3_512_file_b64u { Crypt::Digest::digest_file_b64u('SHA3_512', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA512.pm b/lib/Crypt/Digest/SHA512.pm index 6b109fa..d466ad1 100644 --- a/lib/Crypt/Digest/SHA512.pm +++ b/lib/Crypt/Digest/SHA512.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA512; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha512 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha512_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha512_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha512_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha512_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha512_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha512_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha512_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA512') } +sub sha512 { Crypt::Digest::digest_data('SHA512', @_) } +sub sha512_hex { Crypt::Digest::digest_data_hex('SHA512', @_) } +sub sha512_b64 { Crypt::Digest::digest_data_b64('SHA512', @_) } +sub sha512_b64u { Crypt::Digest::digest_data_b64u('SHA512', @_) } +sub sha512_file { Crypt::Digest::digest_file('SHA512', @_) } +sub sha512_file_hex { Crypt::Digest::digest_file_hex('SHA512', @_) } +sub sha512_file_b64 { Crypt::Digest::digest_file_b64('SHA512', @_) } +sub sha512_file_b64u { Crypt::Digest::digest_file_b64u('SHA512', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA512_224.pm b/lib/Crypt/Digest/SHA512_224.pm index eec53e8..e1b6cb4 100644 --- a/lib/Crypt/Digest/SHA512_224.pm +++ b/lib/Crypt/Digest/SHA512_224.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA512_224; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha512_224 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha512_224_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha512_224_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha512_224_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha512_224_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha512_224_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha512_224_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha512_224_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA512_224') } +sub sha512_224 { Crypt::Digest::digest_data('SHA512_224', @_) } +sub sha512_224_hex { Crypt::Digest::digest_data_hex('SHA512_224', @_) } +sub sha512_224_b64 { Crypt::Digest::digest_data_b64('SHA512_224', @_) } +sub sha512_224_b64u { Crypt::Digest::digest_data_b64u('SHA512_224', @_) } +sub sha512_224_file { Crypt::Digest::digest_file('SHA512_224', @_) } +sub sha512_224_file_hex { Crypt::Digest::digest_file_hex('SHA512_224', @_) } +sub sha512_224_file_b64 { Crypt::Digest::digest_file_b64('SHA512_224', @_) } +sub sha512_224_file_b64u { Crypt::Digest::digest_file_b64u('SHA512_224', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHA512_256.pm b/lib/Crypt/Digest/SHA512_256.pm index d02044b..c96d15d 100644 --- a/lib/Crypt/Digest/SHA512_256.pm +++ b/lib/Crypt/Digest/SHA512_256.pm @@ -4,7 +4,7 @@ package Crypt::Digest::SHA512_256; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub sha512_256 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub sha512_256_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub sha512_256_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub sha512_256_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub sha512_256_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub sha512_256_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub sha512_256_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub sha512_256_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('SHA512_256') } +sub sha512_256 { Crypt::Digest::digest_data('SHA512_256', @_) } +sub sha512_256_hex { Crypt::Digest::digest_data_hex('SHA512_256', @_) } +sub sha512_256_b64 { Crypt::Digest::digest_data_b64('SHA512_256', @_) } +sub sha512_256_b64u { Crypt::Digest::digest_data_b64u('SHA512_256', @_) } +sub sha512_256_file { Crypt::Digest::digest_file('SHA512_256', @_) } +sub sha512_256_file_hex { Crypt::Digest::digest_file_hex('SHA512_256', @_) } +sub sha512_256_file_b64 { Crypt::Digest::digest_file_b64('SHA512_256', @_) } +sub sha512_256_file_b64u { Crypt::Digest::digest_file_b64u('SHA512_256', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/SHAKE.pm b/lib/Crypt/Digest/SHAKE.pm index efdb077..1037d26 100644 --- a/lib/Crypt/Digest/SHAKE.pm +++ b/lib/Crypt/Digest/SHAKE.pm @@ -2,14 +2,12 @@ package Crypt::Digest::SHAKE; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Carp; $Carp::Internal{(__PACKAGE__)}++; use CryptX; -sub new { my $class = shift; _new(@_) } - sub addfile { my ($self, $file) = @_; @@ -102,5 +100,3 @@ Provides an interface to the SHA3's sponge function SHAKE. =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/Tiger192.pm b/lib/Crypt/Digest/Tiger192.pm index 1e66a4c..34a9c96 100644 --- a/lib/Crypt/Digest/Tiger192.pm +++ b/lib/Crypt/Digest/Tiger192.pm @@ -4,7 +4,7 @@ package Crypt::Digest::Tiger192; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub tiger192 { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub tiger192_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub tiger192_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub tiger192_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub tiger192_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub tiger192_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub tiger192_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub tiger192_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('Tiger192') } +sub tiger192 { Crypt::Digest::digest_data('Tiger192', @_) } +sub tiger192_hex { Crypt::Digest::digest_data_hex('Tiger192', @_) } +sub tiger192_b64 { Crypt::Digest::digest_data_b64('Tiger192', @_) } +sub tiger192_b64u { Crypt::Digest::digest_data_b64u('Tiger192', @_) } +sub tiger192_file { Crypt::Digest::digest_file('Tiger192', @_) } +sub tiger192_file_hex { Crypt::Digest::digest_file_hex('Tiger192', @_) } +sub tiger192_file_b64 { Crypt::Digest::digest_file_b64('Tiger192', @_) } +sub tiger192_file_b64u { Crypt::Digest::digest_file_b64u('Tiger192', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Digest/Whirlpool.pm b/lib/Crypt/Digest/Whirlpool.pm index 553dc6d..8a53ea8 100644 --- a/lib/Crypt/Digest/Whirlpool.pm +++ b/lib/Crypt/Digest/Whirlpool.pm @@ -4,7 +4,7 @@ package Crypt::Digest::Whirlpool; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u )] ); @@ -13,19 +13,17 @@ our @EXPORT = qw(); use Carp; $Carp::Internal{(__PACKAGE__)}++; -use CryptX; +use Crypt::Digest; -sub hashsize { Crypt::Digest::hashsize(__PACKAGE__) } - -sub whirlpool { Crypt::Digest::digest_data(__PACKAGE__, @_) } -sub whirlpool_hex { Crypt::Digest::digest_data_hex(__PACKAGE__, @_) } -sub whirlpool_b64 { Crypt::Digest::digest_data_b64(__PACKAGE__, @_) } -sub whirlpool_b64u { Crypt::Digest::digest_data_b64u(__PACKAGE__, @_) } - -sub whirlpool_file { Crypt::Digest::digest_file(__PACKAGE__, @_) } -sub whirlpool_file_hex { Crypt::Digest::digest_file_hex(__PACKAGE__, @_) } -sub whirlpool_file_b64 { Crypt::Digest::digest_file_b64(__PACKAGE__, @_) } -sub whirlpool_file_b64u { Crypt::Digest::digest_file_b64u(__PACKAGE__, @_) } +sub hashsize { Crypt::Digest::hashsize('Whirlpool') } +sub whirlpool { Crypt::Digest::digest_data('Whirlpool', @_) } +sub whirlpool_hex { Crypt::Digest::digest_data_hex('Whirlpool', @_) } +sub whirlpool_b64 { Crypt::Digest::digest_data_b64('Whirlpool', @_) } +sub whirlpool_b64u { Crypt::Digest::digest_data_b64u('Whirlpool', @_) } +sub whirlpool_file { Crypt::Digest::digest_file('Whirlpool', @_) } +sub whirlpool_file_hex { Crypt::Digest::digest_file_hex('Whirlpool', @_) } +sub whirlpool_file_b64 { Crypt::Digest::digest_file_b64('Whirlpool', @_) } +sub whirlpool_file_b64u { Crypt::Digest::digest_file_b64u('Whirlpool', @_) } 1; @@ -216,12 +214,10 @@ The OO interface provides the same set of functions as L. =over -=item * L, L +=item * L, L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/KeyDerivation.pm b/lib/Crypt/KeyDerivation.pm index 921f484..522c5b6 100644 --- a/lib/Crypt/KeyDerivation.pm +++ b/lib/Crypt/KeyDerivation.pm @@ -2,60 +2,16 @@ package Crypt::KeyDerivation; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract)] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -use Crypt::Digest; - -sub pbkdf1 { - my ($password, $salt, $iteration_count, $hash_name, $len) = @_; - $iteration_count ||= 5000; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA256'); - $len ||= 32; - return _pkcs_5_alg1($password, $salt, $iteration_count, $hash_name, $len); -} - -sub pbkdf2 { - my ($password, $salt, $iteration_count, $hash_name, $len) = @_; - $iteration_count ||= 5000; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA256'); - $len ||= 32; - return _pkcs_5_alg2($password, $salt, $iteration_count, $hash_name, $len); -} - -sub hkdf_extract { - # RFC: HKDF-Extract(salt, IKM, [Hash]) -> PRK - #my ($hash_name, $salt, $keying_material) = @_; - my ($keying_material, $salt, $hash_name) = @_; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA256'); - $salt = pack("H*", "00" x Crypt::Digest->hashsize($hash_name)) unless defined $salt; # according to rfc5869 defaults to HashLen zero octets - return _hkdf_extract($hash_name, $salt, $keying_material); -} - -sub hkdf_expand { - # RFC: HKDF-Expand(PRK, info, L, [Hash]) -> OKM - #my ($hash_name, $info, $keying_material, $len) = @_; - my ($keying_material, $hash_name, $len, $info) = @_; - $len ||= 32; - $info ||= ''; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA256'); - return _hkdf_expand($hash_name, $info, $keying_material, $len); -} - -sub hkdf { - #my ($hash_name, $salt, $info, $keying_material, $len) = @_; - my ($keying_material, $salt, $hash_name, $len, $info) = @_; - $len ||= 32; - $info ||= ''; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA256'); - $salt = pack("H*", "00" x Crypt::Digest->hashsize($hash_name)) unless defined $salt; # according to rfc5869 defaults to HashLen zero octets - return _hkdf($hash_name, $salt, $info, $keying_material, $len); -} 1; @@ -63,7 +19,7 @@ sub hkdf { =head1 NAME -Crypt::KeyDerivation - PBKDF1, PBKFD2 and HKDF key derivation functions +Crypt::KeyDerivation - PBKDF1, PBKDF2 and HKDF key derivation functions =head1 SYNOPSIS @@ -82,7 +38,7 @@ Provides an interface to Key derivation functions: =over -=item * PBKFD1 and PBKDF according to PKCS#5 v2.0 L +=item * PBKDF1 and PBKDF according to PKCS#5 v2.0 L =item * HKDF (+ related) according to L @@ -165,3 +121,5 @@ B if you are not sure, do not use C but rather choose C # $hash_name .. optional, DEFAULT: 'SHA256' # $len ........ optional, derived key len, DEFAULT: 32 # $info ....... optional context and application specific information, DEFAULT: '' + +=cut diff --git a/lib/Crypt/Mac.pm b/lib/Crypt/Mac.pm index a52ae8a..aca66ed 100644 --- a/lib/Crypt/Mac.pm +++ b/lib/Crypt/Mac.pm @@ -2,38 +2,30 @@ package Crypt::Mac; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; -our %EXPORT_TAGS = ( all => [qw( mac mac_hex )] ); -our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); -our @EXPORT = qw(); - -sub add { - my $self = shift; - $self->_add_single($_) for (@_); - return $self; -} +use Carp; +$Carp::Internal{(__PACKAGE__)}++; +use CryptX; sub addfile { my ($self, $file) = @_; my $handle; if (ref(\$file) eq 'SCALAR') { - #filename open($handle, "<", $file) || die "FATAL: cannot open '$file': $!"; binmode($handle); } else { - #handle $handle = $file } die "FATAL: invalid handle" unless defined $handle; my $n; my $buf = ""; + local $SIG{__DIE__} = \&CryptX::_croak; while (($n = read($handle, $buf, 32*1024))) { - $self->_add_single($buf) + $self->add($buf); } die "FATAL: read failed: $!" unless defined $n; @@ -44,10 +36,10 @@ sub CLONE_SKIP { 1 } # prevent cloning 1; -__END__ - +=pod + =head1 NAME -Crypt::mode - [internal only] +Crypt::Mac - [internal only] -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/Mac/BLAKE2b.pm b/lib/Crypt/Mac/BLAKE2b.pm index 657a94c..1024841 100644 --- a/lib/Crypt/Mac/BLAKE2b.pm +++ b/lib/Crypt/Mac/BLAKE2b.pm @@ -4,20 +4,13 @@ package Crypt::Mac::BLAKE2b; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -sub new { my $class = shift; _new(@_) } -sub blake2b { Crypt::Mac::BLAKE2b->new(shift, shift)->add(@_)->mac } -sub blake2b_hex { Crypt::Mac::BLAKE2b->new(shift, shift)->add(@_)->hexmac } -sub blake2b_b64 { Crypt::Mac::BLAKE2b->new(shift, shift)->add(@_)->b64mac } -sub blake2b_b64u { Crypt::Mac::BLAKE2b->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -147,10 +140,8 @@ Logically joins all arguments into a single string, and returns its BLAKE2b mess =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/BLAKE2s.pm b/lib/Crypt/Mac/BLAKE2s.pm index c696abc..6f62a3f 100644 --- a/lib/Crypt/Mac/BLAKE2s.pm +++ b/lib/Crypt/Mac/BLAKE2s.pm @@ -4,20 +4,13 @@ package Crypt::Mac::BLAKE2s; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -sub new { my $class = shift; _new(@_) } -sub blake2s { Crypt::Mac::BLAKE2s->new(shift, shift)->add(@_)->mac } -sub blake2s_hex { Crypt::Mac::BLAKE2s->new(shift, shift)->add(@_)->hexmac } -sub blake2s_b64 { Crypt::Mac::BLAKE2s->new(shift, shift)->add(@_)->b64mac } -sub blake2s_b64u { Crypt::Mac::BLAKE2s->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -147,10 +140,8 @@ Logically joins all arguments into a single string, and returns its BLAKE2s mess =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/F9.pm b/lib/Crypt/Mac/F9.pm index 3caf72c..279ed2e 100644 --- a/lib/Crypt/Mac/F9.pm +++ b/lib/Crypt/Mac/F9.pm @@ -4,22 +4,13 @@ package Crypt::Mac::F9; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( f9 f9_hex f9_b64 f9_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -use Crypt::Cipher; - -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } -sub f9 { Crypt::Mac::F9->new(shift, shift)->add(@_)->mac } -sub f9_hex { Crypt::Mac::F9->new(shift, shift)->add(@_)->hexmac } -sub f9_b64 { Crypt::Mac::F9->new(shift, shift)->add(@_)->b64mac } -sub f9_b64u { Crypt::Mac::F9->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -152,5 +143,3 @@ Logically joins all arguments into a single string, and returns its F9 message a =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/HMAC.pm b/lib/Crypt/Mac/HMAC.pm index 8a2567f..95a8020 100644 --- a/lib/Crypt/Mac/HMAC.pm +++ b/lib/Crypt/Mac/HMAC.pm @@ -4,22 +4,13 @@ package Crypt::Mac::HMAC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( hmac hmac_hex hmac_b64 hmac_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -use Crypt::Digest; - -sub new { my $class = shift; _new(Crypt::Digest::_trans_digest_name(shift), @_) } -sub hmac { Crypt::Mac::HMAC->new(shift, shift)->add(@_)->mac } -sub hmac_hex { Crypt::Mac::HMAC->new(shift, shift)->add(@_)->hexmac } -sub hmac_b64 { Crypt::Mac::HMAC->new(shift, shift)->add(@_)->b64mac } -sub hmac_b64u { Crypt::Mac::HMAC->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -77,6 +68,9 @@ Logically joins all arguments into a single string, and returns its HMAC message #or $hmac_raw = hmac($hash_name, $key, 'any data', 'more data', 'even more data'); + # $hash_name ... any for which there exists Crypt::Digest:: + # $key ......... the key (octets/bytes) + =head2 hmac_hex Logically joins all arguments into a single string, and returns its HMAC message authentication code encoded as a hexadecimal string. @@ -85,6 +79,9 @@ Logically joins all arguments into a single string, and returns its HMAC message #or $hmac_hex = hmac_hex($hash_name, $key, 'any data', 'more data', 'even more data'); + # $hash_name ... any for which there exists Crypt::Digest:: + # $key ......... the key (octets/bytes, not hex!) + =head2 hmac_b64 Logically joins all arguments into a single string, and returns its HMAC message authentication code encoded as a Base64 string. @@ -93,6 +90,9 @@ Logically joins all arguments into a single string, and returns its HMAC message #or $hmac_b64 = hmac_b64($hash_name, $key, 'any data', 'more data', 'even more data'); + # $hash_name ... any for which there exists Crypt::Digest:: + # $key ......... the key (octets/bytes, not Base64!) + =head2 hmac_b64u Logically joins all arguments into a single string, and returns its HMAC message authentication code encoded as a Base64 URL Safe string (see RFC 4648 section 5). @@ -101,12 +101,18 @@ Logically joins all arguments into a single string, and returns its HMAC message #or $hmac_b64url = hmac_b64u($hash_name, $key, 'any data', 'more data', 'even more data'); + # $hash_name ... any for which there exists Crypt::Digest:: + # $key ......... the key (octets/bytes, not Base64url!) + =head1 METHODS =head2 new $d = Crypt::Mac::HMAC->new($hash_name, $key); + # $hash_name ... any for which there exists Crypt::Digest:: + # $key ......... the key (octets/bytes) + =head2 clone $d->clone(); @@ -149,12 +155,10 @@ Logically joins all arguments into a single string, and returns its HMAC message =item * L -=item * L +=item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/OMAC.pm b/lib/Crypt/Mac/OMAC.pm index 3d752f0..d49a29b 100644 --- a/lib/Crypt/Mac/OMAC.pm +++ b/lib/Crypt/Mac/OMAC.pm @@ -4,22 +4,13 @@ package Crypt::Mac::OMAC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( omac omac_hex omac_b64 omac_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -use Crypt::Cipher; - -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } -sub omac { Crypt::Mac::OMAC->new(shift, shift)->add(@_)->mac } -sub omac_hex { Crypt::Mac::OMAC->new(shift, shift)->add(@_)->hexmac } -sub omac_b64 { Crypt::Mac::OMAC->new(shift, shift)->add(@_)->b64mac } -sub omac_b64u { Crypt::Mac::OMAC->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -149,10 +140,8 @@ Logically joins all arguments into a single string, and returns its OMAC message =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/PMAC.pm b/lib/Crypt/Mac/PMAC.pm index 04917de..3572860 100644 --- a/lib/Crypt/Mac/PMAC.pm +++ b/lib/Crypt/Mac/PMAC.pm @@ -4,22 +4,13 @@ package Crypt::Mac::PMAC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( pmac pmac_hex pmac_b64 pmac_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -use Crypt::Cipher; - -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } -sub pmac { Crypt::Mac::PMAC->new(shift, shift)->add(@_)->mac } -sub pmac_hex { Crypt::Mac::PMAC->new(shift, shift)->add(@_)->hexmac } -sub pmac_b64 { Crypt::Mac::PMAC->new(shift, shift)->add(@_)->b64mac } -sub pmac_b64u { Crypt::Mac::PMAC->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -149,10 +140,8 @@ Logically joins all arguments into a single string, and returns its PMAC message =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/Pelican.pm b/lib/Crypt/Mac/Pelican.pm index 374b5c9..559a7d7 100644 --- a/lib/Crypt/Mac/Pelican.pm +++ b/lib/Crypt/Mac/Pelican.pm @@ -4,20 +4,13 @@ package Crypt::Mac::Pelican; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( pelican pelican_hex pelican_b64 pelican_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -sub new { my $class = shift; _new(@_) } -sub pelican { Crypt::Mac::Pelican->new(shift)->add(@_)->mac } -sub pelican_hex { Crypt::Mac::Pelican->new(shift)->add(@_)->hexmac } -sub pelican_b64 { Crypt::Mac::Pelican->new(shift)->add(@_)->b64mac } -sub pelican_b64u { Crypt::Mac::Pelican->new(shift)->add(@_)->b64umac } - 1; =pod @@ -147,10 +140,8 @@ Logically joins all arguments into a single string, and returns its Pelican mess =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/Poly1305.pm b/lib/Crypt/Mac/Poly1305.pm index 1d9bf08..66ba303 100644 --- a/lib/Crypt/Mac/Poly1305.pm +++ b/lib/Crypt/Mac/Poly1305.pm @@ -4,20 +4,13 @@ package Crypt::Mac::Poly1305; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -sub new { my $class = shift; _new(@_) } -sub poly1305 { Crypt::Mac::Poly1305->new(shift)->add(@_)->mac } -sub poly1305_hex { Crypt::Mac::Poly1305->new(shift)->add(@_)->hexmac } -sub poly1305_b64 { Crypt::Mac::Poly1305->new(shift)->add(@_)->b64mac } -sub poly1305_b64u { Crypt::Mac::Poly1305->new(shift)->add(@_)->b64umac } - 1; =pod @@ -147,10 +140,8 @@ Logically joins all arguments into a single string, and returns its Poly1305 mes =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Mac/XCBC.pm b/lib/Crypt/Mac/XCBC.pm index 61da224..7a54b03 100644 --- a/lib/Crypt/Mac/XCBC.pm +++ b/lib/Crypt/Mac/XCBC.pm @@ -4,22 +4,13 @@ package Crypt::Mac::XCBC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -use CryptX; -use Crypt::Cipher; - -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } -sub xcbc { Crypt::Mac::XCBC->new(shift, shift)->add(@_)->mac } -sub xcbc_hex { Crypt::Mac::XCBC->new(shift, shift)->add(@_)->hexmac } -sub xcbc_b64 { Crypt::Mac::XCBC->new(shift, shift)->add(@_)->b64mac } -sub xcbc_b64u { Crypt::Mac::XCBC->new(shift, shift)->add(@_)->b64umac } - 1; =pod @@ -149,10 +140,8 @@ Logically joins all arguments into a single string, and returns its XCBC message =item * L -=item * L +=item * L =back =cut - -__END__ \ No newline at end of file diff --git a/lib/Crypt/Misc.pm b/lib/Crypt/Misc.pm index 74cea07..1e98606 100644 --- a/lib/Crypt/Misc.pm +++ b/lib/Crypt/Misc.pm @@ -2,13 +2,23 @@ package Crypt::Misc; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import'; use Carp 'croak'; -our %EXPORT_TAGS = ( all => [qw(encode_b64 decode_b64 encode_b64u decode_b64u - pem_to_der der_to_pem - read_rawfile write_rawfile +our %EXPORT_TAGS = ( all => [qw(encode_b64 decode_b64 + encode_b64u decode_b64u + encode_b58b decode_b58b + encode_b58f decode_b58f + encode_b58r decode_b58r + encode_b58t decode_b58t + encode_b58s decode_b58s + encode_b32r decode_b32r + encode_b32b decode_b32b + encode_b32z decode_b32z + encode_b32c decode_b32c + pem_to_der der_to_pem + read_rawfile write_rawfile slow_eq is_v4uuid random_v4uuid increment_octets_be increment_octets_le )] ); @@ -25,36 +35,72 @@ use Crypt::Mode::OFB; use Crypt::Cipher; use Crypt::PRNG 'random_bytes'; -sub encode_b64 { - CryptX::_encode_base64(@_); +sub _encode_b58 { + my ($bytes, $alphabet) = @_; + + return '' if !defined $bytes || length($bytes) == 0; + + # handle leading zero-bytes + my $base58 = ''; + if ($bytes =~ /^(\x00+)/) { + $base58 = ('0' x length($1)); + } + $base58 .= _bin_to_radix($bytes, 58); + + if (defined $alphabet) { + my $default = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuv"; + return undef if $alphabet !~ /^[a-zA-Z0-9]{58}$/; + eval "\$base58 =~ tr/$default/$alphabet/"; # HACK: https://stackoverflow.com/questions/11415045/using-a-char-variable-in-tr + return undef if $@; + } + + return $base58; } -sub decode_b64 { - CryptX::_decode_base64(@_); +sub _decode_b58 { + my ($base58, $alphabet) = @_; + + return '' if !defined $base58 || length($base58) == 0; + + my $default = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuv"; + if (defined $alphabet) { + return undef if $alphabet !~ /^[a-zA-Z0-9]{58}$/ || $base58 !~ /^[$alphabet]+$/; + eval "\$base58 =~ tr/$alphabet/$default/"; # HACK: https://stackoverflow.com/questions/11415045/using-a-char-variable-in-tr + return undef if $@; + } + return undef if $base58 !~ /^[$default]+$/; + + # handle leading zeroes + my $bytes = ''; + if ($base58 =~ /^(0+)(.*)$/) { + $base58 = $2; + $bytes = ("\x00" x length($1)); + } + $bytes .= _radix_to_bin($base58, 58) if defined $base58 && length($base58) > 0; + + return $bytes; } -sub encode_b64u { - CryptX::_encode_base64url(@_); -} +sub decode_b58b { _decode_b58(shift, "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz") } # Bitcoin +sub decode_b58f { _decode_b58(shift, "123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ") } # Flickr +sub decode_b58r { _decode_b58(shift, "rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz") } # Ripple +sub decode_b58t { _decode_b58(shift, "RPShNAF39wBUDnEGHJKLM4pQrsT7VWXYZ2bcdeCg65jkm8ofqi1tuvaxyz") } # Tipple +sub decode_b58s { _decode_b58(shift, "gsphnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCr65jkm8oFqi1tuvAxyz") } # Stellar -sub decode_b64u { - CryptX::_decode_base64url(@_); -} - -sub increment_octets_be { - CryptX::_increment_octets_be(@_); - #$_[0] = CryptX::_increment_octets_be($_[0]); -} - -sub increment_octets_le { - CryptX::_increment_octets_le(@_); - #$_[0] = CryptX::_increment_octets_le($_[0]); -} +sub encode_b58b { _encode_b58(shift, "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz") } # Bitcoin +sub encode_b58f { _encode_b58(shift, "123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ") } # Flickr +sub encode_b58r { _encode_b58(shift, "rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz") } # Ripple +sub encode_b58t { _encode_b58(shift, "RPShNAF39wBUDnEGHJKLM4pQrsT7VWXYZ2bcdeCg65jkm8ofqi1tuvaxyz") } # Tipple +sub encode_b58s { _encode_b58(shift, "gsphnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCr65jkm8oFqi1tuvAxyz") } # Stellar sub pem_to_der { my ($data, $password) = @_; - my ($begin, $obj1, $content, $end, $obj2) = $data =~ m/(----[- ]BEGIN ([^\r\n\-]+KEY)[ -]----)(.*?)(----[- ]END ([^\r\n\-]+)[ -]----)/s; + my ($begin, $obj1, $content, $end, $obj2); + # first try to load KEY (e.g. EC pem files might contain more parts) + ($begin, $obj1, $content, $end, $obj2) = $data =~ m/(----[- ]BEGIN ([^\r\n\-]+KEY)[ -]----)(.*?)(----[- ]END ([^\r\n\-]+)[ -]----)/s; + # if failed then try to load anything + ($begin, $obj1, $content, $end, $obj2) = $data =~ m/(----[- ]BEGIN ([^\r\n\-]+)[ -]----)(.*?)(----[- ]END ([^\r\n\-]+)[ -]----)/s unless $content; return undef unless $content; $content =~ s/^\s+//sg; @@ -111,6 +157,7 @@ sub der_to_pem { } sub read_rawfile { + # $data = read_rawfile($filename); my $f = shift; croak "FATAL: read_rawfile() non-existing file '$f'" unless -f $f; open my $fh, "<", $f or croak "FATAL: read_rawfile() cannot open file '$f': $!"; @@ -235,41 +282,9 @@ Or import all available functions: use Crypt::Misc ':all'; -=head2 encode_b64 - -I - - $base64string = encode_b64($rawdata); - -Encode $rawbytes into Base64 string, no line-endings in the output string. - -=head2 decode_b64 - -I - - $rawdata = encode_b64($base64string); - -Decode a Base64 string. - -=head2 encode_b64u - -I - - $base64url_string = encode_b64($rawdata); - -Encode $rawbytes into Base64/URL-Safe string, no line-endings in the output string. - -=head2 decode_b64u - -I - - $rawdata = encode_b64($base64url_string); - -Decode a Base64/URL-Safe string. - =head2 read_rawfile -I +I $rawdata = read_rawfile($filename); @@ -277,15 +292,15 @@ Read file C<$filename> into a scalar as a binary data (without decoding/transfor =head2 write_rawfile -I +I write_rawfile($filename, $rawdata); -Write C<$rawdata> to file <$filename> as binary data. +Write C<$rawdata> to file C<$filename> as binary data. =head2 slow_eq -I +I if (slow_eq($data1, $data2)) { ... } @@ -293,7 +308,7 @@ Constant time compare (to avoid timing side-channel). =head2 pem_to_der -I +I $der_data = pem_to_der($pem_data); #or @@ -303,13 +318,13 @@ Convert PEM to DER representation. Supports also password protected PEM data. =head2 der_to_pem -I +I - $pem_data = der_to_pem($pem_data, $header_name); + $pem_data = der_to_pem($der_data, $header_name); #or - $pem_data = der_to_pem($pem_data, $header_name, $password); + $pem_data = der_to_pem($der_data, $header_name, $password); #or - $pem_data = der_to_pem($pem_data, $header_name, $passord, $cipher_name); + $pem_data = der_to_pem($der_data, $header_name, $passord, $cipher_name); # $header_name e.g. "PUBLIC KEY", "RSA PRIVATE KEY" ... # $cipher_name e.g. "DES-EDE3-CBC", "AES-256-CBC" (DEFAULT) ... @@ -318,7 +333,7 @@ Convert DER to PEM representation. Supports also password protected PEM data. =head2 random_v4uuid -I +I my $uuid = random_v4uuid(); @@ -328,7 +343,7 @@ e.g. C. =head2 is_v4uuid -I +I if (is_v4uuid($uuid)) { ... @@ -338,7 +353,7 @@ Checks the given C<$uuid> string whether it matches V4 UUID format and returns C =head2 increment_octets_le -I +I $octects = increment_octets_le($octets); @@ -346,12 +361,188 @@ Take input C<$octets> as a little-endian big number and return an increment. =head2 increment_octets_be -I +I $octects = increment_octets_be($octets); Take input C<$octets> as a big-endian big number and return an increment. +=head2 encode_b64 + +I + + $base64string = encode_b64($rawdata); + +Encode $rawbytes into Base64 string, no line-endings in the output string. + +=head2 decode_b64 + +I + + $rawdata = decode_b64($base64string); + +Decode a Base64 string. + +=head2 encode_b64u + +I + + $base64url_string = encode_b64($rawdata); + +Encode $rawbytes into Base64/URL-Safe string, no line-endings in the output string. + +=head2 decode_b64u + +I + + $rawdata = decode_b64($base64url_string); + +Decode a Base64/URL-Safe string. + +=head2 encode_b32r + +I + + $string = encode_b32r($rawdata); + +Encode bytes into Base32 (rfc4648 alphabet) string, without "=" padding. + +=head2 decode_b32r + +I + + $rawdata = decode_b32r($string); + +Decode a Base32 (rfc4648 alphabet) string into bytes. + +=head2 encode_b32b + +I + + $string = encode_b32b($rawdata); + +Encode bytes into Base32 (base32hex alphabet) string, without "=" padding. + +=head2 decode_b32b + +I + + $rawdata = decode_b32b($string); + +Decode a Base32 (base32hex alphabet) string into bytes. + +=head2 encode_b32z + +I + + $string = encode_b32z($rawdata); + +Encode bytes into Base32 (zbase32 alphabet) string. + +=head2 decode_b32z + +I + + $rawdata = decode_b32z($string); + +Decode a Base32 (zbase32 alphabet) string into bytes. + +=head2 encode_b32c + +I + + $string = encode_b32c($rawdata); + +Encode bytes into Base32 (crockford alphabet) string. + +=head2 decode_b32c + +I + + $rawdata = decode_b32c($string); + +Decode a Base32 (crockford alphabet) string into bytes. + +=head2 encode_b58b + +I + + $string = encode_b58b($rawdata); + +Encode bytes into Base58 (Bitcoin alphabet) string. + +=head2 decode_b58b + +I + + $rawdata = decode_b58b($string); + +Decode a Base58 (Bitcoin alphabet) string into bytes. + +=head2 encode_b58f + +I + + $string = encode_b58f($rawdata); + +Encode bytes into Base58 (Flickr alphabet) string. + +=head2 decode_b58f + +I + + $rawdata = decode_b58f($string); + +Decode a Base58 (Flickr alphabet) string into bytes. + +=head2 encode_b58r + +I + + $string = encode_b58r($rawdata); + +Encode bytes into Base58 (Ripple alphabet) string. + +=head2 decode_b58r + +I + + $rawdata = decode_b58r($string); + +Decode a Base58 (Ripple alphabet) string into bytes. + +=head2 encode_b58t + +I + + $string = encode_b58t($rawdata); + +Encode bytes into Base58 (Tipple alphabet) string. + +=head2 decode_b58t + +I + + $rawdata = decode_b58t($string); + +Decode a Base58 (Tipple alphabet) string into bytes. + +=head2 encode_b58s + +I + + $string = encode_b58s($rawdata); + +Encode bytes into Base58 (Stellar alphabet) string. + +=head2 decode_b58s + +I + + $rawdata = decode_b58s($string); + +Decode a Base58 (Stellar alphabet) string into bytes. + =head1 SEE ALSO =over diff --git a/lib/Crypt/Mode.pm b/lib/Crypt/Mode.pm index 0db6b5b..a17c684 100644 --- a/lib/Crypt/Mode.pm +++ b/lib/Crypt/Mode.pm @@ -2,71 +2,16 @@ package Crypt::Mode; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -### METHODS - -sub new { die } # overriden in subclass - -sub encrypt { - my ($self, $pt) = (shift, shift); - $self->_start(1, @_); - return $self->add($pt) . $self->finish; -} - -sub decrypt { - my ($self, $ct) = (shift, shift); - $self->_start(-1, @_); - return $self->add($ct) . $self->finish; -} - -sub start_encrypt { - my $self = shift; - $self->_start(1, @_); - return $self; -} - -sub start_decrypt { - my $self = shift; - $self->_start(-1, @_); - return $self; -} - -sub finish { - shift->_finish(@_); -} - -sub add { - my $self = shift; - my $rv = ''; - $rv .= $self->_crypt($_) for (@_); - return $rv; -} - -sub _crypt { - my $self = shift; - my $dir = $self->_get_dir; - return $self->_encrypt(@_) if $dir == 1; - return $self->_decrypt(@_) if $dir == -1; - return; -} - -sub _finish { - my $self = shift; - my $dir = $self->_get_dir; - return $self->_finish_enc(@_) if $dir == 1; - return $self->_finish_dec(@_) if $dir == -1; - return; -} - -sub CLONE_SKIP { 1 } # prevent cloning +### not used 1; -__END__ - +=pod + =head1 NAME Crypt::Mode - [internal only] -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/Mode/CBC.pm b/lib/Crypt/Mode/CBC.pm index be15194..52d5fb7 100644 --- a/lib/Crypt/Mode/CBC.pm +++ b/lib/Crypt/Mode/CBC.pm @@ -4,12 +4,23 @@ package Crypt::Mode::CBC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Crypt::Cipher; -use base 'Crypt::Mode'; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +sub encrypt { + my ($self, $pt) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_encrypt(@_)->add($pt) . $self->finish; +} + +sub decrypt { + my ($self, $ct) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_decrypt(@_)->add($ct) . $self->finish; +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -48,12 +59,17 @@ This module implements CBC cipher mode. B it works only with ciphers from =head2 new - my $m = Crypt::Mode::CBC->new('AES'); + my $m = Crypt::Mode::CBC->new($name); #or - my $m = Crypt::Mode::CBC->new('AES', $padding); + my $m = Crypt::Mode::CBC->new($name, $padding); #or - my $m = Crypt::Mode::CBC->new('AES', $padding, $cipher_rounds); + my $m = Crypt::Mode::CBC->new($name, $padding, $cipher_rounds); + # $name ....... one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', + # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', + # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: # $padding .... 0 no padding (plaintext size has to be myltiple of block length) # 1 PKCS5 padding, Crypt::CBC's "standard" - DEFAULT # 2 Crypt::CBC's "oneandzeroes" @@ -69,15 +85,19 @@ This module implements CBC cipher mode. B it works only with ciphers from =head2 start_encrypt -See example below L. + $m->start_encrypt($key, $iv); =head2 start_decrypt -See example below L. + $m->start_decrypt($key, $iv); =head2 add -See example below L. + # in encrypt mode + my $plaintext = $m->add($ciphertext); + + # in decrypt mode + my $ciphertext = $m->add($plaintext); =head2 finish @@ -99,10 +119,12 @@ See example below L. =over -=item * L, L +=item * L, L -=item * L, L, ... +=item * L, L, ... -=item * L +=item * L =back + +=cut diff --git a/lib/Crypt/Mode/CFB.pm b/lib/Crypt/Mode/CFB.pm index 6dc55f4..32f93f4 100644 --- a/lib/Crypt/Mode/CFB.pm +++ b/lib/Crypt/Mode/CFB.pm @@ -4,12 +4,23 @@ package Crypt::Mode::CFB; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Crypt::Cipher; -use base 'Crypt::Mode'; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +sub encrypt { + my ($self, $pt) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_encrypt(@_)->add($pt); +} + +sub decrypt { + my ($self, $ct) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_decrypt(@_)->add($ct); +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -46,10 +57,15 @@ This module implements CFB cipher mode. B it works only with ciphers from =head2 new - my $m = Crypt::Mode::CFB->new('AES'); + my $m = Crypt::Mode::CFB->new($name); #or - my $m = Crypt::Mode::CFB->new('AES', $cipher_rounds); + my $m = Crypt::Mode::CFB->new($name, $cipher_rounds); + # $name ............ one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', + # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', + # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: # $cipher_rounds ... optional num of rounds for given cipher =head2 encrypt @@ -62,38 +78,30 @@ This module implements CFB cipher mode. B it works only with ciphers from =head2 start_encrypt -See example below L. + $m->start_encrypt($key, $iv); =head2 start_decrypt -See example below L. + $m->start_decrypt($key, $iv); =head2 add -See example below L. + # in encrypt mode + my $plaintext = $m->add($ciphertext); -=head2 finish - - #encrypt more chunks - $m->start_encrypt($key, $iv); - my $ciphertext = ''; - $ciphertext .= $m->add('some data'); - $ciphertext .= $m->add('more data'); - - #decrypt more chunks - $m->start_decrypt($key, $iv); - my $plaintext = ''; - $plaintext .= $m->add($some_ciphertext); - $plaintext .= $m->add($more_ciphertext); + # in decrypt mode + my $ciphertext = $m->add($plaintext); =head1 SEE ALSO =over -=item * L, L +=item * L, L -=item * L, L, ... +=item * L, L, ... -=item * L +=item * L =back + +=cut diff --git a/lib/Crypt/Mode/CTR.pm b/lib/Crypt/Mode/CTR.pm index 060e814..885ede9 100644 --- a/lib/Crypt/Mode/CTR.pm +++ b/lib/Crypt/Mode/CTR.pm @@ -4,12 +4,23 @@ package Crypt::Mode::CTR; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Crypt::Cipher; -use base 'Crypt::Mode'; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +sub encrypt { + my ($self, $pt) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_encrypt(@_)->add($pt); +} + +sub decrypt { + my ($self, $ct) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_decrypt(@_)->add($ct); +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -52,11 +63,16 @@ This module implements CTR cipher mode. B it works only with ciphers from #or my $m = Crypt::Mode::CTR->new($cipher_name, $ctr_mode, $ctr_width, $cipher_rounds); - # $ctr_mode .... 0 little-endian counter (DEFAULT) - # 1 big-endian counter - # 2 little-endian + RFC3686 incrementing - # 3 big-endian + RFC3686 incrementing - # $ctr_width ... counter width in bytes (DEFAULT = full block width) + # $cipher_name .. one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', + # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', + # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: + # $ctr_mode ..... 0 little-endian counter (DEFAULT) + # 1 big-endian counter + # 2 little-endian + RFC3686 incrementing + # 3 big-endian + RFC3686 incrementing + # $ctr_width .... counter width in bytes (DEFAULT = full block width) # $cipher_rounds ... optional num of rounds for given cipher =head2 encrypt @@ -69,38 +85,30 @@ This module implements CTR cipher mode. B it works only with ciphers from =head2 start_encrypt -See example below L. + $m->start_encrypt($key, $iv); =head2 start_decrypt -See example below L. + $m->start_decrypt($key, $iv); =head2 add -See example below L. + # in encrypt mode + my $plaintext = $m->add($ciphertext); -=head2 finish - - #encrypt more chunks - $m->start_encrypt($key, $iv); - my $ciphertext = ''; - $ciphertext .= $m->add('some data'); - $ciphertext .= $m->add('more data'); - - #decrypt more chunks - $m->start_decrypt($key, $iv); - my $plaintext = ''; - $plaintext .= $m->add($some_ciphertext); - $plaintext .= $m->add($more_ciphertext); + # in decrypt mode + my $ciphertext = $m->add($plaintext); =head1 SEE ALSO =over -=item * L, L +=item * L, L -=item * L, L, ... +=item * L, L, ... -=item * L +=item * L =back + +=cut diff --git a/lib/Crypt/Mode/ECB.pm b/lib/Crypt/Mode/ECB.pm index 2fa877e..bb6198d 100644 --- a/lib/Crypt/Mode/ECB.pm +++ b/lib/Crypt/Mode/ECB.pm @@ -4,12 +4,23 @@ package Crypt::Mode::ECB; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Crypt::Cipher; -use base 'Crypt::Mode'; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +sub encrypt { + my ($self, $pt) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_encrypt(@_)->add($pt) . $self->finish; +} + +sub decrypt { + my ($self, $ct) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_decrypt(@_)->add($ct) . $self->finish; +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -49,12 +60,17 @@ B, if you are not sure go for Lnew('AES'); + my $m = Crypt::Mode::ECB->new($name); #or - my $m = Crypt::Mode::ECB->new('AES', $padding); + my $m = Crypt::Mode::ECB->new($name, $padding); #or - my $m = Crypt::Mode::ECB->new('AES', $padding, $cipher_rounds); + my $m = Crypt::Mode::ECB->new($name, $padding, $cipher_rounds); + # $name ....... one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', + # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', + # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: # $padding .... 0 no padding (plaintext size has to be myltiple of block length) # 1 PKCS5 padding, Crypt::CBC's "standard" - DEFAULT # 2 Crypt::CBC's "oneandzeroes" @@ -70,15 +86,19 @@ B, if you are not sure go for L. + $m->start_encrypt($key); =head2 start_decrypt -See example below L. + $m->start_decrypt($key); =head2 add -See example below L. + # in encrypt mode + my $plaintext = $m->add($ciphertext); + + # in decrypt mode + my $ciphertext = $m->add($plaintext); =head2 finish @@ -100,10 +120,12 @@ See example below L. =over -=item * L, L +=item * L, L -=item * L, L, ... +=item * L, L, ... -=item * L +=item * L =back + +=cut diff --git a/lib/Crypt/Mode/OFB.pm b/lib/Crypt/Mode/OFB.pm index efd888e..5b67485 100644 --- a/lib/Crypt/Mode/OFB.pm +++ b/lib/Crypt/Mode/OFB.pm @@ -4,12 +4,23 @@ package Crypt::Mode::OFB; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Crypt::Cipher; -use base 'Crypt::Mode'; -sub new { my $class = shift; _new(Crypt::Cipher::_trans_cipher_name(shift), @_) } +sub encrypt { + my ($self, $pt) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_encrypt(@_)->add($pt); +} + +sub decrypt { + my ($self, $ct) = (shift, shift); + local $SIG{__DIE__} = \&CryptX::_croak; + $self->start_decrypt(@_)->add($ct); +} + +sub CLONE_SKIP { 1 } # prevent cloning 1; @@ -46,10 +57,15 @@ This module implements OFB cipher mode. B it works only with ciphers from =head2 new - my $m = Crypt::Mode::OFB->new('AES'); + my $m = Crypt::Mode::OFB->new($name); #or - my $m = Crypt::Mode::OFB->new('AES', $cipher_rounds); + my $m = Crypt::Mode::OFB->new($name, $cipher_rounds); + # $name ............ one of 'AES', 'Anubis', 'Blowfish', 'CAST5', 'Camellia', 'DES', 'DES_EDE', + # 'KASUMI', 'Khazad', 'MULTI2', 'Noekeon', 'RC2', 'RC5', 'RC6', + # 'SAFERP', 'SAFER_K128', 'SAFER_K64', 'SAFER_SK128', 'SAFER_SK64', + # 'SEED', 'Skipjack', 'Twofish', 'XTEA', 'IDEA', 'Serpent' + # simply any for which there exists Crypt::Cipher:: # $cipher_rounds ... optional num of rounds for given cipher =head2 encrypt @@ -62,38 +78,30 @@ This module implements OFB cipher mode. B it works only with ciphers from =head2 start_encrypt -See example below L. + $m->start_encrypt($key, $iv); =head2 start_decrypt -See example below L. + $m->start_decrypt($key, $iv); =head2 add -See example below L. + # in encrypt mode + my $plaintext = $m->add($ciphertext); -=head2 finish - - #encrypt more chunks - $m->start_encrypt($key, $iv); - my $ciphertext = ''; - $ciphertext .= $m->add('some data'); - $ciphertext .= $m->add('more data'); - - #decrypt more chunks - $m->start_decrypt($key, $iv); - my $plaintext = ''; - $plaintext .= $m->add($some_ciphertext); - $plaintext .= $m->add($more_ciphertext); + # in decrypt mode + my $ciphertext = $m->add($plaintext); =head1 SEE ALSO =over -=item * L, L +=item * L, L -=item * L, L, ... +=item * L, L, ... -=item * L +=item * L =back + +=cut diff --git a/lib/Crypt/PK.pm b/lib/Crypt/PK.pm index c240ab4..77d4fdf 100644 --- a/lib/Crypt/PK.pm +++ b/lib/Crypt/PK.pm @@ -2,7 +2,7 @@ package Crypt::PK; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use Carp; @@ -24,10 +24,10 @@ sub _ssh_parse { 1; -__END__ +=pod =head1 NAME Crypt::PK - [internal only] -=cut \ No newline at end of file +=cut diff --git a/lib/Crypt/PK/DH.pm b/lib/Crypt/PK/DH.pm index 445aea4..8455716 100644 --- a/lib/Crypt/PK/DH.pm +++ b/lib/Crypt/PK/DH.pm @@ -2,17 +2,17 @@ package Crypt::PK::DH; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; -our %EXPORT_TAGS = ( all => [qw( dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_sign_hash dh_verify_hash dh_shared_secret )] ); +our %EXPORT_TAGS = ( all => [qw( dh_shared_secret )] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use Carp; use CryptX; use Crypt::Digest 'digest_data'; -use Crypt::Misc qw(read_rawfile); +use Crypt::Misc qw(read_rawfile pem_to_der); my %DH_PARAMS = ( ike768 => { g => 2, p => 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1'. @@ -168,10 +168,8 @@ my %DH_PARAMS = ( ); sub new { - my ($class, $f) = @_; - my $self = _new(); - $self->import_key($f) if $f; - return $self; + my $self = shift->_new(); + return @_ > 0 ? $self->import_key(@_) : $self; } sub import_key { @@ -215,107 +213,35 @@ sub import_key_raw { croak "FATAL: invalid key type '$type'"; } my $rv = $self->_import_raw($raw_bytes, $type, $g, $p); - croak "FATAL: invalid public key" unless $self->_is_pubkey_valid; return $rv; } -sub encrypt { - my ($self, $data, $hash_name) = @_; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - return $self->_encrypt($data, $hash_name); -} - -sub decrypt { - my ($self, $data) = @_; - return $self->_decrypt($data); -} - -sub sign_message { - my ($self, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_sign($data_hash); -} - -sub verify_message { - my ($self, $sig, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_verify($sig, $data_hash); -} - -sub sign_hash { - my ($self, $data_hash) = @_; - return $self->_sign($data_hash); -} - -sub verify_hash { - my ($self, $sig, $data_hash) = @_; - return $self->_verify($sig, $data_hash); -} - sub generate_key { - my ($key,$param) = @_; + my ($self, $param) = @_; if (!ref $param) { - if (my $dhparam = $DH_PARAMS{$param}) { - $param = $dhparam; - } else { - croak "FATAL: invalid key length" unless ($param >= 96 || $param <= 512); - return $key->_generate_key($param); - } + # group name + return $self->_generate_key_gp($DH_PARAMS{$param}{g}, $DH_PARAMS{$param}{p}) if $DH_PARAMS{$param}; + # size + return $self->_generate_key_size($param) if $param && $param =~ /^[0-9]+/; } - my $g = $param->{g} or croak "FATAL: 'g' param not specified"; - my $p = $param->{p} or croak "FATAL: 'p' param not specified"; - $g =~ s/^0x//; - $p =~ s/^0x//; - return $key->_generate_key_ex($g, $p); + elsif (ref $param eq 'SCALAR') { + my $data = $$param; + $data = pem_to_der($data) if $data =~ /-----BEGIN DH PARAMETERS-----\s*(.+)\s*-----END DH PARAMETERS-----/s; + return $self->_generate_key_dhparam($data); + } + elsif (ref $param eq 'HASH') { + my $g = $param->{g} or croak "FATAL: 'g' param not specified"; + my $p = $param->{p} or croak "FATAL: 'p' param not specified"; + $g =~ s/^0x//; + $p =~ s/^0x//; + return $self->_generate_key_gp($g, $p); + } + croak "FATAL: DH generate_key - invalid args"; } ### FUNCTIONS -sub dh_encrypt { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->encrypt(@_); -} - -sub dh_decrypt { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->decrypt(@_); -} - -sub dh_sign_message { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->sign_message(@_); -} - -sub dh_verify_message { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->verify_message(@_); -} - -sub dh_sign_hash { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->sign_hash(@_); -} - -sub dh_verify_hash { - my $key = shift; - $key = __PACKAGE__->new($key) unless ref $key; - carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; - return $key->verify_hash(@_); -} - sub dh_shared_secret { my ($privkey, $pubkey) = @_; $privkey = __PACKAGE__->new($privkey) unless ref $privkey; @@ -327,6 +253,21 @@ sub dh_shared_secret { sub CLONE_SKIP { 1 } # prevent cloning +### DEPRECATED functions/methods + +sub encrypt { croak "Crypt::DH::encrypt is deprecated (removed in v0.049)" } +sub decrypt { croak "Crypt::DH::decrypt is deprecated (removed in v0.049)" } +sub sign_message { croak "Crypt::DH::sign_message is deprecated (removed in v0.049)" } +sub verify_message { croak "Crypt::DH::verify_message is deprecated (removed in v0.049)" } +sub sign_hash { croak "Crypt::DH::sign_hash is deprecated (removed in v0.049)" } +sub verify_hash { croak "Crypt::DH::verify_hash is deprecated (removed in v0.049)" } +sub dh_encrypt { croak "Crypt::DH::dh_encrypt is deprecated (removed in v0.049)" } +sub dh_decrypt { croak "Crypt::DH::dh_decrypt is deprecated (removed in v0.049)" } +sub dh_sign_message { croak "Crypt::DH::dh_sign_message is deprecated (removed in v0.049)" } +sub dh_verify_message { croak "Crypt::DH::dh_verify_message is deprecated (removed in v0.049)" } +sub dh_sign_hash { croak "Crypt::DH::dh_sign_hash is deprecated (removed in v0.049)" } +sub dh_verify_hash { croak "Crypt::DH::dh_verify_hash is deprecated (removed in v0.049)" } + 1; =pod @@ -339,22 +280,6 @@ Crypt::PK::DH - Public key cryptography based on Diffie-Hellman ### OO interface - #Encryption: Alice - my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key'); - my $ct = $pub->encrypt("secret message"); - # - #Encryption: Bob (received ciphertext $ct) - my $priv = Crypt::PK::DH->new('Bob_priv_dh1.key'); - my $pt = $priv->decrypt($ct); - - #Signature: Alice - my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key'); - my $sig = $priv->sign_message($message); - # - #Signature: Bob (received $message + $sig) - my $pub = Crypt::PK::DH->new('Alice_pub_dh1.key'); - $pub->verify_message($sig, $message) or die "ERROR"; - #Shared secret my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key'); my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key'); @@ -382,16 +307,6 @@ Crypt::PK::DH - Public key cryptography based on Diffie-Hellman ### Functional interface - #Encryption: Alice - my $ct = dh_encrypt('Bob_pub_dh1.key', "secret message"); - #Encryption: Bob (received ciphertext $ct) - my $pt = dh_decrypt('Bob_priv_dh1.key', $ct); - - #Signature: Alice - my $sig = dh_sign_message('Alice_priv_dh1.key', $message); - #Signature: Bob (received $message + $sig) - dh_verify_message('Alice_pub_dh1.key', $sig, $message) or die "ERROR"; - #Shared secret my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key'); @@ -410,34 +325,37 @@ Crypt::PK::DH - Public key cryptography based on Diffie-Hellman Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from C (UNIX) or C (Win32). - $pk->generate_key($keysize); - ### $keysize (in bytes) corresponds to DH params (p, g) predefined by libtomcrypt + $pk->generate_key($groupsize); + ### $groupsize (in bytes) corresponds to DH parameters (p, g) predefined by libtomcrypt # 96 => DH-768 # 128 => DH-1024 - # 160 => DH-1280 # 192 => DH-1536 - # 224 => DH-1792 # 256 => DH-2048 - # 320 => DH-2560 # 384 => DH-3072 # 512 => DH-4096 + # 768 => DH-6144 + # 1024 => DH-8192 The following variants are available since CryptX-0.032 - $pk->generate_key($name) - ### $name corresponds to values defined in RFC7296 and RFC3526 - # ike768 => 768-bit MODP (Group 1) - # ike1024 => 1024-bit MODP (Group 2) - # ike1536 => 1536-bit MODP (Group 5) - # ike2048 => 2048-bit MODP (Group 14) - # ike3072 => 3072-bit MODP (Group 15) - # ike4096 => 4096-bit MODP (Group 16) - # ike6144 => 6144-bit MODP (Group 17) - # ike8192 => 8192-bit MODP (Group 18) + $pk->generate_key($groupname) + ### $groupname corresponds to values defined in RFC7296 and RFC3526 + # 'ike768' => 768-bit MODP (Group 1) + # 'ike1024' => 1024-bit MODP (Group 2) + # 'ike1536' => 1536-bit MODP (Group 5) + # 'ike2048' => 2048-bit MODP (Group 14) + # 'ike3072' => 3072-bit MODP (Group 15) + # 'ike4096' => 4096-bit MODP (Group 16) + # 'ike6144' => 6144-bit MODP (Group 17) + # 'ike8192' => 8192-bit MODP (Group 18) $pk->generate_key($param_hash) - ## $param_hash is { g => $g, p => $p } - ## where $g is the generator (base) in a hex string and $p is the prime in a hex string + # $param_hash is { g => $g, p => $p } + # where $g is the generator (base) in a hex string and $p is the prime in a hex string + + $pk->generate_key(\$dh_param) + # $dh_param is the content of DER or PEM file with DH parameters + # e.g. openssl dhparam 2048 =head2 import_key @@ -459,6 +377,8 @@ I =head2 export_key +B DH key format change - since v0.049 it is compatible with libtomcrypt 1.18. + my $private = $pk->export_key('private'); #or my $public = $pk->export_key('public'); @@ -471,48 +391,6 @@ I #or $raw_bytes = $dh->export_key_raw('private') -=head2 encrypt - - my $pk = Crypt::PK::DH->new($pub_key_filename); - my $ct = $pk->encrypt($message); - #or - my $ct = $pk->encrypt($message, $hash_name); - - #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest - -=head2 decrypt - - my $pk = Crypt::PK::DH->new($priv_key_filename); - my $pt = $pk->decrypt($ciphertext); - -=head2 sign_message - - my $pk = Crypt::PK::DH->new($priv_key_filename); - my $signature = $priv->sign_message($message); - #or - my $signature = $priv->sign_message($message, $hash_name); - - #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest - -=head2 verify_message - - my $pk = Crypt::PK::DH->new($pub_key_filename); - my $valid = $pub->verify_message($signature, $message) - #or - my $valid = $pub->verify_message($signature, $message, $hash_name); - - #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest - -=head2 sign_hash - - my $pk = Crypt::PK::DH->new($priv_key_filename); - my $signature = $priv->sign_hash($message_hash); - -=head2 verify_hash - - my $pk = Crypt::PK::DH->new($pub_key_filename); - my $valid = $pub->verify_hash($signature, $message_hash); - =head2 shared_secret # Alice having her priv key $pk and Bob's public key $pkb @@ -565,65 +443,6 @@ I =head1 FUNCTIONS -=head2 dh_encrypt - -DH based encryption as implemented by libtomcrypt. See method L below. - - my $ct = dh_encrypt($pub_key_filename, $message); - #or - my $ct = dh_encrypt(\$buffer_containing_pub_key, $message); - #or - my $ct = dh_encrypt($pub_key_filename, $message, $hash_name); - - #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest - -Encryption works similar to the L encryption whereas shared DH key is computed, and -the hash of the shared key XOR'ed against the plaintext forms the ciphertext. - -=head2 dh_decrypt - -DH based decryption as implemented by libtomcrypt. See method L below. - - my $pt = dh_decrypt($priv_key_filename, $ciphertext); - #or - my $pt = dh_decrypt(\$buffer_containing_priv_key, $ciphertext); - -=head2 dh_sign_message - -Generate DH signature as implemented by libtomcrypt. See method L below. - - my $sig = dh_sign_message($priv_key_filename, $message); - #or - my $sig = dh_sign_message(\$buffer_containing_priv_key, $message); - #or - my $sig = dh_sign_message($priv_key, $message, $hash_name); - -=head2 dh_verify_message - -Verify DH signature as implemented by libtomcrypt. See method L below. - - dh_verify_message($pub_key_filename, $signature, $message) or die "ERROR"; - #or - dh_verify_message(\$buffer_containing_pub_key, $signature, $message) or die "ERROR"; - #or - dh_verify_message($pub_key, $signature, $message, $hash_name) or die "ERROR"; - -=head2 dh_sign_hash - -Generate DH signature as implemented by libtomcrypt. See method L below. - - my $sig = dh_sign_hash($priv_key_filename, $message_hash); - #or - my $sig = dh_sign_hash(\$buffer_containing_priv_key, $message_hash); - -=head2 dh_verify_hash - -Verify DH signature as implemented by libtomcrypt. See method L below. - - dh_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR"; - #or - dh_verify_hash(\$buffer_containing_pub_key, $signature, $message_hash) or die "ERROR"; - =head2 dh_shared_secret DH based shared secret generation. See method L below. @@ -634,6 +453,24 @@ DH based shared secret generation. See method L below. #on Bob side my $shared_secret = dh_shared_secret('Bob_priv_dh1.key', 'Alice_pub_dh1.key'); +=head1 DEPRECATED INTERFACE + +The following functions/methods were removed in removed in v0.049: + + encrypt + decrypt + sign_message + verify_message + sign_hash + verify_hash + + dh_encrypt + dh_decrypt + dh_sign_message + dh_verify_message + dh_sign_hash + dh_verify_hash + =head1 SEE ALSO =over @@ -641,3 +478,5 @@ DH based shared secret generation. See method L below. =item * L =back + +=cut diff --git a/lib/Crypt/PK/DSA.pm b/lib/Crypt/PK/DSA.pm index 79cbcdf..342f132 100644 --- a/lib/Crypt/PK/DSA.pm +++ b/lib/Crypt/PK/DSA.pm @@ -2,7 +2,7 @@ package Crypt::PK::DSA; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash )] ); @@ -10,16 +10,36 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use Carp; -use CryptX qw(_encode_json _decode_json); +$Carp::Internal{(__PACKAGE__)}++; +use CryptX; use Crypt::Digest 'digest_data'; use Crypt::Misc qw(read_rawfile encode_b64u decode_b64u encode_b64 decode_b64 pem_to_der der_to_pem); use Crypt::PK; sub new { - my ($class, $f, $p) = @_; - my $self = _new(); - $self->import_key($f, $p) if $f; - return $self; + my $self = shift->_new(); + return @_ > 0 ? $self->import_key(@_) : $self; +} + +sub generate_key { + my $self = shift; + return $self->_generate_key_size(@_) if @_ == 2; + if (@_ == 1 && ref $_[0] eq 'HASH') { + my $param = shift; + my $p = $param->{p} or croak "FATAL: 'p' param not specified"; + my $q = $param->{q} or croak "FATAL: 'q' param not specified"; + my $g = $param->{g} or croak "FATAL: 'g' param not specified"; + $p =~ s/^0x//; + $q =~ s/^0x//; + $g =~ s/^0x//; + return $self->_generate_key_pqg_hex($p, $q, $g); + } + elsif (@_ == 1 && ref $_[0] eq 'SCALAR') { + my $data = ${$_[0]}; + $data = pem_to_der($data) if $data =~ /-----BEGIN DSA PARAMETERS-----\s*(.+)\s*-----END DSA PARAMETERS-----/s; + return $self->_generate_key_dsaparam($data); + } + croak "FATAL: DSA generate_key - invalid args"; } sub export_key_pem { @@ -75,55 +95,11 @@ sub import_key { croak "FATAL: invalid or unsupported DSA key format"; } -sub encrypt { - my ($self, $data, $hash_name) = @_; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - return $self->_encrypt($data, $hash_name); -} - -sub decrypt { - my ($self, $data) = @_; - return $self->_decrypt($data); -} - -sub _truncate { - my ($self, $hash) = @_; - ### section 4.6 of FIPS 186-4 - # let N be the bit length of q - # z = the leftmost min(N, outlen) bits of Hash(M). - my $q = $self->size_q; # = size in bytes - return $hash if $q >= length($hash); - return substr($hash, 0, $q); -} - -sub sign_message { - my ($self, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_sign($self->_truncate($data_hash)); -} - -sub verify_message { - my ($self, $sig, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_verify($sig, $self->_truncate($data_hash)); -} - -sub sign_hash { - my ($self, $data_hash) = @_; - return $self->_sign($self->_truncate($data_hash)); -} - -sub verify_hash { - my ($self, $sig, $data_hash) = @_; - return $self->_verify($sig, $self->_truncate($data_hash)); -} - ### FUNCTIONS sub dsa_encrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->encrypt(@_); @@ -131,6 +107,7 @@ sub dsa_encrypt { sub dsa_decrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->decrypt(@_); @@ -138,6 +115,7 @@ sub dsa_decrypt { sub dsa_sign_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_message(@_); @@ -145,6 +123,7 @@ sub dsa_sign_message { sub dsa_verify_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_message(@_); @@ -152,6 +131,7 @@ sub dsa_verify_message { sub dsa_sign_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_hash(@_); @@ -159,6 +139,7 @@ sub dsa_sign_hash { sub dsa_verify_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_hash(@_); @@ -252,6 +233,14 @@ random data taken from C (UNIX) or C (Win32). # L = 2048, N = 256 => generate_key(32, 256) # L = 3072, N = 256 => generate_key(32, 384) + $pk->generate_key($param_hash) + # $param_hash is { d => $d, p => $p, q => $q } + # where $d, $p, $q are hex strings + + $pk->generate_key(\$dsa_param) + # $dsa_param is the content of DER or PEM file with DSA params + # e.g. openssl dsaparam 2048 + =head2 import_key Loads private or public key in DER or PEM format. @@ -444,7 +433,12 @@ Support for password protected PEM keys =head2 size my $size = $pk->size; - # returns key size in bytes or undef if no key loaded + # returns key size (length of the prime p) in bytes or undef if key not loaded + +=head2 size_q + + my $size = $pk->size_q; + # returns length of the prime q in bytes or undef if key not loaded =head2 key2hash @@ -540,10 +534,10 @@ Verify signature (Perl code): use Crypt::PK::DSA; use Crypt::Digest 'digest_file'; - use File::Slurp 'read_file'; + use Crypt::Misc 'read_rawfile'; my $pkdsa = Crypt::PK::DSA->new("dsakey.pub.pem"); - my $signature = read_file("input.sha1-dsa.sig", binmode=>':raw'); + my $signature = read_rawfile("input.sha1-dsa.sig"); my $valid = $pkdsa->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5"); print $valid ? "SUCCESS" : "FAILURE"; @@ -553,11 +547,11 @@ Create signature (Perl code): use Crypt::PK::DSA; use Crypt::Digest 'digest_file'; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkdsa = Crypt::PK::DSA->new("dsakey.priv.pem"); my $signature = $pkdsa->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5"); - write_file("input.sha1-dsa.sig", {binmode=>':raw'}, $signature); + write_rawfile("input.sha1-dsa.sig", $signature); Verify signature (from commandline): @@ -568,15 +562,15 @@ Verify signature (from commandline): Generate keys (Perl code): use Crypt::PK::DSA; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkdsa = Crypt::PK::DSA->new; $pkdsa->generate_key(20, 128); - write_file("dsakey.pub.der", {binmode=>':raw'}, $pkdsa->export_key_der('public')); - write_file("dsakey.priv.der", {binmode=>':raw'}, $pkdsa->export_key_der('private')); - write_file("dsakey.pub.pem", $pkdsa->export_key_pem('public_x509')); - write_file("dsakey.priv.pem", $pkdsa->export_key_pem('private')); - write_file("dsakey-passwd.priv.pem", $pkdsa->export_key_pem('private', 'secret')); + write_rawfile("dsakey.pub.der", $pkdsa->export_key_der('public')); + write_rawfile("dsakey.priv.der", $pkdsa->export_key_der('private')); + write_rawfile("dsakey.pub.pem", $pkdsa->export_key_pem('public_x509')); + write_rawfile("dsakey.priv.pem", $pkdsa->export_key_pem('private')); + write_rawfile("dsakey-passwd.priv.pem", $pkdsa->export_key_pem('private', 'secret')); Use keys by OpenSSL: @@ -599,7 +593,6 @@ Generate keys: Load keys (Perl code): use Crypt::PK::DSA; - use File::Slurp 'write_file'; my $pkdsa = Crypt::PK::DSA->new; $pkdsa->import_key("dsakey.pub.der"); @@ -615,3 +608,5 @@ Load keys (Perl code): =item * L =back + +=cut diff --git a/lib/Crypt/PK/ECC.pm b/lib/Crypt/PK/ECC.pm index 58f1d7a..11f9618 100644 --- a/lib/Crypt/PK/ECC.pm +++ b/lib/Crypt/PK/ECC.pm @@ -2,7 +2,7 @@ package Crypt::PK::ECC; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret )] ); @@ -10,429 +10,177 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use Carp; -use CryptX qw(_encode_json _decode_json); +$Carp::Internal{(__PACKAGE__)}++; +use CryptX; use Crypt::Digest qw(digest_data digest_data_b64u); use Crypt::Misc qw(read_rawfile encode_b64u decode_b64u encode_b64 decode_b64 pem_to_der der_to_pem); use Crypt::PK; our %curve = ( - ### http://www.ecc-brainpool.org/download/Domain-parameters.pdf (v1.0 19.10.2005) - brainpoolp160r1 => { - oid => '1.3.36.3.3.2.8.1.1.1', - prime => "E95E4A5F737059DC60DFC7AD95B3D8139515620F", - A => "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", - B => "1E589A8595423412134FAA2DBDEC95C8D8675E58", - Gx => "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", - Gy => "1667CB477A1A8EC338F94741669C976316DA6321", - order => "E95E4A5F737059DC60DF5991D45029409E60FC09", - cofactor => 1, + # extra curves not recognized by libtomcrypt + 'wap-wsg-idm-ecid-wtls8' => { + prime => "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", + A => "0000000000000000000000000000", + B => "0000000000000000000000000003", + order => "0100000000000001ECEA551AD837E9", + Gx => "0000000000000000000000000001", + Gy => "0000000000000000000000000002", + cofactor => 1, + oid => '2.23.43.1.4.8', }, - brainpoolp192r1 => { - oid => '1.3.36.3.3.2.8.1.1.3', - prime => "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", - A => "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", - B => "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", - Gx => "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", - Gy => "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", - order => "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", - cofactor => 1, - }, - brainpoolp224r1 => { - oid => '1.3.36.3.3.2.8.1.1.5', - prime => "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", - A => "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", - B => "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", - Gx => "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", - Gy => "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", - order => "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", - cofactor => 1, - }, - brainpoolp256r1 => { - oid => '1.3.36.3.3.2.8.1.1.7', - prime => "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", - A => "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", - B => "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", - Gx => "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", - Gy => "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", - order => "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", - cofactor => 1, - }, - brainpoolp320r1 => { - oid => '1.3.36.3.3.2.8.1.1.9', - prime => "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", - A => "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", - B => "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", - Gx => "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", - Gy => "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", - order => "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", - cofactor => 1, - }, - brainpoolp384r1 => { - oid => '1.3.36.3.3.2.8.1.1.11', - prime => "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", - A => "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", - B => "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", - Gx => "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", - Gy => "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", - order => "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", - cofactor => 1, - }, - brainpoolp512r1 => { - oid => '1.3.36.3.3.2.8.1.1.13', - prime => "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", - A => "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", - B => "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", - Gx => "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", - Gy => "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", - order => "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", - cofactor => 1, - }, - ### http://www.secg.org/collateral/sec2_final.pdf (September 20, 2000 - Version 1.0) - secp112r1 => { - oid => '1.3.132.0.6', - prime => "DB7C2ABF62E35E668076BEAD208B", - A => "DB7C2ABF62E35E668076BEAD2088", - B => "659EF8BA043916EEDE8911702B22", - Gx => "09487239995A5EE76B55F9C2F098", - Gy => "A89CE5AF8724C0A23E0E0FF77500", - order => "DB7C2ABF62E35E7628DFAC6561C5", - cofactor => 1, - }, - secp112r2 => { - oid => '1.3.132.0.7', - prime => "DB7C2ABF62E35E668076BEAD208B", - A => "6127C24C05F38A0AAAF65C0EF02C", - B => "51DEF1815DB5ED74FCC34C85D709", - Gx => "4BA30AB5E892B4E1649DD0928643", - Gy => "ADCD46F5882E3747DEF36E956E97", - order => "36DF0AAFD8B8D7597CA10520D04B", - cofactor => 4, - }, - secp128r1 => { - oid => '1.3.132.0.28', - prime => "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - A => "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", - B => "E87579C11079F43DD824993C2CEE5ED3", - Gx => "161FF7528B899B2D0C28607CA52C5B86", - Gy => "CF5AC8395BAFEB13C02DA292DDED7A83", - order => "FFFFFFFE0000000075A30D1B9038A115", - cofactor => 1, - }, - secp128r2 => { - oid => '1.3.132.0.29', - prime => "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - A => "D6031998D1B3BBFEBF59CC9BBFF9AEE1", - B => "5EEEFCA380D02919DC2C6558BB6D8A5D", - Gx => "7B6AA5D85E572983E6FB32A7CDEBC140", - Gy => "27B6916A894D3AEE7106FE805FC34B44", - order => "3FFFFFFF7FFFFFFFBE0024720613B5A3", - cofactor => 4, - }, - secp160k1 => { - oid => '1.3.132.0.9', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", - A => "0000000000000000000000000000000000000000", - B => "0000000000000000000000000000000000000007", - Gx => "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", - Gy => "938CF935318FDCED6BC28286531733C3F03C4FEE", - order => "0100000000000000000001B8FA16DFAB9ACA16B6B3", - cofactor => 1, - }, - secp160r1 => { - oid => '1.3.132.0.8', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", - A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", - B => "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", - Gx => "4A96B5688EF573284664698968C38BB913CBFC82", - Gy => "23A628553168947D59DCC912042351377AC5FB32", - order => "0100000000000000000001F4C8F927AED3CA752257", - cofactor => 1, - }, - secp160r2 => { - oid => '1.3.132.0.30', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", - A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", - B => "B4E134D3FB59EB8BAB57274904664D5AF50388BA", - Gx => "52DCB034293A117E1F4FF11B30F7199D3144CE6D", - Gy => "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", - order => "0100000000000000000000351EE786A818F3A1A16B", - cofactor => 1, - }, - secp192k1 => { - oid => '1.3.132.0.31', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", - A => "000000000000000000000000000000000000000000000000", - B => "000000000000000000000000000000000000000000000003", - Gx => "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", - Gy => "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", - order => "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", - cofactor => 1, - }, - secp192r1 => { # == NIST P-192, X9.62 prime192v1 - oid => '1.2.840.10045.3.1.1', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", - B => "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", - Gx => "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", - Gy => "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", - order => "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", - cofactor => 1, - }, - secp224k1 => { - oid => '1.3.132.0.32', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", - A => "00000000000000000000000000000000000000000000000000000000", - B => "00000000000000000000000000000000000000000000000000000005", - Gx => "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", - Gy => "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", - order => "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", - cofactor => 1, - }, - secp224r1 => { # == NIST P-224 - oid => '1.3.132.0.33', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", - A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", - B => "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", - Gx => "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", - Gy => "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", - order => "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", - cofactor => 1, - }, - secp256k1 => { - oid => '1.3.132.0.10', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", - A => "0000000000000000000000000000000000000000000000000000000000000000", - B => "0000000000000000000000000000000000000000000000000000000000000007", - Gx => "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", - Gy => "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", - order => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", - cofactor => 1, - }, - secp256r1 => { # == NIST P-256, X9.62 prime256v1 - oid => '1.2.840.10045.3.1.7', - prime => "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", - A => "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", - B => "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", - Gx => "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", - Gy => "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", - order => "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", - cofactor => 1, - }, - secp384r1 => { # == NIST P-384 - oid => '1.3.132.0.34', - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", - A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", - B => "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", - Gx => "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", - Gy => "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", - order => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", - cofactor => 1, - }, - secp521r1 => { # == NIST P-521 - oid => '1.3.132.0.35', - prime => "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", - A => "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", - B => "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", - Gx => "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", - Gy => "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", - order => "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", - cofactor => 1 - }, - ### http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf (July 2013) - nistp192 => { # == secp192r1, X9.62 prime192v1 - oid => '1.2.840.10045.3.1.1', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', - B => '64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1', - Gx => '188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012', - Gy => '07192B95FFC8DA78631011ED6B24CDD573F977A11E794811', - order => 'FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831', - cofactor => 1, - }, - nistp224 => { # == secp224r1 - oid => '1.3.132.0.33', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE', - B => 'B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4', - Gx => 'B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21', - Gy => 'BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34', - order => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D', - cofactor => 1, - }, - nistp256 => { # == secp256r1, X9.62 prime256v1 - oid => '1.2.840.10045.3.1.7', - prime => 'FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', - A => 'FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC', - B => '5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B', - Gx => '6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296', - Gy => '4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5', - order => 'FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551', - cofactor => 1, - }, - nistp384 => { # == secp384r1 - oid => '1.3.132.0.34', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC', - B => 'B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF', - Gx => 'AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7', - Gy => '3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F', - order => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973', - cofactor => 1, - }, - nistp521 => { # == secp521r1 - oid => '1.3.132.0.35', - prime => '1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF', - A => '1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC', - B => '051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00', - Gx => '0C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66', - Gy => '11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650', - order => '1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409', - cofactor => 1, - }, - ### ANS X9.62 elliptic curves - http://www.flexiprovider.de/CurvesGfpX962.html - prime192v1 => { # == secp192r1, NIST P-192 - oid => '1.2.840.10045.3.1.1', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', - B => '64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1', - Gx => '188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012', - Gy => '07192B95FFC8DA78631011ED6B24CDD573F977A11E794811', - order => 'FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831', - cofactor => 1, - }, - prime192v2 => { - oid => '1.2.840.10045.3.1.2', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', - B => 'CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953', - Gx => 'EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A', - Gy => '6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15', - order => 'FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31', - cofactor => 1 - }, - prime192v3 => { - oid => '1.2.840.10045.3.1.3', - prime => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF', - A => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC', - B => '22123DC2395A05CAA7423DAECCC94760A7D462256BD56916', - Gx => '7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896', - Gy => '38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0', - order => 'FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13', - cofactor => 1, - }, - prime239v1 => { - oid => '1.2.840.10045.3.1.4', - prime => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', - A => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', - B => '6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A', - Gx => '0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF', - Gy => '7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE', - order => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B', - cofactor => 1, - }, - prime239v2 => { - oid => '1.2.840.10045.3.1.5', - prime => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', - A => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', - B => '617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C', - Gx => '38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7', - Gy => '5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA', - order => '7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063', - cofactor => 1, - }, - prime239v3 => { - oid => '1.2.840.10045.3.1.6', - prime => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF', - A => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC', - B => '255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E', - Gx => '6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A', - Gy => '1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3', - order => '7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551', - cofactor => 1, - }, - prime256v1 => { # == secp256r1, NIST P-256 - oid => '1.2.840.10045.3.1.7', - prime => 'FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', - A => 'FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC', - B => '5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B', - Gx => '6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296', - Gy => '4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5', - order => 'FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551', - cofactor => 1, + 'wap-wsg-idm-ecid-wtls9' => { + prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", + A => "0000000000000000000000000000000000000000", + B => "0000000000000000000000000000000000000003", + order => "0100000000000000000001CDC98AE0E2DE574ABF33", + Gx => "0000000000000000000000000000000000000001", + Gy => "0000000000000000000000000000000000000002", + cofactor => 1, + oid => '2.23.43.1.4.9', }, ); -my %jwkcrv = ( - 'P-192' => 'secp192r1', - 'P-224' => 'secp224r1', - 'P-256' => 'secp256r1', - 'P-384' => 'secp384r1', - 'P-521' => 'secp521r1', +my %jwk2curve = ( + 'P-192' => 'secp192r1', + 'P-224' => 'secp224r1', + 'P-256' => 'secp256r1', + 'P-384' => 'secp384r1', + 'P-521' => 'secp521r1', +); + +my %curve2jwk = ( + '1.2.840.10045.3.1.1' => 'P-192', # secp192r1 + '1.3.132.0.33' => 'P-224', # secp224r1 + '1.2.840.10045.3.1.7' => 'P-256', # secp256r1 + '1.3.132.0.34' => 'P-384', # secp384r1 + '1.3.132.0.35' => 'P-521', # secp521r1 + 'nistp192' => 'P-192', + 'nistp224' => 'P-224', + 'nistp256' => 'P-256', + 'nistp384' => 'P-384', + 'nistp521' => 'P-521', + 'prime192v1' => 'P-192', + 'prime256v1' => 'P-256', + 'secp192r1' => 'P-192', + 'secp224r1' => 'P-224', + 'secp256r1' => 'P-256', + 'secp384r1' => 'P-384', + 'secp521r1' => 'P-521', +); + +our %curve2ltc = ( # must be "our" as we use it from XS code + # OIDs + "1.2.840.10045.3.1.1" => "SECP192R1", + "1.2.840.10045.3.1.2" => "PRIME192V2", + "1.2.840.10045.3.1.3" => "PRIME192V3", + "1.2.840.10045.3.1.4" => "PRIME239V1", + "1.2.840.10045.3.1.5" => "PRIME239V2", + "1.2.840.10045.3.1.6" => "PRIME239V3", + "1.2.840.10045.3.1.7" => "SECP256R1", + "1.3.132.0.10" => "SECP256K1", + "1.3.132.0.28" => "SECP128R1", + "1.3.132.0.29" => "SECP128R2", + "1.3.132.0.30" => "SECP160R2", + "1.3.132.0.31" => "SECP192K1", + "1.3.132.0.32" => "SECP224K1", + "1.3.132.0.33" => "SECP224R1", + "1.3.132.0.34" => "SECP384R1", + "1.3.132.0.35" => "SECP521R1", + "1.3.132.0.6" => "SECP112R1", + "1.3.132.0.7" => "SECP112R2", + "1.3.132.0.8" => "SECP160R1", + "1.3.132.0.9" => "SECP160K1", + "1.3.36.3.3.2.8.1.1.1" => "BRAINPOOLP160R1", + "1.3.36.3.3.2.8.1.1.11" => "BRAINPOOLP384R1", + "1.3.36.3.3.2.8.1.1.13" => "BRAINPOOLP512R1", + "1.3.36.3.3.2.8.1.1.3" => "BRAINPOOLP192R1", + "1.3.36.3.3.2.8.1.1.5" => "BRAINPOOLP224R1", + "1.3.36.3.3.2.8.1.1.7" => "BRAINPOOLP256R1", + "1.3.36.3.3.2.8.1.1.9" => "BRAINPOOLP320R1", + "1.3.36.3.3.2.8.1.1.10" => "BRAINPOOLP320T1", + "1.3.36.3.3.2.8.1.1.12" => "BRAINPOOLP384T1", + "1.3.36.3.3.2.8.1.1.14" => "BRAINPOOLP512T1", + "1.3.36.3.3.2.8.1.1.2" => "BRAINPOOLP160T1", + "1.3.36.3.3.2.8.1.1.4" => "BRAINPOOLP192T1", + "1.3.36.3.3.2.8.1.1.6" => "BRAINPOOLP224T1", + "1.3.36.3.3.2.8.1.1.8" => "BRAINPOOLP256T1", + # JWT names + "P-192" => "SECP192R1", + "P-224" => "SECP224R1", + "P-256" => "SECP256R1", + "P-384" => "SECP384R1", + "P-521" => "SECP521R1", + # openssl names + "brainpoolp160r1" => "BRAINPOOLP160R1", + "brainpoolp192r1" => "BRAINPOOLP192R1", + "brainpoolp224r1" => "BRAINPOOLP224R1", + "brainpoolp256r1" => "BRAINPOOLP256R1", + "brainpoolp320r1" => "BRAINPOOLP320R1", + "brainpoolp384r1" => "BRAINPOOLP384R1", + "brainpoolp512r1" => "BRAINPOOLP512R1", + "brainpoolp160t1" => "BRAINPOOLP160T1", + "brainpoolp192t1" => "BRAINPOOLP192T1", + "brainpoolp224t1" => "BRAINPOOLP224T1", + "brainpoolp256t1" => "BRAINPOOLP256T1", + "brainpoolp320t1" => "BRAINPOOLP320T1", + "brainpoolp384t1" => "BRAINPOOLP384T1", + "brainpoolp512t1" => "BRAINPOOLP512T1", + "nistp192" => "SECP192R1", + "nistp224" => "SECP224R1", + "nistp256" => "SECP256R1", + "nistp384" => "SECP384R1", + "nistp521" => "SECP521R1", + "prime192v1" => "SECP192R1", + "prime192v2" => "PRIME192V2", + "prime192v3" => "PRIME192V3", + "prime239v1" => "PRIME239V1", + "prime239v2" => "PRIME239V2", + "prime239v3" => "PRIME239V3", + "prime256v1" => "SECP256R1", + "secp112r1" => "SECP112R1", + "secp112r2" => "SECP112R2", + "secp128r1" => "SECP128R1", + "secp128r2" => "SECP128R2", + "secp160k1" => "SECP160K1", + "secp160r1" => "SECP160R1", + "secp160r2" => "SECP160R2", + "secp192k1" => "SECP192K1", + "secp192r1" => "SECP192R1", + "secp224k1" => "SECP224K1", + "secp224r1" => "SECP224R1", + "secp256k1" => "SECP256K1", + "secp256r1" => "SECP256R1", + "secp384r1" => "SECP384R1", + "secp521r1" => "SECP521R1", + "wap-wsg-idm-ecid-wtls6" => 'SECP112R1', + "wap-wsg-idm-ecid-wtls7" => 'SECP160R2', + "wap-wsg-idm-ecid-wtls12" => 'SECP224R1', ); sub _import_hex { my ($self, $x, $y, $k, $crv) = @_; - my $p = $curve{$crv}{prime}; - croak "FATAL: invalid or unknown curve" if !$p; - $p =~ s/^0+//; - my $hex_size = length($p) % 2 ? length($p) + 1 : length($p); - if ($k) { - $k =~ /^0+/; - croak "FATAL: too long private key (k)" if length($k) > $hex_size; - my $priv_hex = "0" x ($hex_size - length($k)) . $k; - return $self->import_key_raw(pack("H*", $priv_hex), $crv); + croak "FATAL: no curve" if !$crv; + if (defined $k && length($k) > 0) { + croak "FATAL: invalid length (k)" if length($k) % 2; + return $self->import_key_raw(pack("H*", $k), $crv); } - elsif ($x && $y) { - $x =~ /^0+/; - $y =~ /^0+/; - croak "FATAL: too long public key (x)" if length($x) > $hex_size; - croak "FATAL: too long public key (y)" if length($y) > $hex_size; - my $pub_hex = "04" . ("0" x ($hex_size - length($x))) . $x . ("0" x ($hex_size - length($y))) . $y; + elsif (defined $x && defined $y) { + croak "FATAL: invalid length (x)" if length($x) % 2; + croak "FATAL: invalid length (y)" if length($y) % 2; + croak "FATAL: invalid length (x,y)" if length($y) != length($x); + my $pub_hex = "04" . $x . $y; return $self->import_key_raw(pack("H*", $pub_hex), $crv); } } -sub _curve_name_lookup { - my ($self, $key) = @_; - - return $key->{curve_name} if $key->{curve_name} && exists $curve{$key->{curve_name}}; - - defined(my $A = $key->{curve_A}) or return; - defined(my $B = $key->{curve_B}) or return; - defined(my $Gx = $key->{curve_Gx}) or return; - defined(my $Gy = $key->{curve_Gy}) or return; - defined(my $order = $key->{curve_order}) or return; - defined(my $prime = $key->{curve_prime}) or return; - defined(my $cofactor = $key->{curve_cofactor}) or return; - $A =~ s/^0+//; - $B =~ s/^0+//; - $Gx =~ s/^0+//; - $Gy =~ s/^0+//; - $order =~ s/^0+//; - $prime =~ s/^0+//; - - for my $k (sort keys %curve) { - (my $c_A = $curve{$k}{A} ) =~ s/^0+//; - (my $c_B = $curve{$k}{B} ) =~ s/^0+//; - (my $c_Gx = $curve{$k}{Gx} ) =~ s/^0+//; - (my $c_Gy = $curve{$k}{Gy} ) =~ s/^0+//; - (my $c_order = $curve{$k}{order} ) =~ s/^0+//; - (my $c_prime = $curve{$k}{prime} ) =~ s/^0+//; - my $c_cofactor = $curve{$k}{cofactor}; - return $k if $A eq $c_A && $B eq $c_B && $Gx eq $c_Gx && $Gy eq $c_Gy && - $order eq $c_order && $prime eq $c_prime && $cofactor == $c_cofactor; - } -} - sub new { - my ($class, $f, $p) = @_; - my $self = _new(); - $self->import_key($f, $p) if $f; - return $self; + my $self = shift->_new(); + return @_ > 0 ? $self->import_key(@_) : $self; } sub export_key_pem { my ($self, $type, $password, $cipher) = @_; + local $SIG{__DIE__} = \&CryptX::_croak; my $key = $self->export_key_der($type||''); return unless $key; return der_to_pem($key, "EC PRIVATE KEY", $password, $cipher) if substr($type, 0, 7) eq 'private'; @@ -441,13 +189,11 @@ sub export_key_pem { sub export_key_jwk { my ($self, $type, $wanthash) = @_; + local $SIG{__DIE__} = \&CryptX::_croak; my $kh = $self->key2hash; - my $curve = $self->_curve_name_lookup($kh); - $curve = 'P-192' if $curve =~ /(secp192r1|nistp192|prime192v1)/; - $curve = 'P-224' if $curve =~ /(secp224r1|nistp224)/; - $curve = 'P-256' if $curve =~ /(secp256r1|nistp256|prime256v1)/; - $curve = 'P-384' if $curve =~ /(secp384r1|nistp384)/; - $curve = 'P-521' if $curve =~ /(secp521r1|nistp521)/; + $kh->{curve_oid} = '' if !defined $kh->{curve_oid}; + $kh->{curve_name} = '' if !defined $kh->{curve_name}; + my $curve_jwt = $curve2jwk{$kh->{curve_oid}} || $curve2jwk{lc $kh->{curve_name}} || $kh->{curve_name}; if ($type && $type eq 'private') { return unless $kh->{pub_x} && $kh->{pub_y} && $kh->{k}; for (qw/pub_x pub_y k/) { @@ -456,12 +202,12 @@ sub export_key_jwk { # NOTE: x + y are not necessary in privkey # but they are used in https://tools.ietf.org/html/rfc7517#appendix-A.2 my $hash = { - kty => "EC", crv=>$curve, + kty => "EC", crv => $curve_jwt, x => encode_b64u(pack("H*", $kh->{pub_x})), y => encode_b64u(pack("H*", $kh->{pub_y})), d => encode_b64u(pack("H*", $kh->{k})), }; - return $wanthash ? $hash : _encode_json($hash); + return $wanthash ? $hash : CryptX::_encode_json($hash); } elsif ($type && $type eq 'public') { return unless $kh->{pub_x} && $kh->{pub_y}; @@ -469,33 +215,34 @@ sub export_key_jwk { $kh->{$_} = "0$kh->{$_}" if length($kh->{$_}) % 2; } my $hash = { - kty => "EC", crv=>$curve, + kty => "EC", crv => $curve_jwt, x => encode_b64u(pack("H*", $kh->{pub_x})), y => encode_b64u(pack("H*", $kh->{pub_y})), }; - return $wanthash ? $hash : _encode_json($hash); + return $wanthash ? $hash : CryptX::_encode_json($hash); } } sub export_key_jwk_thumbprint { my ($self, $hash_name) = @_; + local $SIG{__DIE__} = \&CryptX::_croak; $hash_name ||= 'SHA256'; my $h = $self->export_key_jwk('public', 1); - my $json = _encode_json({crv=>$h->{crv}, kty=>$h->{kty}, x=>$h->{x}, y=>$h->{y}}); + my $json = CryptX::_encode_json({crv=>$h->{crv}, kty=>$h->{kty}, x=>$h->{x}, y=>$h->{y}}); return digest_data_b64u($hash_name, $json); } sub import_key { my ($self, $key, $password) = @_; + local $SIG{__DIE__} = \&CryptX::_croak; croak "FATAL: undefined key" unless $key; # special case if (ref($key) eq 'HASH') { if (($key->{pub_x} && $key->{pub_y}) || $key->{k}) { # hash exported via key2hash - my $curve = $self->_curve_name_lookup($key); - croak "FATAL: invalid or unknown curve" if !$curve; - return $self->_import_hex($key->{pub_x}, $key->{pub_y}, $key->{k}, $curve); + my $curve_name = $key->{curve_name} || $key->{curve_oid}; + return $self->_import_hex($key->{pub_x}, $key->{pub_y}, $key->{k}, $curve_name); } if ($key->{crv} && $key->{kty} && $key->{kty} eq "EC" && ($key->{d} || ($key->{x} && $key->{y}))) { # hash with items corresponding to JSON Web Key (JWK) @@ -503,11 +250,11 @@ sub import_key { for (qw/x y d/) { $key->{$_} = eval { unpack("H*", decode_b64u($key->{$_})) } if exists $key->{$_}; } - if (my $curve = $jwkcrv{$key->{crv}}) { - return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $curve); + if (my $curve_name = $jwk2curve{$key->{crv}}) { + return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $curve_name); } # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) - return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, lc($key->{crv})); + return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $key->{crv}); } croak "FATAL: unexpected ECC key hash"; } @@ -530,27 +277,31 @@ sub import_key { } elsif ($data =~ /-----BEGIN PRIVATE KEY-----(.*?)-----END/sg) { $data = pem_to_der($data, $password); - return $self->_import_pkcs8($data); + return $self->_import_pkcs8($data, $password); } elsif ($data =~ /-----BEGIN ENCRYPTED PRIVATE KEY-----(.*?)-----END/sg) { - # XXX-TODO: pkcs#8 encrypted private key - croak "FATAL: encrypted pkcs8 EC private keys are not supported"; + $data = pem_to_der($data, $password); + return $self->_import_pkcs8($data, $password); } elsif ($data =~ /^\s*(\{.*?\})\s*$/s) { # JSON Web Key (JWK) - http://tools.ietf.org/html/draft-ietf-jose-json-web-key my $json = "$1"; - my $h = _decode_json($json); + my $h = CryptX::_decode_json($json); if ($h && $h->{kty} eq "EC") { for (qw/x y d/) { $h->{$_} = eval { unpack("H*", decode_b64u($h->{$_})) } if exists $h->{$_}; } - if (my $curve = $jwkcrv{$h->{crv}}) { - return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $curve); + if (my $curve_name = $jwk2curve{$h->{crv}}) { + return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $curve_name); } # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) - return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, lc($h->{crv})); + return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $h->{crv}); } } + elsif ($data =~ /-----BEGIN CERTIFICATE-----(.*?)-----END CERTIFICATE-----/sg) { + $data = pem_to_der($data); + return $self->_import_x509($data); + } elsif ($data =~ /---- BEGIN SSH2 PUBLIC KEY ----(.*?)---- END SSH2 PUBLIC KEY ----/sg) { $data = pem_to_der($data); my ($typ, $skip, $pubkey) = Crypt::PK::_ssh_parse($data); @@ -562,61 +313,12 @@ sub import_key { return $self->import_key_raw($pubkey, "$2") if $pubkey && $typ =~ /^ecdsa-(.+?)-(.*)$/; } else { - my $rv = eval { $self->_import($data) } || eval { $self->_import_pkcs8($data) }; + my $rv = eval { $self->_import($data) } || eval { $self->_import_pkcs8($data, $password) } || eval { $self->_import_x509($data) }; return $rv if $rv; } croak "FATAL: invalid or unsupported EC key format"; } -sub encrypt { - my ($self, $data, $hash_name) = @_; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - return $self->_encrypt($data, $hash_name); -} - -sub decrypt { - my ($self, $data) = @_; - return $self->_decrypt($data); -} - -sub sign_message { - my ($self, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_sign($data_hash); -} - -sub sign_message_rfc7518 { - my ($self, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_sign_rfc7518($data_hash); -} - -sub verify_message { - my ($self, $sig, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_verify($sig, $data_hash); -} - -sub verify_message_rfc7518 { - my ($self, $sig, $data, $hash_name) = @_; - $hash_name ||= 'SHA1'; - my $data_hash = digest_data($hash_name, $data); - return $self->_verify_rfc7518($sig, $data_hash); -} - -sub sign_hash { - my ($self, $data_hash) = @_; - return $self->_sign($data_hash); -} - -sub verify_hash { - my ($self, $sig, $data_hash) = @_; - return $self->_verify($sig, $data_hash); -} - sub curve2hash { my $self = shift; my $kh = $self->key2hash; @@ -627,7 +329,8 @@ sub curve2hash { Gx => $kh->{curve_Gx}, Gy => $kh->{curve_Gy}, cofactor => $kh->{curve_cofactor}, - order => $kh->{curve_order} + order => $kh->{curve_order}, + oid => $kh->{curve_oid}, }; } @@ -635,6 +338,7 @@ sub curve2hash { sub ecc_encrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->encrypt(@_); @@ -642,6 +346,7 @@ sub ecc_encrypt { sub ecc_decrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->decrypt(@_); @@ -649,6 +354,7 @@ sub ecc_decrypt { sub ecc_sign_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_message(@_); @@ -656,6 +362,7 @@ sub ecc_sign_message { sub ecc_verify_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_message(@_); @@ -663,6 +370,7 @@ sub ecc_verify_message { sub ecc_sign_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_hash(@_); @@ -670,6 +378,7 @@ sub ecc_sign_hash { sub ecc_verify_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_hash(@_); @@ -677,6 +386,7 @@ sub ecc_verify_hash { sub ecc_shared_secret { my ($privkey, $pubkey) = @_; + local $SIG{__DIE__} = \&CryptX::_croak; $privkey = __PACKAGE__->new($privkey) unless ref $privkey; $pubkey = __PACKAGE__->new($pubkey) unless ref $pubkey; carp "FATAL: invalid 'privkey' param" unless ref($privkey) eq __PACKAGE__ && $privkey->is_private; @@ -774,7 +484,7 @@ random data taken from C (UNIX) or C (Win32). #or $pk->generate_key($hashref_with_curve_params); -The following pre-defined C<$curve_name> values are supported: +The following predefined C<$curve_name> values are supported: # curves from http://www.ecc-brainpool.org/download/Domain-parameters.pdf 'brainpoolp160r1' @@ -964,7 +674,7 @@ Supported key formats: lEHQYjWya2YnHaPq/iMFa7A= -----END PRIVATE KEY----- -=item * PKCS#8 encrypted private keys ARE NOT SUPPORTED YET! +=item * PKCS#8 encrypted private keys -----BEGIN ENCRYPTED PRIVATE KEY----- MIGYMBwGCiqGSIb3DQEMAQMwDgQINApjTa6oFl0CAggABHi+59l4d4e6KtG9yci2 @@ -973,6 +683,19 @@ Supported key formats: 4INKZyMv/G7VpZ0= -----END ENCRYPTED PRIVATE KEY----- +=item * EC public key from X509 certificate + + -----BEGIN CERTIFICATE----- + MIIBdDCCARqgAwIBAgIJAL2BBClDEnnOMAoGCCqGSM49BAMEMBcxFTATBgNVBAMM + DFRlc3QgQ2VydCBFQzAgFw0xNzEyMzAyMDMzNDFaGA8zMDE3MDUwMjIwMzM0MVow + FzEVMBMGA1UEAwwMVGVzdCBDZXJ0IEVDMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE + KvkL2r5xZp7RzxLQJK+6tn/7lic+L70e1fmNbHOdxRaRvbK5G0AQWrdsbjJb92Ni + lCQk2+w/i+VuS2Q3MSR5TaNQME4wHQYDVR0OBBYEFGbJkDyKgaMcIGHS8/WuqIVw + +R8sMB8GA1UdIwQYMBaAFGbJkDyKgaMcIGHS8/WuqIVw+R8sMAwGA1UdEwQFMAMB + Af8wCgYIKoZIzj0EAwQDSAAwRQIhAJtOsmrM+gJpImoynAyqTN+7myL71uxd+YeC + 6ze4MnzWAiBQi5/BqEr/SQ1+BC2TPtswvJPRFh2ZvT/6Km3gKoNVXQ== + -----END CERTIFICATE----- + =item * SSH public EC keys ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT...T3xYfJIs= @@ -1029,7 +752,7 @@ Import raw public/private key - can load data exported by L. my $public_der = $pk->export_key_der('public'); Since CryptX-0.36 C can also export keys in a format -that does not explicitely contain curve parameters but only curve OID. +that does not explicitly contain curve parameters but only curve OID. my $private_der = $pk->export_key_der('private_short'); #or @@ -1042,12 +765,19 @@ that does not explicitely contain curve parameters but only curve OID. my $public_pem = $pk->export_key_pem('public'); Since CryptX-0.36 C can also export keys in a format -that does not explicitely contain curve parameters but only curve OID. +that does not explicitly contain curve parameters but only curve OID. my $private_pem = $pk->export_key_pem('private_short'); #or my $public_pem = $pk->export_key_pem('public_short'); +Since CryptX-0.58 C can also export keys in "compressed" format +that defines curve by OID + stores public point in compressed form. + + my $private_pem = $pk->export_key_pem('private_compressed'); + #or + my $public_pem = $pk->export_key_pem('public_compressed'); + Support for password protected PEM keys my $private_pem = $pk->export_key_pem('private', $password); @@ -1088,13 +818,13 @@ I Exports the key's JSON Web Key Thumbprint as a string. -If you don't know what this is, see RFC 7638 (C). +If you don't know what this is, see RFC 7638 L. my $thumbprint = $pk->export_key_jwk_thumbprint('SHA256'); =head2 export_key_raw -Export raw public/private key. Public key is exported in ANS X9.63 format (compressed or uncompressed), +Export raw public/private key. Public key is exported in ASN X9.62 format (compressed or uncompressed), private key is exported as raw bytes (padded with leading zeros to have the same size as the ECC curve). my $pubkey_octets = $pk->export_key_raw('public'); @@ -1154,11 +884,25 @@ Same as L only the signature format is as define my $pk = Crypt::PK::ECC->new($priv_key_filename); my $signature = $priv->sign_hash($message_hash); +=head2 sign_hash_rfc7518 + +I + +Same as L only the signature format is as defined by L +(JWA - JSON Web Algorithms). + =head2 verify_hash my $pk = Crypt::PK::ECC->new($pub_key_filename); my $valid = $pub->verify_hash($signature, $message_hash); +=head2 verify_hash_rfc7518 + +I + +Same as L only the signature format is as defined by L +(JWA - JSON Web Algorithms). + =head2 shared_secret # Alice having her priv key $pk and Bob's public key $pkb @@ -1313,10 +1057,10 @@ Verify signature (Perl code): use Crypt::PK::ECC; use Crypt::Digest 'digest_file'; - use File::Slurp 'read_file'; + use Crypt::Misc 'read_rawfile'; my $pkec = Crypt::PK::ECC->new("eckey.pub.pem"); - my $signature = read_file("input.sha1-ec.sig", binmode=>':raw'); + my $signature = read_rawfile("input.sha1-ec.sig"); my $valid = $pkec->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5"); print $valid ? "SUCCESS" : "FAILURE"; @@ -1326,11 +1070,11 @@ Create signature (Perl code): use Crypt::PK::ECC; use Crypt::Digest 'digest_file'; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkec = Crypt::PK::ECC->new("eckey.priv.pem"); my $signature = $pkec->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5"); - write_file("input.sha1-ec.sig", {binmode=>':raw'}, $signature); + write_rawfile("input.sha1-ec.sig", $signature); Verify signature (from commandline): @@ -1341,15 +1085,15 @@ Verify signature (from commandline): Generate keys (Perl code): use Crypt::PK::ECC; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkec = Crypt::PK::ECC->new; $pkec->generate_key('secp160k1'); - write_file("eckey.pub.der", {binmode=>':raw'}, $pkec->export_key_der('public')); - write_file("eckey.priv.der", {binmode=>':raw'}, $pkec->export_key_der('private')); - write_file("eckey.pub.pem", $pkec->export_key_pem('public')); - write_file("eckey.priv.pem", $pkec->export_key_pem('private')); - write_file("eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret')); + write_rawfile("eckey.pub.der", $pkec->export_key_der('public')); + write_rawfile("eckey.priv.der", $pkec->export_key_der('private')); + write_rawfile("eckey.pub.pem", $pkec->export_key_pem('public')); + write_rawfile("eckey.priv.pem", $pkec->export_key_pem('private')); + write_rawfile("eckey-passwd.priv.pem", $pkec->export_key_pem('private', 'secret')); Use keys by OpenSSL: @@ -1374,7 +1118,6 @@ Generate keys: Load keys (Perl code): use Crypt::PK::ECC; - use File::Slurp 'write_file'; my $pkec = Crypt::PK::ECC->new; $pkec->import_key("eckey.pub.der"); @@ -1396,3 +1139,5 @@ Load keys (Perl code): =item * L =back + +=cut diff --git a/lib/Crypt/PK/RSA.pm b/lib/Crypt/PK/RSA.pm index 2fe541a..abfbe72 100644 --- a/lib/Crypt/PK/RSA.pm +++ b/lib/Crypt/PK/RSA.pm @@ -2,7 +2,7 @@ package Crypt::PK::RSA; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash)] ); @@ -10,16 +10,14 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use Carp; -use CryptX qw(_encode_json _decode_json); +use CryptX; use Crypt::Digest qw(digest_data digest_data_b64u); use Crypt::Misc qw(read_rawfile encode_b64u decode_b64u encode_b64 decode_b64 pem_to_der der_to_pem); use Crypt::PK; sub new { - my ($class, $f, $p) = @_; - my $self = _new(); - $self->import_key($f, $p) if $f; - return $self; + my $self = shift->_new(); + return @_ > 0 ? $self->import_key(@_) : $self; } sub export_key_pem { @@ -57,7 +55,7 @@ sub export_key_jwk { dq => encode_b64u(pack("H*", $kh->{dQ})), qi => encode_b64u(pack("H*", $kh->{qP})), }; - return $wanthash ? $hash : _encode_json($hash); + return $wanthash ? $hash : CryptX::_encode_json($hash); } elsif ($type eq 'public') { return unless $kh->{N} && $kh->{e}; @@ -69,7 +67,7 @@ sub export_key_jwk { n => encode_b64u(pack("H*", $kh->{N})), e => encode_b64u(pack("H*", $kh->{e})), }; - return $wanthash ? $hash : _encode_json($hash); + return $wanthash ? $hash : CryptX::_encode_json($hash); } } @@ -77,7 +75,7 @@ sub export_key_jwk_thumbprint { my ($self, $hash_name) = @_; $hash_name ||= 'SHA256'; my $h = $self->export_key_jwk('public', 1); - my $json = _encode_json({kty=>$h->{kty}, n=>$h->{n}, e=>$h->{e}}); + my $json = CryptX::_encode_json({kty=>$h->{kty}, n=>$h->{n}, e=>$h->{e}}); return digest_data_b64u($hash_name, $json); } @@ -125,7 +123,7 @@ sub import_key { elsif ($data =~ /-----BEGIN PRIVATE KEY-----(.*?)-----END/sg) { # PKCS#8 PrivateKeyInfo (PEM header: BEGIN PRIVATE KEY) $data = pem_to_der($data, $password); - return $self->_import_pkcs8($data) if $data; + return $self->_import_pkcs8($data, $password) if $data; } elsif ($data =~ /-----BEGIN ENCRYPTED PRIVATE KEY-----(.*?)-----END/sg) { # XXX-TODO: PKCS#8 EncryptedPrivateKeyInfo (PEM header: BEGIN ENCRYPTED PRIVATE KEY) @@ -134,7 +132,7 @@ sub import_key { elsif ($data =~ /^\s*(\{.*?\})\s*$/s) { # JSON Web Key (JWK) - http://tools.ietf.org/html/draft-ietf-jose-json-web-key my $json = "$1"; - my $h = _decode_json($json); + my $h = CryptX::_decode_json($json); if ($h && $h->{kty} eq "RSA") { for (qw/n e d p q dp dq qi/) { $h->{$_} = eval { unpack("H*", decode_b64u($h->{$_})) } if exists $h->{$_}; @@ -142,6 +140,10 @@ sub import_key { return $self->_import_hex($h->{n}, $h->{e}, $h->{d}, $h->{p}, $h->{q}, $h->{dp}, $h->{dq}, $h->{qi}) if $h->{n} && $h->{e}; } } + elsif ($data =~ /-----BEGIN CERTIFICATE-----(.*?)-----END CERTIFICATE-----/sg) { + $data = pem_to_der($data); + return $self->_import_x509($data); + } elsif ($data =~ /---- BEGIN SSH2 PUBLIC KEY ----(.*?)---- END SSH2 PUBLIC KEY ----/sg) { $data = pem_to_der($data); my ($typ, $N, $e) = Crypt::PK::_ssh_parse($data); @@ -154,71 +156,18 @@ sub import_key { } else { # DER format - my $rv = eval { $self->_import($data) } || eval { $self->_import_pkcs8($data) }; + my $rv = eval { $self->_import($data) } || eval { $self->_import_pkcs8($data, $password) } || eval { $self->_import_x509($data) }; return $rv if $rv; } croak "FATAL: invalid or unsupported RSA key format"; } -sub encrypt { - my ($self, $data, $padding, $hash_name, $lparam) = @_; - $lparam ||= ''; - $padding ||= 'oaep'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_encrypt($data, $padding, $hash_name, $lparam); -} - -sub decrypt { - my ($self, $data, $padding, $hash_name, $lparam) = @_; - $lparam ||= ''; - $padding ||= 'oaep'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_decrypt($data, $padding, $hash_name, $lparam); -} - -sub sign_hash { - my ($self, $data, $hash_name, $padding, $saltlen) = @_; - $saltlen ||= 12; - $padding ||= 'pss'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_sign($data, $padding, $hash_name, $saltlen); -} - -sub sign_message { - my ($self, $data, $hash_name, $padding, $saltlen) = @_; - $saltlen ||= 12; - $padding ||= 'pss'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_sign(digest_data($hash_name, $data), $padding, $hash_name, $saltlen); -} - -sub verify_hash { - my ($self, $sig, $data, $hash_name, $padding, $saltlen) = @_; - $saltlen ||= 12; - $padding ||= 'pss'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_verify($sig, $data, $padding, $hash_name, $saltlen); -} - -sub verify_message { - my ($self, $sig, $data, $hash_name, $padding, $saltlen) = @_; - $saltlen ||= 12; - $padding ||= 'pss'; - $hash_name = Crypt::Digest::_trans_digest_name($hash_name||'SHA1'); - - return $self->_verify($sig, digest_data($hash_name, $data), $padding, $hash_name, $saltlen); -} - ### FUNCTIONS sub rsa_encrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->encrypt(@_); @@ -226,6 +175,7 @@ sub rsa_encrypt { sub rsa_decrypt { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->decrypt(@_); @@ -233,6 +183,7 @@ sub rsa_decrypt { sub rsa_sign_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_hash(@_); @@ -240,6 +191,7 @@ sub rsa_sign_hash { sub rsa_verify_hash { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_hash(@_); @@ -247,6 +199,7 @@ sub rsa_verify_hash { sub rsa_sign_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->sign_message(@_); @@ -254,6 +207,7 @@ sub rsa_sign_message { sub rsa_verify_message { my $key = shift; + local $SIG{__DIE__} = \&CryptX::_croak; $key = __PACKAGE__->new($key) unless ref $key; carp "FATAL: invalid 'key' param" unless ref($key) eq __PACKAGE__; return $key->verify_message(@_); @@ -479,6 +433,27 @@ Supported key formats: 1HPwZX2d -----END ENCRYPTED PRIVATE KEY----- +=item * RSA public key from X509 certificate + + -----BEGIN CERTIFICATE----- + MIIC8zCCAdugAwIBAgIJAPi+LvMU3uGWMA0GCSqGSIb3DQEBCwUAMBAxDjAMBgNV + BAMMBXBva3VzMB4XDTE3MDcxNDE0MTAyMFoXDTIwMDQwOTE0MTAyMFowEDEOMAwG + A1UEAwwFcG9rdXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQima + SUIMIdz5uVevzcScbcj06xs1OLaFKUoPJ8v+xP6Ut61BQhAvc8GYuw2uRx223hZC + r3HYLfSdWIfmOIAtlL8cPYPVoSivJtpSGE6fBG1tlBjVgXWRmJGR/oxx6Y5QDwcB + Q4GZKga8TtHQoY5idZuatYOFZGfMIcIUC0Uoda+YSypnw7A90F/JvlpcTUh3Fnem + VinqEA6XOegU9dCZk/29sXqauBjbdGihh8DvpklOhY16eQoiR3909AywQ0KUmI+R + Sa9E8oIsmUDetFuXEvana+sD3y42tU+cd2nhBPRETbSXPcum0B3uF4yKgweuJy5D + cvtVQIFVkkh4+AWNAgMBAAGjUDBOMB0GA1UdDgQWBBSS6V5PVGyN92NoB0AVLcOb + pzR3SzAfBgNVHSMEGDAWgBSS6V5PVGyN92NoB0AVLcObpzR3SzAMBgNVHRMEBTAD + AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBIszrBjoJ39axsS6Btbvwvo8vAmgiSWsav + 7AmjXOAwknHPaCcDmrdOys5POD0DNRwNeRsnxFiZ/UL8Vmj2JGDLgAw+/v32MwfX + Ig7m+oIbO8KqDzlYvS5kd3suJ5C21hHy1/JUtfofZLovZH7ZRzhTAoRvCYaodW90 + 2o8ZqmyCdcXPzjFmoJ2xYzs/Sf8/E1cHfb+4HjOpeRnKxDvG0gwWzcsXpUrw2pNO + Oztj6Rd0THNrf/anIeYVtAHX4aqZA8Kbv2TyJd+9g78usFw1cn+8vfmilm6Pn0DQ + a+I5GyGd7BJI8wYuWqIStzvrJHbQQaNrSk7hgjWYiYlcsPh6w2QP + -----END CERTIFICATE----- + =item * SSH public RSA keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQA...6mdYs5iJNGu/ltUdc= @@ -586,7 +561,7 @@ I Exports the key's JSON Web Key Thumbprint as a string. -If you don't know what this is, see RFC 7638 (C). +If you don't know what this is, see RFC 7638 L. my $thumbprint = $pk->export_key_jwk_thumbprint('SHA256'); @@ -829,10 +804,10 @@ Create encrypted file (from commandline): Decrypt file (Perl code): use Crypt::PK::RSA; - use File::Slurp 'read_file'; + use Crypt::Misc 'read_rawfile'; my $pkrsa = Crypt::PK::RSA->new("rsakey.priv.pem"); - my $encfile = read_file("input.encrypted.rsa", binmode=>':raw'); + my $encfile = read_rawfile("input.encrypted.rsa"); my $plaintext = $pkrsa->decrypt($encfile, 'v1.5'); print $plaintext; @@ -841,12 +816,12 @@ Decrypt file (Perl code): Create encrypted file (Perl code): use Crypt::PK::RSA; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $plaintext = 'secret message'; my $pkrsa = Crypt::PK::RSA->new("rsakey.pub.pem"); my $encrypted = $pkrsa->encrypt($plaintext, 'v1.5'); - write_file("input.encrypted.rsa", {binmode=>':raw'}, $encrypted); + write_rawfile("input.encrypted.rsa", $encrypted); Decrypt file (from commandline): @@ -862,10 +837,10 @@ Verify signature (Perl code): use Crypt::PK::RSA; use Crypt::Digest 'digest_file'; - use File::Slurp 'read_file'; + use Crypt::Misc 'read_rawfile'; my $pkrsa = Crypt::PK::RSA->new("rsakey.pub.pem"); - my $signature = read_file("input.sha1-rsa.sig", binmode=>':raw'); + my $signature = read_rawfile("input.sha1-rsa.sig"); my $valid = $pkrsa->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5"); print $valid ? "SUCCESS" : "FAILURE"; @@ -875,11 +850,11 @@ Create signature (Perl code): use Crypt::PK::RSA; use Crypt::Digest 'digest_file'; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkrsa = Crypt::PK::RSA->new("rsakey.priv.pem"); my $signature = $pkrsa->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5"); - write_file("input.sha1-rsa.sig", {binmode=>':raw'}, $signature); + write_rawfile("input.sha1-rsa.sig", $signature); Verify signature (from commandline): @@ -890,15 +865,15 @@ Verify signature (from commandline): Generate keys (Perl code): use Crypt::PK::RSA; - use File::Slurp 'write_file'; + use Crypt::Misc 'write_rawfile'; my $pkrsa = Crypt::PK::RSA->new; $pkrsa->generate_key(256, 65537); - write_file("rsakey.pub.der", {binmode=>':raw'}, $pkrsa->export_key_der('public')); - write_file("rsakey.priv.der", {binmode=>':raw'}, $pkrsa->export_key_der('private')); - write_file("rsakey.pub.pem", $pkrsa->export_key_pem('public_x509')); - write_file("rsakey.priv.pem", $pkrsa->export_key_pem('private')); - write_file("rsakey-passwd.priv.pem", $pkrsa->export_key_pem('private', 'secret')); + write_rawfile("rsakey.pub.der", $pkrsa->export_key_der('public')); + write_rawfile("rsakey.priv.der", $pkrsa->export_key_der('private')); + write_rawfile("rsakey.pub.pem", $pkrsa->export_key_pem('public_x509')); + write_rawfile("rsakey.priv.pem", $pkrsa->export_key_pem('private')); + write_rawfile("rsakey-passwd.priv.pem", $pkrsa->export_key_pem('private', 'secret')); Use keys by OpenSSL: @@ -921,7 +896,6 @@ Generate keys: Load keys (Perl code): use Crypt::PK::RSA; - use File::Slurp 'write_file'; my $pkrsa = Crypt::PK::RSA->new; $pkrsa->import_key("rsakey.pub.der"); @@ -937,3 +911,5 @@ Load keys (Perl code): =item * L =back + +=cut diff --git a/lib/Crypt/PRNG.pm b/lib/Crypt/PRNG.pm index ae14afa..edc2703 100644 --- a/lib/Crypt/PRNG.pm +++ b/lib/Crypt/PRNG.pm @@ -2,42 +2,17 @@ package Crypt::PRNG; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; -use base qw(Exporter); +require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); -#BEWARE: cannot use Crypt::Misc qw(encode_b64 encode_b64u); +use Carp; +$Carp::Internal{(__PACKAGE__)}++; use CryptX; -sub _trans_prng_name { - my $name = shift; - $name =~ s/^Crypt::PRNG:://; - return lc($name); -} - -### METHODS - -sub new { - my $pkg = shift; - my $prng_name = $pkg eq __PACKAGE__ ? _trans_prng_name(shift||'ChaCha20') : _trans_prng_name($pkg); - return _new($$, $prng_name, @_); -} - -sub bytes { return shift->_bytes($$, shift) } - -sub int32 { return shift->_int32($$) } - -sub double { return shift->_double($$, shift) } - -sub bytes_hex { return unpack("H*", shift->bytes(shift)) } - -sub bytes_b64 { return CryptX::_encode_base64(shift->bytes(shift)) } - -sub bytes_b64u { return CryptX::_encode_base64url(shift->bytes(shift)) } - sub string { my ($self, $len) = @_; return $self->string_from("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", $len); @@ -53,7 +28,7 @@ sub string_from { my @ch = split(//, $chars); my $max_index = $#ch; return if $max_index > 65535; - + my $mask; for my $n (1..31) { $mask = (1<<$n) - 1; @@ -193,13 +168,13 @@ Similar to random_string_from, only C<$range> is fixed to C<'ABCDEFGHIJKLMNOPQRS #or $n = rand($limit); -Returns a random floating point number from range C<[0,1)> (if called without param) or C<[0,$limit)>. +Returns a random floating point number from range C<[0,1)> (if called without parameter) or C<[0,$limit)>. =head2 irand $i = irand; -Returns a random unsigned 32bit integer - range 0 .. 0xFFFFFFFF. +Returns a random unsigned 32bit integer - range C<0 .. 0xFFFFFFFF>. =head1 METHODS @@ -280,4 +255,6 @@ See L =head1 SEE ALSO -L, L, L, L \ No newline at end of file +L, L, L, L + +=cut diff --git a/lib/Crypt/PRNG/ChaCha20.pm b/lib/Crypt/PRNG/ChaCha20.pm index b9ef777..f6c7fcc 100644 --- a/lib/Crypt/PRNG/ChaCha20.pm +++ b/lib/Crypt/PRNG/ChaCha20.pm @@ -2,7 +2,7 @@ package Crypt::PRNG::ChaCha20; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); @@ -10,7 +10,6 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use CryptX; -use base 'Crypt::PRNG'; { ### stolen from Bytes::Random::Secure @@ -157,3 +156,5 @@ See L. =item * L =back + +=cut diff --git a/lib/Crypt/PRNG/Fortuna.pm b/lib/Crypt/PRNG/Fortuna.pm index 5ef5029..5843423 100644 --- a/lib/Crypt/PRNG/Fortuna.pm +++ b/lib/Crypt/PRNG/Fortuna.pm @@ -2,7 +2,7 @@ package Crypt::PRNG::Fortuna; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); @@ -10,7 +10,6 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use CryptX; -use base 'Crypt::PRNG'; { ### stolen from Bytes::Random::Secure @@ -158,3 +157,5 @@ See L. =item * L =back + +=cut diff --git a/lib/Crypt/PRNG/RC4.pm b/lib/Crypt/PRNG/RC4.pm index fa5d622..b474c2b 100644 --- a/lib/Crypt/PRNG/RC4.pm +++ b/lib/Crypt/PRNG/RC4.pm @@ -2,7 +2,7 @@ package Crypt::PRNG::RC4; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); @@ -10,7 +10,6 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use CryptX; -use base 'Crypt::PRNG'; { ### stolen from Bytes::Random::Secure @@ -157,3 +156,5 @@ See L. =item * L =back + +=cut diff --git a/lib/Crypt/PRNG/Sober128.pm b/lib/Crypt/PRNG/Sober128.pm index b27230f..b31175e 100644 --- a/lib/Crypt/PRNG/Sober128.pm +++ b/lib/Crypt/PRNG/Sober128.pm @@ -2,7 +2,7 @@ package Crypt::PRNG::Sober128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); @@ -10,7 +10,6 @@ our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); our @EXPORT = qw(); use CryptX; -use base 'Crypt::PRNG'; { ### stolen from Bytes::Random::Secure @@ -157,3 +156,5 @@ See L. =item * L =back + +=cut diff --git a/lib/Crypt/PRNG/Yarrow.pm b/lib/Crypt/PRNG/Yarrow.pm index 3a04bef..0866c32 100644 --- a/lib/Crypt/PRNG/Yarrow.pm +++ b/lib/Crypt/PRNG/Yarrow.pm @@ -2,7 +2,7 @@ package Crypt::PRNG::Yarrow; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); @@ -156,3 +156,5 @@ See L. =item * L =back + +=cut diff --git a/lib/Crypt/Stream/ChaCha.pm b/lib/Crypt/Stream/ChaCha.pm index bbdc7dd..7bfb760 100644 --- a/lib/Crypt/Stream/ChaCha.pm +++ b/lib/Crypt/Stream/ChaCha.pm @@ -2,12 +2,10 @@ package Crypt::Stream::ChaCha; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use CryptX; -sub new { my $class = shift; _new(@_) } - 1; =pod @@ -67,7 +65,7 @@ Provides an interface to the ChaCha stream cipher. =over -=item * L, L +=item * L, L, L, L =item * L diff --git a/lib/Crypt/Stream/RC4.pm b/lib/Crypt/Stream/RC4.pm index c915686..853e339 100644 --- a/lib/Crypt/Stream/RC4.pm +++ b/lib/Crypt/Stream/RC4.pm @@ -2,12 +2,10 @@ package Crypt::Stream::RC4; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use CryptX; -sub new { my $class = shift; _new(@_) } - 1; =pod @@ -59,7 +57,7 @@ Provides an interface to the RC4 stream cipher. =over -=item * L, L +=item * L, L, L, L =item * L diff --git a/lib/Crypt/Stream/Rabbit.pm b/lib/Crypt/Stream/Rabbit.pm new file mode 100644 index 0000000..d0162d3 --- /dev/null +++ b/lib/Crypt/Stream/Rabbit.pm @@ -0,0 +1,72 @@ +package Crypt::Stream::Rabbit; + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use CryptX; + +1; + +=pod + +=head1 NAME + +Crypt::Stream::Rabbit - Stream cipher Rabbit + +=head1 SYNOPSIS + + use Crypt::Stream::Rabbit; + + # encrypt + $key = "1234567890123456"; + $iv = "12345678"; + $stream = Crypt::Stream::Rabbit->new($key, $iv); + $ct = $stream->crypt("plain message"); + + # decrypt + $key = "1234567890123456"; + $iv = "12345678"; + $stream = Crypt::Stream::Rabbit->new($key, $iv); + $pt = $stream->crypt($ct); + +=head1 DESCRIPTION + +Provides an interface to the Rabbit stream cipher. + +=head1 METHODS + +=head2 new + + $stream = Crypt::Stream::Rabbit->new($key, $iv); + # $key .. keylen must be up to 16 bytes + # $iv .. ivlen must be up to 8 bytes + + $stream = Crypt::Stream::Rabbit->new($key); + #BEWARE: this is different from new($key, "") + +=head2 crypt + + $ciphertext = $stream->crypt($plaintext); + #or + $plaintext = $stream->crypt($ciphertext); + +=head2 keystream + + $random_key = $stream->keystream($length); + +=head2 clone + + $stream->clone(); + +=head1 SEE ALSO + +=over + +=item * L, L, L, L + +=item * L + +=back + +=cut diff --git a/lib/Crypt/Stream/Salsa20.pm b/lib/Crypt/Stream/Salsa20.pm new file mode 100644 index 0000000..9b0a93f --- /dev/null +++ b/lib/Crypt/Stream/Salsa20.pm @@ -0,0 +1,72 @@ +package Crypt::Stream::Salsa20; + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use CryptX; + +1; + +=pod + +=head1 NAME + +Crypt::Stream::Salsa20 - Stream cipher Salsa20 + +=head1 SYNOPSIS + + use Crypt::Stream::Salsa20; + + # encrypt + $key = "1234567890123456"; + $iv = "12345678"; + $stream = Crypt::Stream::Salsa20->new($key, $iv); + $ct = $stream->crypt("plain message"); + + # decrypt + $key = "1234567890123456"; + $iv = "12345678"; + $stream = Crypt::Stream::Salsa20->new($key, $iv); + $pt = $stream->crypt($ct); + +=head1 DESCRIPTION + +Provides an interface to the Salsa20 stream cipher. + +=head1 METHODS + +=head2 new + + $stream = Crypt::Stream::Salsa20->new($key, $iv); + #or + $stream = Crypt::Stream::Salsa20->new($key, $iv, $counter, $rounds); + + # $key .. 32 or 16 bytes + # $iv .. 8 bytes + # $counter .. initial counter value (DEFAULT: 0) + # $rounds .. rounds (DEFAULT: 20) + +=head2 crypt + + $ciphertext = $stream->crypt($plaintext); + #or + $plaintext = $stream->crypt($ciphertext); + +=head2 keystream + + $random_key = $stream->keystream($length); + +=head2 clone + + $stream->clone(); + +=head1 SEE ALSO + +=over + +=item * L, L, L, L + +=back + +=cut diff --git a/lib/Crypt/Stream/Sober128.pm b/lib/Crypt/Stream/Sober128.pm index 55366af..70de4c3 100644 --- a/lib/Crypt/Stream/Sober128.pm +++ b/lib/Crypt/Stream/Sober128.pm @@ -2,12 +2,10 @@ package Crypt::Stream::Sober128; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use CryptX; -sub new { my $class = shift; _new(@_) } - 1; =pod @@ -62,7 +60,7 @@ Provides an interface to the Sober128 stream cipher. =over -=item * L, L +=item * L, L, L, L =item * L diff --git a/lib/Crypt/Stream/Sosemanuk.pm b/lib/Crypt/Stream/Sosemanuk.pm new file mode 100644 index 0000000..e181fc0 --- /dev/null +++ b/lib/Crypt/Stream/Sosemanuk.pm @@ -0,0 +1,69 @@ +package Crypt::Stream::Sosemanuk; + +use strict; +use warnings; +our $VERSION = '0.058_002'; + +use CryptX; + +1; + +=pod + +=head1 NAME + +Crypt::Stream::Sosemanuk - Stream cipher Sosemanuk + +=head1 SYNOPSIS + + use Crypt::Stream::Sosemanuk; + + # encrypt + $key = "1234567890123456"; + $iv = "123456789012"; + $stream = Crypt::Stream::Sosemanuk->new($key, $iv); + $ct = $stream->crypt("plain message"); + + # decrypt + $key = "1234567890123456"; + $iv = "123456789012"; + $stream = Crypt::Stream::Sosemanuk->new($key, $iv); + $pt = $stream->crypt($ct); + +=head1 DESCRIPTION + +Provides an interface to the Sosemanuk stream cipher. + +=head1 METHODS + +=head2 new + + $stream = Crypt::Stream::Sosemanuk->new($key, $iv); + # $key .. keylen must be multiple of 4 bytes + # $iv .. ivlen must be multiple of 4 bytes (OPTIONAL) + +=head2 crypt + + $ciphertext = $stream->crypt($plaintext); + #or + $plaintext = $stream->crypt($ciphertext); + +=head2 keystream + + $random_key = $stream->keystream($length); + +=head2 clone + + $stream->clone(); + +=head1 SEE ALSO + +=over + +=item * L, L, L, L + +=item * L + +=back + +=cut diff --git a/lib/CryptX.pm b/lib/CryptX.pm index a0b8fa4..b992ccc 100644 --- a/lib/CryptX.pm +++ b/lib/CryptX.pm @@ -2,10 +2,7 @@ package CryptX; use strict; use warnings ; -our $VERSION = '0.048'; - -use base qw(Exporter); -our @EXPORT_OK = qw( _decode_json _encode_json); +our $VERSION = '0.058_002'; require XSLoader; XSLoader::load('CryptX', $VERSION); @@ -31,6 +28,15 @@ BEGIN { } } +sub _croak { + die @_ if ref $_[0] || !$_[-1]; + if ($_[-1] =~ /^(.*)( at .+ line .+\n$)/s) { + pop @_; + push @_, $1; + } + die Carp::shortmess @_; +} + sub _decode_json { croak "FATAL: cannot find JSON::PP or JSON::XS or Cpanel::JSON::XS" if !$has_json; decode_json(shift); @@ -47,26 +53,28 @@ sub _encode_json { } 1; -__END__ + +=pod =head1 NAME -CryptX - Crypto toolkit (self-contained no external libraries needed) +CryptX - Cryptographic toolkit (self-contained, no external libraries needed) =head1 DESCRIPTION Cryptography in CryptX is based on L -Currently available modules: +Available modules: =over -=item * Ciphers - see L and related modules +=item * Symmetric ciphers - see L and related modules L, L, L, L, L, L, -L, L, L, L, L, L, -L, L, L, L, L, L, -L, L, L, L, L +L, L, L, L, L, L, +L, L, L, L, L, L, +L, L, L, L, L, +L, L =item * Block cipher modes @@ -74,7 +82,8 @@ L, L, L, L, L, L +L, L, L, L, +L, L =item * Authenticated encryption modes @@ -82,27 +91,39 @@ L, L, L, L and related modules +L, L, L, L, +L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, L, +L, L, L, L, L, L, L, L, L +=item * Checksums + +L, L + =item * Message Authentication Codes -L, L, L, L, L, L, L +L, L, L, L, L, +L, L, L, L =item * Public key cryptography L, L, L, L -=item * Cryptographically secure random number generators +=item * Cryptographically secure random number generators - see L and related modules -L, L, L, L, L, L +L, L, L, L, L -=item * Key derivation functions - PBKDF1, PBKFD2 and HKDF +=item * Key derivation functions - PBKDF1, PBKDF2 and HKDF L +=item * Other handy functions related to cryptography + +L + =back =head1 LICENSE @@ -111,4 +132,6 @@ This program is free software; you can redistribute it and/or modify it under th =head1 COPYRIGHT -Copyright (c) 2013+ DCIT, a.s. L / Karel Miko \ No newline at end of file +Copyright (c) 2013+ DCIT, a.s. L / Karel Miko + +=cut diff --git a/lib/Math/BigInt/LTM.pm b/lib/Math/BigInt/LTM.pm index 8a0caf1..4fe368d 100644 --- a/lib/Math/BigInt/LTM.pm +++ b/lib/Math/BigInt/LTM.pm @@ -2,7 +2,7 @@ package Math::BigInt::LTM; use strict; use warnings; -our $VERSION = '0.048'; +our $VERSION = '0.058_002'; use CryptX; @@ -436,8 +436,6 @@ sub _log_int { 1; -__END__ - =pod =head1 NAME diff --git a/ppport.h b/ppport.h index 27f9aa7..068275d 100644 --- a/ppport.h +++ b/ppport.h @@ -4,9 +4,9 @@ /* ---------------------------------------------------------------------- - ppport.h -- Perl/Pollution/Portability Version 3.31 + ppport.h -- Perl/Pollution/Portability Version 3.36 - Automatically created by Devel::PPPort running under perl 5.018002. + Automatically created by Devel::PPPort running under perl 5.022003. Do NOT edit this file directly! -- Edit PPPort_pm.PL and the includes in parts/inc/ instead. @@ -21,7 +21,7 @@ SKIP =head1 NAME -ppport.h - Perl/Pollution/Portability version 3.31 +ppport.h - Perl/Pollution/Portability version 3.36 =head1 SYNOPSIS @@ -219,6 +219,7 @@ same function or variable in your project. ----------------------------------------------------------------------------------------- PL_parser NEED_PL_parser NEED_PL_parser_GLOBAL PL_signals NEED_PL_signals NEED_PL_signals_GLOBAL + SvRX() NEED_SvRX NEED_SvRX_GLOBAL caller_cx() NEED_caller_cx NEED_caller_cx_GLOBAL eval_pv() NEED_eval_pv NEED_eval_pv_GLOBAL grok_bin() NEED_grok_bin NEED_grok_bin_GLOBAL @@ -226,6 +227,7 @@ same function or variable in your project. grok_number() NEED_grok_number NEED_grok_number_GLOBAL grok_numeric_radix() NEED_grok_numeric_radix NEED_grok_numeric_radix_GLOBAL grok_oct() NEED_grok_oct NEED_grok_oct_GLOBAL + gv_fetchpvn_flags() NEED_gv_fetchpvn_flags NEED_gv_fetchpvn_flags_GLOBAL load_module() NEED_load_module NEED_load_module_GLOBAL mg_findext() NEED_mg_findext NEED_mg_findext_GLOBAL my_snprintf() NEED_my_snprintf NEED_my_snprintf_GLOBAL @@ -381,7 +383,7 @@ use strict; # Disable broken TRIE-optimization BEGIN { eval '${^RE_TRIE_MAXBUF} = -1' if $] >= 5.009004 && $] <= 5.009005 } -my $VERSION = 3.31; +my $VERSION = 3.36; my %opt = ( quiet => 0, @@ -451,9 +453,9 @@ my %API = map { /^(\w+)\|([^|]*)\|([^|]*)\|(\w*)$/ ASCII_TO_NEED||5.007001|n AvFILLp|5.004050||p AvFILL||| -BhkDISABLE||5.021008| -BhkENABLE||5.021008| -BhkENTRY_set||5.021008| +BhkDISABLE||5.024000| +BhkENABLE||5.024000| +BhkENTRY_set||5.024000| BhkENTRY||| BhkFLAGS||| CALL_BLOCK_HOOKS||| @@ -461,6 +463,8 @@ CLASS|||n CPERLscope|5.005000||p CX_CURPAD_SAVE||| CX_CURPAD_SV||| +C_ARRAY_END|5.013002||p +C_ARRAY_LENGTH|5.008001||p CopFILEAV|5.006000||p CopFILEGV_set|5.006000||p CopFILEGV|5.006000||p @@ -477,8 +481,10 @@ Copy||| CvPADLIST||5.008001| CvSTASH||| CvWEAKOUTSIDE||| +DECLARATION_FOR_LC_NUMERIC_MANIPULATION||5.021010|n DEFSV_set|5.010001||p DEFSV|5.004050||p +DO_UTF8||5.006000| END_EXTERN_C|5.005000||p ENTER||| ERRSV|5.004050||p @@ -500,7 +506,6 @@ GetVars||| GvAV||| GvCV||| GvHV||| -GvSVn|5.009003||p GvSV||| Gv_AMupdate||5.011000| HEf_SVKEY|5.003070||p @@ -539,7 +544,7 @@ LEAVE||| LINKLIST||5.013006| LVRET||| MARK||| -MULTICALL||5.021008| +MULTICALL||5.024000| MUTABLE_PTR|5.010001||p MUTABLE_SV|5.010001||p MY_CXT_CLONE|5.009002||p @@ -568,9 +573,11 @@ OP_NAME||5.007003| OP_TYPE_IS_OR_WAS||5.019010| OP_TYPE_IS||5.019007| ORIGMARK||| -OpHAS_SIBLING||5.021007| -OpSIBLING_set||5.021007| -OpSIBLING||5.021007| +OpHAS_SIBLING|5.021007||p +OpLASTSIB_set|5.021011||p +OpMAYBESIB_set|5.021011||p +OpMORESIB_set|5.021011||p +OpSIBLING|5.021007||p PAD_BASE_SV||| PAD_CLONE_VARS||| PAD_COMPNAME_FLAGS||| @@ -590,7 +597,7 @@ PAD_SV||| PERLIO_FUNCS_CAST|5.009003||p PERLIO_FUNCS_DECL|5.009003||p PERL_ABS|5.008001||p -PERL_BCDVERSION|5.021008||p +PERL_BCDVERSION|5.024000||p PERL_GCC_BRACE_GROUPS_FORBIDDEN|5.008001||p PERL_HASH|5.003070||p PERL_INT_MAX|5.003070||p @@ -608,14 +615,14 @@ PERL_MAGIC_envelem|5.007002||p PERL_MAGIC_env|5.007002||p PERL_MAGIC_ext|5.007002||p PERL_MAGIC_fm|5.007002||p -PERL_MAGIC_glob|5.021008||p +PERL_MAGIC_glob|5.024000||p PERL_MAGIC_isaelem|5.007002||p PERL_MAGIC_isa|5.007002||p -PERL_MAGIC_mutex|5.021008||p +PERL_MAGIC_mutex|5.024000||p PERL_MAGIC_nkeys|5.007002||p -PERL_MAGIC_overload_elem|5.021008||p +PERL_MAGIC_overload_elem|5.024000||p PERL_MAGIC_overload_table|5.007002||p -PERL_MAGIC_overload|5.021008||p +PERL_MAGIC_overload|5.024000||p PERL_MAGIC_pos|5.007002||p PERL_MAGIC_qr|5.007002||p PERL_MAGIC_regdata|5.007002||p @@ -663,7 +670,7 @@ PERL_SIGNALS_UNSAFE_FLAG|5.008001||p PERL_SUBVERSION|5.006000||p PERL_SYS_INIT3||5.006000| PERL_SYS_INIT||| -PERL_SYS_TERM||5.021008| +PERL_SYS_TERM||5.024000| PERL_UCHAR_MAX|5.003070||p PERL_UCHAR_MIN|5.003070||p PERL_UINT_MAX|5.003070||p @@ -673,6 +680,7 @@ PERL_ULONG_MIN|5.003070||p PERL_UNUSED_ARG|5.009003||p PERL_UNUSED_CONTEXT|5.009004||p PERL_UNUSED_DECL|5.007002||p +PERL_UNUSED_RESULT|5.021001||p PERL_UNUSED_VAR|5.007002||p PERL_UQUAD_MAX|5.003070||p PERL_UQUAD_MIN|5.003070||p @@ -685,13 +693,13 @@ PL_DBsingle|||pn PL_DBsub|||pn PL_DBtrace|||pn PL_Sv|5.005000||p -PL_bufend|5.021008||p -PL_bufptr|5.021008||p +PL_bufend|5.024000||p +PL_bufptr|5.024000||p PL_check||5.006000| PL_compiling|5.004050||p PL_comppad_name||5.017004| PL_comppad||5.008001| -PL_copline|5.021008||p +PL_copline|5.024000||p PL_curcop|5.004050||p PL_curpad||5.005000| PL_curstash|5.004050||p @@ -701,18 +709,18 @@ PL_diehook|5.004050||p PL_dirty|5.004050||p PL_dowarn|||pn PL_errgv|5.004050||p -PL_error_count|5.021008||p -PL_expect|5.021008||p +PL_error_count|5.024000||p +PL_expect|5.024000||p PL_hexdigit|5.005000||p PL_hints|5.005000||p -PL_in_my_stash|5.021008||p -PL_in_my|5.021008||p +PL_in_my_stash|5.024000||p +PL_in_my|5.024000||p PL_keyword_plugin||5.011002| PL_last_in_gv|||n PL_laststatval|5.005000||p -PL_lex_state|5.021008||p -PL_lex_stuff|5.021008||p -PL_linestr|5.021008||p +PL_lex_state|5.024000||p +PL_lex_stuff|5.024000||p +PL_linestr|5.024000||p PL_modglobal||5.005000|n PL_na|5.004050||pn PL_no_modify|5.006000||p @@ -724,8 +732,8 @@ PL_perl_destruct_level|5.004050||p PL_perldb|5.004050||p PL_ppaddr|5.006000||p PL_rpeepp||5.013005|n -PL_rsfp_filters|5.021008||p -PL_rsfp|5.021008||p +PL_rsfp_filters|5.024000||p +PL_rsfp|5.024000||p PL_rs|||n PL_signals|5.008001||p PL_stack_base|5.004050||p @@ -738,8 +746,8 @@ PL_sv_undef|5.004050||pn PL_sv_yes|5.004050||pn PL_tainted|5.004050||p PL_tainting|5.004050||p -PL_tokenbuf|5.021008||p -POP_MULTICALL||5.021008| +PL_tokenbuf|5.024000||p +POP_MULTICALL||5.024000| POPi|||n POPl|||n POPn|||n @@ -747,6 +755,8 @@ POPpbytex||5.007001|n POPpx||5.005030|n POPp|||n POPs|||n +POPul||5.006000|n +POPu||5.004000|n PTR2IV|5.006000||p PTR2NV|5.006000||p PTR2UV|5.006000||p @@ -754,7 +764,7 @@ PTR2nat|5.009003||p PTR2ul|5.007001||p PTRV|5.006000||p PUSHMARK||| -PUSH_MULTICALL||5.021008| +PUSH_MULTICALL||5.024000| PUSHi||| PUSHmortal|5.009002||p PUSHn||| @@ -762,29 +772,29 @@ PUSHp||| PUSHs||| PUSHu|5.004000||p PUTBACK||| -PadARRAY||5.021008| -PadMAX||5.021008| -PadlistARRAY||5.021008| -PadlistMAX||5.021008| -PadlistNAMESARRAY||5.021008| -PadlistNAMESMAX||5.021008| -PadlistNAMES||5.021008| +PadARRAY||5.024000| +PadMAX||5.024000| +PadlistARRAY||5.024000| +PadlistMAX||5.024000| +PadlistNAMESARRAY||5.024000| +PadlistNAMESMAX||5.024000| +PadlistNAMES||5.024000| PadlistREFCNT||5.017004| PadnameIsOUR||| PadnameIsSTATE||| -PadnameLEN||5.021008| +PadnameLEN||5.024000| PadnameOURSTASH||| PadnameOUTER||| -PadnamePV||5.021008| -PadnameREFCNT_dec||5.021008| -PadnameREFCNT||5.021008| -PadnameSV||5.021008| +PadnamePV||5.024000| +PadnameREFCNT_dec||5.024000| +PadnameREFCNT||5.024000| +PadnameSV||5.024000| PadnameTYPE||| PadnameUTF8||5.021007| -PadnamelistARRAY||5.021008| -PadnamelistMAX||5.021008| -PadnamelistREFCNT_dec||5.021008| -PadnamelistREFCNT||5.021008| +PadnamelistARRAY||5.024000| +PadnamelistMAX||5.024000| +PadnamelistREFCNT_dec||5.024000| +PadnamelistREFCNT||5.024000| PerlIO_clearerr||5.007003| PerlIO_close||5.007003| PerlIO_context_layers||5.009004| @@ -816,6 +826,7 @@ PoisonNew|5.009004||p PoisonWith|5.009004||p Poison|5.008000||p READ_XDIGIT||5.017006| +RESTORE_LC_NUMERIC||5.024000| RETVAL|||n Renewc||| Renew||| @@ -830,6 +841,8 @@ START_EXTERN_C|5.005000||p START_MY_CXT|5.007003||p STMT_END|||p STMT_START|||p +STORE_LC_NUMERIC_FORCE_TO_UNDERLYING||5.024000| +STORE_LC_NUMERIC_SET_TO_NEEDED||5.024000| STR_WITH_LEN|5.009003||p ST||| SV_CONST_RETURN|5.009003||p @@ -967,8 +980,8 @@ SvROK_on||| SvROK||| SvRV_set|5.009003||p SvRV||| -SvRXOK||5.009005| -SvRX||5.009005| +SvRXOK|5.009005||p +SvRX|5.009005||p SvSETMAGIC||| SvSHARED_HASH|5.009003||p SvSHARE||5.007003| @@ -1002,7 +1015,9 @@ SvVOK||5.008001| SvVSTRING_mg|5.009004||p THIS|||n UNDERBAR|5.009002||p +UTF8SKIP||5.006000| UTF8_MAXBYTES|5.009002||p +UVCHR_SKIP||5.022000| UVSIZE|5.006000||p UVTYPE|5.006000||p UVXf|5.007001||p @@ -1011,7 +1026,7 @@ UVuf|5.006000||p UVxf|5.006000||p WARN_ALL|5.006000||p WARN_AMBIGUOUS|5.006000||p -WARN_ASSERTIONS|5.021008||p +WARN_ASSERTIONS|5.024000||p WARN_BAREWORD|5.006000||p WARN_CLOSED|5.006000||p WARN_CLOSURE|5.006000||p @@ -1084,18 +1099,18 @@ XST_mPV||| XST_mUNDEF||| XST_mUV|5.008001||p XST_mYES||| -XS_APIVERSION_BOOTCHECK||5.021008| -XS_EXTERNAL||5.021008| -XS_INTERNAL||5.021008| -XS_VERSION_BOOTCHECK||5.021008| +XS_APIVERSION_BOOTCHECK||5.024000| +XS_EXTERNAL||5.024000| +XS_INTERNAL||5.024000| +XS_VERSION_BOOTCHECK||5.024000| XS_VERSION||| XSprePUSH|5.006000||p XS||| -XopDISABLE||5.021008| -XopENABLE||5.021008| -XopENTRYCUSTOM||5.021008| -XopENTRY_set||5.021008| -XopENTRY||5.021008| +XopDISABLE||5.024000| +XopENABLE||5.024000| +XopENTRYCUSTOM||5.024000| +XopENTRY_set||5.024000| +XopENTRY||5.024000| XopFLAGS||5.013007| ZeroD|5.009002||p Zero||| @@ -1106,9 +1121,9 @@ _core_swash_init||| _get_encoding||| _get_regclass_nonbitmap_data||| _get_swash_invlist||| +_invlistEQ||| _invlist_array_init|||n _invlist_contains_cp|||n -_invlist_contents||| _invlist_dump||| _invlist_intersection_maybe_complement_2nd||| _invlist_intersection||| @@ -1138,12 +1153,14 @@ _make_exactf_invlist||| _new_invlist_C_array||| _new_invlist||| _pMY_CXT|5.007003||p +_setlocale_debug_string|||n _setup_canned_invlist||| _swash_inversion_hash||| _swash_to_invlist||| _to_fold_latin1||| _to_uni_fold_flags||5.014000| _to_upper_title_latin1||| +_to_utf8_case||| _to_utf8_fold_flags||5.019009| _to_utf8_lower_flags||5.019009| _to_utf8_title_flags||5.019009| @@ -1151,17 +1168,17 @@ _to_utf8_upper_flags||5.019009| _warn_problematic_locale|||n aMY_CXT_|5.007003||p aMY_CXT|5.007003||p -aTHXR_|5.021008||p -aTHXR|5.021008||p +aTHXR_|5.024000||p +aTHXR|5.024000||p aTHX_|5.006000||p aTHX|5.006000||p -aassign_common_vars||| add_above_Latin1_folds||| add_cp_to_invlist||| add_data|||n add_multi_match||| add_utf16_textfilter||| adjust_size_and_find_bucket|||n +advance_one_LB||| advance_one_SB||| advance_one_WB||| alloc_maybe_populate_EXACT||| @@ -1209,6 +1226,7 @@ av_top_index||5.017009| av_undef||| av_unshift||| ax|||n +backup_one_LB||| backup_one_SB||| backup_one_WB||| bad_type_gv||| @@ -1225,6 +1243,7 @@ boot_core_mro||| bytes_cmp_utf8||5.013007| bytes_from_utf8||5.007001| bytes_to_utf8||5.006001| +cBOOL|5.013000||p call_argv|5.006000||p call_atexit||5.006000| call_list||5.004000| @@ -1253,6 +1272,7 @@ ck_warner||5.011001|v ckwarn_common||| ckwarn_d||5.009003| ckwarn||5.009003| +clear_defarray||5.023008| clear_placeholders||| clear_special_blocks||| clone_params_del|||n @@ -1280,14 +1300,13 @@ cophh_fetch_pvs||5.013007| cophh_fetch_pv||5.013007| cophh_fetch_sv||5.013007| cophh_free||5.013007| -cophh_new_empty||5.021008| +cophh_new_empty||5.024000| cophh_store_pvn||5.013007| cophh_store_pvs||5.013007| cophh_store_pv||5.013007| cophh_store_sv||5.013007| core_prototype||| coresub_op||| -could_it_be_a_POSIX_class|||n cr_textfilter||| create_eval_scope||| croak_memory_wrap||5.019003|n @@ -1324,6 +1343,24 @@ cvgv_set||| cvstash_set||| cx_dump||5.005000| cx_dup||| +cx_popblock||5.023008| +cx_popeval||5.023008| +cx_popformat||5.023008| +cx_popgiven||5.023008| +cx_poploop||5.023008| +cx_popsub_args||5.023008| +cx_popsub_common||5.023008| +cx_popsub||5.023008| +cx_popwhen||5.023008| +cx_pushblock||5.023008| +cx_pusheval||5.023008| +cx_pushformat||5.023008| +cx_pushgiven||5.023008| +cx_pushloop_for||5.023008| +cx_pushloop_plain||5.023008| +cx_pushsub||5.023008| +cx_pushwhen||5.023008| +cx_topblock||5.023008| cxinc||| dAXMARK|5.009003||p dAX|5.007002||p @@ -1336,7 +1373,7 @@ dNOOP|5.006000||p dORIGMARK||| dSP||| dTHR|5.004050||p -dTHXR|5.021008||p +dTHXR|5.024000||p dTHXa|5.006000||p dTHXoa|5.006000||p dTHX|5.006000||p @@ -1424,7 +1461,7 @@ do_vecget||| do_vecset||| do_vop||| docatch||| -doeval||| +doeval_compile||| dofile||| dofindlabel||| doform||| @@ -1433,7 +1470,7 @@ dooneliner||| doopen_pm||| doparseform||| dopoptoeval||| -dopoptogiven||| +dopoptogivenfor||| dopoptolabel||| dopoptoloop||| dopoptosub_at||| @@ -1443,6 +1480,10 @@ dounwind||| dowantarray||| drand48_init_r|||n drand48_r|||n +dtrace_probe_call||| +dtrace_probe_load||| +dtrace_probe_op||| +dtrace_probe_phase||| dump_all_perl||| dump_all||5.006000| dump_c_backtrace||| @@ -1462,6 +1503,7 @@ dump_trie||| dump_vindent||5.006000| dumpuntil||| dup_attrlist||| +edit_distance|||n emulate_cop_io||| eval_pv|5.006000||p eval_sv|5.006000||p @@ -1486,7 +1528,6 @@ find_in_my_stash||| find_lexical_cv||| find_runcv_where||| find_runcv||5.008001| -find_rundefsv2||| find_rundefsvoffset||5.009002| find_rundefsv||5.013002| find_script||| @@ -1525,7 +1566,7 @@ get_av|5.006000||p get_c_backtrace_dump||| get_c_backtrace||| get_context||5.006000|n -get_cvn_flags|5.009005||p +get_cvn_flags||| get_cvs|5.011000||p get_cv|5.006000||p get_db_sub||| @@ -1599,12 +1640,12 @@ gv_fetchmeth||| gv_fetchpvn_flags|5.009002||p gv_fetchpvs|5.009004||p gv_fetchpv||| -gv_fetchsv|5.009002||p +gv_fetchsv||| gv_fullname3||5.003070| gv_fullname4||5.006001| gv_fullname||| gv_handler||5.007001| -gv_init_pvn||5.015004| +gv_init_pvn||| gv_init_pv||5.015004| gv_init_svtype||| gv_init_sv||5.015004| @@ -1622,6 +1663,8 @@ gv_stashpv||| gv_stashsvpvn_cached||| gv_stashsv||| gv_try_downgrade||| +handle_named_backref||| +handle_possible_posix||| handle_regex_sets||| he_dup||| hek_dup||| @@ -1709,7 +1752,9 @@ intuit_method||| intuit_more||| invert||| invlist_array|||n +invlist_clear||| invlist_clone||| +invlist_contents||| invlist_extend||| invlist_highest|||n invlist_is_iterating|||n @@ -1718,6 +1763,7 @@ invlist_iterinit|||n invlist_iternext|||n invlist_max|||n invlist_previous_index|||n +invlist_replace_list_destroys_src||| invlist_set_len||| invlist_set_previous_index|||n invlist_trim|||n @@ -1735,10 +1781,10 @@ isFOO_lc||| isFOO_utf8_lc||| isGCB|||n isGRAPH|5.006000||p -isGV_with_GP|5.009004||p isIDCONT||5.017008| isIDFIRST_lazy||5.021001| isIDFIRST||| +isLB||| isLOWER||| isOCTAL||5.013005| isPRINT|5.004000||p @@ -1825,7 +1871,7 @@ jmaybe||| join_exact||| keyword_plugin_standard||| keyword||| -leave_common||| +leave_adjust_stacks||5.023008| leave_scope||| lex_bufutf8||5.011002| lex_discard_to||5.011002| @@ -1932,7 +1978,10 @@ memEQ|5.004000||p memNEs|5.009005||p memNE|5.004000||p mem_collxfrm||| +mem_log_alloc|||n mem_log_common|||n +mem_log_free|||n +mem_log_realloc|||n mess_alloc||| mess_nocontext|||vn mess_sv||5.013001| @@ -1981,7 +2030,7 @@ multideref_stringify||| my_atof2||5.007002| my_atof||5.006000| my_attrs||| -my_bcopy|||n +my_bcopy||5.004050|n my_bytes_to_utf8|||n my_bzero|||n my_chsize||| @@ -1996,7 +2045,7 @@ my_fflush_all||5.006000| my_fork||5.007003|n my_kid||| my_lstat_flags||| -my_lstat||5.021008| +my_lstat||5.024000| my_memcmp|||n my_memset|||n my_pclose||5.003070| @@ -2008,7 +2057,7 @@ my_snprintf|5.009004||pvn my_socketpair||5.007003|n my_sprintf|5.009003||pvn my_stat_flags||| -my_stat||5.021008| +my_stat||5.024000| my_strerror||5.021001| my_strftime||5.007002| my_strlcat|5.009004||pn @@ -2137,7 +2186,7 @@ op_linklist||5.013006| op_lvalue_flags||| op_lvalue||5.013007| op_null||5.007002| -op_parent||5.021002|n +op_parent|||n op_prepend_elem||5.013006| op_refcnt_dec||| op_refcnt_inc||| @@ -2155,6 +2204,7 @@ opmethod_stash||| opslab_force_free||| opslab_free_nopad||| opslab_free||| +output_or_return_posix_warnings||| pMY_CXT_|5.007003||p pMY_CXT|5.007003||p pTHX_|5.006000||p @@ -2254,6 +2304,8 @@ ptr_table_new||5.009005| ptr_table_split||5.009005| ptr_table_store||5.009005| push_scope||| +put_charclass_bitmap_innards_common||| +put_charclass_bitmap_innards_invlist||| put_charclass_bitmap_innards||| put_code_point||| put_range||| @@ -2268,14 +2320,17 @@ quadmath_format_single|||n re_compile||5.009005| re_croak2||| re_dup_guts||| +re_exec_indentf|||v +re_indentf|||v re_intuit_start||5.019001| re_intuit_string||5.006000| re_op_compile||| +re_printf|||v realloc||5.007002|n -reentrant_free||5.021008| -reentrant_init||5.021008| -reentrant_retry||5.021008|vn -reentrant_size||5.021008| +reentrant_free||5.024000| +reentrant_init||5.024000| +reentrant_retry||5.024000|vn +reentrant_size||5.024000| ref_array_or_hash||| refcounted_he_chain_2hv||| refcounted_he_fetch_pvn||| @@ -2291,7 +2346,7 @@ refcounted_he_new_sv||| refcounted_he_value||| refkids||| refto||| -ref||5.021008| +ref||5.024000| reg2Lanode||| reg_check_named_buff_matched|||n reg_named_buff_all||5.009005| @@ -2323,6 +2378,7 @@ regdump_extflags||| regdump_intflags||| regdump||5.005000| regdupe_internal||| +regex_set_precedence|||n regexec_flags||5.005000| regfree_internal||5.009005| reghop3|||n @@ -2334,9 +2390,7 @@ reginsert||| regmatch||| regnext||5.005000| regnode_guts||| -regpatws|||n regpiece||| -regpposixcc||| regprop||| regrepeat||| regtail_study||| @@ -2377,7 +2431,6 @@ save_I8||5.006000| save_adelete||5.011000| save_aelem_flags||5.011000| save_aelem||5.004050| -save_aliased_sv||| save_alloc||5.006000| save_aptr||| save_ary||| @@ -2434,6 +2487,7 @@ savesharedsvpv||5.013006| savestack_grow_cnt||5.008001| savestack_grow||| savesvpv||5.009002| +savetmps||5.023008| sawparens||| scalar_mod_type|||n scalarboolean||| @@ -2475,6 +2529,7 @@ should_warn_nl|||n si_dup||| sighandler|||n simplify_sort||| +skip_to_be_ignored_text||| skipspace_flags||| softref2xv||| sortcv_stacked||| @@ -2616,7 +2671,7 @@ sv_kill_backrefs||| sv_len_utf8_nomg||| sv_len_utf8||5.006000| sv_len||| -sv_magic_portable|5.021008|5.004000|p +sv_magic_portable|5.024000|5.004000|p sv_magicext_mglob||| sv_magicext||5.007003| sv_magic||| @@ -2653,8 +2708,7 @@ sv_pvutf8||5.006000| sv_pv||5.006000| sv_recode_to_utf8||5.007003| sv_reftype||| -sv_ref||| -sv_release_COW||| +sv_ref||5.015004| sv_replace||| sv_report_used||| sv_resetpvn||| @@ -2680,7 +2734,7 @@ sv_setpv||| sv_setref_iv||| sv_setref_nv||| sv_setref_pvn||| -sv_setref_pvs||5.021008| +sv_setref_pvs||5.024000| sv_setref_pv||| sv_setref_uv||5.007001| sv_setsv_cow||| @@ -2736,19 +2790,19 @@ taint_env||| taint_proper||| tied_method|||v tmps_grow_p||| -toFOLD_uni||5.007003| toFOLD_utf8||5.019001| +toFOLD_uvchr||5.023009| toFOLD||5.019001| toLOWER_L1||5.019001| toLOWER_LC||5.004000| -toLOWER_uni||5.007003| toLOWER_utf8||5.015007| +toLOWER_uvchr||5.023009| toLOWER||| -toTITLE_uni||5.007003| toTITLE_utf8||5.015007| +toTITLE_uvchr||5.023009| toTITLE||5.019001| -toUPPER_uni||5.007003| toUPPER_utf8||5.015007| +toUPPER_uvchr||5.023009| toUPPER||| to_byte_substr||| to_lower_latin1|||n @@ -4147,6 +4201,67 @@ __DATA__ #ifndef Newxz # define Newxz(v,n,t) Newz(0,v,n,t) #endif +#ifndef PERL_MAGIC_qr +# define PERL_MAGIC_qr 'r' +#endif +#ifndef cBOOL +# define cBOOL(cbool) ((cbool) ? (bool)1 : (bool)0) +#endif + +#ifndef OpHAS_SIBLING +# define OpHAS_SIBLING(o) (cBOOL((o)->op_sibling)) +#endif + +#ifndef OpSIBLING +# define OpSIBLING(o) (0 + (o)->op_sibling) +#endif + +#ifndef OpMORESIB_set +# define OpMORESIB_set(o, sib) ((o)->op_sibling = (sib)) +#endif + +#ifndef OpLASTSIB_set +# define OpLASTSIB_set(o, parent) ((o)->op_sibling = NULL) +#endif + +#ifndef OpMAYBESIB_set +# define OpMAYBESIB_set(o, sib, parent) ((o)->op_sibling = (sib)) +#endif + +#ifndef SvRX +#if defined(NEED_SvRX) +static void * DPPP_(my_SvRX)(pTHX_ SV *rv); +static +#else +extern void * DPPP_(my_SvRX)(pTHX_ SV *rv); +#endif + +#ifdef SvRX +# undef SvRX +#endif +#define SvRX(a) DPPP_(my_SvRX)(aTHX_ a) + +#if defined(NEED_SvRX) || defined(NEED_SvRX_GLOBAL) + +void * +DPPP_(my_SvRX)(pTHX_ SV *rv) +{ + if (SvROK(rv)) { + SV *sv = SvRV(rv); + if (SvMAGICAL(sv)) { + MAGIC *mg = mg_find(sv, PERL_MAGIC_qr); + if (mg && mg->mg_obj) { + return mg->mg_obj; + } + } + } + return 0; +} +#endif +#endif +#ifndef SvRXOK +# define SvRXOK(sv) (!!SvRX(sv)) +#endif #ifndef PERL_UNUSED_DECL # ifdef HASATTRIBUTE @@ -4180,6 +4295,14 @@ __DATA__ # define PERL_UNUSED_CONTEXT # endif #endif + +#ifndef PERL_UNUSED_RESULT +# if defined(__GNUC__) && defined(HASATTRIBUTE_WARN_UNUSED_RESULT) +# define PERL_UNUSED_RESULT(v) STMT_START { __typeof__(v) z = (v); (void)sizeof(z); } STMT_END +# else +# define PERL_UNUSED_RESULT(v) ((void)(v)) +# endif +#endif #ifndef NOOP # define NOOP /*EMPTY*/(void)0 #endif @@ -4513,6 +4636,13 @@ typedef OP* (CPERLscope(*Perl_check_t)) (pTHX_ OP*); (U32)HeKUTF8(he)) #endif +#endif +#ifndef C_ARRAY_LENGTH +# define C_ARRAY_LENGTH(a) (sizeof(a)/sizeof((a)[0])) +#endif + +#ifndef C_ARRAY_END +# define C_ARRAY_END(a) ((a) + C_ARRAY_LENGTH(a)) #endif #ifndef PERL_SIGNALS_UNSAFE_FLAG @@ -4634,7 +4764,7 @@ extern yy_parser DPPP_(dummy_PL_parser); /* PL_expect, PL_copline, PL_rsfp, PL_rsfp_filters, PL_linestr, PL_bufptr, PL_bufend, PL_lex_state, PL_lex_stuff, PL_tokenbuf depends on PL_parser */ /* Warning: PL_expect, PL_copline, PL_rsfp, PL_rsfp_filters, PL_linestr, PL_bufptr, PL_bufend, PL_lex_state, PL_lex_stuff, PL_tokenbuf * Do not use this variable unless you know exactly what you're - * doint. It is internal to the perl parser and may change or even + * doing. It is internal to the perl parser and may change or even * be removed in the future. As of perl 5.9.5, you have to check * for (PL_parser != NULL) for this variable to have any effect. * An always non-NULL PL_parser dummy is provided for earlier @@ -5836,6 +5966,33 @@ DPPP_(my_newSVpvn_share)(pTHX_ const char *src, I32 len, U32 hash) #ifndef HvNAMELEN_get # define HvNAMELEN_get(hv) (HvNAME_get(hv) ? (I32)strlen(HvNAME_get(hv)) : 0) #endif + +#ifndef gv_fetchpvn_flags +#if defined(NEED_gv_fetchpvn_flags) +static GV* DPPP_(my_gv_fetchpvn_flags)(pTHX_ const char* name, STRLEN len, int flags, int types); +static +#else +extern GV* DPPP_(my_gv_fetchpvn_flags)(pTHX_ const char* name, STRLEN len, int flags, int types); +#endif + +#ifdef gv_fetchpvn_flags +# undef gv_fetchpvn_flags +#endif +#define gv_fetchpvn_flags(a,b,c,d) DPPP_(my_gv_fetchpvn_flags)(aTHX_ a,b,c,d) +#define Perl_gv_fetchpvn_flags DPPP_(my_gv_fetchpvn_flags) + +#if defined(NEED_gv_fetchpvn_flags) || defined(NEED_gv_fetchpvn_flags_GLOBAL) + +GV* +DPPP_(my_gv_fetchpvn_flags)(pTHX_ const char* name, STRLEN len, int flags, int types) { + char *namepv = savepvn(name, len); + GV* stash = gv_fetchpv(namepv, TRUE, SVt_PVHV); + Safefree(namepv); + return stash; +} + +#endif +#endif #ifndef GvSVn # define GvSVn(gv) GvSV(gv) #endif @@ -5844,16 +6001,16 @@ DPPP_(my_newSVpvn_share)(pTHX_ const char *src, I32 len, U32 hash) # define isGV_with_GP(gv) isGV(gv) #endif -#ifndef gv_fetchpvn_flags -# define gv_fetchpvn_flags(name, len, flags, svt) gv_fetchpv(name, flags, svt) -#endif - #ifndef gv_fetchsv # define gv_fetchsv(name, flags, svt) gv_fetchpv(SvPV_nolen_const(name), flags, svt) #endif #ifndef get_cvn_flags # define get_cvn_flags(name, namelen, flags) get_cv(name, flags) #endif + +#ifndef gv_init_pvn +# define gv_init_pvn(gv, stash, ptr, len, flags) gv_init(gv, stash, ptr, len, flags & GV_ADDMULTI ? TRUE : FALSE) +#endif #ifndef WARN_ALL # define WARN_ALL 0 #endif @@ -6141,13 +6298,16 @@ DPPP_(my_warner)(U32 err, const char *pat, ...) # define HEf_SVKEY -2 #endif +#ifndef MUTABLE_PTR #if defined(__GNUC__) && !defined(PERL_GCC_BRACE_GROUPS_FORBIDDEN) # define MUTABLE_PTR(p) ({ void *_p = (p); _p; }) #else # define MUTABLE_PTR(p) ((void *) (p)) #endif - -#define MUTABLE_SV(p) ((SV *)MUTABLE_PTR(p)) +#endif +#ifndef MUTABLE_SV +# define MUTABLE_SV(p) ((SV *)MUTABLE_PTR(p)) +#endif /* end of random bits */ #ifndef PERL_MAGIC_sv diff --git a/src/Makefile b/src/Makefile index a4185a5..6775fa9 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,56 +1,59 @@ OBJS=ltc/ciphers/anubis.o ltc/ciphers/blowfish.o ltc/ciphers/camellia.o ltc/ciphers/cast5.o \ -ltc/ciphers/des.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o ltc/ciphers/multi2.o \ -ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o ltc/ciphers/skipjack.o \ -ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o \ -ltc/ciphers/twofish/twofish.o ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o \ -ltc/encauth/ccm/ccm_done.o ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o \ -ltc/encauth/ccm/ccm_process.o ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o \ -ltc/encauth/chachapoly/chacha20poly1305_decrypt.o ltc/encauth/chachapoly/chacha20poly1305_done.o \ -ltc/encauth/chachapoly/chacha20poly1305_encrypt.o ltc/encauth/chachapoly/chacha20poly1305_init.o \ -ltc/encauth/chachapoly/chacha20poly1305_memory.o ltc/encauth/chachapoly/chacha20poly1305_setiv.o \ -ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.o ltc/encauth/eax/eax_addheader.o \ -ltc/encauth/eax/eax_decrypt.o ltc/encauth/eax/eax_decrypt_verify_memory.o ltc/encauth/eax/eax_done.o \ -ltc/encauth/eax/eax_encrypt.o ltc/encauth/eax/eax_encrypt_authenticate_memory.o ltc/encauth/eax/eax_init.o \ -ltc/encauth/gcm/gcm_add_aad.o ltc/encauth/gcm/gcm_add_iv.o ltc/encauth/gcm/gcm_done.o \ -ltc/encauth/gcm/gcm_gf_mult.o ltc/encauth/gcm/gcm_init.o ltc/encauth/gcm/gcm_memory.o \ -ltc/encauth/gcm/gcm_mult_h.o ltc/encauth/gcm/gcm_process.o ltc/encauth/gcm/gcm_reset.o \ -ltc/encauth/ocb3/ocb3_add_aad.o ltc/encauth/ocb3/ocb3_decrypt.o ltc/encauth/ocb3/ocb3_decrypt_last.o \ -ltc/encauth/ocb3/ocb3_decrypt_verify_memory.o ltc/encauth/ocb3/ocb3_done.o ltc/encauth/ocb3/ocb3_encrypt.o \ -ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.o ltc/encauth/ocb3/ocb3_encrypt_last.o \ -ltc/encauth/ocb3/ocb3_init.o ltc/encauth/ocb3/ocb3_int_aad_add_block.o ltc/encauth/ocb3/ocb3_int_calc_offset_zero.o \ -ltc/encauth/ocb3/ocb3_int_ntz.o ltc/encauth/ocb3/ocb3_int_xor_blocks.o ltc/hashes/blake2b.o \ -ltc/hashes/blake2s.o ltc/hashes/md2.o ltc/hashes/md4.o ltc/hashes/md5.o ltc/hashes/rmd128.o \ -ltc/hashes/rmd160.o ltc/hashes/rmd256.o ltc/hashes/rmd320.o ltc/hashes/sha1.o ltc/hashes/sha3.o \ -ltc/hashes/sha3_test.o ltc/hashes/tiger.o ltc/hashes/chc/chc.o ltc/hashes/helper/hash_file.o \ -ltc/hashes/helper/hash_filehandle.o ltc/hashes/helper/hash_memory.o ltc/hashes/helper/hash_memory_multi.o \ -ltc/hashes/sha2/sha224.o ltc/hashes/sha2/sha256.o ltc/hashes/sha2/sha384.o ltc/hashes/sha2/sha512.o \ -ltc/hashes/sha2/sha512_224.o ltc/hashes/sha2/sha512_256.o ltc/hashes/whirl/whirl.o \ -ltc/mac/blake2/blake2bmac.o ltc/mac/blake2/blake2bmac_file.o ltc/mac/blake2/blake2bmac_memory.o \ -ltc/mac/blake2/blake2bmac_memory_multi.o ltc/mac/blake2/blake2smac.o ltc/mac/blake2/blake2smac_file.o \ -ltc/mac/blake2/blake2smac_memory.o ltc/mac/blake2/blake2smac_memory_multi.o ltc/mac/f9/f9_done.o \ -ltc/mac/f9/f9_file.o ltc/mac/f9/f9_init.o ltc/mac/f9/f9_memory.o ltc/mac/f9/f9_memory_multi.o \ -ltc/mac/f9/f9_process.o ltc/mac/hmac/hmac_done.o ltc/mac/hmac/hmac_file.o ltc/mac/hmac/hmac_init.o \ -ltc/mac/hmac/hmac_memory.o ltc/mac/hmac/hmac_memory_multi.o ltc/mac/hmac/hmac_process.o \ -ltc/mac/omac/omac_done.o ltc/mac/omac/omac_file.o ltc/mac/omac/omac_init.o ltc/mac/omac/omac_memory.o \ -ltc/mac/omac/omac_memory_multi.o ltc/mac/omac/omac_process.o ltc/mac/pelican/pelican.o \ -ltc/mac/pelican/pelican_memory.o ltc/mac/pmac/pmac_done.o ltc/mac/pmac/pmac_file.o \ -ltc/mac/pmac/pmac_init.o ltc/mac/pmac/pmac_memory.o ltc/mac/pmac/pmac_memory_multi.o \ -ltc/mac/pmac/pmac_ntz.o ltc/mac/pmac/pmac_process.o ltc/mac/pmac/pmac_shift_xor.o \ -ltc/mac/poly1305/poly1305.o ltc/mac/poly1305/poly1305_file.o ltc/mac/poly1305/poly1305_memory.o \ -ltc/mac/poly1305/poly1305_memory_multi.o ltc/mac/xcbc/xcbc_done.o ltc/mac/xcbc/xcbc_file.o \ -ltc/mac/xcbc/xcbc_init.o ltc/mac/xcbc/xcbc_memory.o ltc/mac/xcbc/xcbc_memory_multi.o \ -ltc/mac/xcbc/xcbc_process.o ltc/math/ltm_desc.o ltc/math/multi.o ltc/math/rand_bn.o \ -ltc/math/rand_prime.o ltc/math/tfm_desc.o ltc/math/fp/ltc_ecc_fp_mulmod.o ltc/misc/adler32.o \ -ltc/misc/burn_stack.o ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o \ -ltc/misc/pk_get_oid.o ltc/misc/zeromem.o ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o \ -ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ -ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o \ +ltc/ciphers/des.o ltc/ciphers/idea.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o \ +ltc/ciphers/multi2.o ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o \ +ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o \ +ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ +ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o ltc/encauth/ccm/ccm_done.o \ +ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o ltc/encauth/ccm/ccm_process.o \ +ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o ltc/encauth/chachapoly/chacha20poly1305_decrypt.o \ +ltc/encauth/chachapoly/chacha20poly1305_done.o ltc/encauth/chachapoly/chacha20poly1305_encrypt.o \ +ltc/encauth/chachapoly/chacha20poly1305_init.o ltc/encauth/chachapoly/chacha20poly1305_memory.o \ +ltc/encauth/chachapoly/chacha20poly1305_setiv.o ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.o \ +ltc/encauth/eax/eax_addheader.o ltc/encauth/eax/eax_decrypt.o ltc/encauth/eax/eax_decrypt_verify_memory.o \ +ltc/encauth/eax/eax_done.o ltc/encauth/eax/eax_encrypt.o ltc/encauth/eax/eax_encrypt_authenticate_memory.o \ +ltc/encauth/eax/eax_init.o ltc/encauth/gcm/gcm_add_aad.o ltc/encauth/gcm/gcm_add_iv.o \ +ltc/encauth/gcm/gcm_done.o ltc/encauth/gcm/gcm_gf_mult.o ltc/encauth/gcm/gcm_init.o \ +ltc/encauth/gcm/gcm_memory.o ltc/encauth/gcm/gcm_mult_h.o ltc/encauth/gcm/gcm_process.o \ +ltc/encauth/gcm/gcm_reset.o ltc/encauth/ocb3/ocb3_add_aad.o ltc/encauth/ocb3/ocb3_decrypt.o \ +ltc/encauth/ocb3/ocb3_decrypt_last.o ltc/encauth/ocb3/ocb3_decrypt_verify_memory.o \ +ltc/encauth/ocb3/ocb3_done.o ltc/encauth/ocb3/ocb3_encrypt.o ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.o \ +ltc/encauth/ocb3/ocb3_encrypt_last.o ltc/encauth/ocb3/ocb3_init.o ltc/encauth/ocb3/ocb3_int_ntz.o \ +ltc/encauth/ocb3/ocb3_int_xor_blocks.o ltc/hashes/blake2b.o ltc/hashes/blake2s.o \ +ltc/hashes/md2.o ltc/hashes/md4.o ltc/hashes/md5.o ltc/hashes/rmd128.o ltc/hashes/rmd160.o \ +ltc/hashes/rmd256.o ltc/hashes/rmd320.o ltc/hashes/sha1.o ltc/hashes/sha3.o ltc/hashes/sha3_test.o \ +ltc/hashes/tiger.o ltc/hashes/chc/chc.o ltc/hashes/helper/hash_file.o ltc/hashes/helper/hash_filehandle.o \ +ltc/hashes/helper/hash_memory.o ltc/hashes/helper/hash_memory_multi.o ltc/hashes/sha2/sha224.o \ +ltc/hashes/sha2/sha256.o ltc/hashes/sha2/sha384.o ltc/hashes/sha2/sha512.o ltc/hashes/sha2/sha512_224.o \ +ltc/hashes/sha2/sha512_256.o ltc/hashes/whirl/whirl.o ltc/mac/blake2/blake2bmac.o \ +ltc/mac/blake2/blake2bmac_file.o ltc/mac/blake2/blake2bmac_memory.o ltc/mac/blake2/blake2bmac_memory_multi.o \ +ltc/mac/blake2/blake2smac.o ltc/mac/blake2/blake2smac_file.o ltc/mac/blake2/blake2smac_memory.o \ +ltc/mac/blake2/blake2smac_memory_multi.o ltc/mac/f9/f9_done.o ltc/mac/f9/f9_file.o \ +ltc/mac/f9/f9_init.o ltc/mac/f9/f9_memory.o ltc/mac/f9/f9_memory_multi.o ltc/mac/f9/f9_process.o \ +ltc/mac/hmac/hmac_done.o ltc/mac/hmac/hmac_file.o ltc/mac/hmac/hmac_init.o ltc/mac/hmac/hmac_memory.o \ +ltc/mac/hmac/hmac_memory_multi.o ltc/mac/hmac/hmac_process.o ltc/mac/omac/omac_done.o \ +ltc/mac/omac/omac_file.o ltc/mac/omac/omac_init.o ltc/mac/omac/omac_memory.o ltc/mac/omac/omac_memory_multi.o \ +ltc/mac/omac/omac_process.o ltc/mac/pelican/pelican.o ltc/mac/pelican/pelican_memory.o \ +ltc/mac/pmac/pmac_done.o ltc/mac/pmac/pmac_file.o ltc/mac/pmac/pmac_init.o ltc/mac/pmac/pmac_memory.o \ +ltc/mac/pmac/pmac_memory_multi.o ltc/mac/pmac/pmac_ntz.o ltc/mac/pmac/pmac_process.o \ +ltc/mac/pmac/pmac_shift_xor.o ltc/mac/poly1305/poly1305.o ltc/mac/poly1305/poly1305_file.o \ +ltc/mac/poly1305/poly1305_memory.o ltc/mac/poly1305/poly1305_memory_multi.o ltc/mac/xcbc/xcbc_done.o \ +ltc/mac/xcbc/xcbc_file.o ltc/mac/xcbc/xcbc_init.o ltc/mac/xcbc/xcbc_memory.o ltc/mac/xcbc/xcbc_memory_multi.o \ +ltc/mac/xcbc/xcbc_process.o ltc/math/ltm_desc.o ltc/math/multi.o ltc/math/radix_to_bin.o \ +ltc/math/rand_bn.o ltc/math/rand_prime.o ltc/math/tfm_desc.o ltc/math/fp/ltc_ecc_fp_mulmod.o \ +ltc/misc/adler32.o ltc/misc/burn_stack.o ltc/misc/compare_testvector.o ltc/misc/copy_or_zeromem.o \ +ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/pk_get_oid.o \ +ltc/misc/zeromem.o ltc/misc/base32/base32_decode.o ltc/misc/base32/base32_encode.o \ +ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o ltc/misc/crypt/crypt.o \ +ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o ltc/misc/crypt/crypt_cipher_is_valid.o \ +ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o \ ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o ltc/misc/crypt/crypt_find_hash_any.o \ ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o ltc/misc/crypt/crypt_find_prng.o \ ltc/misc/crypt/crypt_fsa.o ltc/misc/crypt/crypt_hash_descriptor.o ltc/misc/crypt/crypt_hash_is_valid.o \ ltc/misc/crypt/crypt_inits.o ltc/misc/crypt/crypt_ltc_mp_descriptor.o ltc/misc/crypt/crypt_prng_descriptor.o \ -ltc/misc/crypt/crypt_prng_is_valid.o ltc/misc/crypt/crypt_register_cipher.o ltc/misc/crypt/crypt_register_hash.o \ -ltc/misc/crypt/crypt_register_prng.o ltc/misc/crypt/crypt_unregister_cipher.o ltc/misc/crypt/crypt_unregister_hash.o \ +ltc/misc/crypt/crypt_prng_is_valid.o ltc/misc/crypt/crypt_prng_rng_descriptor.o ltc/misc/crypt/crypt_register_all_ciphers.o \ +ltc/misc/crypt/crypt_register_all_hashes.o ltc/misc/crypt/crypt_register_all_prngs.o \ +ltc/misc/crypt/crypt_register_cipher.o ltc/misc/crypt/crypt_register_hash.o ltc/misc/crypt/crypt_register_prng.o \ +ltc/misc/crypt/crypt_sizes.o ltc/misc/crypt/crypt_unregister_cipher.o ltc/misc/crypt/crypt_unregister_hash.o \ ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/pkcs5/pkcs_5_1.o \ ltc/misc/pkcs5/pkcs_5_2.o ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o ltc/modes/cfb/cfb_decrypt.o \ @@ -63,7 +66,12 @@ ltc/modes/ofb/ofb_start.o ltc/pk/asn1/der/bit/der_decode_bit_string.o ltc/pk/asn ltc/pk/asn1/der/bit/der_encode_bit_string.o ltc/pk/asn1/der/bit/der_encode_raw_bit_string.o \ ltc/pk/asn1/der/bit/der_length_bit_string.o ltc/pk/asn1/der/boolean/der_decode_boolean.o \ ltc/pk/asn1/der/boolean/der_encode_boolean.o ltc/pk/asn1/der/boolean/der_length_boolean.o \ -ltc/pk/asn1/der/choice/der_decode_choice.o ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.o \ +ltc/pk/asn1/der/choice/der_decode_choice.o ltc/pk/asn1/der/custom_type/der_decode_custom_type.o \ +ltc/pk/asn1/der/custom_type/der_encode_custom_type.o ltc/pk/asn1/der/custom_type/der_length_custom_type.o \ +ltc/pk/asn1/der/general/der_asn1_maps.o ltc/pk/asn1/der/general/der_decode_asn1_identifier.o \ +ltc/pk/asn1/der/general/der_decode_asn1_length.o ltc/pk/asn1/der/general/der_encode_asn1_identifier.o \ +ltc/pk/asn1/der/general/der_encode_asn1_length.o ltc/pk/asn1/der/general/der_length_asn1_identifier.o \ +ltc/pk/asn1/der/general/der_length_asn1_length.o ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.o \ ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.o ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.o \ ltc/pk/asn1/der/ia5/der_decode_ia5_string.o ltc/pk/asn1/der/ia5/der_encode_ia5_string.o \ ltc/pk/asn1/der/ia5/der_length_ia5_string.o ltc/pk/asn1/der/integer/der_decode_integer.o \ @@ -74,53 +82,57 @@ ltc/pk/asn1/der/octet/der_encode_octet_string.o ltc/pk/asn1/der/octet/der_length ltc/pk/asn1/der/printable_string/der_decode_printable_string.o ltc/pk/asn1/der/printable_string/der_encode_printable_string.o \ ltc/pk/asn1/der/printable_string/der_length_printable_string.o ltc/pk/asn1/der/sequence/der_decode_sequence_ex.o \ ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.o ltc/pk/asn1/der/sequence/der_decode_sequence_multi.o \ -ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.o ltc/pk/asn1/der/sequence/der_encode_sequence_ex.o \ -ltc/pk/asn1/der/sequence/der_encode_sequence_multi.o ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \ +ltc/pk/asn1/der/sequence/der_encode_sequence_ex.o ltc/pk/asn1/der/sequence/der_encode_sequence_multi.o \ ltc/pk/asn1/der/sequence/der_length_sequence.o ltc/pk/asn1/der/sequence/der_sequence_free.o \ -ltc/pk/asn1/der/set/der_encode_set.o ltc/pk/asn1/der/set/der_encode_setof.o ltc/pk/asn1/der/short_integer/der_decode_short_integer.o \ +ltc/pk/asn1/der/sequence/der_sequence_shrink.o ltc/pk/asn1/der/set/der_encode_set.o \ +ltc/pk/asn1/der/set/der_encode_setof.o ltc/pk/asn1/der/short_integer/der_decode_short_integer.o \ ltc/pk/asn1/der/short_integer/der_encode_short_integer.o ltc/pk/asn1/der/short_integer/der_length_short_integer.o \ ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.o ltc/pk/asn1/der/teletex_string/der_length_teletex_string.o \ ltc/pk/asn1/der/utctime/der_decode_utctime.o ltc/pk/asn1/der/utctime/der_encode_utctime.o \ ltc/pk/asn1/der/utctime/der_length_utctime.o ltc/pk/asn1/der/utf8/der_decode_utf8_string.o \ ltc/pk/asn1/der/utf8/der_encode_utf8_string.o ltc/pk/asn1/der/utf8/der_length_utf8_string.o \ -ltc/pk/dh/dh.o ltc/pk/dh/dh_static.o ltc/pk/dh/dh_sys.o ltc/pk/dsa/dsa_decrypt_key.o \ -ltc/pk/dsa/dsa_encrypt_key.o ltc/pk/dsa/dsa_export.o ltc/pk/dsa/dsa_free.o ltc/pk/dsa/dsa_import.o \ -ltc/pk/dsa/dsa_import_radix.o ltc/pk/dsa/dsa_make_key.o ltc/pk/dsa/dsa_shared_secret.o \ -ltc/pk/dsa/dsa_sign_hash.o ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o \ -ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o ltc/pk/ecc/ecc_ansi_x963_import.o \ -ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_dp_clear.o ltc/pk/ecc/ecc_dp_fill_from_sets.o \ -ltc/pk/ecc/ecc_dp_from_oid.o ltc/pk/ecc/ecc_dp_from_params.o ltc/pk/ecc/ecc_dp_init.o \ -ltc/pk/ecc/ecc_dp_set.o ltc/pk/ecc/ecc_encrypt_key.o ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_full.o \ -ltc/pk/ecc/ecc_export_raw.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o \ -ltc/pk/ecc/ecc_import_full.o ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_raw.o \ -ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o \ -ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ecc_verify_key.o ltc/pk/ecc/ltc_ecc_export_point.o \ -ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \ -ltc/pk/ecc/ltc_ecc_is_valid_idx.o ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o \ -ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o \ -ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ -ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o \ -ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \ -ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \ -ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \ -ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o \ -ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_radix.o ltc/pk/rsa/rsa_import_x509.o \ -ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ +ltc/pk/asn1/x509/x509_decode_subject_public_key_info.o ltc/pk/asn1/x509/x509_encode_subject_public_key_info.o \ +ltc/pk/dh/dh.o ltc/pk/dh/dh_check_pubkey.o ltc/pk/dh/dh_export.o ltc/pk/dh/dh_export_key.o \ +ltc/pk/dh/dh_free.o ltc/pk/dh/dh_generate_key.o ltc/pk/dh/dh_import.o ltc/pk/dh/dh_set.o \ +ltc/pk/dh/dh_set_pg_dhparam.o ltc/pk/dh/dh_shared_secret.o ltc/pk/dsa/dsa_decrypt_key.o \ +ltc/pk/dsa/dsa_encrypt_key.o ltc/pk/dsa/dsa_export.o ltc/pk/dsa/dsa_free.o ltc/pk/dsa/dsa_generate_key.o \ +ltc/pk/dsa/dsa_generate_pqg.o ltc/pk/dsa/dsa_import.o ltc/pk/dsa/dsa_make_key.o ltc/pk/dsa/dsa_set.o \ +ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \ +ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \ +ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \ +ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o \ +ltc/pk/ecc/ecc_get_set.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ +ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \ +ltc/pk/ecc/ecc_set_dp.o ltc/pk/ecc/ecc_set_dp_internal.o ltc/pk/ecc/ecc_set_key.o \ +ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \ +ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o ltc/pk/ecc/ltc_ecc_import_point.o \ +ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o ltc/pk/ecc/ltc_ecc_map.o \ +ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o \ +ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ +ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o \ +ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o \ +ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o \ +ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o \ +ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o \ +ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \ +ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ ltc/pk/rsa/rsa_verify_hash.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \ ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \ -ltc/stream/chacha/chacha_setup.o ltc/stream/rc4/rc4.o ltc/stream/sober128/sober128.o \ -ltm/bncore.o ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o \ -ltm/bn_fast_s_mp_mul_digs.o ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o \ -ltm/bn_mp_2expt.o ltm/bn_mp_abs.o ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o \ -ltm/bn_mp_and.o ltm/bn_mp_clamp.o ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o \ -ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o ltm/bn_mp_cnt_lsb.o ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o \ -ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o \ -ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o \ -ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o ltm/bn_mp_expt_d.o \ -ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o ltm/bn_mp_fwrite.o \ -ltm/bn_mp_gcd.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o ltm/bn_mp_get_long_long.o \ +ltc/stream/chacha/chacha_setup.o ltc/stream/rabbit/rabbit.o ltc/stream/rc4/rc4_stream.o \ +ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o ltc/stream/salsa20/salsa20_ivctr64.o \ +ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_setup.o ltc/stream/sober128/sober128_stream.o \ +ltc/stream/sosemanuk/sosemanuk.o ltm/bncore.o ltm/bn_error.o ltm/bn_fast_mp_invmod.o \ +ltm/bn_fast_mp_montgomery_reduce.o ltm/bn_fast_s_mp_mul_digs.o ltm/bn_fast_s_mp_mul_high_digs.o \ +ltm/bn_fast_s_mp_sqr.o ltm/bn_mp_2expt.o ltm/bn_mp_abs.o ltm/bn_mp_add.o ltm/bn_mp_addmod.o \ +ltm/bn_mp_add_d.o ltm/bn_mp_and.o ltm/bn_mp_clamp.o ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o \ +ltm/bn_mp_cmp.o ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o ltm/bn_mp_cnt_lsb.o ltm/bn_mp_copy.o \ +ltm/bn_mp_count_bits.o ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o ltm/bn_mp_div_3.o \ +ltm/bn_mp_div_d.o ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o ltm/bn_mp_dr_setup.o \ +ltm/bn_mp_exch.o ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o \ +ltm/bn_mp_expt_d.o ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o \ +ltm/bn_mp_fwrite.o ltm/bn_mp_gcd.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o ltm/bn_mp_get_long_long.o \ ltm/bn_mp_grow.o ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \ ltm/bn_mp_init_set.o ltm/bn_mp_init_set_int.o ltm/bn_mp_init_size.o ltm/bn_mp_invmod.o \ ltm/bn_mp_invmod_slow.o ltm/bn_mp_is_square.o ltm/bn_mp_jacobi.o ltm/bn_mp_karatsuba_mul.o \ @@ -162,4 +174,4 @@ clean: .SUFFIXES: .o .c .c$(OBJ_EXT): - $(CC) $(CFLAGS) -c $< -o $@ + $(CC) -Iltm -Iltc/headers -DLTC_SOURCE -DLTC_NO_TEST -DLTC_NO_PROTOTYPES -DLTM_DESC $(CFLAGS) -c $< -o $@ diff --git a/src/Makefile.nmake b/src/Makefile.nmake index bf4abb5..3bef06e 100644 --- a/src/Makefile.nmake +++ b/src/Makefile.nmake @@ -1,11 +1,11 @@ OBJS=ltc/ciphers/anubis.obj ltc/ciphers/blowfish.obj ltc/ciphers/camellia.obj ltc/ciphers/cast5.obj \ -ltc/ciphers/des.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj ltc/ciphers/kseed.obj \ -ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj ltc/ciphers/rc5.obj \ -ltc/ciphers/rc6.obj ltc/ciphers/skipjack.obj ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj \ -ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj ltc/ciphers/twofish/twofish.obj \ -ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj ltc/encauth/ccm/ccm_done.obj \ -ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj ltc/encauth/ccm/ccm_process.obj \ -ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \ +ltc/ciphers/des.obj ltc/ciphers/idea.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj \ +ltc/ciphers/kseed.obj ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj \ +ltc/ciphers/rc5.obj ltc/ciphers/rc6.obj ltc/ciphers/serpent.obj ltc/ciphers/skipjack.obj \ +ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj \ +ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj \ +ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj \ +ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \ ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj ltc/encauth/chachapoly/chacha20poly1305_done.obj \ ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj ltc/encauth/chachapoly/chacha20poly1305_init.obj \ ltc/encauth/chachapoly/chacha20poly1305_memory.obj ltc/encauth/chachapoly/chacha20poly1305_setiv.obj \ @@ -18,8 +18,7 @@ ltc/encauth/gcm/gcm_memory.obj ltc/encauth/gcm/gcm_mult_h.obj ltc/encauth/gcm/gc ltc/encauth/gcm/gcm_reset.obj ltc/encauth/ocb3/ocb3_add_aad.obj ltc/encauth/ocb3/ocb3_decrypt.obj \ ltc/encauth/ocb3/ocb3_decrypt_last.obj ltc/encauth/ocb3/ocb3_decrypt_verify_memory.obj \ ltc/encauth/ocb3/ocb3_done.obj ltc/encauth/ocb3/ocb3_encrypt.obj ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.obj \ -ltc/encauth/ocb3/ocb3_encrypt_last.obj ltc/encauth/ocb3/ocb3_init.obj ltc/encauth/ocb3/ocb3_int_aad_add_block.obj \ -ltc/encauth/ocb3/ocb3_int_calc_offset_zero.obj ltc/encauth/ocb3/ocb3_int_ntz.obj \ +ltc/encauth/ocb3/ocb3_encrypt_last.obj ltc/encauth/ocb3/ocb3_init.obj ltc/encauth/ocb3/ocb3_int_ntz.obj \ ltc/encauth/ocb3/ocb3_int_xor_blocks.obj ltc/hashes/blake2b.obj ltc/hashes/blake2s.obj \ ltc/hashes/md2.obj ltc/hashes/md4.obj ltc/hashes/md5.obj ltc/hashes/rmd128.obj ltc/hashes/rmd160.obj \ ltc/hashes/rmd256.obj ltc/hashes/rmd320.obj ltc/hashes/sha1.obj ltc/hashes/sha3.obj \ @@ -42,98 +41,112 @@ ltc/mac/pmac/pmac_ntz.obj ltc/mac/pmac/pmac_process.obj ltc/mac/pmac/pmac_shift_ ltc/mac/poly1305/poly1305.obj ltc/mac/poly1305/poly1305_file.obj ltc/mac/poly1305/poly1305_memory.obj \ ltc/mac/poly1305/poly1305_memory_multi.obj ltc/mac/xcbc/xcbc_done.obj ltc/mac/xcbc/xcbc_file.obj \ ltc/mac/xcbc/xcbc_init.obj ltc/mac/xcbc/xcbc_memory.obj ltc/mac/xcbc/xcbc_memory_multi.obj \ -ltc/mac/xcbc/xcbc_process.obj ltc/math/ltm_desc.obj ltc/math/multi.obj ltc/math/rand_bn.obj \ -ltc/math/rand_prime.obj ltc/math/tfm_desc.obj ltc/math/fp/ltc_ecc_fp_mulmod.obj ltc/misc/adler32.obj \ -ltc/misc/burn_stack.obj ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj \ -ltc/misc/pk_get_oid.obj ltc/misc/zeromem.obj ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj \ -ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj \ -ltc/misc/crypt/crypt_cipher_is_valid.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ +ltc/mac/xcbc/xcbc_process.obj ltc/math/ltm_desc.obj ltc/math/multi.obj ltc/math/radix_to_bin.obj \ +ltc/math/rand_bn.obj ltc/math/rand_prime.obj ltc/math/tfm_desc.obj ltc/math/fp/ltc_ecc_fp_mulmod.obj \ +ltc/misc/adler32.obj ltc/misc/burn_stack.obj ltc/misc/compare_testvector.obj ltc/misc/copy_or_zeromem.obj \ +ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/pk_get_oid.obj \ +ltc/misc/zeromem.obj ltc/misc/base32/base32_decode.obj ltc/misc/base32/base32_encode.obj \ +ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj ltc/misc/crypt/crypt.obj \ +ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ +ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ ltc/misc/crypt/crypt_fsa.obj ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj \ ltc/misc/crypt/crypt_inits.obj ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ -ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_register_cipher.obj ltc/misc/crypt/crypt_register_hash.obj \ -ltc/misc/crypt/crypt_register_prng.obj ltc/misc/crypt/crypt_unregister_cipher.obj \ -ltc/misc/crypt/crypt_unregister_hash.obj ltc/misc/crypt/crypt_unregister_prng.obj \ -ltc/misc/hkdf/hkdf.obj ltc/misc/pkcs5/pkcs_5_1.obj ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj \ -ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj \ -ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj \ -ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj \ -ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj \ -ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj \ -ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj \ -ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj \ -ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj \ -ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj \ -ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \ -ltc/pk/asn1/der/bit/der_encode_bit_string.obj ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj \ -ltc/pk/asn1/der/bit/der_length_bit_string.obj ltc/pk/asn1/der/boolean/der_decode_boolean.obj \ -ltc/pk/asn1/der/boolean/der_encode_boolean.obj ltc/pk/asn1/der/boolean/der_length_boolean.obj \ -ltc/pk/asn1/der/choice/der_decode_choice.obj ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj \ -ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj \ -ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj \ -ltc/pk/asn1/der/ia5/der_length_ia5_string.obj ltc/pk/asn1/der/integer/der_decode_integer.obj \ -ltc/pk/asn1/der/integer/der_encode_integer.obj ltc/pk/asn1/der/integer/der_length_integer.obj \ -ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \ -ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj ltc/pk/asn1/der/octet/der_decode_octet_string.obj \ -ltc/pk/asn1/der/octet/der_encode_octet_string.obj ltc/pk/asn1/der/octet/der_length_octet_string.obj \ -ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj \ -ltc/pk/asn1/der/printable_string/der_length_printable_string.obj ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj \ -ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj \ -ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.obj ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj \ -ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.obj \ -ltc/pk/asn1/der/sequence/der_length_sequence.obj ltc/pk/asn1/der/sequence/der_sequence_free.obj \ +ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_prng_rng_descriptor.obj \ +ltc/misc/crypt/crypt_register_all_ciphers.obj ltc/misc/crypt/crypt_register_all_hashes.obj \ +ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ +ltc/misc/crypt/crypt_register_hash.obj ltc/misc/crypt/crypt_register_prng.obj ltc/misc/crypt/crypt_sizes.obj \ +ltc/misc/crypt/crypt_unregister_cipher.obj ltc/misc/crypt/crypt_unregister_hash.obj \ +ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/pkcs5/pkcs_5_1.obj \ +ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj \ +ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj \ +ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj \ +ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj \ +ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj \ +ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj \ +ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj \ +ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj \ +ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj \ +ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj \ +ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_encode_bit_string.obj \ +ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_length_bit_string.obj \ +ltc/pk/asn1/der/boolean/der_decode_boolean.obj ltc/pk/asn1/der/boolean/der_encode_boolean.obj \ +ltc/pk/asn1/der/boolean/der_length_boolean.obj ltc/pk/asn1/der/choice/der_decode_choice.obj \ +ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj \ +ltc/pk/asn1/der/custom_type/der_length_custom_type.obj ltc/pk/asn1/der/general/der_asn1_maps.obj \ +ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj ltc/pk/asn1/der/general/der_decode_asn1_length.obj \ +ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj ltc/pk/asn1/der/general/der_encode_asn1_length.obj \ +ltc/pk/asn1/der/general/der_length_asn1_identifier.obj ltc/pk/asn1/der/general/der_length_asn1_length.obj \ +ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj \ +ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj \ +ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj ltc/pk/asn1/der/ia5/der_length_ia5_string.obj \ +ltc/pk/asn1/der/integer/der_decode_integer.obj ltc/pk/asn1/der/integer/der_encode_integer.obj \ +ltc/pk/asn1/der/integer/der_length_integer.obj ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \ +ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj \ +ltc/pk/asn1/der/octet/der_decode_octet_string.obj ltc/pk/asn1/der/octet/der_encode_octet_string.obj \ +ltc/pk/asn1/der/octet/der_length_octet_string.obj ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj \ +ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj ltc/pk/asn1/der/printable_string/der_length_printable_string.obj \ +ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj \ +ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj \ +ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_length_sequence.obj \ +ltc/pk/asn1/der/sequence/der_sequence_free.obj ltc/pk/asn1/der/sequence/der_sequence_shrink.obj \ ltc/pk/asn1/der/set/der_encode_set.obj ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ ltc/pk/asn1/der/short_integer/der_encode_short_integer.obj ltc/pk/asn1/der/short_integer/der_length_short_integer.obj \ ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.obj ltc/pk/asn1/der/teletex_string/der_length_teletex_string.obj \ ltc/pk/asn1/der/utctime/der_decode_utctime.obj ltc/pk/asn1/der/utctime/der_encode_utctime.obj \ ltc/pk/asn1/der/utctime/der_length_utctime.obj ltc/pk/asn1/der/utf8/der_decode_utf8_string.obj \ ltc/pk/asn1/der/utf8/der_encode_utf8_string.obj ltc/pk/asn1/der/utf8/der_length_utf8_string.obj \ -ltc/pk/dh/dh.obj ltc/pk/dh/dh_static.obj ltc/pk/dh/dh_sys.obj ltc/pk/dsa/dsa_decrypt_key.obj \ +ltc/pk/asn1/x509/x509_decode_subject_public_key_info.obj ltc/pk/asn1/x509/x509_encode_subject_public_key_info.obj \ +ltc/pk/dh/dh.obj ltc/pk/dh/dh_check_pubkey.obj ltc/pk/dh/dh_export.obj ltc/pk/dh/dh_export_key.obj \ +ltc/pk/dh/dh_free.obj ltc/pk/dh/dh_generate_key.obj ltc/pk/dh/dh_import.obj ltc/pk/dh/dh_set.obj \ +ltc/pk/dh/dh_set_pg_dhparam.obj ltc/pk/dh/dh_shared_secret.obj ltc/pk/dsa/dsa_decrypt_key.obj \ ltc/pk/dsa/dsa_encrypt_key.obj ltc/pk/dsa/dsa_export.obj ltc/pk/dsa/dsa_free.obj \ -ltc/pk/dsa/dsa_import.obj ltc/pk/dsa/dsa_import_radix.obj ltc/pk/dsa/dsa_make_key.obj \ +ltc/pk/dsa/dsa_generate_key.obj ltc/pk/dsa/dsa_generate_pqg.obj ltc/pk/dsa/dsa_import.obj \ +ltc/pk/dsa/dsa_make_key.obj ltc/pk/dsa/dsa_set.obj ltc/pk/dsa/dsa_set_pqg_dsaparam.obj \ ltc/pk/dsa/dsa_shared_secret.obj ltc/pk/dsa/dsa_sign_hash.obj ltc/pk/dsa/dsa_verify_hash.obj \ ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ -ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_dp_clear.obj \ -ltc/pk/ecc/ecc_dp_fill_from_sets.obj ltc/pk/ecc/ecc_dp_from_oid.obj ltc/pk/ecc/ecc_dp_from_params.obj \ -ltc/pk/ecc/ecc_dp_init.obj ltc/pk/ecc/ecc_dp_set.obj ltc/pk/ecc/ecc_encrypt_key.obj \ -ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_full.obj ltc/pk/ecc/ecc_export_raw.obj \ -ltc/pk/ecc/ecc_free.obj ltc/pk/ecc/ecc_get_size.obj ltc/pk/ecc/ecc_import.obj ltc/pk/ecc/ecc_import_full.obj \ -ltc/pk/ecc/ecc_import_pkcs8.obj ltc/pk/ecc/ecc_import_raw.obj ltc/pk/ecc/ecc_make_key.obj \ -ltc/pk/ecc/ecc_shared_secret.obj ltc/pk/ecc/ecc_sign_hash.obj ltc/pk/ecc/ecc_sizes.obj \ -ltc/pk/ecc/ecc_verify_hash.obj ltc/pk/ecc/ecc_verify_key.obj ltc/pk/ecc/ltc_ecc_export_point.obj \ -ltc/pk/ecc/ltc_ecc_import_point.obj ltc/pk/ecc/ltc_ecc_is_point.obj ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj \ -ltc/pk/ecc/ltc_ecc_is_valid_idx.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \ +ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \ +ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_free.obj \ +ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_set.obj ltc/pk/ecc/ecc_get_size.obj \ +ltc/pk/ecc/ecc_import.obj ltc/pk/ecc/ecc_import_openssl.obj ltc/pk/ecc/ecc_import_pkcs8.obj \ +ltc/pk/ecc/ecc_import_x509.obj ltc/pk/ecc/ecc_make_key.obj ltc/pk/ecc/ecc_set_dp.obj \ +ltc/pk/ecc/ecc_set_dp_internal.obj ltc/pk/ecc/ecc_set_key.obj ltc/pk/ecc/ecc_shared_secret.obj \ +ltc/pk/ecc/ecc_sign_hash.obj ltc/pk/ecc/ecc_sizes.obj ltc/pk/ecc/ecc_verify_hash.obj \ +ltc/pk/ecc/ltc_ecc_export_point.obj ltc/pk/ecc/ltc_ecc_import_point.obj ltc/pk/ecc/ltc_ecc_is_point.obj \ +ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \ ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \ ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \ -ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj \ -ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \ -ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \ -ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \ -ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \ -ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_radix.obj ltc/pk/rsa/rsa_import_x509.obj \ -ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ +ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj \ +ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj \ +ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj \ +ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj \ +ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj \ +ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj \ +ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ ltc/pk/rsa/rsa_verify_hash.obj ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj \ ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj \ ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj \ ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj \ -ltc/stream/chacha/chacha_setup.obj ltc/stream/rc4/rc4.obj ltc/stream/sober128/sober128.obj \ -ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj ltm/bn_fast_mp_montgomery_reduce.obj \ -ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj ltm/bn_fast_s_mp_sqr.obj \ -ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj \ -ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj ltm/bn_mp_clear_multi.obj \ -ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj ltm/bn_mp_cnt_lsb.obj \ -ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj \ -ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj ltm/bn_mp_dr_is_modulus.obj \ -ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj ltm/bn_mp_export.obj \ -ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj ltm/bn_mp_expt_d_ex.obj \ -ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj ltm/bn_mp_gcd.obj \ -ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj ltm/bn_mp_get_long_long.obj ltm/bn_mp_grow.obj \ -ltm/bn_mp_import.obj ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj ltm/bn_mp_init_multi.obj \ -ltm/bn_mp_init_set.obj ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj ltm/bn_mp_invmod.obj \ -ltm/bn_mp_invmod_slow.obj ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj ltm/bn_mp_karatsuba_mul.obj \ -ltm/bn_mp_karatsuba_sqr.obj ltm/bn_mp_lcm.obj ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj \ -ltm/bn_mp_mod_2d.obj ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj \ +ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj ltc/stream/rc4/rc4_stream.obj \ +ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj \ +ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_setup.obj ltc/stream/sober128/sober128_stream.obj \ +ltc/stream/sosemanuk/sosemanuk.obj ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj \ +ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj \ +ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj \ +ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj \ +ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj \ +ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj \ +ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \ +ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj \ +ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj \ +ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj \ +ltm/bn_mp_gcd.obj ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj ltm/bn_mp_get_long_long.obj \ +ltm/bn_mp_grow.obj ltm/bn_mp_import.obj ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj \ +ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj \ +ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj \ +ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj ltm/bn_mp_lcm.obj ltm/bn_mp_lshd.obj \ +ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj \ ltm/bn_mp_montgomery_reduce.obj ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj \ ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj \ ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj \ @@ -163,5 +176,5 @@ clean: $(RM_F) $(OBJS) liballinone.lib .c.obj: - cl $(CFLAGS) /c $< /Fo$@ + cl /Iltm /Iltc/headers /DLTC_SOURCE /DLTC_NO_TEST /DLTC_NO_PROTOTYPES /DLTM_DESC $(CFLAGS) /c $< /Fo$@ diff --git a/src/ltc/ciphers/aes/aes.c b/src/ltc/ciphers/aes/aes.c index 2bf7a00..5c1dcd1 100644 --- a/src/ltc/ciphers/aes/aes.c +++ b/src/ltc/ciphers/aes/aes.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /* AES implementation by Tom St Denis @@ -687,23 +685,8 @@ int ECB_TEST(void) rijndael_ecb_encrypt(tests[i].pt, tmp[0], &key); rijndael_ecb_decrypt(tmp[0], tmp[1], &key); - if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { -#if 0 - printf("\n\nTest %d failed\n", i); - if (XMEMCMP(tmp[0], tests[i].ct, 16)) { - printf("CT: "); - for (i = 0; i < 16; i++) { - printf("%02x ", tmp[0][i]); - } - printf("\n"); - } else { - printf("PT: "); - for (i = 0; i < 16; i++) { - printf("%02x ", tmp[1][i]); - } - printf("\n"); - } -#endif + if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "AES Encrypt", i) || + compare_testvector(tmp[1], 16, tests[i].pt, 16, "AES Decrypt", i)) { return CRYPT_FAIL_TESTVECTOR; } @@ -755,6 +738,6 @@ int ECB_KS(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/aes/aes_tab.c b/src/ltc/ciphers/aes/aes_tab.c index 9c902e8..463d05c 100644 --- a/src/ltc/ciphers/aes/aes_tab.c +++ b/src/ltc/ciphers/aes/aes_tab.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /* The precomputed tables for AES */ /* @@ -1027,6 +1025,6 @@ static const ulong32 rcon[] = { #endif /* __LTC_AES_TAB_C__ */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/anubis.c b/src/ltc/ciphers/anubis.c index f819421..a28c7e1 100644 --- a/src/ltc/ciphers/anubis.c +++ b/src/ltc/ciphers/anubis.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -899,7 +897,7 @@ int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetri { int N, R, i, pos, r; ulong32 kappa[MAX_N]; - ulong32 inter[MAX_N]; + ulong32 inter[MAX_N] = { 0 }; /* initialize as all zeroes */ ulong32 v, K0, K1, K2, K3; LTC_ARGCHK(key != NULL); @@ -1500,13 +1498,14 @@ int anubis_test(void) anubis_setup(tests[x].key, tests[x].keylen, 0, &skey); anubis_ecb_encrypt(tests[x].pt, buf[0], &skey); anubis_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], tests[x].ct, 16) || XMEMCMP(buf[1], tests[x].pt, 16)) { + if (compare_testvector(buf[0], 16, tests[x].ct, 16, "Anubis Encrypt", x) || + compare_testvector(buf[1], 16, tests[x].pt, 16, "Anubis Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey); for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey); - if (XMEMCMP(buf[0], tests[x].ct, 16)) { + if (compare_testvector(buf[0], 16, tests[x].ct, 16, "Anubis 1000", 1000)) { return CRYPT_FAIL_TESTVECTOR; } @@ -1554,6 +1553,6 @@ int anubis_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/blowfish.c b/src/ltc/ciphers/blowfish.c index 9a78733..a1945ae 100644 --- a/src/ltc/ciphers/blowfish.c +++ b/src/ltc/ciphers/blowfish.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @file blowfish.c @@ -548,7 +546,8 @@ int blowfish_test(void) blowfish_ecb_decrypt(tmp[0], tmp[1], &key); /* compare */ - if ((XMEMCMP(tmp[0], tests[x].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[x].pt, 8) != 0)) { + if ((compare_testvector(tmp[0], 8, tests[x].ct, 8, "Blowfish Encrypt", x) != 0) || + (compare_testvector(tmp[1], 8, tests[x].pt, 8, "Blowfish Decrypt", x) != 0)) { return CRYPT_FAIL_TESTVECTOR; } @@ -590,6 +589,6 @@ int blowfish_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/camellia.c b/src/ltc/ciphers/camellia.c index ad8f501..0a75087 100644 --- a/src/ltc/ciphers/camellia.c +++ b/src/ltc/ciphers/camellia.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -699,22 +697,8 @@ int camellia_test(void) return err; } camellia_done(&skey); - if (XMEMCMP(tests[x].ct, buf[0], 16) || XMEMCMP(tests[x].pt, buf[1], 16)) { -#if 0 - int i, j; - printf ("\n\nLTC_CAMELLIA failed for x=%d, I got:\n", x); - for (i = 0; i < 2; i++) { - const unsigned char *expected, *actual; - expected = (i ? tests[x].pt : tests[x].ct); - actual = buf[i]; - printf ("expected actual (%s)\n", (i ? "plaintext" : "ciphertext")); - for (j = 0; j < 16; j++) { - const char *eq = (expected[j] == actual[j] ? "==" : "!="); - printf (" %02x %s %02x\n", expected[j], eq, actual[j]); - } - printf ("\n"); - } -#endif + if (compare_testvector(tests[x].ct, 16, buf[0], 16, "Camellia Encrypt", x) || + compare_testvector(tests[x].pt, 16, buf[1], 16, "Camellia Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -737,6 +721,6 @@ int camellia_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/cast5.c b/src/ltc/ciphers/cast5.c index f4f9154..43ca580 100644 --- a/src/ltc/ciphers/cast5.c +++ b/src/ltc/ciphers/cast5.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -676,7 +674,8 @@ int cast5_test(void) } cast5_ecb_encrypt(tests[i].pt, tmp[0], &key); cast5_ecb_decrypt(tmp[0], tmp[1], &key); - if ((XMEMCMP(tmp[0], tests[i].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[i].pt, 8) != 0)) { + if ((compare_testvector(tmp[0], 8, tests[i].ct, 8, "CAST5 Encrypt", i) != 0) || + (compare_testvector(tmp[1], 8, tests[i].pt, 8, "CAST5 Decrypt", i) != 0)) { return CRYPT_FAIL_TESTVECTOR; } /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ @@ -716,6 +715,6 @@ int cast5_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/des.c b/src/ltc/ciphers/des.c index 712c1ae..2866054 100644 --- a/src/ltc/ciphers/des.c +++ b/src/ltc/ciphers/des.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -1385,7 +1383,7 @@ static void cookey(const ulong32 *raw1, ulong32 *keyout) *cook++ |= (*raw1 & 0x0000003fL); } - XMEMCPY(keyout, dough, sizeof dough); + XMEMCPY(keyout, dough, sizeof(dough)); } #ifdef LTC_CLEAN_STACK @@ -1979,7 +1977,7 @@ int des_test(void) des_ecb_decrypt(cases[i].txt, tmp, &des); } - if (XMEMCMP(cases[i].out, tmp, sizeof(tmp)) != 0) { + if (compare_testvector(cases[i].out, sizeof(tmp), tmp, sizeof(tmp), "DES", i) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -2022,7 +2020,7 @@ int des3_test(void) des3_ecb_encrypt(pt, ct, &skey); des3_ecb_decrypt(ct, tmp, &skey); - if (XMEMCMP(pt, tmp, 8) != 0) { + if (compare_testvector(pt, 8, tmp, 8, "3DES", 0) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -2080,6 +2078,6 @@ int des3_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/idea.c b/src/ltc/ciphers/idea.c new file mode 100644 index 0000000..5339fd3 --- /dev/null +++ b/src/ltc/ciphers/idea.c @@ -0,0 +1,260 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* Based on idea.cpp - originally written and placed in the public domain by Wei Dai + https://github.com/weidai11/cryptopp/blob/master/idea.cpp + + Patents should be expired. On 2017-10-16 wikipedia says: + https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + + A patent application for IDEA was first filed in Switzerland (CH A 1690/90) on May 18, 1990, + then an international patent application was filed under the Patent Cooperation Treaty on + May 16, 1991. Patents were eventually granted in Austria, France, Germany, Italy, the Netherlands, + Spain, Sweden, Switzerland, the United Kingdom, (European Patent Register entry for European + patent no. 0482154, filed May 16, 1991, issued June 22, 1994 and expired May 16, 2011), + the United States (U.S. Patent 5,214,703, issued May 25, 1993 and expired January 7, 2012) + and Japan (JP 3225440) (expired May 16, 2011). + */ + +#include "tomcrypt.h" + +#ifdef LTC_IDEA + +const struct ltc_cipher_descriptor idea_desc = { + "idea", + 24, /* cipher_ID */ + 16, 16, 8, 8, /* min_key_len, max_key_len, block_len, default_rounds */ + &idea_setup, + &idea_ecb_encrypt, + &idea_ecb_decrypt, + &idea_test, + &idea_done, + &idea_keysize, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL +}; + +typedef unsigned short int ushort16; + +#define _LOW16(x) ((x)&0xffff) /* compiler should be able to optimize this away if x is 16 bits */ +#define _HIGH16(x) ((x)>>16) +#define _MUL(a,b) { \ + ulong32 p = (ulong32)_LOW16(a) * b; \ + if (p) { \ + p = _LOW16(p) - _HIGH16(p); \ + a = (ushort16)p - (ushort16)_HIGH16(p); \ + } \ + else \ + a = 1 - a - b; \ + } +#define _STORE16(x,y) { (y)[0] = (unsigned char)(((x)>>8)&255); (y)[1] = (unsigned char)((x)&255); } +#define _LOAD16(x,y) { x = ((ushort16)((y)[0] & 255)<<8) | ((ushort16)((y)[1] & 255)); } + +static ushort16 _mul_inv(ushort16 x) +{ + ushort16 y = x; + unsigned i; + + for (i = 0; i < 15; i++) { + _MUL(y, _LOW16(y)); + _MUL(y, x); + } + return _LOW16(y); +} + +static ushort16 _add_inv(ushort16 x) +{ + return _LOW16(0 - x); +} + +static int _setup_key(const unsigned char *key, symmetric_key *skey) +{ + int i, j; + ushort16 *e_key = skey->idea.ek; + ushort16 *d_key = skey->idea.dk; + + /* prepare enc key */ + for (i = 0; i < 8; i++) { + _LOAD16(e_key[i], key + 2 * i); + } + for (; i < LTC_IDEA_KEYLEN; i++) { + j = (i - i % 8) - 8; + e_key[i] = _LOW16((e_key[j+(i+1)%8] << 9) | (e_key[j+(i+2)%8] >> 7)); + } + + /* prepare dec key */ + for (i = 0; i < LTC_IDEA_ROUNDS; i++) { + d_key[i*6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+0]); + d_key[i*6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+1+(i>0 ? 1 : 0)]); + d_key[i*6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+2-(i>0 ? 1 : 0)]); + d_key[i*6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+3]); + d_key[i*6+4] = e_key[(LTC_IDEA_ROUNDS-1-i)*6+4]; + d_key[i*6+5] = e_key[(LTC_IDEA_ROUNDS-1-i)*6+5]; + } + d_key[i*6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+0]); + d_key[i*6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+1]); + d_key[i*6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+2]); + d_key[i*6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+3]); + + return CRYPT_OK; +} + +static int _process_block(const unsigned char *in, unsigned char *out, ushort16 *m_key) +{ + int i; + ushort16 x0, x1, x2, x3, t0, t1; + + _LOAD16(x0, in + 0); + _LOAD16(x1, in + 2); + _LOAD16(x2, in + 4); + _LOAD16(x3, in + 6); + + for (i = 0; i < LTC_IDEA_ROUNDS; i++) { + _MUL(x0, m_key[i*6+0]); + x1 += m_key[i*6+1]; + x2 += m_key[i*6+2]; + _MUL(x3, m_key[i*6+3]); + t0 = x0^x2; + _MUL(t0, m_key[i*6+4]); + t1 = t0 + (x1^x3); + _MUL(t1, m_key[i*6+5]); + t0 += t1; + x0 ^= t1; + x3 ^= t0; + t0 ^= x1; + x1 = x2^t1; + x2 = t0; + } + + _MUL(x0, m_key[LTC_IDEA_ROUNDS*6+0]); + x2 += m_key[LTC_IDEA_ROUNDS*6+1]; + x1 += m_key[LTC_IDEA_ROUNDS*6+2]; + _MUL(x3, m_key[LTC_IDEA_ROUNDS*6+3]); + + _STORE16(x0, out + 0); + _STORE16(x2, out + 2); + _STORE16(x1, out + 4); + _STORE16(x3, out + 6); + + return CRYPT_OK; +} + +int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) +{ + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(skey != NULL); + + if (num_rounds != 0 && num_rounds != 8) return CRYPT_INVALID_ROUNDS; + if (keylen != 16) return CRYPT_INVALID_KEYSIZE; + + return _setup_key(key, skey); +} + +int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +{ + int err = _process_block(pt, ct, skey->idea.ek); +#ifdef LTC_CLEAN_STACK + burn_stack(sizeof(ushort16) * 6 + sizeof(int)); +#endif + return err; +} + +int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +{ + int err = _process_block(ct, pt, skey->idea.dk); +#ifdef LTC_CLEAN_STACK + burn_stack(sizeof(ushort16) * 6 + sizeof(int)); +#endif + return err; +} + +void idea_done(symmetric_key *skey) +{ + LTC_UNUSED_PARAM(skey); +} + +int idea_keysize(int *keysize) +{ + LTC_ARGCHK(keysize != NULL); + if (*keysize < 16) { + return CRYPT_INVALID_KEYSIZE; + } + *keysize = 16; + return CRYPT_OK; +} + +int idea_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + static const struct { + unsigned char key[16], pt[8], ct[8]; + } tests[] = { + { + /* key */ { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* ct */ { 0xB1, 0xF5, 0xF7, 0xF8, 0x79, 0x01, 0x37, 0x0F } + }, + { + /* key */ { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* ct */ { 0xB3, 0x92, 0x7D, 0xFF, 0xB6, 0x35, 0x86, 0x26 } + }, + { + /* key */ { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* ct */ { 0xE9, 0x87, 0xE0, 0x02, 0x9F, 0xB9, 0x97, 0x85 } + }, + { + /* key */ { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* ct */ { 0x75, 0x4A, 0x03, 0xCE, 0x08, 0xDB, 0x7D, 0xAA } + }, + { + /* key */ { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + /* ct */ { 0xF0, 0x15, 0xF9, 0xFB, 0x0C, 0xFC, 0x7E, 0x1C } + }, + }; + + unsigned char buf[2][8]; + symmetric_key key; + int err, x; + + if (sizeof(ushort16) != 2) { + return CRYPT_FAIL_TESTVECTOR; + } + + for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + if ((err = idea_setup(tests[x].key, 16, 8, &key)) != CRYPT_OK) { + return err; + } + if ((err = idea_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) { + return err; + } + if (compare_testvector(buf[0], 8, tests[x].ct, 8, "IDEA Encrypt", x)) { + return CRYPT_FAIL_TESTVECTOR; + } + if ((err = idea_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) { + return err; + } + if (compare_testvector(buf[1], 8, tests[x].pt, 8, "IDEA Decrypt", x)) { + return CRYPT_FAIL_TESTVECTOR; + } + } + + return CRYPT_OK; +#endif +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/kasumi.c b/src/ltc/ciphers/kasumi.c index 61369e0..7c2add5 100644 --- a/src/ltc/ciphers/kasumi.c +++ b/src/ltc/ciphers/kasumi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -304,7 +302,8 @@ int kasumi_test(void) if ((err = kasumi_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) { return err; } - if (XMEMCMP(tests[x].pt, buf[1], 8) || XMEMCMP(tests[x].ct, buf[0], 8)) { + if (compare_testvector(buf[1], 8, tests[x].pt, 8, "Kasumi Decrypt", x) || + compare_testvector(buf[0], 8, tests[x].ct, 8, "Kasumi Encrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -314,6 +313,6 @@ int kasumi_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/khazad.c b/src/ltc/ciphers/khazad.c index 1cea03c..4d1f2ce 100644 --- a/src/ltc/ciphers/khazad.c +++ b/src/ltc/ciphers/khazad.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -810,13 +808,14 @@ int khazad_test(void) khazad_setup(tests[x].key, 16, 0, &skey); khazad_ecb_encrypt(tests[x].pt, buf[0], &skey); khazad_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], tests[x].ct, 8) || XMEMCMP(buf[1], tests[x].pt, 8)) { + if (compare_testvector(buf[0], 8, tests[x].ct, 8, "Khazad Encrypt", x) || + compare_testvector(buf[1], 8, tests[x].pt, 8, "Khazad Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } for (y = 0; y < 1000; y++) khazad_ecb_encrypt(buf[0], buf[0], &skey); for (y = 0; y < 1000; y++) khazad_ecb_decrypt(buf[0], buf[0], &skey); - if (XMEMCMP(buf[0], tests[x].ct, 8)) { + if (compare_testvector(buf[0], 8, tests[x].ct, 8, "Khazad 1000", 1000)) { return CRYPT_FAIL_TESTVECTOR; } @@ -851,6 +850,6 @@ int khazad_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/kseed.c b/src/ltc/ciphers/kseed.c index 85b4f8a..e12fdc7 100644 --- a/src/ltc/ciphers/kseed.c +++ b/src/ltc/ciphers/kseed.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -346,22 +344,8 @@ int kseed_test(void) kseed_setup(tests[x].key, 16, 0, &skey); kseed_ecb_encrypt(tests[x].pt, buf[0], &skey); kseed_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], tests[x].ct, 16) || XMEMCMP(buf[1], tests[x].pt, 16)) { -#if 0 - int i, j; - printf ("\n\nLTC_KSEED failed for x=%d, I got:\n", x); - for (i = 0; i < 2; i++) { - const unsigned char *expected, *actual; - expected = (i ? tests[x].pt : tests[x].ct); - actual = buf[i]; - printf ("expected actual (%s)\n", (i ? "plaintext" : "ciphertext")); - for (j = 0; j < 16; j++) { - const char *eq = (expected[j] == actual[j] ? "==" : "!="); - printf (" %02x %s %02x\n", expected[j], eq, actual[j]); - } - printf ("\n"); - } -#endif + if (compare_testvector(buf[0], 16, tests[x].ct, 16, "KSEED Encrypt", x) || + compare_testvector(buf[1], 16, tests[x].pt, 16, "KSEED Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -387,6 +371,6 @@ int kseed_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/multi2.c b/src/ltc/ciphers/multi2.c index d77c9a6..86c1812 100644 --- a/src/ltc/ciphers/multi2.c +++ b/src/ltc/ciphers/multi2.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -258,14 +256,14 @@ int multi2_test(void) return err; } - if (XMEMCMP(buf, tests[x].ct, 8)) { + if (compare_testvector(buf, 8, tests[x].ct, 8, "Multi2 Encrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } if ((err = multi2_ecb_decrypt(buf, buf, &skey)) != CRYPT_OK) { return err; } - if (XMEMCMP(buf, tests[x].pt, 8)) { + if (compare_testvector(buf, 8, tests[x].pt, 8, "Multi2 Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -282,7 +280,7 @@ int multi2_test(void) if ((err = multi2_ecb_decrypt(ct, buf, &skey)) != CRYPT_OK) { return err; } - if (XMEMCMP(buf, tests[0].pt, 8)) { + if (compare_testvector(buf, 8, tests[0].pt, 8, "Multi2 Rounds", x)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -316,6 +314,6 @@ int multi2_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/noekeon.c b/src/ltc/ciphers/noekeon.c index 5b8d1c8..13720d1 100644 --- a/src/ltc/ciphers/noekeon.c +++ b/src/ltc/ciphers/noekeon.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @file noekeon.c @@ -283,23 +281,8 @@ int noekeon_test(void) noekeon_ecb_encrypt(tests[i].pt, tmp[0], &key); noekeon_ecb_decrypt(tmp[0], tmp[1], &key); - if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { -#if 0 - printf("\n\nTest %d failed\n", i); - if (XMEMCMP(tmp[0], tests[i].ct, 16)) { - printf("CT: "); - for (i = 0; i < 16; i++) { - printf("%02x ", tmp[0][i]); - } - printf("\n"); - } else { - printf("PT: "); - for (i = 0; i < 16; i++) { - printf("%02x ", tmp[1][i]); - } - printf("\n"); - } -#endif + if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "Noekeon Encrypt", i) || + compare_testvector(tmp[1], 16, tests[i].pt, 16, "Noekeon Decrypt", i)) { return CRYPT_FAIL_TESTVECTOR; } @@ -340,6 +323,6 @@ int noekeon_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/rc2.c b/src/ltc/ciphers/rc2.c index e0e05d1..ebd8f88 100644 --- a/src/ltc/ciphers/rc2.c +++ b/src/ltc/ciphers/rc2.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /**********************************************************************\ * To commemorate the 1996 RSA Data Security Conference, the following * @@ -18,7 +16,7 @@ * Thanks to CodeView, SoftIce, and D86 for helping bring this code to * * the public. * \**********************************************************************/ -#include +#include "tomcrypt.h" /** @file rc2.c @@ -414,6 +412,6 @@ int rc2_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/rc5.c b/src/ltc/ciphers/rc5.c index bd964e2..bda537f 100644 --- a/src/ltc/ciphers/rc5.c +++ b/src/ltc/ciphers/rc5.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -275,7 +273,8 @@ int rc5_test(void) rc5_ecb_decrypt(tmp[0], tmp[1], &key); /* compare */ - if (XMEMCMP(tmp[0], tests[x].ct, 8) != 0 || XMEMCMP(tmp[1], tests[x].pt, 8) != 0) { + if (compare_testvector(tmp[0], 8, tests[x].ct, 8, "RC5 Encrypt", x) != 0 || + compare_testvector(tmp[1], 8, tests[x].pt, 8, "RC5 Decrypt", x) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -318,6 +317,6 @@ int rc5_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/rc6.c b/src/ltc/ciphers/rc6.c index 48d413d..56ca705 100644 --- a/src/ltc/ciphers/rc6.c +++ b/src/ltc/ciphers/rc6.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -285,24 +283,8 @@ int rc6_test(void) rc6_ecb_decrypt(tmp[0], tmp[1], &key); /* compare */ - if (XMEMCMP(tmp[0], tests[x].ct, 16) || XMEMCMP(tmp[1], tests[x].pt, 16)) { -#if 0 - printf("\n\nFailed test %d\n", x); - if (XMEMCMP(tmp[0], tests[x].ct, 16)) { - printf("Ciphertext: "); - for (y = 0; y < 16; y++) printf("%02x ", tmp[0][y]); - printf("\nExpected : "); - for (y = 0; y < 16; y++) printf("%02x ", tests[x].ct[y]); - printf("\n"); - } - if (XMEMCMP(tmp[1], tests[x].pt, 16)) { - printf("Plaintext: "); - for (y = 0; y < 16; y++) printf("%02x ", tmp[0][y]); - printf("\nExpected : "); - for (y = 0; y < 16; y++) printf("%02x ", tests[x].pt[y]); - printf("\n"); - } -#endif + if (compare_testvector(tmp[0], 16, tests[x].ct, 16, "RC6 Encrypt", x) || + compare_testvector(tmp[1], 16, tests[x].pt, 16, "RC6 Decrypt", x)) { return CRYPT_FAIL_TESTVECTOR; } @@ -344,6 +326,6 @@ int rc6_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/safer/safer.c b/src/ltc/ciphers/safer/safer.c index 85af1f2..9eefcfb 100644 --- a/src/ltc/ciphers/safer/safer.c +++ b/src/ltc/ciphers/safer/safer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /******************************************************************************* @@ -28,15 +26,14 @@ * *******************************************************************************/ -#include +#include "tomcrypt.h" #ifdef LTC_SAFER #define __LTC_SAFER_TAB_C__ #include "safer_tab.c" -const struct ltc_cipher_descriptor - safer_k64_desc = { +const struct ltc_cipher_descriptor safer_k64_desc = { "safer-k64", 8, 8, 8, 8, LTC_SAFER_K64_DEFAULT_NOF_ROUNDS, &safer_k64_setup, @@ -398,7 +395,8 @@ int safer_k64_test(void) safer_ecb_encrypt(k64_pt, buf[0], &skey); safer_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], k64_ct, 8) != 0 || XMEMCMP(buf[1], k64_pt, 8) != 0) { + if (compare_testvector(buf[0], 8, k64_ct, 8, "Safer K64 Encrypt", 0) != 0 || + compare_testvector(buf[1], 8, k64_pt, 8, "Safer K64 Decrypt", 0) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -428,7 +426,8 @@ int safer_sk64_test(void) safer_ecb_encrypt(sk64_pt, buf[0], &skey); safer_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], sk64_ct, 8) != 0 || XMEMCMP(buf[1], sk64_pt, 8) != 0) { + if (compare_testvector(buf[0], 8, sk64_ct, 8, "Safer SK64 Encrypt", 0) != 0 || + compare_testvector(buf[1], 8, sk64_pt, 8, "Safer SK64 Decrypt", 0) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -471,7 +470,8 @@ int safer_sk128_test(void) safer_ecb_encrypt(sk128_pt, buf[0], &skey); safer_ecb_decrypt(buf[0], buf[1], &skey); - if (XMEMCMP(buf[0], sk128_ct, 8) != 0 || XMEMCMP(buf[1], sk128_pt, 8) != 0) { + if (compare_testvector(buf[0], 8, sk128_ct, 8, "Safer SK128 Encrypt", 0) != 0 || + compare_testvector(buf[1], 8, sk128_pt, 8, "Safer SK128 Decrypt", 0) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -490,6 +490,6 @@ int safer_sk128_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/safer/safer_tab.c b/src/ltc/ciphers/safer/safer_tab.c index 308fe55..99962a0 100644 --- a/src/ltc/ciphers/safer/safer_tab.c +++ b/src/ltc/ciphers/safer/safer_tab.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -61,6 +59,6 @@ static const unsigned char safer_lbox[256] = { -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/safer/saferp.c b/src/ltc/ciphers/safer/saferp.c index e5f8bf3..116590f 100644 --- a/src/ltc/ciphers/safer/saferp.c +++ b/src/ltc/ciphers/safer/saferp.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -516,7 +514,8 @@ int saferp_test(void) saferp_ecb_decrypt(tmp[0], tmp[1], &skey); /* compare */ - if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { + if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "Safer+ Encrypt", i) || + compare_testvector(tmp[1], 16, tests[i].pt, 16, "Safer+ Decrypt", i)) { return CRYPT_FAIL_TESTVECTOR; } @@ -564,6 +563,6 @@ int saferp_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/serpent.c b/src/ltc/ciphers/serpent.c new file mode 100644 index 0000000..cdd34fa --- /dev/null +++ b/src/ltc/ciphers/serpent.c @@ -0,0 +1,727 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* Based on serpent.cpp - originally written and placed in the public domain by Wei Dai + https://github.com/weidai11/cryptopp/blob/master/serpent.cpp + + On 2017-10-16 wikipedia says: + "The Serpent cipher algorithm is in the public domain and has not been patented." + https://en.wikipedia.org/wiki/Serpent_(cipher) + */ + +#include "tomcrypt.h" + +#ifdef LTC_SERPENT + +const struct ltc_cipher_descriptor serpent_desc = { + "serpent", + 25, /* cipher_ID */ + 16, 32, 16, 32, /* min_key_len, max_key_len, block_len, default_rounds */ + &serpent_setup, + &serpent_ecb_encrypt, + &serpent_ecb_decrypt, + &serpent_test, + &serpent_done, + &serpent_keysize, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL +}; + +/* linear transformation */ +#define _LT(i,a,b,c,d,e) { \ + a = ROLc(a, 13); \ + c = ROLc(c, 3); \ + d = ROLc(d ^ c ^ (a << 3), 7); \ + b = ROLc(b ^ a ^ c, 1); \ + a = ROLc(a ^ b ^ d, 5); \ + c = ROLc(c ^ d ^ (b << 7), 22); \ + } + +/* inverse linear transformation */ +#define _ILT(i,a,b,c,d,e) { \ + c = RORc(c, 22); \ + a = RORc(a, 5); \ + c ^= d ^ (b << 7); \ + a ^= b ^ d; \ + b = RORc(b, 1); \ + d = RORc(d, 7) ^ c ^ (a << 3); \ + b ^= a ^ c; \ + c = RORc(c, 3); \ + a = RORc(a, 13); \ + } + +/* order of output from S-box functions */ +#define _beforeS0(f) f(0,a,b,c,d,e) +#define _afterS0(f) f(1,b,e,c,a,d) +#define _afterS1(f) f(2,c,b,a,e,d) +#define _afterS2(f) f(3,a,e,b,d,c) +#define _afterS3(f) f(4,e,b,d,c,a) +#define _afterS4(f) f(5,b,a,e,c,d) +#define _afterS5(f) f(6,a,c,b,e,d) +#define _afterS6(f) f(7,a,c,d,b,e) +#define _afterS7(f) f(8,d,e,b,a,c) + +/* order of output from inverse S-box functions */ +#define _beforeI7(f) f(8,a,b,c,d,e) +#define _afterI7(f) f(7,d,a,b,e,c) +#define _afterI6(f) f(6,a,b,c,e,d) +#define _afterI5(f) f(5,b,d,e,c,a) +#define _afterI4(f) f(4,b,c,e,a,d) +#define _afterI3(f) f(3,a,b,e,c,d) +#define _afterI2(f) f(2,b,d,e,c,a) +#define _afterI1(f) f(1,a,b,c,e,d) +#define _afterI0(f) f(0,a,d,b,e,c) + +/* The instruction sequences for the S-box functions + * come from Dag Arne Osvik's paper "Speeding up Serpent". + */ + +#define _S0(i, r0, r1, r2, r3, r4) { \ + r3 ^= r0; \ + r4 = r1; \ + r1 &= r3; \ + r4 ^= r2; \ + r1 ^= r0; \ + r0 |= r3; \ + r0 ^= r4; \ + r4 ^= r3; \ + r3 ^= r2; \ + r2 |= r1; \ + r2 ^= r4; \ + r4 = ~r4; \ + r4 |= r1; \ + r1 ^= r3; \ + r1 ^= r4; \ + r3 |= r0; \ + r1 ^= r3; \ + r4 ^= r3; \ +} + +#define _I0(i, r0, r1, r2, r3, r4) { \ + r2 = ~r2; \ + r4 = r1; \ + r1 |= r0; \ + r4 = ~r4; \ + r1 ^= r2; \ + r2 |= r4; \ + r1 ^= r3; \ + r0 ^= r4; \ + r2 ^= r0; \ + r0 &= r3; \ + r4 ^= r0; \ + r0 |= r1; \ + r0 ^= r2; \ + r3 ^= r4; \ + r2 ^= r1; \ + r3 ^= r0; \ + r3 ^= r1; \ + r2 &= r3; \ + r4 ^= r2; \ +} + +#define _S1(i, r0, r1, r2, r3, r4) { \ + r0 = ~r0; \ + r2 = ~r2; \ + r4 = r0; \ + r0 &= r1; \ + r2 ^= r0; \ + r0 |= r3; \ + r3 ^= r2; \ + r1 ^= r0; \ + r0 ^= r4; \ + r4 |= r1; \ + r1 ^= r3; \ + r2 |= r0; \ + r2 &= r4; \ + r0 ^= r1; \ + r1 &= r2; \ + r1 ^= r0; \ + r0 &= r2; \ + r0 ^= r4; \ +} + +#define _I1(i, r0, r1, r2, r3, r4) { \ + r4 = r1; \ + r1 ^= r3; \ + r3 &= r1; \ + r4 ^= r2; \ + r3 ^= r0; \ + r0 |= r1; \ + r2 ^= r3; \ + r0 ^= r4; \ + r0 |= r2; \ + r1 ^= r3; \ + r0 ^= r1; \ + r1 |= r3; \ + r1 ^= r0; \ + r4 = ~r4; \ + r4 ^= r1; \ + r1 |= r0; \ + r1 ^= r0; \ + r1 |= r4; \ + r3 ^= r1; \ +} + +#define _S2(i, r0, r1, r2, r3, r4) { \ + r4 = r0; \ + r0 &= r2; \ + r0 ^= r3; \ + r2 ^= r1; \ + r2 ^= r0; \ + r3 |= r4; \ + r3 ^= r1; \ + r4 ^= r2; \ + r1 = r3; \ + r3 |= r4; \ + r3 ^= r0; \ + r0 &= r1; \ + r4 ^= r0; \ + r1 ^= r3; \ + r1 ^= r4; \ + r4 = ~r4; \ +} + +#define _I2(i, r0, r1, r2, r3, r4) { \ + r2 ^= r3; \ + r3 ^= r0; \ + r4 = r3; \ + r3 &= r2; \ + r3 ^= r1; \ + r1 |= r2; \ + r1 ^= r4; \ + r4 &= r3; \ + r2 ^= r3; \ + r4 &= r0; \ + r4 ^= r2; \ + r2 &= r1; \ + r2 |= r0; \ + r3 = ~r3; \ + r2 ^= r3; \ + r0 ^= r3; \ + r0 &= r1; \ + r3 ^= r4; \ + r3 ^= r0; \ +} + +#define _S3(i, r0, r1, r2, r3, r4) { \ + r4 = r0; \ + r0 |= r3; \ + r3 ^= r1; \ + r1 &= r4; \ + r4 ^= r2; \ + r2 ^= r3; \ + r3 &= r0; \ + r4 |= r1; \ + r3 ^= r4; \ + r0 ^= r1; \ + r4 &= r0; \ + r1 ^= r3; \ + r4 ^= r2; \ + r1 |= r0; \ + r1 ^= r2; \ + r0 ^= r3; \ + r2 = r1; \ + r1 |= r3; \ + r1 ^= r0; \ +} + +#define _I3(i, r0, r1, r2, r3, r4) { \ + r4 = r2; \ + r2 ^= r1; \ + r1 &= r2; \ + r1 ^= r0; \ + r0 &= r4; \ + r4 ^= r3; \ + r3 |= r1; \ + r3 ^= r2; \ + r0 ^= r4; \ + r2 ^= r0; \ + r0 |= r3; \ + r0 ^= r1; \ + r4 ^= r2; \ + r2 &= r3; \ + r1 |= r3; \ + r1 ^= r2; \ + r4 ^= r0; \ + r2 ^= r4; \ +} + +#define _S4(i, r0, r1, r2, r3, r4) { \ + r1 ^= r3; \ + r3 = ~r3; \ + r2 ^= r3; \ + r3 ^= r0; \ + r4 = r1; \ + r1 &= r3; \ + r1 ^= r2; \ + r4 ^= r3; \ + r0 ^= r4; \ + r2 &= r4; \ + r2 ^= r0; \ + r0 &= r1; \ + r3 ^= r0; \ + r4 |= r1; \ + r4 ^= r0; \ + r0 |= r3; \ + r0 ^= r2; \ + r2 &= r3; \ + r0 = ~r0; \ + r4 ^= r2; \ +} + +#define _I4(i, r0, r1, r2, r3, r4) { \ + r4 = r2; \ + r2 &= r3; \ + r2 ^= r1; \ + r1 |= r3; \ + r1 &= r0; \ + r4 ^= r2; \ + r4 ^= r1; \ + r1 &= r2; \ + r0 = ~r0; \ + r3 ^= r4; \ + r1 ^= r3; \ + r3 &= r0; \ + r3 ^= r2; \ + r0 ^= r1; \ + r2 &= r0; \ + r3 ^= r0; \ + r2 ^= r4; \ + r2 |= r3; \ + r3 ^= r0; \ + r2 ^= r1; \ +} + +#define _S5(i, r0, r1, r2, r3, r4) { \ + r0 ^= r1; \ + r1 ^= r3; \ + r3 = ~r3; \ + r4 = r1; \ + r1 &= r0; \ + r2 ^= r3; \ + r1 ^= r2; \ + r2 |= r4; \ + r4 ^= r3; \ + r3 &= r1; \ + r3 ^= r0; \ + r4 ^= r1; \ + r4 ^= r2; \ + r2 ^= r0; \ + r0 &= r3; \ + r2 = ~r2; \ + r0 ^= r4; \ + r4 |= r3; \ + r2 ^= r4; \ +} + +#define _I5(i, r0, r1, r2, r3, r4) { \ + r1 = ~r1; \ + r4 = r3; \ + r2 ^= r1; \ + r3 |= r0; \ + r3 ^= r2; \ + r2 |= r1; \ + r2 &= r0; \ + r4 ^= r3; \ + r2 ^= r4; \ + r4 |= r0; \ + r4 ^= r1; \ + r1 &= r2; \ + r1 ^= r3; \ + r4 ^= r2; \ + r3 &= r4; \ + r4 ^= r1; \ + r3 ^= r0; \ + r3 ^= r4; \ + r4 = ~r4; \ +} + +#define _S6(i, r0, r1, r2, r3, r4) { \ + r2 = ~r2; \ + r4 = r3; \ + r3 &= r0; \ + r0 ^= r4; \ + r3 ^= r2; \ + r2 |= r4; \ + r1 ^= r3; \ + r2 ^= r0; \ + r0 |= r1; \ + r2 ^= r1; \ + r4 ^= r0; \ + r0 |= r3; \ + r0 ^= r2; \ + r4 ^= r3; \ + r4 ^= r0; \ + r3 = ~r3; \ + r2 &= r4; \ + r2 ^= r3; \ +} + +#define _I6(i, r0, r1, r2, r3, r4) { \ + r0 ^= r2; \ + r4 = r2; \ + r2 &= r0; \ + r4 ^= r3; \ + r2 = ~r2; \ + r3 ^= r1; \ + r2 ^= r3; \ + r4 |= r0; \ + r0 ^= r2; \ + r3 ^= r4; \ + r4 ^= r1; \ + r1 &= r3; \ + r1 ^= r0; \ + r0 ^= r3; \ + r0 |= r2; \ + r3 ^= r1; \ + r4 ^= r0; \ +} + +#define _S7(i, r0, r1, r2, r3, r4) { \ + r4 = r2; \ + r2 &= r1; \ + r2 ^= r3; \ + r3 &= r1; \ + r4 ^= r2; \ + r2 ^= r1; \ + r1 ^= r0; \ + r0 |= r4; \ + r0 ^= r2; \ + r3 ^= r1; \ + r2 ^= r3; \ + r3 &= r0; \ + r3 ^= r4; \ + r4 ^= r2; \ + r2 &= r0; \ + r4 = ~r4; \ + r2 ^= r4; \ + r4 &= r0; \ + r1 ^= r3; \ + r4 ^= r1; \ +} + +#define _I7(i, r0, r1, r2, r3, r4) { \ + r4 = r2; \ + r2 ^= r0; \ + r0 &= r3; \ + r2 = ~r2; \ + r4 |= r3; \ + r3 ^= r1; \ + r1 |= r0; \ + r0 ^= r2; \ + r2 &= r4; \ + r1 ^= r2; \ + r2 ^= r0; \ + r0 |= r2; \ + r3 &= r4; \ + r0 ^= r3; \ + r4 ^= r1; \ + r3 ^= r4; \ + r4 |= r0; \ + r3 ^= r2; \ + r4 ^= r2; \ +} + +/* key xor */ +#define _KX(r, a, b, c, d, e) { \ + a ^= k[4 * r + 0]; \ + b ^= k[4 * r + 1]; \ + c ^= k[4 * r + 2]; \ + d ^= k[4 * r + 3]; \ +} + +#define _LK(r, a, b, c, d, e) { \ + a = k[(8-r)*4 + 0]; \ + b = k[(8-r)*4 + 1]; \ + c = k[(8-r)*4 + 2]; \ + d = k[(8-r)*4 + 3]; \ +} + +#define _SK(r, a, b, c, d, e) { \ + k[(8-r)*4 + 4] = a; \ + k[(8-r)*4 + 5] = b; \ + k[(8-r)*4 + 6] = c; \ + k[(8-r)*4 + 7] = d; \ +} + +static int _setup_key(const unsigned char *key, int keylen, int rounds, ulong32 *k) +{ + int i; + ulong32 t; + ulong32 k0[8] = { 0 }; /* zero-initialize */ + ulong32 a, b, c, d, e; + + for (i = 0; i < 8 && i < keylen/4; ++i) { + LOAD32L(k0[i], key + i * 4); + } + if (keylen < 32) { + k0[keylen/4] |= (ulong32)1 << ((keylen%4)*8); + } + + t = k0[7]; + for (i = 0; i < 8; ++i) { + k[i] = k0[i] = t = ROLc(k0[i] ^ k0[(i+3)%8] ^ k0[(i+5)%8] ^ t ^ 0x9e3779b9 ^ i, 11); + } + for (i = 8; i < 4*(rounds+1); ++i) { + k[i] = t = ROLc(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11); + } + k -= 20; + + for (i = 0; i < rounds/8; i++) { + _afterS2(_LK); _afterS2(_S3); _afterS3(_SK); + _afterS1(_LK); _afterS1(_S2); _afterS2(_SK); + _afterS0(_LK); _afterS0(_S1); _afterS1(_SK); + _beforeS0(_LK); _beforeS0(_S0); _afterS0(_SK); + k += 8*4; + _afterS6(_LK); _afterS6(_S7); _afterS7(_SK); + _afterS5(_LK); _afterS5(_S6); _afterS6(_SK); + _afterS4(_LK); _afterS4(_S5); _afterS5(_SK); + _afterS3(_LK); _afterS3(_S4); _afterS4(_SK); + } + _afterS2(_LK); _afterS2(_S3); _afterS3(_SK); + + return CRYPT_OK; +} + +static int _enc_block(const unsigned char *in, unsigned char *out, ulong32 *k) +{ + ulong32 a, b, c, d, e; + unsigned int i = 1; + + LOAD32L(a, in + 0); + LOAD32L(b, in + 4); + LOAD32L(c, in + 8); + LOAD32L(d, in + 12); + + do { + _beforeS0(_KX); _beforeS0(_S0); _afterS0(_LT); + _afterS0(_KX); _afterS0(_S1); _afterS1(_LT); + _afterS1(_KX); _afterS1(_S2); _afterS2(_LT); + _afterS2(_KX); _afterS2(_S3); _afterS3(_LT); + _afterS3(_KX); _afterS3(_S4); _afterS4(_LT); + _afterS4(_KX); _afterS4(_S5); _afterS5(_LT); + _afterS5(_KX); _afterS5(_S6); _afterS6(_LT); + _afterS6(_KX); _afterS6(_S7); + + if (i == 4) break; + + ++i; + c = b; + b = e; + e = d; + d = a; + a = e; + k += 32; + _beforeS0(_LT); + } while (1); + + _afterS7(_KX); + + STORE32L(d, out + 0); + STORE32L(e, out + 4); + STORE32L(b, out + 8); + STORE32L(a, out + 12); + + return CRYPT_OK; +} + +static int _dec_block(const unsigned char *in, unsigned char *out, ulong32 *k) +{ + ulong32 a, b, c, d, e; + unsigned int i; + + LOAD32L(a, in + 0); + LOAD32L(b, in + 4); + LOAD32L(c, in + 8); + LOAD32L(d, in + 12); + e = 0; LTC_UNUSED_PARAM(e); /* avoid scan-build warning */ + i = 4; + k += 96; + + _beforeI7(_KX); + goto start; + + do { + c = b; + b = d; + d = e; + k -= 32; + _beforeI7(_ILT); +start: + _beforeI7(_I7); _afterI7(_KX); + _afterI7(_ILT); _afterI7(_I6); _afterI6(_KX); + _afterI6(_ILT); _afterI6(_I5); _afterI5(_KX); + _afterI5(_ILT); _afterI5(_I4); _afterI4(_KX); + _afterI4(_ILT); _afterI4(_I3); _afterI3(_KX); + _afterI3(_ILT); _afterI3(_I2); _afterI2(_KX); + _afterI2(_ILT); _afterI2(_I1); _afterI1(_KX); + _afterI1(_ILT); _afterI1(_I0); _afterI0(_KX); + } while (--i != 0); + + STORE32L(a, out + 0); + STORE32L(d, out + 4); + STORE32L(b, out + 8); + STORE32L(e, out + 12); + + return CRYPT_OK; +} + +int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(skey != NULL); + + if (num_rounds != 0 && num_rounds != 32) return CRYPT_INVALID_ROUNDS; + if (keylen != 16 && keylen != 24 && keylen != 32) return CRYPT_INVALID_KEYSIZE; + + err = _setup_key(key, keylen, 32, skey->serpent.k); +#ifdef LTC_CLEAN_STACK + burn_stack(sizeof(ulong32) * 14 + sizeof(int)); +#endif + return err; +} + +int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +{ + int err = _enc_block(pt, ct, skey->serpent.k); +#ifdef LTC_CLEAN_STACK + burn_stack(sizeof(ulong32) * 5 + sizeof(int)); +#endif + return err; +} + +int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +{ + int err = _dec_block(ct, pt, skey->serpent.k); +#ifdef LTC_CLEAN_STACK + burn_stack(sizeof(ulong32) * 5 + sizeof(int)); +#endif + return err; +} + +void serpent_done(symmetric_key *skey) +{ + LTC_UNUSED_PARAM(skey); +} + +int serpent_keysize(int *keysize) +{ + LTC_ARGCHK(keysize != NULL); + + if (*keysize >= 32) { *keysize = 32; } + else if (*keysize >= 24) { *keysize = 24; } + else if (*keysize >= 16) { *keysize = 16; } + else return CRYPT_INVALID_KEYSIZE; + return CRYPT_OK; +} + +int serpent_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + static const struct { + unsigned char key[32]; + int keylen; + unsigned char pt[16], ct[16]; + } tests[] = { + { + /* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 32, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0xA2,0x23,0xAA,0x12,0x88,0x46,0x3C,0x0E,0x2B,0xE3,0x8E,0xBD,0x82,0x56,0x16,0xC0} + }, + { + /* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 32, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0xEA,0xE1,0xD4,0x05,0x57,0x01,0x74,0xDF,0x7D,0xF2,0xF9,0x96,0x6D,0x50,0x91,0x59} + }, + { + /* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 32, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x65,0xF3,0x76,0x84,0x47,0x1E,0x92,0x1D,0xC8,0xA3,0x0F,0x45,0xB4,0x3C,0x44,0x99} + }, + { + /* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 24, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x9E,0x27,0x4E,0xAD,0x9B,0x73,0x7B,0xB2,0x1E,0xFC,0xFC,0xA5,0x48,0x60,0x26,0x89} + }, + { + /* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 24, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x92,0xFC,0x8E,0x51,0x03,0x99,0xE4,0x6A,0x04,0x1B,0xF3,0x65,0xE7,0xB3,0xAE,0x82} + }, + { + /* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 24, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x5E,0x0D,0xA3,0x86,0xC4,0x6A,0xD4,0x93,0xDE,0xA2,0x03,0xFD,0xC6,0xF5,0x7D,0x70} + }, + { + /* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 16, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x26,0x4E,0x54,0x81,0xEF,0xF4,0x2A,0x46,0x06,0xAB,0xDA,0x06,0xC0,0xBF,0xDA,0x3D} + }, + { + /* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 16, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0x4A,0x23,0x1B,0x3B,0xC7,0x27,0x99,0x34,0x07,0xAC,0x6E,0xC8,0x35,0x0E,0x85,0x24} + }, + { + /* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* keylen */ 16, + /* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + /* ct */ {0xE0,0x32,0x69,0xF9,0xE9,0xFD,0x85,0x3C,0x7D,0x81,0x56,0xDF,0x14,0xB9,0x8D,0x56} + } + }; + + unsigned char buf[2][16]; + symmetric_key key; + int err, x; + + for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + if ((err = serpent_setup(tests[x].key, tests[x].keylen, 0, &key)) != CRYPT_OK) { + return err; + } + if ((err = serpent_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) { + return err; + } + if (compare_testvector(buf[0], 16, tests[x].ct, 16, "SERPENT Encrypt", x)) { + return CRYPT_FAIL_TESTVECTOR; + } + if ((err = serpent_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) { + return err; + } + if (compare_testvector(buf[1], 16, tests[x].pt, 16, "SERPENT Decrypt", x)) { + return CRYPT_FAIL_TESTVECTOR; + } + } + + return CRYPT_OK; +#endif +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/skipjack.c b/src/ltc/ciphers/skipjack.c index 4333a9f..d47f2d3 100644 --- a/src/ltc/ciphers/skipjack.c +++ b/src/ltc/ciphers/skipjack.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -298,7 +296,8 @@ int skipjack_test(void) skipjack_ecb_decrypt(buf[0], buf[1], &key); /* compare */ - if (XMEMCMP(buf[0], tests[x].ct, 8) != 0 || XMEMCMP(buf[1], tests[x].pt, 8) != 0) { + if (compare_testvector(buf[0], 8, tests[x].ct, 8, "Skipjack Encrypt", x) != 0 || + compare_testvector(buf[1], 8, tests[x].pt, 8, "Skipjack Decrypt", x) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -339,6 +338,6 @@ int skipjack_keysize(int *keysize) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/twofish/twofish.c b/src/ltc/ciphers/twofish/twofish.c index b2b41bb..b1584d1 100644 --- a/src/ltc/ciphers/twofish/twofish.c +++ b/src/ltc/ciphers/twofish/twofish.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -659,10 +657,8 @@ int twofish_test(void) } twofish_ecb_encrypt(tests[i].pt, tmp[0], &key); twofish_ecb_decrypt(tmp[0], tmp[1], &key); - if (XMEMCMP(tmp[0], tests[i].ct, 16) != 0 || XMEMCMP(tmp[1], tests[i].pt, 16) != 0) { -#if 0 - printf("Twofish failed test %d, %d, %d\n", i, XMEMCMP(tmp[0], tests[i].ct, 16), XMEMCMP(tmp[1], tests[i].pt, 16)); -#endif + if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "Twofish Encrypt", i) != 0 || + compare_testvector(tmp[1], 16, tests[i].pt, 16, "Twofish Decrypt", i) != 0) { return CRYPT_FAIL_TESTVECTOR; } /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ @@ -710,6 +706,6 @@ int twofish_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/twofish/twofish_tab.c b/src/ltc/ciphers/twofish/twofish_tab.c index 7ea8586..b4135ab 100644 --- a/src/ltc/ciphers/twofish/twofish_tab.c +++ b/src/ltc/ciphers/twofish/twofish_tab.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -493,6 +491,6 @@ static const ulong32 rs_tab7[256] = { #endif /* __LTC_TWOFISH_TAB_C__ */ #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/ciphers/xtea.c b/src/ltc/ciphers/xtea.c index 4b3b52b..fe26f98 100644 --- a/src/ltc/ciphers/xtea.c +++ b/src/ltc/ciphers/xtea.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -213,23 +211,8 @@ int xtea_test(void) xtea_ecb_encrypt(tests[i].pt, tmp[0], &skey); xtea_ecb_decrypt(tmp[0], tmp[1], &skey); - if (XMEMCMP(tmp[0], tests[i].ct, 8) != 0 || XMEMCMP(tmp[1], tests[i].pt, 8) != 0) { -#if 0 - printf("\n\nTest %d failed\n", i); - if (XMEMCMP(tmp[0], tests[i].ct, 8)) { - printf("CT: "); - for (i = 0; i < 8; i++) { - printf("%02x ", tmp[0][i]); - } - printf("\n"); - } else { - printf("PT: "); - for (i = 0; i < 8; i++) { - printf("%02x ", tmp[1][i]); - } - printf("\n"); - } -#endif + if (compare_testvector(tmp[0], 8, tests[i].ct, 8, "XTEA Encrypt", i) != 0 || + compare_testvector(tmp[1], 8, tests[i].pt, 8, "XTEA Decrypt", i) != 0) { return CRYPT_FAIL_TESTVECTOR; } @@ -273,6 +256,6 @@ int xtea_keysize(int *keysize) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_add_aad.c b/src/ltc/encauth/ccm/ccm_add_aad.c index 43a3d53..9744c57 100644 --- a/src/ltc/encauth/ccm/ccm_add_aad.c +++ b/src/ltc/encauth/ccm/ccm_add_aad.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -59,3 +57,7 @@ int ccm_add_aad(ccm_state *ccm, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_add_nonce.c b/src/ltc/encauth/ccm/ccm_add_nonce.c index 0f67fc2..ceffb8e 100644 --- a/src/ltc/encauth/ccm/ccm_add_nonce.c +++ b/src/ltc/encauth/ccm/ccm_add_nonce.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -109,3 +107,7 @@ int ccm_add_nonce(ccm_state *ccm, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_done.c b/src/ltc/encauth/ccm/ccm_done.c index 64c9f9f..797b7d9 100644 --- a/src/ltc/encauth/ccm/ccm_done.c +++ b/src/ltc/encauth/ccm/ccm_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -61,3 +59,7 @@ int ccm_done(ccm_state *ccm, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_init.c b/src/ltc/encauth/ccm/ccm_init.c index 7e3bdf8..b24e33e 100644 --- a/src/ltc/encauth/ccm/ccm_init.c +++ b/src/ltc/encauth/ccm/ccm_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -77,3 +75,7 @@ int ccm_init(ccm_state *ccm, int cipher, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_memory.c b/src/ltc/encauth/ccm/ccm_memory.c index eb41f99..0ffdbce 100644 --- a/src/ltc/encauth/ccm/ccm_memory.c +++ b/src/ltc/encauth/ccm/ccm_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -53,10 +51,6 @@ int ccm_memory(int cipher, symmetric_key *skey; int err; unsigned long len, L, x, y, z, CTRlen; -#ifdef LTC_FAST - LTC_FAST_TYPE fastMask = -1; /* initialize fastMask at all zeroes */ -#endif - unsigned char mask = 0xff; /* initialize mask at all zeroes */ if (uskey == NULL) { LTC_ARGCHK(key != NULL); @@ -144,7 +138,7 @@ int ccm_memory(int cipher, } /* initialize buffer for pt */ - if (direction == CCM_DECRYPT) { + if (direction == CCM_DECRYPT && ptlen > 0) { pt_work = XMALLOC(ptlen); if (pt_work == NULL) { goto error; @@ -335,6 +329,9 @@ int ccm_memory(int cipher, if (skey != uskey) { cipher_descriptor[cipher].done(skey); +#ifdef LTC_CLEAN_STACK + zeromem(skey, sizeof(*skey)); +#endif } if (direction == CCM_ENCRYPT) { @@ -359,28 +356,11 @@ int ccm_memory(int cipher, /* Zero the plaintext if the tag was invalid (in constant time) */ if (ptlen > 0) { - y = 0; - mask *= 1 - err; /* mask = ( err ? 0 : 0xff ) */ -#ifdef LTC_FAST - fastMask *= 1 - err; - if (ptlen & ~15) { - for (; y < (ptlen & ~15); y += 16) { - for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { - *(LTC_FAST_TYPE_PTR_CAST(&pt_real[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) & fastMask; - } - } - } -#endif - for (; y < ptlen; y++) { - pt_real[y] = pt[y] & mask; - } + copy_or_zeromem(pt, pt_real, ptlen, err); } } #ifdef LTC_CLEAN_STACK - fastMask = 0; - mask = 0; - zeromem(skey, sizeof(*skey)); zeromem(PAD, sizeof(PAD)); zeromem(CTRPAD, sizeof(CTRPAD)); if (pt_work != NULL) { @@ -400,6 +380,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_process.c b/src/ltc/encauth/ccm/ccm_process.c index 1f650ca..8346d22 100644 --- a/src/ltc/encauth/ccm/ccm_process.c +++ b/src/ltc/encauth/ccm/ccm_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -26,7 +24,8 @@ int ccm_process(ccm_state *ccm, unsigned char *ct, int direction) { - unsigned char y, z, b; + unsigned char z, b; + unsigned long y; int err; LTC_ARGCHK(ccm != NULL); @@ -46,9 +45,8 @@ int ccm_process(ccm_state *ccm, if (ptlen > 0) { LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); - y = 0; - for (; y < ptlen; y++) { + for (y = 0; y < ptlen; y++) { /* increment the ctr? */ if (ccm->CTRlen == 16) { for (z = 15; z > 15-ccm->L; z--) { @@ -84,3 +82,7 @@ int ccm_process(ccm_state *ccm, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ccm/ccm_reset.c b/src/ltc/encauth/ccm/ccm_reset.c index 855789d..c2d0cae 100644 --- a/src/ltc/encauth/ccm/ccm_reset.c +++ b/src/ltc/encauth/ccm/ccm_reset.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,3 +29,7 @@ int ccm_reset(ccm_state *ccm) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_add_aad.c b/src/ltc/encauth/chachapoly/chacha20poly1305_add_aad.c index 8d530a1..0c0cf9d 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_add_aad.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_add_aad.c @@ -32,3 +32,7 @@ int chacha20poly1305_add_aad(chacha20poly1305_state *st, const unsigned char *in } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c b/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c index 2677aff..1797932 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c @@ -29,7 +29,7 @@ int chacha20poly1305_decrypt(chacha20poly1305_state *st, const unsigned char *in LTC_ARGCHK(st != NULL); if (st->aadflg) { - padlen = 16 - (st->aadlen % 16); + padlen = 16 - (unsigned long)(st->aadlen % 16); if (padlen < 16) { if ((err = poly1305_process(&st->poly, padzero, padlen)) != CRYPT_OK) return err; } @@ -43,3 +43,7 @@ int chacha20poly1305_decrypt(chacha20poly1305_state *st, const unsigned char *in } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_done.c b/src/ltc/encauth/chachapoly/chacha20poly1305_done.c index 1b41589..127a7f0 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_done.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_done.c @@ -27,7 +27,7 @@ int chacha20poly1305_done(chacha20poly1305_state *st, unsigned char *tag, unsign LTC_ARGCHK(st != NULL); - padlen = 16 - (st->ctlen % 16); + padlen = 16 - (unsigned long)(st->ctlen % 16); if (padlen < 16) { if ((err = poly1305_process(&st->poly, padzero, padlen)) != CRYPT_OK) return err; } @@ -40,3 +40,7 @@ int chacha20poly1305_done(chacha20poly1305_state *st, unsigned char *tag, unsign } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c b/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c index 511f24b..c53c4a6 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c @@ -30,7 +30,7 @@ int chacha20poly1305_encrypt(chacha20poly1305_state *st, const unsigned char *in if ((err = chacha_crypt(&st->chacha, in, inlen, out)) != CRYPT_OK) return err; if (st->aadflg) { - padlen = 16 - (st->aadlen % 16); + padlen = 16 - (unsigned long)(st->aadlen % 16); if (padlen < 16) { if ((err = poly1305_process(&st->poly, padzero, padlen)) != CRYPT_OK) return err; } @@ -42,3 +42,7 @@ int chacha20poly1305_encrypt(chacha20poly1305_state *st, const unsigned char *in } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_init.c b/src/ltc/encauth/chachapoly/chacha20poly1305_init.c index 5195d12..2799e98 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_init.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_init.c @@ -24,3 +24,7 @@ int chacha20poly1305_init(chacha20poly1305_state *st, const unsigned char *key, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c b/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c index 759e704..54e2011 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c @@ -15,8 +15,8 @@ Process an entire GCM packet in one call. @param key The secret key @param keylen The length of the secret key - @param iv The initial vector - @param ivlen The length of the initial vector + @param iv The initialization vector + @param ivlen The length of the initialization vector @param aad The additional authentication data (header) @param aadlen The length of the aad @param in The plaintext @@ -24,7 +24,7 @@ @param out The ciphertext @param tag [out] The MAC tag @param taglen [in/out] The MAC tag length - @param direction Encrypt or Decrypt mode (CHCHA20POLY1305_ENCRYPT or CHCHA20POLY1305_DECRYPT) + @param direction Encrypt or Decrypt mode (CHACHA20POLY1305_ENCRYPT or CHACHA20POLY1305_DECRYPT) @return CRYPT_OK on success */ int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, @@ -49,10 +49,10 @@ int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, if (aad && aadlen > 0) { if ((err = chacha20poly1305_add_aad(&st, aad, aadlen)) != CRYPT_OK) { goto LBL_ERR; } } - if (direction == CHCHA20POLY1305_ENCRYPT) { + if (direction == CHACHA20POLY1305_ENCRYPT) { if ((err = chacha20poly1305_encrypt(&st, in, inlen, out)) != CRYPT_OK) { goto LBL_ERR; } } - else if (direction == CHCHA20POLY1305_DECRYPT) { + else if (direction == CHACHA20POLY1305_DECRYPT) { if ((err = chacha20poly1305_decrypt(&st, in, inlen, out)) != CRYPT_OK) { goto LBL_ERR; } } else { @@ -68,3 +68,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_setiv.c b/src/ltc/encauth/chachapoly/chacha20poly1305_setiv.c index e5d41c9..b87666e 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_setiv.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_setiv.c @@ -15,7 +15,7 @@ Set IV + counter data to the ChaCha20Poly1305 state and reset the context @param st The ChaCha20Poly1305 state @param iv The IV data to add - @param inlen The length of the IV (must be 12 or 8) + @param ivlen The length of the IV (must be 12 or 8) @return CRYPT_OK on success */ int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen) @@ -62,3 +62,7 @@ int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c b/src/ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c index 6bb4e58..7136a1e 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c @@ -15,7 +15,7 @@ Set IV + counter data (with RFC7905-magic) to the ChaCha20Poly1305 state and reset the context @param st The ChaCha20Poly1305 state @param iv The IV data to add - @param inlen The length of the IV (must be 12 or 8) + @param ivlen The length of the IV (must be 12 or 8) @param sequence_number 64bit sequence number which is incorporated into IV as described in RFC7905 @return CRYPT_OK on success */ @@ -34,3 +34,7 @@ int chacha20poly1305_setiv_rfc7905(chacha20poly1305_state *st, const unsigned ch } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_addheader.c b/src/ltc/encauth/eax/eax_addheader.c index 3c1d79b..5545336 100644 --- a/src/ltc/encauth/eax/eax_addheader.c +++ b/src/ltc/encauth/eax/eax_addheader.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @file eax_addheader.c @@ -33,6 +31,6 @@ int eax_addheader(eax_state *eax, const unsigned char *header, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_decrypt.c b/src/ltc/encauth/eax/eax_decrypt.c index 512b5b7..b140716 100644 --- a/src/ltc/encauth/eax/eax_decrypt.c +++ b/src/ltc/encauth/eax/eax_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -45,6 +43,6 @@ int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_decrypt_verify_memory.c b/src/ltc/encauth/eax/eax_decrypt_verify_memory.c index be07cf5..8c6540f 100644 --- a/src/ltc/encauth/eax/eax_decrypt_verify_memory.c +++ b/src/ltc/encauth/eax/eax_decrypt_verify_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -57,6 +55,9 @@ int eax_decrypt_verify_memory(int cipher, /* default to zero */ *stat = 0; + /* limit taglen */ + taglen = MIN(taglen, MAXBLOCKSIZE); + /* allocate ram */ buf = XMALLOC(taglen); eax = XMALLOC(sizeof(*eax)); @@ -84,7 +85,7 @@ int eax_decrypt_verify_memory(int cipher, } /* compare tags */ - if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) { + if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) { *stat = 1; } @@ -103,6 +104,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_done.c b/src/ltc/encauth/eax/eax_done.c index cac6093..b00bfe0 100644 --- a/src/ltc/encauth/eax/eax_done.c +++ b/src/ltc/encauth/eax/eax_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -89,6 +87,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_encrypt.c b/src/ltc/encauth/eax/eax_encrypt.c index 29eb6ee..174f263 100644 --- a/src/ltc/encauth/eax/eax_encrypt.c +++ b/src/ltc/encauth/eax/eax_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -46,6 +44,6 @@ int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_encrypt_authenticate_memory.c b/src/ltc/encauth/eax/eax_encrypt_authenticate_memory.c index 4b4815f..9980fc0 100644 --- a/src/ltc/encauth/eax/eax_encrypt_authenticate_memory.c +++ b/src/ltc/encauth/eax/eax_encrypt_authenticate_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -77,6 +75,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/eax/eax_init.c b/src/ltc/encauth/eax/eax_init.c index 55d8df1..154d7a9 100644 --- a/src/ltc/encauth/eax/eax_init.c +++ b/src/ltc/encauth/eax/eax_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -139,6 +137,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_add_aad.c b/src/ltc/encauth/gcm/gcm_add_aad.c index b9eb2df..cacc15b 100644 --- a/src/ltc/encauth/gcm/gcm_add_aad.c +++ b/src/ltc/encauth/gcm/gcm_add_aad.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -48,6 +46,8 @@ int gcm_add_aad(gcm_state *gcm, /* in IV mode? */ if (gcm->mode == LTC_GCM_MODE_IV) { + /* IV length must be > 0 */ + if (gcm->buflen == 0 && gcm->totlen == 0) return CRYPT_ERROR; /* let's process the IV */ if (gcm->ivmode || gcm->buflen != 12) { for (x = 0; x < (unsigned long)gcm->buflen; x++) { @@ -119,6 +119,6 @@ int gcm_add_aad(gcm_state *gcm, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_add_iv.c b/src/ltc/encauth/gcm/gcm_add_iv.c index bf0871a..3fd3861 100644 --- a/src/ltc/encauth/gcm/gcm_add_iv.c +++ b/src/ltc/encauth/gcm/gcm_add_iv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -89,6 +87,6 @@ int gcm_add_iv(gcm_state *gcm, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_done.c b/src/ltc/encauth/gcm/gcm_done.c index db950a5..ffd551e 100644 --- a/src/ltc/encauth/gcm/gcm_done.c +++ b/src/ltc/encauth/gcm/gcm_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -42,6 +40,15 @@ int gcm_done(gcm_state *gcm, return err; } + if (gcm->mode == LTC_GCM_MODE_IV) { + /* let's process the IV */ + if ((err = gcm_add_aad(gcm, NULL, 0)) != CRYPT_OK) return err; + } + + if (gcm->mode == LTC_GCM_MODE_AAD) { + /* let's process the AAD */ + if ((err = gcm_process(gcm, NULL, 0, NULL, 0)) != CRYPT_OK) return err; + } if (gcm->mode != LTC_GCM_MODE_TEXT) { return CRYPT_INVALID_ARG; @@ -78,6 +85,6 @@ int gcm_done(gcm_state *gcm, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_gf_mult.c b/src/ltc/encauth/gcm/gcm_gf_mult.c index 1b3387f..2e7a906 100644 --- a/src/ltc/encauth/gcm/gcm_gf_mult.c +++ b/src/ltc/encauth/gcm/gcm_gf_mult.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -60,7 +58,7 @@ const unsigned char gcm_shift_table[256*2] = { #ifndef LTC_FAST /* right shift */ -static void gcm_rightshift(unsigned char *a) +static void _gcm_rightshift(unsigned char *a) { int x; for (x = 15; x > 0; x--) { @@ -94,7 +92,7 @@ void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char * } } z = V[15] & 0x01; - gcm_rightshift(V); + _gcm_rightshift(V); V[0] ^= poly[z]; } XMEMCPY(c, Z, 16); @@ -215,7 +213,7 @@ void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char * #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_init.c b/src/ltc/encauth/gcm/gcm_init.c index 65282c1..072870d 100644 --- a/src/ltc/encauth/gcm/gcm_init.c +++ b/src/ltc/encauth/gcm/gcm_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -102,6 +100,6 @@ int gcm_init(gcm_state *gcm, int cipher, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_memory.c b/src/ltc/encauth/gcm/gcm_memory.c index 05d471b..7b59960 100644 --- a/src/ltc/encauth/gcm/gcm_memory.c +++ b/src/ltc/encauth/gcm/gcm_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -22,8 +20,8 @@ @param cipher Index of cipher to use @param key The secret key @param keylen The length of the secret key - @param IV The initial vector - @param IVlen The length of the initial vector + @param IV The initialization vector + @param IVlen The length of the initialization vector @param adata The additional authentication data (header) @param adatalen The length of the adata @param pt The plaintext @@ -103,6 +101,6 @@ LTC_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_mult_h.c b/src/ltc/encauth/gcm/gcm_mult_h.c index 8eee280..181d1d1 100644 --- a/src/ltc/encauth/gcm/gcm_mult_h.c +++ b/src/ltc/encauth/gcm/gcm_mult_h.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -54,6 +52,6 @@ void gcm_mult_h(gcm_state *gcm, unsigned char *I) } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_process.c b/src/ltc/encauth/gcm/gcm_process.c index 4116db8..b1ec20c 100644 --- a/src/ltc/encauth/gcm/gcm_process.c +++ b/src/ltc/encauth/gcm/gcm_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -54,6 +52,11 @@ int gcm_process(gcm_state *gcm, return CRYPT_INVALID_ARG; } + if (gcm->mode == LTC_GCM_MODE_IV) { + /* let's process the IV */ + if ((err = gcm_add_aad(gcm, NULL, 0)) != CRYPT_OK) return err; + } + /* in AAD mode? */ if (gcm->mode == LTC_GCM_MODE_AAD) { /* let's process the AAD */ @@ -152,6 +155,6 @@ int gcm_process(gcm_state *gcm, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/gcm/gcm_reset.c b/src/ltc/encauth/gcm/gcm_reset.c index f9596b4..3bd1088 100644 --- a/src/ltc/encauth/gcm/gcm_reset.c +++ b/src/ltc/encauth/gcm/gcm_reset.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -39,6 +37,6 @@ int gcm_reset(gcm_state *gcm) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_add_aad.c b/src/ltc/encauth/ocb3/ocb3_add_aad.c index 88f4d08..70e3211 100644 --- a/src/ltc/encauth/ocb3/ocb3_add_aad.c +++ b/src/ltc/encauth/ocb3/ocb3_add_aad.c @@ -15,6 +15,32 @@ #ifdef LTC_OCB3_MODE +/** + Add one block of AAD data (internal function) + @param ocb The OCB state + @param aad_block [in] AAD data (block_len size) + @return CRYPT_OK if successful +*/ +static int _ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_block) +{ + unsigned char tmp[MAXBLOCKSIZE]; + int err; + + /* Offset_i = Offset_{i-1} xor L_{ntz(i)} */ + ocb3_int_xor_blocks(ocb->aOffset_current, ocb->aOffset_current, ocb->L_[ocb3_int_ntz(ocb->ablock_index)], ocb->block_len); + + /* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */ + ocb3_int_xor_blocks(tmp, aad_block, ocb->aOffset_current, ocb->block_len); + if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) { + return err; + } + ocb3_int_xor_blocks(ocb->aSum_current, ocb->aSum_current, tmp, ocb->block_len); + + ocb->ablock_index++; + + return CRYPT_OK; +} + /** Add AAD - additional associated data @param ocb The OCB state @@ -28,10 +54,9 @@ int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen unsigned char *data; unsigned long datalen, l; - LTC_ARGCHK(ocb != NULL); - LTC_ARGCHK(aad != NULL); - + LTC_ARGCHK(ocb != NULL); if (aadlen == 0) return CRYPT_OK; + LTC_ARGCHK(aad != NULL); if (ocb->adata_buffer_bytes > 0) { l = ocb->block_len - ocb->adata_buffer_bytes; @@ -40,7 +65,7 @@ int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen ocb->adata_buffer_bytes += l; if (ocb->adata_buffer_bytes == ocb->block_len) { - if ((err = ocb3_int_aad_add_block(ocb, ocb->adata_buffer)) != CRYPT_OK) { + if ((err = _ocb3_int_aad_add_block(ocb, ocb->adata_buffer)) != CRYPT_OK) { return err; } ocb->adata_buffer_bytes = 0; @@ -61,7 +86,7 @@ int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen last_block_len = datalen - full_blocks_len; for (x=0; xblock_len)) != CRYPT_OK) { + if ((err = _ocb3_int_aad_add_block(ocb, data+x*ocb->block_len)) != CRYPT_OK) { return err; } } @@ -76,6 +101,6 @@ int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_decrypt.c b/src/ltc/encauth/ocb3/ocb3_decrypt.c index 24d6ad1..4973bd2 100644 --- a/src/ltc/encauth/ocb3/ocb3_decrypt.c +++ b/src/ltc/encauth/ocb3/ocb3_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -32,8 +30,10 @@ int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt_b, *ct_b; LTC_ARGCHK(ocb != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); + if (ctlen == 0) return CRYPT_OK; /* no data, nothing to do */ + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(pt != NULL); + if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) { return err; } @@ -81,6 +81,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_decrypt_last.c b/src/ltc/encauth/ocb3/ocb3_decrypt_last.c index a932d53..70608dc 100644 --- a/src/ltc/encauth/ocb3/ocb3_decrypt_last.c +++ b/src/ltc/encauth/ocb3/ocb3_decrypt_last.c @@ -30,7 +30,12 @@ int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ct int err, x, full_blocks, full_blocks_len, last_block_len; LTC_ARGCHK(ocb != NULL); - LTC_ARGCHK(ct != NULL); + if (ct == NULL) LTC_ARGCHK(ctlen == 0); + if (ctlen != 0) { + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(pt != NULL); + } + if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) { goto LBL_ERR; } @@ -100,6 +105,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_decrypt_verify_memory.c b/src/ltc/encauth/ocb3/ocb3_decrypt_verify_memory.c index ce8fe9c..066b62c 100644 --- a/src/ltc/encauth/ocb3/ocb3_decrypt_verify_memory.c +++ b/src/ltc/encauth/ocb3/ocb3_decrypt_verify_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -48,16 +46,14 @@ int ocb3_decrypt_verify_memory(int cipher, unsigned char *buf; unsigned long buflen; - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(nonce != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(tag != NULL); LTC_ARGCHK(stat != NULL); /* default to zero */ *stat = 0; + /* limit taglen */ + taglen = MIN(taglen, MAXBLOCKSIZE); + /* allocate memory */ buf = XMALLOC(taglen); ocb = XMALLOC(sizeof(ocb3_state)); @@ -71,12 +67,14 @@ int ocb3_decrypt_verify_memory(int cipher, return CRYPT_MEM; } - if ((err = ocb3_init(ocb, cipher, key, keylen, nonce, noncelen)) != CRYPT_OK) { + if ((err = ocb3_init(ocb, cipher, key, keylen, nonce, noncelen, taglen)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = ocb3_add_aad(ocb, adata, adatalen)) != CRYPT_OK) { - goto LBL_ERR; + if (adata != NULL || adatalen != 0) { + if ((err = ocb3_add_aad(ocb, adata, adatalen)) != CRYPT_OK) { + goto LBL_ERR; + } } if ((err = ocb3_decrypt_last(ocb, ct, ctlen, pt)) != CRYPT_OK) { @@ -89,7 +87,7 @@ int ocb3_decrypt_verify_memory(int cipher, } /* compare tags */ - if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) { + if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) { *stat = 1; } @@ -107,6 +105,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_done.c b/src/ltc/encauth/ocb3/ocb3_done.c index 4102d9c..b913d3a 100644 --- a/src/ltc/encauth/ocb3/ocb3_done.c +++ b/src/ltc/encauth/ocb3/ocb3_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -36,6 +34,12 @@ int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen) goto LBL_ERR; } + /* check taglen */ + if ((int)*taglen < ocb->tag_len) { + *taglen = (unsigned long)ocb->tag_len; + return CRYPT_BUFFER_OVERFLOW; + } + /* finalize AAD processing */ if (ocb->adata_buffer_bytes>0) { @@ -66,13 +70,9 @@ int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen) /* tag = tag ^ HASH(K, A) */ ocb3_int_xor_blocks(tmp, ocb->tag_part, ocb->aSum_current, ocb->block_len); - /* fix taglen if needed */ - if ((int)*taglen > ocb->block_len) { - *taglen = (unsigned long)ocb->block_len; - } - /* copy tag bytes */ - for(x=0; x<(int)*taglen; x++) tag[x] = tmp[x]; + for(x = 0; x < ocb->tag_len; x++) tag[x] = tmp[x]; + *taglen = (unsigned long)ocb->tag_len; err = CRYPT_OK; @@ -87,6 +87,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_encrypt.c b/src/ltc/encauth/ocb3/ocb3_encrypt.c index 1450478..337b025 100644 --- a/src/ltc/encauth/ocb3/ocb3_encrypt.c +++ b/src/ltc/encauth/ocb3/ocb3_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -32,8 +30,10 @@ int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *pt_b, *ct_b; LTC_ARGCHK(ocb != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); + if (ptlen == 0) return CRYPT_OK; /* no data, nothing to do */ + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) { return err; } @@ -81,6 +81,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.c b/src/ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.c index 60264a2..efc1a8f 100644 --- a/src/ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.c +++ b/src/ltc/encauth/ocb3/ocb3_encrypt_authenticate_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -44,11 +42,6 @@ int ocb3_encrypt_authenticate_memory(int cipher, int err; ocb3_state *ocb; - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(nonce != NULL); - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(tag != NULL); LTC_ARGCHK(taglen != NULL); /* allocate memory */ @@ -57,12 +50,14 @@ int ocb3_encrypt_authenticate_memory(int cipher, return CRYPT_MEM; } - if ((err = ocb3_init(ocb, cipher, key, keylen, nonce, noncelen)) != CRYPT_OK) { + if ((err = ocb3_init(ocb, cipher, key, keylen, nonce, noncelen, *taglen)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = ocb3_add_aad(ocb, adata, adatalen)) != CRYPT_OK) { - goto LBL_ERR; + if (adata != NULL || adatalen != 0) { + if ((err = ocb3_add_aad(ocb, adata, adatalen)) != CRYPT_OK) { + goto LBL_ERR; + } } if ((err = ocb3_encrypt_last(ocb, pt, ptlen, ct)) != CRYPT_OK) { @@ -82,6 +77,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_encrypt_last.c b/src/ltc/encauth/ocb3/ocb3_encrypt_last.c index b21cfae..8110a3c 100644 --- a/src/ltc/encauth/ocb3/ocb3_encrypt_last.c +++ b/src/ltc/encauth/ocb3/ocb3_encrypt_last.c @@ -30,7 +30,12 @@ int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long pt int err, x, full_blocks, full_blocks_len, last_block_len; LTC_ARGCHK(ocb != NULL); - LTC_ARGCHK(pt != NULL); + if (pt == NULL) LTC_ARGCHK(ptlen == 0); + if (ptlen != 0) { + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + } + if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) { goto LBL_ERR; } @@ -102,6 +107,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_init.c b/src/ltc/encauth/ocb3/ocb3_init.c index c73cb96..a3cabae 100644 --- a/src/ltc/encauth/ocb3/ocb3_init.c +++ b/src/ltc/encauth/ocb3/ocb3_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -17,19 +15,60 @@ #ifdef LTC_OCB3_MODE +static void _ocb3_int_calc_offset_zero(ocb3_state *ocb, const unsigned char *nonce, unsigned long noncelen, unsigned long taglen) +{ + int x, y, bottom; + int idx, shift; + unsigned char iNonce[MAXBLOCKSIZE]; + unsigned char iKtop[MAXBLOCKSIZE]; + unsigned char iStretch[MAXBLOCKSIZE+8]; + + /* Nonce = zeros(127-bitlen(N)) || 1 || N */ + zeromem(iNonce, sizeof(iNonce)); + for (x = ocb->block_len-1, y=0; y<(int)noncelen; x--, y++) { + iNonce[x] = nonce[noncelen-y-1]; + } + iNonce[x] = 0x01; + iNonce[0] |= ((taglen*8) % 128) << 1; + + /* bottom = str2num(Nonce[123..128]) */ + bottom = iNonce[ocb->block_len-1] & 0x3F; + + /* Ktop = ENCIPHER(K, Nonce[1..122] || zeros(6)) */ + iNonce[ocb->block_len-1] = iNonce[ocb->block_len-1] & 0xC0; + if ((cipher_descriptor[ocb->cipher].ecb_encrypt(iNonce, iKtop, &ocb->key)) != CRYPT_OK) { + zeromem(ocb->Offset_current, ocb->block_len); + return; + } + + /* Stretch = Ktop || (Ktop[1..64] xor Ktop[9..72]) */ + for (x = 0; x < ocb->block_len; x++) { + iStretch[x] = iKtop[x]; + } + for (y = 0; y < 8; y++) { + iStretch[x+y] = iKtop[y] ^ iKtop[y+1]; + } + + /* Offset_0 = Stretch[1+bottom..128+bottom] */ + idx = bottom / 8; + shift = (bottom % 8); + for (x = 0; x < ocb->block_len; x++) { + ocb->Offset_current[x] = iStretch[idx+x] << shift; + if (shift > 0) { + ocb->Offset_current[x] |= iStretch[idx+x+1] >> (8-shift); + } + } +} + static const struct { int len; - unsigned char poly_div[MAXBLOCKSIZE], - poly_mul[MAXBLOCKSIZE]; + unsigned char poly_mul[MAXBLOCKSIZE]; } polys[] = { { 8, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D }, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1B } }, { 16, - { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43 }, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87 } } @@ -42,12 +81,14 @@ static const struct { @param key The secret key @param keylen The length of the secret key (octets) @param nonce The session nonce - @param noncelen The length of the session nonce (octets) + @param noncelen The length of the session nonce (octets, up to 15) + @param taglen The length of the tag (octets, up to 16) @return CRYPT_OK if successful */ int ocb3_init(ocb3_state *ocb, int cipher, const unsigned char *key, unsigned long keylen, - const unsigned char *nonce, unsigned long noncelen) + const unsigned char *nonce, unsigned long noncelen, + unsigned long taglen) { int poly, x, y, m, err; unsigned char *previous, *current; @@ -62,6 +103,23 @@ int ocb3_init(ocb3_state *ocb, int cipher, } ocb->cipher = cipher; + /* Valid Nonce? + * As of RFC7253: "string of no more than 120 bits" */ + if (noncelen > (120/8)) { + return CRYPT_INVALID_ARG; + } + + /* The blockcipher must have a 128-bit blocksize */ + if (cipher_descriptor[cipher].block_length != 16) { + return CRYPT_INVALID_ARG; + } + + /* The TAGLEN may be any value up to 128 (bits) */ + if (taglen > 16) { + return CRYPT_INVALID_ARG; + } + ocb->tag_len = taglen; + /* determine which polys to use */ ocb->block_len = cipher_descriptor[cipher].block_length; x = (int)(sizeof(polys)/sizeof(polys[0])); @@ -114,7 +172,7 @@ int ocb3_init(ocb3_state *ocb, int cipher, } /* initialize ocb->Offset_current = Offset_0 */ - ocb3_int_calc_offset_zero(ocb, nonce, noncelen); + _ocb3_int_calc_offset_zero(ocb, nonce, noncelen, taglen); /* initialize checksum to all zeros */ zeromem(ocb->checksum, ocb->block_len); @@ -133,6 +191,6 @@ int ocb3_init(ocb3_state *ocb, int cipher, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c b/src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c deleted file mode 100644 index 0b7d8f7..0000000 --- a/src/ltc/encauth/ocb3/ocb3_int_aad_add_block.c +++ /dev/null @@ -1,49 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file ocb3_int_aad_add_block.c - OCB implementation, INTERNALL ONLY helper, by Karel Miko -*/ -#include "tomcrypt.h" - -#ifdef LTC_OCB3_MODE - -/** - Add one block of AAD data (internal function) - @param ocb The OCB state - @param aad_block [in] AAD data (block_len size) - @return CRYPT_OK if successful -*/ -int ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_block) -{ - unsigned char tmp[MAXBLOCKSIZE]; - int err; - - /* Offset_i = Offset_{i-1} xor L_{ntz(i)} */ - ocb3_int_xor_blocks(ocb->aOffset_current, ocb->aOffset_current, ocb->L_[ocb3_int_ntz(ocb->ablock_index)], ocb->block_len); - - /* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */ - ocb3_int_xor_blocks(tmp, aad_block, ocb->aOffset_current, ocb->block_len); - if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) { - return err; - } - ocb3_int_xor_blocks(ocb->aSum_current, ocb->aSum_current, tmp, ocb->block_len); - - ocb->ablock_index++; - - return CRYPT_OK; -} - -#endif - - -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_int_calc_offset_zero.c b/src/ltc/encauth/ocb3/ocb3_int_calc_offset_zero.c deleted file mode 100644 index 93b171f..0000000 --- a/src/ltc/encauth/ocb3/ocb3_int_calc_offset_zero.c +++ /dev/null @@ -1,72 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -/** - @file ocb3_int_calc_offset_zero.c - OCB implementation, INTERNAL ONLY helper, by Karel Miko -*/ -#include "tomcrypt.h" - -#ifdef LTC_OCB3_MODE - -/** - Sets 'ocb->Offset_current' to 'Offset_0' value (internal function) - @param ocb The OCB state - @param nonce The session nonce - @param noncelen The length of the session nonce (octets) -*/ -void ocb3_int_calc_offset_zero(ocb3_state *ocb, const unsigned char *nonce, unsigned long noncelen) -{ - int x, y, bottom; - int idx, shift; - unsigned char iNonce[MAXBLOCKSIZE]; - unsigned char iKtop[MAXBLOCKSIZE]; - unsigned char iStretch[MAXBLOCKSIZE+8]; - - /* Nonce = zeros(127-bitlen(N)) || 1 || N */ - zeromem(iNonce, sizeof(iNonce)); - for (x = ocb->block_len-1, y=0; y<(int)noncelen; x--, y++) { - iNonce[x] = nonce[noncelen-y-1]; - } - iNonce[x] = 0x01; - - /* bottom = str2num(Nonce[123..128]) */ - bottom = iNonce[ocb->block_len-1] & 0x3F; - - /* Ktop = ENCIPHER(K, Nonce[1..122] || zeros(6)) */ - iNonce[ocb->block_len-1] = iNonce[ocb->block_len-1] & 0xC0; - if ((cipher_descriptor[ocb->cipher].ecb_encrypt(iNonce, iKtop, &ocb->key)) != CRYPT_OK) { - zeromem(ocb->Offset_current, ocb->block_len); - return; - } - - /* Stretch = Ktop || (Ktop[1..64] xor Ktop[9..72]) */ - for (x = 0; x < ocb->block_len; x++) { - iStretch[x] = iKtop[x]; - } - for (y = 0; y < 8; y++) { - iStretch[x+y] = iKtop[y] ^ iKtop[y+1]; - } - - /* Offset_0 = Stretch[1+bottom..128+bottom] */ - idx = bottom / 8; - shift = (bottom % 8); - for (x = 0; x < ocb->block_len; x++) { - ocb->Offset_current[x] = iStretch[idx+x] << shift; - if (shift > 0) { - ocb->Offset_current[x] |= iStretch[idx+x+1] >> (8-shift); - } - } -} - -#endif - -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_int_ntz.c b/src/ltc/encauth/ocb3/ocb3_int_ntz.c index 48239fe..3c5b18d 100644 --- a/src/ltc/encauth/ocb3/ocb3_int_ntz.c +++ b/src/ltc/encauth/ocb3/ocb3_int_ntz.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -36,6 +34,6 @@ int ocb3_int_ntz(unsigned long x) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c b/src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c index 92eb293..798bddc 100644 --- a/src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c +++ b/src/ltc/encauth/ocb3/ocb3_int_xor_blocks.c @@ -35,6 +35,6 @@ void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/blake2b.c b/src/ltc/hashes/blake2b.c index b01f63e..cd5115c 100644 --- a/src/ltc/hashes/blake2b.c +++ b/src/ltc/hashes/blake2b.c @@ -342,7 +342,7 @@ int blake2b_process(hash_state *md, const unsigned char *in, unsigned long inlen unsigned long fill = BLAKE2B_BLOCKBYTES - left; if (inlen > fill) { md->blake2b.curlen = 0; - XMEMCPY(md->blake2b.buf + left, in, fill); /* Fill buffer */ + XMEMCPY(md->blake2b.buf + (left % sizeof(md->blake2b.buf)), in, fill); /* Fill buffer */ blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES); blake2b_compress(md, md->blake2b.buf); /* Compress */ in += fill; @@ -399,7 +399,7 @@ int blake2b_512_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[64]; } tests[] = { { "", @@ -432,8 +432,9 @@ int blake2b_512_test(void) blake2b_512_init(&md); blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2b_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; #endif @@ -449,7 +450,7 @@ int blake2b_384_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[48]; } tests[] = { { "", @@ -478,8 +479,9 @@ int blake2b_384_test(void) blake2b_384_init(&md); blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2b_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; #endif @@ -495,7 +497,7 @@ int blake2b_256_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[32]; } tests[] = { { "", @@ -530,8 +532,9 @@ int blake2b_256_test(void) blake2b_256_init(&md); blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2b_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; #endif @@ -547,7 +550,7 @@ int blake2b_160_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[20]; } tests[] = { { "", @@ -570,11 +573,16 @@ int blake2b_160_test(void) blake2b_160_init(&md); blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2b_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; #endif } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/blake2s.c b/src/ltc/hashes/blake2s.c index daa45a5..e3e90f8 100644 --- a/src/ltc/hashes/blake2s.c +++ b/src/ltc/hashes/blake2s.c @@ -330,7 +330,7 @@ int blake2s_process(hash_state *md, const unsigned char *in, unsigned long inlen unsigned long fill = BLAKE2S_BLOCKBYTES - left; if (inlen > fill) { md->blake2s.curlen = 0; - XMEMCPY(md->blake2s.buf + left, in, fill); /* Fill buffer */ + XMEMCPY(md->blake2s.buf + (left % sizeof(md->blake2s.buf)), in, fill); /* Fill buffer */ blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES); blake2s_compress(md, md->blake2s.buf); /* Compress */ in += fill; @@ -387,7 +387,7 @@ int blake2s_256_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[32]; } tests[] = { { "", @@ -422,8 +422,9 @@ int blake2s_256_test(void) blake2s_256_init(&md); blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2s_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; @@ -440,7 +441,7 @@ int blake2s_224_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[28]; } tests[] = { { "", @@ -465,8 +466,9 @@ int blake2s_224_test(void) blake2s_224_init(&md); blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2s_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; @@ -483,7 +485,7 @@ int blake2s_160_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[20]; } tests[] = { { "", @@ -506,8 +508,9 @@ int blake2s_160_test(void) blake2s_160_init(&md); blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2s_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; @@ -524,7 +527,7 @@ int blake2s_128_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[16]; } tests[] = { { "", @@ -545,11 +548,16 @@ int blake2s_128_test(void) blake2s_128_init(&md); blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); blake2s_done(&md, tmp); - if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) { return CRYPT_FAIL_TESTVECTOR; + } } return CRYPT_OK; #endif } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/chc/chc.c b/src/ltc/hashes/chc/chc.c index bff4d80..0861a88 100644 --- a/src/ltc/hashes/chc/chc.c +++ b/src/ltc/hashes/chc/chc.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -155,7 +153,13 @@ static int chc_compress(hash_state *md, unsigned char *buf) return CRYPT_OK; } -/* function for processing blocks */ +/** + Function for processing blocks + @param md The hash state + @param buf The data to hash + @param len The length of the data (octets) + @return CRYPT_OK if successful +*/ static int _chc_process(hash_state * md, const unsigned char *buf, unsigned long len); static HASH_PROCESS(_chc_process, chc_compress, chc, (unsigned long)cipher_blocksize) @@ -256,7 +260,7 @@ int chc_test(void) #else static const struct { unsigned char *msg, - md[MAXBLOCKSIZE]; + hash[MAXBLOCKSIZE]; int len; } tests[] = { { @@ -266,8 +270,8 @@ int chc_test(void) 16 } }; - int x, oldhashidx, idx; - unsigned char out[MAXBLOCKSIZE]; + int i, oldhashidx, idx; + unsigned char tmp[MAXBLOCKSIZE]; hash_state md; /* AES can be under rijndael or aes... try to find it */ @@ -279,11 +283,11 @@ int chc_test(void) oldhashidx = cipher_idx; chc_register(idx); - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { chc_init(&md); - chc_process(&md, tests[x].msg, strlen((char *)tests[x].msg)); - chc_done(&md, out); - if (XMEMCMP(out, tests[x].md, tests[x].len)) { + chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg)); + chc_done(&md, tmp); + if (compare_testvector(tmp, tests[i].len, tests[i].hash, tests[i].len, "CHC", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -297,6 +301,6 @@ int chc_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/helper/hash_file.c b/src/ltc/hashes/helper/hash_file.c index bb899a1..0b96eae 100644 --- a/src/ltc/hashes/helper/hash_file.c +++ b/src/ltc/hashes/helper/hash_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -50,6 +48,6 @@ int hash_file(int hash, const char *fname, unsigned char *out, unsigned long *ou #endif /* #ifndef LTC_NO_FILE */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/helper/hash_filehandle.c b/src/ltc/hashes/helper/hash_filehandle.c index e1d037e..0e4d7a6 100644 --- a/src/ltc/hashes/helper/hash_filehandle.c +++ b/src/ltc/hashes/helper/hash_filehandle.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -52,14 +50,15 @@ int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outle goto LBL_ERR; } - *outlen = hash_descriptor[hash].hashsize; do { x = fread(buf, 1, LTC_FILE_READ_BUFSIZE, in); if ((err = hash_descriptor[hash].process(&md, buf, (unsigned long)x)) != CRYPT_OK) { goto LBL_CLEANBUF; } } while (x == LTC_FILE_READ_BUFSIZE); - err = hash_descriptor[hash].done(&md, out); + if ((err = hash_descriptor[hash].done(&md, out)) == CRYPT_OK) { + *outlen = hash_descriptor[hash].hashsize; + } LBL_CLEANBUF: zeromem(buf, LTC_FILE_READ_BUFSIZE); @@ -70,6 +69,6 @@ LBL_ERR: #endif /* #ifndef LTC_NO_FILE */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/helper/hash_memory.c b/src/ltc/hashes/helper/hash_memory.c index 53caa5d..e8471ac 100644 --- a/src/ltc/hashes/helper/hash_memory.c +++ b/src/ltc/hashes/helper/hash_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -66,6 +64,6 @@ LBL_ERR: } #endif /* #ifdef LTC_HASH_HELPERS */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/helper/hash_memory_multi.c b/src/ltc/hashes/helper/hash_memory_multi.c index 560d6f6..d10b458 100644 --- a/src/ltc/hashes/helper/hash_memory_multi.c +++ b/src/ltc/hashes/helper/hash_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -85,6 +83,6 @@ LBL_ERR: } #endif /* #ifdef LTC_HASH_HELPERS */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/md2.c b/src/ltc/hashes/md2.c index 0410923..36cc8ae 100644 --- a/src/ltc/hashes/md2.c +++ b/src/ltc/hashes/md2.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -193,8 +191,8 @@ int md2_test(void) return CRYPT_NOP; #else static const struct { - char *msg; - unsigned char md[16]; + const char *msg; + unsigned char hash[16]; } tests[] = { { "", {0x83,0x50,0xe5,0xa3,0xe2,0x4c,0x15,0x3d, @@ -227,15 +225,16 @@ int md2_test(void) } } }; + int i; + unsigned char tmp[16]; hash_state md; - unsigned char buf[16]; for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { md2_init(&md); md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); - md2_done(&md, buf); - if (XMEMCMP(buf, tests[i].md, 16) != 0) { + md2_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -246,6 +245,6 @@ int md2_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/md4.c b/src/ltc/hashes/md4.c index b2527b5..09b6e31 100644 --- a/src/ltc/hashes/md4.c +++ b/src/ltc/hashes/md4.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -256,9 +254,9 @@ int md4_test(void) return CRYPT_NOP; #else static const struct md4_test_case { - char *input; - unsigned char digest[16]; - } cases[] = { + const char *input; + unsigned char hash[16]; + } tests[] = { { "", {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, 0xb7, 0x3c, 0x59, 0xd7, 0xe0, 0xc0, 0x89, 0xc0} }, @@ -281,15 +279,16 @@ int md4_test(void) {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36} }, }; - int i; - hash_state md; - unsigned char digest[16]; - for(i = 0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) { + int i; + unsigned char tmp[16]; + hash_state md; + + for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { md4_init(&md); - md4_process(&md, (unsigned char *)cases[i].input, (unsigned long)strlen(cases[i].input)); - md4_done(&md, digest); - if (XMEMCMP(digest, cases[i].digest, 16) != 0) { + md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input)); + md4_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) { return CRYPT_FAIL_TESTVECTOR; } @@ -302,6 +301,6 @@ int md4_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/md5.c b/src/ltc/hashes/md5.c index 1d0ec92..511329a 100644 --- a/src/ltc/hashes/md5.c +++ b/src/ltc/hashes/md5.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -316,7 +314,7 @@ int md5_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[16]; } tests[] = { { "", @@ -351,7 +349,7 @@ int md5_test(void) md5_init(&md); md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); md5_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 16) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -363,6 +361,6 @@ int md5_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/rmd128.c b/src/ltc/hashes/rmd128.c index af16f1f..df1af1a 100644 --- a/src/ltc/hashes/rmd128.c +++ b/src/ltc/hashes/rmd128.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -355,8 +353,8 @@ int rmd128_test(void) return CRYPT_NOP; #else static const struct { - char *msg; - unsigned char md[16]; + const char *msg; + unsigned char hash[16]; } tests[] = { { "", { 0xcd, 0xf2, 0x62, 0x13, 0xa1, 0x50, 0xdc, 0x3e, @@ -383,18 +381,16 @@ int rmd128_test(void) 0xae, 0xa4, 0x62, 0x4c, 0x60, 0xc5, 0xc7, 0x02 } } }; - int x; - unsigned char buf[16]; + + int i; + unsigned char tmp[16]; hash_state md; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { rmd128_init(&md); - rmd128_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg)); - rmd128_done(&md, buf); - if (XMEMCMP(buf, tests[x].md, 16) != 0) { - #if 0 - printf("Failed test %d\n", x); - #endif + rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); + rmd128_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD128", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -405,6 +401,6 @@ int rmd128_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/rmd160.c b/src/ltc/hashes/rmd160.c index ac41e5b..8add41e 100644 --- a/src/ltc/hashes/rmd160.c +++ b/src/ltc/hashes/rmd160.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -414,8 +412,8 @@ int rmd160_test(void) return CRYPT_NOP; #else static const struct { - char *msg; - unsigned char md[20]; + const char *msg; + unsigned char hash[20]; } tests[] = { { "", { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28, @@ -442,18 +440,16 @@ int rmd160_test(void) 0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b } } }; - int x; - unsigned char buf[20]; + + int i; + unsigned char tmp[20]; hash_state md; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { rmd160_init(&md); - rmd160_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg)); - rmd160_done(&md, buf); - if (XMEMCMP(buf, tests[x].md, 20) != 0) { -#if 0 - printf("Failed test %d\n", x); -#endif + rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); + rmd160_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD160", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -464,6 +460,6 @@ int rmd160_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/rmd256.c b/src/ltc/hashes/rmd256.c index cbfadcc..5fade82 100644 --- a/src/ltc/hashes/rmd256.c +++ b/src/ltc/hashes/rmd256.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -368,8 +366,8 @@ int rmd256_test(void) return CRYPT_NOP; #else static const struct { - char *msg; - unsigned char md[32]; + const char *msg; + unsigned char hash[32]; } tests[] = { { "", { 0x02, 0xba, 0x4c, 0x4e, 0x5f, 0x8e, 0xcd, 0x18, @@ -408,18 +406,16 @@ int rmd256_test(void) 0xa8, 0x9f, 0x7e, 0xa6, 0xde, 0x77, 0xa0, 0xb8 } } }; - int x; - unsigned char buf[32]; + + int i; + unsigned char tmp[32]; hash_state md; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { rmd256_init(&md); - rmd256_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg)); - rmd256_done(&md, buf); - if (XMEMCMP(buf, tests[x].md, 32) != 0) { - #if 0 - printf("Failed test %d\n", x); - #endif + rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); + rmd256_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD256", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -429,3 +425,6 @@ int rmd256_test(void) #endif +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/rmd320.c b/src/ltc/hashes/rmd320.c index 26119f9..a4356c4 100644 --- a/src/ltc/hashes/rmd320.c +++ b/src/ltc/hashes/rmd320.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -433,8 +431,8 @@ int rmd320_test(void) return CRYPT_NOP; #else static const struct { - char *msg; - unsigned char md[40]; + const char *msg; + unsigned char hash[40]; } tests[] = { { "", { 0x22, 0xd6, 0x5d, 0x56, 0x61, 0x53, 0x6c, 0xdc, 0x75, 0xc1, @@ -473,18 +471,16 @@ int rmd320_test(void) 0xbc, 0x74, 0x70, 0xa9, 0x69, 0xc9, 0xd0, 0x72, 0xa1, 0xac } } }; - int x; - unsigned char buf[40]; + + int i; + unsigned char tmp[40]; hash_state md; - for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { + for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { rmd320_init(&md); - rmd320_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg)); - rmd320_done(&md, buf); - if (XMEMCMP(buf, tests[x].md, 40) != 0) { -#if 0 - printf("Failed test %d\n", x); -#endif + rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); + rmd320_done(&md, tmp); + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -494,3 +490,6 @@ int rmd320_test(void) #endif +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha1.c b/src/ltc/hashes/sha1.c index 96c3b93..40f0175 100644 --- a/src/ltc/hashes/sha1.c +++ b/src/ltc/hashes/sha1.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -248,7 +246,7 @@ int sha1_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[20]; } tests[] = { { "abc", @@ -271,7 +269,7 @@ int sha1_test(void) sha1_init(&md); sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha1_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 20) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -283,6 +281,6 @@ int sha1_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha224.c b/src/ltc/hashes/sha2/sha224.c index 2240aaf..773a2c5 100644 --- a/src/ltc/hashes/sha2/sha224.c +++ b/src/ltc/hashes/sha2/sha224.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @param sha224.c @@ -90,7 +88,7 @@ int sha224_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[28]; } tests[] = { { "abc", @@ -115,7 +113,7 @@ int sha224_test(void) sha224_init(&md); sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha224_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 28) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA224", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -126,6 +124,6 @@ int sha224_test(void) #endif /* defined(LTC_SHA224) && defined(LTC_SHA256) */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha256.c b/src/ltc/hashes/sha2/sha256.c index 13ec9e6..f1dc423 100644 --- a/src/ltc/hashes/sha2/sha256.c +++ b/src/ltc/hashes/sha2/sha256.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -294,7 +292,7 @@ int sha256_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[32]; } tests[] = { { "abc", @@ -319,7 +317,7 @@ int sha256_test(void) sha256_init(&md); sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha256_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 32) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA256", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -331,6 +329,6 @@ int sha256_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha384.c b/src/ltc/hashes/sha2/sha384.c index 483784b..1623812 100644 --- a/src/ltc/hashes/sha2/sha384.c +++ b/src/ltc/hashes/sha2/sha384.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @param sha384.c @@ -92,7 +90,7 @@ int sha384_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[48]; } tests[] = { { "abc", @@ -121,7 +119,7 @@ int sha384_test(void) sha384_init(&md); sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha384_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 48) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA384", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -131,6 +129,6 @@ int sha384_test(void) #endif /* defined(LTC_SHA384) && defined(LTC_SHA512) */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha512.c b/src/ltc/hashes/sha2/sha512.c index fbf14de..110203a 100644 --- a/src/ltc/hashes/sha2/sha512.c +++ b/src/ltc/hashes/sha2/sha512.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -264,7 +262,7 @@ int sha512_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[64]; } tests[] = { { "abc", @@ -297,7 +295,7 @@ int sha512_test(void) sha512_init(&md); sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha512_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 64) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -310,6 +308,6 @@ int sha512_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha512_224.c b/src/ltc/hashes/sha2/sha512_224.c index 98fba3a..48bb938 100644 --- a/src/ltc/hashes/sha2/sha512_224.c +++ b/src/ltc/hashes/sha2/sha512_224.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @param sha512_224.c @@ -92,7 +90,7 @@ int sha512_224_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[28]; } tests[] = { { "abc", @@ -117,7 +115,7 @@ int sha512_224_test(void) sha512_224_init(&md); sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha512_224_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 28) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-224", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -127,6 +125,6 @@ int sha512_224_test(void) #endif /* defined(LTC_SHA384) && defined(LTC_SHA512) */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha2/sha512_256.c b/src/ltc/hashes/sha2/sha512_256.c index 86e4bac..943adaa 100644 --- a/src/ltc/hashes/sha2/sha512_256.c +++ b/src/ltc/hashes/sha2/sha512_256.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @param sha512_256.c @@ -92,7 +90,7 @@ int sha512_256_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[32]; } tests[] = { { "abc", @@ -117,7 +115,7 @@ int sha512_256_test(void) sha512_256_init(&md); sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); sha512_256_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 32) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-265", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -127,6 +125,6 @@ int sha512_256_test(void) #endif /* defined(LTC_SHA384) && defined(LTC_SHA512) */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha3.c b/src/ltc/hashes/sha3.c index 68dea0b..1c01d6a 100644 --- a/src/ltc/hashes/sha3.c +++ b/src/ltc/hashes/sha3.c @@ -18,7 +18,7 @@ const struct ltc_hash_descriptor sha3_224_desc = "sha3-224", /* name of hash */ 17, /* internal ID */ 28, /* Size of digest in octets */ - 128, /* Input block size in octets */ + 144, /* Input block size in octets */ { 2,16,840,1,101,3,4,2,7 }, /* ASN.1 OID */ 9, /* Length OID */ &sha3_224_init, @@ -33,7 +33,7 @@ const struct ltc_hash_descriptor sha3_256_desc = "sha3-256", /* name of hash */ 18, /* internal ID */ 32, /* Size of digest in octets */ - 128, /* Input block size in octets */ + 136, /* Input block size in octets */ { 2,16,840,1,101,3,4,2,8 }, /* ASN.1 OID */ 9, /* Length OID */ &sha3_256_init, @@ -48,7 +48,7 @@ const struct ltc_hash_descriptor sha3_384_desc = "sha3-384", /* name of hash */ 19, /* internal ID */ 48, /* Size of digest in octets */ - 128, /* Input block size in octets */ + 104, /* Input block size in octets */ { 2,16,840,1,101,3,4,2,9 }, /* ASN.1 OID */ 9, /* Length OID */ &sha3_384_init, @@ -63,7 +63,7 @@ const struct ltc_hash_descriptor sha3_512_desc = "sha3-512", /* name of hash */ 20, /* internal ID */ 64, /* Size of digest in octets */ - 128, /* Input block size in octets */ + 72, /* Input block size in octets */ { 2,16,840,1,101,3,4,2,10 }, /* ASN.1 OID */ 9, /* Length OID */ &sha3_512_init, @@ -72,6 +72,67 @@ const struct ltc_hash_descriptor sha3_512_desc = &sha3_512_test, NULL }; +#endif + +#ifdef LTC_KECCAK +const struct ltc_hash_descriptor keccak_224_desc = +{ + "keccak224", /* name of hash */ + 29, /* internal ID */ + 28, /* Size of digest in octets */ + 144, /* Input block size in octets */ + { 0 }, 0, /* no ASN.1 OID */ + &sha3_224_init, + &sha3_process, + &keccak_done, + &keccak_224_test, + NULL +}; + +const struct ltc_hash_descriptor keccak_256_desc = +{ + "keccak256", /* name of hash */ + 30, /* internal ID */ + 32, /* Size of digest in octets */ + 136, /* Input block size in octets */ + { 0 }, 0, /* no ASN.1 OID */ + &sha3_256_init, + &sha3_process, + &keccak_done, + &keccak_256_test, + NULL +}; + +const struct ltc_hash_descriptor keccak_384_desc = +{ + "keccak384", /* name of hash */ + 31, /* internal ID */ + 48, /* Size of digest in octets */ + 104, /* Input block size in octets */ + { 0 }, 0, /* no ASN.1 OID */ + &sha3_384_init, + &sha3_process, + &keccak_done, + &keccak_384_test, + NULL +}; + +const struct ltc_hash_descriptor keccak_512_desc = +{ + "keccak512", /* name of hash */ + 32, /* internal ID */ + 64, /* Size of digest in octets */ + 72, /* Input block size in octets */ + { 0 }, 0, /* no ASN.1 OID */ + &sha3_512_init, + &sha3_process, + &keccak_done, + &keccak_512_test, + NULL +}; +#endif + +#if defined(LTC_SHA3) || defined(LTC_KECCAK) #define SHA3_KECCAK_SPONGE_WORDS 25 /* 1600 bits > 200 bytes > 25 x ulong64 */ #define SHA3_KECCAK_ROUNDS 24 @@ -134,6 +195,26 @@ static void keccakf(ulong64 s[25]) } } +static LTC_INLINE int _done(hash_state *md, unsigned char *hash, ulong64 pad) +{ + unsigned i; + + LTC_ARGCHK(md != NULL); + LTC_ARGCHK(hash != NULL); + + md->sha3.s[md->sha3.word_index] ^= (md->sha3.saved ^ (pad << (md->sha3.byte_index * 8))); + md->sha3.s[SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words - 1] ^= CONST64(0x8000000000000000); + keccakf(md->sha3.s); + + /* store sha3.s[] as little-endian bytes into sha3.sb */ + for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) { + STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); + } + + XMEMCPY(hash, md->sha3.sb, md->sha3.capacity_words * 4); + return CRYPT_OK; +} + /* Public Inteface */ int sha3_224_init(hash_state *md) @@ -168,6 +249,7 @@ int sha3_512_init(hash_state *md) return CRYPT_OK; } +#ifdef LTC_SHA3 int sha3_shake_init(hash_state *md, int num) { LTC_ARGCHK(md != NULL); @@ -176,6 +258,7 @@ int sha3_shake_init(hash_state *md, int num) md->sha3.capacity_words = (unsigned short)(2 * num / (8 * sizeof(ulong64))); return CRYPT_OK; } +#endif int sha3_process(hash_state *md, const unsigned char *in, unsigned long inlen) { @@ -229,24 +312,21 @@ int sha3_process(hash_state *md, const unsigned char *in, unsigned long inlen) return CRYPT_OK; } +#ifdef LTC_SHA3 int sha3_done(hash_state *md, unsigned char *hash) { - unsigned i; - - LTC_ARGCHK(md != NULL); - LTC_ARGCHK(hash != NULL); - - md->sha3.s[md->sha3.word_index] ^= (md->sha3.saved ^ (CONST64(0x06) << (md->sha3.byte_index * 8))); - md->sha3.s[SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words - 1] ^= CONST64(0x8000000000000000); - keccakf(md->sha3.s); - - /* store sha3.s[] as little-endian bytes into sha3.sb */ - for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); - - XMEMCPY(hash, md->sha3.sb, md->sha3.capacity_words * 4); - return CRYPT_OK; + return _done(md, hash, CONST64(0x06)); } +#endif +#ifdef LTC_KECCAK +int keccak_done(hash_state *md, unsigned char *hash) +{ + return _done(md, hash, CONST64(0x01)); +} +#endif + +#ifdef LTC_SHA3 int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) { /* IMPORTANT NOTE: sha3_shake_done can be called many times */ @@ -263,7 +343,9 @@ int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) md->sha3.s[SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words - 1] ^= CONST64(0x8000000000000000); keccakf(md->sha3.s); /* store sha3.s[] as little-endian bytes into sha3.sb */ - for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); + for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) { + STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); + } md->sha3.byte_index = 0; md->sha3.xof_flag = 1; } @@ -272,7 +354,9 @@ int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) if(md->sha3.byte_index >= (SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words) * 8) { keccakf(md->sha3.s); /* store sha3.s[] as little-endian bytes into sha3.sb */ - for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); + for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) { + STORE64L(md->sha3.s[i], md->sha3.sb + i * 8); + } md->sha3.byte_index = 0; } out[idx] = md->sha3.sb[md->sha3.byte_index++]; @@ -292,5 +376,10 @@ int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, uns if ((err = sha3_shake_done(&md, out, *outlen)) != CRYPT_OK) return err; return CRYPT_OK; } +#endif #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/sha3_test.c b/src/ltc/hashes/sha3_test.c index b4b3d8d..2bf7482 100644 --- a/src/ltc/hashes/sha3_test.c +++ b/src/ltc/hashes/sha3_test.c @@ -18,7 +18,7 @@ int sha3_224_test(void) #ifndef LTC_TEST return CRYPT_NOP; #else - unsigned char buf[200], hash[200]; + unsigned char buf[200], hash[224 / 8]; int i; hash_state c; const unsigned char c1 = 0xa3; @@ -42,8 +42,7 @@ int sha3_224_test(void) /* SHA3-224 on an empty buffer */ sha3_224_init(&c); sha3_done(&c, hash); - if(XMEMCMP(sha3_224_empty, hash, sizeof(sha3_224_empty)) != 0) { - printf("SHA3-224() failed\n"); + if (compare_testvector(hash, sizeof(hash), sha3_224_empty, sizeof(sha3_224_empty), "SHA3-224", 0)) { return CRYPT_FAIL_TESTVECTOR; } @@ -52,8 +51,7 @@ int sha3_224_test(void) sha3_process(&c, buf, sizeof(buf) / 2); sha3_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); sha3_done(&c, hash); - if(XMEMCMP(sha3_224_0xa3_200_times, hash, sizeof(sha3_224_0xa3_200_times)) != 0) { - printf("SHA3-224( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_224_0xa3_200_times, sizeof(sha3_224_0xa3_200_times), "SHA3-224", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -64,8 +62,7 @@ int sha3_224_test(void) sha3_process(&c, &c1, 1); } sha3_done(&c, hash); - if(XMEMCMP(sha3_224_0xa3_200_times, hash, sizeof(sha3_224_0xa3_200_times)) != 0) { - printf("SHA3-224( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_224_0xa3_200_times, sizeof(sha3_224_0xa3_200_times), "SHA3-224", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -78,7 +75,7 @@ int sha3_256_test(void) #ifndef LTC_TEST return CRYPT_NOP; #else - unsigned char buf[200], hash[200]; + unsigned char buf[200], hash[256 / 8]; int i; hash_state c; const unsigned char c1 = 0xa3; @@ -101,8 +98,7 @@ int sha3_256_test(void) /* SHA3-256 on an empty buffer */ sha3_256_init(&c); sha3_done(&c, hash); - if(XMEMCMP(sha3_256_empty, hash, sizeof(sha3_256_empty)) != 0) { - printf("SHA3-256() failed\n"); + if (compare_testvector(hash, sizeof(hash), sha3_256_empty, sizeof(sha3_256_empty), "SHA3-256", 0)) { return CRYPT_FAIL_TESTVECTOR; } @@ -110,8 +106,7 @@ int sha3_256_test(void) sha3_256_init(&c); sha3_process(&c, buf, sizeof(buf)); sha3_done(&c, hash); - if(XMEMCMP(sha3_256_0xa3_200_times, hash, sizeof(sha3_256_0xa3_200_times)) != 0) { - printf("SHA3-256( 0xa3 ... [200 times] ) failed (1 buffer)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_256_0xa3_200_times, sizeof(sha3_256_0xa3_200_times), "SHA3-256", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -120,8 +115,7 @@ int sha3_256_test(void) sha3_process(&c, buf, sizeof(buf) / 2); sha3_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); sha3_done(&c, hash); - if(XMEMCMP(sha3_256_0xa3_200_times, hash, sizeof(sha3_256_0xa3_200_times)) != 0) { - printf("SHA3-256( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_256_0xa3_200_times, sizeof(sha3_256_0xa3_200_times), "SHA3-256", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -132,8 +126,7 @@ int sha3_256_test(void) sha3_process(&c, &c1, 1); } sha3_done(&c, hash); - if(XMEMCMP(sha3_256_0xa3_200_times, hash, sizeof(sha3_256_0xa3_200_times)) != 0) { - printf("SHA3-256( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_256_0xa3_200_times, sizeof(sha3_256_0xa3_200_times), "SHA3-256", 3)) { return CRYPT_FAIL_TESTVECTOR; } @@ -159,11 +152,11 @@ int sha3_256_test(void) "\x76\x3d\x52\xdb\x98\xd9\x49\xd3" "\xb0\xfe\xd6\xa8\x05\x2f\xbb", 1080 / 8); sha3_done(&c, hash); - if(XMEMCMP(hash, "\xa1\x9e\xee\x92\xbb\x20\x97\xb6" - "\x4e\x82\x3d\x59\x77\x98\xaa\x18" - "\xbe\x9b\x7c\x73\x6b\x80\x59\xab" - "\xfd\x67\x79\xac\x35\xac\x81\xb5", 256 / 8) != 0) { - printf("SHA3-256( b771 ... ) doesn't match the known answer\n"); + if(compare_testvector(hash, sizeof(hash), + "\xa1\x9e\xee\x92\xbb\x20\x97\xb6" + "\x4e\x82\x3d\x59\x77\x98\xaa\x18" + "\xbe\x9b\x7c\x73\x6b\x80\x59\xab" + "\xfd\x67\x79\xac\x35\xac\x81\xb5", 256 / 8, "SHA3-256", 4)) { return CRYPT_FAIL_TESTVECTOR; } @@ -176,7 +169,7 @@ int sha3_384_test(void) #ifndef LTC_TEST return CRYPT_NOP; #else - unsigned char buf[200], hash[200]; + unsigned char buf[200], hash[384 / 8]; int i; hash_state c; const unsigned char c1 = 0xa3; @@ -196,8 +189,7 @@ int sha3_384_test(void) sha3_384_init(&c); sha3_process(&c, buf, sizeof(buf)); sha3_done(&c, hash); - if(XMEMCMP(sha3_384_0xa3_200_times, hash, sizeof(sha3_384_0xa3_200_times)) != 0) { - printf("SHA3-384( 0xa3 ... [200 times] ) failed (1 buffer)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_384_0xa3_200_times, sizeof(sha3_384_0xa3_200_times), "SHA3-384", 0)) { return CRYPT_FAIL_TESTVECTOR; } @@ -206,8 +198,7 @@ int sha3_384_test(void) sha3_process(&c, buf, sizeof(buf) / 2); sha3_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); sha3_done(&c, hash); - if(XMEMCMP(sha3_384_0xa3_200_times, hash, sizeof(sha3_384_0xa3_200_times)) != 0) { - printf("SHA3-384( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_384_0xa3_200_times, sizeof(sha3_384_0xa3_200_times), "SHA3-384", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -218,8 +209,7 @@ int sha3_384_test(void) sha3_process(&c, &c1, 1); } sha3_done(&c, hash); - if(XMEMCMP(sha3_384_0xa3_200_times, hash, sizeof(sha3_384_0xa3_200_times)) != 0) { - printf("SHA3-384( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_384_0xa3_200_times, sizeof(sha3_384_0xa3_200_times), "SHA3-384", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -232,7 +222,7 @@ int sha3_512_test(void) #ifndef LTC_TEST return CRYPT_NOP; #else - unsigned char buf[200], hash[200]; + unsigned char buf[200], hash[512 / 8]; int i; hash_state c; const unsigned char c1 = 0xa3; @@ -254,8 +244,7 @@ int sha3_512_test(void) sha3_512_init(&c); sha3_process(&c, buf, sizeof(buf)); sha3_done(&c, hash); - if(XMEMCMP(sha3_512_0xa3_200_times, hash, sizeof(sha3_512_0xa3_200_times)) != 0) { - printf("SHA3-512( 0xa3 ... [200 times] ) failed (1 buffer)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_512_0xa3_200_times, sizeof(sha3_512_0xa3_200_times), "SHA3-512", 0)) { return CRYPT_FAIL_TESTVECTOR; } @@ -264,8 +253,7 @@ int sha3_512_test(void) sha3_process(&c, buf, sizeof(buf) / 2); sha3_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); sha3_done(&c, hash); - if(XMEMCMP(sha3_512_0xa3_200_times, hash, sizeof(sha3_512_0xa3_200_times)) != 0) { - printf("SHA3-512( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_512_0xa3_200_times, sizeof(sha3_512_0xa3_200_times), "SHA3-512", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -276,8 +264,7 @@ int sha3_512_test(void) sha3_process(&c, &c1, 1); } sha3_done(&c, hash); - if(XMEMCMP(sha3_512_0xa3_200_times, hash, sizeof(sha3_512_0xa3_200_times)) != 0) { - printf("SHA3-512( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(hash), sha3_512_0xa3_200_times, sizeof(sha3_512_0xa3_200_times), "SHA3-512", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -326,16 +313,14 @@ int sha3_shake_test(void) /* SHAKE256 on an empty buffer */ sha3_shake_init(&c, 256); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake256_empty, hash, sizeof(shake256_empty)) != 0) { - printf("SHAKE256('') failed\n"); + if (compare_testvector(hash, sizeof(shake256_empty), shake256_empty, sizeof(shake256_empty), "SHAKE256", 0)) { return CRYPT_FAIL_TESTVECTOR; } /* SHAKE256 via sha3_shake_memory [FIPS 202] */ len = 512; sha3_shake_memory(256, buf, sizeof(buf), hash, &len); - if(XMEMCMP(shake256_0xa3_200_times, hash + 480, sizeof(shake256_0xa3_200_times)) != 0) { - printf("SHAKE256( 0xa3 ... [200 times] ) failed (sha3_shake_memory)\n"); + if (compare_testvector(hash + 480, sizeof(shake256_0xa3_200_times), shake256_0xa3_200_times, sizeof(shake256_0xa3_200_times), "SHAKE256", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -343,8 +328,7 @@ int sha3_shake_test(void) sha3_shake_init(&c, 256); sha3_shake_process(&c, buf, sizeof(buf)); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake256_0xa3_200_times, hash, sizeof(shake256_0xa3_200_times)) != 0) { - printf("SHAKE256( 0xa3 ... [200 times] ) failed (1 buffer)\n"); + if (compare_testvector(hash, sizeof(shake256_0xa3_200_times), shake256_0xa3_200_times, sizeof(shake256_0xa3_200_times), "SHAKE256", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -353,8 +337,7 @@ int sha3_shake_test(void) sha3_shake_process(&c, buf, sizeof(buf) / 2); sha3_shake_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake256_0xa3_200_times, hash, sizeof(shake256_0xa3_200_times)) != 0) { - printf("SHAKE256( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(shake256_0xa3_200_times), shake256_0xa3_200_times, sizeof(shake256_0xa3_200_times), "SHAKE256", 3)) { return CRYPT_FAIL_TESTVECTOR; } @@ -363,24 +346,21 @@ int sha3_shake_test(void) sha3_shake_init(&c, 256); while (i--) sha3_shake_process(&c, &c1, 1); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake256_0xa3_200_times, hash, sizeof(shake256_0xa3_200_times)) != 0) { - printf("SHAKE256( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(shake256_0xa3_200_times), shake256_0xa3_200_times, sizeof(shake256_0xa3_200_times), "SHAKE256", 4)) { return CRYPT_FAIL_TESTVECTOR; } /* SHAKE128 on an empty buffer */ sha3_shake_init(&c, 128); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake128_empty, hash, sizeof(shake128_empty)) != 0) { - printf("SHAKE128() failed\n"); + if (compare_testvector(hash, sizeof(shake128_empty), shake128_empty, sizeof(shake128_empty), "SHAKE128", 0)) { return CRYPT_FAIL_TESTVECTOR; } /* SHAKE128 via sha3_shake_memory [FIPS 202] */ len = 512; sha3_shake_memory(128, buf, sizeof(buf), hash, &len); - if(XMEMCMP(shake128_0xa3_200_times, hash + 480, sizeof(shake128_0xa3_200_times)) != 0) { - printf("SHAKE128( 0xa3 ... [200 times] ) failed (sha3_shake_memory)\n"); + if (compare_testvector(hash + 480, sizeof(shake128_0xa3_200_times), shake128_0xa3_200_times, sizeof(shake128_0xa3_200_times), "SHAKE128", 1)) { return CRYPT_FAIL_TESTVECTOR; } @@ -388,8 +368,7 @@ int sha3_shake_test(void) sha3_shake_init(&c, 128); sha3_shake_process(&c, buf, sizeof(buf)); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake128_0xa3_200_times, hash, sizeof(shake128_0xa3_200_times)) != 0) { - printf("SHAKE128( 0xa3 ... [200 times] ) failed (1 buffer)\n"); + if (compare_testvector(hash, sizeof(shake128_0xa3_200_times), shake128_0xa3_200_times, sizeof(shake128_0xa3_200_times), "SHAKE128", 2)) { return CRYPT_FAIL_TESTVECTOR; } @@ -398,8 +377,7 @@ int sha3_shake_test(void) sha3_shake_process(&c, buf, sizeof(buf) / 2); sha3_shake_process(&c, buf + sizeof(buf) / 2, sizeof(buf) / 2); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake128_0xa3_200_times, hash, sizeof(shake128_0xa3_200_times)) != 0) { - printf("SHAKE128( 0xa3 ... [200 times] ) failed (2 steps)\n"); + if (compare_testvector(hash, sizeof(shake128_0xa3_200_times), shake128_0xa3_200_times, sizeof(shake128_0xa3_200_times), "SHAKE128", 3)) { return CRYPT_FAIL_TESTVECTOR; } @@ -408,8 +386,7 @@ int sha3_shake_test(void) sha3_shake_init(&c, 128); while (i--) sha3_shake_process(&c, &c1, 1); for (i = 0; i < 16; i++) sha3_shake_done(&c, hash, 32); /* get 512 bytes, keep in hash the last 32 */ - if(XMEMCMP(shake128_0xa3_200_times, hash, sizeof(shake128_0xa3_200_times)) != 0) { - printf("SHAKE128( 0xa3 ... [200 times] ) failed (200 steps)\n"); + if (compare_testvector(hash, sizeof(shake128_0xa3_200_times), shake128_0xa3_200_times, sizeof(shake128_0xa3_200_times), "SHAKE128", 4)) { return CRYPT_FAIL_TESTVECTOR; } @@ -418,3 +395,335 @@ int sha3_shake_test(void) } #endif + +#ifdef LTC_KECCAK + +int keccak_224_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + hash_state c; + unsigned char hash[MAXBLOCKSIZE]; + + keccak_224_init(&c); + keccak_process(&c, (unsigned char*) "\xcc", 1); + keccak_done(&c, hash); + if(compare_testvector(hash, 28, + "\xa9\xca\xb5\x9e\xb4\x0a\x10\xb2" + "\x46\x29\x0f\x2d\x60\x86\xe3\x2e" + "\x36\x89\xfa\xf1\xd2\x6b\x47\x0c" + "\x89\x9f\x28\x02", 28, + "KECCAK-224", 0) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_224_init(&c); + keccak_process(&c, (unsigned char*)"\x41\xfb", 2); + keccak_done(&c, hash); + if(compare_testvector(hash, 28, + "\x61\x5b\xa3\x67\xaf\xdc\x35\xaa" + "\xc3\x97\xbc\x7e\xb5\xd5\x8d\x10" + "\x6a\x73\x4b\x24\x98\x6d\x5d\x97" + "\x8f\xef\xd6\x2c", 28, + "KECCAK-224", 1) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_224_init(&c); + keccak_process(&c, (unsigned char*) + "\x52\xa6\x08\xab\x21\xcc\xdd\x8a" + "\x44\x57\xa5\x7e\xde\x78\x21\x76", 16); + keccak_done(&c, hash); + if(compare_testvector(hash, 28, + "\x56\x79\xcd\x50\x9c\x51\x20\xaf" + "\x54\x79\x5c\xf4\x77\x14\x96\x41" + "\xcf\x27\xb2\xeb\xb6\xa5\xf9\x03" + "\x40\x70\x4e\x57", 28, + "KECCAK-224", 2) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_224_init(&c); + keccak_process(&c, (unsigned char*) + "\x43\x3c\x53\x03\x13\x16\x24\xc0" + "\x02\x1d\x86\x8a\x30\x82\x54\x75" + "\xe8\xd0\xbd\x30\x52\xa0\x22\x18" + "\x03\x98\xf4\xca\x44\x23\xb9\x82" + "\x14\xb6\xbe\xaa\xc2\x1c\x88\x07" + "\xa2\xc3\x3f\x8c\x93\xbd\x42\xb0" + "\x92\xcc\x1b\x06\xce\xdf\x32\x24" + "\xd5\xed\x1e\xc2\x97\x84\x44\x4f" + "\x22\xe0\x8a\x55\xaa\x58\x54\x2b" + "\x52\x4b\x02\xcd\x3d\x5d\x5f\x69" + "\x07\xaf\xe7\x1c\x5d\x74\x62\x22" + "\x4a\x3f\x9d\x9e\x53\xe7\xe0\x84" + "\x6d\xcb\xb4\xce", 100); + keccak_done(&c, hash); + if(compare_testvector(hash, 28, + "\x62\xb1\x0f\x1b\x62\x36\xeb\xc2" + "\xda\x72\x95\x77\x42\xa8\xd4\xe4" + "\x8e\x21\x3b\x5f\x89\x34\x60\x4b" + "\xfd\x4d\x2c\x3a", 28, + "KECCAK-224", 3) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + return CRYPT_OK; +#endif +} + +int keccak_256_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + hash_state c; + unsigned char hash[MAXBLOCKSIZE]; + + keccak_256_init(&c); + keccak_process(&c, (unsigned char*) "\xcc", 1); + keccak_done(&c, hash); + if(compare_testvector(hash, 32, + "\xee\xad\x6d\xbf\xc7\x34\x0a\x56" + "\xca\xed\xc0\x44\x69\x6a\x16\x88" + "\x70\x54\x9a\x6a\x7f\x6f\x56\x96" + "\x1e\x84\xa5\x4b\xd9\x97\x0b\x8a", 32, + "KECCAK-256", 0) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_256_init(&c); + keccak_process(&c, (unsigned char*)"\x41\xfb", 2); + keccak_done(&c, hash); + if(compare_testvector(hash, 32, + "\xa8\xea\xce\xda\x4d\x47\xb3\x28" + "\x1a\x79\x5a\xd9\xe1\xea\x21\x22" + "\xb4\x07\xba\xf9\xaa\xbc\xb9\xe1" + "\x8b\x57\x17\xb7\x87\x35\x37\xd2", 32, + "KECCAK-256", 1) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_256_init(&c); + keccak_process(&c, (unsigned char*) + "\x52\xa6\x08\xab\x21\xcc\xdd\x8a" + "\x44\x57\xa5\x7e\xde\x78\x21\x76", 16); + keccak_done(&c, hash); + if(compare_testvector(hash, 32, + "\x0e\x32\xde\xfa\x20\x71\xf0\xb5" + "\xac\x0e\x6a\x10\x8b\x84\x2e\xd0" + "\xf1\xd3\x24\x97\x12\xf5\x8e\xe0" + "\xdd\xf9\x56\xfe\x33\x2a\x5f\x95", 32, + "KECCAK-256", 2) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_256_init(&c); + keccak_process(&c, (unsigned char*) + "\x43\x3c\x53\x03\x13\x16\x24\xc0" + "\x02\x1d\x86\x8a\x30\x82\x54\x75" + "\xe8\xd0\xbd\x30\x52\xa0\x22\x18" + "\x03\x98\xf4\xca\x44\x23\xb9\x82" + "\x14\xb6\xbe\xaa\xc2\x1c\x88\x07" + "\xa2\xc3\x3f\x8c\x93\xbd\x42\xb0" + "\x92\xcc\x1b\x06\xce\xdf\x32\x24" + "\xd5\xed\x1e\xc2\x97\x84\x44\x4f" + "\x22\xe0\x8a\x55\xaa\x58\x54\x2b" + "\x52\x4b\x02\xcd\x3d\x5d\x5f\x69" + "\x07\xaf\xe7\x1c\x5d\x74\x62\x22" + "\x4a\x3f\x9d\x9e\x53\xe7\xe0\x84" + "\x6d\xcb\xb4\xce", 100); + keccak_done(&c, hash); + if(compare_testvector(hash, 32, + "\xce\x87\xa5\x17\x3b\xff\xd9\x23" + "\x99\x22\x16\x58\xf8\x01\xd4\x5c" + "\x29\x4d\x90\x06\xee\x9f\x3f\x9d" + "\x41\x9c\x8d\x42\x77\x48\xdc\x41", 32, + "KECCAK-256", 3) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + return CRYPT_OK; +#endif +} + +int keccak_384_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + hash_state c; + unsigned char hash[MAXBLOCKSIZE]; + + keccak_384_init(&c); + keccak_process(&c, (unsigned char*) "\xcc", 1); + keccak_done(&c, hash); + if(compare_testvector(hash, 48, + "\x1b\x84\xe6\x2a\x46\xe5\xa2\x01" + "\x86\x17\x54\xaf\x5d\xc9\x5c\x4a" + "\x1a\x69\xca\xf4\xa7\x96\xae\x40" + "\x56\x80\x16\x1e\x29\x57\x26\x41" + "\xf5\xfa\x1e\x86\x41\xd7\x95\x83" + "\x36\xee\x7b\x11\xc5\x8f\x73\xe9", 48, + "KECCAK-384", 0) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_384_init(&c); + keccak_process(&c, (unsigned char*)"\x41\xfb", 2); + keccak_done(&c, hash); + if(compare_testvector(hash, 48, + "\x49\x5c\xce\x27\x14\xcd\x72\xc8" + "\xc5\x3c\x33\x63\xd2\x2c\x58\xb5" + "\x59\x60\xfe\x26\xbe\x0b\xf3\xbb" + "\xc7\xa3\x31\x6d\xd5\x63\xad\x1d" + "\xb8\x41\x0e\x75\xee\xfe\xa6\x55" + "\xe3\x9d\x46\x70\xec\x0b\x17\x92", 48, + "KECCAK-384", 1) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_384_init(&c); + keccak_process(&c, (unsigned char*) + "\x52\xa6\x08\xab\x21\xcc\xdd\x8a" + "\x44\x57\xa5\x7e\xde\x78\x21\x76", 16); + keccak_done(&c, hash); + if(compare_testvector(hash, 48, + "\x18\x42\x2a\xc1\xd3\xa1\xe5\x4b" + "\xad\x87\x68\x83\xd2\xd6\xdd\x65" + "\xf6\x5c\x1d\x5f\x33\xa7\x12\x5c" + "\xc4\xc1\x86\x40\x5a\x12\xed\x64" + "\xba\x96\x67\x2e\xed\xda\x8c\x5a" + "\x63\x31\xd2\x86\x83\xf4\x88\xeb", 48, + "KECCAK-384", 2) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_384_init(&c); + keccak_process(&c, (unsigned char*) + "\x43\x3c\x53\x03\x13\x16\x24\xc0" + "\x02\x1d\x86\x8a\x30\x82\x54\x75" + "\xe8\xd0\xbd\x30\x52\xa0\x22\x18" + "\x03\x98\xf4\xca\x44\x23\xb9\x82" + "\x14\xb6\xbe\xaa\xc2\x1c\x88\x07" + "\xa2\xc3\x3f\x8c\x93\xbd\x42\xb0" + "\x92\xcc\x1b\x06\xce\xdf\x32\x24" + "\xd5\xed\x1e\xc2\x97\x84\x44\x4f" + "\x22\xe0\x8a\x55\xaa\x58\x54\x2b" + "\x52\x4b\x02\xcd\x3d\x5d\x5f\x69" + "\x07\xaf\xe7\x1c\x5d\x74\x62\x22" + "\x4a\x3f\x9d\x9e\x53\xe7\xe0\x84" + "\x6d\xcb\xb4\xce", 100); + keccak_done(&c, hash); + if(compare_testvector(hash, 48, + "\x13\x51\x14\x50\x8d\xd6\x3e\x27" + "\x9e\x70\x9c\x26\xf7\x81\x7c\x04" + "\x82\x76\x6c\xde\x49\x13\x2e\x3e" + "\xdf\x2e\xed\xd8\x99\x6f\x4e\x35" + "\x96\xd1\x84\x10\x0b\x38\x48\x68" + "\x24\x9f\x1d\x8b\x8f\xda\xa2\xc9", 48, + "KECCAK-384", 3) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + return CRYPT_OK; +#endif +} + +int keccak_512_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + hash_state c; + unsigned char hash[MAXBLOCKSIZE]; + + keccak_512_init(&c); + keccak_process(&c, (unsigned char*) "\xcc", 1); + keccak_done(&c, hash); + if(compare_testvector(hash, 64, + "\x86\x30\xc1\x3c\xbd\x06\x6e\xa7" + "\x4b\xbe\x7f\xe4\x68\xfe\xc1\xde" + "\xe1\x0e\xdc\x12\x54\xfb\x4c\x1b" + "\x7c\x5f\xd6\x9b\x64\x6e\x44\x16" + "\x0b\x8c\xe0\x1d\x05\xa0\x90\x8c" + "\xa7\x90\xdf\xb0\x80\xf4\xb5\x13" + "\xbc\x3b\x62\x25\xec\xe7\xa8\x10" + "\x37\x14\x41\xa5\xac\x66\x6e\xb9", 64, + "KECCAK-512", 0) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_512_init(&c); + keccak_process(&c, (unsigned char*)"\x41\xfb", 2); + keccak_done(&c, hash); + if(compare_testvector(hash, 64, + "\x55\x1d\xa6\x23\x6f\x8b\x96\xfc" + "\xe9\xf9\x7f\x11\x90\xe9\x01\x32" + "\x4f\x0b\x45\xe0\x6d\xbb\xb5\xcd" + "\xb8\x35\x5d\x6e\xd1\xdc\x34\xb3" + "\xf0\xea\xe7\xdc\xb6\x86\x22\xff" + "\x23\x2f\xa3\xce\xce\x0d\x46\x16" + "\xcd\xeb\x39\x31\xf9\x38\x03\x66" + "\x2a\x28\xdf\x1c\xd5\x35\xb7\x31", 64, + "KECCAK-512", 1) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_512_init(&c); + keccak_process(&c, (unsigned char*) + "\x52\xa6\x08\xab\x21\xcc\xdd\x8a" + "\x44\x57\xa5\x7e\xde\x78\x21\x76", 16); + keccak_done(&c, hash); + if(compare_testvector(hash, 64, + "\x4b\x39\xd3\xda\x5b\xcd\xf4\xd9" + "\xb7\x69\x01\x59\x95\x64\x43\x11" + "\xc1\x4c\x43\x5b\xf7\x2b\x10\x09" + "\xd6\xdd\x71\xb0\x1a\x63\xb9\x7c" + "\xfb\x59\x64\x18\xe8\xe4\x23\x42" + "\xd1\x17\xe0\x74\x71\xa8\x91\x43" + "\x14\xba\x7b\x0e\x26\x4d\xad\xf0" + "\xce\xa3\x81\x86\x8c\xbd\x43\xd1", 64, + "KECCAK-512", 2) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + keccak_512_init(&c); + keccak_process(&c, (unsigned char*) + "\x43\x3c\x53\x03\x13\x16\x24\xc0" + "\x02\x1d\x86\x8a\x30\x82\x54\x75" + "\xe8\xd0\xbd\x30\x52\xa0\x22\x18" + "\x03\x98\xf4\xca\x44\x23\xb9\x82" + "\x14\xb6\xbe\xaa\xc2\x1c\x88\x07" + "\xa2\xc3\x3f\x8c\x93\xbd\x42\xb0" + "\x92\xcc\x1b\x06\xce\xdf\x32\x24" + "\xd5\xed\x1e\xc2\x97\x84\x44\x4f" + "\x22\xe0\x8a\x55\xaa\x58\x54\x2b" + "\x52\x4b\x02\xcd\x3d\x5d\x5f\x69" + "\x07\xaf\xe7\x1c\x5d\x74\x62\x22" + "\x4a\x3f\x9d\x9e\x53\xe7\xe0\x84" + "\x6d\xcb\xb4\xce", 100); + keccak_done(&c, hash); + if(compare_testvector(hash, 64, + "\x52\x7d\x28\xe3\x41\xe6\xb1\x4f" + "\x46\x84\xad\xb4\xb8\x24\xc4\x96" + "\xc6\x48\x2e\x51\x14\x95\x65\xd3" + "\xd1\x72\x26\x82\x88\x84\x30\x6b" + "\x51\xd6\x14\x8a\x72\x62\x2c\x2b" + "\x75\xf5\xd3\x51\x0b\x79\x9d\x8b" + "\xdc\x03\xea\xed\xe4\x53\x67\x6a" + "\x6e\xc8\xfe\x03\xa1\xad\x0e\xab", 64, + "KECCAK-512", 3) != 0) { + return CRYPT_FAIL_TESTVECTOR; + } + + return CRYPT_OK; +#endif +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/tiger.c b/src/ltc/hashes/tiger.c index dcacb64..863f7fa 100644 --- a/src/ltc/hashes/tiger.c +++ b/src/ltc/hashes/tiger.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -737,7 +735,7 @@ int tiger_test(void) return CRYPT_NOP; #else static const struct { - char *msg; + const char *msg; unsigned char hash[24]; } tests[] = { { "", @@ -775,7 +773,7 @@ int tiger_test(void) tiger_init(&md); tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); tiger_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 24) != 0) { + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -809,6 +807,6 @@ Hash of "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFG -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/whirl/whirl.c b/src/ltc/hashes/whirl/whirl.c index 525d75b..fe152cd 100644 --- a/src/ltc/hashes/whirl/whirl.c +++ b/src/ltc/hashes/whirl/whirl.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -291,14 +289,7 @@ int whirlpool_test(void) whirlpool_init(&md); whirlpool_process(&md, (unsigned char *)tests[i].msg, tests[i].len); whirlpool_done(&md, tmp); - if (XMEMCMP(tmp, tests[i].hash, 64) != 0) { -#if 0 - printf("\nFailed test %d\n", i); - for (i = 0; i < 64; ) { - printf("%02x ", tmp[i]); - if (!(++i & 15)) printf("\n"); - } -#endif + if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "WHIRLPOOL", i)) { return CRYPT_FAIL_TESTVECTOR; } } @@ -310,6 +301,6 @@ int whirlpool_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/hashes/whirl/whirltab.c b/src/ltc/hashes/whirl/whirltab.c index bb4b77a..4fde89b 100644 --- a/src/ltc/hashes/whirl/whirltab.c +++ b/src/ltc/hashes/whirl/whirltab.c @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /** @file whirltab.c LTC_WHIRLPOOL tables, Tom St Denis @@ -582,6 +591,6 @@ CONST64(0x6302aa71c81949d9), #endif /* __LTC_WHIRLTAB_C__ */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt.h b/src/ltc/headers/tomcrypt.h index 40584e7..1aca366 100644 --- a/src/ltc/headers/tomcrypt.h +++ b/src/ltc/headers/tomcrypt.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + #ifndef TOMCRYPT_H_ #define TOMCRYPT_H_ #include @@ -17,14 +26,14 @@ extern "C" { #endif /* version */ -#define CRYPT 0x0117 -#define SCRYPT "1.17" +#define CRYPT 0x0118 +#define SCRYPT "1.18.1-develop" /* max size of either a cipher/hash block or symmetric key [largest of the two] */ -#define MAXBLOCKSIZE 128 +#define MAXBLOCKSIZE 144 /* descriptor table size */ -#define TAB_SIZE 32 +#define TAB_SIZE 34 /* error codes [will be expanded in future releases] */ enum { @@ -58,8 +67,9 @@ enum { CRYPT_OVERFLOW, /* An overflow of a value was detected/prevented */ - CRYPT_UNUSED1, /* UNUSED1 */ - CRYPT_UNUSED2, /* UNUSED2 */ + CRYPT_PK_ASN1_ERROR, /* An error occurred while en- or decoding ASN.1 data */ + + CRYPT_INPUT_TOO_LONG, /* The input was longer than expected. */ CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */ @@ -88,6 +98,6 @@ enum { #endif /* TOMCRYPT_H_ */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_argchk.h b/src/ltc/headers/tomcrypt_argchk.h index 5cefc2d..be9ef0f 100644 --- a/src/ltc/headers/tomcrypt_argchk.h +++ b/src/ltc/headers/tomcrypt_argchk.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* Defines the LTC_ARGCHK macro used within the library */ /* ARGTYPE is defined in tomcrypt_cfg.h */ #if ARGTYPE == 0 @@ -11,7 +20,7 @@ #define NORETURN #endif -void crypt_argchk(char *v, char *s, int d) NORETURN; +void crypt_argchk(const char *v, const char *s, int d) NORETURN; #define LTC_ARGCHK(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) #define LTC_ARGCHKVD(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) @@ -39,6 +48,6 @@ void crypt_argchk(char *v, char *s, int d) NORETURN; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_cfg.h b/src/ltc/headers/tomcrypt_cfg.h index ccfb78b..5d64ca7 100644 --- a/src/ltc/headers/tomcrypt_cfg.h +++ b/src/ltc/headers/tomcrypt_cfg.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* This is the build config file. * * With this you can setup what to inlcude/exclude automatically during any build. Just comment @@ -41,13 +50,15 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #endif -/* some compilers do not like "inline" */ -#if defined(__HP_cc) - #define LTC_INLINE -#elif defined(_MSC_VER) +/* some compilers do not like "inline" (or maybe "static inline"), namely: HP cc, IBM xlc */ +#if defined(__GNUC__) || defined(__xlc__) + #define LTC_INLINE __inline__ +#elif defined(_MSC_VER) || defined(__HP_cc) #define LTC_INLINE __inline -#else +#elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L #define LTC_INLINE inline +#else + #define LTC_INLINE #endif /* type of argument checking, 0=default, 1=fatal and 2=error+continue, 3=nothing */ @@ -55,6 +66,11 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #define ARGTYPE 0 #endif +#undef LTC_ENCRYPT +#define LTC_ENCRYPT 0 +#undef LTC_DECRYPT +#define LTC_DECRYPT 1 + /* Controls endianess and size of registers. Leave uncommented to get platform neutral [slower] code * * Note: in order to use the optimized macros your platform must support unaligned 32 and 64 bit read/writes. @@ -159,15 +175,17 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); /* endianness fallback */ #if !defined(ENDIAN_BIG) && !defined(ENDIAN_LITTLE) - #if defined(__BYTE_ORDER) && __BYTE_ORDER == __BIG_ENDIAN || \ + #if defined(_BYTE_ORDER) && _BYTE_ORDER == _BIG_ENDIAN || \ + defined(__BYTE_ORDER) && __BYTE_ORDER == __BIG_ENDIAN || \ defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ || \ - defined(__BIG_ENDIAN__) || defined(_BIG_ENDIAN) || \ + defined(__BIG_ENDIAN__) || \ defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \ defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) #define ENDIAN_BIG - #elif defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \ + #elif defined(_BYTE_ORDER) && _BYTE_ORDER == _LITTLE_ENDIAN || \ + defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \ defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ || \ - defined(__LITTLE_ENDIAN__) || defined(_LITTLE_ENDIAN) || \ + defined(__LITTLE_ENDIAN__) || \ defined(__ARMEL__) || defined(__THUMBEL__) || defined(__AARCH64EL__) || \ defined(_MIPSEL) || defined(__MIPSEL) || defined(__MIPSEL__) #define ENDIAN_LITTLE @@ -203,6 +221,22 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #endif #endif +#if defined(ENDIAN_64BITWORD) && !defined(_MSC_VER) +typedef unsigned long long ltc_mp_digit; +#else +typedef unsigned long ltc_mp_digit; +#endif + +/* No asm is a quick way to disable anything "not portable" */ +#ifdef LTC_NO_ASM + #define ENDIAN_NEUTRAL + #undef ENDIAN_32BITWORD + #undef ENDIAN_64BITWORD + #undef LTC_FAST + #define LTC_NO_ROLC + #define LTC_NO_BSWAP +#endif + /* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ #if defined(LTC_NO_FAST) || (__GNUC__ < 4) || defined(__STRICT_ANSI__) #undef LTC_FAST @@ -217,25 +251,8 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #endif #endif -#ifdef ENDIAN_64BITWORD -typedef ulong64 ltc_mp_digit; -#else -typedef ulong32 ltc_mp_digit; -#endif - -/* No asm is a quick way to disable anything "not portable" */ -#ifdef LTC_NO_ASM - #define ENDIAN_NEUTRAL - #undef ENDIAN_32BITWORD - #undef ENDIAN_64BITWORD - #undef LTC_FAST - #undef LTC_FAST_TYPE - #define LTC_NO_ROLC - #define LTC_NO_BSWAP -#endif - #if !defined(ENDIAN_NEUTRAL) && (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD)) - #error You must specify a word size as well as endianess in tomcrypt_cfg.h + #error You must specify a word size as well as endianess in tomcrypt_cfg.h #endif #if !(defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) @@ -243,7 +260,7 @@ typedef ulong32 ltc_mp_digit; #endif #if (defined(ENDIAN_32BITWORD) && defined(ENDIAN_64BITWORD)) - #error Cannot be 32 and 64 bit words... + #error Cannot be 32 and 64 bit words... #endif /* gcc 4.3 and up has a bswap builtin; detect it by gcc version. @@ -262,7 +279,15 @@ typedef ulong32 ltc_mp_digit; #define LTC_HAVE_BSWAP_BUILTIN #endif +#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) + #define LTC_DEPRECATED __attribute__((deprecated)) +#elif defined(_MSC_VER) && _MSC_VER >= 1500 + /* supported since Visual Studio 2008 */ + #define LTC_DEPRECATED __declspec(deprecated) +#else + #define LTC_DEPRECATED +#endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_cipher.h b/src/ltc/headers/tomcrypt_cipher.h index 58f02db..4cfa18a 100644 --- a/src/ltc/headers/tomcrypt_cipher.h +++ b/src/ltc/headers/tomcrypt_cipher.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* ---- SYMMETRIC KEY STUFF ----- * * We put each of the ciphers scheduled keys in their own structs then we put all of @@ -145,6 +154,23 @@ struct camellia_key { }; #endif +#ifdef LTC_IDEA +/* rounds */ +#define LTC_IDEA_ROUNDS 8 +/* key schedule length in # of unsigned shorts */ +#define LTC_IDEA_KEYLEN 6*LTC_IDEA_ROUNDS+4 +struct idea_key { + unsigned short int ek[LTC_IDEA_KEYLEN]; /* enc key */ + unsigned short int dk[LTC_IDEA_KEYLEN]; /* dec key */ +}; +#endif + +#ifdef LTC_SERPENT +struct serpent_key { + ulong32 k[33*4]; +}; +#endif + typedef union Symmetric_key { #ifdef LTC_DES struct des_key des; @@ -203,6 +229,12 @@ typedef union Symmetric_key { #endif #ifdef LTC_CAMELLIA struct camellia_key camellia; +#endif +#ifdef LTC_IDEA + struct idea_key idea; +#endif +#ifdef LTC_SERPENT + struct serpent_key serpent; #endif void *data; } symmetric_key; @@ -340,7 +372,7 @@ typedef struct { /** cipher descriptor table, last entry has "name == NULL" to mark the end of table */ extern struct ltc_cipher_descriptor { /** name of cipher */ - char *name; + const char *name; /** internal ID */ unsigned char ID; /** min keysize (octets) */ @@ -490,8 +522,8 @@ extern struct ltc_cipher_descriptor { /** Accelerated GCM packet (one shot) @param key The secret key @param keylen The length of the secret key - @param IV The initial vector - @param IVlen The length of the initial vector + @param IV The initialization vector + @param IVlen The length of the initialization vector @param adata The additional authentication data (header) @param adatalen The length of the adata @param pt The plaintext @@ -807,6 +839,26 @@ int camellia_keysize(int *keysize); extern const struct ltc_cipher_descriptor camellia_desc; #endif +#ifdef LTC_IDEA +int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); +int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); +int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int idea_test(void); +void idea_done(symmetric_key *skey); +int idea_keysize(int *keysize); +extern const struct ltc_cipher_descriptor idea_desc; +#endif + +#ifdef LTC_SERPENT +int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); +int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); +int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int serpent_test(void); +void serpent_done(symmetric_key *skey); +int serpent_keysize(int *keysize); +extern const struct ltc_cipher_descriptor serpent_desc; +#endif + #ifdef LTC_ECB_MODE int ecb_start(int cipher, const unsigned char *key, int keylen, int num_rounds, symmetric_ECB *ecb); @@ -866,8 +918,8 @@ int ctr_test(void); #ifdef LTC_LRW_MODE -#define LRW_ENCRYPT 0 -#define LRW_DECRYPT 1 +#define LRW_ENCRYPT LTC_ENCRYPT +#define LRW_DECRYPT LTC_DECRYPT int lrw_start( int cipher, const unsigned char *IV, @@ -933,6 +985,7 @@ int find_cipher_any(const char *name, int blocklen, int keylen); int find_cipher_id(unsigned char ID); int register_cipher(const struct ltc_cipher_descriptor *cipher); int unregister_cipher(const struct ltc_cipher_descriptor *cipher); +int register_all_ciphers(void); int cipher_is_valid(int idx); LTC_MUTEX_PROTO(ltc_cipher_mutex) @@ -959,6 +1012,73 @@ int chacha_test(void); #endif /* LTC_CHACHA */ +#ifdef LTC_SALSA20 + +typedef struct { + ulong32 input[16]; + unsigned char kstream[64]; + unsigned long ksleft; + unsigned long ivlen; + int rounds; +} salsa20_state; + +int salsa20_setup(salsa20_state *st, const unsigned char *key, unsigned long keylen, int rounds); +int salsa20_ivctr64(salsa20_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter); +int salsa20_crypt(salsa20_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); +int salsa20_keystream(salsa20_state *st, unsigned char *out, unsigned long outlen); +int salsa20_done(salsa20_state *st); +int salsa20_test(void); + +#endif /* LTC_SALSA20 */ + +#ifdef LTC_SOSEMANUK + +typedef struct { + ulong32 kc[100]; /* key_context */ + ulong32 s00, s01, s02, s03, s04, s05, s06, s07, s08, s09; + ulong32 r1, r2; + /* + * Buffering: the stream cipher produces output data by + * blocks of 640 bits. buf[] contains such a block, and + * "ptr" is the index of the next output byte. + */ + unsigned char buf[80]; + unsigned ptr; +} sosemanuk_state; + +int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen); +int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen); +int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long datalen, unsigned char *out); +int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen); +int sosemanuk_done(sosemanuk_state *ss); +int sosemanuk_test(void); + +#endif /* LTC_SOSEMANUK */ + +#ifdef LTC_RABBIT + +typedef struct { + ulong32 x[8]; + ulong32 c[8]; + ulong32 carry; +} rabbit_ctx; + +typedef struct { + rabbit_ctx master_ctx; + rabbit_ctx work_ctx; + unsigned char block[16]; /* last keystream block containing unused bytes */ + ulong32 unused; /* count fm right */ +} rabbit_state; + +int rabbit_setup(rabbit_state* st, const unsigned char *key, unsigned long keylen); +int rabbit_setiv(rabbit_state* st, const unsigned char *iv, unsigned long ivlen); +int rabbit_crypt(rabbit_state* st, const unsigned char *in, unsigned long inlen, unsigned char *out); +int rabbit_keystream(rabbit_state* st, unsigned char *out, unsigned long outlen); +int rabbit_done(rabbit_state *st); +int rabbit_test(void); + +#endif /* LTC_RABBIT */ + #ifdef LTC_RC4_STREAM typedef struct { @@ -993,6 +1113,6 @@ int sober128_stream_test(void); #endif /* LTC_SOBER128_STREAM */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_custom.h b/src/ltc/headers/tomcrypt_custom.h index 085a562..c4af216 100644 --- a/src/ltc/headers/tomcrypt_custom.h +++ b/src/ltc/headers/tomcrypt_custom.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + #ifndef TOMCRYPT_CUSTOM_H_ #define TOMCRYPT_CUSTOM_H_ @@ -21,12 +30,15 @@ #ifndef XMEMCPY #define XMEMCPY memcpy #endif -#ifndef XMEMCMP -#define XMEMCMP memcmp -#endif #ifndef XMEMMOVE #define XMEMMOVE memmove #endif +#ifndef XMEMCMP +#define XMEMCMP memcmp +#endif +/* A memory compare function that has to run in constant time, + * c.f. mem_neq() API summary. + */ #ifndef XMEM_NEQ #define XMEM_NEQ mem_neq #endif @@ -50,7 +62,6 @@ /* shortcut to disable automatic inclusion */ #if defined LTC_NOTHING && !defined LTC_EASY - #define LTC_NO_MATH #define LTC_NO_CIPHERS #define LTC_NO_MODES #define LTC_NO_HASHES @@ -59,7 +70,6 @@ #define LTC_NO_PK #define LTC_NO_PKCS #define LTC_NO_MISC - #define LTC_NO_FILE #endif /* LTC_NOTHING */ /* Easy button? */ @@ -192,9 +202,14 @@ #define LTC_KASUMI #define LTC_MULTI2 #define LTC_CAMELLIA +#define LTC_IDEA +#define LTC_SERPENT /* stream ciphers */ #define LTC_CHACHA +#define LTC_SALSA20 +#define LTC_SOSEMANUK +#define LTC_RABBIT #define LTC_RC4_STREAM #define LTC_SOBER128_STREAM @@ -233,6 +248,7 @@ #define LTC_CHC_HASH #define LTC_WHIRLPOOL #define LTC_SHA3 +#define LTC_KECCAK #define LTC_SHA512 #define LTC_SHA512_256 #define LTC_SHA512_224 @@ -367,16 +383,15 @@ /* Supported Key Sizes */ #define LTC_DH768 #define LTC_DH1024 -#define LTC_DH1280 #define LTC_DH1536 -#define LTC_DH1792 #define LTC_DH2048 #ifndef TFM_DESC /* tfm has a problem in fp_isprime for larger key sizes */ -#define LTC_DH2560 #define LTC_DH3072 #define LTC_DH4096 +#define LTC_DH6144 +#define LTC_DH8192 #endif /* Include Katja (a Rabin variant like RSA) */ @@ -415,30 +430,6 @@ #define LTC_ECC_TIMING_RESISTANT #endif -/* define these PK sizes out of LTC_NO_PK - * to have them always defined - */ -#if defined(LTC_MRSA) -/* Min and Max RSA key sizes (in bits) */ -#ifndef MIN_RSA_SIZE -#define MIN_RSA_SIZE 1024 -#endif -#ifndef MAX_RSA_SIZE -#define MAX_RSA_SIZE 4096 -#endif -#endif - -/* in cases where you want ASN.1/DER functionality, but no - * RSA, you can define this externally if 1024 is not enough - */ -#if defined(LTC_MRSA) -#define LTC_DER_MAX_PUBKEY_SIZE MAX_RSA_SIZE -#elif !defined(LTC_DER_MAX_PUBKEY_SIZE) -/* this includes DSA */ -#define LTC_DER_MAX_PUBKEY_SIZE 1024 -#endif - - /* PKCS #1 (RSA) and #5 (Password Handling) stuff */ #ifndef LTC_NO_PKCS @@ -457,6 +448,8 @@ #define LTC_BASE64 /* ... and it's URL safe version */ #define LTC_BASE64_URL +/* Base32 encoding/decoding */ +#define LTC_BASE32 /* Keep LTC_NO_HKDF for compatibility reasons * superseeded by LTC_NO_MISC*/ @@ -476,32 +469,39 @@ #ifdef LTC_MECC /* Supported ECC Key Sizes */ #ifndef LTC_NO_CURVES + #define LTC_ECC_BRAINPOOLP160R1 + #define LTC_ECC_BRAINPOOLP160T1 + #define LTC_ECC_BRAINPOOLP192R1 + #define LTC_ECC_BRAINPOOLP192T1 + #define LTC_ECC_BRAINPOOLP224R1 + #define LTC_ECC_BRAINPOOLP224T1 + #define LTC_ECC_BRAINPOOLP256R1 + #define LTC_ECC_BRAINPOOLP256T1 + #define LTC_ECC_BRAINPOOLP320R1 + #define LTC_ECC_BRAINPOOLP320T1 + #define LTC_ECC_BRAINPOOLP384R1 + #define LTC_ECC_BRAINPOOLP384T1 + #define LTC_ECC_BRAINPOOLP512R1 + #define LTC_ECC_BRAINPOOLP512T1 + #define LTC_ECC_PRIME192V2 + #define LTC_ECC_PRIME192V3 + #define LTC_ECC_PRIME239V1 + #define LTC_ECC_PRIME239V2 + #define LTC_ECC_PRIME239V3 #define LTC_ECC_SECP112R1 #define LTC_ECC_SECP112R2 #define LTC_ECC_SECP128R1 #define LTC_ECC_SECP128R2 + #define LTC_ECC_SECP160K1 #define LTC_ECC_SECP160R1 #define LTC_ECC_SECP160R2 - #define LTC_ECC_SECP160K1 - #define LTC_ECC_BRAINPOOLP160R1 - #define LTC_ECC_SECP192R1 - #define LTC_ECC_PRIME192V2 - #define LTC_ECC_PRIME192V3 #define LTC_ECC_SECP192K1 - #define LTC_ECC_BRAINPOOLP192R1 - #define LTC_ECC_SECP224R1 + #define LTC_ECC_SECP192R1 #define LTC_ECC_SECP224K1 - #define LTC_ECC_BRAINPOOLP224R1 - #define LTC_ECC_PRIME239V1 - #define LTC_ECC_PRIME239V2 - #define LTC_ECC_PRIME239V3 - #define LTC_ECC_SECP256R1 + #define LTC_ECC_SECP224R1 #define LTC_ECC_SECP256K1 - #define LTC_ECC_BRAINPOOLP256R1 - #define LTC_ECC_BRAINPOOLP320R1 + #define LTC_ECC_SECP256R1 #define LTC_ECC_SECP384R1 - #define LTC_ECC_BRAINPOOLP384R1 - #define LTC_ECC_BRAINPOOLP512R1 #define LTC_ECC_SECP521R1 /* OLD deprecated (but still working) defines */ #define LTC_ECC112 @@ -518,17 +518,17 @@ #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) /* Include the MPI functionality? (required by the PK algorithms) */ #define LTC_MPI + + #ifndef LTC_PK_MAX_RETRIES + /* iterations limit for retry-loops */ + #define LTC_PK_MAX_RETRIES 20 + #endif #endif #ifdef LTC_MRSA #define LTC_PKCS_1 #endif -#if defined(TFM_DESC) && defined(LTC_RSA_BLINDING) - #warning RSA blinding currently not supported in combination with TFM - #undef LTC_RSA_BLINDING -#endif - #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL) #error Pelican-MAC requires LTC_RIJNDAEL #endif @@ -573,6 +573,14 @@ #error LTC_BLAKE2BMAC requires LTC_BLAKE2B #endif +#if defined(LTC_SPRNG) && !defined(LTC_RNG_GET_BYTES) + #error LTC_SPRNG requires LTC_RNG_GET_BYTES +#endif + +#if defined(LTC_NO_MATH) && (defined(LTM_DESC) || defined(TFM_DESC) || defined(GMP_DESC)) + #error LTC_NO_MATH defined, but also a math descriptor +#endif + /* THREAD management */ #ifdef LTC_PTHREAD @@ -581,9 +589,10 @@ #define LTC_MUTEX_GLOBAL(x) pthread_mutex_t x = PTHREAD_MUTEX_INITIALIZER; #define LTC_MUTEX_PROTO(x) extern pthread_mutex_t x; #define LTC_MUTEX_TYPE(x) pthread_mutex_t x; -#define LTC_MUTEX_INIT(x) pthread_mutex_init(x, NULL); -#define LTC_MUTEX_LOCK(x) pthread_mutex_lock(x); -#define LTC_MUTEX_UNLOCK(x) pthread_mutex_unlock(x); +#define LTC_MUTEX_INIT(x) LTC_ARGCHK(pthread_mutex_init(x, NULL) == 0); +#define LTC_MUTEX_LOCK(x) LTC_ARGCHK(pthread_mutex_lock(x) == 0); +#define LTC_MUTEX_UNLOCK(x) LTC_ARGCHK(pthread_mutex_unlock(x) == 0); +#define LTC_MUTEX_DESTROY(x) LTC_ARGCHK(pthread_mutex_destroy(x) == 0); #else @@ -594,6 +603,7 @@ #define LTC_MUTEX_INIT(x) #define LTC_MUTEX_LOCK(x) #define LTC_MUTEX_UNLOCK(x) +#define LTC_MUTEX_DESTROY(x) #endif @@ -611,6 +621,6 @@ #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_hash.h b/src/ltc/headers/tomcrypt_hash.h index c73d387..134085d 100644 --- a/src/ltc/headers/tomcrypt_hash.h +++ b/src/ltc/headers/tomcrypt_hash.h @@ -1,5 +1,14 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* ---- HASH FUNCTIONS ---- */ -#ifdef LTC_SHA3 +#if defined(LTC_SHA3) || defined(LTC_KECCAK) struct sha3_state { ulong64 saved; /* the portion of the input message that we didn't consume yet */ ulong64 s[25]; @@ -146,7 +155,7 @@ typedef union Hash_state { #ifdef LTC_WHIRLPOOL struct whirlpool_state whirlpool; #endif -#ifdef LTC_SHA3 +#if defined(LTC_SHA3) || defined(LTC_KECCAK) struct sha3_state sha3; #endif #ifdef LTC_SHA512 @@ -195,7 +204,7 @@ typedef union Hash_state { /** hash descriptor */ extern struct ltc_hash_descriptor { /** name of hash */ - char *name; + const char *name; /** internal ID */ unsigned char ID; /** Size of digest in octets */ @@ -254,21 +263,25 @@ int whirlpool_test(void); extern const struct ltc_hash_descriptor whirlpool_desc; #endif -#ifdef LTC_SHA3 +#if defined(LTC_SHA3) || defined(LTC_KECCAK) +/* sha3_NNN_init are shared by SHA3 and KECCAK */ int sha3_512_init(hash_state * md); +int sha3_384_init(hash_state * md); +int sha3_256_init(hash_state * md); +int sha3_224_init(hash_state * md); +/* sha3_process is the same for all variants of SHA3 + KECCAK */ +int sha3_process(hash_state * md, const unsigned char *in, unsigned long inlen); +#endif + +#ifdef LTC_SHA3 int sha3_512_test(void); extern const struct ltc_hash_descriptor sha3_512_desc; -int sha3_384_init(hash_state * md); int sha3_384_test(void); extern const struct ltc_hash_descriptor sha3_384_desc; -int sha3_256_init(hash_state * md); int sha3_256_test(void); extern const struct ltc_hash_descriptor sha3_256_desc; -int sha3_224_init(hash_state * md); int sha3_224_test(void); extern const struct ltc_hash_descriptor sha3_224_desc; -/* process + done are the same for all variants */ -int sha3_process(hash_state * md, const unsigned char *in, unsigned long inlen); int sha3_done(hash_state *md, unsigned char *hash); /* SHAKE128 + SHAKE256 */ int sha3_shake_init(hash_state *md, int num); @@ -278,6 +291,23 @@ int sha3_shake_test(void); int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); #endif +#ifdef LTC_KECCAK +#define keccak_512_init(a) sha3_512_init(a) +#define keccak_384_init(a) sha3_384_init(a) +#define keccak_256_init(a) sha3_256_init(a) +#define keccak_224_init(a) sha3_224_init(a) +#define keccak_process(a,b,c) sha3_process(a,b,c) +extern const struct ltc_hash_descriptor keccak_512_desc; +int keccak_512_test(void); +extern const struct ltc_hash_descriptor keccak_384_desc; +int keccak_384_test(void); +extern const struct ltc_hash_descriptor keccak_256_desc; +int keccak_256_test(void); +extern const struct ltc_hash_descriptor keccak_224_desc; +int keccak_224_test(void); +int keccak_done(hash_state *md, unsigned char *hash); +#endif + #ifdef LTC_SHA512 int sha512_init(hash_state * md); int sha512_process(hash_state * md, const unsigned char *in, unsigned long inlen); @@ -461,6 +491,7 @@ int find_hash_oid(const unsigned long *ID, unsigned long IDlen); int find_hash_any(const char *name, int digestlen); int register_hash(const struct ltc_hash_descriptor *hash); int unregister_hash(const struct ltc_hash_descriptor *hash); +int register_all_hashes(void); int hash_is_valid(int idx); LTC_MUTEX_PROTO(ltc_hash_mutex) @@ -487,7 +518,7 @@ int func_name (hash_state * md, const unsigned char *in, unsigned long inlen) if (md-> state_var .curlen > sizeof(md-> state_var .buf)) { \ return CRYPT_INVALID_ARG; \ } \ - if ((md-> state_var .length + inlen) < md-> state_var .length) { \ + if ((md-> state_var .length + inlen) < md-> state_var .length) { \ return CRYPT_HASH_OVERFLOW; \ } \ while (inlen > 0) { \ @@ -500,7 +531,7 @@ int func_name (hash_state * md, const unsigned char *in, unsigned long inlen) inlen -= block_size; \ } else { \ n = MIN(inlen, (block_size - md-> state_var .curlen)); \ - XMEMCPY(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n); \ + XMEMCPY(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n); \ md-> state_var .curlen += n; \ in += n; \ inlen -= n; \ @@ -516,6 +547,6 @@ int func_name (hash_state * md, const unsigned char *in, unsigned long inlen) return CRYPT_OK; \ } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_mac.h b/src/ltc/headers/tomcrypt_mac.h index 5e5f84c..c4b2423 100644 --- a/src/ltc/headers/tomcrypt_mac.h +++ b/src/ltc/headers/tomcrypt_mac.h @@ -1,9 +1,18 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + #ifdef LTC_HMAC typedef struct Hmac_state { hash_state md; int hash; hash_state hashstate; - unsigned char *key; + unsigned char key[MAXBLOCKSIZE]; } hmac_state; int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen); @@ -109,7 +118,6 @@ typedef struct { int poly1305_init(poly1305_state *st, const unsigned char *key, unsigned long keylen); int poly1305_process(poly1305_state *st, const unsigned char *in, unsigned long inlen); int poly1305_done(poly1305_state *st, unsigned char *mac, unsigned long *maclen); -int poly1305_test(void); int poly1305_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); int poly1305_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); @@ -121,7 +129,6 @@ typedef hash_state blake2smac_state; int blake2smac_init(blake2smac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); int blake2smac_process(blake2smac_state *st, const unsigned char *in, unsigned long inlen); int blake2smac_done(blake2smac_state *st, unsigned char *mac, unsigned long *maclen); -int blake2smac_test(void); int blake2smac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); int blake2smac_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); @@ -133,13 +140,105 @@ typedef hash_state blake2bmac_state; int blake2bmac_init(blake2bmac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); int blake2bmac_process(blake2bmac_state *st, const unsigned char *in, unsigned long inlen); int blake2bmac_done(blake2bmac_state *st, unsigned char *mac, unsigned long *maclen); -int blake2bmac_test(void); int blake2bmac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); int blake2bmac_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); int blake2bmac_test(void); #endif /* LTC_BLAKE2BMAC */ +#ifdef LTC_PELICAN + +typedef struct pelican_state +{ + symmetric_key K; + unsigned char state[16]; + int buflen; +} pelican_state; + +int pelican_init(pelican_state *pelmac, const unsigned char *key, unsigned long keylen); +int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned long inlen); +int pelican_done(pelican_state *pelmac, unsigned char *out); +int pelican_test(void); + +int pelican_memory(const unsigned char *key, unsigned long keylen, + const unsigned char *in, unsigned long inlen, + unsigned char *out); + +#endif + +#ifdef LTC_XCBC + +/* add this to "keylen" to xcbc_init to use a pure three-key XCBC MAC */ +#define LTC_XCBC_PURE 0x8000UL + +typedef struct { + unsigned char K[3][MAXBLOCKSIZE], + IV[MAXBLOCKSIZE]; + + symmetric_key key; + + int cipher, + buflen, + blocksize; +} xcbc_state; + +int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen); +int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen); +int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen); +int xcbc_memory(int cipher, + const unsigned char *key, unsigned long keylen, + const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen); +int xcbc_memory_multi(int cipher, + const unsigned char *key, unsigned long keylen, + unsigned char *out, unsigned long *outlen, + const unsigned char *in, unsigned long inlen, ...); +int xcbc_file(int cipher, + const unsigned char *key, unsigned long keylen, + const char *filename, + unsigned char *out, unsigned long *outlen); +int xcbc_test(void); + +#endif + +#ifdef LTC_F9_MODE + +typedef struct { + unsigned char akey[MAXBLOCKSIZE], + ACC[MAXBLOCKSIZE], + IV[MAXBLOCKSIZE]; + + symmetric_key key; + + int cipher, + buflen, + keylen, + blocksize; +} f9_state; + +int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen); +int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen); +int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen); +int f9_memory(int cipher, + const unsigned char *key, unsigned long keylen, + const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen); +int f9_memory_multi(int cipher, + const unsigned char *key, unsigned long keylen, + unsigned char *out, unsigned long *outlen, + const unsigned char *in, unsigned long inlen, ...); +int f9_file(int cipher, + const unsigned char *key, unsigned long keylen, + const char *filename, + unsigned char *out, unsigned long *outlen); +int f9_test(void); + +#endif + +/* + * ENC+AUTH modes + */ + #ifdef LTC_EAX_MODE #if !(defined(LTC_OMAC) && defined(LTC_CTR_MODE)) @@ -257,12 +356,14 @@ typedef struct { symmetric_key key; /* scheduled key for cipher */ unsigned long block_index; /* index # for current data block */ int cipher, /* cipher idx */ + tag_len, /* length of tag */ block_len; /* length of block */ } ocb3_state; int ocb3_init(ocb3_state *ocb, int cipher, const unsigned char *key, unsigned long keylen, - const unsigned char *nonce, unsigned long noncelen); + const unsigned char *nonce, unsigned long noncelen, + unsigned long taglen); int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct); int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt); @@ -290,18 +391,18 @@ int ocb3_decrypt_verify_memory(int cipher, int ocb3_test(void); +#ifdef LTC_SOURCE /* internal helper functions */ -int ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_block); -void ocb3_int_calc_offset_zero(ocb3_state *ocb, const unsigned char *nonce, unsigned long noncelen); int ocb3_int_ntz(unsigned long x); void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const unsigned char *block_b, unsigned long block_len); +#endif /* LTC_SOURCE */ #endif /* LTC_OCB3_MODE */ #ifdef LTC_CCM_MODE -#define CCM_ENCRYPT 0 -#define CCM_DECRYPT 1 +#define CCM_ENCRYPT LTC_ENCRYPT +#define CCM_DECRYPT LTC_DECRYPT typedef struct { symmetric_key K; @@ -367,8 +468,8 @@ extern const unsigned char gcm_shift_table[]; #ifdef LTC_GCM_MODE -#define GCM_ENCRYPT 0 -#define GCM_DECRYPT 1 +#define GCM_ENCRYPT LTC_ENCRYPT +#define GCM_DECRYPT LTC_DECRYPT #define LTC_GCM_MODE_IV 0 #define LTC_GCM_MODE_AAD 1 @@ -432,95 +533,6 @@ int gcm_test(void); #endif /* LTC_GCM_MODE */ -#ifdef LTC_PELICAN - -typedef struct pelican_state -{ - symmetric_key K; - unsigned char state[16]; - int buflen; -} pelican_state; - -int pelican_init(pelican_state *pelmac, const unsigned char *key, unsigned long keylen); -int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned long inlen); -int pelican_done(pelican_state *pelmac, unsigned char *out); -int pelican_test(void); - -int pelican_memory(const unsigned char *key, unsigned long keylen, - const unsigned char *in, unsigned long inlen, - unsigned char *out); - -#endif - -#ifdef LTC_XCBC - -/* add this to "keylen" to xcbc_init to use a pure three-key XCBC MAC */ -#define LTC_XCBC_PURE 0x8000UL - -typedef struct { - unsigned char K[3][MAXBLOCKSIZE], - IV[MAXBLOCKSIZE]; - - symmetric_key key; - - int cipher, - buflen, - blocksize; -} xcbc_state; - -int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen); -int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen); -int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen); -int xcbc_memory(int cipher, - const unsigned char *key, unsigned long keylen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen); -int xcbc_memory_multi(int cipher, - const unsigned char *key, unsigned long keylen, - unsigned char *out, unsigned long *outlen, - const unsigned char *in, unsigned long inlen, ...); -int xcbc_file(int cipher, - const unsigned char *key, unsigned long keylen, - const char *filename, - unsigned char *out, unsigned long *outlen); -int xcbc_test(void); - -#endif - -#ifdef LTC_F9_MODE - -typedef struct { - unsigned char akey[MAXBLOCKSIZE], - ACC[MAXBLOCKSIZE], - IV[MAXBLOCKSIZE]; - - symmetric_key key; - - int cipher, - buflen, - keylen, - blocksize; -} f9_state; - -int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen); -int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen); -int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen); -int f9_memory(int cipher, - const unsigned char *key, unsigned long keylen, - const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen); -int f9_memory_multi(int cipher, - const unsigned char *key, unsigned long keylen, - unsigned char *out, unsigned long *outlen, - const unsigned char *in, unsigned long inlen, ...); -int f9_file(int cipher, - const unsigned char *key, unsigned long keylen, - const char *filename, - unsigned char *out, unsigned long *outlen); -int f9_test(void); - -#endif - #ifdef LTC_CHACHA20POLY1305_MODE typedef struct { @@ -531,8 +543,8 @@ typedef struct { int aadflg; } chacha20poly1305_state; -#define CHCHA20POLY1305_ENCRYPT 0 -#define CHCHA20POLY1305_DECRYPT 1 +#define CHACHA20POLY1305_ENCRYPT LTC_ENCRYPT +#define CHACHA20POLY1305_DECRYPT LTC_DECRYPT int chacha20poly1305_init(chacha20poly1305_state *st, const unsigned char *key, unsigned long keylen); int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen); @@ -552,6 +564,6 @@ int chacha20poly1305_test(void); #endif /* LTC_CHACHA20POLY1305_MODE */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_macros.h b/src/ltc/headers/tomcrypt_macros.h index 27d76d1..94e368f 100644 --- a/src/ltc/headers/tomcrypt_macros.h +++ b/src/ltc/headers/tomcrypt_macros.h @@ -1,3 +1,11 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ /* ---- HELPER MACROS ---- */ #ifdef ENDIAN_NEUTRAL @@ -433,6 +441,6 @@ static inline ulong64 ROR64(ulong64 word, int i) #define snprintf _snprintf #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_math.h b/src/ltc/headers/tomcrypt_math.h index e9905d9..f0e9699 100644 --- a/src/ltc/headers/tomcrypt_math.h +++ b/src/ltc/headers/tomcrypt_math.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /** math functions **/ #define LTC_MP_LT -1 @@ -15,10 +24,19 @@ typedef void rsa_key; #endif +#ifndef LTC_MILLER_RABIN_REPS + /* Number of rounds of the Miller-Rabin test + * "Reasonable values of reps are between 15 and 50." c.f. gmp doc of mpz_probab_prime_p() + * As of https://security.stackexchange.com/a/4546 we should use 40 rounds */ + #define LTC_MILLER_RABIN_REPS 40 +#endif + +int radix_to_bin(const void *in, int radix, void *out, unsigned long *len); + /** math descriptor */ typedef struct { /** Name of the math provider */ - char *name; + const char *name; /** Bits per digit, amount of bits must fit in an unsigned long */ int bits_per_digit; @@ -65,13 +83,14 @@ typedef struct { /** set small constant @param a Number to write to @param n Source upto bits_per_digit (actually meant for very small constants) - @return CRYPT_OK on succcess + @return CRYPT_OK on success */ - int (*set_int)(void *a, unsigned long n); + int (*set_int)(void *a, ltc_mp_digit n); /** get small constant - @param a Number to read, only fetches upto bits_per_digit from the number - @return The lower bits_per_digit of the integer (unsigned) + @param a Small number to read, + only fetches up to bits_per_digit from the number + @return The lower bits_per_digit of the integer (unsigned) */ unsigned long (*get_int)(void *a); @@ -91,16 +110,20 @@ typedef struct { /** compare two integers @param a The left side integer @param b The right side integer - @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise. (signed comparison) + @return LTC_MP_LT if a < b, + LTC_MP_GT if a > b and + LTC_MP_EQ otherwise. (signed comparison) */ int (*compare)(void *a, void *b); /** compare against int @param a The left side integer @param b The right side integer (upto bits_per_digit) - @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise. (signed comparison) + @return LTC_MP_LT if a < b, + LTC_MP_GT if a > b and + LTC_MP_EQ otherwise. (signed comparison) */ - int (*compare_d)(void *a, unsigned long n); + int (*compare_d)(void *a, ltc_mp_digit n); /** Count the number of bits used to represent the integer @param a The integer to count @@ -140,8 +163,8 @@ typedef struct { int (*write_radix)(void *a, char *str, int radix); /** get size as unsigned char string - @param a The integer to get the size (when stored in array of octets) - @return The length of the integer + @param a The integer to get the size (when stored in array of octets) + @return The length of the integer in octets */ unsigned long (*unsigned_size)(void *a); @@ -158,7 +181,9 @@ typedef struct { @param len The number of octets @return CRYPT_OK on success */ - int (*unsigned_read)(void *dst, unsigned char *src, unsigned long len); + int (*unsigned_read)( void *dst, + unsigned char *src, + unsigned long len); /* ---- basic math ---- */ @@ -170,14 +195,14 @@ typedef struct { */ int (*add)(void *a, void *b, void *c); - /** add two integers @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) + @param b The second source integer + (single digit of upto bits_per_digit in length) @param c The destination of "a + b" @return CRYPT_OK on success */ - int (*addi)(void *a, unsigned long b, void *c); + int (*addi)(void *a, ltc_mp_digit b, void *c); /** subtract two integers @param a The first source integer @@ -189,15 +214,17 @@ typedef struct { /** subtract two integers @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) + @param b The second source integer + (single digit of upto bits_per_digit in length) @param c The destination of "a - b" @return CRYPT_OK on success */ - int (*subi)(void *a, unsigned long b, void *c); + int (*subi)(void *a, ltc_mp_digit b, void *c); /** multiply two integers @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) + @param b The second source integer + (single digit of upto bits_per_digit in length) @param c The destination of "a * b" @return CRYPT_OK on success */ @@ -205,11 +232,12 @@ typedef struct { /** multiply two integers @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) + @param b The second source integer + (single digit of upto bits_per_digit in length) @param c The destination of "a * b" @return CRYPT_OK on success */ - int (*muli)(void *a, unsigned long b, void *c); + int (*muli)(void *a, ltc_mp_digit b, void *c); /** Square an integer @param a The integer to square @@ -248,7 +276,7 @@ typedef struct { @param c The destination for the residue @return CRYPT_OK on success */ - int (*modi)(void *a, unsigned long b, unsigned long *c); + int (*modi)(void *a, ltc_mp_digit b, ltc_mp_digit *c); /** gcd @param a The first integer @@ -293,7 +321,7 @@ typedef struct { /* ---- reduction ---- */ - /** setup montgomery + /** setup Montgomery @param a The modulus @param b The destination for the reduction digit @return CRYPT_OK on success @@ -334,7 +362,7 @@ typedef struct { /** Primality testing @param a The integer to test - @param b The number of tests that shall be executed + @param b The number of Miller-Rabin tests that shall be executed @param c The destination of the result (FP_YES if prime) @return CRYPT_OK on success */ @@ -346,41 +374,58 @@ typedef struct { @param k The integer to multiply the point by @param G The point to multiply @param R The destination for kG - @param a ECC curve parameter a (if NULL we assume a == -3) + @param a ECC curve parameter a @param modulus The modulus for the field - @param map Boolean indicated whether to map back to affine or not (can be ignored if you work in affine only) + @param map Boolean indicated whether to map back to affine or not + (can be ignored if you work in affine only) @return CRYPT_OK on success */ - int (*ecc_ptmul)(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map); + int (*ecc_ptmul)( void *k, + const ecc_point *G, + ecc_point *R, + void *a, + void *modulus, + int map); /** ECC GF(p) point addition @param P The first point @param Q The second point @param R The destination of P + Q - @param a ECC curve parameter a (if NULL we assume a == -3) + @param ma The curve parameter "a" in montgomery form @param modulus The modulus @param mp The "b" value from montgomery_setup() @return CRYPT_OK on success */ - int (*ecc_ptadd)(ecc_point *P, ecc_point *Q, ecc_point *R, void *a, void *modulus, void *mp); + int (*ecc_ptadd)(const ecc_point *P, + const ecc_point *Q, + ecc_point *R, + void *ma, + void *modulus, + void *mp); /** ECC GF(p) point double @param P The first point @param R The destination of 2P - @param a ECC curve parameter a (if NULL we assume a == -3) + @param ma The curve parameter "a" in montgomery form @param modulus The modulus @param mp The "b" value from montgomery_setup() @return CRYPT_OK on success */ - int (*ecc_ptdbl)(ecc_point *P, ecc_point *R, void *a, void *modulus, void *mp); + int (*ecc_ptdbl)(const ecc_point *P, + ecc_point *R, + void *ma, + void *modulus, + void *mp); - /** ECC mapping from projective to affine, currently uses (x,y,z) => (x/z^2, y/z^3, 1) + /** ECC mapping from projective to affine, + currently uses (x,y,z) => (x/z^2, y/z^3, 1) @param P The point to map @param modulus The modulus @param mp The "b" value from montgomery_setup() @return CRYPT_OK on success - @remark The mapping can be different but keep in mind a ecc_point only has three - integers (x,y,z) so if you use a different mapping you have to make it fit. + @remark The mapping can be different but keep in mind a + ecc_point only has three integers (x,y,z) so if + you use a different mapping you have to make it fit. */ int (*ecc_map)(ecc_point *P, void *modulus, void *mp); @@ -389,34 +434,40 @@ typedef struct { @param kA What to multiple A by @param B Second point to multiply @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B + @param C [out] Destination point (can overlap with A or B) + @param ma The curve parameter "a" in montgomery form @param modulus Modulus for curve @return CRYPT_OK on success */ - int (*ecc_mul2add)(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *a, - void *modulus); + int (*ecc_mul2add)(const ecc_point *A, void *kA, + const ecc_point *B, void *kB, + ecc_point *C, + void *ma, + void *modulus); /* ---- (optional) rsa optimized math (for internal CRT) ---- */ /** RSA Key Generation @param prng An active PRNG state @param wprng The index of the PRNG desired - @param size The size of the modulus (key size) desired (octets) - @param e The "e" value (public key). e==65537 is a good choice + @param size The size of the key in octets + @param e The "e" value (public key). + e==65537 is a good choice @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful, upon error all allocated ram is freed */ - int (*rsa_keygen)(prng_state *prng, int wprng, int size, long e, rsa_key *key); - + int (*rsa_keygen)(prng_state *prng, + int wprng, + int size, + long e, + rsa_key *key); /** RSA exponentiation @param in The octet array representing the base @param inlen The length of the input @param out The destination (to be stored in an octet array format) - @param outlen The length of the output buffer and the resulting size (zero padded to the size of the modulus) + @param outlen The length of the output buffer and the resulting size + (zero padded to the size of the modulus) @param which PK_PUBLIC for public RSA and PK_PRIVATE for private RSA @param key The RSA key to use @return CRYPT_OK on success @@ -446,19 +497,20 @@ typedef struct { int (*submod)(void *a, void *b, void *c, void *d); /* ---- misc stuff ---- */ + /** Make a pseudo-random mpi @param a The mpi to make random @param size The desired length @return CRYPT_OK on success */ int (*rand)(void *a, int size); - } ltc_math_descriptor; extern ltc_math_descriptor ltc_mp; int ltc_init_multi(void **a, ...); void ltc_deinit_multi(void *a, ...); +void ltc_cleanup_multi(void **a, ...); #ifdef LTM_DESC extern const ltc_math_descriptor ltm_desc; @@ -481,6 +533,7 @@ extern const ltc_math_descriptor gmp_desc; #define mp_init_multi ltc_init_multi #define mp_clear(a) ltc_mp.deinit(a) #define mp_clear_multi ltc_deinit_multi +#define mp_cleanup_multi ltc_cleanup_multi #define mp_init_copy(a, b) ltc_mp.init_copy(a, b) #define mp_neg(a, b) ltc_mp.neg(a, b) @@ -542,6 +595,6 @@ extern const ltc_math_descriptor gmp_desc; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_misc.h b/src/ltc/headers/tomcrypt_misc.h index 76f4f6b..63fc3a8 100644 --- a/src/ltc/headers/tomcrypt_misc.h +++ b/src/ltc/headers/tomcrypt_misc.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* ---- LTC_BASE64 Routines ---- */ #ifdef LTC_BASE64 int base64_encode(const unsigned char *in, unsigned long len, @@ -21,6 +30,22 @@ int base64url_strict_decode(const unsigned char *in, unsigned long len, unsigned char *out, unsigned long *outlen); #endif +/* ---- BASE32 Routines ---- */ +#ifdef LTC_BASE32 +typedef enum { + BASE32_RFC4648 = 0, + BASE32_BASE32HEX = 1, + BASE32_ZBASE32 = 2, + BASE32_CROCKFORD = 3 +} base32_alphabet; +int base32_encode(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + base32_alphabet id); +int base32_decode(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + base32_alphabet id); +#endif + /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ #ifdef LTC_HKDF @@ -47,6 +72,9 @@ int hkdf(int hash_idx, /* ---- MEM routines ---- */ int mem_neq(const void *a, const void *b, size_t len); void zeromem(volatile void *dst, size_t len); +#ifdef LTC_SOURCE +void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz); +#endif void burn_stack(unsigned long len); const char *error_to_string(int err); @@ -64,16 +92,15 @@ int crypt_get_size(const char* namein, unsigned int *sizeout); int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size); #ifdef LTM_DESC -void init_LTM(void); +LTC_DEPRECATED void init_LTM(void); #endif #ifdef TFM_DESC -void init_TFM(void); +LTC_DEPRECATED void init_TFM(void); #endif -/* *** use of GMP is untested *** #ifdef GMP_DESC -void init_GMP(void); +LTC_DEPRECATED void init_GMP(void); #endif -*/ +int crypt_mp_init(const char* mpi); #ifdef LTC_ADLER32 typedef struct adler32_state_s @@ -99,15 +126,8 @@ void crc32_finish(crc32_state *ctx, void *hash, unsigned long size); int crc32_test(void); #endif -/* yeah it's not exactly in misc in the library, but in testprof/x86_prof.c */ -#if defined(LTC_TEST) && defined(LTC_TEST_DBG) -void print_hex(const char* what, const void* v, const unsigned long l); int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); -#else -#define compare_testvector(is, is_len, should, should_len, what, which) \ - ((((is_len) != (should_len)) || (XMEMCMP((is), (should), (is_len)) != 0)) ? 1 : 0) -#endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_pk.h b/src/ltc/headers/tomcrypt_pk.h index fd40f17..ac4353c 100644 --- a/src/ltc/headers/tomcrypt_pk.h +++ b/src/ltc/headers/tomcrypt_pk.h @@ -1,33 +1,48 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* ---- NUMBER THEORY ---- */ enum { PK_PUBLIC=0, - PK_PRIVATE=1, - PK_PUBLIC_COMPRESSED=2, /* used only when exporting public ECC key */ - PK_CURVEOID=4 /* used only when exporting public ECC key */ + PK_PRIVATE=1 }; /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ #define PK_STD 0x1000 +/* Indicates compressed public ECC key */ +#define PK_COMPRESSED 0x2000 +/* Indicates ECC key with the curve specified by OID */ +#define PK_CURVEOID 0x4000 int rand_prime(void *N, long len, prng_state *prng, int wprng); + +#ifdef LTC_SOURCE +/* internal helper functions */ int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng); -int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng); +int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng); enum public_key_algorithms { PKA_RSA, PKA_DSA, PKA_EC, - EC_PRIME_FIELD + PKA_EC_PRIMEF }; typedef struct Oid { unsigned long OID[16]; - /** Length of DER encoding */ + /** Number of OID digits in use */ unsigned long OIDlen; } oid_st; int pk_get_oid(int pk, oid_st *st); +#endif /* LTC_SOURCE */ /* ---- RSA ---- */ #ifdef LTC_MRSA @@ -114,7 +129,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key); int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *passwd, unsigned long passwdlen, rsa_key *key); -int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key); + +int rsa_set_key(const unsigned char *N, unsigned long Nlen, + const unsigned char *e, unsigned long elen, + const unsigned char *d, unsigned long dlen, + rsa_key *key); +int rsa_set_factors(const unsigned char *p, unsigned long plen, + const unsigned char *q, unsigned long qlen, + rsa_key *key); +int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen, + const unsigned char *dQ, unsigned long dQlen, + const unsigned char *qP, unsigned long qPlen, + rsa_key *key); #endif /* ---- Katja ---- */ @@ -175,51 +201,49 @@ int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key); /* ---- DH Routines ---- */ #ifdef LTC_MDH -typedef struct Dh_key { - int idx, type; +typedef struct { + int type; void *x; void *y; void *base; void *prime; } dh_key; -int dh_compat_test(void); -void dh_sizes(int *low, int *high); -int dh_get_size(dh_key *key); - -int dh_make_key_internal(prng_state *prng, int wprng, dh_key *key); /* for internal use only */ -int dh_make_key_ex(prng_state *prng, int wprng, const char *base_hex, const char *prime_hex, dh_key *key); -int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key); -void dh_free(dh_key *key); +int dh_get_groupsize(dh_key *key); int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key); int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key); -int dh_import_raw(unsigned char *in, unsigned long inlen, int type, - const char *base_hex, const char *prime_hex, dh_key *key); + +int dh_set_pg(const unsigned char *p, unsigned long plen, + const unsigned char *g, unsigned long glen, + dh_key *key); +int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key); +int dh_set_pg_groupsize(int groupsize, dh_key *key); + +int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key); +int dh_generate_key(prng_state *prng, int wprng, dh_key *key); int dh_shared_secret(dh_key *private_key, dh_key *public_key, unsigned char *out, unsigned long *outlen); -int dh_encrypt_key(const unsigned char *in, unsigned long keylen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, - dh_key *key); +void dh_free(dh_key *key); -int dh_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - dh_key *key); +int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key); -int dh_sign_hash(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, dh_key *key); - -int dh_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, dh_key *key); +#ifdef LTC_SOURCE +typedef struct { + int size; + const char *name, *base, *prime; +} ltc_dh_set_type; +extern const ltc_dh_set_type ltc_dh_sets[]; +/* internal helper functions */ +int dh_check_pubkey(dh_key *key); #endif +#endif /* LTC_MDH */ + /* ---- ECC Routines ---- */ #ifdef LTC_MECC @@ -230,37 +254,35 @@ int dh_verify_hash(const unsigned char *sig, unsigned long siglen, /* max private key size */ #define ECC_MAXSIZE 66 -/** Structure defines a NIST GF(p) curve */ +/** Structure defines a GF(p) curve */ typedef struct { - /** The size of the curve in octets */ - int size; - /** name of curve */ - char *name; + const char *name; /** The prime that defines the field the curve is in (encoded in hex) */ - char *prime; + const char *prime; /** The fields A param (hex) */ - char *A; + const char *A; /** The fields B param (hex) */ - char *B; + const char *B; /** The order of the curve (hex) */ - char *order; + const char *order; /** The x co-ordinate of the base point on the curve (hex) */ - char *Gx; + const char *Gx; /** The y co-ordinate of the base point on the curve (hex) */ - char *Gy; + const char *Gy; /** The co-factor */ unsigned long cofactor; - /** The OID stucture */ - oid_st oid; + /** The OID */ + unsigned long oid[16]; + unsigned long oidlen; } ltc_ecc_set_type; /** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */ @@ -275,18 +297,36 @@ typedef struct { void *z; } ecc_point; +/** ECC key's domain parameters */ +typedef struct { + /** The size of the curve in octets */ + int size; + /** The prime that defines the field the curve is in */ + void *prime; + /** The fields A param */ + void *A; + /** The fields B param */ + void *B; + /** The order of the curve */ + void *order; + /** The base point G on the curve */ + ecc_point base; + /** The co-factor */ + unsigned long cofactor; + /** The OID */ + unsigned long oid[16]; + unsigned long oidlen; +} ltc_ecc_dp; + /** An ECC key */ typedef struct { /** Type of key, PK_PRIVATE or PK_PUBLIC */ int type; - /** Index into the ltc_ecc_sets[] for the parameters of this curve; if -1, then this key is using user supplied curve in dp */ - int idx; + /** Structure with domain parameters */ + ltc_ecc_dp dp; - /** pointer to domain parameters; either points to NIST curves (identified by idx >= 0) or user supplied curve */ - const ltc_ecc_set_type *dp; - - /** The public key */ + /** Structure with the public key */ ecc_point pubkey; /** The private key */ @@ -300,12 +340,11 @@ int ecc_test(void); void ecc_sizes(int *low, int *high); int ecc_get_size(ecc_key *key); -int ecc_dp_init(ltc_ecc_set_type *dp); -int ecc_dp_set(ltc_ecc_set_type *dp, char *ch_prime, char *ch_A, char *ch_B, char *ch_order, char *ch_Gx, char *ch_Gy, unsigned long cofactor, char *ch_name, char *oid); -int ecc_dp_set_bn(ltc_ecc_set_type *dp, void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor); -int ecc_dp_set_by_oid(ltc_ecc_set_type *dp, unsigned long *oid, unsigned long oidsize); -int ecc_dp_fill_from_sets(ltc_ecc_set_type *dp); -int ecc_dp_clear(ltc_ecc_set_type *dp); +int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp); +int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key); +int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key); +int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key); +int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key); int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp); @@ -314,15 +353,15 @@ void ecc_free(ecc_key *key); int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key); int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); -int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, ecc_key *key, ltc_ecc_set_type *dp); -int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); -int ecc_import_full(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp); -int ecc_export_raw(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); -int ecc_import_raw(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp); int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen); int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp); +int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); + +int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); +int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key); +int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, ecc_key *key); +int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key); int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, unsigned char *out, unsigned long *outlen); @@ -336,40 +375,47 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, ecc_key *key); +int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + prng_state *prng, int wprng, ecc_key *key); + int ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, ecc_key *key); +int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, ecc_key *key); + int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, int *stat, ecc_key *key); -int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key); -int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key); +#ifdef LTC_SOURCE +/* INTERNAL ONLY - it should be later moved to src/headers/tomcrypt_internal.h */ -int ecc_verify_key(ecc_key *key); +int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); +int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key); +int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key); +int ecc_set_dp_size(int size, ecc_key *key); /* low level functions */ ecc_point *ltc_ecc_new_point(void); void ltc_ecc_del_point(ecc_point *p); -int ltc_ecc_is_valid_idx(int n); -int ltc_ecc_is_point(const ltc_ecc_set_type *dp, void *x, void *y); -int ltc_ecc_is_point_at_infinity(ecc_point *p, void *modulus); +int ltc_ecc_is_point(const ltc_ecc_dp *dp, void *x, void *y); +int ltc_ecc_is_point_at_infinity(const ecc_point *p, void *modulus); int ltc_ecc_import_point(const unsigned char *in, unsigned long inlen, void *prime, void *a, void *b, void *x, void *y); int ltc_ecc_export_point(unsigned char *out, unsigned long *outlen, void *x, void *y, unsigned long size, int compressed); +int ltc_ecc_verify_key(ecc_key *key); /* point ops (mp == montgomery digit) */ #if !defined(LTC_MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC) /* R = 2P */ -int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *a, void *modulus, void *mp); +int ltc_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp); /* R = P + Q */ -int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *a, void *modulus, void *mp); +int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp); #endif #if defined(LTC_MECC_FP) @@ -387,23 +433,23 @@ void ltc_ecc_fp_tablelock(int lock); #endif /* R = kG */ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map); +int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map); #ifdef LTC_ECC_SHAMIR /* kA*A + kB*B = C */ -int ltc_ecc_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *a, - void *modulus); +int ltc_ecc_mul2add(const ecc_point *A, void *kA, + const ecc_point *B, void *kB, + ecc_point *C, + void *ma, + void *modulus); #ifdef LTC_MECC_FP /* Shamir's trick with optimized point multiplication using fixed point cache */ -int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *a, - void *modulus); +int ltc_ecc_fp_mul2add(const ecc_point *A, void *kA, + const ecc_point *B, void *kB, + ecc_point *C, + void *ma, + void *modulus); #endif #endif @@ -412,6 +458,8 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, /* map P to affine from projective */ int ltc_ecc_map(ecc_point *P, void *modulus, void *mp); +#endif /* LTC_SOURCE */ + #endif #ifdef LTC_MDSA @@ -448,9 +496,15 @@ typedef struct { int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); -int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex); +int dsa_set_pqg(const unsigned char *p, unsigned long plen, + const unsigned char *q, unsigned long qlen, + const unsigned char *g, unsigned long glen, + dsa_key *key); +int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key); +int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); -int dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g); +int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key *key); +int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key); void dsa_free(dsa_key *key); @@ -479,11 +533,15 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, dsa_key *key); -int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key); int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); int dsa_verify_key(dsa_key *key, int *stat); - +#ifdef LTC_SOURCE +/* internal helper functions */ +int dsa_int_validate_xy(dsa_key *key, int *stat); +int dsa_int_validate_pqg(dsa_key *key, int *stat); +int dsa_int_validate_primes(dsa_key *key, int *stat); +#endif int dsa_shared_secret(void *private_key, void *base, dsa_key *public_key, unsigned char *out, unsigned long *outlen); @@ -515,12 +573,22 @@ typedef enum ltc_asn1_type_ { LTC_ASN1_SETOF, LTC_ASN1_RAW_BIT_STRING, LTC_ASN1_TELETEX_STRING, - LTC_ASN1_CONSTRUCTED, - LTC_ASN1_CONTEXT_SPECIFIC, - /* 20 */ LTC_ASN1_GENERALIZEDTIME, + LTC_ASN1_CUSTOM_TYPE, } ltc_asn1_type; +typedef enum { + LTC_ASN1_CL_UNIVERSAL = 0x0, + LTC_ASN1_CL_APPLICATION = 0x1, + LTC_ASN1_CL_CONTEXT_SPECIFIC = 0x2, + LTC_ASN1_CL_PRIVATE = 0x3, +} ltc_asn1_class; + +typedef enum { + LTC_ASN1_PC_PRIMITIVE = 0x0, + LTC_ASN1_PC_CONSTRUCTED = 0x1, +} ltc_asn1_pc; + /** A LTC ASN.1 list type */ typedef struct ltc_asn1_list_ { /** The LTC ASN.1 enumerated type identifier */ @@ -529,12 +597,17 @@ typedef struct ltc_asn1_list_ { void *data; /** The size of the input or resulting output */ unsigned long size; - /** The used flag, this is used by the CHOICE ASN.1 type to indicate which choice was made */ + /** The used flag + * 1. This is used by the CHOICE ASN.1 type to indicate which choice was made + * 2. This is used by the ASN.1 decoder to indicate if an element is used + * 3. This is used by the flexi-decoder to indicate the first byte of the identifier */ int used; /** Flag used to indicate optional items in ASN.1 sequences */ int optional; - /** Flag used to indicate context specific tags on ASN.1 sequence items */ - unsigned char tag; + /** ASN.1 identifier */ + ltc_asn1_class class; + ltc_asn1_pc pc; + ulong64 tag; /** prev/next entry in the list */ struct ltc_asn1_list_ *prev, *next, *child, *parent; } ltc_asn1_list; @@ -547,42 +620,120 @@ typedef struct ltc_asn1_list_ { LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \ LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \ LTC_MACRO_list[LTC_MACRO_temp].used = 0; \ - LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \ LTC_MACRO_list[LTC_MACRO_temp].optional = 0; \ + LTC_MACRO_list[LTC_MACRO_temp].class = 0; \ + LTC_MACRO_list[LTC_MACRO_temp].pc = 0; \ + LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \ } while (0) +#define __LTC_SET_ASN1_IDENTIFIER(list, index, Class, Pc, Tag) \ + do { \ + int LTC_MACRO_temp = (index); \ + ltc_asn1_list *LTC_MACRO_list = (list); \ + LTC_MACRO_list[LTC_MACRO_temp].type = LTC_ASN1_CUSTOM_TYPE; \ + LTC_MACRO_list[LTC_MACRO_temp].class = (Class); \ + LTC_MACRO_list[LTC_MACRO_temp].pc = (Pc); \ + LTC_MACRO_list[LTC_MACRO_temp].tag = (Tag); \ + } while (0) + +#define LTC_SET_ASN1_CUSTOM_CONSTRUCTED(list, index, Class, Tag, Data) \ + do { \ + int LTC_MACRO_temp##__LINE__ = (index); \ + LTC_SET_ASN1(list, LTC_MACRO_temp##__LINE__, LTC_ASN1_CUSTOM_TYPE, Data, 1); \ + __LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_CONSTRUCTED, Tag); \ + } while (0) + +#define LTC_SET_ASN1_CUSTOM_PRIMITIVE(list, index, Class, Tag, Type, Data, Size) \ + do { \ + int LTC_MACRO_temp##__LINE__ = (index); \ + LTC_SET_ASN1(list, LTC_MACRO_temp##__LINE__, LTC_ASN1_CUSTOM_TYPE, Data, Size); \ + __LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_PRIMITIVE, Tag); \ + list[LTC_MACRO_temp##__LINE__].used = (int)(Type); \ + } while (0) + +extern const char* der_asn1_class_to_string_map[]; +extern const unsigned long der_asn1_class_to_string_map_sz; + +extern const char* der_asn1_pc_to_string_map[]; +extern const unsigned long der_asn1_pc_to_string_map_sz; + +extern const char* der_asn1_tag_to_string_map[]; +extern const unsigned long der_asn1_tag_to_string_map_sz; + /* SEQUENCE */ int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, unsigned char *out, unsigned long *outlen, int type_of); #define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE) -int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, - ltc_asn1_list *list, unsigned long outlen, int ordered); +/** The supported bitmap for all the + * decoders with a `flags` argument. + */ +enum ltc_der_seq { + LTC_DER_SEQ_ZERO = 0x0u, -#define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 1) + /** Bit0 - [0]=Unordered (SET or SETOF) + * [1]=Ordered (SEQUENCE) */ + LTC_DER_SEQ_UNORDERED = LTC_DER_SEQ_ZERO, + LTC_DER_SEQ_ORDERED = 0x1u, + + /** Bit1 - [0]=Relaxed + * [1]=Strict */ + LTC_DER_SEQ_RELAXED = LTC_DER_SEQ_ZERO, + LTC_DER_SEQ_STRICT = 0x2u, + + /** Alternative naming */ + LTC_DER_SEQ_SET = LTC_DER_SEQ_UNORDERED, + LTC_DER_SEQ_SEQUENCE = LTC_DER_SEQ_ORDERED, +}; + +int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, + ltc_asn1_list *list, unsigned long outlen, unsigned int flags); + +#define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_RELAXED) +#define der_decode_sequence_strict(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_STRICT) int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen); + + +/* Custom-types */ +int der_encode_custom_type(const ltc_asn1_list *root, + unsigned char *out, unsigned long *outlen); + +int der_decode_custom_type(const unsigned char *in, unsigned long inlen, + ltc_asn1_list *root); + +int der_length_custom_type(const ltc_asn1_list *root, + unsigned long *outlen, + unsigned long *payloadlen); + +#ifdef LTC_SOURCE +/* internal helper functions */ +int der_decode_custom_type_ex(const unsigned char *in, unsigned long inlen, + ltc_asn1_list *root, + ltc_asn1_list *list, unsigned long outlen, unsigned int flags); + +int der_encode_asn1_identifier(const ltc_asn1_list *id, unsigned char *out, unsigned long *outlen); +int der_decode_asn1_identifier(const unsigned char *in, unsigned long *inlen, ltc_asn1_list *id); +int der_length_asn1_identifier(const ltc_asn1_list *id, unsigned long *idlen); + +int der_encode_asn1_length(unsigned long len, unsigned char* out, unsigned long* outlen); +int der_decode_asn1_length(const unsigned char* len, unsigned long* lenlen, unsigned long* outlen); +int der_length_asn1_length(unsigned long len, unsigned long *outlen); + int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen, unsigned long *payloadlen); -/* SUBJECT PUBLIC KEY INFO */ -int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, - unsigned int algorithm, void* public_key, unsigned long public_key_len, - unsigned long parameters_type, void* parameters, unsigned long parameters_len); +extern const ltc_asn1_type der_asn1_tag_to_type_map[]; +extern const unsigned long der_asn1_tag_to_type_map_sz; -int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, - unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); - -int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long inlen, - unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, void* parameters, unsigned long parameters_len, - unsigned long *parameters_outsize); +extern const int der_asn1_type_to_identifier_map[]; +extern const unsigned long der_asn1_type_to_identifier_map_sz; +#endif /* LTC_SOURCE */ /* SET */ -#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0) +#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SET) #define der_length_set der_length_sequence int der_encode_set(ltc_asn1_list *list, unsigned long inlen, unsigned char *out, unsigned long *outlen); @@ -593,6 +744,10 @@ int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, /* VA list handy helpers with triplets of */ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); +#ifdef LTC_SOURCE +/* internal helper functions */ +int der_decode_sequence_multi_ex(const unsigned char *in, unsigned long inlen, unsigned int flags, ...); +#endif /* LTC_SOURCE */ /* FLEXI DECODER handle unknown list decoder */ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out); @@ -657,8 +812,12 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); int der_length_teletex_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); +#ifdef LTC_SOURCE +/* internal helper functions */ int der_teletex_char_encode(int c); int der_teletex_value_decode(int v); +#endif /* LTC_SOURCE */ + /* PRINTABLE STRING */ int der_encode_printable_string(const unsigned char *in, unsigned long inlen, @@ -690,7 +849,10 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, wchar_t *out, unsigned long *outlen); unsigned long der_utf8_charsize(const wchar_t c); +#ifdef LTC_SOURCE +/* internal helper functions */ int der_utf8_valid_char(const wchar_t c); +#endif /* LTC_SOURCE */ int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen); @@ -741,9 +903,20 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen, int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen); +#ifdef LTC_SOURCE +/* internal helper functions */ +/* SUBJECT PUBLIC KEY INFO */ +int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, + unsigned int algorithm, void* public_key, unsigned long public_key_len, + unsigned long parameters_type, void* parameters, unsigned long parameters_len); + +int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, + unsigned int algorithm, void* public_key, unsigned long* public_key_len, + unsigned long parameters_type, void* parameters, unsigned long *parameters_len); +#endif /* LTC_SOURCE */ #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_pkcs.h b/src/ltc/headers/tomcrypt_pkcs.h index dae3490..247e538 100644 --- a/src/ltc/headers/tomcrypt_pkcs.h +++ b/src/ltc/headers/tomcrypt_pkcs.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* PKCS Header Info */ /* ===> PKCS #1 -- RSA Cryptography <=== */ @@ -13,7 +22,8 @@ enum ltc_pkcs_1_paddings { LTC_PKCS_1_V1_5 = 1, /* PKCS #1 v1.5 padding (\sa ltc_pkcs_1_v1_5_blocks) */ LTC_PKCS_1_OAEP = 2, /* PKCS #1 v2.0 encryption padding */ - LTC_PKCS_1_PSS = 3 /* PKCS #1 v2.1 signature padding */ + LTC_PKCS_1_PSS = 3, /* PKCS #1 v2.1 signature padding */ + LTC_PKCS_1_V1_5_NA1 = 4 /* PKCS #1 v1.5 padding - No ASN.1 (\sa ltc_pkcs_1_v1_5_blocks) */ }; int pkcs_1_mgf1( int hash_idx, @@ -70,13 +80,13 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, /* ===> PKCS #5 -- Password Based Cryptography <=== */ #ifdef LTC_PKCS_5 -/* Algorithm #1 (old) */ +/* Algorithm #1 (PBKDF1) */ int pkcs_5_alg1(const unsigned char *password, unsigned long password_len, const unsigned char *salt, int iteration_count, int hash_idx, unsigned char *out, unsigned long *outlen); -/* Algorithm #1 - OpenSSL-compatible variant for arbitrarily-long keys. +/* Algorithm #1 (PBKDF1) - OpenSSL-compatible variant for arbitrarily-long keys. Compatible with EVP_BytesToKey() */ int pkcs_5_alg1_openssl(const unsigned char *password, unsigned long password_len, @@ -84,7 +94,7 @@ int pkcs_5_alg1_openssl(const unsigned char *password, int iteration_count, int hash_idx, unsigned char *out, unsigned long *outlen); -/* Algorithm #2 (new) */ +/* Algorithm #2 (PBKDF2) */ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, const unsigned char *salt, unsigned long salt_len, int iteration_count, int hash_idx, @@ -93,6 +103,6 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, int pkcs_5_test (void); #endif /* LTC_PKCS_5 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_prng.h b/src/ltc/headers/tomcrypt_prng.h index e06c68b..c516b8c 100644 --- a/src/ltc/headers/tomcrypt_prng.h +++ b/src/ltc/headers/tomcrypt_prng.h @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /* ---- PRNG Stuff ---- */ #ifdef LTC_YARROW struct yarrow_prng { @@ -72,7 +81,7 @@ typedef struct { /** PRNG descriptor */ extern struct ltc_prng_descriptor { /** Name of the PRNG */ - char *name; + const char *name; /** size in bytes of exported state */ int export_size; /** Start a PRNG state @@ -199,6 +208,7 @@ extern const struct ltc_prng_descriptor sober128_desc; int find_prng(const char *name); int register_prng(const struct ltc_prng_descriptor *prng); int unregister_prng(const struct ltc_prng_descriptor *prng); +int register_all_prngs(void); int prng_is_valid(int idx); LTC_MUTEX_PROTO(ltc_prng_mutex) @@ -217,6 +227,6 @@ extern unsigned long (*ltc_rng)(unsigned char *out, unsigned long outlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2bmac.c b/src/ltc/mac/blake2/blake2bmac.c index 63ebd41..1c80b1c 100644 --- a/src/ltc/mac/blake2/blake2bmac.c +++ b/src/ltc/mac/blake2/blake2bmac.c @@ -14,6 +14,7 @@ /** Initialize an BLAKE2B MAC context. @param st The BLAKE2B MAC state + @param outlen The size of the MAC output (octets) @param key The secret key @param keylen The length of the secret key (octets) @return CRYPT_OK if successful @@ -59,3 +60,7 @@ int blake2bmac_done(blake2bmac_state *st, unsigned char *mac, unsigned long *mac } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2bmac_file.c b/src/ltc/mac/blake2/blake2bmac_file.c index 3722138..c1e9c6b 100644 --- a/src/ltc/mac/blake2/blake2bmac_file.c +++ b/src/ltc/mac/blake2/blake2bmac_file.c @@ -23,6 +23,11 @@ int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else blake2bmac_state st; @@ -77,3 +82,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2bmac_memory.c b/src/ltc/mac/blake2/blake2bmac_memory.c index bdf5562..45ddd6f 100644 --- a/src/ltc/mac/blake2/blake2bmac_memory.c +++ b/src/ltc/mac/blake2/blake2bmac_memory.c @@ -42,3 +42,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2bmac_memory_multi.c b/src/ltc/mac/blake2/blake2bmac_memory_multi.c index 4e8f66f..2b875d7 100644 --- a/src/ltc/mac/blake2/blake2bmac_memory_multi.c +++ b/src/ltc/mac/blake2/blake2bmac_memory_multi.c @@ -16,8 +16,8 @@ BLAKE2B MAC multiple blocks of memory to produce the authentication tag @param key The secret key @param keylen The length of the secret key (octets) - @param out [out] Destination of the authentication tag - @param outlen [in/out] Max size and resulting size of authentication tag + @param mac [out] Destination of the authentication tag + @param maclen [in/out] Max size and resulting size of authentication tag @param in The data to BLAKE2B MAC @param inlen The length of the data to BLAKE2B MAC (octets) @param ... tuples of (data,len) pairs to BLAKE2B MAC, terminated with a (NULL,x) (x=don't care) @@ -56,3 +56,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2smac.c b/src/ltc/mac/blake2/blake2smac.c index 741cf72..080241b 100644 --- a/src/ltc/mac/blake2/blake2smac.c +++ b/src/ltc/mac/blake2/blake2smac.c @@ -14,6 +14,7 @@ /** Initialize an BLAKE2S MAC context. @param st The BLAKE2S MAC state + @param outlen The size of the MAC output (octets) @param key The secret key @param keylen The length of the secret key (octets) @return CRYPT_OK if successful @@ -59,3 +60,7 @@ int blake2smac_done(blake2smac_state *st, unsigned char *mac, unsigned long *mac } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2smac_file.c b/src/ltc/mac/blake2/blake2smac_file.c index c6da9ee..1ac6679 100644 --- a/src/ltc/mac/blake2/blake2smac_file.c +++ b/src/ltc/mac/blake2/blake2smac_file.c @@ -23,6 +23,11 @@ int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else blake2smac_state st; @@ -77,3 +82,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2smac_memory.c b/src/ltc/mac/blake2/blake2smac_memory.c index 0376554..1661fb0 100644 --- a/src/ltc/mac/blake2/blake2smac_memory.c +++ b/src/ltc/mac/blake2/blake2smac_memory.c @@ -42,3 +42,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/blake2/blake2smac_memory_multi.c b/src/ltc/mac/blake2/blake2smac_memory_multi.c index 27889c2..0985c42 100644 --- a/src/ltc/mac/blake2/blake2smac_memory_multi.c +++ b/src/ltc/mac/blake2/blake2smac_memory_multi.c @@ -16,8 +16,8 @@ BLAKE2S MAC multiple blocks of memory to produce the authentication tag @param key The secret key @param keylen The length of the secret key (octets) - @param out [out] Destination of the authentication tag - @param outlen [in/out] Max size and resulting size of authentication tag + @param mac [out] Destination of the authentication tag + @param maclen [in/out] Max size and resulting size of authentication tag @param in The data to BLAKE2S MAC @param inlen The length of the data to BLAKE2S MAC (octets) @param ... tuples of (data,len) pairs to BLAKE2S MAC, terminated with a (NULL,x) (x=don't care) @@ -56,3 +56,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_done.c b/src/ltc/mac/f9/f9_done.c index 9bcf1b5..8d2ccb0 100644 --- a/src/ltc/mac/f9/f9_done.c +++ b/src/ltc/mac/f9/f9_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -71,7 +69,7 @@ int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_file.c b/src/ltc/mac/f9/f9_file.c index c99d7a3..04d509b 100644 --- a/src/ltc/mac/f9/f9_file.c +++ b/src/ltc/mac/f9/f9_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,6 +31,12 @@ int f9_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; @@ -88,6 +92,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_init.c b/src/ltc/mac/f9/f9_init.c index ec026b9..ba59b20 100644 --- a/src/ltc/mac/f9/f9_init.c +++ b/src/ltc/mac/f9/f9_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -64,7 +62,7 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_memory.c b/src/ltc/mac/f9/f9_memory.c index e07a05c..70c694b 100644 --- a/src/ltc/mac/f9/f9_memory.c +++ b/src/ltc/mac/f9/f9_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -66,6 +64,6 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_memory_multi.c b/src/ltc/mac/f9/f9_memory_multi.c index 6c8f2dc..2c1d31a 100644 --- a/src/ltc/mac/f9/f9_memory_multi.c +++ b/src/ltc/mac/f9/f9_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -85,6 +83,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/f9/f9_process.c b/src/ltc/mac/f9/f9_process.c index 42027fd..ba4d39f 100644 --- a/src/ltc/mac/f9/f9_process.c +++ b/src/ltc/mac/f9/f9_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -72,7 +70,7 @@ int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_done.c b/src/ltc/mac/hmac/hmac_done.c index 15baa0c..3c09df1 100644 --- a/src/ltc/mac/hmac/hmac_done.c +++ b/src/ltc/mac/hmac/hmac_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -89,7 +87,6 @@ int hmac_done(hmac_state *hmac, unsigned char *out, unsigned long *outlen) err = CRYPT_OK; LBL_ERR: - XFREE(hmac->key); #ifdef LTC_CLEAN_STACK zeromem(isha, hashsize); zeromem(buf, hashsize); @@ -104,6 +101,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_file.c b/src/ltc/mac/hmac/hmac_file.c index f74505c..0e1a163 100644 --- a/src/ltc/mac/hmac/hmac_file.c +++ b/src/ltc/mac/hmac/hmac_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -32,6 +30,12 @@ int hmac_file(int hash, const char *fname, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(hash); + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else hmac_state hmac; @@ -91,6 +95,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_init.c b/src/ltc/mac/hmac/hmac_init.c index 2c887db..16e58d5 100644 --- a/src/ltc/mac/hmac/hmac_init.c +++ b/src/ltc/mac/hmac/hmac_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -55,11 +53,10 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon return CRYPT_MEM; } - /* allocate memory for key */ - hmac->key = XMALLOC(LTC_HMAC_BLOCKSIZE); - if (hmac->key == NULL) { - XFREE(buf); - return CRYPT_MEM; + /* check hash block fits */ + if (sizeof(hmac->key) < LTC_HMAC_BLOCKSIZE) { + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; } /* (1) make sure we have a large enough key */ @@ -77,7 +74,7 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon zeromem((hmac->key) + keylen, (size_t)(LTC_HMAC_BLOCKSIZE - keylen)); } - /* Create the initial vector for step (3) */ + /* Create the initialization vector for step (3) */ for(i=0; i < LTC_HMAC_BLOCKSIZE; i++) { buf[i] = hmac->key[i] ^ 0x36; } @@ -90,11 +87,8 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon if ((err = hash_descriptor[hash].process(&hmac->md, buf, LTC_HMAC_BLOCKSIZE)) != CRYPT_OK) { goto LBL_ERR; } - goto done; + LBL_ERR: - /* free the key since we failed */ - XFREE(hmac->key); -done: #ifdef LTC_CLEAN_STACK zeromem(buf, LTC_HMAC_BLOCKSIZE); #endif @@ -105,6 +99,6 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_memory.c b/src/ltc/mac/hmac/hmac_memory.c index c32f13a..9a3a199 100644 --- a/src/ltc/mac/hmac/hmac_memory.c +++ b/src/ltc/mac/hmac/hmac_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -83,6 +81,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_memory_multi.c b/src/ltc/mac/hmac/hmac_memory_multi.c index f9d8587..6e3d0fe 100644 --- a/src/ltc/mac/hmac/hmac_memory_multi.c +++ b/src/ltc/mac/hmac/hmac_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -87,6 +85,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/hmac/hmac_process.c b/src/ltc/mac/hmac/hmac_process.c index f1931c8..8da62c1 100644 --- a/src/ltc/mac/hmac/hmac_process.c +++ b/src/ltc/mac/hmac/hmac_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -38,6 +36,6 @@ int hmac_process(hmac_state *hmac, const unsigned char *in, unsigned long inlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_done.c b/src/ltc/mac/omac/omac_done.c index 18fa25c..bf22523 100644 --- a/src/ltc/mac/omac/omac_done.c +++ b/src/ltc/mac/omac/omac_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -81,6 +79,6 @@ int omac_done(omac_state *omac, unsigned char *out, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_file.c b/src/ltc/mac/omac/omac_file.c index 51c67b7..3f6a85d 100644 --- a/src/ltc/mac/omac/omac_file.c +++ b/src/ltc/mac/omac/omac_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,6 +31,12 @@ int omac_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; @@ -88,6 +92,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_init.c b/src/ltc/mac/omac/omac_init.c index 3bee70f..55de2a6 100644 --- a/src/ltc/mac/omac/omac_init.c +++ b/src/ltc/mac/omac/omac_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -96,6 +94,6 @@ int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned l #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_memory.c b/src/ltc/mac/omac/omac_memory.c index dde7e76..1b57db8 100644 --- a/src/ltc/mac/omac/omac_memory.c +++ b/src/ltc/mac/omac/omac_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -80,6 +78,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_memory_multi.c b/src/ltc/mac/omac/omac_memory_multi.c index afaf8cb..50f26e6 100644 --- a/src/ltc/mac/omac/omac_memory_multi.c +++ b/src/ltc/mac/omac/omac_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -85,6 +83,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/omac/omac_process.c b/src/ltc/mac/omac/omac_process.c index df94208..4ae2bd1 100644 --- a/src/ltc/mac/omac/omac_process.c +++ b/src/ltc/mac/omac/omac_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -87,6 +85,6 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pelican/pelican.c b/src/ltc/mac/pelican/pelican.c index 95af87e..6a4dde6 100644 --- a/src/ltc/mac/pelican/pelican.c +++ b/src/ltc/mac/pelican/pelican.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -53,7 +51,7 @@ int pelican_init(pelican_state *pelmac, const unsigned char *key, unsigned long return CRYPT_OK; } -static void four_rounds(pelican_state *pelmac) +static void _four_rounds(pelican_state *pelmac) { ulong32 s0, s1, s2, s3, t0, t1, t2, t3; int r; @@ -116,7 +114,7 @@ int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned lon for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) { *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pelmac->state + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)in + x)); } - four_rounds(pelmac); + _four_rounds(pelmac); in += 16; inlen -= 16; } @@ -126,7 +124,7 @@ int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned lon while (inlen--) { pelmac->state[pelmac->buflen++] ^= *in++; if (pelmac->buflen == 16) { - four_rounds(pelmac); + _four_rounds(pelmac); pelmac->buflen = 0; } } @@ -150,7 +148,7 @@ int pelican_done(pelican_state *pelmac, unsigned char *out) } if (pelmac->buflen == 16) { - four_rounds(pelmac); + _four_rounds(pelmac); pelmac->buflen = 0; } pelmac->state[pelmac->buflen++] ^= 0x80; @@ -161,6 +159,6 @@ int pelican_done(pelican_state *pelmac, unsigned char *out) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pelican/pelican_memory.c b/src/ltc/mac/pelican/pelican_memory.c index f5e7b4a..08607a0 100644 --- a/src/ltc/mac/pelican/pelican_memory.c +++ b/src/ltc/mac/pelican/pelican_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -54,6 +52,6 @@ int pelican_memory(const unsigned char *key, unsigned long keylen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_done.c b/src/ltc/mac/pmac/pmac_done.c index 6ad5646..de7a5aa 100644 --- a/src/ltc/mac/pmac/pmac_done.c +++ b/src/ltc/mac/pmac/pmac_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -69,6 +67,6 @@ int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_file.c b/src/ltc/mac/pmac/pmac_file.c index c7d9877..fe202a2 100644 --- a/src/ltc/mac/pmac/pmac_file.c +++ b/src/ltc/mac/pmac/pmac_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,6 +31,12 @@ int pmac_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; @@ -89,6 +93,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_init.c b/src/ltc/mac/pmac/pmac_init.c index 9a7192c..b1bb400 100644 --- a/src/ltc/mac/pmac/pmac_init.c +++ b/src/ltc/mac/pmac/pmac_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -145,6 +143,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_memory.c b/src/ltc/mac/pmac/pmac_memory.c index f73244a..7842781 100644 --- a/src/ltc/mac/pmac/pmac_memory.c +++ b/src/ltc/mac/pmac/pmac_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -69,6 +67,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_memory_multi.c b/src/ltc/mac/pmac/pmac_memory_multi.c index 913840a..f3de4b5 100644 --- a/src/ltc/mac/pmac/pmac_memory_multi.c +++ b/src/ltc/mac/pmac/pmac_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -84,6 +82,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_ntz.c b/src/ltc/mac/pmac/pmac_ntz.c index 2e649f9..2c7dec5 100644 --- a/src/ltc/mac/pmac/pmac_ntz.c +++ b/src/ltc/mac/pmac/pmac_ntz.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -34,6 +32,6 @@ int pmac_ntz(unsigned long x) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_process.c b/src/ltc/mac/pmac/pmac_process.c index 9c26783..018fa27 100644 --- a/src/ltc/mac/pmac/pmac_process.c +++ b/src/ltc/mac/pmac/pmac_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -95,6 +93,6 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/pmac/pmac_shift_xor.c b/src/ltc/mac/pmac/pmac_shift_xor.c index ac3c12f..49d48f9 100644 --- a/src/ltc/mac/pmac/pmac_shift_xor.c +++ b/src/ltc/mac/pmac/pmac_shift_xor.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -39,6 +37,6 @@ void pmac_shift_xor(pmac_state *pmac) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/poly1305/poly1305.c b/src/ltc/mac/poly1305/poly1305.c index 369341b..f709f72 100644 --- a/src/ltc/mac/poly1305/poly1305.c +++ b/src/ltc/mac/poly1305/poly1305.c @@ -164,8 +164,8 @@ int poly1305_process(poly1305_state *st, const unsigned char *in, unsigned long /** Terminate a POLY1305 session @param st The POLY1305 state - @param out [out] The destination of the POLY1305 authentication tag - @param outlen [in/out] The max size and resulting size of the POLY1305 authentication tag + @param mac [out] The destination of the POLY1305 authentication tag + @param maclen [in/out] The max size and resulting size of the POLY1305 authentication tag @return CRYPT_OK if successful */ int poly1305_done(poly1305_state *st, unsigned char *mac, unsigned long *maclen) @@ -262,3 +262,7 @@ int poly1305_done(poly1305_state *st, unsigned char *mac, unsigned long *maclen) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/poly1305/poly1305_file.c b/src/ltc/mac/poly1305/poly1305_file.c index 42afdc3..e57437b 100644 --- a/src/ltc/mac/poly1305/poly1305_file.c +++ b/src/ltc/mac/poly1305/poly1305_file.c @@ -28,6 +28,11 @@ int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(fname); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(mac); + LTC_UNUSED_PARAM(maclen); return CRYPT_NOP; #else poly1305_state st; @@ -82,3 +87,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/poly1305/poly1305_memory.c b/src/ltc/mac/poly1305/poly1305_memory.c index b948efb..a827f8d 100644 --- a/src/ltc/mac/poly1305/poly1305_memory.c +++ b/src/ltc/mac/poly1305/poly1305_memory.c @@ -47,3 +47,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/poly1305/poly1305_memory_multi.c b/src/ltc/mac/poly1305/poly1305_memory_multi.c index 0ac122e..f22f255 100644 --- a/src/ltc/mac/poly1305/poly1305_memory_multi.c +++ b/src/ltc/mac/poly1305/poly1305_memory_multi.c @@ -21,8 +21,8 @@ POLY1305 multiple blocks of memory to produce the authentication tag @param key The secret key @param keylen The length of the secret key (octets) - @param out [out] Destination of the authentication tag - @param outlen [in/out] Max size and resulting size of authentication tag + @param mac [out] Destination of the authentication tag + @param maclen [in/out] Max size and resulting size of authentication tag @param in The data to POLY1305 @param inlen The length of the data to POLY1305 (octets) @param ... tuples of (data,len) pairs to POLY1305, terminated with a (NULL,x) (x=don't care) @@ -61,3 +61,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_done.c b/src/ltc/mac/xcbc/xcbc_done.c index 1573263..133d16f 100644 --- a/src/ltc/mac/xcbc/xcbc_done.c +++ b/src/ltc/mac/xcbc/xcbc_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -71,7 +69,7 @@ int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_file.c b/src/ltc/mac/xcbc/xcbc_file.c index c8119f9..27eb0de 100644 --- a/src/ltc/mac/xcbc/xcbc_file.c +++ b/src/ltc/mac/xcbc/xcbc_file.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,6 +31,12 @@ int xcbc_file(int cipher, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + LTC_UNUSED_PARAM(cipher); + LTC_UNUSED_PARAM(key); + LTC_UNUSED_PARAM(keylen); + LTC_UNUSED_PARAM(filename); + LTC_UNUSED_PARAM(out); + LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; @@ -88,6 +92,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_init.c b/src/ltc/mac/xcbc/xcbc_init.c index b4ad2e9..4eccd5e 100644 --- a/src/ltc/mac/xcbc/xcbc_init.c +++ b/src/ltc/mac/xcbc/xcbc_init.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -102,7 +100,7 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_memory.c b/src/ltc/mac/xcbc/xcbc_memory.c index aac9298..a1bc045 100644 --- a/src/ltc/mac/xcbc/xcbc_memory.c +++ b/src/ltc/mac/xcbc/xcbc_memory.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -66,6 +64,6 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_memory_multi.c b/src/ltc/mac/xcbc/xcbc_memory_multi.c index 994bdce..a5b9d91 100644 --- a/src/ltc/mac/xcbc/xcbc_memory_multi.c +++ b/src/ltc/mac/xcbc/xcbc_memory_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -85,6 +83,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/mac/xcbc/xcbc_process.c b/src/ltc/mac/xcbc/xcbc_process.c index dca321a..12e25c5 100644 --- a/src/ltc/mac/xcbc/xcbc_process.c +++ b/src/ltc/mac/xcbc/xcbc_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -69,7 +67,7 @@ int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/fp/ltc_ecc_fp_mulmod.c b/src/ltc/math/fp/ltc_ecc_fp_mulmod.c index df9aef6..eed4483 100644 --- a/src/ltc/math/fp/ltc_ecc_fp_mulmod.c +++ b/src/ltc/math/fp/ltc_ecc_fp_mulmod.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -574,7 +572,7 @@ static const struct { }; /* find a hole and free as required, return -1 if no hole found */ -static int find_hole(void) +static int _find_hole(void) { unsigned x; int y, z; @@ -610,7 +608,7 @@ static int find_hole(void) } /* determine if a base is already in the cache and if so, where */ -static int find_base(ecc_point *g) +static int _find_base(ecc_point *g) { int x; for (x = 0; x < FP_ENTRIES; x++) { @@ -628,7 +626,7 @@ static int find_base(ecc_point *g) } /* add a new base to the cache */ -static int add_entry(int idx, ecc_point *g) +static int _add_entry(int idx, ecc_point *g) { unsigned x, y; @@ -670,7 +668,7 @@ static int add_entry(int idx, ecc_point *g) * The algorithm builds patterns in increasing bit order by first making all * single bit input patterns, then all two bit input patterns and so on */ -static int build_lut(int idx, void *a, void *modulus, void *mp, void *mu) +static int _build_lut(int idx, void *a, void *modulus, void *mp, void *mu) { unsigned x, y, err, bitlen, lut_gap; void *tmp; @@ -777,7 +775,7 @@ DONE: } /* perform a fixed point ECC mulmod */ -static int accel_fp_mul(int idx, void *k, ecc_point *R, void *a, void *modulus, void *mp, int map) +static int _accel_fp_mul(int idx, void *k, ecc_point *R, void *a, void *modulus, void *mp, int map) { unsigned char kb[128]; int x; @@ -900,7 +898,7 @@ static int accel_fp_mul(int idx, void *k, ecc_point *R, void *a, void *modulus, #ifdef LTC_ECC_SHAMIR /* perform a fixed point ECC mulmod */ -static int accel_fp_mul2add(int idx1, int idx2, +static int _accel_fp_mul2add(int idx1, int idx2, void *kA, void *kB, ecc_point *R, void *a, void *modulus, void *mp) { @@ -1123,13 +1121,13 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, mu = NULL; LTC_MUTEX_LOCK(<c_ecc_fp_lock); /* find point */ - idx1 = find_base(A); + idx1 = _find_base(A); /* no entry? */ if (idx1 == -1) { /* find hole and add it */ - if ((idx1 = find_hole()) >= 0) { - if ((err = add_entry(idx1, A)) != CRYPT_OK) { + if ((idx1 = _find_hole()) >= 0) { + if ((err = _add_entry(idx1, A)) != CRYPT_OK) { goto LBL_ERR; } } @@ -1140,13 +1138,13 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, } /* find point */ - idx2 = find_base(B); + idx2 = _find_base(B); /* no entry? */ if (idx2 == -1) { /* find hole and add it */ - if ((idx2 = find_hole()) >= 0) { - if ((err = add_entry(idx2, B)) != CRYPT_OK) { + if ((idx2 = _find_hole()) >= 0) { + if ((err = _add_entry(idx2, B)) != CRYPT_OK) { goto LBL_ERR; } } @@ -1170,7 +1168,7 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, } /* build the LUT */ - if ((err = build_lut(idx1, a, modulus, mp, mu)) != CRYPT_OK) { + if ((err = _build_lut(idx1, a, modulus, mp, mu)) != CRYPT_OK) { goto LBL_ERR;; } } @@ -1191,7 +1189,7 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, } /* build the LUT */ - if ((err = build_lut(idx2, a, modulus, mp, mu)) != CRYPT_OK) { + if ((err = _build_lut(idx2, a, modulus, mp, mu)) != CRYPT_OK) { goto LBL_ERR;; } } @@ -1202,7 +1200,7 @@ int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, /* compute mp */ if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } } - err = accel_fp_mul2add(idx1, idx2, kA, kB, C, a, modulus, mp); + err = _accel_fp_mul2add(idx1, idx2, kA, kB, C, a, modulus, mp); } else { err = ltc_ecc_mul2add(A, kA, B, kB, C, a, modulus); } @@ -1236,15 +1234,15 @@ int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulu mu = NULL; LTC_MUTEX_LOCK(<c_ecc_fp_lock); /* find point */ - idx = find_base(G); + idx = _find_base(G); /* no entry? */ if (idx == -1) { /* find hole and add it */ - idx = find_hole(); + idx = _find_hole(); if (idx >= 0) { - if ((err = add_entry(idx, G)) != CRYPT_OK) { + if ((err = _add_entry(idx, G)) != CRYPT_OK) { goto LBL_ERR; } } @@ -1269,7 +1267,7 @@ int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulu } /* build the LUT */ - if ((err = build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) { + if ((err = _build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) { goto LBL_ERR;; } } @@ -1279,7 +1277,7 @@ int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulu /* compute mp */ if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } } - err = accel_fp_mul(idx, k, R, a, modulus, mp, map); + err = _accel_fp_mul(idx, k, R, a, modulus, mp, map); } else { err = ltc_ecc_mulmod(k, G, R, a, modulus, map); } @@ -1295,7 +1293,7 @@ LBL_ERR: } /* helper function for freeing the cache ... must be called with the cache mutex locked */ -static void ltc_ecc_fp_free_cache(void) +static void _ltc_ecc_fp_free_cache(void) { unsigned x, y; for (x = 0; x < FP_ENTRIES; x++) { @@ -1320,7 +1318,7 @@ static void ltc_ecc_fp_free_cache(void) void ltc_ecc_fp_free(void) { LTC_MUTEX_LOCK(<c_ecc_fp_lock); - ltc_ecc_fp_free_cache(); + _ltc_ecc_fp_free_cache(); LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); } @@ -1339,7 +1337,7 @@ ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock) void *mu = NULL; LTC_MUTEX_LOCK(<c_ecc_fp_lock); - if ((idx = find_base(g)) >= 0) { + if ((idx = _find_base(g)) >= 0) { /* it is already in the cache ... just check that the LUT is initialized */ if(fp_cache[idx].lru_count >= 2) { LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); @@ -1347,11 +1345,11 @@ ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock) } } - if(idx == -1 && (idx = find_hole()) == -1) { + if(idx == -1 && (idx = _find_hole()) == -1) { err = CRYPT_BUFFER_OVERFLOW; goto LBL_ERR; } - if ((err = add_entry(idx, g)) != CRYPT_OK) { + if ((err = _add_entry(idx, g)) != CRYPT_OK) { goto LBL_ERR; } /* compute mp */ @@ -1368,7 +1366,7 @@ ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock) } /* build the LUT */ - if ((err = build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) { + if ((err = _build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) { goto LBL_ERR; } fp_cache[idx].lru_count = 2; @@ -1506,7 +1504,7 @@ int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen) /* * start with an empty cache */ - ltc_ecc_fp_free_cache(); + _ltc_ecc_fp_free_cache(); /* * decode the input packet: It consists of a sequence with a few @@ -1576,7 +1574,7 @@ int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen) ERR_OUT: if(asn1_list) XFREE(asn1_list); - ltc_ecc_fp_free_cache(); + _ltc_ecc_fp_free_cache(); LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); return err; } @@ -1584,7 +1582,7 @@ ERR_OUT: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/ltm_desc.c b/src/ltc/math/ltm_desc.c index a7577c1..4749657 100644 --- a/src/ltc/math/ltm_desc.c +++ b/src/ltc/math/ltm_desc.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #define DESC_DEF_ONLY @@ -88,7 +86,7 @@ static int init_copy(void **a, void *b) } /* ---- trivial ---- */ -static int set_int(void *a, unsigned long b) +static int set_int(void *a, ltc_mp_digit b) { LTC_ARGCHK(a != NULL); return mpi_to_ltc_error(mp_set_int(a, b)); @@ -130,7 +128,7 @@ static int compare(void *a, void *b) } } -static int compare_d(void *a, unsigned long b) +static int compare_d(void *a, ltc_mp_digit b) { int ret; LTC_ARGCHK(a != NULL); @@ -212,7 +210,7 @@ static int add(void *a, void *b, void *c) return mpi_to_ltc_error(mp_add(a, b, c)); } -static int addi(void *a, unsigned long b, void *c) +static int addi(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -228,7 +226,7 @@ static int sub(void *a, void *b, void *c) return mpi_to_ltc_error(mp_sub(a, b, c)); } -static int subi(void *a, unsigned long b, void *c) +static int subi(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -244,7 +242,7 @@ static int mul(void *a, void *b, void *c) return mpi_to_ltc_error(mp_mul(a, b, c)); } -static int muli(void *a, unsigned long b, void *c) +static int muli(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -284,7 +282,7 @@ static int div_2(void *a, void *b) } /* modi */ -static int modi(void *a, unsigned long b, unsigned long *c) +static int modi(void *a, ltc_mp_digit b, ltc_mp_digit *c) { mp_digit tmp; int err; @@ -415,7 +413,7 @@ static int isprime(void *a, int b, int *c) LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); if (b == 0) { - b = 8; + b = LTC_MILLER_RABIN_REPS; } /* if */ err = mpi_to_ltc_error(mp_prime_is_prime(a, b, c)); *c = (*c == MP_YES) ? LTC_MP_YES : LTC_MP_NO; @@ -520,6 +518,6 @@ const ltc_math_descriptor ltm_desc = { #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/multi.c b/src/ltc/math/multi.c index f85e900..da5bb60 100644 --- a/src/ltc/math/multi.c +++ b/src/ltc/math/multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -55,8 +53,25 @@ void ltc_deinit_multi(void *a, ...) va_end(args); } +void ltc_cleanup_multi(void **a, ...) +{ + void **cur = a; + va_list args; + + va_start(args, a); + while (cur != NULL) { + if (*cur != NULL) { + mp_clear(*cur); + *cur = NULL; + } + cur = va_arg(args, void**); + } + va_end(args); + return; +} + #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/radix_to_bin.c b/src/ltc/math/radix_to_bin.c new file mode 100644 index 0000000..409bd20 --- /dev/null +++ b/src/ltc/math/radix_to_bin.c @@ -0,0 +1,62 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file radix_to_bin.c + Convert data from a specific radix to binary. + Steffen Jaeckel +*/ + +/** + Convert data from a specific radix to binary + + The default MPI descriptors #ltm_desc, #tfm_desc and #gmp_desc + have the following restrictions on parameters: + + \p in - NUL-terminated char buffer + + \p radix - 2..64 + + @param in The input + @param radix The radix of the input + @param out The output buffer + @param len [in/out] The length of the output buffer + + @return CRYPT_OK on success. +*/ +int radix_to_bin(const void *in, int radix, void *out, unsigned long *len) +{ + unsigned long l; + void* mpi; + int err; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(len != NULL); + + if ((err = mp_init(&mpi)) != CRYPT_OK) return err; + if ((err = mp_read_radix(mpi, in, radix)) != CRYPT_OK) goto LBL_ERR; + + if ((l = mp_unsigned_bin_size(mpi)) > *len) { + *len = l; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + *len = l; + + if ((err = mp_to_unsigned_bin(mpi, out)) != CRYPT_OK) goto LBL_ERR; + +LBL_ERR: + mp_clear(mpi); + return err; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/rand_bn.c b/src/ltc/math/rand_bn.c index bdfb3d7..aa6539c 100644 --- a/src/ltc/math/rand_bn.c +++ b/src/ltc/math/rand_bn.c @@ -5,7 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * */ #include "tomcrypt.h" @@ -52,20 +51,25 @@ cleanup: } /** - Generate a random number N in a range: 0 <= N < limit + Generate a random number N in a range: 1 <= N < limit */ -int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng) +int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng) { - int res; + int res, bits; LTC_ARGCHK(N != NULL); LTC_ARGCHK(limit != NULL); + bits = mp_count_bits(limit); do { - res = rand_bn_bits(N, mp_count_bits(limit), prng, wprng); + res = rand_bn_bits(N, bits, prng, wprng); if (res != CRYPT_OK) return res; - } while (mp_cmp(N, limit) != LTC_MP_LT); + } while (mp_cmp_d(N, 0) != LTC_MP_GT || mp_cmp(N, limit) != LTC_MP_LT); return CRYPT_OK; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/rand_prime.c b/src/ltc/math/rand_prime.c index 9dd737b..4dd5764 100644 --- a/src/ltc/math/rand_prime.c +++ b/src/ltc/math/rand_prime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -68,7 +66,7 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng) } /* test */ - if ((err = mp_prime_is_prime(N, 8, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(N, LTC_MILLER_RABIN_REPS, &res)) != CRYPT_OK) { XFREE(buf); return err; } @@ -85,6 +83,6 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng) #endif /* LTC_NO_MATH */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/math/tfm_desc.c b/src/ltc/math/tfm_desc.c index a30a8de..9247db6 100644 --- a/src/ltc/math/tfm_desc.c +++ b/src/ltc/math/tfm_desc.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #define DESC_DEF_ONLY @@ -84,7 +82,7 @@ static int init_copy(void **a, void *b) } /* ---- trivial ---- */ -static int set_int(void *a, unsigned long b) +static int set_int(void *a, ltc_mp_digit b) { LTC_ARGCHK(a != NULL); fp_set(a, b); @@ -129,7 +127,7 @@ static int compare(void *a, void *b) return 0; } -static int compare_d(void *a, unsigned long b) +static int compare_d(void *a, ltc_mp_digit b) { int ret; LTC_ARGCHK(a != NULL); @@ -214,7 +212,7 @@ static int add(void *a, void *b, void *c) return CRYPT_OK; } -static int addi(void *a, unsigned long b, void *c) +static int addi(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -232,7 +230,7 @@ static int sub(void *a, void *b, void *c) return CRYPT_OK; } -static int subi(void *a, unsigned long b, void *c) +static int subi(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -250,7 +248,7 @@ static int mul(void *a, void *b, void *c) return CRYPT_OK; } -static int muli(void *a, unsigned long b, void *c) +static int muli(void *a, ltc_mp_digit b, void *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); @@ -294,7 +292,7 @@ static int div_2(void *a, void *b) } /* modi */ -static int modi(void *a, unsigned long b, unsigned long *c) +static int modi(void *a, ltc_mp_digit b, ltc_mp_digit *c) { fp_digit tmp; int err; @@ -427,14 +425,16 @@ static int isprime(void *a, int b, int *c) { LTC_ARGCHK(a != NULL); LTC_ARGCHK(c != NULL); - (void)b; - *c = (fp_isprime(a) == FP_YES) ? LTC_MP_YES : LTC_MP_NO; + if (b == 0) { + b = LTC_MILLER_RABIN_REPS; + } /* if */ + *c = (fp_isprime_ex(a, b) == FP_YES) ? LTC_MP_YES : LTC_MP_NO; return CRYPT_OK; } #if defined(LTC_MECC) && defined(LTC_MECC_ACCEL) -static int tfm_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *Mp) +static int tfm_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *Mp) { fp_int t1, t2; fp_digit mp; @@ -455,6 +455,14 @@ static int tfm_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulu fp_copy(P->z, R->z); } + if (ltc_ecc_is_point_at_infinity(P, modulus)) { + /* if P is point at infinity >> Result = point at infinity */ + ltc_mp.set_int(R->x, 1); + ltc_mp.set_int(R->y, 1); + ltc_mp.set_int(R->z, 0); + return CRYPT_OK; + } + /* t1 = Z * Z */ fp_sqr(R->z, &t1); fp_montgomery_reduce(&t1, modulus, mp); @@ -467,28 +475,56 @@ static int tfm_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulu fp_sub(R->z, modulus, R->z); } - /* &t2 = X - T1 */ - fp_sub(R->x, &t1, &t2); - if (fp_cmp_d(&t2, 0) == FP_LT) { - fp_add(&t2, modulus, &t2); + if (ma == NULL) { /* special case for curves with a == -3 (10% faster than general case) */ + /* T2 = X - T1 */ + fp_sub(R->x, &t1, &t2); + if (fp_cmp_d(&t2, 0) == LTC_MP_LT) { + fp_add(&t2, modulus, &t2); + } + /* T1 = X + T1 */ + fp_add(&t1, R->x, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T2 = T1 * T2 */ + fp_mul(&t1, &t2, &t2); + fp_montgomery_reduce(&t2, modulus, mp); + /* T1 = 2T2 */ + fp_add(&t2, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T1 = T1 + T2 */ + fp_add(&t1, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } } - /* T1 = X + T1 */ - fp_add(&t1, R->x, &t1); - if (fp_cmp(&t1, modulus) != FP_LT) { - fp_sub(&t1, modulus, &t1); - } - /* T2 = T1 * T2 */ - fp_mul(&t1, &t2, &t2); - fp_montgomery_reduce(&t2, modulus, mp); - /* T1 = 2T2 */ - fp_add(&t2, &t2, &t1); - if (fp_cmp(&t1, modulus) != FP_LT) { - fp_sub(&t1, modulus, &t1); - } - /* T1 = T1 + T2 */ - fp_add(&t1, &t2, &t1); - if (fp_cmp(&t1, modulus) != FP_LT) { - fp_sub(&t1, modulus, &t1); + else { + /* T2 = T1 * T1 */ + fp_sqr(&t1, &t2); + fp_montgomery_reduce(&t2, modulus, mp); + /* T1 = T2 * a */ + fp_mul(&t2, ma, &t1); + fp_montgomery_reduce(&t1, modulus, mp); + /* T2 = X * X */ + fp_sqr(R->x, &t2); + fp_montgomery_reduce(&t2, modulus, mp); + /* T1 = T1 + T2 */ + fp_add(&t1, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T1 = T1 + T2 */ + fp_add(&t1, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T1 = T1 + T2 */ + fp_add(&t1, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } } /* Y = 2Y */ @@ -548,10 +584,10 @@ static int tfm_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulu @param Q The point to add @param R [out] The destination of the double @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() + @param Mp The "b" value from montgomery_setup() @return CRYPT_OK on success */ -static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *Mp) +static int tfm_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *Mp) { fp_int t1, t2, x, y, z; fp_digit mp; @@ -570,12 +606,28 @@ static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R fp_init(&y); fp_init(&z); + if (ltc_ecc_is_point_at_infinity(P, modulus)) { + /* P is point at infinity >> Result = Q */ + ltc_mp.copy(Q->x, R->x); + ltc_mp.copy(Q->y, R->y); + ltc_mp.copy(Q->z, R->z); + return CRYPT_OK; + } + + if (ltc_ecc_is_point_at_infinity(Q, modulus)) { + /* Q is point at infinity >> Result = P */ + ltc_mp.copy(P->x, R->x); + ltc_mp.copy(P->y, R->y); + ltc_mp.copy(P->z, R->z); + return CRYPT_OK; + } + /* should we dbl instead? */ fp_sub(modulus, Q->y, &t1); if ( (fp_cmp(P->x, Q->x) == FP_EQ) && (Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) && (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) { - return tfm_ecc_projective_dbl_point(P, R, modulus, Mp); + return tfm_ecc_projective_dbl_point(P, R, ma, modulus, Mp); } fp_copy(P->x, &x); @@ -709,6 +761,13 @@ static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R #endif +static int set_rand(void *a, int size) +{ + LTC_ARGCHK(a != NULL); + fp_rand(a, size); + return CRYPT_OK; +} + const ltc_math_descriptor tfm_desc = { "TomsFastMath", @@ -799,13 +858,13 @@ const ltc_math_descriptor tfm_desc = { &addmod, &submod, - NULL, + set_rand, }; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/adler32.c b/src/ltc/misc/adler32.c index 987931b..8bbf2ac 100644 --- a/src/ltc/misc/adler32.c +++ b/src/ltc/misc/adler32.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -120,13 +118,7 @@ int adler32_test(void) adler32_init(&ctx); adler32_update(&ctx, in, strlen(in)); adler32_finish(&ctx, out, 4); - if (XMEMCMP(adler32, out, 4)) { -#ifdef LTC_TEST_DBG - ulong32 _out, _adler32; - LOAD32H(_out, out); - LOAD32H(_adler32, adler32); - printf("adler32 fail! Is: 0x%x Should: 0x%x\n", _out, _adler32); -#endif + if (compare_testvector(adler32, 4, out, 4, "adler32", 0)) { return CRYPT_FAIL_TESTVECTOR; } return CRYPT_OK; @@ -134,6 +126,6 @@ int adler32_test(void) } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base32/base32_decode.c b/src/ltc/misc/base32/base32_decode.c new file mode 100644 index 0000000..8bbb19c --- /dev/null +++ b/src/ltc/misc/base32/base32_decode.c @@ -0,0 +1,122 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_BASE32 + +/** + Base32 decode a buffer + @param in The Base32 data to decode + @param inlen The length of the Base32 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD + @return CRYPT_OK if successful +*/ +int base32_decode(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + base32_alphabet id) +{ + unsigned long x; + int y = 0; + ulong64 t = 0; + unsigned char c; + const unsigned char *map; + const unsigned char tables[4][43] = { + { /* id = BASE32_RFC4648 : ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 */ + 99/*0*/,99/*1*/,26/*2*/,27/*3*/,28/*4*/,29/*5*/,30/*6*/,31/*7*/,99/*8*/,99/*9*/, + 99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/, + 0/*A*/, 1/*B*/, 2/*C*/, 3/*D*/, 4/*E*/, 5/*F*/, 6/*G*/, 7/*H*/, 8/*I*/, 9/*J*/,10/*K*/,11/*L*/,12/*M*/, + 13/*N*/,14/*O*/,15/*P*/,16/*Q*/,17/*R*/,18/*S*/,19/*T*/,20/*U*/,21/*V*/,22/*W*/,23/*X*/,24/*Y*/,25/*Z*/ + }, + { /* id = BASE32_BASE32HEX : 0123456789ABCDEFGHIJKLMNOPQRSTUV */ + 0/*0*/, 1/*1*/, 2/*2*/, 3/*3*/, 4/*4*/, 5/*5*/, 6/*6*/, 7/*7*/, 8/*8*/, 9/*9*/, + 99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/, + 10/*A*/,11/*B*/,12/*C*/,13/*D*/,14/*E*/,15/*F*/,16/*G*/,17/*H*/,18/*I*/,19/*J*/,20/*K*/,21/*L*/,22/*M*/, + 23/*N*/,24/*O*/,25/*P*/,26/*Q*/,27/*R*/,28/*S*/,29/*T*/,30/*U*/,31/*V*/,99/*W*/,99/*X*/,99/*Y*/,99/*Z*/ + }, + { /* id = BASE32_ZBASE32 : YBNDRFG8EJKMCPQXOT1UWISZA345H769 */ + 99/*0*/,18/*1*/,99/*2*/,25/*3*/,26/*4*/,27/*5*/,30/*6*/,29/*7*/, 7/*8*/,31/*9*/, + 99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/, + 24/*A*/, 1/*B*/,12/*C*/, 3/*D*/, 8/*E*/, 5/*F*/, 6/*G*/,28/*H*/,21/*I*/, 9/*J*/,10/*K*/,99/*L*/,11/*M*/, + 2/*N*/,16/*O*/,13/*P*/,14/*Q*/, 4/*R*/,22/*S*/,17/*T*/,19/*U*/,99/*V*/,20/*W*/,15/*X*/, 0/*Y*/,23/*Z*/ + }, + { /* id = BASE32_CROCKFORD : 0123456789ABCDEFGHJKMNPQRSTVWXYZ + O=>0 + IL=>1 */ + 0/*0*/, 1/*1*/, 2/*2*/, 3/*3*/, 4/*4*/, 5/*5*/, 6/*6*/, 7/*7*/, 8/*8*/, 9/*9*/, + 99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/, + 10/*A*/,11/*B*/,12/*C*/,13/*D*/,14/*E*/,15/*F*/,16/*G*/,17/*H*/, 1/*I*/,18/*J*/,19/*K*/, 1/*L*/,20/*M*/, + 21/*N*/, 0/*O*/,22/*P*/,23/*Q*/,24/*R*/,25/*S*/,26/*T*/,99/*U*/,27/*V*/,28/*W*/,29/*X*/,30/*Y*/,31/*Z*/ + } + }; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(id >= BASE32_RFC4648); + LTC_ARGCHK(id <= BASE32_CROCKFORD); + + /* ignore all trailing = */ + while (inlen > 0 && in[inlen-1] == '=') inlen--; + + /* no input, nothing to do */ + if (inlen == 0) { + *outlen = 0; + return CRYPT_OK; + } + + /* check the size of output buffer */ + x = (inlen * 5) / 8; + if (*outlen < x) { + *outlen = x; + return CRYPT_BUFFER_OVERFLOW; + } + *outlen = x; + + /* check input data length */ + x = inlen % 8; + if (x == 1 || x == 3 || x == 6) { + return CRYPT_INVALID_PACKET; + } + + map = tables[id]; + for (x = 0; x < inlen; x++) { + c = in[x]; + /* convert to upper case */ + if ((c >= 'a') && (c <= 'z')) c -= 32; + /* '0' = 48 .. 'Z' = 90 */ + if (c < 48 || c > 90 || map[c-48] > 31) { + return CRYPT_INVALID_PACKET; + } + t = (t<<5)|map[c-48]; + if (++y == 8) { + *out++ = (unsigned char)((t>>32) & 255); + *out++ = (unsigned char)((t>>24) & 255); + *out++ = (unsigned char)((t>>16) & 255); + *out++ = (unsigned char)((t>> 8) & 255); + *out++ = (unsigned char)( t & 255); + y = 0; + t = 0; + } + } + if (y > 0) { + t = t << (5 * (8 - y)); + if (y >= 2) *out++ = (unsigned char)((t>>32) & 255); + if (y >= 4) *out++ = (unsigned char)((t>>24) & 255); + if (y >= 5) *out++ = (unsigned char)((t>>16) & 255); + if (y >= 7) *out++ = (unsigned char)((t>> 8) & 255); + } + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base32/base32_encode.c b/src/ltc/misc/base32/base32_encode.c new file mode 100644 index 0000000..60fbd8d --- /dev/null +++ b/src/ltc/misc/base32/base32_encode.c @@ -0,0 +1,95 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_BASE32 + +/** + Base32 encode a buffer + @param in The input buffer to encode + @param inlen The length of the input buffer + @param out [out] The destination of the Base32 encoded data + @param outlen [in/out] The max size and resulting size of the encoded data + @param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD + @return CRYPT_OK if successful +*/ +int base32_encode(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + base32_alphabet id) +{ + unsigned long i, x; + unsigned char *codes; + const char *alphabet[4] = { + "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567", /* id = BASE32_RFC4648 */ + "0123456789ABCDEFGHIJKLMNOPQRSTUV", /* id = BASE32_BASE32HEX */ + "ybndrfg8ejkmcpqxot1uwisza345h769", /* id = BASE32_ZBASE32 */ + "0123456789ABCDEFGHJKMNPQRSTVWXYZ" /* id = BASE32_CROCKFORD */ + }; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(id >= BASE32_RFC4648); + LTC_ARGCHK(id <= BASE32_CROCKFORD); + + /* no input, nothing to do */ + if (inlen == 0) { + *outlen = 0; + return CRYPT_OK; + } + + /* check the size of output buffer */ + x = (8 * inlen + 4) / 5; + if (*outlen < x) { + *outlen = x; + return CRYPT_BUFFER_OVERFLOW; + } + *outlen = x; + + codes = (unsigned char*)alphabet[id]; + x = 5 * (inlen / 5); + for (i = 0; i < x; i += 5) { + *out++ = codes[(in[0] >> 3) & 0x1F]; + *out++ = codes[(((in[0] & 0x7) << 2) + (in[1] >> 6)) & 0x1F]; + *out++ = codes[(in[1] >> 1) & 0x1F]; + *out++ = codes[(((in[1] & 0x1) << 4) + (in[2] >> 4)) & 0x1F]; + *out++ = codes[(((in[2] & 0xF) << 1) + (in[3] >> 7)) & 0x1F]; + *out++ = codes[(in[3] >> 2) & 0x1F]; + *out++ = codes[(((in[3] & 0x3) << 3) + (in[4] >> 5)) & 0x1F]; + *out++ = codes[in[4] & 0x1F]; + in += 5; + } + if (i < inlen) { + unsigned a = in[0]; + unsigned b = (i+1 < inlen) ? in[1] : 0; + unsigned c = (i+2 < inlen) ? in[2] : 0; + unsigned d = (i+3 < inlen) ? in[3] : 0; + *out++ = codes[(a >> 3) & 0x1F]; + *out++ = codes[(((a & 0x7) << 2) + (b >> 6)) & 0x1F]; + if (i+1 < inlen) { + *out++ = codes[(b >> 1) & 0x1F]; + *out++ = codes[(((b & 0x1) << 4) + (c >> 4)) & 0x1F]; + } + if (i+2 < inlen) { + *out++ = codes[(((c & 0xF) << 1) + (d >> 7)) & 0x1F]; + *out++ = codes[(d >> 2) & 0x1F]; + } + if (i+3 < inlen) { + *out++ = codes[((d & 0x3) << 3) & 0x1F]; + } + } + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base64/base64_decode.c b/src/ltc/misc/base64/base64_decode.c index d3b89b1..4c58c68 100644 --- a/src/ltc/misc/base64/base64_decode.c +++ b/src/ltc/misc/base64/base64_decode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -193,6 +191,6 @@ int base64url_strict_decode(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base64/base64_encode.c b/src/ltc/misc/base64/base64_encode.c index ea3eadd..5c26e60 100644 --- a/src/ltc/misc/base64/base64_encode.c +++ b/src/ltc/misc/base64/base64_encode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -121,6 +119,6 @@ int base64url_strict_encode(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/burn_stack.c b/src/ltc/misc/burn_stack.c index 2610c06..afbafee 100644 --- a/src/ltc/misc/burn_stack.c +++ b/src/ltc/misc/burn_stack.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -29,6 +27,6 @@ void burn_stack(unsigned long len) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/compare_testvector.c b/src/ltc/misc/compare_testvector.c new file mode 100644 index 0000000..74cebcc --- /dev/null +++ b/src/ltc/misc/compare_testvector.c @@ -0,0 +1,91 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file compare_testvector.c + Function to compare two testvectors and print a (detailed) error-message if required, Steffen Jaeckel +*/ + +#if defined(LTC_TEST) && defined(LTC_TEST_DBG) +static void _print_hex(const char* what, const void* v, const unsigned long l) +{ + const unsigned char* p = v; + unsigned long x, y = 0, z; + fprintf(stderr, "%s contents: \n", what); + for (x = 0; x < l; ) { + fprintf(stderr, "%02X ", p[x]); + if (!(++x % 16) || x == l) { + if((x % 16) != 0) { + z = 16 - (x % 16); + if(z >= 8) + fprintf(stderr, " "); + for (; z != 0; --z) { + fprintf(stderr, " "); + } + } + fprintf(stderr, " | "); + for(; y < x; y++) { + if((y % 8) == 0) + fprintf(stderr, " "); + if(isgraph(p[y])) + fprintf(stderr, "%c", p[y]); + else + fprintf(stderr, "."); + } + fprintf(stderr, "\n"); + } + else if((x % 8) == 0) { + fprintf(stderr, " "); + } + } +} +#endif + +/** + Compare two test-vectors + + @param is The data as it is + @param is_len The length of is + @param should The data as it should + @param should_len The length of should + @param what The type of the data + @param which The iteration count + @return 0 on equality, -1 or 1 on difference +*/ +int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which) +{ + int res = 0; + if(is_len != should_len) + res = is_len > should_len ? -1 : 1; + else + res = XMEMCMP(is, should, is_len); + +#if defined(LTC_TEST) && defined(LTC_TEST_DBG) + if (res != 0) { + fprintf(stderr, "Testvector #%i of %s failed:\n", which, what); + _print_hex("SHOULD", should, should_len); + _print_hex("IS ", is, is_len); +#if LTC_TEST_DBG > 1 + } else { + fprintf(stderr, "Testvector #%i of %s passed!\n", which, what); +#endif + } +#else + LTC_UNUSED_PARAM(which); + LTC_UNUSED_PARAM(what); +#endif + + return res; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/copy_or_zeromem.c b/src/ltc/misc/copy_or_zeromem.c new file mode 100644 index 0000000..ec78fed --- /dev/null +++ b/src/ltc/misc/copy_or_zeromem.c @@ -0,0 +1,61 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file copy_or_zeromem.c + Either copy or zero a block of memory in constant time, Steffen Jaeckel +*/ + +/** + Either copy or zero a block of memory in constant time + @param src The source where to read from + @param dest The destination where to write to + @param len The length of the area to process (octets) + @param coz Copy (on 0) Or Zero (> 0) +*/ +void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz) +{ + unsigned long y; +#ifdef LTC_FAST + unsigned long z; + LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all ones */ +#endif + unsigned char mask = 0xff; /* initialize mask at all ones */ + + LTC_ARGCHK(src != NULL); + LTC_ARGCHK(dest != NULL); + + if (coz != 0) coz = 1; + y = 0; + mask *= 1 - coz; /* mask = ( coz ? 0 : 0xff ) */ +#ifdef LTC_FAST + fastMask *= 1 - coz; + if (len & ~15) { + for (; y < (len & ~15); y += 16) { + for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { + *(LTC_FAST_TYPE_PTR_CAST(&dest[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&src[y+z])) & fastMask; + } + } + } +#endif + for (; y < len; y++) { + dest[y] = src[y] & mask; + } +#ifdef LTC_CLEAN_STACK +#ifdef LTC_FAST + fastMask = 0; +#endif + mask = 0; +#endif +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crc32.c b/src/ltc/misc/crc32.c index 8228c29..beb54fc 100644 --- a/src/ltc/misc/crc32.c +++ b/src/ltc/misc/crc32.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -191,13 +189,7 @@ int crc32_test(void) crc32_init(&ctx); crc32_update(&ctx, in, strlen(in)); crc32_finish(&ctx, out, 4); - if (XMEMCMP(crc32, out, 4)) { -#ifdef LTC_TEST_DBG - ulong32 _out, _crc32; - LOAD32H(_out, out); - LOAD32H(_crc32, crc32); - printf("crc32 fail! Is: 0x%x Should: 0x%x\n", _out, _crc32); -#endif + if (compare_testvector(crc32, 4, out, 4, "CRC32", 0)) { return CRYPT_FAIL_TESTVECTOR; } return CRYPT_OK; @@ -205,6 +197,6 @@ int crc32_test(void) } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt.c b/src/ltc/misc/crypt/crypt.c index cfe2606..bd57a0a 100644 --- a/src/ltc/misc/crypt/crypt.c +++ b/src/ltc/misc/crypt/crypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,7 +16,7 @@ #define NAME(s) #s const char *crypt_build_settings = - "LibTomCrypt " SCRYPT " (Tom St Denis, tomstdenis@gmail.com)\n" + "LibTomCrypt " SCRYPT " (www.libtom.net)\n" "LibTomCrypt is public domain software.\n" #if defined(INCLUDE_BUILD_DATE) "Built on " __DATE__ " at " __TIME__ "\n" @@ -45,7 +43,7 @@ const char *crypt_build_settings = #else "disabled\n" #endif - "Ciphers built-in:\n" + "\nCiphers built-in:\n" #if defined(LTC_BLOWFISH) " Blowfish\n" #endif @@ -123,11 +121,26 @@ const char *crypt_build_settings = #endif #if defined(LTC_CAMELLIA) " Camellia\n" +#endif +#if defined(LTC_IDEA) + " IDEA\n" +#endif +#if defined(LTC_SERPENT) + " Serpent\n" #endif "Stream ciphers built-in:\n" #if defined(LTC_CHACHA) " ChaCha\n" #endif +#if defined(LTC_SALSA20) + " Salsa20\n" +#endif +#if defined(LTC_SOSEMANUK) + " Sosemanuk\n" +#endif +#if defined(LTC_RABBIT) + " Rabbit\n" +#endif #if defined(LTC_RC4_STREAM) " RC4\n" #endif @@ -139,6 +152,9 @@ const char *crypt_build_settings = #if defined(LTC_SHA3) " SHA3\n" #endif +#if defined(LTC_KECCAK) + " KECCAK\n" +#endif #if defined(LTC_SHA512) " SHA-512\n" #endif @@ -303,7 +319,7 @@ const char *crypt_build_settings = " SOBER128\n" #endif - "\nPK Algs:\n" + "\nPK Crypto:\n" #if defined(LTC_MRSA) " RSA" #if defined(LTC_RSA_BLINDING) && defined(LTC_RSA_CRT_HARDENING) @@ -331,6 +347,26 @@ const char *crypt_build_settings = #if defined(LTC_MKAT) " Katja\n" #endif +#if defined(LTC_PK_MAX_RETRIES) + " "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n" +#endif + + "\nMPI (Math):\n" +#if defined(LTC_MPI) + " LTC_MPI\n" +#endif +#if defined(LTM_DESC) + " LTM_DESC\n" +#endif +#if defined(TFM_DESC) + " TFM_DESC\n" +#endif +#if defined(GMP_DESC) + " GMP_DESC\n" +#endif +#if defined(LTC_MILLER_RABIN_REPS) + " "NAME_VALUE(LTC_MILLER_RABIN_REPS)"\n" +#endif "\nCompiler:\n" #if defined(_WIN64) @@ -363,6 +399,9 @@ const char *crypt_build_settings = #endif "\nVarious others: " +#if defined(ARGTYPE) + " " NAME_VALUE(ARGTYPE) " " +#endif #if defined(LTC_ADLER32) " ADLER32 " #endif @@ -372,15 +411,15 @@ const char *crypt_build_settings = #if defined(LTC_BASE64_URL) " BASE64-URL-SAFE " #endif +#if defined(LTC_BASE32) + " BASE32 " +#endif #if defined(LTC_CRC32) " CRC32 " #endif #if defined(LTC_DER) " DER " #endif -#if defined(LTC_DER_MAX_PUBKEY_SIZE) - " " NAME_VALUE(LTC_DER_MAX_PUBKEY_SIZE) " " -#endif #if defined(LTC_PKCS_1) " PKCS#1 " #endif @@ -390,9 +429,6 @@ const char *crypt_build_settings = #if defined(LTC_HKDF) " HKDF " #endif -#if defined(MPI) - " MPI " -#endif #if defined(LTC_DEVRANDOM) " LTC_DEVRANDOM " #endif @@ -417,6 +453,9 @@ const char *crypt_build_settings = #if defined(LTC_TEST) " LTC_TEST " #endif +#if defined(LTC_TEST_DBG) + " " NAME_VALUE(LTC_TEST_DBG) " " +#endif #if defined(LTC_TEST_EXT) " LTC_TEST_EXT " #endif @@ -456,15 +495,6 @@ const char *crypt_build_settings = #if defined(LTC_PTHREAD) " LTC_PTHREAD " #endif -#if defined(LTM_DESC) - " LTM_DESC " -#endif -#if defined(TFM_DESC) - " TFM_DESC " -#endif -#if defined(GMP_DESC) - " GMP_DESC " -#endif #if defined(LTC_EASY) " LTC_EASY " #endif @@ -481,6 +511,6 @@ const char *crypt_build_settings = ; -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_argchk.c b/src/ltc/misc/crypt/crypt_argchk.c index 8588896..da7306b 100644 --- a/src/ltc/misc/crypt/crypt_argchk.c +++ b/src/ltc/misc/crypt/crypt_argchk.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -16,7 +14,7 @@ */ #if (ARGTYPE == 0) -void crypt_argchk(char *v, char *s, int d) +void crypt_argchk(const char *v, const char *s, int d) { fprintf(stderr, "LTC_ARGCHK '%s' failure on line %d of file %s\n", v, d, s); @@ -24,6 +22,6 @@ void crypt_argchk(char *v, char *s, int d) } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_cipher_descriptor.c b/src/ltc/misc/crypt/crypt_cipher_descriptor.c index 2e35787..ccc9890 100644 --- a/src/ltc/misc/crypt/crypt_cipher_descriptor.c +++ b/src/ltc/misc/crypt/crypt_cipher_descriptor.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -22,6 +20,6 @@ struct ltc_cipher_descriptor cipher_descriptor[TAB_SIZE] = { LTC_MUTEX_GLOBAL(ltc_cipher_mutex) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_cipher_is_valid.c b/src/ltc/misc/crypt/crypt_cipher_is_valid.c index 35f1ace..aebc94c 100644 --- a/src/ltc/misc/crypt/crypt_cipher_is_valid.c +++ b/src/ltc/misc/crypt/crypt_cipher_is_valid.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,6 +29,6 @@ int cipher_is_valid(int idx) return CRYPT_OK; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_constants.c b/src/ltc/misc/crypt/crypt_constants.c new file mode 100644 index 0000000..9e76322 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_constants.c @@ -0,0 +1,296 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file crypt_constants.c + + Make various constants available to dynamic languages + like Python - Larry Bugbee, February 2013 + + LB - Dec 2013 - revised to include compiler define options + LB - Mar 2014 - added endianness and word size +*/ + +typedef struct { + const char *name; + const int value; +} crypt_constant; + +#define _C_STRINGIFY(s) { #s, s } + +static const crypt_constant _crypt_constants[] = { + + _C_STRINGIFY(CRYPT_OK), + _C_STRINGIFY(CRYPT_ERROR), + _C_STRINGIFY(CRYPT_NOP), + _C_STRINGIFY(CRYPT_INVALID_KEYSIZE), + _C_STRINGIFY(CRYPT_INVALID_ROUNDS), + _C_STRINGIFY(CRYPT_FAIL_TESTVECTOR), + _C_STRINGIFY(CRYPT_BUFFER_OVERFLOW), + _C_STRINGIFY(CRYPT_INVALID_PACKET), + _C_STRINGIFY(CRYPT_INVALID_PRNGSIZE), + _C_STRINGIFY(CRYPT_ERROR_READPRNG), + _C_STRINGIFY(CRYPT_INVALID_CIPHER), + _C_STRINGIFY(CRYPT_INVALID_HASH), + _C_STRINGIFY(CRYPT_INVALID_PRNG), + _C_STRINGIFY(CRYPT_MEM), + _C_STRINGIFY(CRYPT_PK_TYPE_MISMATCH), + _C_STRINGIFY(CRYPT_PK_NOT_PRIVATE), + _C_STRINGIFY(CRYPT_INVALID_ARG), + _C_STRINGIFY(CRYPT_FILE_NOTFOUND), + _C_STRINGIFY(CRYPT_PK_INVALID_TYPE), + _C_STRINGIFY(CRYPT_OVERFLOW), + _C_STRINGIFY(CRYPT_PK_ASN1_ERROR), + _C_STRINGIFY(CRYPT_INPUT_TOO_LONG), + _C_STRINGIFY(CRYPT_PK_INVALID_SIZE), + _C_STRINGIFY(CRYPT_INVALID_PRIME_SIZE), + _C_STRINGIFY(CRYPT_PK_INVALID_PADDING), + _C_STRINGIFY(CRYPT_HASH_OVERFLOW), + + _C_STRINGIFY(PK_PUBLIC), + _C_STRINGIFY(PK_PRIVATE), + + _C_STRINGIFY(LTC_ENCRYPT), + _C_STRINGIFY(LTC_DECRYPT), + +#ifdef LTC_PKCS_1 + {"LTC_PKCS_1", 1}, + /* Block types */ + _C_STRINGIFY(LTC_PKCS_1_EMSA), + _C_STRINGIFY(LTC_PKCS_1_EME), + + /* Padding types */ + _C_STRINGIFY(LTC_PKCS_1_V1_5), + _C_STRINGIFY(LTC_PKCS_1_OAEP), + _C_STRINGIFY(LTC_PKCS_1_PSS), + _C_STRINGIFY(LTC_PKCS_1_V1_5_NA1), +#else + {"LTC_PKCS_1", 0}, +#endif + +#ifdef LTC_MRSA + {"LTC_MRSA", 1}, +#else + {"LTC_MRSA", 0}, +#endif + +#ifdef LTC_MKAT + {"LTC_MKAT", 1}, + _C_STRINGIFY(MIN_KAT_SIZE), + _C_STRINGIFY(MAX_KAT_SIZE), +#else + {"LTC_MKAT", 0}, +#endif + +#ifdef LTC_MECC + {"LTC_MECC", 1}, + _C_STRINGIFY(ECC_BUF_SIZE), + _C_STRINGIFY(ECC_MAXSIZE), +#else + {"LTC_MECC", 0}, +#endif + +#ifdef LTC_MDSA + {"LTC_MDSA", 1}, + _C_STRINGIFY(LTC_MDSA_DELTA), + _C_STRINGIFY(LTC_MDSA_MAX_GROUP), +#else + {"LTC_MDSA", 0}, +#endif + +#ifdef LTC_MILLER_RABIN_REPS + _C_STRINGIFY(LTC_MILLER_RABIN_REPS), +#endif + +#ifdef LTC_DER +/* DER handling */ + _C_STRINGIFY(LTC_ASN1_EOL), + _C_STRINGIFY(LTC_ASN1_BOOLEAN), + _C_STRINGIFY(LTC_ASN1_INTEGER), + _C_STRINGIFY(LTC_ASN1_SHORT_INTEGER), + _C_STRINGIFY(LTC_ASN1_BIT_STRING), + _C_STRINGIFY(LTC_ASN1_OCTET_STRING), + _C_STRINGIFY(LTC_ASN1_NULL), + _C_STRINGIFY(LTC_ASN1_OBJECT_IDENTIFIER), + _C_STRINGIFY(LTC_ASN1_IA5_STRING), + _C_STRINGIFY(LTC_ASN1_PRINTABLE_STRING), + _C_STRINGIFY(LTC_ASN1_UTF8_STRING), + _C_STRINGIFY(LTC_ASN1_UTCTIME), + _C_STRINGIFY(LTC_ASN1_CHOICE), + _C_STRINGIFY(LTC_ASN1_SEQUENCE), + _C_STRINGIFY(LTC_ASN1_SET), + _C_STRINGIFY(LTC_ASN1_SETOF), + _C_STRINGIFY(LTC_ASN1_RAW_BIT_STRING), + _C_STRINGIFY(LTC_ASN1_TELETEX_STRING), + _C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME), + _C_STRINGIFY(LTC_ASN1_CUSTOM_TYPE), +#endif + +#ifdef LTC_CTR_MODE + {"LTC_CTR_MODE", 1}, + _C_STRINGIFY(CTR_COUNTER_LITTLE_ENDIAN), + _C_STRINGIFY(CTR_COUNTER_BIG_ENDIAN), + _C_STRINGIFY(LTC_CTR_RFC3686), +#else + {"LTC_CTR_MODE", 0}, +#endif +#ifdef LTC_GCM_MODE + _C_STRINGIFY(LTC_GCM_MODE_IV), + _C_STRINGIFY(LTC_GCM_MODE_AAD), + _C_STRINGIFY(LTC_GCM_MODE_TEXT), +#endif + + _C_STRINGIFY(LTC_MP_LT), + _C_STRINGIFY(LTC_MP_EQ), + _C_STRINGIFY(LTC_MP_GT), + + _C_STRINGIFY(LTC_MP_NO), + _C_STRINGIFY(LTC_MP_YES), + + _C_STRINGIFY(MAXBLOCKSIZE), + _C_STRINGIFY(TAB_SIZE), + _C_STRINGIFY(ARGTYPE), + +#ifdef LTM_DESC + {"LTM_DESC", 1}, +#else + {"LTM_DESC", 0}, +#endif +#ifdef TFM_DESC + {"TFM_DESC", 1}, +#else + {"TFM_DESC", 0}, +#endif +#ifdef GMP_DESC + {"GMP_DESC", 1}, +#else + {"GMP_DESC", 0}, +#endif + +#ifdef LTC_FAST + {"LTC_FAST", 1}, +#else + {"LTC_FAST", 0}, +#endif + +#ifdef LTC_NO_FILE + {"LTC_NO_FILE", 1}, +#else + {"LTC_NO_FILE", 0}, +#endif + +#ifdef ENDIAN_LITTLE + {"ENDIAN_LITTLE", 1}, +#else + {"ENDIAN_LITTLE", 0}, +#endif + +#ifdef ENDIAN_BIG + {"ENDIAN_BIG", 1}, +#else + {"ENDIAN_BIG", 0}, +#endif + +#ifdef ENDIAN_32BITWORD + {"ENDIAN_32BITWORD", 1}, +#else + {"ENDIAN_32BITWORD", 0}, +#endif + +#ifdef ENDIAN_64BITWORD + {"ENDIAN_64BITWORD", 1}, +#else + {"ENDIAN_64BITWORD", 0}, +#endif + +#ifdef ENDIAN_NEUTRAL + {"ENDIAN_NEUTRAL", 1}, +#else + {"ENDIAN_NEUTRAL", 0}, +#endif +}; + + +/* crypt_get_constant() + * valueout will be the value of the named constant + * return -1 if named item not found + */ +int crypt_get_constant(const char* namein, int *valueout) { + int i; + int _crypt_constants_len = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]); + for (i=0; i<_crypt_constants_len; i++) { + if (XSTRCMP(_crypt_constants[i].name, namein) == 0) { + *valueout = _crypt_constants[i].value; + return 0; + } + } + return 1; +} + +/* crypt_list_all_constants() + * if names_list is NULL, names_list_size will be the minimum + * number of bytes needed to receive the complete names_list + * if names_list is NOT NULL, names_list must be the addr of + * sufficient memory allocated into which the names_list + * is to be written. Also, the value in names_list_size + * sets the upper bound of the number of characters to be + * written. + * a -1 return value signifies insufficient space made available + */ +int crypt_list_all_constants(char *names_list, unsigned int *names_list_size) { + int i; + unsigned int total_len = 0; + char number[32], *ptr; + int number_len; + int count = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]); + + /* calculate amount of memory required for the list */ + for (i=0; i= sizeof(number))) + return -1; + total_len += number_len + 1; + /* this last +1 is for newlines (and ending NULL) */ + } + + if (names_list == NULL) { + *names_list_size = total_len; + } else { + if (total_len > *names_list_size) { + return -1; + } + /* build the names list */ + ptr = names_list; + for (i=0; i @@ -53,6 +51,6 @@ int crypt_fsa(void *mp, ...) } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_hash_descriptor.c b/src/ltc/misc/crypt/crypt_hash_descriptor.c index 4e8bce1..6e1103f 100644 --- a/src/ltc/misc/crypt/crypt_hash_descriptor.c +++ b/src/ltc/misc/crypt/crypt_hash_descriptor.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -22,6 +20,6 @@ struct ltc_hash_descriptor hash_descriptor[TAB_SIZE] = { LTC_MUTEX_GLOBAL(ltc_hash_mutex) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_hash_is_valid.c b/src/ltc/misc/crypt/crypt_hash_is_valid.c index dbab714..ca75f05 100644 --- a/src/ltc/misc/crypt/crypt_hash_is_valid.c +++ b/src/ltc/misc/crypt/crypt_hash_is_valid.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,6 +29,6 @@ int hash_is_valid(int idx) return CRYPT_OK; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_inits.c b/src/ltc/misc/crypt/crypt_inits.c index cc92f52..871417c 100644 --- a/src/ltc/misc/crypt/crypt_inits.c +++ b/src/ltc/misc/crypt/crypt_inits.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -19,26 +17,75 @@ #ifdef LTM_DESC -void init_LTM(void) { +void init_LTM(void) +{ ltc_mp = ltm_desc; } #endif #ifdef TFM_DESC -void init_TFM(void) { +void init_TFM(void) +{ ltc_mp = tfm_desc; } #endif -/* *** use of GMP is untested *** #ifdef GMP_DESC -void init_GMP(void) { +void init_GMP(void) +{ ltc_mp = gmp_desc; } #endif -*/ + +int crypt_mp_init(const char* mpi) +{ + if (mpi == NULL) return CRYPT_ERROR; + switch (mpi[0]) { +#ifdef LTM_DESC + case 'l': + case 'L': + ltc_mp = ltm_desc; + return CRYPT_OK; +#endif +#ifdef TFM_DESC + case 't': + case 'T': + ltc_mp = tfm_desc; + return CRYPT_OK; +#endif +#ifdef GMP_DESC + case 'g': + case 'G': + ltc_mp = gmp_desc; + return CRYPT_OK; +#endif +#ifdef EXT_MATH_LIB + case 'e': + case 'E': + { + extern ltc_math_descriptor EXT_MATH_LIB; + ltc_mp = EXT_MATH_LIB; + } + +#if defined(LTC_TEST_DBG) +#define NAME_VALUE(s) #s"="NAME(s) +#define NAME(s) #s + printf("EXT_MATH_LIB = %s\n", NAME_VALUE(EXT_MATH_LIB)); +#undef NAME_VALUE +#undef NAME +#endif + + return CRYPT_OK; +#endif + default: +#if defined(LTC_TEST_DBG) + printf("Unknown/Invalid MPI provider: %s\n", mpi); +#endif + return CRYPT_ERROR; + } +} -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c b/src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c index 0577d1d..0f1407c 100644 --- a/src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c +++ b/src/ltc/misc/crypt/crypt_ltc_mp_descriptor.c @@ -5,9 +5,12 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" -ltc_math_descriptor ltc_mp; +/* Initialize ltc_mp to nulls, to force allocation on all platforms, including macOS. */ +ltc_math_descriptor ltc_mp = { 0 }; + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_prng_descriptor.c b/src/ltc/misc/crypt/crypt_prng_descriptor.c index 926f3bb..276047c 100644 --- a/src/ltc/misc/crypt/crypt_prng_descriptor.c +++ b/src/ltc/misc/crypt/crypt_prng_descriptor.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -21,6 +19,6 @@ struct ltc_prng_descriptor prng_descriptor[TAB_SIZE] = { LTC_MUTEX_GLOBAL(ltc_prng_mutex) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_prng_is_valid.c b/src/ltc/misc/crypt/crypt_prng_is_valid.c index ccc6e04..9930a06 100644 --- a/src/ltc/misc/crypt/crypt_prng_is_valid.c +++ b/src/ltc/misc/crypt/crypt_prng_is_valid.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,6 +29,6 @@ int prng_is_valid(int idx) return CRYPT_OK; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_prng_rng_descriptor.c b/src/ltc/misc/crypt/crypt_prng_rng_descriptor.c new file mode 100644 index 0000000..1a79337 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_prng_rng_descriptor.c @@ -0,0 +1,17 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +#ifdef LTC_PRNG_ENABLE_LTC_RNG +unsigned long (*ltc_rng)(unsigned char *out, unsigned long outlen, void (*callback)(void)); +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_all_ciphers.c b/src/ltc/misc/crypt/crypt_register_all_ciphers.c new file mode 100644 index 0000000..8d1c939 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_register_all_ciphers.c @@ -0,0 +1,106 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file crypt_register_all_ciphers.c + + Steffen Jaeckel +*/ + +#define REGISTER_CIPHER(h) do {\ + LTC_ARGCHK(register_cipher(h) != -1); \ +} while(0) + +int register_all_ciphers(void) +{ +#ifdef LTC_RIJNDAEL +#ifdef ENCRYPT_ONLY + /* alternative would be + * register_cipher(&rijndael_enc_desc); + */ + REGISTER_CIPHER(&aes_enc_desc); +#else + /* alternative would be + * register_cipher(&rijndael_desc); + */ + REGISTER_CIPHER(&aes_desc); +#endif +#endif +#ifdef LTC_BLOWFISH + REGISTER_CIPHER(&blowfish_desc); +#endif +#ifdef LTC_XTEA + REGISTER_CIPHER(&xtea_desc); +#endif +#ifdef LTC_RC5 + REGISTER_CIPHER(&rc5_desc); +#endif +#ifdef LTC_RC6 + REGISTER_CIPHER(&rc6_desc); +#endif +#ifdef LTC_SAFERP + REGISTER_CIPHER(&saferp_desc); +#endif +#ifdef LTC_TWOFISH + REGISTER_CIPHER(&twofish_desc); +#endif +#ifdef LTC_SAFER + REGISTER_CIPHER(&safer_k64_desc); + REGISTER_CIPHER(&safer_sk64_desc); + REGISTER_CIPHER(&safer_k128_desc); + REGISTER_CIPHER(&safer_sk128_desc); +#endif +#ifdef LTC_RC2 + REGISTER_CIPHER(&rc2_desc); +#endif +#ifdef LTC_DES + REGISTER_CIPHER(&des_desc); + REGISTER_CIPHER(&des3_desc); +#endif +#ifdef LTC_CAST5 + REGISTER_CIPHER(&cast5_desc); +#endif +#ifdef LTC_NOEKEON + REGISTER_CIPHER(&noekeon_desc); +#endif +#ifdef LTC_SKIPJACK + REGISTER_CIPHER(&skipjack_desc); +#endif +#ifdef LTC_ANUBIS + REGISTER_CIPHER(&anubis_desc); +#endif +#ifdef LTC_KHAZAD + REGISTER_CIPHER(&khazad_desc); +#endif +#ifdef LTC_KSEED + REGISTER_CIPHER(&kseed_desc); +#endif +#ifdef LTC_KASUMI + REGISTER_CIPHER(&kasumi_desc); +#endif +#ifdef LTC_MULTI2 + REGISTER_CIPHER(&multi2_desc); +#endif +#ifdef LTC_CAMELLIA + REGISTER_CIPHER(&camellia_desc); +#endif +#ifdef LTC_IDEA + REGISTER_CIPHER(&idea_desc); +#endif +#ifdef LTC_SERPENT + REGISTER_CIPHER(&serpent_desc); +#endif + return CRYPT_OK; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_all_hashes.c b/src/ltc/misc/crypt/crypt_register_all_hashes.c new file mode 100644 index 0000000..585b9b6 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_register_all_hashes.c @@ -0,0 +1,105 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file crypt_register_all_hashes.c + + Steffen Jaeckel +*/ + +#define REGISTER_HASH(h) do {\ + LTC_ARGCHK(register_hash(h) != -1); \ +} while(0) + +int register_all_hashes(void) +{ +#ifdef LTC_TIGER + REGISTER_HASH(&tiger_desc); +#endif +#ifdef LTC_MD2 + REGISTER_HASH(&md2_desc); +#endif +#ifdef LTC_MD4 + REGISTER_HASH(&md4_desc); +#endif +#ifdef LTC_MD5 + REGISTER_HASH(&md5_desc); +#endif +#ifdef LTC_SHA1 + REGISTER_HASH(&sha1_desc); +#endif +#ifdef LTC_SHA224 + REGISTER_HASH(&sha224_desc); +#endif +#ifdef LTC_SHA256 + REGISTER_HASH(&sha256_desc); +#endif +#ifdef LTC_SHA384 + REGISTER_HASH(&sha384_desc); +#endif +#ifdef LTC_SHA512 + REGISTER_HASH(&sha512_desc); +#endif +#ifdef LTC_SHA512_224 + REGISTER_HASH(&sha512_224_desc); +#endif +#ifdef LTC_SHA512_256 + REGISTER_HASH(&sha512_256_desc); +#endif +#ifdef LTC_SHA3 + REGISTER_HASH(&sha3_224_desc); + REGISTER_HASH(&sha3_256_desc); + REGISTER_HASH(&sha3_384_desc); + REGISTER_HASH(&sha3_512_desc); +#endif +#ifdef LTC_KECCAK + REGISTER_HASH(&keccak_224_desc); + REGISTER_HASH(&keccak_256_desc); + REGISTER_HASH(&keccak_384_desc); + REGISTER_HASH(&keccak_512_desc); +#endif +#ifdef LTC_RIPEMD128 + REGISTER_HASH(&rmd128_desc); +#endif +#ifdef LTC_RIPEMD160 + REGISTER_HASH(&rmd160_desc); +#endif +#ifdef LTC_RIPEMD256 + REGISTER_HASH(&rmd256_desc); +#endif +#ifdef LTC_RIPEMD320 + REGISTER_HASH(&rmd320_desc); +#endif +#ifdef LTC_WHIRLPOOL + REGISTER_HASH(&whirlpool_desc); +#endif +#ifdef LTC_BLAKE2S + REGISTER_HASH(&blake2s_128_desc); + REGISTER_HASH(&blake2s_160_desc); + REGISTER_HASH(&blake2s_224_desc); + REGISTER_HASH(&blake2s_256_desc); +#endif +#ifdef LTC_BLAKE2S + REGISTER_HASH(&blake2b_160_desc); + REGISTER_HASH(&blake2b_256_desc); + REGISTER_HASH(&blake2b_384_desc); + REGISTER_HASH(&blake2b_512_desc); +#endif +#ifdef LTC_CHC_HASH + REGISTER_HASH(&chc_desc); + LTC_ARGCHK(chc_register(find_cipher_any("aes", 8, 16)) == CRYPT_OK); +#endif + return CRYPT_OK; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_all_prngs.c b/src/ltc/misc/crypt/crypt_register_all_prngs.c new file mode 100644 index 0000000..aca8a36 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_register_all_prngs.c @@ -0,0 +1,48 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file crypt_register_all_prngs.c + + Steffen Jaeckel +*/ + +#define REGISTER_PRNG(h) do {\ + LTC_ARGCHK(register_prng(h) != -1); \ +} while(0) + +int register_all_prngs(void) +{ +#ifdef LTC_YARROW + REGISTER_PRNG(&yarrow_desc); +#endif +#ifdef LTC_FORTUNA + REGISTER_PRNG(&fortuna_desc); +#endif +#ifdef LTC_RC4 + REGISTER_PRNG(&rc4_desc); +#endif +#ifdef LTC_CHACHA20_PRNG + REGISTER_PRNG(&chacha20_prng_desc); +#endif +#ifdef LTC_SOBER128 + REGISTER_PRNG(&sober128_desc); +#endif +#ifdef LTC_SPRNG + REGISTER_PRNG(&sprng_desc); +#endif + + return CRYPT_OK; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_cipher.c b/src/ltc/misc/crypt/crypt_register_cipher.c index d7feedf..85178d2 100644 --- a/src/ltc/misc/crypt/crypt_register_cipher.c +++ b/src/ltc/misc/crypt/crypt_register_cipher.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,6 +47,6 @@ int register_cipher(const struct ltc_cipher_descriptor *cipher) return -1; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_hash.c b/src/ltc/misc/crypt/crypt_register_hash.c index 10ccee4..fc7f4e0 100644 --- a/src/ltc/misc/crypt/crypt_register_hash.c +++ b/src/ltc/misc/crypt/crypt_register_hash.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,6 +47,6 @@ int register_hash(const struct ltc_hash_descriptor *hash) return -1; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_register_prng.c b/src/ltc/misc/crypt/crypt_register_prng.c index faebb18..9cbd634 100644 --- a/src/ltc/misc/crypt/crypt_register_prng.c +++ b/src/ltc/misc/crypt/crypt_register_prng.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,6 +47,6 @@ int register_prng(const struct ltc_prng_descriptor *prng) return -1; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/crypt/crypt_sizes.c b/src/ltc/misc/crypt/crypt_sizes.c new file mode 100644 index 0000000..c4b16b5 --- /dev/null +++ b/src/ltc/misc/crypt/crypt_sizes.c @@ -0,0 +1,371 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file crypt_sizes.c + + Make various struct sizes available to dynamic languages + like Python - Larry Bugbee, February 2013 + + LB - Dec 2013 - revised to include compiler define options +*/ + + +typedef struct { + const char *name; + const unsigned int size; +} crypt_size; + +#define _SZ_STRINGIFY_S(s) { #s, sizeof(struct s) } +#define _SZ_STRINGIFY_T(s) { #s, sizeof(s) } + +static const crypt_size _crypt_sizes[] = { + /* hash state sizes */ + _SZ_STRINGIFY_S(ltc_hash_descriptor), + _SZ_STRINGIFY_T(hash_state), +#ifdef LTC_CHC_HASH + _SZ_STRINGIFY_S(chc_state), +#endif +#ifdef LTC_WHIRLPOOL + _SZ_STRINGIFY_S(whirlpool_state), +#endif +#ifdef LTC_SHA3 + _SZ_STRINGIFY_S(sha3_state), +#endif +#ifdef LTC_SHA512 + _SZ_STRINGIFY_S(sha512_state), +#endif +#ifdef LTC_SHA256 + _SZ_STRINGIFY_S(sha256_state), +#endif +#ifdef LTC_SHA1 + _SZ_STRINGIFY_S(sha1_state), +#endif +#ifdef LTC_MD5 + _SZ_STRINGIFY_S(md5_state), +#endif +#ifdef LTC_MD4 + _SZ_STRINGIFY_S(md4_state), +#endif +#ifdef LTC_MD2 + _SZ_STRINGIFY_S(md2_state), +#endif +#ifdef LTC_TIGER + _SZ_STRINGIFY_S(tiger_state), +#endif +#ifdef LTC_RIPEMD128 + _SZ_STRINGIFY_S(rmd128_state), +#endif +#ifdef LTC_RIPEMD160 + _SZ_STRINGIFY_S(rmd160_state), +#endif +#ifdef LTC_RIPEMD256 + _SZ_STRINGIFY_S(rmd256_state), +#endif +#ifdef LTC_RIPEMD320 + _SZ_STRINGIFY_S(rmd320_state), +#endif +#ifdef LTC_BLAKE2S + _SZ_STRINGIFY_S(blake2s_state), +#endif +#ifdef LTC_BLAKE2B + _SZ_STRINGIFY_S(blake2b_state), +#endif + + /* block cipher key sizes */ + _SZ_STRINGIFY_S(ltc_cipher_descriptor), + _SZ_STRINGIFY_T(symmetric_key), +#ifdef LTC_ANUBIS + _SZ_STRINGIFY_S(anubis_key), +#endif +#ifdef LTC_CAMELLIA + _SZ_STRINGIFY_S(camellia_key), +#endif +#ifdef LTC_BLOWFISH + _SZ_STRINGIFY_S(blowfish_key), +#endif +#ifdef LTC_CAST5 + _SZ_STRINGIFY_S(cast5_key), +#endif +#ifdef LTC_DES + _SZ_STRINGIFY_S(des_key), + _SZ_STRINGIFY_S(des3_key), +#endif +#ifdef LTC_IDEA + _SZ_STRINGIFY_S(idea_key), +#endif +#ifdef LTC_KASUMI + _SZ_STRINGIFY_S(kasumi_key), +#endif +#ifdef LTC_KHAZAD + _SZ_STRINGIFY_S(khazad_key), +#endif +#ifdef LTC_KSEED + _SZ_STRINGIFY_S(kseed_key), +#endif +#ifdef LTC_MULTI2 + _SZ_STRINGIFY_S(multi2_key), +#endif +#ifdef LTC_NOEKEON + _SZ_STRINGIFY_S(noekeon_key), +#endif +#ifdef LTC_RC2 + _SZ_STRINGIFY_S(rc2_key), +#endif +#ifdef LTC_RC5 + _SZ_STRINGIFY_S(rc5_key), +#endif +#ifdef LTC_RC6 + _SZ_STRINGIFY_S(rc6_key), +#endif +#ifdef LTC_SERPENT + _SZ_STRINGIFY_S(serpent_key), +#endif +#ifdef LTC_SKIPJACK + _SZ_STRINGIFY_S(skipjack_key), +#endif +#ifdef LTC_XTEA + _SZ_STRINGIFY_S(xtea_key), +#endif +#ifdef LTC_RIJNDAEL + _SZ_STRINGIFY_S(rijndael_key), +#endif +#ifdef LTC_SAFER + _SZ_STRINGIFY_S(safer_key), +#endif +#ifdef LTC_SAFERP + _SZ_STRINGIFY_S(saferp_key), +#endif +#ifdef LTC_TWOFISH + _SZ_STRINGIFY_S(twofish_key), +#endif + + /* mode sizes */ +#ifdef LTC_ECB_MODE + _SZ_STRINGIFY_T(symmetric_ECB), +#endif +#ifdef LTC_CFB_MODE + _SZ_STRINGIFY_T(symmetric_CFB), +#endif +#ifdef LTC_OFB_MODE + _SZ_STRINGIFY_T(symmetric_OFB), +#endif +#ifdef LTC_CBC_MODE + _SZ_STRINGIFY_T(symmetric_CBC), +#endif +#ifdef LTC_CTR_MODE + _SZ_STRINGIFY_T(symmetric_CTR), +#endif +#ifdef LTC_LRW_MODE + _SZ_STRINGIFY_T(symmetric_LRW), +#endif +#ifdef LTC_F8_MODE + _SZ_STRINGIFY_T(symmetric_F8), +#endif +#ifdef LTC_XTS_MODE + _SZ_STRINGIFY_T(symmetric_xts), +#endif + + /* stream cipher sizes */ +#ifdef LTC_CHACHA + _SZ_STRINGIFY_T(chacha_state), +#endif +#ifdef LTC_SALSA20 + _SZ_STRINGIFY_T(salsa20_state), +#endif +#ifdef LTC_SOSEMANUK + _SZ_STRINGIFY_T(sosemanuk_state), +#endif +#ifdef LTC_RABBIT + _SZ_STRINGIFY_T(rabbit_state), +#endif +#ifdef LTC_RC4_STREAM + _SZ_STRINGIFY_T(rc4_state), +#endif +#ifdef LTC_SOBER128_STREAM + _SZ_STRINGIFY_T(sober128_state), +#endif + + /* MAC sizes -- no states for ccm, lrw */ +#ifdef LTC_HMAC + _SZ_STRINGIFY_T(hmac_state), +#endif +#ifdef LTC_OMAC + _SZ_STRINGIFY_T(omac_state), +#endif +#ifdef LTC_PMAC + _SZ_STRINGIFY_T(pmac_state), +#endif +#ifdef LTC_POLY1305 + _SZ_STRINGIFY_T(poly1305_state), +#endif +#ifdef LTC_EAX_MODE + _SZ_STRINGIFY_T(eax_state), +#endif +#ifdef LTC_OCB_MODE + _SZ_STRINGIFY_T(ocb_state), +#endif +#ifdef LTC_OCB3_MODE + _SZ_STRINGIFY_T(ocb3_state), +#endif +#ifdef LTC_CCM_MODE + _SZ_STRINGIFY_T(ccm_state), +#endif +#ifdef LTC_GCM_MODE + _SZ_STRINGIFY_T(gcm_state), +#endif +#ifdef LTC_PELICAN + _SZ_STRINGIFY_T(pelican_state), +#endif +#ifdef LTC_XCBC + _SZ_STRINGIFY_T(xcbc_state), +#endif +#ifdef LTC_F9_MODE + _SZ_STRINGIFY_T(f9_state), +#endif +#ifdef LTC_CHACHA20POLY1305_MODE + _SZ_STRINGIFY_T(chacha20poly1305_state), +#endif + + /* asymmetric keys */ +#ifdef LTC_MRSA + _SZ_STRINGIFY_T(rsa_key), +#endif +#ifdef LTC_MDSA + _SZ_STRINGIFY_T(dsa_key), +#endif +#ifdef LTC_MDH + _SZ_STRINGIFY_T(dh_key), +#endif +#ifdef LTC_MECC + _SZ_STRINGIFY_T(ltc_ecc_set_type), + _SZ_STRINGIFY_T(ecc_point), + _SZ_STRINGIFY_T(ecc_key), +#endif +#ifdef LTC_MKAT + _SZ_STRINGIFY_T(katja_key), +#endif + + /* DER handling */ +#ifdef LTC_DER + _SZ_STRINGIFY_T(ltc_asn1_list), /* a list entry */ + _SZ_STRINGIFY_T(ltc_utctime), + _SZ_STRINGIFY_T(ltc_generalizedtime), +#endif + + /* prng state sizes */ + _SZ_STRINGIFY_S(ltc_prng_descriptor), + _SZ_STRINGIFY_T(prng_state), +#ifdef LTC_FORTUNA + _SZ_STRINGIFY_S(fortuna_prng), +#endif +#ifdef LTC_CHACHA20_PRNG + _SZ_STRINGIFY_S(chacha20_prng), +#endif +#ifdef LTC_RC4 + _SZ_STRINGIFY_S(rc4_prng), +#endif +#ifdef LTC_SOBER128 + _SZ_STRINGIFY_S(sober128_prng), +#endif +#ifdef LTC_YARROW + _SZ_STRINGIFY_S(yarrow_prng), +#endif + /* sprng has no state as it uses other potentially available sources */ + /* like /dev/random. See Developers Guide for more info. */ + +#ifdef LTC_ADLER32 + _SZ_STRINGIFY_T(adler32_state), +#endif +#ifdef LTC_CRC32 + _SZ_STRINGIFY_T(crc32_state), +#endif + + _SZ_STRINGIFY_T(ltc_mp_digit), + _SZ_STRINGIFY_T(ltc_math_descriptor) + +}; + +/* crypt_get_size() + * sizeout will be the size (bytes) of the named struct or union + * return -1 if named item not found + */ +int crypt_get_size(const char* namein, unsigned int *sizeout) { + int i; + int count = sizeof(_crypt_sizes) / sizeof(_crypt_sizes[0]); + for (i=0; i= sizeof(number))) + return -1; + total_len += (unsigned int)strlen(number) + 1; + /* this last +1 is for newlines (and ending NULL) */ + } + + if (names_list == NULL) { + *names_list_size = total_len; + } else { + if (total_len > *names_list_size) { + return -1; + } + /* build the names list */ + ptr = names_list; + for (i=0; i #include #include -#include +#include "tomcrypt.h" #ifdef LTC_HKDF @@ -119,18 +128,6 @@ int hkdf(int hash_idx, const unsigned char *salt, unsigned long saltlen, XFREE(extracted); return err; } -#if 0 - { - int j; - printf("\nPRK: 0x"); - for(j=0; j < hashsize; j++) { - printf("%02x ", extracted[j]); - } - for(j=0; j < hashsize; j++) { - printf("%02x ", extracted[j]); - } - } -#endif err = hkdf_expand(hash_idx, info, infolen, extracted, hashsize, out, outlen); zeromem(extracted, hashsize); XFREE(extracted); @@ -140,3 +137,7 @@ int hkdf(int hash_idx, const unsigned char *salt, unsigned long saltlen, /* vim: set ts=2 sw=2 et ai si: */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/mem_neq.c b/src/ltc/misc/mem_neq.c index 917b758..fbd0cce 100644 --- a/src/ltc/misc/mem_neq.c +++ b/src/ltc/misc/mem_neq.c @@ -5,29 +5,32 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" /** @file mem_neq.c - Compare two blocks of memory for inequality. + Compare two blocks of memory for inequality in constant time. Steffen Jaeckel */ /** - Compare two blocks of memory for inequality. + Compare two blocks of memory for inequality in constant time. The usage is similar to that of standard memcmp, but you can only test if the memory is equal or not - you can not determine by how much the first different byte differs. + This function shall be used to compare results of cryptographic + operations where inequality means most likely usage of a wrong key. + The execution time has therefore to be constant as otherwise + timing attacks could be possible. + @param a The first memory region @param b The second memory region @param len The length of the area to compare (octets) - @return 0 when a and b are equal for len bytes, else they are not equal. + @return 0 when a and b are equal for len bytes, 1 they are not equal. */ int mem_neq(const void *a, const void *b, size_t len) { @@ -55,6 +58,6 @@ int mem_neq(const void *a, const void *b, size_t len) return ret; } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/pk_get_oid.c b/src/ltc/misc/pk_get_oid.c index 8c08380..003925a 100644 --- a/src/ltc/misc/pk_get_oid.c +++ b/src/ltc/misc/pk_get_oid.c @@ -1,11 +1,10 @@ -/* LibTomCrypt, modular cryptographic library +/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. - * */ #include "tomcrypt.h" @@ -46,7 +45,7 @@ int pk_get_oid(int pk, oid_st *st) case PKA_EC: XMEMCPY(st, &ec_oid, sizeof(*st)); break; - case EC_PRIME_FIELD: + case PKA_EC_PRIMEF: XMEMCPY(st, &ec_primef, sizeof(*st)); break; default: @@ -55,3 +54,7 @@ int pk_get_oid(int pk, oid_st *st) return CRYPT_OK; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/pkcs5/pkcs_5_1.c b/src/ltc/misc/pkcs5/pkcs_5_1.c index 2ebdf2f..10325de 100644 --- a/src/ltc/misc/pkcs5/pkcs_5_1.c +++ b/src/ltc/misc/pkcs5/pkcs_5_1.c @@ -5,10 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -#include +#include "tomcrypt.h" /** @file pkcs_5_1.c @@ -184,6 +182,6 @@ int pkcs_5_alg1_openssl(const unsigned char *password, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/pkcs5/pkcs_5_2.c b/src/ltc/misc/pkcs5/pkcs_5_2.c index 9b9b78a..2265bcb 100644 --- a/src/ltc/misc/pkcs5/pkcs_5_2.c +++ b/src/ltc/misc/pkcs5/pkcs_5_2.c @@ -5,10 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -#include +#include "tomcrypt.h" /** @file pkcs_5_2.c @@ -124,6 +122,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/zeromem.c b/src/ltc/misc/zeromem.c index 3564cc1..1a3b8ed 100644 --- a/src/ltc/misc/zeromem.c +++ b/src/ltc/misc/zeromem.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -29,6 +27,6 @@ void zeromem(volatile void *out, size_t outlen) } } -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_decrypt.c b/src/ltc/modes/cbc/cbc_decrypt.c index b4fa466..e9f2785 100644 --- a/src/ltc/modes/cbc/cbc_decrypt.c +++ b/src/ltc/modes/cbc/cbc_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -92,6 +90,6 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_done.c b/src/ltc/modes/cbc/cbc_done.c index 4824940..2f1293d 100644 --- a/src/ltc/modes/cbc/cbc_done.c +++ b/src/ltc/modes/cbc/cbc_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int cbc_done(symmetric_CBC *cbc) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_encrypt.c b/src/ltc/modes/cbc/cbc_encrypt.c index f304d0e..00d85fc 100644 --- a/src/ltc/modes/cbc/cbc_encrypt.c +++ b/src/ltc/modes/cbc/cbc_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -93,6 +91,6 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_getiv.c b/src/ltc/modes/cbc/cbc_getiv.c index 6587743..fbf6834 100644 --- a/src/ltc/modes/cbc/cbc_getiv.c +++ b/src/ltc/modes/cbc/cbc_getiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,9 +16,9 @@ #ifdef LTC_CBC_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param cbc The CBC state @return CRYPT_OK if successful */ @@ -41,6 +39,6 @@ int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_setiv.c b/src/ltc/modes/cbc/cbc_setiv.c index 3d02093..255d641 100644 --- a/src/ltc/modes/cbc/cbc_setiv.c +++ b/src/ltc/modes/cbc/cbc_setiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -19,8 +17,8 @@ #ifdef LTC_CBC_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param cbc The CBC state @return CRYPT_OK if successful @@ -39,6 +37,6 @@ int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_start.c b/src/ltc/modes/cbc/cbc_start.c index 71b6fa8..6c5c52c 100644 --- a/src/ltc/modes/cbc/cbc_start.c +++ b/src/ltc/modes/cbc/cbc_start.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -20,7 +18,7 @@ /** Initialize a CBC context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) @@ -57,6 +55,6 @@ int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_decrypt.c b/src/ltc/modes/cfb/cfb_decrypt.c index 0c08c74..9749a0b 100644 --- a/src/ltc/modes/cfb/cfb_decrypt.c +++ b/src/ltc/modes/cfb/cfb_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -62,6 +60,6 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_done.c b/src/ltc/modes/cfb/cfb_done.c index bacfa28..24576c8 100644 --- a/src/ltc/modes/cfb/cfb_done.c +++ b/src/ltc/modes/cfb/cfb_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int cfb_done(symmetric_CFB *cfb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_encrypt.c b/src/ltc/modes/cfb/cfb_encrypt.c index e762143..4503e5b 100644 --- a/src/ltc/modes/cfb/cfb_encrypt.c +++ b/src/ltc/modes/cfb/cfb_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -60,6 +58,6 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_getiv.c b/src/ltc/modes/cfb/cfb_getiv.c index b6786e1..b972c72 100644 --- a/src/ltc/modes/cfb/cfb_getiv.c +++ b/src/ltc/modes/cfb/cfb_getiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,9 +16,9 @@ #ifdef LTC_CFB_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param cfb The CFB state @return CRYPT_OK if successful */ @@ -41,6 +39,6 @@ int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_setiv.c b/src/ltc/modes/cfb/cfb_setiv.c index 4a22110..4495bf5 100644 --- a/src/ltc/modes/cfb/cfb_setiv.c +++ b/src/ltc/modes/cfb/cfb_setiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,8 +16,8 @@ #ifdef LTC_CFB_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param cfb The CFB state @return CRYPT_OK if successful @@ -47,6 +45,6 @@ int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cfb/cfb_start.c b/src/ltc/modes/cfb/cfb_start.c index b42c97f..e49b119 100644 --- a/src/ltc/modes/cfb/cfb_start.c +++ b/src/ltc/modes/cfb/cfb_start.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -21,7 +19,7 @@ /** Initialize a CFB context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) @@ -60,6 +58,6 @@ int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_decrypt.c b/src/ltc/modes/ctr/ctr_decrypt.c index 9537249..5008089 100644 --- a/src/ltc/modes/ctr/ctr_decrypt.c +++ b/src/ltc/modes/ctr/ctr_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_done.c b/src/ltc/modes/ctr/ctr_done.c index 77d888b..3de13c2 100644 --- a/src/ltc/modes/ctr/ctr_done.c +++ b/src/ltc/modes/ctr/ctr_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int ctr_done(symmetric_CTR *ctr) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_encrypt.c b/src/ltc/modes/ctr/ctr_encrypt.c index 6117785..7319cf5 100644 --- a/src/ltc/modes/ctr/ctr_encrypt.c +++ b/src/ltc/modes/ctr/ctr_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -55,6 +53,8 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { return err; } + pt += (len / ctr->blocklen) * ctr->blocklen; + ct += (len / ctr->blocklen) * ctr->blocklen; len %= ctr->blocklen; } @@ -107,6 +107,6 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_getiv.c b/src/ltc/modes/ctr/ctr_getiv.c index 6242323..cbf92db 100644 --- a/src/ltc/modes/ctr/ctr_getiv.c +++ b/src/ltc/modes/ctr/ctr_getiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,9 +16,9 @@ #ifdef LTC_CTR_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param ctr The CTR state @return CRYPT_OK if successful */ @@ -41,6 +39,6 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_setiv.c b/src/ltc/modes/ctr/ctr_setiv.c index 50c6539..64d73a1 100644 --- a/src/ltc/modes/ctr/ctr_setiv.c +++ b/src/ltc/modes/ctr/ctr_setiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,8 +16,8 @@ #ifdef LTC_CTR_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param ctr The CTR state @return CRYPT_OK if successful @@ -51,6 +49,6 @@ int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ctr/ctr_start.c b/src/ltc/modes/ctr/ctr_start.c index 8544636..039fdd6 100644 --- a/src/ltc/modes/ctr/ctr_start.c +++ b/src/ltc/modes/ctr/ctr_start.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -21,7 +19,7 @@ /** Initialize a CTR context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) @@ -96,6 +94,6 @@ int ctr_start( int cipher, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ecb/ecb_decrypt.c b/src/ltc/modes/ecb/ecb_decrypt.c index 84842c2..213b253 100644 --- a/src/ltc/modes/ecb/ecb_decrypt.c +++ b/src/ltc/modes/ecb/ecb_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -56,6 +54,6 @@ int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ecb/ecb_done.c b/src/ltc/modes/ecb/ecb_done.c index 9199eae..6df7eec 100644 --- a/src/ltc/modes/ecb/ecb_done.c +++ b/src/ltc/modes/ecb/ecb_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int ecb_done(symmetric_ECB *ecb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ecb/ecb_encrypt.c b/src/ltc/modes/ecb/ecb_encrypt.c index 801e0fd..5d4661f 100644 --- a/src/ltc/modes/ecb/ecb_encrypt.c +++ b/src/ltc/modes/ecb/ecb_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -56,6 +54,6 @@ int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ecb/ecb_start.c b/src/ltc/modes/ecb/ecb_start.c index 67061ca..ecd301b 100644 --- a/src/ltc/modes/ecb/ecb_start.c +++ b/src/ltc/modes/ecb/ecb_start.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -43,6 +41,6 @@ int ecb_start(int cipher, const unsigned char *key, int keylen, int num_rounds, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_decrypt.c b/src/ltc/modes/ofb/ofb_decrypt.c index b741887..f402802 100644 --- a/src/ltc/modes/ofb/ofb_decrypt.c +++ b/src/ltc/modes/ofb/ofb_decrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -38,6 +36,6 @@ int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_done.c b/src/ltc/modes/ofb/ofb_done.c index 412b4d1..9caddbe 100644 --- a/src/ltc/modes/ofb/ofb_done.c +++ b/src/ltc/modes/ofb/ofb_done.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int ofb_done(symmetric_OFB *ofb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_encrypt.c b/src/ltc/modes/ofb/ofb_encrypt.c index f32fd39..415842d 100644 --- a/src/ltc/modes/ofb/ofb_encrypt.c +++ b/src/ltc/modes/ofb/ofb_encrypt.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -55,6 +53,6 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_getiv.c b/src/ltc/modes/ofb/ofb_getiv.c index c009e33..e6bc0ed 100644 --- a/src/ltc/modes/ofb/ofb_getiv.c +++ b/src/ltc/modes/ofb/ofb_getiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,9 +16,9 @@ #ifdef LTC_OFB_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param ofb The OFB state @return CRYPT_OK if successful */ @@ -41,6 +39,6 @@ int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_setiv.c b/src/ltc/modes/ofb/ofb_setiv.c index 77a96ad..005dbc7 100644 --- a/src/ltc/modes/ofb/ofb_setiv.c +++ b/src/ltc/modes/ofb/ofb_setiv.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,8 +16,8 @@ #ifdef LTC_OFB_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param ofb The OFB state @return CRYPT_OK if successful @@ -47,6 +45,6 @@ int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/ofb/ofb_start.c b/src/ltc/modes/ofb/ofb_start.c index f701d69..fe7a764 100644 --- a/src/ltc/modes/ofb/ofb_start.c +++ b/src/ltc/modes/ofb/ofb_start.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -21,7 +19,7 @@ /** Initialize a OFB context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) @@ -55,6 +53,6 @@ int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/bit/der_decode_bit_string.c b/src/ltc/pk/asn1/der/bit/der_decode_bit_string.c index 05d19cb..6f25cd9 100644 --- a/src/ltc/pk/asn1/der/bit/der_decode_bit_string.c +++ b/src/ltc/pk/asn1/der/bit/der_decode_bit_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,6 +28,7 @@ int der_decode_bit_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long dlen, blen, x, y; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -49,27 +48,13 @@ int der_decode_bit_string(const unsigned char *in, unsigned long inlen, x = 1; /* get the length of the data */ - if (in[x] & 0x80) { - /* long format get number of length bytes */ - y = in[x++] & 0x7F; - - /* invalid if 0 or > 2 */ - if (y == 0 || y > 2) { - return CRYPT_INVALID_PACKET; - } - - /* read the data len */ - dlen = 0; - while (y--) { - dlen = (dlen << 8) | (unsigned long)in[x++]; - } - } else { - /* short format */ - dlen = in[x++] & 0x7F; + y = inlen - 1; + if ((err = der_decode_asn1_length(in + x, &y, &dlen)) != CRYPT_OK) { + return err; } - + x += y; /* is the data len too long or too short? */ - if ((dlen == 0) || (dlen + x > inlen)) { + if ((dlen == 0) || (dlen > (inlen - x))) { return CRYPT_INVALID_PACKET; } @@ -97,6 +82,6 @@ int der_decode_bit_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/bit/der_decode_raw_bit_string.c b/src/ltc/pk/asn1/der/bit/der_decode_raw_bit_string.c index a4a3cb3..7e7a460 100644 --- a/src/ltc/pk/asn1/der/bit/der_decode_raw_bit_string.c +++ b/src/ltc/pk/asn1/der/bit/der_decode_raw_bit_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -19,6 +17,7 @@ #ifdef LTC_DER #define SETBIT(v, n) (v=((unsigned char)(v) | (1U << (unsigned char)(n)))) +#define CLRBIT(v, n) (v=((unsigned char)(v) & ~(1U << (unsigned char)(n)))) /** Store a BIT STRING @@ -32,6 +31,7 @@ int der_decode_raw_bit_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long dlen, blen, x, y; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -51,27 +51,13 @@ int der_decode_raw_bit_string(const unsigned char *in, unsigned long inlen, x = 1; /* get the length of the data */ - if (in[x] & 0x80) { - /* long format get number of length bytes */ - y = in[x++] & 0x7F; - - /* invalid if 0 or > 2 */ - if (y == 0 || y > 2) { - return CRYPT_INVALID_PACKET; - } - - /* read the data len */ - dlen = 0; - while (y--) { - dlen = (dlen << 8) | (unsigned long)in[x++]; - } - } else { - /* short format */ - dlen = in[x++] & 0x7F; + y = inlen - 1; + if ((err = der_decode_asn1_length(in + x, &y, &dlen)) != CRYPT_OK) { + return err; } - + x += y; /* is the data len too long or too short? */ - if ((dlen == 0) || (dlen + x > inlen)) { + if ((dlen == 0) || (dlen > (inlen - x))) { return CRYPT_INVALID_PACKET; } @@ -86,12 +72,14 @@ int der_decode_raw_bit_string(const unsigned char *in, unsigned long inlen, /* decode/store the bits */ for (y = 0; y < blen; y++) { - if (in[x] & (1 << (7 - (y & 7)))) { - SETBIT(out[y/8], 7-(y%8)); - } - if ((y & 7) == 7) { - ++x; - } + if (in[x] & (1 << (7 - (y & 7)))) { + SETBIT(out[y/8], 7-(y%8)); + } else { + CLRBIT(out[y/8], 7-(y%8)); + } + if ((y & 7) == 7) { + ++x; + } } /* we done */ @@ -101,6 +89,6 @@ int der_decode_raw_bit_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/bit/der_encode_bit_string.c b/src/ltc/pk/asn1/der/bit/der_encode_bit_string.c index e64bd1f..7b2c6af 100644 --- a/src/ltc/pk/asn1/der/bit/der_encode_bit_string.c +++ b/src/ltc/pk/asn1/der/bit/der_encode_bit_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,19 +47,14 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen, /* store header (include bit padding count in length) */ x = 0; - y = (inlen >> 3) + ((inlen&7) ? 1 : 0) + 1; + y = ((inlen + 7) >> 3) + 1; out[x++] = 0x03; - if (y < 128) { - out[x++] = (unsigned char)y; - } else if (y < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)y; - } else if (y < 65536) { - out[x++] = 0x82; - out[x++] = (unsigned char)((y>>8)&255); - out[x++] = (unsigned char)(y&255); + len = *outlen - x; + if ((err = der_encode_asn1_length(y, out + x, &len)) != CRYPT_OK) { + return err; } + x += len; /* store number of zero padding bits */ out[x++] = (unsigned char)((8 - inlen) & 7); @@ -84,6 +77,6 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/bit/der_encode_raw_bit_string.c b/src/ltc/pk/asn1/der/bit/der_encode_raw_bit_string.c index 014a037..e884dab 100644 --- a/src/ltc/pk/asn1/der/bit/der_encode_raw_bit_string.c +++ b/src/ltc/pk/asn1/der/bit/der_encode_raw_bit_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -23,7 +21,7 @@ /** Store a BIT STRING @param in The array of bits to store (8 per char) - @param inlen The number of bits tostore + @param inlen The number of bits to store @param out [out] The destination for the DER encoded BIT STRING @param outlen [in/out] The max size and resulting size of the DER BIT STRING @return CRYPT_OK if successful @@ -51,30 +49,25 @@ int der_encode_raw_bit_string(const unsigned char *in, unsigned long inlen, /* store header (include bit padding count in length) */ x = 0; - y = (inlen >> 3) + ((inlen&7) ? 1 : 0) + 1; + y = ((inlen + 7) >> 3) + 1; out[x++] = 0x03; - if (y < 128) { - out[x++] = (unsigned char)y; - } else if (y < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)y; - } else if (y < 65536) { - out[x++] = 0x82; - out[x++] = (unsigned char)((y>>8)&255); - out[x++] = (unsigned char)(y&255); + len = *outlen - x; + if ((err = der_encode_asn1_length(y, out + x, &len)) != CRYPT_OK) { + return err; } + x += len; /* store number of zero padding bits */ out[x++] = (unsigned char)((8 - inlen) & 7); /* store the bits in big endian format */ for (y = buf = 0; y < inlen; y++) { - buf |= (getbit(in[y/8],7-y%8)?1:0) << (7 - (y & 7)); - if ((y & 7) == 7) { - out[x++] = buf; - buf = 0; - } + buf |= (getbit(in[y/8],7-y%8)?1:0) << (7 - (y & 7)); + if ((y & 7) == 7) { + out[x++] = buf; + buf = 0; + } } /* store last byte */ if (inlen & 7) { @@ -87,6 +80,6 @@ int der_encode_raw_bit_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/bit/der_length_bit_string.c b/src/ltc/pk/asn1/der/bit/der_length_bit_string.c index 45472e9..7a65208 100644 --- a/src/ltc/pk/asn1/der/bit/der_length_bit_string.c +++ b/src/ltc/pk/asn1/der/bit/der_length_bit_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -24,24 +22,18 @@ */ int der_length_bit_string(unsigned long nbits, unsigned long *outlen) { - unsigned long nbytes; + unsigned long nbytes, x; + int err; + LTC_ARGCHK(outlen != NULL); /* get the number of the bytes */ nbytes = (nbits >> 3) + ((nbits & 7) ? 1 : 0) + 1; - if (nbytes < 128) { - /* 03 LL PP DD DD DD ... */ - *outlen = 2 + nbytes; - } else if (nbytes < 256) { - /* 03 81 LL PP DD DD DD ... */ - *outlen = 3 + nbytes; - } else if (nbytes < 65536) { - /* 03 82 LL LL PP DD DD DD ... */ - *outlen = 4 + nbytes; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(nbytes, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + nbytes; return CRYPT_OK; } @@ -49,6 +41,6 @@ int der_length_bit_string(unsigned long nbits, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/boolean/der_decode_boolean.c b/src/ltc/pk/asn1/der/boolean/der_decode_boolean.c index 4e25012..da60ca9 100644 --- a/src/ltc/pk/asn1/der/boolean/der_decode_boolean.c +++ b/src/ltc/pk/asn1/der/boolean/der_decode_boolean.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -42,6 +40,6 @@ int der_decode_boolean(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/boolean/der_encode_boolean.c b/src/ltc/pk/asn1/der/boolean/der_encode_boolean.c index 48e9090..c5cacdd 100644 --- a/src/ltc/pk/asn1/der/boolean/der_encode_boolean.c +++ b/src/ltc/pk/asn1/der/boolean/der_encode_boolean.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -46,6 +44,6 @@ int der_encode_boolean(int in, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/boolean/der_length_boolean.c b/src/ltc/pk/asn1/der/boolean/der_length_boolean.c index fa19064..a1a3a7b 100644 --- a/src/ltc/pk/asn1/der/boolean/der_length_boolean.c +++ b/src/ltc/pk/asn1/der/boolean/der_length_boolean.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,6 +28,6 @@ int der_length_boolean(unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/choice/der_decode_choice.c b/src/ltc/pk/asn1/der/choice/der_decode_choice.c index eb71513..6e17a4b 100644 --- a/src/ltc/pk/asn1/der/choice/der_decode_choice.c +++ b/src/ltc/pk/asn1/der/choice/der_decode_choice.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -207,9 +205,17 @@ int der_decode_choice(const unsigned char *in, unsigned long *inlen, } break; + case LTC_ASN1_CUSTOM_TYPE: + if (der_decode_custom_type(in, *inlen, &list[x]) == CRYPT_OK) { + if (der_length_custom_type(&list[x], &z, NULL) == CRYPT_OK) { + list[x].used = 1; + *inlen = z; + return CRYPT_OK; + } + } + break; + case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: case LTC_ASN1_EOL: return CRYPT_INVALID_ARG; } @@ -220,6 +226,6 @@ int der_decode_choice(const unsigned char *in, unsigned long *inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c b/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c new file mode 100644 index 0000000..9bc3431 --- /dev/null +++ b/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c @@ -0,0 +1,420 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + + +/** + @file der_decode_custom_type.c + ASN.1 DER, decode a Custom type, Steffen Jaeckel +*/ + +#ifdef LTC_DER + +/** + Decode a Custom type + @param in The DER encoded input + @param inlen The size of the input + @param root The item that defines the custom type to decode + @return CRYPT_OK on success +*/ +int der_decode_custom_type(const unsigned char *in, unsigned long inlen, + ltc_asn1_list *root) +{ + LTC_ARGCHK(root != NULL); + return der_decode_custom_type_ex(in, inlen, root, NULL, 0, LTC_DER_SEQ_ORDERED | LTC_DER_SEQ_RELAXED); +} + +/** + Extended-decode a Custom type + + This function is used to decode custom types and sequences/sets + For custom types root is used + For sequences/sets list and outlen are used + + @param in The DER encoded input + @param inlen The size of the input + @param root The item that defines the custom type to decode + @param list The list of items to decode + @param outlen The number of items in the list + @param flags c.f. enum ltc_der_seq + @return CRYPT_OK on success +*/ +int der_decode_custom_type_ex(const unsigned char *in, unsigned long inlen, + ltc_asn1_list *root, + ltc_asn1_list *list, unsigned long outlen, + unsigned int flags) +{ + int err, seq_err, i, ordered; + ltc_asn1_type type; + ltc_asn1_list ident; + unsigned long size, x, y, z, blksize; + unsigned char* in_new = NULL; + void *data; + + LTC_ARGCHK(in != NULL); + + /* get blk size */ + if (inlen < 2) { + return CRYPT_INVALID_PACKET; + } + x = 0; + + if (root == NULL) { + LTC_ARGCHK(list != NULL); + + /* sequence type? We allow 0x30 SEQUENCE and 0x31 SET since fundamentally they're the same structure */ + if (in[x] != 0x30 && in[x] != 0x31) { + return CRYPT_INVALID_PACKET; + } + ++x; + } else { + if (root->type != LTC_ASN1_CUSTOM_TYPE) { + return CRYPT_INVALID_PACKET; + } + + /* Alloc a copy of the data for primitive handling. */ + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + in_new = XMALLOC(inlen); + if (in_new == NULL) { + return CRYPT_MEM; + } + XMEMCPY(in_new, in, inlen); + in = in_new; + } + + y = inlen; + if ((err = der_decode_asn1_identifier(in, &y, &ident)) != CRYPT_OK) { + goto LBL_ERR; + } + if ((ident.type != root->type) || + (ident.class != root->class) || + (ident.pc != root->pc) || + (ident.tag != root->tag)) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + x += y; + + list = root->data; + outlen = root->size; + } + + if (root != NULL && root->pc == LTC_ASN1_PC_PRIMITIVE) { + if (((unsigned long)root->used >= der_asn1_type_to_identifier_map_sz) || + (der_asn1_type_to_identifier_map[root->used] == -1)) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + root->type = (ltc_asn1_type)root->used; + list = root; + outlen = 1; + + x -= 1; + in_new[x] = (unsigned char)der_asn1_type_to_identifier_map[list[0].type]; + blksize = inlen - x; + } else { + + y = inlen - x; + if ((err = der_decode_asn1_length(&in[x], &y, &blksize)) != CRYPT_OK) { + goto LBL_ERR; + } + x += y; + } + + /* would this blksize overflow? */ + if (blksize > (inlen - x)) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + /* mark all as unused */ + for (i = 0; i < (int)outlen; i++) { + list[i].used = 0; + } + ordered = flags & LTC_DER_SEQ_ORDERED; + + /* ok read data */ + seq_err = CRYPT_OK; + blksize += x; + inlen -= x; + for (i = 0; i < (int)outlen; i++) { + z = 0; + type = list[i].type; + size = list[i].size; + data = list[i].data; + if (!ordered && list[i].used == 1) { continue; } + + if (type == LTC_ASN1_EOL) { + break; + } + + if (root != NULL && root->pc == LTC_ASN1_PC_PRIMITIVE && i != 0) { + err = CRYPT_PK_ASN1_ERROR; + goto LBL_ERR; + } + + switch (type) { + case LTC_ASN1_BOOLEAN: + z = inlen; + if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_boolean(&z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_INTEGER: + z = inlen; + if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_integer(data, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SHORT_INTEGER: + z = inlen; + if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_short_integer(((unsigned long*)data)[0], &z)) != CRYPT_OK) { + goto LBL_ERR; + } + + break; + + case LTC_ASN1_BIT_STRING: + z = inlen; + if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_RAW_BIT_STRING: + z = inlen; + if ((err = der_decode_raw_bit_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_OCTET_STRING: + z = inlen; + if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_octet_string(size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_NULL: + if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) { + if (!ordered || list[i].optional) { continue; } + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + z = 2; + break; + + case LTC_ASN1_OBJECT_IDENTIFIER: + z = inlen; + if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_object_identifier(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_TELETEX_STRING: + z = inlen; + if ((err = der_decode_teletex_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_teletex_string(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_IA5_STRING: + z = inlen; + if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_ia5_string(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_PRINTABLE_STRING: + z = inlen; + if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_printable_string(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_UTF8_STRING: + z = inlen; + if ((err = der_decode_utf8_string(in + x, z, data, &size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + list[i].size = size; + if ((err = der_length_utf8_string(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_UTCTIME: + z = inlen; + if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + break; + + case LTC_ASN1_GENERALIZEDTIME: + z = inlen; + if ((err = der_decode_generalizedtime(in + x, &z, data)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + break; + + case LTC_ASN1_SET: + z = inlen; + if ((err = der_decode_set(in + x, z, data, size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SETOF: + case LTC_ASN1_SEQUENCE: + /* detect if we have the right type */ + if ((type == LTC_ASN1_SETOF && (in[x] & 0x3F) != 0x31) || (type == LTC_ASN1_SEQUENCE && (in[x] & 0x3F) != 0x30)) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + z = inlen; + err = der_decode_sequence_ex(in + x, z, data, size, flags); + if (err == CRYPT_INPUT_TOO_LONG) { + seq_err = CRYPT_INPUT_TOO_LONG; + err = CRYPT_OK; + } + if (err != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_CUSTOM_TYPE: + z = inlen; + err = der_decode_custom_type(in + x, z, &list[i]); + if (err == CRYPT_INPUT_TOO_LONG) { + seq_err = CRYPT_INPUT_TOO_LONG; + err = CRYPT_OK; + } + if (err != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + if ((err = der_length_custom_type(&list[i], &z, NULL)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_CHOICE: + z = inlen; + if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) { + if (!ordered || list[i].optional) { continue; } + goto LBL_ERR; + } + break; + + case LTC_ASN1_EOL: + err = CRYPT_INVALID_ARG; + goto LBL_ERR; + } + x += z; + inlen -= z; + list[i].used = 1; + if (!ordered) { + /* restart the decoder */ + i = -1; + } + } + + for (i = 0; i < (int)outlen; i++) { + if (list[i].used == 0 && list[i].optional == 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + } + + if (blksize == x && seq_err == CRYPT_OK && inlen == 0) { + /* everything decoded and no errors in nested sequences */ + err = CRYPT_OK; + } else if (blksize == x && seq_err == CRYPT_INPUT_TOO_LONG && inlen == 0) { + /* a sequence reported too-long input, but now we've decoded everything */ + err = CRYPT_OK; + } else if (blksize != x && ((flags & LTC_DER_SEQ_STRICT) == LTC_DER_SEQ_STRICT)) { + err = CRYPT_INVALID_PACKET; + } else { + err = CRYPT_INPUT_TOO_LONG; + } + +LBL_ERR: + if (in_new != NULL) { + XFREE(in_new); + } + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c b/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c new file mode 100644 index 0000000..d19774c --- /dev/null +++ b/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c @@ -0,0 +1,238 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + + +/** + @file der_encode_custom_type.c + ASN.1 DER, encode a Custom Type, Steffen Jaeckel +*/ + +#ifdef LTC_DER + +/** + Encode a Custom Type + + This function is a bit special compared to the others, as it requires the + root-ltc_asn1_list where the type is defined. + + @param root The root of the list of items to encode + @param out [out] The destination + @param outlen [in/out] The size of the output + @return CRYPT_OK on success +*/ +int der_encode_custom_type(const ltc_asn1_list *root, + unsigned char *out, unsigned long *outlen) +{ + int err; + ltc_asn1_type type; + const ltc_asn1_list *list; + unsigned long size, x, y, z, i, inlen, id_len; + void *data; + + LTC_ARGCHK(root != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* get size of output that will be required */ + y = 0; z = 0; + if ((err = der_length_custom_type(root, &y, &z)) != CRYPT_OK) return CRYPT_INVALID_ARG; + + /* too big ? */ + if (*outlen < y) { + *outlen = y; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + + /* get length of the identifier, so we know the offset where to start writing */ + if ((err = der_length_asn1_identifier(root, &id_len)) != CRYPT_OK) return CRYPT_INVALID_ARG; + x = id_len; + + + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + list = root; + inlen = 1; + /* In case it's a PRIMITIVE type we encode directly to the output + * but leave space for a potentially longer identifier as it will + * simply be replaced afterwards. + */ + x -= 1; + } else { + list = root->data; + inlen = root->size; + /* store length, identifier will be added later */ + y = *outlen - x; + if ((err = der_encode_asn1_length(z, &out[x], &y)) != CRYPT_OK) { + goto LBL_ERR; + } + x += y; + } + + /* store data */ + *outlen -= x; + for (i = 0; i < inlen; i++) { + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + type = (ltc_asn1_type)list[i].used; + } else { + type = list[i].type; + } + size = list[i].size; + data = list[i].data; + + if (type == LTC_ASN1_EOL) { + break; + } + + switch (type) { + case LTC_ASN1_BOOLEAN: + z = *outlen; + if ((err = der_encode_boolean(*((int *)data), out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_INTEGER: + z = *outlen; + if ((err = der_encode_integer(data, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SHORT_INTEGER: + z = *outlen; + if ((err = der_encode_short_integer(*((unsigned long*)data), out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_BIT_STRING: + z = *outlen; + if ((err = der_encode_bit_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_RAW_BIT_STRING: + z = *outlen; + if ((err = der_encode_raw_bit_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_OCTET_STRING: + z = *outlen; + if ((err = der_encode_octet_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_NULL: + out[x] = 0x05; + out[x+1] = 0x00; + z = 2; + break; + + case LTC_ASN1_OBJECT_IDENTIFIER: + z = *outlen; + if ((err = der_encode_object_identifier(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_IA5_STRING: + z = *outlen; + if ((err = der_encode_ia5_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_PRINTABLE_STRING: + z = *outlen; + if ((err = der_encode_printable_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_UTF8_STRING: + z = *outlen; + if ((err = der_encode_utf8_string(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_UTCTIME: + z = *outlen; + if ((err = der_encode_utctime(data, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_GENERALIZEDTIME: + z = *outlen; + if ((err = der_encode_generalizedtime(data, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SET: + z = *outlen; + if ((err = der_encode_set(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SETOF: + z = *outlen; + if ((err = der_encode_setof(data, size, out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_SEQUENCE: + z = *outlen; + if ((err = der_encode_sequence_ex(data, size, out + x, &z, type)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_CUSTOM_TYPE: + z = *outlen; + if ((err = der_encode_custom_type(&list[i], out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + + case LTC_ASN1_CHOICE: + case LTC_ASN1_EOL: + case LTC_ASN1_TELETEX_STRING: + err = CRYPT_INVALID_ARG; + goto LBL_ERR; + } + + + x += z; + *outlen -= z; + } + + if ((err = der_encode_asn1_identifier(root, out, &id_len)) != CRYPT_OK) { + goto LBL_ERR; + } + *outlen = x; + err = CRYPT_OK; + +LBL_ERR: + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/custom_type/der_length_custom_type.c b/src/ltc/pk/asn1/der/custom_type/der_length_custom_type.c new file mode 100644 index 0000000..aecc464 --- /dev/null +++ b/src/ltc/pk/asn1/der/custom_type/der_length_custom_type.c @@ -0,0 +1,213 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_length_custom_type.c + ASN.1 DER, length of a custom type, Steffen Jaeckel +*/ + +#ifdef LTC_DER + +/** + Get the length of a DER custom type + + This function is a bit special compared to the others, as it requires the + root-ltc_asn1_list where the type is defined. + + @param root The root of the struct to encode + @param outlen [out] The length required in octets to store it + @param payloadlen [out] The length of the payload in octets + @return CRYPT_OK on success +*/ +int der_length_custom_type(const ltc_asn1_list *root, unsigned long *outlen, unsigned long *payloadlen) +{ + int err; + const ltc_asn1_list *list; + ltc_asn1_type type; + unsigned long size, x, y, i, inlen, id_len; + void *data; + + LTC_ARGCHK(root != NULL); + LTC_ARGCHK(outlen != NULL); + + /* get size of output that will be required */ + if ((err = der_length_asn1_identifier(root, &id_len)) != CRYPT_OK) { + return err; + } + y = id_len; + + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + list = root; + inlen = 1; + } else { + list = root->data; + inlen = root->size; + } + for (i = 0; i < inlen; i++) { + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + type = (ltc_asn1_type)list[i].used; + } else { + type = list[i].type; + } + size = list[i].size; + data = list[i].data; + + if (type == LTC_ASN1_EOL) { + break; + } + + /* some items may be optional during import */ + if (!list[i].used && list[i].optional) continue; + + switch (type) { + case LTC_ASN1_BOOLEAN: + if ((err = der_length_boolean(&x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_INTEGER: + if ((err = der_length_integer(data, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_SHORT_INTEGER: + if ((err = der_length_short_integer(*((unsigned long *)data), &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_BIT_STRING: + case LTC_ASN1_RAW_BIT_STRING: + if ((err = der_length_bit_string(size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_OCTET_STRING: + if ((err = der_length_octet_string(size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_NULL: + y += 2; + break; + + case LTC_ASN1_OBJECT_IDENTIFIER: + if ((err = der_length_object_identifier(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_IA5_STRING: + if ((err = der_length_ia5_string(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_TELETEX_STRING: + if ((err = der_length_teletex_string(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_PRINTABLE_STRING: + if ((err = der_length_printable_string(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_UTCTIME: + if ((err = der_length_utctime(data, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_GENERALIZEDTIME: + if ((err = der_length_generalizedtime(data, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_UTF8_STRING: + if ((err = der_length_utf8_string(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_CUSTOM_TYPE: + if ((err = der_length_custom_type(&list[i], &x, NULL)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_SET: + case LTC_ASN1_SETOF: + case LTC_ASN1_SEQUENCE: + if ((err = der_length_sequence(data, size, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + + case LTC_ASN1_CHOICE: + case LTC_ASN1_EOL: + err = CRYPT_INVALID_ARG; + goto LBL_ERR; + } + } + + if (root->pc == LTC_ASN1_PC_PRIMITIVE) { + /* In case it's a PRIMITIVE element we're going + * to only replace the identifier of the one element + * by the custom identifier. + */ + y -= 1; + if (payloadlen != NULL) { + *payloadlen = y - id_len; + } + } else { + /* calc length of length */ + if ((err = der_length_asn1_length(y, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + if (payloadlen != NULL) { + *payloadlen = y - id_len; + } + y += x; + } + + /* store size */ + *outlen = y; + +LBL_ERR: + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_asn1_maps.c b/src/ltc/pk/asn1/der/general/der_asn1_maps.c new file mode 100644 index 0000000..ba9820f --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_asn1_maps.c @@ -0,0 +1,167 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_asn1_maps.c + ASN.1 DER, a collection of maps to convert between different representations, Steffen Jaeckel +*/ + +#ifdef LTC_DER + +/** + A Map from ltc_asn1_type to the regularly used ASN.1 identifier +*/ +const int der_asn1_type_to_identifier_map[] = +{ + /* 0 */ + -1, /* LTC_ASN1_EOL, */ + 1, /* LTC_ASN1_BOOLEAN, */ + 2, /* LTC_ASN1_INTEGER, */ + 2, /* LTC_ASN1_SHORT_INTEGER, */ + 3, /* LTC_ASN1_BIT_STRING, */ + /* 5 */ + 4, /* LTC_ASN1_OCTET_STRING, */ + 5, /* LTC_ASN1_NULL, */ + 6, /* LTC_ASN1_OBJECT_IDENTIFIER, */ + 22, /* LTC_ASN1_IA5_STRING, */ + 19, /* LTC_ASN1_PRINTABLE_STRING, */ + /* 10 */ + 12, /* LTC_ASN1_UTF8_STRING, */ + 23, /* LTC_ASN1_UTCTIME, */ + -1, /* LTC_ASN1_CHOICE, */ + 48, /* LTC_ASN1_SEQUENCE, */ + 49, /* LTC_ASN1_SET, */ + /* 15 */ + 49, /* LTC_ASN1_SETOF, */ + 3, /* LTC_ASN1_RAW_BIT_STRING, */ + 20, /* LTC_ASN1_TELETEX_STRING, */ + 24, /* LTC_ASN1_GENERALIZEDTIME, */ + -1, /* LTC_ASN1_CUSTOM_TYPE, */ +}; +const unsigned long der_asn1_type_to_identifier_map_sz = sizeof(der_asn1_type_to_identifier_map)/sizeof(der_asn1_type_to_identifier_map[0]); + +/** + A Map from the ASN.1 Class to its string +*/ +const char* der_asn1_class_to_string_map[] = +{ + "UNIVERSAL", + "APPLICATION", + "CONTEXT-SPECIFIC", + "PRIVATE", +}; +const unsigned long der_asn1_class_to_string_map_sz = sizeof(der_asn1_class_to_string_map)/sizeof(der_asn1_class_to_string_map[0]); + +/** + A Map from the ASN.1 P/C-bit to its string +*/ +const char* der_asn1_pc_to_string_map[] = +{ + "PRIMITIVE", + "CONSTRUCTED", +}; +const unsigned long der_asn1_pc_to_string_map_sz = sizeof(der_asn1_pc_to_string_map)/sizeof(der_asn1_pc_to_string_map[0]); + +/** + A Map from the ASN.1 tag to its string +*/ +const char* der_asn1_tag_to_string_map[] = +{ + "Reserved for use by the encoding rules", + "Boolean type", + "Integer type", + "Bitstring type", + "Octetstring type", + "Null type", + "Object identifier type", + "Object descriptor type", + "External type and Instance-of type", + "Real type", + "Enumerated type", + "Embedded-pdv type", + "UTF8String type", + "Relative object identifier type", + "The time type", + "Reserved for future editions of this Recommendation | International Standard", + "Sequence and Sequence-of types", + "Set and Set-of types", + "NumericString type", + "PrintableString type", + "TeletexString (T61String) type", + "VideotexString type", + "IA5String type", + "UTCTime type", + "GeneralizedTime type", + "GraphicString type", + "VisibleString (ISO646String) type", + "GeneralString type", + "UniversalString type", + "UnrestrictedCharacterString type", + "BMPString type", + "Date type", + "TimeOfDay type", + "DateTime type", + "Duration type", + "OID internationalized resource identifier type", + "Relative OID internationalized resource identifier type", +}; +const unsigned long der_asn1_tag_to_string_map_sz = sizeof(der_asn1_tag_to_string_map)/sizeof(der_asn1_tag_to_string_map[0]); + +/** + A Map from ASN.1 Tags to ltc_asn1_type +*/ +const ltc_asn1_type der_asn1_tag_to_type_map[] = +{ + /* 0 */ + LTC_ASN1_EOL, /* Reserved for use by the encoding rules */ + LTC_ASN1_BOOLEAN, /* Boolean type */ + LTC_ASN1_INTEGER, /* Integer type */ + LTC_ASN1_BIT_STRING, /* Bitstring type */ + LTC_ASN1_OCTET_STRING, /* Octetstring type */ + /* 5 */ + LTC_ASN1_NULL, /* Null type */ + LTC_ASN1_OBJECT_IDENTIFIER, /* Object identifier type */ + LTC_ASN1_CUSTOM_TYPE, /* Object descriptor type */ + LTC_ASN1_CUSTOM_TYPE, /* External type and Instance-of type */ + LTC_ASN1_CUSTOM_TYPE, /* Real type */ + /* 10 */ + LTC_ASN1_CUSTOM_TYPE, /* Enumerated type */ + LTC_ASN1_CUSTOM_TYPE, /* Embedded-pdv type */ + LTC_ASN1_UTF8_STRING, /* UTF8String type */ + LTC_ASN1_CUSTOM_TYPE, /* Relative object identifier type */ + LTC_ASN1_CUSTOM_TYPE, /* The time type */ + /* 15 */ + LTC_ASN1_EOL, /* Reserved for future editions of this Recommendation | International Standard */ + LTC_ASN1_SEQUENCE, /* Sequence and Sequence-of types */ + LTC_ASN1_SET, /* Set and Set-of types */ + LTC_ASN1_CUSTOM_TYPE, /* NumericString types */ + LTC_ASN1_PRINTABLE_STRING, /* PrintableString types */ + /* 20 */ + LTC_ASN1_TELETEX_STRING, /* TeletexString (T61String) types */ + LTC_ASN1_CUSTOM_TYPE, /* VideotexString types */ + LTC_ASN1_IA5_STRING, /* IA5String types */ + LTC_ASN1_UTCTIME, /* UTCTime types */ + LTC_ASN1_GENERALIZEDTIME, /* GeneralizedTime types */ + /* 25 */ + LTC_ASN1_CUSTOM_TYPE, /* GraphicString types */ + LTC_ASN1_CUSTOM_TYPE, /* VisibleString (ISO646String) types */ + LTC_ASN1_CUSTOM_TYPE, /* GeneralString types */ + LTC_ASN1_CUSTOM_TYPE, /* UniversalString types */ + LTC_ASN1_CUSTOM_TYPE, /* UnrestrictedCharacterString types */ + /* 30 */ + LTC_ASN1_CUSTOM_TYPE, /* BMPString types */ +}; +const unsigned long der_asn1_tag_to_type_map_sz = sizeof(der_asn1_tag_to_type_map)/sizeof(der_asn1_tag_to_type_map[0]); + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c b/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c new file mode 100644 index 0000000..b4689f6 --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c @@ -0,0 +1,133 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_decode_asn1_identifier.c + ASN.1 DER, decode the ASN.1 Identifier, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/* c.f. X.680 & X.690, some decisions backed by X.690 ch. 10.2 */ +static const unsigned char tag_constructed_map[] = +{ + /* 0 */ + 255, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + /* 5 */ + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + /* 10 */ + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + /* 15 */ + 255, + LTC_ASN1_PC_CONSTRUCTED, + LTC_ASN1_PC_CONSTRUCTED, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + /* 20 */ + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + /* 25 */ + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, + LTC_ASN1_PC_PRIMITIVE, +}; + static const unsigned long tag_constructed_map_sz = sizeof(tag_constructed_map)/sizeof(tag_constructed_map[0]); + +/** + Decode the ASN.1 Identifier + @param id Where to store the decoded Identifier + @param in Where to read the Identifier from + @param inlen [in/out] The size of in available/read + @return CRYPT_OK if successful +*/ +int der_decode_asn1_identifier(const unsigned char *in, unsigned long *inlen, ltc_asn1_list *id) +{ + ulong64 tmp; + unsigned long tag_len; + int err; + + LTC_ARGCHK(id != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(inlen != NULL); + + if (*inlen == 0) { + return CRYPT_BUFFER_OVERFLOW; + } + + tag_len = 1; + id->class = (in[0] >> 6) & 0x3; + id->pc = (in[0] >> 5) & 0x1; + id->tag = in[0] & 0x1f; + + err = CRYPT_OK; + if (id->tag == 0x1f) { + id->tag = 0; + do { + if (*inlen < tag_len) { + /* break the loop and trigger the BOF error-code */ + tmp = 0xff; + break; + } + id->tag <<= 7; + id->tag |= in[tag_len] & 0x7f; + tmp = in[tag_len] & 0x80; + tag_len++; + } while ((tmp != 0) && (tag_len < 10)); + + if (tmp != 0) { + err = CRYPT_BUFFER_OVERFLOW; + } else if (id->tag < 0x1f) { + err = CRYPT_PK_ASN1_ERROR; + } + } + + if (err != CRYPT_OK) { + id->pc = 0; + id->class = 0; + id->tag = 0; + } else { + *inlen = tag_len; + if ((id->class == LTC_ASN1_CL_UNIVERSAL) && + (id->tag < der_asn1_tag_to_type_map_sz) && + (id->tag < tag_constructed_map_sz) && + (id->pc == tag_constructed_map[id->tag])) { + id->type = der_asn1_tag_to_type_map[id->tag]; + } else { + if ((id->class == LTC_ASN1_CL_UNIVERSAL) && (id->tag == 0)) { + id->type = LTC_ASN1_EOL; + } else { + id->type = LTC_ASN1_CUSTOM_TYPE; + } + } + } + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_decode_asn1_length.c b/src/ltc/pk/asn1/der/general/der_decode_asn1_length.c new file mode 100644 index 0000000..0e1bc6c --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_decode_asn1_length.c @@ -0,0 +1,67 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_decode_asn1_length.c + ASN.1 DER, decode the ASN.1 Length field, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/** + Decode the ASN.1 Length field + @param in Where to read the length field from + @param inlen [in/out] The size of in available/read + @param outlen [out] The decoded ASN.1 length + @return CRYPT_OK if successful +*/ +int der_decode_asn1_length(const unsigned char *in, unsigned long *inlen, unsigned long *outlen) +{ + unsigned long real_len, decoded_len, offset, i; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(inlen != NULL); + + if (*inlen < 1) { + return CRYPT_BUFFER_OVERFLOW; + } + + real_len = in[0]; + + if (real_len < 128) { + decoded_len = real_len; + offset = 1; + } else { + real_len &= 0x7F; + if (real_len == 0) { + return CRYPT_PK_ASN1_ERROR; + } else if (real_len > sizeof(decoded_len)) { + return CRYPT_OVERFLOW; + } else if (real_len > (*inlen - 1)) { + return CRYPT_BUFFER_OVERFLOW; + } + decoded_len = 0; + offset = 1 + real_len; + for (i = 0; i < real_len; i++) { + decoded_len = (decoded_len << 8) | in[1 + i]; + } + } + + if (outlen != NULL) *outlen = decoded_len; + if (decoded_len > (*inlen - offset)) return CRYPT_OVERFLOW; + *inlen = offset; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c b/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c new file mode 100644 index 0000000..367bb69 --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c @@ -0,0 +1,97 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_encode_asn1_identifier.c + ASN.1 DER, encode the ASN.1 Identifier, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/** + Encode the ASN.1 Identifier + @param id The ASN.1 Identifer to encode + @param out Where to write the identifier to + @param outlen [in/out] The size of out available/written + @return CRYPT_OK if successful +*/ +int der_encode_asn1_identifier(const ltc_asn1_list *id, unsigned char *out, unsigned long *outlen) +{ + ulong64 tmp; + unsigned long tag_len; + + LTC_ARGCHK(id != NULL); + LTC_ARGCHK(outlen != NULL); + + if (id->type != LTC_ASN1_CUSTOM_TYPE) { + if ((unsigned)id->type >= der_asn1_type_to_identifier_map_sz) { + return CRYPT_INVALID_ARG; + } + if (der_asn1_type_to_identifier_map[id->type] == -1) { + return CRYPT_INVALID_ARG; + } + if (out != NULL) { + *out = der_asn1_type_to_identifier_map[id->type]; + } + *outlen = 1; + return CRYPT_OK; + } else { + if (id->class < LTC_ASN1_CL_UNIVERSAL || id->class > LTC_ASN1_CL_PRIVATE) { + return CRYPT_INVALID_ARG; + } + if (id->pc < LTC_ASN1_PC_PRIMITIVE || id->pc > LTC_ASN1_PC_CONSTRUCTED) { + return CRYPT_INVALID_ARG; + } + if (id->tag > (ULONG_MAX >> (8 + 7))) { + return CRYPT_INVALID_ARG; + } + } + + if (out != NULL) { + if (*outlen < 1) { + return CRYPT_BUFFER_OVERFLOW; + } + + out[0] = id->class << 6 | id->pc << 5; + } + + if (id->tag < 0x1f) { + if (out != NULL) { + out[0] |= id->tag & 0x1f; + } + *outlen = 1; + } else { + tag_len = 0; + tmp = id->tag; + do { + tag_len++; + tmp >>= 7; + } while (tmp); + + if (out != NULL) { + if (*outlen < tag_len + 1) { + return CRYPT_BUFFER_OVERFLOW; + } + out[0] |= 0x1f; + for (tmp = 1; tmp <= tag_len; ++tmp) { + out[tmp] = ((id->tag >> (7 * (tag_len - tmp))) & 0x7f) | 0x80; + } + out[tag_len] &= ~0x80; + } + *outlen = tag_len + 1; + } + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_encode_asn1_length.c b/src/ltc/pk/asn1/der/general/der_encode_asn1_length.c new file mode 100644 index 0000000..0d871af --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_encode_asn1_length.c @@ -0,0 +1,127 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_encode_asn1_length.c + ASN.1 DER, encode the ASN.1 length field, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/** + Encode the ASN.1 length field + @param len The length to encode + @param out Where to write the length field to + @param outlen [in/out] The size of out available/written + @return CRYPT_OK if successful +*/ +int der_encode_asn1_length(unsigned long len, unsigned char *out, unsigned long *outlen) +{ + unsigned long x, y; + + LTC_ARGCHK(outlen != NULL); + + x = len; + y = 0; + + while(x != 0) { + y++; + x >>= 8; + } + if (y == 0) { + return CRYPT_PK_ASN1_ERROR; + } + + if (out == NULL) { + if (len < 128) { + x = y; + } else { + x = y + 1; + } + } else { + if (*outlen < y) { + return CRYPT_BUFFER_OVERFLOW; + } + x = 0; + if (len < 128) { + out[x++] = (unsigned char)len; + } else if (len <= 0xffUL) { + out[x++] = 0x81; + out[x++] = (unsigned char)len; + } else if (len <= 0xffffUL) { + out[x++] = 0x82; + out[x++] = (unsigned char)((len>>8UL)&255); + out[x++] = (unsigned char)(len&255); + } else if (len <= 0xffffffUL) { + out[x++] = 0x83; + out[x++] = (unsigned char)((len>>16UL)&255); + out[x++] = (unsigned char)((len>>8UL)&255); + out[x++] = (unsigned char)(len&255); + #if ULONG_MAX != ULLONG_MAX + } else { + out[x++] = 0x84; + out[x++] = (unsigned char)((len>>24UL)&255); + out[x++] = (unsigned char)((len>>16UL)&255); + out[x++] = (unsigned char)((len>>8UL)&255); + out[x++] = (unsigned char)(len&255); + } + #else + } else if (len <= 0xffffffffUL) { + out[x++] = 0x84; + out[x++] = (unsigned char)((len>>24UL)&255); + out[x++] = (unsigned char)((len>>16UL)&255); + out[x++] = (unsigned char)((len>>8UL)&255); + out[x++] = (unsigned char)(len&255); + } else if (len <= 0xffffffffffULL) { + out[x++] = 0x85; + out[x++] = (unsigned char)((len>>32ULL)&255); + out[x++] = (unsigned char)((len>>24ULL)&255); + out[x++] = (unsigned char)((len>>16ULL)&255); + out[x++] = (unsigned char)((len>>8ULL)&255); + out[x++] = (unsigned char)(len&255); + } else if (len <= 0xffffffffffffULL) { + out[x++] = 0x86; + out[x++] = (unsigned char)((len>>40ULL)&255); + out[x++] = (unsigned char)((len>>32ULL)&255); + out[x++] = (unsigned char)((len>>24ULL)&255); + out[x++] = (unsigned char)((len>>16ULL)&255); + out[x++] = (unsigned char)((len>>8ULL)&255); + out[x++] = (unsigned char)(len&255); + } else if (len <= 0xffffffffffffffULL) { + out[x++] = 0x87; + out[x++] = (unsigned char)((len>>48ULL)&255); + out[x++] = (unsigned char)((len>>40ULL)&255); + out[x++] = (unsigned char)((len>>32ULL)&255); + out[x++] = (unsigned char)((len>>24ULL)&255); + out[x++] = (unsigned char)((len>>16ULL)&255); + out[x++] = (unsigned char)((len>>8ULL)&255); + out[x++] = (unsigned char)(len&255); + } else { + out[x++] = 0x88; + out[x++] = (unsigned char)((len>>56ULL)&255); + out[x++] = (unsigned char)((len>>48ULL)&255); + out[x++] = (unsigned char)((len>>40ULL)&255); + out[x++] = (unsigned char)((len>>32ULL)&255); + out[x++] = (unsigned char)((len>>24ULL)&255); + out[x++] = (unsigned char)((len>>16ULL)&255); + out[x++] = (unsigned char)((len>>8ULL)&255); + out[x++] = (unsigned char)(len&255); + } + #endif + } + *outlen = x; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_length_asn1_identifier.c b/src/ltc/pk/asn1/der/general/der_length_asn1_identifier.c new file mode 100644 index 0000000..40e76f0 --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_length_asn1_identifier.c @@ -0,0 +1,33 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_length_asn1_identifier.c + ASN.1 DER, determine the length when encoding the ASN.1 Identifier, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/** + Determine the length required when encoding the ASN.1 Identifier + @param id The ASN.1 identifier to encode + @param idlen [out] The required length to encode list + @return CRYPT_OK if successful +*/ + +int der_length_asn1_identifier(const ltc_asn1_list *id, unsigned long *idlen) +{ + return der_encode_asn1_identifier(id, NULL, idlen); +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/general/der_length_asn1_length.c b/src/ltc/pk/asn1/der/general/der_length_asn1_length.c new file mode 100644 index 0000000..1271e1c --- /dev/null +++ b/src/ltc/pk/asn1/der/general/der_length_asn1_length.c @@ -0,0 +1,32 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_length_asn1_length.c + ASN.1 DER, determine the length of the ASN.1 length field, Steffen Jaeckel +*/ + +#ifdef LTC_DER +/** + Determine the length required to encode len in the ASN.1 length field + @param len The length to encode + @param outlen [out] The length that's required to store len + @return CRYPT_OK if successful +*/ +int der_length_asn1_length(unsigned long len, unsigned long *outlen) +{ + return der_encode_asn1_length(len, NULL, outlen); +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c b/src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c index f8997ee..016a4c2 100644 --- a/src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c +++ b/src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,7 +16,7 @@ #ifdef LTC_DER -static int char_to_int(unsigned char x) +static int _char_to_int(unsigned char x) { switch (x) { case '0': return 0; @@ -31,18 +29,18 @@ static int char_to_int(unsigned char x) case '7': return 7; case '8': return 8; case '9': return 9; + default: return 100; } - return 100; } #define DECODE_V(y, max) do {\ - y = char_to_int(buf[x])*10 + char_to_int(buf[x+1]); \ + y = _char_to_int(buf[x])*10 + _char_to_int(buf[x+1]); \ if (y >= max) return CRYPT_INVALID_PACKET; \ x += 2; \ } while(0) #define DECODE_V4(y, max) do {\ - y = char_to_int(buf[x])*1000 + char_to_int(buf[x+1])*100 + char_to_int(buf[x+2])*10 + char_to_int(buf[x+3]); \ + y = _char_to_int(buf[x])*1000 + _char_to_int(buf[x+1])*100 + _char_to_int(buf[x+2])*10 + _char_to_int(buf[x+3]); \ if (y >= max) return CRYPT_INVALID_PACKET; \ x += 4; \ } while(0) @@ -120,7 +118,7 @@ YYYYMMDDhhmmss.fs-hh'mm' unsigned fs = out->fs; if (x >= sizeof(buf)) return CRYPT_INVALID_PACKET; out->fs *= 10; - out->fs += char_to_int(buf[x]); + out->fs += _char_to_int(buf[x]); if (fs > out->fs) return CRYPT_OVERFLOW; x++; } @@ -141,6 +139,6 @@ YYYYMMDDhhmmss.fs-hh'mm' #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c b/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c index b2198d9..ddc472a 100644 --- a/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c +++ b/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -34,8 +32,8 @@ static const char * const baseten = "0123456789"; /** Encodes a Generalized time structure in DER format - @param utctime The UTC time structure to encode - @param out The destination of the DER encoding of the UTC time structure + @param gtime The GeneralizedTime structure to encode + @param out The destination of the DER encoding of the GeneralizedTime structure @param outlen [in/out] The length of the DER encoding @return CRYPT_OK if successful */ @@ -105,6 +103,6 @@ int der_encode_generalizedtime(ltc_generalizedtime *gtime, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c b/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c index e5abf9f..def6270 100644 --- a/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c +++ b/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -20,7 +18,7 @@ /** Gets length of DER encoding of GeneralizedTime - @param utctime The UTC time structure to get the size of + @param gtime The GeneralizedTime structure to get the size of @param outlen [out] The length of the DER encoding @return CRYPT_OK if successful */ @@ -55,6 +53,6 @@ int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/ia5/der_decode_ia5_string.c b/src/ltc/pk/asn1/der/ia5/der_decode_ia5_string.c index 4699e31..15e90f8 100644 --- a/src/ltc/pk/asn1/der/ia5/der_decode_ia5_string.c +++ b/src/ltc/pk/asn1/der/ia5/der_decode_ia5_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,7 +28,7 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y, len; - int t; + int t, err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -47,23 +45,12 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, } x = 1; - /* decode the length */ - if (in[x] & 0x80) { - /* valid # of bytes in length are 1,2,3 */ - y = in[x] & 0x7F; - if ((y == 0) || (y > 3) || ((x + y) > inlen)) { - return CRYPT_INVALID_PACKET; - } - - /* read the length in */ - len = 0; - ++x; - while (y--) { - len = (len << 8) | in[x++]; - } - } else { - len = in[x++] & 0x7F; + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; /* is it too long? */ if (len > *outlen) { @@ -71,7 +58,7 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, return CRYPT_BUFFER_OVERFLOW; } - if (len + x > inlen) { + if (len > (inlen - x)) { return CRYPT_INVALID_PACKET; } @@ -91,6 +78,6 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/ia5/der_encode_ia5_string.c b/src/ltc/pk/asn1/der/ia5/der_encode_ia5_string.c index 42b3f58..fee1c70 100644 --- a/src/ltc/pk/asn1/der/ia5/der_encode_ia5_string.c +++ b/src/ltc/pk/asn1/der/ia5/der_encode_ia5_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,23 +47,11 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen, /* encode the header+len */ x = 0; out[x++] = 0x16; - if (inlen < 128) { - out[x++] = (unsigned char)inlen; - } else if (inlen < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)inlen; - } else if (inlen < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else if (inlen < 16777216UL) { - out[x++] = 0x83; - out[x++] = (unsigned char)((inlen>>16)&255); - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else { - return CRYPT_INVALID_ARG; + len = *outlen - x; + if ((err = der_encode_asn1_length(inlen, out + x, &len)) != CRYPT_OK) { + return err; } + x += len; /* store octets */ for (y = 0; y < inlen; y++) { @@ -80,6 +66,6 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/ia5/der_length_ia5_string.c b/src/ltc/pk/asn1/der/ia5/der_length_ia5_string.c index 04debaf..422c4d3 100644 --- a/src/ltc/pk/asn1/der/ia5/der_length_ia5_string.c +++ b/src/ltc/pk/asn1/der/ia5/der_length_ia5_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -156,6 +154,7 @@ int der_ia5_value_decode(int v) int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen) { unsigned long x; + int err; LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(octets != NULL); @@ -167,21 +166,10 @@ int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, un } } - if (noctets < 128) { - /* 16 LL DD DD DD ... */ - *outlen = 2 + noctets; - } else if (noctets < 256) { - /* 16 81 LL DD DD DD ... */ - *outlen = 3 + noctets; - } else if (noctets < 65536UL) { - /* 16 82 LL LL DD DD DD ... */ - *outlen = 4 + noctets; - } else if (noctets < 16777216UL) { - /* 16 83 LL LL LL DD DD DD ... */ - *outlen = 5 + noctets; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(noctets, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + noctets; return CRYPT_OK; } @@ -189,6 +177,6 @@ int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, un #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/integer/der_decode_integer.c b/src/ltc/pk/asn1/der/integer/der_decode_integer.c index 768e28a..e5c5c12 100644 --- a/src/ltc/pk/asn1/der/integer/der_decode_integer.c +++ b/src/ltc/pk/asn1/der/integer/der_decode_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -27,7 +25,7 @@ */ int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) { - unsigned long x, y, z; + unsigned long x, y; int err; LTC_ARGCHK(num != NULL); @@ -44,45 +42,15 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) return CRYPT_INVALID_PACKET; } - /* now decode the len stuff */ - z = in[x++]; + /* get the length of the data */ + inlen -= x; + if ((err = der_decode_asn1_length(in + x, &inlen, &y)) != CRYPT_OK) { + return err; + } + x += inlen; - if ((z & 0x80) == 0x00) { - /* short form */ - - /* will it overflow? */ - if (x + z > inlen) { - return CRYPT_INVALID_PACKET; - } - - /* no so read it */ - if ((err = mp_read_unsigned_bin(num, (unsigned char *)in + x, z)) != CRYPT_OK) { - return err; - } - } else { - /* long form */ - z &= 0x7F; - - /* will number of length bytes overflow? (or > 4) */ - if (((x + z) > inlen) || (z > 4) || (z == 0)) { - return CRYPT_INVALID_PACKET; - } - - /* now read it in */ - y = 0; - while (z--) { - y = ((unsigned long)(in[x++])) | (y << 8); - } - - /* now will reading y bytes overrun? */ - if ((x + y) > inlen) { - return CRYPT_INVALID_PACKET; - } - - /* no so read it */ - if ((err = mp_read_unsigned_bin(num, (unsigned char *)in + x, y)) != CRYPT_OK) { - return err; - } + if ((err = mp_read_unsigned_bin(num, (unsigned char *)in + x, y)) != CRYPT_OK) { + return err; } /* see if it's negative */ @@ -105,6 +73,6 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/integer/der_encode_integer.c b/src/ltc/pk/asn1/der/integer/der_encode_integer.c index 544bfb0..3bd9593 100644 --- a/src/ltc/pk/asn1/der/integer/der_encode_integer.c +++ b/src/ltc/pk/asn1/der/integer/der_encode_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -28,7 +26,7 @@ */ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) { - unsigned long tmplen, y; + unsigned long tmplen, y, len; int err, leading_zero; LTC_ARGCHK(num != NULL); @@ -65,24 +63,11 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) /* now store initial data */ *out++ = 0x02; - if (y < 128) { - /* short form */ - *out++ = (unsigned char)y; - } else if (y < 256) { - *out++ = 0x81; - *out++ = (unsigned char)y; - } else if (y < 65536UL) { - *out++ = 0x82; - *out++ = (unsigned char)((y>>8)&255); - *out++ = (unsigned char)y; - } else if (y < 16777216UL) { - *out++ = 0x83; - *out++ = (unsigned char)((y>>16)&255); - *out++ = (unsigned char)((y>>8)&255); - *out++ = (unsigned char)y; - } else { - return CRYPT_INVALID_ARG; + len = *outlen - 1; + if ((err = der_encode_asn1_length(y, out, &len)) != CRYPT_OK) { + return err; } + out += len; /* now store msbyte of zero if num is non-zero */ if (leading_zero) { @@ -125,6 +110,6 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/integer/der_length_integer.c b/src/ltc/pk/asn1/der/integer/der_length_integer.c index 61584f7..60daffa 100644 --- a/src/ltc/pk/asn1/der/integer/der_length_integer.c +++ b/src/ltc/pk/asn1/der/integer/der_length_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -26,7 +24,7 @@ int der_length_integer(void *num, unsigned long *outlen) { unsigned long z, len; - int leading_zero; + int leading_zero, err; LTC_ARGCHK(num != NULL); LTC_ARGCHK(outlen != NULL); @@ -42,40 +40,26 @@ int der_length_integer(void *num, unsigned long *outlen) } /* size for bignum */ - z = len = leading_zero + mp_unsigned_bin_size(num); + len = leading_zero + mp_unsigned_bin_size(num); } else { /* it's negative */ /* find power of 2 that is a multiple of eight and greater than count bits */ z = mp_count_bits(num); z = z + (8 - (z & 7)); if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) --z; - len = z = z >> 3; + len = z >> 3; } - /* now we need a length */ - if (z < 128) { - /* short form */ - ++len; - } else { - /* long form (relies on z != 0), assumes length bytes < 128 */ - ++len; - - while (z) { - ++len; - z >>= 8; - } + if ((err = der_length_asn1_length(len, &z)) != CRYPT_OK) { + return err; } + *outlen = 1 + z + len; - /* we need a 0x02 to indicate it's INTEGER */ - ++len; - - /* return length */ - *outlen = len; return CRYPT_OK; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.c b/src/ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.c index 47547f0..48a9547 100644 --- a/src/ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.c +++ b/src/ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -28,6 +26,7 @@ int der_decode_object_identifier(const unsigned char *in, unsigned long inle unsigned long *words, unsigned long *outlen) { unsigned long x, y, t, len; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(words != NULL); @@ -40,6 +39,7 @@ int der_decode_object_identifier(const unsigned char *in, unsigned long inle /* must be room for at least two words */ if (*outlen < 2) { + *outlen = 2; return CRYPT_BUFFER_OVERFLOW; } @@ -49,21 +49,14 @@ int der_decode_object_identifier(const unsigned char *in, unsigned long inle return CRYPT_INVALID_PACKET; } - /* get the length */ - if (in[x] < 128) { - len = in[x++]; - } else { - if (in[x] < 0x81 || in[x] > 0x82) { - return CRYPT_INVALID_PACKET; - } - y = in[x++] & 0x7F; - len = 0; - while (y--) { - len = (len << 8) | (unsigned long)in[x++]; - } + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; - if (len < 1 || (len + x) > inlen) { + if ((len == 0) || (len > (inlen - x))) { return CRYPT_INVALID_PACKET; } @@ -75,25 +68,32 @@ int der_decode_object_identifier(const unsigned char *in, unsigned long inle if (!(in[x++] & 0x80)) { /* store t */ if (y >= *outlen) { - return CRYPT_BUFFER_OVERFLOW; - } - if (y == 0) { - words[0] = t / 40; - words[1] = t % 40; - y = 2; + y++; } else { - words[y++] = t; + if (y == 0) { + words[0] = t / 40; + words[1] = t % 40; + y = 2; + } else { + words[y++] = t; + } } - t = 0; + t = 0; } } + if (y > *outlen) { + err = CRYPT_BUFFER_OVERFLOW; + } else { + err = CRYPT_OK; + } + *outlen = y; - return CRYPT_OK; + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c index ccecd98..4b397b6 100644 --- a/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -57,18 +55,11 @@ int der_encode_object_identifier(unsigned long *words, unsigned long nwords, /* store header + length */ x = 0; out[x++] = 0x06; - if (z < 128) { - out[x++] = (unsigned char)z; - } else if (z < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)z; - } else if (z < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((z>>8)&255); - out[x++] = (unsigned char)(z&255); - } else { - return CRYPT_INVALID_ARG; + y = *outlen - x; + if ((err = der_encode_asn1_length(z, out + x, &y)) != CRYPT_OK) { + return err; } + x += y; /* store first byte */ wordbuf = words[0] * 40 + words[1]; @@ -106,6 +97,6 @@ int der_encode_object_identifier(unsigned long *words, unsigned long nwords, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c b/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c index 3b6826a..ac08915 100644 --- a/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -84,6 +82,6 @@ int der_length_object_identifier(unsigned long *words, unsigned long nwords, uns #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/octet/der_decode_octet_string.c b/src/ltc/pk/asn1/der/octet/der_decode_octet_string.c index a656b25..a9b3cdc 100644 --- a/src/ltc/pk/asn1/der/octet/der_decode_octet_string.c +++ b/src/ltc/pk/asn1/der/octet/der_decode_octet_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,6 +28,7 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y, len; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -46,23 +45,12 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen, } x = 1; - /* decode the length */ - if (in[x] & 0x80) { - /* valid # of bytes in length are 1,2,3 */ - y = in[x] & 0x7F; - if ((y == 0) || (y > 3) || ((x + y) > inlen)) { - return CRYPT_INVALID_PACKET; - } - - /* read the length in */ - len = 0; - ++x; - while (y--) { - len = (len << 8) | in[x++]; - } - } else { - len = in[x++] & 0x7F; + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; /* is it too long? */ if (len > *outlen) { @@ -70,7 +58,7 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen, return CRYPT_BUFFER_OVERFLOW; } - if (len + x > inlen) { + if (len > (inlen - x)) { return CRYPT_INVALID_PACKET; } @@ -86,6 +74,6 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/octet/der_encode_octet_string.c b/src/ltc/pk/asn1/der/octet/der_encode_octet_string.c index 23d337d..fd79c67 100644 --- a/src/ltc/pk/asn1/der/octet/der_encode_octet_string.c +++ b/src/ltc/pk/asn1/der/octet/der_encode_octet_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -50,23 +48,11 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen, /* encode the header+len */ x = 0; out[x++] = 0x04; - if (inlen < 128) { - out[x++] = (unsigned char)inlen; - } else if (inlen < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)inlen; - } else if (inlen < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else if (inlen < 16777216UL) { - out[x++] = 0x83; - out[x++] = (unsigned char)((inlen>>16)&255); - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else { - return CRYPT_INVALID_ARG; + len = *outlen - x; + if ((err = der_encode_asn1_length(inlen, out + x, &len)) != CRYPT_OK) { + return err; } + x += len; /* store octets */ for (y = 0; y < inlen; y++) { @@ -81,6 +67,6 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/octet/der_length_octet_string.c b/src/ltc/pk/asn1/der/octet/der_length_octet_string.c index 6e37ca7..9e5386a 100644 --- a/src/ltc/pk/asn1/der/octet/der_length_octet_string.c +++ b/src/ltc/pk/asn1/der/octet/der_length_octet_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -24,23 +22,15 @@ */ int der_length_octet_string(unsigned long noctets, unsigned long *outlen) { + unsigned long x; + int err; + LTC_ARGCHK(outlen != NULL); - if (noctets < 128) { - /* 04 LL DD DD DD ... */ - *outlen = 2 + noctets; - } else if (noctets < 256) { - /* 04 81 LL DD DD DD ... */ - *outlen = 3 + noctets; - } else if (noctets < 65536UL) { - /* 04 82 LL LL DD DD DD ... */ - *outlen = 4 + noctets; - } else if (noctets < 16777216UL) { - /* 04 83 LL LL LL DD DD DD ... */ - *outlen = 5 + noctets; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(noctets, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + noctets; return CRYPT_OK; } @@ -48,6 +38,6 @@ int der_length_octet_string(unsigned long noctets, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/printable_string/der_decode_printable_string.c b/src/ltc/pk/asn1/der/printable_string/der_decode_printable_string.c index 726387d..1ec9e3c 100644 --- a/src/ltc/pk/asn1/der/printable_string/der_decode_printable_string.c +++ b/src/ltc/pk/asn1/der/printable_string/der_decode_printable_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,7 +28,7 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y, len; - int t; + int t, err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -47,23 +45,12 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, } x = 1; - /* decode the length */ - if (in[x] & 0x80) { - /* valid # of bytes in length are 1,2,3 */ - y = in[x] & 0x7F; - if ((y == 0) || (y > 3) || ((x + y) > inlen)) { - return CRYPT_INVALID_PACKET; - } - - /* read the length in */ - len = 0; - ++x; - while (y--) { - len = (len << 8) | in[x++]; - } - } else { - len = in[x++] & 0x7F; + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; /* is it too long? */ if (len > *outlen) { @@ -71,7 +58,7 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, return CRYPT_BUFFER_OVERFLOW; } - if (len + x > inlen) { + if (len > (inlen - x)) { return CRYPT_INVALID_PACKET; } @@ -91,6 +78,6 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/printable_string/der_encode_printable_string.c b/src/ltc/pk/asn1/der/printable_string/der_encode_printable_string.c index 21fa511..bd59391 100644 --- a/src/ltc/pk/asn1/der/printable_string/der_encode_printable_string.c +++ b/src/ltc/pk/asn1/der/printable_string/der_encode_printable_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -49,23 +47,11 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen, /* encode the header+len */ x = 0; out[x++] = 0x13; - if (inlen < 128) { - out[x++] = (unsigned char)inlen; - } else if (inlen < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)inlen; - } else if (inlen < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else if (inlen < 16777216UL) { - out[x++] = 0x83; - out[x++] = (unsigned char)((inlen>>16)&255); - out[x++] = (unsigned char)((inlen>>8)&255); - out[x++] = (unsigned char)(inlen&255); - } else { - return CRYPT_INVALID_ARG; + len = *outlen - x; + if ((err = der_encode_asn1_length(inlen, out + x, &len)) != CRYPT_OK) { + return err; } + x += len; /* store octets */ for (y = 0; y < inlen; y++) { @@ -80,6 +66,6 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/printable_string/der_length_printable_string.c b/src/ltc/pk/asn1/der/printable_string/der_length_printable_string.c index 64d9608..b6eb850 100644 --- a/src/ltc/pk/asn1/der/printable_string/der_length_printable_string.c +++ b/src/ltc/pk/asn1/der/printable_string/der_length_printable_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -128,6 +126,7 @@ int der_printable_value_decode(int v) int der_length_printable_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen) { unsigned long x; + int err; LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(octets != NULL); @@ -139,21 +138,10 @@ int der_length_printable_string(const unsigned char *octets, unsigned long nocte } } - if (noctets < 128) { - /* 16 LL DD DD DD ... */ - *outlen = 2 + noctets; - } else if (noctets < 256) { - /* 16 81 LL DD DD DD ... */ - *outlen = 3 + noctets; - } else if (noctets < 65536UL) { - /* 16 82 LL LL DD DD DD ... */ - *outlen = 4 + noctets; - } else if (noctets < 16777216UL) { - /* 16 83 LL LL LL DD DD DD ... */ - *outlen = 5 + noctets; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(noctets, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + noctets; return CRYPT_OK; } @@ -161,6 +149,6 @@ int der_length_printable_string(const unsigned char *octets, unsigned long nocte #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_ex.c b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_ex.c index 60692b5..10cfd21 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_ex.c +++ b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_ex.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -24,316 +22,17 @@ @param inlen The size of the input @param list The list of items to decode @param outlen The number of items in the list - @param ordered Search an unordeded or ordered list + @param flags c.f. enum ltc_der_seq @return CRYPT_OK on success */ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, - ltc_asn1_list *list, unsigned long outlen, int ordered) + ltc_asn1_list *list, unsigned long outlen, unsigned int flags) { - int err, i; - ltc_asn1_type type; - unsigned long size, x, y, z, blksize; - void *data; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(list != NULL); - - /* get blk size */ - if (inlen < 2) { - return CRYPT_INVALID_PACKET; - } - - /* sequence type? We allow 0x30 SEQUENCE and 0x31 SET since fundamentally they're the same structure */ - x = 0; - if (in[x] != 0x30 && in[x] != 0x31) { - return CRYPT_INVALID_PACKET; - } - ++x; - - /* check if the msb is set, which signals that the - * 7 lsb bits represent the number of bytes of the length - */ - if (in[x] < 128) { - blksize = in[x++]; - } else { - if (in[x] < 0x81 || in[x] > 0x83) { - return CRYPT_INVALID_PACKET; - } - y = in[x++] & 0x7F; - - /* would reading the len bytes overrun? */ - if (x + y > inlen) { - return CRYPT_INVALID_PACKET; - } - - /* read len */ - blksize = 0; - while (y--) { - blksize = (blksize << 8) | (unsigned long)in[x++]; - } - } - - /* would this blksize overflow? */ - if (x + blksize > inlen) { - return CRYPT_INVALID_PACKET; - } - - /* mark all as unused */ - for (i = 0; i < (int)outlen; i++) { - list[i].used = 0; - } - - /* ok read data */ - inlen = blksize; - for (i = 0; i < (int)outlen; i++) { - z = 0; - type = list[i].type; - size = list[i].size; - data = list[i].data; - if (!ordered && list[i].used == 1) { continue; } - - if (type == LTC_ASN1_EOL) { - break; - } - - /* handle context specific tags - just skip the tag + len bytes */ - z = 0; - if (list[i].tag > 0 && list[i].tag == in[x + z++]) { - if (in[x+z] & 0x80) { - y = in[x + z++] & 0x7F; - if (y == 0 || y > 2) { return CRYPT_INVALID_PACKET; } - z += y; - } else { - z++; - } - x += z; - inlen -= z; - } - - switch (type) { - case LTC_ASN1_BOOLEAN: - z = inlen; - if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - if ((err = der_length_boolean(&z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_INTEGER: - z = inlen; - if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - if ((err = der_length_integer(data, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_SHORT_INTEGER: - z = inlen; - if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - if ((err = der_length_short_integer(((unsigned long*)data)[0], &z)) != CRYPT_OK) { - goto LBL_ERR; - } - - break; - - case LTC_ASN1_BIT_STRING: - z = inlen; - if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_RAW_BIT_STRING: - z = inlen; - if ((err = der_decode_raw_bit_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_OCTET_STRING: - z = inlen; - if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_octet_string(size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_NULL: - if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) { - if (!ordered || list[i].optional) { continue; } - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - z = 2; - break; - - case LTC_ASN1_OBJECT_IDENTIFIER: - z = inlen; - if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_object_identifier(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_TELETEX_STRING: - z = inlen; - if ((err = der_decode_teletex_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_teletex_string(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_IA5_STRING: - z = inlen; - if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_ia5_string(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - - case LTC_ASN1_PRINTABLE_STRING: - z = inlen; - if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_printable_string(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_UTF8_STRING: - z = inlen; - if ((err = der_decode_utf8_string(in + x, z, data, &size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - list[i].size = size; - if ((err = der_length_utf8_string(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_UTCTIME: - z = inlen; - if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - break; - - case LTC_ASN1_GENERALIZEDTIME: - z = inlen; - if ((err = der_decode_generalizedtime(in + x, &z, data)) != CRYPT_OK) { - if (!ordered) { continue; } - goto LBL_ERR; - } - break; - - case LTC_ASN1_SET: - z = inlen; - if ((err = der_decode_set(in + x, z, data, size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - case LTC_ASN1_SETOF: - case LTC_ASN1_SEQUENCE: - /* detect if we have the right type */ - if ((type == LTC_ASN1_SETOF && (in[x] & 0x3F) != 0x31) || (type == LTC_ASN1_SEQUENCE && (in[x] & 0x3F) != 0x30)) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - z = inlen; - if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - break; - - - case LTC_ASN1_CHOICE: - z = inlen; - if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) { - if (!ordered || list[i].optional) { continue; } - goto LBL_ERR; - } - break; - - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: - case LTC_ASN1_EOL: - err = CRYPT_INVALID_ARG; - goto LBL_ERR; - } - x += z; - inlen -= z; - list[i].used = 1; - if (!ordered) { - /* restart the decoder */ - i = -1; - } - } - - for (i = 0; i < (int)outlen; i++) { - if (list[i].used == 0 && list[i].optional == 0) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - } - err = CRYPT_OK; - -LBL_ERR: - return err; + return der_decode_custom_type_ex(in, inlen, NULL, list, outlen, flags); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c index d76f403..44c9c47 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -17,43 +15,7 @@ #ifdef LTC_DER -static unsigned long fetch_length(const unsigned char *in, unsigned long inlen, unsigned long *data_offset) -{ - unsigned long x, z; - - *data_offset = 0; - - /* skip type and read len */ - if (inlen < 2) { - return 0xFFFFFFFF; - } - ++in; ++(*data_offset); - - /* read len */ - x = *in++; ++(*data_offset); - - /* <128 means literal */ - if (x < 128) { - return x+*data_offset; - } - x &= 0x7F; /* the lower 7 bits are the length of the length */ - inlen -= 2; - - /* len means len of len! */ - if (x == 0 || x > 4 || x > inlen) { - return 0xFFFFFFFF; - } - - *data_offset += x; - z = 0; - while (x--) { - z = (z<<8) | ((unsigned long)*in); - ++in; - } - return z+*data_offset; -} - -static int new_element(ltc_asn1_list **l) +static int _new_element(ltc_asn1_list **l) { /* alloc new link */ if (*l == NULL) { @@ -82,7 +44,7 @@ static int new_element(ltc_asn1_list **l) int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) { ltc_asn1_list *l; - unsigned long err, type, len, totlen, data_offset; + unsigned long err, identifier, len, totlen, data_offset, id_len, len_len; void *realloc_tmp; LTC_ARGCHK(in != NULL); @@ -94,45 +56,84 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc if (*inlen == 0) { /* alloc new link */ - if ((err = new_element(&l)) != CRYPT_OK) { + if ((err = _new_element(&l)) != CRYPT_OK) { goto error; } } /* scan the input and and get lengths and what not */ while (*inlen) { - /* read the type byte */ - type = *in; - - /* fetch length */ - len = fetch_length(in, *inlen, &data_offset); - if (len > *inlen) { - err = CRYPT_INVALID_PACKET; - goto error; - } - /* alloc new link */ - if ((err = new_element(&l)) != CRYPT_OK) { + if ((err = _new_element(&l)) != CRYPT_OK) { goto error; } - if ((type & 0x20) && (type != 0x30) && (type != 0x31)) { - /* constructed, use the 'used' field to store the original identifier */ - l->used = type; - /* treat constructed elements like SETs */ - type = 0x20; + id_len = *inlen; + if ((err = der_decode_asn1_identifier(in, &id_len, l)) != CRYPT_OK) { + goto error; } - else if ((type & 0xC0) == 0x80) { - /* context-specific, use the 'used' field to store the original identifier */ - l->used = type; - /* context-specific elements are treated as opaque data */ - type = 0x80; + /* read the type byte */ + identifier = *in; + + if (l->type != LTC_ASN1_EOL) { + /* fetch length */ + len_len = *inlen - id_len; +#if defined(LTC_TEST_DBG) + data_offset = 666; + len = 0; +#endif + if ((err = der_decode_asn1_length(&in[id_len], &len_len, &len)) != CRYPT_OK) { +#if defined(LTC_TEST_DBG) + fprintf(stderr, "E1 %02lx: hl=%4lu l=%4lu - %s (%s)\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err)); +#endif + goto error; + } else if (len > (*inlen - id_len - len_len)) { + err = CRYPT_INVALID_PACKET; +#if defined(LTC_TEST_DBG) + fprintf(stderr, "E2 %02lx: hl=%4lu l=%4lu - %s (%s)\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err)); +#endif + goto error; + } + data_offset = id_len + len_len; +#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 + if (l->type == LTC_ASN1_CUSTOM_TYPE && l->class == LTC_ASN1_CL_CONTEXT_SPECIFIC) { + fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - Context Specific[%s %llu]\n", identifier, data_offset, len, der_asn1_pc_to_string_map[l->pc], l->tag); + } else { + fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - %s\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag]); + } +#endif + len += data_offset; + + if (l->type == LTC_ASN1_CUSTOM_TYPE) { + /* Custom type, use the 'used' field to store the original identifier */ + l->used = identifier; + if (l->pc == LTC_ASN1_PC_CONSTRUCTED) { + /* treat constructed elements like SEQUENCEs */ + identifier = 0x20; + } else { + /* primitive elements are treated as opaque data */ + identifier = 0x80; + } + } + } else { + /* Init this so gcc won't complain, + * as this case will only be hit when we + * can't decode the identifier so the + * switch-case should go to default anyway... + */ + data_offset = 0; + len = 0; } /* now switch on type */ - switch (type) { + switch (identifier) { case 0x01: /* BOOLEAN */ - l->type = LTC_ASN1_BOOLEAN; + if (l->type != LTC_ASN1_BOOLEAN) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + + /* init field */ l->size = 1; l->data = XCALLOC(1, sizeof(int)); @@ -146,8 +147,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x02: /* INTEGER */ + if (l->type != LTC_ASN1_INTEGER) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + /* init field */ - l->type = LTC_ASN1_INTEGER; l->size = 1; if ((err = mp_init(&l->data)) != CRYPT_OK) { goto error; @@ -165,8 +170,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x03: /* BIT */ + if (l->type != LTC_ASN1_BIT_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + /* init field */ - l->type = LTC_ASN1_BIT_STRING; l->size = len * 8; /* *8 because we store decoded bits one per char and they are encoded 8 per char. */ if ((l->data = XCALLOC(1, l->size)) == NULL) { @@ -184,9 +193,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x04: /* OCTET */ + if (l->type != LTC_ASN1_OCTET_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_OCTET_STRING; l->size = len; if ((l->data = XCALLOC(1, l->size)) == NULL) { @@ -204,6 +216,10 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x05: /* NULL */ + if (l->type != LTC_ASN1_NULL) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* valid NULL is 0x05 0x00 */ if (in[0] != 0x05 || in[1] != 0x00) { @@ -212,7 +228,6 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc } /* simple to store ;-) */ - l->type = LTC_ASN1_NULL; l->data = NULL; l->size = 0; len = 2; @@ -220,9 +235,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x06: /* OID */ + if (l->type != LTC_ASN1_OBJECT_IDENTIFIER) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_OBJECT_IDENTIFIER; l->size = len; if ((l->data = XCALLOC(len, sizeof(unsigned long))) == NULL) { @@ -249,7 +267,10 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc case 0x0C: /* UTF8 */ /* init field */ - l->type = LTC_ASN1_UTF8_STRING; + if (l->type != LTC_ASN1_UTF8_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } l->size = len; if ((l->data = XCALLOC(sizeof(wchar_t), l->size)) == NULL) { @@ -267,9 +288,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x13: /* PRINTABLE */ + if (l->type != LTC_ASN1_PRINTABLE_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_PRINTABLE_STRING; l->size = len; if ((l->data = XCALLOC(1, l->size)) == NULL) { @@ -287,9 +311,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x14: /* TELETEXT */ + if (l->type != LTC_ASN1_TELETEX_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_TELETEX_STRING; l->size = len; if ((l->data = XCALLOC(1, l->size)) == NULL) { @@ -307,9 +334,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x16: /* IA5 */ + if (l->type != LTC_ASN1_IA5_STRING) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_IA5_STRING; l->size = len; if ((l->data = XCALLOC(1, l->size)) == NULL) { @@ -327,9 +357,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x17: /* UTC TIME */ + if (l->type != LTC_ASN1_UTCTIME) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* init field */ - l->type = LTC_ASN1_UTCTIME; l->size = 1; if ((l->data = XCALLOC(1, sizeof(ltc_utctime))) == NULL) { @@ -348,7 +381,12 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x18: - l->type = LTC_ASN1_GENERALIZEDTIME; + if (l->type != LTC_ASN1_GENERALIZEDTIME) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + + /* init field */ l->size = len; if ((l->data = XCALLOC(1, sizeof(ltc_generalizedtime))) == NULL) { @@ -371,14 +409,23 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc case 0x31: /* SET */ /* init field */ - if (type == 0x20) { - l->type = LTC_ASN1_CONSTRUCTED; + if (identifier == 0x20) { + if (l->type != LTC_ASN1_CUSTOM_TYPE) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } } - else if (type == 0x30) { - l->type = LTC_ASN1_SEQUENCE; + else if (identifier == 0x30) { + if (l->type != LTC_ASN1_SEQUENCE) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } } else { - l->type = LTC_ASN1_SET; + if (l->type != LTC_ASN1_SET) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } } if ((l->data = XMALLOC(len)) == NULL) { @@ -393,12 +440,19 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc /* jump to the start of the data */ in += data_offset; *inlen -= data_offset; - len = len - data_offset; + len -= data_offset; + + /* save the decoded ASN.1 len */ + len_len = len; /* Sequence elements go as child */ if ((err = der_decode_sequence_flexi(in, &len, &(l->child))) != CRYPT_OK) { goto error; } + if (len_len != len) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } /* len update */ totlen += data_offset; @@ -412,7 +466,10 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc break; case 0x80: /* Context-specific */ - l->type = LTC_ASN1_CONTEXT_SPECIFIC; + if (l->type != LTC_ASN1_CUSTOM_TYPE) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } if ((l->data = XCALLOC(1, len - data_offset)) == NULL) { err = CRYPT_MEM; @@ -470,6 +527,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c index ba23412..280d7cd 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c +++ b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -23,27 +21,27 @@ Decode a SEQUENCE type using a VA list @param in Input buffer @param inlen Length of input in octets - @remark <...> is of the form (int, unsigned long, void*) + @param a1 Initialized argument list #1 + @param a2 Initialized argument list #2 (copy of #1) + @param flags c.f. enum ltc_der_seq @return CRYPT_OK on success */ -int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) +static int _der_decode_sequence_va(const unsigned char *in, unsigned long inlen, va_list a1, va_list a2, unsigned int flags) { int err; ltc_asn1_type type; unsigned long size, x; void *data; - va_list args; ltc_asn1_list *list; LTC_ARGCHK(in != NULL); /* get size of output that will be required */ - va_start(args, inlen); x = 0; for (;;) { - type = va_arg(args, ltc_asn1_type); - size = va_arg(args, unsigned long); - data = va_arg(args, void*); + type = (ltc_asn1_type)va_arg(a1, int); + size = va_arg(a1, unsigned long); + data = va_arg(a1, void*); LTC_UNUSED_PARAM(size); LTC_UNUSED_PARAM(data); @@ -74,13 +72,10 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) break; case LTC_ASN1_EOL: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: - va_end(args); + case LTC_ASN1_CUSTOM_TYPE: return CRYPT_INVALID_ARG; } } - va_end(args); /* allocate structure for x elements */ if (x == 0) { @@ -93,12 +88,11 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) } /* fill in the structure */ - va_start(args, inlen); x = 0; for (;;) { - type = va_arg(args, ltc_asn1_type); - size = va_arg(args, unsigned long); - data = va_arg(args, void*); + type = (ltc_asn1_type)va_arg(a2, int); + size = va_arg(a2, unsigned long); + data = va_arg(a2, void*); if (type == LTC_ASN1_EOL) { break; @@ -127,21 +121,70 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) break; /* coverity[dead_error_line] */ case LTC_ASN1_EOL: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: + case LTC_ASN1_CUSTOM_TYPE: break; } } - va_end(args); - err = der_decode_sequence(in, inlen, list, x); + err = der_decode_sequence_ex(in, inlen, list, x, flags); XFREE(list); return err; } +/** + Decode a SEQUENCE type using a VA list + @param in Input buffer + @param inlen Length of input in octets + @remark <...> is of the form (int, unsigned long, void*) + @return CRYPT_OK on success +*/ +int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) +{ + va_list a1, a2; + int err; + + LTC_ARGCHK(in != NULL); + + va_start(a1, inlen); + va_start(a2, inlen); + + err = _der_decode_sequence_va(in, inlen, a1, a2, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_RELAXED); + + va_end(a2); + va_end(a1); + + return err; +} + +/** + Decode a SEQUENCE type using a VA list + @param in Input buffer + @param inlen Length of input in octets + @param flags c.f. enum ltc_der_seq + @remark <...> is of the form (int, unsigned long, void*) + @return CRYPT_OK on success +*/ +int der_decode_sequence_multi_ex(const unsigned char *in, unsigned long inlen, unsigned int flags, ...) +{ + va_list a1, a2; + int err; + + LTC_ARGCHK(in != NULL); + + va_start(a1, flags); + va_start(a2, flags); + + err = _der_decode_sequence_va(in, inlen, a1, a2, flags); + + va_end(a2); + va_end(a1); + + return err; +} + #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c index 79d8711..1a5d968 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,7 +31,6 @@ int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, int err; ltc_asn1_type type; unsigned long size, x, y, z, i; - unsigned char tmptag[6]; void *data; LTC_ARGCHK(list != NULL); @@ -55,21 +52,11 @@ int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, x = 0; out[x++] = (type_of == LTC_ASN1_SEQUENCE) ? 0x30 : 0x31; - if (z < 128) { - out[x++] = (unsigned char)z; - } else if (z < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)z; - } else if (z < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((z>>8UL)&255); - out[x++] = (unsigned char)(z&255); - } else if (z < 16777216UL) { - out[x++] = 0x83; - out[x++] = (unsigned char)((z>>16UL)&255); - out[x++] = (unsigned char)((z>>8UL)&255); - out[x++] = (unsigned char)(z&255); + y = *outlen - x; + if ((err = der_encode_asn1_length(z, &out[x], &y)) != CRYPT_OK) { + goto LBL_ERR; } + x += y; /* store data */ *outlen -= x; @@ -194,43 +181,20 @@ int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, } break; + case LTC_ASN1_CUSTOM_TYPE: + z = *outlen; + if ((err = der_encode_custom_type(&list[i], out + x, &z)) != CRYPT_OK) { + goto LBL_ERR; + } + break; + case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: case LTC_ASN1_EOL: case LTC_ASN1_TELETEX_STRING: err = CRYPT_INVALID_ARG; goto LBL_ERR; } - if (list[i].tag > 0) { - tmptag[0] = list[i].tag; - y = 0; - if (z < 128) { - tmptag[1] = (unsigned char)z; - y = 2; - } else if (z < 256) { - tmptag[1] = 0x81; - tmptag[2] = (unsigned char)z; - y = 3; - } else if (z < 65536UL) { - tmptag[1] = 0x82; - tmptag[2] = (unsigned char)((z>>8UL)&255); - tmptag[3] = (unsigned char)(z&255); - y = 4; - } else if (z < 16777216UL) { - tmptag[1] = 0x83; - tmptag[2] = (unsigned char)((z>>16UL)&255); - tmptag[3] = (unsigned char)((z>>8UL)&255); - tmptag[4] = (unsigned char)(z&255); - y = 5; - } - XMEMMOVE(out + x + y, out + x, z); - XMEMCPY(out + x, tmptag, y); - - z += y; - } - x += z; *outlen -= z; } @@ -242,3 +206,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c index 3bd76bf..c8ec59a 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c +++ b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" #include @@ -42,7 +40,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) va_start(args, outlen); x = 0; for (;;) { - type = va_arg(args, ltc_asn1_type); + type = (ltc_asn1_type)va_arg(args, int); size = va_arg(args, unsigned long); data = va_arg(args, void*); LTC_UNUSED_PARAM(size); @@ -73,8 +71,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) break; case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: + case LTC_ASN1_CUSTOM_TYPE: case LTC_ASN1_EOL: case LTC_ASN1_TELETEX_STRING: va_end(args); @@ -97,7 +94,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) va_start(args, outlen); x = 0; for (;;) { - type = va_arg(args, ltc_asn1_type); + type = (ltc_asn1_type)va_arg(args, int); size = va_arg(args, unsigned long); data = va_arg(args, void*); @@ -126,8 +123,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) break; case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: + case LTC_ASN1_CUSTOM_TYPE: case LTC_ASN1_EOL: case LTC_ASN1_TELETEX_STRING: va_end(args); @@ -146,6 +142,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_length_sequence.c b/src/ltc/pk/asn1/der/sequence/der_length_sequence.c index a89d2f0..a80f96b 100644 --- a/src/ltc/pk/asn1/der/sequence/der_length_sequence.c +++ b/src/ltc/pk/asn1/der/sequence/der_length_sequence.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -27,7 +25,7 @@ int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen) { - return der_length_sequence_ex(list, inlen, outlen, NULL); + return der_length_sequence_ex(list, inlen, outlen, NULL); } int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, @@ -35,7 +33,7 @@ int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, { int err; ltc_asn1_type type; - unsigned long size, x, y, i, z; + unsigned long size, x, y, i; void *data; LTC_ARGCHK(list != NULL); @@ -145,6 +143,13 @@ int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, y += x; break; + case LTC_ASN1_CUSTOM_TYPE: + if ((err = der_length_custom_type(&list[i], &x, NULL)) != CRYPT_OK) { + goto LBL_ERR; + } + y += x; + break; + case LTC_ASN1_SET: case LTC_ASN1_SETOF: case LTC_ASN1_SEQUENCE: @@ -154,53 +159,23 @@ int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, y += x; break; - case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: case LTC_ASN1_EOL: err = CRYPT_INVALID_ARG; goto LBL_ERR; } - - /* handle context specific tags size */ - if (list[i].tag > 0) { - if (x < 128) { - y += 2; - } else if (x < 256) { - y += 3; - } else if (x < 65536UL) { - y += 4; - } else if (x < 16777216UL) { - y += 5; - } else { - err = CRYPT_INVALID_ARG; - goto LBL_ERR; - } - } } - /* calc header size */ - z = y; - if (y < 128) { - y += 2; - } else if (y < 256) { - /* 0x30 0x81 LL */ - y += 3; - } else if (y < 65536UL) { - /* 0x30 0x82 LL LL */ - y += 4; - } else if (y < 16777216UL) { - /* 0x30 0x83 LL LL LL */ - y += 5; - } else { - err = CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(y, &x)) != CRYPT_OK) { goto LBL_ERR; } + if (payloadlen != NULL) { + *payloadlen = y; + } + /* store size */ - if (payloadlen) *payloadlen = z; - *outlen = y; + *outlen = y + x + 1; err = CRYPT_OK; LBL_ERR: @@ -209,6 +184,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_sequence_free.c b/src/ltc/pk/asn1/der/sequence/der_sequence_free.c index 4600d5f..3c2a663 100644 --- a/src/ltc/pk/asn1/der/sequence/der_sequence_free.c +++ b/src/ltc/pk/asn1/der/sequence/der_sequence_free.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -60,6 +58,6 @@ void der_sequence_free(ltc_asn1_list *in) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_sequence_shrink.c b/src/ltc/pk/asn1/der/sequence/der_sequence_shrink.c new file mode 100644 index 0000000..fdfe91b --- /dev/null +++ b/src/ltc/pk/asn1/der/sequence/der_sequence_shrink.c @@ -0,0 +1,50 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file der_sequence_shrink.c + Free memory allocated for CONSTRUCTED, SET or SEQUENCE elements by der_decode_sequence_flexi(), Steffen Jaeckel +*/ + +#ifdef LTC_DER + +/** + Free memory allocated for CONSTRUCTED, + SET or SEQUENCE elements by der_decode_sequence_flexi() + @param in The list to shrink +*/ +void der_sequence_shrink(ltc_asn1_list *in) +{ + if (!in) return; + + /* now walk the list and free stuff */ + while (in != NULL) { + /* is there a child? */ + if (in->child) { + der_sequence_shrink(in->child); + } + + switch (in->type) { + case LTC_ASN1_CUSTOM_TYPE: + case LTC_ASN1_SET: + case LTC_ASN1_SEQUENCE : if (in->data != NULL) { XFREE(in->data); in->data = NULL; } break; + default: break; + } + + /* move to next and free current */ + in = in->next; + } +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/set/der_encode_set.c b/src/ltc/pk/asn1/der/set/der_encode_set.c index 75de234..a3485f2 100644 --- a/src/ltc/pk/asn1/der/set/der_encode_set.c +++ b/src/ltc/pk/asn1/der/set/der_encode_set.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,41 +16,18 @@ #ifdef LTC_DER /* LTC define to ASN.1 TAG */ -static int ltc_to_asn1(ltc_asn1_type v) +static int _ltc_to_asn1(ltc_asn1_type v) { - switch (v) { - case LTC_ASN1_BOOLEAN: return 0x01; - case LTC_ASN1_INTEGER: - case LTC_ASN1_SHORT_INTEGER: return 0x02; - case LTC_ASN1_RAW_BIT_STRING: - case LTC_ASN1_BIT_STRING: return 0x03; - case LTC_ASN1_OCTET_STRING: return 0x04; - case LTC_ASN1_NULL: return 0x05; - case LTC_ASN1_OBJECT_IDENTIFIER: return 0x06; - case LTC_ASN1_UTF8_STRING: return 0x0C; - case LTC_ASN1_PRINTABLE_STRING: return 0x13; - case LTC_ASN1_TELETEX_STRING: return 0x14; - case LTC_ASN1_IA5_STRING: return 0x16; - case LTC_ASN1_UTCTIME: return 0x17; - case LTC_ASN1_GENERALIZEDTIME: return 0x18; - case LTC_ASN1_SEQUENCE: return 0x30; - case LTC_ASN1_SET: - case LTC_ASN1_SETOF: return 0x31; - case LTC_ASN1_CHOICE: - case LTC_ASN1_CONSTRUCTED: - case LTC_ASN1_CONTEXT_SPECIFIC: - case LTC_ASN1_EOL: return -1; - } - return -1; + return der_asn1_type_to_identifier_map[v]; } -static int qsort_helper(const void *a, const void *b) +static int _qsort_helper(const void *a, const void *b) { ltc_asn1_list *A = (ltc_asn1_list *)a, *B = (ltc_asn1_list *)b; int r; - r = ltc_to_asn1(A->type) - ltc_to_asn1(B->type); + r = _ltc_to_asn1(A->type) - _ltc_to_asn1(B->type); /* for QSORT the order is UNDEFINED if they are "equal" which means it is NOT DETERMINISTIC. So we force it to be :-) */ if (r == 0) { @@ -91,7 +66,7 @@ int der_encode_set(ltc_asn1_list *list, unsigned long inlen, } /* sort it by the "type" field */ - XQSORT(copy, inlen, sizeof(*copy), &qsort_helper); + XQSORT(copy, inlen, sizeof(*copy), &_qsort_helper); /* call der_encode_sequence_ex() */ err = der_encode_sequence_ex(copy, inlen, out, outlen, LTC_ASN1_SET); @@ -105,6 +80,6 @@ int der_encode_set(ltc_asn1_list *list, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/set/der_encode_setof.c b/src/ltc/pk/asn1/der/set/der_encode_setof.c index d4001f9..b837cdd 100644 --- a/src/ltc/pk/asn1/der/set/der_encode_setof.c +++ b/src/ltc/pk/asn1/der/set/der_encode_setof.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -22,7 +20,7 @@ struct edge { unsigned long size; }; -static int qsort_helper(const void *a, const void *b) +static int _qsort_helper(const void *a, const void *b) { struct edge *A = (struct edge *)a, *B = (struct edge *)b; int r; @@ -134,7 +132,7 @@ int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, } /* sort based on contents (using edges) */ - XQSORT(edges, inlen, sizeof(*edges), &qsort_helper); + XQSORT(edges, inlen, sizeof(*edges), &_qsort_helper); /* copy static header */ XMEMCPY(out, buf, hdrlen); @@ -158,6 +156,6 @@ int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c b/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c index a174740..71debf3 100644 --- a/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c +++ b/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -63,6 +61,6 @@ int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsig #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/short_integer/der_encode_short_integer.c b/src/ltc/pk/asn1/der/short_integer/der_encode_short_integer.c index 7b4f527..ea413eb 100644 --- a/src/ltc/pk/asn1/der/short_integer/der_encode_short_integer.c +++ b/src/ltc/pk/asn1/der/short_integer/der_encode_short_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -92,6 +90,6 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/short_integer/der_length_short_integer.c b/src/ltc/pk/asn1/der/short_integer/der_length_short_integer.c index f248e64..8c1de28 100644 --- a/src/ltc/pk/asn1/der/short_integer/der_length_short_integer.c +++ b/src/ltc/pk/asn1/der/short_integer/der_length_short_integer.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -25,7 +23,8 @@ */ int der_length_short_integer(unsigned long num, unsigned long *outlen) { - unsigned long z, y, len; + unsigned long z, y; + int err; LTC_ARGCHK(outlen != NULL); @@ -43,28 +42,21 @@ int der_length_short_integer(unsigned long num, unsigned long *outlen) /* handle zero */ if (z == 0) { z = 1; + } else if ((num&(1UL<<((z<<3) - 1))) != 0) { + /* in case msb is set */ + ++z; } - /* we need a 0x02 to indicate it's INTEGER */ - len = 1; - - /* length byte */ - ++len; - - /* bytes in value */ - len += z; - - /* see if msb is set */ - len += (num&(1UL<<((z<<3) - 1))) ? 1 : 0; - - /* return length */ - *outlen = len; + if ((err = der_length_asn1_length(z, &y)) != CRYPT_OK) { + return err; + } + *outlen = 1 + y + z; return CRYPT_OK; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.c b/src/ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.c index b935745..cd530a2 100644 --- a/src/ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.c +++ b/src/ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -29,7 +27,7 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y, len; - int t; + int t, err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -46,23 +44,12 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, } x = 1; - /* decode the length */ - if (in[x] & 0x80) { - /* valid # of bytes in length are 1,2,3 */ - y = in[x] & 0x7F; - if ((y == 0) || (y > 3) || ((x + y) > inlen)) { - return CRYPT_INVALID_PACKET; - } - - /* read the length in */ - len = 0; - ++x; - while (y--) { - len = (len << 8) | in[x++]; - } - } else { - len = in[x++] & 0x7F; + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; /* is it too long? */ if (len > *outlen) { @@ -70,7 +57,7 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, return CRYPT_BUFFER_OVERFLOW; } - if (len + x > inlen) { + if (len > (inlen - x)) { return CRYPT_INVALID_PACKET; } @@ -90,6 +77,6 @@ int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/teletex_string/der_length_teletex_string.c b/src/ltc/pk/asn1/der/teletex_string/der_length_teletex_string.c index b5ae8b4..a35c6d7 100644 --- a/src/ltc/pk/asn1/der/teletex_string/der_length_teletex_string.c +++ b/src/ltc/pk/asn1/der/teletex_string/der_length_teletex_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -172,6 +170,7 @@ int der_teletex_value_decode(int v) int der_length_teletex_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen) { unsigned long x; + int err; LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(octets != NULL); @@ -183,21 +182,10 @@ int der_length_teletex_string(const unsigned char *octets, unsigned long noctets } } - if (noctets < 128) { - /* 16 LL DD DD DD ... */ - *outlen = 2 + noctets; - } else if (noctets < 256) { - /* 16 81 LL DD DD DD ... */ - *outlen = 3 + noctets; - } else if (noctets < 65536UL) { - /* 16 82 LL LL DD DD DD ... */ - *outlen = 4 + noctets; - } else if (noctets < 16777216UL) { - /* 16 83 LL LL LL DD DD DD ... */ - *outlen = 5 + noctets; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(noctets, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + noctets; return CRYPT_OK; } @@ -205,6 +193,6 @@ int der_length_teletex_string(const unsigned char *octets, unsigned long noctets #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utctime/der_decode_utctime.c b/src/ltc/pk/asn1/der/utctime/der_decode_utctime.c index ca12799..07fcb80 100644 --- a/src/ltc/pk/asn1/der/utctime/der_decode_utctime.c +++ b/src/ltc/pk/asn1/der/utctime/der_decode_utctime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -17,7 +15,7 @@ #ifdef LTC_DER -static int char_to_int(unsigned char x) +static int _char_to_int(unsigned char x) { switch (x) { case '0': return 0; @@ -30,12 +28,12 @@ static int char_to_int(unsigned char x) case '7': return 7; case '8': return 8; case '9': return 9; + default: return 100; } - return 100; } #define DECODE_V(y, max) \ - y = char_to_int(buf[x])*10 + char_to_int(buf[x+1]); \ + y = _char_to_int(buf[x])*10 + _char_to_int(buf[x+1]); \ if (y >= max) return CRYPT_INVALID_PACKET; \ x += 2; @@ -49,7 +47,7 @@ static int char_to_int(unsigned char x) int der_decode_utctime(const unsigned char *in, unsigned long *inlen, ltc_utctime *out) { - unsigned char buf[32]; + unsigned char buf[32] = { 0 }; /* initialize as all zeroes */ unsigned long x; int y; @@ -122,6 +120,6 @@ YYMMDDhhmmss-hh'mm' #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c b/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c index 92fffe5..c6c8464 100644 --- a/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c +++ b/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -78,6 +76,6 @@ int der_encode_utctime(ltc_utctime *utctime, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utctime/der_length_utctime.c b/src/ltc/pk/asn1/der/utctime/der_length_utctime.c index e33c4f3..4202083 100644 --- a/src/ltc/pk/asn1/der/utctime/der_length_utctime.c +++ b/src/ltc/pk/asn1/der/utctime/der_length_utctime.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -41,6 +39,6 @@ int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c b/src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c index d67362a..c86d660 100644 --- a/src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c +++ b/src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,6 +29,7 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, { wchar_t tmp; unsigned long x, y, z, len; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -47,25 +46,14 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, } x = 1; - /* decode the length */ - if (in[x] & 0x80) { - /* valid # of bytes in length are 1,2,3 */ - y = in[x] & 0x7F; - if ((y == 0) || (y > 3) || ((x + y) > inlen)) { - return CRYPT_INVALID_PACKET; - } - - /* read the length in */ - len = 0; - ++x; - while (y--) { - len = (len << 8) | in[x++]; - } - } else { - len = in[x++] & 0x7F; + /* get the length of the data */ + y = inlen - x; + if ((err = der_decode_asn1_length(in + x, &y, &len)) != CRYPT_OK) { + return err; } + x += y; - if (len + x > inlen) { + if (len > (inlen - x)) { return CRYPT_INVALID_PACKET; } @@ -93,19 +81,23 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, tmp = (tmp << 6) | ((wchar_t)in[x++] & 0x3F); } - if (y > *outlen) { - *outlen = y; - return CRYPT_BUFFER_OVERFLOW; + if (y < *outlen) { + out[y] = tmp; } - out[y++] = tmp; + y++; + } + if (y > *outlen) { + err = CRYPT_BUFFER_OVERFLOW; + } else { + err = CRYPT_OK; } *outlen = y; - return CRYPT_OK; + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utf8/der_encode_utf8_string.c b/src/ltc/pk/asn1/der/utf8/der_encode_utf8_string.c index ef0e6eb..1c6e09b 100644 --- a/src/ltc/pk/asn1/der/utf8/der_encode_utf8_string.c +++ b/src/ltc/pk/asn1/der/utf8/der_encode_utf8_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -30,6 +28,7 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y, len; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -40,46 +39,26 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, if (!der_utf8_valid_char(in[x])) return CRYPT_INVALID_ARG; len += der_utf8_charsize(in[x]); } - - if (len < 128) { - y = 2 + len; - } else if (len < 256) { - y = 3 + len; - } else if (len < 65536UL) { - y = 4 + len; - } else if (len < 16777216UL) { - y = 5 + len; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(len, &x)) != CRYPT_OK) { + return err; } + x += len + 1; /* too big? */ - if (y > *outlen) { - *outlen = len; + if (x > *outlen) { + *outlen = x; return CRYPT_BUFFER_OVERFLOW; } /* encode the header+len */ x = 0; out[x++] = 0x0C; - if (len < 128) { - out[x++] = (unsigned char)len; - } else if (len < 256) { - out[x++] = 0x81; - out[x++] = (unsigned char)len; - } else if (len < 65536UL) { - out[x++] = 0x82; - out[x++] = (unsigned char)((len>>8)&255); - out[x++] = (unsigned char)(len&255); - } else if (len < 16777216UL) { - out[x++] = 0x83; - out[x++] = (unsigned char)((len>>16)&255); - out[x++] = (unsigned char)((len>>8)&255); - out[x++] = (unsigned char)(len&255); - } else { - /* coverity[dead_error_line] */ - return CRYPT_INVALID_ARG; + + y = *outlen - x; + if ((err = der_encode_asn1_length(len, out + x, &y)) != CRYPT_OK) { + return err; } + x += y; /* store UTF8 */ for (y = 0; y < inlen; y++) { @@ -93,7 +72,7 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, } } - /* retun length */ + /* return length */ *outlen = x; return CRYPT_OK; @@ -101,6 +80,6 @@ int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/utf8/der_length_utf8_string.c b/src/ltc/pk/asn1/der/utf8/der_length_utf8_string.c index 2bab445..b429284 100644 --- a/src/ltc/pk/asn1/der/utf8/der_length_utf8_string.c +++ b/src/ltc/pk/asn1/der/utf8/der_length_utf8_string.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -67,6 +65,7 @@ int der_utf8_valid_char(const wchar_t c) int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen) { unsigned long x, len; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(outlen != NULL); @@ -77,21 +76,10 @@ int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned lo len += der_utf8_charsize(in[x]); } - if (len < 128) { - /* 0C LL DD DD DD ... */ - *outlen = 2 + len; - } else if (len < 256) { - /* 0C 81 LL DD DD DD ... */ - *outlen = 3 + len; - } else if (len < 65536UL) { - /* 0C 82 LL LL DD DD DD ... */ - *outlen = 4 + len; - } else if (len < 16777216UL) { - /* 0C 83 LL LL LL DD DD DD ... */ - *outlen = 5 + len; - } else { - return CRYPT_INVALID_ARG; + if ((err = der_length_asn1_length(len, &x)) != CRYPT_OK) { + return err; } + *outlen = 1 + x + len; return CRYPT_OK; } @@ -99,6 +87,6 @@ int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned lo #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.c b/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c similarity index 74% rename from src/ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.c rename to src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c index c649913..c68b4a3 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_subject_public_key_info.c +++ b/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c @@ -5,12 +5,12 @@ * * The library is free for all purposes without any express * guarantee it works. - * */ #include "tomcrypt.h" + /** - @file der_decode_subject_public_key_info.c - ASN.1 DER, encode a Subject Public Key structure --nmav + @file x509_decode_subject_public_key_info.c + ASN.1 DER/X.509, encode a SubjectPublicKeyInfo structure --nmav */ #ifdef LTC_DER @@ -26,29 +26,20 @@ * } */ /** - Decode a subject public key info + Decode a SubjectPublicKeyInfo @param in The input buffer @param inlen The length of the input buffer @param algorithm One out of the enum #public_key_algorithms @param public_key The buffer for the public key @param public_key_len [in/out] The length of the public key buffer and the written length - @param parameters_type The parameters' type out of the enum #ltc_asn1_type + @param parameters_type The parameters' type out of the enum ltc_asn1_type @param parameters The parameters to include - @param parameters_len The number of parameters to include + @param parameters_len [in/out]The number of parameters to include @return CRYPT_OK on success */ -int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, +int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len) -{ - return der_decode_subject_public_key_info_ex(in, inlen, algorithm, public_key, public_key_len, - parameters_type, parameters, parameters_len, NULL); -} - -int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long inlen, - unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, void* parameters, unsigned long parameters_len, - unsigned long *parameters_outsize) + unsigned long parameters_type, void* parameters, unsigned long *parameters_len) { int err; unsigned long len; @@ -61,6 +52,7 @@ int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long LTC_ARGCHK(in != NULL); LTC_ARGCHK(inlen != 0); LTC_ARGCHK(public_key_len != NULL); + LTC_ARGCHK(parameters_len != NULL); err = pk_get_oid(algorithm, &oid); if (err != CRYPT_OK) { @@ -68,7 +60,7 @@ int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long } /* see if the OpenSSL DER format RSA public key will work */ - tmpbuf = XCALLOC(1, LTC_DER_MAX_PUBKEY_SIZE*8); + tmpbuf = XCALLOC(1, inlen); if (tmpbuf == NULL) { err = CRYPT_MEM; goto LBL_ERR; @@ -76,20 +68,20 @@ int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long /* this includes the internal hash ID and optional params (NULL in this case) */ LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0])); - LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, parameters_len); + LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, *parameters_len); /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey * in a **BIT** string ... so we have to extract it then proceed to convert bit to octet */ LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2); - LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, LTC_DER_MAX_PUBKEY_SIZE*8); + LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, inlen*8U); err=der_decode_sequence(in, inlen, subject_pubkey, 2UL); if (err != CRYPT_OK) { goto LBL_ERR; } - if (parameters_outsize) *parameters_outsize = alg_id[1].size; + *parameters_len = alg_id[1].size; if ((alg_id[0].size != oid.OIDlen) || XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) { @@ -118,3 +110,7 @@ LBL_ERR: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.c b/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c similarity index 82% rename from src/ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.c rename to src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c index 0578d53..8148a18 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_subject_public_key_info.c +++ b/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c @@ -5,13 +5,12 @@ * * The library is free for all purposes without any express * guarantee it works. - * */ #include "tomcrypt.h" /** - @file der_encode_subject_public_key_info.c - ASN.1 DER, encode a Subject Public Key structure --nmav + @file x509_encode_subject_public_key_info.c + ASN.1 DER/X.509, encode a SubjectPublicKeyInfo structure --nmav */ #ifdef LTC_DER @@ -27,18 +26,18 @@ * } */ /** - Encode a subject public key info + Encode a SubjectPublicKeyInfo @param out The output buffer @param outlen [in/out] Length of buffer and resulting length of output @param algorithm One out of the enum #public_key_algorithms @param public_key The buffer for the public key @param public_key_len The length of the public key buffer - @param parameters_type The parameters' type out of the enum #ltc_asn1_type + @param parameters_type The parameters' type out of the enum ltc_asn1_type @param parameters The parameters to include @param parameters_len The number of parameters to include @return CRYPT_OK on success */ -int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, +int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, unsigned int algorithm, void* public_key, unsigned long public_key_len, unsigned long parameters_type, void* parameters, unsigned long parameters_len) { @@ -59,11 +58,14 @@ int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen return der_encode_sequence_multi(out, outlen, LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, - LTC_ASN1_RAW_BIT_STRING, (unsigned long)(public_key_len*8), public_key, + LTC_ASN1_RAW_BIT_STRING, public_key_len*8U, public_key, LTC_ASN1_EOL, 0UL, NULL); } #endif +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh.c b/src/ltc/pk/dh/dh.c index 693e5a4..763b007 100644 --- a/src/ltc/pk/dh/dh.c +++ b/src/ltc/pk/dh/dh.c @@ -5,501 +5,233 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org */ -#include "tomcrypt.h" -/** - @file dh.c - DH crypto, Tom St Denis -*/ +#include "tomcrypt.h" #ifdef LTC_MDH - -#include "dh_static.h" - -/** - Test the DH sub-system (can take a while) - @return CRYPT_OK if successful -*/ -int dh_compat_test(void) -{ - void *p, *g, *tmp; - int x, err, primality; - - if ((err = mp_init_multi(&p, &g, &tmp, NULL)) != CRYPT_OK) { goto error; } - - for (x = 0; sets[x].size != 0; x++) { -#if 0 - printf("dh_test():testing size %d-bits\n", sets[x].size * 8); +/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ +const ltc_dh_set_type ltc_dh_sets[] = { +#ifdef LTC_DH768 +{ /* 768-bit MODP Group 1 - https://tools.ietf.org/html/rfc7296#appendix-B.1 */ + 96, + "DH-768", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH1024 +{ /* 1024-bit MODP Group 2 - https://tools.ietf.org/html/rfc7296#appendix-B.2 */ + 128, + "DH-1024", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" + "FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH1536 +{ /* 1536-bit MODP Group 5 - https://tools.ietf.org/html/rfc3526#section-2 */ + 192, + "DH-1536", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH2048 +{ /* 2048-bit MODP Group 14 - https://tools.ietf.org/html/rfc3526#section-3 */ + 256, + "DH-2048", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AACAA68FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH3072 +{ /* 3072-bit MODP Group 15 - https://tools.ietf.org/html/rfc3526#section-4 */ + 384, + "DH-3072", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH4096 +{ /* 4096-bit MODP Group 16 - https://tools.ietf.org/html/rfc3526#section-5 */ + 512, + "DH-4096", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + "FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH6144 +{ /* 6144-bit MODP Group 17 - https://tools.ietf.org/html/rfc3526#section-6 */ + 768, + "DH-6144", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" + "12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF" +}, +#endif +#ifdef LTC_DH8192 +{ /* 8192-bit MODP Group 18 - https://tools.ietf.org/html/rfc3526#section-7 */ + 1024, + "DH-8192", + "2", + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300" + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A" + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1" + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47" + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF" +}, #endif - if ((err = mp_read_radix(g,(char *)sets[x].base, 64)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(p,(char *)sets[x].prime, 64)) != CRYPT_OK) { goto error; } - - /* ensure p is prime */ - if ((err = mp_prime_is_prime(p, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality != LTC_MP_YES ) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - if ((err = mp_sub_d(p, 1, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_div_2(tmp, tmp)) != CRYPT_OK) { goto error; } - - /* ensure (p-1)/2 is prime */ - if ((err = mp_prime_is_prime(tmp, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality == 0) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - /* now see if g^((p-1)/2) mod p is in fact 1 */ - if ((err = mp_exptmod(g, tmp, p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1)) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - } - err = CRYPT_OK; -error: -done: - mp_clear_multi(tmp, g, p, NULL); - return err; -} - -/** - Get the min and max DH key sizes (octets) - @param low [out] The smallest key size supported - @param high [out] The largest key size supported -*/ -void dh_sizes(int *low, int *high) { - int x; - LTC_ARGCHKVD(low != NULL); - LTC_ARGCHKVD(high != NULL); - *low = INT_MAX; - *high = 0; - for (x = 0; sets[x].size != 0; x++) { - if (*low > sets[x].size) *low = sets[x].size; - if (*high < sets[x].size) *high = sets[x].size; - } + 0, + NULL, + NULL, + NULL } +}; /** - Returns the key size of a given DH key (octets) + Returns the DH group size (octets) for given key @param key The DH key to get the size of - @return The size if valid or INT_MAX if not -*/ -int dh_get_size(dh_key *key) + @return The group size in octets (0 on error) + */ +int dh_get_groupsize(dh_key *key) { - LTC_ARGCHK(key != NULL); - if (key->idx == SUPPLIED_PRIME) { - return mp_unsigned_bin_size(key->prime); - } - if (dh_is_valid_idx(key->idx) == 1) { - return sets[key->idx].size; - } else { - return INT_MAX; /* large value that would cause dh_make_key() to fail */ - } -} - -/** - Make a DH key [private key pair] - @param prng An active PRNG state - @param wprng The index for the PRNG you desire to use - @param keysize The key size (octets) desired - @param key [out] Where the newly created DH key will be stored - @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically. -*/ -int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key) -{ - unsigned long x; - int err; - - /* find key size */ - for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++); -#ifdef FAST_PK - keysize = MIN(sets[x].size, 32); -#else - keysize = sets[x].size; -#endif - if (sets[x].size == 0) { - return CRYPT_INVALID_KEYSIZE; - } - key->idx = x; - - if ((err = mp_init_multi(&key->base, &key->prime, NULL)) != CRYPT_OK) { - goto error; - } - if ((err = mp_read_radix(key->base, sets[key->idx].base, 64)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->prime, sets[key->idx].prime, 64)) != CRYPT_OK) { goto error; } - return dh_make_key_internal(prng, wprng, key); -error: - mp_clear_multi(key->base, key->prime, NULL); - return err; -} - -/** - Make a DH key [private key pair] from provided base and prime - @param prng An active PRNG state - @param wprng The index for the PRNG you desire to use - @param keysize The key size (octets) desired - @param base The base (generator) to create the key from - @param prime The prime to create the key from - @param key [out] Where the newly created DH key will be stored - @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically. -*/ -int dh_make_key_ex(prng_state *prng, int wprng, const char *base_hex, const char *prime_hex, dh_key *key) -{ - int err; - - LTC_ARGCHK(base_hex != NULL); - LTC_ARGCHK(prime_hex != NULL); - LTC_ARGCHK(key != NULL); - - /* good prng? */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - if ((err = mp_init_multi(&key->base, &key->prime, NULL)) != CRYPT_OK) { - goto error; - } - if ((err = mp_read_radix(key->base, base_hex, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->prime, prime_hex, 16)) != CRYPT_OK) { goto error; } - key->idx = SUPPLIED_PRIME; - return dh_make_key_internal(prng, wprng, key); -error: - mp_clear_multi(key->base, key->prime, NULL); - return err; -} - - -int dh_make_key_internal(prng_state *prng, int wprng, dh_key *key) -{ - unsigned char *buf = NULL; - int err, keysize; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(key->prime != NULL); - LTC_ARGCHK(key->base != NULL); - - /* init parameters */ - if ((err = mp_init_multi(&key->x, &key->y, NULL)) != CRYPT_OK) { - goto error; - } - - keysize = dh_get_size(key); - if (keysize < 96) { - return CRYPT_INVALID_KEYSIZE; - } - - /* allocate buffer */ - buf = XMALLOC(keysize); - if (buf == NULL) { - return CRYPT_MEM; - } - - /* make up random string */ - if ( (err = rng_make_prng( keysize, wprng, prng, NULL)) != CRYPT_OK) { - /*err = CRYPT_ERROR_READPRNG;*/ - goto error2; - } - - if (prng_descriptor[wprng].read(buf, keysize, prng) != (unsigned long)keysize) { - err = CRYPT_ERROR_READPRNG; - goto error2; - } - - /* load the x value */ - if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { goto error; } - key->type = PK_PRIVATE; - - /* free up ram */ - err = CRYPT_OK; - goto done; -error: - mp_clear_multi(key->base, key->prime, key->x, key->y, NULL); -done: -error2: -#ifdef LTC_CLEAN_STACK - zeromem(buf, keysize); -#endif - XFREE(buf); - return err; -} - -/** - Free the allocated ram for a DH key - @param key The key which you wish to free -*/ -void dh_free(dh_key *key) -{ - LTC_ARGCHKVD(key != NULL); - if ( key->base ) { - mp_clear( key->base ); - key->base = NULL; - } - if ( key->prime ) { - mp_clear( key->prime ); - key->prime = NULL; - } - if ( key->x ) { - mp_clear( key->x ); - key->x = NULL; - } - if ( key->y ) { - mp_clear( key->y ); - key->y = NULL; - } -} - -/** - Export a DH key to a binary packet - @param out [out] The destination for the key - @param outlen [in/out] The max size and resulting size of the DH key - @param type Which type of key (PK_PRIVATE or PK_PUBLIC) - @param key The key you wish to export - @return CRYPT_OK if successful -*/ -int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key) -{ - unsigned long y, z; - int err; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* can we store the static header? */ - if (*outlen < (PACKET_SIZE + 2)) { - return CRYPT_BUFFER_OVERFLOW; - } - - if (type == PK_PRIVATE && key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* header */ - y = PACKET_SIZE; - - /* header */ - out[y++] = type; - out[y++] = key->idx == SUPPLIED_PRIME ? - SUPPLIED_PRIME : - (unsigned char)(sets[key->idx].size / 8); - - /* export y */ - OUTPUT_BIGNUM(key->y, out, y, z); - - if (type == PK_PRIVATE) { - /* export x */ - OUTPUT_BIGNUM(key->x, out, y, z); - } - /* export g and p */ - if (key->idx == SUPPLIED_PRIME) { - OUTPUT_BIGNUM(key->base, out, y, z); - OUTPUT_BIGNUM(key->prime, out, y, z); - } - - /* store header */ - packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_KEY); - - /* store len */ - *outlen = y; - return CRYPT_OK; -} - -/** - Import a DH key from a binary string - @param in The string to read - @param inlen The length of the input packet - @param type The type of key. PK_PRIVATE or PK_PUBLIC - @param base The base (generator) in hex string - @param prime The prime in hex string - @param key [out] Where to import the key to - @return CRYPT_OK if successful, on error all allocated memory is freed automatically -*/ -int dh_import_raw(unsigned char *in, unsigned long inlen, int type, - const char *base_hex, const char *prime_hex, dh_key *key) -{ - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(base_hex != NULL); - LTC_ARGCHK(prime_hex != NULL); - LTC_ARGCHK(key != NULL); - - if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { - goto error; - } - if ((err = mp_read_radix(key->base, base_hex, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->prime, prime_hex, 16)) != CRYPT_OK) { goto error; } - key->idx = SUPPLIED_PRIME; - - if (type == PK_PRIVATE) { - /* load the x value */ - if ((err = mp_read_unsigned_bin(key->x, in, inlen)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { goto error; } - key->type = PK_PRIVATE; - } else { - /* load the y value */ - if ((err = mp_read_unsigned_bin(key->y, in, inlen)) != CRYPT_OK) { goto error; } - key->type = PK_PUBLIC; - mp_clear(key->x); - key->x = NULL; - } - key->idx = SUPPLIED_PRIME; - return CRYPT_OK; -error: - mp_clear_multi(key->y, key->x, key->base, key->prime, NULL); - return err; -} - -/** - Import a DH key from a binary packet - @param in The packet to read - @param inlen The length of the input packet - @param key [out] Where to import the key to - @return CRYPT_OK if successful, on error all allocated memory is freed automatically -*/ -int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key) -{ - unsigned long x, y; - int s, err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - - /* make sure valid length */ - if ((2+PACKET_SIZE) > inlen) { - return CRYPT_INVALID_PACKET; - } - - /* check type byte */ - if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_KEY)) != CRYPT_OK) { - return err; - } - - /* init */ - if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { - return err; - } - - /* advance past packet header */ - y = PACKET_SIZE; - - /* key type, e.g. private, public */ - key->type = (int)in[y++]; - - /* key size in bytes */ - s = (int)in[y++]; - - if (s == SUPPLIED_PRIME) { - /* key from provided p,g values */ - key->idx = SUPPLIED_PRIME; - } else { - s *= 8; - for (x = 0; (s > sets[x].size) && (sets[x].size != 0); x++); - if (sets[x].size == 0) { - err = CRYPT_INVALID_KEYSIZE; - goto error; - } - key->idx = (int)x; - if ((err = mp_read_radix(key->base, (char *)sets[x].base, 64)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->prime, (char *)sets[x].prime, 64)) != CRYPT_OK) { goto error; } - } - - /* type check both values */ - if ((key->type != PK_PUBLIC) && (key->type != PK_PRIVATE)) { - err = CRYPT_PK_TYPE_MISMATCH; - goto error; - } - - /* is the key idx valid? */ - if (dh_is_valid_idx(key->idx) != 1) { - err = CRYPT_PK_TYPE_MISMATCH; - goto error; - } - - /* load public value g^x mod p*/ - INPUT_BIGNUM(key->y, in, x, y, inlen); - - if (key->type == PK_PRIVATE) { - INPUT_BIGNUM(key->x, in, x, y, inlen); - /* if idx = SUPPLIED_PRIME then prime is not from static table */ - } - if (key->idx == SUPPLIED_PRIME) { - INPUT_BIGNUM(key->base, in, x, y, inlen); - INPUT_BIGNUM(key->prime, in, x, y, inlen); - } - - /* eliminate private key if public */ - if (key->type == PK_PUBLIC) { - mp_clear(key->x); - key->x = NULL; - } - - return CRYPT_OK; -error: - mp_clear_multi(key->y, key->x, key->base, key->prime, NULL); - return err; -} - -/** - Create a DH shared secret. - @param private_key The private DH key in the pair - @param public_key The public DH key in the pair - @param out [out] The destination of the shared data - @param outlen [in/out] The max size and resulting size of the shared data. - @return CRYPT_OK if successful -*/ -int dh_shared_secret(dh_key *private_key, dh_key *public_key, - unsigned char *out, unsigned long *outlen) -{ - void *tmp; - unsigned long x; - int err; - - LTC_ARGCHK(private_key != NULL); - LTC_ARGCHK(public_key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* types valid? */ - if (private_key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* same idx? */ - if (private_key->idx != public_key->idx) { - return CRYPT_PK_TYPE_MISMATCH; - } - - /* compute y^x mod p */ - if ((err = mp_init(&tmp)) != CRYPT_OK) { - return err; - } - - if ((err = mp_exptmod(public_key->y, private_key->x, private_key->prime, tmp)) != CRYPT_OK) { goto error; } - - /* enough space for output? */ - x = (unsigned long)mp_unsigned_bin_size(tmp); - if (*outlen < x) { - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) { goto error; } - *outlen = x; - err = CRYPT_OK; - goto done; -error: -done: - mp_clear(tmp); - return err; + if (key == NULL) return 0; + return mp_unsigned_bin_size(key->prime); } #endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_check_pubkey.c b/src/ltc/pk/dh/dh_check_pubkey.c new file mode 100644 index 0000000..fb4f37b --- /dev/null +++ b/src/ltc/pk/dh/dh_check_pubkey.c @@ -0,0 +1,65 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Check DH public key (INTERNAL ONLY, not part of public API) + @param key The key you wish to test + @return CRYPT_OK if successful +*/ +int dh_check_pubkey(dh_key *key) +{ + void *p_minus1; + ltc_mp_digit digit; + int i, digit_count, bits_set = 0, err; + + LTC_ARGCHK(key != NULL); + + if ((err = mp_init(&p_minus1)) != CRYPT_OK) { + return err; + } + + /* avoid: y <= 1 OR y >= p-1 */ + if ((err = mp_sub_d(key->prime, 1, p_minus1)) != CRYPT_OK) { + goto error; + } + if (mp_cmp(key->y, p_minus1) != LTC_MP_LT || mp_cmp_d(key->y, 1) != LTC_MP_GT) { + err = CRYPT_INVALID_ARG; + goto error; + } + + /* public key must have more than one bit set */ + digit_count = mp_get_digit_count(key->y); + for (i = 0; i < digit_count && bits_set < 2; i++) { + digit = mp_get_digit(key->y, i); + while (digit > 0) { + if (digit & 1) bits_set++; + digit >>= 1; + } + } + if (bits_set > 1) { + err = CRYPT_OK; + } + else { + err = CRYPT_INVALID_ARG; + } + +error: + mp_clear(p_minus1); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_export.c b/src/ltc/pk/dh/dh_export.c new file mode 100644 index 0000000..6a02a89 --- /dev/null +++ b/src/ltc/pk/dh/dh_export.c @@ -0,0 +1,62 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Export a DH key to a binary packet + @param out [out] The destination for the key + @param outlen [in/out] The max size and resulting size of the DH key + @param type Which type of key (PK_PRIVATE or PK_PUBLIC) + @param key The key you wish to export + @return CRYPT_OK if successful +*/ +int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key) +{ + unsigned char flags[1]; + int err; + unsigned long version = 0; + + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(key != NULL); + + if (type == PK_PRIVATE) { + /* export x - private key */ + flags[0] = 1; + err = der_encode_sequence_multi(out, outlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_INTEGER, 1UL, key->prime, + LTC_ASN1_INTEGER, 1UL, key->base, + LTC_ASN1_INTEGER, 1UL, key->x, + LTC_ASN1_EOL, 0UL, NULL); + } + else { + /* export y - public key */ + flags[0] = 0; + err = der_encode_sequence_multi(out, outlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_INTEGER, 1UL, key->prime, + LTC_ASN1_INTEGER, 1UL, key->base, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_EOL, 0UL, NULL); + } + + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_export_key.c b/src/ltc/pk/dh/dh_export_key.c new file mode 100644 index 0000000..d48c011 --- /dev/null +++ b/src/ltc/pk/dh/dh_export_key.c @@ -0,0 +1,47 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Binary export a DH key to a buffer + @param out [out] The destination for the key + @param outlen [in/out] The max size and resulting size of the DH key + @param type Which type of key (PK_PRIVATE or PK_PUBLIC) + @param key The key you wish to export + @return CRYPT_OK if successful +*/ +int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key) +{ + unsigned long len; + void *k; + + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(key != NULL); + + k = (type == PK_PRIVATE) ? key->x : key->y; + len = mp_unsigned_bin_size(k); + + if (*outlen < len) { + *outlen = len; + return CRYPT_BUFFER_OVERFLOW; + } + *outlen = len; + + return mp_to_unsigned_bin(k, out); +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_free.c b/src/ltc/pk/dh/dh_free.c new file mode 100644 index 0000000..b4f58ca --- /dev/null +++ b/src/ltc/pk/dh/dh_free.c @@ -0,0 +1,28 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Free the allocated ram for a DH key + @param key The key which you wish to free +*/ +void dh_free(dh_key *key) +{ + LTC_ARGCHKVD(key != NULL); + mp_cleanup_multi(&key->prime, &key->base, &key->y, &key->x, NULL); +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_generate_key.c b/src/ltc/pk/dh/dh_generate_key.c new file mode 100644 index 0000000..69fb6f9 --- /dev/null +++ b/src/ltc/pk/dh/dh_generate_key.c @@ -0,0 +1,102 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +static int _dh_groupsize_to_keysize(int groupsize) +{ + /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8 + * We use "Estimate 2" to get an appropriate private key (exponent) size. + */ + if (groupsize <= 0) { + return 0; + } + else if (groupsize <= 192) { + return 30; /* 1536-bit => key size 240-bit */ + } + else if (groupsize <= 256) { + return 40; /* 2048-bit => key size 320-bit */ + } + else if (groupsize <= 384) { + return 52; /* 3072-bit => key size 416-bit */ + } + else if (groupsize <= 512) { + return 60; /* 4096-bit => key size 480-bit */ + } + else if (groupsize <= 768) { + return 67; /* 6144-bit => key size 536-bit */ + } + else if (groupsize <= 1024) { + return 77; /* 8192-bit => key size 616-bit */ + } + else { + return 0; + } +} + +int dh_generate_key(prng_state *prng, int wprng, dh_key *key) +{ + unsigned char *buf; + unsigned long keysize; + int err, max_iterations = LTC_PK_MAX_RETRIES; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + /* good prng? */ + if ((err = prng_is_valid(wprng)) != CRYPT_OK) { + return err; + } + + keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime)); + if (keysize == 0) { + err = CRYPT_INVALID_KEYSIZE; + goto freemp; + } + + /* allocate buffer */ + buf = XMALLOC(keysize); + if (buf == NULL) { + err = CRYPT_MEM; + goto freemp; + } + + key->type = PK_PRIVATE; + do { + /* make up random buf */ + if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) { + err = CRYPT_ERROR_READPRNG; + goto freebuf; + } + /* load the x value - private key */ + if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) { + goto freebuf; + } + /* compute the y value - public key */ + if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { + goto freebuf; + } + err = dh_check_pubkey(key); + } while (err != CRYPT_OK && max_iterations-- > 0); + +freebuf: + zeromem(buf, keysize); + XFREE(buf); +freemp: + if (err != CRYPT_OK) dh_free(key); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_import.c b/src/ltc/pk/dh/dh_import.c new file mode 100644 index 0000000..601e5e7 --- /dev/null +++ b/src/ltc/pk/dh/dh_import.c @@ -0,0 +1,99 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Import a DH key from a binary packet + @param in The packet to read + @param inlen The length of the input packet + @param key [out] Where to import the key to + @return CRYPT_OK if successful, on error all allocated memory is freed automatically +*/ +int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key) +{ + unsigned char flags[1]; + int err; + unsigned long version; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(key != NULL); + + /* init */ + if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { + return err; + } + + /* find out what type of key it is */ + err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_BIT_STRING, 1UL, &flags, + LTC_ASN1_EOL, 0UL, NULL); + if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { + goto error; + } + + if (version == 0) { + if (flags[0] == 1) { + key->type = PK_PRIVATE; + if ((err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_INTEGER, 1UL, key->prime, + LTC_ASN1_INTEGER, 1UL, key->base, + LTC_ASN1_INTEGER, 1UL, key->x, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto error; + } + /* compute public key: y = (base ^ x) mod prime */ + if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { + goto error; + } + } + else if (flags[0] == 0) { + key->type = PK_PUBLIC; + if ((err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, + LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_INTEGER, 1UL, key->prime, + LTC_ASN1_INTEGER, 1UL, key->base, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto error; + } + } + else { + err = CRYPT_INVALID_PACKET; + goto error; + } + } + else { + err = CRYPT_INVALID_PACKET; + goto error; + } + + /* check public key */ + if ((err = dh_check_pubkey(key)) != CRYPT_OK) { + goto error; + } + + return CRYPT_OK; + +error: + dh_free(key); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_set.c b/src/ltc/pk/dh/dh_set.c new file mode 100644 index 0000000..8d0af7d --- /dev/null +++ b/src/ltc/pk/dh/dh_set.c @@ -0,0 +1,124 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Import DH key parts p and g from raw numbers + + @param p DH's p (prime) + @param plen DH's p's length + @param g DH's g (group) + @param glen DH's g's length + @param key [out] the destination for the imported key + @return CRYPT_OK if successful +*/ +int dh_set_pg(const unsigned char *p, unsigned long plen, + const unsigned char *g, unsigned long glen, + dh_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(p != NULL); + LTC_ARGCHK(g != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { + return err; + } + + if ((err = mp_read_unsigned_bin(key->base, (unsigned char*)g, glen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->prime, (unsigned char*)p, plen)) != CRYPT_OK) { goto LBL_ERR; } + + return CRYPT_OK; + +LBL_ERR: + dh_free(key); + return err; +} + +/** + Import DH key parts p and g from built-in DH groups + + @param groupsize The size of the DH group to use + @param key [out] Where the newly created DH key will be stored + @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically. +*/ +int dh_set_pg_groupsize(int groupsize, dh_key *key) +{ + int err, i; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + LTC_ARGCHK(groupsize > 0); + + for (i = 0; (groupsize > ltc_dh_sets[i].size) && (ltc_dh_sets[i].size != 0); i++); + if (ltc_dh_sets[i].size == 0) return CRYPT_INVALID_KEYSIZE; + + if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { + return err; + } + if ((err = mp_read_radix(key->base, ltc_dh_sets[i].base, 16)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_radix(key->prime, ltc_dh_sets[i].prime, 16)) != CRYPT_OK) { goto LBL_ERR; } + + return CRYPT_OK; + +LBL_ERR: + dh_free(key); + return err; +} + +/** + Import DH public or private key part from raw numbers + + NB: The p & g parts must be set beforehand + + @param in The key-part to import, either public or private. + @param inlen The key-part's length + @param type Which type of key (PK_PRIVATE or PK_PUBLIC) + @param key [out] the destination for the imported key + @return CRYPT_OK if successful +*/ +int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + if (type == PK_PRIVATE) { + key->type = PK_PRIVATE; + if ((err = mp_read_unsigned_bin(key->x, (unsigned char*)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { goto LBL_ERR; } + } + else { + key->type = PK_PUBLIC; + if ((err = mp_read_unsigned_bin(key->y, (unsigned char*)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } + } + + /* check public key */ + if ((err = dh_check_pubkey(key)) != CRYPT_OK) { + goto LBL_ERR; + } + + return CRYPT_OK; + +LBL_ERR: + dh_free(key); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_set_pg_dhparam.c b/src/ltc/pk/dh/dh_set_pg_dhparam.c new file mode 100644 index 0000000..7003011 --- /dev/null +++ b/src/ltc/pk/dh/dh_set_pg_dhparam.c @@ -0,0 +1,54 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Import DH key parts p and g from dhparam + + dhparam data: openssl dhparam -outform DER -out dhparam.der 2048 + + @param dhparam The DH param DER encoded data + @param dhparamlen The length of dhparam data + @param key [out] Where the newly created DH key will be stored + @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically. +*/ +int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + LTC_ARGCHK(dhparam != NULL); + LTC_ARGCHK(dhparamlen > 0); + + if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) { + return err; + } + if ((err = der_decode_sequence_multi(dhparam, dhparamlen, + LTC_ASN1_INTEGER, 1UL, key->prime, + LTC_ASN1_INTEGER, 1UL, key->base, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto LBL_ERR; + } + + return CRYPT_OK; + +LBL_ERR: + dh_free(key); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_shared_secret.c b/src/ltc/pk/dh/dh_shared_secret.c new file mode 100644 index 0000000..1eb69fb --- /dev/null +++ b/src/ltc/pk/dh/dh_shared_secret.c @@ -0,0 +1,80 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MDH + +/** + Create a DH shared secret. + @param private_key The private DH key in the pair + @param public_key The public DH key in the pair + @param out [out] The destination of the shared data + @param outlen [in/out] The max size and resulting size of the shared data. + @return CRYPT_OK if successful +*/ +int dh_shared_secret(dh_key *private_key, dh_key *public_key, + unsigned char *out, unsigned long *outlen) +{ + void *tmp; + unsigned long x; + int err; + + LTC_ARGCHK(private_key != NULL); + LTC_ARGCHK(public_key != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* types valid? */ + if (private_key->type != PK_PRIVATE) { + return CRYPT_PK_NOT_PRIVATE; + } + + /* same DH group? */ + if (mp_cmp(private_key->prime, public_key->prime) != LTC_MP_EQ) { return CRYPT_PK_TYPE_MISMATCH; } + if (mp_cmp(private_key->base, public_key->base) != LTC_MP_EQ) { return CRYPT_PK_TYPE_MISMATCH; } + + /* init big numbers */ + if ((err = mp_init(&tmp)) != CRYPT_OK) { + return err; + } + + /* check public key */ + if ((err = dh_check_pubkey(public_key)) != CRYPT_OK) { + goto error; + } + + /* compute tmp = y^x mod p */ + if ((err = mp_exptmod(public_key->y, private_key->x, private_key->prime, tmp)) != CRYPT_OK) { + goto error; + } + + /* enough space for output? */ + x = (unsigned long)mp_unsigned_bin_size(tmp); + if (*outlen < x) { + *outlen = x; + err = CRYPT_BUFFER_OVERFLOW; + goto error; + } + if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) { + goto error; + } + *outlen = x; + err = CRYPT_OK; + +error: + mp_clear(tmp); + return err; +} + +#endif /* LTC_MDH */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dh/dh_static.c b/src/ltc/pk/dh/dh_static.c deleted file mode 100644 index 117835f..0000000 --- a/src/ltc/pk/dh/dh_static.c +++ /dev/null @@ -1,165 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org - */ -#include "tomcrypt.h" - -/** - @file dh_static.c - DH crypto, Tom St Denis -*/ - -#ifdef LTC_MDH - -#define __DECL_DH_STATIC_H__ -#include "dh_static.h" - -/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ -const dh_set sets[] = { -#ifdef LTC_DH768 -{ - 96, - "DH-768", - "4", - "F///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "//////m3wvV" -}, -#endif -#ifdef LTC_DH1024 -{ - 128, - "DH-1024", - "4", - "F///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////m3C47" -}, -#endif -#ifdef LTC_DH1280 -{ - 160, - "DH-1280", - "4", - "F///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "//////////////////////////////m4kSN" -}, -#endif -#ifdef LTC_DH1536 -{ - 192, - "DH-1536", - "4", - "F///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////m5uqd" -}, -#endif -#ifdef LTC_DH1792 -{ - 224, - "DH-1792", - "4", - "F///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "//////////////////////////////////////////////////////mT/sd" -}, -#endif -#ifdef LTC_DH2048 -{ - 256, - "DH-2048", - "4", - "3///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "/////////////////////////////////////////m8MPh" -}, -#endif -#ifdef LTC_DH2560 -{ - 320, - "DH-2560", - "4", - "3///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "/////mKFpF" -}, -#endif -#ifdef LTC_DH3072 -{ - 384, - "DH-3072", - "4", - "3///////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "/////////////////////////////m32nN" -}, -#endif -#ifdef LTC_DH4096 -{ - 512, - "DH-4096", - "4", - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "////////////////////////////////////////////////////////////" - "/////////////////////m8pOF" -}, -#endif -{ - 0, - NULL, - NULL, - NULL -} -}; - -int dh_is_valid_idx(int n) -{ - int x; - - if (n == SUPPLIED_PRIME) - return 1; - for (x = 0; sets[x].size; x++); - if ((n < 0) || (n >= x)) { - return 0; - } - return 1; -} - - -#endif /* LTC_MDH */ diff --git a/src/ltc/pk/dh/dh_static.h b/src/ltc/pk/dh/dh_static.h deleted file mode 100644 index 42db578..0000000 --- a/src/ltc/pk/dh/dh_static.h +++ /dev/null @@ -1,129 +0,0 @@ -#ifndef __DH_STATIC_H__ -#define __DH_STATIC_H__ -#ifndef __DECL_DH_STATIC_H__ -#define __DECL_DH_STATIC_H__ extern -#endif - -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org - */ -#include "tomcrypt.h" - -/** - @file dh_static.h - DH crypto, Tom St Denis -*/ - -#ifdef LTC_MDH - -/* size of a packet header in bytes */ -#define PACKET_SIZE 4 - -/* Section tags */ -#define PACKET_SECT_DH 1 - -/* Subsection Tags for the first three sections */ -#define PACKET_SUB_KEY 0 -#define PACKET_SUB_ENCRYPTED 1 -#define PACKET_SUB_SIGNED 2 -#define PACKET_SUB_ENC_KEY 3 - -#define OUTPUT_BIGNUM(num, out, y, z) \ -{ \ - if ((y + 4) > *outlen) { return CRYPT_BUFFER_OVERFLOW; } \ - z = (unsigned long)mp_unsigned_bin_size(num); \ - STORE32L(z, out+y); \ - y += 4; \ - if ((y + z) > *outlen) { return CRYPT_BUFFER_OVERFLOW; } \ - if ((err = mp_to_unsigned_bin(num, out+y)) != CRYPT_OK) { return err; } \ - y += z; \ -} - -#define INPUT_BIGNUM(num, in, x, y, inlen) \ -{ \ - /* load value */ \ - if ((y + 4) > inlen) { \ - err = CRYPT_INVALID_PACKET; \ - goto error; \ - } \ - LOAD32L(x, in+y); \ - y += 4; \ - \ - /* sanity check... */ \ - if ((x+y) > inlen) { \ - err = CRYPT_INVALID_PACKET; \ - goto error; \ - } \ - \ - /* load it */ \ - if ((err = mp_read_unsigned_bin(num, (unsigned char *)in+y, (int)x)) != CRYPT_OK) {\ - goto error; \ - } \ - y += x; \ -} - -#define SUPPLIED_PRIME 255 - -/* XXX: HP C compiler + IBM C compiler do not like "static inline" */ -static void packet_store_header (unsigned char *dst, int section, int subsection) -{ - LTC_ARGCHKVD(dst != NULL); - - /* store version number */ - dst[0] = (unsigned char)(CRYPT&255); - dst[1] = (unsigned char)((CRYPT>>8)&255); - - /* store section and subsection */ - dst[2] = (unsigned char)(section & 255); - dst[3] = (unsigned char)(subsection & 255); - -} - -/* XXX: HP C compiler + IBM C compiler do not like "static inline" */ -static int packet_valid_header (unsigned char *src, int section, int subsection) -{ - unsigned long ver; - - LTC_ARGCHK(src != NULL); - - /* check version */ - ver = ((unsigned long)src[0]) | ((unsigned long)src[1] << 8U); - if (CRYPT < ver) { - return CRYPT_INVALID_PACKET; - } - - /* check section and subsection */ - if (section != (int)src[2] || subsection != (int)src[3]) { - return CRYPT_INVALID_PACKET; - } - - return CRYPT_OK; -} - -#ifndef DH_BUF_SIZE -/* max export size we'll encounter (smaller than this but lets round up a bit) */ -#define DH_BUF_SIZE 1200 -#endif /* DH_BUF_SIZE */ - -typedef struct { - int size; - char *name, *base, *prime; -} dh_set; - -/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ -__DECL_DH_STATIC_H__ const dh_set sets[]; - - -int dh_is_valid_idx(int n); - - -#endif /* __DH_STATIC_H__ */ - -#endif /* LTC_MDH */ diff --git a/src/ltc/pk/dh/dh_sys.c b/src/ltc/pk/dh/dh_sys.c deleted file mode 100644 index 67af043..0000000 --- a/src/ltc/pk/dh/dh_sys.c +++ /dev/null @@ -1,487 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org - */ - -#include "tomcrypt.h" - -#ifdef LTC_MDH -/** - @file dh_sys.c - DH Crypto, Tom St Denis -*/ - -#include "dh_static.h" - - -/** - Encrypt a short symmetric key with a public DH key - @param in The symmetric key to encrypt - @param inlen The length of the key (octets) - @param out [out] The ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param hash The index of the hash desired (must produce a digest of size >= the size of the plaintext) - @param key The public key you wish to encrypt with. - @return CRYPT_OK if successful -*/ -int dh_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, - dh_key *key) -{ - unsigned char *pub_expt, *dh_shared, *skey; - dh_key pubkey; - unsigned long x, y, z, pubkeysize; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* check that wprng/hash are not invalid */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - if (inlen > hash_descriptor[hash].hashsize) { - return CRYPT_INVALID_HASH; - } - - /* allocate memory */ - pub_expt = XMALLOC(DH_BUF_SIZE); - dh_shared = XMALLOC(DH_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (pub_expt == NULL || dh_shared == NULL || skey == NULL) { - if (pub_expt != NULL) { - XFREE(pub_expt); - } - if (dh_shared != NULL) { - XFREE(dh_shared); - } - if (skey != NULL) { - XFREE(skey); - } - return CRYPT_MEM; - } - - /* make a random key and export the public copy */ - pubkey.idx = key->idx; - if ((err = mp_init_multi(&pubkey.base, &pubkey.prime, NULL)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = mp_copy(key->base, pubkey.base)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_copy(key->prime, pubkey.prime)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = dh_make_key_internal(prng, wprng, &pubkey)) != CRYPT_OK) { - goto LBL_ERR; - } - - pubkeysize = DH_BUF_SIZE; - if ((err = dh_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { - dh_free(&pubkey); - goto LBL_ERR; - } - - /* now check if the out buffer is big enough */ - if (*outlen < (1 + 4 + 4 + PACKET_SIZE + pubkeysize + inlen)) { - dh_free(&pubkey); - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - x = DH_BUF_SIZE; - if ((err = dh_shared_secret(&pubkey, key, dh_shared, &x)) != CRYPT_OK) { - dh_free(&pubkey); - goto LBL_ERR; - } - dh_free(&pubkey); - - z = MAXBLOCKSIZE; - if ((err = hash_memory(hash, dh_shared, x, skey, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* store header */ - packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_ENC_KEY); - - /* output header */ - y = PACKET_SIZE; - - /* size of hash name and the name itself */ - out[y++] = hash_descriptor[hash].ID; - - /* length of DH pubkey and the key itself */ - STORE32L(pubkeysize, out+y); - y += 4; - for (x = 0; x < pubkeysize; x++, y++) { - out[y] = pub_expt[x]; - } - - /* Store the encrypted key */ - STORE32L(inlen, out+y); - y += 4; - - for (x = 0; x < inlen; x++, y++) { - out[y] = skey[x] ^ in[x]; - } - *outlen = y; - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - /* clean up */ - zeromem(pub_expt, DH_BUF_SIZE); - zeromem(dh_shared, DH_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - XFREE(skey); - XFREE(dh_shared); - XFREE(pub_expt); - - return err; -} - -/** - Decrypt a DH encrypted symmetric key - @param in The DH encrypted packet - @param inlen The length of the DH encrypted packet - @param out The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext - @param key The private DH key corresponding to the public key that encrypted the plaintext - @return CRYPT_OK if successful -*/ -int dh_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - dh_key *key) -{ - unsigned char *shared_secret, *skey; - unsigned long x, y, z, keysize; - int hash, err; - dh_key pubkey; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* right key type? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* allocate ram */ - shared_secret = XMALLOC(DH_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (shared_secret == NULL || skey == NULL) { - if (shared_secret != NULL) { - XFREE(shared_secret); - } - if (skey != NULL) { - XFREE(skey); - } - return CRYPT_MEM; - } - - /* check if initial header should fit */ - if (inlen < PACKET_SIZE+1+4+4) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } else { - inlen -= PACKET_SIZE+1+4+4; - } - - /* is header correct? */ - if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_ENC_KEY)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* now lets get the hash name */ - y = PACKET_SIZE; - hash = find_hash_id(in[y++]); - if (hash == -1) { - err = CRYPT_INVALID_HASH; - goto LBL_ERR; - } - - /* get public key */ - LOAD32L(x, in+y); - - /* now check if the imported key will fit */ - if (inlen < x) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } else { - inlen -= x; - } - - y += 4; - if ((err = dh_import(in+y, x, &pubkey)) != CRYPT_OK) { - goto LBL_ERR; - } - y += x; - - /* make shared key */ - x = DH_BUF_SIZE; - if ((err = dh_shared_secret(key, &pubkey, shared_secret, &x)) != CRYPT_OK) { - dh_free(&pubkey); - goto LBL_ERR; - } - dh_free(&pubkey); - - z = MAXBLOCKSIZE; - if ((err = hash_memory(hash, shared_secret, x, skey, &z)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* load in the encrypted key */ - LOAD32L(keysize, in+y); - - /* will the out fit as part of the input */ - if (inlen < keysize) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - if (keysize > *outlen) { - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - y += 4; - - *outlen = keysize; - - for (x = 0; x < keysize; x++, y++) { - out[x] = skey[x] ^ in[y]; - } - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(shared_secret, DH_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(skey); - XFREE(shared_secret); - - return err; -} - -/* perform an ElGamal Signature of a hash - * - * The math works as follows. x is the private key, M is the message to sign - - 1. pick a random k - 2. compute a = g^k mod p - 3. compute b = (M - xa)/k mod p - 4. Send (a,b) - - Now to verify with y=g^x mod p, a and b - - 1. compute y^a * a^b = g^(xa) * g^(k*(M-xa)/k) - = g^(xa + (M - xa)) - = g^M [all mod p] - - 2. Compare against g^M mod p [based on input hash]. - 3. If result of #2 == result of #1 then signature valid -*/ - -/** - Sign a message digest using a DH private key - @param in The data to sign - @param inlen The length of the input (octets) - @param out [out] The destination of the signature - @param outlen [in/out] The max size and resulting size of the output - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param key A private DH key - @return CRYPT_OK if successful -*/ -int dh_sign_hash(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, dh_key *key) -{ - void *a, *b, *k, *m, *p1, *tmp; - unsigned char *buf; - unsigned long x, y; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* check parameters */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - /* is the IDX valid ? */ - if (dh_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - - /* allocate ram for buf */ - buf = XMALLOC(520); - - /* make up a random value k, - * since the order of the group is prime - * we need not check if gcd(k, r) is 1 - */ - if (prng_descriptor[wprng].read(buf, dh_get_size(key), prng) != - (unsigned long)(dh_get_size(key))) { - err = CRYPT_ERROR_READPRNG; - goto LBL_ERR_1; - } - - /* init bignums */ - if ((err = mp_init_multi(&a, &b, &k, &m, &p1, &tmp, NULL)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* load k, m and p1 */ - if ((err = mp_read_unsigned_bin(m, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_unsigned_bin(k, buf, dh_get_size(key))) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_sub_d(key->prime, 1, p1)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_div_2(p1, p1)) != CRYPT_OK) { goto LBL_ERR; } /* p1 = (p-1)/2 */ - /* now get a = g^k mod p */ - if ((err = mp_exptmod(key->base, k, key->prime, a)) != CRYPT_OK) { goto LBL_ERR; } - - /* now find M = xa + kb mod p1 or just b = (M - xa)/k mod p1 */ - if ((err = mp_invmod(k, p1, k)) != CRYPT_OK) { goto LBL_ERR; } /* k = 1/k mod p1 */ - if ((err = mp_mulmod(a, key->x, p1, tmp)) != CRYPT_OK) { goto LBL_ERR; } /* tmp = xa */ - if ((err = mp_submod(m, tmp, p1, tmp)) != CRYPT_OK) { goto LBL_ERR; } /* tmp = M - xa */ - if ((err = mp_mulmod(k, tmp, p1, b)) != CRYPT_OK) { goto LBL_ERR; } /* b = (M - xa)/k */ - - /* check for overflow */ - if ((unsigned long)(PACKET_SIZE + 4 + 4 + mp_unsigned_bin_size(a) + mp_unsigned_bin_size(b)) > *outlen) { - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* store header */ - y = PACKET_SIZE; - - /* now store them both (a,b) */ - x = (unsigned long)mp_unsigned_bin_size(a); - STORE32L(x, out+y); y += 4; - if ((err = mp_to_unsigned_bin(a, out+y)) != CRYPT_OK) { goto LBL_ERR; } - y += x; - - x = (unsigned long)mp_unsigned_bin_size(b); - STORE32L(x, out+y); y += 4; - if ((err = mp_to_unsigned_bin(b, out+y)) != CRYPT_OK) { goto LBL_ERR; } - y += x; - - /* check if size too big */ - if (*outlen < y) { - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* store header */ - packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_SIGNED); - *outlen = y; - - err = CRYPT_OK; -LBL_ERR: - mp_clear_multi(tmp, p1, m, k, b, a, NULL); -LBL_ERR_1: - - XFREE(buf); - - return err; -} - - -/** - Verify the signature given - @param sig The signature - @param siglen The length of the signature (octets) - @param hash The hash that was signed - @param hashlen The length of the hash (octets) - @param stat [out] Result of signature comparison, 1==valid, 0==invalid - @param key The public DH key that signed the hash - @return CRYPT_OK if succsessful (even if signature is invalid) -*/ -int dh_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, dh_key *key) -{ - void *a, *b, *m, *tmp; - unsigned long x, y; - int err; - - LTC_ARGCHK(sig != NULL); - LTC_ARGCHK(hash != NULL); - LTC_ARGCHK(stat != NULL); - LTC_ARGCHK(key != NULL); - - /* default to invalid */ - *stat = 0; - - /* check initial input length */ - if (siglen < PACKET_SIZE+4+4) { - return CRYPT_INVALID_PACKET; - } - - /* header ok? */ - if ((err = packet_valid_header((unsigned char *)sig, PACKET_SECT_DH, PACKET_SUB_SIGNED)) != CRYPT_OK) { - return err; - } - - /* get hash out of packet */ - y = PACKET_SIZE; - - /* init all bignums */ - if ((err = mp_init_multi(&a, &b, &m, &tmp, NULL)) != CRYPT_OK) { - return err; - } - - /* load a and b */ - INPUT_BIGNUM(a, sig, x, y, siglen); - INPUT_BIGNUM(b, sig, x, y, siglen); - - /* load m */ - if ((err = mp_read_unsigned_bin(m, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error1; } - - /* find g^m mod p */ - if ((err = mp_exptmod(key->base, m, key->prime, m)) != CRYPT_OK) { goto error1; } /* m = g^m mod p */ - - /* find y^a * a^b */ - if ((err = mp_exptmod(key->y, a, key->prime, tmp)) != CRYPT_OK) { goto error1; } /* tmp = y^a mod p */ - if ((err = mp_exptmod(a, b, key->prime, a)) != CRYPT_OK) { goto error1; } /* a = a^b mod p */ - if ((err = mp_mulmod(a, tmp, key->prime, a)) != CRYPT_OK) { goto error1; } /* a = y^a * a^b mod p */ - - /* y^a * a^b == g^m ??? */ - if (mp_cmp(a, m) == 0) { - *stat = 1; - } - - /* clean up */ - err = CRYPT_OK; - goto done; -error1: -error: -done: - mp_clear_multi(tmp, m, b, a, NULL); - return err; -} - -#endif /* LTC_MDH */ diff --git a/src/ltc/pk/dsa/dsa_decrypt_key.c b/src/ltc/pk/dsa/dsa_decrypt_key.c index 25a9db0..ef4e1dd 100644 --- a/src/ltc/pk/dsa/dsa_decrypt_key.c +++ b/src/ltc/pk/dsa/dsa_decrypt_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -32,7 +30,8 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, { unsigned char *skey, *expt; void *g_pub; - unsigned long x, y, hashOID[32]; + unsigned long x, y; + unsigned long hashOID[32] = { 0 }; int hash, err; ltc_asn1_list decode[3]; @@ -48,8 +47,8 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, /* decode to find out hash */ LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { + err = der_decode_sequence(in, inlen, decode, 1); + if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { return err; } @@ -134,7 +133,7 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_encrypt_key.c b/src/ltc/pk/dsa/dsa_encrypt_key.c index a7e9ed2..c854367 100644 --- a/src/ltc/pk/dsa/dsa_encrypt_key.c +++ b/src/ltc/pk/dsa/dsa_encrypt_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -37,7 +35,7 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *expt, *skey; void *g_pub, *g_priv; unsigned long x, y; - int err, qbits; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -75,14 +73,12 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, return CRYPT_MEM; } - /* make a random g_priv, g_pub = g^x pair */ - qbits = mp_count_bits(key->q); - do { - if ((err = rand_bn_bits(g_priv, qbits, prng, wprng)) != CRYPT_OK) { - goto LBL_ERR; - } - /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ - } while (mp_cmp_d(g_priv, 0) != LTC_MP_GT || mp_cmp(g_priv, key->q) != LTC_MP_LT); + /* make a random g_priv, g_pub = g^x pair + private key x should be in range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) + */ + if ((err = rand_bn_upto(g_priv, key->q, prng, wprng)) != CRYPT_OK) { + goto LBL_ERR; + } /* compute y */ if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { @@ -126,7 +122,7 @@ LBL_ERR: } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_export.c b/src/ltc/pk/dsa/dsa_export.c index 60e8b6f..dde5458 100644 --- a/src/ltc/pk/dsa/dsa_export.c +++ b/src/ltc/pk/dsa/dsa_export.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -88,7 +86,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key LTC_SET_ASN1(int_list, 1, LTC_ASN1_INTEGER, key->q, 1UL); LTC_SET_ASN1(int_list, 2, LTC_ASN1_INTEGER, key->g, 1UL); - err = der_encode_subject_public_key_info(out, outlen, PKA_DSA, tmp, + err = x509_encode_subject_public_key_info(out, outlen, PKA_DSA, tmp, tmplen, LTC_ASN1_SEQUENCE, int_list, sizeof(int_list) / sizeof(int_list[0])); @@ -113,6 +111,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_free.c b/src/ltc/pk/dsa/dsa_free.c index 5f5ce72..5cac656 100644 --- a/src/ltc/pk/dsa/dsa_free.c +++ b/src/ltc/pk/dsa/dsa_free.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -24,11 +22,12 @@ void dsa_free(dsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); + mp_cleanup_multi(&key->y, &key->x, &key->q, &key->g, &key->p, NULL); + key->type = key->qord = 0; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_generate_key.c b/src/ltc/pk/dsa/dsa_generate_key.c new file mode 100644 index 0000000..18b2df6 --- /dev/null +++ b/src/ltc/pk/dsa/dsa_generate_key.c @@ -0,0 +1,47 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file dsa_make_key.c + DSA implementation, generate a DSA key +*/ + +#ifdef LTC_MDSA + +/** + Create a DSA key + @param prng An active PRNG state + @param wprng The index of the PRNG desired + @param key [in/out] Where to store the created key + @return CRYPT_OK if successful. +*/ +int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + /* so now we have our DH structure, generator g, order q, modulus p + Now we need a random exponent [mod q] and it's power g^x mod p + */ + /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ + if ((err = rand_bn_upto(key->x, key->q, prng, wprng)) != CRYPT_OK) { return err; } + if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { return err; } + key->type = PK_PRIVATE; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_generate_pqg.c b/src/ltc/pk/dsa/dsa_generate_pqg.c new file mode 100644 index 0000000..91c7ef7 --- /dev/null +++ b/src/ltc/pk/dsa/dsa_generate_pqg.c @@ -0,0 +1,244 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +/** + @file dsa_generate_pqg.c + DSA implementation - generate DSA parameters p, q & g +*/ + +#ifdef LTC_MDSA + +/** + Create DSA parameters (INTERNAL ONLY, not part of public API) + @param prng An active PRNG state + @param wprng The index of the PRNG desired + @param group_size Size of the multiplicative group (octets) + @param modulus_size Size of the modulus (octets) + @param p [out] bignum where generated 'p' is stored (must be initialized by caller) + @param q [out] bignum where generated 'q' is stored (must be initialized by caller) + @param g [out] bignum where generated 'g' is stored (must be initialized by caller) + @return CRYPT_OK if successful, upon error this function will free all allocated memory +*/ +static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g) +{ + unsigned long L, N, n, outbytes, seedbytes, counter, j, i; + int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash; + unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE]; + void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc; + + /* check size */ + if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) { + return CRYPT_INVALID_ARG; + } + + /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function + * + * L = The desired length of the prime p (in bits e.g. L = 1024) + * N = The desired length of the prime q (in bits e.g. N = 160) + * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N + * outlen = The bit length of Hash function + * + * 1. Check that the (L, N) + * 2. If (seedlen = 2^(L-1)) { + * Test whether or not p is prime as specified in Appendix C.3. + * If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter + * } + * offset = offset + n + 1 Comment: Increment offset + * } + */ + + seedbytes = group_size; + L = modulus_size * 8; + N = group_size * 8; + + /* XXX-TODO no Lucas test */ +#ifdef LTC_MPI_HAS_LUCAS_TEST + /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */ + mr_tests_p = (L <= 2048) ? 3 : 2; + if (N <= 160) { mr_tests_q = 19; } + else if (N <= 224) { mr_tests_q = 24; } + else { mr_tests_q = 27; } +#else + /* M-R tests (without Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */ + if (L <= 1024) { mr_tests_p = 40; } + else if (L <= 2048) { mr_tests_p = 56; } + else { mr_tests_p = 64; } + + if (N <= 160) { mr_tests_q = 40; } + else if (N <= 224) { mr_tests_q = 56; } + else { mr_tests_q = 64; } +#endif + + if (N <= 256) { + hash = register_hash(&sha256_desc); + } + else if (N <= 384) { + hash = register_hash(&sha384_desc); + } + else if (N <= 512) { + hash = register_hash(&sha512_desc); + } + else { + return CRYPT_INVALID_ARG; /* group_size too big */ + } + + if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } + outbytes = hash_descriptor[hash].hashsize; + + n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1; + + if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL) { err = CRYPT_MEM; goto cleanup3; } + if ((sbuf = XMALLOC(seedbytes)) == NULL) { err = CRYPT_MEM; goto cleanup2; } + + err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL); + if (err != CRYPT_OK) { goto cleanup1; } + + if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK) { goto cleanup; } + /* t2L1 = 2^(L-1) */ + if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK) { goto cleanup; } + /* t2N1 = 2^(N-1) */ + if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK) { goto cleanup; } + /* t2seedlen = 2^seedlen */ + + for(found_p=0; !found_p;) { + /* q */ + for(found_q=0; !found_q;) { + if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; } + i = outbytes; + if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_add(t2N1, U, q)) != CRYPT_OK) { goto cleanup; } + if (!mp_isodd(q)) mp_add_d(q, 1, q); + if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK) { goto cleanup; } + if (res == LTC_MP_YES) found_q = 1; + } + + /* p */ + if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_add(q, q, t2q)) != CRYPT_OK) { goto cleanup; } + for(counter=0; counter < 4*L && !found_p; counter++) { + for(j=0; j<=n; j++) { + if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK) { goto cleanup; } + /* seedinc = (seedinc+1) % 2^seed_bitlen */ + if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes) { err = CRYPT_INVALID_ARG; goto cleanup; } + zeromem(sbuf, seedbytes); + if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; } + i = outbytes; + err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i); + if (err != CRYPT_OK) { goto cleanup; } + } + if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_add(W, t2L1, X)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_mod(X, t2q, c)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_sub_d(c, 1, p)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_sub(X, p, p)) != CRYPT_OK) { goto cleanup; } + if (mp_cmp(p, t2L1) != LTC_MP_LT) { + /* p >= 2^(L-1) */ + if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK) { goto cleanup; } + if (res == LTC_MP_YES) { + found_p = 1; + } + } + } + } + + /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g + * 1. e = (p - 1)/q + * 2. h = any integer satisfying: 1 < h < (p - 1) + * h could be obtained from a random number generator or from a counter that changes after each use + * 3. g = h^e mod p + * 4. if (g == 1), then go to step 2. + * + */ + + if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK) { goto cleanup; } + if ((err = mp_div(e, q, e, c)) != CRYPT_OK) { goto cleanup; } + /* e = (p - 1)/q */ + i = mp_count_bits(p); + do { + do { + if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK) { goto cleanup; } + } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT); + if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK) { goto cleanup; } + /* h is randon and 1 < h < (p-1) */ + if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK) { goto cleanup; } + } while (mp_cmp_d(g, 1) == LTC_MP_EQ); + + err = CRYPT_OK; +cleanup: + mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL); +cleanup1: + XFREE(sbuf); +cleanup2: + XFREE(wbuf); +cleanup3: + return err; +} + +/** + Generate DSA parameters p, q & g + @param prng An active PRNG state + @param wprng The index of the PRNG desired + @param group_size Size of the multiplicative group (octets) + @param modulus_size Size of the modulus (octets) + @param key [out] Where to store the created key + @return CRYPT_OK if successful. +*/ +int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + /* init mp_ints */ + if ((err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL)) != CRYPT_OK) { + return err; + } + /* generate params */ + err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g); + if (err != CRYPT_OK) { + goto cleanup; + } + + key->qord = group_size; + + return CRYPT_OK; + +cleanup: + dsa_free(key); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_import.c b/src/ltc/pk/dsa/dsa_import.c index ca522c7..5e77b1e 100644 --- a/src/ltc/pk/dsa/dsa_import.c +++ b/src/ltc/pk/dsa/dsa_import.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -26,8 +24,8 @@ */ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) { - int err; - unsigned long zero = 0; + int err, stat; + unsigned long zero = 0, len; unsigned char* tmpbuf = NULL; unsigned char flags[1]; @@ -41,11 +39,12 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } /* try to match the old libtomcrypt format */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) { + err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_EOL, 0UL, NULL); + + if (err == CRYPT_OK || err == CRYPT_INPUT_TOO_LONG) { /* private key */ - if (flags[0]) { + if (flags[0] == 1) { if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_INTEGER, 1UL, key->g, @@ -60,7 +59,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) goto LBL_OK; } /* public key */ - else { + else if (flags[0] == 0) { if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_INTEGER, 1UL, key->g, @@ -73,6 +72,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) key->type = PK_PUBLIC; goto LBL_OK; } + else { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } } /* get key type */ if ((err = der_decode_sequence_multi(in, inlen, @@ -87,7 +90,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) key->type = PK_PRIVATE; } else { /* public */ ltc_asn1_list params[3]; - unsigned long tmpbuf_len = MAX_RSA_SIZE*8; + unsigned long tmpbuf_len = inlen; LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, key->p, 1UL); LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, key->q, 1UL); @@ -99,9 +102,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) goto LBL_ERR; } - err = der_decode_subject_public_key_info(in, inlen, PKA_DSA, + len = 3; + err = x509_decode_subject_public_key_info(in, inlen, PKA_DSA, tmpbuf, &tmpbuf_len, - LTC_ASN1_SEQUENCE, params, 3); + LTC_ASN1_SEQUENCE, params, &len); if (err != CRYPT_OK) { XFREE(tmpbuf); goto LBL_ERR; @@ -117,22 +121,33 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } LBL_OK: - key->qord = mp_unsigned_bin_size(key->q); + key->qord = mp_unsigned_bin_size(key->q); - if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || - (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) { + /* quick p, q, g validation, without primality testing */ + if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { + goto LBL_ERR; + } + if (stat == 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + /* validate x, y */ + if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) { + goto LBL_ERR; + } + if (stat == 0) { err = CRYPT_INVALID_PACKET; goto LBL_ERR; } return CRYPT_OK; LBL_ERR: - mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); + dsa_free(key); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_import_radix.c b/src/ltc/pk/dsa/dsa_import_radix.c deleted file mode 100644 index 03e1ba7..0000000 --- a/src/ltc/pk/dsa/dsa_import_radix.c +++ /dev/null @@ -1,67 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - Import DSA public or private key from raw numbers - @param radix the radix the numbers are represented in (2-64, 16 = hexadecimal) - @param p DSA's p in radix representation - @param q DSA's q in radix representation - @param g DSA's g in radix representation - @param x DSA's x in radix representation (only private key, NULL for public key) - @param y DSA's y in radix representation - @param key [out] the destination for the imported key - @return CRYPT_OK if successful, upon error allocated memory is freed -*/ - -#ifdef LTC_MDSA - -int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key) -{ - int err; - - LTC_ARGCHK(p != NULL); - LTC_ARGCHK(q != NULL); - LTC_ARGCHK(g != NULL); - LTC_ARGCHK(y != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - /* init key */ - err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); - if (err != CRYPT_OK) return err; - - if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->g , g , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->y , y , radix)) != CRYPT_OK) { goto LBL_ERR; } - if (x && strlen(x) > 0) { - key->type = PK_PRIVATE; - if ((err = mp_read_radix(key->x , x , radix)) != CRYPT_OK) { goto LBL_ERR; } - } - else { - key->type = PK_PUBLIC; - } - - key->qord = mp_unsigned_bin_size(key->q); - - if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || - (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - return CRYPT_OK; - -LBL_ERR: - mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); - return err; -} - -#endif diff --git a/src/ltc/pk/dsa/dsa_make_key.c b/src/ltc/pk/dsa/dsa_make_key.c index 0cca7a8..8ac08f8 100644 --- a/src/ltc/pk/dsa/dsa_make_key.c +++ b/src/ltc/pk/dsa/dsa_make_key.c @@ -5,264 +5,37 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" /** @file dsa_make_key.c - DSA implementation, generate a DSA key, Tom St Denis + DSA implementation, generate a DSA key */ #ifdef LTC_MDSA /** - Create DSA parameters - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param group_size Size of the multiplicative group (octets) - @param modulus_size Size of the modulus (octets) - @param p [out] bignum where generated 'p' is stored (must be initialized by caller) - @param q [out] bignum where generated 'q' is stored (must be initialized by caller) - @param g [out] bignum where generated 'g' is stored (must be initialized by caller) - @return CRYPT_OK if successful, upon error this function will free all allocated memory -*/ -int dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g) -{ - unsigned long L, N, n, outbytes, seedbytes, counter, j, i; - int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash; - unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE]; - void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc; - - /* check size */ - if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) { - return CRYPT_INVALID_ARG; - } - - /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function - * - * L = The desired length of the prime p (in bits e.g. L = 1024) - * N = The desired length of the prime q (in bits e.g. N = 160) - * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N - * outlen = The bit length of Hash function - * - * 1. Check that the (L, N) - * 2. If (seedlen = 2^(L-1)) { - * Test whether or not p is prime as specified in Appendix C.3. - * If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter - * } - * offset = offset + n + 1 Comment: Increment offset - * } - */ - - seedbytes = group_size; - L = modulus_size * 8; - N = group_size * 8; - - /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */ - mr_tests_p = (L <= 2048) ? 3 : 2; - if (N <= 160) { mr_tests_q = 19; } - else if (N <= 224) { mr_tests_q = 24; } - else { mr_tests_q = 27; } - - if (N <= 256) { - hash = register_hash(&sha256_desc); - } - else if (N <= 384) { - hash = register_hash(&sha384_desc); - } - else if (N <= 512) { - hash = register_hash(&sha512_desc); - } - else { - return CRYPT_INVALID_ARG; /* group_size too big */ - } - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } - outbytes = hash_descriptor[hash].hashsize; - - n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1; - - if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL) { err = CRYPT_MEM; goto cleanup3; } - if ((sbuf = XMALLOC(seedbytes)) == NULL) { err = CRYPT_MEM; goto cleanup2; } - - err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL); - if (err != CRYPT_OK) { goto cleanup1; } - - if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK) { goto cleanup; } - /* t2L1 = 2^(L-1) */ - if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK) { goto cleanup; } - /* t2N1 = 2^(N-1) */ - if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK) { goto cleanup; } - /* t2seedlen = 2^seedlen */ - - for(found_p=0; !found_p;) { - /* q */ - for(found_q=0; !found_q;) { - if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; } - i = outbytes; - if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_add(t2N1, U, q)) != CRYPT_OK) { goto cleanup; } - if (!mp_isodd(q)) mp_add_d(q, 1, q); - if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK) { goto cleanup; } /* XXX-TODO rounds are ignored; no Lucas test */ - if (res == LTC_MP_YES) found_q = 1; - } - - /* p */ - if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_add(q, q, t2q)) != CRYPT_OK) { goto cleanup; } - for(counter=0; counter < 4*L && !found_p; counter++) { - for(j=0; j<=n; j++) { - if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK) { goto cleanup; } - /* seedinc = (seedinc+1) % 2^seed_bitlen */ - if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes) { err = CRYPT_INVALID_ARG; goto cleanup; } - zeromem(sbuf, seedbytes); - if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; } - i = outbytes; - err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i); - if (err != CRYPT_OK) { goto cleanup; } - } - if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_add(W, t2L1, X)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_mod(X, t2q, c)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_sub_d(c, 1, p)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_sub(X, p, p)) != CRYPT_OK) { goto cleanup; } - if (mp_cmp(p, t2L1) != LTC_MP_LT) { - /* p >= 2^(L-1) */ - if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK) { goto cleanup; } /* XXX-TODO rounds are ignored; no Lucas test */ - if (res == LTC_MP_YES) { - found_p = 1; - } - } - } - } - - /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g - * 1. e = (p - 1)/q - * 2. h = any integer satisfying: 1 < h < (p - 1) - * h could be obtained from a random number generator or from a counter that changes after each use - * 3. g = h^e mod p - * 4. if (g == 1), then go to step 2. - * - */ - - if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_div(e, q, e, c)) != CRYPT_OK) { goto cleanup; } - /* e = (p - 1)/q */ - i = mp_count_bits(p); - do { - do { - if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK) { goto cleanup; } - } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT); - if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK) { goto cleanup; } - /* h is randon and 1 < h < (p-1) */ - if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK) { goto cleanup; } - } while (mp_cmp_d(g, 1) == LTC_MP_EQ); - - err = CRYPT_OK; -cleanup: - mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL); -cleanup1: - XFREE(sbuf); -cleanup2: - XFREE(wbuf); -cleanup3: - return err; -} - -/** - Create a DSA key (with given params) + Old-style creation of a DSA key @param prng An active PRNG state @param wprng The index of the PRNG desired @param group_size Size of the multiplicative group (octets) @param modulus_size Size of the modulus (octets) @param key [out] Where to store the created key - @param p_hex Hexadecimal string 'p' - @param q_hex Hexadecimal string 'q' - @param g_hex Hexadecimal string 'g' - @return CRYPT_OK if successful, upon error this function will free all allocated memory -*/ -int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex) -{ - int err, qbits; - - LTC_ARGCHK(key != NULL); - - /* init mp_ints */ - if ((err = mp_init_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) { - return err; - } - - if (p_hex == NULL || q_hex == NULL || g_hex == NULL) { - /* generate params */ - err = dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g); - if (err != CRYPT_OK) { goto cleanup; } - } - else { - /* read params */ - if ((err = mp_read_radix(key->p, p_hex, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(key->q, q_hex, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(key->g, g_hex, 16)) != CRYPT_OK) { goto cleanup; } - /* XXX-TODO maybe do some validity check for p, q, g */ - } - - /* so now we have our DH structure, generator g, order q, modulus p - Now we need a random exponent [mod q] and it's power g^x mod p - */ - qbits = mp_count_bits(key->q); - do { - if ((err = rand_bn_bits(key->x, qbits, prng, wprng)) != CRYPT_OK) { goto cleanup; } - /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ - } while (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT); - if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto cleanup; } - key->type = PK_PRIVATE; - key->qord = group_size; - - return CRYPT_OK; - -cleanup: - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); - return err; -} - -/** - Create a DSA key - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param group_size Size of the multiplicative group (octets) - @param modulus_size Size of the modulus (octets) - @param key [out] Where to store the created key - @return CRYPT_OK if successful, upon error this function will free all allocated memory + @return CRYPT_OK if successful. */ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) { - return dsa_make_key_ex(prng, wprng, group_size, modulus_size, key, NULL, NULL, NULL); + int err; + + if ((err = dsa_generate_pqg(prng, wprng, group_size, modulus_size, key)) != CRYPT_OK) { return err; } + if ((err = dsa_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + + return CRYPT_OK; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_set.c b/src/ltc/pk/dsa/dsa_set.c new file mode 100644 index 0000000..a4d4042 --- /dev/null +++ b/src/ltc/pk/dsa/dsa_set.c @@ -0,0 +1,112 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + + +#ifdef LTC_MDSA + +/** + Import DSA's p, q & g from raw numbers + @param p DSA's p in binary representation + @param plen The length of p + @param q DSA's q in binary representation + @param qlen The length of q + @param g DSA's g in binary representation + @param glen The length of g + @param key [out] the destination for the imported key + @return CRYPT_OK if successful. +*/ +int dsa_set_pqg(const unsigned char *p, unsigned long plen, + const unsigned char *q, unsigned long qlen, + const unsigned char *g, unsigned long glen, + dsa_key *key) +{ + int err, stat; + + LTC_ARGCHK(p != NULL); + LTC_ARGCHK(q != NULL); + LTC_ARGCHK(g != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + /* init key */ + err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); + if (err != CRYPT_OK) return err; + + if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; } + + key->qord = mp_unsigned_bin_size(key->q); + + /* do only a quick validation, without primality testing */ + if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { goto LBL_ERR; } + if (stat == 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + return CRYPT_OK; + +LBL_ERR: + dsa_free(key); + return err; +} + +/** + Import DSA public or private key-part from raw numbers + + NB: The p, q & g parts must be set beforehand + + @param in The key-part to import, either public or private. + @param inlen The key-part's length + @param type Which type of key (PK_PRIVATE or PK_PUBLIC) + @param key [out] the destination for the imported key + @return CRYPT_OK if successful. +*/ +int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key *key) +{ + int err, stat = 0; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(key->x != NULL); + LTC_ARGCHK(key->y != NULL); + LTC_ARGCHK(key->p != NULL); + LTC_ARGCHK(key->g != NULL); + LTC_ARGCHK(key->q != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + if (type == PK_PRIVATE) { + key->type = PK_PRIVATE; + if ((err = mp_read_unsigned_bin(key->x, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto LBL_ERR; } + } + else { + key->type = PK_PUBLIC; + if ((err = mp_read_unsigned_bin(key->y, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } + } + + if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) { goto LBL_ERR; } + if (stat == 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + return CRYPT_OK; + +LBL_ERR: + dsa_free(key); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c b/src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c new file mode 100644 index 0000000..edbed1c --- /dev/null +++ b/src/ltc/pk/dsa/dsa_set_pqg_dsaparam.c @@ -0,0 +1,67 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + + +#ifdef LTC_MDSA + +/** + Import DSA's p, q & g from dsaparam + + dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048 + + @param dsaparam The DSA param DER encoded data + @param dsaparamlen The length of dhparam data + @param key [out] the destination for the imported key + @return CRYPT_OK if successful. +*/ +int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, + dsa_key *key) +{ + int err, stat; + + LTC_ARGCHK(dsaparam != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + /* init key */ + err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); + if (err != CRYPT_OK) return err; + + if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto LBL_ERR; + } + + key->qord = mp_unsigned_bin_size(key->q); + + /* quick p, q, g validation, without primality testing */ + if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { + goto LBL_ERR; + } + if (stat == 0) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + return CRYPT_OK; + +LBL_ERR: + dsa_free(key); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_shared_secret.c b/src/ltc/pk/dsa/dsa_shared_secret.c index 8ae9d4d..4c18261 100644 --- a/src/ltc/pk/dsa/dsa_shared_secret.c +++ b/src/ltc/pk/dsa/dsa_shared_secret.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -66,7 +64,7 @@ done: } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_sign_hash.c b/src/ltc/pk/dsa/dsa_sign_hash.c index c9da8cf..fda2ca1 100644 --- a/src/ltc/pk/dsa/dsa_sign_hash.c +++ b/src/ltc/pk/dsa/dsa_sign_hash.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -149,6 +147,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c index 7df472c..eb642d5 100644 --- a/src/ltc/pk/dsa/dsa_verify_hash.c +++ b/src/ltc/pk/dsa/dsa_verify_hash.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -25,7 +23,7 @@ @param hash The hash that was signed @param hashlen The length of the hash that was signed @param stat [out] The result of the signature verification, 1==valid, 0==invalid - @param key The corresponding public DH key + @param key The corresponding public DSA key @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash_raw( void *r, void *s, @@ -49,7 +47,7 @@ int dsa_verify_hash_raw( void *r, void *s, } /* neither r or s can be null or >q*/ - if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { + if (mp_cmp_d(r, 0) != LTC_MP_GT || mp_cmp_d(s, 0) != LTC_MP_GT || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { err = CRYPT_INVALID_PACKET; goto error; } @@ -91,7 +89,7 @@ error: @param hash The hash that was signed @param hashlen The length of the hash that was signed @param stat [out] The result of the signature verification, 1==valid, 0==invalid - @param key The corresponding public DH key + @param key The corresponding public DSA key @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, @@ -100,16 +98,26 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, { int err; void *r, *s; + ltc_asn1_list sig_seq[2]; + unsigned long reallen = 0; + + LTC_ARGCHK(stat != NULL); + *stat = 0; /* must be set before the first return */ if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { return err; } - /* decode the sequence */ - if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + LTC_SET_ASN1(sig_seq, 0, LTC_ASN1_INTEGER, r, 1UL); + LTC_SET_ASN1(sig_seq, 1, LTC_ASN1_INTEGER, s, 1UL); + + err = der_decode_sequence_strict(sig, siglen, sig_seq, 2); + if (err != CRYPT_OK) { + goto LBL_ERR; + } + + err = der_length_sequence(sig_seq, 2, &reallen); + if (err != CRYPT_OK || reallen != siglen) { goto LBL_ERR; } @@ -124,6 +132,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/dsa/dsa_verify_key.c b/src/ltc/pk/dsa/dsa_verify_key.c index 5afdb3b..258e6cb 100644 --- a/src/ltc/pk/dsa/dsa_verify_key.c +++ b/src/ltc/pk/dsa/dsa_verify_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -18,83 +16,184 @@ #ifdef LTC_MDSA /** - Verify a DSA key for validity - @param key The key to verify + Validate a DSA key + + Yeah, this function should've been called dsa_validate_key() + in the first place and for compat-reasons we keep it + as it was (for now). + + @param key The key to validate @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ int dsa_verify_key(dsa_key *key, int *stat) { - void *tmp, *tmp2; - int res, err; + int err; + + err = dsa_int_validate_primes(key, stat); + if (err != CRYPT_OK || *stat == 0) return err; + + err = dsa_int_validate_pqg(key, stat); + if (err != CRYPT_OK || *stat == 0) return err; + + return dsa_int_validate_xy(key, stat); +} + +/** + Non-complex part (no primality testing) of the validation + of DSA params (p, q, g) + + @param key The key to validate + @param stat [out] Result of test, 1==valid, 0==invalid + @return CRYPT_OK if successful +*/ +int dsa_int_validate_pqg(dsa_key *key, int *stat) +{ + void *tmp1, *tmp2; + int err; LTC_ARGCHK(key != NULL); LTC_ARGCHK(stat != NULL); - - /* default to an invalid key */ *stat = 0; - /* first make sure key->q and key->p are prime */ - if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) { - return err; - } - if (res == 0) { + /* check q-order */ + if ( key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || + (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || + (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA ) { return CRYPT_OK; } - if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { - return err; - } - if (res == 0) { + /* FIPS 186-4 chapter 4.1: 1 < g < p */ + if (mp_cmp_d(key->g, 1) != LTC_MP_GT || mp_cmp(key->g, key->p) != LTC_MP_LT) { return CRYPT_OK; } - /* now make sure that g is not -1, 0 or 1 and

g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) { - return CRYPT_OK; - } - if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) { - err = CRYPT_OK; - goto error; - } + if ((err = mp_init_multi(&tmp1, &tmp2, NULL)) != CRYPT_OK) { return err; } - /* 1 < y < p-1 */ - if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) { - err = CRYPT_OK; - goto error; - } - - /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ - if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; } + /* FIPS 186-4 chapter 4.1: q is a divisor of (p - 1) */ + if ((err = mp_sub_d(key->p, 1, tmp1)) != CRYPT_OK) { goto error; } + if ((err = mp_div(tmp1, key->q, tmp1, tmp2)) != CRYPT_OK) { goto error; } if (mp_iszero(tmp2) != LTC_MP_YES) { err = CRYPT_OK; goto error; } - if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + /* FIPS 186-4 chapter 4.1: g is a generator of a subgroup of order q in + * the multiplicative group of GF(p) - so we make sure that g^q mod p = 1 + */ + if ((err = mp_exptmod(key->g, key->q, key->p, tmp1)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(tmp1, 1) != LTC_MP_EQ) { err = CRYPT_OK; goto error; } - /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ - if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { - err = CRYPT_OK; - goto error; - } - - /* at this point we are out of tests ;-( */ err = CRYPT_OK; *stat = 1; error: - mp_clear_multi(tmp, tmp2, NULL); + mp_clear_multi(tmp2, tmp1, NULL); return err; } + +/** + Primality testing of DSA params p and q + + @param key The key to validate + @param stat [out] Result of test, 1==valid, 0==invalid + @return CRYPT_OK if successful +*/ +int dsa_int_validate_primes(dsa_key *key, int *stat) +{ + int err, res; + + *stat = 0; + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(stat != NULL); + + /* key->q prime? */ + if ((err = mp_prime_is_prime(key->q, LTC_MILLER_RABIN_REPS, &res)) != CRYPT_OK) { + return err; + } + if (res == LTC_MP_NO) { + return CRYPT_OK; + } + + /* key->p prime? */ + if ((err = mp_prime_is_prime(key->p, LTC_MILLER_RABIN_REPS, &res)) != CRYPT_OK) { + return err; + } + if (res == LTC_MP_NO) { + return CRYPT_OK; + } + + *stat = 1; + return CRYPT_OK; +} + +/** + Validation of a DSA key (x and y values) + + @param key The key to validate + @param stat [out] Result of test, 1==valid, 0==invalid + @return CRYPT_OK if successful +*/ +int dsa_int_validate_xy(dsa_key *key, int *stat) +{ + void *tmp; + int err; + + *stat = 0; + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(stat != NULL); + + /* 1 < y < p-1 */ + if ((err = mp_init(&tmp)) != CRYPT_OK) { + return err; + } + if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { + goto error; + } + if (mp_cmp_d(key->y, 1) != LTC_MP_GT || mp_cmp(key->y, tmp) != LTC_MP_LT) { + err = CRYPT_OK; + goto error; + } + + if (key->type == PK_PRIVATE) { + /* FIPS 186-4 chapter 4.1: 0 < x < q */ + if (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT) { + err = CRYPT_OK; + goto error; + } + /* FIPS 186-4 chapter 4.1: y = g^x mod p */ + if ((err = mp_exptmod(key->g, key->x, key->p, tmp)) != CRYPT_OK) { + goto error; + } + if (mp_cmp(tmp, key->y) != LTC_MP_EQ) { + err = CRYPT_OK; + goto error; + } + } + else { + /* with just a public key we cannot test y = g^x mod p therefore we + * only test that y^q mod p = 1, which makes sure y is in g^x mod p + */ + if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { + goto error; + } + if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + err = CRYPT_OK; + goto error; + } + } + + err = CRYPT_OK; + *stat = 1; +error: + mp_clear(tmp); + return err; +} + #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc.c b/src/ltc/pk/ecc/ecc.c index b48b3f5..b90afc7 100644 --- a/src/ltc/pk/ecc/ecc.c +++ b/src/ltc/pk/ecc/ecc.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -21,10 +16,7 @@ #ifdef LTC_MECC -/* This array holds the curve parameters: - * - it ***MUST*** be organized by size from smallest to largest - * - due to curve lookup by keysize the ordering is very important - * - be careful when adding/removing items to/from this list +/* This array holds the curve parameters. * Curves (prime field only) are taken from: * - http://www.secg.org/collateral/sec2_final.pdf (named: SECP*) * - http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf (named: NISTP*) @@ -33,8 +25,7 @@ */ const ltc_ecc_set_type ltc_ecc_sets[] = { #if defined(LTC_ECC_SECP112R1) || defined(LTC_ECC112) -{ /* this curve ***MUST*** be the first from all with size 14 (backward compatibility reasons) */ - /* size/bytes */ 14, +{ /* curve name */ "SECP112R1", /* prime */ "DB7C2ABF62E35E668076BEAD208B", /* A */ "DB7C2ABF62E35E668076BEAD2088", @@ -43,12 +34,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "09487239995A5EE76B55F9C2F098", /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,6}, 5 } + /* OID */ { 1,3,132,0,6 }, 5 }, #endif #ifdef LTC_ECC_SECP112R2 { - /* size/bytes */ 14, /* curve name */ "SECP112R2", /* prime */ "DB7C2ABF62E35E668076BEAD208B", /* A */ "6127C24C05F38A0AAAF65C0EF02C", @@ -57,12 +47,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "4BA30AB5E892B4E1649DD0928643", /* Gy */ "ADCD46F5882E3747DEF36E956E97", /* cofactor */ 4, - /* OID struct */ { {1,3,132,0,7}, 5 } + /* OID */ { 1,3,132,0,7 }, 5 }, #endif #if defined(LTC_ECC_SECP128R1) || defined(LTC_ECC128) -{ /* this curve ***MUST*** be the first from all with size 16 (backward compatibility reasons) */ - /* size/bytes */ 16, +{ /* curve name */ "SECP128R1", /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", /* A */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", @@ -71,12 +60,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "161FF7528B899B2D0C28607CA52C5B86", /* Gy */ "CF5AC8395BAFEB13C02DA292DDED7A83", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,28}, 5 } + /* OID */ { 1,3,132,0,28 }, 5 }, #endif #ifdef LTC_ECC_SECP128R2 { - /* size/bytes */ 16, /* curve name */ "SECP128R2", /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", /* A */ "D6031998D1B3BBFEBF59CC9BBFF9AEE1", @@ -85,12 +73,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "7B6AA5D85E572983E6FB32A7CDEBC140", /* Gy */ "27B6916A894D3AEE7106FE805FC34B44", /* cofactor */ 4, - /* OID struct */ { {1,3,132,0,29}, 5 } + /* OID */ { 1,3,132,0,29 }, 5 }, #endif #if defined(LTC_ECC_SECP160R1) || defined(LTC_ECC160) -{ /* this curve ***MUST*** be the first from all with size 20 (backward compatibility reasons) */ - /* size/bytes */ 20, +{ /* curve name */ "SECP160R1", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", @@ -99,12 +86,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "4A96B5688EF573284664698968C38BB913CBFC82", /* Gy */ "23A628553168947D59DCC912042351377AC5FB32", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,8}, 5 } + /* OID */ { 1,3,132,0,8 }, 5 }, #endif #ifdef LTC_ECC_SECP160R2 { - /* size/bytes */ 20, /* curve name */ "SECP160R2", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", @@ -113,12 +99,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "52DCB034293A117E1F4FF11B30F7199D3144CE6D", /* Gy */ "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,30}, 5 } + /* OID */ { 1,3,132,0,30 }, 5 }, #endif #ifdef LTC_ECC_SECP160K1 { - /* size/bytes */ 20, /* curve name */ "SECP160K1", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", /* A */ "0000000000000000000000000000000000000000", @@ -127,26 +112,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", /* Gy */ "938CF935318FDCED6BC28286531733C3F03C4FEE", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,9}, 5 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP160R1 -{ - /* size/bytes */ 20, - /* curve name */ "BRAINPOOLP160R1", - /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", - /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", - /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", - /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", - /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", - /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,1}, 10 } + /* OID */ { 1,3,132,0,9 }, 5 }, #endif #if defined(LTC_ECC_SECP192R1) || defined(LTC_ECC192) -{ /* this curve ***MUST*** be the first from all with size 24 (backward compatibility reasons) */ - /* size/bytes */ 24, +{ /* curve name */ "SECP192R1", /* same as: NISTP192 PRIME192V1, old libtomcrypt name: ECC-192 */ /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", @@ -155,12 +125,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", /* Gy */ "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,1}, 7 } + /* OID */ { 1,2,840,10045,3,1,1 }, 7 }, #endif #ifdef LTC_ECC_PRIME192V2 { - /* size/bytes */ 24, /* curve name */ "PRIME192V2", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", @@ -169,12 +138,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", /* Gy */ "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,2}, 7 } + /* OID */ { 1,2,840,10045,3,1,2 }, 7 }, #endif #ifdef LTC_ECC_PRIME192V3 { - /* size/bytes */ 24, /* curve name */ "PRIME192V3", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", @@ -183,12 +151,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", /* Gy */ "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,3}, 7 } + /* OID */ { 1,2,840,10045,3,1,3 }, 7 }, #endif #ifdef LTC_ECC_SECP192K1 { - /* size/bytes */ 24, /* curve name */ "SECP192K1", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", /* A */ "000000000000000000000000000000000000000000000000", @@ -197,26 +164,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", /* Gy */ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,31}, 5 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP192R1 -{ - /* size/bytes */ 24, - /* curve name */ "BRAINPOOLP192R1", - /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", - /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", - /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", - /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", - /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", - /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,3}, 10 } + /* OID */ { 1,3,132,0,31 }, 5 }, #endif #if defined(LTC_ECC_SECP224R1) || defined(LTC_ECC224) -{ /* this curve ***MUST*** be the first from all with size 28 (backward compatibility reasons) */ - /* size/bytes */ 28, +{ /* curve name */ "SECP224R1", /* same as: NISTP224, old libtomcrypt name: ECC-224 */ /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", @@ -225,12 +177,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gy */ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,33}, 5 } + /* OID */ { 1,3,132,0,33 }, 5 }, #endif #ifdef LTC_ECC_SECP224K1 { - /* size/bytes */ 28, /* curve name */ "SECP224K1", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", /* A */ "00000000000000000000000000000000000000000000000000000000", @@ -239,68 +190,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", /* Gy */ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,32}, 5 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP224R1 -{ - /* size/bytes */ 28, - /* curve name */ "BRAINPOOLP224R1", - /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", - /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", - /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", - /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", - /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", - /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,5}, 10 } -}, -#endif -#ifdef LTC_ECC_PRIME239V1 -{ - /* size/bytes */ 30, - /* curve name */ "PRIME239V1", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", - /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", - /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", - /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,4}, 7 } -}, -#endif -#ifdef LTC_ECC_PRIME239V2 -{ - /* size/bytes */ 30, - /* curve name */ "PRIME239V2", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", - /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", - /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", - /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,5}, 7 } -}, -#endif -#ifdef LTC_ECC_PRIME239V3 -{ - /* size/bytes */ 30, - /* curve name */ "PRIME239V3", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", - /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", - /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", - /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,6}, 7 } + /* OID */ { 1,3,132,0,32 }, 5 }, #endif #if defined(LTC_ECC_SECP256R1) || defined(LTC_ECC256) -{ /* this curve ***MUST*** be the first from all with size 32 (backward compatibility reasons) */ - /* size/bytes */ 32, +{ /* curve name */ "SECP256R1", /* same as: NISTP256 PRIME256V1, old libtomcrypt name: ECC-256 */ /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", /* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", @@ -309,12 +203,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", /* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", /* cofactor */ 1, - /* OID struct */ { {1,2,840,10045,3,1,7}, 7 } + /* OID */ { 1,2,840,10045,3,1,7 }, 7 }, #endif #ifdef LTC_ECC_SECP256K1 { - /* size/bytes */ 32, /* curve name */ "SECP256K1", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", /* A */ "0000000000000000000000000000000000000000000000000000000000000000", @@ -323,40 +216,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", /* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,10}, 5 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP256R1 -{ - /* size/bytes */ 32, - /* curve name */ "BRAINPOOLP256R1", - /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", - /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", - /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", - /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", - /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", - /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,7}, 10 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP320R1 -{ - /* size/bytes */ 40, - /* curve name */ "BRAINPOOLP320R1", - /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", - /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", - /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", - /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", - /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", - /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,9}, 10 } + /* OID */ { 1,3,132,0,10 }, 5 }, #endif #if defined(LTC_ECC_SECP384R1) || defined(LTC_ECC384) -{ /* this curve ***MUST*** be the first from all with size 48 (backward compatibility reasons) */ - /* size/bytes */ 48, +{ /* curve name */ "SECP384R1", /* same as: NISTP384, old libtomcrypt name: ECC-384 */ /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", @@ -365,40 +229,11 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", /* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,34}, 5 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP384R1 -{ - /* size/bytes */ 48, - /* curve name */ "BRAINPOOLP384R1", - /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", - /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", - /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", - /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", - /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", - /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,11}, 10 } -}, -#endif -#ifdef LTC_ECC_BRAINPOOLP512R1 -{ - /* size/bytes */ 64, - /* curve name */ "BRAINPOOLP512R1", - /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", - /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", - /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", - /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", - /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", - /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", - /* cofactor */ 1, - /* OID struct */ { {1,3,36,3,3,2,8,1,1,13}, 10 } + /* OID */ { 1,3,132,0,34 }, 5 }, #endif #if defined(LTC_ECC_SECP521R1) || defined(LTC_ECC521) -{ /* this curve ***MUST*** be the first from all with size 66 (backward compatibility reasons) */ - /* size/bytes */ 66, +{ /* curve name */ "SECP521R1", /* same as: NISTP521, old libtomcrypt name: ECC-521 */ /* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", @@ -407,20 +242,240 @@ const ltc_ecc_set_type ltc_ecc_sets[] = { /* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", /* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", /* cofactor */ 1, - /* OID struct */ { {1,3,132,0,35}, 5 } + /* OID */ { 1,3,132,0,35 }, 5 +}, +#endif +#ifdef LTC_ECC_PRIME239V1 +{ + /* curve name */ "PRIME239V1", + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", + /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", + /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", + /* cofactor */ 1, + /* OID */ { 1,2,840,10045,3,1,4 }, 7 +}, +#endif +#ifdef LTC_ECC_PRIME239V2 +{ + /* curve name */ "PRIME239V2", + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", + /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", + /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", + /* cofactor */ 1, + /* OID */ { 1,2,840,10045,3,1,5 }, 7 +}, +#endif +#ifdef LTC_ECC_PRIME239V3 +{ + /* curve name */ "PRIME239V3", + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", + /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", + /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", + /* cofactor */ 1, + /* OID */ { 1,2,840,10045,3,1,6 }, 7 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP160R1 +{ + /* curve name */ "BRAINPOOLP160R1", + /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", + /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", + /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", + /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", + /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", + /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,1 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP192R1 +{ + /* curve name */ "BRAINPOOLP192R1", + /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", + /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", + /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", + /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", + /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", + /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,3 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP224R1 +{ + /* curve name */ "BRAINPOOLP224R1", + /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", + /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", + /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", + /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", + /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", + /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,5 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP256R1 +{ + /* curve name */ "BRAINPOOLP256R1", + /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", + /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", + /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", + /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", + /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", + /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,7 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP320R1 +{ + /* curve name */ "BRAINPOOLP320R1", + /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", + /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", + /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", + /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", + /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", + /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,9 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP384R1 +{ + /* curve name */ "BRAINPOOLP384R1", + /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", + /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", + /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", + /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", + /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", + /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,11 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP512R1 +{ + /* curve name */ "BRAINPOOLP512R1", + /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", + /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", + /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", + /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", + /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", + /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,13 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP160T1 +{ + /* curve name */ "BRAINPOOLP160T1", + /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", + /* A */ "E95E4A5F737059DC60DFC7AD95B3D8139515620C", + /* B */ "7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", + /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", + /* Gx */ "B199B13B9B34EFC1397E64BAEB05ACC265FF2378", + /* Gy */ "ADD6718B7C7C1961F0991B842443772152C9E0AD", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,2 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP192T1 +{ + /* curve name */ "BRAINPOOLP192T1", + /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", + /* A */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", + /* B */ "13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", + /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", + /* Gx */ "3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129", + /* Gy */ "097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,4 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP224T1 +{ + /* curve name */ "BRAINPOOLP224T1", + /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", + /* A */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", + /* B */ "4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", + /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", + /* Gx */ "6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580", + /* Gy */ "0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,6 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP256T1 +{ + /* curve name */ "BRAINPOOLP256T1", + /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", + /* A */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", + /* B */ "662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", + /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", + /* Gx */ "A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", + /* Gy */ "2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,8 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP320T1 +{ + /* curve name */ "BRAINPOOLP320T1", + /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", + /* A */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", + /* B */ "A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", + /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", + /* Gx */ "925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52", + /* Gy */ "63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,10 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP384T1 +{ + /* curve name */ "BRAINPOOLP384T1", + /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", + /* A */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", + /* B */ "7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", + /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", + /* Gx */ "18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", + /* Gy */ "25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,12 }, 10 +}, +#endif +#ifdef LTC_ECC_BRAINPOOLP512T1 +{ + /* curve name */ "BRAINPOOLP512T1", + /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", + /* A */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", + /* B */ "7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", + /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", + /* Gx */ "640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", + /* Gy */ "5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", + /* cofactor */ 1, + /* OID */ { 1,3,36,3,3,2,8,1,1,14 }, 10 }, #endif { - 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, - { { 0 }, 0 } + { 0 }, 0 } }; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_ansi_x963_export.c b/src/ltc/pk/ecc/ecc_ansi_x963_export.c index fec560b..528dcd8 100644 --- a/src/ltc/pk/ecc/ecc_ansi_x963_export.c +++ b/src/ltc/pk/ecc/ecc_ansi_x963_export.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -36,10 +31,7 @@ int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - numlen = key->dp->size; + numlen = key->dp.size; xlen = mp_unsigned_bin_size(key->pubkey.x); ylen = mp_unsigned_bin_size(key->pubkey.y); @@ -71,6 +63,6 @@ int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_ansi_x963_import.c b/src/ltc/pk/ecc/ecc_ansi_x963_import.c index 081cf64..bcc8575 100644 --- a/src/ltc/pk/ecc/ecc_ansi_x963_import.c +++ b/src/ltc/pk/ecc/ecc_ansi_x963_import.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -31,9 +26,9 @@ int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key * return ecc_ansi_x963_import_ex(in, inlen, key, NULL); } -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp) +int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) { - int x, err; + int err; LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); @@ -43,64 +38,25 @@ int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_ke return CRYPT_INVALID_ARG; } - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* check for 4, 6 or 7 */ - if (in[0] != 4 && in[0] != 6 && in[0] != 7) { - err = CRYPT_INVALID_PACKET; - goto error; - } - - /* read data */ - if ((err = mp_read_unsigned_bin(key->pubkey.x, (unsigned char *)in+1, (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - - if ((err = mp_read_unsigned_bin(key->pubkey.y, (unsigned char *)in+1+((inlen-1)>>1), (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; } - + /* initialize key->dp */ if (dp == NULL) { - /* BEWARE: Here we are looking up the curve params by keysize (neither curve name nor curve oid), - * which might be ambiguous (there can more than one curve for given keysize). - * Thus the chosen curve depends on order of items in ltc_ecc_sets[] - see ecc.c file. - */ - /* determine the idx */ - for (x = 0; ltc_ecc_sets[x].size != 0; x++) { - if ((unsigned)ltc_ecc_sets[x].size >= ((inlen-1)>>1)) { - break; - } - } - if (ltc_ecc_sets[x].size == 0) { - err = CRYPT_INVALID_PACKET; - goto error; - } - /* set the idx */ - key->idx = x; - key->dp = <c_ecc_sets[x]; - } else { - if (((inlen-1)>>1) != (unsigned long) dp->size) { - err = CRYPT_INVALID_PACKET; - goto error; - } - key->idx = -1; - key->dp = dp; + /* this case works only for uncompressed public keys */ + if ((err = ecc_set_dp_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; } } - key->type = PK_PUBLIC; + else { + /* this one works for both compressed / uncompressed pubkeys */ + if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } + } + + /* load public key */ + if ((err = ecc_set_key((unsigned char *)in, inlen, PK_PUBLIC, key)) != CRYPT_OK) { return err; } /* we're done */ return CRYPT_OK; -error: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); - return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_decrypt_key.c b/src/ltc/pk/ecc/ecc_decrypt_key.c index 6e1d34d..ebfa515 100644 --- a/src/ltc/pk/ecc/ecc_decrypt_key.c +++ b/src/ltc/pk/ecc/ecc_decrypt_key.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -35,7 +30,8 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, ecc_key *key) { unsigned char *ecc_shared, *skey, *pub_expt; - unsigned long x, y, hashOID[32]; + unsigned long x, y; + unsigned long hashOID[32] = { 0 }; int hash, err; ecc_key pubkey; ltc_asn1_list decode[3]; @@ -52,8 +48,8 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, /* decode to find out hash */ LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { + err = der_decode_sequence(in, inlen, decode, 1); + if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { return err; } @@ -89,9 +85,8 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, } /* import ECC key from packet */ - if ((err = ecc_import_raw(decode[1].data, decode[1].size, &pubkey, (ltc_ecc_set_type *)key->dp)) != CRYPT_OK) { - goto LBL_ERR; - } + if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = ecc_set_key(decode[1].data, decode[1].size, PK_PUBLIC, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } /* make shared key */ x = ECC_BUF_SIZE; @@ -142,7 +137,7 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_dp_clear.c b/src/ltc/pk/ecc/ecc_dp_clear.c deleted file mode 100644 index 76fa375..0000000 --- a/src/ltc/pk/ecc/ecc_dp_clear.c +++ /dev/null @@ -1,36 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_dp_clear(ltc_ecc_set_type *dp) -{ - if (dp == NULL) return CRYPT_INVALID_ARG; - - if (dp->name != NULL) { XFREE(dp->name ); dp->name = NULL; } - if (dp->prime != NULL) { XFREE(dp->prime); dp->prime = NULL; } - if (dp->A != NULL) { XFREE(dp->A ); dp->A = NULL; } - if (dp->B != NULL) { XFREE(dp->B ); dp->B = NULL; } - if (dp->order != NULL) { XFREE(dp->order); dp->order = NULL; } - if (dp->Gx != NULL) { XFREE(dp->Gx ); dp->Gx = NULL; } - if (dp->Gy != NULL) { XFREE(dp->Gy ); dp->Gy = NULL; } - dp->cofactor = 0; - dp->oid.OIDlen = 0; - - return CRYPT_OK; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_dp_fill_from_sets.c b/src/ltc/pk/ecc/ecc_dp_fill_from_sets.c deleted file mode 100644 index 06c66be..0000000 --- a/src/ltc/pk/ecc/ecc_dp_fill_from_sets.c +++ /dev/null @@ -1,76 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -static int hexstrcmp(const char *hexa, const char *hexb) -{ - #define MY_TOLOWER(a) ((((a)>='A')&&((a)<='Z')) ? ((a)|0x60) : (a)) - /* ignore leading zeroes */ - while(*hexa == '0') hexa++; - while(*hexb == '0') hexb++; - /* compare: case insensitive, hexadecimal chars only */ - while (*hexa && *hexb) { - if ( (*hexa < '0' || *hexa > '9') && - (*hexa < 'a' || *hexa > 'f') && - (*hexa < 'A' || *hexa > 'F') ) return 1; - if ( (*hexb < '0' || *hexb > '9') && - (*hexb < 'a' || *hexb > 'f') && - (*hexb < 'A' || *hexb > 'F') ) return 1; - if (MY_TOLOWER(*hexa) != MY_TOLOWER(*hexb)) return 1; - hexa++; - hexb++; - } - if (*hexa == '\0' && *hexb == '\0') return 0; /* success - match */ - return 1; -} - -/* search known curve by curve parameters and fill in missing parameters into dp - * we assume every parameter has the same case (usually uppercase) and no leading zeros - */ -int ecc_dp_fill_from_sets(ltc_ecc_set_type *dp) -{ - ltc_ecc_set_type params; - int x; - - if (!dp) return CRYPT_INVALID_ARG; - if (dp->oid.OIDlen > 0) return CRYPT_OK; - if (!dp->prime || !dp->A || !dp->B || !dp->order || !dp->Gx || !dp->Gy || dp->cofactor == 0) return CRYPT_INVALID_ARG; - - for (x = 0; ltc_ecc_sets[x].size != 0; x++) { - if (hexstrcmp(ltc_ecc_sets[x].prime, dp->prime) == 0 && - hexstrcmp(ltc_ecc_sets[x].A, dp->A) == 0 && - hexstrcmp(ltc_ecc_sets[x].B, dp->B) == 0 && - hexstrcmp(ltc_ecc_sets[x].order, dp->order) == 0 && - hexstrcmp(ltc_ecc_sets[x].Gx, dp->Gx) == 0 && - hexstrcmp(ltc_ecc_sets[x].Gy, dp->Gy) == 0 && - ltc_ecc_sets[x].cofactor == dp->cofactor) { - - params = ltc_ecc_sets[x]; - - /* copy oid */ - dp->oid.OIDlen = params.oid.OIDlen; - XMEMCPY(dp->oid.OID, params.oid.OID, dp->oid.OIDlen * sizeof(dp->oid.OID[0])); - - /* copy name */ - if (dp->name != NULL) XFREE(dp->name); - if ((dp->name = XMALLOC(1+strlen(params.name))) == NULL) return CRYPT_MEM; - strcpy(dp->name, params.name); - - return CRYPT_OK; - } - } - - return CRYPT_INVALID_ARG; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_dp_from_oid.c b/src/ltc/pk/ecc/ecc_dp_from_oid.c deleted file mode 100644 index 2b9d40e..0000000 --- a/src/ltc/pk/ecc/ecc_dp_from_oid.c +++ /dev/null @@ -1,86 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_dp_set_by_oid(ltc_ecc_set_type *dp, unsigned long *oid, unsigned long oidsize) -{ - int i; - unsigned long len; - - for(i=0; ltc_ecc_sets[i].size != 0; i++) { - if ((oidsize == ltc_ecc_sets[i].oid.OIDlen) && - (XMEM_NEQ(oid, ltc_ecc_sets[i].oid.OID, sizeof(unsigned long) * ltc_ecc_sets[i].oid.OIDlen) == 0)) { - break; - } - } - if (ltc_ecc_sets[i].size == 0) return CRYPT_INVALID_ARG; /* not found */ - - /* a */ - len = (unsigned long)strlen(ltc_ecc_sets[i].A); - if ((dp->A = XMALLOC(1+len)) == NULL) goto cleanup1; - strncpy(dp->A, ltc_ecc_sets[i].A, 1+len); - /* b */ - len = (unsigned long)strlen(ltc_ecc_sets[i].B); - if ((dp->B = XMALLOC(1+len)) == NULL) goto cleanup2; - strncpy(dp->B, ltc_ecc_sets[i].B, 1+len); - /* order */ - len = (unsigned long)strlen(ltc_ecc_sets[i].order); - if ((dp->order = XMALLOC(1+len)) == NULL) goto cleanup3; - strncpy(dp->order, ltc_ecc_sets[i].order, 1+len); - /* prime */ - len = (unsigned long)strlen(ltc_ecc_sets[i].prime); - if ((dp->prime = XMALLOC(1+len)) == NULL) goto cleanup4; - strncpy(dp->prime, ltc_ecc_sets[i].prime, 1+len); - /* gx */ - len = (unsigned long)strlen(ltc_ecc_sets[i].Gx); - if ((dp->Gx = XMALLOC(1+len)) == NULL) goto cleanup5; - strncpy(dp->Gx, ltc_ecc_sets[i].Gx, 1+len); - /* gy */ - len = (unsigned long)strlen(ltc_ecc_sets[i].Gy); - if ((dp->Gy = XMALLOC(1+len)) == NULL) goto cleanup6; - strncpy(dp->Gy, ltc_ecc_sets[i].Gy, 1+len); - /* cofactor & size */ - dp->cofactor = ltc_ecc_sets[i].cofactor; - dp->size = ltc_ecc_sets[i].size; - /* name */ - len = (unsigned long)strlen(ltc_ecc_sets[i].name); - if ((dp->name = XMALLOC(1+len)) == NULL) goto cleanup7; - strncpy(dp->name, ltc_ecc_sets[i].name, 1+len); - /* oid */ - dp->oid.OIDlen = ltc_ecc_sets[i].oid.OIDlen; - XMEMCPY(dp->oid.OID, ltc_ecc_sets[i].oid.OID, dp->oid.OIDlen * sizeof(dp->oid.OID[0])); - /* done - success */ - return CRYPT_OK; - -cleanup7: - XFREE(dp->Gy); -cleanup6: - XFREE(dp->Gx); -cleanup5: - XFREE(dp->prime); -cleanup4: - XFREE(dp->order); -cleanup3: - XFREE(dp->B); -cleanup2: - XFREE(dp->A); -cleanup1: - return CRYPT_MEM; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_dp_from_params.c b/src/ltc/pk/ecc/ecc_dp_from_params.c deleted file mode 100644 index fe38613..0000000 --- a/src/ltc/pk/ecc/ecc_dp_from_params.c +++ /dev/null @@ -1,86 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_dp_set_bn(ltc_ecc_set_type *dp, void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor) -{ - unsigned char buf[ECC_BUF_SIZE]; - unsigned long len; - - /* a */ - mp_tohex(a, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->A = XMALLOC(1+len)) == NULL) goto cleanup1; - strncpy(dp->A, (char*)buf, 1+len); - /* b */ - mp_tohex(b, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->B = XMALLOC(1+len)) == NULL) goto cleanup2; - strncpy(dp->B, (char*)buf, 1+len); - /* order */ - mp_tohex(order, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->order = XMALLOC(1+len)) == NULL) goto cleanup3; - strncpy(dp->order, (char*)buf, 1+len); - /* prime */ - mp_tohex(prime, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->prime = XMALLOC(1+len)) == NULL) goto cleanup4; - strncpy(dp->prime, (char*)buf, 1+len); - /* gx */ - mp_tohex(gx, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->Gx = XMALLOC(1+len)) == NULL) goto cleanup5; - strncpy(dp->Gx, (char*)buf, 1+len); - /* gy */ - mp_tohex(gy, (char *)buf); - len = (unsigned long)strlen((char *)buf); - if ((dp->Gy = XMALLOC(1+len)) == NULL) goto cleanup6; - strncpy(dp->Gy, (char*)buf, 1+len); - /* cofactor & size */ - dp->cofactor = cofactor; - dp->size = mp_unsigned_bin_size(prime); - /* see if we can fill in the missing parameters from known curves */ - if ((ecc_dp_fill_from_sets(dp)) != CRYPT_OK) { - /* custom name */ - if ((dp->name = XMALLOC(7)) == NULL) goto cleanup7; - strcpy(dp->name, "custom"); /* XXX-TODO check this */ - /* no oid */ - dp->oid.OIDlen = 0; - } - /* done - success */ - return CRYPT_OK; - - /* XFREE(dp->name); **** warning: statement not reached *** */ -cleanup7: - XFREE(dp->Gy); -cleanup6: - XFREE(dp->Gx); -cleanup5: - XFREE(dp->prime); -cleanup4: - XFREE(dp->order); -cleanup3: - XFREE(dp->B); -cleanup2: - XFREE(dp->A); -cleanup1: - return CRYPT_MEM; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_dp_init.c b/src/ltc/pk/ecc/ecc_dp_init.c deleted file mode 100644 index 36c8f5c..0000000 --- a/src/ltc/pk/ecc/ecc_dp_init.c +++ /dev/null @@ -1,36 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_dp_init(ltc_ecc_set_type *dp) -{ - if (dp == NULL) return CRYPT_INVALID_ARG; - - dp->name = NULL; - dp->prime = NULL; - dp->A = NULL; - dp->B = NULL; - dp->order = NULL; - dp->Gx = NULL; - dp->Gy = NULL; - dp->oid.OIDlen = 0; - dp->cofactor = 0; - - return CRYPT_OK; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_dp_set.c b/src/ltc/pk/ecc/ecc_dp_set.c deleted file mode 100644 index 33c7281..0000000 --- a/src/ltc/pk/ecc/ecc_dp_set.c +++ /dev/null @@ -1,100 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" -#include - -#ifdef LTC_MECC - -int ecc_dp_set(ltc_ecc_set_type *dp, char *ch_prime, char *ch_A, char *ch_B, char *ch_order, char *ch_Gx, char *ch_Gy, unsigned long cofactor, char *ch_name, char *oid) -{ - unsigned long l_name, l_prime, l_A, l_B, l_order, l_Gx, l_Gy; - - if (!dp || !ch_prime || !ch_A || !ch_B || !ch_order || !ch_Gx || !ch_Gy || cofactor==0) return CRYPT_INVALID_ARG; - - l_prime = (unsigned long)strlen(ch_prime); - l_A = (unsigned long)strlen(ch_A); - l_B = (unsigned long)strlen(ch_B); - l_order = (unsigned long)strlen(ch_order); - l_Gx = (unsigned long)strlen(ch_Gx); - l_Gy = (unsigned long)strlen(ch_Gy); - - dp->cofactor = cofactor; - - { /* calculate size */ - void *p_num; - mp_init(&p_num); - mp_read_radix(p_num, ch_prime, 16); - dp->size = mp_unsigned_bin_size(p_num); - mp_clear(p_num); - } - - if (dp->name != NULL) { XFREE(dp->name ); dp->name = NULL; } - if (dp->prime != NULL) { XFREE(dp->prime); dp->prime = NULL; } - if (dp->A != NULL) { XFREE(dp->A ); dp->A = NULL; } - if (dp->B != NULL) { XFREE(dp->B ); dp->B = NULL; } - if (dp->order != NULL) { XFREE(dp->order); dp->order = NULL; } - if (dp->Gx != NULL) { XFREE(dp->Gx ); dp->Gx = NULL; } - if (dp->Gy != NULL) { XFREE(dp->Gy ); dp->Gy = NULL; } - - dp->prime = XMALLOC(1+l_prime); strncpy(dp->prime, ch_prime, 1+l_prime); - dp->A = XMALLOC(1+l_A); strncpy(dp->A, ch_A, 1+l_A); - dp->B = XMALLOC(1+l_B); strncpy(dp->B, ch_B, 1+l_B); - dp->order = XMALLOC(1+l_order); strncpy(dp->order, ch_order, 1+l_order); - dp->Gx = XMALLOC(1+l_Gx); strncpy(dp->Gx, ch_Gx, 1+l_Gx); - dp->Gy = XMALLOC(1+l_Gy); strncpy(dp->Gy, ch_Gy, 1+l_Gy); - - /* optional parameters */ - if (ch_name == NULL && oid == NULL) { - (void)ecc_dp_fill_from_sets(dp); - } - else { - if (ch_name != NULL) { - l_name = (unsigned long)strlen(ch_name); - dp->name = XMALLOC(1+l_name); - strncpy(dp->name, ch_name, 1+l_name); - } - - if (oid != NULL) { - char *end_ptr; - unsigned int i = 0; - unsigned long val; - - end_ptr = oid; - while (i < sizeof(dp->oid.OID)/sizeof(dp->oid.OID[0]) && *oid != '\0') { - errno = 0; - val = strtoul(oid, &end_ptr, 10); - if (errno != 0 || oid == end_ptr) break; /* parsing failed */ - if (val > 0xFFFFFFFF) break; /* x64 check */ - dp->oid.OID[i++] = val; - oid = end_ptr; - if (*oid != '.') break; - oid++; - } - if (i == 0 || *end_ptr != '\0') return CRYPT_INVALID_ARG; - dp->oid.OIDlen = i; - } - } - - /* in case the parameters are really custom (unlikely) */ - if (dp->name == NULL) { - dp->name = XMALLOC(7); - strcpy(dp->name, "custom"); - dp->oid.OIDlen = 0; - } - - return CRYPT_OK; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_encrypt_key.c b/src/ltc/pk/ecc/ecc_encrypt_key.c index 2b94401..530eadd 100644 --- a/src/ltc/pk/ecc/ecc_encrypt_key.c +++ b/src/ltc/pk/ecc/ecc_encrypt_key.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -62,9 +57,8 @@ int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, } /* make a random key and export the public copy */ - if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) { - return err; - } + if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { return err; } pub_expt = XMALLOC(ECC_BUF_SIZE); ecc_shared = XMALLOC(ECC_BUF_SIZE); @@ -84,7 +78,12 @@ int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, } pubkeysize = ECC_BUF_SIZE; - if ((err = ecc_export_raw(pub_expt, &pubkeysize, PK_PUBLIC_COMPRESSED, &pubkey)) != CRYPT_OK) { +#ifdef USE_TFM + /* XXX-FIXME: TFM does not support sqrtmod_prime */ + if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { +#else + if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey)) != CRYPT_OK) { +#endif ecc_free(&pubkey); goto LBL_ERR; } @@ -128,7 +127,7 @@ LBL_ERR: } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_export.c b/src/ltc/pk/ecc/ecc_export.c index 49bb583..a095e9a 100644 --- a/src/ltc/pk/ecc/ecc_export.c +++ b/src/ltc/pk/ecc/ecc_export.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -44,12 +39,8 @@ int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key return CRYPT_PK_TYPE_MISMATCH; } - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - /* we store the NIST byte size */ - key_size = key->dp->size; + key_size = key->dp.size; if (type == PK_PRIVATE) { flags[0] = 1; @@ -74,7 +65,7 @@ int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_export_full.c b/src/ltc/pk/ecc/ecc_export_openssl.c similarity index 68% rename from src/ltc/pk/ecc/ecc_export_full.c rename to src/ltc/pk/ecc/ecc_export_openssl.c index 6a9fe43..c918137 100644 --- a/src/ltc/pk/ecc/ecc_export_full.c +++ b/src/ltc/pk/ecc/ecc_export_openssl.c @@ -5,11 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -25,7 +20,7 @@ @return CRYPT_OK if successful */ -int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) +int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) { int err; void *prime, *order, *a, *b, *gx, *gy; @@ -33,24 +28,23 @@ int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key unsigned long len_a, len_b, len_k, len_g, len_xy; unsigned long cofactor, one = 1; oid_st oid; - ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], asn_ecparams[1]; + ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams; + int flag_oid = type & PK_CURVEOID ? 1 : 0; + int flag_com = type & PK_COMPRESSED ? 1 : 0; + int flag_pri = type & PK_PRIVATE ? 1 : 0; LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(key != NULL); - if (key->type != PK_PRIVATE && type == PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH; - if (ltc_ecc_is_valid_idx(key->idx) == 0) return CRYPT_INVALID_ARG; - if (key->dp == NULL) return CRYPT_INVALID_ARG; + if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; - if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) return err; - - if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) goto error; - if ((err = mp_read_radix(order, key->dp->order, 16)) != CRYPT_OK) goto error; - if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) goto error; - if ((err = mp_read_radix(a, key->dp->A, 16)) != CRYPT_OK) goto error; - if ((err = mp_read_radix(gx, key->dp->Gx, 16)) != CRYPT_OK) goto error; - if ((err = mp_read_radix(gy, key->dp->Gy, 16)) != CRYPT_OK) goto error; + prime = key->dp.prime; + order = key->dp.order; + b = key->dp.B; + a = key->dp.A; + gx = key->dp.base.x; + gy = key->dp.base.y; /* curve param a */ len_a = mp_unsigned_bin_size(a); @@ -64,34 +58,32 @@ int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) goto error; if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* XXX-TODO hack to handle case b == 0 */ - /* base point - we export uncompressed form */ + /* base point - (un)compressed based on flag_com */ len_g = sizeof(bin_g); - if ((err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp->size, 0)) != CRYPT_OK) goto error; + if ((err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com)) != CRYPT_OK) goto error; - /* public key */ + /* public key - (un)compressed based on flag_com */ len_xy = sizeof(bin_xy); - if ((err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp->size, 0)) != CRYPT_OK) goto error; + if ((err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com)) != CRYPT_OK) goto error; /* co-factor */ - cofactor = key->dp->cofactor; + cofactor = key->dp.cofactor; /* we support only prime-field EC */ - if ((err = pk_get_oid(EC_PRIME_FIELD, &oid)) != CRYPT_OK) goto error; + if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) goto error; - if (type & PK_CURVEOID) { + if (flag_oid) { /* from http://tools.ietf.org/html/rfc5912 ECParameters ::= CHOICE { namedCurve CURVE.&id({NamedCurve}) # OBJECT } */ - - /* BEWARE: exporting PK_CURVEOID with custom OID means we're unable to read the curve again */ - if (key->dp->oid.OIDlen == 0) { err = CRYPT_INVALID_ARG; goto error; } - - /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */ - LTC_SET_ASN1(asn_ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp->oid.OID, key->dp->oid.OIDlen); - type &= ~PK_CURVEOID; + if (key->dp.oidlen == 0) { + err = CRYPT_INVALID_ARG; + goto error; + } + LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen); } else { /* from http://tools.ietf.org/html/rfc3279 @@ -130,10 +122,10 @@ int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */ - LTC_SET_ASN1(asn_ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); + LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); } - if (type == PK_PRIVATE) { + if (flag_pri) { /* private key format: http://tools.ietf.org/html/rfc5915 ECPrivateKey ::= SEQUENCE { # SEQUENCE @@ -149,12 +141,11 @@ int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) goto error; - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1UL); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); - LTC_SET_ASN1(seq_priv, 2, asn_ecparams[0].type, asn_ecparams[0].data, asn_ecparams[0].size); - LTC_SET_ASN1(seq_priv, 3, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); - seq_priv[2].tag = 0xA0; - seq_priv[3].tag = 0xA1; + LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); + LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1); + LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, &ecparams); /* context specific 0 */ + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, &pub_xy); /* context specific 1 */ err = der_encode_sequence(seq_priv, 4, out, outlen); } @@ -169,14 +160,17 @@ int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key subjectPublicKey BIT STRING # BIT STRING } */ - err = der_encode_subject_public_key_info( out, outlen, + err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy, - asn_ecparams[0].type, asn_ecparams[0].data, asn_ecparams[0].size ); + ecparams.type, ecparams.data, ecparams.size ); } error: - mp_clear_multi(prime, order, a, b, gx, gy, NULL); return err; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_free.c b/src/ltc/pk/ecc/ecc_free.c index 358c7fe..c8033b3 100644 --- a/src/ltc/pk/ecc/ecc_free.c +++ b/src/ltc/pk/ecc/ecc_free.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -28,11 +23,18 @@ void ecc_free(ecc_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); + /* clean dp */ + mp_cleanup_multi(&key->dp.prime, &key->dp.order, + &key->dp.A, &key->dp.B, + &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, + NULL); + + /* clean key */ + mp_cleanup_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_export_raw.c b/src/ltc/pk/ecc/ecc_get_key.c similarity index 71% rename from src/ltc/pk/ecc/ecc_export_raw.c rename to src/ltc/pk/ecc/ecc_get_key.c index 5206290..2b4e857 100644 --- a/src/ltc/pk/ecc/ecc_export_raw.c +++ b/src/ltc/pk/ecc/ecc_get_key.c @@ -5,11 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -19,30 +14,28 @@ /** Export raw public or private key (public keys = ANS X9.63 compressed or uncompressed; private keys = raw bytes) @param out [out] destination of export @param outlen [in/out] Length of destination and final output size - @param type PK_PRIVATE, PK_PUBLIC or PK_PUBLIC_COMPRESSED + @param type PK_PRIVATE, PK_PUBLIC or PK_PUBLIC|PK_COMPRESSED @param key Key to export Return CRYPT_OK on success */ -int ecc_export_raw(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) +int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) { unsigned long size, ksize; - int err; + int err, compressed; LTC_ARGCHK(key != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - size = key->dp->size; + size = key->dp.size; + compressed = type & PK_COMPRESSED ? 1 : 0; + type &= ~PK_COMPRESSED; - if (type == PK_PUBLIC_COMPRESSED) { - if ((err = ltc_ecc_export_point(out, outlen, key->pubkey.x, key->pubkey.y, size, 1)) != CRYPT_OK) return err; - } - else if (type == PK_PUBLIC) { - if ((err = ltc_ecc_export_point(out, outlen, key->pubkey.x, key->pubkey.y, size, 0)) != CRYPT_OK) return err; + if (type == PK_PUBLIC) { + if ((err = ltc_ecc_export_point(out, outlen, key->pubkey.x, key->pubkey.y, size, compressed)) != CRYPT_OK) { + return err; + } } else if (type == PK_PRIVATE) { if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH; @@ -61,3 +54,7 @@ int ecc_export_raw(unsigned char *out, unsigned long *outlen, int type, ecc_key } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_get_set.c b/src/ltc/pk/ecc/ecc_get_set.c new file mode 100644 index 0000000..f00cf45 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_get_set.c @@ -0,0 +1,40 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp) +{ + int i; + + LTC_ARGCHK(dp != NULL); + LTC_ARGCHK(name != NULL); + + *dp = NULL; + + for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { + if (XSTRCMP(ltc_ecc_sets[i].name, name) == 0) break; + } + + if (ltc_ecc_sets[i].name == NULL) { + /* not found */ + return CRYPT_INVALID_ARG; + } + + *dp = <c_ecc_sets[i]; + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_get_size.c b/src/ltc/pk/ecc/ecc_get_size.c index 6f24c4e..8d1c936 100644 --- a/src/ltc/pk/ecc/ecc_get_size.c +++ b/src/ltc/pk/ecc/ecc_get_size.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -28,15 +23,14 @@ */ int ecc_get_size(ecc_key *key) { - LTC_ARGCHK(key != NULL); - if (ltc_ecc_is_valid_idx(key->idx)) - return key->dp->size; - else - return INT_MAX; /* large value known to cause it to fail when passed to ecc_make_key() */ + if (key == NULL) { + return INT_MAX; + } + return key->dp.size; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_import.c b/src/ltc/pk/ecc/ecc_import.c index 95cb7e2..3a1dcc5 100644 --- a/src/ltc/pk/ecc/ecc_import.c +++ b/src/ltc/pk/ecc/ecc_import.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -51,18 +46,20 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - /* find out what type of key it is */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, &flags, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; + err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, + LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, + LTC_ASN1_EOL, 0UL, NULL); + if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { + return err; } + /* allocate & initialize the key */ + if (dp == NULL) { + if ((err = ecc_set_dp_size(key_size, key)) != CRYPT_OK) { goto done; } + } else { + if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { goto done; } + } if (flags[0] == 1) { /* private key */ @@ -76,7 +73,7 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto done; } - } else { + } else if (flags[0] == 0) { /* public key */ key->type = PK_PUBLIC; if ((err = der_decode_sequence_multi(in, inlen, @@ -88,39 +85,26 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co goto done; } } - - if (dp == NULL) { - /* BEWARE: Here we are looking up the curve params by keysize (neither curve name nor curve oid), - * which might be ambiguous (there can more than one curve for given keysize). - * Thus the chosen curve depends on order of items in ltc_ecc_sets[] - see ecc.c file. - */ - /* find the idx */ - for (key->idx = 0; ltc_ecc_sets[key->idx].size && (unsigned long)ltc_ecc_sets[key->idx].size != key_size; ++key->idx); - if (ltc_ecc_sets[key->idx].size == 0) { - err = CRYPT_INVALID_PACKET; - goto done; - } - key->dp = <c_ecc_sets[key->idx]; - } else { - key->idx = -1; - key->dp = dp; - } - /* set z */ - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; } - - /* is it a point on the curve? */ - if ((err = ltc_ecc_is_point(key->dp, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { + else { + err = CRYPT_INVALID_PACKET; goto done; } + /* set z */ + if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; } + + /* point on the curve + other checks */ + if ((err = ltc_ecc_verify_key(key)) != CRYPT_OK) { goto done; } + /* we're good */ return CRYPT_OK; + done: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); + ecc_free(key); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_import_full.c b/src/ltc/pk/ecc/ecc_import_full.c deleted file mode 100644 index 9c18f7a..0000000 --- a/src/ltc/pk/ecc/ecc_import_full.c +++ /dev/null @@ -1,154 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_import_full(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp) -{ - void *prime, *order, *a, *b, *gx, *gy; - ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4]; - unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE], bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; - unsigned long len_a, len_b, len_k, len_g, len_xy, len_oid; - unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16], curveoid[16]; - int err; - - if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) return err; - - /* ### 1. try to load public key - no curve parameters just curve OID */ - - len_xy = sizeof(bin_xy); - err = der_decode_subject_public_key_info_ex(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL, &len_oid); - if (err == CRYPT_OK) { - /* load curve parameters for given curve OID */ - if ((err = ecc_dp_set_by_oid(dp, curveoid, len_oid)) != CRYPT_OK) { goto error; } - /* load public key */ - if ((err = ecc_import_raw(bin_xy, len_xy, key, dp)) != CRYPT_OK) { goto error; } - goto success; - } - - /* ### 2. try to load public key - curve parameters included */ - - /* ECParameters SEQUENCE */ - LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); - LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); - LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); - LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); - LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); - LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); - seq_ecparams[5].optional = 1; - /* FieldID SEQUENCE */ - LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); - LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); - /* Curve SEQUENCE */ - LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); - seq_curve[2].optional = 1; - /* try to load public key */ - len_xy = sizeof(bin_xy); - err = der_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, 6); - - if (err == CRYPT_OK) { - len_a = seq_curve[0].size; - len_b = seq_curve[1].size; - len_g = seq_ecparams[3].size; - /* create bignums */ - if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } - if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } - if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } - /* load curve parameters */ - if ((err = ecc_dp_set_bn(dp, a, b, prime, order, gx, gy, cofactor)) != CRYPT_OK) { goto error; } - /* load public key */ - if ((err = ecc_import_raw(bin_xy, len_xy, key, dp)) != CRYPT_OK) { goto error; } - goto success; - } - - /* ### 3. try to load private key - no curve parameters just curve OID */ - - /* ECPrivateKey SEQUENCE */ - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_priv, 2, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); - LTC_SET_ASN1(seq_priv, 3, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); - seq_priv[2].tag = 0xA0; /* context specific 0 */ - seq_priv[3].tag = 0xA1; /* context specific 1 */ - /* try to load private key */ - err = der_decode_sequence(in, inlen, seq_priv, 4); - - if (err == CRYPT_OK) { - /* load curve parameters for given curve OID */ - if ((err = ecc_dp_set_by_oid(dp, curveoid, seq_priv[2].size)) != CRYPT_OK) { goto error; } - /* load private+public key */ - if ((err = ecc_import_raw(bin_k, seq_priv[1].size, key, dp)) != CRYPT_OK) { goto error; } - goto success; - } - - /* ### 4. try to load private key - curve parameters included */ - - /* ECPrivateKey SEQUENCE */ - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_priv, 2, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); - LTC_SET_ASN1(seq_priv, 3, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); - seq_priv[2].tag = 0xA0; /* context specific 0 */ - seq_priv[3].tag = 0xA1; /* context specific 1 */ - /* ECParameters SEQUENCE */ - LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); - LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); - LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); - LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); - LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); - LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); - seq_ecparams[5].optional = 1; - /* FieldID SEQUENCE */ - LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); - LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); - /* Curve SEQUENCE */ - LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); - seq_curve[2].optional = 1; - /* try to load private key */ - err = der_decode_sequence(in, inlen, seq_priv, 4); - if (err == CRYPT_OK) { - len_k = seq_priv[1].size; - len_xy = seq_priv[3].size; - len_a = seq_curve[0].size; - len_b = seq_curve[1].size; - len_g = seq_ecparams[3].size; - /* create bignums */ - if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } - if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } - if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } - /* load curve parameters */ - if ((err = ecc_dp_set_bn(dp, a, b, prime, order, gx, gy, cofactor)) != CRYPT_OK) { goto error; } - /* load private+public key */ - if ((err = ecc_import_raw(bin_k, len_k, key, dp)) != CRYPT_OK) { goto error; } - goto success; - } - - /* ### 5. backward compatibility - try to load old-DER format */ - if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } - -success: - err = CRYPT_OK; -error: - mp_clear_multi(prime, order, a, b, gx, gy, NULL); - return err; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_import_openssl.c b/src/ltc/pk/ecc/ecc_import_openssl.c new file mode 100644 index 0000000..abbf505 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_import_openssl.c @@ -0,0 +1,157 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key) +{ + void *prime, *order, *a, *b, *gx, *gy; + ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2]; + unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE], bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; + unsigned long len_a, len_b, len_k, len_g, len_xy, len_oid, len; + unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16], curveoid[16]; + int err; + + if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) { + return err; + } + + /* ### 1. try to load public key - no curve parameters just curve OID */ + + len_xy = sizeof(bin_xy); + len_oid = 16; + err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, &len_oid); + if (err == CRYPT_OK) { + /* load curve parameters for given curve OID */ + if ((err = ecc_set_dp_oid(curveoid, len_oid, key)) != CRYPT_OK) { goto error; } + /* load public key */ + if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } + goto success; + } + + /* ### 2. try to load public key - curve parameters included */ + + /* ECParameters SEQUENCE */ + LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); + LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); + LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); + LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); + LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); + LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); + seq_ecparams[5].optional = 1; + /* FieldID SEQUENCE */ + LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); + LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); + /* Curve SEQUENCE */ + LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); + seq_curve[2].optional = 1; + /* try to load public key */ + len_xy = sizeof(bin_xy); + len = 6; + err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, &len); + + if (err == CRYPT_OK) { + len_a = seq_curve[0].size; + len_b = seq_curve[1].size; + len_g = seq_ecparams[3].size; + /* create bignums */ + if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } + /* load curve parameters */ + if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } + /* load public key */ + if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } + goto success; + } + + /* ### 3. try to load private key - no curve parameters just curve OID */ + + /* ECPrivateKey SEQUENCE */ + LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); + LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); + LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); + LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */ + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */ + + /* try to load private key */ + err = der_decode_sequence(in, inlen, seq_priv, 4); + if (err == CRYPT_OK) { + /* load curve parameters for given curve OID */ + if ((err = ecc_set_dp_oid(curveoid, custom[0].size, key)) != CRYPT_OK) { goto error; } + /* load private+public key */ + if ((err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } + goto success; + } + + /* ### 4. try to load private key - curve parameters included */ + + /* ECPrivateKey SEQUENCE */ + LTC_SET_ASN1(custom, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); + LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); + LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); + LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */ + LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */ + /* ECParameters SEQUENCE */ + LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); + LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); + LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); + LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); + LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); + LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); + seq_ecparams[5].optional = 1; + /* FieldID SEQUENCE */ + LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); + LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); + /* Curve SEQUENCE */ + LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); + seq_curve[2].optional = 1; + /* try to load private key */ + err = der_decode_sequence(in, inlen, seq_priv, 4); + if (err == CRYPT_OK) { + len_xy = custom[1].size; + len_k = seq_priv[1].size; + len_a = seq_curve[0].size; + len_b = seq_curve[1].size; + len_g = seq_ecparams[3].size; + /* create bignums */ + if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } + /* load curve parameters */ + if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } + /* load private+public key */ + if ((err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } + goto success; + } + + /* ### 5. backward compatibility - try to load old-DER format */ + + if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } + +success: + err = CRYPT_OK; +error: + mp_clear_multi(prime, order, a, b, gx, gy, NULL); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_import_pkcs8.c b/src/ltc/pk/ecc/ecc_import_pkcs8.c index 8322859..6b5b0c7 100644 --- a/src/ltc/pk/ecc/ecc_import_pkcs8.c +++ b/src/ltc/pk/ecc/ecc_import_pkcs8.c @@ -5,37 +5,462 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" #ifdef LTC_MECC -int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, - const void *pwd, unsigned long pwdlen, - ecc_key *key, ltc_ecc_set_type *dp) +enum algorithm_oid { + PBE_MD2_DES, /* 0 */ + PBE_MD2_RC2, + PBE_MD5_DES, + PBE_MD5_RC2, + PBE_SHA1_DES, + PBE_SHA1_RC2, /* 5 */ + PBES2, + PBKDF2, + DES_CBC, + RC2_CBC, + DES_EDE3_CBC, /* 10 */ + HMAC_WITH_SHA1, + HMAC_WITH_SHA224, + HMAC_WITH_SHA256, + HMAC_WITH_SHA384, + HMAC_WITH_SHA512, /* 15 */ + PBE_SHA1_3DES +}; + +static const oid_st oid_list[] = { + { { 1,2,840,113549,1,5,1 }, 7 }, /* [0] http://www.oid-info.com/get/1.2.840.113549.1.5.1 pbeWithMD2AndDES-CBC */ + { { 1,2,840,113549,1,5,4 }, 7 }, /* [1] http://www.oid-info.com/get/1.2.840.113549.1.5.4 pbeWithMD2AndRC2-CBC */ + { { 1,2,840,113549,1,5,3 }, 7 }, /* [2] http://www.oid-info.com/get/1.2.840.113549.1.5.3 pbeWithMD5AndDES-CBC */ + { { 1,2,840,113549,1,5,6 }, 7 }, /* [3] http://www.oid-info.com/get/1.2.840.113549.1.5.6 pbeWithMD5AndRC2-CBC */ + { { 1,2,840,113549,1,5,10 }, 7 }, /* [4] http://www.oid-info.com/get/1.2.840.113549.1.5.10 pbeWithSHA1AndDES-CBC */ + { { 1,2,840,113549,1,5,11 }, 7 }, /* [5] http://www.oid-info.com/get/1.2.840.113549.1.5.11 pbeWithSHA1AndRC2-CBC */ + { { 1,2,840,113549,1,5,13 }, 7 }, /* [6] http://www.oid-info.com/get/1.2.840.113549.1.5.13 pbes2 */ + { { 1,2,840,113549,1,5,12 }, 7 }, /* [7] http://www.oid-info.com/get/1.2.840.113549.1.5.12 pBKDF2 */ + { { 1,3,14,3,2,7 }, 6 }, /* [8] http://www.oid-info.com/get/1.3.14.3.2.7 desCBC */ + { { 1,2,840,113549,3,2 }, 6 }, /* [9] http://www.oid-info.com/get/1.2.840.113549.3.2 rc2CBC */ + { { 1,2,840,113549,3,7 }, 6 }, /* [10] http://www.oid-info.com/get/1.2.840.113549.3.7 des-EDE3-CBC */ + { { 1,2,840,113549,2,7 }, 6 }, /* [11] http://www.oid-info.com/get/1.2.840.113549.2.7 hmacWithSHA1 */ + { { 1,2,840,113549,2,8 }, 6 }, /* [12] http://www.oid-info.com/get/1.2.840.113549.2.8 hmacWithSHA224 */ + { { 1,2,840,113549,2,9 }, 6 }, /* [13] http://www.oid-info.com/get/1.2.840.113549.2.9 hmacWithSHA256 */ + { { 1,2,840,113549,2,10 }, 6 }, /* [14] http://www.oid-info.com/get/1.2.840.113549.2.10 hmacWithSHA384 */ + { { 1,2,840,113549,2,11 }, 6 }, /* [15] http://www.oid-info.com/get/1.2.840.113549.2.11 hmacWithSHA512 */ + { { 1,2,840,113549,1,12,1,3 }, 8 }, /* [16] http://www.oid-info.com/get/1.2.840.113549.1.12.1.3 pbeWithSHAAnd3-KeyTripleDES-CBC */ + { { 0 }, 0 }, +}; + +static int _simple_utf8_to_utf16(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen) { + unsigned long len = 0; + const unsigned char* in_end = in + inlen; + const ulong32 offset[6] = { + 0x00000000UL, 0x00003080UL, 0x000E2080UL, + 0x03C82080UL, 0xFA082080UL, 0x82082080UL + }; + int err = CRYPT_ERROR; + + while (in < in_end) { + ulong32 ch = 0; + unsigned short extra = 0; /* 0 */ + if (*in >= 192) extra++; /* 1 */ + if (*in >= 224) extra++; /* 2 */ + if (*in >= 240) extra++; /* 3 */ + if (*in >= 248) extra++; /* 4 */ + if (*in >= 252) extra++; /* 5 */ + if (in + extra >= in_end) goto ERROR; + switch (extra) { + case 5: ch += *in++; ch <<= 6; + case 4: ch += *in++; ch <<= 6; + case 3: ch += *in++; ch <<= 6; + case 2: ch += *in++; ch <<= 6; + case 1: ch += *in++; ch <<= 6; + case 0: ch += *in++; + } + ch -= offset[extra]; + if (ch > 0xFFFF) goto ERROR; + if (*outlen >= len + 2) { + out[len] = (unsigned short)((ch >> 8) & 0xFF); + out[len + 1] = (unsigned char)(ch & 0xFF); + } + len += 2; + } + + err = len > *outlen ? CRYPT_BUFFER_OVERFLOW : CRYPT_OK; + *outlen = len; +ERROR: + return err; +} + +static int _kdf_pkcs12(int hash_id, const unsigned char *pw, unsigned long pwlen, + const unsigned char *salt, unsigned long saltlen, + unsigned int iterations, unsigned char purpose, + unsigned char *out, unsigned long outlen) { + unsigned long u = hash_descriptor[hash_id].hashsize; + unsigned long v = hash_descriptor[hash_id].blocksize; + unsigned long c = (outlen + u - 1) / u; + unsigned long Slen = ((saltlen + v - 1) / v) * v; + unsigned long Plen = ((pwlen + v - 1) / v) * v; + unsigned long k = (Plen + Slen) / v; + unsigned long Alen, keylen = 0; + unsigned int tmp, i, j, n; + unsigned char ch; + unsigned char D[MAXBLOCKSIZE], A[MAXBLOCKSIZE], B[MAXBLOCKSIZE]; + unsigned char *I = NULL, *key = NULL; + int err = CRYPT_ERROR; + + key = XMALLOC(u * c); + I = XMALLOC(Plen + Slen); + if (key == NULL || I == NULL) goto DONE; + + for (i = 0; i < v; i++) D[i] = purpose; /* D - diversifier */ + for (i = 0; i < Slen; i++) I[i] = salt[i % saltlen]; + for (i = 0; i < Plen; i++) I[Slen + i] = pw[i % pwlen]; /* I = Salt || Pass */ + + for (i = 0; i < c; i++) { + Alen = u; /* hash size */ + err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */ + if (err != CRYPT_OK) goto DONE; + for (j = 1; j < iterations; j++) { + err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */ + if (err != CRYPT_OK) goto DONE; + } + /* fill buffer B with A */ + for (j = 0; j < v; j++) B[j] = A[j % Alen]; + /* B += 1 */ + for (j = v; j > 0; j--) { + if (++B[j - 1] != 0) break; + } + /* I_n += B */ + for (n = 0; n < k; n++) { + ch = 0; + for (j = v; j > 0; j--) { + tmp = I[n * v + j - 1] + B[j - 1] + ch; + ch = (unsigned char)((tmp >> 8) & 0xFF); + I[n * v + j - 1] = (unsigned char)(tmp & 0xFF); + } + } + /* store derived key block */ + for (j = 0; j < Alen; j++) key[keylen++] = A[j]; + } + + for (i = 0; i < outlen; i++) out[i] = key[i]; + err = CRYPT_OK; +DONE: + if (I) XFREE(I); + if (key) XFREE(key); + return err; +} + +static int _oid_to_id(const unsigned long *oid, unsigned long oid_size) +{ + int i, j; + for (j = 0; oid_list[j].OIDlen > 0; j++) { + int match = 1; + if (oid_list[j].OIDlen != oid_size) continue; + for (i = 0; i < (int)oid_size && match; i++) if (oid_list[j].OID[i] != oid[i]) match = 0; + if (match) return j; + } + return -1; +} + +static int _pbes1_decrypt(const unsigned char *enc_data, unsigned long enc_size, + const unsigned char *pass, unsigned long pass_size, + const unsigned char *salt, unsigned long salt_size, + unsigned long iterations, + const unsigned long *oid, unsigned long oid_size, + unsigned char *dec_data, unsigned long *dec_size) +{ + int id = _oid_to_id(oid, oid_size); + int err, hid = -1, cid = -1; + unsigned int keylen, blklen; + unsigned char key_iv[32] = { 0 }, pad; + unsigned long len = sizeof(key_iv), pwlen = pass_size; + symmetric_CBC cbc; + unsigned char *pw = NULL; + + /* https://tools.ietf.org/html/rfc8018#section-6.1.2 */ + if (id == PBE_MD2_DES || id == PBE_MD2_RC2) hid = find_hash("md2"); + if (id == PBE_MD5_DES || id == PBE_MD5_RC2) hid = find_hash("md5"); + if (id == PBE_SHA1_DES || id == PBE_SHA1_RC2 || id == PBE_SHA1_3DES) hid = find_hash("sha1"); + + if (id == PBE_MD2_RC2 || id == PBE_MD5_RC2 || id == PBE_SHA1_RC2) { + cid = find_cipher("rc2"); + keylen = 8; + blklen = 8; + } + if (id == PBE_MD2_DES || id == PBE_MD5_DES || id == PBE_SHA1_DES) { + cid = find_cipher("des"); + keylen = 8; + blklen = 8; + } + if (id == PBE_SHA1_3DES) { + cid = find_cipher("3des"); + keylen = 24; + blklen = 8; + } + + if (id == PBE_SHA1_3DES) { + /* convert password to unicode/utf16-be */ + pwlen = pass_size * 2; + pw = XMALLOC(pwlen + 2); + if (pw == NULL) goto LBL_ERROR; + if ((err = _simple_utf8_to_utf16(pass, pass_size, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR; + pw[pwlen++] = 0; + pw[pwlen++] = 0; + /* derive KEY */ + if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 1, key_iv, keylen)) != CRYPT_OK) goto LBL_ERROR; + /* derive IV */ + if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 2, key_iv+24, blklen)) != CRYPT_OK) goto LBL_ERROR; + } + else { + if ((err = pkcs_5_alg1(pass, pass_size, salt, iterations, hid, key_iv, &len)) != CRYPT_OK) goto LBL_ERROR; + /* the output has 16 bytes: [KEY-8-bytes][IV-8-bytes] */ + } + + if (hid != -1 && cid != -1) { + if (salt_size != 8 || enc_size < blklen) goto LBL_ERROR; + if ((err = cbc_start(cid, key_iv + keylen, key_iv, keylen, 0, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_decrypt(enc_data, dec_data, enc_size, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_done(&cbc)) != CRYPT_OK) goto LBL_ERROR; + pad = dec_data[enc_size-1]; + if (pad < 1 || pad > blklen) goto LBL_ERROR; + *dec_size = enc_size - pad; + return CRYPT_OK; + } + +LBL_ERROR: + zeromem(key_iv, sizeof(key_iv)); + if (pw) { zeromem(pw, pwlen); XFREE(pw); } + return CRYPT_INVALID_ARG; +} + +static int _pbes2_pbkdf2_decrypt(const unsigned char *enc_data, unsigned long enc_size, + const unsigned char *pass, unsigned long pass_size, + const unsigned char *salt, unsigned long salt_size, + const unsigned char *iv, unsigned long iv_size, + unsigned long iterations, + int hmacid, + int encid, + int extra_arg, + unsigned char *dec_data, unsigned long *dec_size) +{ + int err, hid = -1, cid = -1; + unsigned char k[32], pad; + unsigned long klen = sizeof(k); + symmetric_CBC cbc; + + /* https://tools.ietf.org/html/rfc8018#section-6.2.2 */ + + if (hmacid == HMAC_WITH_SHA1) hid = find_hash("sha1"); + if (hmacid == HMAC_WITH_SHA224) hid = find_hash("sha224"); + if (hmacid == HMAC_WITH_SHA256) hid = find_hash("sha256"); + if (hmacid == HMAC_WITH_SHA384) hid = find_hash("sha384"); + if (hmacid == HMAC_WITH_SHA512) hid = find_hash("sha512"); + if (hid == -1) return CRYPT_INVALID_ARG; + + if (encid == DES_EDE3_CBC) { + /* https://tools.ietf.org/html/rfc8018#appendix-B.2.2 */ + cid = find_cipher("3des"); + klen = 24; + if (klen > sizeof(k) || iv_size != 8 || iv == NULL || cid == -1) goto LBL_ERROR; + if ((err = pkcs_5_alg2(pass, pass_size, salt, salt_size, iterations, hid, k, &klen)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_start(cid, iv, k, klen, 0, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_decrypt(enc_data, dec_data, enc_size, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_done(&cbc)) != CRYPT_OK) goto LBL_ERROR; + pad = dec_data[enc_size-1]; + if (pad < 1 || pad > 8) goto LBL_ERROR; + *dec_size = enc_size - pad; + return CRYPT_OK; + } + + if (encid == DES_CBC) { + /* https://tools.ietf.org/html/rfc8018#appendix-B.2.1 */ + cid = find_cipher("des"); + klen = 8; /* 64 bits */ + if (klen > sizeof(k) || iv_size != 8 || iv == NULL || cid == -1) goto LBL_ERROR; + if ((err = pkcs_5_alg2(pass, pass_size, salt, salt_size, iterations, hid, k, &klen)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_start(cid, iv, k, klen, 0, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_decrypt(enc_data, dec_data, enc_size, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_done(&cbc)) != CRYPT_OK) goto LBL_ERROR; + pad = dec_data[enc_size-1]; + if (pad < 1 || pad > 8) goto LBL_ERROR; + *dec_size = enc_size - pad; + return CRYPT_OK; + } + + if (encid == RC2_CBC) { + /* https://tools.ietf.org/html/rfc8018#appendix-B.2.3 */ + cid = find_cipher("rc2"); + klen = 4; /* default: 32 bits */ + if (extra_arg == 160) klen = 5; + if (extra_arg == 120) klen = 8; + if (extra_arg == 58) klen = 16; + if (extra_arg >= 256) klen = extra_arg / 8; + if (klen > sizeof(k) || iv_size != 8 || iv == NULL || cid == -1) goto LBL_ERROR; + if ((err = pkcs_5_alg2(pass, pass_size, salt, salt_size, iterations, hid, k, &klen)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_start(cid, iv, k, klen, 0, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_decrypt(enc_data, dec_data, enc_size, &cbc)) != CRYPT_OK) goto LBL_ERROR; + if ((err = cbc_done(&cbc)) != CRYPT_OK) goto LBL_ERROR; + pad = dec_data[enc_size-1]; + if (pad < 1 || pad > 8) goto LBL_ERROR; + *dec_size = enc_size - pad; + return CRYPT_OK; + } + +LBL_ERROR: + zeromem(k, sizeof(k)); + return CRYPT_INVALID_ARG; +} + +static int _der_decode_pkcs8_flexi(const unsigned char *in, unsigned long inlen, + const void *pwd, unsigned long pwdlen, + ltc_asn1_list **decoded_list) +{ + unsigned long len = inlen; + unsigned long dec_size; + unsigned char *dec_data = NULL; + ltc_asn1_list *l = NULL; int err; - void *zero, *one, *iter; - unsigned char *buf1=NULL, *buf2=NULL; - unsigned long buf1len, buf2len; - unsigned long oid[16]; - oid_st ecoid; - ltc_asn1_list alg_seq[2], top_seq[3]; - ltc_asn1_list alg_seq_e[2], key_seq_e[2], top_seq_e[2]; - unsigned char *decrypted=NULL; - unsigned long decryptedlen; - void *prime, *order, *a, *b, *gx, *gy; - ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4]; - unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE], bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; - unsigned long len_a, len_b, len_g; - unsigned long cofactor = 0, ecver = 0, tmpoid[16], curveoid[16]; + + *decoded_list = NULL; + if ((err = der_decode_sequence_flexi(in, &len, &l)) == CRYPT_OK) { + /* the following "if" detects whether it is encrypted or not */ + if (l->type == LTC_ASN1_SEQUENCE && + l->child && l->child->type == LTC_ASN1_SEQUENCE && + l->child->child && l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && + l->child->child->next && l->child->child->next->type == LTC_ASN1_SEQUENCE && + l->child->next && l->child->next->type == LTC_ASN1_OCTET_STRING) { + ltc_asn1_list *lalgoid = l->child->child; + ltc_asn1_list *lalgparam = l->child->child->next; + unsigned char *enc_data = l->child->next->data; + unsigned long enc_size = l->child->next->size; + dec_size = enc_size; + if ((dec_data = XMALLOC(dec_size)) == NULL) { + err = CRYPT_MEM; + goto LBL_DONE; + } + if (lalgparam->child && lalgparam->child->type == LTC_ASN1_OCTET_STRING && + lalgparam->child->next && lalgparam->child->next->type == LTC_ASN1_INTEGER) { + /* PBES1: encrypted pkcs8 - pbeWithMD5AndDES-CBC: + * 0:d=0 hl=4 l= 329 cons: SEQUENCE + * 4:d=1 hl=2 l= 27 cons: SEQUENCE (== *lalg) + * 6:d=2 hl=2 l= 9 prim: OBJECT :pbeWithMD5AndDES-CBC (== 1.2.840.113549.1.5.3) + * 17:d=2 hl=2 l= 14 cons: SEQUENCE (== *lalgparam) + * 19:d=3 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:8EDF749A06CCDE51 (== salt) + * 29:d=3 hl=2 l= 2 prim: INTEGER :0800 (== iterations) + * 33:d=1 hl=4 l= 296 prim: OCTET STRING :bytes (== encrypted data) + */ + unsigned long iter = mp_get_int(lalgparam->child->next->data); + unsigned long salt_size = lalgparam->child->size; + unsigned char *salt = lalgparam->child->data; + err = _pbes1_decrypt(enc_data, enc_size, pwd, pwdlen, salt, salt_size, iter, lalgoid->data, lalgoid->size, dec_data, &dec_size); + if (err != CRYPT_OK) goto LBL_DONE; + } + else if (PBES2 == _oid_to_id(lalgoid->data, lalgoid->size) && + lalgparam->child && lalgparam->child->type == LTC_ASN1_SEQUENCE && + lalgparam->child->child && lalgparam->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && + lalgparam->child->child->next && lalgparam->child->child->next->type == LTC_ASN1_SEQUENCE && + lalgparam->child->next && lalgparam->child->next->type == LTC_ASN1_SEQUENCE && + lalgparam->child->next->child && lalgparam->child->next->child->type == LTC_ASN1_OBJECT_IDENTIFIER) { + /* PBES2: encrypted pkcs8 - PBES2+PBKDF2+des-ede3-cbc: + * 0:d=0 hl=4 l= 380 cons: SEQUENCE + * 4:d=1 hl=2 l= 78 cons: SEQUENCE (== *lalg) + * 6:d=2 hl=2 l= 9 prim: OBJECT :PBES2 (== 1.2.840.113549.1.5.13) + * 17:d=2 hl=2 l= 65 cons: SEQUENCE (== *lalgparam) + * 19:d=3 hl=2 l= 41 cons: SEQUENCE + * 21:d=4 hl=2 l= 9 prim: OBJECT :PBKDF2 + * 32:d=4 hl=2 l= 28 cons: SEQUENCE + * 34:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:28BA4ABF6AA76A3D (== salt) + * 44:d=5 hl=2 l= 2 prim: INTEGER :0800 (== iterations) + * 48:d=5 hl=2 l= 12 cons: SEQUENCE (this sequence is optional, may be missing) + * 50:d=6 hl=2 l= 8 prim: OBJECT :hmacWithSHA256 + * 60:d=6 hl=2 l= 0 prim: NULL + * 62:d=3 hl=2 l= 20 cons: SEQUENCE + * 64:d=4 hl=2 l= 8 prim: OBJECT :des-ede3-cbc + * 74:d=4 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:B1404C4688DC9A5A + * 84:d=1 hl=4 l= 296 prim: OCTET STRING :bytes (== encrypted data) + */ + ltc_asn1_list *lkdf = lalgparam->child->child; + ltc_asn1_list *lenc = lalgparam->child->next->child; + int kdfid = _oid_to_id(lkdf->data, lkdf->size); + int encid = _oid_to_id(lenc->data, lenc->size); + if (PBKDF2 == kdfid && + lkdf->next && lkdf->next->type == LTC_ASN1_SEQUENCE && + lkdf->next->child && lkdf->next->child->type == LTC_ASN1_OCTET_STRING && + lkdf->next->child->next && lkdf->next->child->next->type == LTC_ASN1_INTEGER) { + unsigned long iter = mp_get_int(lkdf->next->child->next->data); + unsigned long salt_size = lkdf->next->child->size; + unsigned char *salt = lkdf->next->child->data; + unsigned char *iv = NULL; + unsigned long iv_size = 0; + unsigned long arg = 0; + ltc_asn1_list *loptseq = lkdf->next->child->next->next; + int hmacid = HMAC_WITH_SHA1; /* this is default */ + if (loptseq && loptseq->type == LTC_ASN1_SEQUENCE && + loptseq->child && loptseq->child->type == LTC_ASN1_OBJECT_IDENTIFIER) { + /* this sequence is optional */ + hmacid = _oid_to_id(loptseq->child->data, loptseq->child->size); + } + if (lenc->next && lenc->next->type == LTC_ASN1_OCTET_STRING) { + /* DES-CBC + DES_EDE3_CBC */ + iv = lenc->next->data; + iv_size = lenc->next->size; + } + else if (lenc->next && lenc->next->type == LTC_ASN1_SEQUENCE && + lenc->next->child && lenc->next->child->type == LTC_ASN1_INTEGER && + lenc->next->child->next && lenc->next->child->next->type == LTC_ASN1_OCTET_STRING) { + /* RC2-CBC is a bit special */ + iv = lenc->next->child->next->data; + iv_size = lenc->next->child->next->size; + arg = mp_get_int(lenc->next->child->data); + } + err = _pbes2_pbkdf2_decrypt(enc_data, enc_size, pwd, pwdlen, salt, salt_size, iv, iv_size, iter, hmacid, encid, arg, dec_data, &dec_size); + if (err != CRYPT_OK) goto LBL_DONE; + } + else { + /* non-PBKDF2 algorithms are not supported */ + err = CRYPT_INVALID_PACKET; + goto LBL_DONE; + } + } + else { + /* unsupported encryption */ + err = CRYPT_INVALID_PACKET; + goto LBL_DONE; + } + der_free_sequence_flexi(l); + l = NULL; + err = der_decode_sequence_flexi(dec_data, &dec_size, &l); + if (err != CRYPT_OK) goto LBL_DONE; + *decoded_list = l; + } + else { + /* not encrypted */ + err = CRYPT_OK; + *decoded_list = l; + } + } + +LBL_DONE: + if (dec_data) XFREE(dec_data); + return err; +} + +/* NOTE: _der_decode_pkcs8_flexi & related stuff can be shared with rsa_import_pkcs8() */ + +int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, + const void *pwd, unsigned long pwdlen, + ecc_key *key) +{ + void *a, *b, *gx, *gy; + unsigned long len, cofactor; + oid_st ecoid; + int err; + ltc_asn1_list *p = NULL, *l = NULL; LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); @@ -43,119 +468,136 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, /* get EC alg oid */ err = pk_get_oid(PKA_EC, &ecoid); - if (err != CRYPT_OK) { goto LBL_NOFREE; } - - /* alloc buffers */ - buf1len = inlen; /* approx. guess */ - buf1 = XMALLOC(buf1len); - if (buf1 == NULL) { err = CRYPT_MEM; goto LBL_NOFREE; } - buf2len = inlen; /* approx. guess */ - buf2 = XMALLOC(buf2len); - if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE; } + if (err != CRYPT_OK) return err; /* init key */ - err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, &zero, &one, &iter, NULL); - if (err != CRYPT_OK) { goto LBL_NOCLEAR; } + err = mp_init_multi(&a, &b, &gx, &gy, NULL); + if (err != CRYPT_OK) return err; - /* try to decode encrypted priv key */ - LTC_SET_ASN1(key_seq_e, 0, LTC_ASN1_OCTET_STRING, buf1, buf1len); - LTC_SET_ASN1(key_seq_e, 1, LTC_ASN1_INTEGER, iter, 1UL); - LTC_SET_ASN1(alg_seq_e, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL); - LTC_SET_ASN1(alg_seq_e, 1, LTC_ASN1_SEQUENCE, key_seq_e, 2UL); - LTC_SET_ASN1(top_seq_e, 0, LTC_ASN1_SEQUENCE, alg_seq_e, 2UL); - LTC_SET_ASN1(top_seq_e, 1, LTC_ASN1_OCTET_STRING, buf2, buf2len); - err=der_decode_sequence(in, inlen, top_seq_e, 2UL); - if (err == CRYPT_OK) { - LTC_UNUSED_PARAM(pwd); - LTC_UNUSED_PARAM(pwdlen); - /* unsigned long icount = mp_get_int(iter); */ - /* XXX: TODO decrypt buf1 with a key derived form password + salt + iter */ - /* fprintf(stderr, "XXX-DEBUG: gonna decrypt: iter=%ld salt.len=%ld encdata.len=%ld\n", icount, key_seq_e[0].size, top_seq_e[1].size); */ - err = CRYPT_PK_INVALID_TYPE; - goto LBL_ERR; - } - else { - decrypted = (unsigned char*)in; - decryptedlen = inlen; - } + if ((err = _der_decode_pkcs8_flexi(in, inlen, pwd, pwdlen, &l)) == CRYPT_OK) { + if (l->type == LTC_ASN1_SEQUENCE && + l->child && l->child->type == LTC_ASN1_INTEGER && + l->child->next && l->child->next->type == LTC_ASN1_SEQUENCE && + l->child->next->child && l->child->next->child->type == LTC_ASN1_OBJECT_IDENTIFIER && + l->child->next->next && l->child->next->next->type == LTC_ASN1_OCTET_STRING) { + ltc_asn1_list *lseq = l->child->next; + ltc_asn1_list *lpri = l->child->next->next; + ltc_asn1_list *lecoid = l->child->next->child; - /* try to decode unencrypted priv key - curve defined by OID */ - LTC_SET_ASN1(alg_seq, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL); - LTC_SET_ASN1(alg_seq, 1, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); - LTC_SET_ASN1(top_seq, 0, LTC_ASN1_INTEGER, zero, 1UL); - LTC_SET_ASN1(top_seq, 1, LTC_ASN1_SEQUENCE, alg_seq, 2UL); - LTC_SET_ASN1(top_seq, 2, LTC_ASN1_OCTET_STRING, buf1, buf1len); - err=der_decode_sequence(decrypted, decryptedlen, top_seq, 3UL); - if (err == CRYPT_OK) { - /* load curve parameters for given curve OID */ - err = ecc_dp_set_by_oid(dp, curveoid, alg_seq[1].size); - if (err != CRYPT_OK) { goto LBL_ERR; } - } - else { - /* try to decode unencrypted priv key - curve defined by params */ - /* ECParameters SEQUENCE */ - LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); - LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); - LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); - LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); - LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); - LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); - seq_ecparams[5].optional = 1; - /* FieldID SEQUENCE */ - LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); - LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); - /* Curve SEQUENCE */ - LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); - /* */ - LTC_SET_ASN1(alg_seq, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL); - LTC_SET_ASN1(alg_seq, 1, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); - LTC_SET_ASN1(top_seq, 0, LTC_ASN1_INTEGER, zero, 1UL); - LTC_SET_ASN1(top_seq, 1, LTC_ASN1_SEQUENCE, alg_seq, 2UL); - LTC_SET_ASN1(top_seq, 2, LTC_ASN1_OCTET_STRING, buf1, buf1len); - seq_curve[2].optional = 1; - err=der_decode_sequence(decrypted, decryptedlen, top_seq, 3UL); - if (err != CRYPT_OK) { goto LBL_ERR; } - len_a = seq_curve[0].size; - len_b = seq_curve[1].size; - len_g = seq_ecparams[3].size; - /* create bignums */ - if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto LBL_ERR; } - /* load curve parameters */ - if ((err = ecc_dp_set_bn(dp, a, b, prime, order, gx, gy, cofactor)) != CRYPT_OK) { goto LBL_ERR; } - } + if ((lecoid->size != ecoid.OIDlen) || + XMEMCMP(ecoid.OID, lecoid->data, ecoid.OIDlen * sizeof(ecoid.OID[0]))) { + err = CRYPT_PK_INVALID_TYPE; + goto LBL_DONE; + } - /* check alg oid */ - if ((alg_seq[0].size != ecoid.OIDlen) || - XMEMCMP(ecoid.OID, alg_seq[0].data, ecoid.OIDlen * sizeof(ecoid.OID[0]))) { - err = CRYPT_PK_INVALID_TYPE; - goto LBL_ERR; + if (lseq->child->next && lseq->child->next->type == LTC_ASN1_OBJECT_IDENTIFIER) { + /* CASE 1: curve by OID (AKA short variant): + * 0:d=0 hl=2 l= 100 cons: SEQUENCE + * 2:d=1 hl=2 l= 1 prim: INTEGER :00 + * 5:d=1 hl=2 l= 16 cons: SEQUENCE (== *lseq) + * 7:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey + * 16:d=2 hl=2 l= 5 prim: OBJECT :secp256k1 (== 1.3.132.0.10) + * 23:d=1 hl=2 l= 77 prim: OCTET STRING :bytes (== privatekey) + */ + ltc_asn1_list *loid = lseq->child->next; + if ((err = ecc_set_dp_oid(loid->data, loid->size, key)) != CRYPT_OK) { + goto LBL_DONE; + } + } + else if (lseq->child->next && lseq->child->next->type == LTC_ASN1_SEQUENCE) { + /* CASE 2: explicit curve parameters (AKA long variant): + * 0:d=0 hl=3 l= 227 cons: SEQUENCE + * 3:d=1 hl=2 l= 1 prim: INTEGER :00 + * 6:d=1 hl=3 l= 142 cons: SEQUENCE (== *lseq) + * 9:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey + * 18:d=2 hl=3 l= 130 cons: SEQUENCE (== *lcurve) + * 21:d=3 hl=2 l= 1 prim: INTEGER :01 + * 24:d=3 hl=2 l= 44 cons: SEQUENCE (== *lfield) + * 26:d=4 hl=2 l= 7 prim: OBJECT :prime-field + * 35:d=4 hl=2 l= 33 prim: INTEGER :(== curve.prime) + * 70:d=3 hl=2 l= 6 cons: SEQUENCE (== *lpoint) + * 72:d=4 hl=2 l= 1 prim: OCTET STRING :bytes (== curve.A) + * 75:d=4 hl=2 l= 1 prim: OCTET STRING :bytes (== curve.B) + * 78:d=3 hl=2 l= 33 prim: OCTET STRING :bytes (== curve.G-point) + * 113:d=3 hl=2 l= 33 prim: INTEGER :(== curve.order) + * 148:d=3 hl=2 l= 1 prim: INTEGER :(== curve.cofactor) + * 151:d=1 hl=2 l= 77 prim: OCTET STRING :bytes (== privatekey) + */ + ltc_asn1_list *lcurve = lseq->child->next; + + if (lcurve->child && lcurve->child->type == LTC_ASN1_INTEGER && + lcurve->child->next && lcurve->child->next->type == LTC_ASN1_SEQUENCE && + lcurve->child->next->next && lcurve->child->next->next->type == LTC_ASN1_SEQUENCE && + lcurve->child->next->next->next && lcurve->child->next->next->next->type == LTC_ASN1_OCTET_STRING && + lcurve->child->next->next->next->next && lcurve->child->next->next->next->next->type == LTC_ASN1_INTEGER && + lcurve->child->next->next->next->next->next && lcurve->child->next->next->next->next->next->type == LTC_ASN1_INTEGER) { + + ltc_asn1_list *lfield = lcurve->child->next; + ltc_asn1_list *lpoint = lcurve->child->next->next; + ltc_asn1_list *lg = lcurve->child->next->next->next; + ltc_asn1_list *lorder = lcurve->child->next->next->next->next; + cofactor = mp_get_int(lcurve->child->next->next->next->next->next->data); + + if (lfield->child && lfield->child->type == LTC_ASN1_OBJECT_IDENTIFIER && + lfield->child->next && lfield->child->next->type == LTC_ASN1_INTEGER && + lpoint->child && lpoint->child->type == LTC_ASN1_OCTET_STRING && + lpoint->child->next && lpoint->child->next->type == LTC_ASN1_OCTET_STRING) { + + ltc_asn1_list *lprime = lfield->child->next; + if ((err = mp_read_unsigned_bin(a, lpoint->child->data, lpoint->child->size)) != CRYPT_OK) { + goto LBL_DONE; + } + if ((err = mp_read_unsigned_bin(b, lpoint->child->next->data, lpoint->child->next->size)) != CRYPT_OK) { + goto LBL_DONE; + } + if ((err = ltc_ecc_import_point(lg->data, lg->size, lprime->data, a, b, gx, gy)) != CRYPT_OK) { + goto LBL_DONE; + } + if ((err = ecc_set_dp_bn(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { + goto LBL_DONE; + } + } + } + } + else { + err = CRYPT_INVALID_PACKET; + goto LBL_DONE; + } + + /* load private key value 'k' */ + len = lpri->size; + if ((err = der_decode_sequence_flexi(lpri->data, &len, &p)) == CRYPT_OK) { + err = CRYPT_INVALID_PACKET; + if (p->type == LTC_ASN1_SEQUENCE && + p->child && p->child->type == LTC_ASN1_INTEGER && + p->child->next && p->child->next->type == LTC_ASN1_OCTET_STRING) { + ltc_asn1_list *lk = p->child->next; + if (mp_cmp_d(p->child->data, 1) != LTC_MP_EQ) { + err = CRYPT_INVALID_PACKET; + goto LBL_ECCFREE; + } + if ((err = ecc_set_key(lk->data, lk->size, PK_PRIVATE, key)) != CRYPT_OK) { + goto LBL_ECCFREE; + } + goto LBL_DONE; /* success */ + } + } + } } + err = CRYPT_INVALID_PACKET; + goto LBL_DONE; - /* ECPrivateKey SEQUENCE */ - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1UL); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_priv, 2, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); - seq_priv[2].tag = 0xA1; /* context specific 1 */ - /* try to load private key */ - err = der_decode_sequence(buf1, top_seq[2].size, seq_priv, 3); - if (err != CRYPT_OK) { goto LBL_ERR; } - /* load private+public key */ - if ((err = ecc_import_raw(bin_k, seq_priv[1].size, key, dp)) != CRYPT_OK) { goto LBL_ERR; } - /* success */ - return err; - -LBL_ERR: - mp_clear_multi(prime, order, a, b, gx, gy, NULL); -LBL_NOCLEAR: - XFREE(buf2); -LBL_FREE: - XFREE(buf1); -LBL_NOFREE: +LBL_ECCFREE: + ecc_free(key); +LBL_DONE: + mp_clear_multi(a, b, gx, gy, NULL); + if (l) der_free_sequence_flexi(l); + if (p) der_free_sequence_flexi(p); return err; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_import_raw.c b/src/ltc/pk/ecc/ecc_import_raw.c deleted file mode 100644 index 1ea4bb1..0000000 --- a/src/ltc/pk/ecc/ecc_import_raw.c +++ /dev/null @@ -1,100 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -/** Import raw public or private key (public keys = ANSI X9.63 compressed or uncompressed; private keys = raw bytes) - @param in The input data to read - @param inlen The length of the input data - @param key [out] destination to store imported key - @param dp Curve parameters - Return CRYPT_OK on success -*/ - -int ecc_import_raw(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp) -{ - int err, type = -1; - unsigned long size = 0; - void *prime, *a, *b; - ecc_point *base; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(dp != NULL); - - /* init key + temporary numbers */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, &a, &b, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - if (inlen <= (unsigned long)dp->size) { - /* read PRIVATE key */ - type = PK_PRIVATE; - size = inlen; - /* load private k */ - if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)in, size)) != CRYPT_OK) { - goto cleanup; - } - if (mp_iszero(key->k)) { - err = CRYPT_INVALID_PACKET; - goto cleanup; - } - /* init base point */ - if ((base = ltc_ecc_new_point()) == NULL) { - err = CRYPT_MEM; - goto cleanup; - } - /* load prime + base point */ - if ((err = mp_read_radix(prime, dp->prime, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(base->x, dp->Gx, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(base->y, dp->Gy, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_set(base->z, 1)) != CRYPT_OK) { goto cleanup; } - /* make the public key */ - if ((err = mp_read_radix(a, dp->A, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = ltc_mp.ecc_ptmul(key->k, base, &key->pubkey, a, prime, 1)) != CRYPT_OK) { goto cleanup; } - /* cleanup */ - ltc_ecc_del_point(base); - } - else { - /* read PUBLIC key */ - type = PK_PUBLIC; - /* load prime + A + B */ - if ((err = mp_read_radix(prime, dp->prime, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(b, dp->B, 16)) != CRYPT_OK) { goto cleanup; } - if ((err = mp_read_radix(a, dp->A, 16)) != CRYPT_OK) { goto cleanup; } - err = ltc_ecc_import_point(in, inlen, prime, a, b, key->pubkey.x, key->pubkey.y); - if (err != CRYPT_OK) { goto cleanup; } - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto cleanup; } - } - - if ((err = ltc_ecc_is_point(dp, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { - err = CRYPT_INVALID_PACKET; - goto cleanup; - } - - key->type = type; - key->idx = -1; - key->dp = dp; - - /* we're done */ - mp_clear_multi(prime, a, b, NULL); - return CRYPT_OK; -cleanup: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, prime, a, b, NULL); - return err; -} - -#endif diff --git a/src/ltc/pk/ecc/ecc_import_x509.c b/src/ltc/pk/ecc/ecc_import_x509.c new file mode 100644 index 0000000..e57b156 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_import_x509.c @@ -0,0 +1,59 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +#ifdef LTC_MECC + +/** + Import an ECC key from a X.509 certificate + @param in The packet to import from + @param inlen It's length (octets) + @param key [out] Destination for newly imported key + @return CRYPT_OK if successful, upon error allocated memory is freed +*/ +int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key) +{ + int err; + unsigned long len; + ltc_asn1_list *decoded_list = NULL, *l; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(key != NULL); + + len = inlen; + if ((err = der_decode_sequence_flexi(in, &len, &decoded_list)) == CRYPT_OK) { + l = decoded_list; + if (l->type == LTC_ASN1_SEQUENCE && + l->child && l->child->type == LTC_ASN1_SEQUENCE) { + err = CRYPT_ERROR; + l = l->child->child; + while (l) { + if (l->type == LTC_ASN1_SEQUENCE && l->data && + l->child && l->child->type == LTC_ASN1_SEQUENCE && + l->child->child && l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && + l->child->next && l->child->next->type == LTC_ASN1_BIT_STRING) { + err = ecc_import_openssl(l->data, l->size, key); + goto LBL_DONE; + } + l = l->next; + } + } + } + +LBL_DONE: + if (decoded_list) der_free_sequence_flexi(decoded_list); + return err; +} + +#endif /* LTC_MECC */ + + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_make_key.c b/src/ltc/pk/ecc/ecc_make_key.c index 1568b10..4617bef 100644 --- a/src/ltc/pk/ecc/ecc_make_key.c +++ b/src/ltc/pk/ecc/ecc_make_key.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -31,76 +26,34 @@ */ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key) { - /* BEWARE: Here we are looking up the curve params by keysize (neither curve name nor curve oid), - * which might be ambiguous (there can more than one curve for given keysize). - * Thus the chosen curve depends on order of items in ltc_ecc_sets[] - see ecc.c file. - */ - int x, err; + int err; - /* find key size */ - for (x = 0; (keysize > ltc_ecc_sets[x].size) && (ltc_ecc_sets[x].size != 0); x++); - keysize = ltc_ecc_sets[x].size; - - if (keysize > ECC_MAXSIZE || ltc_ecc_sets[x].size == 0) { - return CRYPT_INVALID_KEYSIZE; - } - err = ecc_make_key_ex(prng, wprng, key, <c_ecc_sets[x]); - key->idx = x; - return err; + if ((err = ecc_set_dp_size(keysize, key)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + return CRYPT_OK; } int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp) { - int err; - ecc_point *base; - void *prime, *order, *a; - unsigned char *buf; - int keysize, orderbits; + int err; + if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + return CRYPT_OK; +} + +int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key) +{ + int err; - LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); - LTC_ARGCHK(dp != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(key->dp.size > 0); /* good prng? */ if ((err = prng_is_valid(wprng)) != CRYPT_OK) { return err; } - key->idx = -1; - key->dp = dp; - keysize = dp->size; - - /* allocate ram */ - base = NULL; - buf = XMALLOC(ECC_MAXSIZE); - if (buf == NULL) { - return CRYPT_MEM; - } - - /* make up random string */ - if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) { - err = CRYPT_ERROR_READPRNG; - goto ERR_BUF; - } - - /* setup the key variables */ - if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, &order, &a, NULL)) != CRYPT_OK) { - goto ERR_BUF; - } - base = ltc_ecc_new_point(); - if (base == NULL) { - err = CRYPT_MEM; - goto errkey; - } - - /* read in the specs for this key */ - if ((err = mp_read_radix(prime, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(order, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_set(base->z, 1)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)buf, keysize)) != CRYPT_OK) { goto errkey; } - /* ECC key pair generation according to FIPS-186-4 (B.4.2 Key Pair Generation by Testing Candidates): * the generated private key k should be the range [1, order-1] * a/ N = bitlen(order) @@ -108,34 +61,28 @@ int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set * c/ if k not in [1, order-1] go to b/ * e/ Q = k*G */ - orderbits = mp_count_bits(order); - do { - if ((err = rand_bn_bits(key->k, orderbits, prng, wprng)) != CRYPT_OK) { goto errkey; } - } while (mp_iszero(key->k) || mp_cmp(key->k, order) != LTC_MP_LT); + if ((err = rand_bn_upto(key->k, key->dp.order, prng, wprng)) != CRYPT_OK) { + goto error; + } /* make the public key */ - if ((err = mp_read_radix(a, (char *)key->dp->A, 16)) != CRYPT_OK) { goto errkey; } - if ((err = ltc_mp.ecc_ptmul(key->k, base, &key->pubkey, a, prime, 1)) != CRYPT_OK) { goto errkey; } + if ((err = ltc_mp.ecc_ptmul(key->k, &key->dp.base, &key->pubkey, key->dp.A, key->dp.prime, 1)) != CRYPT_OK) { + goto error; + } key->type = PK_PRIVATE; - /* free up ram */ + /* success */ err = CRYPT_OK; goto cleanup; -errkey: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); + +error: + ecc_free(key); cleanup: - ltc_ecc_del_point(base); - mp_clear_multi(prime, order, a, NULL); -ERR_BUF: -#ifdef LTC_CLEAN_STACK - zeromem(buf, ECC_MAXSIZE); -#endif - XFREE(buf); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_set_dp.c b/src/ltc/pk/ecc/ecc_set_dp.c new file mode 100644 index 0000000..17a0d2a --- /dev/null +++ b/src/ltc/pk/ecc/ecc_set_dp.c @@ -0,0 +1,97 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key) +{ + unsigned long i; + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(set != NULL); + + if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, + &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, + &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, + NULL)) != CRYPT_OK) { + return err; + } + + /* A, B, order, prime, Gx, Gy */ + if ((err = mp_read_radix(key->dp.prime, set->prime, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.order, set->order, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.A, set->A, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.B, set->B, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.base.x, set->Gx, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.base.y, set->Gy, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } + /* cofactor & size */ + key->dp.cofactor = set->cofactor; + key->dp.size = mp_unsigned_bin_size(key->dp.prime); + /* OID */ + key->dp.oidlen = set->oidlen; + for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = set->oid[i]; + /* success */ + return CRYPT_OK; + +error: + ecc_free(key); + return err; +} + +int ecc_set_dp_size(int size, ecc_key *key) +{ + const ltc_ecc_set_type *dp = NULL; + int err; + + /* for compatibility with libtomcrypt-1.17 the sizes below must match the specific curves */ + if (size <= 14) { + if ((err = ecc_get_set_by_name("SECP112R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 16) { + if ((err = ecc_get_set_by_name("SECP128R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 20) { + if ((err = ecc_get_set_by_name("SECP160R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 24) { + if ((err = ecc_get_set_by_name("SECP192R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 28) { + if ((err = ecc_get_set_by_name("SECP224R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 32) { + if ((err = ecc_get_set_by_name("SECP256R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 48) { + if ((err = ecc_get_set_by_name("SECP384R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + else if (size <= 66) { + if ((err = ecc_get_set_by_name("SECP521R1", &dp)) != CRYPT_OK) return err; + return ecc_set_dp(dp, key); + } + + return CRYPT_INVALID_ARG; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_set_dp_internal.c b/src/ltc/pk/ecc/ecc_set_dp_internal.c new file mode 100644 index 0000000..bd7c040 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_set_dp_internal.c @@ -0,0 +1,150 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +static void _ecc_oid_lookup(ecc_key *key) +{ + int err; + unsigned i; + void *tmp; + const ltc_ecc_set_type *set; + + key->dp.oidlen = 0; + if ((err = mp_init(&tmp)) != CRYPT_OK) return; + for (set = ltc_ecc_sets; set->name != NULL; set++) { + if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; + if (key->dp.cofactor != set->cofactor) continue; + break; /* found */ + } + mp_clear(tmp); + if (set->name != NULL) { + /* OID found */ + key->dp.oidlen = set->oidlen; + for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; + } +} + +int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key) +{ + int i; + + LTC_ARGCHK(oid != NULL); + LTC_ARGCHK(oidsize > 0); + + for(i = 0; ltc_ecc_sets[i].name != NULL; i++) { + if ((oidsize == ltc_ecc_sets[i].oidlen) && + (XMEM_NEQ(oid, ltc_ecc_sets[i].oid, sizeof(unsigned long) * ltc_ecc_sets[i].oidlen) == 0)) { + break; + } + } + if (ltc_ecc_sets[i].name == NULL) return CRYPT_ERROR; /* not found */ + return ecc_set_dp(<c_ecc_sets[i], key); +} + +int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key) +{ + unsigned long i; + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(srckey != NULL); + + if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, + &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, + &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, + NULL)) != CRYPT_OK) { + return err; + } + + /* A, B, order, prime, Gx, Gy */ + if ((err = mp_copy(srckey->dp.prime, key->dp.prime )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.order, key->dp.order )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.A, key->dp.A )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.B, key->dp.B )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.base.x, key->dp.base.x)) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.base.y, key->dp.base.y)) != CRYPT_OK) { goto error; } + if ((err = mp_copy(srckey->dp.base.z, key->dp.base.z)) != CRYPT_OK) { goto error; } + /* cofactor & size */ + key->dp.cofactor = srckey->dp.cofactor; + key->dp.size = srckey->dp.size; + /* OID */ + if (srckey->dp.oidlen > 0) { + key->dp.oidlen = srckey->dp.oidlen; + for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i]; + } + else { + _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_sets */ + } + /* success */ + return CRYPT_OK; + +error: + ecc_free(key); + return err; +} + +int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(a != NULL); + LTC_ARGCHK(b != NULL); + LTC_ARGCHK(prime != NULL); + LTC_ARGCHK(order != NULL); + LTC_ARGCHK(gx != NULL); + LTC_ARGCHK(gy != NULL); + + if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, + &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, + &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, + NULL)) != CRYPT_OK) { + return err; + } + + /* A, B, order, prime, Gx, Gy */ + if ((err = mp_copy(prime, key->dp.prime )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(order, key->dp.order )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(a, key->dp.A )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(b, key->dp.B )) != CRYPT_OK) { goto error; } + if ((err = mp_copy(gx, key->dp.base.x)) != CRYPT_OK) { goto error; } + if ((err = mp_copy(gy, key->dp.base.y)) != CRYPT_OK) { goto error; } + if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } + /* cofactor & size */ + key->dp.cofactor = cofactor; + key->dp.size = mp_unsigned_bin_size(prime); + /* try to find OID in ltc_ecc_sets */ + _ecc_oid_lookup(key); + /* success */ + return CRYPT_OK; + +error: + ecc_free(key); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_set_key.c b/src/ltc/pk/ecc/ecc_set_key.c new file mode 100644 index 0000000..9fabcf2 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_set_key.c @@ -0,0 +1,67 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key) +{ + int err; + void *prime, *a, *b; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(inlen > 0); + + prime = key->dp.prime; + a = key->dp.A; + b = key->dp.B; + + if (type == PK_PRIVATE && inlen <= (unsigned long)key->dp.size) { + /* load private key */ + if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)in, inlen)) != CRYPT_OK) { + goto error; + } + if (mp_iszero(key->k)) { + err = CRYPT_INVALID_PACKET; + goto error; + } + /* compute public key */ + if ((err = ltc_mp.ecc_ptmul(key->k, &key->dp.base, &key->pubkey, a, prime, 1)) != CRYPT_OK) { goto error; } + key->type = type; + } + else if (type == PK_PUBLIC) { + /* load public key */ + if ((err = ltc_ecc_import_point(in, inlen, prime, a, b, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { goto error; } + if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; } + key->type = type; + } + else { + err = CRYPT_INVALID_PACKET; + goto error; + } + + /* point on the curve + other checks */ + if ((err = ltc_ecc_verify_key(key)) != CRYPT_OK) { + goto error; + } + + return CRYPT_OK; + +error: + ecc_free(key); + return err; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_shared_secret.c b/src/ltc/pk/ecc/ecc_shared_secret.c index df22f5c..92917cc 100644 --- a/src/ltc/pk/ecc/ecc_shared_secret.c +++ b/src/ltc/pk/ecc/ecc_shared_secret.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -47,29 +42,16 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, return CRYPT_PK_NOT_PRIVATE; } - if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - -/* XXX FIXME names can be different in some situations - if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) { - return CRYPT_PK_TYPE_MISMATCH; - } -*/ /* make new point */ result = ltc_ecc_new_point(); if (result == NULL) { return CRYPT_MEM; } - if ((err = mp_init_multi(&prime, &a, NULL)) != CRYPT_OK) { - ltc_ecc_del_point(result); - return err; - } + prime = private_key->dp.prime; + a = private_key->dp.A; - if ((err = mp_read_radix(prime, (char *)private_key->dp->prime, 16)) != CRYPT_OK) { goto done; } - if ((err = mp_read_radix(a, (char *)private_key->dp->A, 16)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, a, prime, 1)) != CRYPT_OK) { goto done; } + if ((err = ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, a, prime, 1)) != CRYPT_OK) { goto done; } x = (unsigned long)mp_unsigned_bin_size(prime); if (*outlen < x) { @@ -78,18 +60,17 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, goto done; } zeromem(out, x); - if ((err = mp_to_unsigned_bin(result->x, out + (x - mp_unsigned_bin_size(result->x)))) != CRYPT_OK) { goto done; } + if ((err = mp_to_unsigned_bin(result->x, out + (x - mp_unsigned_bin_size(result->x)))) != CRYPT_OK) { goto done; } err = CRYPT_OK; *outlen = x; done: - mp_clear_multi(prime, a, NULL); ltc_ecc_del_point(result); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_sign_hash.c b/src/ltc/pk/ecc/ecc_sign_hash.c index 7f1859c..87e9506 100644 --- a/src/ltc/pk/ecc/ecc_sign_hash.c +++ b/src/ltc/pk/ecc/ecc_sign_hash.c @@ -5,12 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -22,13 +16,13 @@ ECC Crypto, Tom St Denis */ -static int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key, int sigformat) +static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + prng_state *prng, int wprng, ecc_key *key, int sigformat) { ecc_key pubkey; void *r, *s, *e, *p; - int err; + int err, max_iterations = LTC_PK_MAX_RETRIES; unsigned long pbits, pbytes, i, shift_right; unsigned char ch, buf[MAXBLOCKSIZE]; @@ -42,22 +36,17 @@ static int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, return CRYPT_PK_NOT_PRIVATE; } - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { return err; } /* init the bignums */ - if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) { + if ((err = mp_init_multi(&r, &s, &e, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; } /* get the hash and load it as a bignum into 'e' */ + p = key->dp.order; pbits = mp_count_bits(p); pbytes = (pbits+7) >> 3; if (pbits > inlen*8) { @@ -77,16 +66,16 @@ static int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, } /* make up a key and export the public copy */ - for (;;) { - if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) { goto errnokey; } + do { + if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto errnokey; } + if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { goto errnokey; } /* find r = x1 mod n */ - if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; } if (mp_iszero(r) == LTC_MP_YES) { ecc_free(&pubkey); - } - else { + } else { /* find s = (e + xr)/k */ if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */ if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */ @@ -98,6 +87,10 @@ static int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, break; } } + } while (--max_iterations > 0); + + if (max_iterations == 0) { + goto errnokey; } if (sigformat == 1) { @@ -122,7 +115,7 @@ static int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, error: ecc_free(&pubkey); errnokey: - mp_clear_multi(r, s, p, e, NULL); + mp_clear_multi(r, s, e, NULL); return err; } @@ -141,7 +134,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, ecc_key *key) { - return ecc_sign_hash_ex(in, inlen, out, outlen, prng, wprng, key, 0); + return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 0); } /** @@ -159,7 +152,11 @@ int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, ecc_key *key) { - return ecc_sign_hash_ex(in, inlen, out, outlen, prng, wprng, key, 1); + return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 1); } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_sizes.c b/src/ltc/pk/ecc/ecc_sizes.c index 3dbe37a..dcd310c 100644 --- a/src/ltc/pk/ecc/ecc_sizes.c +++ b/src/ltc/pk/ecc/ecc_sizes.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -23,24 +18,29 @@ void ecc_sizes(int *low, int *high) { - int i; - LTC_ARGCHKVD(low != NULL); - LTC_ARGCHKVD(high != NULL); + int i, size; + void *prime; - *low = INT_MAX; - *high = 0; - for (i = 0; ltc_ecc_sets[i].size != 0; i++) { - if (ltc_ecc_sets[i].size < *low) { - *low = ltc_ecc_sets[i].size; - } - if (ltc_ecc_sets[i].size > *high) { - *high = ltc_ecc_sets[i].size; - } - } + LTC_ARGCHKVD(low != NULL); + LTC_ARGCHKVD(high != NULL); + + *low = INT_MAX; + *high = 0; + + if (mp_init(&prime) == CRYPT_OK) { + for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { + if (mp_read_radix(prime, ltc_ecc_sets[i].prime, 16) == CRYPT_OK) { + size = mp_unsigned_bin_size(prime); + if (size < *low) *low = size; + if (size > *high) *high = size; + } + } + mp_clear(prime); + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_verify_hash.c b/src/ltc/pk/ecc/ecc_verify_hash.c index c4d14c3..34a4904 100644 --- a/src/ltc/pk/ecc/ecc_verify_hash.c +++ b/src/ltc/pk/ecc/ecc_verify_hash.c @@ -5,12 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -22,13 +16,13 @@ ECC Crypto, Tom St Denis */ -static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key, int sigformat) +static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, ecc_key *key, int sigformat) { - ecc_point *mG, *mQ; - void *r, *s, *v, *w, *u1, *u2, *e, *p, *m, *a, *mu, *ma; - void *mp; + ecc_point *mG = NULL, *mQ = NULL; + void *r, *s, *v, *w, *u1, *u2, *e, *p, *m, *a, *a_plus3 = NULL, *mu = NULL, *ma = NULL; + void *mp = NULL; int err; unsigned long pbits, pbytes, i, shift_right; unsigned char ch, buf[MAXBLOCKSIZE]; @@ -40,18 +34,19 @@ static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, /* default to invalid signature */ *stat = 0; - mp = NULL; - - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } /* allocate ints */ - if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, &a, &mu, &ma, NULL)) != CRYPT_OK) { + if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &e, &a_plus3, NULL)) != CRYPT_OK) { return CRYPT_MEM; } + p = key->dp.order; + m = key->dp.prime; + a = key->dp.A; + if ((err = mp_add_d(a, 3, a_plus3)) != CRYPT_OK) { + goto error; + } + /* allocate points */ mG = ltc_ecc_new_point(); mQ = ltc_ecc_new_point(); @@ -72,23 +67,15 @@ static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } else { /* ASN.1 format */ - if ((err = der_decode_sequence_multi(sig, siglen, + if ((err = der_decode_sequence_multi_ex(sig, siglen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_STRICT, LTC_ASN1_INTEGER, 1UL, r, LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto error; } } - /* get the order */ - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto error; } - - /* get the modulus */ - if ((err = mp_read_radix(m, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto error; } - - /* get the a */ - if ((err = mp_read_radix(a, (char *)key->dp->A, 16)) != CRYPT_OK) { goto error; } - /* check for zero */ - if (mp_iszero(r) || mp_iszero(s) || mp_cmp(r, p) != LTC_MP_LT || mp_cmp(s, p) != LTC_MP_LT) { + if (mp_cmp_d(r, 0) != LTC_MP_GT || mp_cmp_d(s, 0) != LTC_MP_GT || + mp_cmp(r, p) != LTC_MP_LT || mp_cmp(s, p) != LTC_MP_LT) { err = CRYPT_INVALID_PACKET; goto error; } @@ -122,24 +109,28 @@ static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK) { goto error; } /* find mG and mQ */ - if ((err = mp_read_radix(mG->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(mG->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_set(mG->z, 1)) != CRYPT_OK) { goto error; } - + if ((err = mp_copy(key->dp.base.x, mG->x)) != CRYPT_OK) { goto error; } + if ((err = mp_copy(key->dp.base.y, mG->y)) != CRYPT_OK) { goto error; } + if ((err = mp_copy(key->dp.base.z, mG->z)) != CRYPT_OK) { goto error; } if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK) { goto error; } if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK) { goto error; } if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK) { goto error; } + /* find the montgomery mp */ + if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } + + /* for curves with a == -3 keep ma == NULL */ + if (mp_cmp(a_plus3, m) != LTC_MP_EQ) { + if ((err = mp_init_multi(&mu, &ma, NULL)) != CRYPT_OK) { goto error; } + if ((err = mp_montgomery_normalization(mu, m)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(a, mu, m, ma)) != CRYPT_OK) { goto error; } + } + /* compute u1*mG + u2*mQ = mG */ if (ltc_mp.ecc_mul2add == NULL) { if ((err = ltc_mp.ecc_ptmul(u1, mG, mG, a, m, 0)) != CRYPT_OK) { goto error; } if ((err = ltc_mp.ecc_ptmul(u2, mQ, mQ, a, m, 0)) != CRYPT_OK) { goto error; } - /* find the montgomery mp */ - if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } - if ((err = mp_montgomery_normalization(mu, m)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(a, mu, m, ma)) != CRYPT_OK) { goto error; } - /* add them */ if ((err = ltc_mp.ecc_ptadd(mQ, mG, mG, ma, m, mp)) != CRYPT_OK) { goto error; } @@ -147,7 +138,7 @@ static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, if ((err = ltc_mp.ecc_map(mG, m, mp)) != CRYPT_OK) { goto error; } } else { /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */ - if ((err = ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, a, m)) != CRYPT_OK) { goto error; } + if ((err = ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, ma, m)) != CRYPT_OK) { goto error; } } /* v = X_x1 mod n */ @@ -161,9 +152,11 @@ static int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, /* clear up and return */ err = CRYPT_OK; error: - ltc_ecc_del_point(mG); - ltc_ecc_del_point(mQ); - mp_clear_multi(r, s, v, w, u1, u2, p, e, m, a, mu, ma, NULL); + if (mG != NULL) ltc_ecc_del_point(mG); + if (mQ != NULL) ltc_ecc_del_point(mQ); + if (mu != NULL) mp_clear(mu); + if (ma != NULL) mp_clear(ma); + mp_clear_multi(r, s, v, w, u1, u2, e, a_plus3, NULL); if (mp != NULL) { mp_montgomery_free(mp); } @@ -184,7 +177,7 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, int *stat, ecc_key *key) { - return ecc_verify_hash_ex(sig, siglen, hash, hashlen, stat, key, 0); + return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 0); } /** @@ -201,7 +194,11 @@ int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, int *stat, ecc_key *key) { - return ecc_verify_hash_ex(sig, siglen, hash, hashlen, stat, key, 1); + return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 1); } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_export_point.c b/src/ltc/pk/ecc/ltc_ecc_export_point.c index 086e4c2..84750c8 100644 --- a/src/ltc/pk/ecc/ltc_ecc_export_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_export_point.c @@ -5,11 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -62,3 +57,7 @@ int ltc_ecc_export_point(unsigned char *out, unsigned long *outlen, void *x, voi } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_import_point.c b/src/ltc/pk/ecc/ltc_ecc_import_point.c index d4d028d..6c8107c 100644 --- a/src/ltc/pk/ecc/ltc_ecc_import_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_import_point.c @@ -5,11 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -70,3 +65,7 @@ cleanup: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_is_point.c b/src/ltc/pk/ecc/ltc_ecc_is_point.c index 9ea963c..46e1a6d 100644 --- a/src/ltc/pk/ecc/ltc_ecc_is_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_is_point.c @@ -5,10 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b */ #include "tomcrypt.h" @@ -22,42 +18,39 @@ @return CRYPT_OK if valid */ -int ltc_ecc_is_point(const ltc_ecc_set_type *dp, void *x, void *y) +int ltc_ecc_is_point(const ltc_ecc_dp *dp, void *x, void *y) { void *prime, *a, *b, *t1, *t2; int err; - if ((err = mp_init_multi(&prime, &a, &b, &t1, &t2, NULL)) != CRYPT_OK) { - return err; - } + prime = dp->prime; + b = dp->B; + a = dp->A; - /* load prime, a and b */ - if ((err = mp_read_radix(prime, dp->prime, 16)) != CRYPT_OK) goto cleanup; - if ((err = mp_read_radix(b, dp->B, 16)) != CRYPT_OK) goto cleanup; - if ((err = mp_read_radix(a, dp->A, 16)) != CRYPT_OK) goto cleanup; + if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) return err; /* compute y^2 */ - if ((err = mp_sqr(y, t1)) != CRYPT_OK) goto cleanup; + if ((err = mp_sqr(y, t1)) != CRYPT_OK) goto cleanup; /* compute x^3 */ - if ((err = mp_sqr(x, t2)) != CRYPT_OK) goto cleanup; - if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) goto cleanup; - if ((err = mp_mul(x, t2, t2)) != CRYPT_OK) goto cleanup; + if ((err = mp_sqr(x, t2)) != CRYPT_OK) goto cleanup; + if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) goto cleanup; + if ((err = mp_mul(x, t2, t2)) != CRYPT_OK) goto cleanup; /* compute y^2 - x^3 */ - if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) goto cleanup; + if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) goto cleanup; /* compute y^2 - x^3 - a*x */ - if ((err = mp_submod(prime, a, prime, t2)) != CRYPT_OK) goto cleanup; - if ((err = mp_mulmod(t2, x, prime, t2)) != CRYPT_OK) goto cleanup; - if ((err = mp_addmod(t1, t2, prime, t1)) != CRYPT_OK) goto cleanup; + if ((err = mp_submod(prime, a, prime, t2)) != CRYPT_OK) goto cleanup; + if ((err = mp_mulmod(t2, x, prime, t2)) != CRYPT_OK) goto cleanup; + if ((err = mp_addmod(t1, t2, prime, t1)) != CRYPT_OK) goto cleanup; /* adjust range (0, prime) */ while (mp_cmp_d(t1, 0) == LTC_MP_LT) { - if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) goto cleanup; + if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) goto cleanup; } while (mp_cmp(t1, prime) != LTC_MP_LT) { - if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) goto cleanup; + if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) goto cleanup; } /* compare to b */ @@ -68,8 +61,12 @@ int ltc_ecc_is_point(const ltc_ecc_set_type *dp, void *x, void *y) } cleanup: - mp_clear_multi(prime, a, b, t1, t2, NULL); + mp_clear_multi(t1, t2, NULL); return err; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c b/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c index 1b94618..87f3b0c 100644 --- a/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c +++ b/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -17,7 +15,7 @@ * a point at infinity is any point (x,y,0) such that y^2 == x^3, except (0,0,0) */ -int ltc_ecc_is_point_at_infinity(ecc_point *P, void *modulus) +int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus) { int err, retval = 0; void *x3, *y2; @@ -48,3 +46,7 @@ done: } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c b/src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c deleted file mode 100644 index b53eaca..0000000 --- a/src/ltc/pk/ecc/ltc_ecc_is_valid_idx.c +++ /dev/null @@ -1,44 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_is_valid_idx.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** Returns whether an ECC idx is valid or not - @param n The idx number to check - @return 1 if valid, 0 if not -*/ -int ltc_ecc_is_valid_idx(int n) -{ - int x; - - for (x = 0; ltc_ecc_sets[x].size != 0; x++); - /* -1 is a valid index --- indicating that the domain params were supplied by the user */ - if ((n >= -1) && (n < x)) { - return 1; - } - return 0; -} - -#endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ - diff --git a/src/ltc/pk/ecc/ltc_ecc_map.c b/src/ltc/pk/ecc/ltc_ecc_map.c index 75ea562..92d059d 100644 --- a/src/ltc/pk/ecc/ltc_ecc_map.c +++ b/src/ltc/pk/ecc/ltc_ecc_map.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -45,7 +40,7 @@ int ltc_ecc_map(ecc_point *P, void *modulus, void *mp) } if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { - return CRYPT_MEM; + return err; } /* first map z back to normal */ @@ -75,7 +70,7 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_mul2add.c b/src/ltc/pk/ecc/ltc_ecc_mul2add.c index 76febdc..80ceb86 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mul2add.c +++ b/src/ltc/pk/ecc/ltc_ecc_mul2add.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -28,22 +23,23 @@ @param kA What to multiple A by @param B Second point to multiply @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B + @param C [out] Destination point (can overlap with A or B) + @param ma ECC curve parameter a in montgomery form @param modulus Modulus for curve @return CRYPT_OK on success */ -int ltc_ecc_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *a, - void *modulus) +int ltc_ecc_mul2add(const ecc_point *A, void *kA, + const ecc_point *B, void *kB, + ecc_point *C, + void *ma, + void *modulus) { ecc_point *precomp[16]; unsigned bitbufA, bitbufB, lenA, lenB, len, nA, nB, nibble; unsigned x, y; unsigned char *tA, *tB; int err, first; - void *mp, *mu, *ma; + void *mp, *mu; /* argchks */ LTC_ARGCHK(A != NULL); @@ -97,15 +93,12 @@ int ltc_ecc_mul2add(ecc_point *A, void *kA, if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto ERR_P; } - if ((err = mp_init_multi(&mu, &ma, NULL)) != CRYPT_OK) { + if ((err = mp_init(&mu)) != CRYPT_OK) { goto ERR_MP; } if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(a, mu, modulus, ma)) != CRYPT_OK) { - goto ERR_MU; - } /* copy ones ... */ if ((err = mp_mulmod(A->x, mu, modulus, precomp[1]->x)) != CRYPT_OK) { goto ERR_MU; } @@ -185,7 +178,7 @@ int ltc_ecc_mul2add(ecc_point *A, void *kA, /* clean up */ ERR_MU: - mp_clear_multi(mu, ma, NULL); + mp_clear(mu); ERR_MP: mp_montgomery_free(mp); ERR_P: @@ -206,6 +199,6 @@ ERR_T: #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_mulmod.c b/src/ltc/pk/ecc/ltc_ecc_mulmod.c index ec2bf8f..50dedc1 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mulmod.c +++ b/src/ltc/pk/ecc/ltc_ecc_mulmod.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -34,11 +29,11 @@ @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) @return CRYPT_OK on success */ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map) +int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) { ecc_point *tG, *M[8]; int i, j, err; - void *mu, *mp, *ma; + void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; ltc_mp_digit buf; int first, bitbuf, bitcpy, bitcnt, mode, digidx; @@ -56,22 +51,16 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, } /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init_multi(&mu, &ma, NULL)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_montgomery_free(mp); - mp_clear_multi(mu, ma, NULL); - return err; - } - if ((err = mp_mulmod(a, mu, modulus, ma)) != CRYPT_OK) { - mp_montgomery_free(mp); - mp_clear_multi(mu, ma, NULL); - return err; + if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto error; } + if ((err = mp_init(&mu)) != CRYPT_OK) { goto error; } + if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { goto error; } + + /* for curves with a == -3 keep ma == NULL */ + if ((err = mp_init(&a_plus3)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(a, 3, a_plus3)) != CRYPT_OK) { goto error; } + if (mp_cmp(a_plus3, modulus) != LTC_MP_EQ) { + if ((err = mp_init(&ma)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(a, mu, modulus, ma)) != CRYPT_OK) { goto error; } } /* alloc ram for window temps */ @@ -81,9 +70,8 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, for (j = 0; j < i; j++) { ltc_ecc_del_point(M[j]); } - mp_montgomery_free(mp); - mp_clear_multi(mu, ma, NULL); - return CRYPT_MEM; + err = CRYPT_MEM; + goto error; } } @@ -211,15 +199,15 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, err = CRYPT_OK; } done: - if (mu != NULL) { - mp_clear(mu); - } - mp_clear(ma); - mp_montgomery_free(mp); ltc_ecc_del_point(tG); for (i = 0; i < 8; i++) { ltc_ecc_del_point(M[i]); } +error: + if (ma != NULL) mp_clear(ma); + if (a_plus3 != NULL) mp_clear(a_plus3); + if (mu != NULL) mp_clear(mu); + if (mp != NULL) mp_montgomery_free(mp); return err; } @@ -229,6 +217,6 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c b/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c index 73145e7..068240a 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c +++ b/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -33,11 +28,11 @@ @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) @return CRYPT_OK on success */ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map) +int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) { ecc_point *tG, *M[3]; int i, j, err; - void *mu, *mp, *ma; + void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; ltc_mp_digit buf; int bitcnt, mode, digidx; @@ -55,22 +50,16 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, } /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init_multi(&mu, &ma, NULL)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_clear(mu); - mp_montgomery_free(mp); - return err; - } - if ((err = mp_mulmod(a, mu, modulus, ma)) != CRYPT_OK) { - mp_montgomery_free(mp); - mp_clear_multi(mu, ma, NULL); - return err; + if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto error; } + if ((err = mp_init(&mu)) != CRYPT_OK) { goto error; } + if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { goto error; } + + /* for curves with a == -3 keep ma == NULL */ + if ((err = mp_init(&a_plus3)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(a, 3, a_plus3)) != CRYPT_OK) { goto error; } + if (mp_cmp(a_plus3, modulus) != LTC_MP_EQ) { + if ((err = mp_init(&ma)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(a, mu, modulus, ma)) != CRYPT_OK) { goto error; } } /* alloc ram for window temps */ @@ -158,21 +147,21 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, err = CRYPT_OK; } done: - if (mu != NULL) { - mp_clear(mu); - } - mp_clear(ma); - mp_montgomery_free(mp); ltc_ecc_del_point(tG); for (i = 0; i < 3; i++) { ltc_ecc_del_point(M[i]); } +error: + if (ma != NULL) mp_clear(ma); + if (a_plus3 != NULL) mp_clear(a_plus3); + if (mu != NULL) mp_clear(mu); + if (mp != NULL) mp_montgomery_free(mp); return err; } #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_points.c b/src/ltc/pk/ecc/ltc_ecc_points.c index 2b45c72..772e8ef 100644 --- a/src/ltc/pk/ecc/ltc_ecc_points.c +++ b/src/ltc/pk/ecc/ltc_ecc_points.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -52,7 +47,7 @@ void ltc_ecc_del_point(ecc_point *p) } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c b/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c index d3d31dc..0182d0a 100644 --- a/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /** @@ -26,12 +21,12 @@ @param P The point to add @param Q The point to add @param R [out] The destination of the double - @param ma ECC curve parameter a in montgomery form (if NULL we assume a == -3) + @param ma ECC curve parameter a in montgomery form @param modulus The modulus of the field the ECC curve is in @param mp The "b" value from montgomery_setup() @return CRYPT_OK on success */ -int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp) +int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp) { void *t1, *t2, *x, *y, *z; int err; @@ -211,7 +206,7 @@ done: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c b/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c index f954a59..57cfd6f 100644 --- a/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c @@ -5,13 +5,8 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * - */ #include "tomcrypt.h" /* ### Point doubling in Jacobian coordinate system ### @@ -43,12 +38,12 @@ Double an ECC point @param P The point to double @param R [out] The destination of the double - @param ma ECC curve parameter a in montgomery form (if NULL we assume a == -3) + @param ma ECC curve parameter a in montgomery form @param modulus The modulus of the field the ECC curve is in @param mp The "b" value from montgomery_setup() @return CRYPT_OK on success */ -int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp) +int ltc_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp) { void *t1, *t2; int err; @@ -88,7 +83,7 @@ int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *ma, void *mod if ((err = mp_sub(R->z, modulus, R->z)) != CRYPT_OK) { goto done; } } - if (ma == NULL) { /* special case for ma == -3 (slightly faster than general case) */ + if (ma == NULL) { /* special case for curves with a == -3 (10% faster than general case) */ /* T2 = X - T1 */ if ((err = mp_sub(R->x, t1, t2)) != CRYPT_OK) { goto done; } if (mp_cmp_d(t2, 0) == LTC_MP_LT) { @@ -190,11 +185,11 @@ int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *ma, void *mod err = CRYPT_OK; done: - mp_clear_multi(t1, t2, NULL); + mp_clear_multi(t2, t1, NULL); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_verify_key.c b/src/ltc/pk/ecc/ltc_ecc_verify_key.c similarity index 60% rename from src/ltc/pk/ecc/ecc_verify_key.c rename to src/ltc/pk/ecc/ltc_ecc_verify_key.c index 0ca1914..b417465 100644 --- a/src/ltc/pk/ecc/ecc_verify_key.c +++ b/src/ltc/pk/ecc/ltc_ecc_verify_key.c @@ -5,11 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 + a*x + b - * */ #include "tomcrypt.h" @@ -24,7 +19,7 @@ @return CRYPT_OK if successful */ -int ecc_verify_key(ecc_key *key) +int ltc_ecc_verify_key(ecc_key *key) { int err; void *prime = NULL; @@ -32,18 +27,17 @@ int ecc_verify_key(ecc_key *key) void *a = NULL; ecc_point *point; - if (mp_init_multi(&order, &prime, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* Test 1: Are the x amd y points of the public key in the field? */ - if ((err = ltc_mp.read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) { goto done2; } + prime = key->dp.prime; + order = key->dp.order; + a = key->dp.A; + /* Test 1: Are the x and y points of the public key in the field? */ if (ltc_mp.compare_d(key->pubkey.z, 1) == LTC_MP_EQ) { if ((ltc_mp.compare(key->pubkey.x, prime) != LTC_MP_LT) || (ltc_mp.compare(key->pubkey.y, prime) != LTC_MP_LT) || - (ltc_mp.compare_d(key->pubkey.x, 0) != LTC_MP_GT) || - (ltc_mp.compare_d(key->pubkey.y, 0) != LTC_MP_GT) + (ltc_mp.compare_d(key->pubkey.x, 0) == LTC_MP_LT) || + (ltc_mp.compare_d(key->pubkey.y, 0) == LTC_MP_LT) || + (mp_iszero(key->pubkey.x) && mp_iszero(key->pubkey.y)) ) { err = CRYPT_INVALID_PACKET; @@ -52,12 +46,10 @@ int ecc_verify_key(ecc_key *key) } /* Test 2: is the public key on the curve? */ - if ((err = ltc_ecc_is_point(key->dp, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { goto done2; } + if ((err = ltc_ecc_is_point(&key->dp, key->pubkey.x, key->pubkey.y)) != CRYPT_OK) { goto done2; } /* Test 3: does nG = O? (n = order, O = point at infinity, G = public key) */ point = ltc_ecc_new_point(); - if ((err = ltc_mp.read_radix(order, key->dp->order, 16)) != CRYPT_OK) { goto done1; } - if ((err = ltc_mp.read_radix(a, key->dp->A, 16)) != CRYPT_OK) { goto done1; } if ((err = ltc_ecc_mulmod(order, &(key->pubkey), point, a, prime, 1)) != CRYPT_OK) { goto done1; } if (ltc_ecc_is_point_at_infinity(point, prime)) { @@ -70,8 +62,11 @@ int ecc_verify_key(ecc_key *key) done1: ltc_ecc_del_point(point); done2: - mp_clear_multi(prime, order, NULL); return err; } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_i2osp.c b/src/ltc/pk/pkcs1/pkcs_1_i2osp.c index b4cb4fe..5324c1e 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_i2osp.c +++ b/src/ltc/pk/pkcs1/pkcs_1_i2osp.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -46,6 +44,6 @@ int pkcs_1_i2osp(void *n, unsigned long modulus_len, unsigned char *out) #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_mgf1.c b/src/ltc/pk/pkcs1/pkcs_1_mgf1.c index a063128..c6283ca 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_mgf1.c +++ b/src/ltc/pk/pkcs1/pkcs_1_mgf1.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -103,6 +101,6 @@ LBL_ERR: #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c b/src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c index 469e3e1..27c9245 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -182,6 +180,6 @@ LBL_ERR: #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_oaep_encode.c b/src/ltc/pk/pkcs1/pkcs_1_oaep_encode.c index fb215a1..5042946 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_oaep_encode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -168,6 +166,6 @@ LBL_ERR: #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_os2ip.c b/src/ltc/pk/pkcs1/pkcs_1_os2ip.c index 5fe97ea..743c70b 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_os2ip.c +++ b/src/ltc/pk/pkcs1/pkcs_1_os2ip.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -31,6 +29,6 @@ int pkcs_1_os2ip(void *n, unsigned char *in, unsigned long inlen) #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_pss_decode.c b/src/ltc/pk/pkcs1/pkcs_1_pss_decode.c index 0fdf926..8e112a1 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_pss_decode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_pss_decode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -173,6 +171,6 @@ LBL_ERR: #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_pss_encode.c b/src/ltc/pk/pkcs1/pkcs_1_pss_encode.c index 7766c77..c795114 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_pss_encode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_pss_encode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -171,6 +169,6 @@ LBL_ERR: #endif /* LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_v1_5_decode.c b/src/ltc/pk/pkcs1/pkcs_1_v1_5_decode.c index 34bb434..94e1b2a 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_v1_5_decode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_v1_5_decode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -109,6 +107,6 @@ int pkcs_1_v1_5_decode(const unsigned char *msg, #endif /* #ifdef LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/pkcs1/pkcs_1_v1_5_encode.c b/src/ltc/pk/pkcs1/pkcs_1_v1_5_encode.c index ec932c3..dd92c64 100644 --- a/src/ltc/pk/pkcs1/pkcs_1_v1_5_encode.c +++ b/src/ltc/pk/pkcs1/pkcs_1_v1_5_encode.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -106,6 +104,6 @@ bail: #endif /* #ifdef LTC_PKCS_1 */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_decrypt_key.c b/src/ltc/pk/rsa/rsa_decrypt_key.c index 1f322ca..9e1bced 100644 --- a/src/ltc/pk/rsa/rsa_decrypt_key.c +++ b/src/ltc/pk/rsa/rsa_decrypt_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -100,6 +98,6 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_encrypt_key.c b/src/ltc/pk/rsa/rsa_encrypt_key.c index 4d6c24b..ef066d2 100644 --- a/src/ltc/pk/rsa/rsa_encrypt_key.c +++ b/src/ltc/pk/rsa/rsa_encrypt_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -97,6 +95,6 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_export.c b/src/ltc/pk/rsa/rsa_export.c index f869ff6..b156a83 100644 --- a/src/ltc/pk/rsa/rsa_export.c +++ b/src/ltc/pk/rsa/rsa_export.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -81,7 +79,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key goto finish; } - err = der_encode_subject_public_key_info(out, outlen, + err = x509_encode_subject_public_key_info(out, outlen, PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0); finish: @@ -94,6 +92,6 @@ finish: #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_exptmod.c b/src/ltc/pk/rsa/rsa_exptmod.c index 714bc52..37f62d1 100644 --- a/src/ltc/pk/rsa/rsa_exptmod.c +++ b/src/ltc/pk/rsa/rsa_exptmod.c @@ -5,16 +5,13 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - * - * Added RSA blinding --nmav */ #include "tomcrypt.h" /** @file rsa_exptmod.c RSA PKCS exptmod, Tom St Denis + Added RSA blinding --nmav */ #ifdef LTC_MRSA @@ -100,9 +97,11 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, } #endif /* LTC_RSA_BLINDING */ - has_crt_parameters = (key->dP != NULL) && (mp_get_digit_count(key->dP) != 0) && - (key->dQ != NULL) && (mp_get_digit_count(key->dQ) != 0) && - (key->qP != NULL) && (mp_get_digit_count(key->qP) != 0); + has_crt_parameters = (key->p != NULL) && (mp_get_digit_count(key->p) != 0) && + (key->q != NULL) && (mp_get_digit_count(key->q) != 0) && + (key->dP != NULL) && (mp_get_digit_count(key->dP) != 0) && + (key->dQ != NULL) && (mp_get_digit_count(key->dQ) != 0) && + (key->qP != NULL) && (mp_get_digit_count(key->qP) != 0); if (!has_crt_parameters) { /* @@ -178,6 +177,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_free.c b/src/ltc/pk/rsa/rsa_free.c index 57da74c..1e62f09 100644 --- a/src/ltc/pk/rsa/rsa_free.c +++ b/src/ltc/pk/rsa/rsa_free.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -24,11 +22,11 @@ void rsa_free(rsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->q, key->p, key->qP, key->dP, key->dQ, key->N, key->d, key->e, NULL); + mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_get_size.c b/src/ltc/pk/rsa/rsa_get_size.c index dfc82b0..8c90194 100644 --- a/src/ltc/pk/rsa/rsa_get_size.c +++ b/src/ltc/pk/rsa/rsa_get_size.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * http://libtom.org */ #include "tomcrypt.h" @@ -37,6 +35,6 @@ int rsa_get_size(rsa_key *key) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_import.c b/src/ltc/pk/rsa/rsa_import.c index efd5afb..8577178 100644 --- a/src/ltc/pk/rsa/rsa_import.c +++ b/src/ltc/pk/rsa/rsa_import.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -29,7 +27,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) int err; void *zero; unsigned char *tmpbuf=NULL; - unsigned long tmpbuf_len; + unsigned long tmpbuf_len, len; LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); @@ -42,16 +40,17 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } /* see if the OpenSSL DER format RSA public key will work */ - tmpbuf_len = MAX_RSA_SIZE * 8; + tmpbuf_len = inlen; tmpbuf = XCALLOC(1, tmpbuf_len); if (tmpbuf == NULL) { err = CRYPT_MEM; goto LBL_ERR; } - err = der_decode_subject_public_key_info(in, inlen, + len = 0; + err = x509_decode_subject_public_key_info(in, inlen, PKA_RSA, tmpbuf, &tmpbuf_len, - LTC_ASN1_NULL, NULL, 0); + LTC_ASN1_NULL, NULL, &len); if (err == CRYPT_OK) { /* SubjectPublicKeyInfo format */ @@ -68,9 +67,10 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } /* not SSL public key, try to match against PKCS #1 standards */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_INTEGER, 1UL, key->N, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N, + LTC_ASN1_EOL, 0UL, NULL); + + if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { goto LBL_ERR; } @@ -125,6 +125,6 @@ LBL_FREE: #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_import_pkcs8.c b/src/ltc/pk/rsa/rsa_import_pkcs8.c index 2f2aa36..8e15e06 100644 --- a/src/ltc/pk/rsa/rsa_import_pkcs8.c +++ b/src/ltc/pk/rsa/rsa_import_pkcs8.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -75,14 +73,14 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, /* alloc buffers */ buf1len = inlen; /* approx. */ buf1 = XMALLOC(buf1len); - if (buf1 == NULL) { err = CRYPT_MEM; goto LBL_NOCLEAR; } + if (buf1 == NULL) { err = CRYPT_MEM; goto LBL_NOFREE; } buf2len = inlen; /* approx. */ buf2 = XMALLOC(buf2len); - if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE; } + if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; } /* init key */ err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL); - if (err != CRYPT_OK) { goto LBL_NOCLEAR; } + if (err != CRYPT_OK) { goto LBL_FREE2; } /* try to decode encrypted priv key */ LTC_SET_ASN1(key_seq_e, 0, LTC_ASN1_OCTET_STRING, buf1, buf1len); @@ -133,19 +131,23 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, LTC_ASN1_INTEGER, 1UL, key->qP, LTC_ASN1_EOL, 0UL, NULL); if (err != CRYPT_OK) { goto LBL_ERR; } - mp_clear_multi(zero, iter, NULL); key->type = PK_PRIVATE; err = CRYPT_OK; - goto LBL_FREE; + goto LBL_FREE2; LBL_ERR: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, zero, iter, NULL); -LBL_NOCLEAR: + rsa_free(key); +LBL_FREE2: + mp_clear_multi(iter, zero, NULL); XFREE(buf2); -LBL_FREE: +LBL_FREE1: XFREE(buf1); LBL_NOFREE: return err; } #endif /* LTC_MRSA */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_import_radix.c b/src/ltc/pk/rsa/rsa_import_radix.c deleted file mode 100644 index d9d4ec7..0000000 --- a/src/ltc/pk/rsa/rsa_import_radix.c +++ /dev/null @@ -1,64 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - Import RSA public or private key from raw numbers - @param radix the radix the numbers are represented in (2-64, 16 = hexadecimal) - @param N RSA's N in radix representation - @param e RSA's e in radix representation - @param d RSA's d in radix representation (only private key, NULL for public key) - @param p RSA's p in radix representation (only private key, NULL for public key) - @param q RSA's q in radix representation (only private key, NULL for public key) - @param dP RSA's dP in radix representation (only private key, NULL for public key) - @param dQ RSA's dQ in radix representation (only private key, NULL for public key) - @param qP RSA's qP in radix representation (only private key, NULL for public key) - @param key [out] the destination for the imported key - @return CRYPT_OK if successful, upon error allocated memory is freed -*/ - -#ifdef LTC_MRSA - -int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key) -{ - int err; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(N != NULL); - LTC_ARGCHK(e != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); - if (err != CRYPT_OK) return err; - - if ((err = mp_read_radix(key->N , N , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->e , e , radix)) != CRYPT_OK) { goto LBL_ERR; } - if (d && p && q && dP && dQ && qP && strlen(d)>0 && strlen(p)>0 && - strlen(q)>0 && strlen(dP)>0 && strlen(dQ)>0 && strlen(qP)>0) { - if ((err = mp_read_radix(key->d , d , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->dP, dP, radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->dQ, dQ, radix)) != CRYPT_OK) { goto LBL_ERR; } - if ((err = mp_read_radix(key->qP, qP, radix)) != CRYPT_OK) { goto LBL_ERR; } - key->type = PK_PRIVATE; - } - else { - key->type = PK_PUBLIC; - } - return CRYPT_OK; - -LBL_ERR: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); - return err; -} - -#endif /* LTC_MRSA */ diff --git a/src/ltc/pk/rsa/rsa_import_x509.c b/src/ltc/pk/rsa/rsa_import_x509.c index 45da7c7..aa35e64 100644 --- a/src/ltc/pk/rsa/rsa_import_x509.c +++ b/src/ltc/pk/rsa/rsa_import_x509.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -28,7 +26,7 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key) { int err; unsigned char *tmpbuf; - unsigned long tmpbuf_len, tmp_inlen; + unsigned long tmpbuf_len, tmp_inlen, len; ltc_asn1_list *decoded_list = NULL, *l; LTC_ARGCHK(in != NULL); @@ -41,7 +39,7 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key) return err; } - tmpbuf_len = MAX_RSA_SIZE * 8; + tmpbuf_len = inlen; tmpbuf = XCALLOC(1, tmpbuf_len); if (tmpbuf == NULL) { err = CRYPT_MEM; @@ -79,9 +77,10 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key) l->child->type == LTC_ASN1_SEQUENCE && l->child->child && l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next && l->child->next->type == LTC_ASN1_BIT_STRING) { - err = der_decode_subject_public_key_info(l->data, l->size, + len = 0; + err = x509_decode_subject_public_key_info(l->data, l->size, PKA_RSA, tmpbuf, &tmpbuf_len, - LTC_ASN1_NULL, NULL, 0); + LTC_ASN1_NULL, NULL, &len); if (err == CRYPT_OK) { /* now it should be SEQUENCE { INTEGER, INTEGER } */ if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len, @@ -115,6 +114,6 @@ LBL_FREE: #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_make_key.c b/src/ltc/pk/rsa/rsa_make_key.c index 454d20b..c5c4c28 100644 --- a/src/ltc/pk/rsa/rsa_make_key.c +++ b/src/ltc/pk/rsa/rsa_make_key.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -33,10 +31,7 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) LTC_ARGCHK(ltc_mp.name != NULL); LTC_ARGCHK(key != NULL); - - if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) { - return CRYPT_INVALID_KEYSIZE; - } + LTC_ARGCHK(size > 0); if ((e < 3) || ((e & 1) == 0)) { return CRYPT_INVALID_ARG; @@ -99,7 +94,7 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) err = CRYPT_OK; goto cleanup; errkey: - mp_clear_multi(key->q, key->p, key->qP, key->dP, key->dQ, key->N, key->d, key->e, NULL); + rsa_free(key); cleanup: mp_clear_multi(tmp3, tmp2, tmp1, q, p, NULL); return err; @@ -107,6 +102,6 @@ cleanup: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_set.c b/src/ltc/pk/rsa/rsa_set.c new file mode 100644 index 0000000..0d540c4 --- /dev/null +++ b/src/ltc/pk/rsa/rsa_set.c @@ -0,0 +1,134 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + + +#ifdef LTC_MRSA + +/** + Import RSA key from raw numbers + + @param N RSA's N + @param Nlen RSA's N's length + @param e RSA's e + @param elen RSA's e's length + @param d RSA's d (only private key, NULL for public key) + @param dlen RSA's d's length + @param key [out] the destination for the imported key + @return CRYPT_OK if successful +*/ +int rsa_set_key(const unsigned char *N, unsigned long Nlen, + const unsigned char *e, unsigned long elen, + const unsigned char *d, unsigned long dlen, + rsa_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(N != NULL); + LTC_ARGCHK(e != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); + if (err != CRYPT_OK) return err; + + if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; } + if (d && dlen) { + if ((err = mp_read_unsigned_bin(key->d , (unsigned char *)d , dlen)) != CRYPT_OK) { goto LBL_ERR; } + key->type = PK_PRIVATE; + } + else { + key->type = PK_PUBLIC; + } + return CRYPT_OK; + +LBL_ERR: + rsa_free(key); + return err; +} + +/** + Import factors of an RSA key from raw numbers + + Only for private keys. + + @param p RSA's p + @param plen RSA's p's length + @param q RSA's q + @param qlen RSA's q's length + @param key [out] the destination for the imported key + @return CRYPT_OK if successful +*/ +int rsa_set_factors(const unsigned char *p, unsigned long plen, + const unsigned char *q, unsigned long qlen, + rsa_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(p != NULL); + LTC_ARGCHK(q != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH; + + if ((err = mp_read_unsigned_bin(key->p , (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->q , (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; } + return CRYPT_OK; + +LBL_ERR: + rsa_free(key); + return err; +} + +/** + Import CRT parameters of an RSA key from raw numbers + + Only for private keys. + + @param dP RSA's dP + @param dPlen RSA's dP's length + @param dQ RSA's dQ + @param dQlen RSA's dQ's length + @param qP RSA's qP + @param qPlen RSA's qP's length + @param key [out] the destination for the imported key + @return CRYPT_OK if successful +*/ +int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen, + const unsigned char *dQ, unsigned long dQlen, + const unsigned char *qP, unsigned long qPlen, + rsa_key *key) +{ + int err; + + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(dP != NULL); + LTC_ARGCHK(dQ != NULL); + LTC_ARGCHK(qP != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); + + if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH; + + if ((err = mp_read_unsigned_bin(key->dP, (unsigned char *)dP, dPlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->dQ, (unsigned char *)dQ, dQlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(key->qP, (unsigned char *)qP, qPlen)) != CRYPT_OK) { goto LBL_ERR; } + return CRYPT_OK; + +LBL_ERR: + rsa_free(key); + return err; +} + +#endif /* LTC_MRSA */ + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_sign_hash.c b/src/ltc/pk/rsa/rsa_sign_hash.c index 46d5c9f..05c7155 100644 --- a/src/ltc/pk/rsa/rsa_sign_hash.c +++ b/src/ltc/pk/rsa/rsa_sign_hash.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -23,7 +21,7 @@ @param inlen The length of the hash to sign (octets) @param out [out] The signature @param outlen [in/out] The max size and resulting size of the signature - @param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5) + @param padding Type of padding (LTC_PKCS_1_PSS, LTC_PKCS_1_V1_5 or LTC_PKCS_1_V1_5_NA1) @param prng An active PRNG state @param prng_idx The index of the PRNG desired @param hash_idx The index of the hash desired @@ -47,15 +45,21 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(key != NULL); /* valid padding? */ - if ((padding != LTC_PKCS_1_V1_5) && (padding != LTC_PKCS_1_PSS)) { + if ((padding != LTC_PKCS_1_V1_5) && + (padding != LTC_PKCS_1_PSS) && + (padding != LTC_PKCS_1_V1_5_NA1)) { return CRYPT_PK_INVALID_PADDING; } if (padding == LTC_PKCS_1_PSS) { - /* valid prng and hash ? */ + /* valid prng ? */ if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { return err; } + } + + if (padding != LTC_PKCS_1_V1_5_NA1) { + /* valid hash ? */ if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; } @@ -81,46 +85,54 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } else { /* PKCS #1 v1.5 pad the hash */ unsigned char *tmpin; - ltc_asn1_list digestinfo[2], siginfo[2]; - /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { - return CRYPT_INVALID_ARG; - } + if (padding == LTC_PKCS_1_V1_5) { + ltc_asn1_list digestinfo[2], siginfo[2]; + /* not all hashes have OIDs... so sad */ + if (hash_descriptor[hash_idx].OIDlen == 0) { + return CRYPT_INVALID_ARG; + } /* construct the SEQUENCE - SEQUENCE { - SEQUENCE {hashoid OID - blah NULL - } + SEQUENCE { + SEQUENCE {hashoid OID + blah NULL + } hash OCTET STRING + } + */ + LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen); + LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); + LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); + LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, in, inlen); + + /* allocate memory for the encoding */ + y = mp_unsigned_bin_size(key->N); + tmpin = XMALLOC(y); + if (tmpin == NULL) { + return CRYPT_MEM; } - */ - LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen); - LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); - LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); - LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, in, inlen); - /* allocate memory for the encoding */ - y = mp_unsigned_bin_size(key->N); - tmpin = XMALLOC(y); - if (tmpin == NULL) { - return CRYPT_MEM; - } - - if ((err = der_encode_sequence(siginfo, 2, tmpin, &y)) != CRYPT_OK) { - XFREE(tmpin); - return err; + if ((err = der_encode_sequence(siginfo, 2, tmpin, &y)) != CRYPT_OK) { + XFREE(tmpin); + return err; + } + } else { + /* set the pointer and data-length to the input values */ + tmpin = (unsigned char *)in; + y = inlen; } x = *outlen; - if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA, - modulus_bitlen, NULL, 0, - out, &x)) != CRYPT_OK) { + err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA, modulus_bitlen, NULL, 0, out, &x); + + if (padding == LTC_PKCS_1_V1_5) { XFREE(tmpin); + } + + if (err != CRYPT_OK) { return err; } - XFREE(tmpin); } /* RSA encode it */ @@ -129,6 +141,6 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_sign_saltlen_get.c b/src/ltc/pk/rsa/rsa_sign_saltlen_get.c index 9f5cadb..b217f94 100644 --- a/src/ltc/pk/rsa/rsa_sign_saltlen_get.c +++ b/src/ltc/pk/rsa/rsa_sign_saltlen_get.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * http://libtom.org */ #include "tomcrypt.h" @@ -44,6 +42,6 @@ int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/rsa/rsa_verify_hash.c b/src/ltc/pk/rsa/rsa_verify_hash.c index 9a425cd..361f237 100644 --- a/src/ltc/pk/rsa/rsa_verify_hash.c +++ b/src/ltc/pk/rsa/rsa_verify_hash.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" @@ -23,7 +21,7 @@ @param siglen The length of the signature data (octets) @param hash The hash of the message that was signed @param hashlen The length of the hash of the message that was signed (octets) - @param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5) + @param padding Type of padding (LTC_PKCS_1_PSS, LTC_PKCS_1_V1_5 or LTC_PKCS_1_V1_5_NA1) @param hash_idx The index of the desired hash @param saltlen The length of the salt used during signature @param stat [out] The result of the signature comparison, 1==valid, 0==invalid @@ -51,11 +49,12 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, /* valid padding? */ if ((padding != LTC_PKCS_1_V1_5) && - (padding != LTC_PKCS_1_PSS)) { + (padding != LTC_PKCS_1_PSS) && + (padding != LTC_PKCS_1_V1_5_NA1)) { return CRYPT_PK_INVALID_PADDING; } - if (padding == LTC_PKCS_1_PSS) { + if (padding != LTC_PKCS_1_V1_5_NA1) { /* valid hash ? */ if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; @@ -103,15 +102,8 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } else { /* PKCS #1 v1.5 decode it */ unsigned char *out; - unsigned long outlen, loid[16], reallen; + unsigned long outlen; int decoded; - ltc_asn1_list digestinfo[2], siginfo[2]; - - /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { - err = CRYPT_INVALID_ARG; - goto bail_2; - } /* allocate temp buffer for decoded hash */ outlen = ((modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0)) - 3; @@ -126,37 +118,58 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, goto bail_2; } - /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */ - /* construct the SEQUENCE - SEQUENCE { - SEQUENCE {hashoid OID - blah NULL - } - hash OCTET STRING + if (padding == LTC_PKCS_1_V1_5) { + unsigned long loid[16], reallen; + ltc_asn1_list digestinfo[2], siginfo[2]; + + /* not all hashes have OIDs... so sad */ + if (hash_descriptor[hash_idx].OIDlen == 0) { + err = CRYPT_INVALID_ARG; + goto bail_2; } - */ - LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, sizeof(loid)/sizeof(loid[0])); - LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); - LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); - LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, tmpbuf, siglen); - if ((err = der_decode_sequence(out, outlen, siginfo, 2)) != CRYPT_OK) { - XFREE(out); - goto bail_2; - } + /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */ + /* construct the SEQUENCE + SEQUENCE { + SEQUENCE {hashoid OID + blah NULL + } + hash OCTET STRING + } + */ + LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, sizeof(loid)/sizeof(loid[0])); + LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); + LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); + LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, tmpbuf, siglen); - if ((err = der_length_sequence(siginfo, 2, &reallen)) != CRYPT_OK) { - XFREE(out); - goto bail_2; - } + if ((err = der_decode_sequence_strict(out, outlen, siginfo, 2)) != CRYPT_OK) { + /* fallback to Legacy:missing NULL */ + LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 1); + if ((err = der_decode_sequence_strict(out, outlen, siginfo, 2)) != CRYPT_OK) { + XFREE(out); + goto bail_2; + } + } - /* test OID */ - if ((reallen == outlen) && - (digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && - (XMEM_NEQ(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) && - (siginfo[1].size == hashlen) && - (XMEM_NEQ(siginfo[1].data, hash, hashlen) == 0)) { - *stat = 1; + if ((err = der_length_sequence(siginfo, 2, &reallen)) != CRYPT_OK) { + XFREE(out); + goto bail_2; + } + + /* test OID */ + if ((reallen == outlen) && + (digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && + (XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) && + (siginfo[1].size == hashlen) && + (XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) { + *stat = 1; + } + } else { + /* only check if the hash is equal */ + if ((hashlen == outlen) && + (XMEMCMP(out, hash, hashlen) == 0)) { + *stat = 1; + } } #ifdef LTC_CLEAN_STACK @@ -175,6 +188,6 @@ bail_2: #endif /* LTC_MRSA */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/chacha20.c b/src/ltc/prngs/chacha20.c index faaf629..72a6d63 100644 --- a/src/ltc/prngs/chacha20.c +++ b/src/ltc/prngs/chacha20.c @@ -31,7 +31,7 @@ const struct ltc_prng_descriptor chacha20_prng_desc = /** Start the PRNG - @param prng[out] The PRNG state to initialize + @param prng The PRNG state to initialize @return CRYPT_OK if successful */ int chacha20_prng_start(prng_state *prng) @@ -71,7 +71,7 @@ int chacha20_prng_add_entropy(const unsigned char *in, unsigned long inlen, prng /* iv 8 bytes */ if ((err = chacha_ivctr64(&prng->chacha.s, buf + 32, 8, 0)) != CRYPT_OK) goto LBL_UNLOCK; /* clear KEY + IV */ - XMEMSET(buf, 0, sizeof(buf)); + zeromem(buf, sizeof(buf)); } else { /* chacha20_prng_ready() was not called yet, add entropy to ent buffer */ @@ -139,6 +139,7 @@ int chacha20_prng_done(prng_state *prng) prng->ready = 0; err = chacha_done(&prng->chacha.s); LTC_MUTEX_UNLOCK(&prng->lock); + LTC_MUTEX_DESTROY(&prng->lock); return err; } @@ -240,3 +241,7 @@ int chacha20_prng_test(void) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/fortuna.c b/src/ltc/prngs/fortuna.c index 15f3c4c..7b1ecb6 100644 --- a/src/ltc/prngs/fortuna.c +++ b/src/ltc/prngs/fortuna.c @@ -49,7 +49,7 @@ const struct ltc_prng_descriptor fortuna_desc = { }; /* update the IV */ -static void fortuna_update_iv(prng_state *prng) +static void _fortuna_update_iv(prng_state *prng) { int x; unsigned char *IV; @@ -62,7 +62,7 @@ static void fortuna_update_iv(prng_state *prng) } /* reseed the PRNG */ -static int fortuna_reseed(prng_state *prng) +static int _fortuna_reseed(prng_state *prng) { unsigned char tmp[MAXBLOCKSIZE]; hash_state md; @@ -106,7 +106,7 @@ static int fortuna_reseed(prng_state *prng) if ((err = rijndael_setup(prng->fortuna.K, 32, 0, &prng->fortuna.skey)) != CRYPT_OK) { return err; } - fortuna_update_iv(prng); + _fortuna_update_iv(prng); /* reset pool len */ prng->fortuna.pool0_len = 0; @@ -217,7 +217,7 @@ int fortuna_ready(prng_state *prng) LTC_ARGCHK(prng != NULL); LTC_MUTEX_LOCK(&prng->lock); - err = fortuna_reseed(prng); + err = _fortuna_reseed(prng); prng->ready = (err == CRYPT_OK) ? 1 : 0; LTC_MUTEX_UNLOCK(&prng->lock); @@ -246,7 +246,7 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state /* do we have to reseed? */ if (++prng->fortuna.wd == LTC_FORTUNA_WD || prng->fortuna.pool0_len >= 64) { - if (fortuna_reseed(prng) != CRYPT_OK) { + if (_fortuna_reseed(prng) != CRYPT_OK) { goto LBL_UNLOCK; } } @@ -260,22 +260,22 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state rijndael_ecb_encrypt(prng->fortuna.IV, out, &prng->fortuna.skey); out += 16; outlen -= 16; - fortuna_update_iv(prng); + _fortuna_update_iv(prng); } /* left over bytes? */ if (outlen > 0) { rijndael_ecb_encrypt(prng->fortuna.IV, tmp, &prng->fortuna.skey); XMEMCPY(out, tmp, outlen); - fortuna_update_iv(prng); + _fortuna_update_iv(prng); } /* generate new key */ rijndael_ecb_encrypt(prng->fortuna.IV, prng->fortuna.K , &prng->fortuna.skey); - fortuna_update_iv(prng); + _fortuna_update_iv(prng); rijndael_ecb_encrypt(prng->fortuna.IV, prng->fortuna.K+16, &prng->fortuna.skey); - fortuna_update_iv(prng); + _fortuna_update_iv(prng); if (rijndael_setup(prng->fortuna.K, 32, 0, &prng->fortuna.skey) != CRYPT_OK) { tlen = 0; @@ -318,6 +318,7 @@ LBL_UNLOCK: zeromem(tmp, sizeof(tmp)); #endif LTC_MUTEX_UNLOCK(&prng->lock); + LTC_MUTEX_DESTROY(&prng->lock); return err; } @@ -444,6 +445,6 @@ int fortuna_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/rc4.c b/src/ltc/prngs/rc4.c index e7d3afc..e2aa921 100644 --- a/src/ltc/prngs/rc4.c +++ b/src/ltc/prngs/rc4.c @@ -9,7 +9,7 @@ #include "tomcrypt.h" /** - @file rc4.c + @file prngs/rc4.c RC4 PRNG, Tom St Denis */ @@ -72,6 +72,7 @@ int rc4_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *pr if ((err = rc4_stream_setup(&prng->rc4.s, buf, sizeof(buf))) != CRYPT_OK) goto LBL_UNLOCK; /* drop first 3072 bytes - https://en.wikipedia.org/wiki/RC4#Fluhrer.2C_Mantin_and_Shamir_attack */ for (i = 0; i < 12; i++) rc4_stream_keystream(&prng->rc4.s, buf, sizeof(buf)); + zeromem(buf, sizeof(buf)); } else { /* rc4_ready() was not called yet, add entropy to the buffer */ @@ -141,6 +142,7 @@ int rc4_done(prng_state *prng) prng->ready = 0; err = rc4_stream_done(&prng->rc4.s); LTC_MUTEX_UNLOCK(&prng->lock); + LTC_MUTEX_DESTROY(&prng->lock); return err; } @@ -242,3 +244,7 @@ int rc4_test(void) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/rng_get_bytes.c b/src/ltc/prngs/rng_get_bytes.c index 2c05d0d..4e9a063 100644 --- a/src/ltc/prngs/rng_get_bytes.c +++ b/src/ltc/prngs/rng_get_bytes.c @@ -14,9 +14,9 @@ portable way to get secure random bits to feed a PRNG (Tom St Denis) */ -#ifdef LTC_DEVRANDOM +#if defined(LTC_DEVRANDOM) && !defined(_WIN32) /* on *NIX read /dev/random */ -static unsigned long rng_nix(unsigned char *buf, unsigned long len, +static unsigned long _rng_nix(unsigned char *buf, unsigned long len, void (*callback)(void)) { #ifdef LTC_NO_FILE @@ -56,7 +56,7 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len, #define ANSI_RNG -static unsigned long rng_ansic(unsigned char *buf, unsigned long len, +static unsigned long _rng_ansic(unsigned char *buf, unsigned long len, void (*callback)(void)) { clock_t t1; @@ -97,7 +97,7 @@ static unsigned long rng_ansic(unsigned char *buf, unsigned long len, #include #include -static unsigned long rng_win32(unsigned char *buf, unsigned long len, +static unsigned long _rng_win32(unsigned char *buf, unsigned long len, void (*callback)(void)) { HCRYPTPROV hProv = 0; @@ -143,17 +143,17 @@ unsigned long rng_get_bytes(unsigned char *out, unsigned long outlen, #endif #if defined(_WIN32) || defined(_WIN32_WCE) - x = rng_win32(out, outlen, callback); if (x != 0) { return x; } + x = _rng_win32(out, outlen, callback); if (x != 0) { return x; } #elif defined(LTC_DEVRANDOM) - x = rng_nix(out, outlen, callback); if (x != 0) { return x; } + x = _rng_nix(out, outlen, callback); if (x != 0) { return x; } #endif #ifdef ANSI_RNG - x = rng_ansic(out, outlen, callback); if (x != 0) { return x; } + x = _rng_ansic(out, outlen, callback); if (x != 0) { return x; } #endif return 0; } #endif /* #ifdef LTC_RNG_GET_BYTES */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/rng_make_prng.c b/src/ltc/prngs/rng_make_prng.c index fff92c7..2bde291 100644 --- a/src/ltc/prngs/rng_make_prng.c +++ b/src/ltc/prngs/rng_make_prng.c @@ -43,7 +43,7 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, return err; } - bits = ((bits/8)+((bits&7)!=0?1:0)) * 2; + bits = ((bits+7)/8) * 2; if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) { return CRYPT_ERROR_READPRNG; } @@ -64,6 +64,6 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, #endif /* #ifdef LTC_RNG_MAKE_PRNG */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/sober128.c b/src/ltc/prngs/sober128.c index 56f873c..8d95491 100644 --- a/src/ltc/prngs/sober128.c +++ b/src/ltc/prngs/sober128.c @@ -10,7 +10,7 @@ #include "tomcrypt.h" /** - @file sober128.c + @file prngs/sober128.c Implementation of SOBER-128 by Tom St Denis. Based on s128fast.c reference code supplied by Greg Rose of QUALCOMM. */ @@ -73,7 +73,7 @@ int sober128_add_entropy(const unsigned char *in, unsigned long inlen, prng_stat /* iv 8 bytes */ if ((err = sober128_stream_setiv(&prng->sober128.s, buf + 32, 8)) != CRYPT_OK) goto LBL_UNLOCK; /* clear KEY + IV */ - XMEMSET(buf, 0, sizeof(buf)); + zeromem(buf, sizeof(buf)); } else { /* sober128_ready() was not called yet, add entropy to ent buffer */ @@ -141,6 +141,7 @@ int sober128_done(prng_state *prng) prng->ready = 0; err = sober128_stream_done(&prng->sober128.s); LTC_MUTEX_UNLOCK(&prng->lock); + LTC_MUTEX_DESTROY(&prng->lock); return err; } @@ -242,3 +243,7 @@ int sober128_test(void) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/sprng.c b/src/ltc/prngs/sprng.c index 7e1865f..b74d8da 100644 --- a/src/ltc/prngs/sprng.c +++ b/src/ltc/prngs/sprng.c @@ -156,6 +156,6 @@ int sprng_test(void) -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/prngs/yarrow.c b/src/ltc/prngs/yarrow.c index 7275ac8..e598834 100644 --- a/src/ltc/prngs/yarrow.c +++ b/src/ltc/prngs/yarrow.c @@ -262,6 +262,7 @@ int yarrow_done(prng_state *prng) err = ctr_done(&prng->yarrow.ctr); LTC_MUTEX_UNLOCK(&prng->lock); + LTC_MUTEX_DESTROY(&prng->lock); return err; } @@ -346,6 +347,6 @@ int yarrow_test(void) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_crypt.c b/src/ltc/stream/chacha/chacha_crypt.c index 30b5da7..6814058 100644 --- a/src/ltc/stream/chacha/chacha_crypt.c +++ b/src/ltc/stream/chacha/chacha_crypt.c @@ -57,9 +57,11 @@ int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned long i, j; if (inlen == 0) return CRYPT_OK; /* nothing to do */ - LTC_ARGCHK(st != NULL); - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(st->ivlen != 0); if (st->ksleft > 0) { j = MIN(st->ksleft, inlen); @@ -93,3 +95,7 @@ int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_done.c b/src/ltc/stream/chacha/chacha_done.c index 4d6e278..9f0196e 100644 --- a/src/ltc/stream/chacha/chacha_done.c +++ b/src/ltc/stream/chacha/chacha_done.c @@ -24,3 +24,7 @@ int chacha_done(chacha_state *st) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_ivctr32.c b/src/ltc/stream/chacha/chacha_ivctr32.c index 9884a1e..c9a6dbb 100644 --- a/src/ltc/stream/chacha/chacha_ivctr32.c +++ b/src/ltc/stream/chacha/chacha_ivctr32.c @@ -20,7 +20,7 @@ Set IV + counter data to the ChaCha state @param st The ChaCha20 state @param iv The IV data to add - @param inlen The length of the IV (must be 12) + @param ivlen The length of the IV (must be 12) @param counter 32bit (unsigned) initial counter value @return CRYPT_OK on success */ @@ -41,3 +41,7 @@ int chacha_ivctr32(chacha_state *st, const unsigned char *iv, unsigned long ivle } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_ivctr64.c b/src/ltc/stream/chacha/chacha_ivctr64.c index 82d39fb..643d11f 100644 --- a/src/ltc/stream/chacha/chacha_ivctr64.c +++ b/src/ltc/stream/chacha/chacha_ivctr64.c @@ -20,7 +20,7 @@ Set IV + counter data to the ChaCha state @param st The ChaCha20 state @param iv The IV data to add - @param inlen The length of the IV (must be 8) + @param ivlen The length of the IV (must be 8) @param counter 64bit (unsigned) initial counter value @return CRYPT_OK on success */ @@ -41,3 +41,7 @@ int chacha_ivctr64(chacha_state *st, const unsigned char *iv, unsigned long ivle } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_keystream.c b/src/ltc/stream/chacha/chacha_keystream.c index b45323f..25eb63a 100644 --- a/src/ltc/stream/chacha/chacha_keystream.c +++ b/src/ltc/stream/chacha/chacha_keystream.c @@ -32,3 +32,7 @@ int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/chacha/chacha_setup.c b/src/ltc/stream/chacha/chacha_setup.c index 69a1483..e34370b 100644 --- a/src/ltc/stream/chacha/chacha_setup.c +++ b/src/ltc/stream/chacha/chacha_setup.c @@ -35,6 +35,8 @@ int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keyle LTC_ARGCHK(key != NULL); LTC_ARGCHK(keylen == 32 || keylen == 16); + if (rounds == 0) rounds = 20; + LOAD32L(st->input[4], key + 0); LOAD32L(st->input[5], key + 4); LOAD32L(st->input[6], key + 8); @@ -59,3 +61,7 @@ int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keyle } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/rabbit/rabbit.c b/src/ltc/stream/rabbit/rabbit.c new file mode 100644 index 0000000..cf6ec0b --- /dev/null +++ b/src/ltc/stream/rabbit/rabbit.c @@ -0,0 +1,446 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/****************************************************************************** + * This Rabbit C source code was morphed fm the EU eSTREAM ECRYPT submission + * and should run on any conforming C implementation (C90 or later). + * + * This implementation supports any key length up to 128 bits (16 bytes) and + * works in increments of 8-bit bytes. Keys must be submitted as whole bytes + * and shorter keys will be right-null-padded to 16 bytes. Likewise, an iv + * may be any length up to 8 bytes and will be padded out to 8 bytes. + * + * The eSTREAM submission was rather picky about the calling sequence of + * ECRYPT_process_blocks() and ECRYPT_process_bytes(). That version allowed + * calling ECRYPT_process_blocks() multiple times for a multiple of whole + * 16-byte blocks, but once ECRYPT_process_bytes() was called. no more calls + * were supported correctly. This implementation handles the keystream + * differently and rabbit_crypt() may be called as many times as desired, + * crypting any number of bytes each time. + * + * http://www.ecrypt.eu.org/stream/e2-rabbit.html + * + * NB: One of the test vectors distributed by the eSTREAM site in the file + * "rabbit_p3source.zip" is in error. Referring to "test-vectors.txt" + * in that ZIP file, the 3rd line in "out1" should be + * "96 D6 73 16 88 D1 68 DA 51 D4 0C 70 C3 A1 16 F4". + * + * Here is the original legal notice accompanying the Rabbit submission + * to the EU eSTREAM competition. + *--------------------------------------------------------------------------- + * Copyright (C) Cryptico A/S. All rights reserved. + * + * YOU SHOULD CAREFULLY READ THIS LEGAL NOTICE BEFORE USING THIS SOFTWARE. + * + * This software is developed by Cryptico A/S and/or its suppliers. + * All title and intellectual property rights in and to the software, + * including but not limited to patent rights and copyrights, are owned + * by Cryptico A/S and/or its suppliers. + * + * The software may be used solely for non-commercial purposes + * without the prior written consent of Cryptico A/S. For further + * information on licensing terms and conditions please contact + * Cryptico A/S at info@cryptico.com + * + * Cryptico, CryptiCore, the Cryptico logo and "Re-thinking encryption" + * are either trademarks or registered trademarks of Cryptico A/S. + * + * Cryptico A/S shall not in any way be liable for any use of this + * software. The software is provided "as is" without any express or + * implied warranty. + *--------------------------------------------------------------------------- + * On October 6, 2008, Rabbit was "released into the public domain and + * may be used freely for any purpose." + * http://www.ecrypt.eu.org/stream/rabbitpf.html + * https://web.archive.org/web/20090630021733/http://www.ecrypt.eu.org/stream/phorum/read.php?1,1244 + ******************************************************************************/ + + +#include "tomcrypt.h" + +#ifdef LTC_RABBIT + +/* local/private prototypes (NB: rabbit_ctx and rabbit_state are different) */ +static LTC_INLINE ulong32 _rabbit_g_func(ulong32 x); +static LTC_INLINE void _rabbit_next_state(rabbit_ctx *p_instance); +static LTC_INLINE void _rabbit_gen_1_block(rabbit_state* st, unsigned char *out); + +/* -------------------------------------------------------------------------- */ + +/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ +/* the upper 32 bits XOR the lower 32 bits */ +static LTC_INLINE ulong32 _rabbit_g_func(ulong32 x) +{ + ulong32 a, b, h, l; + + /* Construct high and low argument for squaring */ + a = x & 0xFFFF; + b = x >> 16; + + /* Calculate high and low result of squaring */ + h = ((((ulong32)(a*a)>>17) + (ulong32)(a*b))>>15) + b*b; + l = x * x; + + /* Return high XOR low */ + return (ulong32)(h^l); +} + +/* -------------------------------------------------------------------------- */ + +/* Calculate the next internal state */ +static LTC_INLINE void _rabbit_next_state(rabbit_ctx *p_instance) +{ + ulong32 g[8], c_old[8], i; + + /* Save old counter values */ + for (i=0; i<8; i++) + c_old[i] = p_instance->c[i]; + + /* Calculate new counter values */ + p_instance->c[0] = (ulong32)(p_instance->c[0] + 0x4D34D34D + p_instance->carry); + p_instance->c[1] = (ulong32)(p_instance->c[1] + 0xD34D34D3 + (p_instance->c[0] < c_old[0])); + p_instance->c[2] = (ulong32)(p_instance->c[2] + 0x34D34D34 + (p_instance->c[1] < c_old[1])); + p_instance->c[3] = (ulong32)(p_instance->c[3] + 0x4D34D34D + (p_instance->c[2] < c_old[2])); + p_instance->c[4] = (ulong32)(p_instance->c[4] + 0xD34D34D3 + (p_instance->c[3] < c_old[3])); + p_instance->c[5] = (ulong32)(p_instance->c[5] + 0x34D34D34 + (p_instance->c[4] < c_old[4])); + p_instance->c[6] = (ulong32)(p_instance->c[6] + 0x4D34D34D + (p_instance->c[5] < c_old[5])); + p_instance->c[7] = (ulong32)(p_instance->c[7] + 0xD34D34D3 + (p_instance->c[6] < c_old[6])); + p_instance->carry = (p_instance->c[7] < c_old[7]); + + /* Calculate the g-values */ + for (i=0;i<8;i++) + g[i] = _rabbit_g_func((ulong32)(p_instance->x[i] + p_instance->c[i])); + + /* Calculate new state values */ + p_instance->x[0] = (ulong32)(g[0] + ROLc(g[7],16) + ROLc(g[6], 16)); + p_instance->x[1] = (ulong32)(g[1] + ROLc(g[0], 8) + g[7]); + p_instance->x[2] = (ulong32)(g[2] + ROLc(g[1],16) + ROLc(g[0], 16)); + p_instance->x[3] = (ulong32)(g[3] + ROLc(g[2], 8) + g[1]); + p_instance->x[4] = (ulong32)(g[4] + ROLc(g[3],16) + ROLc(g[2], 16)); + p_instance->x[5] = (ulong32)(g[5] + ROLc(g[4], 8) + g[3]); + p_instance->x[6] = (ulong32)(g[6] + ROLc(g[5],16) + ROLc(g[4], 16)); + p_instance->x[7] = (ulong32)(g[7] + ROLc(g[6], 8) + g[5]); +} + +/* ------------------------------------------------------------------------- */ + +static LTC_INLINE void _rabbit_gen_1_block(rabbit_state* st, unsigned char *out) +{ + ulong32 *ptr; + + /* Iterate the work context once */ + _rabbit_next_state(&(st->work_ctx)); + + /* Generate 16 bytes of pseudo-random data */ + ptr = (ulong32*)&(st->work_ctx.x); + STORE32L((ptr[0] ^ (ptr[5]>>16) ^ (ulong32)(ptr[3]<<16)), out+ 0); + STORE32L((ptr[2] ^ (ptr[7]>>16) ^ (ulong32)(ptr[5]<<16)), out+ 4); + STORE32L((ptr[4] ^ (ptr[1]>>16) ^ (ulong32)(ptr[7]<<16)), out+ 8); + STORE32L((ptr[6] ^ (ptr[3]>>16) ^ (ulong32)(ptr[1]<<16)), out+12); +} + +/* -------------------------------------------------------------------------- */ + +/* Key setup */ +int rabbit_setup(rabbit_state* st, const unsigned char *key, unsigned long keylen) +{ + ulong32 k0, k1, k2, k3, i; + unsigned char tmpkey[16] = {0}; + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(keylen <= 16); + + /* init state */ + XMEMSET(st, 0, sizeof(rabbit_state)); + + /* pad key in tmpkey */ + XMEMCPY(tmpkey, key, keylen); + + /* Generate four subkeys */ + LOAD32L(k0, tmpkey+ 0); + LOAD32L(k1, tmpkey+ 4); + LOAD32L(k2, tmpkey+ 8); + LOAD32L(k3, tmpkey+12); + +#ifdef LTC_CLEAN_STACK + /* done with tmpkey, wipe it */ + zeromem(tmpkey, sizeof(tmpkey)); +#endif + + /* Generate initial state variables */ + st->master_ctx.x[0] = k0; + st->master_ctx.x[2] = k1; + st->master_ctx.x[4] = k2; + st->master_ctx.x[6] = k3; + st->master_ctx.x[1] = (ulong32)(k3<<16) | (k2>>16); + st->master_ctx.x[3] = (ulong32)(k0<<16) | (k3>>16); + st->master_ctx.x[5] = (ulong32)(k1<<16) | (k0>>16); + st->master_ctx.x[7] = (ulong32)(k2<<16) | (k1>>16); + + /* Generate initial counter values */ + st->master_ctx.c[0] = ROLc(k2, 16); + st->master_ctx.c[2] = ROLc(k3, 16); + st->master_ctx.c[4] = ROLc(k0, 16); + st->master_ctx.c[6] = ROLc(k1, 16); + st->master_ctx.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF); + st->master_ctx.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF); + st->master_ctx.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF); + st->master_ctx.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF); + + /* Clear carry bit */ + st->master_ctx.carry = 0; + + /* Iterate the master context four times */ + for (i=0; i<4; i++) + _rabbit_next_state(&(st->master_ctx)); + + /* Modify the counters */ + for (i=0; i<8; i++) + st->master_ctx.c[i] ^= st->master_ctx.x[(i+4)&0x7]; + + /* Copy master instance to work instance */ + for (i=0; i<8; i++) { + st->work_ctx.x[i] = st->master_ctx.x[i]; + st->work_ctx.c[i] = st->master_ctx.c[i]; + } + st->work_ctx.carry = st->master_ctx.carry; + /* ...and prepare block for crypt() */ + XMEMSET(&(st->block), 0, sizeof(st->block)); + st->unused = 0; + + return CRYPT_OK; +} + +/* -------------------------------------------------------------------------- */ + +/* IV setup */ +int rabbit_setiv(rabbit_state* st, const unsigned char *iv, unsigned long ivlen) +{ + ulong32 i0, i1, i2, i3, i; + unsigned char tmpiv[8] = {0}; + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(iv != NULL || ivlen == 0); + LTC_ARGCHK(ivlen <= 8); + + /* pad iv in tmpiv */ + if (iv && ivlen > 0) XMEMCPY(tmpiv, iv, ivlen); + + /* Generate four subvectors */ + LOAD32L(i0, tmpiv+0); + LOAD32L(i2, tmpiv+4); + i1 = (i0>>16) | (i2&0xFFFF0000); + i3 = (i2<<16) | (i0&0x0000FFFF); + + /* Modify counter values */ + st->work_ctx.c[0] = st->master_ctx.c[0] ^ i0; + st->work_ctx.c[1] = st->master_ctx.c[1] ^ i1; + st->work_ctx.c[2] = st->master_ctx.c[2] ^ i2; + st->work_ctx.c[3] = st->master_ctx.c[3] ^ i3; + st->work_ctx.c[4] = st->master_ctx.c[4] ^ i0; + st->work_ctx.c[5] = st->master_ctx.c[5] ^ i1; + st->work_ctx.c[6] = st->master_ctx.c[6] ^ i2; + st->work_ctx.c[7] = st->master_ctx.c[7] ^ i3; + + /* Copy state variables */ + for (i=0; i<8; i++) + st->work_ctx.x[i] = st->master_ctx.x[i]; + st->work_ctx.carry = st->master_ctx.carry; + + /* Iterate the work context four times */ + for (i=0; i<4; i++) + _rabbit_next_state(&(st->work_ctx)); + + /* reset keystream buffer and unused count */ + XMEMSET(&(st->block), 0, sizeof(st->block)); + st->unused = 0; + + return CRYPT_OK; +} + +/* ------------------------------------------------------------------------- */ + +/* Crypt a chunk of any size (encrypt/decrypt) */ +int rabbit_crypt(rabbit_state* st, const unsigned char *in, unsigned long inlen, unsigned char *out) +{ + unsigned char buf[16]; + unsigned long i, j; + + if (inlen == 0) return CRYPT_OK; /* nothing to do */ + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + + if (st->unused > 0) { + j = MIN(st->unused, inlen); + for (i = 0; i < j; ++i, st->unused--) out[i] = in[i] ^ st->block[16 - st->unused]; + inlen -= j; + if (inlen == 0) return CRYPT_OK; + out += j; + in += j; + } + for (;;) { + /* gen a block for buf */ + _rabbit_gen_1_block(st, buf); + if (inlen <= 16) { + /* XOR and send to out */ + for (i = 0; i < inlen; ++i) out[i] = in[i] ^ buf[i]; + st->unused = 16 - inlen; + /* copy remainder to block */ + for (i = inlen; i < 16; ++i) st->block[i] = buf[i]; + return CRYPT_OK; + } else { + /* XOR entire buf and send to out */ + for (i = 0; i < 16; ++i) out[i] = in[i] ^ buf[i]; + inlen -= 16; + out += 16; + in += 16; + } + } +} + +/* ------------------------------------------------------------------------- */ + +int rabbit_keystream(rabbit_state *st, unsigned char *out, unsigned long outlen) +{ + if (outlen == 0) return CRYPT_OK; /* nothing to do */ + + LTC_ARGCHK(out != NULL); + + XMEMSET(out, 0, outlen); + return rabbit_crypt(st, out, outlen, out); +} + +/* -------------------------------------------------------------------------- */ + +int rabbit_done(rabbit_state *st) +{ + LTC_ARGCHK(st != NULL); + + zeromem(st, sizeof(rabbit_state)); + return CRYPT_OK; +} + +/* -------------------------------------------------------------------------- */ + +int rabbit_test(void) +{ +#ifndef LTC_TEST + return CRYPT_NOP; +#else + rabbit_state st; + int err; + unsigned char out[1000] = { 0 }; + { + /* all 3 tests use key and iv fm set 6, vector 3, the last vector in: + http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/rabbit/verified.test-vectors?rev=210&view=log + */ + + /* --- Test 1 (generate whole blocks) --------------------------------- */ + + { + unsigned char k[] = { 0x0F, 0x62, 0xB5, 0x08, 0x5B, 0xAE, 0x01, 0x54, + 0xA7, 0xFA, 0x4D, 0xA0, 0xF3, 0x46, 0x99, 0xEC }; + unsigned char iv[] = { 0x28, 0x8F, 0xF6, 0x5D, 0xC4, 0x2B, 0x92, 0xF9 }; + char pt[64] = { 0 }; + unsigned char ct[] = { 0x61, 0x3C, 0xB0, 0xBA, 0x96, 0xAF, 0xF6, 0xCA, + 0xCF, 0x2A, 0x45, 0x9A, 0x10, 0x2A, 0x7F, 0x78, + 0xCA, 0x98, 0x5C, 0xF8, 0xFD, 0xD1, 0x47, 0x40, + 0x18, 0x75, 0x8E, 0x36, 0xAE, 0x99, 0x23, 0xF5, + 0x19, 0xD1, 0x3D, 0x71, 0x8D, 0xAF, 0x8D, 0x7C, + 0x0C, 0x10, 0x9B, 0x79, 0xD5, 0x74, 0x94, 0x39, + 0xB7, 0xEF, 0xA4, 0xC4, 0xC9, 0xC8, 0xD2, 0x9D, + 0xC5, 0xB3, 0x88, 0x83, 0x14, 0xA6, 0x81, 0x6F }; + unsigned long ptlen = sizeof(pt); + + /* crypt 64 nulls */ + if ((err = rabbit_setup(&st, k, sizeof(k))) != CRYPT_OK) return err; + if ((err = rabbit_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt, ptlen, out)) != CRYPT_OK) return err; + if (compare_testvector(out, ptlen, ct, ptlen, "RABBIT-TV1", 1)) return CRYPT_FAIL_TESTVECTOR; + } + + /* --- Test 2 (generate unusual number of bytes each time) ------------ */ + + { + unsigned char k[] = { 0x0F, 0x62, 0xB5, 0x08, 0x5B, 0xAE, 0x01, 0x54, + 0xA7, 0xFA, 0x4D, 0xA0, 0xF3, 0x46, 0x99, 0xEC }; + unsigned char iv[] = { 0x28, 0x8F, 0xF6, 0x5D, 0xC4, 0x2B, 0x92, 0xF9 }; + char pt[39] = { 0 }; + unsigned char ct[] = { 0x61, 0x3C, 0xB0, 0xBA, 0x96, 0xAF, 0xF6, 0xCA, + 0xCF, 0x2A, 0x45, 0x9A, 0x10, 0x2A, 0x7F, 0x78, + 0xCA, 0x98, 0x5C, 0xF8, 0xFD, 0xD1, 0x47, 0x40, + 0x18, 0x75, 0x8E, 0x36, 0xAE, 0x99, 0x23, 0xF5, + 0x19, 0xD1, 0x3D, 0x71, 0x8D, 0xAF, 0x8D }; + unsigned long ptlen = sizeof(pt); + + /* crypt piece by piece (hit at least one 16-byte boundary) */ + if ((err = rabbit_setup(&st, k, sizeof(k))) != CRYPT_OK) return err; + if ((err = rabbit_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt, 5, out)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 5, 11, out + 5)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 16, 14, out + 16)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 30, 2, out + 30)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 32, 7, out + 32)) != CRYPT_OK) return err; + if (compare_testvector(out, ptlen, ct, ptlen, "RABBIT-TV2", 1)) return CRYPT_FAIL_TESTVECTOR; + } + + /* --- Test 3 (use non-null data) ------------------------------------- */ + + { + unsigned char k[] = { 0x0F, 0x62, 0xB5, 0x08, 0x5B, 0xAE, 0x01, 0x54, + 0xA7, 0xFA, 0x4D, 0xA0, 0xF3, 0x46, 0x99, 0xEC }; + unsigned char iv[] = { 0x28, 0x8F, 0xF6, 0x5D, 0xC4, 0x2B, 0x92, 0xF9 }; + char pt[] = "Kilroy was here, there, and everywhere!"; + unsigned char ct[] = { 0x2a, 0x55, 0xdc, 0xc8, 0xf9, 0xd6, 0xd6, 0xbd, + 0xae, 0x59, 0x65, 0xf2, 0x75, 0x58, 0x1a, 0x54, + 0xea, 0xec, 0x34, 0x9d, 0x8f, 0xb4, 0x6b, 0x60, + 0x79, 0x1b, 0xea, 0x16, 0xcb, 0xef, 0x46, 0x87, + 0x60, 0xa6, 0x55, 0x14, 0xff, 0xca, 0xac }; + unsigned long ptlen = strlen(pt); + unsigned char out2[1000] = { 0 }; + unsigned char nulls[1000] = { 0 }; + + /* crypt piece by piece */ + if ((err = rabbit_setup(&st, k, sizeof(k))) != CRYPT_OK) return err; + if ((err = rabbit_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt, 5, out)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 5, 29, out + 5)) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, (unsigned char*)pt + 34, 5, out + 34)) != CRYPT_OK) return err; + if (compare_testvector(out, ptlen, ct, ptlen, "RABBIT-TV3", 1)) return CRYPT_FAIL_TESTVECTOR; + /* use 'out' (ciphertext) in the next decryption test */ + + /* --- Test 4 (decrypt ciphertext) ------------------------------------ */ + + /* decrypt ct (out) and compare with pt (start with only setiv() to reset) */ + if ((err = rabbit_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err; + if ((err = rabbit_crypt(&st, out, ptlen, out2)) != CRYPT_OK) return err; + if (compare_testvector(out2, ptlen, pt, ptlen, "RABBIT-TV4", 1)) return CRYPT_FAIL_TESTVECTOR; + + /* --- Test 5 (wipe state, incl key) ---------------------------------- */ + + if ((err = rabbit_done(&st)) != CRYPT_OK) return err; + if (compare_testvector(&st, sizeof(st), nulls, sizeof(st), "RABBIT-TV5", 1)) return CRYPT_FAIL_TESTVECTOR; + + } + + return CRYPT_OK; + } +#endif +} + +/* -------------------------------------------------------------------------- */ + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/rc4/rc4.c b/src/ltc/stream/rc4/rc4_stream.c similarity index 96% rename from src/ltc/stream/rc4/rc4.c rename to src/ltc/stream/rc4/rc4_stream.c index ec174a0..178489d 100644 --- a/src/ltc/stream/rc4/rc4.c +++ b/src/ltc/stream/rc4/rc4_stream.c @@ -105,3 +105,7 @@ int rc4_stream_done(rc4_state *st) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/salsa20/salsa20_crypt.c b/src/ltc/stream/salsa20/salsa20_crypt.c new file mode 100644 index 0000000..9bf2053 --- /dev/null +++ b/src/ltc/stream/salsa20/salsa20_crypt.c @@ -0,0 +1,96 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* The implementation is based on: + * "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf + * and salsa20-ref.c version 20051118 + * Public domain from D. J. Bernstein + */ + +#include "tomcrypt.h" + +#ifdef LTC_SALSA20 + +#define QUARTERROUND(a,b,c,d) \ + x[b] ^= (ROL((x[a] + x[d]), 7)); \ + x[c] ^= (ROL((x[b] + x[a]), 9)); \ + x[d] ^= (ROL((x[c] + x[b]), 13)); \ + x[a] ^= (ROL((x[d] + x[c]), 18)); + +static void _salsa20_block(unsigned char *output, const ulong32 *input, int rounds) +{ + ulong32 x[16]; + int i; + XMEMCPY(x, input, sizeof(x)); + for (i = rounds; i > 0; i -= 2) { + QUARTERROUND( 0, 4, 8,12) + QUARTERROUND( 5, 9,13, 1) + QUARTERROUND(10,14, 2, 6) + QUARTERROUND(15, 3, 7,11) + QUARTERROUND( 0, 1, 2, 3) + QUARTERROUND( 5, 6, 7, 4) + QUARTERROUND(10,11, 8, 9) + QUARTERROUND(15,12,13,14) + } + for (i = 0; i < 16; ++i) { + x[i] += input[i]; + STORE32L(x[i], output + 4 * i); + } +} + +/** + Encrypt (or decrypt) bytes of ciphertext (or plaintext) with Salsa20 + @param st The Salsa20 state + @param in The plaintext (or ciphertext) + @param inlen The length of the input (octets) + @param out [out] The ciphertext (or plaintext), length inlen + @return CRYPT_OK if successful +*/ +int salsa20_crypt(salsa20_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out) +{ + unsigned char buf[64]; + unsigned long i, j; + + if (inlen == 0) return CRYPT_OK; /* nothing to do */ + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(st->ivlen == 8); + + if (st->ksleft > 0) { + j = MIN(st->ksleft, inlen); + for (i = 0; i < j; ++i, st->ksleft--) out[i] = in[i] ^ st->kstream[64 - st->ksleft]; + inlen -= j; + if (inlen == 0) return CRYPT_OK; + out += j; + in += j; + } + for (;;) { + _salsa20_block(buf, st->input, st->rounds); + /* Salsa20: 64-bit IV, increment 64-bit counter */ + if (0 == ++st->input[8] && 0 == ++st->input[9]) return CRYPT_OVERFLOW; + if (inlen <= 64) { + for (i = 0; i < inlen; ++i) out[i] = in[i] ^ buf[i]; + st->ksleft = 64 - inlen; + for (i = inlen; i < 64; ++i) st->kstream[i] = buf[i]; + return CRYPT_OK; + } + for (i = 0; i < 64; ++i) out[i] = in[i] ^ buf[i]; + inlen -= 64; + out += 64; + in += 64; + } +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/salsa20/salsa20_done.c b/src/ltc/stream/salsa20/salsa20_done.c new file mode 100644 index 0000000..4b7a9f9 --- /dev/null +++ b/src/ltc/stream/salsa20/salsa20_done.c @@ -0,0 +1,30 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_SALSA20 + +/** + Terminate and clear Salsa20 state + @param st The Salsa20 state + @return CRYPT_OK on success +*/ +int salsa20_done(salsa20_state *st) +{ + LTC_ARGCHK(st != NULL); + XMEMSET(st, 0, sizeof(salsa20_state)); + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/salsa20/salsa20_ivctr64.c b/src/ltc/stream/salsa20/salsa20_ivctr64.c new file mode 100644 index 0000000..0677153 --- /dev/null +++ b/src/ltc/stream/salsa20/salsa20_ivctr64.c @@ -0,0 +1,48 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* The implementation is based on: + * "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf + * and salsa20-ref.c version 20051118 + * Public domain from D. J. Bernstein + */ + +#include "tomcrypt.h" + +#ifdef LTC_SALSA20 + +/** + Set IV + counter data to the Salsa20 state + @param st The Salsa20 state + @param iv The IV data to add + @param ivlen The length of the IV (must be 8) + @param counter 64bit (unsigned) initial counter value + @return CRYPT_OK on success + */ +int salsa20_ivctr64(salsa20_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter) +{ + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(iv != NULL); + /* Salsa20: 64-bit IV (nonce) + 64-bit counter */ + LTC_ARGCHK(ivlen == 8); + + LOAD32L(st->input[6], iv + 0); + LOAD32L(st->input[7], iv + 4); + st->input[8] = (ulong32)(counter & 0xFFFFFFFF); + st->input[9] = (ulong32)(counter >> 32); + st->ksleft = 0; + st->ivlen = ivlen; + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/salsa20/salsa20_keystream.c b/src/ltc/stream/salsa20/salsa20_keystream.c new file mode 100644 index 0000000..c443a3e --- /dev/null +++ b/src/ltc/stream/salsa20/salsa20_keystream.c @@ -0,0 +1,39 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* The implementation is based on: + * "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf + * and salsa20-ref.c version 20051118 + * Public domain from D. J. Bernstein + */ + +#include "tomcrypt.h" + +#ifdef LTC_SALSA20 + +/** + Generate a stream of random bytes via Salsa20 + @param st The Salsa20 state + @param out [out] The output buffer + @param outlen The output length + @return CRYPT_OK on success + */ +int salsa20_keystream(salsa20_state *st, unsigned char *out, unsigned long outlen) +{ + if (outlen == 0) return CRYPT_OK; /* nothing to do */ + LTC_ARGCHK(out != NULL); + XMEMSET(out, 0, outlen); + return salsa20_crypt(st, out, outlen, out); +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/salsa20/salsa20_setup.c b/src/ltc/stream/salsa20/salsa20_setup.c new file mode 100644 index 0000000..6eb65e8 --- /dev/null +++ b/src/ltc/stream/salsa20/salsa20_setup.c @@ -0,0 +1,69 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* The implementation is based on: + * "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf + * and salsa20-ref.c version 20051118 + * Public domain from D. J. Bernstein + */ + +#include "tomcrypt.h" + +#ifdef LTC_SALSA20 + +static const char * const sigma = "expand 32-byte k"; +static const char * const tau = "expand 16-byte k"; + +/** + Initialize an Salsa20 context (only the key) + @param st [out] The destination of the Salsa20 state + @param key The secret key + @param keylen The length of the secret key (octets) + @param rounds Number of rounds (e.g. 20 for Salsa20) + @return CRYPT_OK if successful +*/ +int salsa20_setup(salsa20_state *st, const unsigned char *key, unsigned long keylen, int rounds) +{ + const char *constants; + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(key != NULL); + LTC_ARGCHK(keylen == 32 || keylen == 16); + + if (rounds == 0) rounds = 20; + LTC_ARGCHK(rounds % 2 == 0); /* number of rounds must be evenly divisible by 2 */ + + LOAD32L(st->input[1], key + 0); + LOAD32L(st->input[2], key + 4); + LOAD32L(st->input[3], key + 8); + LOAD32L(st->input[4], key + 12); + if (keylen == 32) { /* 256bit */ + key += 16; + constants = sigma; + } else { /* 128bit */ + constants = tau; + } + LOAD32L(st->input[11], key + 0); + LOAD32L(st->input[12], key + 4); + LOAD32L(st->input[13], key + 8); + LOAD32L(st->input[14], key + 12); + LOAD32L(st->input[ 0], constants + 0); + LOAD32L(st->input[ 5], constants + 4); + LOAD32L(st->input[10], constants + 8); + LOAD32L(st->input[15], constants + 12); + st->rounds = rounds; /* default is 20 for salsa20 */ + st->ivlen = 0; /* will be set later by salsa20_ivctr(32|64) */ + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/sober128/sober128.c b/src/ltc/stream/sober128/sober128_stream.c similarity index 96% rename from src/ltc/stream/sober128/sober128.c rename to src/ltc/stream/sober128/sober128_stream.c index b192d9a..5c35eda 100644 --- a/src/ltc/stream/sober128/sober128.c +++ b/src/ltc/stream/sober128/sober128_stream.c @@ -5,13 +5,11 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" /** - @file sober128.c + @file sober128_stream.c Implementation of SOBER-128 by Tom St Denis. Based on s128fast.c reference code supplied by Greg Rose of QUALCOMM. */ @@ -205,7 +203,7 @@ int sober128_stream_setup(sober128_state *c, const unsigned char *key, unsigned Set IV to the Sober128 state @param c The Sober12820 state @param iv The IV data to add - @param inlen The length of the IV (must be 12) + @param ivlen The length of the IV (must be 12) @return CRYPT_OK on success */ int sober128_stream_setiv(sober128_state *c, const unsigned char *iv, unsigned long ivlen) @@ -263,7 +261,7 @@ int sober128_stream_crypt(sober128_state *c, const unsigned char *in, unsigned l /* handle any previously buffered bytes */ while (c->nbuf != 0 && inlen != 0) { - *out++ = *in++ ^ (c->sbuf & 0xFF); + *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF); c->sbuf >>= 8; c->nbuf -= 8; --inlen; @@ -311,7 +309,7 @@ int sober128_stream_crypt(sober128_state *c, const unsigned char *in, unsigned l c->sbuf = nltap(c); c->nbuf = 32; while (c->nbuf != 0 && inlen != 0) { - *out++ = *in++ ^ (c->sbuf & 0xFF); + *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF); c->sbuf >>= 8; c->nbuf -= 8; --inlen; @@ -342,3 +340,7 @@ int sober128_stream_done(sober128_state *c) } #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/sober128/sober128tab.c b/src/ltc/stream/sober128/sober128tab.c index 74e4f88..e02ff23 100644 --- a/src/ltc/stream/sober128/sober128tab.c +++ b/src/ltc/stream/sober128/sober128tab.c @@ -1,3 +1,12 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + /** @file sober128tab.c SOBER-128 Tables @@ -162,6 +171,6 @@ static const ulong32 Sbox[256] = { #endif /* __LTC_SOBER128TAB_C__ */ -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/stream/sosemanuk/sosemanuk.c b/src/ltc/stream/sosemanuk/sosemanuk.c new file mode 100644 index 0000000..c445027 --- /dev/null +++ b/src/ltc/stream/sosemanuk/sosemanuk.c @@ -0,0 +1,822 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +/* + * This LTC implementation was adapted from: + * http://www.ecrypt.eu.org/stream/e2-sosemanuk.html + */ + +/* + * SOSEMANUK reference implementation. + * + * This code is supposed to run on any conforming C implementation (C90 + * or later). + * + * (c) 2005 X-CRYPT project. This software is provided 'as-is', without + * any express or implied warranty. In no event will the authors be held + * liable for any damages arising from the use of this software. + * + * Permission is granted to anyone to use this software for any purpose, + * including commercial applications, and to alter it and redistribute it + * freely, subject to no restriction. + * + * Technical remarks and questions can be addressed to + * + */ + +#include "tomcrypt.h" + +#ifdef LTC_SOSEMANUK + +/* ======================================================================== */ + +/* + * We want (and sometimes need) to perform explicit truncations to 32 bits. + */ +#define T32(x) ((x) & (ulong32)0xFFFFFFFF) + +/* + * Some of our functions will be tagged as "inline" to help the compiler + * optimize things. We use "inline" only if the compiler is advanced + * enough to understand it; C99 compilers, and pre-C99 versions of gcc, + * understand enough "inline" for our purposes. + */ + +/* ======================================================================== */ + +/* + * Serpent S-boxes, implemented in bitslice mode. These circuits have + * been published by Dag Arne Osvik ("Speeding up Serpent", published in + * the 3rd AES Candidate Conference) and work on five 32-bit registers: + * the four inputs, and a fifth scratch register. There are meant to be + * quite fast on Pentium-class processors. These are not the fastest + * published, but they are "fast enough" and they are unencumbered as + * far as intellectual property is concerned (note: these are rewritten + * from the article itself, and hence are not covered by the GPL on + * Dag's code, which was not used here). + * + * The output bits are permuted. Here is the correspondance: + * S0: 1420 + * S1: 2031 + * S2: 2314 + * S3: 1234 + * S4: 1403 + * S5: 1302 + * S6: 0142 + * S7: 4310 + * (for instance, the output of S0 is in "r1, r4, r2, r0"). + */ + +#define S0(r0, r1, r2, r3, r4) do { \ + r3 ^= r0; r4 = r1; \ + r1 &= r3; r4 ^= r2; \ + r1 ^= r0; r0 |= r3; \ + r0 ^= r4; r4 ^= r3; \ + r3 ^= r2; r2 |= r1; \ + r2 ^= r4; r4 = ~r4; \ + r4 |= r1; r1 ^= r3; \ + r1 ^= r4; r3 |= r0; \ + r1 ^= r3; r4 ^= r3; \ + } while (0) + +#define S1(r0, r1, r2, r3, r4) do { \ + r0 = ~r0; r2 = ~r2; \ + r4 = r0; r0 &= r1; \ + r2 ^= r0; r0 |= r3; \ + r3 ^= r2; r1 ^= r0; \ + r0 ^= r4; r4 |= r1; \ + r1 ^= r3; r2 |= r0; \ + r2 &= r4; r0 ^= r1; \ + r1 &= r2; \ + r1 ^= r0; r0 &= r2; \ + r0 ^= r4; \ + } while (0) + +#define S2(r0, r1, r2, r3, r4) do { \ + r4 = r0; r0 &= r2; \ + r0 ^= r3; r2 ^= r1; \ + r2 ^= r0; r3 |= r4; \ + r3 ^= r1; r4 ^= r2; \ + r1 = r3; r3 |= r4; \ + r3 ^= r0; r0 &= r1; \ + r4 ^= r0; r1 ^= r3; \ + r1 ^= r4; r4 = ~r4; \ + } while (0) + +#define S3(r0, r1, r2, r3, r4) do { \ + r4 = r0; r0 |= r3; \ + r3 ^= r1; r1 &= r4; \ + r4 ^= r2; r2 ^= r3; \ + r3 &= r0; r4 |= r1; \ + r3 ^= r4; r0 ^= r1; \ + r4 &= r0; r1 ^= r3; \ + r4 ^= r2; r1 |= r0; \ + r1 ^= r2; r0 ^= r3; \ + r2 = r1; r1 |= r3; \ + r1 ^= r0; \ + } while (0) + +#define S4(r0, r1, r2, r3, r4) do { \ + r1 ^= r3; r3 = ~r3; \ + r2 ^= r3; r3 ^= r0; \ + r4 = r1; r1 &= r3; \ + r1 ^= r2; r4 ^= r3; \ + r0 ^= r4; r2 &= r4; \ + r2 ^= r0; r0 &= r1; \ + r3 ^= r0; r4 |= r1; \ + r4 ^= r0; r0 |= r3; \ + r0 ^= r2; r2 &= r3; \ + r0 = ~r0; r4 ^= r2; \ + } while (0) + +#define S5(r0, r1, r2, r3, r4) do { \ + r0 ^= r1; r1 ^= r3; \ + r3 = ~r3; r4 = r1; \ + r1 &= r0; r2 ^= r3; \ + r1 ^= r2; r2 |= r4; \ + r4 ^= r3; r3 &= r1; \ + r3 ^= r0; r4 ^= r1; \ + r4 ^= r2; r2 ^= r0; \ + r0 &= r3; r2 = ~r2; \ + r0 ^= r4; r4 |= r3; \ + r2 ^= r4; \ + } while (0) + +#define S6(r0, r1, r2, r3, r4) do { \ + r2 = ~r2; r4 = r3; \ + r3 &= r0; r0 ^= r4; \ + r3 ^= r2; r2 |= r4; \ + r1 ^= r3; r2 ^= r0; \ + r0 |= r1; r2 ^= r1; \ + r4 ^= r0; r0 |= r3; \ + r0 ^= r2; r4 ^= r3; \ + r4 ^= r0; r3 = ~r3; \ + r2 &= r4; \ + r2 ^= r3; \ + } while (0) + +#define S7(r0, r1, r2, r3, r4) do { \ + r4 = r1; r1 |= r2; \ + r1 ^= r3; r4 ^= r2; \ + r2 ^= r1; r3 |= r4; \ + r3 &= r0; r4 ^= r2; \ + r3 ^= r1; r1 |= r4; \ + r1 ^= r0; r0 |= r4; \ + r0 ^= r2; r1 ^= r4; \ + r2 ^= r1; r1 &= r0; \ + r1 ^= r4; r2 = ~r2; \ + r2 |= r0; \ + r4 ^= r2; \ + } while (0) + +/* + * The Serpent linear transform. + */ +#define SERPENT_LT(x0, x1, x2, x3) do { \ + x0 = ROLc(x0, 13); \ + x2 = ROLc(x2, 3); \ + x1 = x1 ^ x0 ^ x2; \ + x3 = x3 ^ x2 ^ T32(x0 << 3); \ + x1 = ROLc(x1, 1); \ + x3 = ROLc(x3, 7); \ + x0 = x0 ^ x1 ^ x3; \ + x2 = x2 ^ x3 ^ T32(x1 << 7); \ + x0 = ROLc(x0, 5); \ + x2 = ROLc(x2, 22); \ + } while (0) + +/* ======================================================================== */ + +/* + * Initialize Sosemanuk's state by providing a key. The key is an array of + * 1 to 32 bytes. + * @param ss The Sosemanuk state + * @param key Key + * @param keylen Length of key in bytes + * @return CRYPT_OK on success + */ +int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen) +{ + /* + * This key schedule is actually a truncated Serpent key schedule. + * The key-derived words (w_i) are computed within the eight + * local variables w0 to w7, which are reused again and again. + */ + +#define SKS(S, o0, o1, o2, o3, d0, d1, d2, d3) do { \ + ulong32 r0, r1, r2, r3, r4; \ + r0 = w ## o0; \ + r1 = w ## o1; \ + r2 = w ## o2; \ + r3 = w ## o3; \ + S(r0, r1, r2, r3, r4); \ + ss->kc[i ++] = r ## d0; \ + ss->kc[i ++] = r ## d1; \ + ss->kc[i ++] = r ## d2; \ + ss->kc[i ++] = r ## d3; \ + } while (0) + +#define SKS0 SKS(S0, 4, 5, 6, 7, 1, 4, 2, 0) +#define SKS1 SKS(S1, 0, 1, 2, 3, 2, 0, 3, 1) +#define SKS2 SKS(S2, 4, 5, 6, 7, 2, 3, 1, 4) +#define SKS3 SKS(S3, 0, 1, 2, 3, 1, 2, 3, 4) +#define SKS4 SKS(S4, 4, 5, 6, 7, 1, 4, 0, 3) +#define SKS5 SKS(S5, 0, 1, 2, 3, 1, 3, 0, 2) +#define SKS6 SKS(S6, 4, 5, 6, 7, 0, 1, 4, 2) +#define SKS7 SKS(S7, 0, 1, 2, 3, 4, 3, 1, 0) + +#define WUP(wi, wi5, wi3, wi1, cc) do { \ + ulong32 tt = (wi) ^ (wi5) ^ (wi3) \ + ^ (wi1) ^ (0x9E3779B9 ^ (ulong32)(cc)); \ + (wi) = ROLc(tt, 11); \ + } while (0) + +#define WUP0(cc) do { \ + WUP(w0, w3, w5, w7, cc); \ + WUP(w1, w4, w6, w0, cc + 1); \ + WUP(w2, w5, w7, w1, cc + 2); \ + WUP(w3, w6, w0, w2, cc + 3); \ + } while (0) + +#define WUP1(cc) do { \ + WUP(w4, w7, w1, w3, cc); \ + WUP(w5, w0, w2, w4, cc + 1); \ + WUP(w6, w1, w3, w5, cc + 2); \ + WUP(w7, w2, w4, w6, cc + 3); \ + } while (0) + + unsigned char wbuf[32]; + ulong32 w0, w1, w2, w3, w4, w5, w6, w7; + int i = 0; + + LTC_ARGCHK(ss != NULL); + LTC_ARGCHK(key != NULL); + + /* + * The key is copied into the wbuf[] buffer and padded to 256 bits + * as described in the Serpent specification. + */ + if (keylen == 0 || keylen > 32) { + fprintf(stderr, "invalid key size: %lu\n", + (unsigned long)keylen); + exit(EXIT_FAILURE); + } + XMEMCPY(wbuf, key, keylen); + if (keylen < 32) { + wbuf[keylen] = 0x01; + if (keylen < 31) + XMEMSET(wbuf + keylen + 1, 0, 31 - keylen); + } + + LOAD32L(w0, wbuf); + LOAD32L(w1, wbuf + 4); + LOAD32L(w2, wbuf + 8); + LOAD32L(w3, wbuf + 12); + LOAD32L(w4, wbuf + 16); + LOAD32L(w5, wbuf + 20); + LOAD32L(w6, wbuf + 24); + LOAD32L(w7, wbuf + 28); + + WUP0(0); SKS3; + WUP1(4); SKS2; + WUP0(8); SKS1; + WUP1(12); SKS0; + WUP0(16); SKS7; + WUP1(20); SKS6; + WUP0(24); SKS5; + WUP1(28); SKS4; + WUP0(32); SKS3; + WUP1(36); SKS2; + WUP0(40); SKS1; + WUP1(44); SKS0; + WUP0(48); SKS7; + WUP1(52); SKS6; + WUP0(56); SKS5; + WUP1(60); SKS4; + WUP0(64); SKS3; + WUP1(68); SKS2; + WUP0(72); SKS1; + WUP1(76); SKS0; + WUP0(80); SKS7; + WUP1(84); SKS6; + WUP0(88); SKS5; + WUP1(92); SKS4; + WUP0(96); SKS3; + +#undef SKS +#undef SKS0 +#undef SKS1 +#undef SKS2 +#undef SKS3 +#undef SKS4 +#undef SKS5 +#undef SKS6 +#undef SKS7 +#undef WUP +#undef WUP0 +#undef WUP1 + + /* + * Initialize with a zero-value iv to ensure state is correct in the + * event user fails to call setiv(). + */ + return sosemanuk_setiv(ss, NULL, 0); +} + + +/* + * Initialization continues by setting the IV. The IV length is up to 16 bytes. + * If "ivlen" is 0 (no IV), then the "iv" parameter can be NULL. If multiple + * encryptions/decryptions are to be performed with the same key and + * sosemanuk_done() has not been called, only sosemanuk_setiv() need be called + * to set the state. + * @param ss The Sosemanuk state + * @param iv Initialization vector + * @param ivlen Length of iv in bytes + * @return CRYPT_OK on success + */ +int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen) +{ + + /* + * The Serpent key addition step. + */ +#define KA(zc, x0, x1, x2, x3) do { \ + x0 ^= ss->kc[(zc)]; \ + x1 ^= ss->kc[(zc) + 1]; \ + x2 ^= ss->kc[(zc) + 2]; \ + x3 ^= ss->kc[(zc) + 3]; \ + } while (0) + + /* + * One Serpent round. + * zc = current subkey counter + * S = S-box macro for this round + * i0 to i4 = input register numbers (the fifth is a scratch register) + * o0 to o3 = output register numbers + */ +#define FSS(zc, S, i0, i1, i2, i3, i4, o0, o1, o2, o3) do { \ + KA(zc, r ## i0, r ## i1, r ## i2, r ## i3); \ + S(r ## i0, r ## i1, r ## i2, r ## i3, r ## i4); \ + SERPENT_LT(r ## o0, r ## o1, r ## o2, r ## o3); \ + } while (0) + + /* + * Last Serpent round. Contrary to the "true" Serpent, we keep + * the linear transformation for that last round. + */ +#define FSF(zc, S, i0, i1, i2, i3, i4, o0, o1, o2, o3) do { \ + KA(zc, r ## i0, r ## i1, r ## i2, r ## i3); \ + S(r ## i0, r ## i1, r ## i2, r ## i3, r ## i4); \ + SERPENT_LT(r ## o0, r ## o1, r ## o2, r ## o3); \ + KA(zc + 4, r ## o0, r ## o1, r ## o2, r ## o3); \ + } while (0) + + ulong32 r0, r1, r2, r3, r4; + unsigned char ivtmp[16] = {0}; + + LTC_ARGCHK(ss != NULL); + LTC_ARGCHK(ivlen <= 16); + LTC_ARGCHK(iv != NULL || ivlen == 0); + + if (ivlen > 0) XMEMCPY(ivtmp, iv, ivlen); + + /* + * Decode IV into four 32-bit words (little-endian). + */ + LOAD32L(r0, ivtmp); + LOAD32L(r1, ivtmp + 4); + LOAD32L(r2, ivtmp + 8); + LOAD32L(r3, ivtmp + 12); + + /* + * Encrypt IV with Serpent24. Some values are extracted from the + * output of the twelfth, eighteenth and twenty-fourth rounds. + */ + FSS(0, S0, 0, 1, 2, 3, 4, 1, 4, 2, 0); + FSS(4, S1, 1, 4, 2, 0, 3, 2, 1, 0, 4); + FSS(8, S2, 2, 1, 0, 4, 3, 0, 4, 1, 3); + FSS(12, S3, 0, 4, 1, 3, 2, 4, 1, 3, 2); + FSS(16, S4, 4, 1, 3, 2, 0, 1, 0, 4, 2); + FSS(20, S5, 1, 0, 4, 2, 3, 0, 2, 1, 4); + FSS(24, S6, 0, 2, 1, 4, 3, 0, 2, 3, 1); + FSS(28, S7, 0, 2, 3, 1, 4, 4, 1, 2, 0); + FSS(32, S0, 4, 1, 2, 0, 3, 1, 3, 2, 4); + FSS(36, S1, 1, 3, 2, 4, 0, 2, 1, 4, 3); + FSS(40, S2, 2, 1, 4, 3, 0, 4, 3, 1, 0); + FSS(44, S3, 4, 3, 1, 0, 2, 3, 1, 0, 2); + ss->s09 = r3; + ss->s08 = r1; + ss->s07 = r0; + ss->s06 = r2; + + FSS(48, S4, 3, 1, 0, 2, 4, 1, 4, 3, 2); + FSS(52, S5, 1, 4, 3, 2, 0, 4, 2, 1, 3); + FSS(56, S6, 4, 2, 1, 3, 0, 4, 2, 0, 1); + FSS(60, S7, 4, 2, 0, 1, 3, 3, 1, 2, 4); + FSS(64, S0, 3, 1, 2, 4, 0, 1, 0, 2, 3); + FSS(68, S1, 1, 0, 2, 3, 4, 2, 1, 3, 0); + ss->r1 = r2; + ss->s04 = r1; + ss->r2 = r3; + ss->s05 = r0; + + FSS(72, S2, 2, 1, 3, 0, 4, 3, 0, 1, 4); + FSS(76, S3, 3, 0, 1, 4, 2, 0, 1, 4, 2); + FSS(80, S4, 0, 1, 4, 2, 3, 1, 3, 0, 2); + FSS(84, S5, 1, 3, 0, 2, 4, 3, 2, 1, 0); + FSS(88, S6, 3, 2, 1, 0, 4, 3, 2, 4, 1); + FSF(92, S7, 3, 2, 4, 1, 0, 0, 1, 2, 3); + ss->s03 = r0; + ss->s02 = r1; + ss->s01 = r2; + ss->s00 = r3; + + ss->ptr = sizeof(ss->buf); + +#undef KA +#undef FSS +#undef FSF + + return CRYPT_OK; +} + +/* + * Multiplication by alpha: alpha * x = T32(x << 8) ^ mul_a[x >> 24] + */ +static const ulong32 mul_a[] = { + 0x00000000, 0xE19FCF13, 0x6B973726, 0x8A08F835, + 0xD6876E4C, 0x3718A15F, 0xBD10596A, 0x5C8F9679, + 0x05A7DC98, 0xE438138B, 0x6E30EBBE, 0x8FAF24AD, + 0xD320B2D4, 0x32BF7DC7, 0xB8B785F2, 0x59284AE1, + 0x0AE71199, 0xEB78DE8A, 0x617026BF, 0x80EFE9AC, + 0xDC607FD5, 0x3DFFB0C6, 0xB7F748F3, 0x566887E0, + 0x0F40CD01, 0xEEDF0212, 0x64D7FA27, 0x85483534, + 0xD9C7A34D, 0x38586C5E, 0xB250946B, 0x53CF5B78, + 0x1467229B, 0xF5F8ED88, 0x7FF015BD, 0x9E6FDAAE, + 0xC2E04CD7, 0x237F83C4, 0xA9777BF1, 0x48E8B4E2, + 0x11C0FE03, 0xF05F3110, 0x7A57C925, 0x9BC80636, + 0xC747904F, 0x26D85F5C, 0xACD0A769, 0x4D4F687A, + 0x1E803302, 0xFF1FFC11, 0x75170424, 0x9488CB37, + 0xC8075D4E, 0x2998925D, 0xA3906A68, 0x420FA57B, + 0x1B27EF9A, 0xFAB82089, 0x70B0D8BC, 0x912F17AF, + 0xCDA081D6, 0x2C3F4EC5, 0xA637B6F0, 0x47A879E3, + 0x28CE449F, 0xC9518B8C, 0x435973B9, 0xA2C6BCAA, + 0xFE492AD3, 0x1FD6E5C0, 0x95DE1DF5, 0x7441D2E6, + 0x2D699807, 0xCCF65714, 0x46FEAF21, 0xA7616032, + 0xFBEEF64B, 0x1A713958, 0x9079C16D, 0x71E60E7E, + 0x22295506, 0xC3B69A15, 0x49BE6220, 0xA821AD33, + 0xF4AE3B4A, 0x1531F459, 0x9F390C6C, 0x7EA6C37F, + 0x278E899E, 0xC611468D, 0x4C19BEB8, 0xAD8671AB, + 0xF109E7D2, 0x109628C1, 0x9A9ED0F4, 0x7B011FE7, + 0x3CA96604, 0xDD36A917, 0x573E5122, 0xB6A19E31, + 0xEA2E0848, 0x0BB1C75B, 0x81B93F6E, 0x6026F07D, + 0x390EBA9C, 0xD891758F, 0x52998DBA, 0xB30642A9, + 0xEF89D4D0, 0x0E161BC3, 0x841EE3F6, 0x65812CE5, + 0x364E779D, 0xD7D1B88E, 0x5DD940BB, 0xBC468FA8, + 0xE0C919D1, 0x0156D6C2, 0x8B5E2EF7, 0x6AC1E1E4, + 0x33E9AB05, 0xD2766416, 0x587E9C23, 0xB9E15330, + 0xE56EC549, 0x04F10A5A, 0x8EF9F26F, 0x6F663D7C, + 0x50358897, 0xB1AA4784, 0x3BA2BFB1, 0xDA3D70A2, + 0x86B2E6DB, 0x672D29C8, 0xED25D1FD, 0x0CBA1EEE, + 0x5592540F, 0xB40D9B1C, 0x3E056329, 0xDF9AAC3A, + 0x83153A43, 0x628AF550, 0xE8820D65, 0x091DC276, + 0x5AD2990E, 0xBB4D561D, 0x3145AE28, 0xD0DA613B, + 0x8C55F742, 0x6DCA3851, 0xE7C2C064, 0x065D0F77, + 0x5F754596, 0xBEEA8A85, 0x34E272B0, 0xD57DBDA3, + 0x89F22BDA, 0x686DE4C9, 0xE2651CFC, 0x03FAD3EF, + 0x4452AA0C, 0xA5CD651F, 0x2FC59D2A, 0xCE5A5239, + 0x92D5C440, 0x734A0B53, 0xF942F366, 0x18DD3C75, + 0x41F57694, 0xA06AB987, 0x2A6241B2, 0xCBFD8EA1, + 0x977218D8, 0x76EDD7CB, 0xFCE52FFE, 0x1D7AE0ED, + 0x4EB5BB95, 0xAF2A7486, 0x25228CB3, 0xC4BD43A0, + 0x9832D5D9, 0x79AD1ACA, 0xF3A5E2FF, 0x123A2DEC, + 0x4B12670D, 0xAA8DA81E, 0x2085502B, 0xC11A9F38, + 0x9D950941, 0x7C0AC652, 0xF6023E67, 0x179DF174, + 0x78FBCC08, 0x9964031B, 0x136CFB2E, 0xF2F3343D, + 0xAE7CA244, 0x4FE36D57, 0xC5EB9562, 0x24745A71, + 0x7D5C1090, 0x9CC3DF83, 0x16CB27B6, 0xF754E8A5, + 0xABDB7EDC, 0x4A44B1CF, 0xC04C49FA, 0x21D386E9, + 0x721CDD91, 0x93831282, 0x198BEAB7, 0xF81425A4, + 0xA49BB3DD, 0x45047CCE, 0xCF0C84FB, 0x2E934BE8, + 0x77BB0109, 0x9624CE1A, 0x1C2C362F, 0xFDB3F93C, + 0xA13C6F45, 0x40A3A056, 0xCAAB5863, 0x2B349770, + 0x6C9CEE93, 0x8D032180, 0x070BD9B5, 0xE69416A6, + 0xBA1B80DF, 0x5B844FCC, 0xD18CB7F9, 0x301378EA, + 0x693B320B, 0x88A4FD18, 0x02AC052D, 0xE333CA3E, + 0xBFBC5C47, 0x5E239354, 0xD42B6B61, 0x35B4A472, + 0x667BFF0A, 0x87E43019, 0x0DECC82C, 0xEC73073F, + 0xB0FC9146, 0x51635E55, 0xDB6BA660, 0x3AF46973, + 0x63DC2392, 0x8243EC81, 0x084B14B4, 0xE9D4DBA7, + 0xB55B4DDE, 0x54C482CD, 0xDECC7AF8, 0x3F53B5EB +}; + +/* + * Multiplication by 1/alpha: 1/alpha * x = (x >> 8) ^ mul_ia[x & 0xFF] + */ +static const ulong32 mul_ia[] = { + 0x00000000, 0x180F40CD, 0x301E8033, 0x2811C0FE, + 0x603CA966, 0x7833E9AB, 0x50222955, 0x482D6998, + 0xC078FBCC, 0xD877BB01, 0xF0667BFF, 0xE8693B32, + 0xA04452AA, 0xB84B1267, 0x905AD299, 0x88559254, + 0x29F05F31, 0x31FF1FFC, 0x19EEDF02, 0x01E19FCF, + 0x49CCF657, 0x51C3B69A, 0x79D27664, 0x61DD36A9, + 0xE988A4FD, 0xF187E430, 0xD99624CE, 0xC1996403, + 0x89B40D9B, 0x91BB4D56, 0xB9AA8DA8, 0xA1A5CD65, + 0x5249BE62, 0x4A46FEAF, 0x62573E51, 0x7A587E9C, + 0x32751704, 0x2A7A57C9, 0x026B9737, 0x1A64D7FA, + 0x923145AE, 0x8A3E0563, 0xA22FC59D, 0xBA208550, + 0xF20DECC8, 0xEA02AC05, 0xC2136CFB, 0xDA1C2C36, + 0x7BB9E153, 0x63B6A19E, 0x4BA76160, 0x53A821AD, + 0x1B854835, 0x038A08F8, 0x2B9BC806, 0x339488CB, + 0xBBC11A9F, 0xA3CE5A52, 0x8BDF9AAC, 0x93D0DA61, + 0xDBFDB3F9, 0xC3F2F334, 0xEBE333CA, 0xF3EC7307, + 0xA492D5C4, 0xBC9D9509, 0x948C55F7, 0x8C83153A, + 0xC4AE7CA2, 0xDCA13C6F, 0xF4B0FC91, 0xECBFBC5C, + 0x64EA2E08, 0x7CE56EC5, 0x54F4AE3B, 0x4CFBEEF6, + 0x04D6876E, 0x1CD9C7A3, 0x34C8075D, 0x2CC74790, + 0x8D628AF5, 0x956DCA38, 0xBD7C0AC6, 0xA5734A0B, + 0xED5E2393, 0xF551635E, 0xDD40A3A0, 0xC54FE36D, + 0x4D1A7139, 0x551531F4, 0x7D04F10A, 0x650BB1C7, + 0x2D26D85F, 0x35299892, 0x1D38586C, 0x053718A1, + 0xF6DB6BA6, 0xEED42B6B, 0xC6C5EB95, 0xDECAAB58, + 0x96E7C2C0, 0x8EE8820D, 0xA6F942F3, 0xBEF6023E, + 0x36A3906A, 0x2EACD0A7, 0x06BD1059, 0x1EB25094, + 0x569F390C, 0x4E9079C1, 0x6681B93F, 0x7E8EF9F2, + 0xDF2B3497, 0xC724745A, 0xEF35B4A4, 0xF73AF469, + 0xBF179DF1, 0xA718DD3C, 0x8F091DC2, 0x97065D0F, + 0x1F53CF5B, 0x075C8F96, 0x2F4D4F68, 0x37420FA5, + 0x7F6F663D, 0x676026F0, 0x4F71E60E, 0x577EA6C3, + 0xE18D0321, 0xF98243EC, 0xD1938312, 0xC99CC3DF, + 0x81B1AA47, 0x99BEEA8A, 0xB1AF2A74, 0xA9A06AB9, + 0x21F5F8ED, 0x39FAB820, 0x11EB78DE, 0x09E43813, + 0x41C9518B, 0x59C61146, 0x71D7D1B8, 0x69D89175, + 0xC87D5C10, 0xD0721CDD, 0xF863DC23, 0xE06C9CEE, + 0xA841F576, 0xB04EB5BB, 0x985F7545, 0x80503588, + 0x0805A7DC, 0x100AE711, 0x381B27EF, 0x20146722, + 0x68390EBA, 0x70364E77, 0x58278E89, 0x4028CE44, + 0xB3C4BD43, 0xABCBFD8E, 0x83DA3D70, 0x9BD57DBD, + 0xD3F81425, 0xCBF754E8, 0xE3E69416, 0xFBE9D4DB, + 0x73BC468F, 0x6BB30642, 0x43A2C6BC, 0x5BAD8671, + 0x1380EFE9, 0x0B8FAF24, 0x239E6FDA, 0x3B912F17, + 0x9A34E272, 0x823BA2BF, 0xAA2A6241, 0xB225228C, + 0xFA084B14, 0xE2070BD9, 0xCA16CB27, 0xD2198BEA, + 0x5A4C19BE, 0x42435973, 0x6A52998D, 0x725DD940, + 0x3A70B0D8, 0x227FF015, 0x0A6E30EB, 0x12617026, + 0x451FD6E5, 0x5D109628, 0x750156D6, 0x6D0E161B, + 0x25237F83, 0x3D2C3F4E, 0x153DFFB0, 0x0D32BF7D, + 0x85672D29, 0x9D686DE4, 0xB579AD1A, 0xAD76EDD7, + 0xE55B844F, 0xFD54C482, 0xD545047C, 0xCD4A44B1, + 0x6CEF89D4, 0x74E0C919, 0x5CF109E7, 0x44FE492A, + 0x0CD320B2, 0x14DC607F, 0x3CCDA081, 0x24C2E04C, + 0xAC977218, 0xB49832D5, 0x9C89F22B, 0x8486B2E6, + 0xCCABDB7E, 0xD4A49BB3, 0xFCB55B4D, 0xE4BA1B80, + 0x17566887, 0x0F59284A, 0x2748E8B4, 0x3F47A879, + 0x776AC1E1, 0x6F65812C, 0x477441D2, 0x5F7B011F, + 0xD72E934B, 0xCF21D386, 0xE7301378, 0xFF3F53B5, + 0xB7123A2D, 0xAF1D7AE0, 0x870CBA1E, 0x9F03FAD3, + 0x3EA637B6, 0x26A9777B, 0x0EB8B785, 0x16B7F748, + 0x5E9A9ED0, 0x4695DE1D, 0x6E841EE3, 0x768B5E2E, + 0xFEDECC7A, 0xE6D18CB7, 0xCEC04C49, 0xD6CF0C84, + 0x9EE2651C, 0x86ED25D1, 0xAEFCE52F, 0xB6F3A5E2 +}; + + +/* + * Compute the next block of bits of output stream. This is equivalent + * to one full rotation of the shift register. + */ +static LTC_INLINE void _sosemanuk_internal(sosemanuk_state *ss) +{ + /* + * MUL_A(x) computes alpha * x (in F_{2^32}). + * MUL_G(x) computes 1/alpha * x (in F_{2^32}). + */ +#define MUL_A(x) (T32((x) << 8) ^ mul_a[(x) >> 24]) +#define MUL_G(x) (((x) >> 8) ^ mul_ia[(x) & 0xFF]) + + /* + * This macro computes the special multiplexer, which chooses + * between "x" and "x xor y", depending on the least significant + * bit of the control word. We use the C "?:" selection operator + * (which most compilers know how to optimise) except for Alpha, + * where the manual sign extension seems to perform equally well + * with DEC/Compaq/HP compiler, and much better with gcc. + */ +#ifdef __alpha +#define XMUX(c, x, y) ((((signed int)((c) << 31) >> 31) & (y)) ^ (x)) +#else +#define XMUX(c, x, y) (((c) & 0x1) ? ((x) ^ (y)) : (x)) +#endif + + /* + * FSM() updates the finite state machine. + */ +#define FSM(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9) do { \ + ulong32 tt, or1; \ + tt = XMUX(r1, s ## x1, s ## x8); \ + or1 = r1; \ + r1 = T32(r2 + tt); \ + tt = T32(or1 * 0x54655307); \ + r2 = ROLc(tt, 7); \ + } while (0) + + /* + * LRU updates the shift register; the dropped value is stored + * in variable "dd". + */ +#define LRU(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd) do { \ + dd = s ## x0; \ + s ## x0 = MUL_A(s ## x0) ^ MUL_G(s ## x3) ^ s ## x9; \ + } while (0) + + /* + * CC1 stores into variable "ee" the next intermediate word + * (combination of the new states of the LFSR and the FSM). + */ +#define CC1(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, ee) do { \ + ee = T32(s ## x9 + r1) ^ r2; \ + } while (0) + + /* + * STEP computes one internal round. "dd" receives the "s_t" + * value (dropped from the LFSR) and "ee" gets the value computed + * from the LFSR and FSM. + */ +#define STEP(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd, ee) do { \ + FSM(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9); \ + LRU(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd); \ + CC1(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, ee); \ + } while (0) + + /* + * Apply one Serpent round (with the provided S-box macro), XOR + * the result with the "v" values, and encode the result into + * the destination buffer, at the provided offset. The "x*" + * arguments encode the output permutation of the "S" macro. + */ +#define SRD(S, x0, x1, x2, x3, ooff) do { \ + S(u0, u1, u2, u3, u4); \ + STORE32L(u ## x0 ^ v0, ss->buf + ooff); \ + STORE32L(u ## x1 ^ v1, ss->buf + ooff + 4); \ + STORE32L(u ## x2 ^ v2, ss->buf + ooff + 8); \ + STORE32L(u ## x3 ^ v3, ss->buf + ooff + 12); \ + } while (0) + + ulong32 s00 = ss->s00; + ulong32 s01 = ss->s01; + ulong32 s02 = ss->s02; + ulong32 s03 = ss->s03; + ulong32 s04 = ss->s04; + ulong32 s05 = ss->s05; + ulong32 s06 = ss->s06; + ulong32 s07 = ss->s07; + ulong32 s08 = ss->s08; + ulong32 s09 = ss->s09; + ulong32 r1 = ss->r1; + ulong32 r2 = ss->r2; + ulong32 u0, u1, u2, u3, u4; + ulong32 v0, v1, v2, v3; + + STEP(00, 01, 02, 03, 04, 05, 06, 07, 08, 09, v0, u0); + STEP(01, 02, 03, 04, 05, 06, 07, 08, 09, 00, v1, u1); + STEP(02, 03, 04, 05, 06, 07, 08, 09, 00, 01, v2, u2); + STEP(03, 04, 05, 06, 07, 08, 09, 00, 01, 02, v3, u3); + SRD(S2, 2, 3, 1, 4, 0); + STEP(04, 05, 06, 07, 08, 09, 00, 01, 02, 03, v0, u0); + STEP(05, 06, 07, 08, 09, 00, 01, 02, 03, 04, v1, u1); + STEP(06, 07, 08, 09, 00, 01, 02, 03, 04, 05, v2, u2); + STEP(07, 08, 09, 00, 01, 02, 03, 04, 05, 06, v3, u3); + SRD(S2, 2, 3, 1, 4, 16); + STEP(08, 09, 00, 01, 02, 03, 04, 05, 06, 07, v0, u0); + STEP(09, 00, 01, 02, 03, 04, 05, 06, 07, 08, v1, u1); + STEP(00, 01, 02, 03, 04, 05, 06, 07, 08, 09, v2, u2); + STEP(01, 02, 03, 04, 05, 06, 07, 08, 09, 00, v3, u3); + SRD(S2, 2, 3, 1, 4, 32); + STEP(02, 03, 04, 05, 06, 07, 08, 09, 00, 01, v0, u0); + STEP(03, 04, 05, 06, 07, 08, 09, 00, 01, 02, v1, u1); + STEP(04, 05, 06, 07, 08, 09, 00, 01, 02, 03, v2, u2); + STEP(05, 06, 07, 08, 09, 00, 01, 02, 03, 04, v3, u3); + SRD(S2, 2, 3, 1, 4, 48); + STEP(06, 07, 08, 09, 00, 01, 02, 03, 04, 05, v0, u0); + STEP(07, 08, 09, 00, 01, 02, 03, 04, 05, 06, v1, u1); + STEP(08, 09, 00, 01, 02, 03, 04, 05, 06, 07, v2, u2); + STEP(09, 00, 01, 02, 03, 04, 05, 06, 07, 08, v3, u3); + SRD(S2, 2, 3, 1, 4, 64); + + ss->s00 = s00; + ss->s01 = s01; + ss->s02 = s02; + ss->s03 = s03; + ss->s04 = s04; + ss->s05 = s05; + ss->s06 = s06; + ss->s07 = s07; + ss->s08 = s08; + ss->s09 = s09; + ss->r1 = r1; + ss->r2 = r2; +} + +/* + * Combine buffers in1[] and in2[] by XOR, result in out[]. The length + * is "datalen" (in bytes). Partial overlap of out[] with either in1[] + * or in2[] is not allowed. Total overlap (out == in1 and/or out == in2) + * is allowed. + */ +static LTC_INLINE void _xorbuf(const unsigned char *in1, const unsigned char *in2, + unsigned char *out, unsigned long datalen) +{ + while (datalen -- > 0) + *out ++ = *in1 ++ ^ *in2 ++; +} + + +/* + * Cipher operation, as a stream cipher: data is read from the "in" + * buffer, combined by XOR with the stream, and the result is written + * in the "out" buffer. "in" and "out" must be either equal, or + * reference distinct buffers (no partial overlap is allowed). + * @param ss The Sosemanuk state + * @param in Data in + * @param inlen Length of data in bytes + * @param out Data out + * @return CRYPT_OK on success + */ +int sosemanuk_crypt(sosemanuk_state *ss, + const unsigned char *in, unsigned long inlen, unsigned char *out) +{ + LTC_ARGCHK(ss != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + + if (ss->ptr < (sizeof(ss->buf))) { + unsigned long rlen = (sizeof(ss->buf)) - ss->ptr; + + if (rlen > inlen) + rlen = inlen; + _xorbuf(ss->buf + ss->ptr, in, out, rlen); + in += rlen; + out += rlen; + inlen -= rlen; + ss->ptr += rlen; + } + while (inlen > 0) { + _sosemanuk_internal(ss); + if (inlen >= sizeof(ss->buf)) { + _xorbuf(ss->buf, in, out, sizeof(ss->buf)); + in += sizeof(ss->buf); + out += sizeof(ss->buf); + inlen -= sizeof(ss->buf); + } else { + _xorbuf(ss->buf, in, out, inlen); + ss->ptr = inlen; + inlen = 0; + } + } + return CRYPT_OK; +} + + + +/* + * Cipher operation, as a PRNG: the provided output buffer is filled with + * pseudo-random bytes as output from the stream cipher. + * @param ss The Sosemanuk state + * @param out Data out + * @param outlen Length of output in bytes + * @return CRYPT_OK on success + */ +int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen) +{ + if (outlen == 0) return CRYPT_OK; /* nothing to do */ + LTC_ARGCHK(out != NULL); + XMEMSET(out, 0, outlen); + return sosemanuk_crypt(ss, out, outlen, out); +} + + +/* + * Terminate and clear Sosemanuk key context + * @param ss The Sosemanuk state + * @return CRYPT_OK on success + */ +int sosemanuk_done(sosemanuk_state *ss) +{ + LTC_ARGCHK(ss != NULL); + XMEMSET(ss, 0, sizeof(sosemanuk_state)); + return CRYPT_OK; +} + + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_error.c b/src/ltm/bn_error.c index 3abf1a7..7e816bf 100644 --- a/src/ltm/bn_error.c +++ b/src/ltm/bn_error.c @@ -16,24 +16,24 @@ */ static const struct { - int code; - const char *msg; + int code; + const char *msg; } msgs[] = { - { MP_OKAY, "Successful" }, - { MP_MEM, "Out of heap" }, - { MP_VAL, "Value out of range" } + { MP_OKAY, "Successful" }, + { MP_MEM, "Out of heap" }, + { MP_VAL, "Value out of range" } }; /* return a char * string for a given code */ const char *mp_error_to_string(int code) { - int x; + size_t x; /* scan the lookup table for the given message */ - for (x = 0; x < (int)(sizeof(msgs) / sizeof(msgs[0])); x++) { - if (msgs[x].code == code) { - return msgs[x].msg; - } + for (x = 0; x < (sizeof(msgs) / sizeof(msgs[0])); x++) { + if (msgs[x].code == code) { + return msgs[x].msg; + } } /* generic reply for invalid code */ @@ -42,6 +42,6 @@ const char *mp_error_to_string(int code) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_fast_mp_invmod.c b/src/ltm/bn_fast_mp_invmod.c index aa41098..6be44f8 100644 --- a/src/ltm/bn_fast_mp_invmod.c +++ b/src/ltm/bn_fast_mp_invmod.c @@ -15,134 +15,141 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* computes the modular inverse via binary extended euclidean algorithm, - * that is c = 1/a mod b +/* computes the modular inverse via binary extended euclidean algorithm, + * that is c = 1/a mod b * - * Based on slow invmod except this is optimized for the case where b is + * Based on slow invmod except this is optimized for the case where b is * odd as per HAC Note 14.64 on pp. 610 */ -int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c) +int fast_mp_invmod(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int x, y, u, v, B, D; - int res, neg; + mp_int x, y, u, v, B, D; + int res, neg; - /* 2. [modified] b must be odd */ - if (mp_iseven (b) == MP_YES) { - return MP_VAL; - } + /* 2. [modified] b must be odd */ + if (mp_iseven(b) == MP_YES) { + return MP_VAL; + } - /* init all our temps */ - if ((res = mp_init_multi(&x, &y, &u, &v, &B, &D, NULL)) != MP_OKAY) { - return res; - } + /* init all our temps */ + if ((res = mp_init_multi(&x, &y, &u, &v, &B, &D, NULL)) != MP_OKAY) { + return res; + } - /* x == modulus, y == value to invert */ - if ((res = mp_copy (b, &x)) != MP_OKAY) { - goto LBL_ERR; - } + /* x == modulus, y == value to invert */ + if ((res = mp_copy(b, &x)) != MP_OKAY) { + goto LBL_ERR; + } - /* we need y = |a| */ - if ((res = mp_mod (a, b, &y)) != MP_OKAY) { - goto LBL_ERR; - } + /* we need y = |a| */ + if ((res = mp_mod(a, b, &y)) != MP_OKAY) { + goto LBL_ERR; + } - /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ - if ((res = mp_copy (&x, &u)) != MP_OKAY) { - goto LBL_ERR; - } - if ((res = mp_copy (&y, &v)) != MP_OKAY) { - goto LBL_ERR; - } - mp_set (&D, 1); + /* if one of x,y is zero return an error! */ + if ((mp_iszero(&x) == MP_YES) || (mp_iszero(&y) == MP_YES)) { + res = MP_VAL; + goto LBL_ERR; + } + + /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ + if ((res = mp_copy(&x, &u)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_copy(&y, &v)) != MP_OKAY) { + goto LBL_ERR; + } + mp_set(&D, 1uL); top: - /* 4. while u is even do */ - while (mp_iseven (&u) == MP_YES) { - /* 4.1 u = u/2 */ - if ((res = mp_div_2 (&u, &u)) != MP_OKAY) { - goto LBL_ERR; - } - /* 4.2 if B is odd then */ - if (mp_isodd (&B) == MP_YES) { - if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) { - goto LBL_ERR; + /* 4. while u is even do */ + while (mp_iseven(&u) == MP_YES) { + /* 4.1 u = u/2 */ + if ((res = mp_div_2(&u, &u)) != MP_OKAY) { + goto LBL_ERR; } - } - /* B = B/2 */ - if ((res = mp_div_2 (&B, &B)) != MP_OKAY) { - goto LBL_ERR; - } - } - - /* 5. while v is even do */ - while (mp_iseven (&v) == MP_YES) { - /* 5.1 v = v/2 */ - if ((res = mp_div_2 (&v, &v)) != MP_OKAY) { - goto LBL_ERR; - } - /* 5.2 if D is odd then */ - if (mp_isodd (&D) == MP_YES) { - /* D = (D-x)/2 */ - if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) { - goto LBL_ERR; + /* 4.2 if B is odd then */ + if (mp_isodd(&B) == MP_YES) { + if ((res = mp_sub(&B, &x, &B)) != MP_OKAY) { + goto LBL_ERR; + } } - } - /* D = D/2 */ - if ((res = mp_div_2 (&D, &D)) != MP_OKAY) { + /* B = B/2 */ + if ((res = mp_div_2(&B, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 5. while v is even do */ + while (mp_iseven(&v) == MP_YES) { + /* 5.1 v = v/2 */ + if ((res = mp_div_2(&v, &v)) != MP_OKAY) { + goto LBL_ERR; + } + /* 5.2 if D is odd then */ + if (mp_isodd(&D) == MP_YES) { + /* D = (D-x)/2 */ + if ((res = mp_sub(&D, &x, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* D = D/2 */ + if ((res = mp_div_2(&D, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 6. if u >= v then */ + if (mp_cmp(&u, &v) != MP_LT) { + /* u = u - v, B = B - D */ + if ((res = mp_sub(&u, &v, &u)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&B, &D, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } else { + /* v - v - u, D = D - B */ + if ((res = mp_sub(&v, &u, &v)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&D, &B, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* if not zero goto step 4 */ + if (mp_iszero(&u) == MP_NO) { + goto top; + } + + /* now a = C, b = D, gcd == g*v */ + + /* if v != 1 then there is no inverse */ + if (mp_cmp_d(&v, 1uL) != MP_EQ) { + res = MP_VAL; goto LBL_ERR; - } - } + } - /* 6. if u >= v then */ - if (mp_cmp (&u, &v) != MP_LT) { - /* u = u - v, B = B - D */ - if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) { - goto LBL_ERR; - } + /* b is now the inverse */ + neg = a->sign; + while (D.sign == MP_NEG) { + if ((res = mp_add(&D, b, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + mp_exch(&D, c); + c->sign = neg; + res = MP_OKAY; - if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) { - goto LBL_ERR; - } - } else { - /* v - v - u, D = D - B */ - if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) { - goto LBL_ERR; - } - - if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) { - goto LBL_ERR; - } - } - - /* if not zero goto step 4 */ - if (mp_iszero (&u) == MP_NO) { - goto top; - } - - /* now a = C, b = D, gcd == g*v */ - - /* if v != 1 then there is no inverse */ - if (mp_cmp_d (&v, 1) != MP_EQ) { - res = MP_VAL; - goto LBL_ERR; - } - - /* b is now the inverse */ - neg = a->sign; - while (D.sign == MP_NEG) { - if ((res = mp_add (&D, b, &D)) != MP_OKAY) { - goto LBL_ERR; - } - } - mp_exch (&D, c); - c->sign = neg; - res = MP_OKAY; - -LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &B, &D, NULL); - return res; +LBL_ERR: + mp_clear_multi(&x, &y, &u, &v, &B, &D, NULL); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_fast_mp_montgomery_reduce.c b/src/ltm/bn_fast_mp_montgomery_reduce.c index a63839d..8f91196 100644 --- a/src/ltm/bn_fast_mp_montgomery_reduce.c +++ b/src/ltm/bn_fast_mp_montgomery_reduce.c @@ -23,150 +23,154 @@ * * Based on Algorithm 14.32 on pp.601 of HAC. */ -int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) +int fast_mp_montgomery_reduce(mp_int *x, const mp_int *n, mp_digit rho) { - int ix, res, olduse; - mp_word W[MP_WARRAY]; + int ix, res, olduse; + mp_word W[MP_WARRAY]; - /* get old used count */ - olduse = x->used; + if (x->used > (int)MP_WARRAY) { + return MP_VAL; + } - /* grow a as required */ - if (x->alloc < (n->used + 1)) { - if ((res = mp_grow (x, n->used + 1)) != MP_OKAY) { - return res; - } - } + /* get old used count */ + olduse = x->used; - /* first we have to get the digits of the input into - * an array of double precision words W[...] - */ - { - mp_word *_W; - mp_digit *tmpx; - - /* alias for the W[] array */ - _W = W; - - /* alias for the digits of x*/ - tmpx = x->dp; - - /* copy the digits of a into W[0..a->used-1] */ - for (ix = 0; ix < x->used; ix++) { - *_W++ = *tmpx++; - } - - /* zero the high words of W[a->used..m->used*2] */ - for (; ix < ((n->used * 2) + 1); ix++) { - *_W++ = 0; - } - } - - /* now we proceed to zero successive digits - * from the least significant upwards - */ - for (ix = 0; ix < n->used; ix++) { - /* mu = ai * m' mod b - * - * We avoid a double precision multiplication (which isn't required) - * by casting the value down to a mp_digit. Note this requires - * that W[ix-1] have the carry cleared (see after the inner loop) - */ - mp_digit mu; - mu = (mp_digit) (((W[ix] & MP_MASK) * rho) & MP_MASK); - - /* a = a + mu * m * b**i - * - * This is computed in place and on the fly. The multiplication - * by b**i is handled by offseting which columns the results - * are added to. - * - * Note the comba method normally doesn't handle carries in the - * inner loop In this case we fix the carry from the previous - * column since the Montgomery reduction requires digits of the - * result (so far) [see above] to work. This is - * handled by fixing up one carry after the inner loop. The - * carry fixups are done in order so after these loops the - * first m->used words of W[] have the carries fixed - */ - { - int iy; - mp_digit *tmpn; - mp_word *_W; - - /* alias for the digits of the modulus */ - tmpn = n->dp; - - /* Alias for the columns set by an offset of ix */ - _W = W + ix; - - /* inner loop */ - for (iy = 0; iy < n->used; iy++) { - *_W++ += ((mp_word)mu) * ((mp_word)*tmpn++); + /* grow a as required */ + if (x->alloc < (n->used + 1)) { + if ((res = mp_grow(x, n->used + 1)) != MP_OKAY) { + return res; } - } + } - /* now fix carry for next digit, W[ix+1] */ - W[ix + 1] += W[ix] >> ((mp_word) DIGIT_BIT); - } + /* first we have to get the digits of the input into + * an array of double precision words W[...] + */ + { + mp_word *_W; + mp_digit *tmpx; - /* now we have to propagate the carries and - * shift the words downward [all those least - * significant digits we zeroed]. - */ - { - mp_digit *tmpx; - mp_word *_W, *_W1; + /* alias for the W[] array */ + _W = W; - /* nox fix rest of carries */ + /* alias for the digits of x*/ + tmpx = x->dp; - /* alias for current word */ - _W1 = W + ix; + /* copy the digits of a into W[0..a->used-1] */ + for (ix = 0; ix < x->used; ix++) { + *_W++ = *tmpx++; + } - /* alias for next word, where the carry goes */ - _W = W + ++ix; + /* zero the high words of W[a->used..m->used*2] */ + for (; ix < ((n->used * 2) + 1); ix++) { + *_W++ = 0; + } + } - for (; ix <= ((n->used * 2) + 1); ix++) { - *_W++ += *_W1++ >> ((mp_word) DIGIT_BIT); - } + /* now we proceed to zero successive digits + * from the least significant upwards + */ + for (ix = 0; ix < n->used; ix++) { + /* mu = ai * m' mod b + * + * We avoid a double precision multiplication (which isn't required) + * by casting the value down to a mp_digit. Note this requires + * that W[ix-1] have the carry cleared (see after the inner loop) + */ + mp_digit mu; + mu = ((W[ix] & MP_MASK) * rho) & MP_MASK; - /* copy out, A = A/b**n - * - * The result is A/b**n but instead of converting from an - * array of mp_word to mp_digit than calling mp_rshd - * we just copy them in the right order - */ + /* a = a + mu * m * b**i + * + * This is computed in place and on the fly. The multiplication + * by b**i is handled by offseting which columns the results + * are added to. + * + * Note the comba method normally doesn't handle carries in the + * inner loop In this case we fix the carry from the previous + * column since the Montgomery reduction requires digits of the + * result (so far) [see above] to work. This is + * handled by fixing up one carry after the inner loop. The + * carry fixups are done in order so after these loops the + * first m->used words of W[] have the carries fixed + */ + { + int iy; + mp_digit *tmpn; + mp_word *_W; - /* alias for destination word */ - tmpx = x->dp; + /* alias for the digits of the modulus */ + tmpn = n->dp; - /* alias for shifted double precision result */ - _W = W + n->used; + /* Alias for the columns set by an offset of ix */ + _W = W + ix; - for (ix = 0; ix < (n->used + 1); ix++) { - *tmpx++ = (mp_digit)(*_W++ & ((mp_word) MP_MASK)); - } + /* inner loop */ + for (iy = 0; iy < n->used; iy++) { + *_W++ += (mp_word)mu * (mp_word)*tmpn++; + } + } - /* zero oldused digits, if the input a was larger than - * m->used+1 we'll have to clear the digits - */ - for (; ix < olduse; ix++) { - *tmpx++ = 0; - } - } + /* now fix carry for next digit, W[ix+1] */ + W[ix + 1] += W[ix] >> (mp_word)DIGIT_BIT; + } - /* set the max used and clamp */ - x->used = n->used + 1; - mp_clamp (x); + /* now we have to propagate the carries and + * shift the words downward [all those least + * significant digits we zeroed]. + */ + { + mp_digit *tmpx; + mp_word *_W, *_W1; - /* if A >= m then A = A - m */ - if (mp_cmp_mag (x, n) != MP_LT) { - return s_mp_sub (x, n, x); - } - return MP_OKAY; + /* nox fix rest of carries */ + + /* alias for current word */ + _W1 = W + ix; + + /* alias for next word, where the carry goes */ + _W = W + ++ix; + + for (; ix <= ((n->used * 2) + 1); ix++) { + *_W++ += *_W1++ >> (mp_word)DIGIT_BIT; + } + + /* copy out, A = A/b**n + * + * The result is A/b**n but instead of converting from an + * array of mp_word to mp_digit than calling mp_rshd + * we just copy them in the right order + */ + + /* alias for destination word */ + tmpx = x->dp; + + /* alias for shifted double precision result */ + _W = W + n->used; + + for (ix = 0; ix < (n->used + 1); ix++) { + *tmpx++ = *_W++ & (mp_word)MP_MASK; + } + + /* zero oldused digits, if the input a was larger than + * m->used+1 we'll have to clear the digits + */ + for (; ix < olduse; ix++) { + *tmpx++ = 0; + } + } + + /* set the max used and clamp */ + x->used = n->used + 1; + mp_clamp(x); + + /* if A >= m then A = A - m */ + if (mp_cmp_mag(x, n) != MP_LT) { + return s_mp_sub(x, n, x); + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_fast_s_mp_mul_digs.c b/src/ltm/bn_fast_s_mp_mul_digs.c index acd13b4..e542c2e 100644 --- a/src/ltm/bn_fast_s_mp_mul_digs.c +++ b/src/ltm/bn_fast_s_mp_mul_digs.c @@ -17,39 +17,39 @@ /* Fast (comba) multiplier * - * This is the fast column-array [comba] multiplier. It is - * designed to compute the columns of the product first - * then handle the carries afterwards. This has the effect + * This is the fast column-array [comba] multiplier. It is + * designed to compute the columns of the product first + * then handle the carries afterwards. This has the effect * of making the nested loops that compute the columns very * simple and schedulable on super-scalar processors. * - * This has been modified to produce a variable number of - * digits of output so if say only a half-product is required - * you don't have to compute the upper half (a feature + * This has been modified to produce a variable number of + * digits of output so if say only a half-product is required + * you don't have to compute the upper half (a feature * required for fast Barrett reduction). * * Based on Algorithm 14.12 on pp.595 of HAC. * */ -int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +int fast_s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) { - int olduse, res, pa, ix, iz; - mp_digit W[MP_WARRAY]; - mp_word _W; + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY]; + mp_word _W; - /* grow the destination as required */ - if (c->alloc < digs) { - if ((res = mp_grow (c, digs)) != MP_OKAY) { - return res; - } - } + /* grow the destination as required */ + if (c->alloc < digs) { + if ((res = mp_grow(c, digs)) != MP_OKAY) { + return res; + } + } - /* number of output digits to produce */ - pa = MIN(digs, a->used + b->used); + /* number of output digits to produce */ + pa = MIN(digs, a->used + b->used); - /* clear the carry */ - _W = 0; - for (ix = 0; ix < pa; ix++) { + /* clear the carry */ + _W = 0; + for (ix = 0; ix < pa; ix++) { int tx, ty; int iy; mp_digit *tmpx, *tmpy; @@ -62,46 +62,46 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) tmpx = a->dp + tx; tmpy = b->dp + ty; - /* this is the number of times the loop will iterrate, essentially + /* this is the number of times the loop will iterrate, essentially while (tx++ < a->used && ty-- >= 0) { ... } */ iy = MIN(a->used-tx, ty+1); /* execute loop */ for (iz = 0; iz < iy; ++iz) { - _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + _W += (mp_word)*tmpx++ * (mp_word)*tmpy--; } /* store term */ - W[ix] = ((mp_digit)_W) & MP_MASK; + W[ix] = (mp_digit)_W & MP_MASK; /* make next carry */ - _W = _W >> ((mp_word)DIGIT_BIT); - } + _W = _W >> (mp_word)DIGIT_BIT; + } - /* setup dest */ - olduse = c->used; - c->used = pa; + /* setup dest */ + olduse = c->used; + c->used = pa; - { - mp_digit *tmpc; - tmpc = c->dp; - for (ix = 0; ix < (pa + 1); ix++) { - /* now extract the previous digit [below the carry] */ - *tmpc++ = W[ix]; - } + { + mp_digit *tmpc; + tmpc = c->dp; + for (ix = 0; ix < pa; ix++) { + /* now extract the previous digit [below the carry] */ + *tmpc++ = W[ix]; + } - /* clear unused digits [that existed in the old copy of c] */ - for (; ix < olduse; ix++) { - *tmpc++ = 0; - } - } - mp_clamp (c); - return MP_OKAY; + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpc++ = 0; + } + } + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_fast_s_mp_mul_high_digs.c b/src/ltm/bn_fast_s_mp_mul_high_digs.c index b96cf60..6ea8a6c 100644 --- a/src/ltm/bn_fast_s_mp_mul_high_digs.c +++ b/src/ltm/bn_fast_s_mp_mul_high_digs.c @@ -24,24 +24,24 @@ * * Based on Algorithm 14.12 on pp.595 of HAC. */ -int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +int fast_s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) { - int olduse, res, pa, ix, iz; - mp_digit W[MP_WARRAY]; - mp_word _W; + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY]; + mp_word _W; - /* grow the destination as required */ - pa = a->used + b->used; - if (c->alloc < pa) { - if ((res = mp_grow (c, pa)) != MP_OKAY) { - return res; - } - } + /* grow the destination as required */ + pa = a->used + b->used; + if (c->alloc < pa) { + if ((res = mp_grow(c, pa)) != MP_OKAY) { + return res; + } + } - /* number of output digits to produce */ - pa = a->used + b->used; - _W = 0; - for (ix = digs; ix < pa; ix++) { + /* number of output digits to produce */ + pa = a->used + b->used; + _W = 0; + for (ix = digs; ix < pa; ix++) { int tx, ty, iy; mp_digit *tmpx, *tmpy; @@ -53,46 +53,46 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) tmpx = a->dp + tx; tmpy = b->dp + ty; - /* this is the number of times the loop will iterrate, essentially its + /* this is the number of times the loop will iterrate, essentially its while (tx++ < a->used && ty-- >= 0) { ... } */ iy = MIN(a->used-tx, ty+1); /* execute loop */ for (iz = 0; iz < iy; iz++) { - _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + _W += (mp_word)*tmpx++ * (mp_word)*tmpy--; } /* store term */ - W[ix] = ((mp_digit)_W) & MP_MASK; + W[ix] = (mp_digit)_W & MP_MASK; /* make next carry */ - _W = _W >> ((mp_word)DIGIT_BIT); - } - - /* setup dest */ - olduse = c->used; - c->used = pa; + _W = _W >> (mp_word)DIGIT_BIT; + } - { - mp_digit *tmpc; + /* setup dest */ + olduse = c->used; + c->used = pa; - tmpc = c->dp + digs; - for (ix = digs; ix < pa; ix++) { - /* now extract the previous digit [below the carry] */ - *tmpc++ = W[ix]; - } + { + mp_digit *tmpc; - /* clear unused digits [that existed in the old copy of c] */ - for (; ix < olduse; ix++) { - *tmpc++ = 0; - } - } - mp_clamp (c); - return MP_OKAY; + tmpc = c->dp + digs; + for (ix = digs; ix < pa; ix++) { + /* now extract the previous digit [below the carry] */ + *tmpc++ = W[ix]; + } + + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpc++ = 0; + } + } + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_fast_s_mp_sqr.c b/src/ltm/bn_fast_s_mp_sqr.c index 775c76f..1050121 100644 --- a/src/ltm/bn_fast_s_mp_sqr.c +++ b/src/ltm/bn_fast_s_mp_sqr.c @@ -16,32 +16,32 @@ */ /* the jist of squaring... - * you do like mult except the offset of the tmpx [one that - * starts closer to zero] can't equal the offset of tmpy. + * you do like mult except the offset of the tmpx [one that + * starts closer to zero] can't equal the offset of tmpy. * So basically you set up iy like before then you min it with - * (ty-tx) so that it never happens. You double all those + * (ty-tx) so that it never happens. You double all those * you add in the inner loop After that loop you do the squares and add them in. */ -int fast_s_mp_sqr (mp_int * a, mp_int * b) +int fast_s_mp_sqr(const mp_int *a, mp_int *b) { - int olduse, res, pa, ix, iz; - mp_digit W[MP_WARRAY], *tmpx; - mp_word W1; + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY], *tmpx; + mp_word W1; - /* grow the destination as required */ - pa = a->used + a->used; - if (b->alloc < pa) { - if ((res = mp_grow (b, pa)) != MP_OKAY) { - return res; - } - } + /* grow the destination as required */ + pa = a->used + a->used; + if (b->alloc < pa) { + if ((res = mp_grow(b, pa)) != MP_OKAY) { + return res; + } + } - /* number of output digits to produce */ - W1 = 0; - for (ix = 0; ix < pa; ix++) { + /* number of output digits to produce */ + W1 = 0; + for (ix = 0; ix < pa; ix++) { int tx, ty, iy; mp_word _W; mp_digit *tmpy; @@ -62,7 +62,7 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b) */ iy = MIN(a->used-tx, ty+1); - /* now for squaring tx can never equal ty + /* now for squaring tx can never equal ty * we halve the distance since they approach at a rate of 2x * and we have to round because odd cases need to be executed */ @@ -70,45 +70,45 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b) /* execute loop */ for (iz = 0; iz < iy; iz++) { - _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + _W += (mp_word)*tmpx++ * (mp_word)*tmpy--; } /* double the inner product and add carry */ _W = _W + _W + W1; /* even columns have the square term in them */ - if ((ix&1) == 0) { - _W += ((mp_word)a->dp[ix>>1])*((mp_word)a->dp[ix>>1]); + if (((unsigned)ix & 1u) == 0u) { + _W += (mp_word)a->dp[ix>>1] * (mp_word)a->dp[ix>>1]; } /* store it */ - W[ix] = (mp_digit)(_W & MP_MASK); + W[ix] = _W & MP_MASK; /* make next carry */ - W1 = _W >> ((mp_word)DIGIT_BIT); - } + W1 = _W >> (mp_word)DIGIT_BIT; + } - /* setup dest */ - olduse = b->used; - b->used = a->used+a->used; + /* setup dest */ + olduse = b->used; + b->used = a->used+a->used; - { - mp_digit *tmpb; - tmpb = b->dp; - for (ix = 0; ix < pa; ix++) { - *tmpb++ = W[ix] & MP_MASK; - } + { + mp_digit *tmpb; + tmpb = b->dp; + for (ix = 0; ix < pa; ix++) { + *tmpb++ = W[ix] & MP_MASK; + } - /* clear unused digits [that existed in the old copy of c] */ - for (; ix < olduse; ix++) { - *tmpb++ = 0; - } - } - mp_clamp (b); - return MP_OKAY; + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpb++ = 0; + } + } + mp_clamp(b); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_2expt.c b/src/ltm/bn_mp_2expt.c index 2845814..5333d48 100644 --- a/src/ltm/bn_mp_2expt.c +++ b/src/ltm/bn_mp_2expt.c @@ -15,34 +15,33 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* computes a = 2**b +/* computes a = 2**b * * Simple algorithm which zeroes the int, grows it then just sets one bit * as required. */ -int -mp_2expt (mp_int * a, int b) +int mp_2expt(mp_int *a, int b) { - int res; + int res; - /* zero a as per default */ - mp_zero (a); + /* zero a as per default */ + mp_zero(a); - /* grow a to accomodate the single bit */ - if ((res = mp_grow (a, (b / DIGIT_BIT) + 1)) != MP_OKAY) { - return res; - } + /* grow a to accomodate the single bit */ + if ((res = mp_grow(a, (b / DIGIT_BIT) + 1)) != MP_OKAY) { + return res; + } - /* set the used count of where the bit will go */ - a->used = (b / DIGIT_BIT) + 1; + /* set the used count of where the bit will go */ + a->used = (b / DIGIT_BIT) + 1; - /* put the single bit in its place */ - a->dp[b / DIGIT_BIT] = ((mp_digit)1) << (b % DIGIT_BIT); + /* put the single bit in its place */ + a->dp[b / DIGIT_BIT] = (mp_digit)1 << (mp_digit)(b % DIGIT_BIT); - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_abs.c b/src/ltm/bn_mp_abs.c index cc9c3db..9b6bcec 100644 --- a/src/ltm/bn_mp_abs.c +++ b/src/ltm/bn_mp_abs.c @@ -15,29 +15,28 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* b = |a| +/* b = |a| * * Simple function copies the input and fixes the sign to positive */ -int -mp_abs (mp_int * a, mp_int * b) +int mp_abs(const mp_int *a, mp_int *b) { - int res; + int res; - /* copy a to b */ - if (a != b) { - if ((res = mp_copy (a, b)) != MP_OKAY) { - return res; - } - } + /* copy a to b */ + if (a != b) { + if ((res = mp_copy(a, b)) != MP_OKAY) { + return res; + } + } - /* force the sign of b to positive */ - b->sign = MP_ZPOS; + /* force the sign of b to positive */ + b->sign = MP_ZPOS; - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_add.c b/src/ltm/bn_mp_add.c index 236fc75..d31d5a0 100644 --- a/src/ltm/bn_mp_add.c +++ b/src/ltm/bn_mp_add.c @@ -16,38 +16,38 @@ */ /* high level addition (handles signs) */ -int mp_add (mp_int * a, mp_int * b, mp_int * c) +int mp_add(const mp_int *a, const mp_int *b, mp_int *c) { - int sa, sb, res; + int sa, sb, res; - /* get sign of both inputs */ - sa = a->sign; - sb = b->sign; + /* get sign of both inputs */ + sa = a->sign; + sb = b->sign; - /* handle two cases, not four */ - if (sa == sb) { - /* both positive or both negative */ - /* add their magnitudes, copy the sign */ - c->sign = sa; - res = s_mp_add (a, b, c); - } else { - /* one positive, the other negative */ - /* subtract the one with the greater magnitude from */ - /* the one of the lesser magnitude. The result gets */ - /* the sign of the one with the greater magnitude. */ - if (mp_cmp_mag (a, b) == MP_LT) { - c->sign = sb; - res = s_mp_sub (b, a, c); - } else { + /* handle two cases, not four */ + if (sa == sb) { + /* both positive or both negative */ + /* add their magnitudes, copy the sign */ c->sign = sa; - res = s_mp_sub (a, b, c); - } - } - return res; + res = s_mp_add(a, b, c); + } else { + /* one positive, the other negative */ + /* subtract the one with the greater magnitude from */ + /* the one of the lesser magnitude. The result gets */ + /* the sign of the one with the greater magnitude. */ + if (mp_cmp_mag(a, b) == MP_LT) { + c->sign = sb; + res = s_mp_sub(b, a, c); + } else { + c->sign = sa; + res = s_mp_sub(a, b, c); + } + } + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_add_d.c b/src/ltm/bn_mp_add_d.c index 4d4e1df..e5ede1f 100644 --- a/src/ltm/bn_mp_add_d.c +++ b/src/ltm/bn_mp_add_d.c @@ -16,97 +16,97 @@ */ /* single digit addition */ -int -mp_add_d (mp_int * a, mp_digit b, mp_int * c) +int mp_add_d(const mp_int *a, mp_digit b, mp_int *c) { - int res, ix, oldused; - mp_digit *tmpa, *tmpc, mu; + int res, ix, oldused; + mp_digit *tmpa, *tmpc, mu; - /* grow c as required */ - if (c->alloc < (a->used + 1)) { - if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { - return res; - } - } + /* grow c as required */ + if (c->alloc < (a->used + 1)) { + if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { + return res; + } + } - /* if a is negative and |a| >= b, call c = |a| - b */ - if ((a->sign == MP_NEG) && ((a->used > 1) || (a->dp[0] >= b))) { - /* temporarily fix sign of a */ - a->sign = MP_ZPOS; + /* if a is negative and |a| >= b, call c = |a| - b */ + if ((a->sign == MP_NEG) && ((a->used > 1) || (a->dp[0] >= b))) { + mp_int a_ = *a; + /* temporarily fix sign of a */ + a_.sign = MP_ZPOS; - /* c = |a| - b */ - res = mp_sub_d(a, b, c); + /* c = |a| - b */ + res = mp_sub_d(&a_, b, c); - /* fix sign */ - a->sign = c->sign = MP_NEG; + /* fix sign */ + c->sign = MP_NEG; - /* clamp */ - mp_clamp(c); + /* clamp */ + mp_clamp(c); - return res; - } + return res; + } - /* old number of used digits in c */ - oldused = c->used; + /* old number of used digits in c */ + oldused = c->used; - /* sign always positive */ - c->sign = MP_ZPOS; + /* source alias */ + tmpa = a->dp; - /* source alias */ - tmpa = a->dp; + /* destination alias */ + tmpc = c->dp; - /* destination alias */ - tmpc = c->dp; + /* if a is positive */ + if (a->sign == MP_ZPOS) { + /* add digit, after this we're propagating + * the carry. + */ + *tmpc = *tmpa++ + b; + mu = *tmpc >> DIGIT_BIT; + *tmpc++ &= MP_MASK; - /* if a is positive */ - if (a->sign == MP_ZPOS) { - /* add digit, after this we're propagating - * the carry. - */ - *tmpc = *tmpa++ + b; - mu = *tmpc >> DIGIT_BIT; - *tmpc++ &= MP_MASK; + /* now handle rest of the digits */ + for (ix = 1; ix < a->used; ix++) { + *tmpc = *tmpa++ + mu; + mu = *tmpc >> DIGIT_BIT; + *tmpc++ &= MP_MASK; + } + /* set final carry */ + ix++; + *tmpc++ = mu; - /* now handle rest of the digits */ - for (ix = 1; ix < a->used; ix++) { - *tmpc = *tmpa++ + mu; - mu = *tmpc >> DIGIT_BIT; - *tmpc++ &= MP_MASK; - } - /* set final carry */ - ix++; - *tmpc++ = mu; + /* setup size */ + c->used = a->used + 1; + } else { + /* a was negative and |a| < b */ + c->used = 1; - /* setup size */ - c->used = a->used + 1; - } else { - /* a was negative and |a| < b */ - c->used = 1; + /* the result is a single digit */ + if (a->used == 1) { + *tmpc++ = b - a->dp[0]; + } else { + *tmpc++ = b; + } - /* the result is a single digit */ - if (a->used == 1) { - *tmpc++ = b - a->dp[0]; - } else { - *tmpc++ = b; - } + /* setup count so the clearing of oldused + * can fall through correctly + */ + ix = 1; + } - /* setup count so the clearing of oldused - * can fall through correctly - */ - ix = 1; - } + /* sign always positive */ + c->sign = MP_ZPOS; - /* now zero to oldused */ - while (ix++ < oldused) { - *tmpc++ = 0; - } - mp_clamp(c); + /* now zero to oldused */ + while (ix++ < oldused) { + *tmpc++ = 0; + } + mp_clamp(c); - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_addmod.c b/src/ltm/bn_mp_addmod.c index 825c928..0d612c3 100644 --- a/src/ltm/bn_mp_addmod.c +++ b/src/ltm/bn_mp_addmod.c @@ -16,26 +16,25 @@ */ /* d = a + b (mod c) */ -int -mp_addmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +int mp_addmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d) { - int res; - mp_int t; + int res; + mp_int t; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } + if ((res = mp_init(&t)) != MP_OKAY) { + return res; + } - if ((res = mp_add (a, b, &t)) != MP_OKAY) { - mp_clear (&t); - return res; - } - res = mp_mod (&t, c, d); - mp_clear (&t); - return res; + if ((res = mp_add(a, b, &t)) != MP_OKAY) { + mp_clear(&t); + return res; + } + res = mp_mod(&t, c, d); + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_and.c b/src/ltm/bn_mp_and.c index 3b6b03e..09ff772 100644 --- a/src/ltm/bn_mp_and.c +++ b/src/ltm/bn_mp_and.c @@ -16,42 +16,42 @@ */ /* AND two ints together */ -int -mp_and (mp_int * a, mp_int * b, mp_int * c) +int mp_and(const mp_int *a, const mp_int *b, mp_int *c) { - int res, ix, px; - mp_int t, *x; + int res, ix, px; + mp_int t; + const mp_int *x; - if (a->used > b->used) { - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - px = b->used; - x = b; - } else { - if ((res = mp_init_copy (&t, b)) != MP_OKAY) { - return res; - } - px = a->used; - x = a; - } + if (a->used > b->used) { + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy(&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } - for (ix = 0; ix < px; ix++) { - t.dp[ix] &= x->dp[ix]; - } + for (ix = 0; ix < px; ix++) { + t.dp[ix] &= x->dp[ix]; + } - /* zero digits above the last from the smallest mp_int */ - for (; ix < t.used; ix++) { - t.dp[ix] = 0; - } + /* zero digits above the last from the smallest mp_int */ + for (; ix < t.used; ix++) { + t.dp[ix] = 0; + } - mp_clamp (&t); - mp_exch (c, &t); - mp_clear (&t); - return MP_OKAY; + mp_clamp(&t); + mp_exch(c, &t); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_clamp.c b/src/ltm/bn_mp_clamp.c index d4fb70d..79a5b20 100644 --- a/src/ltm/bn_mp_clamp.c +++ b/src/ltm/bn_mp_clamp.c @@ -15,30 +15,29 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* trim unused digits +/* trim unused digits * * This is used to ensure that leading zero digits are * trimed and the leading "used" digit will be non-zero * Typically very fast. Also fixes the sign if there * are no more leading digits */ -void -mp_clamp (mp_int * a) +void mp_clamp(mp_int *a) { - /* decrease used while the most significant digit is - * zero. - */ - while ((a->used > 0) && (a->dp[a->used - 1] == 0)) { - --(a->used); - } + /* decrease used while the most significant digit is + * zero. + */ + while ((a->used > 0) && (a->dp[a->used - 1] == 0u)) { + --(a->used); + } - /* reset the sign flag if used == 0 */ - if (a->used == 0) { - a->sign = MP_ZPOS; - } + /* reset the sign flag if used == 0 */ + if (a->used == 0) { + a->sign = MP_ZPOS; + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_clear.c b/src/ltm/bn_mp_clear.c index 17ef9d5..fcf4d61 100644 --- a/src/ltm/bn_mp_clear.c +++ b/src/ltm/bn_mp_clear.c @@ -16,29 +16,28 @@ */ /* clear one (frees) */ -void -mp_clear (mp_int * a) +void mp_clear(mp_int *a) { - int i; + int i; - /* only do anything if a hasn't been freed previously */ - if (a->dp != NULL) { - /* first zero the digits */ - for (i = 0; i < a->used; i++) { - a->dp[i] = 0; - } + /* only do anything if a hasn't been freed previously */ + if (a->dp != NULL) { + /* first zero the digits */ + for (i = 0; i < a->used; i++) { + a->dp[i] = 0; + } - /* free ram */ - XFREE(a->dp); + /* free ram */ + XFREE(a->dp); - /* reset members to make debugging easier */ - a->dp = NULL; - a->alloc = a->used = 0; - a->sign = MP_ZPOS; - } + /* reset members to make debugging easier */ + a->dp = NULL; + a->alloc = a->used = 0; + a->sign = MP_ZPOS; + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_clear_multi.c b/src/ltm/bn_mp_clear_multi.c index 441a200..284fab8 100644 --- a/src/ltm/bn_mp_clear_multi.c +++ b/src/ltm/bn_mp_clear_multi.c @@ -16,19 +16,19 @@ */ #include -void mp_clear_multi(mp_int *mp, ...) +void mp_clear_multi(mp_int *mp, ...) { - mp_int* next_mp = mp; - va_list args; - va_start(args, mp); - while (next_mp != NULL) { - mp_clear(next_mp); - next_mp = va_arg(args, mp_int*); - } - va_end(args); + mp_int *next_mp = mp; + va_list args; + va_start(args, mp); + while (next_mp != NULL) { + mp_clear(next_mp); + next_mp = va_arg(args, mp_int *); + } + va_end(args); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_cmp.c b/src/ltm/bn_mp_cmp.c index 74a98fe..a33d483 100644 --- a/src/ltm/bn_mp_cmp.c +++ b/src/ltm/bn_mp_cmp.c @@ -16,28 +16,27 @@ */ /* compare two ints (signed)*/ -int -mp_cmp (mp_int * a, mp_int * b) +int mp_cmp(const mp_int *a, const mp_int *b) { - /* compare based on sign */ - if (a->sign != b->sign) { - if (a->sign == MP_NEG) { - return MP_LT; - } else { - return MP_GT; - } - } - - /* compare digits */ - if (a->sign == MP_NEG) { - /* if negative compare opposite direction */ - return mp_cmp_mag(b, a); - } else { - return mp_cmp_mag(a, b); - } + /* compare based on sign */ + if (a->sign != b->sign) { + if (a->sign == MP_NEG) { + return MP_LT; + } else { + return MP_GT; + } + } + + /* compare digits */ + if (a->sign == MP_NEG) { + /* if negative compare opposite direction */ + return mp_cmp_mag(b, a); + } else { + return mp_cmp_mag(a, b); + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_cmp_d.c b/src/ltm/bn_mp_cmp_d.c index 28a53ce..576a073 100644 --- a/src/ltm/bn_mp_cmp_d.c +++ b/src/ltm/bn_mp_cmp_d.c @@ -16,29 +16,29 @@ */ /* compare a digit */ -int mp_cmp_d(mp_int * a, mp_digit b) +int mp_cmp_d(const mp_int *a, mp_digit b) { - /* compare based on sign */ - if (a->sign == MP_NEG) { - return MP_LT; - } + /* compare based on sign */ + if (a->sign == MP_NEG) { + return MP_LT; + } - /* compare based on magnitude */ - if (a->used > 1) { - return MP_GT; - } + /* compare based on magnitude */ + if (a->used > 1) { + return MP_GT; + } - /* compare the only digit of a to b */ - if (a->dp[0] > b) { - return MP_GT; - } else if (a->dp[0] < b) { - return MP_LT; - } else { - return MP_EQ; - } + /* compare the only digit of a to b */ + if (a->dp[0] > b) { + return MP_GT; + } else if (a->dp[0] < b) { + return MP_LT; + } else { + return MP_EQ; + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_cmp_mag.c b/src/ltm/bn_mp_cmp_mag.c index f72830f..e2c723f 100644 --- a/src/ltm/bn_mp_cmp_mag.c +++ b/src/ltm/bn_mp_cmp_mag.c @@ -16,40 +16,40 @@ */ /* compare maginitude of two ints (unsigned) */ -int mp_cmp_mag (mp_int * a, mp_int * b) +int mp_cmp_mag(const mp_int *a, const mp_int *b) { - int n; - mp_digit *tmpa, *tmpb; + int n; + mp_digit *tmpa, *tmpb; - /* compare based on # of non-zero digits */ - if (a->used > b->used) { - return MP_GT; - } - - if (a->used < b->used) { - return MP_LT; - } - - /* alias for a */ - tmpa = a->dp + (a->used - 1); - - /* alias for b */ - tmpb = b->dp + (a->used - 1); - - /* compare based on digits */ - for (n = 0; n < a->used; ++n, --tmpa, --tmpb) { - if (*tmpa > *tmpb) { + /* compare based on # of non-zero digits */ + if (a->used > b->used) { return MP_GT; - } + } - if (*tmpa < *tmpb) { + if (a->used < b->used) { return MP_LT; - } - } - return MP_EQ; + } + + /* alias for a */ + tmpa = a->dp + (a->used - 1); + + /* alias for b */ + tmpb = b->dp + (a->used - 1); + + /* compare based on digits */ + for (n = 0; n < a->used; ++n, --tmpa, --tmpb) { + if (*tmpa > *tmpb) { + return MP_GT; + } + + if (*tmpa < *tmpb) { + return MP_LT; + } + } + return MP_EQ; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_cnt_lsb.c b/src/ltm/bn_mp_cnt_lsb.c index 9d7eef8..219c369 100644 --- a/src/ltm/bn_mp_cnt_lsb.c +++ b/src/ltm/bn_mp_cnt_lsb.c @@ -15,12 +15,12 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -static const int lnz[16] = { +static const int lnz[16] = { 4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0 }; /* Counts the number of lsbs which are zero before the first zero bit */ -int mp_cnt_lsb(mp_int *a) +int mp_cnt_lsb(const mp_int *a) { int x; mp_digit q, qq; @@ -31,23 +31,23 @@ int mp_cnt_lsb(mp_int *a) } /* scan lower digits until non-zero */ - for (x = 0; (x < a->used) && (a->dp[x] == 0); x++) {} + for (x = 0; (x < a->used) && (a->dp[x] == 0u); x++) {} q = a->dp[x]; x *= DIGIT_BIT; /* now scan this digit until a 1 is found */ - if ((q & 1) == 0) { + if ((q & 1u) == 0u) { do { - qq = q & 15; + qq = q & 15u; x += lnz[qq]; q >>= 4; - } while (qq == 0); + } while (qq == 0u); } return x; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_copy.c b/src/ltm/bn_mp_copy.c index 69e9464..17816e8 100644 --- a/src/ltm/bn_mp_copy.c +++ b/src/ltm/bn_mp_copy.c @@ -16,53 +16,52 @@ */ /* copy, b = a */ -int -mp_copy (mp_int * a, mp_int * b) +int mp_copy(const mp_int *a, mp_int *b) { - int res, n; + int res, n; - /* if dst == src do nothing */ - if (a == b) { - return MP_OKAY; - } + /* if dst == src do nothing */ + if (a == b) { + return MP_OKAY; + } - /* grow dest */ - if (b->alloc < a->used) { - if ((res = mp_grow (b, a->used)) != MP_OKAY) { - return res; - } - } + /* grow dest */ + if (b->alloc < a->used) { + if ((res = mp_grow(b, a->used)) != MP_OKAY) { + return res; + } + } - /* zero b and copy the parameters over */ - { - mp_digit *tmpa, *tmpb; + /* zero b and copy the parameters over */ + { + mp_digit *tmpa, *tmpb; - /* pointer aliases */ + /* pointer aliases */ - /* source */ - tmpa = a->dp; + /* source */ + tmpa = a->dp; - /* destination */ - tmpb = b->dp; + /* destination */ + tmpb = b->dp; - /* copy all the digits */ - for (n = 0; n < a->used; n++) { - *tmpb++ = *tmpa++; - } + /* copy all the digits */ + for (n = 0; n < a->used; n++) { + *tmpb++ = *tmpa++; + } - /* clear high digits */ - for (; n < b->used; n++) { - *tmpb++ = 0; - } - } + /* clear high digits */ + for (; n < b->used; n++) { + *tmpb++ = 0; + } + } - /* copy used count and sign */ - b->used = a->used; - b->sign = a->sign; - return MP_OKAY; + /* copy used count and sign */ + b->used = a->used; + b->sign = a->sign; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_count_bits.c b/src/ltm/bn_mp_count_bits.c index 74b59b6..4530c92 100644 --- a/src/ltm/bn_mp_count_bits.c +++ b/src/ltm/bn_mp_count_bits.c @@ -16,30 +16,29 @@ */ /* returns the number of bits in an int */ -int -mp_count_bits (mp_int * a) +int mp_count_bits(const mp_int *a) { - int r; - mp_digit q; + int r; + mp_digit q; - /* shortcut */ - if (a->used == 0) { - return 0; - } + /* shortcut */ + if (a->used == 0) { + return 0; + } - /* get number of digits and add that */ - r = (a->used - 1) * DIGIT_BIT; - - /* take the last digit and count the bits in it */ - q = a->dp[a->used - 1]; - while (q > ((mp_digit) 0)) { - ++r; - q >>= ((mp_digit) 1); - } - return r; + /* get number of digits and add that */ + r = (a->used - 1) * DIGIT_BIT; + + /* take the last digit and count the bits in it */ + q = a->dp[a->used - 1]; + while (q > (mp_digit)0) { + ++r; + q >>= (mp_digit)1; + } + return r; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_div.c b/src/ltm/bn_mp_div.c index 3ca5d7f..f64f485 100644 --- a/src/ltm/bn_mp_div.c +++ b/src/ltm/bn_mp_div.c @@ -18,68 +18,68 @@ #ifdef BN_MP_DIV_SMALL /* slower bit-bang division... also smaller */ -int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) +int mp_div(const mp_int *a, const mp_int *b, mp_int *c, mp_int *d) { mp_int ta, tb, tq, q; int res, n, n2; - /* is divisor zero ? */ - if (mp_iszero (b) == MP_YES) { - return MP_VAL; - } + /* is divisor zero ? */ + if (mp_iszero(b) == MP_YES) { + return MP_VAL; + } - /* if a < b then q=0, r = a */ - if (mp_cmp_mag (a, b) == MP_LT) { - if (d != NULL) { - res = mp_copy (a, d); - } else { - res = MP_OKAY; - } - if (c != NULL) { - mp_zero (c); - } - return res; - } + /* if a < b then q=0, r = a */ + if (mp_cmp_mag(a, b) == MP_LT) { + if (d != NULL) { + res = mp_copy(a, d); + } else { + res = MP_OKAY; + } + if (c != NULL) { + mp_zero(c); + } + return res; + } - /* init our temps */ - if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { - return res; - } + /* init our temps */ + if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { + return res; + } - mp_set(&tq, 1); - n = mp_count_bits(a) - mp_count_bits(b); - if (((res = mp_abs(a, &ta)) != MP_OKAY) || - ((res = mp_abs(b, &tb)) != MP_OKAY) || - ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) || - ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) { + mp_set(&tq, 1uL); + n = mp_count_bits(a) - mp_count_bits(b); + if (((res = mp_abs(a, &ta)) != MP_OKAY) || + ((res = mp_abs(b, &tb)) != MP_OKAY) || + ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) || + ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) { goto LBL_ERR; - } + } - while (n-- >= 0) { - if (mp_cmp(&tb, &ta) != MP_GT) { - if (((res = mp_sub(&ta, &tb, &ta)) != MP_OKAY) || - ((res = mp_add(&q, &tq, &q)) != MP_OKAY)) { - goto LBL_ERR; - } - } - if (((res = mp_div_2d(&tb, 1, &tb, NULL)) != MP_OKAY) || - ((res = mp_div_2d(&tq, 1, &tq, NULL)) != MP_OKAY)) { - goto LBL_ERR; - } - } + while (n-- >= 0) { + if (mp_cmp(&tb, &ta) != MP_GT) { + if (((res = mp_sub(&ta, &tb, &ta)) != MP_OKAY) || + ((res = mp_add(&q, &tq, &q)) != MP_OKAY)) { + goto LBL_ERR; + } + } + if (((res = mp_div_2d(&tb, 1, &tb, NULL)) != MP_OKAY) || + ((res = mp_div_2d(&tq, 1, &tq, NULL)) != MP_OKAY)) { + goto LBL_ERR; + } + } - /* now q == quotient and ta == remainder */ - n = a->sign; - n2 = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; - if (c != NULL) { - mp_exch(c, &q); - c->sign = (mp_iszero(c) == MP_YES) ? MP_ZPOS : n2; - } - if (d != NULL) { - mp_exch(d, &ta); - d->sign = (mp_iszero(d) == MP_YES) ? MP_ZPOS : n; - } + /* now q == quotient and ta == remainder */ + n = a->sign; + n2 = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; + if (c != NULL) { + mp_exch(c, &q); + c->sign = (mp_iszero(c) == MP_YES) ? MP_ZPOS : n2; + } + if (d != NULL) { + mp_exch(d, &ta); + d->sign = (mp_iszero(d) == MP_YES) ? MP_ZPOS : n; + } LBL_ERR: mp_clear_multi(&ta, &tb, &tq, &q, NULL); return res; @@ -100,196 +100,201 @@ LBL_ERR: * The overall algorithm is as described as * 14.20 from HAC but fixed to treat these cases. */ -int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +int mp_div(const mp_int *a, const mp_int *b, mp_int *c, mp_int *d) { - mp_int q, x, y, t1, t2; - int res, n, t, i, norm, neg; + mp_int q, x, y, t1, t2; + int res, n, t, i, norm, neg; - /* is divisor zero ? */ - if (mp_iszero (b) == MP_YES) { - return MP_VAL; - } + /* is divisor zero ? */ + if (mp_iszero(b) == MP_YES) { + return MP_VAL; + } - /* if a < b then q=0, r = a */ - if (mp_cmp_mag (a, b) == MP_LT) { - if (d != NULL) { - res = mp_copy (a, d); - } else { - res = MP_OKAY; - } - if (c != NULL) { - mp_zero (c); - } - return res; - } - - if ((res = mp_init_size (&q, a->used + 2)) != MP_OKAY) { - return res; - } - q.used = a->used + 2; - - if ((res = mp_init (&t1)) != MP_OKAY) { - goto LBL_Q; - } - - if ((res = mp_init (&t2)) != MP_OKAY) { - goto LBL_T1; - } - - if ((res = mp_init_copy (&x, a)) != MP_OKAY) { - goto LBL_T2; - } - - if ((res = mp_init_copy (&y, b)) != MP_OKAY) { - goto LBL_X; - } - - /* fix the sign */ - neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; - x.sign = y.sign = MP_ZPOS; - - /* normalize both x and y, ensure that y >= b/2, [b == 2**DIGIT_BIT] */ - norm = mp_count_bits(&y) % DIGIT_BIT; - if (norm < (int)(DIGIT_BIT-1)) { - norm = (DIGIT_BIT-1) - norm; - if ((res = mp_mul_2d (&x, norm, &x)) != MP_OKAY) { - goto LBL_Y; - } - if ((res = mp_mul_2d (&y, norm, &y)) != MP_OKAY) { - goto LBL_Y; - } - } else { - norm = 0; - } - - /* note hac does 0 based, so if used==5 then its 0,1,2,3,4, e.g. use 4 */ - n = x.used - 1; - t = y.used - 1; - - /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */ - if ((res = mp_lshd (&y, n - t)) != MP_OKAY) { /* y = y*b**{n-t} */ - goto LBL_Y; - } - - while (mp_cmp (&x, &y) != MP_LT) { - ++(q.dp[n - t]); - if ((res = mp_sub (&x, &y, &x)) != MP_OKAY) { - goto LBL_Y; - } - } - - /* reset y by shifting it back down */ - mp_rshd (&y, n - t); - - /* step 3. for i from n down to (t + 1) */ - for (i = n; i >= (t + 1); i--) { - if (i > x.used) { - continue; - } - - /* step 3.1 if xi == yt then set q{i-t-1} to b-1, - * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */ - if (x.dp[i] == y.dp[t]) { - q.dp[(i - t) - 1] = ((((mp_digit)1) << DIGIT_BIT) - 1); - } else { - mp_word tmp; - tmp = ((mp_word) x.dp[i]) << ((mp_word) DIGIT_BIT); - tmp |= ((mp_word) x.dp[i - 1]); - tmp /= ((mp_word) y.dp[t]); - if (tmp > (mp_word) MP_MASK) { - tmp = MP_MASK; + /* if a < b then q=0, r = a */ + if (mp_cmp_mag(a, b) == MP_LT) { + if (d != NULL) { + res = mp_copy(a, d); + } else { + res = MP_OKAY; } - q.dp[(i - t) - 1] = (mp_digit) (tmp & (mp_word) (MP_MASK)); - } + if (c != NULL) { + mp_zero(c); + } + return res; + } - /* while (q{i-t-1} * (yt * b + y{t-1})) > - xi * b**2 + xi-1 * b + xi-2 + if ((res = mp_init_size(&q, a->used + 2)) != MP_OKAY) { + return res; + } + q.used = a->used + 2; - do q{i-t-1} -= 1; + if ((res = mp_init(&t1)) != MP_OKAY) { + goto LBL_Q; + } + + if ((res = mp_init(&t2)) != MP_OKAY) { + goto LBL_T1; + } + + if ((res = mp_init_copy(&x, a)) != MP_OKAY) { + goto LBL_T2; + } + + if ((res = mp_init_copy(&y, b)) != MP_OKAY) { + goto LBL_X; + } + + /* fix the sign */ + neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; + x.sign = y.sign = MP_ZPOS; + + /* normalize both x and y, ensure that y >= b/2, [b == 2**DIGIT_BIT] */ + norm = mp_count_bits(&y) % DIGIT_BIT; + if (norm < (DIGIT_BIT - 1)) { + norm = (DIGIT_BIT - 1) - norm; + if ((res = mp_mul_2d(&x, norm, &x)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_mul_2d(&y, norm, &y)) != MP_OKAY) { + goto LBL_Y; + } + } else { + norm = 0; + } + + /* note hac does 0 based, so if used==5 then its 0,1,2,3,4, e.g. use 4 */ + n = x.used - 1; + t = y.used - 1; + + /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */ + if ((res = mp_lshd(&y, n - t)) != MP_OKAY) { /* y = y*b**{n-t} */ + goto LBL_Y; + } + + while (mp_cmp(&x, &y) != MP_LT) { + ++(q.dp[n - t]); + if ((res = mp_sub(&x, &y, &x)) != MP_OKAY) { + goto LBL_Y; + } + } + + /* reset y by shifting it back down */ + mp_rshd(&y, n - t); + + /* step 3. for i from n down to (t + 1) */ + for (i = n; i >= (t + 1); i--) { + if (i > x.used) { + continue; + } + + /* step 3.1 if xi == yt then set q{i-t-1} to b-1, + * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */ + if (x.dp[i] == y.dp[t]) { + q.dp[(i - t) - 1] = ((mp_digit)1 << (mp_digit)DIGIT_BIT) - (mp_digit)1; + } else { + mp_word tmp; + tmp = (mp_word)x.dp[i] << (mp_word)DIGIT_BIT; + tmp |= (mp_word)x.dp[i - 1]; + tmp /= (mp_word)y.dp[t]; + if (tmp > (mp_word)MP_MASK) { + tmp = MP_MASK; + } + q.dp[(i - t) - 1] = (mp_digit)(tmp & (mp_word)MP_MASK); + } + + /* while (q{i-t-1} * (yt * b + y{t-1})) > + xi * b**2 + xi-1 * b + xi-2 + + do q{i-t-1} -= 1; + */ + q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] + 1uL) & (mp_digit)MP_MASK; + do { + q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] - 1uL) & (mp_digit)MP_MASK; + + /* find left hand */ + mp_zero(&t1); + t1.dp[0] = ((t - 1) < 0) ? 0u : y.dp[t - 1]; + t1.dp[1] = y.dp[t]; + t1.used = 2; + if ((res = mp_mul_d(&t1, q.dp[(i - t) - 1], &t1)) != MP_OKAY) { + goto LBL_Y; + } + + /* find right hand */ + t2.dp[0] = ((i - 2) < 0) ? 0u : x.dp[i - 2]; + t2.dp[1] = ((i - 1) < 0) ? 0u : x.dp[i - 1]; + t2.dp[2] = x.dp[i]; + t2.used = 3; + } while (mp_cmp_mag(&t1, &t2) == MP_GT); + + /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */ + if ((res = mp_mul_d(&y, q.dp[(i - t) - 1], &t1)) != MP_OKAY) { + goto LBL_Y; + } + + if ((res = mp_lshd(&t1, (i - t) - 1)) != MP_OKAY) { + goto LBL_Y; + } + + if ((res = mp_sub(&x, &t1, &x)) != MP_OKAY) { + goto LBL_Y; + } + + /* if x < 0 then { x = x + y*b**{i-t-1}; q{i-t-1} -= 1; } */ + if (x.sign == MP_NEG) { + if ((res = mp_copy(&y, &t1)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_lshd(&t1, (i - t) - 1)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_add(&x, &t1, &x)) != MP_OKAY) { + goto LBL_Y; + } + + q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] - 1uL) & MP_MASK; + } + } + + /* now q is the quotient and x is the remainder + * [which we have to normalize] */ - q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] + 1) & MP_MASK; - do { - q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] - 1) & MP_MASK; - /* find left hand */ - mp_zero (&t1); - t1.dp[0] = ((t - 1) < 0) ? 0 : y.dp[t - 1]; - t1.dp[1] = y.dp[t]; - t1.used = 2; - if ((res = mp_mul_d (&t1, q.dp[(i - t) - 1], &t1)) != MP_OKAY) { - goto LBL_Y; + /* get sign before writing to c */ + x.sign = (x.used == 0) ? MP_ZPOS : a->sign; + + if (c != NULL) { + mp_clamp(&q); + mp_exch(&q, c); + c->sign = neg; + } + + if (d != NULL) { + if ((res = mp_div_2d(&x, norm, &x, NULL)) != MP_OKAY) { + goto LBL_Y; } + mp_exch(&x, d); + } - /* find right hand */ - t2.dp[0] = ((i - 2) < 0) ? 0 : x.dp[i - 2]; - t2.dp[1] = ((i - 1) < 0) ? 0 : x.dp[i - 1]; - t2.dp[2] = x.dp[i]; - t2.used = 3; - } while (mp_cmp_mag(&t1, &t2) == MP_GT); + res = MP_OKAY; - /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */ - if ((res = mp_mul_d (&y, q.dp[(i - t) - 1], &t1)) != MP_OKAY) { - goto LBL_Y; - } - - if ((res = mp_lshd (&t1, (i - t) - 1)) != MP_OKAY) { - goto LBL_Y; - } - - if ((res = mp_sub (&x, &t1, &x)) != MP_OKAY) { - goto LBL_Y; - } - - /* if x < 0 then { x = x + y*b**{i-t-1}; q{i-t-1} -= 1; } */ - if (x.sign == MP_NEG) { - if ((res = mp_copy (&y, &t1)) != MP_OKAY) { - goto LBL_Y; - } - if ((res = mp_lshd (&t1, (i - t) - 1)) != MP_OKAY) { - goto LBL_Y; - } - if ((res = mp_add (&x, &t1, &x)) != MP_OKAY) { - goto LBL_Y; - } - - q.dp[(i - t) - 1] = (q.dp[(i - t) - 1] - 1UL) & MP_MASK; - } - } - - /* now q is the quotient and x is the remainder - * [which we have to normalize] - */ - - /* get sign before writing to c */ - x.sign = (x.used == 0) ? MP_ZPOS : a->sign; - - if (c != NULL) { - mp_clamp (&q); - mp_exch (&q, c); - c->sign = neg; - } - - if (d != NULL) { - if ((res = mp_div_2d (&x, norm, &x, NULL)) != MP_OKAY) { - goto LBL_Y; - } - mp_exch (&x, d); - } - - res = MP_OKAY; - -LBL_Y:mp_clear (&y); -LBL_X:mp_clear (&x); -LBL_T2:mp_clear (&t2); -LBL_T1:mp_clear (&t1); -LBL_Q:mp_clear (&q); - return res; +LBL_Y: + mp_clear(&y); +LBL_X: + mp_clear(&x); +LBL_T2: + mp_clear(&t2); +LBL_T1: + mp_clear(&t1); +LBL_Q: + mp_clear(&q); + return res; } #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_div_2.c b/src/ltm/bn_mp_div_2.c index d2a213f..2907a1b 100644 --- a/src/ltm/bn_mp_div_2.c +++ b/src/ltm/bn_mp_div_2.c @@ -16,53 +16,53 @@ */ /* b = a/2 */ -int mp_div_2(mp_int * a, mp_int * b) +int mp_div_2(const mp_int *a, mp_int *b) { - int x, res, oldused; + int x, res, oldused; - /* copy */ - if (b->alloc < a->used) { - if ((res = mp_grow (b, a->used)) != MP_OKAY) { - return res; - } - } + /* copy */ + if (b->alloc < a->used) { + if ((res = mp_grow(b, a->used)) != MP_OKAY) { + return res; + } + } - oldused = b->used; - b->used = a->used; - { - mp_digit r, rr, *tmpa, *tmpb; + oldused = b->used; + b->used = a->used; + { + mp_digit r, rr, *tmpa, *tmpb; - /* source alias */ - tmpa = a->dp + b->used - 1; + /* source alias */ + tmpa = a->dp + b->used - 1; - /* dest alias */ - tmpb = b->dp + b->used - 1; + /* dest alias */ + tmpb = b->dp + b->used - 1; - /* carry */ - r = 0; - for (x = b->used - 1; x >= 0; x--) { - /* get the carry for the next iteration */ - rr = *tmpa & 1; + /* carry */ + r = 0; + for (x = b->used - 1; x >= 0; x--) { + /* get the carry for the next iteration */ + rr = *tmpa & 1u; - /* shift the current digit, add in carry and store */ - *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1)); + /* shift the current digit, add in carry and store */ + *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1)); - /* forward carry to next iteration */ - r = rr; - } + /* forward carry to next iteration */ + r = rr; + } - /* zero excess digits */ - tmpb = b->dp + b->used; - for (x = b->used; x < oldused; x++) { - *tmpb++ = 0; - } - } - b->sign = a->sign; - mp_clamp (b); - return MP_OKAY; + /* zero excess digits */ + tmpb = b->dp + b->used; + for (x = b->used; x < oldused; x++) { + *tmpb++ = 0; + } + } + b->sign = a->sign; + mp_clamp(b); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_div_2d.c b/src/ltm/bn_mp_div_2d.c index 5b9fb48..aeaa8f2 100644 --- a/src/ltm/bn_mp_div_2d.c +++ b/src/ltm/bn_mp_div_2d.c @@ -16,82 +16,71 @@ */ /* shift right by a certain bit count (store quotient in c, optional remainder in d) */ -int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) +int mp_div_2d(const mp_int *a, int b, mp_int *c, mp_int *d) { - mp_digit D, r, rr; - int x, res; - mp_int t; + mp_digit D, r, rr; + int x, res; - - /* if the shift count is <= 0 then we do no work */ - if (b <= 0) { - res = mp_copy (a, c); - if (d != NULL) { - mp_zero (d); - } - return res; - } - - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } - - /* get the remainder */ - if (d != NULL) { - if ((res = mp_mod_2d (a, b, &t)) != MP_OKAY) { - mp_clear (&t); + /* if the shift count is <= 0 then we do no work */ + if (b <= 0) { + res = mp_copy(a, c); + if (d != NULL) { + mp_zero(d); + } return res; - } - } + } - /* copy */ - if ((res = mp_copy (a, c)) != MP_OKAY) { - mp_clear (&t); - return res; - } + /* copy */ + if ((res = mp_copy(a, c)) != MP_OKAY) { + return res; + } + /* 'a' should not be used after here - it might be the same as d */ - /* shift by as many digits in the bit count */ - if (b >= (int)DIGIT_BIT) { - mp_rshd (c, b / DIGIT_BIT); - } + /* get the remainder */ + if (d != NULL) { + if ((res = mp_mod_2d(a, b, d)) != MP_OKAY) { + return res; + } + } - /* shift any bit count < DIGIT_BIT */ - D = (mp_digit) (b % DIGIT_BIT); - if (D != 0) { - mp_digit *tmpc, mask, shift; + /* shift by as many digits in the bit count */ + if (b >= DIGIT_BIT) { + mp_rshd(c, b / DIGIT_BIT); + } - /* mask */ - mask = (((mp_digit)1) << D) - 1; + /* shift any bit count < DIGIT_BIT */ + D = (mp_digit)(b % DIGIT_BIT); + if (D != 0u) { + mp_digit *tmpc, mask, shift; - /* shift for lsb */ - shift = DIGIT_BIT - D; + /* mask */ + mask = ((mp_digit)1 << D) - 1uL; - /* alias */ - tmpc = c->dp + (c->used - 1); + /* shift for lsb */ + shift = (mp_digit)DIGIT_BIT - D; - /* carry */ - r = 0; - for (x = c->used - 1; x >= 0; x--) { - /* get the lower bits of this word in a temp */ - rr = *tmpc & mask; + /* alias */ + tmpc = c->dp + (c->used - 1); - /* shift the current word and mix in the carry bits from the previous word */ - *tmpc = (*tmpc >> D) | (r << shift); - --tmpc; + /* carry */ + r = 0; + for (x = c->used - 1; x >= 0; x--) { + /* get the lower bits of this word in a temp */ + rr = *tmpc & mask; - /* set the carry to the carry bits of the current word found above */ - r = rr; - } - } - mp_clamp (c); - if (d != NULL) { - mp_exch (&t, d); - } - mp_clear (&t); - return MP_OKAY; + /* shift the current word and mix in the carry bits from the previous word */ + *tmpc = (*tmpc >> D) | (r << shift); + --tmpc; + + /* set the carry to the carry bits of the current word found above */ + r = rr; + } + } + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_div_3.c b/src/ltm/bn_mp_div_3.c index c2b76fb..9d41793 100644 --- a/src/ltm/bn_mp_div_3.c +++ b/src/ltm/bn_mp_div_3.c @@ -16,64 +16,63 @@ */ /* divide by three (based on routine from MPI and the GMP manual) */ -int -mp_div_3 (mp_int * a, mp_int *c, mp_digit * d) +int mp_div_3(const mp_int *a, mp_int *c, mp_digit *d) { - mp_int q; - mp_word w, t; - mp_digit b; - int res, ix; - - /* b = 2**DIGIT_BIT / 3 */ - b = (((mp_word)1) << ((mp_word)DIGIT_BIT)) / ((mp_word)3); + mp_int q; + mp_word w, t; + mp_digit b; + int res, ix; - if ((res = mp_init_size(&q, a->used)) != MP_OKAY) { - return res; - } - - q.used = a->used; - q.sign = a->sign; - w = 0; - for (ix = a->used - 1; ix >= 0; ix--) { - w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]); + /* b = 2**DIGIT_BIT / 3 */ + b = ((mp_word)1 << (mp_word)DIGIT_BIT) / (mp_word)3; - if (w >= 3) { - /* multiply w by [1/3] */ - t = (w * ((mp_word)b)) >> ((mp_word)DIGIT_BIT); + if ((res = mp_init_size(&q, a->used)) != MP_OKAY) { + return res; + } - /* now subtract 3 * [w/3] from w, to get the remainder */ - w -= t+t+t; + q.used = a->used; + q.sign = a->sign; + w = 0; + for (ix = a->used - 1; ix >= 0; ix--) { + w = (w << (mp_word)DIGIT_BIT) | (mp_word)a->dp[ix]; - /* fixup the remainder as required since - * the optimization is not exact. - */ - while (w >= 3) { - t += 1; - w -= 3; - } + if (w >= 3u) { + /* multiply w by [1/3] */ + t = (w * (mp_word)b) >> (mp_word)DIGIT_BIT; + + /* now subtract 3 * [w/3] from w, to get the remainder */ + w -= t+t+t; + + /* fixup the remainder as required since + * the optimization is not exact. + */ + while (w >= 3u) { + t += 1u; + w -= 3u; + } } else { - t = 0; + t = 0; } q.dp[ix] = (mp_digit)t; - } + } - /* [optional] store the remainder */ - if (d != NULL) { - *d = (mp_digit)w; - } + /* [optional] store the remainder */ + if (d != NULL) { + *d = (mp_digit)w; + } - /* [optional] store the quotient */ - if (c != NULL) { - mp_clamp(&q); - mp_exch(&q, c); - } - mp_clear(&q); - - return res; + /* [optional] store the quotient */ + if (c != NULL) { + mp_clamp(&q); + mp_exch(&q, c); + } + mp_clear(&q); + + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_div_d.c b/src/ltm/bn_mp_div_d.c index 4df1d36..2124bcc 100644 --- a/src/ltm/bn_mp_div_d.c +++ b/src/ltm/bn_mp_div_d.c @@ -20,12 +20,12 @@ static int s_is_power_of_two(mp_digit b, int *p) int x; /* fast return if no power of two */ - if ((b == 0) || ((b & (b-1)) != 0)) { + if ((b == 0u) || ((b & (b-1u)) != 0u)) { return 0; } for (x = 0; x < DIGIT_BIT; x++) { - if (b == (((mp_digit)1)<dp[0] & ((((mp_digit)1)<dp[0] & (((mp_digit)1<<(mp_digit)ix) - 1uL); + } + if (c != NULL) { + return mp_div_2d(a, ix, c, NULL); + } + return MP_OKAY; + } #ifdef BN_MP_DIV_3_C - /* three? */ - if (b == 3) { - return mp_div_3(a, c, d); - } + /* three? */ + if (b == 3u) { + return mp_div_3(a, c, d); + } #endif - /* no easy answer [c'est la vie]. Just division */ - if ((res = mp_init_size(&q, a->used)) != MP_OKAY) { - return res; - } - - q.used = a->used; - q.sign = a->sign; - w = 0; - for (ix = a->used - 1; ix >= 0; ix--) { - w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]); - - if (w >= b) { - t = (mp_digit)(w / b); - w -= ((mp_word)t) * ((mp_word)b); + /* no easy answer [c'est la vie]. Just division */ + if ((res = mp_init_size(&q, a->used)) != MP_OKAY) { + return res; + } + + q.used = a->used; + q.sign = a->sign; + w = 0; + for (ix = a->used - 1; ix >= 0; ix--) { + w = (w << (mp_word)DIGIT_BIT) | (mp_word)a->dp[ix]; + + if (w >= b) { + t = (mp_digit)(w / b); + w -= (mp_word)t * (mp_word)b; } else { - t = 0; + t = 0; } - q.dp[ix] = (mp_digit)t; - } - - if (d != NULL) { - *d = (mp_digit)w; - } - - if (c != NULL) { - mp_clamp(&q); - mp_exch(&q, c); - } - mp_clear(&q); - - return res; + q.dp[ix] = t; + } + + if (d != NULL) { + *d = (mp_digit)w; + } + + if (c != NULL) { + mp_clamp(&q); + mp_exch(&q, c); + } + mp_clear(&q); + + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_dr_is_modulus.c b/src/ltm/bn_mp_dr_is_modulus.c index 599d929..bf4ed8b 100644 --- a/src/ltm/bn_mp_dr_is_modulus.c +++ b/src/ltm/bn_mp_dr_is_modulus.c @@ -16,7 +16,7 @@ */ /* determines if a number is a valid DR modulus */ -int mp_dr_is_modulus(mp_int *a) +int mp_dr_is_modulus(const mp_int *a) { int ix; @@ -29,15 +29,15 @@ int mp_dr_is_modulus(mp_int *a) * but the first digit must be equal to -1 (mod b). */ for (ix = 1; ix < a->used; ix++) { - if (a->dp[ix] != MP_MASK) { - return 0; - } + if (a->dp[ix] != MP_MASK) { + return 0; + } } return 1; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_dr_reduce.c b/src/ltm/bn_mp_dr_reduce.c index 2273c79..d677b03 100644 --- a/src/ltm/bn_mp_dr_reduce.c +++ b/src/ltm/bn_mp_dr_reduce.c @@ -29,68 +29,67 @@ * * Input x must be in the range 0 <= x <= (n-1)**2 */ -int -mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k) +int mp_dr_reduce(mp_int *x, const mp_int *n, mp_digit k) { - int err, i, m; - mp_word r; - mp_digit mu, *tmpx1, *tmpx2; + int err, i, m; + mp_word r; + mp_digit mu, *tmpx1, *tmpx2; - /* m = digits in modulus */ - m = n->used; + /* m = digits in modulus */ + m = n->used; - /* ensure that "x" has at least 2m digits */ - if (x->alloc < (m + m)) { - if ((err = mp_grow (x, m + m)) != MP_OKAY) { - return err; - } - } + /* ensure that "x" has at least 2m digits */ + if (x->alloc < (m + m)) { + if ((err = mp_grow(x, m + m)) != MP_OKAY) { + return err; + } + } -/* top of loop, this is where the code resumes if - * another reduction pass is required. - */ + /* top of loop, this is where the code resumes if + * another reduction pass is required. + */ top: - /* aliases for digits */ - /* alias for lower half of x */ - tmpx1 = x->dp; + /* aliases for digits */ + /* alias for lower half of x */ + tmpx1 = x->dp; - /* alias for upper half of x, or x/B**m */ - tmpx2 = x->dp + m; + /* alias for upper half of x, or x/B**m */ + tmpx2 = x->dp + m; - /* set carry to zero */ - mu = 0; + /* set carry to zero */ + mu = 0; - /* compute (x mod B**m) + k * [x/B**m] inline and inplace */ - for (i = 0; i < m; i++) { - r = (((mp_word)*tmpx2++) * (mp_word)k) + *tmpx1 + mu; + /* compute (x mod B**m) + k * [x/B**m] inline and inplace */ + for (i = 0; i < m; i++) { + r = ((mp_word)*tmpx2++ * (mp_word)k) + *tmpx1 + mu; *tmpx1++ = (mp_digit)(r & MP_MASK); mu = (mp_digit)(r >> ((mp_word)DIGIT_BIT)); - } + } - /* set final carry */ - *tmpx1++ = mu; + /* set final carry */ + *tmpx1++ = mu; - /* zero words above m */ - for (i = m + 1; i < x->used; i++) { + /* zero words above m */ + for (i = m + 1; i < x->used; i++) { *tmpx1++ = 0; - } + } - /* clamp, sub and return */ - mp_clamp (x); + /* clamp, sub and return */ + mp_clamp(x); - /* if x >= n then subtract and reduce again - * Each successive "recursion" makes the input smaller and smaller. - */ - if (mp_cmp_mag (x, n) != MP_LT) { - if ((err = s_mp_sub(x, n, x)) != MP_OKAY) { - return err; - } - goto top; - } - return MP_OKAY; + /* if x >= n then subtract and reduce again + * Each successive "recursion" makes the input smaller and smaller. + */ + if (mp_cmp_mag(x, n) != MP_LT) { + if ((err = s_mp_sub(x, n, x)) != MP_OKAY) { + return err; + } + goto top; + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_dr_setup.c b/src/ltm/bn_mp_dr_setup.c index 1bccb2b..32aa582 100644 --- a/src/ltm/bn_mp_dr_setup.c +++ b/src/ltm/bn_mp_dr_setup.c @@ -16,17 +16,16 @@ */ /* determines the setup value */ -void mp_dr_setup(mp_int *a, mp_digit *d) +void mp_dr_setup(const mp_int *a, mp_digit *d) { /* the casts are required if DIGIT_BIT is one less than * the number of bits in a mp_digit [e.g. DIGIT_BIT==31] */ - *d = (mp_digit)((((mp_word)1) << ((mp_word)DIGIT_BIT)) - - ((mp_word)a->dp[0])); + *d = (mp_digit)(((mp_word)1 << (mp_word)DIGIT_BIT) - (mp_word)a->dp[0]); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_exch.c b/src/ltm/bn_mp_exch.c index 634193b..2bc635f 100644 --- a/src/ltm/bn_mp_exch.c +++ b/src/ltm/bn_mp_exch.c @@ -15,20 +15,19 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* swap the elements of two integers, for cases where you can't simply swap the +/* swap the elements of two integers, for cases where you can't simply swap the * mp_int pointers around */ -void -mp_exch (mp_int * a, mp_int * b) +void mp_exch(mp_int *a, mp_int *b) { - mp_int t; + mp_int t; - t = *a; - *a = *b; - *b = t; + t = *a; + *a = *b; + *b = t; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_export.c b/src/ltm/bn_mp_export.c index 9e7f7c4..92a85d5 100644 --- a/src/ltm/bn_mp_export.c +++ b/src/ltm/bn_mp_export.c @@ -18,71 +18,70 @@ /* based on gmp's mpz_export. * see http://gmplib.org/manual/Integer-Import-and-Export.html */ -int mp_export(void* rop, size_t* countp, int order, size_t size, - int endian, size_t nails, mp_int* op) { - int result; - size_t odd_nails, nail_bytes, i, j, bits, count; - unsigned char odd_nail_mask; +int mp_export(void *rop, size_t *countp, int order, size_t size, + int endian, size_t nails, const mp_int *op) +{ + int result; + size_t odd_nails, nail_bytes, i, j, bits, count; + unsigned char odd_nail_mask; - mp_int t; + mp_int t; - if ((result = mp_init_copy(&t, op)) != MP_OKAY) { - return result; - } + if ((result = mp_init_copy(&t, op)) != MP_OKAY) { + return result; + } - if (endian == 0) { - union { - unsigned int i; - char c[4]; - } lint; - lint.i = 0x01020304; - - endian = (lint.c[0] == 4) ? -1 : 1; - } + if (endian == 0) { + union { + unsigned int i; + char c[4]; + } lint; + lint.i = 0x01020304; - odd_nails = (nails % 8); - odd_nail_mask = 0xff; - for (i = 0; i < odd_nails; ++i) { - odd_nail_mask ^= (1 << (7 - i)); - } - nail_bytes = nails / 8; + endian = (lint.c[0] == '\x04') ? -1 : 1; + } - bits = mp_count_bits(&t); - count = (bits / ((size * 8) - nails)) + (((bits % ((size * 8) - nails)) != 0) ? 1 : 0); + odd_nails = (nails % 8u); + odd_nail_mask = 0xff; + for (i = 0; i < odd_nails; ++i) { + odd_nail_mask ^= (unsigned char)(1u << (7u - i)); + } + nail_bytes = nails / 8u; - for (i = 0; i < count; ++i) { - for (j = 0; j < size; ++j) { - unsigned char* byte = ( - (unsigned char*)rop + - (((order == -1) ? i : ((count - 1) - i)) * size) + - ((endian == -1) ? j : ((size - 1) - j)) - ); + bits = (size_t)mp_count_bits(&t); + count = (bits / ((size * 8u) - nails)) + (((bits % ((size * 8u) - nails)) != 0u) ? 1u : 0u); - if (j >= (size - nail_bytes)) { - *byte = 0; - continue; - } + for (i = 0; i < count; ++i) { + for (j = 0; j < size; ++j) { + unsigned char *byte = (unsigned char *)rop + + (((order == -1) ? i : ((count - 1u) - i)) * size) + + ((endian == -1) ? j : ((size - 1u) - j)); - *byte = (unsigned char)((j == ((size - nail_bytes) - 1)) ? (t.dp[0] & odd_nail_mask) : (t.dp[0] & 0xFF)); + if (j >= (size - nail_bytes)) { + *byte = 0; + continue; + } - if ((result = mp_div_2d(&t, (int)((j == ((size - nail_bytes) - 1)) ? (8 - odd_nails) : 8), &t, NULL)) != MP_OKAY) { - mp_clear(&t); - return result; - } - } - } + *byte = (unsigned char)((j == ((size - nail_bytes) - 1u)) ? (t.dp[0] & odd_nail_mask) : (t.dp[0] & 0xFFuL)); - mp_clear(&t); + if ((result = mp_div_2d(&t, (j == ((size - nail_bytes) - 1u)) ? (int)(8u - odd_nails) : 8, &t, NULL)) != MP_OKAY) { + mp_clear(&t); + return result; + } + } + } - if (countp != NULL) { - *countp = count; - } + mp_clear(&t); - return MP_OKAY; + if (countp != NULL) { + *countp = count; + } + + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_expt_d.c b/src/ltm/bn_mp_expt_d.c index 61c5a1d..f5ce3c1 100644 --- a/src/ltm/bn_mp_expt_d.c +++ b/src/ltm/bn_mp_expt_d.c @@ -16,13 +16,13 @@ */ /* wrapper function for mp_expt_d_ex() */ -int mp_expt_d (mp_int * a, mp_digit b, mp_int * c) +int mp_expt_d(const mp_int *a, mp_digit b, mp_int *c) { - return mp_expt_d_ex(a, b, c, 0); + return mp_expt_d_ex(a, b, c, 0); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_expt_d_ex.c b/src/ltm/bn_mp_expt_d_ex.c index 649d224..d363d59 100644 --- a/src/ltm/bn_mp_expt_d_ex.c +++ b/src/ltm/bn_mp_expt_d_ex.c @@ -16,68 +16,67 @@ */ /* calculate c = a**b using a square-multiply algorithm */ -int mp_expt_d_ex (mp_int * a, mp_digit b, mp_int * c, int fast) +int mp_expt_d_ex(const mp_int *a, mp_digit b, mp_int *c, int fast) { - int res; - unsigned int x; + int res; + unsigned int x; - mp_int g; + mp_int g; - if ((res = mp_init_copy (&g, a)) != MP_OKAY) { - return res; - } + if ((res = mp_init_copy(&g, a)) != MP_OKAY) { + return res; + } - /* set initial result */ - mp_set (c, 1); + /* set initial result */ + mp_set(c, 1uL); - if (fast != 0) { - while (b > 0) { - /* if the bit is set multiply */ - if ((b & 1) != 0) { - if ((res = mp_mul (c, &g, c)) != MP_OKAY) { - mp_clear (&g); - return res; - } + if (fast != 0) { + while (b > 0u) { + /* if the bit is set multiply */ + if ((b & 1u) != 0u) { + if ((res = mp_mul(c, &g, c)) != MP_OKAY) { + mp_clear(&g); + return res; + } + } + + /* square */ + if (b > 1u) { + if ((res = mp_sqr(&g, &g)) != MP_OKAY) { + mp_clear(&g); + return res; + } + } + + /* shift to next bit */ + b >>= 1; } + } else { + for (x = 0; x < (unsigned)DIGIT_BIT; x++) { + /* square */ + if ((res = mp_sqr(c, c)) != MP_OKAY) { + mp_clear(&g); + return res; + } - /* square */ - if (b > 1) { - if ((res = mp_sqr (&g, &g)) != MP_OKAY) { - mp_clear (&g); - return res; - } + /* if the bit is set multiply */ + if ((b & ((mp_digit)1 << (DIGIT_BIT - 1))) != 0u) { + if ((res = mp_mul(c, &g, c)) != MP_OKAY) { + mp_clear(&g); + return res; + } + } + + /* shift to next bit */ + b <<= 1; } + } /* if ... else */ - /* shift to next bit */ - b >>= 1; - } - } - else { - for (x = 0; x < DIGIT_BIT; x++) { - /* square */ - if ((res = mp_sqr (c, c)) != MP_OKAY) { - mp_clear (&g); - return res; - } - - /* if the bit is set multiply */ - if ((b & (mp_digit) (((mp_digit)1) << (DIGIT_BIT - 1))) != 0) { - if ((res = mp_mul (c, &g, c)) != MP_OKAY) { - mp_clear (&g); - return res; - } - } - - /* shift to next bit */ - b <<= 1; - } - } /* if ... else */ - - mp_clear (&g); - return MP_OKAY; + mp_clear(&g); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_exptmod.c b/src/ltm/bn_mp_exptmod.c index 0973e44..934fd25 100644 --- a/src/ltm/bn_mp_exptmod.c +++ b/src/ltm/bn_mp_exptmod.c @@ -21,92 +21,92 @@ * embedded in the normal function but that wasted alot of stack space * for nothing (since 99% of the time the Montgomery code would be called) */ -int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) +int mp_exptmod(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y) { - int dr; + int dr; - /* modulus P must be positive */ - if (P->sign == MP_NEG) { - return MP_VAL; - } + /* modulus P must be positive */ + if (P->sign == MP_NEG) { + return MP_VAL; + } - /* if exponent X is negative we have to recurse */ - if (X->sign == MP_NEG) { + /* if exponent X is negative we have to recurse */ + if (X->sign == MP_NEG) { #ifdef BN_MP_INVMOD_C - mp_int tmpG, tmpX; - int err; + mp_int tmpG, tmpX; + int err; - /* first compute 1/G mod P */ - if ((err = mp_init(&tmpG)) != MP_OKAY) { - return err; - } - if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) { - mp_clear(&tmpG); - return err; - } + /* first compute 1/G mod P */ + if ((err = mp_init(&tmpG)) != MP_OKAY) { + return err; + } + if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) { + mp_clear(&tmpG); + return err; + } - /* now get |X| */ - if ((err = mp_init(&tmpX)) != MP_OKAY) { - mp_clear(&tmpG); - return err; - } - if ((err = mp_abs(X, &tmpX)) != MP_OKAY) { - mp_clear_multi(&tmpG, &tmpX, NULL); - return err; - } + /* now get |X| */ + if ((err = mp_init(&tmpX)) != MP_OKAY) { + mp_clear(&tmpG); + return err; + } + if ((err = mp_abs(X, &tmpX)) != MP_OKAY) { + mp_clear_multi(&tmpG, &tmpX, NULL); + return err; + } - /* and now compute (1/G)**|X| instead of G**X [X < 0] */ - err = mp_exptmod(&tmpG, &tmpX, P, Y); - mp_clear_multi(&tmpG, &tmpX, NULL); - return err; -#else - /* no invmod */ - return MP_VAL; + /* and now compute (1/G)**|X| instead of G**X [X < 0] */ + err = mp_exptmod(&tmpG, &tmpX, P, Y); + mp_clear_multi(&tmpG, &tmpX, NULL); + return err; +#else + /* no invmod */ + return MP_VAL; #endif - } + } -/* modified diminished radix reduction */ + /* modified diminished radix reduction */ #if defined(BN_MP_REDUCE_IS_2K_L_C) && defined(BN_MP_REDUCE_2K_L_C) && defined(BN_S_MP_EXPTMOD_C) - if (mp_reduce_is_2k_l(P) == MP_YES) { - return s_mp_exptmod(G, X, P, Y, 1); - } + if (mp_reduce_is_2k_l(P) == MP_YES) { + return s_mp_exptmod(G, X, P, Y, 1); + } #endif #ifdef BN_MP_DR_IS_MODULUS_C - /* is it a DR modulus? */ - dr = mp_dr_is_modulus(P); + /* is it a DR modulus? */ + dr = mp_dr_is_modulus(P); #else - /* default to no */ - dr = 0; + /* default to no */ + dr = 0; #endif #ifdef BN_MP_REDUCE_IS_2K_C - /* if not, is it a unrestricted DR modulus? */ - if (dr == 0) { - dr = mp_reduce_is_2k(P) << 1; - } + /* if not, is it a unrestricted DR modulus? */ + if (dr == 0) { + dr = mp_reduce_is_2k(P) << 1; + } #endif - - /* if the modulus is odd or dr != 0 use the montgomery method */ + + /* if the modulus is odd or dr != 0 use the montgomery method */ #ifdef BN_MP_EXPTMOD_FAST_C - if ((mp_isodd (P) == MP_YES) || (dr != 0)) { - return mp_exptmod_fast (G, X, P, Y, dr); - } else { + if ((mp_isodd(P) == MP_YES) || (dr != 0)) { + return mp_exptmod_fast(G, X, P, Y, dr); + } else { #endif #ifdef BN_S_MP_EXPTMOD_C - /* otherwise use the generic Barrett reduction technique */ - return s_mp_exptmod (G, X, P, Y, 0); + /* otherwise use the generic Barrett reduction technique */ + return s_mp_exptmod(G, X, P, Y, 0); #else - /* no exptmod for evens */ - return MP_VAL; + /* no exptmod for evens */ + return MP_VAL; #endif #ifdef BN_MP_EXPTMOD_FAST_C - } + } #endif } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_exptmod_fast.c b/src/ltm/bn_mp_exptmod_fast.c index 8d280bd..52d4a55 100644 --- a/src/ltm/bn_mp_exptmod_fast.c +++ b/src/ltm/bn_mp_exptmod_fast.c @@ -24,298 +24,299 @@ */ #ifdef MP_LOW_MEM - #define TAB_SIZE 32 +# define TAB_SIZE 32 #else - #define TAB_SIZE 256 +# define TAB_SIZE 256 #endif -int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) +int mp_exptmod_fast(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y, int redmode) { - mp_int M[TAB_SIZE], res; - mp_digit buf, mp; - int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; + mp_int M[TAB_SIZE], res; + mp_digit buf, mp; + int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; - /* use a pointer to the reduction algorithm. This allows us to use - * one of many reduction algorithms without modding the guts of - * the code with if statements everywhere. - */ - int (*redux)(mp_int*,mp_int*,mp_digit); + /* use a pointer to the reduction algorithm. This allows us to use + * one of many reduction algorithms without modding the guts of + * the code with if statements everywhere. + */ + int (*redux)(mp_int *x, const mp_int *n, mp_digit rho); - /* find window size */ - x = mp_count_bits (X); - if (x <= 7) { - winsize = 2; - } else if (x <= 36) { - winsize = 3; - } else if (x <= 140) { - winsize = 4; - } else if (x <= 450) { - winsize = 5; - } else if (x <= 1303) { - winsize = 6; - } else if (x <= 3529) { - winsize = 7; - } else { - winsize = 8; - } + /* find window size */ + x = mp_count_bits(X); + if (x <= 7) { + winsize = 2; + } else if (x <= 36) { + winsize = 3; + } else if (x <= 140) { + winsize = 4; + } else if (x <= 450) { + winsize = 5; + } else if (x <= 1303) { + winsize = 6; + } else if (x <= 3529) { + winsize = 7; + } else { + winsize = 8; + } #ifdef MP_LOW_MEM - if (winsize > 5) { - winsize = 5; - } + if (winsize > 5) { + winsize = 5; + } #endif - /* init M array */ - /* init first cell */ - if ((err = mp_init(&M[1])) != MP_OKAY) { - return err; - } - - /* now init the second half of the array */ - for (x = 1<<(winsize-1); x < (1 << winsize); x++) { - if ((err = mp_init(&M[x])) != MP_OKAY) { - for (y = 1<<(winsize-1); y < x; y++) { - mp_clear (&M[y]); - } - mp_clear(&M[1]); + /* init M array */ + /* init first cell */ + if ((err = mp_init_size(&M[1], P->alloc)) != MP_OKAY) { return err; - } - } + } - /* determine and setup reduction code */ - if (redmode == 0) { -#ifdef BN_MP_MONTGOMERY_SETUP_C - /* now setup montgomery */ - if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) { - goto LBL_M; - } + /* now init the second half of the array */ + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + if ((err = mp_init_size(&M[x], P->alloc)) != MP_OKAY) { + for (y = 1<<(winsize-1); y < x; y++) { + mp_clear(&M[y]); + } + mp_clear(&M[1]); + return err; + } + } + + /* determine and setup reduction code */ + if (redmode == 0) { +#ifdef BN_MP_MONTGOMERY_SETUP_C + /* now setup montgomery */ + if ((err = mp_montgomery_setup(P, &mp)) != MP_OKAY) { + goto LBL_M; + } #else - err = MP_VAL; - goto LBL_M; + err = MP_VAL; + goto LBL_M; #endif - /* automatically pick the comba one if available (saves quite a few calls/ifs) */ + /* automatically pick the comba one if available (saves quite a few calls/ifs) */ #ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C - if ((((P->used * 2) + 1) < MP_WARRAY) && + if ((((P->used * 2) + 1) < (int)MP_WARRAY) && (P->used < (1 << ((CHAR_BIT * sizeof(mp_word)) - (2 * DIGIT_BIT))))) { - redux = fast_mp_montgomery_reduce; - } else + redux = fast_mp_montgomery_reduce; + } else #endif - { + { #ifdef BN_MP_MONTGOMERY_REDUCE_C - /* use slower baseline Montgomery method */ - redux = mp_montgomery_reduce; + /* use slower baseline Montgomery method */ + redux = mp_montgomery_reduce; #else - err = MP_VAL; - goto LBL_M; + err = MP_VAL; + goto LBL_M; #endif - } - } else if (redmode == 1) { + } + } else if (redmode == 1) { #if defined(BN_MP_DR_SETUP_C) && defined(BN_MP_DR_REDUCE_C) - /* setup DR reduction for moduli of the form B**k - b */ - mp_dr_setup(P, &mp); - redux = mp_dr_reduce; + /* setup DR reduction for moduli of the form B**k - b */ + mp_dr_setup(P, &mp); + redux = mp_dr_reduce; #else - err = MP_VAL; - goto LBL_M; + err = MP_VAL; + goto LBL_M; #endif - } else { + } else { #if defined(BN_MP_REDUCE_2K_SETUP_C) && defined(BN_MP_REDUCE_2K_C) - /* setup DR reduction for moduli of the form 2**k - b */ - if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) { - goto LBL_M; - } - redux = mp_reduce_2k; + /* setup DR reduction for moduli of the form 2**k - b */ + if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) { + goto LBL_M; + } + redux = mp_reduce_2k; #else - err = MP_VAL; - goto LBL_M; + err = MP_VAL; + goto LBL_M; #endif - } + } - /* setup result */ - if ((err = mp_init (&res)) != MP_OKAY) { - goto LBL_M; - } + /* setup result */ + if ((err = mp_init_size(&res, P->alloc)) != MP_OKAY) { + goto LBL_M; + } - /* create M table - * + /* create M table + * - * - * The first half of the table is not computed though accept for M[0] and M[1] - */ + * + * The first half of the table is not computed though accept for M[0] and M[1] + */ - if (redmode == 0) { + if (redmode == 0) { #ifdef BN_MP_MONTGOMERY_CALC_NORMALIZATION_C - /* now we need R mod m */ - if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) { - goto LBL_RES; - } -#else - err = MP_VAL; - goto LBL_RES; + /* now we need R mod m */ + if ((err = mp_montgomery_calc_normalization(&res, P)) != MP_OKAY) { + goto LBL_RES; + } + + /* now set M[1] to G * R mod m */ + if ((err = mp_mulmod(G, &res, P, &M[1])) != MP_OKAY) { + goto LBL_RES; + } +#else + err = MP_VAL; + goto LBL_RES; #endif + } else { + mp_set(&res, 1uL); + if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) { + goto LBL_RES; + } + } - /* now set M[1] to G * R mod m */ - if ((err = mp_mulmod (G, &res, P, &M[1])) != MP_OKAY) { - goto LBL_RES; - } - } else { - mp_set(&res, 1); - if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) { - goto LBL_RES; - } - } - - /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */ - if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { - goto LBL_RES; - } - - for (x = 0; x < (winsize - 1); x++) { - if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { + /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */ + if ((err = mp_copy(&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { goto LBL_RES; - } - if ((err = redux (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { - goto LBL_RES; - } - } + } - /* create upper table */ - for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { - if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&M[x], P, mp)) != MP_OKAY) { - goto LBL_RES; - } - } - - /* set initial mode and bit cnt */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = X->used - 1; - bitcpy = 0; - bitbuf = 0; - - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - /* if digidx == -1 we are out of digits so break */ - if (digidx == -1) { - break; + for (x = 0; x < (winsize - 1); x++) { + if ((err = mp_sqr(&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_RES; } - /* read next digit and reset bitcnt */ - buf = X->dp[digidx--]; - bitcnt = (int)DIGIT_BIT; - } - - /* grab the next msb from the exponent */ - y = (mp_digit)(buf >> (DIGIT_BIT - 1)) & 1; - buf <<= (mp_digit)1; - - /* if the bit is zero and mode == 0 then we ignore it - * These represent the leading zero bits before the first 1 bit - * in the exponent. Technically this opt is not required but it - * does lower the # of trivial squaring/reductions used - */ - if ((mode == 0) && (y == 0)) { - continue; - } - - /* if the bit is zero and mode == 1 then we square */ - if ((mode == 1) && (y == 0)) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; + if ((err = redux(&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { + goto LBL_RES; } - if ((err = redux (&res, P, mp)) != MP_OKAY) { - goto LBL_RES; + } + + /* create upper table */ + for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { + if ((err = mp_mul(&M[x - 1], &M[1], &M[x])) != MP_OKAY) { + goto LBL_RES; } - continue; - } + if ((err = redux(&M[x], P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } - /* else we add it to the window */ - bitbuf |= (y << (winsize - ++bitcpy)); - mode = 2; + /* set initial mode and bit cnt */ + mode = 0; + bitcnt = 1; + buf = 0; + digidx = X->used - 1; + bitcpy = 0; + bitbuf = 0; - if (bitcpy == winsize) { - /* ok window is filled so square as required and multiply */ - /* square first */ - for (x = 0; x < winsize; x++) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, mp)) != MP_OKAY) { - goto LBL_RES; - } + for (;;) { + /* grab next digit as required */ + if (--bitcnt == 0) { + /* if digidx == -1 we are out of digits so break */ + if (digidx == -1) { + break; + } + /* read next digit and reset bitcnt */ + buf = X->dp[digidx--]; + bitcnt = (int)DIGIT_BIT; } - /* then multiply */ - if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, mp)) != MP_OKAY) { - goto LBL_RES; + /* grab the next msb from the exponent */ + y = (mp_digit)(buf >> (DIGIT_BIT - 1)) & 1; + buf <<= (mp_digit)1; + + /* if the bit is zero and mode == 0 then we ignore it + * These represent the leading zero bits before the first 1 bit + * in the exponent. Technically this opt is not required but it + * does lower the # of trivial squaring/reductions used + */ + if ((mode == 0) && (y == 0)) { + continue; } - /* empty window and reset */ - bitcpy = 0; - bitbuf = 0; - mode = 1; - } - } - - /* if bits remain then square/multiply */ - if ((mode == 2) && (bitcpy > 0)) { - /* square then multiply if the bit is set */ - for (x = 0; x < bitcpy; x++) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, mp)) != MP_OKAY) { - goto LBL_RES; + /* if the bit is zero and mode == 1 then we square */ + if ((mode == 1) && (y == 0)) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + continue; } - /* get next bit of the window */ - bitbuf <<= 1; - if ((bitbuf & (1 << winsize)) != 0) { - /* then multiply */ - if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, mp)) != MP_OKAY) { - goto LBL_RES; - } + /* else we add it to the window */ + bitbuf |= (y << (winsize - ++bitcpy)); + mode = 2; + + if (bitcpy == winsize) { + /* ok window is filled so square as required and multiply */ + /* square first */ + for (x = 0; x < winsize; x++) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* then multiply */ + if ((err = mp_mul(&res, &M[bitbuf], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + + /* empty window and reset */ + bitcpy = 0; + bitbuf = 0; + mode = 1; } - } - } + } - if (redmode == 0) { - /* fixup result if Montgomery reduction is used - * recall that any value in a Montgomery system is - * actually multiplied by R mod n. So we have - * to reduce one more time to cancel out the factor - * of R. - */ - if ((err = redux(&res, P, mp)) != MP_OKAY) { - goto LBL_RES; - } - } + /* if bits remain then square/multiply */ + if ((mode == 2) && (bitcpy > 0)) { + /* square then multiply if the bit is set */ + for (x = 0; x < bitcpy; x++) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } - /* swap res with Y */ - mp_exch (&res, Y); - err = MP_OKAY; -LBL_RES:mp_clear (&res); + /* get next bit of the window */ + bitbuf <<= 1; + if ((bitbuf & (1 << winsize)) != 0) { + /* then multiply */ + if ((err = mp_mul(&res, &M[1], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + } + } + + if (redmode == 0) { + /* fixup result if Montgomery reduction is used + * recall that any value in a Montgomery system is + * actually multiplied by R mod n. So we have + * to reduce one more time to cancel out the factor + * of R. + */ + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* swap res with Y */ + mp_exch(&res, Y); + err = MP_OKAY; +LBL_RES: + mp_clear(&res); LBL_M: - mp_clear(&M[1]); - for (x = 1<<(winsize-1); x < (1 << winsize); x++) { - mp_clear (&M[x]); - } - return err; + mp_clear(&M[1]); + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + mp_clear(&M[x]); + } + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_exteuclid.c b/src/ltm/bn_mp_exteuclid.c index fbbd92c..29bad83 100644 --- a/src/ltm/bn_mp_exteuclid.c +++ b/src/ltm/bn_mp_exteuclid.c @@ -18,9 +18,9 @@ /* Extended euclidean algorithm of (a, b) produces a*u1 + b*u2 = u3 */ -int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3) +int mp_exteuclid(const mp_int *a, const mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3) { - mp_int u1,u2,u3,v1,v2,v3,t1,t2,t3,q,tmp; + mp_int u1, u2, u3, v1, v2, v3, t1, t2, t3, q, tmp; int err; if ((err = mp_init_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL)) != MP_OKAY) { @@ -28,55 +28,98 @@ int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3) } /* initialize, (u1,u2,u3) = (1,0,a) */ - mp_set(&u1, 1); - if ((err = mp_copy(a, &u3)) != MP_OKAY) { goto _ERR; } + mp_set(&u1, 1uL); + if ((err = mp_copy(a, &u3)) != MP_OKAY) { + goto LBL_ERR; + } /* initialize, (v1,v2,v3) = (0,1,b) */ - mp_set(&v2, 1); - if ((err = mp_copy(b, &v3)) != MP_OKAY) { goto _ERR; } + mp_set(&v2, 1uL); + if ((err = mp_copy(b, &v3)) != MP_OKAY) { + goto LBL_ERR; + } /* loop while v3 != 0 */ while (mp_iszero(&v3) == MP_NO) { - /* q = u3/v3 */ - if ((err = mp_div(&u3, &v3, &q, NULL)) != MP_OKAY) { goto _ERR; } + /* q = u3/v3 */ + if ((err = mp_div(&u3, &v3, &q, NULL)) != MP_OKAY) { + goto LBL_ERR; + } - /* (t1,t2,t3) = (u1,u2,u3) - (v1,v2,v3)q */ - if ((err = mp_mul(&v1, &q, &tmp)) != MP_OKAY) { goto _ERR; } - if ((err = mp_sub(&u1, &tmp, &t1)) != MP_OKAY) { goto _ERR; } - if ((err = mp_mul(&v2, &q, &tmp)) != MP_OKAY) { goto _ERR; } - if ((err = mp_sub(&u2, &tmp, &t2)) != MP_OKAY) { goto _ERR; } - if ((err = mp_mul(&v3, &q, &tmp)) != MP_OKAY) { goto _ERR; } - if ((err = mp_sub(&u3, &tmp, &t3)) != MP_OKAY) { goto _ERR; } + /* (t1,t2,t3) = (u1,u2,u3) - (v1,v2,v3)q */ + if ((err = mp_mul(&v1, &q, &tmp)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_sub(&u1, &tmp, &t1)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_mul(&v2, &q, &tmp)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_sub(&u2, &tmp, &t2)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_mul(&v3, &q, &tmp)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_sub(&u3, &tmp, &t3)) != MP_OKAY) { + goto LBL_ERR; + } - /* (u1,u2,u3) = (v1,v2,v3) */ - if ((err = mp_copy(&v1, &u1)) != MP_OKAY) { goto _ERR; } - if ((err = mp_copy(&v2, &u2)) != MP_OKAY) { goto _ERR; } - if ((err = mp_copy(&v3, &u3)) != MP_OKAY) { goto _ERR; } + /* (u1,u2,u3) = (v1,v2,v3) */ + if ((err = mp_copy(&v1, &u1)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_copy(&v2, &u2)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_copy(&v3, &u3)) != MP_OKAY) { + goto LBL_ERR; + } - /* (v1,v2,v3) = (t1,t2,t3) */ - if ((err = mp_copy(&t1, &v1)) != MP_OKAY) { goto _ERR; } - if ((err = mp_copy(&t2, &v2)) != MP_OKAY) { goto _ERR; } - if ((err = mp_copy(&t3, &v3)) != MP_OKAY) { goto _ERR; } + /* (v1,v2,v3) = (t1,t2,t3) */ + if ((err = mp_copy(&t1, &v1)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_copy(&t2, &v2)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_copy(&t3, &v3)) != MP_OKAY) { + goto LBL_ERR; + } } /* make sure U3 >= 0 */ if (u3.sign == MP_NEG) { - if ((err = mp_neg(&u1, &u1)) != MP_OKAY) { goto _ERR; } - if ((err = mp_neg(&u2, &u2)) != MP_OKAY) { goto _ERR; } - if ((err = mp_neg(&u3, &u3)) != MP_OKAY) { goto _ERR; } + if ((err = mp_neg(&u1, &u1)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_neg(&u2, &u2)) != MP_OKAY) { + goto LBL_ERR; + } + if ((err = mp_neg(&u3, &u3)) != MP_OKAY) { + goto LBL_ERR; + } } /* copy result out */ - if (U1 != NULL) { mp_exch(U1, &u1); } - if (U2 != NULL) { mp_exch(U2, &u2); } - if (U3 != NULL) { mp_exch(U3, &u3); } + if (U1 != NULL) { + mp_exch(U1, &u1); + } + if (U2 != NULL) { + mp_exch(U2, &u2); + } + if (U3 != NULL) { + mp_exch(U3, &u3); + } err = MP_OKAY; -_ERR: mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL); +LBL_ERR: + mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL); return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_fread.c b/src/ltm/bn_mp_fread.c index a4fa8c9..6922183 100644 --- a/src/ltm/bn_mp_fread.c +++ b/src/ltm/bn_mp_fread.c @@ -15,53 +15,57 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ +#ifndef LTM_NO_FILE /* read a bigint from a file stream in ASCII */ int mp_fread(mp_int *a, int radix, FILE *stream) { int err, ch, neg, y; - + unsigned pos; + /* clear a */ mp_zero(a); - + /* if first digit is - then set negative */ ch = fgetc(stream); - if (ch == '-') { + if (ch == (int)'-') { neg = MP_NEG; ch = fgetc(stream); } else { neg = MP_ZPOS; } - + for (;;) { - /* find y in the radix map */ - for (y = 0; y < radix; y++) { - if (mp_s_rmap[y] == ch) { - break; - } - } - if (y == radix) { + pos = (unsigned)(ch - (int)'('); + if (mp_s_rmap_reverse_sz < pos) { break; } - + + y = (int)mp_s_rmap_reverse[pos]; + + if ((y == 0xff) || (y >= radix)) { + break; + } + /* shift up and add */ - if ((err = mp_mul_d(a, radix, a)) != MP_OKAY) { + if ((err = mp_mul_d(a, (mp_digit)radix, a)) != MP_OKAY) { return err; } - if ((err = mp_add_d(a, y, a)) != MP_OKAY) { + if ((err = mp_add_d(a, (mp_digit)y, a)) != MP_OKAY) { return err; } - + ch = fgetc(stream); } - if (mp_cmp_d(a, 0) != MP_EQ) { + if (mp_cmp_d(a, 0uL) != MP_EQ) { a->sign = neg; } - + return MP_OKAY; } +#endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_fwrite.c b/src/ltm/bn_mp_fwrite.c index 90f1fc5..8541bc7 100644 --- a/src/ltm/bn_mp_fwrite.c +++ b/src/ltm/bn_mp_fwrite.c @@ -15,38 +15,40 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -int mp_fwrite(mp_int *a, int radix, FILE *stream) +#ifndef LTM_NO_FILE +int mp_fwrite(const mp_int *a, int radix, FILE *stream) { char *buf; int err, len, x; - + if ((err = mp_radix_size(a, radix, &len)) != MP_OKAY) { return err; } - buf = OPT_CAST(char) XMALLOC (len); + buf = OPT_CAST(char) XMALLOC((size_t)len); if (buf == NULL) { return MP_MEM; } - + if ((err = mp_toradix(a, buf, radix)) != MP_OKAY) { - XFREE (buf); + XFREE(buf); return err; } - + for (x = 0; x < len; x++) { - if (fputc(buf[x], stream) == EOF) { - XFREE (buf); - return MP_VAL; - } + if (fputc((int)buf[x], stream) == EOF) { + XFREE(buf); + return MP_VAL; + } } - - XFREE (buf); + + XFREE(buf); return MP_OKAY; } +#endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_gcd.c b/src/ltm/bn_mp_gcd.c index 16acfd9..f5aa78b 100644 --- a/src/ltm/bn_mp_gcd.c +++ b/src/ltm/bn_mp_gcd.c @@ -16,90 +16,92 @@ */ /* Greatest Common Divisor using the binary method */ -int mp_gcd (mp_int * a, mp_int * b, mp_int * c) +int mp_gcd(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int u, v; - int k, u_lsb, v_lsb, res; + mp_int u, v; + int k, u_lsb, v_lsb, res; - /* either zero than gcd is the largest */ - if (mp_iszero (a) == MP_YES) { - return mp_abs (b, c); - } - if (mp_iszero (b) == MP_YES) { - return mp_abs (a, c); - } + /* either zero than gcd is the largest */ + if (mp_iszero(a) == MP_YES) { + return mp_abs(b, c); + } + if (mp_iszero(b) == MP_YES) { + return mp_abs(a, c); + } - /* get copies of a and b we can modify */ - if ((res = mp_init_copy (&u, a)) != MP_OKAY) { - return res; - } + /* get copies of a and b we can modify */ + if ((res = mp_init_copy(&u, a)) != MP_OKAY) { + return res; + } - if ((res = mp_init_copy (&v, b)) != MP_OKAY) { - goto LBL_U; - } + if ((res = mp_init_copy(&v, b)) != MP_OKAY) { + goto LBL_U; + } - /* must be positive for the remainder of the algorithm */ - u.sign = v.sign = MP_ZPOS; + /* must be positive for the remainder of the algorithm */ + u.sign = v.sign = MP_ZPOS; - /* B1. Find the common power of two for u and v */ - u_lsb = mp_cnt_lsb(&u); - v_lsb = mp_cnt_lsb(&v); - k = MIN(u_lsb, v_lsb); + /* B1. Find the common power of two for u and v */ + u_lsb = mp_cnt_lsb(&u); + v_lsb = mp_cnt_lsb(&v); + k = MIN(u_lsb, v_lsb); - if (k > 0) { - /* divide the power of two out */ - if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) { - goto LBL_V; - } + if (k > 0) { + /* divide the power of two out */ + if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) { + goto LBL_V; + } - if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) { - goto LBL_V; - } - } + if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } - /* divide any remaining factors of two out */ - if (u_lsb != k) { - if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) { - goto LBL_V; - } - } + /* divide any remaining factors of two out */ + if (u_lsb != k) { + if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) { + goto LBL_V; + } + } - if (v_lsb != k) { - if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) { - goto LBL_V; - } - } + if (v_lsb != k) { + if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } - while (mp_iszero(&v) == MP_NO) { - /* make sure v is the largest */ - if (mp_cmp_mag(&u, &v) == MP_GT) { - /* swap u and v to make sure v is >= u */ - mp_exch(&u, &v); - } - - /* subtract smallest from largest */ - if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) { - goto LBL_V; - } - - /* Divide out all factors of two */ - if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) { - goto LBL_V; - } - } + while (mp_iszero(&v) == MP_NO) { + /* make sure v is the largest */ + if (mp_cmp_mag(&u, &v) == MP_GT) { + /* swap u and v to make sure v is >= u */ + mp_exch(&u, &v); + } - /* multiply by 2**k which we divided out at the beginning */ - if ((res = mp_mul_2d (&u, k, c)) != MP_OKAY) { - goto LBL_V; - } - c->sign = MP_ZPOS; - res = MP_OKAY; -LBL_V:mp_clear (&u); -LBL_U:mp_clear (&v); - return res; + /* subtract smallest from largest */ + if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) { + goto LBL_V; + } + + /* Divide out all factors of two */ + if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } + + /* multiply by 2**k which we divided out at the beginning */ + if ((res = mp_mul_2d(&u, k, c)) != MP_OKAY) { + goto LBL_V; + } + c->sign = MP_ZPOS; + res = MP_OKAY; +LBL_V: + mp_clear(&u); +LBL_U: + mp_clear(&v); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_get_int.c b/src/ltm/bn_mp_get_int.c index 3912c27..d99a0a0 100644 --- a/src/ltm/bn_mp_get_int.c +++ b/src/ltm/bn_mp_get_int.c @@ -16,30 +16,30 @@ */ /* get the lower 32-bits of an mp_int */ -unsigned long mp_get_int(mp_int * a) +unsigned long mp_get_int(const mp_int *a) { - int i; - mp_uint64 res; + int i; + mp_min_u32 res; - if (a->used == 0) { - return 0; - } + if (a->used == 0) { + return 0; + } - /* get number of digits of the lsb we have to read */ - i = MIN(a->used,(int)(((sizeof(unsigned long) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; + /* get number of digits of the lsb we have to read */ + i = MIN(a->used, ((((int)sizeof(unsigned long) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; - /* get most significant digit of result */ - res = DIGIT(a,i); + /* get most significant digit of result */ + res = DIGIT(a, i); - while (--i >= 0) { - res = (res << DIGIT_BIT) | DIGIT(a,i); - } + while (--i >= 0) { + res = (res << DIGIT_BIT) | DIGIT(a, i); + } - /* force result to 32-bits always so it is consistent on non 32-bit platforms */ - return (unsigned long)(res & 0xFFFFFFFFUL); + /* force result to 32-bits always so it is consistent on non 32-bit platforms */ + return res & 0xFFFFFFFFUL; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_get_long.c b/src/ltm/bn_mp_get_long.c index 7c3d0fe..9ec2664 100644 --- a/src/ltm/bn_mp_get_long.c +++ b/src/ltm/bn_mp_get_long.c @@ -16,26 +16,26 @@ */ /* get the lower unsigned long of an mp_int, platform dependent */ -unsigned long mp_get_long(mp_int * a) +unsigned long mp_get_long(const mp_int *a) { - int i; - unsigned long res; + int i; + unsigned long res; - if (a->used == 0) { - return 0; - } + if (a->used == 0) { + return 0; + } - /* get number of digits of the lsb we have to read */ - i = MIN(a->used,(int)(((sizeof(unsigned long) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; + /* get number of digits of the lsb we have to read */ + i = MIN(a->used, ((((int)sizeof(unsigned long) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; - /* get most significant digit of result */ - res = DIGIT(a,i); + /* get most significant digit of result */ + res = DIGIT(a, i); #if (ULONG_MAX != 0xffffffffuL) || (DIGIT_BIT < 32) - while (--i >= 0) { - res = (res << DIGIT_BIT) | DIGIT(a,i); - } + while (--i >= 0) { + res = (res << DIGIT_BIT) | DIGIT(a, i); + } #endif - return res; + return res; } #endif diff --git a/src/ltm/bn_mp_get_long_long.c b/src/ltm/bn_mp_get_long_long.c index 4b959e6..3d9034e 100644 --- a/src/ltm/bn_mp_get_long_long.c +++ b/src/ltm/bn_mp_get_long_long.c @@ -16,26 +16,26 @@ */ /* get the lower unsigned long long of an mp_int, platform dependent */ -unsigned long long mp_get_long_long (mp_int * a) +uint64_t mp_get_long_long(const mp_int *a) { - int i; - unsigned long long res; + int i; + uint64_t res; - if (a->used == 0) { - return 0; - } + if (a->used == 0) { + return 0; + } - /* get number of digits of the lsb we have to read */ - i = MIN(a->used,(int)(((sizeof(unsigned long long) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; + /* get number of digits of the lsb we have to read */ + i = MIN(a->used, ((((int)sizeof(uint64_t) * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT)) - 1; - /* get most significant digit of result */ - res = DIGIT(a,i); + /* get most significant digit of result */ + res = DIGIT(a, i); #if DIGIT_BIT < 64 - while (--i >= 0) { - res = (res << DIGIT_BIT) | DIGIT(a,i); - } + while (--i >= 0) { + res = (res << DIGIT_BIT) | DIGIT(a, i); + } #endif - return res; + return res; } #endif diff --git a/src/ltm/bn_mp_grow.c b/src/ltm/bn_mp_grow.c index cbdcfed..60f8f32 100644 --- a/src/ltm/bn_mp_grow.c +++ b/src/ltm/bn_mp_grow.c @@ -16,42 +16,42 @@ */ /* grow as required */ -int mp_grow (mp_int * a, int size) +int mp_grow(mp_int *a, int size) { - int i; - mp_digit *tmp; + int i; + mp_digit *tmp; - /* if the alloc size is smaller alloc more ram */ - if (a->alloc < size) { - /* ensure there are always at least MP_PREC digits extra on top */ - size += (MP_PREC * 2) - (size % MP_PREC); + /* if the alloc size is smaller alloc more ram */ + if (a->alloc < size) { + /* ensure there are always at least MP_PREC digits extra on top */ + size += (MP_PREC * 2) - (size % MP_PREC); - /* reallocate the array a->dp - * - * We store the return in a temporary variable - * in case the operation failed we don't want - * to overwrite the dp member of a. - */ - tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * size); - if (tmp == NULL) { - /* reallocation failed but "a" is still valid [can be freed] */ - return MP_MEM; - } + /* reallocate the array a->dp + * + * We store the return in a temporary variable + * in case the operation failed we don't want + * to overwrite the dp member of a. + */ + tmp = OPT_CAST(mp_digit) XREALLOC(a->dp, sizeof(mp_digit) * (size_t)size); + if (tmp == NULL) { + /* reallocation failed but "a" is still valid [can be freed] */ + return MP_MEM; + } - /* reallocation succeeded so set a->dp */ - a->dp = tmp; + /* reallocation succeeded so set a->dp */ + a->dp = tmp; - /* zero excess digits */ - i = a->alloc; - a->alloc = size; - for (; i < a->alloc; i++) { - a->dp[i] = 0; - } - } - return MP_OKAY; + /* zero excess digits */ + i = a->alloc; + a->alloc = size; + for (; i < a->alloc; i++) { + a->dp[i] = 0; + } + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_import.c b/src/ltm/bn_mp_import.c index bc31651..9bbd215 100644 --- a/src/ltm/bn_mp_import.c +++ b/src/ltm/bn_mp_import.c @@ -18,56 +18,54 @@ /* based on gmp's mpz_import. * see http://gmplib.org/manual/Integer-Import-and-Export.html */ -int mp_import(mp_int* rop, size_t count, int order, size_t size, - int endian, size_t nails, const void* op) { - int result; - size_t odd_nails, nail_bytes, i, j; - unsigned char odd_nail_mask; +int mp_import(mp_int *rop, size_t count, int order, size_t size, + int endian, size_t nails, const void *op) +{ + int result; + size_t odd_nails, nail_bytes, i, j; + unsigned char odd_nail_mask; - mp_zero(rop); + mp_zero(rop); - if (endian == 0) { - union { - unsigned int i; - char c[4]; - } lint; - lint.i = 0x01020304; - - endian = (lint.c[0] == 4) ? -1 : 1; - } + if (endian == 0) { + union { + unsigned int i; + char c[4]; + } lint; + lint.i = 0x01020304; - odd_nails = (nails % 8); - odd_nail_mask = 0xff; - for (i = 0; i < odd_nails; ++i) { - odd_nail_mask ^= (1 << (7 - i)); - } - nail_bytes = nails / 8; + endian = (lint.c[0] == '\x04') ? -1 : 1; + } - for (i = 0; i < count; ++i) { - for (j = 0; j < (size - nail_bytes); ++j) { - unsigned char byte = *( - (unsigned char*)op + - (((order == 1) ? i : ((count - 1) - i)) * size) + - ((endian == 1) ? (j + nail_bytes) : (((size - 1) - j) - nail_bytes)) - ); + odd_nails = (nails % 8u); + odd_nail_mask = 0xff; + for (i = 0; i < odd_nails; ++i) { + odd_nail_mask ^= (unsigned char)(1u << (7u - i)); + } + nail_bytes = nails / 8u; - if ( - (result = mp_mul_2d(rop, (int)((j == 0) ? (8 - odd_nails) : 8), rop)) != MP_OKAY) { - return result; - } + for (i = 0; i < count; ++i) { + for (j = 0; j < (size - nail_bytes); ++j) { + unsigned char byte = *((unsigned char *)op + + (((order == 1) ? i : ((count - 1u) - i)) * size) + + ((endian == 1) ? (j + nail_bytes) : (((size - 1u) - j) - nail_bytes))); - rop->dp[0] |= (j == 0) ? (byte & odd_nail_mask) : byte; - rop->used += 1; - } - } + if ((result = mp_mul_2d(rop, (j == 0u) ? (int)(8u - odd_nails) : 8, rop)) != MP_OKAY) { + return result; + } - mp_clamp(rop); + rop->dp[0] |= (j == 0u) ? (mp_digit)(byte & odd_nail_mask) : (mp_digit)byte; + rop->used += 1; + } + } - return MP_OKAY; + mp_clamp(rop); + + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init.c b/src/ltm/bn_mp_init.c index 7a57730..ad630e3 100644 --- a/src/ltm/bn_mp_init.c +++ b/src/ltm/bn_mp_init.c @@ -16,31 +16,31 @@ */ /* init a new mp_int */ -int mp_init (mp_int * a) +int mp_init(mp_int *a) { - int i; + int i; - /* allocate memory required and clear it */ - a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * MP_PREC); - if (a->dp == NULL) { - return MP_MEM; - } + /* allocate memory required and clear it */ + a->dp = OPT_CAST(mp_digit) XMALLOC(sizeof(mp_digit) * (size_t)MP_PREC); + if (a->dp == NULL) { + return MP_MEM; + } - /* set the digits to zero */ - for (i = 0; i < MP_PREC; i++) { + /* set the digits to zero */ + for (i = 0; i < MP_PREC; i++) { a->dp[i] = 0; - } + } - /* set the used to zero, allocated digits to the default precision - * and sign to positive */ - a->used = 0; - a->alloc = MP_PREC; - a->sign = MP_ZPOS; + /* set the used to zero, allocated digits to the default precision + * and sign to positive */ + a->used = 0; + a->alloc = MP_PREC; + a->sign = MP_ZPOS; - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init_copy.c b/src/ltm/bn_mp_init_copy.c index 9e15f36..5681015 100644 --- a/src/ltm/bn_mp_init_copy.c +++ b/src/ltm/bn_mp_init_copy.c @@ -16,17 +16,22 @@ */ /* creates "a" then copies b into it */ -int mp_init_copy (mp_int * a, mp_int * b) +int mp_init_copy(mp_int *a, const mp_int *b) { - int res; + int res; - if ((res = mp_init_size (a, b->used)) != MP_OKAY) { - return res; - } - return mp_copy (b, a); + if ((res = mp_init_size(a, b->used)) != MP_OKAY) { + return res; + } + + if ((res = mp_copy(b, a)) != MP_OKAY) { + mp_clear(a); + } + + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init_multi.c b/src/ltm/bn_mp_init_multi.c index 52220a3..0da7803 100644 --- a/src/ltm/bn_mp_init_multi.c +++ b/src/ltm/bn_mp_init_multi.c @@ -16,44 +16,41 @@ */ #include -int mp_init_multi(mp_int *mp, ...) +int mp_init_multi(mp_int *mp, ...) { - mp_err res = MP_OKAY; /* Assume ok until proven otherwise */ - int n = 0; /* Number of ok inits */ - mp_int* cur_arg = mp; - va_list args; + mp_err res = MP_OKAY; /* Assume ok until proven otherwise */ + int n = 0; /* Number of ok inits */ + mp_int *cur_arg = mp; + va_list args; - va_start(args, mp); /* init args to next argument from caller */ - while (cur_arg != NULL) { - if (mp_init(cur_arg) != MP_OKAY) { - /* Oops - error! Back-track and mp_clear what we already - succeeded in init-ing, then return error. - */ - va_list clean_args; - - /* end the current list */ - va_end(args); - - /* now start cleaning up */ - cur_arg = mp; - va_start(clean_args, mp); - while (n-- != 0) { - mp_clear(cur_arg); - cur_arg = va_arg(clean_args, mp_int*); - } - va_end(clean_args); - res = MP_MEM; - break; - } - n++; - cur_arg = va_arg(args, mp_int*); - } - va_end(args); - return res; /* Assumed ok, if error flagged above. */ + va_start(args, mp); /* init args to next argument from caller */ + while (cur_arg != NULL) { + if (mp_init(cur_arg) != MP_OKAY) { + /* Oops - error! Back-track and mp_clear what we already + succeeded in init-ing, then return error. + */ + va_list clean_args; + + /* now start cleaning up */ + cur_arg = mp; + va_start(clean_args, mp); + while (n-- != 0) { + mp_clear(cur_arg); + cur_arg = va_arg(clean_args, mp_int *); + } + va_end(clean_args); + res = MP_MEM; + break; + } + n++; + cur_arg = va_arg(args, mp_int *); + } + va_end(args); + return res; /* Assumed ok, if error flagged above. */ } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init_set.c b/src/ltm/bn_mp_init_set.c index c337e50..e9c1b12 100644 --- a/src/ltm/bn_mp_init_set.c +++ b/src/ltm/bn_mp_init_set.c @@ -16,17 +16,17 @@ */ /* initialize and set a digit */ -int mp_init_set (mp_int * a, mp_digit b) +int mp_init_set(mp_int *a, mp_digit b) { - int err; - if ((err = mp_init(a)) != MP_OKAY) { - return err; - } - mp_set(a, b); - return err; + int err; + if ((err = mp_init(a)) != MP_OKAY) { + return err; + } + mp_set(a, b); + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init_set_int.c b/src/ltm/bn_mp_init_set_int.c index c88f14e..8e7441a 100644 --- a/src/ltm/bn_mp_init_set_int.c +++ b/src/ltm/bn_mp_init_set_int.c @@ -16,16 +16,16 @@ */ /* initialize and set a digit */ -int mp_init_set_int (mp_int * a, unsigned long b) +int mp_init_set_int(mp_int *a, unsigned long b) { - int err; - if ((err = mp_init(a)) != MP_OKAY) { - return err; - } - return mp_set_int(a, b); + int err; + if ((err = mp_init(a)) != MP_OKAY) { + return err; + } + return mp_set_int(a, b); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_init_size.c b/src/ltm/bn_mp_init_size.c index e1d1b51..35713ac 100644 --- a/src/ltm/bn_mp_init_size.c +++ b/src/ltm/bn_mp_init_size.c @@ -16,33 +16,33 @@ */ /* init an mp_init for a given size */ -int mp_init_size (mp_int * a, int size) +int mp_init_size(mp_int *a, int size) { - int x; + int x; - /* pad size so there are always extra digits */ - size += (MP_PREC * 2) - (size % MP_PREC); - - /* alloc mem */ - a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size); - if (a->dp == NULL) { - return MP_MEM; - } + /* pad size so there are always extra digits */ + size += (MP_PREC * 2) - (size % MP_PREC); - /* set the members */ - a->used = 0; - a->alloc = size; - a->sign = MP_ZPOS; + /* alloc mem */ + a->dp = OPT_CAST(mp_digit) XMALLOC(sizeof(mp_digit) * (size_t)size); + if (a->dp == NULL) { + return MP_MEM; + } - /* zero the digits */ - for (x = 0; x < size; x++) { + /* set the members */ + a->used = 0; + a->alloc = size; + a->sign = MP_ZPOS; + + /* zero the digits */ + for (x = 0; x < size; x++) { a->dp[x] = 0; - } + } - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_invmod.c b/src/ltm/bn_mp_invmod.c index 22df566..96717ea 100644 --- a/src/ltm/bn_mp_invmod.c +++ b/src/ltm/bn_mp_invmod.c @@ -16,28 +16,28 @@ */ /* hac 14.61, pp608 */ -int mp_invmod (mp_int * a, mp_int * b, mp_int * c) +int mp_invmod(const mp_int *a, const mp_int *b, mp_int *c) { - /* b cannot be negative */ - if ((b->sign == MP_NEG) || (mp_iszero(b) == MP_YES)) { - return MP_VAL; - } + /* b cannot be negative and has to be >1 */ + if ((b->sign == MP_NEG) || (mp_cmp_d(b, 1uL) != MP_GT)) { + return MP_VAL; + } #ifdef BN_FAST_MP_INVMOD_C - /* if the modulus is odd and >1 we can use a faster routine instead */ - if ((mp_isodd (b) == MP_YES) && (mp_cmp_d (b, 1) != MP_EQ)) { - return fast_mp_invmod (a, b, c); - } + /* if the modulus is odd we can use a faster routine instead */ + if ((mp_isodd(b) == MP_YES)) { + return fast_mp_invmod(a, b, c); + } #endif #ifdef BN_MP_INVMOD_SLOW_C - return mp_invmod_slow(a, b, c); + return mp_invmod_slow(a, b, c); #else - return MP_VAL; + return MP_VAL; #endif } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_invmod_slow.c b/src/ltm/bn_mp_invmod_slow.c index a21f947..360f161 100644 --- a/src/ltm/bn_mp_invmod_slow.c +++ b/src/ltm/bn_mp_invmod_slow.c @@ -16,160 +16,161 @@ */ /* hac 14.61, pp608 */ -int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c) +int mp_invmod_slow(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int x, y, u, v, A, B, C, D; - int res; + mp_int x, y, u, v, A, B, C, D; + int res; - /* b cannot be negative */ - if ((b->sign == MP_NEG) || (mp_iszero(b) == MP_YES)) { - return MP_VAL; - } + /* b cannot be negative */ + if ((b->sign == MP_NEG) || (mp_iszero(b) == MP_YES)) { + return MP_VAL; + } - /* init temps */ - if ((res = mp_init_multi(&x, &y, &u, &v, - &A, &B, &C, &D, NULL)) != MP_OKAY) { - return res; - } + /* init temps */ + if ((res = mp_init_multi(&x, &y, &u, &v, + &A, &B, &C, &D, NULL)) != MP_OKAY) { + return res; + } - /* x = a, y = b */ - if ((res = mp_mod(a, b, &x)) != MP_OKAY) { + /* x = a, y = b */ + if ((res = mp_mod(a, b, &x)) != MP_OKAY) { goto LBL_ERR; - } - if ((res = mp_copy (b, &y)) != MP_OKAY) { - goto LBL_ERR; - } + } + if ((res = mp_copy(b, &y)) != MP_OKAY) { + goto LBL_ERR; + } - /* 2. [modified] if x,y are both even then return an error! */ - if ((mp_iseven (&x) == MP_YES) && (mp_iseven (&y) == MP_YES)) { - res = MP_VAL; - goto LBL_ERR; - } + /* 2. [modified] if x,y are both even then return an error! */ + if ((mp_iseven(&x) == MP_YES) && (mp_iseven(&y) == MP_YES)) { + res = MP_VAL; + goto LBL_ERR; + } - /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ - if ((res = mp_copy (&x, &u)) != MP_OKAY) { - goto LBL_ERR; - } - if ((res = mp_copy (&y, &v)) != MP_OKAY) { - goto LBL_ERR; - } - mp_set (&A, 1); - mp_set (&D, 1); + /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ + if ((res = mp_copy(&x, &u)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_copy(&y, &v)) != MP_OKAY) { + goto LBL_ERR; + } + mp_set(&A, 1uL); + mp_set(&D, 1uL); top: - /* 4. while u is even do */ - while (mp_iseven (&u) == MP_YES) { - /* 4.1 u = u/2 */ - if ((res = mp_div_2 (&u, &u)) != MP_OKAY) { - goto LBL_ERR; - } - /* 4.2 if A or B is odd then */ - if ((mp_isodd (&A) == MP_YES) || (mp_isodd (&B) == MP_YES)) { - /* A = (A+y)/2, B = (B-x)/2 */ - if ((res = mp_add (&A, &y, &A)) != MP_OKAY) { + /* 4. while u is even do */ + while (mp_iseven(&u) == MP_YES) { + /* 4.1 u = u/2 */ + if ((res = mp_div_2(&u, &u)) != MP_OKAY) { goto LBL_ERR; } - if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) { + /* 4.2 if A or B is odd then */ + if ((mp_isodd(&A) == MP_YES) || (mp_isodd(&B) == MP_YES)) { + /* A = (A+y)/2, B = (B-x)/2 */ + if ((res = mp_add(&A, &y, &A)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_sub(&B, &x, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* A = A/2, B = B/2 */ + if ((res = mp_div_2(&A, &A)) != MP_OKAY) { goto LBL_ERR; } - } - /* A = A/2, B = B/2 */ - if ((res = mp_div_2 (&A, &A)) != MP_OKAY) { - goto LBL_ERR; - } - if ((res = mp_div_2 (&B, &B)) != MP_OKAY) { - goto LBL_ERR; - } - } - - /* 5. while v is even do */ - while (mp_iseven (&v) == MP_YES) { - /* 5.1 v = v/2 */ - if ((res = mp_div_2 (&v, &v)) != MP_OKAY) { - goto LBL_ERR; - } - /* 5.2 if C or D is odd then */ - if ((mp_isodd (&C) == MP_YES) || (mp_isodd (&D) == MP_YES)) { - /* C = (C+y)/2, D = (D-x)/2 */ - if ((res = mp_add (&C, &y, &C)) != MP_OKAY) { + if ((res = mp_div_2(&B, &B)) != MP_OKAY) { goto LBL_ERR; } - if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) { + } + + /* 5. while v is even do */ + while (mp_iseven(&v) == MP_YES) { + /* 5.1 v = v/2 */ + if ((res = mp_div_2(&v, &v)) != MP_OKAY) { goto LBL_ERR; } - } - /* C = C/2, D = D/2 */ - if ((res = mp_div_2 (&C, &C)) != MP_OKAY) { + /* 5.2 if C or D is odd then */ + if ((mp_isodd(&C) == MP_YES) || (mp_isodd(&D) == MP_YES)) { + /* C = (C+y)/2, D = (D-x)/2 */ + if ((res = mp_add(&C, &y, &C)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_sub(&D, &x, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* C = C/2, D = D/2 */ + if ((res = mp_div_2(&C, &C)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_div_2(&D, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 6. if u >= v then */ + if (mp_cmp(&u, &v) != MP_LT) { + /* u = u - v, A = A - C, B = B - D */ + if ((res = mp_sub(&u, &v, &u)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&A, &C, &A)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&B, &D, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } else { + /* v - v - u, C = C - A, D = D - B */ + if ((res = mp_sub(&v, &u, &v)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&C, &A, &C)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub(&D, &B, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* if not zero goto step 4 */ + if (mp_iszero(&u) == MP_NO) + goto top; + + /* now a = C, b = D, gcd == g*v */ + + /* if v != 1 then there is no inverse */ + if (mp_cmp_d(&v, 1uL) != MP_EQ) { + res = MP_VAL; goto LBL_ERR; - } - if ((res = mp_div_2 (&D, &D)) != MP_OKAY) { - goto LBL_ERR; - } - } + } - /* 6. if u >= v then */ - if (mp_cmp (&u, &v) != MP_LT) { - /* u = u - v, A = A - C, B = B - D */ - if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) { - goto LBL_ERR; - } - - if ((res = mp_sub (&A, &C, &A)) != MP_OKAY) { - goto LBL_ERR; - } - - if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) { - goto LBL_ERR; - } - } else { - /* v - v - u, C = C - A, D = D - B */ - if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) { - goto LBL_ERR; - } - - if ((res = mp_sub (&C, &A, &C)) != MP_OKAY) { - goto LBL_ERR; - } - - if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) { - goto LBL_ERR; - } - } - - /* if not zero goto step 4 */ - if (mp_iszero (&u) == MP_NO) - goto top; - - /* now a = C, b = D, gcd == g*v */ - - /* if v != 1 then there is no inverse */ - if (mp_cmp_d (&v, 1) != MP_EQ) { - res = MP_VAL; - goto LBL_ERR; - } - - /* if its too low */ - while (mp_cmp_d(&C, 0) == MP_LT) { + /* if its too low */ + while (mp_cmp_d(&C, 0uL) == MP_LT) { if ((res = mp_add(&C, b, &C)) != MP_OKAY) { goto LBL_ERR; } - } - - /* too big */ - while (mp_cmp_mag(&C, b) != MP_LT) { + } + + /* too big */ + while (mp_cmp_mag(&C, b) != MP_LT) { if ((res = mp_sub(&C, b, &C)) != MP_OKAY) { goto LBL_ERR; } - } - - /* C is now the inverse */ - mp_exch (&C, c); - res = MP_OKAY; -LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &A, &B, &C, &D, NULL); - return res; + } + + /* C is now the inverse */ + mp_exch(&C, c); + res = MP_OKAY; +LBL_ERR: + mp_clear_multi(&x, &y, &u, &v, &A, &B, &C, &D, NULL); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_is_square.c b/src/ltm/bn_mp_is_square.c index 9f065ef..329d727 100644 --- a/src/ltm/bn_mp_is_square.c +++ b/src/ltm/bn_mp_is_square.c @@ -17,93 +17,94 @@ /* Check if remainders are possible squares - fast exclude non-squares */ static const char rem_128[128] = { - 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1 + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1 }; static const char rem_105[105] = { - 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, - 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, - 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, - 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, - 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, - 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, - 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1 + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, + 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, + 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1 }; /* Store non-zero to ret if arg is square, and zero if not */ -int mp_is_square(mp_int *arg,int *ret) +int mp_is_square(const mp_int *arg, int *ret) { - int res; - mp_digit c; - mp_int t; - unsigned long r; + int res; + mp_digit c; + mp_int t; + unsigned long r; - /* Default to Non-square :) */ - *ret = MP_NO; + /* Default to Non-square :) */ + *ret = MP_NO; - if (arg->sign == MP_NEG) { - return MP_VAL; - } + if (arg->sign == MP_NEG) { + return MP_VAL; + } - /* digits used? (TSD) */ - if (arg->used == 0) { - return MP_OKAY; - } + /* digits used? (TSD) */ + if (arg->used == 0) { + return MP_OKAY; + } - /* First check mod 128 (suppose that DIGIT_BIT is at least 7) */ - if (rem_128[127 & DIGIT(arg,0)] == 1) { - return MP_OKAY; - } + /* First check mod 128 (suppose that DIGIT_BIT is at least 7) */ + if (rem_128[127u & DIGIT(arg, 0)] == (char)1) { + return MP_OKAY; + } - /* Next check mod 105 (3*5*7) */ - if ((res = mp_mod_d(arg,105,&c)) != MP_OKAY) { - return res; - } - if (rem_105[c] == 1) { - return MP_OKAY; - } + /* Next check mod 105 (3*5*7) */ + if ((res = mp_mod_d(arg, 105uL, &c)) != MP_OKAY) { + return res; + } + if (rem_105[c] == (char)1) { + return MP_OKAY; + } - if ((res = mp_init_set_int(&t,11L*13L*17L*19L*23L*29L*31L)) != MP_OKAY) { - return res; - } - if ((res = mp_mod(arg,&t,&t)) != MP_OKAY) { - goto ERR; - } - r = mp_get_int(&t); - /* Check for other prime modules, note it's not an ERROR but we must - * free "t" so the easiest way is to goto ERR. We know that res - * is already equal to MP_OKAY from the mp_mod call - */ - if (((1L<<(r%11)) & 0x5C4L) != 0L) goto ERR; - if (((1L<<(r%13)) & 0x9E4L) != 0L) goto ERR; - if (((1L<<(r%17)) & 0x5CE8L) != 0L) goto ERR; - if (((1L<<(r%19)) & 0x4F50CL) != 0L) goto ERR; - if (((1L<<(r%23)) & 0x7ACCA0L) != 0L) goto ERR; - if (((1L<<(r%29)) & 0xC2EDD0CL) != 0L) goto ERR; - if (((1L<<(r%31)) & 0x6DE2B848L) != 0L) goto ERR; + if ((res = mp_init_set_int(&t, 11L*13L*17L*19L*23L*29L*31L)) != MP_OKAY) { + return res; + } + if ((res = mp_mod(arg, &t, &t)) != MP_OKAY) { + goto ERR; + } + r = mp_get_int(&t); + /* Check for other prime modules, note it's not an ERROR but we must + * free "t" so the easiest way is to goto ERR. We know that res + * is already equal to MP_OKAY from the mp_mod call + */ + if (((1uL<<(r%11uL)) & 0x5C4uL) != 0uL) goto ERR; + if (((1uL<<(r%13uL)) & 0x9E4uL) != 0uL) goto ERR; + if (((1uL<<(r%17uL)) & 0x5CE8uL) != 0uL) goto ERR; + if (((1uL<<(r%19uL)) & 0x4F50CuL) != 0uL) goto ERR; + if (((1uL<<(r%23uL)) & 0x7ACCA0uL) != 0uL) goto ERR; + if (((1uL<<(r%29uL)) & 0xC2EDD0CuL) != 0uL) goto ERR; + if (((1uL<<(r%31uL)) & 0x6DE2B848uL) != 0uL) goto ERR; - /* Final check - is sqr(sqrt(arg)) == arg ? */ - if ((res = mp_sqrt(arg,&t)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sqr(&t,&t)) != MP_OKAY) { - goto ERR; - } + /* Final check - is sqr(sqrt(arg)) == arg ? */ + if ((res = mp_sqrt(arg, &t)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sqr(&t, &t)) != MP_OKAY) { + goto ERR; + } - *ret = (mp_cmp_mag(&t,arg) == MP_EQ) ? MP_YES : MP_NO; -ERR:mp_clear(&t); - return res; + *ret = (mp_cmp_mag(&t, arg) == MP_EQ) ? MP_YES : MP_NO; +ERR: + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_jacobi.c b/src/ltm/bn_mp_jacobi.c index 3c114e3..ef2e72f 100644 --- a/src/ltm/bn_mp_jacobi.c +++ b/src/ltm/bn_mp_jacobi.c @@ -20,98 +20,100 @@ * HAC is wrong here, as the special case of (0 | 1) is not * handled correctly. */ -int mp_jacobi (mp_int * a, mp_int * n, int *c) +int mp_jacobi(const mp_int *a, const mp_int *n, int *c) { - mp_int a1, p1; - int k, s, r, res; - mp_digit residue; + mp_int a1, p1; + int k, s, r, res; + mp_digit residue; - /* if a < 0 return MP_VAL */ - if (mp_isneg(a) == MP_YES) { - return MP_VAL; - } + /* if a < 0 return MP_VAL */ + if (mp_isneg(a) == MP_YES) { + return MP_VAL; + } - /* if n <= 0 return MP_VAL */ - if (mp_cmp_d(n, 0) != MP_GT) { - return MP_VAL; - } + /* if n <= 0 return MP_VAL */ + if (mp_cmp_d(n, 0uL) != MP_GT) { + return MP_VAL; + } - /* step 1. handle case of a == 0 */ - if (mp_iszero (a) == MP_YES) { - /* special case of a == 0 and n == 1 */ - if (mp_cmp_d (n, 1) == MP_EQ) { - *c = 1; - } else { - *c = 0; - } - return MP_OKAY; - } + /* step 1. handle case of a == 0 */ + if (mp_iszero(a) == MP_YES) { + /* special case of a == 0 and n == 1 */ + if (mp_cmp_d(n, 1uL) == MP_EQ) { + *c = 1; + } else { + *c = 0; + } + return MP_OKAY; + } - /* step 2. if a == 1, return 1 */ - if (mp_cmp_d (a, 1) == MP_EQ) { - *c = 1; - return MP_OKAY; - } + /* step 2. if a == 1, return 1 */ + if (mp_cmp_d(a, 1uL) == MP_EQ) { + *c = 1; + return MP_OKAY; + } - /* default */ - s = 0; + /* default */ + s = 0; - /* step 3. write a = a1 * 2**k */ - if ((res = mp_init_copy (&a1, a)) != MP_OKAY) { - return res; - } + /* step 3. write a = a1 * 2**k */ + if ((res = mp_init_copy(&a1, a)) != MP_OKAY) { + return res; + } - if ((res = mp_init (&p1)) != MP_OKAY) { - goto LBL_A1; - } + if ((res = mp_init(&p1)) != MP_OKAY) { + goto LBL_A1; + } - /* divide out larger power of two */ - k = mp_cnt_lsb(&a1); - if ((res = mp_div_2d(&a1, k, &a1, NULL)) != MP_OKAY) { - goto LBL_P1; - } + /* divide out larger power of two */ + k = mp_cnt_lsb(&a1); + if ((res = mp_div_2d(&a1, k, &a1, NULL)) != MP_OKAY) { + goto LBL_P1; + } - /* step 4. if e is even set s=1 */ - if ((k & 1) == 0) { - s = 1; - } else { - /* else set s=1 if p = 1/7 (mod 8) or s=-1 if p = 3/5 (mod 8) */ - residue = n->dp[0] & 7; - - if ((residue == 1) || (residue == 7)) { + /* step 4. if e is even set s=1 */ + if (((unsigned)k & 1u) == 0u) { s = 1; - } else if ((residue == 3) || (residue == 5)) { - s = -1; - } - } + } else { + /* else set s=1 if p = 1/7 (mod 8) or s=-1 if p = 3/5 (mod 8) */ + residue = n->dp[0] & 7u; - /* step 5. if p == 3 (mod 4) *and* a1 == 3 (mod 4) then s = -s */ - if ( ((n->dp[0] & 3) == 3) && ((a1.dp[0] & 3) == 3)) { - s = -s; - } + if ((residue == 1u) || (residue == 7u)) { + s = 1; + } else if ((residue == 3u) || (residue == 5u)) { + s = -1; + } + } - /* if a1 == 1 we're done */ - if (mp_cmp_d (&a1, 1) == MP_EQ) { - *c = s; - } else { - /* n1 = n mod a1 */ - if ((res = mp_mod (n, &a1, &p1)) != MP_OKAY) { - goto LBL_P1; - } - if ((res = mp_jacobi (&p1, &a1, &r)) != MP_OKAY) { - goto LBL_P1; - } - *c = s * r; - } + /* step 5. if p == 3 (mod 4) *and* a1 == 3 (mod 4) then s = -s */ + if (((n->dp[0] & 3u) == 3u) && ((a1.dp[0] & 3u) == 3u)) { + s = -s; + } - /* done */ - res = MP_OKAY; -LBL_P1:mp_clear (&p1); -LBL_A1:mp_clear (&a1); - return res; + /* if a1 == 1 we're done */ + if (mp_cmp_d(&a1, 1uL) == MP_EQ) { + *c = s; + } else { + /* n1 = n mod a1 */ + if ((res = mp_mod(n, &a1, &p1)) != MP_OKAY) { + goto LBL_P1; + } + if ((res = mp_jacobi(&p1, &a1, &r)) != MP_OKAY) { + goto LBL_P1; + } + *c = s * r; + } + + /* done */ + res = MP_OKAY; +LBL_P1: + mp_clear(&p1); +LBL_A1: + mp_clear(&a1); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_karatsuba_mul.c b/src/ltm/bn_mp_karatsuba_mul.c index d65e37e..1a84211 100644 --- a/src/ltm/bn_mp_karatsuba_mul.c +++ b/src/ltm/bn_mp_karatsuba_mul.c @@ -15,153 +15,160 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* c = |a| * |b| using Karatsuba Multiplication using +/* c = |a| * |b| using Karatsuba Multiplication using * three half size multiplications * - * Let B represent the radix [e.g. 2**DIGIT_BIT] and - * let n represent half of the number of digits in + * Let B represent the radix [e.g. 2**DIGIT_BIT] and + * let n represent half of the number of digits in * the min(a,b) * * a = a1 * B**n + a0 * b = b1 * B**n + b0 * - * Then, a * b => + * Then, a * b => a1b1 * B**2n + ((a1 + a0)(b1 + b0) - (a0b0 + a1b1)) * B + a0b0 * - * Note that a1b1 and a0b0 are used twice and only need to be - * computed once. So in total three half size (half # of - * digit) multiplications are performed, a0b0, a1b1 and + * Note that a1b1 and a0b0 are used twice and only need to be + * computed once. So in total three half size (half # of + * digit) multiplications are performed, a0b0, a1b1 and * (a1+b1)(a0+b0) * * Note that a multiplication of half the digits requires - * 1/4th the number of single precision multiplications so in - * total after one call 25% of the single precision multiplications - * are saved. Note also that the call to mp_mul can end up back - * in this function if the a0, a1, b0, or b1 are above the threshold. - * This is known as divide-and-conquer and leads to the famous - * O(N**lg(3)) or O(N**1.584) work which is asymptopically lower than - * the standard O(N**2) that the baseline/comba methods use. - * Generally though the overhead of this method doesn't pay off + * 1/4th the number of single precision multiplications so in + * total after one call 25% of the single precision multiplications + * are saved. Note also that the call to mp_mul can end up back + * in this function if the a0, a1, b0, or b1 are above the threshold. + * This is known as divide-and-conquer and leads to the famous + * O(N**lg(3)) or O(N**1.584) work which is asymptopically lower than + * the standard O(N**2) that the baseline/comba methods use. + * Generally though the overhead of this method doesn't pay off * until a certain size (N ~ 80) is reached. */ -int mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c) +int mp_karatsuba_mul(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int x0, x1, y0, y1, t1, x0y0, x1y1; - int B, err; + mp_int x0, x1, y0, y1, t1, x0y0, x1y1; + int B, err; - /* default the return code to an error */ - err = MP_MEM; + /* default the return code to an error */ + err = MP_MEM; - /* min # of digits */ - B = MIN (a->used, b->used); + /* min # of digits */ + B = MIN(a->used, b->used); - /* now divide in two */ - B = B >> 1; + /* now divide in two */ + B = B >> 1; - /* init copy all the temps */ - if (mp_init_size (&x0, B) != MP_OKAY) - goto ERR; - if (mp_init_size (&x1, a->used - B) != MP_OKAY) - goto X0; - if (mp_init_size (&y0, B) != MP_OKAY) - goto X1; - if (mp_init_size (&y1, b->used - B) != MP_OKAY) - goto Y0; + /* init copy all the temps */ + if (mp_init_size(&x0, B) != MP_OKAY) + goto ERR; + if (mp_init_size(&x1, a->used - B) != MP_OKAY) + goto X0; + if (mp_init_size(&y0, B) != MP_OKAY) + goto X1; + if (mp_init_size(&y1, b->used - B) != MP_OKAY) + goto Y0; - /* init temps */ - if (mp_init_size (&t1, B * 2) != MP_OKAY) - goto Y1; - if (mp_init_size (&x0y0, B * 2) != MP_OKAY) - goto T1; - if (mp_init_size (&x1y1, B * 2) != MP_OKAY) - goto X0Y0; + /* init temps */ + if (mp_init_size(&t1, B * 2) != MP_OKAY) + goto Y1; + if (mp_init_size(&x0y0, B * 2) != MP_OKAY) + goto T1; + if (mp_init_size(&x1y1, B * 2) != MP_OKAY) + goto X0Y0; - /* now shift the digits */ - x0.used = y0.used = B; - x1.used = a->used - B; - y1.used = b->used - B; + /* now shift the digits */ + x0.used = y0.used = B; + x1.used = a->used - B; + y1.used = b->used - B; - { - int x; - mp_digit *tmpa, *tmpb, *tmpx, *tmpy; + { + int x; + mp_digit *tmpa, *tmpb, *tmpx, *tmpy; - /* we copy the digits directly instead of using higher level functions - * since we also need to shift the digits - */ - tmpa = a->dp; - tmpb = b->dp; + /* we copy the digits directly instead of using higher level functions + * since we also need to shift the digits + */ + tmpa = a->dp; + tmpb = b->dp; - tmpx = x0.dp; - tmpy = y0.dp; - for (x = 0; x < B; x++) { - *tmpx++ = *tmpa++; - *tmpy++ = *tmpb++; - } + tmpx = x0.dp; + tmpy = y0.dp; + for (x = 0; x < B; x++) { + *tmpx++ = *tmpa++; + *tmpy++ = *tmpb++; + } - tmpx = x1.dp; - for (x = B; x < a->used; x++) { - *tmpx++ = *tmpa++; - } + tmpx = x1.dp; + for (x = B; x < a->used; x++) { + *tmpx++ = *tmpa++; + } - tmpy = y1.dp; - for (x = B; x < b->used; x++) { - *tmpy++ = *tmpb++; - } - } + tmpy = y1.dp; + for (x = B; x < b->used; x++) { + *tmpy++ = *tmpb++; + } + } - /* only need to clamp the lower words since by definition the - * upper words x1/y1 must have a known number of digits - */ - mp_clamp (&x0); - mp_clamp (&y0); + /* only need to clamp the lower words since by definition the + * upper words x1/y1 must have a known number of digits + */ + mp_clamp(&x0); + mp_clamp(&y0); - /* now calc the products x0y0 and x1y1 */ - /* after this x0 is no longer required, free temp [x0==t2]! */ - if (mp_mul (&x0, &y0, &x0y0) != MP_OKAY) - goto X1Y1; /* x0y0 = x0*y0 */ - if (mp_mul (&x1, &y1, &x1y1) != MP_OKAY) - goto X1Y1; /* x1y1 = x1*y1 */ + /* now calc the products x0y0 and x1y1 */ + /* after this x0 is no longer required, free temp [x0==t2]! */ + if (mp_mul(&x0, &y0, &x0y0) != MP_OKAY) + goto X1Y1; /* x0y0 = x0*y0 */ + if (mp_mul(&x1, &y1, &x1y1) != MP_OKAY) + goto X1Y1; /* x1y1 = x1*y1 */ - /* now calc x1+x0 and y1+y0 */ - if (s_mp_add (&x1, &x0, &t1) != MP_OKAY) - goto X1Y1; /* t1 = x1 - x0 */ - if (s_mp_add (&y1, &y0, &x0) != MP_OKAY) - goto X1Y1; /* t2 = y1 - y0 */ - if (mp_mul (&t1, &x0, &t1) != MP_OKAY) - goto X1Y1; /* t1 = (x1 + x0) * (y1 + y0) */ + /* now calc x1+x0 and y1+y0 */ + if (s_mp_add(&x1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = x1 - x0 */ + if (s_mp_add(&y1, &y0, &x0) != MP_OKAY) + goto X1Y1; /* t2 = y1 - y0 */ + if (mp_mul(&t1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = (x1 + x0) * (y1 + y0) */ - /* add x0y0 */ - if (mp_add (&x0y0, &x1y1, &x0) != MP_OKAY) - goto X1Y1; /* t2 = x0y0 + x1y1 */ - if (s_mp_sub (&t1, &x0, &t1) != MP_OKAY) - goto X1Y1; /* t1 = (x1+x0)*(y1+y0) - (x1y1 + x0y0) */ + /* add x0y0 */ + if (mp_add(&x0y0, &x1y1, &x0) != MP_OKAY) + goto X1Y1; /* t2 = x0y0 + x1y1 */ + if (s_mp_sub(&t1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = (x1+x0)*(y1+y0) - (x1y1 + x0y0) */ - /* shift by B */ - if (mp_lshd (&t1, B) != MP_OKAY) - goto X1Y1; /* t1 = (x0y0 + x1y1 - (x1-x0)*(y1-y0))<used; + /* min # of digits */ + B = a->used; - /* now divide in two */ - B = B >> 1; + /* now divide in two */ + B = B >> 1; - /* init copy all the temps */ - if (mp_init_size (&x0, B) != MP_OKAY) - goto ERR; - if (mp_init_size (&x1, a->used - B) != MP_OKAY) - goto X0; + /* init copy all the temps */ + if (mp_init_size(&x0, B) != MP_OKAY) + goto ERR; + if (mp_init_size(&x1, a->used - B) != MP_OKAY) + goto X0; - /* init temps */ - if (mp_init_size (&t1, a->used * 2) != MP_OKAY) - goto X1; - if (mp_init_size (&t2, a->used * 2) != MP_OKAY) - goto T1; - if (mp_init_size (&x0x0, B * 2) != MP_OKAY) - goto T2; - if (mp_init_size (&x1x1, (a->used - B) * 2) != MP_OKAY) - goto X0X0; + /* init temps */ + if (mp_init_size(&t1, a->used * 2) != MP_OKAY) + goto X1; + if (mp_init_size(&t2, a->used * 2) != MP_OKAY) + goto T1; + if (mp_init_size(&x0x0, B * 2) != MP_OKAY) + goto T2; + if (mp_init_size(&x1x1, (a->used - B) * 2) != MP_OKAY) + goto X0X0; - { - int x; - mp_digit *dst, *src; + { + int x; + mp_digit *dst, *src; - src = a->dp; + src = a->dp; - /* now shift the digits */ - dst = x0.dp; - for (x = 0; x < B; x++) { - *dst++ = *src++; - } + /* now shift the digits */ + dst = x0.dp; + for (x = 0; x < B; x++) { + *dst++ = *src++; + } - dst = x1.dp; - for (x = B; x < a->used; x++) { - *dst++ = *src++; - } - } + dst = x1.dp; + for (x = B; x < a->used; x++) { + *dst++ = *src++; + } + } - x0.used = B; - x1.used = a->used - B; + x0.used = B; + x1.used = a->used - B; - mp_clamp (&x0); + mp_clamp(&x0); - /* now calc the products x0*x0 and x1*x1 */ - if (mp_sqr (&x0, &x0x0) != MP_OKAY) - goto X1X1; /* x0x0 = x0*x0 */ - if (mp_sqr (&x1, &x1x1) != MP_OKAY) - goto X1X1; /* x1x1 = x1*x1 */ + /* now calc the products x0*x0 and x1*x1 */ + if (mp_sqr(&x0, &x0x0) != MP_OKAY) + goto X1X1; /* x0x0 = x0*x0 */ + if (mp_sqr(&x1, &x1x1) != MP_OKAY) + goto X1X1; /* x1x1 = x1*x1 */ - /* now calc (x1+x0)**2 */ - if (s_mp_add (&x1, &x0, &t1) != MP_OKAY) - goto X1X1; /* t1 = x1 - x0 */ - if (mp_sqr (&t1, &t1) != MP_OKAY) - goto X1X1; /* t1 = (x1 - x0) * (x1 - x0) */ + /* now calc (x1+x0)**2 */ + if (s_mp_add(&x1, &x0, &t1) != MP_OKAY) + goto X1X1; /* t1 = x1 - x0 */ + if (mp_sqr(&t1, &t1) != MP_OKAY) + goto X1X1; /* t1 = (x1 - x0) * (x1 - x0) */ - /* add x0y0 */ - if (s_mp_add (&x0x0, &x1x1, &t2) != MP_OKAY) - goto X1X1; /* t2 = x0x0 + x1x1 */ - if (s_mp_sub (&t1, &t2, &t1) != MP_OKAY) - goto X1X1; /* t1 = (x1+x0)**2 - (x0x0 + x1x1) */ + /* add x0y0 */ + if (s_mp_add(&x0x0, &x1x1, &t2) != MP_OKAY) + goto X1X1; /* t2 = x0x0 + x1x1 */ + if (s_mp_sub(&t1, &t2, &t1) != MP_OKAY) + goto X1X1; /* t1 = (x1+x0)**2 - (x0x0 + x1x1) */ - /* shift by B */ - if (mp_lshd (&t1, B) != MP_OKAY) - goto X1X1; /* t1 = (x0x0 + x1x1 - (x1-x0)*(x1-x0))<sign = MP_ZPOS; + /* fix the sign to positive */ + c->sign = MP_ZPOS; LBL_T: - mp_clear_multi (&t1, &t2, NULL); - return res; + mp_clear_multi(&t1, &t2, NULL); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_lshd.c b/src/ltm/bn_mp_lshd.c index f6f800f..b49b545 100644 --- a/src/ltm/bn_mp_lshd.c +++ b/src/ltm/bn_mp_lshd.c @@ -16,52 +16,56 @@ */ /* shift left a certain amount of digits */ -int mp_lshd (mp_int * a, int b) +int mp_lshd(mp_int *a, int b) { - int x, res; + int x, res; - /* if its less than zero return */ - if (b <= 0) { - return MP_OKAY; - } + /* if its less than zero return */ + if (b <= 0) { + return MP_OKAY; + } + /* no need to shift 0 around */ + if (mp_iszero(a) == MP_YES) { + return MP_OKAY; + } - /* grow to fit the new digits */ - if (a->alloc < (a->used + b)) { - if ((res = mp_grow (a, a->used + b)) != MP_OKAY) { - return res; - } - } + /* grow to fit the new digits */ + if (a->alloc < (a->used + b)) { + if ((res = mp_grow(a, a->used + b)) != MP_OKAY) { + return res; + } + } - { - mp_digit *top, *bottom; + { + mp_digit *top, *bottom; - /* increment the used by the shift amount then copy upwards */ - a->used += b; + /* increment the used by the shift amount then copy upwards */ + a->used += b; - /* top */ - top = a->dp + a->used - 1; + /* top */ + top = a->dp + a->used - 1; - /* base */ - bottom = (a->dp + a->used - 1) - b; + /* base */ + bottom = (a->dp + a->used - 1) - b; - /* much like mp_rshd this is implemented using a sliding window - * except the window goes the otherway around. Copying from - * the bottom to the top. see bn_mp_rshd.c for more info. - */ - for (x = a->used - 1; x >= b; x--) { - *top-- = *bottom--; - } + /* much like mp_rshd this is implemented using a sliding window + * except the window goes the otherway around. Copying from + * the bottom to the top. see bn_mp_rshd.c for more info. + */ + for (x = a->used - 1; x >= b; x--) { + *top-- = *bottom--; + } - /* zero the lower digits */ - top = a->dp; - for (x = 0; x < b; x++) { - *top++ = 0; - } - } - return MP_OKAY; + /* zero the lower digits */ + top = a->dp; + for (x = 0; x < b; x++) { + *top++ = 0; + } + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mod.c b/src/ltm/bn_mp_mod.c index b67467d..64e73ea 100644 --- a/src/ltm/bn_mp_mod.c +++ b/src/ltm/bn_mp_mod.c @@ -16,33 +16,32 @@ */ /* c = a mod b, 0 <= c < b if b > 0, b < c <= 0 if b < 0 */ -int -mp_mod (mp_int * a, mp_int * b, mp_int * c) +int mp_mod(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int t; - int res; + mp_int t; + int res; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } + if ((res = mp_init_size(&t, b->used)) != MP_OKAY) { + return res; + } - if ((res = mp_div (a, b, NULL, &t)) != MP_OKAY) { - mp_clear (&t); - return res; - } + if ((res = mp_div(a, b, NULL, &t)) != MP_OKAY) { + mp_clear(&t); + return res; + } - if ((mp_iszero(&t) != MP_NO) || (t.sign == b->sign)) { - res = MP_OKAY; - mp_exch (&t, c); - } else { - res = mp_add (b, &t, c); - } + if ((mp_iszero(&t) != MP_NO) || (t.sign == b->sign)) { + res = MP_OKAY; + mp_exch(&t, c); + } else { + res = mp_add(b, &t, c); + } - mp_clear (&t); - return res; + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mod_2d.c b/src/ltm/bn_mp_mod_2d.c index 926f810..7a74746 100644 --- a/src/ltm/bn_mp_mod_2d.c +++ b/src/ltm/bn_mp_mod_2d.c @@ -16,40 +16,39 @@ */ /* calc a value mod 2**b */ -int -mp_mod_2d (mp_int * a, int b, mp_int * c) +int mp_mod_2d(const mp_int *a, int b, mp_int *c) { - int x, res; + int x, res; - /* if b is <= 0 then zero the int */ - if (b <= 0) { - mp_zero (c); - return MP_OKAY; - } + /* if b is <= 0 then zero the int */ + if (b <= 0) { + mp_zero(c); + return MP_OKAY; + } - /* if the modulus is larger than the value than return */ - if (b >= (int) (a->used * DIGIT_BIT)) { - res = mp_copy (a, c); - return res; - } + /* if the modulus is larger than the value than return */ + if (b >= (a->used * DIGIT_BIT)) { + res = mp_copy(a, c); + return res; + } - /* copy */ - if ((res = mp_copy (a, c)) != MP_OKAY) { - return res; - } + /* copy */ + if ((res = mp_copy(a, c)) != MP_OKAY) { + return res; + } - /* zero digits above the last digit of the modulus */ - for (x = (b / DIGIT_BIT) + (((b % DIGIT_BIT) == 0) ? 0 : 1); x < c->used; x++) { - c->dp[x] = 0; - } - /* clear the digit that is not completely outside/inside the modulus */ - c->dp[b / DIGIT_BIT] &= - (mp_digit) ((((mp_digit) 1) << (((mp_digit) b) % DIGIT_BIT)) - ((mp_digit) 1)); - mp_clamp (c); - return MP_OKAY; + /* zero digits above the last digit of the modulus */ + for (x = (b / DIGIT_BIT) + (((b % DIGIT_BIT) == 0) ? 0 : 1); x < c->used; x++) { + c->dp[x] = 0; + } + /* clear the digit that is not completely outside/inside the modulus */ + c->dp[b / DIGIT_BIT] &= + ((mp_digit)1 << (mp_digit)(b % DIGIT_BIT)) - (mp_digit)1; + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mod_d.c b/src/ltm/bn_mp_mod_d.c index d8722f0..9a24e78 100644 --- a/src/ltm/bn_mp_mod_d.c +++ b/src/ltm/bn_mp_mod_d.c @@ -15,13 +15,12 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -int -mp_mod_d (mp_int * a, mp_digit b, mp_digit * c) +int mp_mod_d(const mp_int *a, mp_digit b, mp_digit *c) { - return mp_div_d(a, b, NULL, c); + return mp_div_d(a, b, NULL, c); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_montgomery_calc_normalization.c b/src/ltm/bn_mp_montgomery_calc_normalization.c index ea87cbd..360e3e5 100644 --- a/src/ltm/bn_mp_montgomery_calc_normalization.c +++ b/src/ltm/bn_mp_montgomery_calc_normalization.c @@ -21,39 +21,39 @@ * The method is slightly modified to shift B unconditionally upto just under * the leading bit of b. This saves alot of multiple precision shifting. */ -int mp_montgomery_calc_normalization (mp_int * a, mp_int * b) +int mp_montgomery_calc_normalization(mp_int *a, const mp_int *b) { - int x, bits, res; + int x, bits, res; - /* how many bits of last digit does b use */ - bits = mp_count_bits (b) % DIGIT_BIT; + /* how many bits of last digit does b use */ + bits = mp_count_bits(b) % DIGIT_BIT; - if (b->used > 1) { - if ((res = mp_2expt (a, ((b->used - 1) * DIGIT_BIT) + bits - 1)) != MP_OKAY) { - return res; - } - } else { - mp_set(a, 1); - bits = 1; - } - - - /* now compute C = A * B mod b */ - for (x = bits - 1; x < (int)DIGIT_BIT; x++) { - if ((res = mp_mul_2 (a, a)) != MP_OKAY) { - return res; - } - if (mp_cmp_mag (a, b) != MP_LT) { - if ((res = s_mp_sub (a, b, a)) != MP_OKAY) { - return res; + if (b->used > 1) { + if ((res = mp_2expt(a, ((b->used - 1) * DIGIT_BIT) + bits - 1)) != MP_OKAY) { + return res; } - } - } + } else { + mp_set(a, 1uL); + bits = 1; + } - return MP_OKAY; + + /* now compute C = A * B mod b */ + for (x = bits - 1; x < (int)DIGIT_BIT; x++) { + if ((res = mp_mul_2(a, a)) != MP_OKAY) { + return res; + } + if (mp_cmp_mag(a, b) != MP_LT) { + if ((res = s_mp_sub(a, b, a)) != MP_OKAY) { + return res; + } + } + } + + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_montgomery_reduce.c b/src/ltm/bn_mp_montgomery_reduce.c index af2cc58..e3a0eaa 100644 --- a/src/ltm/bn_mp_montgomery_reduce.c +++ b/src/ltm/bn_mp_montgomery_reduce.c @@ -16,103 +16,103 @@ */ /* computes xR**-1 == x (mod N) via Montgomery Reduction */ -int -mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) +int mp_montgomery_reduce(mp_int *x, const mp_int *n, mp_digit rho) { - int ix, res, digs; - mp_digit mu; + int ix, res, digs; + mp_digit mu; - /* can the fast reduction [comba] method be used? - * - * Note that unlike in mul you're safely allowed *less* - * than the available columns [255 per default] since carries - * are fixed up in the inner loop. - */ - digs = (n->used * 2) + 1; - if ((digs < MP_WARRAY) && - (n->used < - (1 << ((CHAR_BIT * sizeof(mp_word)) - (2 * DIGIT_BIT))))) { - return fast_mp_montgomery_reduce (x, n, rho); - } + /* can the fast reduction [comba] method be used? + * + * Note that unlike in mul you're safely allowed *less* + * than the available columns [255 per default] since carries + * are fixed up in the inner loop. + */ + digs = (n->used * 2) + 1; + if ((digs < (int)MP_WARRAY) && + (x->used <= (int)MP_WARRAY) && + (n->used < + (int)(1u << (((size_t)CHAR_BIT * sizeof(mp_word)) - (2u * (size_t)DIGIT_BIT))))) { + return fast_mp_montgomery_reduce(x, n, rho); + } - /* grow the input as required */ - if (x->alloc < digs) { - if ((res = mp_grow (x, digs)) != MP_OKAY) { - return res; - } - } - x->used = digs; - - for (ix = 0; ix < n->used; ix++) { - /* mu = ai * rho mod b - * - * The value of rho must be precalculated via - * montgomery_setup() such that - * it equals -1/n0 mod b this allows the - * following inner loop to reduce the - * input one digit at a time - */ - mu = (mp_digit) (((mp_word)x->dp[ix] * (mp_word)rho) & MP_MASK); - - /* a = a + mu * m * b**i */ - { - int iy; - mp_digit *tmpn, *tmpx, u; - mp_word r; - - /* alias for digits of the modulus */ - tmpn = n->dp; - - /* alias for the digits of x [the input] */ - tmpx = x->dp + ix; - - /* set the carry to zero */ - u = 0; - - /* Multiply and add in place */ - for (iy = 0; iy < n->used; iy++) { - /* compute product and sum */ - r = ((mp_word)mu * (mp_word)*tmpn++) + - (mp_word) u + (mp_word) *tmpx; - - /* get carry */ - u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); - - /* fix digit */ - *tmpx++ = (mp_digit)(r & ((mp_word) MP_MASK)); + /* grow the input as required */ + if (x->alloc < digs) { + if ((res = mp_grow(x, digs)) != MP_OKAY) { + return res; } - /* At this point the ix'th digit of x should be zero */ + } + x->used = digs; + + for (ix = 0; ix < n->used; ix++) { + /* mu = ai * rho mod b + * + * The value of rho must be precalculated via + * montgomery_setup() such that + * it equals -1/n0 mod b this allows the + * following inner loop to reduce the + * input one digit at a time + */ + mu = (mp_digit)(((mp_word)x->dp[ix] * (mp_word)rho) & MP_MASK); + + /* a = a + mu * m * b**i */ + { + int iy; + mp_digit *tmpn, *tmpx, u; + mp_word r; + + /* alias for digits of the modulus */ + tmpn = n->dp; + + /* alias for the digits of x [the input] */ + tmpx = x->dp + ix; + + /* set the carry to zero */ + u = 0; + + /* Multiply and add in place */ + for (iy = 0; iy < n->used; iy++) { + /* compute product and sum */ + r = ((mp_word)mu * (mp_word)*tmpn++) + + (mp_word)u + (mp_word)*tmpx; + + /* get carry */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + + /* fix digit */ + *tmpx++ = (mp_digit)(r & (mp_word)MP_MASK); + } + /* At this point the ix'th digit of x should be zero */ - /* propagate carries upwards as required*/ - while (u != 0) { - *tmpx += u; - u = *tmpx >> DIGIT_BIT; - *tmpx++ &= MP_MASK; + /* propagate carries upwards as required*/ + while (u != 0u) { + *tmpx += u; + u = *tmpx >> DIGIT_BIT; + *tmpx++ &= MP_MASK; + } } - } - } + } - /* at this point the n.used'th least - * significant digits of x are all zero - * which means we can shift x to the - * right by n.used digits and the - * residue is unchanged. - */ + /* at this point the n.used'th least + * significant digits of x are all zero + * which means we can shift x to the + * right by n.used digits and the + * residue is unchanged. + */ - /* x = x/b**n.used */ - mp_clamp(x); - mp_rshd (x, n->used); + /* x = x/b**n.used */ + mp_clamp(x); + mp_rshd(x, n->used); - /* if x >= n then x = x - n */ - if (mp_cmp_mag (x, n) != MP_LT) { - return s_mp_sub (x, n, x); - } + /* if x >= n then x = x - n */ + if (mp_cmp_mag(x, n) != MP_LT) { + return s_mp_sub(x, n, x); + } - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_montgomery_setup.c b/src/ltm/bn_mp_montgomery_setup.c index 264a2bd..75da42b 100644 --- a/src/ltm/bn_mp_montgomery_setup.c +++ b/src/ltm/bn_mp_montgomery_setup.c @@ -16,44 +16,43 @@ */ /* setups the montgomery reduction stuff */ -int -mp_montgomery_setup (mp_int * n, mp_digit * rho) +int mp_montgomery_setup(const mp_int *n, mp_digit *rho) { - mp_digit x, b; + mp_digit x, b; -/* fast inversion mod 2**k - * - * Based on the fact that - * - * XA = 1 (mod 2**n) => (X(2-XA)) A = 1 (mod 2**2n) - * => 2*X*A - X*X*A*A = 1 - * => 2*(1) - (1) = 1 - */ - b = n->dp[0]; + /* fast inversion mod 2**k + * + * Based on the fact that + * + * XA = 1 (mod 2**n) => (X(2-XA)) A = 1 (mod 2**2n) + * => 2*X*A - X*X*A*A = 1 + * => 2*(1) - (1) = 1 + */ + b = n->dp[0]; - if ((b & 1) == 0) { - return MP_VAL; - } + if ((b & 1u) == 0u) { + return MP_VAL; + } - x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ - x *= 2 - (b * x); /* here x*a==1 mod 2**8 */ + x = (((b + 2u) & 4u) << 1) + b; /* here x*a==1 mod 2**4 */ + x *= 2u - (b * x); /* here x*a==1 mod 2**8 */ #if !defined(MP_8BIT) - x *= 2 - (b * x); /* here x*a==1 mod 2**16 */ + x *= 2u - (b * x); /* here x*a==1 mod 2**16 */ #endif #if defined(MP_64BIT) || !(defined(MP_8BIT) || defined(MP_16BIT)) - x *= 2 - (b * x); /* here x*a==1 mod 2**32 */ + x *= 2u - (b * x); /* here x*a==1 mod 2**32 */ #endif #ifdef MP_64BIT - x *= 2 - (b * x); /* here x*a==1 mod 2**64 */ + x *= 2u - (b * x); /* here x*a==1 mod 2**64 */ #endif - /* rho = -1/m mod b */ - *rho = (mp_digit)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; + /* rho = -1/m mod b */ + *rho = (mp_digit)(((mp_word)1 << (mp_word)DIGIT_BIT) - x) & MP_MASK; - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mul.c b/src/ltm/bn_mp_mul.c index ea53d5e..babb12b 100644 --- a/src/ltm/bn_mp_mul.c +++ b/src/ltm/bn_mp_mul.c @@ -16,52 +16,52 @@ */ /* high level multiplication (handles sign) */ -int mp_mul (mp_int * a, mp_int * b, mp_int * c) +int mp_mul(const mp_int *a, const mp_int *b, mp_int *c) { - int res, neg; - neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; + int res, neg; + neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; - /* use Toom-Cook? */ + /* use Toom-Cook? */ #ifdef BN_MP_TOOM_MUL_C - if (MIN (a->used, b->used) >= TOOM_MUL_CUTOFF) { - res = mp_toom_mul(a, b, c); - } else + if (MIN(a->used, b->used) >= TOOM_MUL_CUTOFF) { + res = mp_toom_mul(a, b, c); + } else #endif #ifdef BN_MP_KARATSUBA_MUL_C - /* use Karatsuba? */ - if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) { - res = mp_karatsuba_mul (a, b, c); - } else + /* use Karatsuba? */ + if (MIN(a->used, b->used) >= KARATSUBA_MUL_CUTOFF) { + res = mp_karatsuba_mul(a, b, c); + } else #endif - { - /* can we use the fast multiplier? - * - * The fast multiplier can be used if the output will - * have less than MP_WARRAY digits and the number of - * digits won't affect carry propagation - */ - int digs = a->used + b->used + 1; + { + /* can we use the fast multiplier? + * + * The fast multiplier can be used if the output will + * have less than MP_WARRAY digits and the number of + * digits won't affect carry propagation + */ + int digs = a->used + b->used + 1; #ifdef BN_FAST_S_MP_MUL_DIGS_C - if ((digs < MP_WARRAY) && - (MIN(a->used, b->used) <= - (1 << ((CHAR_BIT * sizeof(mp_word)) - (2 * DIGIT_BIT))))) { - res = fast_s_mp_mul_digs (a, b, c, digs); - } else + if ((digs < (int)MP_WARRAY) && + (MIN(a->used, b->used) <= + (int)(1u << (((size_t)CHAR_BIT * sizeof(mp_word)) - (2u * (size_t)DIGIT_BIT))))) { + res = fast_s_mp_mul_digs(a, b, c, digs); + } else #endif - { + { #ifdef BN_S_MP_MUL_DIGS_C - res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */ + res = s_mp_mul(a, b, c); /* uses s_mp_mul_digs */ #else - res = MP_VAL; + res = MP_VAL; #endif - } - } - c->sign = (c->used > 0) ? neg : MP_ZPOS; - return res; + } + } + c->sign = (c->used > 0) ? neg : MP_ZPOS; + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mul_2.c b/src/ltm/bn_mp_mul_2.c index 9c72c7f..7611536 100644 --- a/src/ltm/bn_mp_mul_2.c +++ b/src/ltm/bn_mp_mul_2.c @@ -16,67 +16,67 @@ */ /* b = a*2 */ -int mp_mul_2(mp_int * a, mp_int * b) +int mp_mul_2(const mp_int *a, mp_int *b) { - int x, res, oldused; + int x, res, oldused; - /* grow to accomodate result */ - if (b->alloc < (a->used + 1)) { - if ((res = mp_grow (b, a->used + 1)) != MP_OKAY) { - return res; - } - } + /* grow to accomodate result */ + if (b->alloc < (a->used + 1)) { + if ((res = mp_grow(b, a->used + 1)) != MP_OKAY) { + return res; + } + } - oldused = b->used; - b->used = a->used; + oldused = b->used; + b->used = a->used; - { - mp_digit r, rr, *tmpa, *tmpb; + { + mp_digit r, rr, *tmpa, *tmpb; - /* alias for source */ - tmpa = a->dp; - - /* alias for dest */ - tmpb = b->dp; + /* alias for source */ + tmpa = a->dp; - /* carry */ - r = 0; - for (x = 0; x < a->used; x++) { - - /* get what will be the *next* carry bit from the - * MSB of the current digit + /* alias for dest */ + tmpb = b->dp; + + /* carry */ + r = 0; + for (x = 0; x < a->used; x++) { + + /* get what will be the *next* carry bit from the + * MSB of the current digit + */ + rr = *tmpa >> (mp_digit)(DIGIT_BIT - 1); + + /* now shift up this digit, add in the carry [from the previous] */ + *tmpb++ = ((*tmpa++ << 1uL) | r) & MP_MASK; + + /* copy the carry that would be from the source + * digit into the next iteration + */ + r = rr; + } + + /* new leading digit? */ + if (r != 0u) { + /* add a MSB which is always 1 at this point */ + *tmpb = 1; + ++(b->used); + } + + /* now zero any excess digits on the destination + * that we didn't write to */ - rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1)); - - /* now shift up this digit, add in the carry [from the previous] */ - *tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK; - - /* copy the carry that would be from the source - * digit into the next iteration - */ - r = rr; - } - - /* new leading digit? */ - if (r != 0) { - /* add a MSB which is always 1 at this point */ - *tmpb = 1; - ++(b->used); - } - - /* now zero any excess digits on the destination - * that we didn't write to - */ - tmpb = b->dp + b->used; - for (x = b->used; x < oldused; x++) { - *tmpb++ = 0; - } - } - b->sign = a->sign; - return MP_OKAY; + tmpb = b->dp + b->used; + for (x = b->used; x < oldused; x++) { + *tmpb++ = 0; + } + } + b->sign = a->sign; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mul_2d.c b/src/ltm/bn_mp_mul_2d.c index 9967e46..96aef85 100644 --- a/src/ltm/bn_mp_mul_2d.c +++ b/src/ltm/bn_mp_mul_2d.c @@ -16,70 +16,70 @@ */ /* shift left by a certain bit count */ -int mp_mul_2d (mp_int * a, int b, mp_int * c) +int mp_mul_2d(const mp_int *a, int b, mp_int *c) { - mp_digit d; - int res; + mp_digit d; + int res; - /* copy */ - if (a != c) { - if ((res = mp_copy (a, c)) != MP_OKAY) { - return res; - } - } + /* copy */ + if (a != c) { + if ((res = mp_copy(a, c)) != MP_OKAY) { + return res; + } + } - if (c->alloc < (int)(c->used + (b / DIGIT_BIT) + 1)) { - if ((res = mp_grow (c, c->used + (b / DIGIT_BIT) + 1)) != MP_OKAY) { - return res; - } - } + if (c->alloc < (c->used + (b / DIGIT_BIT) + 1)) { + if ((res = mp_grow(c, c->used + (b / DIGIT_BIT) + 1)) != MP_OKAY) { + return res; + } + } - /* shift by as many digits in the bit count */ - if (b >= (int)DIGIT_BIT) { - if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) { - return res; - } - } + /* shift by as many digits in the bit count */ + if (b >= DIGIT_BIT) { + if ((res = mp_lshd(c, b / DIGIT_BIT)) != MP_OKAY) { + return res; + } + } - /* shift any bit count < DIGIT_BIT */ - d = (mp_digit) (b % DIGIT_BIT); - if (d != 0) { - mp_digit *tmpc, shift, mask, r, rr; - int x; + /* shift any bit count < DIGIT_BIT */ + d = (mp_digit)(b % DIGIT_BIT); + if (d != 0u) { + mp_digit *tmpc, shift, mask, r, rr; + int x; - /* bitmask for carries */ - mask = (((mp_digit)1) << d) - 1; + /* bitmask for carries */ + mask = ((mp_digit)1 << d) - (mp_digit)1; - /* shift for msbs */ - shift = DIGIT_BIT - d; + /* shift for msbs */ + shift = (mp_digit)DIGIT_BIT - d; - /* alias */ - tmpc = c->dp; + /* alias */ + tmpc = c->dp; - /* carry */ - r = 0; - for (x = 0; x < c->used; x++) { - /* get the higher bits of the current word */ - rr = (*tmpc >> shift) & mask; + /* carry */ + r = 0; + for (x = 0; x < c->used; x++) { + /* get the higher bits of the current word */ + rr = (*tmpc >> shift) & mask; - /* shift the current word and OR in the carry */ - *tmpc = ((*tmpc << d) | r) & MP_MASK; - ++tmpc; + /* shift the current word and OR in the carry */ + *tmpc = ((*tmpc << d) | r) & MP_MASK; + ++tmpc; - /* set the carry to the carry bits of the current word */ - r = rr; - } - - /* set final carry */ - if (r != 0) { - c->dp[(c->used)++] = r; - } - } - mp_clamp (c); - return MP_OKAY; + /* set the carry to the carry bits of the current word */ + r = rr; + } + + /* set final carry */ + if (r != 0u) { + c->dp[(c->used)++] = r; + } + } + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mul_d.c b/src/ltm/bn_mp_mul_d.c index e77da5d..13f94a2 100644 --- a/src/ltm/bn_mp_mul_d.c +++ b/src/ltm/bn_mp_mul_d.c @@ -16,64 +16,63 @@ */ /* multiply by a digit */ -int -mp_mul_d (mp_int * a, mp_digit b, mp_int * c) +int mp_mul_d(const mp_int *a, mp_digit b, mp_int *c) { - mp_digit u, *tmpa, *tmpc; - mp_word r; - int ix, res, olduse; + mp_digit u, *tmpa, *tmpc; + mp_word r; + int ix, res, olduse; - /* make sure c is big enough to hold a*b */ - if (c->alloc < (a->used + 1)) { - if ((res = mp_grow (c, a->used + 1)) != MP_OKAY) { - return res; - } - } + /* make sure c is big enough to hold a*b */ + if (c->alloc < (a->used + 1)) { + if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { + return res; + } + } - /* get the original destinations used count */ - olduse = c->used; + /* get the original destinations used count */ + olduse = c->used; - /* set the sign */ - c->sign = a->sign; + /* set the sign */ + c->sign = a->sign; - /* alias for a->dp [source] */ - tmpa = a->dp; + /* alias for a->dp [source] */ + tmpa = a->dp; - /* alias for c->dp [dest] */ - tmpc = c->dp; + /* alias for c->dp [dest] */ + tmpc = c->dp; - /* zero carry */ - u = 0; + /* zero carry */ + u = 0; - /* compute columns */ - for (ix = 0; ix < a->used; ix++) { - /* compute product and carry sum for this term */ - r = (mp_word)u + ((mp_word)*tmpa++ * (mp_word)b); + /* compute columns */ + for (ix = 0; ix < a->used; ix++) { + /* compute product and carry sum for this term */ + r = (mp_word)u + ((mp_word)*tmpa++ * (mp_word)b); - /* mask off higher bits to get a single digit */ - *tmpc++ = (mp_digit) (r & ((mp_word) MP_MASK)); + /* mask off higher bits to get a single digit */ + *tmpc++ = (mp_digit)(r & (mp_word)MP_MASK); - /* send carry into next iteration */ - u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); - } + /* send carry into next iteration */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + } - /* store final carry [if any] and increment ix offset */ - *tmpc++ = u; - ++ix; + /* store final carry [if any] and increment ix offset */ + *tmpc++ = u; + ++ix; - /* now zero digits above the top */ - while (ix++ < olduse) { - *tmpc++ = 0; - } + /* now zero digits above the top */ + while (ix++ < olduse) { + *tmpc++ = 0; + } - /* set used count */ - c->used = a->used + 1; - mp_clamp(c); + /* set used count */ + c->used = a->used + 1; + mp_clamp(c); - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_mulmod.c b/src/ltm/bn_mp_mulmod.c index 5ea88ef..aeee4ee 100644 --- a/src/ltm/bn_mp_mulmod.c +++ b/src/ltm/bn_mp_mulmod.c @@ -16,25 +16,25 @@ */ /* d = a * b (mod c) */ -int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +int mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d) { - int res; - mp_int t; + int res; + mp_int t; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } + if ((res = mp_init_size(&t, c->used)) != MP_OKAY) { + return res; + } - if ((res = mp_mul (a, b, &t)) != MP_OKAY) { - mp_clear (&t); - return res; - } - res = mp_mod (&t, c, d); - mp_clear (&t); - return res; + if ((res = mp_mul(a, b, &t)) != MP_OKAY) { + mp_clear(&t); + return res; + } + res = mp_mod(&t, c, d); + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_n_root.c b/src/ltm/bn_mp_n_root.c index a14ee67..a09804f 100644 --- a/src/ltm/bn_mp_n_root.c +++ b/src/ltm/bn_mp_n_root.c @@ -18,13 +18,13 @@ /* wrapper function for mp_n_root_ex() * computes c = (a)**(1/b) such that (c)**b <= a and (c+1)**b > a */ -int mp_n_root (mp_int * a, mp_digit b, mp_int * c) +int mp_n_root(const mp_int *a, mp_digit b, mp_int *c) { - return mp_n_root_ex(a, b, c, 0); + return mp_n_root_ex(a, b, c, 0); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_n_root_ex.c b/src/ltm/bn_mp_n_root_ex.c index 79d1dfb..60c9929 100644 --- a/src/ltm/bn_mp_n_root_ex.c +++ b/src/ltm/bn_mp_n_root_ex.c @@ -25,108 +25,108 @@ * each step involves a fair bit. This is not meant to * find huge roots [square and cube, etc]. */ -int mp_n_root_ex (mp_int * a, mp_digit b, mp_int * c, int fast) +int mp_n_root_ex(const mp_int *a, mp_digit b, mp_int *c, int fast) { - mp_int t1, t2, t3; - int res, neg; + mp_int t1, t2, t3, a_; + int res; - /* input must be positive if b is even */ - if (((b & 1) == 0) && (a->sign == MP_NEG)) { - return MP_VAL; - } + /* input must be positive if b is even */ + if (((b & 1u) == 0u) && (a->sign == MP_NEG)) { + return MP_VAL; + } - if ((res = mp_init (&t1)) != MP_OKAY) { - return res; - } + if ((res = mp_init(&t1)) != MP_OKAY) { + return res; + } - if ((res = mp_init (&t2)) != MP_OKAY) { - goto LBL_T1; - } + if ((res = mp_init(&t2)) != MP_OKAY) { + goto LBL_T1; + } - if ((res = mp_init (&t3)) != MP_OKAY) { - goto LBL_T2; - } + if ((res = mp_init(&t3)) != MP_OKAY) { + goto LBL_T2; + } - /* if a is negative fudge the sign but keep track */ - neg = a->sign; - a->sign = MP_ZPOS; + /* if a is negative fudge the sign but keep track */ + a_ = *a; + a_.sign = MP_ZPOS; - /* t2 = 2 */ - mp_set (&t2, 2); + /* t2 = 2 */ + mp_set(&t2, 2uL); - do { - /* t1 = t2 */ - if ((res = mp_copy (&t2, &t1)) != MP_OKAY) { - goto LBL_T3; - } - - /* t2 = t1 - ((t1**b - a) / (b * t1**(b-1))) */ - - /* t3 = t1**(b-1) */ - if ((res = mp_expt_d_ex (&t1, b - 1, &t3, fast)) != MP_OKAY) { - goto LBL_T3; - } - - /* numerator */ - /* t2 = t1**b */ - if ((res = mp_mul (&t3, &t1, &t2)) != MP_OKAY) { - goto LBL_T3; - } - - /* t2 = t1**b - a */ - if ((res = mp_sub (&t2, a, &t2)) != MP_OKAY) { - goto LBL_T3; - } - - /* denominator */ - /* t3 = t1**(b-1) * b */ - if ((res = mp_mul_d (&t3, b, &t3)) != MP_OKAY) { - goto LBL_T3; - } - - /* t3 = (t1**b - a)/(b * t1**(b-1)) */ - if ((res = mp_div (&t2, &t3, &t3, NULL)) != MP_OKAY) { - goto LBL_T3; - } - - if ((res = mp_sub (&t1, &t3, &t2)) != MP_OKAY) { - goto LBL_T3; - } - } while (mp_cmp (&t1, &t2) != MP_EQ); - - /* result can be off by a few so check */ - for (;;) { - if ((res = mp_expt_d_ex (&t1, b, &t2, fast)) != MP_OKAY) { - goto LBL_T3; - } - - if (mp_cmp (&t2, a) == MP_GT) { - if ((res = mp_sub_d (&t1, 1, &t1)) != MP_OKAY) { + do { + /* t1 = t2 */ + if ((res = mp_copy(&t2, &t1)) != MP_OKAY) { goto LBL_T3; } - } else { - break; - } - } - /* reset the sign of a first */ - a->sign = neg; + /* t2 = t1 - ((t1**b - a) / (b * t1**(b-1))) */ - /* set the result */ - mp_exch (&t1, c); + /* t3 = t1**(b-1) */ + if ((res = mp_expt_d_ex(&t1, b - 1u, &t3, fast)) != MP_OKAY) { + goto LBL_T3; + } - /* set the sign of the result */ - c->sign = neg; + /* numerator */ + /* t2 = t1**b */ + if ((res = mp_mul(&t3, &t1, &t2)) != MP_OKAY) { + goto LBL_T3; + } - res = MP_OKAY; + /* t2 = t1**b - a */ + if ((res = mp_sub(&t2, &a_, &t2)) != MP_OKAY) { + goto LBL_T3; + } -LBL_T3:mp_clear (&t3); -LBL_T2:mp_clear (&t2); -LBL_T1:mp_clear (&t1); - return res; + /* denominator */ + /* t3 = t1**(b-1) * b */ + if ((res = mp_mul_d(&t3, b, &t3)) != MP_OKAY) { + goto LBL_T3; + } + + /* t3 = (t1**b - a)/(b * t1**(b-1)) */ + if ((res = mp_div(&t2, &t3, &t3, NULL)) != MP_OKAY) { + goto LBL_T3; + } + + if ((res = mp_sub(&t1, &t3, &t2)) != MP_OKAY) { + goto LBL_T3; + } + } while (mp_cmp(&t1, &t2) != MP_EQ); + + /* result can be off by a few so check */ + for (;;) { + if ((res = mp_expt_d_ex(&t1, b, &t2, fast)) != MP_OKAY) { + goto LBL_T3; + } + + if (mp_cmp(&t2, &a_) == MP_GT) { + if ((res = mp_sub_d(&t1, 1uL, &t1)) != MP_OKAY) { + goto LBL_T3; + } + } else { + break; + } + } + + /* set the result */ + mp_exch(&t1, c); + + /* set the sign of the result */ + c->sign = a->sign; + + res = MP_OKAY; + +LBL_T3: + mp_clear(&t3); +LBL_T2: + mp_clear(&t2); +LBL_T1: + mp_clear(&t1); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_neg.c b/src/ltm/bn_mp_neg.c index ea32e46..75f8bbd 100644 --- a/src/ltm/bn_mp_neg.c +++ b/src/ltm/bn_mp_neg.c @@ -16,25 +16,25 @@ */ /* b = -a */ -int mp_neg (mp_int * a, mp_int * b) +int mp_neg(const mp_int *a, mp_int *b) { - int res; - if (a != b) { - if ((res = mp_copy (a, b)) != MP_OKAY) { - return res; - } - } + int res; + if (a != b) { + if ((res = mp_copy(a, b)) != MP_OKAY) { + return res; + } + } - if (mp_iszero(b) != MP_YES) { - b->sign = (a->sign == MP_ZPOS) ? MP_NEG : MP_ZPOS; - } else { - b->sign = MP_ZPOS; - } + if (mp_iszero(b) != MP_YES) { + b->sign = (a->sign == MP_ZPOS) ? MP_NEG : MP_ZPOS; + } else { + b->sign = MP_ZPOS; + } - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_or.c b/src/ltm/bn_mp_or.c index b7f2e4f..f411509 100644 --- a/src/ltm/bn_mp_or.c +++ b/src/ltm/bn_mp_or.c @@ -16,35 +16,36 @@ */ /* OR two ints together */ -int mp_or (mp_int * a, mp_int * b, mp_int * c) +int mp_or(const mp_int *a, const mp_int *b, mp_int *c) { - int res, ix, px; - mp_int t, *x; + int res, ix, px; + mp_int t; + const mp_int *x; - if (a->used > b->used) { - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - px = b->used; - x = b; - } else { - if ((res = mp_init_copy (&t, b)) != MP_OKAY) { - return res; - } - px = a->used; - x = a; - } + if (a->used > b->used) { + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy(&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } - for (ix = 0; ix < px; ix++) { - t.dp[ix] |= x->dp[ix]; - } - mp_clamp (&t); - mp_exch (c, &t); - mp_clear (&t); - return MP_OKAY; + for (ix = 0; ix < px; ix++) { + t.dp[ix] |= x->dp[ix]; + } + mp_clamp(&t); + mp_exch(c, &t); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_fermat.c b/src/ltm/bn_mp_prime_fermat.c index 9dc9e85..e71e0ae 100644 --- a/src/ltm/bn_mp_prime_fermat.c +++ b/src/ltm/bn_mp_prime_fermat.c @@ -16,47 +16,48 @@ */ /* performs one Fermat test. - * + * * If "a" were prime then b**a == b (mod a) since the order of * the multiplicative sub-group would be phi(a) = a-1. That means * it would be the same as b**(a mod (a-1)) == b**1 == b (mod a). * * Sets result to 1 if the congruence holds, or zero otherwise. */ -int mp_prime_fermat (mp_int * a, mp_int * b, int *result) +int mp_prime_fermat(const mp_int *a, const mp_int *b, int *result) { - mp_int t; - int err; + mp_int t; + int err; - /* default to composite */ - *result = MP_NO; + /* default to composite */ + *result = MP_NO; - /* ensure b > 1 */ - if (mp_cmp_d(b, 1) != MP_GT) { - return MP_VAL; - } + /* ensure b > 1 */ + if (mp_cmp_d(b, 1uL) != MP_GT) { + return MP_VAL; + } - /* init t */ - if ((err = mp_init (&t)) != MP_OKAY) { - return err; - } + /* init t */ + if ((err = mp_init(&t)) != MP_OKAY) { + return err; + } - /* compute t = b**a mod a */ - if ((err = mp_exptmod (b, a, a, &t)) != MP_OKAY) { - goto LBL_T; - } + /* compute t = b**a mod a */ + if ((err = mp_exptmod(b, a, a, &t)) != MP_OKAY) { + goto LBL_T; + } - /* is it equal to b? */ - if (mp_cmp (&t, b) == MP_EQ) { - *result = MP_YES; - } + /* is it equal to b? */ + if (mp_cmp(&t, b) == MP_EQ) { + *result = MP_YES; + } - err = MP_OKAY; -LBL_T:mp_clear (&t); - return err; + err = MP_OKAY; +LBL_T: + mp_clear(&t); + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_is_divisible.c b/src/ltm/bn_mp_prime_is_divisible.c index 5854f08..c49fdd2 100644 --- a/src/ltm/bn_mp_prime_is_divisible.c +++ b/src/ltm/bn_mp_prime_is_divisible.c @@ -15,36 +15,36 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* determines if an integers is divisible by one +/* determines if an integers is divisible by one * of the first PRIME_SIZE primes or not * * sets result to 0 if not, 1 if yes */ -int mp_prime_is_divisible (mp_int * a, int *result) +int mp_prime_is_divisible(const mp_int *a, int *result) { - int err, ix; - mp_digit res; + int err, ix; + mp_digit res; - /* default to not */ - *result = MP_NO; + /* default to not */ + *result = MP_NO; - for (ix = 0; ix < PRIME_SIZE; ix++) { - /* what is a mod LBL_prime_tab[ix] */ - if ((err = mp_mod_d (a, ltm_prime_tab[ix], &res)) != MP_OKAY) { - return err; - } + for (ix = 0; ix < PRIME_SIZE; ix++) { + /* what is a mod LBL_prime_tab[ix] */ + if ((err = mp_mod_d(a, ltm_prime_tab[ix], &res)) != MP_OKAY) { + return err; + } - /* is the residue zero? */ - if (res == 0) { - *result = MP_YES; - return MP_OKAY; - } - } + /* is the residue zero? */ + if (res == 0u) { + *result = MP_YES; + return MP_OKAY; + } + } - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_is_prime.c b/src/ltm/bn_mp_prime_is_prime.c index be5ebe4..e97712d 100644 --- a/src/ltm/bn_mp_prime_is_prime.c +++ b/src/ltm/bn_mp_prime_is_prime.c @@ -22,62 +22,63 @@ * * Sets result to 1 if probably prime, 0 otherwise */ -int mp_prime_is_prime (mp_int * a, int t, int *result) +int mp_prime_is_prime(const mp_int *a, int t, int *result) { - mp_int b; - int ix, err, res; + mp_int b; + int ix, err, res; - /* default to no */ - *result = MP_NO; + /* default to no */ + *result = MP_NO; - /* valid value of t? */ - if ((t <= 0) || (t > PRIME_SIZE)) { - return MP_VAL; - } + /* valid value of t? */ + if ((t <= 0) || (t > PRIME_SIZE)) { + return MP_VAL; + } - /* is the input equal to one of the primes in the table? */ - for (ix = 0; ix < PRIME_SIZE; ix++) { + /* is the input equal to one of the primes in the table? */ + for (ix = 0; ix < PRIME_SIZE; ix++) { if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) { *result = 1; return MP_OKAY; } - } + } - /* first perform trial division */ - if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) { - return err; - } + /* first perform trial division */ + if ((err = mp_prime_is_divisible(a, &res)) != MP_OKAY) { + return err; + } - /* return if it was trivially divisible */ - if (res == MP_YES) { - return MP_OKAY; - } + /* return if it was trivially divisible */ + if (res == MP_YES) { + return MP_OKAY; + } - /* now perform the miller-rabin rounds */ - if ((err = mp_init (&b)) != MP_OKAY) { - return err; - } + /* now perform the miller-rabin rounds */ + if ((err = mp_init(&b)) != MP_OKAY) { + return err; + } - for (ix = 0; ix < t; ix++) { - /* set the prime */ - mp_set (&b, ltm_prime_tab[ix]); + for (ix = 0; ix < t; ix++) { + /* set the prime */ + mp_set(&b, ltm_prime_tab[ix]); - if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) { - goto LBL_B; - } + if ((err = mp_prime_miller_rabin(a, &b, &res)) != MP_OKAY) { + goto LBL_B; + } - if (res == MP_NO) { - goto LBL_B; - } - } + if (res == MP_NO) { + goto LBL_B; + } + } - /* passed the test */ - *result = MP_YES; -LBL_B:mp_clear (&b); - return err; + /* passed the test */ + *result = MP_YES; +LBL_B: + mp_clear(&b); + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_miller_rabin.c b/src/ltm/bn_mp_prime_miller_rabin.c index 7b5c8d2..34c4d1c 100644 --- a/src/ltm/bn_mp_prime_miller_rabin.c +++ b/src/ltm/bn_mp_prime_miller_rabin.c @@ -15,89 +15,92 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* Miller-Rabin test of "a" to the base of "b" as described in +/* Miller-Rabin test of "a" to the base of "b" as described in * HAC pp. 139 Algorithm 4.24 * * Sets result to 0 if definitely composite or 1 if probably prime. - * Randomly the chance of error is no more than 1/4 and often + * Randomly the chance of error is no more than 1/4 and often * very much lower. */ -int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result) +int mp_prime_miller_rabin(const mp_int *a, const mp_int *b, int *result) { - mp_int n1, y, r; - int s, j, err; + mp_int n1, y, r; + int s, j, err; - /* default */ - *result = MP_NO; + /* default */ + *result = MP_NO; - /* ensure b > 1 */ - if (mp_cmp_d(b, 1) != MP_GT) { - return MP_VAL; - } + /* ensure b > 1 */ + if (mp_cmp_d(b, 1uL) != MP_GT) { + return MP_VAL; + } - /* get n1 = a - 1 */ - if ((err = mp_init_copy (&n1, a)) != MP_OKAY) { - return err; - } - if ((err = mp_sub_d (&n1, 1, &n1)) != MP_OKAY) { - goto LBL_N1; - } + /* get n1 = a - 1 */ + if ((err = mp_init_copy(&n1, a)) != MP_OKAY) { + return err; + } + if ((err = mp_sub_d(&n1, 1uL, &n1)) != MP_OKAY) { + goto LBL_N1; + } - /* set 2**s * r = n1 */ - if ((err = mp_init_copy (&r, &n1)) != MP_OKAY) { - goto LBL_N1; - } + /* set 2**s * r = n1 */ + if ((err = mp_init_copy(&r, &n1)) != MP_OKAY) { + goto LBL_N1; + } - /* count the number of least significant bits - * which are zero - */ - s = mp_cnt_lsb(&r); + /* count the number of least significant bits + * which are zero + */ + s = mp_cnt_lsb(&r); - /* now divide n - 1 by 2**s */ - if ((err = mp_div_2d (&r, s, &r, NULL)) != MP_OKAY) { - goto LBL_R; - } + /* now divide n - 1 by 2**s */ + if ((err = mp_div_2d(&r, s, &r, NULL)) != MP_OKAY) { + goto LBL_R; + } - /* compute y = b**r mod a */ - if ((err = mp_init (&y)) != MP_OKAY) { - goto LBL_R; - } - if ((err = mp_exptmod (b, &r, a, &y)) != MP_OKAY) { - goto LBL_Y; - } - - /* if y != 1 and y != n1 do */ - if ((mp_cmp_d (&y, 1) != MP_EQ) && (mp_cmp (&y, &n1) != MP_EQ)) { - j = 1; - /* while j <= s-1 and y != n1 */ - while ((j <= (s - 1)) && (mp_cmp (&y, &n1) != MP_EQ)) { - if ((err = mp_sqrmod (&y, a, &y)) != MP_OKAY) { - goto LBL_Y; - } - - /* if y == 1 then composite */ - if (mp_cmp_d (&y, 1) == MP_EQ) { - goto LBL_Y; - } - - ++j; - } - - /* if y != n1 then composite */ - if (mp_cmp (&y, &n1) != MP_EQ) { + /* compute y = b**r mod a */ + if ((err = mp_init(&y)) != MP_OKAY) { + goto LBL_R; + } + if ((err = mp_exptmod(b, &r, a, &y)) != MP_OKAY) { goto LBL_Y; - } - } + } - /* probably prime now */ - *result = MP_YES; -LBL_Y:mp_clear (&y); -LBL_R:mp_clear (&r); -LBL_N1:mp_clear (&n1); - return err; + /* if y != 1 and y != n1 do */ + if ((mp_cmp_d(&y, 1uL) != MP_EQ) && (mp_cmp(&y, &n1) != MP_EQ)) { + j = 1; + /* while j <= s-1 and y != n1 */ + while ((j <= (s - 1)) && (mp_cmp(&y, &n1) != MP_EQ)) { + if ((err = mp_sqrmod(&y, a, &y)) != MP_OKAY) { + goto LBL_Y; + } + + /* if y == 1 then composite */ + if (mp_cmp_d(&y, 1uL) == MP_EQ) { + goto LBL_Y; + } + + ++j; + } + + /* if y != n1 then composite */ + if (mp_cmp(&y, &n1) != MP_EQ) { + goto LBL_Y; + } + } + + /* probably prime now */ + *result = MP_YES; +LBL_Y: + mp_clear(&y); +LBL_R: + mp_clear(&r); +LBL_N1: + mp_clear(&n1); + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_next_prime.c b/src/ltm/bn_mp_prime_next_prime.c index 9951dc3..b106a74 100644 --- a/src/ltm/bn_mp_prime_next_prime.c +++ b/src/ltm/bn_mp_prime_next_prime.c @@ -38,32 +38,32 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style) if (mp_cmp_d(a, ltm_prime_tab[PRIME_SIZE-1]) == MP_LT) { /* find which prime it is bigger than */ for (x = PRIME_SIZE - 2; x >= 0; x--) { - if (mp_cmp_d(a, ltm_prime_tab[x]) != MP_LT) { - if (bbs_style == 1) { - /* ok we found a prime smaller or - * equal [so the next is larger] - * - * however, the prime must be - * congruent to 3 mod 4 - */ - if ((ltm_prime_tab[x + 1] & 3) != 3) { - /* scan upwards for a prime congruent to 3 mod 4 */ - for (y = x + 1; y < PRIME_SIZE; y++) { - if ((ltm_prime_tab[y] & 3) == 3) { - mp_set(a, ltm_prime_tab[y]); - return MP_OKAY; - } - } - } - } else { - mp_set(a, ltm_prime_tab[x + 1]); - return MP_OKAY; - } - } + if (mp_cmp_d(a, ltm_prime_tab[x]) != MP_LT) { + if (bbs_style == 1) { + /* ok we found a prime smaller or + * equal [so the next is larger] + * + * however, the prime must be + * congruent to 3 mod 4 + */ + if ((ltm_prime_tab[x + 1] & 3u) != 3u) { + /* scan upwards for a prime congruent to 3 mod 4 */ + for (y = x + 1; y < PRIME_SIZE; y++) { + if ((ltm_prime_tab[y] & 3u) == 3u) { + mp_set(a, ltm_prime_tab[y]); + return MP_OKAY; + } + } + } + } else { + mp_set(a, ltm_prime_tab[x + 1]); + return MP_OKAY; + } + } } /* at this point a maybe 1 */ - if (mp_cmp_d(a, 1) == MP_EQ) { - mp_set(a, 2); + if (mp_cmp_d(a, 1uL) == MP_EQ) { + mp_set(a, 2uL); return MP_OKAY; } /* fall through to the sieve */ @@ -80,13 +80,15 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style) if (bbs_style == 1) { /* if a mod 4 != 3 subtract the correct value to make it so */ - if ((a->dp[0] & 3) != 3) { - if ((err = mp_sub_d(a, (a->dp[0] & 3) + 1, a)) != MP_OKAY) { return err; }; + if ((a->dp[0] & 3u) != 3u) { + if ((err = mp_sub_d(a, (a->dp[0] & 3u) + 1u, a)) != MP_OKAY) { + return err; + }; } } else { if (mp_iseven(a) == MP_YES) { /* force odd */ - if ((err = mp_sub_d(a, 1, a)) != MP_OKAY) { + if ((err = mp_sub_d(a, 1uL, a)) != MP_OKAY) { return err; } } @@ -116,20 +118,20 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style) /* compute the new residue without using division */ for (x = 1; x < PRIME_SIZE; x++) { - /* add the step to each residue */ - res_tab[x] += kstep; + /* add the step to each residue */ + res_tab[x] += kstep; - /* subtract the modulus [instead of using division] */ - if (res_tab[x] >= ltm_prime_tab[x]) { - res_tab[x] -= ltm_prime_tab[x]; - } + /* subtract the modulus [instead of using division] */ + if (res_tab[x] >= ltm_prime_tab[x]) { + res_tab[x] -= ltm_prime_tab[x]; + } - /* set flag if zero */ - if (res_tab[x] == 0) { - y = 1; - } + /* set flag if zero */ + if (res_tab[x] == 0u) { + y = 1; + } } - } while ((y == 1) && (step < ((((mp_digit)1) << DIGIT_BIT) - kstep))); + } while ((y == 1) && (step < (((mp_digit)1 << DIGIT_BIT) - kstep))); /* add the step */ if ((err = mp_add_d(a, step, a)) != MP_OKAY) { @@ -137,19 +139,19 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style) } /* if didn't pass sieve and step == MAX then skip test */ - if ((y == 1) && (step >= ((((mp_digit)1) << DIGIT_BIT) - kstep))) { + if ((y == 1) && (step >= (((mp_digit)1 << DIGIT_BIT) - kstep))) { continue; } /* is this prime? */ for (x = 0; x < t; x++) { - mp_set(&b, ltm_prime_tab[x]); - if ((err = mp_prime_miller_rabin(a, &b, &res)) != MP_OKAY) { - goto LBL_ERR; - } - if (res == MP_NO) { - break; - } + mp_set(&b, ltm_prime_tab[x]); + if ((err = mp_prime_miller_rabin(a, &b, &res)) != MP_OKAY) { + goto LBL_ERR; + } + if (res == MP_NO) { + break; + } } if (res == MP_YES) { @@ -165,6 +167,6 @@ LBL_ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_rabin_miller_trials.c b/src/ltm/bn_mp_prime_rabin_miller_trials.c index bca4229..cde309a 100644 --- a/src/ltm/bn_mp_prime_rabin_miller_trials.c +++ b/src/ltm/bn_mp_prime_rabin_miller_trials.c @@ -19,14 +19,14 @@ static const struct { int k, t; } sizes[] = { -{ 128, 28 }, -{ 256, 16 }, -{ 384, 10 }, -{ 512, 7 }, -{ 640, 6 }, -{ 768, 5 }, -{ 896, 4 }, -{ 1024, 4 } + { 128, 28 }, + { 256, 16 }, + { 384, 10 }, + { 512, 7 }, + { 640, 6 }, + { 768, 5 }, + { 896, 4 }, + { 1024, 4 } }; /* returns # of RM trials required for a given bit size */ @@ -35,11 +35,11 @@ int mp_prime_rabin_miller_trials(int size) int x; for (x = 0; x < (int)(sizeof(sizes)/(sizeof(sizes[0]))); x++) { - if (sizes[x].k == size) { - return sizes[x].t; - } else if (sizes[x].k > size) { - return (x == 0) ? sizes[0].t : sizes[x - 1].t; - } + if (sizes[x].k == size) { + return sizes[x].t; + } else if (sizes[x].k > size) { + return (x == 0) ? sizes[0].t : sizes[x - 1].t; + } } return sizes[x-1].t + 1; } @@ -47,6 +47,6 @@ int mp_prime_rabin_miller_trials(int size) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_prime_random_ex.c b/src/ltm/bn_mp_prime_random_ex.c index 1efc4fc..1ae2934 100644 --- a/src/ltm/bn_mp_prime_random_ex.c +++ b/src/ltm/bn_mp_prime_random_ex.c @@ -18,7 +18,7 @@ /* makes a truly random prime of a given size (bits), * * Flags are as follows: - * + * * LTM_PRIME_BBS - make prime congruent to 3 mod 4 * LTM_PRIME_SAFE - make sure (p-1)/2 is prime as well (implies LTM_PRIME_BBS) * LTM_PRIME_2MSB_ON - make the 2nd highest bit one @@ -49,7 +49,7 @@ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback bsize = (size>>3) + ((size&7)?1:0); /* we need a buffer of bsize bytes */ - tmp = OPT_CAST(unsigned char) XMALLOC(bsize); + tmp = OPT_CAST(unsigned char) XMALLOC((size_t)bsize); if (tmp == NULL) { return MP_MEM; } @@ -62,7 +62,7 @@ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback maskOR_msb_offset = ((size & 7) == 1) ? 1 : 0; if ((flags & LTM_PRIME_2MSB_ON) != 0) { maskOR_msb |= 0x80 >> ((9 - size) & 7); - } + } /* get the maskOR_lsb */ maskOR_lsb = 1; @@ -76,7 +76,7 @@ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback err = MP_VAL; goto error; } - + /* work over the MSbyte */ tmp[0] &= maskAND; tmp[0] |= 1 << ((size - 1) & 7); @@ -86,28 +86,42 @@ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback tmp[bsize-1] |= maskOR_lsb; /* read it in */ - if ((err = mp_read_unsigned_bin(a, tmp, bsize)) != MP_OKAY) { goto error; } + if ((err = mp_read_unsigned_bin(a, tmp, bsize)) != MP_OKAY) { + goto error; + } /* is it prime? */ - if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; } - if (res == MP_NO) { + if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { + goto error; + } + if (res == MP_NO) { continue; } if ((flags & LTM_PRIME_SAFE) != 0) { /* see if (a-1)/2 is prime */ - if ((err = mp_sub_d(a, 1, a)) != MP_OKAY) { goto error; } - if ((err = mp_div_2(a, a)) != MP_OKAY) { goto error; } - + if ((err = mp_sub_d(a, 1uL, a)) != MP_OKAY) { + goto error; + } + if ((err = mp_div_2(a, a)) != MP_OKAY) { + goto error; + } + /* is it prime? */ - if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; } + if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { + goto error; + } } } while (res == MP_NO); if ((flags & LTM_PRIME_SAFE) != 0) { /* restore a to the original value */ - if ((err = mp_mul_2(a, a)) != MP_OKAY) { goto error; } - if ((err = mp_add_d(a, 1, a)) != MP_OKAY) { goto error; } + if ((err = mp_mul_2(a, a)) != MP_OKAY) { + goto error; + } + if ((err = mp_add_d(a, 1uL, a)) != MP_OKAY) { + goto error; + } } err = MP_OKAY; @@ -119,6 +133,6 @@ error: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_radix_size.c b/src/ltm/bn_mp_radix_size.c index e5d7772..29355cb 100644 --- a/src/ltm/bn_mp_radix_size.c +++ b/src/ltm/bn_mp_radix_size.c @@ -16,63 +16,63 @@ */ /* returns size of ASCII reprensentation */ -int mp_radix_size (mp_int * a, int radix, int *size) +int mp_radix_size(const mp_int *a, int radix, int *size) { - int res, digs; - mp_int t; - mp_digit d; + int res, digs; + mp_int t; + mp_digit d; - *size = 0; + *size = 0; - /* make sure the radix is in range */ - if ((radix < 2) || (radix > 64)) { - return MP_VAL; - } + /* make sure the radix is in range */ + if ((radix < 2) || (radix > 64)) { + return MP_VAL; + } - if (mp_iszero(a) == MP_YES) { - *size = 2; - return MP_OKAY; - } + if (mp_iszero(a) == MP_YES) { + *size = 2; + return MP_OKAY; + } - /* special case for binary */ - if (radix == 2) { - *size = mp_count_bits (a) + ((a->sign == MP_NEG) ? 1 : 0) + 1; - return MP_OKAY; - } + /* special case for binary */ + if (radix == 2) { + *size = mp_count_bits(a) + ((a->sign == MP_NEG) ? 1 : 0) + 1; + return MP_OKAY; + } - /* digs is the digit count */ - digs = 0; + /* digs is the digit count */ + digs = 0; - /* if it's negative add one for the sign */ - if (a->sign == MP_NEG) { - ++digs; - } + /* if it's negative add one for the sign */ + if (a->sign == MP_NEG) { + ++digs; + } - /* init a copy of the input */ - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - - /* force temp to positive */ - t.sign = MP_ZPOS; - - /* fetch out all of the digits */ - while (mp_iszero (&t) == MP_NO) { - if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { - mp_clear (&t); + /* init a copy of the input */ + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { return res; - } - ++digs; - } - mp_clear (&t); + } - /* return digs + 1, the 1 is for the NULL byte that would be required. */ - *size = digs + 1; - return MP_OKAY; + /* force temp to positive */ + t.sign = MP_ZPOS; + + /* fetch out all of the digits */ + while (mp_iszero(&t) == MP_NO) { + if ((res = mp_div_d(&t, (mp_digit)radix, &t, &d)) != MP_OKAY) { + mp_clear(&t); + return res; + } + ++digs; + } + mp_clear(&t); + + /* return digs + 1, the 1 is for the NULL byte that would be required. */ + *size = digs + 1; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_radix_smap.c b/src/ltm/bn_mp_radix_smap.c index d1c75ad..262775c 100644 --- a/src/ltm/bn_mp_radix_smap.c +++ b/src/ltm/bn_mp_radix_smap.c @@ -17,8 +17,22 @@ /* chars used in radix conversions */ const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; +const uint8_t mp_s_rmap_reverse[] = { + 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, /* ()*+,-./ */ + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, /* 01234567 */ + 0x08, 0x09, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* 89:;<=>? */ + 0xff, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, /* @ABCDEFG */ + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, /* HIJKLMNO */ + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, /* PQRSTUVW */ + 0x21, 0x22, 0x23, 0xff, 0xff, 0xff, 0xff, 0xff, /* XYZ[\]^_ */ + 0xff, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, /* `abcdefg */ + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, /* hijklmno */ + 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, /* pqrstuvw */ + 0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff, /* xyz{|}~. */ +}; +const size_t mp_s_rmap_reverse_sz = sizeof(mp_s_rmap_reverse); #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_rand.c b/src/ltm/bn_mp_rand.c index 4c9610d..2ed665e 100644 --- a/src/ltm/bn_mp_rand.c +++ b/src/ltm/bn_mp_rand.c @@ -15,41 +15,69 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ +#if defined(MP_8BIT) || defined(MP_16BIT) +#define MP_GEN_RANDOM_SHIFT DIGIT_BIT +#else +#if MP_GEN_RANDOM_MAX == 0xffffffffu +#define MP_GEN_RANDOM_SHIFT 32 +#elif MP_GEN_RANDOM_MAX == 32767 +/* SHRT_MAX */ +#define MP_GEN_RANDOM_SHIFT 15 +#elif MP_GEN_RANDOM_MAX == 2147483647 +/* INT_MAX */ +#define MP_GEN_RANDOM_SHIFT 31 +#elif !defined(MP_GEN_RANDOM_SHIFT) +#error Thou shalt define their own valid MP_GEN_RANDOM_SHIFT +#endif +#endif + /* makes a pseudo-random int of a given size */ -int -mp_rand (mp_int * a, int digits) +static mp_digit s_gen_random(void) { - int res; - mp_digit d; + mp_digit d = 0, msk = 0; + do { + d <<= MP_GEN_RANDOM_SHIFT; + d |= ((mp_digit) MP_GEN_RANDOM()); + msk <<= MP_GEN_RANDOM_SHIFT; + msk |= (MP_MASK & MP_GEN_RANDOM_MAX); + } while ((MP_MASK & msk) != MP_MASK); + d &= MP_MASK; + return d; +} - mp_zero (a); - if (digits <= 0) { - return MP_OKAY; - } +int mp_rand(mp_int *a, int digits) +{ + int res; + mp_digit d; - /* first place a random non-zero digit */ - do { - d = ((mp_digit) abs (MP_GEN_RANDOM())) & MP_MASK; - } while (d == 0); + mp_zero(a); + if (digits <= 0) { + return MP_OKAY; + } - if ((res = mp_add_d (a, d, a)) != MP_OKAY) { - return res; - } + /* first place a random non-zero digit */ + do { + d = s_gen_random(); + } while (d == 0u); - while (--digits > 0) { - if ((res = mp_lshd (a, 1)) != MP_OKAY) { + if ((res = mp_add_d(a, d, a)) != MP_OKAY) { return res; - } + } - if ((res = mp_add_d (a, ((mp_digit) abs (MP_GEN_RANDOM())), a)) != MP_OKAY) { - return res; - } - } + while (--digits > 0) { + if ((res = mp_lshd(a, 1)) != MP_OKAY) { + return res; + } - return MP_OKAY; + if ((res = mp_add_d(a, s_gen_random(), a)) != MP_OKAY) { + return res; + } + } + + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_read_radix.c b/src/ltm/bn_mp_read_radix.c index 5c9eb5e..55c5ee1 100644 --- a/src/ltm/bn_mp_read_radix.c +++ b/src/ltm/bn_mp_read_radix.c @@ -16,70 +16,76 @@ */ /* read a string [ASCII] in a given radix */ -int mp_read_radix (mp_int * a, const char *str, int radix) +int mp_read_radix(mp_int *a, const char *str, int radix) { - int y, res, neg; - char ch; + int y, res, neg; + unsigned pos; + char ch; - /* zero the digit bignum */ - mp_zero(a); + /* zero the digit bignum */ + mp_zero(a); - /* make sure the radix is ok */ - if ((radix < 2) || (radix > 64)) { - return MP_VAL; - } + /* make sure the radix is ok */ + if ((radix < 2) || (radix > 64)) { + return MP_VAL; + } - /* if the leading digit is a - * minus set the sign to negative. - */ - if (*str == '-') { - ++str; - neg = MP_NEG; - } else { - neg = MP_ZPOS; - } + /* if the leading digit is a + * minus set the sign to negative. + */ + if (*str == '-') { + ++str; + neg = MP_NEG; + } else { + neg = MP_ZPOS; + } - /* set the integer to the default of zero */ - mp_zero (a); - - /* process each digit of the string */ - while (*str != '\0') { - /* if the radix <= 36 the conversion is case insensitive - * this allows numbers like 1AB and 1ab to represent the same value - * [e.g. in hex] - */ - ch = (radix <= 36) ? (char)toupper((int)*str) : *str; - for (y = 0; y < 64; y++) { - if (ch == mp_s_rmap[y]) { + /* set the integer to the default of zero */ + mp_zero(a); + + /* process each digit of the string */ + while (*str != '\0') { + /* if the radix <= 36 the conversion is case insensitive + * this allows numbers like 1AB and 1ab to represent the same value + * [e.g. in hex] + */ + ch = (radix <= 36) ? (char)toupper((int)*str) : *str; + pos = (unsigned)(ch - '('); + if (mp_s_rmap_reverse_sz < pos) { break; } - } + y = (int)mp_s_rmap_reverse[pos]; - /* if the char was found in the map - * and is less than the given radix add it - * to the number, otherwise exit the loop. - */ - if (y < radix) { - if ((res = mp_mul_d (a, (mp_digit) radix, a)) != MP_OKAY) { + /* if the char was found in the map + * and is less than the given radix add it + * to the number, otherwise exit the loop. + */ + if ((y == 0xff) || (y >= radix)) { + break; + } + if ((res = mp_mul_d(a, (mp_digit)radix, a)) != MP_OKAY) { return res; } - if ((res = mp_add_d (a, (mp_digit) y, a)) != MP_OKAY) { + if ((res = mp_add_d(a, (mp_digit)y, a)) != MP_OKAY) { return res; } - } else { - break; - } - ++str; - } - - /* set the sign only if a != 0 */ - if (mp_iszero(a) != MP_YES) { - a->sign = neg; - } - return MP_OKAY; + ++str; + } + + /* if an illegal character was found, fail. */ + if (!((*str == '\0') || (*str == '\r') || (*str == '\n'))) { + mp_zero(a); + return MP_VAL; + } + + /* set the sign only if a != 0 */ + if (mp_iszero(a) != MP_YES) { + a->sign = neg; + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_read_signed_bin.c b/src/ltm/bn_mp_read_signed_bin.c index a4d4760..17bc6ce 100644 --- a/src/ltm/bn_mp_read_signed_bin.c +++ b/src/ltm/bn_mp_read_signed_bin.c @@ -16,26 +16,26 @@ */ /* read signed bin, big endian, first byte is 0==positive or 1==negative */ -int mp_read_signed_bin (mp_int * a, const unsigned char *b, int c) +int mp_read_signed_bin(mp_int *a, const unsigned char *b, int c) { - int res; + int res; - /* read magnitude */ - if ((res = mp_read_unsigned_bin (a, b + 1, c - 1)) != MP_OKAY) { - return res; - } + /* read magnitude */ + if ((res = mp_read_unsigned_bin(a, b + 1, c - 1)) != MP_OKAY) { + return res; + } - /* first byte is 0 for positive, non-zero for negative */ - if (b[0] == 0) { - a->sign = MP_ZPOS; - } else { - a->sign = MP_NEG; - } + /* first byte is 0 for positive, non-zero for negative */ + if (b[0] == (unsigned char)0) { + a->sign = MP_ZPOS; + } else { + a->sign = MP_NEG; + } - return MP_OKAY; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_read_unsigned_bin.c b/src/ltm/bn_mp_read_unsigned_bin.c index e8e5df8..6398c43 100644 --- a/src/ltm/bn_mp_read_unsigned_bin.c +++ b/src/ltm/bn_mp_read_unsigned_bin.c @@ -16,40 +16,40 @@ */ /* reads a unsigned char array, assumes the msb is stored first [big endian] */ -int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c) +int mp_read_unsigned_bin(mp_int *a, const unsigned char *b, int c) { - int res; + int res; - /* make sure there are at least two digits */ - if (a->alloc < 2) { - if ((res = mp_grow(a, 2)) != MP_OKAY) { - return res; - } - } + /* make sure there are at least two digits */ + if (a->alloc < 2) { + if ((res = mp_grow(a, 2)) != MP_OKAY) { + return res; + } + } - /* zero the int */ - mp_zero (a); + /* zero the int */ + mp_zero(a); - /* read the bytes in */ - while (c-- > 0) { - if ((res = mp_mul_2d (a, 8, a)) != MP_OKAY) { - return res; - } + /* read the bytes in */ + while (c-- > 0) { + if ((res = mp_mul_2d(a, 8, a)) != MP_OKAY) { + return res; + } #ifndef MP_8BIT - a->dp[0] |= *b++; - a->used += 1; + a->dp[0] |= *b++; + a->used += 1; #else - a->dp[0] = (*b & MP_MASK); - a->dp[1] |= ((*b++ >> 7U) & 1); - a->used += 2; + a->dp[0] = (*b & MP_MASK); + a->dp[1] |= ((*b++ >> 7) & 1u); + a->used += 2; #endif - } - mp_clamp (a); - return MP_OKAY; + } + mp_clamp(a); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce.c b/src/ltm/bn_mp_reduce.c index e2c3a58..5b1d405 100644 --- a/src/ltm/bn_mp_reduce.c +++ b/src/ltm/bn_mp_reduce.c @@ -19,82 +19,82 @@ * precomputed via mp_reduce_setup. * From HAC pp.604 Algorithm 14.42 */ -int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) +int mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu) { - mp_int q; - int res, um = m->used; + mp_int q; + int res, um = m->used; - /* q = x */ - if ((res = mp_init_copy (&q, x)) != MP_OKAY) { - return res; - } + /* q = x */ + if ((res = mp_init_copy(&q, x)) != MP_OKAY) { + return res; + } - /* q1 = x / b**(k-1) */ - mp_rshd (&q, um - 1); + /* q1 = x / b**(k-1) */ + mp_rshd(&q, um - 1); - /* according to HAC this optimization is ok */ - if (((mp_digit) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) { - if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) { - goto CLEANUP; - } - } else { + /* according to HAC this optimization is ok */ + if ((mp_digit)um > ((mp_digit)1 << (DIGIT_BIT - 1))) { + if ((res = mp_mul(&q, mu, &q)) != MP_OKAY) { + goto CLEANUP; + } + } else { #ifdef BN_S_MP_MUL_HIGH_DIGS_C - if ((res = s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) { - goto CLEANUP; - } + if ((res = s_mp_mul_high_digs(&q, mu, &q, um)) != MP_OKAY) { + goto CLEANUP; + } #elif defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C) - if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) { - goto CLEANUP; - } + if ((res = fast_s_mp_mul_high_digs(&q, mu, &q, um)) != MP_OKAY) { + goto CLEANUP; + } #else - { - res = MP_VAL; - goto CLEANUP; - } + { + res = MP_VAL; + goto CLEANUP; + } #endif - } + } - /* q3 = q2 / b**(k+1) */ - mp_rshd (&q, um + 1); + /* q3 = q2 / b**(k+1) */ + mp_rshd(&q, um + 1); - /* x = x mod b**(k+1), quick (no division) */ - if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) { - goto CLEANUP; - } - - /* q = q * m mod b**(k+1), quick (no division) */ - if ((res = s_mp_mul_digs (&q, m, &q, um + 1)) != MP_OKAY) { - goto CLEANUP; - } - - /* x = x - q */ - if ((res = mp_sub (x, &q, x)) != MP_OKAY) { - goto CLEANUP; - } - - /* If x < 0, add b**(k+1) to it */ - if (mp_cmp_d (x, 0) == MP_LT) { - mp_set (&q, 1); - if ((res = mp_lshd (&q, um + 1)) != MP_OKAY) + /* x = x mod b**(k+1), quick (no division) */ + if ((res = mp_mod_2d(x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) { goto CLEANUP; - if ((res = mp_add (x, &q, x)) != MP_OKAY) - goto CLEANUP; - } + } - /* Back off if it's too big */ - while (mp_cmp (x, m) != MP_LT) { - if ((res = s_mp_sub (x, m, x)) != MP_OKAY) { + /* q = q * m mod b**(k+1), quick (no division) */ + if ((res = s_mp_mul_digs(&q, m, &q, um + 1)) != MP_OKAY) { goto CLEANUP; - } - } + } + + /* x = x - q */ + if ((res = mp_sub(x, &q, x)) != MP_OKAY) { + goto CLEANUP; + } + + /* If x < 0, add b**(k+1) to it */ + if (mp_cmp_d(x, 0uL) == MP_LT) { + mp_set(&q, 1uL); + if ((res = mp_lshd(&q, um + 1)) != MP_OKAY) + goto CLEANUP; + if ((res = mp_add(x, &q, x)) != MP_OKAY) + goto CLEANUP; + } + + /* Back off if it's too big */ + while (mp_cmp(x, m) != MP_LT) { + if ((res = s_mp_sub(x, m, x)) != MP_OKAY) { + goto CLEANUP; + } + } CLEANUP: - mp_clear (&q); + mp_clear(&q); - return res; + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_2k.c b/src/ltm/bn_mp_reduce_2k.c index 2876a75..e1e2bc8 100644 --- a/src/ltm/bn_mp_reduce_2k.c +++ b/src/ltm/bn_mp_reduce_2k.c @@ -16,7 +16,7 @@ */ /* reduces a modulo n where n is of the form 2**p - d */ -int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d) +int mp_reduce_2k(mp_int *a, const mp_int *n, mp_digit d) { mp_int q; int p, res; @@ -32,7 +32,7 @@ top: goto ERR; } - if (d != 1) { + if (d != 1u) { /* q = q * d */ if ((res = mp_mul_d(&q, d, &q)) != MP_OKAY) { goto ERR; @@ -58,6 +58,6 @@ ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_2k_l.c b/src/ltm/bn_mp_reduce_2k_l.c index 3225214..23381bf 100644 --- a/src/ltm/bn_mp_reduce_2k_l.c +++ b/src/ltm/bn_mp_reduce_2k_l.c @@ -19,7 +19,7 @@ This differs from reduce_2k since "d" can be larger than a single digit. */ -int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d) +int mp_reduce_2k_l(mp_int *a, const mp_int *n, const mp_int *d) { mp_int q; int p, res; @@ -59,6 +59,6 @@ ERR: #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_2k_setup.c b/src/ltm/bn_mp_reduce_2k_setup.c index 545051e..e6ae839 100644 --- a/src/ltm/bn_mp_reduce_2k_setup.c +++ b/src/ltm/bn_mp_reduce_2k_setup.c @@ -16,32 +16,32 @@ */ /* determines the setup value */ -int mp_reduce_2k_setup(mp_int *a, mp_digit *d) +int mp_reduce_2k_setup(const mp_int *a, mp_digit *d) { int res, p; mp_int tmp; - + if ((res = mp_init(&tmp)) != MP_OKAY) { return res; } - + p = mp_count_bits(a); if ((res = mp_2expt(&tmp, p)) != MP_OKAY) { mp_clear(&tmp); return res; } - + if ((res = s_mp_sub(&tmp, a, &tmp)) != MP_OKAY) { mp_clear(&tmp); return res; } - + *d = tmp.dp[0]; mp_clear(&tmp); return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_2k_setup_l.c b/src/ltm/bn_mp_reduce_2k_setup_l.c index 59132dd..af81b5b 100644 --- a/src/ltm/bn_mp_reduce_2k_setup_l.c +++ b/src/ltm/bn_mp_reduce_2k_setup_l.c @@ -16,29 +16,29 @@ */ /* determines the setup value */ -int mp_reduce_2k_setup_l(mp_int *a, mp_int *d) +int mp_reduce_2k_setup_l(const mp_int *a, mp_int *d) { int res; mp_int tmp; - + if ((res = mp_init(&tmp)) != MP_OKAY) { return res; } - + if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) { goto ERR; } - + if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) { goto ERR; } - + ERR: mp_clear(&tmp); return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_is_2k.c b/src/ltm/bn_mp_reduce_is_2k.c index 784947b..f59d535 100644 --- a/src/ltm/bn_mp_reduce_is_2k.c +++ b/src/ltm/bn_mp_reduce_is_2k.c @@ -16,11 +16,11 @@ */ /* determines if mp_reduce_2k can be used */ -int mp_reduce_is_2k(mp_int *a) +int mp_reduce_is_2k(const mp_int *a) { int ix, iy, iw; mp_digit iz; - + if (a->used == 0) { return MP_NO; } else if (a->used == 1) { @@ -29,17 +29,17 @@ int mp_reduce_is_2k(mp_int *a) iy = mp_count_bits(a); iz = 1; iw = 1; - + /* Test every bit from the second digit up, must be 1 */ for (ix = DIGIT_BIT; ix < iy; ix++) { - if ((a->dp[iw] & iz) == 0) { - return MP_NO; - } - iz <<= 1; - if (iz > (mp_digit)MP_MASK) { - ++iw; - iz = 1; - } + if ((a->dp[iw] & iz) == 0u) { + return MP_NO; + } + iz <<= 1; + if (iz > (mp_digit)MP_MASK) { + ++iw; + iz = 1; + } } } return MP_YES; @@ -47,6 +47,6 @@ int mp_reduce_is_2k(mp_int *a) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_is_2k_l.c b/src/ltm/bn_mp_reduce_is_2k_l.c index c193f39..22c7582 100644 --- a/src/ltm/bn_mp_reduce_is_2k_l.c +++ b/src/ltm/bn_mp_reduce_is_2k_l.c @@ -16,10 +16,10 @@ */ /* determines if reduce_2k_l can be used */ -int mp_reduce_is_2k_l(mp_int *a) +int mp_reduce_is_2k_l(const mp_int *a) { int ix, iy; - + if (a->used == 0) { return MP_NO; } else if (a->used == 1) { @@ -27,18 +27,18 @@ int mp_reduce_is_2k_l(mp_int *a) } else if (a->used > 1) { /* if more than half of the digits are -1 we're sold */ for (iy = ix = 0; ix < a->used; ix++) { - if (a->dp[ix] == MP_MASK) { - ++iy; - } + if (a->dp[ix] == MP_MASK) { + ++iy; + } } return (iy >= (a->used/2)) ? MP_YES : MP_NO; - + } return MP_NO; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_reduce_setup.c b/src/ltm/bn_mp_reduce_setup.c index f97eed5..70e193a 100644 --- a/src/ltm/bn_mp_reduce_setup.c +++ b/src/ltm/bn_mp_reduce_setup.c @@ -18,17 +18,17 @@ /* pre-calculate the value required for Barrett reduction * For a given modulus "b" it calulates the value required in "a" */ -int mp_reduce_setup (mp_int * a, mp_int * b) +int mp_reduce_setup(mp_int *a, const mp_int *b) { - int res; - - if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) { - return res; - } - return mp_div (a, b, a, NULL); + int res; + + if ((res = mp_2expt(a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) { + return res; + } + return mp_div(a, b, a, NULL); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_rshd.c b/src/ltm/bn_mp_rshd.c index 77b0f6c..fd06735 100644 --- a/src/ltm/bn_mp_rshd.c +++ b/src/ltm/bn_mp_rshd.c @@ -16,57 +16,57 @@ */ /* shift right a certain amount of digits */ -void mp_rshd (mp_int * a, int b) +void mp_rshd(mp_int *a, int b) { - int x; + int x; - /* if b <= 0 then ignore it */ - if (b <= 0) { - return; - } + /* if b <= 0 then ignore it */ + if (b <= 0) { + return; + } - /* if b > used then simply zero it and return */ - if (a->used <= b) { - mp_zero (a); - return; - } + /* if b > used then simply zero it and return */ + if (a->used <= b) { + mp_zero(a); + return; + } - { - mp_digit *bottom, *top; + { + mp_digit *bottom, *top; - /* shift the digits down */ + /* shift the digits down */ - /* bottom */ - bottom = a->dp; + /* bottom */ + bottom = a->dp; - /* top [offset into digits] */ - top = a->dp + b; + /* top [offset into digits] */ + top = a->dp + b; - /* this is implemented as a sliding window where - * the window is b-digits long and digits from - * the top of the window are copied to the bottom - * - * e.g. + /* this is implemented as a sliding window where + * the window is b-digits long and digits from + * the top of the window are copied to the bottom + * + * e.g. - b-2 | b-1 | b0 | b1 | b2 | ... | bb | ----> - /\ | ----> - \-------------------/ ----> - */ - for (x = 0; x < (a->used - b); x++) { - *bottom++ = *top++; - } + b-2 | b-1 | b0 | b1 | b2 | ... | bb | ----> + /\ | ----> + \-------------------/ ----> + */ + for (x = 0; x < (a->used - b); x++) { + *bottom++ = *top++; + } - /* zero the top digits */ - for (; x < a->used; x++) { - *bottom++ = 0; - } - } - - /* remove excess digits */ - a->used -= b; + /* zero the top digits */ + for (; x < a->used; x++) { + *bottom++ = 0; + } + } + + /* remove excess digits */ + a->used -= b; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_set.c b/src/ltm/bn_mp_set.c index cac48ea..952d080 100644 --- a/src/ltm/bn_mp_set.c +++ b/src/ltm/bn_mp_set.c @@ -16,14 +16,14 @@ */ /* set to a digit */ -void mp_set (mp_int * a, mp_digit b) +void mp_set(mp_int *a, mp_digit b) { - mp_zero (a); - a->dp[0] = b & MP_MASK; - a->used = (a->dp[0] != 0) ? 1 : 0; + mp_zero(a); + a->dp[0] = b & MP_MASK; + a->used = (a->dp[0] != 0u) ? 1 : 0; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_set_int.c b/src/ltm/bn_mp_set_int.c index 5aa59d5..006f263 100644 --- a/src/ltm/bn_mp_set_int.c +++ b/src/ltm/bn_mp_set_int.c @@ -16,33 +16,33 @@ */ /* set a 32-bit const */ -int mp_set_int (mp_int * a, unsigned long b) +int mp_set_int(mp_int *a, unsigned long b) { - int x, res; + int x, res; - mp_zero (a); - - /* set four bits at a time */ - for (x = 0; x < 8; x++) { - /* shift the number up four bits */ - if ((res = mp_mul_2d (a, 4, a)) != MP_OKAY) { - return res; - } + mp_zero(a); - /* OR in the top four bits of the source */ - a->dp[0] |= (b >> 28) & 15; + /* set four bits at a time */ + for (x = 0; x < 8; x++) { + /* shift the number up four bits */ + if ((res = mp_mul_2d(a, 4, a)) != MP_OKAY) { + return res; + } - /* shift the source up to the next four bits */ - b <<= 4; + /* OR in the top four bits of the source */ + a->dp[0] |= (mp_digit)(b >> 28) & 15uL; - /* ensure that digits are not clamped off */ - a->used += 1; - } - mp_clamp (a); - return MP_OKAY; + /* shift the source up to the next four bits */ + b <<= 4; + + /* ensure that digits are not clamped off */ + a->used += 1; + } + mp_clamp(a); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_set_long.c b/src/ltm/bn_mp_set_long.c index 281fce7..8cbb811 100644 --- a/src/ltm/bn_mp_set_long.c +++ b/src/ltm/bn_mp_set_long.c @@ -19,6 +19,6 @@ MP_SET_XLONG(mp_set_long, unsigned long) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_set_long_long.c b/src/ltm/bn_mp_set_long_long.c index 3c4b01a..be0bc9a 100644 --- a/src/ltm/bn_mp_set_long_long.c +++ b/src/ltm/bn_mp_set_long_long.c @@ -16,9 +16,9 @@ */ /* set a platform dependent unsigned long long int */ -MP_SET_XLONG(mp_set_long_long, unsigned long long) +MP_SET_XLONG(mp_set_long_long, uint64_t) #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_shrink.c b/src/ltm/bn_mp_shrink.c index 1ad2ede..3e4dde0 100644 --- a/src/ltm/bn_mp_shrink.c +++ b/src/ltm/bn_mp_shrink.c @@ -16,26 +16,26 @@ */ /* shrink a bignum */ -int mp_shrink (mp_int * a) +int mp_shrink(mp_int *a) { - mp_digit *tmp; - int used = 1; - - if(a->used > 0) { - used = a->used; - } - - if (a->alloc != used) { - if ((tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * used)) == NULL) { - return MP_MEM; - } - a->dp = tmp; - a->alloc = used; - } - return MP_OKAY; + mp_digit *tmp; + int used = 1; + + if (a->used > 0) { + used = a->used; + } + + if (a->alloc != used) { + if ((tmp = OPT_CAST(mp_digit) XREALLOC(a->dp, sizeof(mp_digit) * (size_t)used)) == NULL) { + return MP_MEM; + } + a->dp = tmp; + a->alloc = used; + } + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_signed_bin_size.c b/src/ltm/bn_mp_signed_bin_size.c index 0e760a6..1fdfd85 100644 --- a/src/ltm/bn_mp_signed_bin_size.c +++ b/src/ltm/bn_mp_signed_bin_size.c @@ -16,12 +16,12 @@ */ /* get the size for an signed equivalent */ -int mp_signed_bin_size (mp_int * a) +int mp_signed_bin_size(const mp_int *a) { - return 1 + mp_unsigned_bin_size (a); + return 1 + mp_unsigned_bin_size(a); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_sqr.c b/src/ltm/bn_mp_sqr.c index ad2099b..a98f16c 100644 --- a/src/ltm/bn_mp_sqr.c +++ b/src/ltm/bn_mp_sqr.c @@ -16,45 +16,44 @@ */ /* computes b = a*a */ -int -mp_sqr (mp_int * a, mp_int * b) +int mp_sqr(const mp_int *a, mp_int *b) { - int res; + int res; #ifdef BN_MP_TOOM_SQR_C - /* use Toom-Cook? */ - if (a->used >= TOOM_SQR_CUTOFF) { - res = mp_toom_sqr(a, b); - /* Karatsuba? */ - } else + /* use Toom-Cook? */ + if (a->used >= TOOM_SQR_CUTOFF) { + res = mp_toom_sqr(a, b); + /* Karatsuba? */ + } else #endif #ifdef BN_MP_KARATSUBA_SQR_C - if (a->used >= KARATSUBA_SQR_CUTOFF) { - res = mp_karatsuba_sqr (a, b); - } else + if (a->used >= KARATSUBA_SQR_CUTOFF) { + res = mp_karatsuba_sqr(a, b); + } else #endif - { + { #ifdef BN_FAST_S_MP_SQR_C - /* can we use the fast comba multiplier? */ - if ((((a->used * 2) + 1) < MP_WARRAY) && - (a->used < - (1 << (((sizeof(mp_word) * CHAR_BIT) - (2 * DIGIT_BIT)) - 1)))) { - res = fast_s_mp_sqr (a, b); - } else + /* can we use the fast comba multiplier? */ + if ((((a->used * 2) + 1) < (int)MP_WARRAY) && + (a->used < + (int)(1u << (((sizeof(mp_word) * (size_t)CHAR_BIT) - (2u * (size_t)DIGIT_BIT)) - 1u)))) { + res = fast_s_mp_sqr(a, b); + } else #endif - { + { #ifdef BN_S_MP_SQR_C - res = s_mp_sqr (a, b); + res = s_mp_sqr(a, b); #else - res = MP_VAL; + res = MP_VAL; #endif - } - } - b->sign = MP_ZPOS; - return res; + } + } + b->sign = MP_ZPOS; + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_sqrmod.c b/src/ltm/bn_mp_sqrmod.c index 2f9463d..c3c7ec9 100644 --- a/src/ltm/bn_mp_sqrmod.c +++ b/src/ltm/bn_mp_sqrmod.c @@ -16,26 +16,25 @@ */ /* c = a * a (mod b) */ -int -mp_sqrmod (mp_int * a, mp_int * b, mp_int * c) +int mp_sqrmod(const mp_int *a, const mp_int *b, mp_int *c) { - int res; - mp_int t; + int res; + mp_int t; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } + if ((res = mp_init(&t)) != MP_OKAY) { + return res; + } - if ((res = mp_sqr (a, &t)) != MP_OKAY) { - mp_clear (&t); - return res; - } - res = mp_mod (&t, b, c); - mp_clear (&t); - return res; + if ((res = mp_sqr(a, &t)) != MP_OKAY) { + mp_clear(&t); + return res; + } + res = mp_mod(&t, b, c); + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_sqrt.c b/src/ltm/bn_mp_sqrt.c index 4a52f5e..d70c523 100644 --- a/src/ltm/bn_mp_sqrt.c +++ b/src/ltm/bn_mp_sqrt.c @@ -16,66 +16,68 @@ */ /* this function is less generic than mp_n_root, simpler and faster */ -int mp_sqrt(mp_int *arg, mp_int *ret) +int mp_sqrt(const mp_int *arg, mp_int *ret) { - int res; - mp_int t1,t2; + int res; + mp_int t1, t2; - /* must be positive */ - if (arg->sign == MP_NEG) { - return MP_VAL; - } + /* must be positive */ + if (arg->sign == MP_NEG) { + return MP_VAL; + } - /* easy out */ - if (mp_iszero(arg) == MP_YES) { - mp_zero(ret); - return MP_OKAY; - } + /* easy out */ + if (mp_iszero(arg) == MP_YES) { + mp_zero(ret); + return MP_OKAY; + } - if ((res = mp_init_copy(&t1, arg)) != MP_OKAY) { - return res; - } + if ((res = mp_init_copy(&t1, arg)) != MP_OKAY) { + return res; + } - if ((res = mp_init(&t2)) != MP_OKAY) { - goto E2; - } + if ((res = mp_init(&t2)) != MP_OKAY) { + goto E2; + } - /* First approx. (not very bad for large arg) */ - mp_rshd (&t1,t1.used/2); + /* First approx. (not very bad for large arg) */ + mp_rshd(&t1, t1.used/2); - /* t1 > 0 */ - if ((res = mp_div(arg,&t1,&t2,NULL)) != MP_OKAY) { - goto E1; - } - if ((res = mp_add(&t1,&t2,&t1)) != MP_OKAY) { - goto E1; - } - if ((res = mp_div_2(&t1,&t1)) != MP_OKAY) { - goto E1; - } - /* And now t1 > sqrt(arg) */ - do { - if ((res = mp_div(arg,&t1,&t2,NULL)) != MP_OKAY) { + /* t1 > 0 */ + if ((res = mp_div(arg, &t1, &t2, NULL)) != MP_OKAY) { goto E1; - } - if ((res = mp_add(&t1,&t2,&t1)) != MP_OKAY) { + } + if ((res = mp_add(&t1, &t2, &t1)) != MP_OKAY) { goto E1; - } - if ((res = mp_div_2(&t1,&t1)) != MP_OKAY) { + } + if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) { goto E1; - } - /* t1 >= sqrt(arg) >= t2 at this point */ - } while (mp_cmp_mag(&t1,&t2) == MP_GT); + } + /* And now t1 > sqrt(arg) */ + do { + if ((res = mp_div(arg, &t1, &t2, NULL)) != MP_OKAY) { + goto E1; + } + if ((res = mp_add(&t1, &t2, &t1)) != MP_OKAY) { + goto E1; + } + if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) { + goto E1; + } + /* t1 >= sqrt(arg) >= t2 at this point */ + } while (mp_cmp_mag(&t1, &t2) == MP_GT); - mp_exch(&t1,ret); + mp_exch(&t1, ret); -E1: mp_clear(&t2); -E2: mp_clear(&t1); - return res; +E1: + mp_clear(&t2); +E2: + mp_clear(&t1); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_sqrtmod_prime.c b/src/ltm/bn_mp_sqrtmod_prime.c index 968729e..d4cf3de 100644 --- a/src/ltm/bn_mp_sqrtmod_prime.c +++ b/src/ltm/bn_mp_sqrtmod_prime.c @@ -15,110 +15,110 @@ * */ -int mp_sqrtmod_prime(mp_int *n, mp_int *prime, mp_int *ret) +int mp_sqrtmod_prime(const mp_int *n, const mp_int *prime, mp_int *ret) { - int res, legendre; - mp_int t1, C, Q, S, Z, M, T, R, two; - mp_digit i; + int res, legendre; + mp_int t1, C, Q, S, Z, M, T, R, two; + mp_digit i; - /* first handle the simple cases */ - if (mp_cmp_d(n, 0) == MP_EQ) { - mp_zero(ret); - return MP_OKAY; - } - if (mp_cmp_d(prime, 2) == MP_EQ) return MP_VAL; /* prime must be odd */ - if ((res = mp_jacobi(n, prime, &legendre)) != MP_OKAY) return res; - if (legendre == -1) return MP_VAL; /* quadratic non-residue mod prime */ + /* first handle the simple cases */ + if (mp_cmp_d(n, 0uL) == MP_EQ) { + mp_zero(ret); + return MP_OKAY; + } + if (mp_cmp_d(prime, 2uL) == MP_EQ) return MP_VAL; /* prime must be odd */ + if ((res = mp_jacobi(n, prime, &legendre)) != MP_OKAY) return res; + if (legendre == -1) return MP_VAL; /* quadratic non-residue mod prime */ - if ((res = mp_init_multi(&t1, &C, &Q, &S, &Z, &M, &T, &R, &two, NULL)) != MP_OKAY) { - return res; - } + if ((res = mp_init_multi(&t1, &C, &Q, &S, &Z, &M, &T, &R, &two, NULL)) != MP_OKAY) { + return res; + } - /* SPECIAL CASE: if prime mod 4 == 3 - * compute directly: res = n^(prime+1)/4 mod prime - * Handbook of Applied Cryptography algorithm 3.36 - */ - if ((res = mp_mod_d(prime, 4, &i)) != MP_OKAY) goto cleanup; - if (i == 3) { - if ((res = mp_add_d(prime, 1, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_exptmod(n, &t1, prime, ret)) != MP_OKAY) goto cleanup; - res = MP_OKAY; - goto cleanup; - } - - /* NOW: Tonelli-Shanks algorithm */ - - /* factor out powers of 2 from prime-1, defining Q and S as: prime-1 = Q*2^S */ - if ((res = mp_copy(prime, &Q)) != MP_OKAY) goto cleanup; - if ((res = mp_sub_d(&Q, 1, &Q)) != MP_OKAY) goto cleanup; - /* Q = prime - 1 */ - mp_zero(&S); - /* S = 0 */ - while (mp_iseven(&Q) != MP_NO) { - if ((res = mp_div_2(&Q, &Q)) != MP_OKAY) goto cleanup; - /* Q = Q / 2 */ - if ((res = mp_add_d(&S, 1, &S)) != MP_OKAY) goto cleanup; - /* S = S + 1 */ - } - - /* find a Z such that the Legendre symbol (Z|prime) == -1 */ - if ((res = mp_set_int(&Z, 2)) != MP_OKAY) goto cleanup; - /* Z = 2 */ - while(1) { - if ((res = mp_jacobi(&Z, prime, &legendre)) != MP_OKAY) goto cleanup; - if (legendre == -1) break; - if ((res = mp_add_d(&Z, 1, &Z)) != MP_OKAY) goto cleanup; - /* Z = Z + 1 */ - } - - if ((res = mp_exptmod(&Z, &Q, prime, &C)) != MP_OKAY) goto cleanup; - /* C = Z ^ Q mod prime */ - if ((res = mp_add_d(&Q, 1, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; - /* t1 = (Q + 1) / 2 */ - if ((res = mp_exptmod(n, &t1, prime, &R)) != MP_OKAY) goto cleanup; - /* R = n ^ ((Q + 1) / 2) mod prime */ - if ((res = mp_exptmod(n, &Q, prime, &T)) != MP_OKAY) goto cleanup; - /* T = n ^ Q mod prime */ - if ((res = mp_copy(&S, &M)) != MP_OKAY) goto cleanup; - /* M = S */ - if ((res = mp_set_int(&two, 2)) != MP_OKAY) goto cleanup; - - res = MP_VAL; - while (1) { - if ((res = mp_copy(&T, &t1)) != MP_OKAY) goto cleanup; - i = 0; - while (1) { - if (mp_cmp_d(&t1, 1) == MP_EQ) break; - if ((res = mp_exptmod(&t1, &two, prime, &t1)) != MP_OKAY) goto cleanup; - i++; - } - if (i == 0) { - if ((res = mp_copy(&R, ret)) != MP_OKAY) goto cleanup; + /* SPECIAL CASE: if prime mod 4 == 3 + * compute directly: res = n^(prime+1)/4 mod prime + * Handbook of Applied Cryptography algorithm 3.36 + */ + if ((res = mp_mod_d(prime, 4uL, &i)) != MP_OKAY) goto cleanup; + if (i == 3u) { + if ((res = mp_add_d(prime, 1uL, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_exptmod(n, &t1, prime, ret)) != MP_OKAY) goto cleanup; res = MP_OKAY; goto cleanup; - } - if ((res = mp_sub_d(&M, i, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_sub_d(&t1, 1, &t1)) != MP_OKAY) goto cleanup; - if ((res = mp_exptmod(&two, &t1, prime, &t1)) != MP_OKAY) goto cleanup; - /* t1 = 2 ^ (M - i - 1) */ - if ((res = mp_exptmod(&C, &t1, prime, &t1)) != MP_OKAY) goto cleanup; - /* t1 = C ^ (2 ^ (M - i - 1)) mod prime */ - if ((res = mp_sqrmod(&t1, prime, &C)) != MP_OKAY) goto cleanup; - /* C = (t1 * t1) mod prime */ - if ((res = mp_mulmod(&R, &t1, prime, &R)) != MP_OKAY) goto cleanup; - /* R = (R * t1) mod prime */ - if ((res = mp_mulmod(&T, &C, prime, &T)) != MP_OKAY) goto cleanup; - /* T = (T * C) mod prime */ - mp_set(&M, i); - /* M = i */ - } + } + + /* NOW: Tonelli-Shanks algorithm */ + + /* factor out powers of 2 from prime-1, defining Q and S as: prime-1 = Q*2^S */ + if ((res = mp_copy(prime, &Q)) != MP_OKAY) goto cleanup; + if ((res = mp_sub_d(&Q, 1uL, &Q)) != MP_OKAY) goto cleanup; + /* Q = prime - 1 */ + mp_zero(&S); + /* S = 0 */ + while (mp_iseven(&Q) != MP_NO) { + if ((res = mp_div_2(&Q, &Q)) != MP_OKAY) goto cleanup; + /* Q = Q / 2 */ + if ((res = mp_add_d(&S, 1uL, &S)) != MP_OKAY) goto cleanup; + /* S = S + 1 */ + } + + /* find a Z such that the Legendre symbol (Z|prime) == -1 */ + if ((res = mp_set_int(&Z, 2uL)) != MP_OKAY) goto cleanup; + /* Z = 2 */ + while (1) { + if ((res = mp_jacobi(&Z, prime, &legendre)) != MP_OKAY) goto cleanup; + if (legendre == -1) break; + if ((res = mp_add_d(&Z, 1uL, &Z)) != MP_OKAY) goto cleanup; + /* Z = Z + 1 */ + } + + if ((res = mp_exptmod(&Z, &Q, prime, &C)) != MP_OKAY) goto cleanup; + /* C = Z ^ Q mod prime */ + if ((res = mp_add_d(&Q, 1uL, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_div_2(&t1, &t1)) != MP_OKAY) goto cleanup; + /* t1 = (Q + 1) / 2 */ + if ((res = mp_exptmod(n, &t1, prime, &R)) != MP_OKAY) goto cleanup; + /* R = n ^ ((Q + 1) / 2) mod prime */ + if ((res = mp_exptmod(n, &Q, prime, &T)) != MP_OKAY) goto cleanup; + /* T = n ^ Q mod prime */ + if ((res = mp_copy(&S, &M)) != MP_OKAY) goto cleanup; + /* M = S */ + if ((res = mp_set_int(&two, 2uL)) != MP_OKAY) goto cleanup; + + res = MP_VAL; + while (1) { + if ((res = mp_copy(&T, &t1)) != MP_OKAY) goto cleanup; + i = 0; + while (1) { + if (mp_cmp_d(&t1, 1uL) == MP_EQ) break; + if ((res = mp_exptmod(&t1, &two, prime, &t1)) != MP_OKAY) goto cleanup; + i++; + } + if (i == 0u) { + if ((res = mp_copy(&R, ret)) != MP_OKAY) goto cleanup; + res = MP_OKAY; + goto cleanup; + } + if ((res = mp_sub_d(&M, i, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_sub_d(&t1, 1uL, &t1)) != MP_OKAY) goto cleanup; + if ((res = mp_exptmod(&two, &t1, prime, &t1)) != MP_OKAY) goto cleanup; + /* t1 = 2 ^ (M - i - 1) */ + if ((res = mp_exptmod(&C, &t1, prime, &t1)) != MP_OKAY) goto cleanup; + /* t1 = C ^ (2 ^ (M - i - 1)) mod prime */ + if ((res = mp_sqrmod(&t1, prime, &C)) != MP_OKAY) goto cleanup; + /* C = (t1 * t1) mod prime */ + if ((res = mp_mulmod(&R, &t1, prime, &R)) != MP_OKAY) goto cleanup; + /* R = (R * t1) mod prime */ + if ((res = mp_mulmod(&T, &C, prime, &T)) != MP_OKAY) goto cleanup; + /* T = (T * C) mod prime */ + mp_set(&M, i); + /* M = i */ + } cleanup: - mp_clear_multi(&t1, &C, &Q, &S, &Z, &M, &T, &R, &two, NULL); - return res; + mp_clear_multi(&t1, &C, &Q, &S, &Z, &M, &T, &R, &two, NULL); + return res; } #endif diff --git a/src/ltm/bn_mp_sub.c b/src/ltm/bn_mp_sub.c index 0d616c2..19cb65e 100644 --- a/src/ltm/bn_mp_sub.c +++ b/src/ltm/bn_mp_sub.c @@ -16,44 +16,43 @@ */ /* high level subtraction (handles signs) */ -int -mp_sub (mp_int * a, mp_int * b, mp_int * c) +int mp_sub(const mp_int *a, const mp_int *b, mp_int *c) { - int sa, sb, res; + int sa, sb, res; - sa = a->sign; - sb = b->sign; + sa = a->sign; + sb = b->sign; - if (sa != sb) { - /* subtract a negative from a positive, OR */ - /* subtract a positive from a negative. */ - /* In either case, ADD their magnitudes, */ - /* and use the sign of the first number. */ - c->sign = sa; - res = s_mp_add (a, b, c); - } else { - /* subtract a positive from a positive, OR */ - /* subtract a negative from a negative. */ - /* First, take the difference between their */ - /* magnitudes, then... */ - if (mp_cmp_mag (a, b) != MP_LT) { - /* Copy the sign from the first */ + if (sa != sb) { + /* subtract a negative from a positive, OR */ + /* subtract a positive from a negative. */ + /* In either case, ADD their magnitudes, */ + /* and use the sign of the first number. */ c->sign = sa; - /* The first has a larger or equal magnitude */ - res = s_mp_sub (a, b, c); - } else { - /* The result has the *opposite* sign from */ - /* the first number. */ - c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS; - /* The second has a larger magnitude */ - res = s_mp_sub (b, a, c); - } - } - return res; + res = s_mp_add(a, b, c); + } else { + /* subtract a positive from a positive, OR */ + /* subtract a negative from a negative. */ + /* First, take the difference between their */ + /* magnitudes, then... */ + if (mp_cmp_mag(a, b) != MP_LT) { + /* Copy the sign from the first */ + c->sign = sa; + /* The first has a larger or equal magnitude */ + res = s_mp_sub(a, b, c); + } else { + /* The result has the *opposite* sign from */ + /* the first number. */ + c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS; + /* The second has a larger magnitude */ + res = s_mp_sub(b, a, c); + } + } + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_sub_d.c b/src/ltm/bn_mp_sub_d.c index f5a932f..e5fbfff 100644 --- a/src/ltm/bn_mp_sub_d.c +++ b/src/ltm/bn_mp_sub_d.c @@ -16,78 +16,78 @@ */ /* single digit subtraction */ -int -mp_sub_d (mp_int * a, mp_digit b, mp_int * c) +int mp_sub_d(const mp_int *a, mp_digit b, mp_int *c) { - mp_digit *tmpa, *tmpc, mu; - int res, ix, oldused; + mp_digit *tmpa, *tmpc, mu; + int res, ix, oldused; - /* grow c as required */ - if (c->alloc < (a->used + 1)) { - if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { - return res; - } - } + /* grow c as required */ + if (c->alloc < (a->used + 1)) { + if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { + return res; + } + } - /* if a is negative just do an unsigned - * addition [with fudged signs] - */ - if (a->sign == MP_NEG) { - a->sign = MP_ZPOS; - res = mp_add_d(a, b, c); - a->sign = c->sign = MP_NEG; + /* if a is negative just do an unsigned + * addition [with fudged signs] + */ + if (a->sign == MP_NEG) { + mp_int a_ = *a; + a_.sign = MP_ZPOS; + res = mp_add_d(&a_, b, c); + c->sign = MP_NEG; - /* clamp */ - mp_clamp(c); + /* clamp */ + mp_clamp(c); - return res; - } + return res; + } - /* setup regs */ - oldused = c->used; - tmpa = a->dp; - tmpc = c->dp; + /* setup regs */ + oldused = c->used; + tmpa = a->dp; + tmpc = c->dp; - /* if a <= b simply fix the single digit */ - if (((a->used == 1) && (a->dp[0] <= b)) || (a->used == 0)) { - if (a->used == 1) { - *tmpc++ = b - *tmpa; - } else { - *tmpc++ = b; - } - ix = 1; + /* if a <= b simply fix the single digit */ + if (((a->used == 1) && (a->dp[0] <= b)) || (a->used == 0)) { + if (a->used == 1) { + *tmpc++ = b - *tmpa; + } else { + *tmpc++ = b; + } + ix = 1; - /* negative/1digit */ - c->sign = MP_NEG; - c->used = 1; - } else { - /* positive/size */ - c->sign = MP_ZPOS; - c->used = a->used; + /* negative/1digit */ + c->sign = MP_NEG; + c->used = 1; + } else { + /* positive/size */ + c->sign = MP_ZPOS; + c->used = a->used; - /* subtract first digit */ - *tmpc = *tmpa++ - b; - mu = *tmpc >> ((sizeof(mp_digit) * CHAR_BIT) - 1); - *tmpc++ &= MP_MASK; + /* subtract first digit */ + *tmpc = *tmpa++ - b; + mu = *tmpc >> ((sizeof(mp_digit) * (size_t)CHAR_BIT) - 1u); + *tmpc++ &= MP_MASK; - /* handle rest of the digits */ - for (ix = 1; ix < a->used; ix++) { - *tmpc = *tmpa++ - mu; - mu = *tmpc >> ((sizeof(mp_digit) * CHAR_BIT) - 1); - *tmpc++ &= MP_MASK; - } - } + /* handle rest of the digits */ + for (ix = 1; ix < a->used; ix++) { + *tmpc = *tmpa++ - mu; + mu = *tmpc >> ((sizeof(mp_digit) * (size_t)CHAR_BIT) - 1u); + *tmpc++ &= MP_MASK; + } + } - /* zero excess digits */ - while (ix++ < oldused) { - *tmpc++ = 0; - } - mp_clamp(c); - return MP_OKAY; + /* zero excess digits */ + while (ix++ < oldused) { + *tmpc++ = 0; + } + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_submod.c b/src/ltm/bn_mp_submod.c index 87e0889..c4db397 100644 --- a/src/ltm/bn_mp_submod.c +++ b/src/ltm/bn_mp_submod.c @@ -16,27 +16,26 @@ */ /* d = a - b (mod c) */ -int -mp_submod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +int mp_submod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d) { - int res; - mp_int t; + int res; + mp_int t; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; - } + if ((res = mp_init(&t)) != MP_OKAY) { + return res; + } - if ((res = mp_sub (a, b, &t)) != MP_OKAY) { - mp_clear (&t); - return res; - } - res = mp_mod (&t, c, d); - mp_clear (&t); - return res; + if ((res = mp_sub(a, b, &t)) != MP_OKAY) { + mp_clear(&t); + return res; + } + res = mp_mod(&t, c, d); + mp_clear(&t); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_to_signed_bin.c b/src/ltm/bn_mp_to_signed_bin.c index e9289ea..4d4be88 100644 --- a/src/ltm/bn_mp_to_signed_bin.c +++ b/src/ltm/bn_mp_to_signed_bin.c @@ -16,18 +16,18 @@ */ /* store in signed [big endian] format */ -int mp_to_signed_bin (mp_int * a, unsigned char *b) +int mp_to_signed_bin(const mp_int *a, unsigned char *b) { - int res; + int res; - if ((res = mp_to_unsigned_bin (a, b + 1)) != MP_OKAY) { - return res; - } - b[0] = (a->sign == MP_ZPOS) ? (unsigned char)0 : (unsigned char)1; - return MP_OKAY; + if ((res = mp_to_unsigned_bin(a, b + 1)) != MP_OKAY) { + return res; + } + b[0] = (a->sign == MP_ZPOS) ? (unsigned char)0 : (unsigned char)1; + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_to_signed_bin_n.c b/src/ltm/bn_mp_to_signed_bin_n.c index d4fe6e6..f1d7c8b 100644 --- a/src/ltm/bn_mp_to_signed_bin_n.c +++ b/src/ltm/bn_mp_to_signed_bin_n.c @@ -16,16 +16,16 @@ */ /* store in signed [big endian] format */ -int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen) +int mp_to_signed_bin_n(const mp_int *a, unsigned char *b, unsigned long *outlen) { if (*outlen < (unsigned long)mp_signed_bin_size(a)) { return MP_VAL; } - *outlen = mp_signed_bin_size(a); + *outlen = (unsigned long)mp_signed_bin_size(a); return mp_to_signed_bin(a, b); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_to_unsigned_bin.c b/src/ltm/bn_mp_to_unsigned_bin.c index d3ef46f..a53f711 100644 --- a/src/ltm/bn_mp_to_unsigned_bin.c +++ b/src/ltm/bn_mp_to_unsigned_bin.c @@ -16,33 +16,33 @@ */ /* store in unsigned [big endian] format */ -int mp_to_unsigned_bin (mp_int * a, unsigned char *b) +int mp_to_unsigned_bin(const mp_int *a, unsigned char *b) { - int x, res; - mp_int t; + int x, res; + mp_int t; - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - - x = 0; - while (mp_iszero (&t) == MP_NO) { -#ifndef MP_8BIT - b[x++] = (unsigned char) (t.dp[0] & 255); -#else - b[x++] = (unsigned char) (t.dp[0] | ((t.dp[1] & 0x01) << 7)); -#endif - if ((res = mp_div_2d (&t, 8, &t, NULL)) != MP_OKAY) { - mp_clear (&t); + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { return res; - } - } - bn_reverse (b, x); - mp_clear (&t); - return MP_OKAY; + } + + x = 0; + while (mp_iszero(&t) == MP_NO) { +#ifndef MP_8BIT + b[x++] = (unsigned char)(t.dp[0] & 255u); +#else + b[x++] = (unsigned char)(t.dp[0] | ((t.dp[1] & 1u) << 7)); +#endif + if ((res = mp_div_2d(&t, 8, &t, NULL)) != MP_OKAY) { + mp_clear(&t); + return res; + } + } + bn_reverse(b, x); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_to_unsigned_bin_n.c b/src/ltm/bn_mp_to_unsigned_bin_n.c index 2da13cc..e7d303c 100644 --- a/src/ltm/bn_mp_to_unsigned_bin_n.c +++ b/src/ltm/bn_mp_to_unsigned_bin_n.c @@ -16,16 +16,16 @@ */ /* store in unsigned [big endian] format */ -int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen) +int mp_to_unsigned_bin_n(const mp_int *a, unsigned char *b, unsigned long *outlen) { if (*outlen < (unsigned long)mp_unsigned_bin_size(a)) { return MP_VAL; } - *outlen = mp_unsigned_bin_size(a); + *outlen = (unsigned long)mp_unsigned_bin_size(a); return mp_to_unsigned_bin(a, b); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_toom_mul.c b/src/ltm/bn_mp_toom_mul.c index 4731f8f..00b6bfb 100644 --- a/src/ltm/bn_mp_toom_mul.c +++ b/src/ltm/bn_mp_toom_mul.c @@ -22,265 +22,265 @@ * only particularly useful on VERY large inputs * (we're talking 1000s of digits here...). */ -int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c) +int mp_toom_mul(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int w0, w1, w2, w3, w4, tmp1, tmp2, a0, a1, a2, b0, b1, b2; - int res, B; + mp_int w0, w1, w2, w3, w4, tmp1, tmp2, a0, a1, a2, b0, b1, b2; + int res, B; - /* init temps */ - if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, - &a0, &a1, &a2, &b0, &b1, - &b2, &tmp1, &tmp2, NULL)) != MP_OKAY) { - return res; - } + /* init temps */ + if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, + &a0, &a1, &a2, &b0, &b1, + &b2, &tmp1, &tmp2, NULL)) != MP_OKAY) { + return res; + } - /* B */ - B = MIN(a->used, b->used) / 3; + /* B */ + B = MIN(a->used, b->used) / 3; - /* a = a2 * B**2 + a1 * B + a0 */ - if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { - goto ERR; - } + /* a = a2 * B**2 + a1 * B + a0 */ + if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_copy(a, &a1)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&a1, B); - if ((res = mp_mod_2d(&a1, DIGIT_BIT * B, &a1)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_copy(a, &a1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a1, B); + if ((res = mp_mod_2d(&a1, DIGIT_BIT * B, &a1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_copy(a, &a2)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&a2, B*2); + if ((res = mp_copy(a, &a2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a2, B*2); - /* b = b2 * B**2 + b1 * B + b0 */ - if ((res = mp_mod_2d(b, DIGIT_BIT * B, &b0)) != MP_OKAY) { - goto ERR; - } + /* b = b2 * B**2 + b1 * B + b0 */ + if ((res = mp_mod_2d(b, DIGIT_BIT * B, &b0)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_copy(b, &b1)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&b1, B); - (void)mp_mod_2d(&b1, DIGIT_BIT * B, &b1); + if ((res = mp_copy(b, &b1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&b1, B); + (void)mp_mod_2d(&b1, DIGIT_BIT * B, &b1); - if ((res = mp_copy(b, &b2)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&b2, B*2); + if ((res = mp_copy(b, &b2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&b2, B*2); - /* w0 = a0*b0 */ - if ((res = mp_mul(&a0, &b0, &w0)) != MP_OKAY) { - goto ERR; - } + /* w0 = a0*b0 */ + if ((res = mp_mul(&a0, &b0, &w0)) != MP_OKAY) { + goto ERR; + } - /* w4 = a2 * b2 */ - if ((res = mp_mul(&a2, &b2, &w4)) != MP_OKAY) { - goto ERR; - } + /* w4 = a2 * b2 */ + if ((res = mp_mul(&a2, &b2, &w4)) != MP_OKAY) { + goto ERR; + } - /* w1 = (a2 + 2(a1 + 2a0))(b2 + 2(b1 + 2b0)) */ - if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { - goto ERR; - } + /* w1 = (a2 + 2(a1 + 2a0))(b2 + 2(b1 + 2b0)) */ + if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_mul_2(&b0, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp2, &b2, &tmp2)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_mul_2(&b0, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b2, &tmp2)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_mul(&tmp1, &tmp2, &w1)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_mul(&tmp1, &tmp2, &w1)) != MP_OKAY) { + goto ERR; + } - /* w3 = (a0 + 2(a1 + 2a2))(b0 + 2(b1 + 2b2)) */ - if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { - goto ERR; - } + /* w3 = (a0 + 2(a1 + 2a2))(b0 + 2(b1 + 2b2)) */ + if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_mul_2(&b2, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_mul_2(&b2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_mul(&tmp1, &tmp2, &w3)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_mul(&tmp1, &tmp2, &w3)) != MP_OKAY) { + goto ERR; + } - /* w2 = (a2 + a1 + a0)(b2 + b1 + b0) */ - if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&b2, &b1, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul(&tmp1, &tmp2, &w2)) != MP_OKAY) { - goto ERR; - } + /* w2 = (a2 + a1 + a0)(b2 + b1 + b0) */ + if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&b2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul(&tmp1, &tmp2, &w2)) != MP_OKAY) { + goto ERR; + } - /* now solve the matrix + /* now solve the matrix - 0 0 0 0 1 - 1 2 4 8 16 - 1 1 1 1 1 - 16 8 4 2 1 - 1 0 0 0 0 + 0 0 0 0 1 + 1 2 4 8 16 + 1 1 1 1 1 + 16 8 4 2 1 + 1 0 0 0 0 - using 12 subtractions, 4 shifts, - 2 small divisions and 1 small multiplication - */ + using 12 subtractions, 4 shifts, + 2 small divisions and 1 small multiplication + */ - /* r1 - r4 */ - if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r0 */ - if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1/2 */ - if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3/2 */ - if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { - goto ERR; - } - /* r2 - r0 - r4 */ - if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { - goto ERR; - } - /* r1 - r2 */ - if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r2 */ - if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1 - 8r0 */ - if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - 8r4 */ - if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { - goto ERR; - } - /* 3r2 - r1 - r3 */ - if ((res = mp_mul_d(&w2, 3, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { - goto ERR; - } - /* r1 - r2 */ - if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r2 */ - if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1/3 */ - if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { - goto ERR; - } - /* r3/3 */ - if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { - goto ERR; - } + /* r1 - r4 */ + if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r0 */ + if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/2 */ + if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3/2 */ + if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { + goto ERR; + } + /* r2 - r0 - r4 */ + if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1 - 8r0 */ + if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - 8r4 */ + if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { + goto ERR; + } + /* 3r2 - r1 - r3 */ + if ((res = mp_mul_d(&w2, 3uL, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/3 */ + if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { + goto ERR; + } + /* r3/3 */ + if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { + goto ERR; + } - /* at this point shift W[n] by B*n */ - if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { - goto ERR; - } + /* at this point shift W[n] by B*n */ + if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_add(&w0, &w1, c)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, c, c)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_add(&w0, &w1, c)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, c, c)) != MP_OKAY) { + goto ERR; + } ERR: - mp_clear_multi(&w0, &w1, &w2, &w3, &w4, - &a0, &a1, &a2, &b0, &b1, - &b2, &tmp1, &tmp2, NULL); - return res; + mp_clear_multi(&w0, &w1, &w2, &w3, &w4, + &a0, &a1, &a2, &b0, &b1, + &b2, &tmp1, &tmp2, NULL); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_toom_sqr.c b/src/ltm/bn_mp_toom_sqr.c index 69b69d4..183de20 100644 --- a/src/ltm/bn_mp_toom_sqr.c +++ b/src/ltm/bn_mp_toom_sqr.c @@ -16,213 +16,212 @@ */ /* squaring using Toom-Cook 3-way algorithm */ -int -mp_toom_sqr(mp_int *a, mp_int *b) +int mp_toom_sqr(const mp_int *a, mp_int *b) { - mp_int w0, w1, w2, w3, w4, tmp1, a0, a1, a2; - int res, B; + mp_int w0, w1, w2, w3, w4, tmp1, a0, a1, a2; + int res, B; - /* init temps */ - if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL)) != MP_OKAY) { - return res; - } + /* init temps */ + if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL)) != MP_OKAY) { + return res; + } - /* B */ - B = a->used / 3; + /* B */ + B = a->used / 3; - /* a = a2 * B**2 + a1 * B + a0 */ - if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { - goto ERR; - } + /* a = a2 * B**2 + a1 * B + a0 */ + if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_copy(a, &a1)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&a1, B); - if ((res = mp_mod_2d(&a1, DIGIT_BIT * B, &a1)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_copy(a, &a1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a1, B); + if ((res = mp_mod_2d(&a1, DIGIT_BIT * B, &a1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_copy(a, &a2)) != MP_OKAY) { - goto ERR; - } - mp_rshd(&a2, B*2); + if ((res = mp_copy(a, &a2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a2, B*2); - /* w0 = a0*a0 */ - if ((res = mp_sqr(&a0, &w0)) != MP_OKAY) { - goto ERR; - } + /* w0 = a0*a0 */ + if ((res = mp_sqr(&a0, &w0)) != MP_OKAY) { + goto ERR; + } - /* w4 = a2 * a2 */ - if ((res = mp_sqr(&a2, &w4)) != MP_OKAY) { - goto ERR; - } + /* w4 = a2 * a2 */ + if ((res = mp_sqr(&a2, &w4)) != MP_OKAY) { + goto ERR; + } - /* w1 = (a2 + 2(a1 + 2a0))**2 */ - if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { - goto ERR; - } + /* w1 = (a2 + 2(a1 + 2a0))**2 */ + if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_sqr(&tmp1, &w1)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_sqr(&tmp1, &w1)) != MP_OKAY) { + goto ERR; + } - /* w3 = (a0 + 2(a1 + 2a2))**2 */ - if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { - goto ERR; - } + /* w3 = (a0 + 2(a1 + 2a2))**2 */ + if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_sqr(&tmp1, &w3)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_sqr(&tmp1, &w3)) != MP_OKAY) { + goto ERR; + } - /* w2 = (a2 + a1 + a0)**2 */ - if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sqr(&tmp1, &w2)) != MP_OKAY) { - goto ERR; - } + /* w2 = (a2 + a1 + a0)**2 */ + if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sqr(&tmp1, &w2)) != MP_OKAY) { + goto ERR; + } - /* now solve the matrix + /* now solve the matrix - 0 0 0 0 1 - 1 2 4 8 16 - 1 1 1 1 1 - 16 8 4 2 1 - 1 0 0 0 0 + 0 0 0 0 1 + 1 2 4 8 16 + 1 1 1 1 1 + 16 8 4 2 1 + 1 0 0 0 0 - using 12 subtractions, 4 shifts, 2 small divisions and 1 small multiplication. - */ + using 12 subtractions, 4 shifts, 2 small divisions and 1 small multiplication. + */ - /* r1 - r4 */ - if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r0 */ - if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1/2 */ - if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3/2 */ - if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { - goto ERR; - } - /* r2 - r0 - r4 */ - if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { - goto ERR; - } - /* r1 - r2 */ - if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r2 */ - if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1 - 8r0 */ - if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - 8r4 */ - if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { - goto ERR; - } - /* 3r2 - r1 - r3 */ - if ((res = mp_mul_d(&w2, 3, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { - goto ERR; - } - /* r1 - r2 */ - if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { - goto ERR; - } - /* r3 - r2 */ - if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { - goto ERR; - } - /* r1/3 */ - if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { - goto ERR; - } - /* r3/3 */ - if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { - goto ERR; - } + /* r1 - r4 */ + if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r0 */ + if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/2 */ + if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3/2 */ + if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { + goto ERR; + } + /* r2 - r0 - r4 */ + if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1 - 8r0 */ + if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - 8r4 */ + if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { + goto ERR; + } + /* 3r2 - r1 - r3 */ + if ((res = mp_mul_d(&w2, 3uL, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/3 */ + if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { + goto ERR; + } + /* r3/3 */ + if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { + goto ERR; + } - /* at this point shift W[n] by B*n */ - if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { - goto ERR; - } + /* at this point shift W[n] by B*n */ + if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { + goto ERR; + } - if ((res = mp_add(&w0, &w1, b)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { - goto ERR; - } - if ((res = mp_add(&tmp1, b, b)) != MP_OKAY) { - goto ERR; - } + if ((res = mp_add(&w0, &w1, b)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, b, b)) != MP_OKAY) { + goto ERR; + } ERR: - mp_clear_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL); - return res; + mp_clear_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL); + return res; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_toradix.c b/src/ltm/bn_mp_toradix.c index f04352d..7dd6e4f 100644 --- a/src/ltm/bn_mp_toradix.c +++ b/src/ltm/bn_mp_toradix.c @@ -16,60 +16,60 @@ */ /* stores a bignum as a ASCII string in a given radix (2..64) */ -int mp_toradix (mp_int * a, char *str, int radix) +int mp_toradix(const mp_int *a, char *str, int radix) { - int res, digs; - mp_int t; - mp_digit d; - char *_s = str; + int res, digs; + mp_int t; + mp_digit d; + char *_s = str; - /* check range of the radix */ - if ((radix < 2) || (radix > 64)) { - return MP_VAL; - } + /* check range of the radix */ + if ((radix < 2) || (radix > 64)) { + return MP_VAL; + } - /* quick out if its zero */ - if (mp_iszero(a) == MP_YES) { - *str++ = '0'; - *str = '\0'; - return MP_OKAY; - } + /* quick out if its zero */ + if (mp_iszero(a) == MP_YES) { + *str++ = '0'; + *str = '\0'; + return MP_OKAY; + } - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - - /* if it is negative output a - */ - if (t.sign == MP_NEG) { - ++_s; - *str++ = '-'; - t.sign = MP_ZPOS; - } - - digs = 0; - while (mp_iszero (&t) == MP_NO) { - if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { - mp_clear (&t); + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { return res; - } - *str++ = mp_s_rmap[d]; - ++digs; - } + } - /* reverse the digits of the string. In this case _s points - * to the first digit [exluding the sign] of the number] - */ - bn_reverse ((unsigned char *)_s, digs); + /* if it is negative output a - */ + if (t.sign == MP_NEG) { + ++_s; + *str++ = '-'; + t.sign = MP_ZPOS; + } - /* append a NULL so the string is properly terminated */ - *str = '\0'; + digs = 0; + while (mp_iszero(&t) == MP_NO) { + if ((res = mp_div_d(&t, (mp_digit)radix, &t, &d)) != MP_OKAY) { + mp_clear(&t); + return res; + } + *str++ = mp_s_rmap[d]; + ++digs; + } - mp_clear (&t); - return MP_OKAY; + /* reverse the digits of the string. In this case _s points + * to the first digit [exluding the sign] of the number] + */ + bn_reverse((unsigned char *)_s, digs); + + /* append a NULL so the string is properly terminated */ + *str = '\0'; + + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_toradix_n.c b/src/ltm/bn_mp_toradix_n.c index 19b61d7..ef885fc 100644 --- a/src/ltm/bn_mp_toradix_n.c +++ b/src/ltm/bn_mp_toradix_n.c @@ -15,74 +15,74 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ -/* stores a bignum as a ASCII string in a given radix (2..64) +/* stores a bignum as a ASCII string in a given radix (2..64) * - * Stores upto maxlen-1 chars and always a NULL byte + * Stores upto maxlen-1 chars and always a NULL byte */ -int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen) +int mp_toradix_n(const mp_int *a, char *str, int radix, int maxlen) { - int res, digs; - mp_int t; - mp_digit d; - char *_s = str; + int res, digs; + mp_int t; + mp_digit d; + char *_s = str; - /* check range of the maxlen, radix */ - if ((maxlen < 2) || (radix < 2) || (radix > 64)) { - return MP_VAL; - } + /* check range of the maxlen, radix */ + if ((maxlen < 2) || (radix < 2) || (radix > 64)) { + return MP_VAL; + } - /* quick out if its zero */ - if (mp_iszero(a) == MP_YES) { - *str++ = '0'; - *str = '\0'; - return MP_OKAY; - } + /* quick out if its zero */ + if (mp_iszero(a) == MP_YES) { + *str++ = '0'; + *str = '\0'; + return MP_OKAY; + } - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - - /* if it is negative output a - */ - if (t.sign == MP_NEG) { - /* we have to reverse our digits later... but not the - sign!! */ - ++_s; - - /* store the flag and mark the number as positive */ - *str++ = '-'; - t.sign = MP_ZPOS; - - /* subtract a char */ - --maxlen; - } - - digs = 0; - while (mp_iszero (&t) == MP_NO) { - if (--maxlen < 1) { - /* no more room */ - break; - } - if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { - mp_clear (&t); + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { return res; - } - *str++ = mp_s_rmap[d]; - ++digs; - } + } - /* reverse the digits of the string. In this case _s points - * to the first digit [exluding the sign] of the number - */ - bn_reverse ((unsigned char *)_s, digs); + /* if it is negative output a - */ + if (t.sign == MP_NEG) { + /* we have to reverse our digits later... but not the - sign!! */ + ++_s; - /* append a NULL so the string is properly terminated */ - *str = '\0'; + /* store the flag and mark the number as positive */ + *str++ = '-'; + t.sign = MP_ZPOS; - mp_clear (&t); - return MP_OKAY; + /* subtract a char */ + --maxlen; + } + + digs = 0; + while (mp_iszero(&t) == MP_NO) { + if (--maxlen < 1) { + /* no more room */ + break; + } + if ((res = mp_div_d(&t, (mp_digit)radix, &t, &d)) != MP_OKAY) { + mp_clear(&t); + return res; + } + *str++ = mp_s_rmap[d]; + ++digs; + } + + /* reverse the digits of the string. In this case _s points + * to the first digit [exluding the sign] of the number + */ + bn_reverse((unsigned char *)_s, digs); + + /* append a NULL so the string is properly terminated */ + *str = '\0'; + + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_unsigned_bin_size.c b/src/ltm/bn_mp_unsigned_bin_size.c index 0312625..2b9ce8a 100644 --- a/src/ltm/bn_mp_unsigned_bin_size.c +++ b/src/ltm/bn_mp_unsigned_bin_size.c @@ -16,13 +16,13 @@ */ /* get the size for an unsigned equivalent */ -int mp_unsigned_bin_size (mp_int * a) +int mp_unsigned_bin_size(const mp_int *a) { - int size = mp_count_bits (a); - return (size / 8) + (((size & 7) != 0) ? 1 : 0); + int size = mp_count_bits(a); + return (size / 8) + ((((unsigned)size & 7u) != 0u) ? 1 : 0); } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_xor.c b/src/ltm/bn_mp_xor.c index 3c2ba9e..9ebc53a 100644 --- a/src/ltm/bn_mp_xor.c +++ b/src/ltm/bn_mp_xor.c @@ -16,36 +16,36 @@ */ /* XOR two ints together */ -int -mp_xor (mp_int * a, mp_int * b, mp_int * c) +int mp_xor(const mp_int *a, const mp_int *b, mp_int *c) { - int res, ix, px; - mp_int t, *x; + int res, ix, px; + mp_int t; + const mp_int *x; - if (a->used > b->used) { - if ((res = mp_init_copy (&t, a)) != MP_OKAY) { - return res; - } - px = b->used; - x = b; - } else { - if ((res = mp_init_copy (&t, b)) != MP_OKAY) { - return res; - } - px = a->used; - x = a; - } + if (a->used > b->used) { + if ((res = mp_init_copy(&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy(&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } - for (ix = 0; ix < px; ix++) { - t.dp[ix] ^= x->dp[ix]; - } - mp_clamp (&t); - mp_exch (c, &t); - mp_clear (&t); - return MP_OKAY; + for (ix = 0; ix < px; ix++) { + t.dp[ix] ^= x->dp[ix]; + } + mp_clamp(&t); + mp_exch(c, &t); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_mp_zero.c b/src/ltm/bn_mp_zero.c index 21365ed..08aac2a 100644 --- a/src/ltm/bn_mp_zero.c +++ b/src/ltm/bn_mp_zero.c @@ -16,21 +16,21 @@ */ /* set to zero */ -void mp_zero (mp_int * a) +void mp_zero(mp_int *a) { - int n; - mp_digit *tmp; + int n; + mp_digit *tmp; - a->sign = MP_ZPOS; - a->used = 0; + a->sign = MP_ZPOS; + a->used = 0; - tmp = a->dp; - for (n = 0; n < a->alloc; n++) { - *tmp++ = 0; - } + tmp = a->dp; + for (n = 0; n < a->alloc; n++) { + *tmp++ = 0; + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_prime_tab.c b/src/ltm/bn_prime_tab.c index ae727a4..c8fadcd 100644 --- a/src/ltm/bn_prime_tab.c +++ b/src/ltm/bn_prime_tab.c @@ -15,47 +15,47 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ const mp_digit ltm_prime_tab[] = { - 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, - 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, - 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, - 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, + 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, + 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, + 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, + 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, #ifndef MP_8BIT - 0x0083, - 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, - 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, - 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, - 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, + 0x0083, + 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, + 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, + 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, + 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, - 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, - 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, - 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, - 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, - 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, - 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, - 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, - 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, + 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, + 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, + 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, + 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, + 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, + 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, + 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, + 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, - 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, - 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, - 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, - 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, - 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, - 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, - 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, - 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, + 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, + 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, + 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, + 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, + 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, + 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, + 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, + 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, - 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, - 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, - 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, - 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, - 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, - 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, - 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, - 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653 + 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, + 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, + 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, + 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, + 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, + 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, + 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, + 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653 #endif }; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_reverse.c b/src/ltm/bn_reverse.c index fc6eb2d..71e3d03 100644 --- a/src/ltm/bn_reverse.c +++ b/src/ltm/bn_reverse.c @@ -16,24 +16,23 @@ */ /* reverse an array, used for radix code */ -void -bn_reverse (unsigned char *s, int len) +void bn_reverse(unsigned char *s, int len) { - int ix, iy; - unsigned char t; + int ix, iy; + unsigned char t; - ix = 0; - iy = len - 1; - while (ix < iy) { - t = s[ix]; - s[ix] = s[iy]; - s[iy] = t; - ++ix; - --iy; - } + ix = 0; + iy = len - 1; + while (ix < iy) { + t = s[ix]; + s[ix] = s[iy]; + s[iy] = t; + ++ix; + --iy; + } } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_add.c b/src/ltm/bn_s_mp_add.c index c2ad649..3f908ef 100644 --- a/src/ltm/bn_s_mp_add.c +++ b/src/ltm/bn_s_mp_add.c @@ -16,94 +16,93 @@ */ /* low level addition, based on HAC pp.594, Algorithm 14.7 */ -int -s_mp_add (mp_int * a, mp_int * b, mp_int * c) +int s_mp_add(const mp_int *a, const mp_int *b, mp_int *c) { - mp_int *x; - int olduse, res, min, max; + const mp_int *x; + int olduse, res, min, max; - /* find sizes, we let |a| <= |b| which means we have to sort - * them. "x" will point to the input with the most digits - */ - if (a->used > b->used) { - min = b->used; - max = a->used; - x = a; - } else { - min = a->used; - max = b->used; - x = b; - } + /* find sizes, we let |a| <= |b| which means we have to sort + * them. "x" will point to the input with the most digits + */ + if (a->used > b->used) { + min = b->used; + max = a->used; + x = a; + } else { + min = a->used; + max = b->used; + x = b; + } - /* init result */ - if (c->alloc < (max + 1)) { - if ((res = mp_grow (c, max + 1)) != MP_OKAY) { - return res; - } - } - - /* get old used digit count and set new one */ - olduse = c->used; - c->used = max + 1; - - { - mp_digit u, *tmpa, *tmpb, *tmpc; - int i; - - /* alias for digit pointers */ - - /* first input */ - tmpa = a->dp; - - /* second input */ - tmpb = b->dp; - - /* destination */ - tmpc = c->dp; - - /* zero the carry */ - u = 0; - for (i = 0; i < min; i++) { - /* Compute the sum at one digit, T[i] = A[i] + B[i] + U */ - *tmpc = *tmpa++ + *tmpb++ + u; - - /* U = carry bit of T[i] */ - u = *tmpc >> ((mp_digit)DIGIT_BIT); - - /* take away carry bit from T[i] */ - *tmpc++ &= MP_MASK; - } - - /* now copy higher words if any, that is in A+B - * if A or B has more digits add those in - */ - if (min != max) { - for (; i < max; i++) { - /* T[i] = X[i] + U */ - *tmpc = x->dp[i] + u; - - /* U = carry bit of T[i] */ - u = *tmpc >> ((mp_digit)DIGIT_BIT); - - /* take away carry bit from T[i] */ - *tmpc++ &= MP_MASK; + /* init result */ + if (c->alloc < (max + 1)) { + if ((res = mp_grow(c, max + 1)) != MP_OKAY) { + return res; } - } + } - /* add carry */ - *tmpc++ = u; + /* get old used digit count and set new one */ + olduse = c->used; + c->used = max + 1; - /* clear digits above oldused */ - for (i = c->used; i < olduse; i++) { - *tmpc++ = 0; - } - } + { + mp_digit u, *tmpa, *tmpb, *tmpc; + int i; - mp_clamp (c); - return MP_OKAY; + /* alias for digit pointers */ + + /* first input */ + tmpa = a->dp; + + /* second input */ + tmpb = b->dp; + + /* destination */ + tmpc = c->dp; + + /* zero the carry */ + u = 0; + for (i = 0; i < min; i++) { + /* Compute the sum at one digit, T[i] = A[i] + B[i] + U */ + *tmpc = *tmpa++ + *tmpb++ + u; + + /* U = carry bit of T[i] */ + u = *tmpc >> (mp_digit)DIGIT_BIT; + + /* take away carry bit from T[i] */ + *tmpc++ &= MP_MASK; + } + + /* now copy higher words if any, that is in A+B + * if A or B has more digits add those in + */ + if (min != max) { + for (; i < max; i++) { + /* T[i] = X[i] + U */ + *tmpc = x->dp[i] + u; + + /* U = carry bit of T[i] */ + u = *tmpc >> (mp_digit)DIGIT_BIT; + + /* take away carry bit from T[i] */ + *tmpc++ &= MP_MASK; + } + } + + /* add carry */ + *tmpc++ = u; + + /* clear digits above oldused */ + for (i = c->used; i < olduse; i++) { + *tmpc++ = 0; + } + } + + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_exptmod.c b/src/ltm/bn_s_mp_exptmod.c index 63e1b1e..46e50df 100644 --- a/src/ltm/bn_s_mp_exptmod.c +++ b/src/ltm/bn_s_mp_exptmod.c @@ -15,238 +15,240 @@ * Tom St Denis, tstdenis82@gmail.com, http://libtom.org */ #ifdef MP_LOW_MEM - #define TAB_SIZE 32 +# define TAB_SIZE 32 #else - #define TAB_SIZE 256 +# define TAB_SIZE 256 #endif -int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) +int s_mp_exptmod(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y, int redmode) { - mp_int M[TAB_SIZE], res, mu; - mp_digit buf; - int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; - int (*redux)(mp_int*,mp_int*,mp_int*); + mp_int M[TAB_SIZE], res, mu; + mp_digit buf; + int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; + int (*redux)(mp_int *x, const mp_int *m, const mp_int *mu); - /* find window size */ - x = mp_count_bits (X); - if (x <= 7) { - winsize = 2; - } else if (x <= 36) { - winsize = 3; - } else if (x <= 140) { - winsize = 4; - } else if (x <= 450) { - winsize = 5; - } else if (x <= 1303) { - winsize = 6; - } else if (x <= 3529) { - winsize = 7; - } else { - winsize = 8; - } + /* find window size */ + x = mp_count_bits(X); + if (x <= 7) { + winsize = 2; + } else if (x <= 36) { + winsize = 3; + } else if (x <= 140) { + winsize = 4; + } else if (x <= 450) { + winsize = 5; + } else if (x <= 1303) { + winsize = 6; + } else if (x <= 3529) { + winsize = 7; + } else { + winsize = 8; + } #ifdef MP_LOW_MEM - if (winsize > 5) { - winsize = 5; - } + if (winsize > 5) { + winsize = 5; + } #endif - /* init M array */ - /* init first cell */ - if ((err = mp_init(&M[1])) != MP_OKAY) { - return err; - } - - /* now init the second half of the array */ - for (x = 1<<(winsize-1); x < (1 << winsize); x++) { - if ((err = mp_init(&M[x])) != MP_OKAY) { - for (y = 1<<(winsize-1); y < x; y++) { - mp_clear (&M[y]); - } - mp_clear(&M[1]); + /* init M array */ + /* init first cell */ + if ((err = mp_init(&M[1])) != MP_OKAY) { return err; - } - } + } - /* create mu, used for Barrett reduction */ - if ((err = mp_init (&mu)) != MP_OKAY) { - goto LBL_M; - } - - if (redmode == 0) { - if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) { - goto LBL_MU; - } - redux = mp_reduce; - } else { - if ((err = mp_reduce_2k_setup_l (P, &mu)) != MP_OKAY) { - goto LBL_MU; - } - redux = mp_reduce_2k_l; - } + /* now init the second half of the array */ + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + if ((err = mp_init(&M[x])) != MP_OKAY) { + for (y = 1<<(winsize-1); y < x; y++) { + mp_clear(&M[y]); + } + mp_clear(&M[1]); + return err; + } + } - /* create M table - * - * The M table contains powers of the base, - * e.g. M[x] = G**x mod P - * - * The first half of the table is not - * computed though accept for M[0] and M[1] - */ - if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) { - goto LBL_MU; - } + /* create mu, used for Barrett reduction */ + if ((err = mp_init(&mu)) != MP_OKAY) { + goto LBL_M; + } - /* compute the value at M[1<<(winsize-1)] by squaring - * M[1] (winsize-1) times - */ - if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { - goto LBL_MU; - } + if (redmode == 0) { + if ((err = mp_reduce_setup(&mu, P)) != MP_OKAY) { + goto LBL_MU; + } + redux = mp_reduce; + } else { + if ((err = mp_reduce_2k_setup_l(P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + redux = mp_reduce_2k_l; + } - for (x = 0; x < (winsize - 1); x++) { - /* square it */ - if ((err = mp_sqr (&M[1 << (winsize - 1)], - &M[1 << (winsize - 1)])) != MP_OKAY) { + /* create M table + * + * The M table contains powers of the base, + * e.g. M[x] = G**x mod P + * + * The first half of the table is not + * computed though accept for M[0] and M[1] + */ + if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) { goto LBL_MU; - } + } - /* reduce modulo P */ - if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) { + /* compute the value at M[1<<(winsize-1)] by squaring + * M[1] (winsize-1) times + */ + if ((err = mp_copy(&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { goto LBL_MU; - } - } + } - /* create upper table, that is M[x] = M[x-1] * M[1] (mod P) - * for x = (2**(winsize - 1) + 1) to (2**winsize - 1) - */ - for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { - if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) { + for (x = 0; x < (winsize - 1); x++) { + /* square it */ + if ((err = mp_sqr(&M[1 << (winsize - 1)], + &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_MU; + } + + /* reduce modulo P */ + if ((err = redux(&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + } + + /* create upper table, that is M[x] = M[x-1] * M[1] (mod P) + * for x = (2**(winsize - 1) + 1) to (2**winsize - 1) + */ + for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { + if ((err = mp_mul(&M[x - 1], &M[1], &M[x])) != MP_OKAY) { + goto LBL_MU; + } + if ((err = redux(&M[x], P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + } + + /* setup result */ + if ((err = mp_init(&res)) != MP_OKAY) { goto LBL_MU; - } - if ((err = redux (&M[x], P, &mu)) != MP_OKAY) { - goto LBL_MU; - } - } + } + mp_set(&res, 1uL); - /* setup result */ - if ((err = mp_init (&res)) != MP_OKAY) { - goto LBL_MU; - } - mp_set (&res, 1); + /* set initial mode and bit cnt */ + mode = 0; + bitcnt = 1; + buf = 0; + digidx = X->used - 1; + bitcpy = 0; + bitbuf = 0; - /* set initial mode and bit cnt */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = X->used - 1; - bitcpy = 0; - bitbuf = 0; - - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - /* if digidx == -1 we are out of digits */ - if (digidx == -1) { - break; - } - /* read next digit and reset the bitcnt */ - buf = X->dp[digidx--]; - bitcnt = (int) DIGIT_BIT; - } - - /* grab the next msb from the exponent */ - y = (buf >> (mp_digit)(DIGIT_BIT - 1)) & 1; - buf <<= (mp_digit)1; - - /* if the bit is zero and mode == 0 then we ignore it - * These represent the leading zero bits before the first 1 bit - * in the exponent. Technically this opt is not required but it - * does lower the # of trivial squaring/reductions used - */ - if ((mode == 0) && (y == 0)) { - continue; - } - - /* if the bit is zero and mode == 1 then we square */ - if ((mode == 1) && (y == 0)) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, &mu)) != MP_OKAY) { - goto LBL_RES; - } - continue; - } - - /* else we add it to the window */ - bitbuf |= (y << (winsize - ++bitcpy)); - mode = 2; - - if (bitcpy == winsize) { - /* ok window is filled so square as required and multiply */ - /* square first */ - for (x = 0; x < winsize; x++) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, &mu)) != MP_OKAY) { - goto LBL_RES; - } + for (;;) { + /* grab next digit as required */ + if (--bitcnt == 0) { + /* if digidx == -1 we are out of digits */ + if (digidx == -1) { + break; + } + /* read next digit and reset the bitcnt */ + buf = X->dp[digidx--]; + bitcnt = (int)DIGIT_BIT; } - /* then multiply */ - if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, &mu)) != MP_OKAY) { - goto LBL_RES; + /* grab the next msb from the exponent */ + y = (buf >> (mp_digit)(DIGIT_BIT - 1)) & 1; + buf <<= (mp_digit)1; + + /* if the bit is zero and mode == 0 then we ignore it + * These represent the leading zero bits before the first 1 bit + * in the exponent. Technically this opt is not required but it + * does lower the # of trivial squaring/reductions used + */ + if ((mode == 0) && (y == 0)) { + continue; } - /* empty window and reset */ - bitcpy = 0; - bitbuf = 0; - mode = 1; - } - } - - /* if bits remain then square/multiply */ - if ((mode == 2) && (bitcpy > 0)) { - /* square then multiply if the bit is set */ - for (x = 0; x < bitcpy; x++) { - if ((err = mp_sqr (&res, &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, &mu)) != MP_OKAY) { - goto LBL_RES; + /* if the bit is zero and mode == 1 then we square */ + if ((mode == 1) && (y == 0)) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + continue; } - bitbuf <<= 1; - if ((bitbuf & (1 << winsize)) != 0) { - /* then multiply */ - if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) { - goto LBL_RES; - } - if ((err = redux (&res, P, &mu)) != MP_OKAY) { - goto LBL_RES; - } - } - } - } + /* else we add it to the window */ + bitbuf |= (y << (winsize - ++bitcpy)); + mode = 2; - mp_exch (&res, Y); - err = MP_OKAY; -LBL_RES:mp_clear (&res); -LBL_MU:mp_clear (&mu); + if (bitcpy == winsize) { + /* ok window is filled so square as required and multiply */ + /* square first */ + for (x = 0; x < winsize; x++) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* then multiply */ + if ((err = mp_mul(&res, &M[bitbuf], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + + /* empty window and reset */ + bitcpy = 0; + bitbuf = 0; + mode = 1; + } + } + + /* if bits remain then square/multiply */ + if ((mode == 2) && (bitcpy > 0)) { + /* square then multiply if the bit is set */ + for (x = 0; x < bitcpy; x++) { + if ((err = mp_sqr(&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + + bitbuf <<= 1; + if ((bitbuf & (1 << winsize)) != 0) { + /* then multiply */ + if ((err = mp_mul(&res, &M[1], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux(&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + } + } + } + + mp_exch(&res, Y); + err = MP_OKAY; +LBL_RES: + mp_clear(&res); +LBL_MU: + mp_clear(&mu); LBL_M: - mp_clear(&M[1]); - for (x = 1<<(winsize-1); x < (1 << winsize); x++) { - mp_clear (&M[x]); - } - return err; + mp_clear(&M[1]); + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + mp_clear(&M[x]); + } + return err; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_mul_digs.c b/src/ltm/bn_s_mp_mul_digs.c index bd8553d..214ae31 100644 --- a/src/ltm/bn_s_mp_mul_digs.c +++ b/src/ltm/bn_s_mp_mul_digs.c @@ -16,75 +16,75 @@ */ /* multiplies |a| * |b| and only computes upto digs digits of result - * HAC pp. 595, Algorithm 14.12 Modified so you can control how + * HAC pp. 595, Algorithm 14.12 Modified so you can control how * many digits of output are created. */ -int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +int s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) { - mp_int t; - int res, pa, pb, ix, iy; - mp_digit u; - mp_word r; - mp_digit tmpx, *tmpt, *tmpy; + mp_int t; + int res, pa, pb, ix, iy; + mp_digit u; + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; - /* can we use the fast multiplier? */ - if (((digs) < MP_WARRAY) && - (MIN (a->used, b->used) < - (1 << ((CHAR_BIT * sizeof(mp_word)) - (2 * DIGIT_BIT))))) { - return fast_s_mp_mul_digs (a, b, c, digs); - } + /* can we use the fast multiplier? */ + if ((digs < (int)MP_WARRAY) && + (MIN(a->used, b->used) < + (int)(1u << (((size_t)CHAR_BIT * sizeof(mp_word)) - (2u * (size_t)DIGIT_BIT))))) { + return fast_s_mp_mul_digs(a, b, c, digs); + } - if ((res = mp_init_size (&t, digs)) != MP_OKAY) { - return res; - } - t.used = digs; + if ((res = mp_init_size(&t, digs)) != MP_OKAY) { + return res; + } + t.used = digs; - /* compute the digits of the product directly */ - pa = a->used; - for (ix = 0; ix < pa; ix++) { - /* set the carry to zero */ - u = 0; + /* compute the digits of the product directly */ + pa = a->used; + for (ix = 0; ix < pa; ix++) { + /* set the carry to zero */ + u = 0; - /* limit ourselves to making digs digits of output */ - pb = MIN (b->used, digs - ix); + /* limit ourselves to making digs digits of output */ + pb = MIN(b->used, digs - ix); - /* setup some aliases */ - /* copy of the digit from a used within the nested loop */ - tmpx = a->dp[ix]; - - /* an alias for the destination shifted ix places */ - tmpt = t.dp + ix; - - /* an alias for the digits of b */ - tmpy = b->dp; + /* setup some aliases */ + /* copy of the digit from a used within the nested loop */ + tmpx = a->dp[ix]; - /* compute the columns of the output and propagate the carry */ - for (iy = 0; iy < pb; iy++) { - /* compute the column as a mp_word */ - r = (mp_word)*tmpt + - ((mp_word)tmpx * (mp_word)*tmpy++) + - (mp_word)u; + /* an alias for the destination shifted ix places */ + tmpt = t.dp + ix; - /* the new column is the lower part of the result */ - *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + /* an alias for the digits of b */ + tmpy = b->dp; - /* get the carry word from the result */ - u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); - } - /* set carry if it is placed below digs */ - if ((ix + iy) < digs) { - *tmpt = u; - } - } + /* compute the columns of the output and propagate the carry */ + for (iy = 0; iy < pb; iy++) { + /* compute the column as a mp_word */ + r = (mp_word)*tmpt + + ((mp_word)tmpx * (mp_word)*tmpy++) + + (mp_word)u; - mp_clamp (&t); - mp_exch (&t, c); + /* the new column is the lower part of the result */ + *tmpt++ = (mp_digit)(r & (mp_word)MP_MASK); - mp_clear (&t); - return MP_OKAY; + /* get the carry word from the result */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + } + /* set carry if it is placed below digs */ + if ((ix + iy) < digs) { + *tmpt = u; + } + } + + mp_clamp(&t); + mp_exch(&t, c); + + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_mul_high_digs.c b/src/ltm/bn_s_mp_mul_high_digs.c index 153cea4..3c0418a 100644 --- a/src/ltm/bn_s_mp_mul_high_digs.c +++ b/src/ltm/bn_s_mp_mul_high_digs.c @@ -18,64 +18,63 @@ /* multiplies |a| * |b| and does not compute the lower digs digits * [meant to get the higher part of the product] */ -int -s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +int s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) { - mp_int t; - int res, pa, pb, ix, iy; - mp_digit u; - mp_word r; - mp_digit tmpx, *tmpt, *tmpy; + mp_int t; + int res, pa, pb, ix, iy; + mp_digit u; + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; - /* can we use the fast multiplier? */ + /* can we use the fast multiplier? */ #ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C - if (((a->used + b->used + 1) < MP_WARRAY) - && (MIN (a->used, b->used) < (1 << ((CHAR_BIT * sizeof(mp_word)) - (2 * DIGIT_BIT))))) { - return fast_s_mp_mul_high_digs (a, b, c, digs); - } + if (((a->used + b->used + 1) < (int)MP_WARRAY) + && (MIN(a->used, b->used) < (int)(1u << (((size_t)CHAR_BIT * sizeof(mp_word)) - (2u * (size_t)DIGIT_BIT))))) { + return fast_s_mp_mul_high_digs(a, b, c, digs); + } #endif - if ((res = mp_init_size (&t, a->used + b->used + 1)) != MP_OKAY) { - return res; - } - t.used = a->used + b->used + 1; + if ((res = mp_init_size(&t, a->used + b->used + 1)) != MP_OKAY) { + return res; + } + t.used = a->used + b->used + 1; - pa = a->used; - pb = b->used; - for (ix = 0; ix < pa; ix++) { - /* clear the carry */ - u = 0; + pa = a->used; + pb = b->used; + for (ix = 0; ix < pa; ix++) { + /* clear the carry */ + u = 0; - /* left hand side of A[ix] * B[iy] */ - tmpx = a->dp[ix]; + /* left hand side of A[ix] * B[iy] */ + tmpx = a->dp[ix]; - /* alias to the address of where the digits will be stored */ - tmpt = &(t.dp[digs]); + /* alias to the address of where the digits will be stored */ + tmpt = &(t.dp[digs]); - /* alias for where to read the right hand side from */ - tmpy = b->dp + (digs - ix); + /* alias for where to read the right hand side from */ + tmpy = b->dp + (digs - ix); - for (iy = digs - ix; iy < pb; iy++) { - /* calculate the double precision result */ - r = (mp_word)*tmpt + - ((mp_word)tmpx * (mp_word)*tmpy++) + - (mp_word)u; + for (iy = digs - ix; iy < pb; iy++) { + /* calculate the double precision result */ + r = (mp_word)*tmpt + + ((mp_word)tmpx * (mp_word)*tmpy++) + + (mp_word)u; - /* get the lower part */ - *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + /* get the lower part */ + *tmpt++ = (mp_digit)(r & (mp_word)MP_MASK); - /* carry the carry */ - u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); - } - *tmpt = u; - } - mp_clamp (&t); - mp_exch (&t, c); - mp_clear (&t); - return MP_OKAY; + /* carry the carry */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + } + *tmpt = u; + } + mp_clamp(&t); + mp_exch(&t, c); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_sqr.c b/src/ltm/bn_s_mp_sqr.c index 68c95bc..71bbccd 100644 --- a/src/ltm/bn_s_mp_sqr.c +++ b/src/ltm/bn_s_mp_sqr.c @@ -16,69 +16,69 @@ */ /* low level squaring, b = a*a, HAC pp.596-597, Algorithm 14.16 */ -int s_mp_sqr (mp_int * a, mp_int * b) +int s_mp_sqr(const mp_int *a, mp_int *b) { - mp_int t; - int res, ix, iy, pa; - mp_word r; - mp_digit u, tmpx, *tmpt; + mp_int t; + int res, ix, iy, pa; + mp_word r; + mp_digit u, tmpx, *tmpt; - pa = a->used; - if ((res = mp_init_size (&t, (2 * pa) + 1)) != MP_OKAY) { - return res; - } + pa = a->used; + if ((res = mp_init_size(&t, (2 * pa) + 1)) != MP_OKAY) { + return res; + } - /* default used is maximum possible size */ - t.used = (2 * pa) + 1; + /* default used is maximum possible size */ + t.used = (2 * pa) + 1; - for (ix = 0; ix < pa; ix++) { - /* first calculate the digit at 2*ix */ - /* calculate double precision result */ - r = (mp_word)t.dp[2*ix] + - ((mp_word)a->dp[ix] * (mp_word)a->dp[ix]); + for (ix = 0; ix < pa; ix++) { + /* first calculate the digit at 2*ix */ + /* calculate double precision result */ + r = (mp_word)t.dp[2*ix] + + ((mp_word)a->dp[ix] * (mp_word)a->dp[ix]); - /* store lower part in result */ - t.dp[ix+ix] = (mp_digit) (r & ((mp_word) MP_MASK)); + /* store lower part in result */ + t.dp[ix+ix] = (mp_digit)(r & (mp_word)MP_MASK); - /* get the carry */ - u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); + /* get the carry */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); - /* left hand side of A[ix] * A[iy] */ - tmpx = a->dp[ix]; + /* left hand side of A[ix] * A[iy] */ + tmpx = a->dp[ix]; - /* alias for where to store the results */ - tmpt = t.dp + ((2 * ix) + 1); - - for (iy = ix + 1; iy < pa; iy++) { - /* first calculate the product */ - r = ((mp_word)tmpx) * ((mp_word)a->dp[iy]); + /* alias for where to store the results */ + tmpt = t.dp + ((2 * ix) + 1); - /* now calculate the double precision result, note we use - * addition instead of *2 since it's easier to optimize - */ - r = ((mp_word) *tmpt) + r + r + ((mp_word) u); + for (iy = ix + 1; iy < pa; iy++) { + /* first calculate the product */ + r = (mp_word)tmpx * (mp_word)a->dp[iy]; - /* store lower part */ - *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + /* now calculate the double precision result, note we use + * addition instead of *2 since it's easier to optimize + */ + r = (mp_word)*tmpt + r + r + (mp_word)u; - /* get carry */ - u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); - } - /* propagate upwards */ - while (u != ((mp_digit) 0)) { - r = ((mp_word) *tmpt) + ((mp_word) u); - *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); - u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); - } - } + /* store lower part */ + *tmpt++ = (mp_digit)(r & (mp_word)MP_MASK); - mp_clamp (&t); - mp_exch (&t, b); - mp_clear (&t); - return MP_OKAY; + /* get carry */ + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + } + /* propagate upwards */ + while (u != 0uL) { + r = (mp_word)*tmpt + (mp_word)u; + *tmpt++ = (mp_digit)(r & (mp_word)MP_MASK); + u = (mp_digit)(r >> (mp_word)DIGIT_BIT); + } + } + + mp_clamp(&t); + mp_exch(&t, b); + mp_clear(&t); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bn_s_mp_sub.c b/src/ltm/bn_s_mp_sub.c index c0ea556..c8472af 100644 --- a/src/ltm/bn_s_mp_sub.c +++ b/src/ltm/bn_s_mp_sub.c @@ -16,74 +16,73 @@ */ /* low level subtraction (assumes |a| > |b|), HAC pp.595 Algorithm 14.9 */ -int -s_mp_sub (mp_int * a, mp_int * b, mp_int * c) +int s_mp_sub(const mp_int *a, const mp_int *b, mp_int *c) { - int olduse, res, min, max; + int olduse, res, min, max; - /* find sizes */ - min = b->used; - max = a->used; + /* find sizes */ + min = b->used; + max = a->used; - /* init result */ - if (c->alloc < max) { - if ((res = mp_grow (c, max)) != MP_OKAY) { - return res; - } - } - olduse = c->used; - c->used = max; + /* init result */ + if (c->alloc < max) { + if ((res = mp_grow(c, max)) != MP_OKAY) { + return res; + } + } + olduse = c->used; + c->used = max; - { - mp_digit u, *tmpa, *tmpb, *tmpc; - int i; + { + mp_digit u, *tmpa, *tmpb, *tmpc; + int i; - /* alias for digit pointers */ - tmpa = a->dp; - tmpb = b->dp; - tmpc = c->dp; + /* alias for digit pointers */ + tmpa = a->dp; + tmpb = b->dp; + tmpc = c->dp; - /* set carry to zero */ - u = 0; - for (i = 0; i < min; i++) { - /* T[i] = A[i] - B[i] - U */ - *tmpc = (*tmpa++ - *tmpb++) - u; + /* set carry to zero */ + u = 0; + for (i = 0; i < min; i++) { + /* T[i] = A[i] - B[i] - U */ + *tmpc = (*tmpa++ - *tmpb++) - u; - /* U = carry bit of T[i] - * Note this saves performing an AND operation since - * if a carry does occur it will propagate all the way to the - * MSB. As a result a single shift is enough to get the carry - */ - u = *tmpc >> ((mp_digit)((CHAR_BIT * sizeof(mp_digit)) - 1)); + /* U = carry bit of T[i] + * Note this saves performing an AND operation since + * if a carry does occur it will propagate all the way to the + * MSB. As a result a single shift is enough to get the carry + */ + u = *tmpc >> (((size_t)CHAR_BIT * sizeof(mp_digit)) - 1u); - /* Clear carry from T[i] */ - *tmpc++ &= MP_MASK; - } + /* Clear carry from T[i] */ + *tmpc++ &= MP_MASK; + } - /* now copy higher words if any, e.g. if A has more digits than B */ - for (; i < max; i++) { - /* T[i] = A[i] - U */ - *tmpc = *tmpa++ - u; + /* now copy higher words if any, e.g. if A has more digits than B */ + for (; i < max; i++) { + /* T[i] = A[i] - U */ + *tmpc = *tmpa++ - u; - /* U = carry bit of T[i] */ - u = *tmpc >> ((mp_digit)((CHAR_BIT * sizeof(mp_digit)) - 1)); + /* U = carry bit of T[i] */ + u = *tmpc >> (((size_t)CHAR_BIT * sizeof(mp_digit)) - 1u); - /* Clear carry from T[i] */ - *tmpc++ &= MP_MASK; - } + /* Clear carry from T[i] */ + *tmpc++ &= MP_MASK; + } - /* clear digits above used (since we may not have grown result above) */ - for (i = c->used; i < olduse; i++) { - *tmpc++ = 0; - } - } + /* clear digits above used (since we may not have grown result above) */ + for (i = c->used; i < olduse; i++) { + *tmpc++ = 0; + } + } - mp_clamp (c); - return MP_OKAY; + mp_clamp(c); + return MP_OKAY; } #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/bncore.c b/src/ltm/bncore.c index 9552714..cfd19f0 100644 --- a/src/ltm/bncore.c +++ b/src/ltm/bncore.c @@ -21,16 +21,16 @@ ------------------------------------------------------------- Intel P4 Northwood /GCC v3.4.1 / 88/ 128/LTM 0.32 ;-) AMD Athlon64 /GCC v3.4.4 / 80/ 120/LTM 0.35 - + */ int KARATSUBA_MUL_CUTOFF = 80, /* Min. number of digits before Karatsuba multiplication is used. */ KARATSUBA_SQR_CUTOFF = 120, /* Min. number of digits before Karatsuba squaring is used. */ - + TOOM_MUL_CUTOFF = 350, /* no optimal values of these are known yet so set em high */ - TOOM_SQR_CUTOFF = 400; + TOOM_SQR_CUTOFF = 400; #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/tommath.h b/src/ltm/tommath.h index e7ffb8f..af00d09 100644 --- a/src/ltm/tommath.h +++ b/src/ltm/tommath.h @@ -19,35 +19,47 @@ #include #include +#if !defined(_MSC_VER) || _MSC_VER >= 1600 +/* supported since Microsoft Visual Studio 2010 */ +#include +#else +typedef signed char int8_t; +typedef unsigned char uint8_t; +typedef signed short int16_t; +typedef unsigned short uint16_t; +typedef signed int int32_t; +typedef unsigned int uint32_t; +# ifdef _MSC_VER + /* long long does not work before MS Visual C++ 7.0 */ + typedef signed __int64 int64_t; + typedef unsigned __int64 uint64_t; +# else + typedef long long int64_t; + typedef unsigned long long uint64_t; +# endif +#endif + #include #ifdef __cplusplus extern "C" { #endif -/* unsigned int types */ -typedef unsigned char mp_uint8; -typedef unsigned short mp_uint16; -typedef unsigned int mp_uint32; -#ifdef _MSC_VER -#undef BN_MP_SET_LONG_LONG_C -#undef BN_MP_GET_LONG_LONG_C -typedef unsigned __int64 mp_uint64; -#else -typedef unsigned long long mp_uint64; +/* MS Visual C++ doesn't have a 128bit type for words, so fall back to 32bit MPI's (where words are 64bit) */ +#if defined(_MSC_VER) || defined(__LLP64__) +# define MP_32BIT #endif /* detect 64-bit mode if possible */ -#if defined(__x86_64__) - #if !(defined(MP_32BIT) || defined(MP_16BIT) || defined(MP_8BIT)) - #if defined(__GNUC__) - typedef unsigned long mp_uint128 __attribute__ ((mode(TI))); - #define MP_64BIT - #elif defined(_MSC_VER) - typedef unsigned __int128 mp_uint128; - #define MP_64BIT - #endif - #endif +#if defined(__x86_64__) || defined(_M_X64) || defined(_M_AMD64) || \ + defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) || \ + defined(__s390x__) || defined(__arch64__) || defined(__aarch64__) || \ + defined(__sparcv9) || defined(__sparc_v9__) || defined(__sparc64__) || \ + defined(__ia64) || defined(__ia64__) || defined(__itanium__) || defined(_M_IA64) || \ + defined(__LP64__) || defined(_LP64) || defined(__64BIT__) +# if !(defined(MP_32BIT) || defined(MP_16BIT) || defined(MP_8BIT)) +# define MP_64BIT +# endif #endif /* some default configurations. @@ -59,60 +71,66 @@ typedef unsigned long long mp_uint64; * [any size beyond that is ok provided it doesn't overflow the data type] */ #ifdef MP_8BIT - typedef mp_uint8 mp_digit; - typedef mp_uint16 mp_word; -#define MP_SIZEOF_MP_DIGIT 1 -#ifdef DIGIT_BIT -#error You must not define DIGIT_BIT when using MP_8BIT -#endif +typedef uint8_t mp_digit; +typedef uint16_t mp_word; +# define MP_SIZEOF_MP_DIGIT 1 +# ifdef DIGIT_BIT +# error You must not define DIGIT_BIT when using MP_8BIT +# endif #elif defined(MP_16BIT) - typedef mp_uint16 mp_digit; - typedef mp_uint32 mp_word; -#define MP_SIZEOF_MP_DIGIT 2 -#ifdef DIGIT_BIT -#error You must not define DIGIT_BIT when using MP_16BIT -#endif +typedef uint16_t mp_digit; +typedef uint32_t mp_word; +# define MP_SIZEOF_MP_DIGIT 2 +# ifdef DIGIT_BIT +# error You must not define DIGIT_BIT when using MP_16BIT +# endif #elif defined(MP_64BIT) - typedef mp_uint64 mp_digit; - typedef mp_uint128 mp_word; - #define DIGIT_BIT 60 -#else - /* this is the default case, 28-bit digits */ +/* for GCC only on supported platforms */ +typedef uint64_t mp_digit; +# if defined(__GNUC__) +typedef unsigned long mp_word __attribute__((mode(TI))); +# else +/* it seems you have a problem + * but we assume you can somewhere define your own uint128_t */ +typedef uint128_t mp_word; +# endif - /* this is to make porting into LibTomCrypt easier :-) */ - typedef mp_uint32 mp_digit; - typedef mp_uint64 mp_word; - -#ifdef MP_31BIT - /* this is an extension that uses 31-bit digits */ - #define DIGIT_BIT 31 +# define DIGIT_BIT 60 #else - /* default case is 28-bit digits, defines MP_28BIT as a handy macro to test */ - #define DIGIT_BIT 28 - #define MP_28BIT -#endif +/* this is the default case, 28-bit digits */ + +/* this is to make porting into LibTomCrypt easier :-) */ +typedef uint32_t mp_digit; +typedef uint64_t mp_word; + +# ifdef MP_31BIT +/* this is an extension that uses 31-bit digits */ +# define DIGIT_BIT 31 +# else +/* default case is 28-bit digits, defines MP_28BIT as a handy macro to test */ +# define DIGIT_BIT 28 +# define MP_28BIT +# endif #endif /* otherwise the bits per digit is calculated automatically from the size of a mp_digit */ #ifndef DIGIT_BIT - #define DIGIT_BIT (((CHAR_BIT * MP_SIZEOF_MP_DIGIT) - 1)) /* bits per digit */ - typedef mp_uint32 mp_min_u32; +# define DIGIT_BIT (((CHAR_BIT * MP_SIZEOF_MP_DIGIT) - 1)) /* bits per digit */ +typedef uint_least32_t mp_min_u32; #else - typedef mp_digit mp_min_u32; -#endif - -/* platforms that can use a better rand function */ -#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__DragonFly__) - #define MP_USE_ALT_RAND 1 +typedef mp_digit mp_min_u32; #endif /* use arc4random on platforms that support it */ -#ifdef MP_USE_ALT_RAND - #define MP_GEN_RANDOM() arc4random() - #define MP_GEN_RANDOM_MAX 0xffffffff -#else - #define MP_GEN_RANDOM() rand() - #define MP_GEN_RANDOM_MAX RAND_MAX +#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__DragonFly__) +# define MP_GEN_RANDOM() arc4random() +# define MP_GEN_RANDOM_MAX 0xffffffffu +#endif + +/* use rand() as fall-back if there's no better rand function */ +#ifndef MP_GEN_RANDOM +# define MP_GEN_RANDOM() rand() +# define MP_GEN_RANDOM_MAX RAND_MAX #endif #define MP_DIGIT_BIT DIGIT_BIT @@ -144,38 +162,38 @@ typedef int mp_err; /* you'll have to tune these... */ extern int KARATSUBA_MUL_CUTOFF, - KARATSUBA_SQR_CUTOFF, - TOOM_MUL_CUTOFF, - TOOM_SQR_CUTOFF; + KARATSUBA_SQR_CUTOFF, + TOOM_MUL_CUTOFF, + TOOM_SQR_CUTOFF; /* define this to use lower memory usage routines (exptmods mostly) */ /* #define MP_LOW_MEM */ /* default precision */ #ifndef MP_PREC - #ifndef MP_LOW_MEM - #define MP_PREC 32 /* default digits of precision */ - #else - #define MP_PREC 8 /* default digits of precision */ - #endif +# ifndef MP_LOW_MEM +# define MP_PREC 32 /* default digits of precision */ +# else +# define MP_PREC 8 /* default digits of precision */ +# endif #endif /* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */ -#define MP_WARRAY (1 << (((sizeof(mp_word) * CHAR_BIT) - (2 * DIGIT_BIT)) + 1)) +#define MP_WARRAY (1u << (((sizeof(mp_word) * CHAR_BIT) - (2 * DIGIT_BIT)) + 1)) /* the infamous mp_int structure */ typedef struct { - int used, alloc, sign; - mp_digit *dp; + int used, alloc, sign; + mp_digit *dp; } mp_int; /* callback for mp_prime_random, should fill dst with random bytes and return how many read [upto len] */ typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); -#define USED(m) ((m)->used) -#define DIGIT(m,k) ((m)->dp[(k)]) -#define SIGN(m) ((m)->sign) +#define USED(m) ((m)->used) +#define DIGIT(m, k) ((m)->dp[(k)]) +#define SIGN(m) ((m)->sign) /* error code to char* string */ const char *mp_error_to_string(int code); @@ -207,7 +225,7 @@ int mp_init_size(mp_int *a, int size); /* ---> Basic Manipulations <--- */ #define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO) -#define mp_iseven(a) ((((a)->used > 0) && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO) +#define mp_iseven(a) ((((a)->used == 0) || (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO) #define mp_isodd(a) ((((a)->used > 0) && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO) #define mp_isneg(a) (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO) @@ -223,42 +241,38 @@ int mp_set_int(mp_int *a, unsigned long b); /* set a platform dependent unsigned long value */ int mp_set_long(mp_int *a, unsigned long b); -#ifdef BN_MP_SET_LONG_LONG_C /* set a platform dependent unsigned long long value */ -int mp_set_long_long(mp_int *a, unsigned long long b); -#endif +int mp_set_long_long(mp_int *a, uint64_t b); /* get a 32-bit value */ -unsigned long mp_get_int(mp_int * a); +unsigned long mp_get_int(const mp_int *a); /* get a platform dependent unsigned long value */ -unsigned long mp_get_long(mp_int * a); +unsigned long mp_get_long(const mp_int *a); -#ifdef BN_MP_GET_LONG_LONG_C /* get a platform dependent unsigned long long value */ -unsigned long long mp_get_long_long(mp_int * a); -#endif +uint64_t mp_get_long_long(const mp_int *a); /* initialize and set a digit */ -int mp_init_set (mp_int * a, mp_digit b); +int mp_init_set(mp_int *a, mp_digit b); /* initialize and set 32-bit value */ -int mp_init_set_int (mp_int * a, unsigned long b); +int mp_init_set_int(mp_int *a, unsigned long b); /* copy, b = a */ -int mp_copy(mp_int *a, mp_int *b); +int mp_copy(const mp_int *a, mp_int *b); /* inits and copies, a = b */ -int mp_init_copy(mp_int *a, mp_int *b); +int mp_init_copy(mp_int *a, const mp_int *b); /* trim unused digits */ void mp_clamp(mp_int *a); /* import binary data */ -int mp_import(mp_int* rop, size_t count, int order, size_t size, int endian, size_t nails, const void* op); +int mp_import(mp_int *rop, size_t count, int order, size_t size, int endian, size_t nails, const void *op); /* export binary data */ -int mp_export(void* rop, size_t* countp, int order, size_t size, int endian, size_t nails, mp_int* op); +int mp_export(void *rop, size_t *countp, int order, size_t size, int endian, size_t nails, const mp_int *op); /* ---> digit manipulation <--- */ @@ -269,25 +283,25 @@ void mp_rshd(mp_int *a, int b); int mp_lshd(mp_int *a, int b); /* c = a / 2**b, implemented as c = a >> b */ -int mp_div_2d(mp_int *a, int b, mp_int *c, mp_int *d); +int mp_div_2d(const mp_int *a, int b, mp_int *c, mp_int *d); /* b = a/2 */ -int mp_div_2(mp_int *a, mp_int *b); +int mp_div_2(const mp_int *a, mp_int *b); /* c = a * 2**b, implemented as c = a << b */ -int mp_mul_2d(mp_int *a, int b, mp_int *c); +int mp_mul_2d(const mp_int *a, int b, mp_int *c); /* b = a*2 */ -int mp_mul_2(mp_int *a, mp_int *b); +int mp_mul_2(const mp_int *a, mp_int *b); /* c = a mod 2**b */ -int mp_mod_2d(mp_int *a, int b, mp_int *c); +int mp_mod_2d(const mp_int *a, int b, mp_int *c); /* computes a = 2**b */ int mp_2expt(mp_int *a, int b); /* Counts the number of lsbs which are zero before the first zero bit */ -int mp_cnt_lsb(mp_int *a); +int mp_cnt_lsb(const mp_int *a); /* I Love Earth! */ @@ -296,193 +310,193 @@ int mp_rand(mp_int *a, int digits); /* ---> binary operations <--- */ /* c = a XOR b */ -int mp_xor(mp_int *a, mp_int *b, mp_int *c); +int mp_xor(const mp_int *a, const mp_int *b, mp_int *c); /* c = a OR b */ -int mp_or(mp_int *a, mp_int *b, mp_int *c); +int mp_or(const mp_int *a, const mp_int *b, mp_int *c); /* c = a AND b */ -int mp_and(mp_int *a, mp_int *b, mp_int *c); +int mp_and(const mp_int *a, const mp_int *b, mp_int *c); /* ---> Basic arithmetic <--- */ /* b = -a */ -int mp_neg(mp_int *a, mp_int *b); +int mp_neg(const mp_int *a, mp_int *b); /* b = |a| */ -int mp_abs(mp_int *a, mp_int *b); +int mp_abs(const mp_int *a, mp_int *b); /* compare a to b */ -int mp_cmp(mp_int *a, mp_int *b); +int mp_cmp(const mp_int *a, const mp_int *b); /* compare |a| to |b| */ -int mp_cmp_mag(mp_int *a, mp_int *b); +int mp_cmp_mag(const mp_int *a, const mp_int *b); /* c = a + b */ -int mp_add(mp_int *a, mp_int *b, mp_int *c); +int mp_add(const mp_int *a, const mp_int *b, mp_int *c); /* c = a - b */ -int mp_sub(mp_int *a, mp_int *b, mp_int *c); +int mp_sub(const mp_int *a, const mp_int *b, mp_int *c); /* c = a * b */ -int mp_mul(mp_int *a, mp_int *b, mp_int *c); +int mp_mul(const mp_int *a, const mp_int *b, mp_int *c); /* b = a*a */ -int mp_sqr(mp_int *a, mp_int *b); +int mp_sqr(const mp_int *a, mp_int *b); /* a/b => cb + d == a */ -int mp_div(mp_int *a, mp_int *b, mp_int *c, mp_int *d); +int mp_div(const mp_int *a, const mp_int *b, mp_int *c, mp_int *d); /* c = a mod b, 0 <= c < b */ -int mp_mod(mp_int *a, mp_int *b, mp_int *c); +int mp_mod(const mp_int *a, const mp_int *b, mp_int *c); /* ---> single digit functions <--- */ /* compare against a single digit */ -int mp_cmp_d(mp_int *a, mp_digit b); +int mp_cmp_d(const mp_int *a, mp_digit b); /* c = a + b */ -int mp_add_d(mp_int *a, mp_digit b, mp_int *c); +int mp_add_d(const mp_int *a, mp_digit b, mp_int *c); /* c = a - b */ -int mp_sub_d(mp_int *a, mp_digit b, mp_int *c); +int mp_sub_d(const mp_int *a, mp_digit b, mp_int *c); /* c = a * b */ -int mp_mul_d(mp_int *a, mp_digit b, mp_int *c); +int mp_mul_d(const mp_int *a, mp_digit b, mp_int *c); /* a/b => cb + d == a */ -int mp_div_d(mp_int *a, mp_digit b, mp_int *c, mp_digit *d); +int mp_div_d(const mp_int *a, mp_digit b, mp_int *c, mp_digit *d); /* a/3 => 3c + d == a */ -int mp_div_3(mp_int *a, mp_int *c, mp_digit *d); +int mp_div_3(const mp_int *a, mp_int *c, mp_digit *d); /* c = a**b */ -int mp_expt_d(mp_int *a, mp_digit b, mp_int *c); -int mp_expt_d_ex (mp_int * a, mp_digit b, mp_int * c, int fast); +int mp_expt_d(const mp_int *a, mp_digit b, mp_int *c); +int mp_expt_d_ex(const mp_int *a, mp_digit b, mp_int *c, int fast); /* c = a mod b, 0 <= c < b */ -int mp_mod_d(mp_int *a, mp_digit b, mp_digit *c); +int mp_mod_d(const mp_int *a, mp_digit b, mp_digit *c); /* ---> number theory <--- */ /* d = a + b (mod c) */ -int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); +int mp_addmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); /* d = a - b (mod c) */ -int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); +int mp_submod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); /* d = a * b (mod c) */ -int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); +int mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); /* c = a * a (mod b) */ -int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c); +int mp_sqrmod(const mp_int *a, const mp_int *b, mp_int *c); /* c = 1/a (mod b) */ -int mp_invmod(mp_int *a, mp_int *b, mp_int *c); +int mp_invmod(const mp_int *a, const mp_int *b, mp_int *c); /* c = (a, b) */ -int mp_gcd(mp_int *a, mp_int *b, mp_int *c); +int mp_gcd(const mp_int *a, const mp_int *b, mp_int *c); /* produces value such that U1*a + U2*b = U3 */ -int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3); +int mp_exteuclid(const mp_int *a, const mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3); /* c = [a, b] or (a*b)/(a, b) */ -int mp_lcm(mp_int *a, mp_int *b, mp_int *c); +int mp_lcm(const mp_int *a, const mp_int *b, mp_int *c); /* finds one of the b'th root of a, such that |c|**b <= |a| * * returns error if a < 0 and b is even */ -int mp_n_root(mp_int *a, mp_digit b, mp_int *c); -int mp_n_root_ex (mp_int * a, mp_digit b, mp_int * c, int fast); +int mp_n_root(const mp_int *a, mp_digit b, mp_int *c); +int mp_n_root_ex(const mp_int *a, mp_digit b, mp_int *c, int fast); /* special sqrt algo */ -int mp_sqrt(mp_int *arg, mp_int *ret); +int mp_sqrt(const mp_int *arg, mp_int *ret); /* special sqrt (mod prime) */ -int mp_sqrtmod_prime(mp_int *arg, mp_int *prime, mp_int *ret); +int mp_sqrtmod_prime(const mp_int *n, const mp_int *prime, mp_int *ret); /* is number a square? */ -int mp_is_square(mp_int *arg, int *ret); +int mp_is_square(const mp_int *arg, int *ret); /* computes the jacobi c = (a | n) (or Legendre if b is prime) */ -int mp_jacobi(mp_int *a, mp_int *n, int *c); +int mp_jacobi(const mp_int *a, const mp_int *n, int *c); /* used to setup the Barrett reduction for a given modulus b */ -int mp_reduce_setup(mp_int *a, mp_int *b); +int mp_reduce_setup(mp_int *a, const mp_int *b); /* Barrett Reduction, computes a (mod b) with a precomputed value c * - * Assumes that 0 < a <= b*b, note if 0 > a > -(b*b) then you can merely - * compute the reduction as -1 * mp_reduce(mp_abs(a)) [pseudo code]. + * Assumes that 0 < x <= m*m, note if 0 > x > -(m*m) then you can merely + * compute the reduction as -1 * mp_reduce(mp_abs(x)) [pseudo code]. */ -int mp_reduce(mp_int *a, mp_int *b, mp_int *c); +int mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu); /* setups the montgomery reduction */ -int mp_montgomery_setup(mp_int *a, mp_digit *mp); +int mp_montgomery_setup(const mp_int *n, mp_digit *rho); /* computes a = B**n mod b without division or multiplication useful for * normalizing numbers in a Montgomery system. */ -int mp_montgomery_calc_normalization(mp_int *a, mp_int *b); +int mp_montgomery_calc_normalization(mp_int *a, const mp_int *b); /* computes x/R == x (mod N) via Montgomery Reduction */ -int mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp); +int mp_montgomery_reduce(mp_int *x, const mp_int *n, mp_digit rho); /* returns 1 if a is a valid DR modulus */ -int mp_dr_is_modulus(mp_int *a); +int mp_dr_is_modulus(const mp_int *a); /* sets the value of "d" required for mp_dr_reduce */ -void mp_dr_setup(mp_int *a, mp_digit *d); +void mp_dr_setup(const mp_int *a, mp_digit *d); -/* reduces a modulo b using the Diminished Radix method */ -int mp_dr_reduce(mp_int *a, mp_int *b, mp_digit mp); +/* reduces a modulo n using the Diminished Radix method */ +int mp_dr_reduce(mp_int *x, const mp_int *n, mp_digit k); /* returns true if a can be reduced with mp_reduce_2k */ -int mp_reduce_is_2k(mp_int *a); +int mp_reduce_is_2k(const mp_int *a); /* determines k value for 2k reduction */ -int mp_reduce_2k_setup(mp_int *a, mp_digit *d); +int mp_reduce_2k_setup(const mp_int *a, mp_digit *d); /* reduces a modulo b where b is of the form 2**p - k [0 <= a] */ -int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d); +int mp_reduce_2k(mp_int *a, const mp_int *n, mp_digit d); /* returns true if a can be reduced with mp_reduce_2k_l */ -int mp_reduce_is_2k_l(mp_int *a); +int mp_reduce_is_2k_l(const mp_int *a); /* determines k value for 2k reduction */ -int mp_reduce_2k_setup_l(mp_int *a, mp_int *d); +int mp_reduce_2k_setup_l(const mp_int *a, mp_int *d); /* reduces a modulo b where b is of the form 2**p - k [0 <= a] */ -int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d); +int mp_reduce_2k_l(mp_int *a, const mp_int *n, const mp_int *d); -/* d = a**b (mod c) */ -int mp_exptmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); +/* Y = G**X (mod P) */ +int mp_exptmod(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y); /* ---> Primes <--- */ /* number of primes */ #ifdef MP_8BIT - #define PRIME_SIZE 31 +# define PRIME_SIZE 31 #else - #define PRIME_SIZE 256 +# define PRIME_SIZE 256 #endif /* table of first PRIME_SIZE primes */ extern const mp_digit ltm_prime_tab[PRIME_SIZE]; /* result=1 if a is divisible by one of the first PRIME_SIZE primes */ -int mp_prime_is_divisible(mp_int *a, int *result); +int mp_prime_is_divisible(const mp_int *a, int *result); /* performs one Fermat test of "a" using base "b". * Sets result to 0 if composite or 1 if probable prime */ -int mp_prime_fermat(mp_int *a, mp_int *b, int *result); +int mp_prime_fermat(const mp_int *a, const mp_int *b, int *result); /* performs one Miller-Rabin test of "a" using base "b". * Sets result to 0 if composite or 1 if probable prime */ -int mp_prime_miller_rabin(mp_int *a, mp_int *b, int *result); +int mp_prime_miller_rabin(const mp_int *a, const mp_int *b, int *result); /* This gives [for a given bit size] the number of trials required * such that Miller-Rabin gives a prob of failure lower than 2^-96 @@ -496,7 +510,7 @@ int mp_prime_rabin_miller_trials(int size); * * Sets result to 1 if probably prime, 0 otherwise */ -int mp_prime_is_prime(mp_int *a, int t, int *result); +int mp_prime_is_prime(const mp_int *a, int t, int *result); /* finds the next prime after the number "a" using "t" trials * of Miller-Rabin. @@ -532,26 +546,26 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style); int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat); /* ---> radix conversion <--- */ -int mp_count_bits(mp_int *a); +int mp_count_bits(const mp_int *a); -int mp_unsigned_bin_size(mp_int *a); +int mp_unsigned_bin_size(const mp_int *a); int mp_read_unsigned_bin(mp_int *a, const unsigned char *b, int c); -int mp_to_unsigned_bin(mp_int *a, unsigned char *b); -int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen); +int mp_to_unsigned_bin(const mp_int *a, unsigned char *b); +int mp_to_unsigned_bin_n(const mp_int *a, unsigned char *b, unsigned long *outlen); -int mp_signed_bin_size(mp_int *a); +int mp_signed_bin_size(const mp_int *a); int mp_read_signed_bin(mp_int *a, const unsigned char *b, int c); -int mp_to_signed_bin(mp_int *a, unsigned char *b); -int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen); +int mp_to_signed_bin(const mp_int *a, unsigned char *b); +int mp_to_signed_bin_n(const mp_int *a, unsigned char *b, unsigned long *outlen); int mp_read_radix(mp_int *a, const char *str, int radix); -int mp_toradix(mp_int *a, char *str, int radix); -int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen); -int mp_radix_size(mp_int *a, int radix, int *size); +int mp_toradix(const mp_int *a, char *str, int radix); +int mp_toradix_n(const mp_int *a, char *str, int radix, int maxlen); +int mp_radix_size(const mp_int *a, int radix, int *size); #ifndef LTM_NO_FILE int mp_fread(mp_int *a, int radix, FILE *stream); -int mp_fwrite(mp_int *a, int radix, FILE *stream); +int mp_fwrite(const mp_int *a, int radix, FILE *stream); #endif #define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len)) @@ -567,12 +581,12 @@ int mp_fwrite(mp_int *a, int radix, FILE *stream); #define mp_tohex(M, S) mp_toradix((M), (S), 16) #ifdef __cplusplus - } +} #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/tommath_class.h b/src/ltm/tommath_class.h index 2085521..f700d66 100644 --- a/src/ltm/tommath_class.h +++ b/src/ltm/tommath_class.h @@ -1,220 +1,220 @@ #if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) #if defined(LTM2) -#define LTM3 +# define LTM3 #endif #if defined(LTM1) -#define LTM2 +# define LTM2 #endif #define LTM1 #if defined(LTM_ALL) -#define BN_ERROR_C -#define BN_FAST_MP_INVMOD_C -#define BN_FAST_MP_MONTGOMERY_REDUCE_C -#define BN_FAST_S_MP_MUL_DIGS_C -#define BN_FAST_S_MP_MUL_HIGH_DIGS_C -#define BN_FAST_S_MP_SQR_C -#define BN_MP_2EXPT_C -#define BN_MP_ABS_C -#define BN_MP_ADD_C -#define BN_MP_ADD_D_C -#define BN_MP_ADDMOD_C -#define BN_MP_AND_C -#define BN_MP_CLAMP_C -#define BN_MP_CLEAR_C -#define BN_MP_CLEAR_MULTI_C -#define BN_MP_CMP_C -#define BN_MP_CMP_D_C -#define BN_MP_CMP_MAG_C -#define BN_MP_CNT_LSB_C -#define BN_MP_COPY_C -#define BN_MP_COUNT_BITS_C -#define BN_MP_DIV_C -#define BN_MP_DIV_2_C -#define BN_MP_DIV_2D_C -#define BN_MP_DIV_3_C -#define BN_MP_DIV_D_C -#define BN_MP_DR_IS_MODULUS_C -#define BN_MP_DR_REDUCE_C -#define BN_MP_DR_SETUP_C -#define BN_MP_EXCH_C -#define BN_MP_EXPORT_C -#define BN_MP_EXPT_D_C -#define BN_MP_EXPT_D_EX_C -#define BN_MP_EXPTMOD_C -#define BN_MP_EXPTMOD_FAST_C -#define BN_MP_EXTEUCLID_C -#define BN_MP_FREAD_C -#define BN_MP_FWRITE_C -#define BN_MP_GCD_C -#define BN_MP_GET_INT_C -#define BN_MP_GET_LONG_C -#define BN_MP_GET_LONG_LONG_C -#define BN_MP_GROW_C -#define BN_MP_IMPORT_C -#define BN_MP_INIT_C -#define BN_MP_INIT_COPY_C -#define BN_MP_INIT_MULTI_C -#define BN_MP_INIT_SET_C -#define BN_MP_INIT_SET_INT_C -#define BN_MP_INIT_SIZE_C -#define BN_MP_INVMOD_C -#define BN_MP_INVMOD_SLOW_C -#define BN_MP_IS_SQUARE_C -#define BN_MP_JACOBI_C -#define BN_MP_KARATSUBA_MUL_C -#define BN_MP_KARATSUBA_SQR_C -#define BN_MP_LCM_C -#define BN_MP_LSHD_C -#define BN_MP_MOD_C -#define BN_MP_MOD_2D_C -#define BN_MP_MOD_D_C -#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C -#define BN_MP_MONTGOMERY_REDUCE_C -#define BN_MP_MONTGOMERY_SETUP_C -#define BN_MP_MUL_C -#define BN_MP_MUL_2_C -#define BN_MP_MUL_2D_C -#define BN_MP_MUL_D_C -#define BN_MP_MULMOD_C -#define BN_MP_N_ROOT_C -#define BN_MP_N_ROOT_EX_C -#define BN_MP_NEG_C -#define BN_MP_OR_C -#define BN_MP_PRIME_FERMAT_C -#define BN_MP_PRIME_IS_DIVISIBLE_C -#define BN_MP_PRIME_IS_PRIME_C -#define BN_MP_PRIME_MILLER_RABIN_C -#define BN_MP_PRIME_NEXT_PRIME_C -#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C -#define BN_MP_PRIME_RANDOM_EX_C -#define BN_MP_RADIX_SIZE_C -#define BN_MP_RADIX_SMAP_C -#define BN_MP_RAND_C -#define BN_MP_READ_RADIX_C -#define BN_MP_READ_SIGNED_BIN_C -#define BN_MP_READ_UNSIGNED_BIN_C -#define BN_MP_REDUCE_C -#define BN_MP_REDUCE_2K_C -#define BN_MP_REDUCE_2K_L_C -#define BN_MP_REDUCE_2K_SETUP_C -#define BN_MP_REDUCE_2K_SETUP_L_C -#define BN_MP_REDUCE_IS_2K_C -#define BN_MP_REDUCE_IS_2K_L_C -#define BN_MP_REDUCE_SETUP_C -#define BN_MP_RSHD_C -#define BN_MP_SET_C -#define BN_MP_SET_INT_C -#define BN_MP_SET_LONG_C -#define BN_MP_SET_LONG_LONG_C -#define BN_MP_SHRINK_C -#define BN_MP_SIGNED_BIN_SIZE_C -#define BN_MP_SQR_C -#define BN_MP_SQRMOD_C -#define BN_MP_SQRT_C -#define BN_MP_SQRTMOD_PRIME_C -#define BN_MP_SUB_C -#define BN_MP_SUB_D_C -#define BN_MP_SUBMOD_C -#define BN_MP_TO_SIGNED_BIN_C -#define BN_MP_TO_SIGNED_BIN_N_C -#define BN_MP_TO_UNSIGNED_BIN_C -#define BN_MP_TO_UNSIGNED_BIN_N_C -#define BN_MP_TOOM_MUL_C -#define BN_MP_TOOM_SQR_C -#define BN_MP_TORADIX_C -#define BN_MP_TORADIX_N_C -#define BN_MP_UNSIGNED_BIN_SIZE_C -#define BN_MP_XOR_C -#define BN_MP_ZERO_C -#define BN_PRIME_TAB_C -#define BN_REVERSE_C -#define BN_S_MP_ADD_C -#define BN_S_MP_EXPTMOD_C -#define BN_S_MP_MUL_DIGS_C -#define BN_S_MP_MUL_HIGH_DIGS_C -#define BN_S_MP_SQR_C -#define BN_S_MP_SUB_C -#define BNCORE_C +# define BN_ERROR_C +# define BN_FAST_MP_INVMOD_C +# define BN_FAST_MP_MONTGOMERY_REDUCE_C +# define BN_FAST_S_MP_MUL_DIGS_C +# define BN_FAST_S_MP_MUL_HIGH_DIGS_C +# define BN_FAST_S_MP_SQR_C +# define BN_MP_2EXPT_C +# define BN_MP_ABS_C +# define BN_MP_ADD_C +# define BN_MP_ADD_D_C +# define BN_MP_ADDMOD_C +# define BN_MP_AND_C +# define BN_MP_CLAMP_C +# define BN_MP_CLEAR_C +# define BN_MP_CLEAR_MULTI_C +# define BN_MP_CMP_C +# define BN_MP_CMP_D_C +# define BN_MP_CMP_MAG_C +# define BN_MP_CNT_LSB_C +# define BN_MP_COPY_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_DIV_C +# define BN_MP_DIV_2_C +# define BN_MP_DIV_2D_C +# define BN_MP_DIV_3_C +# define BN_MP_DIV_D_C +# define BN_MP_DR_IS_MODULUS_C +# define BN_MP_DR_REDUCE_C +# define BN_MP_DR_SETUP_C +# define BN_MP_EXCH_C +# define BN_MP_EXPORT_C +# define BN_MP_EXPT_D_C +# define BN_MP_EXPT_D_EX_C +# define BN_MP_EXPTMOD_C +# define BN_MP_EXPTMOD_FAST_C +# define BN_MP_EXTEUCLID_C +# define BN_MP_FREAD_C +# define BN_MP_FWRITE_C +# define BN_MP_GCD_C +# define BN_MP_GET_INT_C +# define BN_MP_GET_LONG_C +# define BN_MP_GET_LONG_LONG_C +# define BN_MP_GROW_C +# define BN_MP_IMPORT_C +# define BN_MP_INIT_C +# define BN_MP_INIT_COPY_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_INIT_SET_C +# define BN_MP_INIT_SET_INT_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_INVMOD_C +# define BN_MP_INVMOD_SLOW_C +# define BN_MP_IS_SQUARE_C +# define BN_MP_JACOBI_C +# define BN_MP_KARATSUBA_MUL_C +# define BN_MP_KARATSUBA_SQR_C +# define BN_MP_LCM_C +# define BN_MP_LSHD_C +# define BN_MP_MOD_C +# define BN_MP_MOD_2D_C +# define BN_MP_MOD_D_C +# define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C +# define BN_MP_MONTGOMERY_REDUCE_C +# define BN_MP_MONTGOMERY_SETUP_C +# define BN_MP_MUL_C +# define BN_MP_MUL_2_C +# define BN_MP_MUL_2D_C +# define BN_MP_MUL_D_C +# define BN_MP_MULMOD_C +# define BN_MP_N_ROOT_C +# define BN_MP_N_ROOT_EX_C +# define BN_MP_NEG_C +# define BN_MP_OR_C +# define BN_MP_PRIME_FERMAT_C +# define BN_MP_PRIME_IS_DIVISIBLE_C +# define BN_MP_PRIME_IS_PRIME_C +# define BN_MP_PRIME_MILLER_RABIN_C +# define BN_MP_PRIME_NEXT_PRIME_C +# define BN_MP_PRIME_RABIN_MILLER_TRIALS_C +# define BN_MP_PRIME_RANDOM_EX_C +# define BN_MP_RADIX_SIZE_C +# define BN_MP_RADIX_SMAP_C +# define BN_MP_RAND_C +# define BN_MP_READ_RADIX_C +# define BN_MP_READ_SIGNED_BIN_C +# define BN_MP_READ_UNSIGNED_BIN_C +# define BN_MP_REDUCE_C +# define BN_MP_REDUCE_2K_C +# define BN_MP_REDUCE_2K_L_C +# define BN_MP_REDUCE_2K_SETUP_C +# define BN_MP_REDUCE_2K_SETUP_L_C +# define BN_MP_REDUCE_IS_2K_C +# define BN_MP_REDUCE_IS_2K_L_C +# define BN_MP_REDUCE_SETUP_C +# define BN_MP_RSHD_C +# define BN_MP_SET_C +# define BN_MP_SET_INT_C +# define BN_MP_SET_LONG_C +# define BN_MP_SET_LONG_LONG_C +# define BN_MP_SHRINK_C +# define BN_MP_SIGNED_BIN_SIZE_C +# define BN_MP_SQR_C +# define BN_MP_SQRMOD_C +# define BN_MP_SQRT_C +# define BN_MP_SQRTMOD_PRIME_C +# define BN_MP_SUB_C +# define BN_MP_SUB_D_C +# define BN_MP_SUBMOD_C +# define BN_MP_TO_SIGNED_BIN_C +# define BN_MP_TO_SIGNED_BIN_N_C +# define BN_MP_TO_UNSIGNED_BIN_C +# define BN_MP_TO_UNSIGNED_BIN_N_C +# define BN_MP_TOOM_MUL_C +# define BN_MP_TOOM_SQR_C +# define BN_MP_TORADIX_C +# define BN_MP_TORADIX_N_C +# define BN_MP_UNSIGNED_BIN_SIZE_C +# define BN_MP_XOR_C +# define BN_MP_ZERO_C +# define BN_PRIME_TAB_C +# define BN_REVERSE_C +# define BN_S_MP_ADD_C +# define BN_S_MP_EXPTMOD_C +# define BN_S_MP_MUL_DIGS_C +# define BN_S_MP_MUL_HIGH_DIGS_C +# define BN_S_MP_SQR_C +# define BN_S_MP_SUB_C +# define BNCORE_C #endif #if defined(BN_ERROR_C) - #define BN_MP_ERROR_TO_STRING_C +# define BN_MP_ERROR_TO_STRING_C #endif #if defined(BN_FAST_MP_INVMOD_C) - #define BN_MP_ISEVEN_C - #define BN_MP_INIT_MULTI_C - #define BN_MP_COPY_C - #define BN_MP_MOD_C - #define BN_MP_SET_C - #define BN_MP_DIV_2_C - #define BN_MP_ISODD_C - #define BN_MP_SUB_C - #define BN_MP_CMP_C - #define BN_MP_ISZERO_C - #define BN_MP_CMP_D_C - #define BN_MP_ADD_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_ISEVEN_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_COPY_C +# define BN_MP_MOD_C +# define BN_MP_SET_C +# define BN_MP_DIV_2_C +# define BN_MP_ISODD_C +# define BN_MP_SUB_C +# define BN_MP_CMP_C +# define BN_MP_ISZERO_C +# define BN_MP_CMP_D_C +# define BN_MP_ADD_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C) - #define BN_MP_GROW_C - #define BN_MP_RSHD_C - #define BN_MP_CLAMP_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_MP_GROW_C +# define BN_MP_RSHD_C +# define BN_MP_CLAMP_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_FAST_S_MP_MUL_DIGS_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_FAST_S_MP_SQR_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_2EXPT_C) - #define BN_MP_ZERO_C - #define BN_MP_GROW_C +# define BN_MP_ZERO_C +# define BN_MP_GROW_C #endif #if defined(BN_MP_ABS_C) - #define BN_MP_COPY_C +# define BN_MP_COPY_C #endif #if defined(BN_MP_ADD_C) - #define BN_S_MP_ADD_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_S_MP_ADD_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_ADD_D_C) - #define BN_MP_GROW_C - #define BN_MP_SUB_D_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_SUB_D_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_ADDMOD_C) - #define BN_MP_INIT_C - #define BN_MP_ADD_C - #define BN_MP_CLEAR_C - #define BN_MP_MOD_C +# define BN_MP_INIT_C +# define BN_MP_ADD_C +# define BN_MP_CLEAR_C +# define BN_MP_MOD_C #endif #if defined(BN_MP_AND_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_CLAMP_C) @@ -224,11 +224,11 @@ #endif #if defined(BN_MP_CLEAR_MULTI_C) - #define BN_MP_CLEAR_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_CMP_C) - #define BN_MP_CMP_MAG_C +# define BN_MP_CMP_MAG_C #endif #if defined(BN_MP_CMP_D_C) @@ -238,84 +238,81 @@ #endif #if defined(BN_MP_CNT_LSB_C) - #define BN_MP_ISZERO_C +# define BN_MP_ISZERO_C #endif #if defined(BN_MP_COPY_C) - #define BN_MP_GROW_C +# define BN_MP_GROW_C #endif #if defined(BN_MP_COUNT_BITS_C) #endif #if defined(BN_MP_DIV_C) - #define BN_MP_ISZERO_C - #define BN_MP_CMP_MAG_C - #define BN_MP_COPY_C - #define BN_MP_ZERO_C - #define BN_MP_INIT_MULTI_C - #define BN_MP_SET_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_ABS_C - #define BN_MP_MUL_2D_C - #define BN_MP_CMP_C - #define BN_MP_SUB_C - #define BN_MP_ADD_C - #define BN_MP_DIV_2D_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_MULTI_C - #define BN_MP_INIT_SIZE_C - #define BN_MP_INIT_C - #define BN_MP_INIT_COPY_C - #define BN_MP_LSHD_C - #define BN_MP_RSHD_C - #define BN_MP_MUL_D_C - #define BN_MP_CLAMP_C - #define BN_MP_CLEAR_C +# define BN_MP_ISZERO_C +# define BN_MP_CMP_MAG_C +# define BN_MP_COPY_C +# define BN_MP_ZERO_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_SET_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_ABS_C +# define BN_MP_MUL_2D_C +# define BN_MP_CMP_C +# define BN_MP_SUB_C +# define BN_MP_ADD_C +# define BN_MP_DIV_2D_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_MULTI_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_INIT_C +# define BN_MP_INIT_COPY_C +# define BN_MP_LSHD_C +# define BN_MP_RSHD_C +# define BN_MP_MUL_D_C +# define BN_MP_CLAMP_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_DIV_2_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_DIV_2D_C) - #define BN_MP_COPY_C - #define BN_MP_ZERO_C - #define BN_MP_INIT_C - #define BN_MP_MOD_2D_C - #define BN_MP_CLEAR_C - #define BN_MP_RSHD_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C +# define BN_MP_COPY_C +# define BN_MP_ZERO_C +# define BN_MP_MOD_2D_C +# define BN_MP_RSHD_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_DIV_3_C) - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_DIV_D_C) - #define BN_MP_ISZERO_C - #define BN_MP_COPY_C - #define BN_MP_DIV_2D_C - #define BN_MP_DIV_3_C - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_ISZERO_C +# define BN_MP_COPY_C +# define BN_MP_DIV_2D_C +# define BN_MP_DIV_3_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_DR_IS_MODULUS_C) #endif #if defined(BN_MP_DR_REDUCE_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_DR_SETUP_C) @@ -325,96 +322,96 @@ #endif #if defined(BN_MP_EXPORT_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_DIV_2D_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_DIV_2D_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_EXPT_D_C) - #define BN_MP_EXPT_D_EX_C +# define BN_MP_EXPT_D_EX_C #endif #if defined(BN_MP_EXPT_D_EX_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_SET_C - #define BN_MP_MUL_C - #define BN_MP_CLEAR_C - #define BN_MP_SQR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_SET_C +# define BN_MP_MUL_C +# define BN_MP_CLEAR_C +# define BN_MP_SQR_C #endif #if defined(BN_MP_EXPTMOD_C) - #define BN_MP_INIT_C - #define BN_MP_INVMOD_C - #define BN_MP_CLEAR_C - #define BN_MP_ABS_C - #define BN_MP_CLEAR_MULTI_C - #define BN_MP_REDUCE_IS_2K_L_C - #define BN_S_MP_EXPTMOD_C - #define BN_MP_DR_IS_MODULUS_C - #define BN_MP_REDUCE_IS_2K_C - #define BN_MP_ISODD_C - #define BN_MP_EXPTMOD_FAST_C +# define BN_MP_INIT_C +# define BN_MP_INVMOD_C +# define BN_MP_CLEAR_C +# define BN_MP_ABS_C +# define BN_MP_CLEAR_MULTI_C +# define BN_MP_REDUCE_IS_2K_L_C +# define BN_S_MP_EXPTMOD_C +# define BN_MP_DR_IS_MODULUS_C +# define BN_MP_REDUCE_IS_2K_C +# define BN_MP_ISODD_C +# define BN_MP_EXPTMOD_FAST_C #endif #if defined(BN_MP_EXPTMOD_FAST_C) - #define BN_MP_COUNT_BITS_C - #define BN_MP_INIT_C - #define BN_MP_CLEAR_C - #define BN_MP_MONTGOMERY_SETUP_C - #define BN_FAST_MP_MONTGOMERY_REDUCE_C - #define BN_MP_MONTGOMERY_REDUCE_C - #define BN_MP_DR_SETUP_C - #define BN_MP_DR_REDUCE_C - #define BN_MP_REDUCE_2K_SETUP_C - #define BN_MP_REDUCE_2K_C - #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C - #define BN_MP_MULMOD_C - #define BN_MP_SET_C - #define BN_MP_MOD_C - #define BN_MP_COPY_C - #define BN_MP_SQR_C - #define BN_MP_MUL_C - #define BN_MP_EXCH_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLEAR_C +# define BN_MP_MONTGOMERY_SETUP_C +# define BN_FAST_MP_MONTGOMERY_REDUCE_C +# define BN_MP_MONTGOMERY_REDUCE_C +# define BN_MP_DR_SETUP_C +# define BN_MP_DR_REDUCE_C +# define BN_MP_REDUCE_2K_SETUP_C +# define BN_MP_REDUCE_2K_C +# define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C +# define BN_MP_MULMOD_C +# define BN_MP_SET_C +# define BN_MP_MOD_C +# define BN_MP_COPY_C +# define BN_MP_SQR_C +# define BN_MP_MUL_C +# define BN_MP_EXCH_C #endif #if defined(BN_MP_EXTEUCLID_C) - #define BN_MP_INIT_MULTI_C - #define BN_MP_SET_C - #define BN_MP_COPY_C - #define BN_MP_ISZERO_C - #define BN_MP_DIV_C - #define BN_MP_MUL_C - #define BN_MP_SUB_C - #define BN_MP_NEG_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_SET_C +# define BN_MP_COPY_C +# define BN_MP_ISZERO_C +# define BN_MP_DIV_C +# define BN_MP_MUL_C +# define BN_MP_SUB_C +# define BN_MP_NEG_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_FREAD_C) - #define BN_MP_ZERO_C - #define BN_MP_S_RMAP_C - #define BN_MP_MUL_D_C - #define BN_MP_ADD_D_C - #define BN_MP_CMP_D_C +# define BN_MP_ZERO_C +# define BN_MP_S_RMAP_C +# define BN_MP_MUL_D_C +# define BN_MP_ADD_D_C +# define BN_MP_CMP_D_C #endif #if defined(BN_MP_FWRITE_C) - #define BN_MP_RADIX_SIZE_C - #define BN_MP_TORADIX_C +# define BN_MP_RADIX_SIZE_C +# define BN_MP_TORADIX_C #endif #if defined(BN_MP_GCD_C) - #define BN_MP_ISZERO_C - #define BN_MP_ABS_C - #define BN_MP_INIT_COPY_C - #define BN_MP_CNT_LSB_C - #define BN_MP_DIV_2D_C - #define BN_MP_CMP_MAG_C - #define BN_MP_EXCH_C - #define BN_S_MP_SUB_C - #define BN_MP_MUL_2D_C - #define BN_MP_CLEAR_C +# define BN_MP_ISZERO_C +# define BN_MP_ABS_C +# define BN_MP_INIT_COPY_C +# define BN_MP_CNT_LSB_C +# define BN_MP_DIV_2D_C +# define BN_MP_CMP_MAG_C +# define BN_MP_EXCH_C +# define BN_S_MP_SUB_C +# define BN_MP_MUL_2D_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_GET_INT_C) @@ -430,399 +427,402 @@ #endif #if defined(BN_MP_IMPORT_C) - #define BN_MP_ZERO_C - #define BN_MP_MUL_2D_C - #define BN_MP_CLAMP_C +# define BN_MP_ZERO_C +# define BN_MP_MUL_2D_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_INIT_C) #endif #if defined(BN_MP_INIT_COPY_C) - #define BN_MP_INIT_SIZE_C - #define BN_MP_COPY_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_COPY_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_INIT_MULTI_C) - #define BN_MP_ERR_C - #define BN_MP_INIT_C - #define BN_MP_CLEAR_C +# define BN_MP_ERR_C +# define BN_MP_INIT_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_INIT_SET_C) - #define BN_MP_INIT_C - #define BN_MP_SET_C +# define BN_MP_INIT_C +# define BN_MP_SET_C #endif #if defined(BN_MP_INIT_SET_INT_C) - #define BN_MP_INIT_C - #define BN_MP_SET_INT_C +# define BN_MP_INIT_C +# define BN_MP_SET_INT_C #endif #if defined(BN_MP_INIT_SIZE_C) - #define BN_MP_INIT_C +# define BN_MP_INIT_C #endif #if defined(BN_MP_INVMOD_C) - #define BN_MP_ISZERO_C - #define BN_MP_ISODD_C - #define BN_FAST_MP_INVMOD_C - #define BN_MP_INVMOD_SLOW_C +# define BN_MP_ISZERO_C +# define BN_MP_ISODD_C +# define BN_MP_CMP_D_C +# define BN_FAST_MP_INVMOD_C +# define BN_MP_INVMOD_SLOW_C #endif #if defined(BN_MP_INVMOD_SLOW_C) - #define BN_MP_ISZERO_C - #define BN_MP_INIT_MULTI_C - #define BN_MP_MOD_C - #define BN_MP_COPY_C - #define BN_MP_ISEVEN_C - #define BN_MP_SET_C - #define BN_MP_DIV_2_C - #define BN_MP_ISODD_C - #define BN_MP_ADD_C - #define BN_MP_SUB_C - #define BN_MP_CMP_C - #define BN_MP_CMP_D_C - #define BN_MP_CMP_MAG_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_ISZERO_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_MOD_C +# define BN_MP_COPY_C +# define BN_MP_ISEVEN_C +# define BN_MP_SET_C +# define BN_MP_DIV_2_C +# define BN_MP_ISODD_C +# define BN_MP_ADD_C +# define BN_MP_SUB_C +# define BN_MP_CMP_C +# define BN_MP_CMP_D_C +# define BN_MP_CMP_MAG_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_IS_SQUARE_C) - #define BN_MP_MOD_D_C - #define BN_MP_INIT_SET_INT_C - #define BN_MP_MOD_C - #define BN_MP_GET_INT_C - #define BN_MP_SQRT_C - #define BN_MP_SQR_C - #define BN_MP_CMP_MAG_C - #define BN_MP_CLEAR_C +# define BN_MP_MOD_D_C +# define BN_MP_INIT_SET_INT_C +# define BN_MP_MOD_C +# define BN_MP_GET_INT_C +# define BN_MP_SQRT_C +# define BN_MP_SQR_C +# define BN_MP_CMP_MAG_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_JACOBI_C) - #define BN_MP_CMP_D_C - #define BN_MP_ISZERO_C - #define BN_MP_INIT_COPY_C - #define BN_MP_CNT_LSB_C - #define BN_MP_DIV_2D_C - #define BN_MP_MOD_C - #define BN_MP_CLEAR_C +# define BN_MP_ISNEG_C +# define BN_MP_CMP_D_C +# define BN_MP_ISZERO_C +# define BN_MP_INIT_COPY_C +# define BN_MP_CNT_LSB_C +# define BN_MP_DIV_2D_C +# define BN_MP_MOD_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_KARATSUBA_MUL_C) - #define BN_MP_MUL_C - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_S_MP_ADD_C - #define BN_MP_ADD_C - #define BN_S_MP_SUB_C - #define BN_MP_LSHD_C - #define BN_MP_CLEAR_C +# define BN_MP_MUL_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_S_MP_ADD_C +# define BN_MP_ADD_C +# define BN_S_MP_SUB_C +# define BN_MP_LSHD_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_KARATSUBA_SQR_C) - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_SQR_C - #define BN_S_MP_ADD_C - #define BN_S_MP_SUB_C - #define BN_MP_LSHD_C - #define BN_MP_ADD_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_SQR_C +# define BN_S_MP_ADD_C +# define BN_S_MP_SUB_C +# define BN_MP_LSHD_C +# define BN_MP_ADD_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_LCM_C) - #define BN_MP_INIT_MULTI_C - #define BN_MP_GCD_C - #define BN_MP_CMP_MAG_C - #define BN_MP_DIV_C - #define BN_MP_MUL_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_GCD_C +# define BN_MP_CMP_MAG_C +# define BN_MP_DIV_C +# define BN_MP_MUL_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_LSHD_C) - #define BN_MP_GROW_C - #define BN_MP_RSHD_C +# define BN_MP_GROW_C +# define BN_MP_RSHD_C #endif #if defined(BN_MP_MOD_C) - #define BN_MP_INIT_C - #define BN_MP_DIV_C - #define BN_MP_CLEAR_C - #define BN_MP_ISZERO_C - #define BN_MP_EXCH_C - #define BN_MP_ADD_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_DIV_C +# define BN_MP_CLEAR_C +# define BN_MP_ISZERO_C +# define BN_MP_EXCH_C +# define BN_MP_ADD_C #endif #if defined(BN_MP_MOD_2D_C) - #define BN_MP_ZERO_C - #define BN_MP_COPY_C - #define BN_MP_CLAMP_C +# define BN_MP_ZERO_C +# define BN_MP_COPY_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_MOD_D_C) - #define BN_MP_DIV_D_C +# define BN_MP_DIV_D_C #endif #if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C) - #define BN_MP_COUNT_BITS_C - #define BN_MP_2EXPT_C - #define BN_MP_SET_C - #define BN_MP_MUL_2_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_2EXPT_C +# define BN_MP_SET_C +# define BN_MP_MUL_2_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_MONTGOMERY_REDUCE_C) - #define BN_FAST_MP_MONTGOMERY_REDUCE_C - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C - #define BN_MP_RSHD_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_FAST_MP_MONTGOMERY_REDUCE_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C +# define BN_MP_RSHD_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_MONTGOMERY_SETUP_C) #endif #if defined(BN_MP_MUL_C) - #define BN_MP_TOOM_MUL_C - #define BN_MP_KARATSUBA_MUL_C - #define BN_FAST_S_MP_MUL_DIGS_C - #define BN_S_MP_MUL_C - #define BN_S_MP_MUL_DIGS_C +# define BN_MP_TOOM_MUL_C +# define BN_MP_KARATSUBA_MUL_C +# define BN_FAST_S_MP_MUL_DIGS_C +# define BN_S_MP_MUL_C +# define BN_S_MP_MUL_DIGS_C #endif #if defined(BN_MP_MUL_2_C) - #define BN_MP_GROW_C +# define BN_MP_GROW_C #endif #if defined(BN_MP_MUL_2D_C) - #define BN_MP_COPY_C - #define BN_MP_GROW_C - #define BN_MP_LSHD_C - #define BN_MP_CLAMP_C +# define BN_MP_COPY_C +# define BN_MP_GROW_C +# define BN_MP_LSHD_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_MUL_D_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_MULMOD_C) - #define BN_MP_INIT_C - #define BN_MP_MUL_C - #define BN_MP_CLEAR_C - #define BN_MP_MOD_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_MUL_C +# define BN_MP_CLEAR_C +# define BN_MP_MOD_C #endif #if defined(BN_MP_N_ROOT_C) - #define BN_MP_N_ROOT_EX_C +# define BN_MP_N_ROOT_EX_C #endif #if defined(BN_MP_N_ROOT_EX_C) - #define BN_MP_INIT_C - #define BN_MP_SET_C - #define BN_MP_COPY_C - #define BN_MP_EXPT_D_EX_C - #define BN_MP_MUL_C - #define BN_MP_SUB_C - #define BN_MP_MUL_D_C - #define BN_MP_DIV_C - #define BN_MP_CMP_C - #define BN_MP_SUB_D_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_C +# define BN_MP_SET_C +# define BN_MP_COPY_C +# define BN_MP_EXPT_D_EX_C +# define BN_MP_MUL_C +# define BN_MP_SUB_C +# define BN_MP_MUL_D_C +# define BN_MP_DIV_C +# define BN_MP_CMP_C +# define BN_MP_SUB_D_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_NEG_C) - #define BN_MP_COPY_C - #define BN_MP_ISZERO_C +# define BN_MP_COPY_C +# define BN_MP_ISZERO_C #endif #if defined(BN_MP_OR_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_PRIME_FERMAT_C) - #define BN_MP_CMP_D_C - #define BN_MP_INIT_C - #define BN_MP_EXPTMOD_C - #define BN_MP_CMP_C - #define BN_MP_CLEAR_C +# define BN_MP_CMP_D_C +# define BN_MP_INIT_C +# define BN_MP_EXPTMOD_C +# define BN_MP_CMP_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_PRIME_IS_DIVISIBLE_C) - #define BN_MP_MOD_D_C +# define BN_MP_MOD_D_C #endif #if defined(BN_MP_PRIME_IS_PRIME_C) - #define BN_MP_CMP_D_C - #define BN_MP_PRIME_IS_DIVISIBLE_C - #define BN_MP_INIT_C - #define BN_MP_SET_C - #define BN_MP_PRIME_MILLER_RABIN_C - #define BN_MP_CLEAR_C +# define BN_MP_CMP_D_C +# define BN_MP_PRIME_IS_DIVISIBLE_C +# define BN_MP_INIT_C +# define BN_MP_SET_C +# define BN_MP_PRIME_MILLER_RABIN_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_PRIME_MILLER_RABIN_C) - #define BN_MP_CMP_D_C - #define BN_MP_INIT_COPY_C - #define BN_MP_SUB_D_C - #define BN_MP_CNT_LSB_C - #define BN_MP_DIV_2D_C - #define BN_MP_EXPTMOD_C - #define BN_MP_CMP_C - #define BN_MP_SQRMOD_C - #define BN_MP_CLEAR_C +# define BN_MP_CMP_D_C +# define BN_MP_INIT_COPY_C +# define BN_MP_SUB_D_C +# define BN_MP_CNT_LSB_C +# define BN_MP_DIV_2D_C +# define BN_MP_EXPTMOD_C +# define BN_MP_CMP_C +# define BN_MP_SQRMOD_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_PRIME_NEXT_PRIME_C) - #define BN_MP_CMP_D_C - #define BN_MP_SET_C - #define BN_MP_SUB_D_C - #define BN_MP_ISEVEN_C - #define BN_MP_MOD_D_C - #define BN_MP_INIT_C - #define BN_MP_ADD_D_C - #define BN_MP_PRIME_MILLER_RABIN_C - #define BN_MP_CLEAR_C +# define BN_MP_CMP_D_C +# define BN_MP_SET_C +# define BN_MP_SUB_D_C +# define BN_MP_ISEVEN_C +# define BN_MP_MOD_D_C +# define BN_MP_INIT_C +# define BN_MP_ADD_D_C +# define BN_MP_PRIME_MILLER_RABIN_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C) #endif #if defined(BN_MP_PRIME_RANDOM_EX_C) - #define BN_MP_READ_UNSIGNED_BIN_C - #define BN_MP_PRIME_IS_PRIME_C - #define BN_MP_SUB_D_C - #define BN_MP_DIV_2_C - #define BN_MP_MUL_2_C - #define BN_MP_ADD_D_C +# define BN_MP_READ_UNSIGNED_BIN_C +# define BN_MP_PRIME_IS_PRIME_C +# define BN_MP_SUB_D_C +# define BN_MP_DIV_2_C +# define BN_MP_MUL_2_C +# define BN_MP_ADD_D_C #endif #if defined(BN_MP_RADIX_SIZE_C) - #define BN_MP_ISZERO_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_INIT_COPY_C - #define BN_MP_DIV_D_C - #define BN_MP_CLEAR_C +# define BN_MP_ISZERO_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_INIT_COPY_C +# define BN_MP_DIV_D_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_RADIX_SMAP_C) - #define BN_MP_S_RMAP_C +# define BN_MP_S_RMAP_C #endif #if defined(BN_MP_RAND_C) - #define BN_MP_ZERO_C - #define BN_MP_ADD_D_C - #define BN_MP_LSHD_C +# define BN_MP_ZERO_C +# define BN_MP_ADD_D_C +# define BN_MP_LSHD_C #endif #if defined(BN_MP_READ_RADIX_C) - #define BN_MP_ZERO_C - #define BN_MP_S_RMAP_C - #define BN_MP_MUL_D_C - #define BN_MP_ADD_D_C - #define BN_MP_ISZERO_C +# define BN_MP_ZERO_C +# define BN_MP_S_RMAP_C +# define BN_MP_MUL_D_C +# define BN_MP_ADD_D_C +# define BN_MP_ISZERO_C #endif #if defined(BN_MP_READ_SIGNED_BIN_C) - #define BN_MP_READ_UNSIGNED_BIN_C +# define BN_MP_READ_UNSIGNED_BIN_C #endif #if defined(BN_MP_READ_UNSIGNED_BIN_C) - #define BN_MP_GROW_C - #define BN_MP_ZERO_C - #define BN_MP_MUL_2D_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_ZERO_C +# define BN_MP_MUL_2D_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_REDUCE_C) - #define BN_MP_REDUCE_SETUP_C - #define BN_MP_INIT_COPY_C - #define BN_MP_RSHD_C - #define BN_MP_MUL_C - #define BN_S_MP_MUL_HIGH_DIGS_C - #define BN_FAST_S_MP_MUL_HIGH_DIGS_C - #define BN_MP_MOD_2D_C - #define BN_S_MP_MUL_DIGS_C - #define BN_MP_SUB_C - #define BN_MP_CMP_D_C - #define BN_MP_SET_C - #define BN_MP_LSHD_C - #define BN_MP_ADD_C - #define BN_MP_CMP_C - #define BN_S_MP_SUB_C - #define BN_MP_CLEAR_C +# define BN_MP_REDUCE_SETUP_C +# define BN_MP_INIT_COPY_C +# define BN_MP_RSHD_C +# define BN_MP_MUL_C +# define BN_S_MP_MUL_HIGH_DIGS_C +# define BN_FAST_S_MP_MUL_HIGH_DIGS_C +# define BN_MP_MOD_2D_C +# define BN_S_MP_MUL_DIGS_C +# define BN_MP_SUB_C +# define BN_MP_CMP_D_C +# define BN_MP_SET_C +# define BN_MP_LSHD_C +# define BN_MP_ADD_C +# define BN_MP_CMP_C +# define BN_S_MP_SUB_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_REDUCE_2K_C) - #define BN_MP_INIT_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_DIV_2D_C - #define BN_MP_MUL_D_C - #define BN_S_MP_ADD_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_DIV_2D_C +# define BN_MP_MUL_D_C +# define BN_S_MP_ADD_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_REDUCE_2K_L_C) - #define BN_MP_INIT_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_DIV_2D_C - #define BN_MP_MUL_C - #define BN_S_MP_ADD_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_DIV_2D_C +# define BN_MP_MUL_C +# define BN_S_MP_ADD_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_REDUCE_2K_SETUP_C) - #define BN_MP_INIT_C - #define BN_MP_COUNT_BITS_C - #define BN_MP_2EXPT_C - #define BN_MP_CLEAR_C - #define BN_S_MP_SUB_C +# define BN_MP_INIT_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_2EXPT_C +# define BN_MP_CLEAR_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_REDUCE_2K_SETUP_L_C) - #define BN_MP_INIT_C - #define BN_MP_2EXPT_C - #define BN_MP_COUNT_BITS_C - #define BN_S_MP_SUB_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_C +# define BN_MP_2EXPT_C +# define BN_MP_COUNT_BITS_C +# define BN_S_MP_SUB_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_REDUCE_IS_2K_C) - #define BN_MP_REDUCE_2K_C - #define BN_MP_COUNT_BITS_C +# define BN_MP_REDUCE_2K_C +# define BN_MP_COUNT_BITS_C #endif #if defined(BN_MP_REDUCE_IS_2K_L_C) #endif #if defined(BN_MP_REDUCE_SETUP_C) - #define BN_MP_2EXPT_C - #define BN_MP_DIV_C +# define BN_MP_2EXPT_C +# define BN_MP_DIV_C #endif #if defined(BN_MP_RSHD_C) - #define BN_MP_ZERO_C +# define BN_MP_ZERO_C #endif #if defined(BN_MP_SET_C) - #define BN_MP_ZERO_C +# define BN_MP_ZERO_C #endif #if defined(BN_MP_SET_INT_C) - #define BN_MP_ZERO_C - #define BN_MP_MUL_2D_C - #define BN_MP_CLAMP_C +# define BN_MP_ZERO_C +# define BN_MP_MUL_2D_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_SET_LONG_C) @@ -835,155 +835,155 @@ #endif #if defined(BN_MP_SIGNED_BIN_SIZE_C) - #define BN_MP_UNSIGNED_BIN_SIZE_C +# define BN_MP_UNSIGNED_BIN_SIZE_C #endif #if defined(BN_MP_SQR_C) - #define BN_MP_TOOM_SQR_C - #define BN_MP_KARATSUBA_SQR_C - #define BN_FAST_S_MP_SQR_C - #define BN_S_MP_SQR_C +# define BN_MP_TOOM_SQR_C +# define BN_MP_KARATSUBA_SQR_C +# define BN_FAST_S_MP_SQR_C +# define BN_S_MP_SQR_C #endif #if defined(BN_MP_SQRMOD_C) - #define BN_MP_INIT_C - #define BN_MP_SQR_C - #define BN_MP_CLEAR_C - #define BN_MP_MOD_C +# define BN_MP_INIT_C +# define BN_MP_SQR_C +# define BN_MP_CLEAR_C +# define BN_MP_MOD_C #endif #if defined(BN_MP_SQRT_C) - #define BN_MP_N_ROOT_C - #define BN_MP_ISZERO_C - #define BN_MP_ZERO_C - #define BN_MP_INIT_COPY_C - #define BN_MP_RSHD_C - #define BN_MP_DIV_C - #define BN_MP_ADD_C - #define BN_MP_DIV_2_C - #define BN_MP_CMP_MAG_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_N_ROOT_C +# define BN_MP_ISZERO_C +# define BN_MP_ZERO_C +# define BN_MP_INIT_COPY_C +# define BN_MP_RSHD_C +# define BN_MP_DIV_C +# define BN_MP_ADD_C +# define BN_MP_DIV_2_C +# define BN_MP_CMP_MAG_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_SQRTMOD_PRIME_C) - #define BN_MP_CMP_D_C - #define BN_MP_ZERO_C - #define BN_MP_JACOBI_C - #define BN_MP_INIT_MULTI_C - #define BN_MP_MOD_D_C - #define BN_MP_ADD_D_C - #define BN_MP_DIV_2_C - #define BN_MP_EXPTMOD_C - #define BN_MP_COPY_C - #define BN_MP_SUB_D_C - #define BN_MP_ISEVEN_C - #define BN_MP_SET_INT_C - #define BN_MP_SQRMOD_C - #define BN_MP_MULMOD_C - #define BN_MP_SET_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_CMP_D_C +# define BN_MP_ZERO_C +# define BN_MP_JACOBI_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_MOD_D_C +# define BN_MP_ADD_D_C +# define BN_MP_DIV_2_C +# define BN_MP_EXPTMOD_C +# define BN_MP_COPY_C +# define BN_MP_SUB_D_C +# define BN_MP_ISEVEN_C +# define BN_MP_SET_INT_C +# define BN_MP_SQRMOD_C +# define BN_MP_MULMOD_C +# define BN_MP_SET_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_SUB_C) - #define BN_S_MP_ADD_C - #define BN_MP_CMP_MAG_C - #define BN_S_MP_SUB_C +# define BN_S_MP_ADD_C +# define BN_MP_CMP_MAG_C +# define BN_S_MP_SUB_C #endif #if defined(BN_MP_SUB_D_C) - #define BN_MP_GROW_C - #define BN_MP_ADD_D_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_ADD_D_C +# define BN_MP_CLAMP_C #endif #if defined(BN_MP_SUBMOD_C) - #define BN_MP_INIT_C - #define BN_MP_SUB_C - #define BN_MP_CLEAR_C - #define BN_MP_MOD_C +# define BN_MP_INIT_C +# define BN_MP_SUB_C +# define BN_MP_CLEAR_C +# define BN_MP_MOD_C #endif #if defined(BN_MP_TO_SIGNED_BIN_C) - #define BN_MP_TO_UNSIGNED_BIN_C +# define BN_MP_TO_UNSIGNED_BIN_C #endif #if defined(BN_MP_TO_SIGNED_BIN_N_C) - #define BN_MP_SIGNED_BIN_SIZE_C - #define BN_MP_TO_SIGNED_BIN_C +# define BN_MP_SIGNED_BIN_SIZE_C +# define BN_MP_TO_SIGNED_BIN_C #endif #if defined(BN_MP_TO_UNSIGNED_BIN_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_ISZERO_C - #define BN_MP_DIV_2D_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_ISZERO_C +# define BN_MP_DIV_2D_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_TO_UNSIGNED_BIN_N_C) - #define BN_MP_UNSIGNED_BIN_SIZE_C - #define BN_MP_TO_UNSIGNED_BIN_C +# define BN_MP_UNSIGNED_BIN_SIZE_C +# define BN_MP_TO_UNSIGNED_BIN_C #endif #if defined(BN_MP_TOOM_MUL_C) - #define BN_MP_INIT_MULTI_C - #define BN_MP_MOD_2D_C - #define BN_MP_COPY_C - #define BN_MP_RSHD_C - #define BN_MP_MUL_C - #define BN_MP_MUL_2_C - #define BN_MP_ADD_C - #define BN_MP_SUB_C - #define BN_MP_DIV_2_C - #define BN_MP_MUL_2D_C - #define BN_MP_MUL_D_C - #define BN_MP_DIV_3_C - #define BN_MP_LSHD_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_MOD_2D_C +# define BN_MP_COPY_C +# define BN_MP_RSHD_C +# define BN_MP_MUL_C +# define BN_MP_MUL_2_C +# define BN_MP_ADD_C +# define BN_MP_SUB_C +# define BN_MP_DIV_2_C +# define BN_MP_MUL_2D_C +# define BN_MP_MUL_D_C +# define BN_MP_DIV_3_C +# define BN_MP_LSHD_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_TOOM_SQR_C) - #define BN_MP_INIT_MULTI_C - #define BN_MP_MOD_2D_C - #define BN_MP_COPY_C - #define BN_MP_RSHD_C - #define BN_MP_SQR_C - #define BN_MP_MUL_2_C - #define BN_MP_ADD_C - #define BN_MP_SUB_C - #define BN_MP_DIV_2_C - #define BN_MP_MUL_2D_C - #define BN_MP_MUL_D_C - #define BN_MP_DIV_3_C - #define BN_MP_LSHD_C - #define BN_MP_CLEAR_MULTI_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_MOD_2D_C +# define BN_MP_COPY_C +# define BN_MP_RSHD_C +# define BN_MP_SQR_C +# define BN_MP_MUL_2_C +# define BN_MP_ADD_C +# define BN_MP_SUB_C +# define BN_MP_DIV_2_C +# define BN_MP_MUL_2D_C +# define BN_MP_MUL_D_C +# define BN_MP_DIV_3_C +# define BN_MP_LSHD_C +# define BN_MP_CLEAR_MULTI_C #endif #if defined(BN_MP_TORADIX_C) - #define BN_MP_ISZERO_C - #define BN_MP_INIT_COPY_C - #define BN_MP_DIV_D_C - #define BN_MP_CLEAR_C - #define BN_MP_S_RMAP_C +# define BN_MP_ISZERO_C +# define BN_MP_INIT_COPY_C +# define BN_MP_DIV_D_C +# define BN_MP_CLEAR_C +# define BN_MP_S_RMAP_C #endif #if defined(BN_MP_TORADIX_N_C) - #define BN_MP_ISZERO_C - #define BN_MP_INIT_COPY_C - #define BN_MP_DIV_D_C - #define BN_MP_CLEAR_C - #define BN_MP_S_RMAP_C +# define BN_MP_ISZERO_C +# define BN_MP_INIT_COPY_C +# define BN_MP_DIV_D_C +# define BN_MP_CLEAR_C +# define BN_MP_S_RMAP_C #endif #if defined(BN_MP_UNSIGNED_BIN_SIZE_C) - #define BN_MP_COUNT_BITS_C +# define BN_MP_COUNT_BITS_C #endif #if defined(BN_MP_XOR_C) - #define BN_MP_INIT_COPY_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_COPY_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_MP_ZERO_C) @@ -996,62 +996,63 @@ #endif #if defined(BN_S_MP_ADD_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BN_S_MP_EXPTMOD_C) - #define BN_MP_COUNT_BITS_C - #define BN_MP_INIT_C - #define BN_MP_CLEAR_C - #define BN_MP_REDUCE_SETUP_C - #define BN_MP_REDUCE_C - #define BN_MP_REDUCE_2K_SETUP_L_C - #define BN_MP_REDUCE_2K_L_C - #define BN_MP_MOD_C - #define BN_MP_COPY_C - #define BN_MP_SQR_C - #define BN_MP_MUL_C - #define BN_MP_SET_C - #define BN_MP_EXCH_C +# define BN_MP_COUNT_BITS_C +# define BN_MP_INIT_C +# define BN_MP_CLEAR_C +# define BN_MP_REDUCE_SETUP_C +# define BN_MP_REDUCE_C +# define BN_MP_REDUCE_2K_SETUP_L_C +# define BN_MP_REDUCE_2K_L_C +# define BN_MP_MOD_C +# define BN_MP_COPY_C +# define BN_MP_SQR_C +# define BN_MP_MUL_C +# define BN_MP_SET_C +# define BN_MP_EXCH_C #endif #if defined(BN_S_MP_MUL_DIGS_C) - #define BN_FAST_S_MP_MUL_DIGS_C - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_FAST_S_MP_MUL_DIGS_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_S_MP_MUL_HIGH_DIGS_C) - #define BN_FAST_S_MP_MUL_HIGH_DIGS_C - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_FAST_S_MP_MUL_HIGH_DIGS_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_S_MP_SQR_C) - #define BN_MP_INIT_SIZE_C - #define BN_MP_CLAMP_C - #define BN_MP_EXCH_C - #define BN_MP_CLEAR_C +# define BN_MP_INIT_SIZE_C +# define BN_MP_CLAMP_C +# define BN_MP_EXCH_C +# define BN_MP_CLEAR_C #endif #if defined(BN_S_MP_SUB_C) - #define BN_MP_GROW_C - #define BN_MP_CLAMP_C +# define BN_MP_GROW_C +# define BN_MP_CLAMP_C #endif #if defined(BNCORE_C) #endif #ifdef LTM3 -#define LTM_LAST +# define LTM_LAST #endif + #include #include #else -#define LTM_LAST +# define LTM_LAST #endif diff --git a/src/ltm/tommath_private.h b/src/ltm/tommath_private.h index 3d6b6ac..678edc4 100644 --- a/src/ltm/tommath_private.h +++ b/src/ltm/tommath_private.h @@ -19,63 +19,65 @@ #include #ifndef MIN -#define MIN(x,y) (((x) < (y)) ? (x) : (y)) +#define MIN(x, y) (((x) < (y)) ? (x) : (y)) #endif #ifndef MAX -#define MAX(x,y) (((x) > (y)) ? (x) : (y)) +#define MAX(x, y) (((x) > (y)) ? (x) : (y)) #endif #ifdef __cplusplus extern "C" { /* C++ compilers don't like assigning void * to mp_digit * */ -#define OPT_CAST(x) (x *) +#define OPT_CAST(x) (x *) #else /* C on the other hand doesn't care */ -#define OPT_CAST(x) +#define OPT_CAST(x) #endif /* define heap macros */ #ifndef XMALLOC - /* default to libc stuff */ - #define XMALLOC malloc - #define XFREE free - #define XREALLOC realloc - #define XCALLOC calloc +/* default to libc stuff */ +# define XMALLOC malloc +# define XFREE free +# define XREALLOC realloc +# define XCALLOC calloc #else - /* prototypes for our heap functions */ - extern void *XMALLOC(size_t n); - extern void *XREALLOC(void *p, size_t n); - extern void *XCALLOC(size_t n, size_t s); - extern void XFREE(void *p); +/* prototypes for our heap functions */ +extern void *XMALLOC(size_t n); +extern void *XREALLOC(void *p, size_t n); +extern void *XCALLOC(size_t n, size_t s); +extern void XFREE(void *p); #endif /* lowlevel functions, do not call! */ -int s_mp_add(mp_int *a, mp_int *b, mp_int *c); -int s_mp_sub(mp_int *a, mp_int *b, mp_int *c); +int s_mp_add(const mp_int *a, const mp_int *b, mp_int *c); +int s_mp_sub(const mp_int *a, const mp_int *b, mp_int *c); #define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1) -int fast_s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs); -int s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs); -int fast_s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs); -int s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs); -int fast_s_mp_sqr(mp_int *a, mp_int *b); -int s_mp_sqr(mp_int *a, mp_int *b); -int mp_karatsuba_mul(mp_int *a, mp_int *b, mp_int *c); -int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c); -int mp_karatsuba_sqr(mp_int *a, mp_int *b); -int mp_toom_sqr(mp_int *a, mp_int *b); -int fast_mp_invmod(mp_int *a, mp_int *b, mp_int *c); -int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c); -int fast_mp_montgomery_reduce(mp_int *x, mp_int *n, mp_digit rho); -int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int redmode); -int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode); +int fast_s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs); +int s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs); +int fast_s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs); +int s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs); +int fast_s_mp_sqr(const mp_int *a, mp_int *b); +int s_mp_sqr(const mp_int *a, mp_int *b); +int mp_karatsuba_mul(const mp_int *a, const mp_int *b, mp_int *c); +int mp_toom_mul(const mp_int *a, const mp_int *b, mp_int *c); +int mp_karatsuba_sqr(const mp_int *a, mp_int *b); +int mp_toom_sqr(const mp_int *a, mp_int *b); +int fast_mp_invmod(const mp_int *a, const mp_int *b, mp_int *c); +int mp_invmod_slow(const mp_int *a, const mp_int *b, mp_int *c); +int fast_mp_montgomery_reduce(mp_int *x, const mp_int *n, mp_digit rho); +int mp_exptmod_fast(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y, int redmode); +int s_mp_exptmod(const mp_int *G, const mp_int *X, const mp_int *P, mp_int *Y, int redmode); void bn_reverse(unsigned char *s, int len); extern const char *mp_s_rmap; +extern const uint8_t mp_s_rmap_reverse[]; +extern const size_t mp_s_rmap_reverse_sz; /* Fancy macro to set an MPI from another type. * There are several things assumed: @@ -99,7 +101,7 @@ int func_name (mp_int * a, type b) \ } \ \ /* OR in the top four bits of the source */ \ - a->dp[0] |= (b >> ((sizeof(type) * 8u) - 4u)) & 15u; \ + a->dp[0] |= (mp_digit)(b >> ((sizeof(type) * 8u) - 4u)) & 15uL;\ \ /* shift the source up to the next four bits */ \ b <<= 4; \ @@ -112,12 +114,12 @@ int func_name (mp_int * a, type b) \ } #ifdef __cplusplus - } +} #endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltm/tommath_superclass.h b/src/ltm/tommath_superclass.h index 1b26841..da53793 100644 --- a/src/ltm/tommath_superclass.h +++ b/src/ltm/tommath_superclass.h @@ -14,63 +14,63 @@ /* Works for RSA only, mpi.o is 68KiB */ #ifdef SC_RSA_1 - #define BN_MP_SHRINK_C - #define BN_MP_LCM_C - #define BN_MP_PRIME_RANDOM_EX_C - #define BN_MP_INVMOD_C - #define BN_MP_GCD_C - #define BN_MP_MOD_C - #define BN_MP_MULMOD_C - #define BN_MP_ADDMOD_C - #define BN_MP_EXPTMOD_C - #define BN_MP_SET_INT_C - #define BN_MP_INIT_MULTI_C - #define BN_MP_CLEAR_MULTI_C - #define BN_MP_UNSIGNED_BIN_SIZE_C - #define BN_MP_TO_UNSIGNED_BIN_C - #define BN_MP_MOD_D_C - #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C - #define BN_REVERSE_C - #define BN_PRIME_TAB_C +# define BN_MP_SHRINK_C +# define BN_MP_LCM_C +# define BN_MP_PRIME_RANDOM_EX_C +# define BN_MP_INVMOD_C +# define BN_MP_GCD_C +# define BN_MP_MOD_C +# define BN_MP_MULMOD_C +# define BN_MP_ADDMOD_C +# define BN_MP_EXPTMOD_C +# define BN_MP_SET_INT_C +# define BN_MP_INIT_MULTI_C +# define BN_MP_CLEAR_MULTI_C +# define BN_MP_UNSIGNED_BIN_SIZE_C +# define BN_MP_TO_UNSIGNED_BIN_C +# define BN_MP_MOD_D_C +# define BN_MP_PRIME_RABIN_MILLER_TRIALS_C +# define BN_REVERSE_C +# define BN_PRIME_TAB_C - /* other modifiers */ - #define BN_MP_DIV_SMALL /* Slower division, not critical */ +/* other modifiers */ +# define BN_MP_DIV_SMALL /* Slower division, not critical */ - /* here we are on the last pass so we turn things off. The functions classes are still there - * but we remove them specifically from the build. This also invokes tweaks in functions - * like removing support for even moduli, etc... - */ -#ifdef LTM_LAST - #undef BN_MP_TOOM_MUL_C - #undef BN_MP_TOOM_SQR_C - #undef BN_MP_KARATSUBA_MUL_C - #undef BN_MP_KARATSUBA_SQR_C - #undef BN_MP_REDUCE_C - #undef BN_MP_REDUCE_SETUP_C - #undef BN_MP_DR_IS_MODULUS_C - #undef BN_MP_DR_SETUP_C - #undef BN_MP_DR_REDUCE_C - #undef BN_MP_REDUCE_IS_2K_C - #undef BN_MP_REDUCE_2K_SETUP_C - #undef BN_MP_REDUCE_2K_C - #undef BN_S_MP_EXPTMOD_C - #undef BN_MP_DIV_3_C - #undef BN_S_MP_MUL_HIGH_DIGS_C - #undef BN_FAST_S_MP_MUL_HIGH_DIGS_C - #undef BN_FAST_MP_INVMOD_C +/* here we are on the last pass so we turn things off. The functions classes are still there + * but we remove them specifically from the build. This also invokes tweaks in functions + * like removing support for even moduli, etc... + */ +# ifdef LTM_LAST +# undef BN_MP_TOOM_MUL_C +# undef BN_MP_TOOM_SQR_C +# undef BN_MP_KARATSUBA_MUL_C +# undef BN_MP_KARATSUBA_SQR_C +# undef BN_MP_REDUCE_C +# undef BN_MP_REDUCE_SETUP_C +# undef BN_MP_DR_IS_MODULUS_C +# undef BN_MP_DR_SETUP_C +# undef BN_MP_DR_REDUCE_C +# undef BN_MP_REDUCE_IS_2K_C +# undef BN_MP_REDUCE_2K_SETUP_C +# undef BN_MP_REDUCE_2K_C +# undef BN_S_MP_EXPTMOD_C +# undef BN_MP_DIV_3_C +# undef BN_S_MP_MUL_HIGH_DIGS_C +# undef BN_FAST_S_MP_MUL_HIGH_DIGS_C +# undef BN_FAST_MP_INVMOD_C - /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold - * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] - * which means roughly speaking you can handle upto 2536-bit RSA keys with these defined without - * trouble. - */ - #undef BN_S_MP_MUL_DIGS_C - #undef BN_S_MP_SQR_C - #undef BN_MP_MONTGOMERY_REDUCE_C -#endif +/* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold + * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] + * which means roughly speaking you can handle upto 2536-bit RSA keys with these defined without + * trouble. + */ +# undef BN_S_MP_MUL_DIGS_C +# undef BN_S_MP_SQR_C +# undef BN_MP_MONTGOMERY_REDUCE_C +# endif #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/t/001_compile.t b/t/001_compile.t index 0795acf..1abc45f 100644 --- a/t/001_compile.t +++ b/t/001_compile.t @@ -1,14 +1,23 @@ use strict; use warnings; +use Config; use Test::More tests => 1; -diag( "Testing CryptX $CryptX::VERSION, Perl $], $^X" ); +diag( "Testing CryptX $CryptX::VERSION, Perl $] $^O $^X" ); my $ok; END { die "Could not load all modules" unless $ok } -use CryptX; +use Crypt::AuthEnc::CCM; +use Crypt::AuthEnc::ChaCha20Poly1305; +use Crypt::AuthEnc::EAX; +use Crypt::AuthEnc::GCM; +use Crypt::AuthEnc::OCB; +use Crypt::AuthEnc; +use Crypt::Checksum::Adler32; +use Crypt::Checksum::CRC32; +use Crypt::Checksum; use Crypt::Cipher::AES; use Crypt::Cipher::Anubis; use Crypt::Cipher::Blowfish; @@ -16,6 +25,7 @@ use Crypt::Cipher::Camellia; use Crypt::Cipher::CAST5; use Crypt::Cipher::DES; use Crypt::Cipher::DES_EDE; +use Crypt::Cipher::IDEA; use Crypt::Cipher::KASUMI; use Crypt::Cipher::Khazad; use Crypt::Cipher::MULTI2; @@ -29,10 +39,19 @@ use Crypt::Cipher::SAFER_K64; use Crypt::Cipher::SAFER_SK128; use Crypt::Cipher::SAFER_SK64; use Crypt::Cipher::SEED; +use Crypt::Cipher::Serpent; use Crypt::Cipher::Skipjack; use Crypt::Cipher::Twofish; use Crypt::Cipher::XTEA; use Crypt::Cipher; +use Crypt::Digest::BLAKE2b_160; +use Crypt::Digest::BLAKE2b_256; +use Crypt::Digest::BLAKE2b_384; +use Crypt::Digest::BLAKE2b_512; +use Crypt::Digest::BLAKE2s_128; +use Crypt::Digest::BLAKE2s_160; +use Crypt::Digest::BLAKE2s_224; +use Crypt::Digest::BLAKE2s_256; use Crypt::Digest::CHAES; use Crypt::Digest::MD2; use Crypt::Digest::MD4; @@ -45,29 +64,73 @@ use Crypt::Digest::SHA1; use Crypt::Digest::SHA224; use Crypt::Digest::SHA256; use Crypt::Digest::SHA384; +use Crypt::Digest::SHA3_224; +use Crypt::Digest::SHA3_256; +use Crypt::Digest::SHA3_384; +use Crypt::Digest::SHA3_512; +use Crypt::Digest::Keccak224; +use Crypt::Digest::Keccak256; +use Crypt::Digest::Keccak384; +use Crypt::Digest::Keccak512; use Crypt::Digest::SHA512; +use Crypt::Digest::SHA512_224; +use Crypt::Digest::SHA512_256; +use Crypt::Digest::SHAKE; use Crypt::Digest::Tiger192; use Crypt::Digest::Whirlpool; use Crypt::Digest; +use Crypt::KeyDerivation; +use Crypt::Mac::BLAKE2b; +use Crypt::Mac::BLAKE2s; use Crypt::Mac::F9; use Crypt::Mac::HMAC; use Crypt::Mac::OMAC; use Crypt::Mac::Pelican; use Crypt::Mac::PMAC; +use Crypt::Mac::Poly1305; use Crypt::Mac::XCBC; +use Crypt::Mac; +use Crypt::Misc; use Crypt::Mode::CBC; -use Crypt::Mode::ECB; -use Crypt::Mode::OFB; use Crypt::Mode::CFB; use Crypt::Mode::CTR; -use Crypt::PK::RSA; +use Crypt::Mode::ECB; +use Crypt::Mode::OFB; +use Crypt::Mode; +use Crypt::PK::DH; use Crypt::PK::DSA; use Crypt::PK::ECC; -use Crypt::PK::DH; -use Crypt::Checksum; -use Crypt::Checksum::Adler32; -use Crypt::Checksum::CRC32; +use Crypt::PK::RSA; +use Crypt::PK; +use Crypt::PRNG::ChaCha20; +use Crypt::PRNG::Fortuna; +use Crypt::PRNG::RC4; +use Crypt::PRNG::Sober128; +use Crypt::PRNG::Yarrow; +use Crypt::PRNG; +use Crypt::Stream::ChaCha; +use Crypt::Stream::RC4; +use Crypt::Stream::Salsa20; +use Crypt::Stream::Sober128; +use Crypt::Stream::Sosemanuk; +use Crypt::Stream::Rabbit; +use CryptX; +use Math::BigInt::LTM; + +diag( "osname = $Config{osname}" ); +diag( "myarchname = $Config{myarchname}" ); +diag( "myuname = $Config{myuname}" ); +diag( "intsize = $Config{intsize}" ); +diag( "longsize = $Config{longsize}" ); +diag( "longlongsize = $Config{longlongsize}" ); +diag( "ptrsize = $Config{ptrsize}" ); +diag( "byteorder = $Config{byteorder}" ); +diag( "" ); +diag( CryptX::_ltc_build_settings ); +diag( "" ); +diag( "MP_PROVIDER = " . CryptX::_ltc_mp_name ); +diag( "MP_DIGIT_BIT = " . CryptX::_ltc_mp_bits_per_digit ); +diag( "" ); ok 1, 'All modules loaded successfully'; $ok = 1; - diff --git a/t/002_all_pm.t b/t/002_all_pm.t index 60900a3..3daceed 100644 --- a/t/002_all_pm.t +++ b/t/002_all_pm.t @@ -3,17 +3,52 @@ use warnings; use Test::More; +plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan tests => 1; + +sub _read { + open my $fh, "<", shift; + binmode $fh; + return do { local $/; <$fh> }; +} + +my @err; +my $cryptx = _read("lib/CryptX.pm"); +my $compile_t = _read("t/001_compile.t"); my @files; File::Find::find({ wanted=>sub { push @files, $_ if /\.pm$/ }, no_chdir=>1 }, 'lib'); for my $m (sort @files) { + my $content = _read($m); + push @err, "ERROR: no newline at the end '$m'" unless $content =~ /\n$/s; + push @err, "ERROR: avoid __END__ '$m'" if $content =~ /__END__/s; + push @err, "ERROR: =pod ... =cut '$m'" unless $content =~ /=pod\n.*?=cut\n$/s; + push @err, "ERROR: trailing whitespace '$m'" if $content =~ / \n/s; + push @err, "ERROR: avoid tabs '$m'" if $content =~ /\t/s; + push @err, "ERROR: avoid CRLF '$m'" if $content =~ /\r/s; $m =~ s|[\\/]|::|g; $m =~ s|^lib::||; $m =~ s|\.pm$||; - eval "use $m; 1;" or die "ERROR: 'use $m' failed"; + push @err, "ERROR: '$m' is missing in CryptX.pm" unless $cryptx =~ /L<$m>/s || $m =~ /^(CryptX|Math::BigInt::LTM|Crypt::(PK|Mode|Mac|AuthEnc|Checksum))$/; + push @err, "ERROR: '$m' is missing in 001_compile.t" unless $compile_t =~ /\nuse $m;/s; + eval "use $m; 1;" or push @err, "ERROR: 'use $m' failed"; } +my @others = ('CryptX.xs'); +File::Find::find({ wanted=>sub { push @others, $_ if /\.inc$/ }, no_chdir=>1 }, 'inc'); +File::Find::find({ wanted=>sub { push @others, $_ if /\.(t|pl)$/ }, no_chdir=>1 }, 't'); + +for my $m (sort @others) { + my $content = _read($m); + push @err, "ERROR: no newline at the end '$m'" unless $content =~ /\n$/s; + push @err, "ERROR: trailing whitespace '$m'" if $content =~ / \n/s; + push @err, "ERROR: avoid tabs '$m'" if $content =~ /\t/s; + push @err, "ERROR: avoid CRLF '$m'" if $content =~ /\r/s; +} + +warn "$_\n" for (@err); +die if @err; + ok 1, 'all done'; diff --git a/t/003_all_pm_pod.t b/t/003_all_pm_pod.t index 4911c4f..47c3ccc 100644 --- a/t/003_all_pm_pod.t +++ b/t/003_all_pm_pod.t @@ -3,13 +3,14 @@ use warnings; use Test::More; +plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan skip_all => "Test::Pod not installed" unless eval { require Test::Pod }; -plan tests => 98; +plan tests => 107; my @files; File::Find::find({ wanted=>sub { push @files, $_ if /\.pm$/ }, no_chdir=>1 }, 'lib'); for my $m (sort @files) { Test::Pod::pod_file_ok( $m, "Valid POD in '$m'" ); -} \ No newline at end of file +} diff --git a/t/004_all_pm_pod_spelling.t b/t/004_all_pm_pod_spelling.t new file mode 100644 index 0000000..5e6de67 --- /dev/null +++ b/t/004_all_pm_pod_spelling.t @@ -0,0 +1,32 @@ +use strict; +use warnings; + +use Test::More; + +plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "File::Find not installed" unless eval { require File::Find }; +plan skip_all => "Test::Pod::Spelling or Text::Aspell not installed" unless eval { require Test::Pod::Spelling; require Text::Aspell; }; + +Test::Pod::Spelling->import( + spelling => { + allow_words => [qw( + ASN AES BLAKEb BLAKEs CPAN CRC ChaCha CryptX DCIT DER Diffie EAX ECCDH ECDH ECDSA Flickr HKDF JSON JWA JWK + Karel Miko OCB OCBv OID OMAC OO OpenSSL PBKDF PEM PKCS RIPEMD Rijndael SHA UUID RFC + decrypt decrypts interoperability cryptographically cryptographic octects + libtomcrypt libtommath + params paramshash irand perl endian zbase bumac bmac budigest bdigest md de + blakes_ blakeb_ + XOR'ing XOR'ed + keccak + )] + }, +); + +plan tests => 107; + +my @files; +File::Find::find({ wanted=>sub { push @files, $_ if /\.pm$/ }, no_chdir=>1 }, 'lib'); + +for my $m (sort @files) { + Test::Pod::Spelling::pod_file_spelling_ok( $m, "Spelling in '$m'" ); +} diff --git a/t/005_all_pm_pod_coverage.t b/t/005_all_pm_pod_coverage.t new file mode 100644 index 0000000..ce06bc4 --- /dev/null +++ b/t/005_all_pm_pod_coverage.t @@ -0,0 +1,53 @@ +use strict; +use warnings; + +use Test::More; + +plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "Pod::Coverage not installed" unless eval { require Pod::Coverage }; +plan skip_all => "File::Find not installed" unless eval { require File::Find }; +plan tests => 107; + +my @files; +File::Find::find({ wanted=>sub { push @files, $_ if /\.pm$/ }, no_chdir=>1 }, 'lib'); + +my @err; +for my $m (sort @files) { + my $f = $m; + $m =~ s|[\\/]|::|g; + $m =~ s|^lib::||; + $m =~ s|\.pm$||; + + my $pc; + if ($m eq 'Crypt::PK::DH') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(decrypt|dh_decrypt|dh_encrypt|dh_sign_hash|dh_sign_message|dh_verify_hash|dh_verify_message|encrypt|sign_hash|sign_message|verify_hash|verify_message)$/] ); + } + elsif ($m eq 'Math::BigInt::LTM') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(STORABLE_thaw|STORABLE_freeze|api_version)$/] ); + } + elsif ($m eq 'Crypt::Mode') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(add|decrypt|encrypt|finish|new|start_decrypt|start_encrypt)$/] ); + } + elsif ($m eq 'Crypt::Checksum') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(addfile|(adler32_|crc32_)(file_hex|file_int|file|data_hex|data_int|data))$/] ); + } + elsif ($m eq 'Crypt::Mac') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(add|addfile)$/] ); + } + elsif ($m =~ /^Crypt::Mode::(CTR|CFB|OFB)$/) { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(finish)$/] ); + } + elsif ($m eq 'Crypt::AuthEnc::OCB') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(blocksize|aad_add)$/] ); + } + elsif ($m eq 'Crypt::AuthEnc::EAX') { + $pc = Pod::Coverage->new(package => $m, pod_from => $f, trustme => [qr/^(header_add|aad_add)$/] ); + } + else { + $pc = Pod::Coverage->new(package => $m, pod_from => $f); + } + + my $c = $pc->coverage || 0; + my @u = $pc->uncovered; + ok(@u == 0, sprintf("$m score=%.2f naked=(" . join(" ", @u) . ")", $c)); +} diff --git a/t/auth_enc_ccm.t b/t/auth_enc_ccm.t index 6f03849..1f32583 100644 --- a/t/auth_enc_ccm.t +++ b/t/auth_enc_ccm.t @@ -1,13 +1,41 @@ use strict; use warnings; -use Test::More tests => 6; +use Test::More tests => 13; use Crypt::AuthEnc::CCM qw( ccm_encrypt_authenticate ccm_decrypt_verify ); my $nonce = "random-nonce"; my $key = "12345678901234561234567890123456"; +{ + my $pt = "plain_half"; + my $ct; + + my $m1 = Crypt::AuthEnc::CCM->new("AES", $key, $nonce, "abc", 16, 20); + $ct = $m1->encrypt_add($pt); + $ct .= $m1->encrypt_add($pt); + my $tag = $m1->encrypt_done; + + is(unpack('H*', $ct), "96b0114ff47da72e92631aadce84f203a8168b20", "enc: ciphertext"); + is(unpack('H*', $tag), "fdc41ec07673ec132f1910ba771b9530", "enc: tag"); + + my $d1 = Crypt::AuthEnc::CCM->new("AES", $key, $nonce, "abc", 16, 20); + my $pt2 = $d1->decrypt_add($ct); + my $tag2 = $d1->decrypt_done(); + + is($pt2, "plain_halfplain_half", "dec1: plaintext"); + is(unpack('H*', $tag2), "fdc41ec07673ec132f1910ba771b9530", "dec1: tag"); + + my $d2 = Crypt::AuthEnc::CCM->new("AES", $key, $nonce, "abc", 16, 20); + my $pt3; + $pt3 .= $d2->decrypt_add(substr($ct,$_-1,1)) for (1..length($ct)); + my $tag3 = $d2->decrypt_done(); + + is($pt3, "plain_halfplain_half", "dec2: plaintext"); + is(unpack('H*', $tag3), "fdc41ec07673ec132f1910ba771b9530", "dec2: tag"); +} + { my ($ct, $tag) = ccm_encrypt_authenticate('AES', $key, $nonce, "header-abc", 16, "plain_halfplain_half"); is(unpack('H*', $ct), "96b0114ff47da72e92631aadce84f203a8168b20", "ccm_encrypt_authenticate: ciphertext"); @@ -17,9 +45,11 @@ my $key = "12345678901234561234567890123456"; } { - my ($ct, $tag) = ccm_encrypt_authenticate('AES', $key, $nonce, "", 16, "plain_halfplain_half"); + my ($ct, $tag) = ccm_encrypt_authenticate('AES', $key, $nonce, "", 16, "plain_halfplain_half"); + my ($ct2, $tag2) = ccm_encrypt_authenticate('AES', $key, $nonce, undef, 16, "plain_halfplain_half"); + ok($ct eq $ct2 && $tag eq $tag2, "header '' vs. undef"); is(unpack('H*', $ct), "96b0114ff47da72e92631aadce84f203a8168b20", "ccm_encrypt_authenticate: ciphertext (no header)"); is(unpack('H*', $tag), "9e9cba5dd4939d0d8e2687c85c5d3b89", "ccm_encrypt_authenticate: tag (no header)"); my $pt = ccm_decrypt_verify('AES', $key, $nonce, "", $ct, $tag); is($pt, "plain_halfplain_half", "ccm_decrypt_verify: plaintext (no header)"); -} \ No newline at end of file +} diff --git a/t/auth_enc_ccm_test_vector_ltc.t b/t/auth_enc_ccm_test_vector_ltc.t index eeb80c3..96ba863 100644 --- a/t/auth_enc_ccm_test_vector_ltc.t +++ b/t/auth_enc_ccm_test_vector_ltc.t @@ -7,14 +7,14 @@ use Crypt::AuthEnc::CCM qw( ccm_encrypt_authenticate ccm_decrypt_verify ); sub do_test { my %a = @_; - - my $key = pack("H*", $a{key}); + + my $key = pack("H*", $a{key}); my $nonce = pack("H*", $a{nonce}); my $header = pack("H*", $a{header}); my $plaintext = pack("H*", $a{plaintext}); my $ciphertext = pack("H*", $a{ciphertext}); my $tag = pack("H*", $a{tag}); - + my ($ct3, $tag3) = ccm_encrypt_authenticate('AES', $key, $nonce, $header, length($tag), $plaintext); is(unpack('H*', $ct3), $a{ciphertext}, "enc: ciphertext"); is(unpack('H*', $tag3), $a{tag}, "enc: tag"); @@ -33,7 +33,7 @@ do_test(%$_) for ( ciphertext=>'588c979a61c663d2f066d0c2c0f989806d5f6b61dac384', tag=>'17e8d12cfdf926e0', }, - + #/* 13 byte nonce, 12 byte header, 19 byte pt */ { key=>'c0c1c2c3c4c5c6c7c8c9cacbcccdcecf', @@ -43,7 +43,7 @@ do_test(%$_) for ( ciphertext=>'a28c6865939a9a79faaa5c4c2a9d4a91cdac8c', tag=>'96c861b9c9e61ef1', }, - + #/* supplied by Brian Gladman */ { key=>'404142434445464748494a4b4c4d4e4f', @@ -53,7 +53,7 @@ do_test(%$_) for ( ciphertext=>'7162015b', tag=>'4dac255d', }, - + { key=>'c97c1f67ce371185514a8a19f2bdd52f', nonce=>'005030f1844408b5039776e70c', @@ -62,4 +62,4 @@ do_test(%$_) for ( ciphertext=>'f3d0a2fe9a3dbf2342a643e43246e80c3c04d019', tag=>'7845ce0b16f97623', }, -); +); diff --git a/t/auth_enc_eax_test_vector_ltc.t b/t/auth_enc_eax_test_vector_ltc.t index f196234..922b9c5 100644 --- a/t/auth_enc_eax_test_vector_ltc.t +++ b/t/auth_enc_eax_test_vector_ltc.t @@ -7,14 +7,14 @@ use Crypt::AuthEnc::EAX qw( eax_encrypt_authenticate eax_decrypt_verify ); sub do_test { my %a = @_; - - my $key = pack("H*", $a{key}); + + my $key = pack("H*", $a{key}); my $nonce = pack("H*", $a{nonce}); my $header = pack("H*", $a{header}); my $plaintext = pack("H*", $a{plaintext}); my $ciphertext = pack("H*", $a{ciphertext}); my $tag = pack("H*", $a{tag}); - + # encrypt my $m1 = Crypt::AuthEnc::EAX->new("AES", $key, $nonce); $m1->header_add($header); @@ -39,7 +39,7 @@ sub do_test { is(unpack('H*', $tag3), $a{tag}, "enc: tag"); my $pt3 = eax_decrypt_verify('AES', $key, $nonce, $header, $ciphertext, $tag); is(unpack('H*', $pt3), $a{plaintext}, "dec: plaintext"); - + } do_test(%$_) for ( @@ -77,7 +77,7 @@ do_test(%$_) for ( { #16, 16, 16, 32, key => '000102030405060708090a0b0c0d0e0f', - nonce => '000102030405060708090a0b0c0d0e0f', + nonce => '000102030405060708090a0b0c0d0e0f', header => '000102030405060708090a0b0c0d0e0f', plaintext => '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', ciphertext => '29d878d1a3be857b6fb8c8ea5950a778331fbf2ccf33986f35e8cf121dcb30bc', @@ -87,13 +87,13 @@ do_test(%$_) for ( { #16, 15, 14, 29, key => '000102030405060708090a0b0c0d0e0f', - nonce => '000102030405060708090a0b0c0d0e', + nonce => '000102030405060708090a0b0c0d0e', header => '000102030405060708090a0b0c0d', plaintext => '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c', ciphertext => 'dd25c754c5b17c5928b69b73155f7bb8888faf37091ad92c8a24db868b', tag => '0d1a14e52224ffd23a05fa02cdef52da', }, - + #/* Vectors from Brian Gladman */ { #16, 16, 8, 0, @@ -122,4 +122,4 @@ do_test(%$_) for ( ciphertext => 'd851d5bae0', tag => '3a59f238a23e39199dc9266626c40f80', }, -); +); diff --git a/t/auth_enc_gcm_test_vector_ltc.t b/t/auth_enc_gcm_test_vector_ltc.t index 6afbaab..901698d 100644 --- a/t/auth_enc_gcm_test_vector_ltc.t +++ b/t/auth_enc_gcm_test_vector_ltc.t @@ -7,14 +7,14 @@ use Crypt::AuthEnc::GCM qw( gcm_encrypt_authenticate gcm_decrypt_verify ); sub do_test { my %a = @_; - - my $key = pack("H*", $a{key}); + + my $key = pack("H*", $a{key}); my $adata = pack("H*", $a{adata}); my $iv = pack("H*", $a{iv}); my $plaintext = pack("H*", $a{plaintext}); my $ciphertext = pack("H*", $a{ciphertext}); my $tag = pack("H*", $a{tag}); - + # encrypt my $m1 = Crypt::AuthEnc::GCM->new("AES", $key); $m1->iv_add($iv); @@ -41,7 +41,7 @@ sub do_test { is(unpack('H*', $tag3), $a{tag}, "enc: tag"); my $pt3 = gcm_decrypt_verify('AES', $key, $iv, $adata, $ciphertext, $tag); is(unpack('H*', $pt3), $a{plaintext}, "dec: plaintext"); - + } do_test(%$_) for ( @@ -55,7 +55,7 @@ do_test(%$_) for ( # ciphertext => '', # tag => '58e2fccefa7e3061367f1d57a4e7455a', # }, - + #/* test case #2 */ { key => '00000000000000000000000000000000', @@ -65,7 +65,7 @@ do_test(%$_) for ( ciphertext => '0388dace60b6a392f328c2b971b2fe78', tag => 'ab6e47d42cec13bdf53a67b21257bddf', }, - + #/* test case #3 */ { key => 'feffe9928665731c6d6a8f9467308308', @@ -75,7 +75,7 @@ do_test(%$_) for ( ciphertext => '42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985', tag => '4d5c2af327cd64a62cf35abd2ba6fab4', }, - + #/* test case #4 */ { key => 'feffe9928665731c6d6a8f9467308308', @@ -85,7 +85,7 @@ do_test(%$_) for ( ciphertext => '42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091', tag => '5bc94fbc3221a5db94fae95ae7121a47', }, - + #/* test case #5 */ { key => 'feffe9928665731c6d6a8f9467308308', @@ -95,7 +95,7 @@ do_test(%$_) for ( ciphertext => '61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598', tag => '3612d2e79e3b0785561be14aaca2fccb', }, - + #/* test case #6 */ { key => 'feffe9928665731c6d6a8f9467308308', @@ -105,7 +105,7 @@ do_test(%$_) for ( ciphertext => '8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5', tag => '619cc5aefffe0bfa462af43c1699d050', }, - + #/* test case #46 from BG (catches the LTC bug of v1.15) */ { key => '00000000000000000000000000000000', @@ -115,4 +115,4 @@ do_test(%$_) for ( ciphertext => 'cbc8d2f15481a4cc7dd1e19aaa83de5678483ec359ae7dec2ab8d534e0906f4b4663faff58a8b2d733b845eef7c9b331e9e10eb2612c995feb1ac15a6286cce8b297a8', tag => '8d2d2a9372626f6bee8580276a6366bf', } -); +); diff --git a/t/auth_enc_ocb.t b/t/auth_enc_ocb.t index c98a698..df242cd 100644 --- a/t/auth_enc_ocb.t +++ b/t/auth_enc_ocb.t @@ -11,7 +11,7 @@ my $key = "12345678901234561234567890123456"; my $pt = "plain_half_12345"; my $ct; - my $m1 = Crypt::AuthEnc::OCB->new("AES", $key, "123456789012"); + my $m1 = Crypt::AuthEnc::OCB->new("AES", $key, "123456789012", 16); $m1->adata_add("adata-123456789012"); $ct = $m1->encrypt_add($pt); $ct .= $m1->encrypt_last($pt); @@ -20,7 +20,7 @@ my $key = "12345678901234561234567890123456"; is(unpack('H*', $ct), "4c85b38952e71220ecc323253547ae9b446f5a518717759ef8b0f24d5c4809a6", "enc: ciphertext"); is(unpack('H*', $tag), "bd7a6a0aaf24420f97bf239ea5740a40", "enc: tag"); - my $d1 = Crypt::AuthEnc::OCB->new("AES", $key, "123456789012"); + my $d1 = Crypt::AuthEnc::OCB->new("AES", $key, "123456789012", 16); $d1->adata_add("adata-123456789012"); my $pt2 = $d1->decrypt_last($ct); my $tag2 = $d1->decrypt_done(); @@ -30,7 +30,7 @@ my $key = "12345678901234561234567890123456"; } { - my ($ct, $tag) = ocb_encrypt_authenticate('AES', $key, "123456789012", "", "plain_half_12345plain_half_12345"); + my ($ct, $tag) = ocb_encrypt_authenticate('AES', $key, "123456789012", "", 16, "plain_half_12345plain_half_12345"); is(unpack('H*', $ct), "4c85b38952e71220ecc323253547ae9b446f5a518717759ef8b0f24d5c4809a6", "ocb_encrypt_authenticate: ciphertext (no header)"); is(unpack('H*', $tag), "dfdfab80aca060268c0cc467040af4f9", "ocb_encrypt_authenticate: tag (no header)"); my $pt = ocb_decrypt_verify('AES', $key, "123456789012", "", $ct, $tag); @@ -38,7 +38,7 @@ my $key = "12345678901234561234567890123456"; } { - my ($ct, $tag) = ocb_encrypt_authenticate('AES', $key, "123456789012", "adata-123456789012", "plain_half_12345plain_half_12345"); + my ($ct, $tag) = ocb_encrypt_authenticate('AES', $key, "123456789012", "adata-123456789012", 16, "plain_half_12345plain_half_12345"); is(unpack('H*', $ct), "4c85b38952e71220ecc323253547ae9b446f5a518717759ef8b0f24d5c4809a6", "ocb_encrypt_authenticate: ciphertext (no header)"); is(unpack('H*', $tag), "bd7a6a0aaf24420f97bf239ea5740a40", "ocb_encrypt_authenticate: tag (no header)"); my $pt = ocb_decrypt_verify('AES', $key, "123456789012", "adata-123456789012", $ct, $tag); diff --git a/t/auth_enc_ocb_test_vectors_ietf.t b/t/auth_enc_ocb_test_vectors_ietf.t index d8c3656..8e29a2c 100644 --- a/t/auth_enc_ocb_test_vectors_ietf.t +++ b/t/auth_enc_ocb_test_vectors_ietf.t @@ -1,7 +1,7 @@ use strict; use warnings; -use Test::More tests => 48; +use Test::More tests => 51; use Crypt::AuthEnc::OCB; my $count = 1; @@ -12,17 +12,18 @@ while (my $l = ) { chomp($l); next if $l =~ /^#/; $l =~ s/[\s\t]+/ /g; - + if ($l eq '') { next unless defined $d->{C}; - my $K = pack('H*', '000102030405060708090A0B0C0D0E0F'); - my $N = pack('H*', '000102030405060708090A0B'); my $A = pack('H*', $d->{A}); my $P = pack('H*', $d->{P}); my $C = pack('H*', $d->{C}); - + my $K = pack('H*', $d->{K}); + my $N = pack('H*', $d->{N}); + my $tag_len = $d->{T} * 1; + { #ENCRYPT - my $m = Crypt::AuthEnc::OCB->new('AES', $K, $N); + my $m = Crypt::AuthEnc::OCB->new('AES', $K, $N, $tag_len); $m->adata_add($A); my $ct = $m->encrypt_last($P); my $t = $m->encrypt_done(); @@ -30,115 +31,146 @@ while (my $l = ) { } { #DECRYPT - my $m = Crypt::AuthEnc::OCB->new('AES', $K, $N); + my $m = Crypt::AuthEnc::OCB->new('AES', $K, $N, $tag_len); $m->adata_add($A); - my $pt = $m->decrypt_last(substr($C,0,-16)); + my $pt = $m->decrypt_last(substr($C,0,-$tag_len)); my $t = $m->decrypt_done(); is(unpack('H*', $pt), lc($d->{P}), "decrypt/$count/a aad_len=" . length($A) . " pt_len=" . length($P)); - is(unpack('H*', $t), unpack('H*', substr($C,-16)), "decrypt/$count/b aad_len=" . length($A) . " pt_len=" . length($P)); + is(unpack('H*', $t), unpack('H*', substr($C,-$tag_len)), "decrypt/$count/b aad_len=" . length($A) . " pt_len=" . length($P)); } - # $text .= "\t{ /* index:" . ($count-1) . " */\n"; - # $text .= "\t " . length($P) . ", /* PLAINTEXT length */\n"; - # $text .= "\t " . length($A) . ", /* AAD length */\n"; - # $text .= "\t { " . join(',', map { sprintf("0x%02x",unpack('C',$_)) } split(//, $P)) . " }, /* PLAINTEXT */\n"; - # $text .= "\t { " . join(',', map { sprintf("0x%02x",unpack('C',$_)) } split(//, $A)) . " }, /* AAD */\n"; - # $text .= "\t { " . join(',', map { sprintf("0x%02x",unpack('C',$_)) } split(//, substr($C,0,-16))) . " }, /* CIPHERTEXT */\n"; - # $text .= "\t { " . join(',', map { sprintf("0x%02x",unpack('C',$_)) } split(//, substr($C,-16))) . " }, /* TAG */\n"; - # $text .= "\t},\n"; - $d = {}; $count++; } else { my ($k, $v) = split /:/, $l; + $v = "" if !defined $v; + $v =~ s/\s//g; $d->{$k} = $v; } - + } #print $text; __DATA__ -# -# test vectors from: http://tools.ietf.org/html/draft-krovetz-ocb-03 -# -# This section gives sample output values for various inputs when using -# the AEAD_AES_128_OCB_TAGLEN128 parameters defined in Section 3.1. All -# strings are represented in hexadecimal (eg, 0F represents the -# bitstring 00001111). -# -# Each of the following (A,P,C) triples show the ciphertext C that -# results from OCB-ENCRYPT(K,N,A,P) when K and N are fixed with the -# values -# -#K : 000102030405060708090A0B0C0D0E0F -#N : 000102030405060708090A0B -# -#An empty entry indicates the empty string. - +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221100 A: P: -C:197B9C3C441D3C83EAFB2BEF633B9182 +C: 785407BFFFC8AD9EDCC5520AC9111EE6 -A:0001020304050607 -P:0001020304050607 -C:92B657130A74B85A16DC76A46D47E1EAD537209E8A96D14E +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221101 +A: 0001020304050607 +P: 0001020304050607 +C: 6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009 -A:0001020304050607 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221102 +A: 0001020304050607 P: -C:98B91552C8C009185044E30A6EB2FE21 +C: 81017F8203F081277152FADE694A0A00 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221103 A: -P:0001020304050607 -C:92B657130A74B85A971EFFCAE19AD4716F88E87B871FBEED +P: 0001020304050607 +C: 45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9 -A:000102030405060708090A0B0C0D0E0F -P:000102030405060708090A0B0C0D0E0F -C:BEA5E8798DBE7110031C144DA0B26122776C9924D6723A1FC4524532AC3E5BEB +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221104 +A: 000102030405060708090A0B0C0D0E0F +P: 000102030405060708090A0B0C0D0E0F +C: 571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358 -A:000102030405060708090A0B0C0D0E0F +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221105 +A: 000102030405060708090A0B0C0D0E0F P: -C:7DDB8E6CEA6814866212509619B19CC6 +C: 8CF761B6902EF764462AD86498CA6B97 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221106 A: -P:000102030405060708090A0B0C0D0E0F -C:BEA5E8798DBE7110031C144DA0B2612213CC8B747807121A4CBB3E4BD6B456AF +P: 000102030405060708090A0B0C0D0E0F +C: 5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D -A:000102030405060708090A0B0C0D0E0F1011121314151617 -P:000102030405060708090A0B0C0D0E0F1011121314151617 -C:BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D485FA94FC3F38820F1DC3F3D1FD4E55E1C +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221107 +A: 000102030405060708090A0B0C0D0E0F1011121314151617 +P: 000102030405060708090A0B0C0D0E0F1011121314151617 +C: 1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F -A:000102030405060708090A0B0C0D0E0F1011121314151617 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221108 +A: 000102030405060708090A0B0C0D0E0F1011121314151617 P: -C:282026DA3068BC9FA118681D559F10F6 +C: 6DC225A071FC1B9F7C69F93B0F1E10DE +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA99887766554433221109 A: -P:000102030405060708090A0B0C0D0E0F1011121314151617 -C:BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D486EF2F52587FDA0ED97DC7EEDE241DF68 +P: 000102030405060708090A0B0C0D0E0F1011121314151617 +C: 221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF -A:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -P:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -C:BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CBB2A040DD3BD5164372D76D7BB6824240 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110A +A: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +P: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +C: BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240 -A:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110B +A: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F P: -C:E1E072633BADE51A60E85951D9C42A1B +C: FE80690BEE8A485D11F32965BC9D2A32 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110C A: -P:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -C:BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB4A3BAE824465CFDAF8C41FC50C7DF9D9 +P: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +C: 2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF -A:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 -P:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 -C:BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635659C623211DEEA0DE30D2C381879F4C8 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110D +A: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +P: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +C: D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60 -A:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110E +A: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 P: -C:7AEB7A69A1687DD082CA27B0D9A37096 +C: C5CD9D1850C141E358649994EE701B68 +T: 16 +K: 000102030405060708090A0B0C0D0E0F +N: BBAA9988776655443322110F A: -P:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 -C:BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635060C8467F4ABAB5E8B3C2067A2E115DC +P: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +C: 4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479 -LAST_ITEM_PLACEHOLDER_DO_NOT_DELETE!!! \ No newline at end of file +T: 12 +K: 0F0E0D0C0B0A09080706050403020100 +N: BBAA9988776655443322110D +A: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +P: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 +C: 1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA + +LAST_ITEM_PLACEHOLDER_DO_NOT_DELETE!!! diff --git a/t/checksum.t b/t/checksum.t index b61a4b1..53488da 100644 --- a/t/checksum.t +++ b/t/checksum.t @@ -1,47 +1,103 @@ use strict; use warnings; -use Test::More tests => 24; +use Test::More tests => 56; -use Crypt::Checksum ':all'; -use Crypt::Checksum::Adler32; -use Crypt::Checksum::CRC32; +use Crypt::Checksum::Adler32 ':all'; +use Crypt::Checksum::CRC32 ':all'; -my $a32 = Crypt::Checksum::Adler32->new; -is($a32->hexdigest, "00000001"); -is($a32->hexdigest, "00000001"); -$a32->add("a"); -is($a32->hexdigest, "00620062"); -$a32->reset; -is($a32->hexdigest, "00000001"); -$a32->add("abc"); -is($a32->hexdigest, "024d0127"); -$a32->reset; -$a32->add("abc"); -$a32->add("abc"); -is($a32->hexdigest, "080c024d"); -$a32->reset; -$a32->add("abcabc"); -is($a32->hexdigest, "080c024d"); -$a32->reset; -$a32->add("\xFF" x 32); -is($a32->hexdigest, "0e2e1fe1"); -is(adler32_data_hex("a"), "00620062"); -is(adler32_data("a"), pack("H*","00620062")); +{ + my $a32 = Crypt::Checksum::Adler32->new; + is($a32->hexdigest, "00000001"); + $a32->add("a"); + is($a32->hexdigest, "00620062"); + $a32->reset; + is($a32->hexdigest, "00000001"); + $a32->add("abc"); + is($a32->hexdigest, "024d0127"); + $a32->reset; + $a32->add("abc"); + $a32->add("abc"); + is($a32->hexdigest, "080c024d"); + $a32->reset; + $a32->add("abc", "abc"); + is($a32->hexdigest, "080c024d"); + $a32->reset; + $a32->add("abcabc"); + is($a32->hexdigest, "080c024d"); + $a32->reset; + $a32->add("\xFF" x 32); + is($a32->hexdigest, "0e2e1fe1"); + is($a32->intdigest, 237903841); + is($a32->digest, pack("H*", "0e2e1fe1")); -is(crc32_data_hex("a"), "e8b7be43"); -is(crc32_data_hex("libtomcrypt"), "b37376ef"); -is(crc32_data_hex("This is the test string"), "6d680973"); -is(crc32_data_int("This is the test string"), 1835534707); -is(crc32_data_hex("This is another test string"), "806e15e9"); -is(crc32_data_int("This is another test string"), 2154698217); + is(adler32_data_hex("aaa"), "02490124"); + is(adler32_data_int("aaa"), 38338852); + is(adler32_data("aaa"), pack("H*","02490124")); + is(adler32_data_hex("a","a","a"), "02490124"); + is(adler32_data_int("a","a","a"), 38338852); + is(adler32_data("a","a","a"), pack("H*","02490124")); -is(crc32_file_hex("t/data/binary-test.file"), "24111fed"); -is(crc32_file_hex("t/data/text-CR.file"), "1ca430c6"); -is(crc32_file_hex("t/data/text-CRLF.file"), "4d434dfb"); -is(crc32_file_hex("t/data/text-LF.file"), "9f9b8258"); + is(adler32_data_hex("libtomcrypt"), "1be804ba"); + is(adler32_data_hex("This is the test string"), "6363088d"); + is(adler32_data_int("This is the test string"), 1667434637); + is(adler32_data_hex("This is another test string"), "8b900a3d"); + is(adler32_data_int("This is another test string"), 2341472829); -is(adler32_file_hex("t/data/binary-test.file"), "f35fb68a"); -is(adler32_file_hex("t/data/text-CR.file"), "948e2644"); -is(adler32_file_hex("t/data/text-CRLF.file"), "3f0e2702"); -is(adler32_file_hex("t/data/text-LF.file"), "86ba260b"); + is(adler32_file("t/data/binary-test.file"), pack("H*", "f35fb68a")); + is(adler32_file_int("t/data/binary-test.file"), 4083136138); + is(adler32_file_hex("t/data/binary-test.file"), "f35fb68a"); + is(Crypt::Checksum::Adler32->new->addfile("t/data/binary-test.file")->hexdigest, "f35fb68a"); + + is(adler32_file_hex("t/data/text-CR.file"), "948e2644"); + is(adler32_file_hex("t/data/text-CRLF.file"), "3f0e2702"); + is(adler32_file_hex("t/data/text-LF.file"), "86ba260b"); +} + +{ + my $a32 = Crypt::Checksum::CRC32->new; + is($a32->hexdigest, "00000000"); + $a32->add("a"); + is($a32->hexdigest, "e8b7be43"); + $a32->reset; + is($a32->hexdigest, "00000000"); + $a32->add("abc"); + is($a32->hexdigest, "352441c2"); + $a32->reset; + $a32->add("abc"); + $a32->add("abc"); + is($a32->hexdigest, "726e994c"); + $a32->reset; + $a32->add("abc", "abc"); + is($a32->hexdigest, "726e994c"); + $a32->reset; + $a32->add("abcabc"); + is($a32->hexdigest, "726e994c"); + $a32->reset; + $a32->add("\xFF" x 32); + is($a32->hexdigest, "ff6cab0b"); + is($a32->intdigest, 4285311755); + is($a32->digest, pack("H*", "ff6cab0b")); + + is(crc32_data_hex("aaa"), "f007732d"); + is(crc32_data_int("aaa"), 4027020077); + is(crc32_data("aaa"), pack("H*","f007732d")); + is(crc32_data_hex("a","a","a"), "f007732d"); + is(crc32_data_int("a","a","a"), 4027020077); + is(crc32_data("a","a","a"), pack("H*","f007732d")); + + is(crc32_data_hex("libtomcrypt"), "b37376ef"); + is(crc32_data_hex("This is the test string"), "6d680973"); + is(crc32_data_int("This is the test string"), 1835534707); + is(crc32_data_hex("This is another test string"), "806e15e9"); + is(crc32_data_int("This is another test string"), 2154698217); + + is(crc32_file("t/data/binary-test.file"), pack("H*", "24111fed")); + is(crc32_file_int("t/data/binary-test.file"), 605102061); + is(crc32_file_hex("t/data/binary-test.file"), "24111fed"); + is(Crypt::Checksum::CRC32->new->addfile("t/data/binary-test.file")->hexdigest, "24111fed"); + + is(crc32_file_hex("t/data/text-CR.file"), "1ca430c6"); + is(crc32_file_hex("t/data/text-CRLF.file"), "4d434dfb"); + is(crc32_file_hex("t/data/text-LF.file"), "9f9b8258"); +} diff --git a/t/cipher_aes_test_vectors_bc.t b/t/cipher_aes_test_vectors_bc.t index fac267c..0fff828 100644 --- a/t/cipher_aes_test_vectors_bc.t +++ b/t/cipher_aes_test_vectors_bc.t @@ -15,7 +15,7 @@ while (my $l = ) { my ($k, $v) = split /:/, $pair; $d->{$k} = $v; } - + my $c = Crypt::Cipher::AES->new(pack('H*',$d->{key})); my $result = pack('H*', $d->{pt}); $result = $c->encrypt($result) for(1..$d->{iter}); diff --git a/t/cipher_idea.t b/t/cipher_idea.t new file mode 100644 index 0000000..b8602dd --- /dev/null +++ b/t/cipher_idea.t @@ -0,0 +1,65 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 38; + +use Crypt::Cipher; +use Crypt::Cipher::IDEA; + +is( Crypt::Cipher::IDEA::blocksize, 8, '::blocksize'); +is( Crypt::Cipher::IDEA::keysize, 16, '::keysize'); +is( Crypt::Cipher::IDEA::max_keysize, 16, '::max_keysize'); +is( Crypt::Cipher::IDEA::min_keysize, 16, '::min_keysize'); +is( Crypt::Cipher::IDEA::default_rounds, 8, '::default_rounds'); + +is( Crypt::Cipher::IDEA->blocksize, 8, '->blocksize'); +is( Crypt::Cipher::IDEA->keysize, 16, '->keysize'); +is( Crypt::Cipher::IDEA->max_keysize, 16, '->max_keysize'); +is( Crypt::Cipher::IDEA->min_keysize, 16, '->min_keysize'); +is( Crypt::Cipher::IDEA->default_rounds, 8, '->default_rounds'); + +my $min_key = 'kkkkkkkkkkkkkkkk'; +my $max_key = 'KKKKKKKKKKKKKKKK'; + +is( Crypt::Cipher::blocksize('IDEA'), 8, 'Cipher->blocksize'); +is( Crypt::Cipher::keysize('IDEA'), 16, 'Cipher->keysize'); +is( Crypt::Cipher::max_keysize('IDEA'), 16, 'Cipher->max_keysize'); +is( Crypt::Cipher::min_keysize('IDEA'), 16, 'Cipher->min_keysize'); +is( Crypt::Cipher::default_rounds('IDEA'), 8, 'Cipher->default_rounds'); + +is( Crypt::Cipher->blocksize('IDEA'), 8, 'Cipher->blocksize'); +is( Crypt::Cipher->keysize('IDEA'), 16, 'Cipher->keysize'); +is( Crypt::Cipher->max_keysize('IDEA'), 16, 'Cipher->max_keysize'); +is( Crypt::Cipher->min_keysize('IDEA'), 16, 'Cipher->min_keysize'); +is( Crypt::Cipher->default_rounds('IDEA'), 8, 'Cipher->default_rounds'); + +is( Crypt::Cipher::IDEA->new($min_key)->blocksize, 8, 'IDEA->new()->blocksize'); +is( Crypt::Cipher::IDEA->new($min_key)->keysize, 16, 'IDEA->new()->keysize'); +is( Crypt::Cipher::IDEA->new($min_key)->max_keysize, 16, 'IDEA->new()->max_keysize'); +is( Crypt::Cipher::IDEA->new($min_key)->min_keysize, 16, 'IDEA->new()->min_keysize'); +is( Crypt::Cipher::IDEA->new($min_key)->default_rounds, 8, 'IDEA->new()->default_rounds'); + +is( Crypt::Cipher->new('IDEA', $min_key)->blocksize, 8, 'Cipher->new()->blocksize'); +is( Crypt::Cipher->new('IDEA', $min_key)->keysize, 16, 'Cipher->new()->keysize'); +is( Crypt::Cipher->new('IDEA', $min_key)->max_keysize, 16, 'Cipher->new()->max_keysize'); +is( Crypt::Cipher->new('IDEA', $min_key)->min_keysize, 16, 'Cipher->new()->min_keysize'); +is( Crypt::Cipher->new('IDEA', $min_key)->default_rounds, 8, 'Cipher->new()->default_rounds'); + +my $block_plain = 'BBBBBBBB'; +my $block_encrypted_min_key_hex = '02bb362ef47743bc'; +my $block_encrypted_max_key_hex = '041aa0caeb50668f'; + +is( unpack('H*', Crypt::Cipher::IDEA->new($min_key)->encrypt($block_plain)), $block_encrypted_min_key_hex, 'IDEA->encrypt'); +is( Crypt::Cipher::IDEA->new($min_key)->decrypt(pack('H*', $block_encrypted_min_key_hex)), $block_plain, 'IDEA->decrypt'); + +is( unpack('H*', Crypt::Cipher->new('IDEA', $min_key)->encrypt($block_plain)), $block_encrypted_min_key_hex, 'Cipher->encrypt'); +is( Crypt::Cipher->new('IDEA', $min_key)->decrypt(pack('H*', $block_encrypted_min_key_hex)), $block_plain, 'Cipher->decrypt'); + +is( unpack('H*', Crypt::Cipher::IDEA->new($max_key)->encrypt($block_plain)), $block_encrypted_max_key_hex, 'IDEA->encrypt'); +is( Crypt::Cipher::IDEA->new($max_key)->decrypt(pack('H*', $block_encrypted_max_key_hex)), $block_plain, 'IDEA->decrypt'); + +is( unpack('H*', Crypt::Cipher->new('IDEA', $max_key)->encrypt($block_plain)), $block_encrypted_max_key_hex, 'Cipher->encrypt'); +is( Crypt::Cipher->new('IDEA', $max_key)->decrypt(pack('H*', $block_encrypted_max_key_hex)), $block_plain, 'Cipher->decrypt'); + diff --git a/t/cipher_idea_compat.t b/t/cipher_idea_compat.t new file mode 100644 index 0000000..cfd4787 --- /dev/null +++ b/t/cipher_idea_compat.t @@ -0,0 +1,50 @@ +use strict; +use warnings; + +# tests from Crypt::IDEA + +use Test::More tests => 55; +use Crypt::Cipher::IDEA; + +my @TEST_SUITE = ( + [qw( 00010002000300040005000600070008 0000000100020003 11FBED2B01986DE5 )], + [qw( 00010002000300040005000600070008 0102030405060708 540E5FEA18C2F8B1 )], + [qw( 00010002000300040005000600070008 0019324B647D96AF 9F0A0AB6E10CED78 )], + [qw( 00010002000300040005000600070008 F5202D5B9C671B08 CF18FD7355E2C5C5 )], + [qw( 00010002000300040005000600070008 FAE6D2BEAA96826E 85DF52005608193D )], + [qw( 00010002000300040005000600070008 0A141E28323C4650 2F7DE750212FB734 )], + [qw( 00010002000300040005000600070008 050A0F14191E2328 7B7314925DE59C09 )], + [qw( 0005000A000F00140019001E00230028 0102030405060708 3EC04780BEFF6E20 )], + [qw( 3A984E2000195DB32EE501C8C47CEA60 0102030405060708 97BCD8200780DA86 )], + [qw( 006400C8012C019001F4025802BC0320 05320A6414C819FA 65BE87E7A2538AED )], + [qw( 9D4075C103BC322AFB03E7BE6AB30006 0808080808080808 F5DB1AC45E5EF9F9 )], +); + +# Run a cipher test case +sub test { + my ($case, $key, $in, $out) = @_; + + # Pack structures + my ($p_key, $p_in, $p_out) = map { pack("H*", $_) } ($key, $in, $out); + + # Create a new cipher + my $cipher = Crypt::Cipher::IDEA->new($p_key); + isa_ok( $cipher, "Crypt::Cipher", "(c$case) Test object construction" ); + + # Key tests + is( $cipher->blocksize(), 8, "(c$case) Test cipher block size" ); + is( $cipher->keysize(), 16, "(c$case) Test cipher key size" ); + + # Encrypt + my $e_test = uc unpack("H*", $cipher->encrypt($p_in)); + is( $e_test, $out, "(c$case) Test Encryption" ); + + # Decrypt + my $d_test = uc unpack("H*", $cipher->decrypt($p_out)); + is( $d_test, $in, "(c$case) Test Decryption" ); +} + +# Run all test cases +for (my $i = 0; $i <= $#TEST_SUITE; $i++) { + test($i, @{ $TEST_SUITE[$i] }); +} diff --git a/t/cipher_seed_test_vectors_bc.t b/t/cipher_seed_test_vectors_bc.t index a0b28f1..5093e1c 100644 --- a/t/cipher_seed_test_vectors_bc.t +++ b/t/cipher_seed_test_vectors_bc.t @@ -13,7 +13,7 @@ while (my $l = ) { my ($k, $v) = split /:/, $pair; $d->{$k} = $v; } - + my $c = Crypt::Cipher::SEED->new(pack('H*',$d->{key})); my $result = pack('H*', $d->{pt}); $result = $c->encrypt($result) for(1..$d->{iter}); diff --git a/t/cipher_serpent.t b/t/cipher_serpent.t new file mode 100644 index 0000000..e4a355f --- /dev/null +++ b/t/cipher_serpent.t @@ -0,0 +1,65 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 38; + +use Crypt::Cipher; +use Crypt::Cipher::Serpent; + +is( Crypt::Cipher::Serpent::blocksize, 16, '::blocksize'); +is( Crypt::Cipher::Serpent::keysize, 32, '::keysize'); +is( Crypt::Cipher::Serpent::max_keysize, 32, '::max_keysize'); +is( Crypt::Cipher::Serpent::min_keysize, 16, '::min_keysize'); +is( Crypt::Cipher::Serpent::default_rounds, 32, '::default_rounds'); + +is( Crypt::Cipher::Serpent->blocksize, 16, '->blocksize'); +is( Crypt::Cipher::Serpent->keysize, 32, '->keysize'); +is( Crypt::Cipher::Serpent->max_keysize, 32, '->max_keysize'); +is( Crypt::Cipher::Serpent->min_keysize, 16, '->min_keysize'); +is( Crypt::Cipher::Serpent->default_rounds, 32, '->default_rounds'); + +my $min_key = 'kkkkkkkkkkkkkkkk'; +my $max_key = 'KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK'; + +is( Crypt::Cipher::blocksize('Serpent'), 16, 'Cipher->blocksize'); +is( Crypt::Cipher::keysize('Serpent'), 32, 'Cipher->keysize'); +is( Crypt::Cipher::max_keysize('Serpent'), 32, 'Cipher->max_keysize'); +is( Crypt::Cipher::min_keysize('Serpent'), 16, 'Cipher->min_keysize'); +is( Crypt::Cipher::default_rounds('Serpent'), 32, 'Cipher->default_rounds'); + +is( Crypt::Cipher->blocksize('Serpent'), 16, 'Cipher->blocksize'); +is( Crypt::Cipher->keysize('Serpent'), 32, 'Cipher->keysize'); +is( Crypt::Cipher->max_keysize('Serpent'), 32, 'Cipher->max_keysize'); +is( Crypt::Cipher->min_keysize('Serpent'), 16, 'Cipher->min_keysize'); +is( Crypt::Cipher->default_rounds('Serpent'), 32, 'Cipher->default_rounds'); + +is( Crypt::Cipher::Serpent->new($min_key)->blocksize, 16, 'Serpent->new()->blocksize'); +is( Crypt::Cipher::Serpent->new($min_key)->keysize, 32, 'Serpent->new()->keysize'); +is( Crypt::Cipher::Serpent->new($min_key)->max_keysize, 32, 'Serpent->new()->max_keysize'); +is( Crypt::Cipher::Serpent->new($min_key)->min_keysize, 16, 'Serpent->new()->min_keysize'); +is( Crypt::Cipher::Serpent->new($min_key)->default_rounds, 32, 'Serpent->new()->default_rounds'); + +is( Crypt::Cipher->new('Serpent', $min_key)->blocksize, 16, 'Cipher->new()->blocksize'); +is( Crypt::Cipher->new('Serpent', $min_key)->keysize, 32, 'Cipher->new()->keysize'); +is( Crypt::Cipher->new('Serpent', $min_key)->max_keysize, 32, 'Cipher->new()->max_keysize'); +is( Crypt::Cipher->new('Serpent', $min_key)->min_keysize, 16, 'Cipher->new()->min_keysize'); +is( Crypt::Cipher->new('Serpent', $min_key)->default_rounds, 32, 'Cipher->new()->default_rounds'); + +my $block_plain = 'BBBBBBBBBBBBBBBB'; +my $block_encrypted_min_key_hex = '094d7ab58dc7b85796ffe99969ddef9a'; +my $block_encrypted_max_key_hex = '93b33ee7b88de79c6045e461552403f0'; + +is( unpack('H*', Crypt::Cipher::Serpent->new($min_key)->encrypt($block_plain)), $block_encrypted_min_key_hex, 'Serpent->encrypt'); +is( Crypt::Cipher::Serpent->new($min_key)->decrypt(pack('H*', $block_encrypted_min_key_hex)), $block_plain, 'Serpent->decrypt'); + +is( unpack('H*', Crypt::Cipher->new('Serpent', $min_key)->encrypt($block_plain)), $block_encrypted_min_key_hex, 'Cipher->encrypt'); +is( Crypt::Cipher->new('Serpent', $min_key)->decrypt(pack('H*', $block_encrypted_min_key_hex)), $block_plain, 'Cipher->decrypt'); + +is( unpack('H*', Crypt::Cipher::Serpent->new($max_key)->encrypt($block_plain)), $block_encrypted_max_key_hex, 'Serpent->encrypt'); +is( Crypt::Cipher::Serpent->new($max_key)->decrypt(pack('H*', $block_encrypted_max_key_hex)), $block_plain, 'Serpent->decrypt'); + +is( unpack('H*', Crypt::Cipher->new('Serpent', $max_key)->encrypt($block_plain)), $block_encrypted_max_key_hex, 'Cipher->encrypt'); +is( Crypt::Cipher->new('Serpent', $max_key)->decrypt(pack('H*', $block_encrypted_max_key_hex)), $block_plain, 'Cipher->decrypt'); + diff --git a/t/cipher_serpent_compat.t b/t/cipher_serpent_compat.t new file mode 100644 index 0000000..786cf8f --- /dev/null +++ b/t/cipher_serpent_compat.t @@ -0,0 +1,29 @@ +use strict; +use warnings; + +# tests from Crypt::Serpent + +use Test::More tests => 12; +use Crypt::Cipher::Serpent; + +while () { + if (/key=(\S+)\sptext=(\S+)\sctext=(\S+)/) { + my $key = pack "H*", $1; + my $plaintext = pack "H*", $2; + my $ciphertext = pack "H*", $3; + my $crypt = Crypt::Cipher::Serpent->new($key); + my $ctext = $crypt->encrypt($plaintext); + my $ptext = $crypt->decrypt($ctext); + is($ctext, $ciphertext); + is($ptext, $plaintext); + } +} + +__DATA__ + +key=00000000000000000000000000000080 ptext=00000000000000000000000000000000 ctext=ddd26b98a5ffd82c05345a9dadbfaf49 +key=00080000000000000000000000000000 ptext=00000000000000000000000000000000 ctext=cfbd333352a34ed7f73d3e569d78c693 +key=000000000000000000000000000000004000000000000000 ptext=00000000000000000000000000000000 ctext=53bd3e8475db67f72910b945bf8c768e +key=000000000000000000000000000000010000000000000000 ptext=00000000000000000000000000000000 ctext=deab7388a6f1c61d41e25a0d88f062c4 +key=0000000000000000000000800000000000000000000000000000000000000000 ptext=00000000000000000000000000000000 ctext=ad4b018d50e3a28124a0a1259dc667d4 +key=4000000000000000000000000000000000000000000000000000000000000000 ptext=00000000000000000000000000000000 ctext=eae1d405570174df7df2f9966d509159 diff --git a/t/cipher_stream.t b/t/cipher_stream.t index 7fcd310..4598d80 100644 --- a/t/cipher_stream.t +++ b/t/cipher_stream.t @@ -1,11 +1,14 @@ use strict; use warnings; -use Test::More tests => 6; +use Test::More tests => 20; use Crypt::Stream::RC4; use Crypt::Stream::Sober128; use Crypt::Stream::ChaCha; +use Crypt::Stream::Salsa20; +use Crypt::Stream::Sosemanuk; +use Crypt::Stream::Rabbit; { my $key = pack("H*", "0123456789abcdef"); @@ -21,8 +24,8 @@ use Crypt::Stream::ChaCha; my $key = pack("H*", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); my $iv = pack("H*", "000000000000004a00000000"); my $ct = pack("H*", "6E2E359A2568F98041BA0728DD0D6981E97E7AEC1D4360C20A27AFCCFD9FAE0BF91B65C5524733AB". - "8F593DABCD62B3571639D624E65152AB8F530C359F0861D807CA0DBF500D6A6156A38E088A22B65E". - "52BC514D16CCF806818CE91AB77937365AF90BBF74A35BE6B40B8EEDF2785E42874D"); + "8F593DABCD62B3571639D624E65152AB8F530C359F0861D807CA0DBF500D6A6156A38E088A22B65E". + "52BC514D16CCF806818CE91AB77937365AF90BBF74A35BE6B40B8EEDF2785E42874D"); my $pt = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it."; my $enc = Crypt::Stream::ChaCha->new($key, $iv, 1, 20)->crypt($pt); my $dec = Crypt::Stream::ChaCha->new($key, $iv, 1, 20)->crypt($ct); @@ -40,3 +43,74 @@ use Crypt::Stream::ChaCha; is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Sober128 encrypt"); is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Sober128 decrypt"); } + +{ + my $key = pack("H*", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + my $iv = pack("H*", "000000000000004a"); + my $ct = pack("H*", "CB68DCC5725E0EB8ADB47F526DCF821AD3E95D87EB4FAB3E92BE23CFF6C462CC1193527AC840DC43". + "772891D89A4AD56871EA7E5119B167C6FDAD7507F4A86DCE33326D570C62876EAE76210C4F3F8B77". + "C3EB7301C812FE432DE52C5A0665EA976F9C9D67EBB01A1657F4C67758BBAA2D2D12"); + my $pt = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it."; + my $enc = Crypt::Stream::Salsa20->new($key, $iv, 1, 20)->crypt($pt); + my $dec = Crypt::Stream::Salsa20->new($key, $iv, 1, 20)->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Salsa encrypt"); + is($dec, $pt, "Crypt::Stream::Salsa decrypt"); +} + +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $iv = pack("H*", "11223344"); + my $ct = pack("H*", "c57260e45b747f4223c2fb3b372c3c0f8091686e"); + my $pt = pack("H*", "f31f8df318512fe05a6ee39aec075c2318071d27"); + my $enc = Crypt::Stream::Sosemanuk->new($key, $iv)->crypt($pt); + my $dec = Crypt::Stream::Sosemanuk->new($key, $iv)->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Sosemanuk encrypt"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Sosemanuk decrypt"); +} +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $ct = pack("H*", "366ded17432550a279ac18a1db2b602c98967549"); + my $pt = pack("H*", "f31f8df318512fe05a6ee39aec075c2318071d27"); + my $enc = Crypt::Stream::Sosemanuk->new($key, "")->crypt($pt); + my $dec = Crypt::Stream::Sosemanuk->new($key, "")->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Sosemanuk encrypt (empty IV)"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Sosemanuk decrypt (empty IV)"); +} +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $ct = pack("H*", "366ded17432550a279ac18a1db2b602c98967549"); + my $pt = pack("H*", "f31f8df318512fe05a6ee39aec075c2318071d27"); + my $enc = Crypt::Stream::Sosemanuk->new($key)->crypt($pt); + my $dec = Crypt::Stream::Sosemanuk->new($key)->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Sosemanuk encrypt (no IV)"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Sosemanuk decrypt (no IV)"); +} + +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $iv = pack("H*", "1122334455"); + my $ct = pack("H*", "91d4ba9044faa26e08db767d34b88d5cf4c884db"); + my $pt = pack("H*", "0000000000000000000000000000000000000000"); + my $enc = Crypt::Stream::Rabbit->new($key, $iv)->crypt($pt); + my $dec = Crypt::Stream::Rabbit->new($key, $iv)->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Rabbit encrypt"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Rabbit decrypt"); +} +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $ct = pack("H*", "e8c99affb8ffb7541b6da2e06887994e800b70c9"); + my $pt = pack("H*", "0000000000000000000000000000000000000000"); + my $enc = Crypt::Stream::Rabbit->new($key)->crypt($pt); + my $dec = Crypt::Stream::Rabbit->new($key)->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Rabbit encrypt (no IV)"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Rabbit decrypt (no IV)"); +} +{ + my $key = pack("H*", "74657374206b65792031323862697473"); + my $ct = pack("H*", "442cf424c5da8d78000c6b874050260792ae8ce0"); + my $pt = pack("H*", "0000000000000000000000000000000000000000"); + my $enc = Crypt::Stream::Rabbit->new($key, "")->crypt($pt); + my $dec = Crypt::Stream::Rabbit->new($key, "")->crypt($ct); + is(unpack("H*", $enc), unpack("H*", $ct), "Crypt::Stream::Rabbit encrypt (empty IV)"); + is(unpack("H*", $dec), unpack("H*", $pt), "Crypt::Stream::Rabbit decrypt (empty IV)"); +} diff --git a/t/cipher_stream_rabbit.t b/t/cipher_stream_rabbit.t new file mode 100644 index 0000000..b8c6708 --- /dev/null +++ b/t/cipher_stream_rabbit.t @@ -0,0 +1,36 @@ +use strict; +use warnings; + +use Test::More tests => 3; +use Crypt::Stream::Rabbit; + +# https://metacpan.org/source/JCDUQUE/Crypt-Rabbit-1.0.0/t/02.t +# https://metacpan.org/source/JCDUQUE/Crypt-Rabbit-1.0.0/t/03.t +# https://metacpan.org/source/JCDUQUE/Crypt-Rabbit-1.0.0/t/04.t + +{ + my $key = pack "H32", 0; + my $cipher = Crypt::Stream::Rabbit->new($key); + my $ciphertext = pack "H64", "02f74a1c26456bf5ecd6a536f05457b1a78ac689476c697b390c9cc515d8e888"; + my $plaintext = $cipher->crypt($ciphertext); + my $answer = unpack "H*", $plaintext; + is($answer, "0000000000000000000000000000000000000000000000000000000000000000"); +} + +{ + my $key = pack "H32", "c21fcf3881cd5ee8628accb0a9890df8"; + my $cipher = Crypt::Stream::Rabbit->new($key); + my $plaintext = pack "H64", 0; + my $ciphertext = $cipher->crypt($plaintext); + my $answer = unpack "H*", $ciphertext; + is($answer, "3d02e0c730559112b473b790dee018dfcd6d730ce54e19f0c35ec4790eb6c74a"); +} + +{ + my $key = pack "H32", "1d272c6a2d8e3dfcac14056b78d633a0"; + my $cipher = Crypt::Stream::Rabbit->new($key); + my $plaintext = pack "H72", 0; + my $ciphertext = $cipher->crypt($plaintext); + my $answer = unpack "H*", $ciphertext; + is($answer, "a3a97abb80393820b7e50c4abb53823dc4423799c2efc9ffb3a4125f1f4c99a8ae953e56"); +} diff --git a/t/cipher_stream_salsa20.t b/t/cipher_stream_salsa20.t new file mode 100644 index 0000000..b5b20a1 --- /dev/null +++ b/t/cipher_stream_salsa20.t @@ -0,0 +1,14380 @@ +use strict; +use warnings; + +use Test::More tests => 2304; +use Crypt::Stream::Salsa20; + +# http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/reduced/12-rounds/verified.test-vectors?rev=161&view=markup +# http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/reduced/8-rounds/verified.test-vectors?rev=161&view=markup +# http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/verified.test-vectors?rev=161&view=markup + +my $pt = "\x00" x 140000; +my $t; +my $last; +my $rounds; + +while (my $l = ) { + chomp($l); + if ($l =~ /^(Set.+|End of test vectors)$/) { + if (defined $t->{key} && defined $t->{IV}) { + my $key = pack("H*", $t->{key}); + my $iv = pack("H*", $t->{IV}); + my $keylen = length $key; + my $ivlen = length $iv; + die "undefined rounds" unless $rounds; + my $enc = Crypt::Stream::Salsa20->new($key, $iv,0, $rounds)->crypt($pt); + for my $s (sort keys %$t) { + if ($s =~ /stream\[([0-9]+)..([0-9]+)\]/) { + my $data = substr($enc, $1, $2 - $1 + 1); + is(unpack("H*", $data), lc($t->{$s}), "$t->{comment} | $rounds=rounds keylen=$keylen ivlen=$ivlen | $s"); + } + } + } + $t = { comment => $l }; + $last = undef; + } + elsif ($l eq 'Primitive Name: Salsa20/8') { + $rounds = 8; + } + elsif ($l eq 'Primitive Name: Salsa20/12') { + $rounds = 12; + } + elsif ($l eq 'Primitive Name: Salsa20') { + $rounds = 20; + } + elsif ($l =~ /^\s+([0-9A-F]+)$/i) { + die "trouble with empty 'last'" if !defined $last; + $t->{$last} .= $1; + } + elsif ($l =~ /^\s+(\S+)\s*=\s*([0-9A-F]+)$/) { + $last = $1; + die "trouble with last=$last" if defined $t->{$last}; + $t->{$last} = $2; + } +} + +__DATA__ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: Salsa20/8 +========================= +Profile: SW & HW +Key size: 128 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = A9C9F888AB552A2D1BBFF9F36BEBEB33 + 7A8B4B107C75B63BAE26CB9A235BBA9D + 784F38BEFC3ADF4CD3E266687EA7B9F0 + 9BA650AE81EAC6063AE31FF12218DDC5 + stream[192..255] = BB5B6BB2CC8B8A0222DCCC1753ED4AEB + 23377ACCBD5D4C0B69A8A03BB115EF71 + 871BC10559080ACA7C68F0DEF32A80DD + BAF497259BB76A3853A7183B51CC4B9F + stream[256..319] = 4436CDC0BE39559F5E5A6B79FBDB2CAE + 4782910F27FFC2391E05CFC78D601AD8 + CD7D87B074169361D997D1BED9729C0D + EB23418E0646B7997C06AA84E7640CE3 + stream[448..511] = BEE85903BEA506B05FC04795836FAAAC + 7F93F785D473EB762576D96B4A65FFE4 + 63B34AAE696777FC6351B67C3753B89B + A6B197BD655D1D9CA86E067F4D770220 + xor-digest = 58499752D174577BFD3E4B5762576E0A + 7D9C5314F320C5E25FCCC23540F52D48 + 4E8DB98AC2744A1B788A571422BAE8F7 + E57859A4C44374797F0988D911A0DC73 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = EEB20BFB12025D2EE2BF33356644DCEF + 467D377176FA74B3C110377A40CFF1BF + 37EBD52A51750FB04B80C50AFD082354 + 9230B006F5994EBAAA521C7788F5E31C + stream[192..255] = 6F397C82EC0D708CBE01F7FFAC0109EE + E7D2C564046CE22B8F74DF12A111CBED + 9697A492C9147BFBB26613D8FFC29762 + DA009207E2038F7BCE7FBB53BF1D6128 + stream[256..319] = 278CD2F0E90E66BCEF73D0FEB66FB5AF + F2F2083C1B6C462E1F1E6D864F6A7473 + C0988F721AD673C23C4E70DDF67505AC + 017B84DFF1983BD1ED81F8D64C8D9347 + stream[448..511] = EB55A9195DEE506F1C56E99DF24AE40C + F7F942B577BA241692AC85EACEE58B38 + CE2F05F0E2C492D7FFAA07EF6CA36916 + 34BA12B68476C95F583F2723C498A6E7 + xor-digest = A497B3521388286F6F6BC714F1F5F4E0 + 1BEE3FA18543B04FA454157C378B1993 + 616916B0601114F60516AAAE15B6A149 + 3CD0196BFDD26999162C3A29E91FF987 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 714DA982330B4B52E88CD0AC151E77AB + 72EECEA2023139DA39FCCC3ABC12F83F + 455733EDC22808318F10499EA0FCEEB4 + 0F61EF121C39F62D92CA62DA885BDF21 + stream[192..255] = 2EE0006A6B8F39086D981B9F332330C6 + 25531E002B8A28E7AEDA658D4A59558E + 788CC2A24B073FA4E523F4BDA4EFF218 + 6AE54BADEA96283266035DCAB57CC935 + stream[256..319] = BD63C4E505BB28A14D2C25DA1A233905 + 578560105F7DF219653B8B3FB0436933 + 3B84259A1F2E866BC3F90EDC7192B03B + D83EEEB33CB9FD63D65BE8F5A8B93905 + stream[448..511] = 9DDBAAFAF7E490A32059C79D76854C17 + 0F3AEFAB39D3B16F964C9A36AB07DBA7 + A66AF2D1C73DE7732DB4E0D51ABB71B6 + 56EF23A130C4C1DD901523019FC75ACD + xor-digest = 6742A21F8190E3CA5A8EBC1F454D4807 + 64646E8919D4E243241440CDB8F01576 + 67E79A4C5349DD1F9A8ACE3D642E59C8 + 101D5ED1D80F2C20DA3BE4FE57C86D3A + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 78516F569C48CE781EEADD7861648833 + 3ED99FFC70DD8CA8D386486DAE2121A2 + 37FE4DBDFC1338BD603470533708A59C + 526E3A0466A439BB10790101DA3A342F + stream[192..255] = EF3CADD23A2ABFCB02835CD29777872A + CB36694FCC8CCAA1EFE4CABFD2446429 + 2E52D5EE2E71A372616D2E07A8054A8E + F6D37BEB5209B0D0858A5A97B0937F0F + stream[256..319] = A65405017E6B9369E806DAB5B85E8051 + 17439EFE4E24E90D51A32D7B47B65AE0 + 8E9E216492CCF7AB090B0E03E15A6D85 + E426D78568DC1BA39D4F710E39A4ED07 + stream[448..511] = 330885086270E10A64CF373C424A917D + DA6F4C0EA1A6FFBFF5ED1425301ABF3C + 276B95CB3335F25AD506DC8D7E7CD9AE + DD67008E73CA62BDC5968F9C9C0C034E + xor-digest = B7D13D3900A87E835BF1715B0A6EBD1F + 876F9678557EBBA267935B0CB79B71CF + 6FEAF0EC2CFEDBB498B7D7AC475E6021 + 828965E6FF764517C88CB4536624BD16 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 452532EAF196AAD7D60FA945697135F4 + 35AAF74CFCC81675CC6782C184CF06B0 + 3F50DB531902395EA7EF9B35A8824CD0 + 7C6BA842EF47E50782A699B668A624AC + stream[192..255] = 3B2F7C7E2A62EE9BD3B903A4F2B9E2F9 + BF4E569CAB5CD01C9E42F30BA811720E + 7961D33F1F9415CA7396F99A84CBF8FC + B21C458EEC06BAC69C4E53BDC111D975 + stream[256..319] = 59725D03330E7DBC611B8CACC980397D + 0E65CDA80C69D2EB407F97F553B45FAB + 98DF881797EECB167ABDDB89EA32F0C8 + 5D4F6E46B620BAC7F11AC63D32E995D8 + stream[448..511] = D66BC4FEC98FEA101E0513877A7C4BFE + D05D536F07F0F807057FDA44904EFD7A + 8909FC37BF187D5FAEEE178594AE6969 + 685A8752174C1B6CD0F5B55B3727B308 + xor-digest = 1ABCE128F08B654F6E7C7035393588B1 + D4DB5DDAE571678A002F100C203D0E03 + 5FBCC21FDEDA27835E757F85AD8B8B43 + 07EF4D37F4CCE5A6BC6396AB442FEE63 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 0000000000000000 + stream[0..63] = 2FC78557A987F16837973BEA8DCD7D10 + 0F633BB08DD179A833FC540459837B23 + 24D58C89080DC685A06280BE0A0F6018 + DB231C0F3CF2E70C4F6FD7659516D634 + stream[192..255] = 4E4526B3D9A1BD18C1A5C71F299465DF + 9651F8EA8F0FA68084392AAA6FA5D8C3 + 69568941C36A7FD27ECEFBB15FF0B4AF + C71B158445B8B10C89AE2CFA4B34A486 + stream[256..319] = C1AA4A8C888AE011D95485D48B94A1F9 + F21E3E6FEA9C7B52477644F69E2D9F4D + 7EE1F8BF0A7E1E846DB6A3715D6A3FAD + 5C5AA5C8D9AEACA85486B9A946403F3D + stream[448..511] = 9F3198790884423AAE689D697014A25B + 7007276148D33CDAD09500E4A954A357 + FA82D9B5407D66295D528945107F12E0 + 332819DFE1CEB91FE5029590418629A0 + xor-digest = 9871E7AA45717A2B0C54D4CE847F382A + D64F04E93D10DC70D6ADAD64733BDD5C + C1E54E3994E8402741487E4302D4A51C + 492C5B0E2DCE13E013A15315C755F405 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 0000000000000000 + stream[0..63] = 82D07E74D2C06674F745FBF3FB0555F4 + 9C337A062310BAB83A8510CE2F4A8A9E + D460F96CCD9C91C37433BAC0A0E0040E + 66D8ABE66A4FAAF7E28D38976F6A17D9 + stream[192..255] = C23B0C1FE9410B7D03B8B3395FDCE2A0 + CD98B7FEDE9701D1E163115E14E7B888 + 62A9DF85606808DDB1C78AD618A99235 + 70370315E803509B207891646E907A8E + stream[256..319] = 0C53C196F0BF02B99E07C38D669C9997 + 703D37F38932F49DD4BBCA62394C9C82 + B2DE44E076B3614D7D8A6F37A2D6129F + FD9998BE11FE5A362693DD892188B58A + stream[448..511] = 9ED70CCE2359423A06341EA80A0A19F4 + CCE223A6260E1361AFB48269CBAE6CFF + E55F69AE3F7CA1C5DBAD2FB4C40A30FF + 5346150168BE038671C8E591A41201BD + xor-digest = 3B6316D341EC17A767B7582A2EE3A1CF + A730C47CB02E92E8FDA06C7210619FEC + 4003C940A7F08F72183D2B3BE0F04BC2 + DEB4743B5E0E8F2B5911883AC76BB8A2 + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 0000000000000000 + stream[0..63] = 157890C4B0087062E201648A7E96F342 + 265863A22636A38B3BA67CD21B4CEAC7 + 7EF495EE6572650B1013BA5F62647240 + CC73360159EF7E7201A29844ABF2C13E + stream[192..255] = C82BC4AF671087758641B264EEACD0FB + 56E67D2774BC48E9714B284CFAD09C8C + 2E4CE5CF2965FEE7772173B0E386A0BD + C5E1D7112A7E8F9DDAA3073011C237C0 + stream[256..319] = 2AC3EC2897DCDB2FC2A25FEAD30D24FE + FDEE2D08FE45BCFE07799CF33EC3A051 + 099F12316EC0FB948A6640D013782859 + A43BB5270B252EE04AC0112E2C9A29C9 + stream[448..511] = E03777A666E20A55DE01AFDD7DCCE004 + CB77128738191A679A8A206E34F1210F + 12D5AAC3FB98CDA2D4E817F35509975A + A0F215AC8F06FECEC0A31C3CA72ACC42 + xor-digest = 8A61D3F972A404EDEFEC35F6AEEF6ACD + E36A3F0F1EC671D0FCF22D041A45687A + 55591C70CD120BF1A08F91EA17F0C47C + DFBBB5683F2AB4756CB030BED6D55047 + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 0000000000000000 + stream[0..63] = E4522CCF0A00DE07D16CD3214FF41A0E + 49145F226913A741E86673F4732ECA30 + FC7392785E2E77F8ED01001BB9CB63EB + 6447DFB8AF742A046F46B1D65872F5E9 + stream[192..255] = 5A93ED214863CF1B4B67010C1998D2D6 + 337286B51508019C9DC8393BF5BF1E83 + 74C862094BD44C1ADBD4DEC4328AE947 + 49B496E754ABCF153ED604FF0BA38229 + stream[256..319] = 965BBE8F68A976288316F729147E5519 + 7720CC7A2D6C90CC65AABAC772C3FE99 + 68B6DB151929CA66BC92B155B1EFA110 + 90AFF664DBBFB8E92D0361511CEDB20D + stream[448..511] = 96C3CED39C72409AB659409B4364797A + 9C3117F6BE80D5050481129E465358CB + 81AA03DF85CB979AA5AB9D9F75F07E88 + 9B3269B849C07C1F7F2ECD3E5433F2DA + xor-digest = F951CC778BC0E1217736CD2AD309ED90 + A15555CEA11E13BF71AC0AC55A585001 + F8701AC1C0208863DE3614113C1C3ED8 + A2C7E7C84B9B3A702DC2264A8D9A807F + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 0000000000000000 + stream[0..63] = 05FF9B90485DE76693FE86F109D6F9AF + E445C851DC1DA1ACD43F8F4724A0DF74 + 5BB5413455D490229B139E378D28098D + 63280A28F6344384A45D80151671BA03 + stream[192..255] = 0517E140CD1157EDEEA5236AB8EBC532 + C95185527DD506DBE60FFC6A96B84CF0 + 2865AD5FE3E9FAEC599B4E0B4858A9B7 + 40EDDA87B8646EC77D0A89D46FA8C8C4 + stream[256..319] = 7745361F8E28CB05D3188CB4CF114A94 + D03A66EBCE7ED5A49738B352679509D2 + 0BF9502FF9DA729528D4BFE4FBD10576 + 697B8F90585EEBB19625EA94E09B1967 + stream[448..511] = 68CFC4F550FCFE8644F95F7618ED59BC + D3C7C215C961B891284C784CCCA29432 + 040CFB4016D36E992C762F100A0EBEAA + 4E0254FAC3129FDBAB85165AE13286C3 + xor-digest = DFD7DEFC02C4A76B86EBC3512F29BC60 + 64F3DD92D002094065F9A02DB3585845 + D21708A27326953E67C650F6AEDE0A8D + 2E5CAAC90E41CE94AEF7EC6D5EE9455D + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 0000000000000000 + stream[0..63] = 4E4C778B3C0DFE1D34FF9A616ADBB205 + AA2855AB4415998F3DADD3E111DC322A + E00BFFCBC300DDED661BFC82D63706ED + B769559BBAA023003B590CA5537C99CB + stream[192..255] = 3EBEC9B4771FE7D30205E323ED0B084A + 2BB1C1559E68812611AED24AB20F1B43 + CA5E39D517B98DAE88CF03F122D4BA85 + A7DC86A19D426E1330060B1A8248F5E9 + stream[256..319] = 8B0547A837188E323861661F659F67C4 + 81DDB19DEDB33B4E886321175CA51A3E + 267C888029BDD7454D20906129369F7D + 302C8692867FAB7B27C9315E99472D03 + stream[448..511] = 2B03F0DE389D8749C3B23AFE8822D0EF + EC2E4F02483B062A6FFEB8EF495DCA15 + E8F46D5CB53AB7AE8974872253DCEB71 + 18CA37BCD610E831445BF68FF475FD2B + xor-digest = CE69F2238067D38F5CB4122CF79CE481 + A864C8177601A4DA56E602EDEDBB6639 + B6B9185B91A58AE4D49DBEFC43C2D5D3 + 6C94D47819543E41060BE8BF5461646C + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 0000000000000000 + stream[0..63] = 0346C54A065AC9779940C3F1674258CA + 603E7B78C4022D4984C2794F6C72FF2D + E06D1CD8DB1C8B616FD050D1A5E54D93 + 56D452F817987D56906B0C6DFF97D395 + stream[192..255] = E54D565152A5B776BC921B05170AE1E9 + C7E7B33EDE88B74286FA0686649D1A49 + 3FEEFD6227D63A6E3B8C3B3977D426BB + 33EFD59CBF0B393807218AE891BD29AA + stream[256..319] = 37DAACE15A677EA6E7E2ACC3A897B4D3 + EC8B0C32F7D18A2245FC337C21F5DF9C + 1C85DA16040468B813D765D63DB1BCDE + 57C6B41A4A3FD5523B504ADE2D2C5099 + stream[448..511] = D05E56A10EBCF446E3E07BDC88B26B0D + 85614AE78F2DA6ACAA1F7C6375CF47FD + 584FCEE4CDD646F495830E0AD49DA4B1 + 96CCC074B67E40C4E15CF96B50D227F9 + xor-digest = 125BCE67E0A4D1BC9F3E99F989C41019 + 41E75976D30FB7F492F33F79CE1E281B + 994C0B4AE17331E102D2E850C65CDEE1 + 621C53F0DE4710933C8D9933EB97C3DF + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 0000000000000000 + stream[0..63] = FEC1757CB5722AAB452B1E7E8A7382B4 + 9B72AB16FB1C7C50E0960943B417B976 + 5E8620899715BF97FC41D865D8C9F38E + FE79D39A56007706D96649C88561860A + stream[192..255] = BC9007C6DEC316C5DB279B18DA5C07E8 + 70155DC032B8EED16DB6FEAD5784534B + 08A09882C8E9F7791DBC1A7512D27B25 + D42F80BE61FB94EE643082DF4FE167F3 + stream[256..319] = B4D9BDEE5B73165AABFCE52C5FC338A0 + C0BF57A985E3333377D463B17EF5A02C + 4475508FB697A7F0130AC88E8A1D4A84 + 281AD13ECC7191C598366686DE55DC66 + stream[448..511] = E2F99407F98FCA990319231920A7A9FE + 0E780E12F4822D600D1401DF5E8B6E1D + 77FC82FEAC53A52C5CD14D875C4F6326 + BA8F8EF706A4A9CA0873F9F06D69DEA0 + xor-digest = D69030D6BC9386A6EFDD404F82BF938E + 061C27BDA5EDA09C674B8E18FF3EA236 + 418A76D9C4038A198B8E238E6C9C7111 + EE98337C7EE70192D30FFA9FF7A1E672 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 0000000000000000 + stream[0..63] = 2DC1D28AD3537E7AECE5A7BD757B0E56 + E75EE869BBAFAA0B148E24FAA89D6209 + 11C01825869209B0905D225B6A71358E + FD1F33011ECEB81F918293E77C6CBC69 + stream[192..255] = FD3C8BB4472FCD8E5D3DD97B1FBF9712 + 63C97DDAFB105BAABA24FB9B409B963F + DB7790F26E19DA0B41B3A4023BC3FA16 + 6EE4BF97BD5FB119671B34F9004F58D9 + stream[256..319] = 545A1D0EBDCCC12F4E9F802EBE828C1E + C8DC448DB801C6C48F1B4FABC6D09643 + FD76A68B52DD5AF8D4734924A6B3F0B9 + AD7BDE848477CE9580D101BD37DCA52B + stream[448..511] = 1E1D1E8DF03F3F48DD41B147FD6A8A63 + ABCA633CD576B5F4767ABEA5CD721CAA + DFEE6FE44D107C29256A6D65284B883A + 1C0CDF3B5E4780FD385DF19EEF1C412F + xor-digest = ADBEE1D8C71C5F4F5916FF689121C396 + 600702AABB23986678FA0EB4A8650306 + E1CD3A4135B1DC429C63504A6A20E89D + D969F703CAA56EE4B9C0E507CA098DA5 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 0000000000000000 + stream[0..63] = 06C80B8CEC60F0C2E73EB6ED5DCB1B9C + 39B210F1AB76FEDF1A6B7AE370DA0F20 + 0CEBCAD6EF6E57AC80E4375C035FA44D + 3AE4DC2C2507757DAF37B14F36643489 + stream[192..255] = 218AE79578CA357BB0E74152C1B63258 + 38E1F8DBA5B43515571905B51EAD76AC + 2BDEC397CC153E07EF7A956799157129 + 9FA3CC973C64E10C0A3E97B9CC6CDE4F + stream[256..319] = BBA90DD4C0BDA240EDE42069A94DFE3F + C36EB12C62C993D836957BADE0DCA961 + 58486165F546894385166E1A5EBD7CA4 + BBDBC03DE417E811FA6621EA64A9080B + stream[448..511] = 7974CB949C44C149393BC9F10BDFB541 + D4260C71BC52C90D52F9AC71A6F8BC97 + 11026831159AF43986EF161DB3762471 + 91C86F6DA07BAC1F496A9D1D73F7DF25 + xor-digest = D5BBE5ACC61FB80E3001E4E0B2C1DDC5 + 7008D8510B70E8DEF16D58773EECDFA2 + 01027B3961174E3390FEBC2B15581F46 + ABEAD4C0E7F63851EB6891EC86C20CB6 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = A39D5AF8FE112FAFBD6EAE7D4E925708 + BA05F9A3C2E24BA025A55C9AFD468F03 + 77692205C44AE9DF37B88E30CB5526A6 + 2D8699A37CC4457793F59AC1592A5998 + stream[192..255] = 1ED0FFAB9657CC6DBE4D83A5B7A4238D + 30D7118FFD2D651E2B11822AAE986C35 + FB2469A7FCD62F9B80F242B75C803D0E + 47247FBE9E8E5A0EC7354707D837A54A + stream[256..319] = F7863220BBFD89CBB0F04C030102A90E + 9F33C525A85BACF3C3211EEA56F27492 + 3EDB8660AE792F750697BF4004C1BA3B + C5A8B1F47CCF9974EDA1308024D5AB30 + stream[448..511] = 41154479F67F5A8E0FEDF10E5D1E2576 + FF4B4692C5B2ACA5C7851E7F02D935A1 + 37BF2F7104ADB87EE864AA01546E108A + 8D2CD6FCB69589FB2E38210C1256DC7B + xor-digest = CEE35F4B1A524595ED606972E4E8EF4F + 2F4086C0A9A6C4EA7A511100D892B4E8 + 3DD840342D363C265FAAF90CF140C158 + C5BBA92B975A4AE1A46A4174B6CFBD3D + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = BB5DA95AB6911162EAB6D25F4C6A08B0 + C28FE8DB7F8D0F153D0340FC7E3E8E94 + 2ABAB31A218BDE0C899F72F1338A4C0C + 8194F8958740F4BAC3EAA43B5313494B + stream[192..255] = EF970695F118C274652E9C4DBCF1BE79 + D5872DBD4EBE88BC02930DC20649B98C + 05310BC16CD4678394CFF0F7EF10449B + 971497EFDE0CAFAE4FFACE8E4893EA0F + stream[256..319] = F9C403AD799743777B6A263E31E312E1 + 7955728FCECCBDD0416BDE77600A6B45 + 03CB7C6F3FC1624057F2C04CFB23C709 + F8F8BFE43699AB0503FD4B45B2484C37 + stream[448..511] = 75BFAC8776A7B48494D779093A796204 + 17727B72184850E6B4C4EC03C7A1DCD5 + 0D60888C32E36478B49270A678A09571 + 3C580DE6CB791A7AE9FD76DF7A1FDF45 + xor-digest = 8E7052ADADA2BBD0DF15FB28EDE8381D + FB7CB35D04A0662A8CD3E06CAB944496 + CBB0C69A13DC97E6D97C3934211D30FF + 19585C92C9A27265D4459221C6CED840 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = C63D8BEC3A6F864E72486A71D45D7C2C + C2CA3595793A236044F18AC52EEF8A7F + 9957C96C06BF11ABD673EC07F22924AA + F242804E87BC7488340B036DAB4E31DD + stream[192..255] = 563460549F78966F8270BD0308A757D9 + 6FB48D03A37F7B4303ED12C4855A600E + 01664515817095F04C8A341DFFFE252D + 0C82FFDB70B51EDD30407364134D5054 + stream[256..319] = C6249019D499D3D663AE2E1F0A211EF3 + 57537D2BAC64A918E19D636014DDF27A + E8021EC6FB4EC8E4BE91ED37C8672310 + D133E1986113E0A7C862B7B18DF2BCEC + stream[448..511] = D3FC7786DD5CD0029726B72A33AE5363 + 8026492F63A0BB934BCE10BB15BAEB99 + 1D06F78DC59BB00FEE2A69C37BDD594F + 57F4CFD67A5AD988EAE5C185D49CE89F + xor-digest = 61D337375308A033C556265C7B09C55E + 9EE682FD7E2A61F92DD1926654BBCA90 + 1FF95549B35C22E149035674653F3A68 + 84883560E37F3F99CAD268BC1AE7A144 + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = D374D11AF756CEB281472D57CD02DB43 + E2AE871E1DAD4ADD8F8CA1AD9AA12ABD + 37F9369D0D8BE2D8748D30CEBA091667 + 8BE57241B456AE2719256FDE657D2ED2 + stream[192..255] = 4E75CF9C17BFD6AD5389864F22A2BCE6 + 1CF09E0FDE30828022758078A624824B + 0D5ED4B67E3CB0CE2343A078AB3618A8 + 5AC854862BAC0A097A588B3D4DDE1C88 + stream[256..319] = 58F12B730DB83F43B9E052F39BBC1348 + 2BFAA6606700D30CB2361A667111C674 + F0DDBD8033EBE4C4541BCB6C98757FDB + 7D36E9DE27FCEB7AA8F2D878E2B69E28 + stream[448..511] = 1C6217BFC62A7E4AF4B003C16F305680 + 12F72C66369591A7C6EF6C520DF6285E + BF17FF18E19ECD33D8260D7A60DDED46 + 08720A3917390A79485A600631085165 + xor-digest = A8E06B465D709568A8800C803338BB67 + 3E901ED8785491BDE31FF991F7EA3536 + D5B57AAE2DEFA64CDB897A8C03BA5F2C + 91404DE23728C38A2D5273C71560F133 + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = 88FB4992E84E90EA3DF9AD945224DC15 + E0DB77BC715E2DC155862B3EFCFF9067 + EFE51ACDCEDD5A9D982126963B254671 + A599BC89C8747C8E54E826D7C20A959A + stream[192..255] = F6BADC2C89AD8496EB5FAB4767EDE96F + 4DCB9FF3BA6760AFE2E51ED0AEE46014 + 076AF626A23E861A0558BEF12AC50A10 + B20BC66D5A8CF35CF14D42EE20F794FB + stream[256..319] = DA90E5DFA6C82228571367DAE0F0EA74 + BAFFF758B750A6A4AB27C1D2702CBF01 + BC5A4C773E8C9B374930F8BDB956CA7E + 0BD7F7BBBB1949022C359BB07E33075F + stream[448..511] = 831539EC87739BD1FCBC42FDFCDB7CA4 + 38C306D2F4F791A50639843E43BFDA1A + 65E852A1047F129941657D94B97A2B37 + B4A725DF800CE4FE282C8D3CDC32CDDE + xor-digest = 85E747BEC4D893F24D6B204D171AF40C + 5A42E7CDBEA6C9F30F9BB3F392EEC49A + 65B74A67D76177B25DB2CC809490B131 + E7C14348EF88D97E700D377670D82511 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = 830A4E757568CA23C1D348A5AAE0B907 + C2944998C859D78E3CDD52F5FC688060 + 66CA8FDB40AFC236B0296AED171DC68C + BFA377D434837A7AD1D9D5DD9971834E + stream[192..255] = 14F62A57BBC81B437DA25D8370C8B260 + 147BC758F4A492F6657C9572B4696909 + 1E09618D36D551353829EF952BE7DB6F + 401CC74F59E80B0BABF1A4385CF4C53F + stream[256..319] = 0F247823939030FE792CCE36CEE0439B + 17191B5C0513B5B09E90217D5F3AD654 + D6F69C6B0212AB0B681DB7B16C7F3171 + 7B2B897FD605834288D9EED181376E12 + stream[448..511] = 6174EFDCE81F3A1844477D14EDFB18F0 + 36DFF353C9669E88799E8DC08C71377A + 4E499BC561BDEEA32F01B7C91980C50E + 323D6483B73ABD6252637408F5FA30C4 + xor-digest = BF961EAA26648407AA78146F136CBF30 + 545BCED900B3A4E5636E26AC10C04C4F + 04CF27A65D01078F1BEA30C2F9756947 + 402830CFD923432B378E9607C0EC4EB1 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = 23A9EBAC1F774F95B3D611D6E23496B4 + 01D2B70D598539BFA1C0ACCAF8D93D9D + AE41675D63C9069E2E07ABDBD1386F06 + 515FF17F0E60E136059CF9E49845CB7B + stream[192..255] = 97FCDE1AE674DC70E6B5C410698F09E8 + 3B735A8A76A6E08DF50496F2DB8FD63C + A97FD4FEB7C6EE08CC5968AD8F2D816F + B1E52C1211D61EA916846206A54503B9 + stream[256..319] = D6949609665B062DEEFDEA52DC769AAA + F4B86A7643A10F1D4BEAE0E4DB39D733 + 24632215963BFB23CA2D3BAB3E84CC13 + 83F2F43DE60D2F8AD78867A6F236C364 + stream[448..511] = E1D18B9D4BE9B49A14A202325BDD933D + 15905B210F4C9A89F3092824C3440E49 + F484C00B08958765B75BF654E25DEE47 + B552411BCC75E2D1EEF34C72B0E0BD31 + xor-digest = C958BFA65C96B7EEDCCA22BC9AD63FD9 + 22A94D3F6EE59E285C0C736AFE83769B + 5DA2E16EA79009B6729EF005EEE38B20 + 3F33FFA70EC07E0E5465CF292C942886 + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = 46C516660185D516FC2ACF6A0C759C03 + A3BB36BE93F544FDC9DA3B8DF4EFBC17 + F9C1533061065B557A511B8C2BA33436 + 524AD2E7214A6004C37DCC61DF6EBADE + stream[192..255] = B93519A1F798A4D1C44B5AA6509AC8A1 + 26F7B632BC55127865AC343AF70D5659 + 8FC2C418047F934C22660D4D1D03F3CC + 84FB07231576CA4AA6EE598094B5E133 + stream[256..319] = B28549E92A6447859D829F25AC5AA670 + 08D0463DDAE8F1F99D18F391584D3A36 + 22845AA770176F41660C69A8E8D9D4DB + CD5EA82F1C696AD30B6CC2ED880FC8FB + stream[448..511] = A37AA3AB4501857BB177C6578F74A399 + 7F0F9B624A29986C954F51E7223DB7FE + A55976940EFA83D479083F87C416893C + 1B344D55497525C86DBB4FAFBD0C050A + xor-digest = D56F29DD8D7579987A8002A0B5264E3A + A187C61ABC77F6F5D7B7BB19B7C3E601 + 992AAAE92F736CB67F49F705859582B6 + 987815955F15A163E012841D80B57151 + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = F79DF6AAA57B1F45D1125990AC02D96B + F956AF2ED8C54332178F6EECF4598E74 + AA1F536EE22E784B45BFB083A60E3828 + 7A360C06BE1EA762546AB0AD6899FE20 + stream[192..255] = 8D6D8DC5D1133FC3915D8460456A2094 + AB68B9569D42A400185551141BE60851 + 7628970C1B46137FAEFFBDE6BCDD7916 + AE114475C55378C26B2C00F5D0A365DD + stream[256..319] = 3BAF985ED8A33AD9FA7A03BB0508A228 + 88F9DAD037D5B0EE2A89AF15217FBEFE + 284D8EF5C166E4FED8157B61CEA4316E + CEBA1852A058AA4E93ECAFC37D67EEB8 + stream[448..511] = EDBE4C8FF3AF3278765A9340A927C5AF + DF9784D7A11E8C7B7985B972B84096BF + 4449BFD0A01443F59644B217C4F07BBE + 1394996F1A628042D82B78BC03817244 + xor-digest = 7761F4B5E1B2D6FEFB0299FFD8B7AE64 + 4B0820E32E577325FE4E5BF5C129ED1C + E95FA763E48F68BE3D6104904D56236C + 0097210AED56853638339518385E1D1C + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = 7C436ED4AA18C3FD3442737D2425FD08 + 479604F203C057A080DCD7DA6777D0CD + E1DC0DF50A18F210C7C34F0A2F8FBA63 + A132E6AF9F143550489E277CB11B899B + stream[192..255] = 2FA20A460467D3213675805154EA262E + 69BD8AB67D3CFC2054D18AACAE846D60 + 34DA1F11EA767C54EFE75672F3AD1835 + 81AC23D9A3B6170939528E31ECD451C4 + stream[256..319] = E553D095C339720C0149CFC37371CCF6 + B2CFE5DF88117E0918D0C36A33662CEF + E986F8992BA20C53237A16552A31609D + 68BB27E9FF6851814924805103FD95B8 + stream[448..511] = 85021EF68D4DCDA72CF66C2AE7C9B51D + 4EC54DDBF38EB4CAD25AF75BA26F03E5 + 7E7CC9E56ECAD33A31B2255F0EC91149 + EF5D4B163F593595B70E1DF1D4F1C2BE + xor-digest = 848894EF165D6833E75C2EAC631E9384 + 2504D1C834C111B02EAB2CA558D2C54C + AF282C2E60D49B7DDDF0479C0D91A89C + CAEC9C46DFB203E46027D3A6635F0131 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = 3EFD3CB48D101B96C476FC474B90C34D + 28C70FAE0B02560E5DBBD78CF6242580 + 7FD93F1095A491CD610B93B3E1D5CB25 + 025B46FA8EF9293AA10A04A005BC859F + stream[192..255] = 734A67A9F3F709ADA26DB9A2AB67074B + 08B000B93A346DB1A1A7E85BE6F08762 + D12728B3A2ACFE92DC5A55C11D314217 + 95EC96B2F864A99CFC8DC19A3968D557 + stream[256..319] = E38257962CF6421F02408FD830A207B3 + EDCB4C2813777F1852D2D67914C81FD6 + 94CCEF4FA18BF869E1B713F8D32F75FF + 6F3EFDAEC72DAE4BE95A6216E8B5EFE2 + stream[448..511] = 6579A6020CE99121C55931495022AE37 + 3E804C544F66DD8AE19E301EA6A59D35 + E4AA6C276D603C81970DB6FC9873145D + 5CE1EF50E0FCBD83BDD1B695639B6619 + xor-digest = E52056F99E72713F62269BE85D7D1C83 + 5BD387B4B70B80354071C3831F150843 + AAF05D4B68F203EEDD2D13AFD8FD70C6 + ACB076B237C9EEE406D98B958EAFCA6C + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = E389A5F5FA91DFA9EF33BC5D59A32A1E + 5785CD3332AB4181920B6424DA428BC7 + FC741625CC0E71681450C6874A25CAB0 + CD82F50021058F1F9AF0A79FE1D523E9 + stream[192..255] = 61228955734A2229D4FBF81FD7CCBEA3 + 67B444ADED9F9BBFC58AF64344C0D3DD + 7A95E09AA03981CC153C30BFA32F8911 + 0D8A5DFE7B6A72056B4F3F794C703CEF + stream[256..319] = 7B2C5FE9B147DE30DBB11497045BF9C5 + 73F1CDEA6B6D6BC5A7D6A7D5AFCD71CB + 58B053881D0758E07BD6C28E3AFEE6D2 + C30229F7B7B1F825C12DC83F22F2B764 + stream[448..511] = 0A9FA3443A110696F7E09E5A8517D5D9 + 9CA97CB84DC79F6B244005B601746DF8 + C891FAE30A18EB4FB6BBFFBDC0B2C946 + E58A6379ED8011F587B5E699BB110687 + xor-digest = 0915C7A8096764B4971FA1F0E16396EA + 4DDEDC089AECC5427E8E608C035F508D + B9F88438DD187DC96425CFCF05B42B10 + CADD8CE70A3B3727BC5DA947767CFF53 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 6B0801E18D411FB380E9CD019D64C1CE + BAF4321F9698D780DDC901F4C9A5B054 + 3E3B68D13D541132278134635FF88BDE + F53A2FECE2907CF204C72F2D44793F5C + stream[192..255] = A3F68C6843F746642C25861C08532D40 + 230F1B89F2AACFEBF37CF4AD0755885A + D264089A6FD7888EFF21BDE59260252E + BEBD5048B0F71754A1FD2A84347D9983 + stream[256..319] = 7B7424E3EF501CCD176F52CAC9F76A6E + 163D24898C0B1B392386E510AB1306D0 + 506BDD75250CC3AFBC1107D085B786F5 + E15C443C8ABF24239C809957EA5E2472 + stream[448..511] = 2FD527B2EE6F47B4B309C98B9D89F90D + ECB62003000DB9E368005C040D2AAD0D + 96B4C4C28A4D73FD4B77C9B5F5AE306A + 58480DB0C23FB8019966361301BEF871 + xor-digest = 0047F785832EC6C4D53F74F71385F6AD + 4AF2EC30C47DECE026227C33DC2F6046 + C2079AF6FCE40A3E1AEC09555B11B638 + 4ECFE0C1FFD06C64B70E3166EA5B033C + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = 8E84EF7CD82BD7D9D0AC60618E810CB4 + B27A487571C37DC9A6687C88909C5184 + 25E344CE10F7932F8712239E3E9B3C98 + F0C577E9717E067F249ECE881B8A4B44 + stream[192..255] = 3197B6DEBB0F6BBBC64D73C70F92CD8C + AD9F9126774FC8D5D7860713B34B692A + CFADF08CA40B6F0F17886B707BC0E19C + 75ECB27C3DE001FA89C8326079243988 + stream[256..319] = 6CB8307FAE14BB9BFD35DC3113FAB89C + 79B83B3FBBFA858D3A66BFE2EA0667F7 + 69D81556E64B993BB264899F9A137EFE + 68C23C8D0159579EB91338EDD7641DA4 + stream[448..511] = FC163278A81CC1D68B0DC63AB8653EF5 + E7B4AE6D83FFFE7FCE25A1A2499F4A99 + 58F174379D12B07D93689BDF4EBEF5A9 + FC1B0197A8196608996D00931C3F74C3 + xor-digest = D67F17889A2627C46E669184A70764D7 + 4CDB38D233E86CA7B68BE30BAD7A417C + 8A8069965949DC949A91BE1E3F9261B9 + DE7F3ECD400A1DDB183AEF4FF5521B3C + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = 5636194A7942D413E1DC4C00472ED448 + 52AAC699E6EC70CCBE90DD52CE22A2C5 + C181574D6ED0C812BD11322C37E6707E + 51C2DDB180D169EED688DD4FB0CDFFC2 + stream[192..255] = B2A519FFF3609F005F6DCD3C358EC11C + C7C7B9DBF5673CC9F8DEB2C8692A8C3F + B692CF6996C72D44E4AB31986C63F196 + 3E2805518AA25D173A9726B96D5FF68E + stream[256..319] = 4D4B1930AACC609028188AB283764A51 + AA5FA78372680EBFDCB37D231B991996 + E1F7F587161B3CB07BC53E2C32A13404 + 7BAD04FC4247DC91092C2C6E158C0001 + stream[448..511] = 44F0EBF50F57A17B05FB1C00E1E9C2D1 + 74A46D274E3F7771CF3BE60A6353DF35 + 95027FBE56429251328D14DFEAAAF341 + 73FBFCD64A5B0CEBF809B8B5A810A4A5 + xor-digest = 2420CBCFFFD7FF619CF90C47E8254CAE + 35C9A5829D3D12555F63F74D7EB7AD8C + 38ED07EF32A99A37C7D491CD75057310 + 42C9AB76EC402AE80068EC46EB09F5BD + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = A07C7453D74FFB728C811461E65CFD4A + C4DD1E51204850E300289CFF77AD5AC7 + 5FE981783AD7142FC5A1F824FCE4603E + 7304D87DAE839A8709E904A154EA4C5E + stream[192..255] = FC0B10CAD79C24DF62B5B0C0D72CD392 + BE1BBAB711338658223900B3A91CE3CA + E1CD0695B48FA70E378F516333299401 + 7CCE453F2C6BB15741AB59EAE40D8740 + stream[256..319] = CB265FD47653D4C1D1C6127AC9944F48 + 395254BCC98C4098B531F9DD3F8E090F + E32F08305A4E3BE52A6C7248514E748F + 50045A8B5DF32F40772CBE6B7CA37C51 + stream[448..511] = 3F713D14BF3D6DCCAC799054628DC343 + 7EA1ED3E584E7D66A5AF77E32D304332 + 3471DEDE870EDD6C80EDB13044D3C7EE + CC5222BEDD632312A502CC4E09657D1B + xor-digest = 781C6F09E76920437B776A40BDC6A98A + 83580F69C33153FB7EC84648442DE65E + 85044B20713E86518943E7C00CE3B555 + 2141185478569F1BEB433425E88C5E16 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = 1B99E94FF97C2BF5C9855990FC723112 + 6848AEAE4358108DF55613A029711E22 + 5DE0F71B8AF909CA8B30D29528F094F5 + BA422655E865CF0415E2873D6EA3C052 + stream[192..255] = C853430564969D769643242F6528A333 + 26242D6C15C00177F5D323FCEE231A06 + DC11D438F628783E051F7298FF9CEE16 + 27A8914C10E4CFBDC821D224C768251E + stream[256..319] = 312B62F94B4C2F07188476E094EE188E + 9024CCFB48387F0CC8DE8C94546A915F + 06A51F858F2D350394AD28E14AEFB487 + 8BECF9DD0B41D5E31B72E5FDE4B95A21 + stream[448..511] = A6E94F9AC8750EDB5FB501B0BF383CF5 + 0F71501FA3AD6B2E615C96C7DE1F9B8D + 90BD511AB1CA84CB4E9E8E932B87F8D2 + FA85F13185BC3A5A76EEB45D5A8662A8 + xor-digest = F58C4EA9798FF90D61638922CB3FA58D + BBC40E5D7E818A68729ADB95359BE1AB + E6A109447DAFA455653C2A9BAC4790DE + 95677D3FCB5DDEBC8B6B222C71232ACF + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = B00BADCC296EF974EF399D65BD221739 + 22C6BAAB85CFAD316017C90BCF9BAF0C + 68931C22752B9CD4E93B383DF17126CA + D13C0484E6F86966F231C07E80D55F17 + stream[192..255] = DD2CD88C628CEA5D553905DA1881990D + D6E5203F1B6DAA7A1CA924F46E04E30B + 077C4E956412D013DF3EB8EFE0EA0BCF + B45E7D56F8FF5259011227F2108E18BA + stream[256..319] = 8839583F86643B07ADCACF096A72F114 + EB47EFB6EA007CD8013589E0AB80C820 + C1A05836BC87F1125BB0C7814F493FEC + 669DC4A165CE9B7293DC435BFA7CCFB3 + stream[448..511] = 9DEF9B71E4171DDB457227EC967EBAB4 + F73862FE73118D198F6C69B70F8C3360 + 33515E0676F5FCF227EB5C2E956F2064 + A4FEACBB2A14F3F1105EDBD4EAFADB44 + xor-digest = 57B91698D02B8368F2948688F281498D + 399488EB653AABA93F0B6755189042D7 + 6E9A139B43535A36A227C8ACC85ACBC5 + 969A228E2AED7CD89C053268B494146F + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = 589DC88A91119E50DD431DF324E48370 + BB47CD18B47EE7141D005061CE405B6C + 1F3D584943D5E16AEE589D20760E3B6B + F79162F246636FBC514ACFE0EDD562AE + stream[192..255] = 08C7D6A5B251FA2D3015C656886B2BFB + 7203DE8FB6588D77B2282D8FB3C79A27 + 598686E2477D058A6EB652DF04DA688C + B06252A6C1219E03AFA3DAC8745037E7 + stream[256..319] = 39F28C8DAF72EE9207D24132A5822CEC + 2BA1F924864F1888ACE29F09BBB95EC1 + 7A72F78656441362FDB9FBB1645B7E25 + FCC120A1279D50F588AA35FC40B5FC76 + stream[448..511] = 0B4069B2EA0C49F0924A8B9A0E70D825 + AD779E2F09C5CC4781C5DB7D3774B037 + 7F9FC0061062018B69AA740D4F3DA9DA + A03C9D84973F31A666B867B2C3603416 + xor-digest = 29E34FA4885AD39640BE9177D8ABFB84 + FA9C357F2237D8010B713D3312FE922A + CBEB6E5248C592EC2E3CDA0F41F3E27B + A8BA6C7A587EF204D350CD691ED9FFC7 + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = 0F2784597DF16C84CF34D2576F5D4C04 + 73649281DEB117EA380AC1141E5C915B + 4132A0763EC70AB96F0E144CCD6CDFF2 + 54713EC93D2577916728734127AFC3B2 + stream[192..255] = E1707B1C569E2011E5160248B0ABC86B + DFCAB8CF49BDD01463034DB9E869FE47 + F1F0064AFCFE97E19F910FD303635794 + 9BB5E0B3D6F4804B538309DD73F2CA44 + stream[256..319] = F5A1B6FAE8A52E5DC413D13C96DAA15E + D4DD714A8894AEA5007839C66C4E45C7 + 71E49317594C3A939B81A3BF9642C0A1 + 53AF0EFA32465818F3B1F7E966505EBA + stream[448..511] = 05966F8B413793626B2F0BAD2B33A53F + C924A775C883295EC9576A93AF8AD59D + 6CA5F747BB8988A52D84F563492148DC + A86C538EF719BE0600ADAAB154A2D897 + xor-digest = E1C96EBFFCCF71083FBCFB7C8433ADF9 + 2178ECD4226A57880FE55E65CF94ABD3 + B3C54D8841E40AD4B9B7DC0F2E520106 + 622E3A0CC99E56174376FD3DD4165519 + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = B4F82DFEE6108192539DA8653FE99FE1 + 770899983C846489677CA0C5C08697F6 + A6629EF3EA50B3D87CB2A442425A44D5 + B48B52513CF5A24C89E0CD1C17E3A2C7 + stream[192..255] = 5891DBC20064DEE60378EB7AB35DCE9A + C494577C54B686A17CE1622AAF527659 + 6221A24E35545760DD29AC979053BF7D + 733F5F9CE86F67EBC588F08A9261E513 + stream[256..319] = 37E32F34DDDE6D717C8F05BEFC175BEC + 55B7D0A1ABB5A6A7C5DB07C4BD15CEEF + FA4B484A181CB04A6D4DE20A169C2970 + E912F79FED019C51142DE283CC750FBA + stream[448..511] = AE521271F96BA0BD6BC6E18DD2416919 + 66841DDF106280FBB1EC4C38D551911F + 6293C49F1397F0BB277D4DC3109AA636 + 5F07C05839F7483D4E9B0289B746F490 + xor-digest = F94E8A31779FA7BF7B9C4107F0AC9D0F + 3EA9798DC4D96971EC3344837D0D1B74 + 92F7E0B1FC9A81BE559D13782AA2A75F + DF1AEDE66D8C2DAE4EAC91092F5FFFF9 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = 412250869F182E744D3AE61AEC1A0871 + 10CEEE9D09AF9808A01BFF85750E796F + 2928C4641510FD593B9D066433774EEE + CCF06FA00B0BE03A1384B4DF8DCE705E + stream[192..255] = 203AF3950D1D8BA96F360A2057193849 + 9CC4FAEF4706A4F080E0D9A9BC1D24E4 + F0D5F21868E6D2548CE4D736544C252D + D0A63F1031631091F1A06ADAD01FBA69 + stream[256..319] = 0AD812997275D2A81A1E16498C6D7BE5 + F3B6B1403D33D93A75F00C7A74FD63C5 + 00D9B7236BD2DDB86B1C1650ADB2922D + 8AE1DBAFD23CC2442909E4F7AEF57F20 + stream[448..511] = C2FD8DF92A5641DBDFBFAE49B4234B46 + BEC7B2C5961BC7A4451632721F16D095 + 718FDB7C5D6B79513384FCBFE3953767 + 169D6362EAAC1693467E661126798F8F + xor-digest = 065073AA3CB7A0CB26CF0A1707E403A8 + 781C4D73B679D44E6BBF678087A463BA + 14D8BFBA831A54B3660B7FDC60199B30 + 3FC04AC175F3DBDB8817475EE6901DF2 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = BF078B482CA987C6FE0DB35B57C57438 + CE8EFA08D03C33CD57AD4C4011AA4613 + 849849C85639B07D011C042B479430E8 + 6FBFE86A564FD24DB1D452D011BB2431 + stream[192..255] = BC93B4BD800FA5AF7A8C7FE140A3427B + 017BF881DE34CF2CF0790371A67D55A6 + 46E4C5B2A6E2D261094FA38FE43D4F58 + 356E0A8E1DF95C6E9EE997BAF93D8FBE + stream[256..319] = 35A186FEC358F0F71622E2036736E9E4 + 95A1DE01B2262A041A0DE4C6E2458FA7 + 74968E12C9336105E01666A495980445 + 486C96C2A7442C07507DF7BF2DDA69B2 + stream[448..511] = 8AE093CE4F53DA6719F30D1C9B46F77D + 3706A217C042D3D10E04BE0F1196367E + 536C2BB4D1EA803B627CD5FFD61E1EFE + BCD2D9FDAD73B9BFBAF60F2E49EBC51A + xor-digest = 4BE42C2034BBDC4C79739A65893628D9 + 71D293605517905761B967F43C6106AD + 42B778F92A250AE71EAD233855AB47B8 + 6FE1B1D38727C5C7BB9EE23BB3A9B8B0 + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = AA2E1D58F1C2D1EA6E199EE52D0463EC + E9968AF14D65E60B598D812B5B3005C4 + 489CA1440C4F054B3D860C3F02975D5E + 384620173F35DBCC2BE16CA51F6D51D4 + stream[192..255] = 1B3EF59FE7787FF542A3642D494BFD2E + 4CF23B0E9414726B8E9A33D7248023BE + 5F1BB7CC4DCDAFF26D032B2BD4BDA70A + 7DF83DEFD97D55A7CFB5C87D0403BB36 + stream[256..319] = B2AB1C1703379A771D14F51EBDE3E9D5 + FA7F64282B022198DF5AFEB47EE6161C + 6AC3E475271E255AEB8DE3B76B9F72C2 + 6FBD8D9A07E22567CBA64E3D2B358868 + stream[448..511] = 2F82A11DC74591559B41F405D92061B4 + 6A2C3C3E7861D3DB223DF33F0883278A + 7F2501C8210D4ED83F12908DD2A24DB2 + 974FF5FB017D18C6231906A4349A0254 + xor-digest = FB802899DCF605A73152A329475C6498 + 6A73BDC0ABD79F343256375A8C99B3BA + 1420A670C9224D935ED571F14D76B581 + FE7359EC6A81F9DE87621A929BBDB80F + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = 8FFFA4908E599C9F54F71CC3CAD466E2 + 7172C0B28A89CDF401807621F2CEB860 + DBE97E4506CBAC5A553823F237AF44FB + 172E28482EBBE258CD5D900257DBF600 + stream[192..255] = EC0A8A7E2F056AB09CE7247A43D6AC99 + 848194A71B1C8BEBE3F8344DEE2E90A1 + 3DBF9919BC1CBF1F9EC1574E8894EEAC + A165F6596BA764170F84B7B2C198B041 + stream[256..319] = B97BAF3540F110EBA6C0B83242F8B92A + F916A2BD90C746D44E92C569EE46FBF3 + 8134D3CD7FED347D59BDE6799C4A22FB + E772F8257228B635A780435564173652 + stream[448..511] = 9B9F0345D3CDC28880A8AC32475CDDAC + B1FE8042FB27BF550D65F60D04FB1BE9 + 84409377EE3F287D7D86DF8AA577E68E + 7CDB45B14809FBD8414E5C68671AD797 + xor-digest = B3A6802F51E6830D24A09CDEEC6CA56F + BF6740F8A258E7932E7911887492B13B + 1B8589F0010299F2C5B84BC1FAE55A67 + C8FE002C8E96B5E92C6E7F7F9B00303E + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = D691618BCBB4597F2F002A282DB08F18 + 8260243C7B71C458252C00FDEF11C5CE + F88FF0590F74BB4F8010ADFBA887F296 + 94AEEFA49E1DF385E5F6C909FD64B2A2 + stream[192..255] = 51FC236B38D321BDC28E882CE0C1677F + 6C8FA911149224208C39996846EFE47B + 3B3116202C6442252D772EDA5E6FA2D2 + 444EE4E26DB885C30B3D742BA575078E + stream[256..319] = 45B0E8B6A8608E595B7389FBFD3A278A + AB8A69AF3534E053C26C46F3876C6DDC + 041DF569182BF4C1734E0D76EB703F08 + 165C922B7CE38E992BE35BDB6650CDAD + stream[448..511] = 9F0F51945B3B64DF58DC01E7FB3FA1BE + 19506AAA0E8E192601E1F318A5A7BE0D + FE90766376B66BB26BF2D341491E5AEA + B16319B6327FC4BF2F552635F2484D8E + xor-digest = E1D71EFF4F6AC143217154C55CCA88F6 + 3BBB0F92469AE5F9F2F6E7EA62828B40 + 52B099AAE0DFBADB956D18096CDC0BA1 + 6FB164BD344E295DDE07002FD747CAF9 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 422F7069C9A50B477617644969866641 + 9865D441451E2B298A6CB45ED810EC70 + 60128C304AB69E1925B0032D6CD33F0F + 8761CD0F6255CCB85E5EC6599EADC85C + stream[192..255] = E231F4AB8F76ACBF29A17B7BF89B89E9 + 8C6666D93897F4B91E37D2EBF192E89A + 19C118EE64A06026EC2B30F8F5FA875F + 15748FDC0A6943A9E4E76081AE7578D1 + stream[256..319] = BABA7317873F97E79DDE6ADC5AE3D054 + 1194B4C4F3CCAB2738D8766BB638908A + 31BCC0002BE58B3D2E1A574278681236 + E146A095CF376FEA265BA434F5BB0404 + stream[448..511] = 02409059238B1864F85A37B9132C1C43 + 456D471F26C2B345CD70DFB64C84E888 + 06B0382D54A97328EAF7F159723FB4E2 + EBF773BEA260ACBDA9FD2A276E0BA1DE + xor-digest = A04E4083B5BAEFD3497DE23B9A9381F2 + 5E2CA36D8D6E9A9B2AC7DD93CE5AE0F4 + 7C633C9FBCCA66FA43B059E5499C55B3 + B3E36FCA0AA45DD575763236CB3DA253 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = 91F87B5DBA560E3FBFC5CD43CA50DA55 + 0AA2648AAB28BC62EB0AD4414F8692EB + 977D93381284D0F26820DAAEB8B5C44F + 2C874C6921528998267C822553C5F745 + stream[192..255] = A48DEC79C1ADF6D6BB99947621F9E046 + 5DA6FFBED93C66E5AB56F3CC09D3F631 + CBC8BF78A03EED31DC6430330E9C0CE9 + B0F3DF41FD94B1FC81D44F82AAAF9CA5 + stream[256..319] = F31878CCF2591DE5684249F2FD2CAB6F + 3E7E94CE507CE1401B0F5085CF27C7AD + 3E776468FD098D60389A08C960BA604B + 1CCEE0D69D1803F254D2E1D9171CB66F + stream[448..511] = 50ADC820ECC329E14B66BDD159DEA2CC + F6A4B80353F7B783A5FE972DA013AA9A + 5DB1D92C250D46F3A4F2FFD1248516DE + 7F36DD29443B9EFC5FDD39C0521E73DE + xor-digest = 9C80115F3D6C42E0057EF4962D048866 + 99D6795A8ACFE2C71A47B70D8E7626D1 + CEA8C9E5875C0E69357B20348FBA1F46 + 6EC41669F8709DF5C72AFEFCE62D6170 + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = 91D2128ED1DDC3800D570CB4ADAC8CA9 + 760BA6223C7EF19A81F62CDB3F8D7901 + 4175D8B57840FD0D0A9EBB8CA6CA997E + 6AB212C4C1CE9528131DF8C5C3CBA992 + stream[192..255] = DF4916D02189492FD92477865F768DEE + 24B95846BE302D516498A197AA834C95 + 8F48705F772C76503386E14D41461E8D + 106BEC629C8AB86987E89BE9E58B3B35 + stream[256..319] = DAEBC4D6BAFD05ABEF3E80F10977300C + 22B5794337329F78CC406920BD61A908 + E17BDF09CAF99C06B4471EA7A5CA3067 + 08FD08BEB4FE6CFC5589DB0EA5B753F7 + stream[448..511] = BA0795ECE69FBDDAA293D933B7FBF964 + 8C4F72DEE388777E906C2824CCB8C347 + E605F6132C47AB2397FB6B63F66C3BFF + 84459633D646F5672854EF0DAC8DD10E + xor-digest = 8884D9ED4BE75614F04D92ED6B19BB8B + 54589B95EC4409F9EF07623E64A164DF + 848EFC9E77AFBF157993AF25E7281D2F + 6D69C23D520BA71E3BD3884DF8E1D6A9 + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 0000000000000000 + stream[0..63] = B944F975FA4F57828CD395EC502244C7 + EC8CC5C03B0855362712093A0F3E4D7F + AD253A30AE26C6A4D5533581684E4C92 + 99F95B4A04D0E0FB045EECAD98B9BED9 + stream[192..255] = 8605AC4B01C25BAA23358420468B9EC9 + 38AACC8B1C48E9714A10D45D1B5FB040 + 88FAC8F978092A7F00C8997E44B957AD + A886DF3355CAE292865A56BA9C40D47A + stream[256..319] = D67A9CB65DCCAF2CBED3EE49B8F741B7 + BC905ED2582434AB5841C30F907DD4C8 + BB64E8CF349AC9E014C730B7AC47D0D8 + A35BD764C9062147986BDF185C8F6ED1 + stream[448..511] = CCC41E287637F5133B57B63ABCFAB9F6 + EF08E7F64C35A3B1178BD24AEFC88D38 + 7A533337E31BD8DAA9CDA684D4DE3A73 + EE090CEF165750EE875BB3DD0B4FA7D7 + xor-digest = CA58C4673A943A086CAD0FC68C44D797 + 1E6901DC71311D7C6D3E806CE3F4D7E7 + 708D15FBB7EFEFEBE8E8816E7F32BEA3 + 474ED4A6AA4C24BD85D4284DCB46D95D + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 0000000000000000 + stream[0..63] = 5C98076C5B9B23A9330FBDB0E4FB13B1 + D065A47F1269E4B5E8C220B6F149AD20 + 7A087542D7C36A438B293C7A9E2F3F4B + 3690D8450C76302E15988C3E087416A7 + stream[192..255] = AB081A893DC93F74D5B2E9DE1052AADA + 21886DDEDBB54A3B634D88D48429D6AB + A376B062E2C67926F75CB34790FF5582 + 0449943A0A2BDFB5E7F1627E65FC55A9 + stream[256..319] = ECCDA197A1ED2F786822F9AFE8762953 + 6EE878E01E33B4A1F75A7C85451B0B44 + 88D72F523E823EF564E14A232AA9B6DF + 4047978520A1189C3E939C98A6B04789 + stream[448..511] = BDAF7803BD065FC8CF4A8D362D32345C + 2287F7286AD6474109090AE120AA084B + C8267300DD1D6EF55603BA19BFD6342D + B0CB33D49DCBF34E98E0CA68A1CAE5AA + xor-digest = 5DA4029EE351EE7F695DFB1DF4329BED + 6713D7A9DB3EABB04A42F1BE6EB2F0F2 + 8236C2B0717F9925CF01C1D2972C0CAC + A2E79B955C8BD38C36EA1F7C7A1C5C70 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 0000000000000000 + stream[0..63] = F6E50642F21A69DCF979A0453BC857E6 + 972343AE67F31458200AC2AACC6157BE + CE3B8615786FBE7F3527B82675EBFB1E + 1D2ED84C8B8A54E3FA949328EBB6213F + stream[192..255] = 55BCC142834D5779DC122CD86A71C918 + 595F9299054073846FBA12A91BDCB435 + B67F076E771ECD7F1E5E1F4F5F517D1E + F985AE4D86DD8CE1F7929D8872EF77B2 + stream[256..319] = 1417C2E51E22C43E5650C350B17BD8E0 + 804306C6870133AD90A7B0B5A0E6B203 + 5A3280F400EE5B23D6FE31FDAA0B84C4 + DC316C6E3C7B0AD0B9D49881CA62610C + stream[448..511] = 2FD3470B0B72AA966E985534EA923DE0 + D674BDE7A069B8BA7DCB457196BC258E + 8D88358DBCCBF5288ACA6754275CD0A2 + 9D13F14B9BAF140F51F99009A14AD8BB + xor-digest = 78EC5CA63A428B24EB9B8B23C87980D1 + 796D4AF8E2B08D179E260418715E92A5 + AB313A37078057B96170E97922B0BF13 + D44A173B114D1C111489E81469093379 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 0000000000000000 + stream[0..63] = 7C29443DDF39B33D8FF9A097EA8925D1 + 3D9096915697657E2918E1A4E9BCAC64 + FFA13F9CC2AA13247D36DFF11D3EFA10 + 4DA78914F7BF83F7BB6FC6592FAE47B0 + stream[192..255] = 2E207793F18C28BAD7E80AD3C5E01B71 + 75FEDD0B880F21322EEEFCB4FD6B3760 + E99C57A93771A451C75184D93D95AF28 + 3C5DA66315AA81D5BF6486AE2ED08611 + stream[256..319] = 02692FC646AD96EA9443FC2D3F4D1857 + DBAB8C3F1ACDCBF98AF443626CE42FEB + B1019CF9E8104B1EBE9A2A08C11CC238 + BF8197F7CD8603BFEB8BBC1320B9D0C7 + stream[448..511] = 19A98541A6AFFFDAFFD061FE5DB77652 + 64CC6026D76A86910D3155ED8D60B38C + 99F2DB1E03C9EBF448C5B9A7DC9E33FC + 766DB3530C90F58BBAA424D924F8BBE2 + xor-digest = 000B02661425A8F6D6F251C943DC92C3 + 7942D14DC404A2E6998AFE8FF254019F + 06EB15004965F32EDF58FC96F3AE5AB0 + D3965835B8BA8588B9A97B0DFF8D913E + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 0000000000000000 + stream[0..63] = BA7EEE789E15F3333605F76743991843 + E7562AC1CCA5C3D9EB99BB0DFF6AE19B + 6CC17B13D4A0E254A7247C6FE5C76975 + 3935BFF84677896FCE01E90F4AADEF40 + stream[192..255] = 4BCF8E1B5C7BEBC373AA7B38C4B656D4 + 2BCC756A87556B5D0727A6AF871A3DF6 + 737F2E167AB4A42F2D9040E67B99C9FF + 3B0E904BF81C9E53C341B91DDD4E3D22 + stream[256..319] = CC8DA753458731AE170F456B045DBBDB + 0F062FEE904F004D3AE286957303B003 + FD92B87D4CB28102D4C4FBE37BB41D2E + A9E328E966C37BC9A9AA2F445A9F426C + stream[448..511] = AFE8E4308AEB0A5FB4991BF31F875F36 + 3B2F8DC34844CB1A1463CBD9CF54E09C + 371B3ADDA8B0124D2784EC3E8C90B645 + 48E43BDE3EB284A5A9B0F2276151AD11 + xor-digest = A9C52671735B2BE995F705A02D51E53E + 55BB1277209784BA227946B31012419A + 6B34470DF6ED63B5A89F38C3B1C9F5A8 + 24826B57A8A025659EABBA9846FA116E + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 0000000000000000 + stream[0..63] = DC69F2D64F6AD02C5ADA0BBD1923F9A7 + 1832BE0B6288583F761A7E6E57E5395C + 529D482A065E2628CBED1D149D1A85A3 + F61361180D5F8A35BBC82CFCC7106049 + stream[192..255] = CF733BFAE9287E8A10BB77F7EF0B2A75 + 47A0DA18331ACBE842D77ADE611E0B54 + A7EAD5EC2E002211E44EF6232A9449EC + CA2F21893160F4F133D139D84DF73FDA + stream[256..319] = 684BEDDEA8D9F5F508D3BB727A136A9E + CE5AF4B5DFCEC1016680B4419F5FC1F5 + AD738F55E548FA735DBC5A4EC75FE566 + 4BD5425D29506237EDA944CE4A9B5BBE + stream[448..511] = D2B016A4711E95A2AA2CBFF865F50765 + EDB3A49BFC1C09C6B409421453A980F3 + E0F1AE196C7B8EA38E6DDB110C46FB3B + F583688AB54A7A5FAE7EF583FE5B3BE4 + xor-digest = 2FA9EC703471755C068C73ECA433AE33 + 1A694ABF8FABCE0A707B2837DD1FB869 + 25115A4D820C590558BCDFF7E85DB069 + 43D3000AD4DA71A9A221FAD93EE3A6EA + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 0000000000000000 + stream[0..63] = A3B532C5BCB55591B44388EE91AD3CE8 + 8AC256302851D8FAAD2290E333751962 + 187D4A822B1C6FDC8AB0F0457373EE1E + 903CFBEDB8D70DE45E14FF8DD00A54E8 + stream[192..255] = 4B8A5E9C75F6E8A616466AE69BADB056 + 1749B37E68A4C8A3503EB6D0F2A9E37B + CEE771A7313F88515B860E012D2F28E0 + 295D744B853417AC10D98ECB95E6DD21 + stream[256..319] = 873A9C172E6C01B7814342BBEA87CEB4 + 0C7B0ED9A253715330D82CDD1873A1A6 + 5F7A7359662A16E6DD60974F62FE490C + F331A110E5A66AE7F5A53E3F6A912079 + stream[448..511] = 3153B05CD0678B062B33F52F4D60D49B + F5DFE40E1C5C605B6D2BFEE77D10F14C + D98B00D73418DF4EA60E7CB7FF4068F4 + 36D0B14C06C3962128467E40A2DFDD49 + xor-digest = CAE300665E16A7D8509603600A3D76B4 + 3258CAA2B9B98000AF6E00F44EAB7E70 + 2E2FD01AECC892D277C6BF354AAE2F33 + 16C029A7F17034F5C67F92F1A4CEC9B9 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 0000000000000000 + stream[0..63] = EDAAB24D0022ED40F04442E864B9DBD0 + DF7CC54BA8E458CC1E068CA3C9D58B88 + 5A7664B5D3E94EC88655548E8A921A8F + 31CB53419812C0E9E17A58B2448E7C41 + stream[192..255] = A1173C4990A76700F12FD02816198EDE + C3BDEB176C50611C547C04B1B7552AF2 + 93747C2AE373BB588713ED28A0689AB7 + 7AEAF19422776E1EBA329BE428B74D04 + stream[256..319] = 93DBE7FDFB017559B2CEABE954A1F301 + 1201A34DD6B6598F7A0FBEB404F926D3 + B87D7A7D724E28575BC9447B4608F60E + EE758DD59585B772BC93DF0D7B73C2AE + stream[448..511] = 34C77AA7D38E7DC3B1A4A01336A4E25B + D8599BA3A1B027CD45EF89B77D06EFFD + 63AF9E262DE68B3AC916DA054281BEEF + AD9728A57F285F540C03A7E0C0903111 + xor-digest = A808E567B1B53B30F3824CA83F308C10 + 3FA5FA2E9CE6002DFA098CCA7F226442 + 41E57D6E7770299DAF947AC714516575 + B78B3AE29620FF074E5923D4C76CB01A + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 0000000000000000 + stream[0..63] = 33BEFFE76180DB2077EC33F3770BBCDE + D4322DECA27140564470133955D41ABB + 4CF0E944DA722B308F4EE954382477AF + D803852D1A818E7051C2371EB420D0FB + stream[192..255] = 6C7804B4274940CB37B751A235F5B115 + 4EE1A63612727609EFEAF8E5D4C91E71 + 5B609953E0CDDFE24C01B2F4F9588CB7 + 52B1AC58D8E5B251FF9199798513FBB2 + stream[256..319] = D806FC774052A3B2EB237D363075755C + 596576BE5C43F3D27AA016374858985E + D949312D49F3DD6BBBADFD6D55CF4CEA + A6BD59A11DB075CF7ABB01622FDB4FF2 + stream[448..511] = 755710AEDDFB7AFA4D03904764EB5D61 + 770CF5BE0D89902AB662638844303F98 + 6758FEAFDE9AA4ADE1A3F0D790B91D46 + 88C9E40D915F25B27FAC224BBAAAC96D + xor-digest = 85CF09841916C9CAEA81CFE7E4814548 + FED359FA48850DE2DA310187E55E88C7 + 270B6FB478B4CF078198EE6B45AA8ABC + 33679F5F3B49928C30DB686C52A7F9F1 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 0000000000000000 + stream[0..63] = 2B3A8E25B066E8FF776E25A4C1B22E79 + 536C631CC89A283A67E2BD7E8F75044D + 7F09E0E04392C2B4052CC01E1483816B + E6F19C0000D245B2D049017712443ABF + stream[192..255] = 75C34F189278541F5A08C2E058E05AB3 + 89D3DE534F5BD181F8072050C7333532 + 3435A980CF08C360C154636C990DC79D + C00EA4703D7E35F25A31B3DCEDCEBE7B + stream[256..319] = AA5614230F170D786F5523783046069A + D1A1FC030A34472A8277CC0CBB799D0D + 8654ACC5865D7138497416F522D61A0C + 5AE7E3D1FF8E2CDE5E15A0F5E7598F97 + stream[448..511] = F93AFF781427F4AE31AE5EE7685BC42B + 96A0476F9A060EB9CB2696B9D7BB7BD2 + 1587291960527D6ACBDA69C4D51387DA + 9F13A4C95D33C60CDD26B325DD753C17 + xor-digest = 43DDD201CF4DBA25014B2AC59E54A9BA + 85FBFD6DF3303E1819A10A26E9E7EC7C + C22C0AF034E6A618C23B57AA41651BEF + 0CB022E1B77071E406C84260E0FF3FB8 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 0000000000000000 + stream[0..63] = E85A04576D4A0FA50503CF29F23B7D7D + BEA8D6238A8554DD1B51DEC856473FA7 + D15927461688CE09BC5928152D29CC9D + 8754E7269162B822A184C1B8F3562E9B + stream[192..255] = 1EC6811C3CE10CAD5FC97A60AA055FEF + 48EA84A8417F70D8A3A1011C6C388EAC + 86F950DA86216B4B5AEED2F39B479E69 + 49C6ABEBBD31A4C3EAA58C4D995A26A7 + stream[256..319] = E7CC00EE4477BCC25474075D94686A60 + 8EA949109F5EB77D8C3172A122691202 + 206CC16B28914B79CC44775698D6566D + 2626768A8C83B295B8DB36C2C5B25D0B + stream[448..511] = 19457396FC73F2AFFCE8F35B08623DD1 + B60169F985951396CC18D07A4BC4F07C + 404F05A7823A49B8E627CDF1F9A21923 + F3CB8472BDA02B056CA975903CC3ED96 + xor-digest = B9C824CA69EF003EA7DE921E439DF8DD + 77AD3C3D8B38E55D1D4E2C41AE887E65 + 9B6396CB0D63F4D56A56CD339EAB537F + 90BF4999EDF0F782204FF93C1DFF8041 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 0000000000000000 + stream[0..63] = C7FDC1B00C56E5A205CB493495BA8506 + DBE95D7326D9D79C0C39D2FDAC9094ED + 134DF87CA8D95D793FBDCBF8024EB3FE + 43722409521D20E0F86AD630369D6BE3 + stream[192..255] = 826860F82D28237B1D5B435AA3308C7D + EFDFC4A4DFFE7A4879F38502796AF8CD + D2D67B38B409617B205C790BAF27C502 + D2EC7F6811709508BDC4BF86974E2C25 + stream[256..319] = 09D0C20C211C7263C9CF16EDD1D4F03B + 59F6657B09AE8BE0517117199D68DCB1 + 4C2903A7B06B574E80BADD37AC63EFEC + F7C00D7C3C67D47B86AF6DCFCF39AF7F + stream[448..511] = 03CEF238533B10318CB35B069F727D1F + 617D526E5E655459C9EFADF9137F46D4 + FADD462FFA976EA0E1814B69FDD188A2 + 55123FE689F957CB0EB6ED3E7587F9B5 + xor-digest = 3E6631C919065D3D4887F8A060085DB3 + B20D84F79C78AED24AEF6A5E3E3D725F + 110C4A3EC079B39E9B538CD92FEAF8C9 + 09E072591B0A0B95143D89AFD15DA2CF + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 0000000000000000 + stream[0..63] = 97A18C197254BF1D7232C984B0FF0306 + D5A741A7A19E169733E4076AD823FB6F + 783B02EB3A40DCBDF3BF1F28E2D316CA + 99FB85A8D97A64E1963365897367B1DC + stream[192..255] = 63BC208E85DADA87879A67177668405D + 158757517E1D8A9544D80DEA8B207A84 + 56451B5B00CE33438C3440875D4BCED7 + FB39E1CD2DA93D52AEB5B0FDA81FC2DA + stream[256..319] = 7BA6CC540AD5DC786D4742020F9D3DDD + C9EC3D91619A749DCD93F22DED7AAEE8 + E05E933CC350684B6DA632CDE2210BCC + EEDE8C5D872CC0A0C4EFC780461ECC5E + stream[448..511] = D68E284793EC5D9F74409E2A550E8C5E + 49E0ECE77B836DB25A16E94CE96A4E6C + 76F24266A796896A99E2C25A3A19C2D7 + 4D90D17467EC7C40BDB2B1B987BCCC5B + xor-digest = 815CF2F9220C9DFC610D9DBC8A8397E5 + F87D8D9D11D02039ABE18E23C393F237 + 061F73B97F4A69B01F9562610C1F5528 + 0D7E648F8E066064CA6E7BB91B23051C + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 0000000000000000 + stream[0..63] = 2352F5E4C303C8D0940E75B63CB1A1DC + 561B74409FDC14651B0FCD85027C750C + 1515E452223422CACFD68F12A0760B40 + E857CF75E3F4F38899C92A96AF257A18 + stream[192..255] = D9D4B02FB09F9581A5E3FB9F1D81D416 + 6ED1D30DB8D94C5D29407A9906A4F43C + 945ADB4AD0863727AEF0272AC084CCD8 + 4CDB36D2B5A16537ECBA4A9FDD189E41 + stream[256..319] = 7A6FB5B7F99422F6441F26ED4A8269B8 + 410505B7A705E23FAB1DC4326DF4F680 + A056F60DAD69999DBE0A4EB3A976E0CA + 32F3B5DDF6719C8FBE0CA7EE6EBC2C0A + stream[448..511] = 1DC9779A05576BC41C42C4D3207D0E3B + 24386EFBB4637019DE4BD1DAF78974BB + E54B679E63F5D03A17C12936444A8BC3 + 6BDE14FCCE62EABDE5A11ACDDE42EA32 + xor-digest = 420ED300C4B0ECBF2B700EADA9532D36 + 72D2B6582B7BB8F1B92F492F600B3000 + 5352AA1452A412A6C8EEA2A23EC208AB + 74B0D24CD1B49BE9D3B6645F528F50E1 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 0000000000000000 + stream[0..63] = 8FE443C77F2BC040BFDD0A2C725216D2 + C05159764BC60DE59AB28D394DCF8B8C + C16832C43C9573D21B48B0493B0FC85B + 63CE9540475CA5ECE01C0CE7316E153B + stream[192..255] = 5CF9021BDD35450D639784A42E3FA7A8 + 506B4C82AF1B7DDB2708534F49B7DC81 + 098A571C1D37EF6162525C7E1B111B19 + 33FBA1B814C2122DD455B40D360ECCD9 + stream[256..319] = 47C629B2A4781155B466EE9BE4A5291D + 9053AC1C76CFD7B2D1EDC717E33A0495 + C3178A9A95FB835439D6557EDAA750BD + E52DA333A9D800688B59B5A16A5078EF + stream[448..511] = 2B765CD2E584631098F5FB130F6486DC + 98BF0000CB5A9045538A1447A5B2FE9F + F8AF23700577DBFF637DBE0530508128 + 0F8B92A7D3D56DC3085E740D0A6BDB65 + xor-digest = 806ECE0BB175321343FCE5350BA035ED + 7991EC9FE3EAC640A0A683ED0B7EAAD9 + 64FDFDC0CB9B1589F39442A18EB52D77 + 8DC88C484EFFD719606D92E4B9DD31AA + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 0000000000000000 + stream[0..63] = E599B28FD0BA76F00094AF342FDBEA56 + D1FF02C6126A95539932129D63EF8632 + 2FFB8541D2792FD0AF4E59A071855DB8 + F43E24FA45306BA3063003A8FB4F1F51 + stream[192..255] = 2C7670CA9A5F47A6C7A109964A45ADAA + 4C301E3FD28BB265C5DF1114B68E482E + 2DEB4D713A9B9B4CA0D728037D5FD7D1 + 45BA27098948393AFA4051EB40B433C0 + stream[256..319] = 9B8CA929B01F8E730EA8FBD997A8C725 + 0440EA528335F78482E63E19726A54CC + F7DDB88614AF0AF274E892396D5D77A6 + 2C914754F9B5678B5BA6D88E6C244B54 + stream[448..511] = 3B8151ABA00E58B20EEAF7CF3965BEE1 + CD51D35E182C6DA1493DAFACC3E54CDB + C749ED581B9B77410437E8CEAEFDE999 + B1D79AC88206E56C93192528A78B59DA + xor-digest = AF5D35333E216B7D64EF5D29D5AAAB02 + BFD146D91580408F616AF7514B5658CE + 16CBFD820108F31B97E2F3110CF98D4F + B29820DB9F2D6F159B32994D4A0A49E2 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 0000000000000000 + stream[0..63] = 6ADFF9CDFF88A3E5E0874703C86DCC19 + 6C090972272630DE3B5C79810783450E + B679CAFB089DB31DA4BB3E2BB6B1B514 + 6C8047F84091481DB0051711BB3A4C10 + stream[192..255] = 762E3B6A8219440027CC0A2DE2C02FCD + CB06E9E7DBE22DDFAD59D4E091E3F036 + E4EC32029923BACF8CFD5A78A6D719C8 + D26C49F728CFB3A32006C2DE62D36770 + stream[256..319] = 46FAFC71119EE0051D5BE4233FFEB553 + 875FE446A7EFFAD95AF9BE476FA561BA + 01C67EFA3F3E5C4CB00BC4F9A100EDA1 + E440EB4289709D409B501E6B1CCB70DF + stream[448..511] = 9E230DADB6721A1842AA9ADBCD5F49B1 + 5203F423504EF26F379DF52AFFB6A76F + 655A1E40C20C22440CDC96FB1DD3E2E6 + 1496F9A890487D0B304D7F373F1DEB9E + xor-digest = 9110486A23538EEBD87C686A601BDC89 + B6C16D55BC61C3AFF142FC67F0902A98 + 8D7025C38F9F0945F309ECADA3C2FA7D + 1EE4E189B63AC5756C4B8B28C9913F96 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 0000000000000000 + stream[0..63] = 7381223CFDE233803F7484C801A38B24 + 1AE1A485BA644857EECA5422FA1E35C9 + 4FE3840EDC7F890FCC50F3D29F4A01F2 + 8F7AF08AFA954F4DA6B743630BE1E41B + stream[192..255] = AA95F34B2873F5767E0467112DBDF16F + 03762BBA19EF7F059804B62F47126201 + 0FADD0C259359439FEE338D8F3AA3E4D + 24C0C2B1492FAB73A927CD6FF17634A5 + stream[256..319] = 1A70441AA9B2878C3E41607E6EFA0597 + 774057CC14D5822BB1265FBDFF3B906B + 66F920FA3141F6FD81CEA11D50925464 + 66C3FF1190ADD1DDAE0F46B69FE7B94A + stream[448..511] = 1AD6757713D7A54F8EA743134FF7A457 + 671F6371A9483DAA9C50CECDF752A0BA + B8D1B5B28EA4E624E5792BAD49A40CA8 + C3DA218956D2D047E856AF6E636419BD + xor-digest = 0A1780D9C3FCAA533A7F08B116B34BE0 + 112F23DC6F9DB9FD6D4C6BDB07533C57 + 2946865D54F05505067B256CDFC001B0 + ED085B4E7E070A868E7E859031A28252 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 0000000000000000 + stream[0..63] = F6F7130D50A6E0DEC78F265468ABD6F1 + C63D745CF1D142F1A39A96C4699F6859 + 46C9F18B9CEDF2F7C73B0493C10BC80E + 7DC8EAF2F04988663D9A77C78DF0B72C + stream[192..255] = 7B956074C6B217A50AC0605B24FC6C52 + 1B7C909E9F1CE3124C0C4A7D2F6CCA35 + EEE79997109C7DCFF250A353FDC32834 + 55AA68C5EB7C30741613C3CCAD65B640 + stream[256..319] = 916D59366AFD20B58056B55F83B52755 + 404FBD696050C1520EDB3AE455314D68 + 9F094698B7252315859AE6DC3B7146A4 + 5249C337A1881A4147004B8E62ED8F25 + stream[448..511] = B120226D4936515678C011E198151AB6 + BF2A2047623CB706EF9A4512B3524E76 + 78BE6F5A834008AD14BA2770B8693DA3 + 5401988E11816B7BE2A7F9243E290F2C + xor-digest = 93AF172B224A2038A613CF2D79BD0D7D + 7E401E03CD689862FDD61283A4BE0AD4 + E42F968D036A8DDA54D9D86D481CC738 + 9B4FF57050D6C680DCBD63684F3DF756 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 0000000000000000 + stream[0..63] = 613C8EFB0D205DDA40169D61287EC948 + 18DDA41DCC49BEE0DB3054C9CE8E4E89 + 7292454A94BFB6EBB2FB0584E5DB8870 + F6FF57B964D9847DD7EF44EDF4715585 + stream[192..255] = 2978F08A57DC4A243F59F387654FF981 + E3F07E2D711AE6E7D384120D05DB4DFD + 0A452F64B3DA7B23DC2099968B6CBC04 + F7332AADDB765AEA590A6889DC49D51E + stream[256..319] = 72200777E6080069A41D6B756557751C + 0829E698CC1F09F571D7DDF00546EEE8 + 073CB57E5A755DCED2741378B4DAED5B + 76BDB9F50D807C1DA96BD129FE116AA1 + stream[448..511] = 69A08B376AD8850F7C75774BC038B75E + 4B163242B0BD8122401022F9DF56CFF5 + C3D58EC228AEE220ED764E485A7287E3 + B5135F6A139218C8B1F51ED0481E5829 + xor-digest = E184B83201BC0FC54DEB236FC1B3CFC7 + B0E94F55042EBB704D7866CADA3A08E4 + E65B26B76E4DE62FD923BB2E22CBB14E + 6DDAA9F5D0833A399F27A9F1B980153C + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 0000000000000000 + stream[0..63] = 7BFFD6D7DCB9FF327697ADC2D12848D1 + 7BA15705CA2970C9933C32B64E0BAA59 + EAC9B06E3535B0FC7FFAE74A5111D6F8 + 99CEFE939F9AFF49207855A2F10B175B + stream[192..255] = 48D39C1434C75BBE42B8CAFAAE6C687F + B7428D650D0C9E00724053090A26081C + 9AD32440631C2EBF511FBCB1EC3F0312 + F35AC981EBE01F0843F9496EF66C7794 + stream[256..319] = DD5309EC9C2BE3C3735E05E0839ACD6D + 2CA2C01FB569A1A0D982D19450686EBF + C6D426A5A6D7A51381196F13333D7A52 + 6B91EDA2A52FFCCEEB06E7BB60C14C49 + stream[448..511] = A22AFF21C9C7E653BB8801E8F39E81CE + 3FF2989BD49B038D226ED1A579F38E73 + 2EDF7BD34C7EC27BCC0A286DBEF6A678 + 9DA85A830344EEEACFD69551023881B5 + xor-digest = D6FBFAADFD01DE36505348F103EC3213 + 3ECCEFD135B9B9583BDDDD0AEE996FE3 + 1625609FFA9F495429395E5B4190F1F5 + 5FD473D23DD06965EF2059CD460D8975 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 0000000000000000 + stream[0..63] = 1A9DF5590D8771C3AEC7E6CB20694711 + 275AFBE88E8985FF397F7E907F8EF989 + C25D2C5B64781E4A1691D0274ACFAD57 + 77BC56989181F2908510FD4235AFD934 + stream[192..255] = 72352AFEC181287F5399E7C0996E1080 + 248574341A1695FE3A6EC3DE036EAE4B + 2F7BDD624648AEFD05F6326B12CA2E18 + A6800B8025ECBB879F53A3FA42C154FC + stream[256..319] = EC71A134059D4518D9DB485668893EB1 + 061DFD0ECE314422F43D7AEA70714974 + 2F89854CAA39CFDCEA015944BC530B28 + 29B60DA10C47F00098157A79D934D9B1 + stream[448..511] = 036B7C6A61E8C4E223F6A7243A4819ED + 310F3FD445791044F17F4E222ACDD710 + F8A8B6579FDA58BEED97F7F0654FB910 + B9E634D4EE5B8C06A4608FC5BCCADA9B + xor-digest = 4C202E08A01A28FE33C2EC0FABFF6C19 + 5EE25F3407D248DF91BDB9636F083BA6 + AD5090170AD1263B87505A08B667C015 + A41A9BBFBC99A8AC0FC1A4A7B9F8F150 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 0000000000000000 + stream[0..63] = 9FA10DDDAAC350A1F78BD5673A4A6FB0 + 0521EFC93AF3574FE71B7EC78A99E131 + 320010E4ED662E4563AB09B6B21B6523 + EBBC240F7FFEFD9BAA62A917984E10C2 + stream[192..255] = F18A19233A4C37312E479C9E1565F764 + 49AD73DDF7E5E281C6351F0FA1A65F57 + 9845C6C855051228645F0369881EA998 + 278DC5FD7780AED780557ECD34B1D074 + stream[256..319] = 7D3F4613D5AD1877AE002E2B12E71434 + F4DC04D0618AB601D514730094FDCCE2 + 5485640A7CEF20460C5D56F2608A086C + D98E4DE795371F4F2992FF290E787B00 + stream[448..511] = 282CC627EA1EEC5F8A40F48B56DD6EC3 + 5B163FC8FAB2437757DBF62D7766C601 + 727BA2C632DACE61C02C5135EA9F8676 + 93D018B81A22D3AD527A403DE0914CBF + xor-digest = ECB149C6EAD3648025A47AD7F0F4081F + 4811CC09197FABFBC7E5B5667105F94F + 79CF9C0E4C29236FEE28B213181113DE + 5F998A9AE6140EA6B6666E0077D12B5D + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 0000000000000000 + stream[0..63] = D1F08D8C8E95707FA2E9184F556EC73E + 4ECA16F39D27B14081D0F7E7D67C05D1 + A94BF246B2B2D3F3467BA596A5ED65C8 + 869BD4DADF8ED011B8C33A33FAFBF5A6 + stream[192..255] = 937FBBB1C29C3AFA03FD4AD05F43EE3A + 0F3CB44AA0F404778B5750C1248D3566 + FB86A72CB1B74EBBB13852A1A0A9D21C + 81AA7DB5D4FE46B2A9FF89A066A46E9D + stream[256..319] = 4E4856115CF07DA91BD54ED41B390807 + 30731DABDD3E26194E063867DD9C7144 + 44C932AB01DF56FF78EA5545962AE3A5 + FE075AD67BC7854B82764B522583C038 + stream[448..511] = 96E0E817BA67F3C72A7DDE649BD7653C + D2B719C8DDD2E84CCE9A2B6E61DE55BF + A9907DD9A1F1434E78D685C61DCD7992 + 91D61D393CF883CD6713499B38E2EBD7 + xor-digest = A3A626CC9A396E2615A6893CDE75EDB0 + 083E2D617388F47D1DDD2BA94A6F19F3 + 3840018C11309EB666C60488FAD0EF90 + 51500F52CA9B2B2D46F2CC4DE586428B + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 0000000000000000 + stream[0..63] = BFE4AFB5BBEE1F71F254DA01F751627A + 9B752EFDEC2BC9AD6385A2E0FC8C0DB9 + 82036A87FE2A55100B8E741F6FAF3FDF + 5776BCE0AC121C1C3722D47F4DE93315 + stream[192..255] = 79FBB1A72383DCDB92BB1E8E7E4DCA94 + A60DC4944F5BC29EA15A802D9DE63000 + D433E935FAAFE80C4AF4DABBE2D852D5 + 5119631389BEC8E4D9FF1C45D3BA6ACF + stream[256..319] = E9FFD92D8423E1CD9D22A776C7EFF47B + 4FD2DB15DD08DD8474B97F4662760B68 + 37E03EAA16DCB7D857B2BCA7DF11A210 + 1BD18852167C929256442D2875CD6888 + stream[448..511] = AC1CC9EE33AD5E544A8070EDB73FA55E + 7335997AAFFE2D06DBD891A13D202BC7 + C0BC2C9120BD580DC508E010E9F55B6D + 5EC84189BCCEE8495F5FE9189DE12A0B + xor-digest = 1F092F2D0087085EB577733C30CA70F2 + D75E78D19C0915646A8AC3DD0959FF64 + B2528FAABEE57AF5AA562CA9DEAA12F5 + 58BEEEACCB4AD4E1C7C969D69B54B6A3 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 0000000000000000 + stream[0..63] = F216623931049297AF5957EE91576935 + 8B4B1719A2AEB5BABF9E5D154B326B05 + 8FCCD2455FED38875F6FCFA2EA5AF3C1 + 930ED03BF536E1B4B1692A27B2373372 + stream[192..255] = 3AAC0DF2509AE42B77495CB79A3D841A + 305648225D3A30671235FBA6F957EA1B + CF4BD302AF56C6B7473040A8E3EA393F + 5FCD8FAA1A8AEFFD297F8ECDD320DB57 + stream[256..319] = C049E4E06A2A62F92CA4CB7C548F82A7 + 253C8BEBA6DE150E27F867E3EE9FF138 + 041CFF16343E41076C9FA651B8A9FD24 + 78AC9AE3544A32605E543628BD9F7635 + stream[448..511] = 72E338F197C96C3E2EF8959AE3C91658 + 4AD39506CF846236C5CA71FD0731C945 + A2626360DDE50EF086ED0A297F041E4D + C8C7B532D97B56E7E5643106AB0D43E1 + xor-digest = 15D8FE0ED72672D71CCD70AF00641CDD + 5493A6C997F05D47E258E875D5399582 + A02D9B09ABC7F7A7BB4C1BFFE3A2EB4F + 80A2871820A009880F821F5AD82D55DF + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 0000000000000000 + stream[0..63] = A3C7DA822802F2C5D821F4E6D4147591 + 37410418EEA3E8A46E8C9A99FB1F102A + 2F6F04AC7BF10114BFF750E5D1A9F366 + D117AF9CE88191FA04442B3D58159FB5 + stream[192..255] = 507280D7AAEB20216CE74D0A3BD67853 + EACEE2687FD705EE33F930199DD80578 + 8C699E1334CBB81D8B390BAFB1A3F64C + 6719101BBFFB835E738CD20D590D0E86 + stream[256..319] = 78A9D106A485BC68EB5CCA176A8ECDDC + 386394B59DB79BA6E849BED84F7C8DF9 + C489FAE426E574749A18585C1A0B3B54 + C9027FBEAB8D43C2A049711FDE0544DE + stream[448..511] = E2F09B30F3274DF4DCE9C6B66FEF9F42 + 7CA8F18E59E16CED86BD108726AD65A0 + 25675D6C397B075A8F2DA9FC6F197CEA + EAED1E13B4FEBE0C76309318F9D681AF + xor-digest = 30C7F2FCF068E213FE9E9D604171331C + 8C7A161F9625E655FDC10A6A755865BE + 62B0E68B34C9BF8D5E67F998A3D05733 + E7D47D14DB2ACBF243013B8378C3BE5B + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 0000000000000000 + stream[0..63] = 9A80437B4C5DA35067C0E86CDAFA0931 + 36B1034568C5EABB72C7C47C12A7678E + 30138CC730E23F7A5B688D6368B2C4AA + 9AC0563124E5E16E53742AE78FAED8D4 + stream[192..255] = D7B7B44300F54D5E21B5A19EA3239993 + A3D0C6BC3CEF82216AEDF4B756F99C22 + AE85E6D625C6C884242C09FBF815B176 + A417A359E764EE0237E6C78E62B5393C + stream[256..319] = 10A116FA29F470265B03E0A83A9D76FD + B541174C2D921CB776C78B190B76B0B9 + 2C218A291BC201BFFAA7A309BCBCA016 + B6C47B99EAB7E9D3FFAA2DC413BE179A + stream[448..511] = E926BBBCAD67A57CAD0DF98AB2755318 + 87A97C868E93D8AC2D2ED3ED0165C41C + A5A5F00DB54132E667B4A5BC803FBBC7 + 073A19A210D7B27DC744F87165D6C2E3 + xor-digest = 07CA4706A8B983104B42CC6D3A889AC4 + 22DA578FFBA6CAFDE3C43142F6A3D61D + 262B3E2AF75D02F7726EBA179F07FFAD + 4E2C1D1D7E3F14A2F32EAD1246E6A850 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 0000000000000000 + stream[0..63] = 62F253E12CECC98AAF3C22E89CD4EB55 + 623CB74D4244B36FA82E6341DCAEEC20 + C5DEF4639F447DA6EFB5A9F3CF264B38 + 2509823644C013E2B0204636FE26ABBA + stream[192..255] = 3B9B855A964E0C6778CBB6F5AF2EB74E + F359A782E8C12A76AE03EC82C8ACEC88 + 8D573E236368AC4C118FAD826184B610 + 5420700039734ECFD3C71554DD238A5B + stream[256..319] = 997FA19FC4E1D3D0D79691AEFDF9F308 + 9628B6000FA4F4AD24C38C498A28EEED + 1F31467E6926FADEDCC3B3381EFFD18A + F7B40DBD47C54568C2ED6F107868B52A + stream[448..511] = 1ACD6317330621AA3D901CC2D70E6ABF + 2F48913C4AAC536C02815263903DB1CF + 5F1BB2475B30D1E1F58FEAFD30F510D1 + 47D5419AD3B9427B5899CFE6985602A1 + xor-digest = 51C7EF9556DEA1FDE69C71C6A64221FC + 33C63690514F356F3AE8F132A979AEF8 + 95E237D811EEDBDAC852D6AC47A6CE45 + 0E0A7A7E363559C3BA457882A920E9E5 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0000000000000000 + stream[0..63] = A1F5956D10E53E41180CFFAA3B8B7D8E + DA33CF3E197F52DF22CBA222AFCE1D55 + 3C53DDC4F0873BEE714E34B4FBBE466F + A507C94236FCA32DA00E95E9C2BA44ED + stream[65472..65535] = 147B13171C4DDB42263F68F536EC524E + CE906DD84264B152B7ABEC487B40193A + 4221BA8FCF81E98092DD091FDB198C2C + 00C9866D2A341D8347C34B354EA1346C + stream[65536..65599] = 9F48A9D58E55639741E205E70191EC12 + FB4A72FB54C721611B3FE1E90A93F62F + 5D5A9850A694B40C65DFAF11E6BA1B72 + 3CDC00E0B549889BCD7F68B8996AF850 + stream[131008..131071] = D7A0D1281015F8E9D19E6D5A4650D0F7 + 9D1E5D18F4183032771E323A78A46BDF + 307C31BB8D7A7944BD4E2356E91759C0 + C1149E07E7C7209808BB45BAAEC6FEBF + xor-digest = 285DE6030515BCEB9CDFE1D833D41C0B + 439CB7EFAD46D951FDDE2643E5D09DBF + BE4ABA9D88DF2AF67E75988BA1C61CBA + BD5168EA8092EB2C0FDC56D57FD7BE83 + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 0000000000000000 + stream[0..63] = 091FB6E98D0C86961E4551BA1AE4BFE4 + D4A6CF75F1FDEA0AF4A24E2F00A18874 + 09D66E2169FB0D0655B8B05C642FC01A + 2A2BC4982E4A4BED6ABEA4E66D7632EE + stream[65472..65535] = 58B1AA6F98D68D82DA62E206FD0A95C3 + 870F3BB84267E126C872C5E26FA6700C + F05BDEC1485ED1527C4CC6AE33455C4F + FBF157CAFFD6C8F51AEA41FFE7D5B17B + stream[65536..65599] = C98302DC16F953112900DC0F33DCE74A + 0DE74E0DADA02BDA83903D36697994E4 + B3008F7E1F4CBCAAE84269561F2B42AF + 2AFA02264F74F74962C85836915AEDD1 + stream[131008..131071] = D78DC1D6B9C74E1F26F973DD46F12711 + F08FE7E8F170803435D237913038F49B + 6DA74457987C0B0603C8B3ED5A4E06D3 + CB480BF7453B1DD19AD9E7A73645E733 + xor-digest = 9606653705505DEA9B4465CC1A229769 + 495A3BD5E42E788C49C393C0DB675805 + 1E203077638ED2B812C90DD33B0387F2 + 33A3EAB068D9FD6E24DD6AE405DF30FC + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 0000000000000000 + stream[0..63] = E66B5DEB6404BD60AC89512A06C2A1B8 + 19C18EF46DC52271254F8AB2AF1A5DB4 + 89C5E0488222C0D780DB6DD2F04A9980 + CE24E0B98E6B8A3824C7F1DF8AA982BF + stream[65472..65535] = EEE4CD03A91363326DED2FDA955AD34C + F420608DCDB756B74EA4E17DAD69A41E + 5F8CDAEFF82EB1AB9EB5884633938D9B + 3BCFB0471BC005A242D48FAC14854DB0 + stream[65536..65599] = 8A07A1252147C0C748E222077D1FCD9E + 868A4A2D0316E0081BFD241349CD56BF + 47D1F05DCDC93EF380958604F6B3B925 + 91EE893B990DF1432ABDE08CB87C6F9B + stream[131008..131071] = D316553A63887BCABE8F766A737BC41E + 3C0D7C91D7D753AC407F84C8E4A0DC44 + F782A1826E92D7E5C782C4DAA10700F3 + 42B6E6E36A86B5BC3C9EC65C6836D97F + xor-digest = 140D55CFB34D2C0D5B49C48DE6213B27 + C1EA25846F98CA58025524FE32A0968C + A01E12C83285011FD7FC0C84FD0E7680 + 13808BCFA1B363CC9A1D3B085B94D04E + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 0000000000000000 + stream[0..63] = 87DEAEFDF287A53E17E1F229C6ABA15B + 45BE2CF9A43E03F097E2B1AE4983274C + AA95A13B2F12F776D09A0338E824B806 + 409E2BF4B76431FDBDBC2E60ABDCFA08 + stream[65472..65535] = 15A9748C457B794334BDDAD73C0C6F3B + 55EBD8CB6AF0B3FBEBEE27AE6F01E7B6 + B2D265DBE8A917C98C92A13120D06267 + 1FF252ED3D21BC5980DFBF246796BAF9 + stream[65536..65599] = 65718EC42E807C67EC3902B6562B577A + 0FA7B870673DF5FA05F14588F5138118 + CEDA98B62ED8F18A3481CE99CEEDEF76 + 11B9656AF3988E187251A693A1E563F7 + stream[131008..131071] = 4A416B9F083234191D157569E551BB33 + 48664FC2A2C6873A5F6A437CDFFD0734 + 19CECDB26CFDC628837C9C5B23581E42 + E1611BDE2961F3DC46908EAB6C8EC5B8 + xor-digest = 3B105651F6FA69B88D06E86FF7DC3FC0 + 8A248974FBF732F4708D1FF893297CFB + 2BE3DB8EC19169916DA207F6E070A79B + 9266280B2585E4F44548712C3DB23EF1 + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = 472251678E82F653A05AB5E7240365AC + 3141ECDAA952DA2B5DDFE52DC6F7E8C4 + 703E48C7EC5A7A48A51E4235602E1D2C + 214C9AD181BAD0038E22650FF6F5C8F6 + stream[192..255] = F629EF5987FC4EFF6DEEFB0E06BA7EDF + E5C58B95DF1DF27D0CF8DBFA5CB56B78 + 988194F3B8089A60712001B3CECC9D81 + DE66AC3E92AE685E52A2F3108398A6D2 + stream[256..319] = 78AE6BF0074315ECA839492DC62707CC + 850CA3F5B73DF4CC0267FFC50EC21D20 + 43AEE7580DA658763CFD2CD2CA488312 + 97A3D90268965C50C7065C6823B3EC64 + stream[448..511] = 2F827A849ECD9F12A1B8FC60421EC3E0 + FF869E096E1AD5594F31E781687C8AFA + BB6224517D04D3AC715D4459EB79037B + B574C6FE170D47CBFA8D5AA1D27808C0 + xor-digest = 7288E2143E8E378A542DEF5AAE2E8F26 + 2AC9C78B9EB627E107AC01B922B3F584 + DFC9727AB8FF5C9D6D987E858AD590D4 + F8FB9B6EE08AEAC7372FC2E463601CF5 + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = DCA9F0C7328C0D00896F3A8AF0AE9039 + C68CD8E0B4F8641032C8C46531E7945E + D9C76756F9B208DB476E6CAFBE32ED69 + F2671E0FF9EDF1B1D00AC5541E58B0D1 + stream[192..255] = F5DD29AFD81492A0B8707F2345518234 + 95294AF432CAE43434FC0F501871AF25 + 4E99B1DB409C4BD20BA052D97A83BB16 + 13F82477EE3F7113711D289EBA51DCCA + stream[256..319] = 3849353AB57F6700876D9260D34A1B62 + DEF88327A99A63DE2FE0C8BD43DE6685 + 46BE2599C8570B43D833BD5B9236FC96 + AE5C19E6F7D15B56B6925D930D414513 + stream[448..511] = 69796448153827076DD0DEEB7A137E1C + 4B6C2DF4775754B5BE065749CB5F3DEC + 18B12DBAEA3A6CA9176651657FDF76CB + B5A844F2DA5EAF43551E9A2504BD880B + xor-digest = 8978CC47B5FB5561C76F9AB31017778B + 286B6933C0C1E4CAA8F624A1F60384EF + 64393592B97AECBE412FBF7D195CEEEE + F6863641AF2F4E9E473D2992ACA3EA54 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = 8EB7774E5EC6869056565767B351FC16 + A7CBCE69FF44C44341CBEBFAA36AB1B6 + 990038F7AD25D286D2C0D70A70F4D0BF + 760D0D825363EB397F5A796CE0F6679D + stream[192..255] = F3C02A63C144C954FB8A5D1BDF1D1491 + 133C5040F2777D805DF6CA59C8827BA5 + 39F65D047CCF71A03735F821CF278EFD + 05D9577569E270E871923E39742810A6 + stream[256..319] = 39DA7BDD213BA84DC008D02A2BF4A554 + 57D2D17540CED48E8A8F99A8FBD3FEA9 + EC92029BAA162C913C985DDFDE5E8EAF + 350D5D34F790D8A2F7EDFA2A4E5F27AE + stream[448..511] = 9DE0054021939CE424C13FB9E97F16B3 + FCC8F2E61CF92E36F0C5B50CA483BDFE + F243A35B559A57036A7DE9E071D04A34 + BD28DDD2309BD698568BB4C762DF87DA + xor-digest = 7DB6B434FD2C6951B09D5B1241CF90A1 + F07E69607739B4EBACD60ABC1BF2EBA1 + CDB606EDC66388178A99040AC5D48CAC + E6938686E5B60427EA5D4777C4503273 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = EE94037B1AA04C6947469FFC96B5BE2F + 3407679BFCBAB69B0A3B63D0D1D37CF2 + 9AA443B236CE7E8505B60C6020A98936 + 26600A22213633DAF818D2CD8AAAC3A1 + stream[192..255] = 1E02522FD7F3D9DBCCCE100A21A84DD6 + E38A990986EC2CD3C12932F56AE76246 + 913C03C3318A4BE75259C8AA6A4B3106 + 25DC56ED95A366DF8F6FDD4900F4248F + stream[256..319] = C134B74F0277195D1015C78DF776CE08 + EB3DF3416BD24121BFA7BAB106539EE4 + C519115064618CBCAF22AC21998949C2 + 81CAEE8B5567B508CBE9EE42E2FCD8DE + stream[448..511] = 7A827B43AEB818E05C26923880A2C516 + 7B996B7CC567410DEE2F0341C2041AC7 + 21FE6750991E83B0C84F40FC460788B6 + 8F0080E763804A36BEA97E40E7BA24F4 + xor-digest = F6B1CADAC448B58CDE69FB03AA10B701 + DD33CF9CB6259C6A1B214E707FB692F0 + D951B185FB59C1EDAD1E5EB4AECA9B08 + B7A267D5F9878D180D198853B712FC0A + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = 8C03FC8A3D1AAC8015012626A2AC1D68 + 3B757CEF6BE6DA25D2B63115FFD02932 + 04996C7DF715A857631336AF68536D5D + CF1AA416B7238D139A6F2E94279ECA6B + stream[192..255] = 050D99876B2C2ED7D8ABBC2C9DDA5DDA + 90F69363E7A5283FF1349F16B1E1D311 + 88644C64378D701BEC2259C2C84E66D9 + 67A81E4154C801DF145B80AEB9FC2865 + stream[256..319] = A9E480A21C7A14CD922CA3424F962CD7 + 95DC2E5AACD57101CD9B9FA3B0735F22 + 0AF0D0E89A47B95084B3E50731606307 + 9511AFC432893EC4C01D59D8DF48B283 + stream[448..511] = 16211A7DAF005F4278357135DFFBD5AB + A12EB5F997646A4DF275F0EC56E1E425 + FA5145C9431E00B94B2D163856AAFE3A + 058CBBB368EABAF2BA38B99451C7497F + xor-digest = 07394AB07CB7A366ACFCD4D7F9DD02AD + DB8497544D4DFF12E5279EA54C6DE419 + A45DDC65DF3A8311E604D24EAF2DA30F + 8C9B482E87BCD65D6C67CCFF0DFB1319 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = 830A8F698485CA3DC7717448933D139E + C3E47C392C028D60BA4A0830F39993AA + D8B6312FB2B878D2316FB1EEDA48DA16 + F5A931BA8EBDFEBAE8062F16448673C0 + stream[192..255] = E2C6B92FBAD227F290A7A9D1531A8D3C + F3A917C82EB11D06906A4346AFF319F5 + 2775D6C7E875735CB27F2AEB47602447 + 6B082B5456451E59F32D7D686D7089F2 + stream[256..319] = ED0FA8F6AA4FAFE305B50B3BFB15D343 + 3CF3C2FBDC26EA22FD338E3092CF241A + CA7811A6B43926C44B3793B688249699 + D14BD7B96B673D1523AAC4319EA20BD7 + stream[448..511] = 16AE0F67EE8D38383C99346E6CF4B2C6 + 0D9BCE5D51079DABE12ECC3DF35FCC87 + DF262C0C29682B4781B6EF6C78FED514 + 16315F6FE4D13E35161F258F265D844C + xor-digest = DF2AD8769752D0C96BC203E2BFE0CE51 + A06960745BD6BB27E9225F3BC03C363E + 534220F2878D06049BBE7D962F65FB68 + 39114CEBD2F1FC8BD1DF4456AF73E159 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = 21BB7990348C2D479D705887028D098A + 665EC277854EC889A9F74FCFE6AAA0C7 + 4AE0925DDF53B60AEFAE5E4E0264AB90 + B7B9A3BF997705E84C5287D7FD999168 + stream[192..255] = 7D5C6AC259F16A873EC6D7AFE8405326 + 350AABFFF35FB606751883A82FD52129 + A6206A2362B26F00315514F280C9463F + 025D120635CDF53D774A42D6D25DD505 + stream[256..319] = 9583BB2B1E762C0AB62117E6C3DC71D2 + C9AFA9C6A52448FC32B1D0AA0032B7EF + 296AFC632D840815E183B0C4C4223BCA + 42EB1E7C7B59F61A657A3ABFF5FA167D + stream[448..511] = DD760E2C49D6044263A94F16299588C9 + 2D231044196A3716E6D4EC5F40DC3CDB + 4974F425C1150F414D7EE7C23F0BAD1D + 3F8FADA282157BB259E02CC69F46A8A8 + xor-digest = 30FCC419AE938C3DC100014EF4C8C485 + 515444DD710F6C3F31C4A5D8D541F3D5 + 909A8FEBDBF9D66A8B3707311D96FC77 + 82549AC53B629F4CFF86C84EAD1D2A8B + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = 12767FCC2C2272AFE2885051D9067C2F + 6A90198FCC2791127AA2C4C60F0EB034 + 15FAD1B68FDFFCD45856B4D41C2BA14E + A62E7CA54DF9C4ED578C977089561EC1 + stream[192..255] = 1FAA9DC03921FB02E2585AD83F0C7FE5 + 73E7D0EEF5DD8506F75832C3954E7446 + 86AA581696BE2EB08BE60DB1FD55CD85 + 503988D4A6D02DB35F99808FCFE2C0AA + stream[256..319] = C1E0ED9DD57E773DAAF0F64D59E89055 + 17ED01A17BD285583FB4637C64AF0237 + E1569ACC212CA0B7C71BA61711C2D18C + 8C160F8F977FBECB551F4EDE059D2FBD + stream[448..511] = 22E09B96DF7AA5217DD9420365AD72A6 + 187BD671C128F654B3574E184CC126EF + E76CF3792FB90C4A150F9E38C378E0B7 + 11674B61A75D85D412967B61A1580269 + xor-digest = F94EF3ADDAAED466EDF2BC980BCE9A71 + F00F03188ECDD7989714F47B1413ECDA + BA150B8DD479514BFFF379B52BB2A330 + AB56A0778A70A8B6CB651C6FC14178E3 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE + stream[0..63] = 75FCAE3A3961BDC7D2513662C24ADECE + 995545599FF129006E7A6EE57B7F33A2 + 6D1B27C51EA15E8F956693472DC23132 + FCD90FB0E352D26AF4DCE5427193CA26 + stream[65472..65535] = EA75A566C431A10CED804CCD45172AD1 + EC4930E9869372B8EDDF303098A8910C + EE123BF849C51A33554BA1445E6B6268 + 4921F36B77EADC9681A2BB9DDFEC2FC8 + stream[65536..65599] = 227CBD5D7AAC2DACA9D3A1D86E8F7628 + ACF6787019B4FBD77EF63478C19A51B4 + 9F30EDE4FFD8623DD321A35D615FECF4 + 8D97AE7B33FBF5C0DE5E6B4CA286002F + stream[131008..131071] = 11D4302F3C7A3E406AF5AF012787B688 + 2FA8339F65CB1D2C5FA794A0FEECB9A2 + 3F3702D754F3C3D66DF6F528F5E7BB71 + EF182B4231B142A1845191D38F0FC578 + xor-digest = F749D03DA53D00A655D2838FC0ABF859 + 8CAD7E8CA2B07D4F9B52388EA4261B66 + 51E180480B9564819C068F43594C59F3 + 211C498A56EC1257A5D90BB8E03FB45F + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E7 + stream[0..63] = 1BA441EA65D9A3E7AC17D2BF53A1B987 + CEA9E0B112AA62D55B62E7BDF207C841 + B73FBCFF77B8E6ECA376023AA19C4DE1 + 2DE0E74E8F428C309680377ECACF0F26 + stream[65472..65535] = 9C28D7AB26676CB3A971CCCF8F6C82A2 + 5E6C7BB937871B20A93BC36961E821D5 + 7A9A3A29D7E6AA92EA07095E100D0F51 + 256E43A055D6558B349452F6D346F422 + stream[65536..65599] = 8E0829DB5BCAE53C76B340AA85F3EBC7 + CCB867957681D0E225DD9C2430383279 + 1B4DBB74CF22F8CCC228C11C0C137DA5 + 5D463DC22B2F12F871991F345C5928AB + stream[131008..131071] = E13A1C5FF0B146050B890EEC6A914616 + 54FFE14C4204DAFA62A24818DB3C8A1C + 74DD045DE609E371920CCD8576A4E941 + 1CF0ACC364E599835526B962F9842158 + xor-digest = 3582DC0AF7F3AC561463091B3D2854A2 + A607E241637302BF7C6EDCD49D5746C1 + 8661C1D25A51FAA8B7BE8563E7426FB2 + B4E0EDC240182161EF961E9F98436C8C + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F0 + stream[0..63] = 2E5DD6E06C30836003EBE45FF08E156F + 497F1493C8F5D244E82D64101D24ADBD + C30071E5A3345F7023F42A5BCE77E202 + 40F81554ACE2A277CEB68DF0DFE38FF7 + stream[65472..65535] = C4859A0C0760B39C79FC57E5196C3395 + B656E2DCC0A1298921BF41ED63A27DFC + 0953F9104B757415C128664163DE7F88 + F2CEA02C079E12C8AE3E25B0E5CECF4A + stream[65536..65599] = 32E910AC7BA4236E870D888883CED15B + FD2523B36A2E994C1B06C17E53BDF9EC + E0DBDFDFE869E4CDAD83B60CB431D727 + 0770820FFA9DB6E7534B08E6A55421A3 + stream[131008..131071] = 9756C4798B22B7716E69D119764D8249 + 2B96B0FAD9460C83CB178812C4A78A4F + 846E404CE0189ABAF2D015E9389F2A07 + 674B1065EC9BD45EF6ADCAE5579BE0ED + xor-digest = 7217FD4D1913595DB6A837A594A2627B + F08C7764863A446261AE5A4EF4F4FADC + 3D2C040E3D08C3CD4B702B7A977C8700 + 4ADC316A1F8958B612661D2B0A591A10 + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F9 + stream[0..63] = 32224DA57726457257BC771AD362A4E7 + 868B71C660AF74A622CEC4D2179B8C16 + 6CF4D9942BC8FAF2B7E4ABC537FE47C7 + 1CB7C861448B15DDBE0ED54688CADF01 + stream[65472..65535] = DA0C4633EF6446BB09F2F55FD959B20E + 940B5C9372EF631ACB603CD1A20950DD + DE5EFBFCDF3EA6C6941C1ADD22072458 + CC611177FF6E9BE2EDA335C2D846E8E1 + stream[65536..65599] = 67BCE4E9D7768610F8E157524369F727 + B85E6A649F8A90BB2AB57CBEBED587DF + 497E119A7244C4BF186E13B7A4E8306E + 8BB6E21F5B7AC1902DC144FE86738821 + stream[131008..131071] = 64F6FD593AEB95BA4EE8E36C850B9BEC + 3241F8FE72FCEF1FD7B0F4C245C74651 + D9C7C22F61C9AACE0BF757128075C5A6 + 020BBD5F20819A8D5E6B474B3546D60D + xor-digest = 4794F7ED490F7F0A9923036BA1E1E50F + 52E811B63B3935D851D92E86E4BDD638 + 9028D17DC34D8ADBA58E9EEF54FC53F0 + B7925B8BDA29BA73F46C52AE52A47798 + + + +End of test vectors + +Primitive Name: Salsa20/8 +========================= +Profile: SW & HW +Key size: 256 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = B1F599E9B0D96DF436AE31F5EF589565 + B92D245DB5A1D4C7A78E5E8D0146F8A4 + 9D326C1A3BF50C052C9C8F114DC74972 + C4469591E31C9ED11927AA9871F38583 + stream[192..255] = 0C427AD0D68D752517649EC6D311FE7C + D71DBFF6E6217B91A83D45F33F5E5224 + BDF86D09A132884B152105842B5BDCA8 + 6A0B1ADC568F5C04B4D021A2AD3E0E26 + stream[256..319] = F6E86C2E6F768A167E484A4116A63322 + FCE370FE40623A13856550E6A3452478 + D8257E4B7322D3B98CD8505E21C54A31 + D78F9444366C72AC9B31FB747F7F2592 + stream[448..511] = 53BF865C66A344CFCD19177476A05ACA + 5851CC45224B196ABF3206D899E7FE3B + 13B3F028FA849B5564561A9181EA69E5 + 12BC34DA29180CDF6811E40A9A06A8D1 + xor-digest = 49D1E5B6AF120ACBC4DA7CDAF3A5DF90 + 0FFC60D671AF58AEEF9F13EB2C182755 + C7C105AA3986BBF3F9BE4D70A190A0E5 + C220D40C1A367508F79730E900478C62 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 4CB569029A0127DD65804C8012699F64 + D65CD08465CD01913AA15609B2D35DF2 + E6BA9D5FE91CB92BD90B8DF2F0EA0FBF + 6AAC7BD2A15113DC760177392B262BD5 + stream[192..255] = 7C3919176346880B76B9C35B0A795D1B + 290511E7F12A5F245675B0A14B0F538C + 9DA8427AE3854E9ED15C4C2E2FA2C2E6 + D473827114B77E4E71FCE5BCB65B9A26 + stream[256..319] = B25050372A8BDB17E770128CB4F9A17C + 719DC8011FB46D3DED31E460F83E5062 + D259CA69D9B6D5705897415C84A1AD9D + 4982146386500027CF407937BED8D26E + stream[448..511] = 9C82A7E1DD2465AEC5217EE872D3DF71 + 9DA787F72CCB18063BFB2BF53CAF01AA + A3B11ECD69883A86C0780B06A508FC2C + 4651F4C31C39B4070D8F6D2CD4AC2670 + xor-digest = 07D09FC6FA2B01E6DC525BD9245FD45C + 540F2AE6FBEACE56280B35AAD326BC1B + E6FD402B0B6AB726B677A9023098D44C + 9994DA8CF944B6BDF05DF1EBEE51EB16 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = C0A04790E17A7A886926ABFE0E3D5E58 + 63E56A6FBC83C0D77FA3F25A9E686427 + 519E31D1002611C8FCE04D66A28BDD15 + 61EC451BE47829EC2FA1CDF9BFA67EE8 + stream[192..255] = 695121BF3742871F4434A18215C6AC86 + 9A7942DE2F6F690A7E90DF81F514E0F9 + F604B8BF7F0CA50EDB683F5B993D718F + 85A2E7B2291A2F25B5BF56074F8E5DE3 + stream[256..319] = 1F8E83DBC6D2BCB52081EF727D4322A8 + 426064E91F77AF3D4F4EF2D89CA23B8B + BF9F33A77F877E03A04A3AAA6668C4F1 + 6F986B9AD75D2F44C4C5F0B6F54B5CCD + stream[448..511] = 141DFAF364F212DB39E6474D83B5FFAE + A16EBF06F9B8FF3285FF49183891F210 + 2EB3FD2EC15A8995B265D43A0C4A0688 + B4FD16777F6FA59F8BD43E3DF0E10533 + xor-digest = 9D54797BCE381D777FD5FD3F7A31557F + E049E858A3A438F939612D121DB40D9C + 08A48300967D606D6249468B40717541 + 71A67AA1CF8BF70393D2506E625EE4DA + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 07ADBA33B91F2442F4FF5CA8BD0F42C9 + 638D1BF3FD502E32EABAC76D42ED1FB7 + 3DDA60E286C47702A7C1C25C5FAEDCFF + E82D3CF45B0D0067529AAEB322EFAF0B + stream[192..255] = 0EAD07205E46F5296FFE1501EF519C12 + 00E14862FDF94B158648EEB670A23834 + 597C45CD4ED741210CB2706CC92FC772 + C6A4CE9F943516F983D3465D4B110109 + stream[256..319] = 279402FA512C11465E6B284DFD807DA6 + 4BF1C57D9FB56F22B699864C53055E69 + EA0C92BAB3579A7303A6BE57183F6FA7 + 4D37A3289B17DD44CFCBE114B2F17141 + stream[448..511] = FBF61845C9876405CD3F870145AE8481 + 5152F3096E5C6CADCB0E5315994635FC + 8BF7464C9C485ADD489CFCE9A9726137 + 604508267FFC4B51C30B9B8CE9209AEC + xor-digest = DC5375238A230A60CCCF708D023831C3 + 42D8EECEE0CFBCBDFC367925F6C20D3B + ED686B77D2EAEC2B228A45C7E4097BF3 + F6E337104105819703C83E09F29AD293 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9B861B2BABF0E5471083DCD672635228 + 1A9E4FE7930B84D2F54D44F177A4A816 + BD5612A5E62F04BA4525A09774DC1D52 + B623C19063E6C47E10A227313D7CCEBA + stream[192..255] = DA9DAADFB3C80EE4BA989F19244E1455 + 69DF581AEE6EB2465788FB90069B090C + B86974CFAE8854521E40F55F894BFD89 + A602A3ECABAE65D688268DD14A7A0272 + stream[256..319] = B62EE6B6B96CF39221BA017B69485B4B + 8B906BD9748359676862CB1A573A1DAD + 21FD852886D1917E22BABF8C8D1166BF + C3930378CCACEF5E147F451806A0E998 + stream[448..511] = 7F42DAF4A82E6CDFB55E0A39605DA988 + 5DD6305D933F22EEFDDAEFE5AAB21F8C + E3E236D48597E511EE7FEBDF2118D476 + 18A1BCC340744F9B99763E946215B337 + xor-digest = 8D6758522C2FF11EC704DAE50E403C36 + A6388F4E1D0EEA6EEC0E9D2AB81C9785 + 65BD094BD406143F870F5A3F6D427250 + 29FA2CAAA287C2B47632CE1DCB675E65 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = EFD63D5F2EA5E92AEB9497CEB1D9890F + 4CF4BA101F6B7B6F249C8F374245722A + D3FCE9F513C43AC16354BD586FB8EF28 + 916D8201879CAFE95BFDF7CA50EC4860 + stream[192..255] = 59BCA4481F0DFAD0EA84AD04A6D11F75 + 780FE012D2CB4D98DC6E4CAC594B56E6 + E35E932DF1FC517E317F6509522D5DEA + 8E87EFE299443F6D66BDFCA965F12302 + stream[256..319] = AC241F1FA1588689C330FE1EC23EE831 + 377C2AC1109E45FAA234967E1A2F5BBA + FBBDAF34CA55FB87BCF1028C92A463BE + 630AEFAF54B55C0D1F6BED248AA47192 + stream[448..511] = DCD6FB74A6272A2805B204A50B05C8F5 + C2A1C9737617F0ECD8ADDA477334F659 + 804BF91ACC9F8D2CB17920497B1EB869 + 82196F1D747D412D2BF64B68F4EBACF6 + xor-digest = 90F59875E07D0A48AEEF182C2C3EA28C + 3A74EE0545F2166166BA830D6370162D + 604FC2D004BA140A34C4654450FE5F2B + E5E8CF2A783F3374343DFBCD9E63E185 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = CA042B270792B9B52C590A84E62E1B50 + CAD3779C8E289C56DD2D51D948AEA365 + B0F3E7DF129FFFDE8E5040DBD24A3873 + 5F527D0C644D149AC5D24107B1CD8B7B + stream[192..255] = BFFADF9484E10627ACBAAB8F40485CC4 + 530670AA9BD9212E7C9A60DDFDA5E907 + BAD8C68871208D34286AFFB3AC196151 + AFD2D923DC42B44205C95E3BD477252D + stream[256..319] = 5C990BBD0CBE3C1EF941574CB0782104 + C2E9B5A907DB7D2B63F5B193EED2423A + 524C8DEF1C0D7BD6ECA189B9D52D0AB7 + 8C4CDE063444F2F220318C251D8DAD7E + stream[448..511] = A503586BB9140732CE9221EE39C22F06 + CC4974F9908C68A4C60CAE1D5AEF395D + 9659D5DDFE29559BB95EE03F799DF676 + B74DCEF03E249A140446D258FF806F61 + xor-digest = 77FAD92BEE362C9B37FF7B0FDFBF768F + 35DB5698B9E61EC3AE3548AAA900F6A2 + 9CC73F1FB05B84E6D6B645B133AEF05F + B6A7CBE64DFFAA3C67FAF919EFA1C95F + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 447536116FCEFB706304EFB5959CA278 + 6F8F99F4EC41475403B1B296DEB39A6A + 7B727213948804C896651BE8B109B311 + 52F419E77778E8B78A3C6F0CB6F3EA12 + stream[192..255] = CA38A7080D9B997A113AE6FD9AB64876 + 842F9652D68C897AB1152D65299A79F3 + C6BC389A6E88719C10F5EFC6E16BC251 + 8B6132A97396439D1A6ED4C172E7D9E5 + stream[256..319] = A8E8682144B118BF37DE2767809DD270 + 698B95A2AB8D60B938244970575DC4CB + A4405C50521C14A014A1937CBB6C6050 + BC94F395272C509C68D38F384700909B + stream[448..511] = C9DBCBFF3A5A1E7694BBF1B095A1DFED + 7AAA951462FDA270A9C594990F187DCF + 77BAA00E35F6D92522B2546ECAE0C549 + 9FEB6C398ED2CFFDB42D79E6D27BCC01 + xor-digest = 69DBA63E3F931CA3C389C163B436A393 + 2E130C1F3AD10B2EC40C976922E50F34 + D2F7FD5E6A7F8431F793986B6249B00D + 2411FB03476D230A514D13C6160A408B + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 519BEC70D73F65AED973F1CA27BB09C1 + 15E1CBF35B983DDEE060A8874B958ECE + DD9A2BD8F34E449A920D4356FF5D704F + 96159D51F77C72D960AE20603CBE8DEB + stream[192..255] = D934B37B0122898DE47979A6320A2339 + C50270DA713941BB36BB8673596E3A94 + 7F419E36D9BCBCB217766085E2BFAD15 + 5B95CFEA99827B4375D7EB872A4A450D + stream[256..319] = BE6D58BF305C672AB4B88A17C34D1735 + 5D900889F71871853D4F96E516606007 + 6734F63D91F63C78FBE33A548E7E3F98 + F50193F48C5DC8AD84CB73EA7190D4CB + stream[448..511] = 7591FDC95089C12DEAE0D09AC184DAAD + C82196221E44F6B64708F8569C884AB4 + 6CF600E10171C27D6B79D37865BD258F + AF812ADCB91212154393DBA8CB929AFD + xor-digest = A7762C9455180049C6C210FED3F21A5D + 062C2EAA3D5079F0F855FF7784BB2FB2 + 440293CB863EDC530A2EA4E0AC7A8571 + 013704A1F0C21C8EF3E7B2B37D3DB18E + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 8700CE466B97E3A2D800527A2C1FF8FB + 47C9FAAC61DFF5933FD4D3FABD7B3D60 + 0330BC60048906CC5985BF4DBE596D3E + CAFE0D419A93495953F46F269734064B + stream[192..255] = 238AC7EC0C6A93320F2424D50219718D + FAAE74CE5D00F8EF75818B3F67FC5ADA + D6B1DFD0D2819CBB7646636618815E50 + 4DBEB131C9C5769656A49D9147F7092A + stream[256..319] = 14F5ED9BFC53D4659BE0B2A7156FF011 + 88781ED21AD718047F09ECE0E49D95F6 + 853743B3CD3288B8C4AD2A0E80BA446C + 7C8EF3534B4AD897E824F960F00E4D2E + stream[448..511] = 2021937E8B5E89C749C0577133C99265 + ACE44D66576158FB23D1E25D91483CB6 + EC6FBB5841E434D1B5A825611283C524 + 28B5953D04340C5568F0823BE8AEC8DA + xor-digest = 93F5F5B07297F5A4BACA9D7C012C960D + 400585244F0B7A9E6A6E69B39932CD3B + 505F00765C49CC1142B9245976430110 + 44F9E02B6CD9400D9A50F9DABEAED5AE + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 72202D20E067C42A49F5645B8D1560EB + A4630180DCD525856CE9B6676C8E0F5C + C2AE48A28593A7699976C28BC5B14B62 + 077097FC95CC07A9DD4F6E61F8979DB1 + stream[192..255] = 4D629A3E50D7B7D65FF1B1C88A2C7C04 + A33D6174303C341DADD45A31E513172F + D0CE19EDE7D20B0865F7995999C4AE61 + B8C5362F767D9C3E720F52647A9870D7 + stream[256..319] = 318CAD0E25D89C16D7DBBD747E7BAF35 + DABB3174BCFA045EBCFECFE98AB958EA + B860BCFD96276CA3FC019C01ACB0B8D2 + E913E018A6E3BFB7B72E9792028770D1 + stream[448..511] = AA7BF09450349CBF872B926E56CAC975 + 2F283DA6BFB57408E30AF518510C74A8 + B2C7CDDE5BE0D73130F65D18961AF873 + 602C3A4F96D69F2C9D1121BFBCFC42F9 + xor-digest = B2332974E876A8B779A1794D1CB9A1ED + D4D82261C9B8992E6109A398E7C6D469 + 24D46C6532668C21B5AAEA2C2FAEC623 + DF752CD4D7D23B3537CDC9F67A18F213 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = BF617D33B6D76276B90B009F2E1629C1 + 8FB4644C13D8B016D6825D3B3C243933 + 36467E8FED98F3470628A3365C1238A6 + 2557E564A3E7E63D4F38D0178BB008BB + stream[192..255] = 121A21F86100F080ED24CEFDC40C7BCC + 73F972DDBE185C7AAECC222B14E85ABA + A68987F463157AA3C6EE7007EC9053D9 + 37D63204B57F477DD38F12ADA39305E8 + stream[256..319] = EB5C3917709D8259E0BC46B2D5D8D91B + 215E6B9CFB767C2BD20CB78B1E317024 + E548123E2BF286F9D97B4CFE20EC9A54 + CBC86E4ADE6D132B0CA51B31F527D83A + stream[448..511] = 011EEC5019295F0A57C0080125EE678F + 25753D98C89B84DD2A43693EF523F637 + A58BC4D3F87A8C7B5BD534678DC9A927 + 1AF4931184C848BD45ACD781BFA34F13 + xor-digest = BEF2FC04056939BAD7EB5903EA31FC15 + B1C84C84B830872BF32FBF9C8E766B57 + A672620743ED2B281E3422A416FF940E + DF36283008D368A2C75911C12A6E5392 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 96442969A2C1DCAE04BF53D9CE9548FC + DCBFCEA8E359F44D38BBD6E3CFDAE006 + F3B82C55610AEB8EDCD97418FB80E332 + 17ADB7BAA671183CB18207BEC9815BBF + stream[192..255] = 3BE157F78E46B64DCBE7160DA4EE7469 + 5D62D99256CCC55B4A52C15A00C6EE04 + 254DBA97CB076B2659DB7A27010F588D + FD2E4FF758A152F49C3832DB15453AFD + stream[256..319] = 7C1089E9717EA02791F17783A908C24C + 45C7954073FC601F9C76413F00F34A14 + 85C9D30A735E47ABE0EB411E188CB58D + A11C21377210C0206E990D3EFEC086FB + stream[448..511] = FBDCAE406023E5A63192616A230A1CE8 + 161BCD7D8F53A036A2122F1C5B43824A + 0DE3F44233F6B53081752D38580CDB36 + 8CF2B9C40F47864C92A969A8D005834B + xor-digest = FC5952C6971DA1DD0F3E5AF2BBF0B59B + 4DBF4FB8E8670B3AE8F8E44C76A11ADD + 0C1B6C69BFF35D92CC5E193732087997 + 88B68F21BF932117DB89D07EFAD9735D + +Set 1, vector#117: + key = 00000000000000000000000000000400 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 10A84B30D0AEF7DC7A03915BB4EAAD37 + 7F43F8A1D5FBA4C8C86A0E2003AC7E53 + 47DA3690CF9F67B614343E8329DB664E + F5214C17A8C80C81342F838D53323C92 + stream[192..255] = 8CB02D8A4470E72D38A8BF4658D7DEA4 + 60830816D331E1BE0560BF877824D2F1 + 9F215CD189469AAE71C5E59DF8EAD3BB + 19FCC868F8BCE27A004E1FD8EEAD1FAA + stream[256..319] = 328965EA1972678761A7FAC57CE2B616 + 38D091E805D3D80FF8C89A60276881A6 + 0FD5275FABB3B4BCAEBE3F4F1FCC5830 + 8F6C7052DE6199FD9E68309E2428AD4D + stream[448..511] = 9E6A09D9474DEC4BD4855DD9D10301B7 + 1A337D046D71710C378D43099BC920B4 + FE8DF45FA221B5DA69C7BFB159A90DC1 + 0E32CB9B16D0275F4FFE9FFA58269885 + xor-digest = 1EE2BA9F4B06813F5A3D07060CA33CF6 + 627114562C94191A7B5BFAF360A620AE + DA2A096A57D324CFDE21739F40636B7B + 4491A674E6EAFCD5D68F88FB4B509844 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 4F213EF1F637777C8415D708A4528C50 + B9BCA3266A8A4E833D0917AE389E10EB + 375FD20F0B276F171B967E93DDAA9ED8 + 38408EFB6F3C863C409AED7A71EB3083 + stream[192..255] = 7F99377159EEFF8214A76A2066B6995C + 56D28AD7D8AFD65575ED8DA9F26EBF7E + 32D6348010DCE043378B633CBA4103F2 + 36E8C44705D318DC64BD68B30316A128 + stream[256..319] = 17B7242DE05C29A81C99DEE4FFBEFBF7 + 3CC6263AB735AB75955055FEF4298023 + 560FA8C1A075E435E0B7054E57EB8830 + E634EC4CDEFDB5136725259F8B3E538E + stream[448..511] = 6AF6813DA738CEF56D933B449AFB8286 + EF986CCDC94387E283034061E7397747 + 85D28C9B12C48876CDE0031D8666CF51 + D8CD2DA3D665BF2BE82421D9DA3D91A1 + xor-digest = 4FA0B2B334897E5C7FC06AED04EA97C9 + EC594C95BCB4336B09FC5A29212185FF + AFA959C5C72FE0772927EE3735448472 + 958C2E3609B0FCC14E10C5884FCD1B6E + +Set 1, vector#135: + key = 00000000000000000000000000000000 + 01000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 93B9B64F1CF33E32AB793B6C011D9D55 + F30ED3468ED2804AAD47DBF37DADCF7E + 835EE714DF2EB7F735EE0B6F7977A4C0 + C12EFADE37DDB779302387A4C2BBDE99 + stream[192..255] = 7EB6BB8434D3A21045DEBF33367706A5 + 37D99FFB920EAD1142C26A3827E5A629 + 16F664867C8B0D75BB504A522E26C91B + 30C5279650D28B62222E7221E6BCF5C0 + stream[256..319] = 0FA62A7BD369C9711E46B430B72A4697 + 5CCAA00F5C10368F73FA235217415572 + 8AF6FE6F88C2DCD84B8E61E52A526EA4 + 791AC2BB17E5E3C24803B70DC85A9134 + stream[448..511] = D40442FB3A73590BB338263E75636B4C + C35FC8E5BC69B5158AFABF263EC75CCB + F46DA40285C90F100EFF8C2D61996B1A + A6EE155C9DA4E268EB9B4CF6DECCDF96 + xor-digest = 1258509D8CEE47D464B1AB7FBD755F0E + 8FA37399C669E0B1E58B51602E6BD55B + 6E23225865BBF5CEE948E494390B504E + 7BE2D89E920B7DCA88B821FE32112F0A + +Set 1, vector#144: + key = 00000000000000000000000000000000 + 00008000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 2ABD4F4AC5206509C5D881C4EBEBE70E + 9D449E81D026C1C91A6AA1E23605246D + 2A6DEE518CBE2B7F106FCD104C176614 + 3DB4412A56F112AFE7B466C2EA345803 + stream[192..255] = 4850BBEEF99E7140942709515032BB62 + 7C77C95C8F2B78397F94DE35B7471B09 + 21208B475369CF843A54EB51BEE4E696 + CEE39F24DF13DCF8B4C6C0198C2B5063 + stream[256..319] = 5D2C579DBD5623C5A8DC55C6F56922D5 + 70066703851217A856E512E5D0DF9862 + C635D71D1BAD417FD0404B55741B4B66 + A3DD966EAEDC7CB832E9178F2852C32F + stream[448..511] = CDA231E1C20FA371404A0E4416FFEF34 + 80F84C27541761EFA64753341762E22B + 837D492A671BCBF8F653DAC91EE9DA7E + 48097BF80B49CC1B035CC9F2D7965114 + xor-digest = 60635D5975273E169A2CD1DB9FCE2309 + 0139649729C0C4468E604865B6DFF800 + 38576336E80459F69A97A01CCA1CBC0F + 321A27875A1C5BF43B43005B2181F660 + +Set 1, vector#153: + key = 00000000000000000000000000000000 + 00000040000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 1721330A66CD0691D553CB18DE9E5766 + 7014598D8146EE13F7347B687020C12F + 936CD399F7B7CA653939E86A085AA5F2 + 8D2B52A05EA55E192B9EBA9E8775316C + stream[192..255] = 14561C341893FC8428F529260B27AD62 + 4686DA00F3FAEC86B3FCA66693213BEA + 13055A0C7C6CFED044791D07BE39A29B + 3F267A120D26CAD0C546AEA3EC77FB7F + stream[256..319] = 64C6553F6B6B591E2B69E73FBA76EE5D + 5AD7532BC4F2C79CCB4BD71ADAF73D9E + 91BF0CA33D74A364216E5C6A466F57B9 + 62B6BE4EDA87E6C2A34404032E99BE5F + stream[448..511] = 8BD6CED81C74859FAAEA46487D5DC621 + 99BE28D2D6F986985A55B2581DB2174B + 4EA1A1F6E34AF69EE060EA06692349FD + 4F75595E1D1F041996BD12B818342E7F + xor-digest = 1D144973B630BE518A8FDB2C311C86DD + D01B0B4BECFBF3B0A750530C942B684B + 62EE9CFBBE3CD34EDD162B31CAC86605 + F15997704378056A3C7B4012DBEE1CDF + +Set 1, vector#162: + key = 00000000000000000000000000000000 + 00000000200000000000000000000000 + IV = 0000000000000000 + stream[0..63] = AE0B0C8E1E83B245F8F7D9E1EE8AC0EB + 551CB5F02F89C233BF6F9D255FED4EA3 + 0D050B09B4F93BBCFC13D92F0AD2B92A + 08BD102B75C7B460DBD0EBA78309E4A6 + stream[192..255] = 5BDF8FF9D06CAC965535476FEBC33EB1 + C02601FB7794A0ABF883DDC0440CE7C9 + 25147614FE7EC19C133975FCD5037FDD + 4F8674A878A8C5DD9118CA458EE8A23F + stream[256..319] = 735F2EB52956E2E90A36FB7CB6173108 + 78F204A9541A57005EE230C3B48DFE46 + 85CD0A2A0A2524BDF0D9750B845FCA06 + 14FD99A42CF5C4FDACE838BCEC5409DB + stream[448..511] = CCA2EAD7C6F773AB74FFB4306C0BF663 + 6FF4DDD03295A0523DAB96F79904C644 + D67A4B8A194D469D2686A84FC34144CE + 2BDF552222B62C6BE25EA5F946C41C6C + xor-digest = 33E7B12281A2E4F36ABF7F232A9AB873 + F92D08AF10033D77DD01F44CA788A259 + 124610BEBAFC0A843253BB788694BBC2 + F5361E43EA6BF71101E7BCFC0D15157E + +Set 1, vector#171: + key = 00000000000000000000000000000000 + 00000000001000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 1E99CD4AAD296CB1CA8212A4379316F9 + 685C46F41FD2A16D41391C3EDC5F29F4 + 6E852AF7E148560ABE4A041C17607D0B + A07011D870495AF05C2B8170C9D7EC00 + stream[192..255] = 1B7FD751EC259E504E2ABF79BCFAA73C + 48EBC50E2FA79389A40D2B1A8BDC095A + 0B0DB6637601843E65017A3162663D5C + B8BB2EB6E8E4554C822B0C2C71F4D703 + stream[256..319] = 49415396E1B5DE631AB0EF5D1678B7E3 + 61745B5BE630B703B8742EF81828E8B0 + E3659EC3CB96CE85687815DC156BD97F + 47470A16070502664736F9591DBD4092 + stream[448..511] = 801592A56923CCC15DCB304003AD6365 + 2D0FA02745A27951D250CAD369AEF453 + CAD4357CE78D37B2E7FD0FFCEE0129DA + EF81E6B7F745AD973F639543C9286FEC + xor-digest = 4B010997F497D09C30FD7121C8CD905C + 0CE3F6CC89FF2670C60615F33CED3370 + A30CCE37A595AB986912BA6E3AD1C2E7 + 84E45D0D9EB801204CCFED471EA83B1F + +Set 1, vector#180: + key = 00000000000000000000000000000000 + 00000000000008000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9A2BEDD8BD0B375C0A75ADD271762671 + EA5185A04B157DF446731E48234AF756 + 4A4CF77DDE456C01051C6B7E4B75E9F8 + 5F7B3835DAF3089161B34D1EC5A9387B + stream[192..255] = 949ED265D2A7C47E09B0C2C68B51E867 + B0E2BCED4C6F1BDF34F18BB3542A1A42 + 97CE27D8E5573B90F6F578187D734E17 + 66D670C9F3581CC0AF5540FEE65CCFBF + stream[256..319] = BE33D393CA7B090BB75C2A4311FA2F51 + FEB72A898FFAF9511E1930A7594D195B + AD346C394B8934FA06FC5FCF67C46DED + 9AA390F66390DD96B5804C8AF2F53042 + stream[448..511] = E3BB844575F02F946779A1CF49CA86B9 + F8523EF427A75754C225D632A1463B94 + 08B92BF20CF653FD4DAEA3495092D152 + 8B78525E6D274A9E0542B469D724630F + xor-digest = F3E1F312E101F545E58C55CECB47E7FB + F83775B7E1D5893CDEE5330E0B9BE4B2 + 0D7A6B792208ABB400C42A566EBEE0C9 + CB87EBA01B5278925167EAF90EFEADDB + +Set 1, vector#189: + key = 00000000000000000000000000000000 + 00000000000000040000000000000000 + IV = 0000000000000000 + stream[0..63] = 0CC2D49A59818C0B74EFD0A555B0552A + 6F030F836F963E2CB521593C0BB6A8BB + C2EEF63A443FE51264F4F7D9AE304E35 + 0CB90D7823DB58C59E4852ACDFA1CE34 + stream[192..255] = 73EFFEC58DF9641C6FFFA948AA1091D6 + AE3D95DBB04FA525A7AD22461274B332 + ABBBF6C8C2618D65D68191EBF27AFAE2 + 1D186243B97843E9CBE6642D4D75AD58 + stream[256..319] = 0201BA02840063D51C7941E0611F86CB + 954D4226EE4D339309A28F8A84FAF0E1 + 52B7436CAD5A50045618F877F04F7595 + D11E466A2CA6C9063B66FED078036FC3 + stream[448..511] = 5E695FF23AE6809FE3B01B33507065B2 + 7C249ACD3D4B7CC0111D245CC4C03357 + 9EE05A25BC853BE98095E4FB35DA6326 + 0D1BAC735D5174A54E0F82E1F21FC60C + xor-digest = 92309EA0E6AD6726DB6206F0F2B4E4D5 + F2EE891AE518DF98793BF15D6586682B + 5B1AB611287F1FE908B36D6F83E30A49 + 5735CF123BC47DD8319B28CC47F7B7D2 + +Set 1, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000200000000000000 + IV = 0000000000000000 + stream[0..63] = 59423E6E9B1A21CC918175AA7EE9402A + E3D0F851CCA4BB133065351258F86B46 + B86D5B99B2A04FF3A6D875802ADC6E0A + 7AA25D82D372AE47D781D938DE3C264D + stream[192..255] = CFFBA066A54C8539BEE98D250FFA7050 + 2CE46F4980F7C153DB394E3716DE007D + F3BE6450A5DD7C07F63942FFFECB4984 + 739C5425E888EA0D1EEA6764FBE71E97 + stream[256..319] = AAE3D2C3C8AF44EC77DB8D85B6C8B786 + DA367E2C8B80226B41835A22315421CB + 724DA2B410052A31383D573F357712DB + 7C090FC6B72B4FB6DF97C9BDC546F4C3 + stream[448..511] = 01CAD4D634885EA427463E3497A24CC7 + 8693ED36C969ACF63129F8E258DD33CF + 24926D30B152AF4BED63704688B65890 + C5CD1C11ADAC9B2BC7261BD8EEC6AF27 + xor-digest = D3ABF9A42F5D38E479F6244AFE033C49 + DB612CD455ECE14910E224D6BF82A85C + AA5FBCDBA15973C2DCA40DDF31C6F934 + 9615C2109DE780884B1C5E739BE07FC8 + +Set 1, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000001000000000000 + IV = 0000000000000000 + stream[0..63] = 24340A3925933EEC1B024399305480A5 + B2BC0413253A55E3E207E1FDADB6C02D + 663BC849006E66404959D0CF201199CC + 08D3A2F5B43A4E46F811ACBB6C25C5DC + stream[192..255] = 159EF67E0C3A6859D0B668EAADD38F66 + 1AE3E58F4ADE4C7B4B6DD69E74AF32C9 + 187FDD6D23127A7B52F8BC9A316F72BD + 6908EB96E8A45CE55A0D9E437D340301 + stream[256..319] = 87FB9628930F05C6B63A6D35E079793E + 4DBFC0A6715CBFE372983414D0BE145E + 47FEC39F509385DBB1974C11D93A1696 + 50B0A3D9D88E242F03C7C3538835A8EE + stream[448..511] = 81C30946B8AD366786BABEB3FFAF279F + 8946AC7AC82D9130F0AEFC59196C56DB + 3FEF19797F59560B8D03DFC67033FD90 + E2268F33A911E632A491523678F6E96D + xor-digest = 554D7D2449638F619200887D59806D48 + 9A8A2556E546551C24250CEF82D7165D + 34B04636E6A0CF53E2810C57911FD6AB + BA443BF607FFB04AE0499077B0C54828 + +Set 1, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000008000000000 + IV = 0000000000000000 + stream[0..63] = E655934F2C201912ED5B7A1BDFA083C0 + C695761B65ED14382DFA01578BC9E70B + 0BC88B968361B6260135FE30F73A1228 + BC0A8A381F3A9A39E07CF5696F9E02AE + stream[192..255] = 984BBE27CF2DF2DC23B016D65FD8D539 + 18B0E87E018E3E77F750C3812993DD74 + C7F5FFBFFC1C625C7886771019EBCE05 + 9EB679E205620E31517BFA2D8A7446F3 + stream[256..319] = B687D52DADF614FDE06DA36C8708297C + F3D9ADC18E700BFEAFB610ED48C44A2C + CF1A0F20AB470F4D6DE458C4A5E54321 + 6E8E08E5AB1978F268B756FF010167E4 + stream[448..511] = 12843C080BCC1BBD9DCE071D3C524732 + 57FFB02F8551C4352C849E1B0E0BFC84 + 382A089F3DFAF0BF0FA17AB280FE0498 + 253B6E2ABBCA5007D13F45E58120E006 + xor-digest = D1B01B8ACA42B7D69EEE9CEA972BEDDA + 517850DD23DF04F9011E9950D5680DF0 + E681457A45CA4DDDB6383A7C90C01F60 + F7388A468E375AEA65B68F17CE7D250F + +Set 1, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000040000000 + IV = 0000000000000000 + stream[0..63] = CC6643F48ACDCF92546CD95FD763BA29 + CAE0BB9A49AD8AC80F4806DF387659F0 + 2ECAF6A762BBBCA98DAC2AB63D443C8E + 00C7546D1D9A6913B7789AF22344D58A + stream[192..255] = ABBF25FFF6D469B4FF969AA334E3F45D + 4274B51085CF929A525B6ABC7BCE23E5 + 1F4636B8044201679C1E8BD360BCC4F9 + DDB1B153396A2FB1C99433ED173F6848 + stream[256..319] = 976C95C7BA4C47BD12829C74EFD8DE54 + 0A8080673DEAFB8146D3EF2B0D4D5822 + 9DB1AAC242456E82EC9075633D652D6D + 13C52E7515D621A783485AEE50F1D584 + stream[448..511] = D8D7AA10029FFFABF0E4A37C97B79B7D + FE288042C59EC3FE2DFC3A5C85AB1222 + DE83DEC02DF258D40CEA916285C8DB15 + E1583AB9A723A034A08EAC54F86D1B37 + xor-digest = F0E89C4AFBB4A73A394DD888B4A4047B + A5FF6B4377241463D97859E2B36EB3B5 + 96FC9E712D73A66B9314581631480D9E + FB78381498F173D8DDCBBFA3ACEBB770 + +Set 1, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000200000 + IV = 0000000000000000 + stream[0..63] = E0A3179484B3C28C11EDEB480C5745F8 + 2A5A2297E4308958A844667AABEC9B0C + 5918972CFB3F2DE2A368AE8C7FADE377 + B6244A498FA1C9057323F88E28215E67 + stream[192..255] = D8F3A3D0314529DB70DB8C82ED6B3B50 + B331A4FEFFF324924B3DECF79A895D55 + D2DAAE6745E981CE92769B331839A9F4 + D3689A381010B2378629F8CA1EECF61D + stream[256..319] = 26E0D285B77620FA653B95E2B9FC7114 + 0D54DAB219462FC8156460E865EBF278 + 1C22CC62717AAB0308AD43E4648DC84F + 5D5EFCB5D731151F819B94589AAE8145 + stream[448..511] = DAEABEAF8F9BDCAAEF83849DFF5E80D0 + 8DF0C7C28B650E27CAA493393A520936 + CD5D0F677EF1605023A6ED133F9A45B0 + B7CAC749FA615C49C275D8AF655F1602 + xor-digest = 242F93ADAA7E4735371F70B7FDE011E8 + 040ECD9DFFAF11233CCDE9F0DB50D982 + 000F109C6DDE7A53267AF7CD9B3D70AB + 3EF657F5BCC2CA951AFD54FBFA246985 + +Set 1, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000001000 + IV = 0000000000000000 + stream[0..63] = C7455FC561090BD124FF876E0098AD68 + FDEF6722E6759807D15CCC905EBFD3DD + 58853FAAC0CA4144DBC0E97BA86A637F + F2BB40909024B144C287BDC4A5E62206 + stream[192..255] = DD7B556C974A18D612F0CF2FFA1F826B + ED8DF2BD4D61B713CB945CD1E3EDF862 + 873A9BB084CD0EC125242BDC5B7EFB09 + 7E7CF1C634899A30DE57394F65BEF9E1 + stream[256..319] = E5E338F34041779F0DD8AAB73AA5341C + 0A8E311B99131D633585CCB63D82C6EC + F4CD1C6D13CD4586642C06FE872840BF + 8320DA5C839B43815B868EEA224C8FCA + stream[448..511] = 7EBD49D1552E0EC54D4DCFF4143D7429 + 467F49E46061409FFFCA0DBB2F014FD5 + 58DA77E1F049A47ED1F2346212B13C8D + CE762AF4F33C280BCADF1FBEDB287052 + xor-digest = D0D6D92C686188AB848A53AB6149E323 + 42808FFCA03C93B1EC8ABB32F53E72CF + F319754A1FF358946A9C604063EE8D71 + AE216644224922184ED670C191A0EB9D + +Set 1, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000008 + IV = 0000000000000000 + stream[0..63] = 0AB8FD02B07D9FE49B557B1C474C812B + 6B46A16D2BB8000710F67DC2613C51F9 + B29E6F4EB5C92DF84EF2C7E8662F4008 + EEF15E133AF72E0ACE417975FE15F9FF + stream[192..255] = DCDA45C9E560DD7A13375CA8F7E36F54 + 971DFC4CEBEB1455A5239668EF583479 + 9C013D6E39B2676ECA90E8EAD76209ED + F6F14ECD554BF3B75CDD50404CEB0F24 + stream[256..319] = 04A9AB73A738B9EC7E4AE6593E37FBE0 + 41597FB99C0136EF8F2DD79C4D77D142 + DC5FE3A93413D581A94E6072F842EF3C + D939E0EC4482C6017AC4C2178BA30D0A + stream[448..511] = EE9222E8F3FF28C620E43DDACC8BB933 + EBC78C402B856F20FF55EB53A4E4B242 + 9D628BAD7A6820AF0B54CC491B93A106 + 3C81C4BBF22B6DE292D0DCF8E8B16A83 + xor-digest = A6A3FE92F4DDF512D460355CD12171FF + CDD9D24A09033BC92BCC2C3B001409BD + E0995A71C357E35127DA25603E55A210 + F1733B5AEB61651F137E2477D072D11D + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9F591DA5F99C235445EA91866EAD681B + 977C4FFA036D770FBCA79D41FB014178 + CF8ECF3164E5E77D7495DC0195081EDB + 2F45C8A1B17D2BEC8DF3EF9FB7618075 + stream[192..255] = 8A234BC08DFF8CB862DE088AA0A5ADFF + 0033BCCCD9535B83E30406F7B54BB69D + 38F7E5B3A620095D36026D3FA6A71D7D + 04AEFBA7D86D2EFC3DCB260C64F0FFA4 + stream[256..319] = 4F10E45BE6F5EF5E04DD2605B15A6172 + A2F547A9AD7CD3ABD01E1640215ADB7E + FF80C93858C21A56E17DC361B118F56B + 19A56908577B88A8AD0636AE624DFDB5 + stream[448..511] = 7EE3A5F3236BB2098539CC540A937AE1 + 75F7A86338E144FA1C6AD519EA07A123 + 8A4CEB122A6ED79A7F1318D1087E6922 + 51D73B2FF0778F3E0B31908918C6813D + xor-digest = 3CF25B5B65171A19AC9474F21528D564 + 15DC4B2B9075FB73AF0FDB3B9BE00857 + CD6DC3A43920952696505EBB7E5E93F8 + CFDA13175D18BD3B98CBDFBE6F4492D5 + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = 17DE94BEBD3E434305ABDBFF24B73C0F + AE33E04F3088F3D3842D089661CC4074 + 359C2B01B24D0A7645002D6DBE58549C + FA24E7BBB2D0A01AA97B0088FCFEC19A + stream[192..255] = 9A50A2554917EDD01E43F06566C32E6E + C6EA97801F3AEBDAF1B9CDA9424E4293 + E6235F79FA535AA9C88028CC295100A6 + 34624E3A1BC7474BAA7F3FEDCDD51DEF + stream[256..319] = 3889FC4E6BDF1E48ED490FBD024DD70D + 82796A854ECFE1F7CDCCD5A63C5C7B5C + 3E5BC8B55D9B71E9ECC29DDA8E5E0F62 + 5AB1F50C7352420E2398B39C9868B84C + stream[448..511] = 04E726136229B276ECD72BF75768FAC7 + B01259867F02E39F6FA34C158AC0B3E7 + 4649DA7276220D7C637675BB1E2FC9BA + 0B44B39E7B795F61CDFB5F2F9F78E733 + xor-digest = B100A147765682CF0AB8021743A37242 + 69CC2E15DE974BFB7C5EF6B011738CE7 + 36D5B62D35F96E05D25FF4CBA6AAFECA + E157A2A602D2AD3D2044319275C97702 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = 3A77AB8543D5506C22E4067E3E3C8E66 + CFBADEC128BE90404DDC75721ECBE143 + 7F9956BEF51CA1F9F8E98541DE989AA8 + 2A36E0C8CF93BB6C641CFABC0A8A0B81 + stream[192..255] = 79C1DBC3073AA02090A21B9A15503E2D + AF0E2A36D36B77AAA49B7ED023988CD2 + B8AD12328F0AA0753D813435A9D81DB2 + 63DF8AFEBAE01BC7C9C2BCF66B69022E + stream[256..319] = 192DD4570FF21FC0224F3ED99662C4C4 + B4FF6BEC22E48B33E0462E8F6887A4F0 + E660F2FC69AF17DA12566EEE65536FA3 + D22F204CEF6443E1E1814D1E6ECF5BA2 + stream[448..511] = 25614AA36A8EDDE2637F5A4A22207A1B + FF5E46F00FC4DDCA81D21C0847758748 + C2FA10D8BEFED7DC301C4C6AD9E04A78 + FA18A2B5A5A0072922E709F2ABE1997F + xor-digest = A33DF028C8654C793C1ECF308B9F2521 + B3402FD0DBCDEFE02D8B1A4CC5D9005B + F572EB615F6CF0E029451BC80A9F2205 + 4B1EDB8576641293FE06B3847B1512E2 + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = 749BD4074F30227614C75239E42400F0 + 49C90E6CE14DC662ED466B95A26ED52C + 906C96EC0F2CACD38481B88D061596CE + E803A957051C967F149BBC4C26821229 + stream[192..255] = 680B2C35EAF80BC5721740E361021D1C + 4461058DE6890092C50F3216FCEBB875 + F04DE1D0180662B06CD1F1B12B3FEF9D + F91162782B02E172194CD65014521389 + stream[256..319] = 57DE5A528C1D79A7D0AB1945B19B070D + C29887E44670E10261A31B2FD31F2AC7 + 84F59CC6924DA848D61F68E38D68C12B + DC6F7CEE7E5AE4E9095C47C8A3A9BD12 + stream[448..511] = 4A19EF588AA5893ABDFC4E5E22A7059A + B7868C175F26007EAB3C2A20E6BEDA4A + C5A0F4D3FE0B507B434664AD1C2A12A1 + 108266CD12C093847F53C0130C1CFFF0 + xor-digest = 11A1441DA542081F4ABE927C7CEB1C8F + 22A23698C5C86CC0D3993BFA1D6D9E4E + 3EDF2DC88D8E0CEF9259E8225AC6D709 + 82C3E5FB081266AD96D5AAFCBAA53492 + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = 03C710F55D85129824858240AF22D6C6 + 002AB3396E1055AEAC09194DE408149B + 0BAE22139CDFC3F8300E89284CCD0A6D + ADD4B8F6A949D95C33F71A8C56822A90 + stream[192..255] = A9D4337EDC62B31CB8EAF0C33B2D2B5D + 52067F4F38B58E46257BF8356389F8AC + 9BD1971A32669DFA27D096FADDDD2799 + 4867213ECEDEA75FAB9BC8DC76A52E0F + stream[256..319] = 8C274A6B84153218AD5240AF34C3E170 + B14FA74FE4D3BB91821B79C59ABC2BFE + EF9FB90BB15B1944F89A09532CFD968F + 6760D42F4ECF5131BC0B2F3E6FE7FAC3 + stream[448..511] = F644E47F0A49EE249DDDF85A4B263FA3 + 19BDAFB542DE545160D1F72E84FAAB9D + C65B4CF3B316D2803AC7345EF1743DD9 + 290288DDBA99A8874BCC8B62F67D1272 + xor-digest = 60DACD72279B83B9E4AEE20A6B454727 + D3C1D983DB22534F3D09C4D1199616EB + 4FB0CC6DE139240640FED8D0FE4FCC5D + 359DED42948C62F41F28957E58FD2D22 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = F1D4B91380013CC5804EBACB87038932 + 5A9152C213847A39A2246FCC73895A8F + B0DFA4C4CD27A383229A87B56E294E6D + 66798616559B647E6A68D16F03D49842 + stream[192..255] = 0631D81FBD9FEBC7D2135210A3581087 + 8DC2C48B9349BD9B0538BBBAD1E3797E + 74672741BD8CBA3BD43F1199D384BDD8 + DE52D483DFA4E2AAB76D832FA2B65C0A + stream[256..319] = 2C288C7B676ADEB31CCF97F39C6DACA7 + 960FFBE3792B3605582AEAE5B8BC8B5E + E09D6F02A7DD367D5B64F63FF38E95FD + 35397D43C7A7A73C43C6DE7D79A1008B + stream[448..511] = 30A20E916AB3899DC4CE0BD7E998DFF1 + EBB94C5476E446F020EDE56E4FE8E968 + 99C3341DC8A727216E66A75DC48A7181 + D2AE06C2C6ECD4B3CA91E32148E674D8 + xor-digest = 9D16803B217853203D3AB370B93C4166 + B1FFE023A0E0C00648CBFE26246DA050 + 00E48209EA2062BB7E9AF910BE8630F4 + E2590159E9B72A5A8A1C91D191530CCD + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = BA07F8D5A310A4A555E707B4A723BC6C + 02AEC0E59D347E9EEB4621393B8598E2 + 20DB155A92407BADEB4BB2326A9D4AAF + 145722174608DC70C6792BADBBCCE501 + stream[192..255] = CCCE849D66069FBF00E17B6A8469451D + 1116726CB9E5B39F95D3471823EAD799 + FD1D24CA929F7BA11936040CDC711C3F + 2114600912D259591DD05D3266E51C24 + stream[256..319] = 5A024E63D55074677ABF8AF215B46564 + F3CC3FB9ED2C1DC3CF6BF30C48101A66 + F2C48088E8C5623610B9ECDF868BFF12 + C4E854B37BEB8EE91E210CB2E8A64173 + stream[448..511] = 9FC9EBAAE6EF32724DD6B8CDCD0DF8C7 + 736B58E4BC8D261B6DBD5DCDDBE06598 + D32D27827D9D8123341C20C416F97A2F + 4400D2B2D1999C1EB1043B071F475131 + xor-digest = 2E40BECC3B6473F1906C708399B419E6 + 4027405F7B9CE4A2AD7B6E5FC7A00D37 + D8F36FA1D5FEF4A303C9198B9065CA18 + E6A27A10076DFE42C49E8C43001E9BF0 + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = 1DC029760CC691E3BAFE5B88F011C5F1 + F2C8B1EF1C45490EE291B8E727C1CCB1 + 4523AE2AF236DB983033A1B9A25129CD + E9BED6D7E725A2BBEEED9B2EE1D89940 + stream[192..255] = 2C67C33F4FA3F58C5D167ED97E122D10 + 3C185B9E23F2732EDF4494393A8EEA6D + 8E24051BF1B55B2B8F850E1219B9F326 + 69EC9FAF428DE59AE3B8052F76FDBB4D + stream[256..319] = 72BBFE5054B35B8BE30EE01B6D3E52E8 + AE3FAC16CFD90BD6028647D6394786E8 + 659149263D36407C665BB2106DED7229 + 7F4864C7547D3CDC3B468F6972AA3740 + stream[448..511] = D3909C48153EB8346E19D19A86E44FE6 + 26AC398933530CBB912CE2E71C822AFA + 121928712758D4C8E5C48425BC5A17F0 + 1C1FC5367FB9D30184062A987ECA5CDF + xor-digest = EC6FE6AAAA305C82ED442B954AF5BDDB + E04C9266303B55D8499E230BE9AB047F + EEEA542F827E6C3037EAF12365F58996 + 202A9A9F6A6E452778D840061AC1F405 + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = 5F43041F50CFBBEF9FB21D646D0043F9 + BD79708A964E144E5DCE24641BF7D442 + D25D3722E57621D8C9AEF76D2B3C118E + E43370B409A327C8118C27202492AD44 + stream[192..255] = 1C9E3BDBC49C0EFC9E039DC17AE15C71 + 43017B87CB040584AF8809559CF7BE9A + EE17130C5DCDBAD67EED43C23F3E7BBD + 29122B9651E50EA023655D72FFF8B50F + stream[256..319] = 6472C876499000BEF8DDD9B0EC47DCC9 + 60175DE66B5549CAD0CF8D90021858DE + 4C8C4CB43878136B50D633BA51D01438 + 541F8E41A2EF10AB6AEB127188C354CD + stream[448..511] = F040B4B84713DC71DECDF4413BBB42EE + 345DF8190D176B8E7971FAFD07FF99BE + E87B52C3F3DBD9A72A32A79988E8265E + E13462E339544AD049A1872EDA01BA12 + xor-digest = CC18BFB48DC60665115F89881A41A71D + D6590BEF99A3C0540E60A0D12EBE7D80 + 2BF163D1490FB3C94C9EAA13C07E0CB1 + A6E4595B46787D6B29E7EEA5883BF374 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = 5400274066761C7D3780A2CAAFF102BD + D49966227AB356514A091095769E094B + 4CCE40E8A8803973714B59C5B67DFCE3 + 979AB4D9A1EABDB99563009E3E00A1B7 + stream[192..255] = EEF851A7869149D57E09829099C053FA + 043DB0477D016E8AA2FC8F5B36A40B50 + 204922BC4AA5EC0C6601B9C5E1974935 + 60F9EA748D24A504AD509EFB2E4EDC13 + stream[256..319] = 26DE4A71C1C2C2BF6BF65CAFC0631F3C + B316CE5289F47BA0691FE120A5E41C71 + 9B670E34D27AF88822E03338D8B2561C + 15AF68388C02391C594513EF47373C1C + stream[448..511] = B5AA8433A24598EB913A63E5059DE564 + 5D06DF00BB0FD3BCCBC3B386925984F3 + 6AE59430772283B667949CB08BADE486 + 246547D949426C9F7A976544DE6F339A + xor-digest = 02E19E46000972398C48B45FC8CD9FF7 + FAD3932595A2701785BCA4EC4B3D5594 + 6F8675785B9325E79EA61D06A39E79B3 + 23AED963D56715C35A25315A3FB1077A + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = 5D1A4EF0C43016A7A577374132E72026 + 8F16D1F21A996D628F4EC8FFAC83CC89 + DB32C80655FE849C0933C50D3A838386 + 7641F09C13FDD1D1176E563A44F2BF93 + stream[192..255] = AAADEF53BD349367DF7B3C4AA28A7D91 + 183BFF64E469608569FF4F74196DC820 + 50E828DB10F75737E187348899A379D1 + A9A3700B081F2E97B016F631D3BD9D3C + stream[256..319] = 5A82B87E84E0B509130470463ED669C0 + 156AD12B86A015DA49F19F36E3FBFDCE + F5EA39F47504FEA91C771A8B7767A0F5 + 7F62D7541ACFB22CF3FB9C684BC9412E + stream[448..511] = 23B63749AABE5DEEBDCF4FC8F79E626E + AB3C69C094A2592325A0D8FBCC3DBA6F + 607152C6D257442517559697BC663D93 + 71D4D12116A053E5722DFF9C1BF22CF4 + xor-digest = C70E2BBF4BD8F1850FC96712772D4907 + C534EAE119C1C057516A0C7CEFF84DDF + 11C7D25D38E634080F924911E248F0F4 + 74BC5B0A3F1FC145F85C34F28C34E1A2 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = 9288C9999C48482ACB6E465D8DCF37CA + 04EFA423F94EC3D076582EE42C8CE15A + CB2008D1F8CB95828336B08F63460521 + 38F636E9B304F8D53A4893DF546059BA + stream[192..255] = 03BD0C2381CE78EC3C9163F1B354AEB9 + A7FD8D0E1C3AD6037C338FC5E6A25C8C + F25166FBC06912A3006F4B23ACED866A + 94E0EFD30FB7207920954698CD8F1CDA + stream[256..319] = 83A8F0110C8C210C6CB79A05FD17A25D + 86BB96A7AC28ED772C3E5BEF61A9CF13 + 828D6357F34A3DF0281B60623516F26F + 1F1AD3F4459552202A33AA512AC9BC79 + stream[448..511] = 76CE75A0AA88E936DAE288C472365448 + 5ACCA2B4EAF164BECBD3FEE0B1F99332 + BC032238228E2FA02D0446D9DA2E1FAD + 88EFAC423E14F80F83DF3F7D3797A1AC + xor-digest = 94B3F82549D6B2CABE12F715C6278821 + 2BA28BC2B239897254035133E55B3DE3 + C7D4820513964140777EFABE5778BF59 + 113A782BAEC51B7808CA1E41AC060B32 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 377A5562EC30B2C41F3C6974A70429F4 + 13C23803F942442D1C478D175FA2F65B + 06C7A5F7010202B5EF530102E76B81CA + 595E078F02CD3DDBBD1AE9F3AD2FCC74 + stream[192..255] = 5DA38B8C5EBF1A2F1774E62A59D1B707 + 53A11B5B176D007D5CF30A8D32A8BEA4 + 02F295EB6FA7E86E709E03B0C5960AA8 + EA929444047238E8D53F92FF5C96F461 + stream[256..319] = 2D3E36441075B1BBF3B5B9BBF9493114 + AA83D82DF9485B5D1DC3C5792C6D55AA + 4D89ED0FC408C59DF194126AA1DD84BA + 69699B253AA94C3F883B08875ED2DB65 + stream[448..511] = 3657669287141F08CE1F962AC3AB785A + 7AD5D8FE1F1D3B4200013664593D6672 + 9A2B8405824714A0CEA3B356BAE7FBF0 + 828F3F5F532ECB631FC508E183145C4C + xor-digest = 6C28460CC179D623FA0A50746FA35D29 + D6724F0A37BBEDBC8A172C6FC2802CE9 + 7A1A9C3A94C71152FE47F9D624E42504 + B9A20E73DAD0343DF707B2DF4131454D + +Set 2, vector#117: + key = 75757575757575757575757575757575 + 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = 12916AC2BDAE6CC9A6D88A632CCCEDF3 + 0DE0974DD19B1D5C2A38491E2290B27A + 7A316B25C4CFE17196F5F8799DA773CF + 6F0A3F0FB483182D1E3DE98AEE5E1A3E + stream[192..255] = 75FF4EE150B2B9A3149F00318A2D6594 + 7C766E2337BD1CE734A59D6BA33C6600 + 3C9D8D68D0313635FB37D9A9EA6E8681 + 32A949BECDE19E9419E5C73D4DADE022 + stream[256..319] = 7CCF7A5AE3A3EE4AC6A63AA689856D09 + 54BFA12D835AFF25F3F710EE428C9410 + E33730403A8C239B69A4107B976C8F9A + 6833C8DAC74BAEC1715C62CAA4D4229D + stream[448..511] = 6381F00FDAE9D95F575CDC528FBCD334 + 440E561D61B439FEEBC056391ADC13CA + C87E4879BE98844843D38100601D4251 + C46A2828438418993F060CE403E24941 + xor-digest = 586E01385FAE512BE1412005ACCBE586 + 2E87F1DB4B2A876078E8710A022CB44F + CCBFE009D8589EAFA869ED673984C148 + 55A99873CC5256A34E27B0B2A7F971AB + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = 8F751521CC45165D650F8476D1B4F94F + 0D47452278B6B02C56D688F10213B5F8 + FF30856088625B3B07C10A0B7601D0DC + 7C8B5ADFD671B14CDF735214B8548B77 + stream[192..255] = 044FC97F0737864C87784BB38D7188F0 + ED04B83F3206363DA7CE0B717FE23917 + 4FB0ECCEBA1CD188A76C6744EE5CDD06 + 502A61802F94CC6AE10166E14DFD1D53 + stream[256..319] = 2A7A186C9A3DC780355B6CBEBB61A82C + EE07E79169B5A1F5C11D9739FBD51F55 + C11ACE99F77BB307FDDCBD6111EFBA17 + 65AAC500116A57EF06C838475C765D5A + stream[448..511] = A0C4715850742D600AC43A1CB5F02167 + BE0322464F4BE66EE5F1C5AD86F126BA + D5CDB4B61537A7D979FA774F8DDAE361 + F11EFA63B76A54385EF0CC623E318E0D + xor-digest = 83071CF21B3F2A3473AF42A6C6F3841F + BA16EE97BA74A0BB0E3D5CED2D45FF90 + 3777597D8E0A28CDDF6A92CF812BDA60 + 8E1EBC189D792F5EFFBCC810CA89ED89 + +Set 2, vector#135: + key = 87878787878787878787878787878787 + 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = C4000E8A5231BF724A8DADAC00032676 + F092A855766AFE62D3A15501098917D0 + 336B73D927854B5C4DF74C199E6F05F6 + 0527C3FD21C5294366362C0CABAF535D + stream[192..255] = F24F025C83DF8DB30DE4E88E1929E43C + 86C4B337130E791800321B85A8551130 + 744552BDCF17CD64CDF31C44BADB5855 + 89AF4A40C33DF783EDC8E2AD922C1E5E + stream[256..319] = 509D9D1E15FCA283BF51962535AFCDEA + 971512F5DF6870EA78AD708FA3CCA90C + 56FD2FDB3C8C069D1D38863D64FF21C3 + DC4894742001447982E26374604D3780 + stream[448..511] = B94B58B1B1571C78C24463E35D9B0ABE + 05D3C017DEE329D7EF472728904380A8 + E93F9FEC8929E3C09EAF341C03D17EDB + 60F4DF6207E5491C04F58AB3EAACA579 + xor-digest = 7243A35FEEA2CC5102710649ABEDD9CF + 9D424558C8AFE243F3BAABA1B72FEDE8 + 79F7C58BF4903C4279126540553CB5B2 + 7155665084B2486B657E1E11C82211F1 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = B57A0A1F4A7931491F31760261E865F9 + 3A5DBB49FEA69627E2CF1E596F50B4B2 + D566159DD9132B8B3C4FC382C10315C3 + 131A28711F1A131A604BDBBE73BBDDD8 + stream[192..255] = B16B458C1E5F24494EFCAC727BF82918 + 0DF881CACA9AAF93923E744985C3CE30 + 96CC008E0CF5CF0BB538CF76DEE0C411 + EA3F1D9673DA4A464481DCD7A8E67388 + stream[256..319] = 12FFF7CF7FC1ABF5E53EDC0254111862 + 3D132FEF1DBC125E6BEEDFDC4E1E1424 + 2918880E634B58DAABED2D8D62626A74 + 8F6B8E1BCA7293E5FD080485267EA794 + stream[448..511] = 562D9280A4E9B3D7B69AF52785D0042E + AC42C3678FBAEE910ECD5957DC2EF8C2 + 51B0C9F1D33389F28173A549E0208715 + 4F11B4365A38127E878EE5ECBFBC7F2C + xor-digest = 2C2D2C4D9D209778A7570F3A448035F6 + 19DC11DB7127E2BC08E7C8A50936BB33 + 11A92783DF213584A504245F5F7C2CCB + 7027FDFB102924A39A4AA73A7B14F1D3 + +Set 2, vector#153: + key = 99999999999999999999999999999999 + 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = 216EDF3DB5C8BB5FF80B10362F7F249F + 27628192E6A3861F287B2A6D8C4D71E6 + 069E691FC49AF0E768E336B9F907435C + 697CA739A8C3C985B82DFC17825DC979 + stream[192..255] = 0D550F517C3C37F71C42AF7F18C062B2 + 0FD374B266471581DDA673C1883668BA + F227CE4276EB1E1273C72BBD8D2A2B1C + 49C6966A14105598D1248AAEBCC776A3 + stream[256..319] = 188A5307177F93100E3D4125D410CA62 + 7E35CA8238BAC94E4EEE246CBE7C32B0 + AEA05D2340DFF7BC01BB527E44568E81 + 4407D1FCAD63648487B3E306FD066895 + stream[448..511] = 5AD72DC4F62F8A9655FEC7C2B6E09123 + AA8F26F45DC4F1883D1443C92F089E7E + 05517D82469961770759BA95B4010338 + 3F917EEFD979D1B561A6D6CFC8A55210 + xor-digest = 477449B7532089DEA8A1D5901374B05F + A2A36835E747BE5FDB110302BC1ECAD1 + 69F1A2DFFCD90E2626D5F4797225EA2C + CC408F75AE6E0D6B3CCF5B1ECA6C206D + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = 9898E66BFD4CAEE704CDD338B49EBDCE + 6EC8A7C0067718255A72701498641096 + 75404A8D4E11F5E56CD01F2586DFEF25 + 0577B3F0317B823309CEAF96CC43E633 + stream[192..255] = 64C06887F8C12828266DCE2ED67E713B + 799B5F3D6FFC0D2152023D96FB6FE83E + E810FE5A0417B7BD2EBD4AB48AE32E1D + 1955FFC869615A3878726BF06DB50F55 + stream[256..319] = 3FDC5C7865257708CDF067F6B6664D98 + A288B834CE51237B7D46DB04CBFB1D79 + C9719ABE0327AEA6B2480DE711191125 + E89F23A97776025B6430F681D1888CF5 + stream[448..511] = 2CDEC4F2932777F35CF260D981033C74 + 60DCB770B5E53D952E4AB7DCBD394603 + 6A1AF3309CA1DFE9D5589138273ED42E + CAA2B1F0AFA99D9E08E0B3873CE92BE0 + xor-digest = 544F9FE9711B6C792AEF0E7C79CB84D9 + 24E6D34515E70C6AF57E6D35C3E67B2C + F1AEB0C665D29222E7A2D0FE4F355C80 + 893CAC3A026E7A42FA867ECABE2D1E86 + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = 45FCBCEB09F6EE9A70E4FBFA49409B41 + 1D979DE84CC551E9D17971AD78DED211 + 4B2C1EB7038BA4F45214B68DC79D7EC6 + B9A2A18D24A14DB7C4B0823931C37B1B + stream[192..255] = B1689FB8B13F7EACF79847D75C741AFA + 0215F919C3190A2737AB2577779B74CF + 5ADD9B70FF6DED4BB6E537978112F72C + F6F6818E88C91A3EF8C0B21F90759075 + stream[256..319] = 0A3FFBB5FD1EB9BD0101DE9C4BB3CC88 + 4FF3D410592922901FC31132661EB33B + 359E266418EA88A74016942DB7C584B2 + DDA18312C583182E6CB239D415090FF2 + stream[448..511] = EE48E5057246A92F66494DF967A3635B + 0D5E3A113D25CCBE8688D5D9768155E6 + EE4700694B5C756F175DE60A4F11F879 + EE6939A97716D6C9BC77ABF711EA3747 + xor-digest = FE6CC121CF62DE4811E2869A12A18B78 + 710CF53BE4837D6B824A9E4B971DB487 + B3160C372069043A2F995EEFBCC17B9A + DB57D26FBBA388516FB723301839BD89 + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = 34A45DCF85C3F2BD4687B0EBEC2DF46E + AF0139F34D6A6D34C701F13C6672EC09 + 1286D36FF46853CF2F702D94A1FA520B + CB067DAE0CC559EAA02284CF57117862 + stream[192..255] = F4DBD0BD871A3D7EB607FCBDE41F83B9 + 179FB16C82303E25E498CCFD16CDB309 + DC87BEF14DA71302DC6FF98E095DEEAB + BFBAD7B7EA584A723B05765227A670FE + stream[256..319] = E51C19F34E220915FCA9BB0A01BCBF3E + 29E78AB68B0C6078004A310D8471972A + AA5B852057E81D1D1E1DA66C51B9A676 + C08BE2B93C88F02D1378139FD5721E12 + stream[448..511] = 3BF0DEE1CF4ECD7E7FD0EBDA2695A05A + F6D70C7414BFD80A70666F68AEC24E1A + 671D30BA1F49CE124A14F467EB7D2D25 + FE62976E7203E38E9D5D4ACD7AF5BF1A + xor-digest = 090B394EF92FD645DA7684666973CE24 + 64E3E4CAA16BF209C9506EDD82C07ED1 + E5CEB0AC34188596FB98F70BCE08D676 + EE474CA0DCBB22406C1824F8E7362F38 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = 51F7A8666C52459AF653BCF329EFE90B + DFCB1034C0346C7C36395A80A362D97C + 631DE15C3C0FEF7FBC914414356934E0 + 82E6A298EFA73C8CAF2359D548F31BB5 + stream[192..255] = D94ABA1D1FC7B27FA77CA274EDA19CE2 + DE72F4F592201B47D7E50F372C0E91FC + 8DE3F21AD1BFFD35D88A60DEAB25221A + 04DB7E32FD335598675D5ADE6AD782CF + stream[256..319] = E0324B0A8EBCCC5A9CB98411D2F7C22C + 706F7307486ECCCF8E829680385A5400 + F162CE0F110E22A512E9FD5F00134102 + 071B89D665071A7310D4C543D5C3A433 + stream[448..511] = B1E03A75FA5E9BD0356E2FA725791419 + 6A42DFBBC799AD1A1EDEE3005121E567 + 9770808402A3412D6D111DDF1C64AA7F + 8B48E4F0560D083AC85A30E2006B1DA0 + xor-digest = 7C1F1D90844CE18FDBF0EE1A20A3CBD4 + 79E4FFB1573FAE389127C07D891EBCDE + 068E90C7BE2F4F3521A5AE45FC3DBBB4 + 4F5D1A4FF3980430E72414CA2B34BCF5 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = F6DC2B1D33E63C84C1BE154A2FBE379C + E57F03A9533159873B13A957E53D8D62 + E4CE4107C393D45BBDE62625606B545B + C8F5E01B95078D1EACFE42FA8B37BF26 + stream[192..255] = 93A4563829F20C9CF8DE184B7D3C8BE9 + 9ACF7DCB6E8DCAB8835CB31494820268 + CDA2731D696F92645D38DFC4FC2A7E96 + A1C420DEFF69AB3675DA7F73770484D6 + stream[256..319] = D585F862D60E0FF7A441ACFC2E30206B + 1521120930DFAA995BBAFF7C3574321B + E70FB567F7DA9ACC9373F0C49E1D8C02 + AFADB738D1D948B1880CD9F6508CEFCD + stream[448..511] = CB41E685D84F049AD4FB848E337084A7 + 6320C93538D4CEF3B6A8FBAD5A495494 + D57AD41DD93D52E429D1A19658AC6DC2 + DD68CA8A9D6FDF2E1717939FAC9DFCE6 + xor-digest = 15539669BC4F561EB5C75387FFE852A3 + C1A60CDC3A8441654E6493814AEFDDBD + 0D734B621F722058F05EA046001FC621 + D9F636BDC7EAF785A8515B0302B1121A + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = 374D70803C0FB5C994C8B882102BF2E6 + 00E569B32B590DFBFC393F9BF070644A + 406C1C07121E0D3DCA8987DF3A5A82D1 + 6744FB514560A81D5E6578B34FC59A5F + stream[192..255] = 66CAFEE22C82D9FA3116C1CEDD116835 + A5345DB4D4E08DE09A27BCAB02158064 + 4F23DFFEDFD006219183C6F19A26D21C + BD4B0E5BB974E829B89969F1EA6C03AA + stream[256..319] = 2C0FDB57FC1320362AAE984F1358F233 + 8D01BF7C7F3A6598DFEB7EC2F29FB8C9 + 3961D5A82A5B92ACAF2667A97AFA4C8F + 3489D641A9BAF3303F8B8AA863F8C799 + stream[448..511] = 30D95005B32D0CE1868811E29544E396 + D9C1431A73C2ED60103D0B1EA3F7D0AF + 3F4058ED8E62AB3C3CB7DE98BF667168 + 8279673A8CC9DDAA88BDD3718ED973B3 + xor-digest = A5B05D4596DCF905617CD17590856F2D + 5FCC02237C4C6315C38DCBF72CACB353 + 7A0EC4E5C5A92838C1F6491B68EB148C + A22DEEEBBEFD4F29DA895FB1B5C2FE66 + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = BAF637DA83F1B4257EB31DE10C5DAC0E + 7A233C0CD51191E90F952C9ED9274582 + 3EA858F8BE3074BD895B1E2D7B0B3959 + 7E10F503D7C9D6C0466561764E3945A1 + stream[192..255] = 0A0D75E35523978C426EE16E0968C28E + 4850E47CB13D74606A93E35CEFCE2672 + 37321C80CA35F7BE15E1E96929683E4B + E46629B5682E236FC675B0212877955B + stream[256..319] = 4BB0F289AEEF00513FBE876FCD4C4238 + 19F56E153479FAC2806ED3A5145FFE50 + 854F8DECD6BD6CBC1CF659809E4C7099 + 2B3ED7AFC337731FA51016D9B95CB975 + stream[448..511] = E9E4B6CFCC740654BF8116B1807370F4 + BE1DA1C67AC1919E1248F948FE187BC0 + 20D52134CE17F83174D2D562FAF531D5 + A2AF78F28F17E8DAC613538064DD95AE + xor-digest = 140B5CD872127DF8F1905EDE1AE1E92B + 83883FC7C437F419803A9480B73193B8 + 7B8B784CE3017A9A528F38FEC92B4AB4 + E4B168BE69BCB40049A5AC2802021F74 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = 40FDD02D51823166306BCDF8B77607F1 + D4EB2B3876E1FC73417742F24BE45BEA + 80BE07DEDC173023A9BD6BCEA49D6F05 + 28230A637233A06029A4A7A63C1B7817 + stream[192..255] = 0F1D7BC5EE19D5E4577C9A6A0E6DE608 + 9DF193A9F916BA818C867450DA4094EA + 9379256FD8BC9FCA31E04CA5CE3479D1 + EF430C4ABE94042063964C6EB3B0AB04 + stream[256..319] = 6993D14C4511351CEF3292EC39BD33F0 + D112C1C72E2B040696CA11EFE4513523 + B6741542A1E536F5AD94905A336EC236 + 17E79FB72EC8F9FB2E973F3F847D4CFD + stream[448..511] = D86B9B0674DB00B67EE9E762F0E61165 + 34E9CD6F5115946A081EA6C5875F2182 + 6B31F109887499144D5179995C8F7533 + A8653A87E7CE832AD7D5B5984F8FD781 + xor-digest = 69472F97EB5509E8F10C71DC976A2A13 + C75CDB24EBACC412D18D7A865244FEEA + EB6691B9E925FE87E7B30748150E03FA + 333C0CDF442932070B03229D04D902F8 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 0B95F3973089E4FA452F0EFAE825CE1C + 92F37F7633E73F324DDEBB156D551E0B + E70B2B1028FC5DB8CC25CC08EB6B7A00 + 768D2D5477933D3DCEBC79F54D2C5E8C + stream[192..255] = 591BF91FC97F535EC390A8FBBAC2175B + 5D4D8F305C6D76EBBA5A6F572D797D1D + BAF5E6FEF47C118762B818ADB7BB3D4A + F97BF42359477303F1171C068E2A78C0 + stream[256..319] = 94B812EBE731EB385B202D15BCFA10A7 + D576CF9CD522543C4B0F3187730AC758 + 729059CDE6E4B4AD913D91B03934F21B + A6633E9EA3EEFB164EFDD9F17DF0F7DD + stream[448..511] = 833376932091A4DBDEBCEAB7B93795A5 + 41D10C9D699E5A4FA54B33D1E018742C + 33094EDBE2A76B3BB429136DDC20791E + 0354579EA3095C6D7A0DE29B7639DA63 + xor-digest = 14FEB3FCF65145B6ED7F8D17D48E4DC2 + 8E18A44BC6F45C7972ED1C6D2C061788 + A77CB36D9BBD6F8D4350035BE35BDD22 + F6F41AC561460FB54DA14AEC4910321A + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = D5AAAEB6B360B05E60728CB7715F064D + 688272DE4D247EC825EB5B86B9EC637F + 872E9C609D7F072EE4D6B2A0706073CF + 7BC8EBD669798A9A0A4C57F3BCD4AD96 + stream[192..255] = BAE49771D050446C339A54859DF3C0E3 + 1E979A221895658F4CF25264EC15EB0D + 3636C835ACE612CB1356612139179AD2 + D0A2F509E7F024A7B3E36767E4BF5FCB + stream[256..319] = 5FF6401D11EA0DF1C741E8A49F2474F7 + ED21B1D06C11AF82A10E8050A2DE0C7D + 092B07D58F5C87A64F10952B0DE31E08 + CA7DBACB5F7F566E8996923F5638F25E + stream[448..511] = 86C59730ACF2CDD8EDCD7282C5BAAB3E + DAE59D9E4676979FBEE5833EA788B269 + F60389D08B5514CE579F947F16021B45 + 014D7E4A533E00D085AB4D4113B15C18 + xor-digest = 214C32075CD0535E7F57E38E7EED8B75 + 56F9BF0729601DCBFC36DBB1D3C90C39 + 4DCA2BC3D0EE166903419C2746ED5DE0 + 6E980DA3316CC0322F36FE64B8C82522 + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = 69DE3E4C2FF081EB7F60C6E3D6A80212 + 5CA029E2BF4017AFB33A96EE4674F2AD + 0587532926ED63D219416A985040B7D8 + 2F843893DBF7D0EB3EE1C3850359D259 + stream[192..255] = 8E7CD9BE41820B9A8BFE5ACA633E9437 + C14753BC9EA615C8F7C2CD01115CF4C5 + 84D8E77321FE7691F062D0FA6CA629EE + C023EAB96AEBE93B1E5659BCBFDA3744 + stream[256..319] = 0C3E756A47DFFA8F79EA84E76E7D3156 + B7E3B426E6EC45C3889B6B80BBDB5F81 + 1799693CFC5275F9592BC02723798A76 + 00941D12C49B7D5958FCE09E1008064E + stream[448..511] = 63F215BAC5A814F2365FAF2C64AAB050 + 36AEC3A73CB80D1CA167500373F3663A + C400FA946F12D7C89ECC0D1D996D251E + 439326BB36807E215B89414A2AF99E2C + xor-digest = 8886830183F33BCE411CAC92338B725A + F64BD7953ECDB6C2E347B1ADEC3CE20A + C0FEFB9D816A4CC99DE15F94391AD370 + E36B0AB409D92B704764536EC65CCA30 + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + 101112131415161718191A1B1C1D1E1F + IV = 0000000000000000 + stream[0..63] = BA3FB682EB86D3672981D4D7C39BA93A + 66B78D1D867A8EF6BD9523C8CA39CAE4 + 7A0CDF6118AFBAF8CD60D5F162696721 + 6AA433DF22A7BE576C80DF29197CCD0F + stream[192..255] = FAF50E0FF8D5F26443351B25E0D04501 + B0EC7C23E538A0557D981D4AD91A8ECD + 65484D1948DC7153FB39DFAC5389B290 + A916C1D42119E84D5AF96F4605D4E318 + stream[256..319] = 96D23B04984AADA3D4B12AAF5B04EADE + 440D1831B36EE8E824CED1C4E2FFD41A + FBCF4A7996F5BCD52124E3D5B3F9847F + 71A3933E4F10C60EE01CCB5A727CDD84 + stream[448..511] = 375E3480C20FC8319B173D9642758759 + 10C513D36229E15C42C92EFE604AB6AE + 4C8464123E6B9B6B3070897D029C287D + FBFDEC2B8BFE1E78F30CB97F5AED613A + xor-digest = 3B0723526F1C51B0C943375C030087BE + D6FD8162BF3EE3589EEDB84CAB870032 + 3CABEAC277B1A19B12E3F8B5C641D8E2 + D1D3CA68AE6F356BF2BE577BAB4A40BC + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + 191A1B1C1D1E1F202122232425262728 + IV = 0000000000000000 + stream[0..63] = 5AA7FC2554941FBAA27C70A5F83359A0 + 250D31284A12582924D86139BF3296C3 + 9D22E5E9C6275D4B10A38F2CC80FE0F9 + 01807090D71E339485B6439A80354A5A + stream[192..255] = 75E1DF44FAEFE21824D9BA7BC4B10490 + 09F90A2AFF10829DA8D21B7FA9B02E53 + A8F1844E7994916DFC034D18E146770F + A6BB7A36D8B86316C24EE40111B0CC39 + stream[256..319] = 4946FAE6887BE478DFDAF6A697C535EF + FABCE3DC64FCC6D10CA5D376B97641AB + E30D9907512FE05BA0108290DF12CC77 + 3508B672147A05EE76F1A4CEE5E0DDDF + stream[448..511] = 433D262DA3259850DF2D17229533D2B6 + 6F2E7CD72DCDC1AB8CA9875E411A91BD + 8D14AD0C44F55A0437F25803B8101D96 + F0C1CFBD9365CF28F48FA3BEF9527FD8 + xor-digest = 1B2BEAC501C91E98D9EB00F3B86DCEE7 + 1E94EDBA2ECD08F4B389E492C34588DE + DF0181949073ED76FF0C6C278A56E24F + 5D7353DB202DB031CDCB7BE9B59538BE + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + 22232425262728292A2B2C2D2E2F3031 + IV = 0000000000000000 + stream[0..63] = 23A022FDDFCD7BE7C9322AD0CE317505 + 64C05D78BE9379540948C9077F1D505B + 930400D7605B4758546F8EA8F9DA961D + B84B6372EFA2DC34B1EED24880F50459 + stream[192..255] = 72BC67A34C4B6BDC13A57FCD0599AD90 + 462CA2E205279376FF5AB4B27D55B860 + 46BE2144347C307BFDEDC06FCE28DC02 + 66D90BFC7C5CCE133CBD01503D981670 + stream[256..319] = 9C7DBC85FB4BBBE086CBA25DC1663115 + 53B3F81BEC202E8D39CE1C0E17E6A92C + 0F27F7CD32483AE934F2CA19B1EA6F9D + E617D6FA8665F54DB30C91363274EC38 + stream[448..511] = 2FA63569E0147FA5F738CC8B2E526CDC + 0A2A1D3AAC0C737E1F52E4F12F469049 + 2D106E142C75FF23BB4180220F7B239D + AE1E6E66C1CF1FEF634038FBAF080CEB + xor-digest = 3578A4C3D5D95EDA7184D3A45611E931 + 78EA4FFC9D9B22E2BFBA694B92A80709 + 27695EB5A0F420530AA4192DF99DBC39 + D5491646222EF528747F1624DDA80A38 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + 2B2C2D2E2F303132333435363738393A + IV = 0000000000000000 + stream[0..63] = D3F71E40C924EB10356C72909F560DF3 + 58E1871B786865FD648C0F7698F24DD3 + 40603E96DB692EB383A99E8361A16C1E + 12B550A653E48D5E61BE57413218C527 + stream[192..255] = 3F98CC06A7EF083AF032386327CD2253 + A66FB323D5BE68E90343F33804BF7FF5 + 40F2FB5A786A37367ED9715365D2B4DE + EFA87CDD5E9554FB78C2BACA053D99B6 + stream[256..319] = 1534A1FF522DD2B3EF21C46E5943CD75 + 09AFA99B3B0972EC1EFE3BBF938A003A + 61D2A82ECAB87F6EFF8B9253FF16EC6B + 1BBDCCB286420694361CBA573635D136 + stream[448..511] = EA5FD6B0357F67367F30773EDB2E8839 + 0FE19BFA13FD03794936BBF1CD5DDB8B + 22E85019FBAD90E35ED21F27B04B2422 + B9A4F4C78946A1EF3E8FEA0B18FA3790 + xor-digest = 37164AF19204384ED577F9561584948B + 9928274C3432C76D08D13EAA90DA09BE + C6785BA86F611187C6C099DBF38328DE + 7A2FC168191150CF43B5F6D59CBA1ADC + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + 3435363738393A3B3C3D3E3F40414243 + IV = 0000000000000000 + stream[0..63] = 5E6CB90E447C519B72F4BD206E788644 + 4328E6D0A8194660C0597F09BF55913E + 44D616B62ED7D58DACB73E7372C20435 + DC4FFD07698C96661CB0AC779A09A755 + stream[192..255] = B5FC78E8AFECCBD64AE32E09E626D58A + 0724C1B65FB0DA4B3B27A51EBABB381B + AD3CAC814CF0C15AEA0BB7E9B02DF672 + 3FBFEF9D56D39DCF3F212F7E74EE9C56 + stream[256..319] = D81FD8C385D13C64005346AA9426943B + 5CEEBA07DC644CEAF98A2135986EA2CD + F6C95E7CACDBB819A8DB3EC52DCDF68F + 6958982B3CCFAA94A9ACE5631D3443F5 + stream[448..511] = F1A605A14802E9087AD3AB5B3BC711D0 + FB1A3AAB4BD7B1B55EB41B956A9EA8A6 + 7F080F7B11993D6A2136854B99646C11 + 19D458FD72A3CDC4E6C92D34E2AE04D5 + xor-digest = 4364C17C638B54542D8AA1FF920D6245 + 131E7EF82AE604405CC02B0775E40B79 + 531669963B9A1387C5CE31396DD860C3 + 9D511C062BE3C14EA17A8E185C42FA98 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + 3D3E3F404142434445464748494A4B4C + IV = 0000000000000000 + stream[0..63] = 754297ED844669861E90BD6EE111AC4F + 0C7FF32CAA43C9FA5E6B0D99B09161FD + 90C413E0EDC23EA034BA7AF6588B4E5A + CE15E4A68691380508DED0765C853C46 + stream[192..255] = 14C904192B5D9C4D435E090F56BFEE26 + E8E7F7F018A6634D599C22C41B6F7CF9 + D8465E1AC223567A1FA86B0675B7B3C1 + 40A385AAF76F04481E80EB0689D1B57B + stream[256..319] = 64969C0E4E92FEA2E6ABCD5ADAE9A440 + 11957C6524766D30F2E7E8ADB3546C86 + B6D2CA6E40FDDFF18A4D3B9E68CF9BB2 + 640C18449009628FD1A8F8AAB53E1219 + stream[448..511] = 741D18626C35D5B53E21CD224CB755A9 + 1699F57BA64268C3B37297BB0C676E5D + 3FC29AEBA6FA5B5C0437E47A819FA7A0 + 5662EE8F0190CEFB8D68112B7E4358FC + xor-digest = D444F5ADBC6FC03088397080E6EA457A + 4804B555C0F62F2E190C7884BFCD5F62 + 2BB8B53CD7AFA2FB4544DC6A9EEA9036 + B094606C54F8360C54774EF7124FCF1D + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + 464748494A4B4C4D4E4F505152535455 + IV = 0000000000000000 + stream[0..63] = EFE25573E0FF9AFA4B658740D4D8795B + 98A7EAAE5D9A43699DD3D6CB7702681F + 613CD37CFAB324869CD3CC4F9A2BC0A7 + 2F04F650E5819D7D28BDFE09929D0AE3 + stream[192..255] = FBCBF6545D64863C8EED507944CFC8C6 + 7398EA1A4CB2D909C95BFA9357083BD4 + 1A2F425E7DF544F4B2CDF26D669201D6 + CDA546E5661EC8F65C27CD3DA9FEFFFE + stream[256..319] = 145AB666C6840F3C79C4876D1040EDA4 + 6D51D532728F31E2F20BCDAFD869AC00 + B3A134C49DD40B846F49C35494D5F288 + 509393F522881D32B524A51C1C6E1FD5 + stream[448..511] = 3567346A27E8F0F35481801B3D9A934D + 4E67688C496CFFEE816CE772029979A4 + CABE0CE905E23584717F43E4F04F3133 + 89EA50C2660ED2ED57C6823407204396 + xor-digest = B57486F1AF7CF540AE0681D7DAF16E73 + 445EDCF224CE4DD6AA8CD201B1829EE7 + 413512ABB97AC537C6C16B5C411C383E + 72AD8A3F3450F74F60E16580C225CB29 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + 4F505152535455565758595A5B5C5D5E + IV = 0000000000000000 + stream[0..63] = 6F4EB5FF1D58A8AE8ADFE295D6281296 + 36C186F144C393A63DB62E04B8321960 + 200238C6D0A75EAFFEC4A8D8FFD73CB1 + CD204793152B4C095E5056C20961B805 + stream[192..255] = BC57E64A9DBEF123AA4B766226D68A3F + FE1D16DBB6400649D9FF54043916E5A4 + 8EA6D011173A1C8B353E73D7117E1A54 + FECA401E5B9C37364D4C46B93E3361A7 + stream[256..319] = 6192F9AC8AC31BDA04D5FFB22B94050D + EA2C41F33F47E34BD132EBE0DEBCAE12 + 52D711F09283EEF6410328FBC9675817 + BB909993BB19440ED2B19B06F85D9CC2 + stream[448..511] = 293C1E8254286EACCD7300365E6E7DBD + 6EA70A68546E13FEE54ADF54254AAC5A + 352F2A8FF9BC609F497335C19D97CA8D + 6F84C6FE96EA3C6AA82619A1F11B4E92 + xor-digest = 2A5A737D2EEF7B4A3050BD4D96FA8D23 + FC94BB5526724EFC6306CF0102D45EC6 + 13D5B0DE4C5E10499DB6010C35D10790 + D1B7F26C1CA8872818312A17035B005D + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + 58595A5B5C5D5E5F6061626364656667 + IV = 0000000000000000 + stream[0..63] = A6CC8B404F2AF4FDAF7D6A8795F7CC5D + 9BB2741B787B51538BF9BDA816486BC0 + D334348DB81317951E1DF416988A0942 + 7ECC9214B02B8C4AA816A6014758FE06 + stream[192..255] = D4FA0D1AB59C779C4BA1B64391356884 + 06DA8137C88A3642295C6285E9535438 + D86DAC9C5B88628CD04D99CCEA1EC82E + F58720BF5AEBC02A453A5601A9CFEE46 + stream[256..319] = 1768DEDD9085B9EA5D36B507855B7413 + 63500AEEDFEAE88D6996E45DC8A21BDF + 2553BFD191E2CF697FC4D8D6AC7A3AE8 + AF1B140EBABB5F1B8D1524E087147291 + stream[448..511] = B53ACC37176F2DD5E48250F1334E40B0 + 282FBF02B12953AE229A9175CF973DED + 0B8A637E2E55EE26E7E2E8E962AA4BC0 + 98B0B1A82348DEEC1BDE9D370859937F + xor-digest = 9EA2C38E03E01567DD7B969946638AFD + A0EEAB5E0DAE16E6FD33196B923D57FD + 22964B080FCFC07E64EC5464EFA9EB21 + 4ADCFE4792CEAAEABC73DB10E4178FD1 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + 6162636465666768696A6B6C6D6E6F70 + IV = 0000000000000000 + stream[0..63] = EC6D0E3259CD756BAD85ED4EADF9851C + 2E1ABFB3FA5D3B71CD094F90E325D960 + 49ED9E7F20B583A489FC1084B2B6699E + 68FCA80FCAEE2A7A4946FFED7B316FDD + stream[192..255] = 0C645D3281EE8E879E0BAD2351FA2623 + 9688A13B9711B425F7B03CE3E2806B49 + 25C0A528969C8FDADFCE1CB05C73CCB9 + 56504222DA9D5BB1395113B8BFE1B9E9 + stream[256..319] = F55E779CADB76CCDC754AC5685F3EC14 + DEC0B31E72ABA48F72052BBE7B3A77FB + E7D915C545E1DDCC6E59DF9C080CADB4 + 59A3BEF25B3E7698D675D5D0E68C52B1 + stream[448..511] = 43F152BDBDB22D16E35F4E668CB0F76E + 846DDEBDE9A38C407CF2CD4DC2A218A2 + FFD0C2DFD191B9CAF757B9B4E2EF51D1 + 8F989ED878EF38385C67A9181EDD92CD + xor-digest = F70553BE38C7578DF6C8AF8F093BCF86 + E1059769931E6C1B63B9C0E840E24D17 + 6DCE6578AF4FB9B23D034D0754218F2C + 32FE312FCA7E08C00961FC6D56B02DA7 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + 6A6B6C6D6E6F70717273747576777879 + IV = 0000000000000000 + stream[0..63] = 39FFB32108B18B6EE3A973F74EC2DB90 + 761B3B7F3EA76D9222C604A3EB0CE840 + 6BA03A2D72FEB41F37D6D4A996EF3918 + D4BB2ABD32464DA343FF7E9EF91F078A + stream[192..255] = CBD3382826E40B48ED3F1584D06E5331 + 4F30311D1CF63583CEB32E9969000D9C + 28C70D83D5B6DA6042A090D2B23E9321 + 553F297EE3CC00661883B0F97EBEB9C1 + stream[256..319] = EB43CF6FFF18536DB8607CF15EE3BE04 + 6B01725EBBFCE04611B3E801DFA3E054 + 89335C4FB4043EAD3DF44D17DDE10064 + E0FCBB727C3B223918A847C190AB35B6 + stream[448..511] = D19D8D8D87164F3057118BB61A215A36 + 15FE0E1346DDF57E068C7DD3990C86B9 + 9AD2FA0A1882C702AE368A7EA451408E + 5E697ADD8E5163025C6F7E204EEBA47A + xor-digest = 0DEE89775F959C0BCD8DB47353239C9F + 584AA8A94C2D8F70B0313F1BA8343BBE + 4F676C1A0A01360EC40D1642F24D8ECC + 56DEBEA05AABD12B7BE0B3DC81A0A19D + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + 737475767778797A7B7C7D7E7F808182 + IV = 0000000000000000 + stream[0..63] = F6D9AA962C57060D96630B813DE68E9A + 054F9B2699D5AE322572E8FEEE823BD9 + 791B51D31AA87AD890983CC8AFE51D46 + 885E9BB0E2BB94996878DD9BA0806B0A + stream[192..255] = 3C798B433F6B01D2984FEF29FE1C590F + B9BD8CEF54B4DFA2EE4534A121346489 + 03CC0289A55F6C67932B6D13A92A1C69 + 76FE803087178377C79951DADBC005E7 + stream[256..319] = DF973FB508E631B3D8F89DD3D3AE41EA + 54F99CE2EB38591801BD0B2E6FE24BDA + A819A8E3D35FCA7396D4F6701E9A047B + E9C78984C83C3EB1AF36301FA7DE36C0 + stream[448..511] = B77933A3F5E9242D3C74B7A66E1CC47B + E7B7C9622BC2EC9151EEB578EF3046DF + 9A09E5945C16C0670C3A27687EC192B0 + 1C41CBCD723A7090AE02B70978A8AC7D + xor-digest = 0FB64FBD95C135DC44C79B3EC27C7F04 + B7CC5F42A9E2A05ED9E355CFDBF010B2 + 0F51581C026264301147D5B9229BAD6D + 6B2D52E3ABC081E172CA302F71435641 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + 7C7D7E7F808182838485868788898A8B + IV = 0000000000000000 + stream[0..63] = BFC99C4BE36C5F0E8768CA215FB89AF7 + 35CB307D0944E7C5DA2723E6FEAC88A3 + CBD3DD611B10D4A106269F10C277D1A7 + BB9E2165CAE4807A3E9CF6F5EEB52E5F + stream[192..255] = 6348C228D90563328BBA1470EA46F1D2 + 84513C15271DFF9647121D7454A1DE04 + DF79E4A13044504538C31602E73D434B + E6A78B1B3072D6CCF79AE0B59048CD84 + stream[256..319] = B954F2BC8E354EDFD9848AF57B14489E + 84B7A295F16E09F13D6A589C3631E7D7 + 4B1D05020C92EC9DB97BB95C64195B12 + 168DE2AC4418EEA1843B1523A0717DD5 + stream[448..511] = 15913C068D8C34D68BD388C19B86F4E7 + 204FAA3D276AF6A7CFC0D7B9CF5D18CF + 0AFE0518B7B59491B2A827BE34760D76 + 765CB932E9AAC50164A615F99132A429 + xor-digest = B0EF9F244B31864DC9548F47C4645B50 + 0B9F0D5ED29CCCE0775E7C2AE176FF51 + 98CC837F47422BCD403E501A9B810A31 + 093D708B49F9CAD7762E014B2B7BD47D + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + 85868788898A8B8C8D8E8F9091929394 + IV = 0000000000000000 + stream[0..63] = 7753B7864359B6457C83680F1ABCE6BC + 8C84701CC7D301598E4EC3E4BD001366 + 4D4DC9AF32BB00F03B59AFD9D8AC0204 + 7D5A1A0A2F108FD635CE53D166289C02 + stream[192..255] = B45E4F98939CED60307F5609C2CEFC40 + 4F75ADED40BD987013707BE6A9098F19 + 0C17D87A194809A486B73E5E15A9C88C + 8AD20789927F0E82A9A29F4F779E7963 + stream[256..319] = 9CEDD8EDE5F436B48C781E0D32688B31 + BF7C7DA3AAD10B28FB4CFE0A0B98122B + 6BB8E22D30F73F22BF7979EBD624B446 + 3FD3928201D9223463277D91B4FEEB49 + stream[448..511] = DFCD892955FDE7910B4089935F2D9D77 + FA67EA7CC2D2DE9C97F0EE82D59A4D55 + 4A4774069DE82B23C9AF0438EFC9719A + FBEE89279ACFAFCF39BB5150D255E17C + xor-digest = 5A42BDB360C7A463723DDED9DC7C8EC6 + 4BDBABED6F3B746909A06D68DCA990E5 + 5EF73AF7FB4A30323FA385A0A97C67F7 + 65187F0691B0BF3FBCEFFB512E7314F6 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + 8E8F909192939495969798999A9B9C9D + IV = 0000000000000000 + stream[0..63] = 9C0FF1BFB93AC046B8F7DEC7C801034B + 8213D302AC9F86BECFA8CDFB1D1E2B01 + 4F06C231BB336F84C42D2C0698FD342E + AB969B2F02D597BFB62B41B9D93F39AF + stream[192..255] = 247D7F30B7A189D4A0540A8DF815141D + F80675FE4A0DBF36186BA4B66C46207C + CBAA36E7F9B60EC4021231DACAFC8750 + 5A84144B71DDD9D0813EC732E4FEE41A + stream[256..319] = 093F61AE766178EC810384DFFC674F72 + 40AC5F77E09A826150D1E6BB2C328D68 + A42D8FD61ACE57736FE1014FC44D8764 + CFE0FCFFF7EE249721C8F414E0F2AC66 + stream[448..511] = 878A8D74547F783BA5E10F3E182F2BAF + AD55020C48EA97E22CB4B186C23A3986 + 609054BCB9EA79DE268107F8BD7E233C + E33DDCF537B1455A7D88F63783904A3D + xor-digest = 9D25476D67E9C3BC97CD33BF999F3A67 + D2CEA66F51BAC2D09FABE1A2FC9F003F + C2B7EF56E59CE1DBC93ACD044D499A17 + E254E78BAFE0F8C090C432E22427E15A + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + 9798999A9B9C9D9E9FA0A1A2A3A4A5A6 + IV = 0000000000000000 + stream[0..63] = 065FBC2107DA4A11A20D0957EDE31242 + F4C3C647B703E124320D339821DD8E68 + 3156106E22A15A5C520382BCA5A617D2 + 5B2F625597140D0F77FDCEB50F92E920 + stream[192..255] = E888535B56D880565B4C0A9FFF8C300B + 6ED37DC38B83D788C3145770F0B55A6C + ABF25AA6B1AE5B2BDDF31D0AD7EC57C4 + C52F05E70B460851E4E83A6D3E02B909 + stream[256..319] = F1F33465565F1204F114B137BD033480 + 8E3CE20D604BF09CA61B3EC091ADBE02 + 97FE2DA9E04EBABB0BB85AE81F5591A6 + 4B395B59BE6B61B95D2516FC2368623B + stream[448..511] = 955054108EBCA3851D09B651335F8981 + 61D3CFFE90AE3B1AC84720E55D7F32F9 + A701490DF7AE35EEDFC4F4BE5389891F + 85CA78A60E12AB6ACBF5B2ADAAB5F5ED + xor-digest = AFF011AABB1864C51A90291DE2801133 + A8704102F43D64D29BD1A635AC909A00 + 7AA39A2CEFD15F780418B9A8B3AA41C1 + B1F6F81B39CD174BBEE946876FC3F8CE + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + A0A1A2A3A4A5A6A7A8A9AAABACADAEAF + IV = 0000000000000000 + stream[0..63] = 2EC2E3873A2D19A18D62B741832192FC + 5D223A598F0764221625B65361B79CB7 + 73ECC0A8658F7C97935C4CC4B1C98F02 + 7D7F39718D75CD424D078B493FDED1B4 + stream[192..255] = D3A490309322EA17BEC6347C7B8C3A2D + 1CAA22C5F13819BBC698A4E65071AF2C + B6E97E9CC2CF7598AD71FFD06F82D34F + 02C14E2E6E32DD06344FEC91B07E0C30 + stream[256..319] = 3061A7CFED3B3C182E1E124DF5BE0EFF + 6907B2FEE90515894E96680AE494494E + FDF3A2ED6741961AA243D6C1FA2C4087 + BA7D5867DB9336BC8732E4A2D43C4F7D + stream[448..511] = A8606B968458099BA15972F1C2614ECD + 6A1965F29703CD6922867ED554637155 + E6887DD5F1162EB1C3AC6040A6C00BD7 + 8A2E7564827A99C1B68783A2C4E98EE4 + xor-digest = 3247C2543E64FD12CD04881BA0EC9451 + 7CC993CAFF15C564F138BB2BE0B2F416 + F889566B77A75FC061AF9BD4876EF5C5 + 5940F9892EEFF7486C379C9C06AD82A4 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + A9AAABACADAEAFB0B1B2B3B4B5B6B7B8 + IV = 0000000000000000 + stream[0..63] = E96318181A269F54CCE5ADE990DC2213 + 59C05F5FF387A4665EF4219DE4E82AD3 + 7B7164538D49A63D7C577DDB9535E7D0 + B9DE2AB33ECAF9EB2B4E0251215FDBE8 + stream[192..255] = 9894C7E3008E4CB7C90DD524753B3BFD + 7FDEB01759D9D7CE922B8C573BA79450 + 2D22B59D19A8120CF955106B197A328D + 847299B96CE7EAB66E5404C9C8FB54C7 + stream[256..319] = B08042A43B7D7ECE459D78DAAA240B05 + 58AA2129613671D12B71E38B1ED65ED1 + 7C94FA972A5F53D342603357D2EB649E + 80420BBDA39100EE3E26D7C63097666A + stream[448..511] = 201F890EE62BA9E56679F78BECA40980 + E791B94D2BFC53932E3CDAF55D010DDE + 663A21598F3A266EB25E2AE5B3F6BD42 + 2FA252F889CB919B9526BD8D989C4ADB + xor-digest = 3C3B4A734021F6D34B02F9FFF0ECC97C + 8904FBE220C2247158134454FE6AF10A + 904708ECAC36B898437066C34DB1DFCC + 35ACFB104ED8F45E658698ABC1BA36B0 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1 + IV = 0000000000000000 + stream[0..63] = 8AB2AAB730AD2BE35D67AEDAFAB6AF1A + 1B37B60321B0FBC8E5DAC75E9BA3801F + 213112344E6B48C65C7EBFC3E3A1FFCF + 7F4363EC94475EA00291EE3E8E1DF2BE + stream[192..255] = 1A6EE4C1747D7C8396AF9E926919EAF1 + 683CBBDE91489136BFB1AF7B8DCD6DDF + DEE853AC653DA04B2753EF30B719054C + 39DCEAF37D896E95A43B5A1CE7F0ADA5 + stream[256..319] = 4DD8A53CD6F54E7CE7B2DE8C4A2F785B + DB29C5416207D0B9F889B881C646F677 + A164B968B0D2034C6B16E2FAD02AA972 + 5D2D7BD40023DE32DC85D10A5B1155EE + stream[448..511] = 396A2EAA2A6DA0021B00811185589D38 + E7CD9BF7C0595B92C9AE95C6AD8E23E6 + C5D15D8668A459744C965B48B6C05EE1 + 47C396450FF200530DAAFD860846B241 + xor-digest = 280F50953916BB7F753EA341D1828BD1 + 7BC69E329541E03364D6E98DE0CFB46E + 33CBB179B80B43393B2224CB813F04FE + 5241D3820DD908DC0F573CF25B87DC4C + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + BBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CA + IV = 0000000000000000 + stream[0..63] = 9186DE40D5CC5E7C2A1D8B01BC735F55 + BC203F79D306D77EDCBEAC719C47885D + DD8E4C4E6298456733113ECCAFB0CC83 + E67D395BDA726F39259C6F088473A324 + stream[192..255] = BE271DDDEF0B8B1CE3E0C98FFCE3225A + DE6EDBC37D79D07AFCD5FDF704CB344D + BFCF9DEA3599F9A138F03F973E368957 + 8C818655906ED30942B43815911A96E4 + stream[256..319] = 8269370C46ED550734134178939E07CA + FEC25AEFF8AB3EB39535FEA2B4BEB982 + 9201BC39ACC51165F03260FCFC523129 + 52CCEF82F417AD2B7B8C3C81A6F51888 + stream[448..511] = F5260FFCF2CAF56A0CDE99D17888C1B0 + F73522C8DDC7BEA70B9CF2C596554556 + 9B90F5D14E92ECAD8FC4EC839B9B24AD + 3103813089250F446D9F583A9B092E2C + xor-digest = 29A4DB1174ABA47C7AF4FA87F5D64BB2 + C2958E324781E6E01FB9F683287A937F + 27C1EB6C277B72C1D664A2B2ADCDC5F8 + 0108FA158A9169D2D4822C027C09D42B + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 + IV = 0000000000000000 + stream[0..63] = 0807452F2F205199755AFCF75169468F + 2101D8EF99C56654F43A09C2DDECE891 + C311F5E7238EA5A133B8EA6EC02B29A2 + 8AD2F7BFF999E3DCB64A8B2E71C89C23 + stream[192..255] = 8546E72891619012DFF9FC77EE48BAD2 + 35BA5502902C15C032A4F7C40CE8AD50 + 300893E656015207DE10C9F9F8661B0F + B3EC6C8D57DF4298BE0592A937B008A6 + stream[256..319] = 2F756804EB674EA89E6EF40D6B175DE5 + 79C92528EC48E1EE9486DC6BC79B612A + AF1A1188136DCAEB637E89DD3D7F928B + 5F86B698C4243CC7FC23EE82671A0863 + stream[448..511] = 6940F708B98BD18645945DC24C1AD37A + A763A4DBE7E57980EF3796423270C6D4 + 6E61D99F7C38F5CDE07539562835660D + 51BB2F440FE1C3733D3D27C1D9878BAC + xor-digest = 5A790F2C4225F3D126CD36F3CF1BB7FB + 9CC72C536862B41FA4E54B5540BCE09C + B3621BDC4FC0DC7F1B77DC8DEE62ACA8 + E972D238FF39222EA430712EAC38C2EF + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + CDCECFD0D1D2D3D4D5D6D7D8D9DADBDC + IV = 0000000000000000 + stream[0..63] = 01C630447E90A0389E4D291195ABF89E + 212178C06289808F9B43B6BEFCA39DC1 + 076AC748AA754187EED31AAE0F6649F9 + BEFB22AA292B6261AD32AA4A319607BC + stream[192..255] = 735992D7402D2BCE2192FD24DBE31536 + 6A4C85BE7328CF3A53FE1D8E63A8E06B + DF33E9B2404F4C8A3D74EFB906431733 + 71D671C69B4962EF02854E1AFE7EDB80 + stream[256..319] = 32879D22D3B1B494025AFF30B5B16555 + EDD942DE616BE35C102031EC58425D8C + 00DF47A83CE569433C3D03652675003D + 6C466B39EB15827D79F0BFCCADBF266A + stream[448..511] = B036F057DC30312015C88F176721838A + 4AADA494D604F5147679C1DEF285802B + 929296FF3E9049A48039F41C03A40121 + EB2FA555E57F18E0782F52147255CA14 + xor-digest = 411CA17EF9B8AD1E74F1F9943620D4F0 + F289817035E85CE86F1D879855DC2A1D + EF5CBAA9FF0A3F501F58FE9E42FD89FC + 15800938AEAE2E8BA5758C6701C9CD2A + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5 + IV = 0000000000000000 + stream[0..63] = 62F05BBE952327AC4933CEE3850BA77B + C49F6E0FEFD55CA9B5F5164849E3187E + C1652E371BFA9582586B593EFB410ED4 + BEEFA9B50CA53F93290B2F3D7889A2E7 + stream[192..255] = 5B1CCEFACE75306DB9D1E9A45B7555FF + 1527126733B48F6AD70CCB64EE0E0690 + 64B2F884AD47A028A6701D36B1086D64 + E57587E933260389078BA7B9355C195E + stream[256..319] = 882B2D05D7CC6098C4B1556B3DD45C50 + A9A403F34AD670764923F55EBED3D8AE + 2C6B1FD7F5904AA17461C2ECA6BFC2A9 + C7F077629A8D5AB0B9807B1688C22F30 + stream[448..511] = EF623D1243ECE17CB99322597D59214B + 4C50E572B5B30FF60C6AB14A95987CB5 + BD18F0CC8494D619F6D950A2C72CB9BB + F2AE14B0E499F65F8401F29DF5ADD75B + xor-digest = 3253187DAF7A4BF8C2646C6F921B60A2 + B6A79F9EFD121EC5769F278B76BC984B + 3FD6AF376B8C0CC90ABCE386E6C8097C + DEA03930FB2D84AEEF7B0C627FB00BB5 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE + IV = 0000000000000000 + stream[0..63] = 8904DC48B8479DCF6FBD212DDE6ED694 + F5E57A7AC714EB4B4D1667E3E2726B87 + 2C8DB0DFDF48AE1C703953DCD8D80D87 + 98ADB5D736FF9E8D319597FD625CEA26 + stream[192..255] = C24A62103EF1129B09FDDD36E896C990 + E46C0E03C239C43A1E21E764DFD8008A + B32070164CC2544B77353C0C0B7BF636 + B4925BC0B9FE08D9869CCCD81838747F + stream[256..319] = FD0753C8B8A8B1B89E851C59E37E5712 + 31A9D11946B985A1BF1A0F36CFAF3569 + 5A5071D1843C3232982B77E73B710066 + BEF3DD1FE125752C70946FE618D15A0F + stream[448..511] = 0A3A64FD42FA8E51BBACFC20442AA3E8 + 552C14C5F9273C2E287347FC6E9EC7AA + C2663998B187C0E3EECD56BE4A9E5066 + 8B3328194EAF1CCC179FFDF7725F05B3 + xor-digest = 83E573D4DC583AAE78A8D59A6848E229 + 23859B733276026BDA517F1254959EF8 + 69A95A9BAB40EAE62CE06E6B5E1F6985 + D7F3C2A92D7D67932C8CB4CE169E3A7D + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7 + IV = 0000000000000000 + stream[0..63] = 277AA5A661FB5E7EA2319A63A3926DCB + 54C56197D38BBC450681ECED2C0D418D + AF064E850791B6D88E43C8FAB2E89CC8 + 141C3A1B454F70110273B2E6C6DF4D4A + stream[192..255] = BBB17BDE03F95053111321A5E7E34C6A + 37E291DAFF18B74C8D47758384A21162 + 4B69682436535C053F79AF13F45477F2 + DF505B227C48190D6005B3B7B8649FF5 + stream[256..319] = B61AF6C3C8AE55A78DC691651C85C6B7 + 810B5F2817E6998419EBA095202B7E5D + 38793DFA03DE604A8565D8AA72EAD3EE + 77A4C20F536F8BCE659F0580C60D0D11 + stream[448..511] = 64F7BC91F92A09BD45276F0D912847F6 + 4381EEA9B9AB0C4B2E4C0FCC4783B370 + 4077E35A083839793D29D8600AE838E1 + 60B76B81BFE9E0DB0405CF0D035E125B + xor-digest = 4767CE51AA5FE743C98BE4671D81EBAF + B535000B7E478286B93DB4B2AFE056FE + 1D4D9026C1FF44F50DEDAD4D51030D9F + B32C996D4AB69D0027FCAF739FDB3DBD + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF00 + IV = 0000000000000000 + stream[0..63] = F041D614A8916534F5E80EDCB78A47F7 + 07080264357A0F814712C11687820C7A + 29C669962868EB0BD810D3CCA09F81EB + 004DE78E4E6CD29EF44B8594A823E345 + stream[192..255] = 7CF42A19A22B7C3AAE0F5E7BF4C2F808 + D561CC2020D44F05302F892DA8EE292B + F44ADF860000029B57A17AF1513E0ECA + 687B0107F4CB4E2D631AC5B8747272A3 + stream[256..319] = E7618C318AB60F74791494FBF8ED1A09 + 15D553E6AD82A4F149E76D6505A2CAFE + A50DC7E13170EACE5A72B2DE38A0CA95 + 53CDF70BF68D96FAB39FA22980709EA5 + stream[448..511] = BC6840F2F5E7F92E4F955134B6503A1E + 75898A917221A3BC5D80BAA500AB92EB + A2D3502D65B18D0D63B9884ED4C96F7A + 1ADBBF66ED93C517939870578835F7DB + xor-digest = ECAAAE574C624941B2723F0DC1CE5393 + B99122129CF10BA734B1E858A23B1E73 + 7D8C6D29A8D82C8E71A25ECEEF252D1E + CF8E4DF286CC2E04C5EA8931EA0740A6 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + FAFBFCFDFEFF00010203040506070809 + IV = 0000000000000000 + stream[0..63] = 13BD6B62B3C42484F1548FFE20D522A0 + 843B2370735BD08FCE18541E1964FDE5 + 3079514D7B919F3C07F5225DE58A2EF8 + 470E1D7C03347298434AC74442CF9F95 + stream[192..255] = 74C077AC0BBB0860CD1A75C2B8E6DAE5 + 5EF0BF6BA4CCB77AFE91D0A906AA2088 + 543B9BAE37C5ADB0AF2896813F272139 + 2EEFDA7507A4CCABAD1FED44C9F70714 + stream[256..319] = 06C1AEF89DF7CB47CA2377FC82EA37D1 + E0CF511E2DD24C73BCDA112771E37CAF + B6B1E850BE5DB85D3AF1F54B059FFE0E + 86C4079A87A8EF1AA38E8322B6E9E670 + stream[448..511] = 4A62251F516A841469A921B58A7BC891 + AE1B92CE68B111B99CE35BF72FF1C15F + F4C1BBAD93D07E08A565E9047160DEC5 + 4BC605A8701ADC52FE2F1E3EC45CBADD + xor-digest = E8E44185DA30F7CE11C4BFEFFAD6C3D2 + 30D5D79F3DAC30566CD1B3E82F8A8ABC + B41D7694F186F5032292D89FD71A3CAA + 299354AA5C922504708553212BDC5003 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + 030405060708090A0B0C0D0E0F101112 + IV = 0000000000000000 + stream[0..63] = CFABF67FA1DF699A709808DE3E2786C2 + 9C69B21CB6E6654CC602FBD08237566B + E7CA0EA13F7C9F269CECF8074922A8E0 + 02E0319E2DD58ED35BDBCB82C15A415B + stream[192..255] = 0D8DFCD4458356A7F9F0849D110B1A26 + 357E064B0BDB7893356F86C87B326FDC + E4C9C1DABA8A3DF925BC7355B7A0B8FA + 6DAEAB125879A5188DE35E8D907960FA + stream[256..319] = 31C8238CD692FB30572F36882464FFAA + D1D876BC0A3A92FCE8B4A0B5A011E0DF + 31AACCADFDA0489292E36C43F121C713 + 958E515317FC9BC8154775ABA0E9CEB0 + stream[448..511] = B121C8A34A296E5051BE2B7AD3C5573D + E7A09D1CE84195363E5999CA33CA17FE + 801D3938621A804D6B85CB38DDD3D235 + 53CDBB6ACD75E261D45348AA1CA9E0CC + xor-digest = C3B97443E9051ECAD7918AFBB80B1F2D + 80B9A7185AE4CC008E67ACE7507730A0 + 3A543573BB415B222B6D014D76E3DE66 + 44CFF644DCCD9F72480D9AF5832F590E + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + 0C0D0E0F101112131415161718191A1B + IV = 0000000000000000 + stream[0..63] = C02874278891C94ED1C3186D276AFC76 + D4704B38BBDF53C057B5711BD7514F81 + 6C2037DDEA1E87647633FC6250BAAD03 + F6442A185AC2417834D054AFE5D1B518 + stream[192..255] = 67175439808C73E544314A8357C9D1D4 + 941C977D280B7ED7B55D85517E215E3C + F84E1F7D89BDE2F7B02B57365CF0B8B7 + D2F5C18CDA3A1ED4083082C870B80A80 + stream[256..319] = 221FBAC59A3C7B68AF9C61FB0570721D + 65AB60C261D471F6953F08B63B660CCB + 95F3348FF7B94BA5D8269062208383C4 + 23D9714C88952C2B72653569C4ABE00D + stream[448..511] = 45A0E29E968D8C239989C01A19D569F6 + 8EAE85E11BB667CBFD245D9E86B19CB7 + 7F2B1C25A191C676AEC95702DCE50CFA + 41D733C8734B1337DAAC68934038BB26 + xor-digest = DC1F86C26FAB7918B18CD75E9C8D3A14 + DA6D2CB90A9AC3A78A420B7D067291CF + 06B522D78F9038CBF24B7E8324BBEAA0 + 3EB826D4F1E25BC9510DA2248F26268A + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0000000000000000 + stream[0..63] = BC4BB7DC20EFA2DF9E7DB7B8C6734A6A + EF8B0936F0E2579638162411BCFA4536 + A816DAF73978C6DF8FA1B6F84568D609 + 616ED37ED0A8B05FE85CB064057F1E5B + stream[65472..65535] = 45CCA5EEB6363023FADCD9C021698A8F + 24AAB4275E8EE6337E800892B749F9A3 + E1C2878CA21F2FE905E108EEEA30580E + E04B35D2755C9994010D156D39D01341 + stream[65536..65599] = FF7F12A00733D2FB1906C1479E82EB06 + 20C3D695EA3EB5E146C49EF2B47BF618 + 523288D6AAD86345D3E799BDF2E8DE9B + A315BBD2195D3EEE4AAE83A125EFEE5A + stream[131008..131071] = 63EA72323994AF3B58C8A0AAB71B4FEC + 31661F67E7B6339ECA60E8BC7D6D9BD7 + 24A47E3C459BF803250206D89E8BEA9F + CD4FDB7F08B27A8420468043D0845D8A + xor-digest = BD8E5D99907AA3CEBA1A56D21839152C + 4759DE9BFD7829CF53139307476B0BCB + 3C1166EF29424C72AB7EB81AAF1E259A + 241CFD18BF4E5CB97AE38F47C3AB02BF + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 0000000000000000 + stream[0..63] = A3C365600F43EFB9F64482A5E9B6AF05 + 29DD849A3A8D3E4ABB3087B020EBAC62 + C91CC168782672CA092856E687E2DE53 + B1EE3180714D014EDBD0A7DEF739E33E + stream[65472..65535] = 2357CCD0C1E83CFD73AFE89ACBC91160 + 2E7765AC08A27C9ED48191B2A7F20441 + EACD599FD7EBB693CB00A03337834703 + 0FDD4C7FE3AB29192BADE53612EC5B6A + stream[65536..65599] = 68BC3654B7A0EE6B749A274214F9683D + DC3B5A5617412A9A0EE28E348988EDBC + 754790ADA72831C7BA1B2888CCA4D8B3 + A043488E03A9A7374E0E825E017A1699 + stream[131008..131071] = 273727736F4F8F55EEC8F48551584C69 + 1665F7CAB18E0F3F72DCE262AC4811CA + E6E68B5E5567B609E6E544D9051BA339 + 4462B63F30120125A42F0011B2E95F0C + xor-digest = 6045F536D3DA9851E352B149A23CB356 + 6D662C83EA61D2DDA2345CD39BD6A348 + B3A56816F095BE86C46CA9ABDC1B3372 + B28EE0480B918DA7C86F5A0CDCBF185A + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 0000000000000000 + stream[0..63] = 1ABE0185937D528F94A35C84393EF1DA + 2FD2646B547EAB7176407EE62B91DF9A + 09D45A42C7FB65A33525294217564A2E + F1FA5F3D25C84E5545D28D1C0F2BF9A3 + stream[65472..65535] = 59B3ACFF89A5DC317B5855914C5858EA + 5A7A67DB6CC484E2FE7A7F9ECCBE636B + C538A519BCA67C35A3AC1704EB52282A + B1C3E12A1979DC1D008D52E86B230423 + stream[65536..65599] = 2EC1785C1D3BE5FF74F87AAA4D4123C8 + EC0D60D932B34AC5C0E4530F9A8538DC + 980B0BD7DA19BCF185606DE356137862 + 23C0BAD6FC58C683EFBA9929006ED557 + stream[131008..131071] = C0FC679B12FCFE53F881A5A10C61ACD6 + 9F138A54DE03D3F65CCCB217CF279B7E + 0306762406111174AF7A8298D4717854 + D76E4E42915A7EC55AB639CF9F83CAA2 + xor-digest = 2B9375FBCB3C247C8CB40703040A8EAF + 3D376E61FFE14D42ECC2664D9DD9D812 + 4441FF8E7A48C7DCEE86D1BF0C3C4666 + A7A2ECB23FEAEE77F5269B34B5577AA9 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 0000000000000000 + stream[0..63] = 6802649BAA9512CB488D48B5B4D00FB5 + 3B7F37FF0A0FDA6DD8CDAAB63699153E + 885AF17BAB77C3058E6C6679FE66A76A + D2531980B488F90326A4A949AD4C4178 + stream[65472..65535] = 254771F3D5E8EE31B66FF56B5BA1B7CA + 63DD3CC5174D7D78DC0AE9A7DCE6FCB6 + BD9D1A2BE92E507243FD1683A11180DD + 1043D3CE6D0B14991A8F042C19804006 + stream[65536..65599] = 8F1F57EF9243BEDCB44A6B348D50E803 + C594E5D824AFE7306A66A5A99C1E79F4 + FC2B4713F5761278779D886A20FBBF3B + B521C03B1D1123AA7987AD07B522BD53 + stream[131008..131071] = BC35FF22267FD9AE240B5611B55D8759 + 2A442C9D150A08144EB100B3F520A14D + C66854C7A31675AC96264EF8ABCF37D2 + 4F16AA8F53FB8D5E6B5A696F292D0EBD + xor-digest = 9251B6497928E1F4EBA24CFB7F035007 + 915BFB543B1ED802524363A1F468BF02 + 31884D14097354F84D94C501EA757624 + D5DCA7DB1BB96FDD1748EA070CA980BE + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = 675E88B4EBB7C9E13B48B8391BB4DD6A + 112C7F688F623FCC3025212158267D59 + 078C39226DFA40A6EFE5B8476C66D9E2 + 01EA921C0BBAC2A06E478578EAB2E141 + stream[192..255] = 196EB7F2CFEDA01ECD73FD1D5CDEA854 + 0E87AF023B664C6F8392226AB2B2D4B4 + F1A7D6123DCF3F1235563F2DD664115E + AAAB98529C8714486327ECCCC7E1573A + stream[256..319] = 83D9E5E28E20C888E27AB822BF50AF19 + 6E1EB89A8A078DF20F0BE97C0EF8B441 + 0D51802C66B245F6314A4AF1713F372E + 3237C1B6FD04753A310EF21405E07E51 + stream[448..511] = 2EC336F64E4587BB8B578C323C025554 + 5A152F7340E83C64F1422D5D77B3B1BB + E1552AB5A2085B88962C1BEEEF0799EF + 84CBD94C433A8C9E0D6D7E6A0B0B6C04 + xor-digest = BEEDAE03356A16E4BAA3D9329B6DC83B + 2C2287A33E2A4352C2CBC634CFD45622 + 547F167B14323B454448EFBAFC235D29 + 6D27C4CB18BA43A6371AB4770F1B5B28 + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = EC23882036E96BC32349C38CF9AF39E6 + BE54597D5751E2F4E8462F94AB50CF4A + E84C593E79BBB1C516E5D94C1C20DFE7 + 852874FD8A27F16B0C8214AB746B8378 + stream[192..255] = DE98F68F118D69EB9A6D9C1FFBE26484 + 404D91C8910B7152CA5936965537059C + 81CCA83D524CBFB1463DE36999DEC074 + A3B6DF4B8B1F0145057DDFCC86D9479E + stream[256..319] = 7AD87D960F9E32AC40F24FACB907FA60 + 75D4111F80BD92C4B9EEE0A4AA047C43 + 6EC7FCEBA114EE2BF06465EC828ECDF9 + 9B8FA81B2BA8EA4B975361BCF45DC5F1 + stream[448..511] = 998059FB9F1CCB625594C54E4A7CB857 + 1B09032A1C259A1BCB0A6E10E691DC61 + 3E59A238EEB77FBECDF86F89F5F9DA13 + 08F4554E6567F37850D0BF3B571924E9 + xor-digest = 2C18B90499A32D427405FF25D31F1656 + B832FB1620ED584D6BC39E5751C20123 + 48CB162921C94D9B47C60DB648C9FE3F + 095C1759DE242828B22FB37904A16A92 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = ADEA4C486447ED9B1753752EF188EA2C + E2ABB0F1E4138DB089A77BA4B9792FE3 + 05C9A14A652C51434968FE71DFFFF1B2 + 73AF1E54A10FDC6BE6EB4DEA63306365 + stream[192..255] = CC7E7C21F3FD39DE0A06C47D45DA9C33 + 2E052EDF0043E01D7A833B96A1DFA06C + D673F10464037C89A5552DFE7CFF2E72 + 52BF2A16F5C9B28076435BB9F01CC7F0 + stream[256..319] = 1BFD92B9C409330C708CDE770A92B496 + A5EC43FBD829FD13ECBF45604731A123 + 22D9B4C76932917402098CA0AC423696 + EA683B7A21EAD3350DE2C0BC29E94E5F + stream[448..511] = CD29867142874CC1D5B0D74D9A955995 + EECA7960F20E10E5692394435B6E1DC0 + 6B89C357181C59473A151CD46A9B9C35 + ACF1C6EEAAC80BFED5856EE8823AA8A1 + xor-digest = CDBF897BA3D3925CEEF1782891F9EB80 + 23FBE3E16680DED6FFF9934F3723FDCF + 6361CB0E61120F59A3C31F1EF1093D15 + 9C1804F91A1B3544DB33D689720AEE7D + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = 7F08734392894C728C2F04D5AFAC53B1 + 3EE75C2E64C10CE7288048F169A1ED42 + 46918C4D0DFE1D4598D493508CA21204 + ABDF934E992B2519F5D5141AA4BFE070 + stream[192..255] = 71EFEE65DD4967AF04D6094338F0427F + 78770CBD5777437DB3FAAAAFAA981568 + 4F6B024D69D18EB46D4F30B9F3A63C5B + 064490C9FE1EDB8ACD28B392199FF604 + stream[256..319] = 31B7212C81883D0BB9B43788773E7E5C + 0D7561272141720D5E7AD183E57CB7F0 + 7A338FF849B5D99C72239675954F4480 + 8F22C5A3F012208ACE5220A75B38ABFC + stream[448..511] = 5D86F22CB32C99D3F8EE982275D61686 + 1BDEE942065FCC60097FCFE00DE69325 + 65EF1C9FD2CDDD4AAFF1EDED35A5D6B5 + 8010AC4375DCFCC0AE6F8AC90D4CB279 + xor-digest = 7E849F63079253C3780AA208EEA5D9C9 + D0104EF0FD7C9CF82258F509DD4F6E71 + B9BC6C2CEB4E41F84BE73D32CC3CEC2B + 58845C1023C785D55514C2296CD9A709 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = B361CF9742D9B51A3F58D77ECEE24BF7 + 4F2B610C3C9C20FF0788718203FAD591 + A294E9965CE79D9D3A6FC13F98E4B36F + 7D14B81CB2B56650BFEF65BC4A687D25 + stream[192..255] = 567F472CBBE17F7021015BA0E0F71B52 + EB60AB21C5FAF6C7386002C985985A3A + 78351F79FF50B5835DEE97C83BF44780 + 7AB8A55D408FFAA4DB88E3CAE53400B0 + stream[256..319] = 06B90181E4952C14E5CE7467A82F709A + E6AD384962826E7DE3F05AC3DA3DE72A + 3495624F546334836D522365DBA4C43D + 2827F0E332BB98DAD8937CF66045B5E4 + stream[448..511] = 6DD88B105261CAE39E9D1F1853A49CCC + 182D6AF3E4AB31410C50AEE77ADA5B05 + 22D13B584B0F165227D4C5413F893ED1 + 742D6AD92CEDB766A90817D4DD8651CB + xor-digest = BDF763D8211E2D8F81088B812FA70E07 + AA6D90C6CB6D5967ED412AF23900ED53 + B120C2AA91A737FB1FBE5E17D464A415 + A56D473460465F412C9AF48180C59EB1 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = 45C7AC47C39DE1C9FF0C2107F52853DF + B62E17430420B44E94C0C8A43BAC06FC + A5D17C06252E8F2C061ADD684F403AB7 + 2F66B0077EF40927CD69CF88C3006935 + stream[192..255] = 7FA0790E8E895CA378F1B5899A7384D7 + E084C27065A0CF69DF06790EEEE50529 + E0F6709A48AD3A38D61D151ACE6A0B8C + D4382AF60BDB6538C50A437E7C0EFDFB + stream[256..319] = B9EBD0F081387A117E8E8AA77A06671D + 4B5E559E47715E9B0C36248183832DFD + 22B394E359B6435F3DB6ABAE9C0ADB66 + 61292A4901B5CF6A8728D02335F26B5E + stream[448..511] = 184B25F5BD8C5DEF413EE9FD4E2E19DD + 251EEB5BEF34AC76EC629525C1A87AC4 + 50B323464D51C59DE539755761E87432 + B87F4CA9D91A0E8A7F39B42903E8B671 + xor-digest = 10A5A277C10212398789DCD19F20E7B8 + C0E8F62CF13160C43A0E8DAD97454E39 + A9E98C1F26B3631BF7FE58036E98636C + 38FBBE9860478DCE634D4941178BC89C + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = 85500DAB66ADAC980365E36105EE9BAD + 5F352E48E50BE5C36BAD0CB1BDF04791 + 81047B35775C89C9DDAB499C1F659DE4 + 4139E56506E1EE60634F46E5B63C0541 + stream[192..255] = 6540C5CA47613812535E87974ACD34CD + 885B3E6C00D9132B50238DD543F177D4 + 5EBBB58D9F54358B3E1FD085389ED5B1 + B2E0A9561F58A541936E2CB82A9BB731 + stream[256..319] = DCED1A5684A1A52790FAC7E510E508B6 + D6E09C79487E8DF95794727EE7DB4CA3 + 076F1438396C3A0BB525FB24EA115293 + 4432A769F437B22DB57B44D53DFCDE7F + stream[448..511] = 6CA881015FEF1D6C0900125A952C5CCB + 49A0E1E2A33B1F2FA8E60B2EC7FBCB20 + 9B03F73B773CFF4ABB741C05C923D0A8 + C31EA6B6B11E5A53F1D1DA3CB7C50675 + xor-digest = 19C172C1FA6B0CB99D605E926467F77F + 18C70C32ED8C71226B668CF98A9C1E77 + 58DC03FAE59DBD92B4AE5F5CA05DF636 + 90069F4EF02BB8DF8E208595D8907978 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = A2D286F3455C44D4F1B2FF7693076CD7 + BAC089D1957B515BF255E69D1D84F836 + 2C06FBA6D05F59422578A0345CFE42FC + 9645E3BB300EEB81025A1C60B4FF8DD9 + stream[192..255] = 9AACACDF178BBF9D9D28185FF1241AA4 + CC0DB3E6C19A4D77DE559A5CBFC4CAF4 + 0E720FC9DAC5A833E87A9C63F0195DBC + DF6CFC8F41B34D0A8583C134F7D5A1D5 + stream[256..319] = 5A7D71E055D16E925D9C65657B02943B + 5B4A69ADB9FA3918C65608D8457F40C7 + C6D46480101382F75DFB9DAB1BC70E82 + B5C49D51A989921EE2896FB78C1DAB3F + stream[448..511] = 8BBE64307669E8FD83EAE1B8EBDDE7ED + 8380D256BF5A7D8C7B104056D84EED32 + E41BA579882E67C28E17AA5D5BF90583 + D907D423A3017B0FFCB68F4D67172466 + xor-digest = F4453F7147346281294A38B3E83B3F9D + E7F7370FB9765CACC6410A7E92919C7D + D270C421F932B744014EEB0952807AD7 + B9D4E53A77B24C252B97BA722AD14004 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0D74DB42A91077DE + stream[0..63] = 420609C7CDDA902D6FA7CB264AB0C89A + 030DB2E4BF18D179BF7A3114F2266E2D + 5519F123A079233B5FF82481E508828D + AB2620E5521056FAF60BE1489A716971 + stream[65472..65535] = FB60D119C4443C7978FD8D68900D5478 + D5ED042DC632FB5AE025896B8E61F20C + D169FB57A72DB4BCAEBC9671B146B99B + ADB2EAFF56E83CECC94A913A852B6711 + stream[65536..65599] = 854FE0BE60EA49F4D389D9A63E6BCD74 + 263211722D6D4B3865466D806F61E719 + F4C76909436897E64C3C34B91E8D0220 + 776DEA862B0C692DAD4EFF58E0CC08E4 + stream[131008..131071] = BC4B88C2D58367F7A523D6DD118CFA6C + 7EFA657B115E9B4D9E54C10BFC2DA2BD + D71F2001EA6A22FC2DC5BBE682C2A072 + DAAA8520E7B74CD59B75305DFE816F9B + xor-digest = 70174FB4365E24E02D83F99287BA8E5D + DF1E4B9463880C702C084E5624EFA8E3 + 17D384DF0EA64E5A0D038237E0D5857B + A140D0FD20946D0DBEA04DD83F12BE2D + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 167DE44BB21980E7 + stream[0..63] = 2178746B16C0E5A374796B103897EFC3 + ED577627927509B689ABD22549EFDDA1 + 066D7838E2A27446C7C9A76D3F6F6D4D + 15D1068F48ABF9E90527DD3C9B1F26F2 + stream[65472..65535] = 05E36B4C91E994FC8B472882AB771283 + 39B5B9D592A2CBDC6EA7F13B3B8A0741 + FE0D4D8C6C6F0A97DCA3682A42CD473F + DE17834C56336EDC093BDAA32F048449 + stream[65536..65599] = 8C76D08E44F7AAFC9385FE492D9061E8 + BEEF34CB156A1C486A4EE09141BCBF64 + A5BACA7BC26CDBAA7E3D0444C38E90D0 + 8DEC4D9C1F5674F369ABAA675DE9D6EC + stream[131008..131071] = 803F9EC6663E5C22CD2C83AE8042C1A1 + EABA7FF342897B9B1EEA3B59672DEE7E + 6BADE60C31E1F39F134735BA9CD0FC0E + 183287819EBAB974438CD44288797B9D + xor-digest = B7FB27DD93BAD8298AB78590E1285047 + F457923FF11FBB9CBD3AE57CDD5FA3B8 + F0A3CD8D9F443EB12AC2FC75789B4ECD + C1C5D5F46136401DA5922E35B98B2CA2 + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 1F86ED54BB2289F0 + stream[0..63] = 3A87FB3AA2A4C29EC035203034518F38 + 88715C19A388D01F698483FC88E38716 + BC432FD340ACD9C75838776E42DD04D7 + 3FBC567A61FF3FD176DBF9C714DAB434 + stream[65472..65535] = 5513BF93B6342E402993FC2B4EED9F7A + 8225D65B1969BA6F3965001DE4D06119 + 40E142CE86EC31DA6B70C80BBCA6526C + CBE6C55D26374DAC8AB5E4D439AB109D + stream[65536..65599] = 0EA0A9E444818A8AD6E1929067445797 + 96B65E391D42EEF424E61B4E811F9909 + 6452AECF24508D2A71A1E248C9B0C1CF + 21B09409434B1E916C0D9EA430B8248F + stream[131008..131071] = 5CF71DC4DB6CEADB293AF79754E3EB80 + C3A30DBDFA712031EBF050079301F490 + 38C278F5CE6C6EB684192505382A935E + 1BCF27C4A41C97624A531ECA4B2514D4 + xor-digest = 7E014E5D31459EF92EC398F92AD75FE5 + 28AEE41CDB206DF39D453A5A37D43604 + BF1F54121FBF222C21579A00B7E0F776 + DB481F31A445592F918CE5665C662A5D + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 288FF65DC42B92F9 + stream[0..63] = 36CEB42E23CE2FED61D1A4E5A6E0A600 + DCCA12CE4F1316C175C0BDE0825D9097 + 2F574A7A25665FE6C3B91A70F1B83795 + 330F5CFA8922C8F9B0589BEADE0B1432 + stream[65472..65535] = 09632B7D639BEBA755BEFDF5351049D3 + E39ED53E3F61CBF84BF4976B61569A18 + 968D7DD5998BDC61728D84EC9008EB04 + F958A75B74E6E2B9AAFB2D62736101A8 + stream[65536..65599] = 67A7D6E68367F72A50451DD6FB73DE9C + 4A9731758AA4E8CD9B3F0D5F3BB18FA4 + 71836828AE901667990431DAF2F25B90 + 146C4E92CC8B16F335B49B8DD7B06EFA + stream[131008..131071] = 70ABFF26A28D19CE894EE592E8CFBE7A + CD7200EF317C6D7847C31CD3630A87FA + AE0BB6FC52649DDA8ED0C5F0EDF553C1 + 9B991C4086BFA4D78F5108399CA910E5 + xor-digest = 3024FF4FF97C1C1FC9BEA85B46BB2441 + B13EB173BBC874698DC796C12A6AB654 + 00E233A5F9629E42E22AD8D830B8CD7A + 3B537D103872C0F2280551B9486070E0 + + + +End of test vectors + +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: Salsa20/12 +========================== +Profile: SW & HW +Key size: 128 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = FC207DBFC76C5E1774961E7A5AAD0906 + 9B2225AC1CE0FE7A0CE77003E7E5BDF8 + B31AF821000813E6C56B8C1771D6EE70 + 39B2FBD0A68E8AD70A3944B677937897 + stream[192..255] = 4B62A4881FA1AF9560586510D5527ED4 + 8A51ECAFA4DECEEBBDDC10E9918D44AB + 26B10C0A31ED242F146C72940C6E9C37 + 53F641DA84E9F68B4F9E76B6C48CA5AC + stream[256..319] = F52383D9DEFB20810325F7AEC9EADE34 + D9D883FEE37E05F74BF40875B2D0BE79 + ED8886E5BFF556CEA8D1D9E86B1F68A9 + 64598C34F177F8163E271B8D2FEB5996 + stream[448..511] = A52ED8C37014B10EC0AA8E05B5CEEE12 + 3A1017557FB3B15C53E6C5EA8300BF74 + 264A73B5315DC821AD2CAB0F3BB2F152 + BDAEA3AEE97BA04B8E72A7B40DCC6BA4 + xor-digest = 21B4FE2B96EF241D540C8ACEB15649E8 + 1F14F842A86DE5F79EDB11480F3FE6AD + 817F8E559ABECDF734FE171EAEA9D27C + BB371955BFF422550AE57649D44B569E + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 6C11A3F95FEC7F48D9C16F93CC901EEC + 8D347BEA4C64B63F3E1CD88DF4F03A59 + 5ACC0500EFC616DCFEBA3E839F0F72C5 + A54A0801B90C864EEAA7F48CF37DC365 + stream[192..255] = DEE7D7D48794FC33F7920A21E5C4451E + 109C86E19CB9B78F6B1648E8389E415A + 20F8CCD89D2ED0A5AEA12794ECD04DFA + CBC7675C82EEA65F35C27431F96838FB + stream[256..319] = 0D0234066686CE699BC8634B4B1983BA + 04A153B7447D13DC1371F2F5198FF556 + 182451F0ED4227818172E59F443406F9 + 9D52736DA7C52235A2DC91ED11793CBB + stream[448..511] = 8E1F1453E17B186C968751E8D7EF7EDB + 6C7E8B2EE2C40071E6AB2DEF81D28358 + 0657DBF6DC5E651D7B953661169707ED + 5337E7317EC78D6F4C2A4C95E354F455 + xor-digest = CC44B389976BBBF545E4A5C52710E57B + 7114F17EE9226D300683EE53B6626AD4 + D04F134160150185176687E3791A4523 + B8FBF1E15C60BB7F558AA20AD24E7EDD + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = E27E394CC6B72EB535FD92D1BDF9F5D6 + 24671D5BFC9EF233F6B51F12BF338AE1 + 72DC8B7F4CE899BD5FF85B0546F022DE + B91FEA1ABAC32EE1F7B671E7D6DBF9D6 + stream[192..255] = 0D404B2411A81D85FBDB104B5FB2C42C + 84FCDB61147DF1D12CDF8B3D74A3B570 + EFA84498D94841C548628CCD66D9B9AB + 22ADCDAB6E829A697A9E4FD1AC9F788A + stream[256..319] = E0239CB5125FCF463A96ADA0EFF1DDAF + 7ADC1964F28AB98FDC304538145190DC + 4A6810413A370EF20776DBF005FC4244 + C946A1251A4258B01BD28655D91AE182 + stream[448..511] = 3CF060F8989604C82CB269A963A2BA57 + D66AB146ECE690A34170944406836A6C + 77414BB4FAA5E6EC5E2C31C292645F69 + C481FB1D7E33E7E09CAB6064CA8B568D + xor-digest = BF30A8729FFDECA0433C3B00047FF233 + E5F849498660DBEAB7A6F86BFC98057E + 2BF86DC83A887AB7990DE1090F8D30D9 + 4192CC769E002D66509972AEB0F28962 + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 7099AE9D9CB1AB463F1386999890EEDE + 6B02D8D6679BAB095546A93A3B3718CF + 105A2BFC94472D8AFDE35DB1A033063B + F723639C2031DCEB76641B40D467F440 + stream[192..255] = 4CD159A07A3306134984017876A68392 + D38062F88DC1E28CC98669372971F28F + 73E6138C74E6E2D116A8AB5754746D8D + 80CACC2584D95D6AE2AFBB99A17F0438 + stream[256..319] = 0BF7FCE46946038217A999FB9F43677D + 20537393021ED90AA6C869A349E0D54D + 6DECE3E15570C6774CB9AB337DDE57BF + 73BBF71F0771BD5AB172BFA1D6EA6035 + stream[448..511] = A128783FA0BC1706701518E9B176E912 + 639627536C0CAA99B230183343BF4C46 + D5A74C7867931C307731FF8028C9A1DC + B4B8487DB28326E8A1E9840C02AB0453 + xor-digest = 5424FFA3ED6240E71F60DF954EC9B729 + 265735DBE7C86B724B6F06328AE71F81 + 926A1146261373381D666422875F429A + 3C32829F9BB2B66094422307F5AE1C2C + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 1AD36B099C145A144D041FD42EB2630D + 70D402934C712C49E57B93F9744ACB5D + D9FA38F54B8F23595F7B5639C68056F3 + 3D607077C6FA583AA6039E943C7EB610 + stream[192..255] = D751D6B282EC6D64E056D74AC3B5F7A6 + 72D28952CFE4A3A440A4F1DAACCB7871 + 35D647689C95B92A803BC7BCDF1E87D3 + E7A8DFDBA625286FCF60CF7470C6BBA8 + stream[256..319] = A5E4245548214E6DC5CB767720BD6FDE + 44A34AF58979E57C5CAB2258B7990B53 + DA217C33BA5DBC63F4398BC08CB3F77F + 9056E88A3370DDB4EB7E49494E2BF291 + stream[448..511] = AE45D93DDF3DF28D6D6D359D63DC5EE4 + 25D5A2CAE27ED3EF4328D162E5162F44 + 4982345D965C1C559361839FE34BDBBC + 8D9FA0A607AF26A8744BFFAA9F06590C + xor-digest = 63F3E823ABDB4EBD45FE02D0538ACCE4 + 38A8EB93C6F1859CA0BFDE75F617AD5E + 782BE769CB8A62D8F4500D4394B7A0AA + B710A83D93125D2242B166A6B68462E4 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 0000000000000000 + stream[0..63] = FECD00A21964C769B7C758C4CDC71D1F + 5AE789EEC3F86D51CE6607C5F7BFA94A + 2A33B291B806B660A37014728D413066 + 15E76B71C814637335ED143EDDA88B47 + stream[192..255] = A4F77595FCC27BDCC93369BCB56B5BC1 + 836231722ADE1487F7CFEA34DAD05838 + BFAFB3BD4FF23C06E3E247559C50E22C + 3E1CAEAE31159BFAF8F18268A3EF1414 + stream[256..319] = A006010DA2B96B14559BA35BA4D2BFE6 + 3F43C6237038C2ADF8B7A05719774846 + A48311D1571309DB1AAA89F89F18CAFE + F060D8A2DE29ACBFA51F965A0D93A3BC + stream[448..511] = EB6DF337C0616D64ED606711BB0369B7 + 36C3B8102E3DF0FD58CC9C58833BD88F + 093077030D0DCF4BFD92FFA738B10F81 + 491F4811DC4650B1A562CABF7611CD41 + xor-digest = E743A5C3502FFEE64131ED9754D58FD5 + 2E53D4E2B993159CCD2F017CC363A6C8 + A3AC5FC7332E6849DF9DC5007B32015A + F8FFBE21631A532D1535615F195941A2 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 0000000000000000 + stream[0..63] = 7776759D4299A92C5B0A584555539ABA + EDF25E153EB4BAEDCAC7CD08611E65CF + DC705A7D6221ECC8B18B9605332FEDA9 + FA04BB8770083F2C26DE4C185816C67C + stream[192..255] = 47D040516AB62987A882B29D78D7ECE6 + 45F303025F81D46DE11E3BC8DE1B8108 + 96B7FC69A0BF7E215C72BF40C29C31B3 + 5C0DFCC8B919BE2CDDE46F0D56F485AB + stream[256..319] = FC87ECAAD4B508BAB006560D15A56EE2 + 4822CEE1DB3CD0C7850000A4A2C83040 + E96D3BC41131D5ED701A8D8C2DFA2E02 + 92E174DF205FA6CAB7312A1AACB29B86 + stream[448..511] = 43A19249F5110965AFECFEC772798E1A + 8C0995B4E14E378C41751B3D55A16D1A + 15E15A193D48EA3E6FDB774050367637 + 5E5C84263C3D95270C3E57D1C2B75398 + xor-digest = 8460CC004BABF78FA08E113B0FD920CF + 3FA66E62E530B46AC102CCF2E12AA0F3 + 075D46968DBD41235B9EDE36E6E2010A + 663B16C2994BF48DBC7B31F24A4CBB43 + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 0000000000000000 + stream[0..63] = B4355B1DABB58F928C557EB6F36B0E1D + 000865108C2949A3DD0F6C24350F73B7 + 1799E221F65C21F2F97DFD8DF4176FA0 + B9484B4E015601AC32CB2168B1670953 + stream[192..255] = 78E083E4A3A16F3528179B02198D91FF + 74911312C68A8BAB5E6909FB8322484F + D16346A9D5F422524D9E6EBFC688203E + 973C717D336B469BE5277E963AF9847F + stream[256..319] = 74F483674D84B36D05FDD103B0436180 + 14A27E4C91209E669FBA4E2505A2746F + 223C332104164DBBC618F9136111E80A + F0B157D9800EDA4DEDF6B0809919290C + stream[448..511] = 1080DB7D1C29F1FFE980A3914381D9D6 + B01205DC497A98CDF24D9B7BF1E02B45 + CCF2729B673D309ED8F2C23709F54DF3 + 588E1BBC2BB4A73495DDDC3800B436F4 + xor-digest = 3232850FEA37ED5AE9D42C9781A1DAA9 + 766E77B5B07C8AA7772F735F5F462714 + DD8394AB20413D174B77892C7FE578D3 + 861887A66A774A47A1686661BF9CA45B + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 0000000000000000 + stream[0..63] = 5D23D5CC42E76F960CFBB202FDDB6569 + 2686F0325E0590E8B55DED9DFFB821E7 + 9AC149C6138D9D30A18B09F5BA06EB91 + B7051E00B7EEFD9F2217E0E5607DF031 + stream[192..255] = 2E31DAED8F8BB7EC2134F72E992776D9 + 315E9DACCDA1FB3C2FF60F4AAA0B1B41 + 6846E66CA20472E955C647241E30F6C5 + D6769CB8A52D33776D25EADCCE63B0A9 + stream[256..319] = BAEBFCAE4A0B77CD9DAB4ACE819FCE20 + 37CD8F36043957605D245BE91A60C324 + CA6B75075D327717F23967E6B34D23E6 + 2FF8A608D12EA6049887AA221FD55080 + stream[448..511] = E9327BDB9BF1A454562357E832C0B3D6 + B88005CA2DB661DAB2081A76FDC3EB9B + C1220A0A583B602CF6A929FE88397334 + C4F262D2843A6DB46DCE4F2E9778D5D2 + xor-digest = 7E2E09B8D1EEA9163A1BAA3F16836000 + E6929E16BDA46362C0ECCA675CF7D396 + 94C05CF4E450C1FA0A9F61D8D29CE610 + AF7BA90D44B49E378CC266F5F265855C + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 0000000000000000 + stream[0..63] = 1F8DF67D1B37A46589BF09E697E5BFDC + 4B3DAA4EDF853DFFE6B40FE5C22A9654 + 335AFD1F4E69CEE9908F975D05C46872 + E2FDD596B5322927456CB729AE4640CD + stream[192..255] = 733DEA06FEBE13519DDF1EDDCFD11ACF + 3BF9026C1DAB35BD5071D7FEA4CF5817 + 0151BF93F872293980BE610C78629A15 + C58A4AA2CD19501241E5B122AA36412F + stream[256..319] = 179B914891E56D4819DF4390B7E4BB61 + 04FDEA72D27380054A46042C86257FC0 + 22CF20238085F6B1DD25BF2F476A895A + 3F0DEA186F2955CA10F98E4DC8C1438A + stream[448..511] = 1573E4E628DF9B38C4DD8051C377D6C9 + EADD740DC70690721802F93D3408BF94 + 5F91567144DC1A1972902BFA40BCC5B9 + 4976AA7EFC5D1E62AA37151C2DCEF158 + xor-digest = 2D8A5522DF5C30F4CC57B01F8909D2F1 + 049C7F8AA62F6F25FF02962D0F994707 + F509E48AE3F79A40D79F57DEE548E6C8 + 0560A0BF5DB82FAAD606DE5817DB3AEA + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 0000000000000000 + stream[0..63] = 6D1B868ABA77A90F9C6F9EAAE097A0AD + C07CA39DD34C5DE507C3460118EE1CF4 + 7E6C9FBFD8C99D0D13F9D99C8A398453 + 3D32F7709B04BE6099DEC1AEDCB2EB09 + stream[192..255] = 2A5EE11DCAEA07D4F2786334F9B9E7C8 + 618C930CF6938B6DE60DC0BD7D2CAB6C + 385A80731C86D7C0679114B41D9ED711 + 6BE0C4219B0C2E948C7DA08F225A7DDE + stream[256..319] = 46FDD22A56AF991776BCBC1C7D31CFB1 + 66236A67D69907DC7364013D079F1115 + 5FBD9615D93483A3EBBE6FDADD4A7D37 + 9BFEF3505BD825BA78F829F370C5E204 + stream[448..511] = C43AC2769A7584C15AC38C11420C1F6F + C58DD5FDFE6AFC40D1080A9D39DB8BF7 + 1FE0B71D418BEA72B358A09733307495 + 6FABD024FC3173DC63625CDEA8D39F98 + xor-digest = B0BAED050A475E6668B52FA435EFB53F + 878EA3779B64233DC755DD7352DB725B + 1334552C6D637D02EB66171C6E23E65B + C7761073315059CD7C0ECC96E89D184C + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 0000000000000000 + stream[0..63] = 02FEE3556AB7BE3918225C7E2C9DD564 + 4C652C559E125506CE5C95422A863B65 + EE12CAA0C8ADCEE4AC1C79C4CA88FBB9 + DCB04D3AE378A4FB677ECE629429A19D + stream[192..255] = AF07B7F4D4F6384D26780550882FE358 + CB6E7EF1A47106FE58142C632A64326B + 5746E9025A5E2C9E0EC581AE5EBE0401 + 587DA227D857848B5BBB3162C7752221 + stream[256..319] = 76D77B034955D535612587FE0C0E08C8 + 86C77456E460CAD6BE9306C6C314C291 + 09BC5A9CC871651D2F501DE771E972B4 + 9C713E8C83BAE968904F66927CBB17D7 + stream[448..511] = 8C96C93A67952AE3DD9F3B4BCB43ACD6 + 3C58F2D411823CB034B1945298F48230 + C28742F6D0F84501307D32B2E7E59BA3 + 87C80800B52F07D903079C37785235B2 + xor-digest = 2D54E5EB884F7BE5997BCDFD6779BA7B + 84183AB0C400E330F25EB94AEDB96D39 + 1BEC73CD6FEEC8FC04B40B39C5F6581D + 4A20634FC49E5C047D0922AFDB067482 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 0000000000000000 + stream[0..63] = E9C8B0B8026ED49553BC4056B6EDB496 + 153FBF2473B014882908F6C304C3B6C6 + A876F362D88AED4706DC6E55E2D32C63 + 9F055B75A27D73A52CF5D31CA01205DB + stream[192..255] = 0B4E2AEA3375E11B13FE15A4D9DCFB88 + F2B5082DC2BF6AD45819B85B7751F388 + 68F5C1420A9AEF893DBD7FD2E4E1ACB9 + 126E03C0D3C34DF32F2A9E90045CB5A0 + stream[256..319] = 0253CC8A858FD5E6083539619D870D2F + 5D2EED3959EE1CD6FC313540B9978324 + 9989680E440289E0B522A15DC12919B7 + DD4245F5C96DBB8FC63A62627397D7AB + stream[448..511] = CF7C0864F79C2600B76E20ECCD1274E1 + 303953B3F71DDB8B5F06578A71E074AA + 5C9A3BA8781676059F3C2183CB2D7406 + 564DDBBD414D825B93F2494CE67D1D79 + xor-digest = 731EAC3F6951E217045D40068C525102 + B54AA5066B5FFA76698F7708731F7780 + 93C053FAF16C35A0601700854EE3DB13 + 9329C0DE373C31BA0F43943C3A45D3D2 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 0000000000000000 + stream[0..63] = E50126F5DEF07EC86CBD598C6D73EAC7 + 48BC668A409889DB23E4981F2602EFF8 + D131E427690647A978B4EDE5200A857C + 69B8BA545ED510A5630EDEAFC01D032B + stream[192..255] = 0400F9A8A08D870E68AEA32A53C8F26E + 3AEC66BD06B9A1A2D2D546ED510F3299 + BE1FEDD82BDADA6C01EDC115ADD2AA88 + 280E98B6BCBDC69A9F23D36BFE5552D2 + stream[256..319] = 6345F2227B5756CF1F78503998B0270C + DF983AAF91041470F36C60040DE9FAD8 + 05AE2155D53A9FC78CFACC7F2EB0BCB2 + 2840E67AAFB677939E05E59A4C32A559 + stream[448..511] = 1ABEC75411C0F9BEF100B62E2F0DA94B + 49477B80AE0A0A00AFAE39C48E0DDE25 + DC38BB8D31DD48B421FC3AAA32BFF6A9 + 914F6C86210D2A69392F131837CDD0B9 + xor-digest = 7F6E7CC68CDC24342DA46EA89F73655C + 7B340CBA9B3163F2C0ECE9B3F1FE5B92 + C5B899EB9EF06885B9C386BB09D67439 + 7BFF03EF055DCEEF0E04272D05D64462 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 0000000000000000 + stream[0..63] = 8AD3F25EB62A13EBCA454419818DC668 + DD1E67ED28144FB5D869D88065B4EA6B + 1ECB51AC8166E5DA2760FC09398DBD4B + 6AB526A41618F6D3376BF8495A8B28C3 + stream[192..255] = 89F80B154220C573D31A58B7E5ACB9E3 + 9D0DB61A8A99364D1706D12F32212084 + 6A8A1B2A28AB75EC74C65A278666361C + 96D428D95C7B385B08EA53C6CD136378 + stream[256..319] = 5DDD72ECD0CBBAD3370CF2BBFE5F3486 + 2DF34F6B53344BE7CAC5A64B92E916A0 + 9FEBA6BB9EBA6E8DEAB0BD72B0EE08A3 + 832C1C1134F8B77138171D488C9B9562 + stream[448..511] = B15C38CF4356E5E993C77B0877A4E2E1 + DDCE158DD44A0FE98AF874477FB75823 + DBD6FA48B0B178FC8948D4A819A85EF3 + 5DF3C32D96D5B1AAC90B10331695E529 + xor-digest = BC73346C9CBF137AB25ECC242182AE96 + 111327FE917C2857DDA56422E336D147 + 48DCBAE5144CEAE8BEF1DA044650D094 + D0F3ED83E88A54D115CFE57DA314B086 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = CFDC41F0C6E0A38ABF71D5C7E8EC7B5D + 5EB266F8F0A55401426D5D636A68C1AD + F02CED40350A1EDCBCFCC342AB7C4D68 + E08D9CE2D03FFFFDF4C7F5B95FDF95A7 + stream[192..255] = 125FCFAFCFEFD21E7200AD213FE0A8E5 + F629ACF0596FFAABEAB52C6547681581 + FA49E7483C20EC31D16594BA20C74355 + 626EFC6CAC741FA180D28FD90FF6F610 + stream[256..319] = F4C9678918B0FE1DB92675517AC3BFBF + F360E034BFB6700675C80F4D3FE46DB9 + 09A9D7C40BB74698B74FDC3D3ADAC1F4 + DD4D215EF36D87E2F046D6ABEF43E2AE + stream[448..511] = 68E4DE43893B3F0ED0799EFDE4EE3662 + B928B1381F9054F04C85A0CDEF4C50B4 + C0B23134E3F5C00319468DB8ECB686E5 + 606F0F43261F458ABC03253FD8BA579F + xor-digest = 3E0BC0CBC0BFC458D7874B8DB954B7D2 + 3A009D4A511C549C8A2F850B880148D5 + 09B4FEBF89CB72B121A5BA29AEF26A38 + FCED66F609C256C0D2D51DBAB63BE529 + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = 78E11FC333DEDE8876EE681EDB8373B2 + 08ED4460F39A1CF5B5DECC2D89F942AA + 2D7748D56BBB0284128E12B4B2888E25 + E12100C14B8590A9D17F87F42EBDA7F1 + stream[192..255] = E1A648215B15C4A0712F51DF26A0828B + F4C8559F509508401437BE136061223A + C04EF0033A32EA04F81F4731FAAE8B39 + AF59DA5DE48E78FD410DE743F908DDAC + stream[256..319] = 21481C65E5B9922516A30871EA9E00D7 + 43E862755C6C611DE736A07B65BEDD96 + 5A453327A2D71A6347B992DEF0E27C9B + 8F98F0E5E02037282722602B79F1F970 + stream[448..511] = DC98915A2905BBC0B03C49961B2472DB + F4F2BD1879C340229A715B15B93711CA + 503711A1CCE36A645055107C7EEA06B3 + 02E87EFDBD839038B159C24FA913BA58 + xor-digest = 4C01A7AA0E65B9587C66E6DBF89862C7 + 6C34B4668EA699BB3CE010BB74F67080 + 1A4CAD15528B9B74B2CE3D8DAF2B167C + F36AC635D70FB5C4E4BBFE211780284F + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = BBA326041B9CFEC1A32290A1030A30C2 + DD5544534E8774E9D868E96C747417B6 + DF2E18AF0905E85C6A0B3062FA3B2532 + F4A3D27A71FCF77403C2D40A7F44922E + stream[192..255] = C55D288330D41E2349402F110CA8ADC8 + 734481DD5893A738A3F2DECA42A387CB + 394F009B7E50B76A489FF1389FC9254D + 4B64F14FFDE2412A85346D6A4F3701A3 + stream[256..319] = 17D9537A8A1E1D2E4FE9F9209C4B122C + 151069BBA738BB678F5CC51E270D9B39 + A053B794FAF9A8DFF1B1B2660481CEC5 + 010750E8379A000C50BDFD13BACEED75 + stream[448..511] = B4B0A6EFDD9E35EA6CD719B1D81BDF1A + 523AFD162B48B6F8D939C83747AD1BDB + 223040FD2547CDFF4FDA76D227F61A16 + E2258CBC6D33FABACED488256C4DF4E1 + xor-digest = D95DF94005DF0ECAD93B60039688E21C + 972CA6201334BCBA69B86FE0508A7AC5 + B817615F15C55B0493C9FD337FF95501 + FDF14A8658584B08A0A976D96A696F03 + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = A67474611DF551FF9F24E125E6C27562 + 82B01CD9AB06CCBAA4D0FB7B2ECEDB59 + 4146F1510358522E00A69705FEF2926F + 0444E91A5779BED68827046E808A12AF + stream[192..255] = B4188E97925DA2B95680E28FB1B68455 + 96E487401BF361CDB05874E0BFF6F9E8 + 15D174EB06EFFBCF8E3E6C9FB5B06E9A + 594A9D54AA2E375618405872DB4949B9 + stream[256..319] = 16D4E31B6AE838770B257A563F5A0233 + BB6EBCCA2671C68D43205AA09D888EE6 + 7DC3FD52E94D2D631FA8F55B13042519 + D5734FC59D5CEE55769B90D9DD14204A + stream[448..511] = 1ACB44EBE39B2D6F2C7EFD92D7DB9BC4 + DE18B3BC57DD3737FD737449FA14BEDE + 278185A6EF7B5F92D8827EC804F63647 + CE71BB252A212C9B6EA4705F50D69D67 + xor-digest = 9C2EAD3D8559E5735135A8EE945911E1 + 7824F544118F8E1C69B6EB94C3ED9879 + 93094AC359CE20A832442E7672669BC0 + 522B97B1C0992F5F0B14F5E9B84D4E7F + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = 07485149A5680F497E2B0FCDEB37890D + 696D6D3ADD14610A8D0063C96C0BE7C3 + 32179FB7F0E7A8ACA9EF1C3CEC347FF7 + C3EAC020B6FCE95C7CDD205880432C85 + stream[192..255] = BD33D0A581FD95E057D4BF8B82683F34 + 5A232D288E6E3ED0088E391E1BC24FBC + 8ABE1841F0EAD8A32FC68870D7892158 + C80E675A49240117905691481E713520 + stream[256..319] = 70675ECBF6E95EC74A7999D62CEA9FF8 + A079B448CF276289E3A720B849014201 + B06A0C83AF4FE5535D43C9FF3EBCFF9D + BFA932EAC3C6C42B3D3287781B2955F8 + stream[448..511] = 75A8D363EE0FE056C7632CC121CFCDAA + 085D30E061566AB70892608393A90EF6 + 79B3BDEF79914EF744D41F50F1EEDAB0 + 83E23CD6CEFAEBBF650DE1943F2EB89B + xor-digest = 9D4DAC3967121D02AF3F4F658199F3D4 + 821D40DEEBA10F6CC1972D2BE20FC741 + C2A893BC156A25E8B7595C13BE35B472 + E19466FD8B4E054A4C3E6C012BDC7165 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = F5F56F11F0E654DC661D77353889C1E1 + F64D45C7745C165C4B5E3994A21FB1E9 + 52C2D4491A9F4076E6578FFE21D60588 + 410E37E09D1595E955F06C6C550752F7 + stream[192..255] = BAF3991C3D88A6A1264FDBF18D35F055 + 76D93B4BB1067E90036081B45E5B604A + 35EDFF80D5222362B65AC7346B93B9A1 + E923BE69B784618B457F2ECDFFC1A24C + stream[256..319] = 62522C45283A43947B4E179A87465BFB + FEEACE0BA736E175B6F0AE30E95AB265 + 8289EBB6C93B441AAEDE3044BDF6271C + A51BE90C0B366EC9F0808C52D2433191 + stream[448..511] = F006B16753B092F44D18CABA9D9EF113 + BB4E0F1A552907A9205EC9A2CE2DE3C5 + 02D44D70B9984A1BBDE7A3084D7E8B51 + 1662C21BC2E1B93AEFE5F3A8B2E4CFEF + xor-digest = 6DDBD964F04BEA00294B4B81CA366120 + 4F1EAFFAA1CBA953D61CF2B8F87BA419 + 13492CE33929CDC7D746E114EEC875E4 + C9CE2B5D9A1B68D421C50C9109EE974D + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = 8CD04921BDCA3F23F8FAD91B887A7D87 + 1A0AC2830B84A310BA35215F5BDC41E5 + C8222B777638607108C8EC423B91A268 + DCC0FEF10BD67426C423035B09469760 + stream[192..255] = 2E4425343560FD982EE40636EB4BD657 + 84172BB7469D8D529906D8062E8F6955 + 3FCC22C04E756520DE02C80EA808406E + EF00625BE1A8A6B9DC55D02EF7534478 + stream[256..319] = 95CA583B48204E4DC734781280F82AEA + 88978EC1EF561EA6B327F025258C1853 + 459ECB320FA0E44EB635599CF50D229C + 1508164EED9D683D9B7A25EB65FABDED + stream[448..511] = F9796C4F5AA7C0E16C1F4E14AE990A00 + F9E0B4E681A562059EE61ECE757B7097 + 72BB50F5E90F8FD489E92048439F1597 + 2F432157EEBF095B0C377CD78151D73E + xor-digest = 154249E978966D38CE78D87A4DDA23DE + F6F51645F74E72962753F5C51646989B + 0C291C5E6E5304F12A7C2DA590863A3C + 52394653C7DC9C34629D5284BCF7CACD + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = EF17465AE4BCECABC45429A601825C9F + 5AAEBE3CFFC8CB91AD0E439ACFC042F2 + 7979FB2D806628E3A149EA114297E410 + 1F944CBF47D5AA51763130864EFEE9A4 + stream[192..255] = 2F4B8F726D54A2B638B55CBCFAF96E49 + 39752375B569995B0C0A09C03C6A9D12 + 5641D4957C383EE72EB4A250161ACC85 + B8AF5BD72940F782FE8DE3BAF82FBA0C + stream[256..319] = 55150E658F9DB8790B58ACA1A486CA99 + D8E3D44D8359A9A4919F3EC159E84369 + CF0C09276457EE9E908068671DA65279 + FB6B8998FE5EF599FA23C20DBAA19A0E + stream[448..511] = 24217553E5014979ED1A9D6DC757B87F + 7A5F47E9BD84A8C9E2147B71C7C31164 + DEB57BBCE06CFF64F7D087C649071EDC + C8B9FF28368C232F8929A153ECCCE773 + xor-digest = 88E7A828484DB7C9FB22B22466E46990 + 0EB5A324B1194941477077C0F3058D5F + 40B08B3982A2C217DFCE23CB0B01EB59 + 8C6D6E94D8AAA6E70F40BA0E59B2AF5B + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = 07AF4CE0E37D80814FDB58F4A4CB725D + 51F509A2D1BC7ABF0BFFDE47230F3E40 + 5BB6CE0FB4BDA1998B4178219BA43E34 + DC5BED1ECE0271EB8542429C007762C5 + stream[192..255] = 7319CE489DD0E275D66CFF965E582E9B + A43A08990B12AA403658177FD4857247 + 644C166C87DDCA701C75CAAE020C7E1B + 98D4A6F02970CB133014149A055AF6FD + stream[256..319] = 7E7FC4F3EA3D98FDB2FA4D421BF5A402 + 9CF4AD859A621F655684CEFB5C951001 + DDE136362147D4A4029C43DE793BA72D + B73CD0B4EC87C3FD97D8B3BC86C2ED09 + stream[448..511] = 0F53F6308F5DD651B0B8799EE0819585 + 91869FFEEA3C8751E61968B478AEAF94 + C3A82AB036EF78F63A9910B7F78FEF10 + 4FFF8C30B1AB9FFC3D23A511F4296AAF + xor-digest = 2EC84A79CE10C0BF63229351B7BB1548 + 7E040F5CEC2880BBA84FA3C0DE507858 + 15FC12DB6C2033CED1C40F6BC09A5472 + B1E63064DDB1CDD12142B8BB15B83127 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = E9B6F6953BBFC93BA8527F3C90F4A36C + 162AF8F9EADCB6662A984BA69559A5FE + 136D88EB6259ED699A25EBF8F7E908F3 + B09563AE35295D26538EACA4D40343E6 + stream[192..255] = FB5EB4AF07DB5014900AA0D4EDD6BAED + D5E9447A2D66A657B21AD8AB6EAAA06C + F01F8DF775ABAD4B73FF45FF57CA2823 + 15B2EEE8B59E98DB67488CED22AA7374 + stream[256..319] = 86C9BD502AE78CDC27C4D5A72C1637A1 + DDEF6CF46607C3259659F05083D21D08 + 5BD9C33273B31C15D412490373C51C9B + F71768963DC5AA7886124AC28D83FBC6 + stream[448..511] = 90472D1D60C576E7B53B6F6F4FDA9AE3 + DF9FA89C2C01843E717A6AC7CE85CDE4 + 2E7531370F601CAFBB00660706DF8A87 + 946F73B5693F703B7889EDEB292356A8 + xor-digest = BBB2BA188E8A42A843388DAB06CEE4B5 + 1FF3D58931BAE3A853FA4D22CA3ECF3E + 456369E532CEA76F9803A8598D18FC58 + D4AC2CBDCB50029A597F535A9C6DB76F + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = 090A2830022A66BC98C337E73263E83B + 97F09EF9F7D801393AB5C4B16F3E1154 + ED58C98E1A12DE95805231A1828DD036 + 18FEC59D4A73C2E71A8C272BADB9E432 + stream[192..255] = 6757AA638AAB9314CFBC0A6631672C7E + F3B8502B0777E573C812BCB0B38F83D5 + E96C7843F87B7DD4E87868387A6504DD + 21FE428973B49A20BECDB7BBC9EB7782 + stream[256..319] = 3E25B9B889414A14CCBEBB467C074EBB + A25E57D9EABDC284E079CC4BED1955CE + CD3B7F5DD241EADFA000BF2076293CD9 + D14100E1FB749B68CFE3F705459253F2 + stream[448..511] = 31D93F583064053A0D73B8784030D409 + 7BDC2DC54EA9844A14AE13485FA561F4 + E2133740D25528C2E5F6960A835EE1AA + C17A963C65B5CECECC63506F4914FE5B + xor-digest = F8F89B47AFAAE2B64C2DC0E7CF5591B4 + 341EFEFB8B12F4968A5E43612D56A503 + D304A7E0DC244135668D9D06EFF5D49C + 7E884B93CAD1B24D0E76E0A9DA31D7EC + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = 56CB640AFD649199033BC5F5213F5CF5 + D029C3FF9C108BEA0F9812C4ED7CD367 + 738728A7773AB2E79F252CCEBB66626A + 98DB1C5EF6DC0A03A5A51EB26452E01D + stream[192..255] = EB58F1A715ECD2743457D11876C6A05D + 01330C012B483F4A6DE472A9420315B5 + 613DF16B06750C362ED46FB33131429E + 5BEF0F9E92D43FA46B91E611B04F273F + stream[256..319] = 986F4FB7887A3DA93CA5DF4E26FC5B2A + 9828A6CA43852C008B479FB080254F65 + 9953244C0DE15446A6A3D74363FFDF18 + F932DCEA517BA8678A9753F79A54B25B + stream[448..511] = D4A5B242B38CBDF3E39D99F02182EC99 + 5CCE5D4716A12095413F24D6C4AE1CE9 + 99F40A71EFAB7DFB1130368036E6C009 + 1FF73C2DB7AF67B6E2D8A82B07A78DA0 + xor-digest = AB7CDB3F14EF7EE7D4D98ECA28C19705 + 502B87B91890383918EA770F7FB232D8 + 8CAFA481F580279079E4E6376DC40E02 + 244755D532352D91FE09E0CA49F998EE + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 22325FFBA854334AC36E293F3FFA4790 + 90757449B65D37A140E8727D2937564D + DC9FFE9A122D69D2E364632B27F1A136 + AC905B207B2FB4E396A065327DDA7284 + stream[192..255] = 513B6B80AF1693CC9947EA2C1A20948F + 45EDE955BF99B71C64EB21639528A983 + D01B0692188C2A716E3994839EE44CCA + 6ABFF9ADAB28C074FA17DBEE92E91AA8 + stream[256..319] = 00E0E88C9632CAE45AF8266907F507D4 + 830C08942BCEB75E92D83E1A9CA3C490 + 102FBCA07A87FB83211A222A1719F688 + A8DC901F2D054A87932764BCD4678AE6 + stream[448..511] = AB4DB8C9E2A238D11037B0E0E046D890 + 37A2E6CF41DBFD5EB18BDDA0BF60BC54 + 3E4032BF1E9539868DEF2F0E835760B5 + DED276D09C816BADED16E4D3E25035BF + xor-digest = 8E31A459C7345502419C785ADFACDB28 + CBD5E7D67311ADB5A419299A3E643C66 + 7CB6BC826CE470268A387BB99BD495CF + 4E9214C8513A0FA261AD9AEC2CF0269C + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = 5A140B690718155C243AB78BB1C4FE46 + 2E48CC460D52A407620BE5688D61982E + BA3AD5C6132F9D8A5D2DB8E8A7CD8477 + CB59FDC4BAD5BC02B7EAA617E978682E + stream[192..255] = 1A4EBAE065228FF74F64975E7AC14B88 + D0CA9E8FF9F32293D43B657D189E709F + A814A1C43C2949BF7985F54173912629 + 0D150C136072A48AD488C1BBFBA09400 + stream[256..319] = 871E8ED16860413E5361175321EB5FC2 + A7122526E79661C462C5C6CAA0B3562B + C1C23D398158B588F417F83B1A2829A4 + 73A6F401AC07ABEEE41CCFE923639580 + stream[448..511] = D0C9289AA1F09D5DC47955D848FE23E4 + F173C07E894A6533D408F7267BF570D1 + CCB9EB35C0A72C92B8361A580308ECBB + 166A4D6E29DE9C207090F5C06BFE3054 + xor-digest = 2CC07920652888ED82437792FB545529 + B9AF5A5ADC3251AD1145766A89CD443D + C5BFD34F67A0AC444616A22D6A88F510 + F33B380960FCE450604628CD07C9B53D + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = 92355DCB30659BA4CE97C0000A318B34 + BFC122972C5900D042988ED842B14EE6 + 63F9A951B176D9F857356470C67A2186 + BE30157E0B0E9C76CBA5411031912C5F + stream[192..255] = 0014E93A6C01562523146116F7AE909E + F18C2C216E27ECDC50E283818FC6E83F + 391F0B5A2603D40786E51797BC1EC921 + 1BB56EB9A289DE0050150B6BB0ADB4B1 + stream[256..319] = E93675C0783FEC49445EBA356562EDB5 + 3D0075FEA42682FFBFC33BBE399D2DCF + 1E863A0C481D63F84F51A2ED70EE5BFC + 0A5988770B90B48A322C087F1B53284A + stream[448..511] = F50C246D24C26C1226A9BC4C37AB3497 + A103F9739EDC1B79FDCD572E46051297 + D822B79829B8A6D9A533E1A3A917AC0D + BAFF4AA6910DEF689C5697601C1127BF + xor-digest = 73BDCA61DF56027E6C4B6A066B4D0D2D + D898DF673AF48DBEB74EDC2DA78F1243 + 9E5637D4B7219AB6ABF25121422E615E + DF9C29033E9BD06E7E57F01D4A4004EA + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = 1836D71DA5F984BDCD28C0DCEF2B2DD8 + 5C162E6D7568E0279B5A3FA073776A29 + CC74D4EA54E12283CF4D218CB36CBE23 + B5BACE976859E9F6B20A19358A2B9020 + stream[192..255] = 56F9FF4761A66D40C13AC9C09C3F5369 + 06AFE4A6741EBF75639C90D8D173D98D + 2C1F020266F12051D834E1F9BE880877 + 9A0F81ECBC83BC299572F4D7102E0393 + stream[256..319] = 626438E5C504DA221FD56B2D6F224C1D + F3B13EF20995114BCC47C19E0E919AD7 + BF2F267831CF73F7FD0BA8E9BE495563 + 68A4BAE0E08910BBFDD4C227FEF1BBFA + stream[448..511] = 57D2B968B4D8575D9789EA408261DAB7 + 825D8128BDAEF7882C0829CEA94053C4 + 61708FE529E81D59EBBB3E6DCE7B4F21 + 79168E2BA8C6CBC28088C9A3A5A88810 + xor-digest = D18F00D6039DF1F9563A22BFD123B4F8 + 430C3DF7BDB3E21BF19F743E727C00B2 + A2DBF47A72456EF16C9EC210B8EE3030 + BA62FD8A6C5BB0CAFED5C88BE291CAFA + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = 7BDA07E149DE0ED3528770E9BC05B97E + CC31477057E4ECECA2DBAA3D770989FB + 9AA552202DB95E06EFEC88225EA51A91 + 945192C98058E5C3071B9E04AA93E765 + stream[192..255] = E70DAF641EDA601F418FB511FBD30D8E + 4E39E8C11925137655ACF13C5657C462 + 2B30C28A5D209D0FA21EAAEB1E509158 + 223E7110CB5FE16587830914C87EC990 + stream[256..319] = 50AF6EC0E3E832B3B845D88002A83FA0 + 4AB42F9354D8B932E7AF68FAE37AFB7D + 25D390334F04AFA43A02EA933A2EF083 + EFC36025B6EEDD198502EB161E54CA32 + stream[448..511] = 0EE92778B862BF6BD646364B9B670442 + FF454BF6E513D667300AC32D05C14EF6 + 4CC0E7EAF43D2972EFA4E0F0DD4299AC + 73FE564FF212B8D38A5AF8635E693F2B + xor-digest = BCD8F69336D939197FD1D40F83E768B5 + E0E6B124F8F69BCCAA9AC34BBAF88A74 + 048E782B9B3C59BCDC0CD987045BEEE0 + 062A9982AB32ACFE71EC8D07634D75DA + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = 3E5395C73A8771815996D38445725E37 + 8BA4FA0F217950549ED0C70A8934ADCF + 28363587BE499CEF032F9D5072B125F2 + B279219A3A6836BBE51D4ACEBB9CA50A + stream[192..255] = 1AFC20CFD4C85E04F4ECF65BF2CB2B7C + 1DE6F6BC923CB47B242CB38DA6BBC431 + 7E2F1AC7E7D71379AF42E871A732BCC0 + C02C7197724F665A8E08179A9367E661 + stream[256..319] = 4D6A999B2B52769F382E1C37AC4EE7F2 + A630C192F5D4C2E377DC4B35634EE220 + AEE8203C53C7D35E4AD7EDA3687C6592 + AE24B5B31AAD317F99311F1D17B21639 + stream[448..511] = 4FF3D17D6D8E3C253568E85C5B9DADBC + F3B2541F0F3B4C837F019F9A6087ADDF + 13C4EAB99831089A81B00EBDBC25916A + E56C5E63413304AB18A3B0BCB422AB44 + xor-digest = 46DF2DCC246F54C20AB9C20F6BCFE53C + FF0B7EDE2ED3988543AB88FA5C169D91 + 8727A95C300BA603565AB96E4AF8748D + 5B8BB2EA6D8C327898CD94CA74AB013E + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = 698FC3DCF4490045D3858D66159A29A9 + 48C8B7C5A86D5F81919411E24033DDEA + B6DA0E028046DA1B56F5521EDD9F3B30 + 93C44DE2A84BA29E14F003E8AE721E15 + stream[192..255] = 123B07C4B259B26B3CE84194A5CB68C2 + 81CF2F18BF9FBCC4BFD60AB8B285B6FE + 90BC756978306B90EF8B3EAE8E1963F4 + DC74543FE6D24EAD29701202CA04C578 + stream[256..319] = C70CCE37139ECF6B0C6256E12DA250BA + FA1A58BE59A423D51A5575FA3BAE800D + 27AFEF402D995141D78532090CE2E855 + ACFED3F73E6A3FC0A8569097CA44826A + stream[448..511] = 714976777161E25428A71AE897355E3E + F8693BA4522AA532EB8557DE01052107 + 1849D965E9ABEA2690A0A3EA9BF5E07E + 6BAE6A0C620DE22929F8F4AD1C65BE4D + xor-digest = 5184DDFF6D12941A54ECB94C990530CD + F447DB1563A07854D1C3F5754CF979F4 + AB482F0BA75D46354B2237EC56981F1C + 30CDFF39A0E85DC4CA4656129AA1EFA7 + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = CED3F5C0F21359C84503F03B20EB7415 + 8032DF39BDEBF273182F60CD40D076E9 + 1D185E07094643CAB4D2968AF1DD0D75 + 5F14A49E2624B99E59C6FE8D9D301075 + stream[192..255] = C8AF7AA4D4AA225D9B50063045EF29BB + 5972451CDF44E110C05DF5ACC4CB102C + 6629311A8DFA96B7FF7CD0B9D97C0F1C + 64691DF1FFB56F3F0F77E743FA921854 + stream[256..319] = 6729BF84E64DC1B4E4F67A567BF0712F + 203573A4AA52A9B8BBBC8EBC221D2E2E + 01F9C8C77527A095040C1B02B7FBDB3E + 8641A63BB159BF37DCBFC99D147D8F22 + stream[448..511] = 1E5F1AF1D8E0CE41B72370BD5592D405 + 77B5F8BF547B8C4153D8777BFB471B74 + 2920736F9940773B93644F09101CEE92 + 6857833E0AF52948AE726A90E166B6EC + xor-digest = 55CA85DCC67AE7102FC6483000DA0189 + 93BE79A09AF73A48AAD518BC2FA6F95E + AE0C5C28D8F8B58853294F2FD6FFE797 + C63320FF330352D1DAE289749BC0E7EA + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = A733DD08E72D49905440CDA035153793 + 84CB32168AF827AA9FDAE868B0612141 + 8C26AFD518BFC63F82980B34844BB1BA + 30E9D143D03BD0BCE0A3D7E2D0D4BC20 + stream[192..255] = 990548311CBBF2CE0BF25BDC82ACE9BA + E6D04A7515ED451708EC34152B793B33 + F1A3CDB646DD858A03FD9E952D2B69B8 + 346DAD426DDBBAC1D39FA5BBE067116F + stream[256..319] = 8CC25A51F176D8D88760D665CE035CB9 + 3FE67495A345187A5C28A7209380D8C5 + 75566CC37BEAA30FB21F32775EE83E26 + 1B6FA2A2BF7BBED19C9AEE7D648C6AC9 + stream[448..511] = AFFDA4749ACFEC636FB3B527EF291881 + A505B423AA10F6EBFBB4E81284C151BA + 7E4737D11E26DAC0CAAEA6EA5386503D + 8EB475BB2FF9D5B76F2210AA0404ACC3 + xor-digest = BB360A15B6B5F3324BA690E9B0658A82 + E64B8B16F90ACD37C3727128E67DBDEA + BDF2DF0BFD90445766826FF2AADFB89B + 5D6162E2C098219ED9E3302C3E9FAF5F + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = 6DAE32A5EE068D0F26BBEC67C4CCAC6D + B82107D3FCE239BECFE1E0B31EBE55C1 + 8076847832A79981EB9F9DA2D45053BD + E8DAC204F5987EE59D35207A9C0F4A01 + stream[192..255] = 2A71B1E8BA23B8E9ED529E2445F9D377 + 0EE967C4DA449BDDE88214D6A115A12E + 17DA6C2C87471391DF46476BA797CA0D + 4E72F207C5849C36B137FA016F6C27E2 + stream[256..319] = 8498927FF1D3F7B51832A2ACD6406E51 + 3F91006A65055778184B0F79D14B9537 + 8B1B39F96364B120346F55E6C52EED26 + BE12F69870751907422DBDAFE228D476 + stream[448..511] = DDAE18BF1161775715361BF759BB6DD3 + 8D9FC537EF66E6591C129A28E73630EC + 94F08CD67A94DE53A0518CE315C635A9 + 130D49A199EB2E685826F9BE763E226E + xor-digest = DD01E7648076CBB9ABB66CE9622EF58D + E0E4AA898803DA9A3B87DC621314EC5F + A564748BCA218C2A799115F23D7D889D + 8E883B4D2FACACF089197E6C437162A9 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = 90523A4272FAFD7D63A349EF9BDDA08E + 0B1B5B8493C051EC417F7508AC57FF0C + 39027D265C87EA3E1E2F0F691A5D90B7 + 60AFA074390D23A379D867F18DA1431D + stream[192..255] = F03A5024C1A61D4D35180DBFF29A9246 + 6DA994292A426335DFF23881AB290BCF + 7DAAC704DD8086BC8A9E9C835BFB4F29 + 917B6CFFB52A6CC4BCA15C706DC9FAC2 + stream[256..319] = 65053C82497CD7126554895C526020F1 + 2CB2A03F0206D1A246F5B3C23DD64FB6 + 0A527F1CE688AC11FB41326728EEFAA0 + DB82F621F3D244C5A4B70AA627FE4E5C + stream[448..511] = 0F063672A95738C77169F5B9B3E0BE21 + F1209CECA99C899B557F6156837A3687 + D832968CE46266A8AC60266F6EC1F572 + B47F0669E1C84BEF15DE2A851F0E42BB + xor-digest = A16DBFD8B2ED4A5B592F49D411B9FB3C + E4DDF597B7A11640B7397285565E7B6F + 105E647216FF93D3F5C7B2A6EFAD03F7 + 13B57F779FE4D5860C381BEAEBE2E3B1 + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = C6422EA2BB2E44F2F5BC28FF3A59B6E3 + F9C7971D24A3E1A59E88E68633665C07 + BCE6F10C099C48F6D6520F173D94C86D + 81258DE671A2AC773B20020B15BAD7E8 + stream[192..255] = 214646D229BA58D95DDAC142F6CDB99A + 834A189CCC8996DB8AFA25FF668B42CE + 2DE6B64D3523C7F674C05345896552DB + 283459FA7EA86C0F267122E53636D3D2 + stream[256..319] = 4D0D760CE1736F4A19143BD862CB1A1B + E521422F5BB73FCF1BC223DD970F79B6 + 9F118FB78D2AF8B8D3BF0649CFCA97D2 + 94390BBC50CFCD057F6F48221499DE02 + stream[448..511] = 24AE0B32E2915E5733292D002DEB9254 + 46B0C9825E1F05DFC774FA3F5BFA798D + 0DF3A079BA658C82B16EB9D6146DB6A0 + 69D3F5225D67E538E9CB586633AB3466 + xor-digest = 12C4822CBDD4FC6E3B254710E61305F6 + 3D0439CE25E562EADA27C673BC159667 + D23CC93D63D12C4CCAE1BC8A67FAEB0B + 33A5C9562CD6B379838EC76B35205335 + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = 0FAD07F9ACF7CE73F195ACBB9036F170 + 57D2A214AA34FABC55034DF2D80032A3 + 36538F0A0DEFEAB1E5EE9F01483222B9 + 235547A47AE3E4D55C99B6E1AF4D9828 + stream[192..255] = 1E794F647101D673B5495569540C6CDF + 426AFD912228D4DC98F8F4B34085F1E6 + 251571ED570EC849DE31872183E51780 + 99B94E5B51A0E2A62D41773001E444C7 + stream[256..319] = 0456B4207545FFFE19693DCF92DE4FA2 + 2FFD79E6D60B2ACE85396391890CF3C1 + 078D4B1C4108AD821E136EC5E656208A + 8BEE5039B1A0E351A8B0C73CF040099A + stream[448..511] = 357B312597FD4B1A9C597CB78FFC9F41 + 3C57F20DBC1656FA949DCFC95B57CCDE + 9720DB8A5A19E238D3274D4D2CACBD2C + 4F181F94C5BFCCF023F28829822D7FDD + xor-digest = A5AB00EB947A992530AD77BC736E51EE + 7949A3F645D08616F65A433FD42D485B + AF9A30DAC2822686768D4227B93B0D68 + A1C684A1761FCA32474B7BC87F36B664 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = B47B5F9794E772CB733FD145F0E65883 + 1B2ADDA3394AC9B8A37B7368BA7E94D7 + A5C9DB4BE302836814B3E01C9B49B7CF + 3A120E68F8A9A2BD307EE3CDC1264FBF + stream[192..255] = B15453A0BE82D96BD0FB63683290BE26 + 2DFF1C96C9672CF1494EE943D2040256 + 5378883F84D41278F08C0B1605EAA42B + 9C370521C95B2677BDCF7FE47E88F8CD + stream[256..319] = 1F8E2C661E15BCC6A7C9E8EF4137C182 + 41529236699F5A03C6AD731F0B820136 + 9D3431BC8CFEA7670907072E44FD663A + 5B1A65F11D83041E1352243FCDC856DF + stream[448..511] = 4FDE385E29E397A276B68758FCF15428 + 80C62027E6EF206039DB0CC3831F148B + 31328FD9F31E24EF1AF9E365E6DA1A50 + A691E6184C3B2358174B7FB1686A2816 + xor-digest = F861FB77202C5D0A6E4DE015C3188837 + 24F1FCEB54802972C6DF03EF33B9F20A + 16DB369016A81B179F970E372BED0823 + B5AD8D0B66479D324035C9508D98D6A6 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 14D023DCA3A16C64C523346E71F08822 + A8D29492E2AA88A6033724345A534CD1 + 8A5555494F474CA47B56E65A7349B1B3 + 236A08830CFCA250ACFDE016DC6FDCAB + stream[192..255] = 935E39469AC41E7F9C9F38890B7FE56B + D471E5E88823B04F4D65209E956996FC + E7D89EEFE41D5B178EBC3BCB94D24C53 + 8D71B5C25CC3548F89AD3DE84C723C51 + stream[256..319] = 2F05505EBFF80CA353E519BCD9AAB89B + A461FF960DD26F3EF59C5C800F34FEEE + 059F438379E5C0878DC304D37484DF67 + AFC5170D8B4375A023754071B6FB9ACE + stream[448..511] = BCCFE516A16CF8530E7E7D891E925C3A + D7D00B3059830BF13B7F9BFEFD321957 + 30EEB2D6D14814987A4C5FDC6F130E73 + 26F32BFEA36EB32E2843A5D9FA70877C + xor-digest = F30A8774895983AE8E6657A9DF55C153 + 9B3F70860006E69435F05ABB1E574453 + 4A4C0DFA798CE6C08F1EDD84CCEC99B2 + 33CF9BF06885ACBBDB65811D0401F072 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = 1B0765B22A19DEA0F745011D1FEFE28B + CFA0F16AB591AD3F96B9D6C03B5B1ADD + C0CAC604BA1F87A010D329017C496A63 + 6A5BF061CA194676FD49DD4FD710730A + stream[192..255] = 3D94352577027AC320D58A080CF0F9EE + 2C8FA013816C35E0D7D661178B41E12A + 978848552F3BD9DF31442B162D427523 + 7273E82EB844732A3163E8C4864877D2 + stream[256..319] = A2402233F166780E6F587CD2CB290BCC + 8A18AA4FCB1D198B9F72411805D3A697 + 5C970266A197AFC3C13DE9F336677CA2 + 6E6C1CC5BE9B6547ED8EB40A8C87B708 + stream[448..511] = E92FC3C9419C4C5999D587491E723B85 + 01AC168981D955CEAF54FD38004C98B4 + 0F285278B394BA063A3241419FDAA5A0 + CA3407824B02C99379642A748F12F7E2 + xor-digest = 61F6D54699921E9A888A09B432F00F40 + 93A094E513BB9E3B7F9FA07753DB5E35 + 72C2CAB598A9A279C096E2E02A4B0E0A + 09E03459B44C8B8CB6C7A4990D280227 + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = 87BEE5606EC66CD5D591403A87238C06 + 869FDFFB82C77EC24B1154158815D585 + 0E2B5E1DF9DA83E71878A4ED5ECEB69A + 46B902BE797DE757C11520D66A20C6D5 + stream[192..255] = 651D82DC936F745C26D99B83B2EED833 + 98C04F1DCB01545AC3A76CEAF515EF52 + 54BE684B3F53C44EE0DCD2AB051598E8 + 7FC2D7AED4FA01698A7CD8CB40FD4D03 + stream[256..319] = 5DC0691D570AE03B66F2A095273C9ED7 + 8202913DE705FED10ABBED45D49E816B + 65869F24822F45D1D2BF039EE1A73761 + B1B976C09CF0DF6156DDFD182C073943 + stream[448..511] = 879FCD39718AEE3AAB8F33FA3955ED06 + 0EE6184CDE7D3F77C1A963A810D1853A + 0311AD641DAD428836387430E56B206F + 2CDEE26378E926A721FD1BBEBE038D74 + xor-digest = 6D93E964A2EBDAE83FA0D55678E0CCBE + 65A4E74A57F54077D7096DA145B3F51E + 9CD19F43E9FF8BFC3F096F601428A3B4 + 2677C1EA75FDE9055EBBE24DFB432156 + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 0000000000000000 + stream[0..63] = 5397BEEEB4A0CB7FDDE18F47E8ED66FE + 65024BDC6F00571F26D4C8881436C921 + E783F2740A538109B3A44D845D0181EA + D196104E9F8CC5D83E7DB2B28A233229 + stream[192..255] = 140B7C4D9338A08B75920F37AAEFC037 + D1253A6D1BC2FCFF4AACF91AFE4A3118 + FDCB25456CC2DA821EF79961A6597E53 + 0F5B10EA0487AA3265089FDB5E65A0C2 + stream[256..319] = E904754906189D8C083EF0E0D817F704 + D1BB2354AFD58CE6AC883B3E12CB4AA9 + C8D33844C91AF0F8C917282B74A234A8 + C56BD2232423005E82F85A3A582A4CA1 + stream[448..511] = 790F3108ACD858933A80633B9E63CCEE + DBA2526AE050462EA70CB6385754E1BA + AAB5B878E78DCF78CF68DE42FD1F154F + 93E0149D1AFC2AC92035955774781A40 + xor-digest = D3F9A3F16223EF02826A59A2B999B043 + 477975C6C104B6CE11193AEC747AD34B + 074EF0BDC8B90BC445E0B6D8D9151610 + C49F98914CA49AAB06756BDCEE491A34 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 0000000000000000 + stream[0..63] = C11DF1A7CB68D2B35F7D909BDD911E90 + 7C23630F3B8BA5F17D2F0368A9CD1CDD + EEE0FC94F2E690BCA17B09A83E365BC5 + 65E90B12095EF276821CCAB37129B96D + stream[192..255] = 092E78A7FE843643420B6432358A9964 + BCC6BA1D836D89B3032EA30C8277365A + 7C747D6B6F3EA2A2612EF474455E4712 + 0CCB78BC778B7047D3330C2741F348C8 + stream[256..319] = 2DF648A909C583A4C39387724F1D9CDB + DC30EA3062F277D9FABCE03F0BC1DA8A + 3A64A46FAA23CBC06011682D19A2CAAD + FFCD62C1B3776CE3816FE00B567799E5 + stream[448..511] = 97CDDE0221419B30BD5C7EADE13A1534 + 000527C3A6F1D70E7C62C6B64C22812C + A51F86061B78E9D4465143065A52A1A7 + 29797709F59E7B50611DC0634BBC9506 + xor-digest = 566C9BADB71180D43DA1497DB178ED64 + 55C7C2E46CC5B5DE1A13A9EC66383828 + 6A46A0A22516644A4A4FD3BCC382E42C + 9FE46CC0A98BFA6E644C2024042A5CBC + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 0000000000000000 + stream[0..63] = B6F01140EFD1027CF0B7515A9456D712 + 720480A171442566DB201EE1D90B4415 + 8514744D2F5EC48997DF03B33BD97547 + DD47A312015B43C8CA6C90276E4A26A5 + stream[192..255] = 778E7146F8F68B9AF2360BAFCA60EA84 + 176770ADBB25388DA33D0D6A4C17260F + 6E15FC1A522E5BA30306F4DB3F428D49 + DF915E647E88858B633AFE123977407B + stream[256..319] = 6B79DA132D3A033D6F226E6048303CF3 + 896AABA478A7987B64561BBF1432DF9F + 06AB8B6ECA20C0AA201BFEC4714D625A + 2868ED43B0992782E5B2C39FD8938A33 + stream[448..511] = 6B314347AA1F639881B15E7DA053FE75 + 4C755B80EBC9401BB7A2B101D2A4189D + DFD899A972133898B14476D67AC77BA6 + D4FE69048F4563614FD3DDD1E0929576 + xor-digest = 38A0C125DC33DAD39CA7BEFAC6D971E6 + CB50A85F955D3C2319A72E12CA890104 + 48B608BEC933660850417FE2AC9660E8 + 4FEB3E22274C3FC2A32F41DAB10549FA + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 0000000000000000 + stream[0..63] = 308F29D5D939240F372A454D60C80462 + F3C89424CFE19D4B107A77ACC3257A6C + 68813AE7608C271C17963C09E6621A39 + 0DC565BEF20366D3F50632D3FAB0D1A1 + stream[192..255] = 1CB8C092196E37E6A6D6172E98767A02 + 3138E298C5D9D65638EA8F2232B1799C + 2F073A4FA02332710D986257335E4FAF + 0373E849AC4623534F0967A1737C5000 + stream[256..319] = A5A1E78C6EB0E61248C99743395C3820 + 583C5E1F508D2E5468B9042CEA9B4C58 + 946D23262A8C2A3D3F2B8416C011A365 + 1D6C99A7D70D28EFDC10CEFF480DDAFA + stream[448..511] = ABF6709D31D5621120E04EAABE265ADC + FE7DB703E7B3E987B06B2D5EDD8DC1A9 + 82BE507A2FAE1538977C8C32871AEDEA + D7D36CDC4E256B4844515853764EB309 + xor-digest = 53A5EF9F08DFA2BDD4436A14B7FFC7BB + 6BA7A3A3F856977D386308C45B3DC34F + C91D4933A68CF8C33C81AEC28A73AC04 + 65777FC47470D80F3365135365B331D1 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 0000000000000000 + stream[0..63] = 232C14CC6763202B97A6E67264247D56 + DD90F0F6D2B12E8D7D1F3BABB9F10336 + 1E5FEE044E17D74DBC5F1CE17CE39F87 + BE123779FB8893E71FD42B34764E1237 + stream[192..255] = 54B674843A1D99A877C1BF411373DAFA + 1B4279E7E89B11412A41102519C20D2A + 42915170C520533B8556860B05147CA0 + B0CF956F1AC08C298292EA0A63FD7AE1 + stream[256..319] = 1207D2853AFE2F448EBC5563418C48FA + 0F0A7C5A611296F21AFD48162680B48A + 57C4F28D473FFF287F5405494752E9C7 + 8AFAE014173CABF6169D1974D1C7E2B9 + stream[448..511] = C0BD83D8A3E45887BA0122AA67B1BE49 + 6501F88586D85A0BFF6C056A6A6C433D + 57A4F394D892B3024E6F73EE352390E7 + FC5853AB30678086663E688D333A8FCA + xor-digest = 62E04B744F3B02B92932E79FA3809F42 + 7A24BEE058FEBCAA578D18790870DD5A + 4C07D986688ABF151299E8D51BDF11AB + 69D4A748CCAD9890B6B87D074E44DA75 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 0000000000000000 + stream[0..63] = 290619378BDE835D7C800D57CB80BE02 + A70AA94B84C17D4A061DB1F805BEA33B + 8165D188E77DB20CBE63FBDB6E6FE171 + 21F62DBA1D73ED949B51540FDF646FE2 + stream[192..255] = 9AC1524873D1F8D7F85555C652AA5691 + 9CB899F5C4DD371DD84B9DA11A1685AF + 4C72E0C8571B207525E20ABE1DEE785A + C2F4E13765C79BDDB97ABCBD06568B98 + stream[256..319] = 6F84D4B6420C56909A865F02689F7B80 + 8B7CA9711EAA119A3F46AC7986177520 + B436688948772562088F91BFE00305A8 + 40AB8387E19AB91C32B574D527DB1153 + stream[448..511] = AE37DAFC5B67547F7890262388E09A64 + AC447CBBBBD4119C4EC3FE91FAB87982 + 448CAF21278491A723F0221BA9B2F5B2 + 608F72DD61B957144FA959982A9971F4 + xor-digest = 535F20F8B086B82676BCCA049448194F + C9C840F5BED66E4C2AF62958D3912B25 + 29AD2256F05489F1AAE77601D61D087E + 2105BBEA8C8F848037E2D4ED852D346D + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 0000000000000000 + stream[0..63] = 17A31A8BA79842C29205BCBE29FFC6CF + C873AFEAFE6D628C42D0D84C232312D4 + 8DD1EA98A6B60776EE0F2B7FA10E5076 + 040FB7068D5B7FF0F81D01F65139B96F + stream[192..255] = C318C9A635DCC0FBF269B678B58DF2D4 + EB280E7F2C07F3FFC1F1CB31C8B854C7 + 421EDFE2988A913C41B3DFE5AF320A7D + 83F72C9DB58B9D7E8784E791EFED03C8 + stream[256..319] = AE2D8DE43CA7B6861F4935746B4714A0 + A4C0033B6BD9CF4214BC6C0CD7BCF0E1 + 330272EB7D5D69B830E842FA67E79D1A + C8324B9D2F4AAE75BA447E0545F959A4 + stream[448..511] = 80460099FC4B9BAA5511E33898C58990 + 18C36B43593A48EFC2FFA3076CFAEAD0 + F69E0AC1EC25200E6F3EC4ED1292F7F2 + 5EEB2F7121EF36939409D3EC2F1827A2 + xor-digest = F0FA847C971FA7D0972210B44E026CEE + 5AC1604E8646434BD52794272F1A40BF + 73AFBC66C2D9E4A7E1B604E4015B6AA7 + 45D32792663EFF3528FD0A09A5F3A230 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 0000000000000000 + stream[0..63] = FEFBA0A5E5E771EFC9E75023AB125620 + DE09A651FF9FFB2021DC311E834E9C92 + 2B3AD31E507D68CE031E1292F615CFFB + 24E5363BE64C1D1C466AD91AE63BC683 + stream[192..255] = 7F65C6B6C0D9C0DDF828B260C182CA3F + 367EDB245BD743FA63ED5FC4558D454B + CF34ACFDEDDAB2BDA491D8EE0DCE29FF + 66887328AB8D0137575304F1A6707A79 + stream[256..319] = 2B1C6F22231243C268BFFA586531B8EA + C5F2D9AFA595FFBA49B9E1438913CA4F + B7A549449CC7E3DFA75EEB7842B79B58 + 93742A45D1B241499527522F0C849614 + stream[448..511] = 38E8E30A67336A042D38ECBDFFF07619 + B001BBC717898853DF2D0731E2ED81C5 + 1EEEB4BDD3E43CBDF55A46E83B40EF15 + CDD880A4B23BD8DECC2FC62D6FA56C0E + xor-digest = E1304D6D4948403A6D5E1CFB6399CF2D + 2902AFCFE525B3765C6FB649695528DF + 4C89C5756998C979E36FD2416A23260B + 72CA2CDC57FFD2CD28ADD8BABE916A64 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 0000000000000000 + stream[0..63] = FED4CEA15B954A9031F3F509D47C6898 + CB0ABA8DFBF076F8AE2503A69C7ADB9F + 24A7E3746FE6A2AAF3A617547A34EEA0 + 530A335CB2C930F33C84792371A3E314 + stream[192..255] = AC3F11785FF7CE0A61AF70982CE78C1D + 627B98F373B96E296F2ED4F0C630725B + 11258DFEBBE6A2FA44FC26AB5E7306EC + A80BA1815408923B61CDD46A9EE26063 + stream[256..319] = F282CAABB7D6C62EA6634E18FD0BA907 + 59F3137449BFD38FE0C936462C570D6D + C44E9BEDD0CD683DC9ED4E1ABFF46BBD + 416995DDF557DE2B682052EB6748F1C9 + stream[448..511] = BD376656B4E7ADC49A72D65A1300AC49 + 66629CE0988AD268DD426EC31E84111E + B821E54A1F44CD8DBADD589A5C040E0A + 91F7D0CC77E4B5DC87816F70BF46C7C4 + xor-digest = F25436D5D0DE65BF9875EBBCED1B49B4 + 6B0A46216439D4B72FA3098B687BEAEE + 40B4603CA5DB6DCC7DDBF2754C45050F + C54BA735B0715A2482267AABE7F07D15 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 0000000000000000 + stream[0..63] = E757F6A32456DA42D1603BDC738011FD + 087EC1036E0CDE20AC27229CD7ED69AC + 36BB8FC65606E0C586DEB164999DDF1D + D99AA63893A2EA1F10050C47814EF88A + stream[192..255] = CCF4DD2BB13307DA437BDD6E5AC52862 + 74EAB0319659E2B834939888DDB7F96A + 147DF3C7AFC9087EA84E4521A635AF9B + ECF687846AE7D1DF44B1135E8DBEC166 + stream[256..319] = A027EAB3CE9C95232A204C816C995BE2 + 3AD5A733801D44CA5CEE33E6AF6E0912 + C1EEB407C66DB2B3CE7147EA6C6388D9 + DD5634B1AFB88F79CFB65817C65C1808 + stream[448..511] = C1B87A7F4CAC945649355EFEA3D3A4AA + 2F9BEF5E1C84E6A3C9E4DF79BABF6730 + 04CF21F770EF973C77A6DF00847F6DCC + 45AF6FA37921FB9CE37DC9F7324C459C + xor-digest = 1E550FF29096A82C80FA7320B05E9E73 + 7D094BA4333AFA55F41397E54402D8E4 + D3613DB34B274BD11650451E5C207E9B + 529F168ED713A7E3C3025FEFD088AFC0 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 0000000000000000 + stream[0..63] = E417A2579AEA928836BC8AE3F0E6E7D0 + 38415B944193D447B372E1819D58E7F0 + D9EC9AE6089E1D03F45720BD597F2A68 + 3F8E99B546C5AD9393413CAF8F278685 + stream[192..255] = 8CAE88DCC954D8BB2C82674D753CEF1F + 8AD03FDCC8D08F5B5A5097E4656B1036 + C334BFF216D450412956C676AF107469 + B117112D07126DDF791E8E1DD876095E + stream[256..319] = 2D16FB13087EADB63706D0350B54E793 + E8BEBDEEC696F90DB557E61BF62EA2C4 + 92861701EBE0C061518FA2E6BEC521B0 + 5F9B99AC1CEDEDD763D1916366CD1D1D + stream[448..511] = 0C09FA64D9D4F9AB15134AD7ACBCE10E + 560E6348533A289BB5D8A6C10A5C7227 + FCA99BC371AB9E415EEE1218D6819C28 + 7FD23DEAC3CFF6BBE78B8257DDFC7123 + xor-digest = FE6B276F3F1C7B17B1C6BE848900F73E + 1D91E58C89B3164B03FA05C0CFCED7E3 + C0CC3203028DEE79375DC7CF7E46135A + C80E24AA5CBAAFF149957C0CB18729E0 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 0000000000000000 + stream[0..63] = FD451AA175871C17DCEE4886BBF3255E + 00399765843F72003D42051189A30BAB + D94B5B42C1CEA0569279D43642C18DC6 + E70201F31BC458A812965D3AA581CFCC + stream[192..255] = 1EF9271B17651BDC9EBCAB10F5EC0C6F + B6D7A822D4AFADE2999F6421185134C6 + EF6CF59B921CBB31E8C82ABF612AE43C + 8BD246AF08085695E63C76369CA7C890 + stream[256..319] = A4736A0AE5CBF75D46DCA2E7E09EBE97 + 8CB15F75FA0384AC8F3E5D40F38B834C + 9B38BF8F6CFE69CEEDF74B5C3D73694E + AF990AA0A6059D4F4448846E8AAEE075 + stream[448..511] = F636924F3A1875C4BA3C1D24D1C07774 + 7B23C5D41B4F0FA61F518772C6009032 + 9B8CE5B92CD25D2D6C8C27FCA670790B + F8B63ED9AF9741A69C38D9A5B4B45FAA + xor-digest = 9F5B93B948046E8CBB41F542796D78D9 + CE87C9AFBEC1C09C690DC05722C635F4 + EFA114D505A222BB767974DAF2D0CF50 + BC9DF203AE9E478829F5096C7F4C29E5 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 0000000000000000 + stream[0..63] = BB760E2B64BFC58620EC7F8FB3D3F42F + FB40CAAB7B77A42CA7D6960843B62C7F + 5B7D17F10E0F34395ABF73B1C8118B60 + 6EDDA501B8254B8E3FE1EFE920425A08 + stream[192..255] = 8CEC2BB2B33FDA155B311E68722AE0BB + E19C1ABAF094F3B36A557D155E72A0C3 + DCDA130971D1783296271A24F020EE80 + 96675F8A58304BF6BE00C5E5F4115F5D + stream[256..319] = 9C7586AE59D9A040C6065017BF71A64B + B37FFD61FCB9155FD89D0E611A2BFDF8 + 777CB70D9C57994F45B36523B778E60C + 87DFA1BA49D77F4654FB4B25E43C8447 + stream[448..511] = 3B600C1F11244D0BCE66E8D6F5448CD4 + 57965C93F6CE5DE7E8C9A9EB1446B782 + 20741679EDE1472ADF7202A6BCA58902 + F1A6D39D7426E1014FD690CA5DAD555C + xor-digest = 5FC61D1A8D50DBF883B2A64DAB2A26E2 + E00D5B1FB84C24ED4424F9D9631BBF2E + 4719D35C9B6C1EE12705CD741AFA2A62 + C850DB40F650FE4999AAC513400DD9C2 + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 0000000000000000 + stream[0..63] = FBA447771E8832FE47A4E061CD66B547 + 45D65C4D883B4CCD1E3A9DB626B87FED + DF516B5B11C7ABBC0D8EC0FF36C7A271 + 6B20554BC80120E2A9BD6BEC22769920 + stream[192..255] = 30722CFCBD9C8EF9EAE6FCC09807DA6B + 3E185657F854A2082B9ACE87CCF43067 + FC73B62C1852F2A2C4343FBA574A1BFD + B7CB39296CECC9536BF57DC2DD74DC19 + stream[256..319] = 0330C8D06A9946EA98198B3FB863D55C + 0BE0779D615E393E593F5F89952F289C + 0CF721A68953265DB2D67E7F0BE05211 + EB6686137F78BCFE0CD33AD065D56BA8 + stream[448..511] = BC89D5CDB46BE3726DC93FE14F10E58A + F9D08072FD99D3A8A3B41BAEAB2E4490 + E0B3740624167A5DD676962A5212BA21 + B45E2400AD4105BD9FE0C5512E9759B1 + xor-digest = 5E8DF18A1EECA70FE1EFCE61550EAB0C + E35E8AF51A9EF05B80C2163567E2497D + DB7C93757B2A3FF3FC544EB04E45E5B0 + C14909CBA266F568EB1EF5832D8C8C64 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 0000000000000000 + stream[0..63] = CEAFF7FF7E9AF9B652ADAA7E8E3E0398 + 0DC178E5C7A5F1B376CD9600BEBB8E21 + 15A031198F084B00EBEEC2A093B1536B + 51D3B096E9FF2F941B390085C9D0D2FD + stream[192..255] = 47DCD0A6839807EDDC4018BE0BBD479E + 26F5A3589C1690FC3FD77DD608ACF600 + 77B401FF00324B9A3823A46DDB16878A + 819380DA48D55110453B4FD6362D78D0 + stream[256..319] = 93A7430A5EF8029499E0DEF2D25AF72A + 207BDF8499072764C27A1842B560493C + 853AF518A01ED85BA41359F91F21D22B + CDB6DAD533D2F2992BA4CCDC606A31B4 + stream[448..511] = E46BACA9A4E7416D00F62248DC367A42 + 6FB1044B8A6E2830A53A7F4099764353 + 05AE1C858B7C69CA4F09E4399DF02218 + E8AAA5A6E9B739D3A8A8DF5D03C8BF60 + xor-digest = 6E5531771D96D80CCA6B84091A42BBB9 + 4608AEE22A24B0411636A271EAE0F6A4 + C2E4AFD1EEAAD9F09F704C2958269EA2 + F7A27EA4AB995CA036D5017E1FCA6F54 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 0000000000000000 + stream[0..63] = 268449C44DFA8DF4281BB51BF9C4C303 + DC0238241067DE3D7195B803FAA8562C + FD702D38402C24983ADB6834EB7B438A + 1BDE40DD0A21BA1FC0FEF901FDDBBFFD + stream[192..255] = 28E5EFCFF0190A3DE03F9933ACBAE306 + 02F0176E5FB515783974AC57F09FA521 + 68AB986848529DCC92FA305E9BD7DAE9 + B9BD8CD923E2DA99F355942D79A87F5B + stream[256..319] = 5F0465BA4760A1243701060FE5100E04 + 28EF0BFCB43C00395DBDA6D625E4A705 + 8842EC9E469F8D43BAE331B42A09B168 + A54A9A356FF5044DDF233060A994FB7D + stream[448..511] = B85CF2F2890D46A2B0F4E2E7FEBC51FD + D2C8848E47E9C26A15394ABFC3F27153 + E6E303C407D65015B4A63A1D5009B37B + FD8962C8051D525D4A2ECF9560C0E9D6 + xor-digest = D514DEB2D31F585A0718E8E3FF0B6021 + 414ED8ED8E6CEE56442408B60C966A78 + 0A0CC86EF6DC4CDC0F378D0DC2EC1FB4 + D7B58CDB58C57D416C4BA886FBC2614B + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 0000000000000000 + stream[0..63] = 7ADEFA66AEF35F468311136B2FA2A7F9 + 9E2E4D5B89A69BD3BE86705C55047A9A + 0C94E03D4156BB062D317B7D7EA038BE + 6AA2BF3F1A1727A35CE7F87892F0B909 + stream[192..255] = F473CA9BCC5E43832A8E97E506625392 + 595B03D1DE9CC004C129E0D31A11EA7F + 74141EC9CCA8016364D5CA0B42A24A28 + D0C2A504E7AC17C8BCD8072CEED339BF + stream[256..319] = 9EC647DDAA52EC4F0FBCAE9763465C56 + 8033D53A96023E67B8D572FD1CB3A79C + F1F0B1C9F7270B1A7837ABA3403E49EF + F1BCC76ACBC7F010302B7C7D3EFF49D3 + stream[448..511] = 7F8A1652AE49A46389F854062BB63626 + 694E66EBC8F03695999B8B97C4E76EE2 + 68D518E4DF73AA6101079519E5969828 + 41E3B5FD119EAA2ED80A8668586307F7 + xor-digest = 09847670910A615423CBCDE9A25DFAFA + 40C02B1D12BCA5F7E9F7E63710714BF9 + 3C5DF0F48F62EC03E8851742B02AE212 + 8A4E9E3FDC713F5E4D33704B32057F40 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 0000000000000000 + stream[0..63] = AF55D49EF49CFDB407804BA971F63076 + D9E2AEC8AFDAAA41D1C0408815DC0271 + CEC76E1AA000BA7674CF2AA32E22948D + 8815E24C41217035D095E12B86DECA56 + stream[192..255] = 2C8156890A4FD8047CA50A1CED951B0D + 5A96A7954BB3C4F3428D645676F4AC20 + 2E4C040FF745DF0BEC3D17FDC8B2ED63 + B4F80769B39B51F5017EE8E6A1EF235A + stream[256..319] = 1784D88B20B7123B353CBFB779187E43 + 7F00E23E6B54473C92FB014292076341 + 6ACA7E4B5BD6C7FF76F363C3DFE1428E + EFCF954BA93BEAFF346426473CF9533B + stream[448..511] = EE6726314B2D89BC084BCA41D32C2F16 + 95B0462C9B3693A5028F5CEFD4DC66EA + 5D2715D2FB560474B5CC1C80FAAA24EF + 5A366A3AA894C3552021C9DDDD2AA7B7 + xor-digest = 6D4FAD71650127118BD37FAF6D39F47E + 6C67FA165B32DA20A60E664387561BDC + E81CA0ED4A7F08811570D6FA51B1702B + EA83EB6BA9AA77CDDED6F86F5A9382F1 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 0000000000000000 + stream[0..63] = 7C8BB3A2FF8FEF19285EE7ECF43855D5 + 59318E0BCE4A730C5804FF45DDE07E26 + BB7004169FB82A8C298B55B12A44C180 + 7DF46B13252547F1BEC0C71CB3715925 + stream[192..255] = 2B56543BC1FFD42650023DA52E1F6D1B + E176FE3D7EBA7BA6202934D82A6980BD + B4F3C0866B9619E9374AF7FE6D75552E + 2EFED0D5D340AE0700D79AB9CD62110E + stream[256..319] = FD4B5865981DEF8DA85FC271EA01050E + 1D5D93044B49953C7B4E10F69EAE6628 + F5D242C0B18BCBFCB6638F98A5AEFDFE + 50EFB14B1CEC4B9800A53FA79DAE7A07 + stream[448..511] = 6705AEBFBBC289D1348809339A337AA9 + BB09F967F370F7B6F91B31340983F30C + 7BE18FCAF8A98AD2068811086304E015 + 27631D4575A757E23603A1754CC0C05C + xor-digest = 3CFDE7C771319F1F8235A42910F2F272 + A32A21FC232AA6FB19BEED7150C42115 + 11A28CA72A91130DF09D5647554C5B05 + 7E4158CA0E5EE6E620381A1886AED3AF + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 0000000000000000 + stream[0..63] = 0007438F1FF92182808D6C9086DAD491 + 4AD4D9A254B76C9E6DED0BBCD38A9005 + 369C5E22D9526AE58E77D1DD795CEB58 + 5AB8A3B23F3CBDAC2B5250D5AF4A4ABA + stream[192..255] = BD0E5A42DF166C28A30133F947633BBE + EF6E349FB4C4CAA7735D293F4FD70E1E + 25C7E02D84899DF7FD783676FD8E4E5F + 8D0373CD688D9552D52A3520AF8AB4F4 + stream[256..319] = C664C363DA0A849C12E4540B1F48BB38 + 7F7470AE8D5EFF416BD56FF0F6B5B1FE + 699E6957D7EDD362050A984E76214A36 + B2C233AB4E1BE0C7D144A9CA8FC82C43 + stream[448..511] = B570F16AFE52CAD7829DCA4396611F2E + FC3D6BDE216BB164C58CE6E633E36130 + 25B2877036D43FA5A8F8FB9BD183F055 + 408C9C8BE11BF02A673C931E16EA2210 + xor-digest = 2A17AD481BCD0B1B9E556628DD1262FA + 641087E211857C0A4D2236DB806AD2D2 + BE77469DB5C157C39AE8CAFC5EB11373 + DE00DF97F944552C361E3B3EF7EEA196 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 0000000000000000 + stream[0..63] = 708206F874440E673B7FB6A50F40BC4F + A0E5CF42665997448B3BFFB9E985F808 + 7A030A89D42944DC3982F991426A1C03 + 860D9973D02B4BB55BE333852C456AAC + stream[192..255] = 5FE29259ACF760E97850A41F6A189F4E + 3F7DED15364B350F0CCECC4195DFB44C + 3CEC850471C5BA43AE9AD3C5E4E189F0 + 3AACCCDCD9B356BA78826601736DE8B5 + stream[256..319] = 2E5B18B5581B17A0DDC722214FB8242C + 3FEED6A3E70292E66BD1AB5E6A1187DF + 0F37F82F4CAABAD5FA07BD75C5217E65 + A299F6592CA89439BB4C07167CDBA9C8 + stream[448..511] = F1B23A106031762A429A507CB8CD64B7 + B8E1C83945C0C90EF76205C7A4AAA559 + FD53770152BDEA97756DCDAF2A70B946 + C5C2CD1303A47F878B8FBEA602F01F77 + xor-digest = F0FDD0D60AF3A5BB7A8D9335EE4BF6AC + A21D197753E23C69F5B30D8557730B25 + C49F117EBDB802BD4F54342AE8266304 + 9370254337F93A8FFB7774082A72E27F + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 0000000000000000 + stream[0..63] = 8C299B9FE894439B2EC792B2F1EAAD12 + E9F36EB166009238751CE1C0B7EDFA4D + 415E51710DC0571BCCC7A1D4CAF8539C + 0A0AA3772F606E0BA1A9619C0072F6D0 + stream[192..255] = 13F41122028FE0E3FDF69182A14BD84F + 9CD8F0BD1889F7A279B6C3FC086262D1 + BD3EFF7EB624B9CDE80E01AE0FBA7926 + 3BB96046B5781F86B1F74C770C9D1B95 + stream[256..319] = 9BF09E9F13251656327A965532A86076 + 19E1D1D53BAE1073B97F4F031CC04E3E + 28A477EBAC545A3AF323523D0E576387 + 54D888FFB7354BBEFF8012843B37E2B0 + stream[448..511] = 1C11D6314A15362CA9E192A85590A2E2 + CAAE7981C4D97012CE0FA647113BE9A5 + 0F085F327CC0F4B85189A156DE2F47EB + E306B2BC8E10635A769C78A6F01A39EA + xor-digest = E6B25AA23ECA3C7E605C6B481A7910F5 + 779757CAC74536EA42034E53581BF184 + 8A5A8CE0625457F76ECCDDB58033480A + DA5B5CE83CE32B0E87F7A942DE7FD4F9 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 0000000000000000 + stream[0..63] = 6284621BFC63CAA22BE6048DE4143CB4 + 1D2196177C15063C53B3E2996D0CDFE2 + 20859E4888EFDAB46AFD3173531B70C2 + C8DE433AF0FE22CF139E5D620FC40B1B + stream[192..255] = BB85177A47E808FA2688FAF5405DD862 + 2337120C4D7D7A4946181D4D2575749F + B48B3592BE5E273718AE7BEF239CDCF2 + EF961CB12CC7F046F855693E1CD2BFDA + stream[256..319] = B0040C9A95D85399A61E034E71C0DFE5 + 9E358159FFF7C47D67DB866B84377830 + 30C9FADE324B21223366869F14044EA3 + 2B356E32AD60EC37C053AC5724D00219 + stream[448..511] = 15F147A8A3964C7C3D799F73F9594575 + 95C6CAEBF8FD50FCA0E92172C6F4FA82 + 7ECD666EB528EAB224B1EE1393A8D633 + FA3F70AE0C17A934DDE048D5418052CD + xor-digest = 68221AEE731E380B79D1B3B173C77A4F + DD4E6B4178BCB73D8045D4B3EF0712D2 + CD00058A71FCD0DC9536489F7BBF767F + 6E78A8000BD5BC505BD1B65ADC0C1015 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 0000000000000000 + stream[0..63] = C369B102AC455FCFDA25313FF1F6CEA0 + 177D195DF2F41BFD359FB0F362D060C5 + 6350FE870F674D5133CBF0F63AE1C2BF + A612408A0854FE859ABE703FF2688E69 + stream[192..255] = 6DD87040F10D4FD13701929FB4A5C0C4 + EC76F16C597D797DF8F3FC7E55945F7C + 38EC20A928BB1FAFB44334C7149BD5C0 + 0615CFD669EA306D7C7924488DEA4FD9 + stream[256..319] = 51ACAB1262C6AB00125DA521996F75CA + 291BDEA32FE13A15EB5D5CB9EF85D7EE + E8C99FC23401E3BFACF9E396CE9DD53C + EB1333212EF859BBCE956C785C21AEA2 + stream[448..511] = 115D5394C6B246A4105FAD22439D9FD6 + C7113BEDDEC9BCB4179C55FC15AF583A + C709698BCAC504FD8049D16375F8EB28 + 2D02A18B67785024615E46A34DA17152 + xor-digest = 65C60BE6EB8FD3DC1AC7DD9B72504FEF + 2A405791788501AEEDD12CB9A1BB43AA + C2F8922082390F34DDA885A88C71FEAF + A5DF105DE56E83848C888216F7AAC0AB + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 0000000000000000 + stream[0..63] = 06483C3CDB88620B6CF0FEB0EEF4A9D3 + 475405D73363F9233345D017605536E0 + E768E446AE16D28A8832B3BADC78F681 + FB3FB8BDDD5BDADCAB512AD345FF5B84 + stream[192..255] = 8C4DFAEC5ECA598CEE9FA61CA1A5CB51 + 6B9504D5576109A89F413E426FEA07CB + 02AC70D8B4747FBC24D32E32020C822D + D6A89B7EA54F27104778C8B7ED08025B + stream[256..319] = 59484F76FE8CA11B9C2DE0136C9D29D1 + DBF36CF9DD7D2F1C0D9C30CC51BB2020 + 8B8002A4424422330EB9A6B1E21320DC + A96E593F029C1B66D18E2DFF83817A8E + stream[448..511] = 4A65AADE2FF6C8AD061ADBABE7856F75 + 1E342505174509362FB9121074DFA525 + 7EF8091214A1620AD23A7F3C2FB5D672 + 8AF27FA4CC0FE7C4B9645DD2E073AB82 + xor-digest = FB7510E690653B72CE801125D97BB1F0 + 05E1B6B3A2EC937BF49DCDF894B5D73A + C0D3ABF2748CD8F0659FA6366356D69F + 7AB5F795EA3AA95928EC909359056827 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 0000000000000000 + stream[0..63] = 67B48A3BEF62737FC10CB6689E8BC1D9 + 41F0A93D46F475BCB63EAA68CE070C78 + 980026FDDBEBD79F5FDDA7C877058451 + DBD497E18006D4FF15CDFC09BBA2EE27 + stream[192..255] = D92977D84D234D416D308B73E9E4C6A9 + 00F674D23191AB78739AA996C5BC1883 + 7991E006F814F4C9F5C2DC0473193819 + A82ADB66EFAB431CB835C11E7A3FEE33 + stream[256..319] = D9AB982EC450D428031B9930C92ED65D + 64483A3E7E172BF74E09AA3FC0EEB195 + 35B2903BFF7A4D6E2ED45C3EA4F82222 + B4F2321B72362F811C5A56F828E7EF06 + stream[448..511] = 923A9A794AB86E2FBF9E92F4B2CB1D40 + 238181AF9F6A1B84C3D4F4EDD50A0A38 + 04EDA438F65F00D1468E4597118BD48B + FFABC3E58B57DA964D659C9AB0497A45 + xor-digest = 5C37B660EFFEFF6DA251C85C144E1F9E + 5810CAEDF8D677703C6529733D4A8054 + E156358FEF2CD2EED6AA5A4D03A16571 + DC46269521B79E252FB6B9E09CBC6815 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 0000000000000000 + stream[0..63] = F06EF8CE77E8C41D62FE94A8E0731883 + BA178230EDE0F58CBD806C6064B7A75E + 222CD1A42BAA861F9C1F8829A55C5E90 + E8B899C163260B6A8208EEA68850A41D + stream[192..255] = B5CC125B4ED0EC30DC28CEC004FDF4DD + F4E22616739328E65AD5369F291DF3F1 + D6E266E92F025C8B37D3B8975B97640B + 58A3650A19C7B0FAAE4A0ACE5A5857EA + stream[256..319] = 56FD201B527616699547E0B05CA3189C + 6A725A0E10F8A2F49790A51406ED5E16 + F651874DE023DAA11462F93BE45C04F7 + 4A2E2B1B974D49DE95B75C4A516F484B + stream[448..511] = C0121496D93BDAE5954B054D9E3A0BF3 + D44FEA7192706F1F243354C4FA4CCA8E + AF58187DA4B0A0E7684950FDAE15DD90 + E239BDA38D09402019361E66F193CFA1 + xor-digest = 553B309CB49013F6F1705B1C08A3399C + CE8DBC390580A57449EFE8494FDD8732 + 72ACB6DF1240395434B417BEE04B801A + 92B4E958502F751B38A6DA1CDD2C0360 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 0000000000000000 + stream[0..63] = 9D3EC48369BA558E4DDC12BD341B661A + F6DB6660E17748C9046C3983BA9C1183 + F91D0F3CACAF911A5E7523F257EE9785 + 3351FC2657352BC936A53B2C5E8C2C66 + stream[192..255] = EA384BD0F7DE413AE69DBB1F4F613BFF + 29304700CE7EE8CAD5E762A3423867DB + AF3FA9824CA3C96784854F53D22B224E + 26E8F246C02CD7488A930EB6E523DBEF + stream[256..319] = 4471E3B8C67D4FA42D0D6BE905DB7D45 + C2CAB1FCE87EE8BC24C8E45045C60268 + 80F07DB69104EB728D30725EA04B6582 + 2701660595458F3EC645C50B29A1E984 + stream[448..511] = A51766E5540CDA5078C2FC84EE4F93D3 + 3F6786E52216BDAE578BF9C41AFDBD75 + 1FC9C03E55A0C992590A24FAD0E6F3DA + CCB441F5673D5DC6D173B4FE19E7E1FA + xor-digest = B947BFBC7B03189D204602D252C20AA0 + 9A08542334C38241E3C4BC6D85CA1B3A + 67E8FD274515E3205B53DD752EF2FE1C + C545E40272A5DE0E5498EA4F1F04F3FD + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 0000000000000000 + stream[0..63] = 83DEF7DF15EA8893F9FC22533773ACC2 + 5B1DD61ED4DD029F270D0F58FD49A622 + 490D814996416E83930CFE9B259E5941 + 1433ECA932FC575567F44928B9D6E112 + stream[192..255] = 3BF7CC3CA842E1BD6FBDFE768EE5A8DD + F6750C06DF275AB5DE771FE794AAB9C6 + CA9D8D3F29F352B51CFE1108696CD44C + BA273A849ED031D9795754B9AB83AD3F + stream[256..319] = 18AF34CFB1CECF1250A7D2D3F34FBD1A + D0EDC388B447AB65A10920888CF0A576 + A8E213A8846F6AB5BF2986AEEA1B063A + 3EA9150B5E75B7EB42836DF2445DB1BA + stream[448..511] = DD3169A11FDB78BDBC353B9069589C55 + 8EF6367DCACCDE933961911FC1C74160 + 84855C8064C94F2DC852E3A82B1206DE + D72B14FC853F95B896560264F652A370 + xor-digest = 6B7986D5AA8435658DF421B948D612C0 + 909ABF812F6FC11F4B14C0637DAABCCC + 9FBD704CE6C883D16C4B5E9CF85AE809 + 1D4D699EF975BFE16B3882F3A1BF7007 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0000000000000000 + stream[0..63] = CBCE4343A827C5B222F6A140085EB98C + A15A67927D6748FC49CEEE08640620C1 + DB83BAACE7CACEC889C055D5B7B98B43 + 1C82E5E5D672AF797F1D4193AC53852D + stream[65472..65535] = 0C1129F4FE09DC6BD32B25875581837E + 64FB76CBDD2317F4143A34A58209315D + C12AA9339EF76A279F6A529BAA836018 + 492D356CF9DBE8FBF135E77B4291E702 + stream[65536..65599] = F585568D176E59918D12B6B71925F81A + 3F76992D796B931DC526FB461ECF88C4 + 953D38670A4D000458C478F93F9CB6F4 + 313952410469D8EAED8A70EC48B7AC10 + stream[131008..131071] = 1514D5C32665795D09E990B35096415D + 9A3DF0F61967E73FA07EA4B7CE303FEB + 3E2C3FCC8C03D1E23293DCA0BF4DCEA6 + 439F64EDE144F13FA5AD552942D53D53 + xor-digest = 8DF99C400C6D338F61822764553CF642 + 3BAD2A2126AC2F40D8933F7EC748C1A6 + 59BC40DD5F02E41DEDBBD1D5FF1529D5 + E3B3E13459E65B71896BF5D89877A62B + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 0000000000000000 + stream[0..63] = 419A8767890D24103D47B8D0DE832200 + D826E062C404F460E53B14379812A33E + 2AD32D056AD1290B7F20BD83B3F78D7D + 2F14D50145B462B197B781AF7A3DA977 + stream[65472..65535] = 2E66D8C770522E3F8033E9D978C87A6D + 35F6D0EE60972098B3BF979ED7F3C96F + B9DB178035275B3D92DB05DC0A3E8C0B + 9495B77758172590BFAEA7BA3892CE8E + stream[65536..65599] = A009410F8C39393E3D4B06D47D8CEFBB + 4462463C17E10A7CFAB32E4A7475B065 + A521C6F63103C22E247F8A8334EBE5D6 + F8B12ADCFE2190D38FD2ED92DAD940D1 + stream[131008..131071] = 564179140BCBBADA9EE3082C95043D22 + B1D3766164756A2084243CDA0F21D36C + A7C2C2528479D455648CB88345FA7E1B + E3CF27EC28DE07B8D3E1B3570FC118B1 + xor-digest = EC22B54FDE927C17907FAF996DE68C9D + 56145967C06E2F771B8DD949D3BB4A67 + 9F1CC88C2D7928BCC5E47C9C1FED39F7 + 940804F455590BF51A960A405FD6AA0A + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 0000000000000000 + stream[0..63] = 7CD369FFBD79D5C20325665E9B1E4FDA + C0B6CDA6594516B48B9FD6FA6132DD0A + ADF349D4361BB04247E73AEC4AC44DE9 + 7A83D5D20A53727D96A3554E7F5FDC01 + stream[65472..65535] = AF9B464B3F7D06F6E1798091FF352EF2 + 2E2D68967598200C43B095BD7FEB510D + 139B8E91B998C727A645ECD617ABF524 + 01AA11DEFAA089CF283BD1A9D55E00E9 + stream[65536..65599] = E11F434C0E44BB64EAA8667FB84DDA50 + 88CA4B42E80EF80EA8E65A161B3C3C08 + 480678F4C377C1AE9DF1A9A8B8F7D9FB + D4528E222E1E5C08CC8D7C5C85E3373E + stream[131008..131071] = 00C53CF9FB77EED33D0823F50F643B35 + 183AA9455A1A5F08DE30BB9C62F488BD + 257477C9A08412EA768D09F3CB5B5794 + 86E8D82DC3F298AA52C54FA640B41A60 + xor-digest = 5B703418BA6BE980986E1486763868E8 + 57CDE274AE11E86D38EFC59B47FB6FC9 + 3E74FFEA7BF1AF01678DEFBA06DE929C + 55FE6CF7876B9C3104169464B34D6AB6 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 0000000000000000 + stream[0..63] = 351A653254E7F9D7C2EBB4DF3B6058C3 + 33B6A9D6AB0F0307C53B0127F08AD353 + 7C9BB64AAC8F8996F64D034FA6629D98 + BFC7117D46E664CC129E6BDF80EF5226 + stream[65472..65535] = 301786260DCD50DEFB2629D5BA20FC03 + 429B0F519685D24944C1C9657EE53C3D + AC05F3C1B23C04F79A8C65FE649D79D3 + 4D66D3A9E8F50E5AA17768A318BBD5BC + stream[65536..65599] = 7BA32D064DD260AA3C9A22C26462ED8F + 23523F08A3CFE867CB5ECA0AD6380062 + 9857EDA7A8DEEE22CC5C8D4C9CF61E07 + 9CEE75F73F4AB2DE8B97BB3D70BD7FE0 + stream[131008..131071] = 3F210F2E77340A70DAA93BD3CD15E4C2 + E8774623B94953D92B3C4AF39286F513 + 79052364DAA94D69FA3804E83010DDD5 + 17BC3E8E57BF2FA8AC6131EBE5628DA8 + xor-digest = A19082EBCCEF8B398453DAFC9345C209 + 0D96AB8A2085DAD67DB21BA9E03A331A + 7E1E3BC39A911E28E09329B3B0B5918C + 3C1D6FBF292E0B7F280E4A92F21278DE + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = 0828399A6FEF20DA26620D2DF296A666 + 7011AEA49BD5499E538A0F720618CD5C + 0C2D8B3F836413B73C797046F619E3F4 + 4E828FF834E60082F74BF661E115A89B + stream[192..255] = FEDCA28213479CECAD2E73EAC5B2E3F0 + F28279130D065D8375919CF8516139C4 + 185EC1FCC46B83FE1D97EB1631A61CA5 + D359435EDE101422C8111C73F874D472 + stream[256..319] = 4BDD65B2652AAD22821AA6526999BC0A + DF4A0F4B7BCAAADBA9C2DCB96D7D8783 + 5FFD884ED00664DA9E5C31CF01C36903 + B4EEF0D6EF5CF8D9A618BB1BC269146D + stream[448..511] = A69DD628514FD484510E4311DE80DB69 + 216E9EE6ABCB9951ADF271AD7437C46C + F26064E829F3A6F766C7F2B605D9FE04 + 177E45CBBFD87F8040ED4E8990BFEBBF + xor-digest = D7A6A0F641AE7E16AD674CD8849B53C0 + 786A5CE177684C84CDE53382192A7A45 + 4210667BE29BAEDF8D24C0D604B4A590 + 7CAAD8742B2AD51F5B2963E85BF8D86A + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = FD2DA0E40468588B1543EE85E09C4FCD + 79508B7C218E036BB7F2B318A307CCE8 + 4AC24265835CA28B71E47AC8438A1B9F + 0E27DDF55B026E89A03F4D85D761B8CC + stream[192..255] = 0D71956B4507F2B4AB8BF13E0D119314 + 6BD49407EB382010B536F324C608526A + 7F847BA2B566C114064DED7D3EB3C1A6 + D7E7E01DE6AFC97281D5578D2A090AF6 + stream[256..319] = A30714284C89032C322259BC65897F9A + B19C5DFF3F08C7E283CC4F84D13EFFA3 + 4EC4395ABB409D8DCBE46FBEFD6AE284 + 1CDB61FF4A567781EE8FF7C497E33E87 + stream[448..511] = C81287935240C50F85F91878FF6105BB + 3B2AE809F8ED6A81806AE10448A1110F + 63F4D39351246746538CDCBA21E58903 + DF2E79EBBB25C3C6D11FEEBE9EB64CEC + xor-digest = DF18788794641697952A30EE2872858F + 9183BE0CA958E8C92D07D12E16E61A70 + 7C177FD3615DAC73A6BC8D4EED4F37B9 + 3B6FA6401673A18F00ACB3B5FDB26D14 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = 84E40F5CF15FC05B7DCFA4F2FEFB4728 + 13691C2304CF5869F0FBD4B6AC1EC4E7 + 9C586206C183DCD3F46E57DF23C0D6EB + F5A576EBFBFD7293191D1D0ED7FEFE79 + stream[192..255] = 7333C34FE964FE554AF81B0BB46322CA + C89E8792F894941C9AF353ABD94AFAF8 + D7A15AC1DFC525312888BCB732B7E1AB + 6370D696DDC99567770CC012A48E01B8 + stream[256..319] = 19C776193BCF11896B65656D7E83B08B + 64EFF3E047D53509887000A75F1F6FDD + 9535105C4D257A8BD733596FDA75454F + D4A9D328DE452ED1056E61CF6E737C72 + stream[448..511] = 5DD14EFA6D628F675CD800F93E455394 + C6EB5DA5D59858E72D2513CF1307E150 + 40EB0357033080C9F3ED32EFED7EA162 + C308B0A8A87E222F095940D9E59CC65B + xor-digest = 1D4D00D61A6D7AF13B0F992EC8C084BC + 0AA3D51ECEA8D16C3F61FBB00F6EAC29 + AEA93FF7278D5E4F54FF4AA37FB26403 + 844DD750DCF9F545213F1D18B7ADE56A + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = CE11522BFB447432E4050B040AA99DF8 + 99D6BBFC09385CB1DA154A12B999168E + F911951E77CF1F13FA172BF785159E54 + 9A2811E582225A9C47B4B795BC9C989A + stream[192..255] = EED57DCF8FE2667A72E1C805808A2425 + 70034E1C984FD9A7A4AE4CC8272363DA + 00C25244BF0C981AFDE88D023D16F054 + 930221E64DA40EE29BA0EB9CBC4379E8 + stream[256..319] = FCFAF63C16B1FDF2F35EED64C66F7C30 + 44E3D10988A1557433276F62198ADD1D + B4915239D582EB5D26A1C8B0E779D402 + 359AE48EF37F42B2791CCB148BAA271B + stream[448..511] = 8926F249478DB9511A0B458F00F1C3CA + 4920BAA6398AB226C54625E8ECC5C279 + 6F3CD50530BD48FCCE1F1C12319DFE9C + 7985ED9039EA39BA3DBB805EE24CFBEA + xor-digest = BEFC1100F1D51C9C0969FE2C6D61CC7B + F005B6D5A6AA1599700BEB5C41388DFF + FFC45ED41DB2D64809E6559FB27DAA84 + B20BF61DE2F1E587B4E2AC374563B522 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = E250C895D66BEC675D8133DA375FB62B + 93F0E827BC3F2FAA71FC128ACA7BAEFA + 678E14A9B3E96557B27C420690104A36 + 246FAC96F4F0F1F01737CF73FB9F5835 + stream[192..255] = ECD7C3259F7254138CF155607665F337 + 8314BD1517311898E83F803D25FFF71B + 30DB78068FE4441E42353D891E44C64D + D0506639612E3CD09F02C7B70D97B6F1 + stream[256..319] = 25851A96F3CC05B22C6896C142801673 + C1656A2BB16B782C4056A05BAB6B4CF8 + 0027896E3523D9A2E614C0EF99C2D13A + 1A4588F6D706235FF458E0E58A2B37A7 + stream[448..511] = 7F81A5653BEF2841C95FB32E82F812F6 + A303795A484AB757B289B99849FC001C + A93E82ADF8DD1E70212AD4E337E84293 + E402B9A226900E6E897F349020485321 + xor-digest = 862A4A72A2B584743B18950C0352A7C2 + 641B46F8D825A7D896B07F45408A194B + 98FFF5CF26E59CBBB18E585B306A5376 + 93481B83384987F859B2D439BF103C3C + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = 5CFB6A5E9CEBE0A9ACC60822EB99E528 + 4CC9800F02965CC246DD9FCF30AFDCF6 + 74D5CD9B0C82F56E996D76311343DC3B + 26B8A5A84683A814B30B64130DFC1312 + stream[192..255] = B53D6B7B2B406EE0995C482EAC7F3FC2 + F53B8030DB140CCC349B2D838D593578 + 5EF8213934FCF97025B6E5C176BADFF6 + 7D7E32F1628211F0B367A09D360AF3E5 + stream[256..319] = 00C88495EC56E8E60377014E6CEA1F01 + D4A242E2CEA59C926A60CB5E7B324F92 + 086121F67F6A0D054BB981A31FFD1B78 + 238271FC12A105D9C8E374E310F49FC4 + stream[448..511] = 26CD7F8B35DE4E3B93C6D4FC1CF094E6 + B1D4FD414CE3AC1BA83693D45508A9DE + 9E0382E3D59E746A69406C909503F1A4 + 1B5C2F09B60556FDCB7DA979304058B9 + xor-digest = 87B7C4F5A489E29309CCF0F73EF24777 + 0A90021EF4EAF1D1946D7516E08A88D0 + A34C630D3B9ED48B0ED21A5A13E7A89E + 3A79E1295315B934A20B33EA0271682C + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = 838C9C791A294AD47E1590635B78F6EC + C85B041EDD3E57B86C85AF3A2B6E7863 + 324DADEF9067141973FC08AD6B1244DF + A714B9A199258321240AF38889C2C0FD + stream[192..255] = 6D43D906013113B0DA875025307E00AD + 9CDB202313443A98F99650C51AECF089 + F500C9CECEF33B2CB9D4F3FE9738F1B8 + DE3BF7666BE7FABF3F4AB2D1D39E9D19 + stream[256..319] = 36D293409D8F671ABAFF0BD24790C13B + DD865D2F198836138F60ABE8AF3B110B + 2C31DED1AD4C2CA0D72AD79C4A004ED0 + 6D230C23EA76C546EBAD6D9F0ED10BD8 + stream[448..511] = 727C90BDA82077EB3F6BFAF61EDB0C6D + 9E3A161CA91A567BB46E8FC863D5B639 + 1A89A80865054F24EEC232BE3AADE61D + 4D756E02902AAB6E93E133F966ACEDFA + xor-digest = E1043BB3428B80C1518636DB551D36BD + 97BF077364E765560B7E21441E440865 + 8741A82729433FDCCEC8E3912770600B + B164D2F5AE4318189243E0F14CE5370A + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = 92AD3F36D69DBCEE09DD51BF185FE689 + E4D074B3182CE55DC5FB2A8E1EF3535B + 5F24B53A86ACCC883F1E2E32775FCFD8 + 0B8C9B770C3E68972944BD37B58CC46A + stream[192..255] = A03F61F6E9763F882689C818D2B38FCF + B9EBCC65DC02033743B60759B929EE8D + 6E7778225EF67B41FB2CB94D987F25C6 + A68AAEC278FCFFEA338F879219DEC6A5 + stream[256..319] = 98A0B25B987D40BE455E44DA2AE884F7 + A44A385B08599D4120DB4CF2A1119861 + 581E096148EE9610211283F35C46FBA8 + 7F26CA77511C8AD8B8A2F8216692D3A4 + stream[448..511] = 96CBADFCE460FCF939648B50F2E77974 + 5734BB6F9DA81CA6D5B437AB064BA60E + 0A764853926869D865648C7D6330E8E1 + 025E08ADC3C94F8BCE91262B1AE61D35 + xor-digest = 5DC773662339265807BDE53BFA583DC8 + DD97A326B95CF8208E325908C3E3CCB2 + 9D4B2BE5F248E1D50CDFD18F2E2A652F + 96D61BB0AECEAF6578B46E560969031F + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE + stream[0..63] = AD9E60E6D2A264B89DFF9FB129C43BE7 + AF76941B496AA3D2CD43489DB59AB424 + 491A7E48421DA3AAAFBD841E86AEADD7 + 62A08B2198FFC403D1023C90C1D5C45C + stream[65472..65535] = FCFCEDDB8BB103AE3D0F838F16D38790 + 3345EC7EF5BFF71767116F8B12AB648B + 8CA707BFE466D340C9047C4777FDAB3D + 87BDAE93ACF7CE284FBA25B3426B479E + stream[65536..65599] = 7B134CC1E9DDE0CE5B3177106DE6BDB9 + 7793A531FE5A8A1B01B5FD10649E2D71 + 09795C572456A2C3E18B0E1BF938766F + 9944B31A178BECBD9F2191C6DD608A2A + stream[131008..131071] = 727730F9D6F5B2C9F14849B7E7E03291 + E83BFB478A50F8E67D0FC5C4722011BB + B75B76D60604734BB89F7FB2146C29B4 + 2F0949F29FA37B8E1B8E2F99E8429F9A + xor-digest = D5FB304D3680C469C47B3196F3B71C5D + EE1926EF2B9EC70AAD5EA27B314A9899 + 8F062928FC9EA1080F825D70FB99A616 + 4CA3982C4E0A7163E7B69E68DF9E2EA5 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E7 + stream[0..63] = 04C8326DFDC89A24265C30C0D04B66DA + F4878363F561B727B6C02701BD5C1660 + 2AD9F50CB7FF0CB1886FDEF38839CA38 + F20C87C8918A798AB99BBD3CD166FB82 + stream[65472..65535] = 99DB955CD5F1F7EFEA6AAEB7E11CB087 + 22617BA13D345B625FB56F9F5F2FAD2C + 92EBF354107B37FA83A2761C8C156D8B + 645A7988487DFDA074B301AC43F4D8AC + stream[65536..65599] = D413787359E60809D3BFA094EAB05655 + 26C3B9BB416F44E60705ECE97A8CAE5D + 81BA3CB308688E88A1F4507986EBBA88 + 11EEB3F37D9F3BB2CB863A3F44695125 + stream[131008..131071] = A857DD0BA71938837D808CE2E20D168D + 494DD4BE691F03174974D524F8C4A465 + 253EDD5EFCE042A10B27F507D9E1EB09 + 65DDE53C8E36C09855FA98A1BFF605BE + xor-digest = 28F9B2682ACCB532009D0AE9FB90AE5C + 0EAE5A875DFA1833AC6980A69A77B317 + A86F3F673E9784A4A9C95809F531B7C7 + 49C4F5ABE1652996B4BC3FA5DF5A8429 + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F0 + stream[0..63] = 70C2BCB290CCF3FEAEC1B40C1E76A484 + 1183DB1EC369406AA2413E68BEE065F3 + C8FC0A70F27BE05EC3F7752369AC0A81 + C6634867FE27B216FFD615ADF774A123 + stream[65472..65535] = CF6A14D9229A19E0D06B1F5F8F3F70A3 + 420AFAD9EB87D8D90246D57525C4A9EE + A98CDCE2F4571F8996188DDB5F8C683C + 1529B214D85E49A792EC524DC49B42C1 + stream[65536..65599] = 51377F55EE34CA14F28DF83AA281F835 + 47D5CDF2645D491DDDB5D94B0336AA61 + B4DE25FBECFDC76EE511675EE2E078EA + 8E13AB68F5144B9E0B3A7DE1B819110B + stream[131008..131071] = AFD6F1C39D1779585FE4DA29B48E7C84 + C08C029D319742A039AFDF17E86B149F + 970073741D0F4183ADE1C6FBA439A8F9 + C5B1C3ABE04927DEA0CE6EA80BE174EB + xor-digest = AF57FD3AF27C4C9805D693F890366A17 + 9C07FDC915CE74084F6FACE7DCB87B43 + 0B9E30D04D609EC22EC71D37A59968A6 + BCCD6054EB548CCF492379B625FCB68F + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F9 + stream[0..63] = D24D58B33AFCCA127AE53329E41661D3 + F7B04DD3CE4B4B450E7BE4E95D433D60 + FCE717B8FB74378409339779619E6451 + 811ACE2C9C7A5A307A79658574A3A357 + stream[65472..65535] = 38A7A26D4D095F59E5B1765B2C6D5256 + C43EBF4C3DB6C34E8194B8316A275A14 + CB03B08107FA0ACD018F7337ED75BE0A + 081019DD0FA3EEE16B90E07755FC3C7F + stream[65536..65599] = C6DFD83431D95832A70479E7DE00F978 + CE963BE6CFC466FD10BED45948A802D5 + 2D4F0065F76AC633275D0404AFE331E0 + A20FA4910132EEEBD0BEE8133EA79305 + stream[131008..131071] = 492AD6E33898DE41A6CA6763B64C8EAB + D15D12C71609A19618F29F4924A138CE + 7E19AE0701140F7592FA56F05B290F86 + A6E29E1F779C261ACB14C8D262157844 + xor-digest = 6CCEB4175D6626620E1FE517CDA7D686 + 86AD1B678BAAB2C073112A520109806D + D10F458F1623BB0F4E8EA3762F283D27 + FC613A9A8C298577E37B62B35C246920 + + + +End of test vectors + +Primitive Name: Salsa20/12 +========================== +Profile: SW & HW +Key size: 256 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = AFE411ED1C4E07E4D0CDE3B33E31EC19 + 0FA4CC796A58BAFB848EAD8D07D02CD2 + D4B6F9F30CB0B57007E3733895CC8D10 + 60107975ACAEEB689B6CF614AB64A3D6 + stream[192..255] = 8966E93E875E8065AC6F3A1A3E2146F8 + 3D5EA93CA987FF9F13ED6ADE169665AE + 3527FCA5613AF081C0E773DA6E7C74C5 + 642ECAC53FEBF15A699AC2C8255CC100 + stream[256..319] = C89DB39DD8872492ABF8109462B3639B + B18C64ED500B70D2836B6194D11A77AC + 8C14DD8E1DF0B3924DDA24563E2719E2 + 635C61F63B9AE60D56D5F3512851B4B1 + stream[448..511] = 87A5191EC2E3C9049FA524CD8673E067 + 7C77ADCF8AB5328FD828C4ACB3ECCCA5 + 49ADEDA04872518ECDF874ADCB2420C7 + BD1CCFE561B074080224FA7176F0CB5F + xor-digest = 61148960B846452EB2D8CD69A80ACE1F + F373967FFE5BA516F6755B67669B08B8 + C036C18DA119A1579C0D1505C4CC1072 + 9F11B058AFD80D8F266DF4B1F777DF4D + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = D35370FC409EE2729711067694626557 + E18A0C423B5EDE308CD51EF08D129737 + 44BDA1F9E10F33C7D2B0E4CC31DB1D7C + 2A475D1A9C3ABFF48BBB7D7E901653E2 + stream[192..255] = 6087B4A538A3C730DC0AB44FA29083DA + E1E25529E5055AA991A91E8A91B58F9F + BF3502250F9C1C4CE26A0A68609AE1C2 + 7CB5099141D78ED20A0605ED5E52D102 + stream[256..319] = B8EA18F0FE7B2AC9E62564D8B5AAC4FB + EECC2F34AF327C6858EA61326CE5F7CD + 29A3A493FB90F74BE8C33AAD6B3C6D77 + F872F6A22A90662499EA89F06C467178 + stream[448..511] = 4DAFDF774BA1BF2EB56E00C8EC4D0BD2 + E25332E76739CDDF9CD2DA5AC6A4E0E2 + C1D08E36094C617E0A3039EA3763F8A2 + C4C0D6D2EE0DCF62E66B74138025AF7C + xor-digest = 2F5DBB70C486E011FA247C063695CD44 + A401E81F35A25CEC96C12E6349F21F81 + 6CE0265EDB03B7F464E59F03C0B6633E + 9760855743ECA943F7E4260B52BE688C + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 2817BAA279C2E38743A8971A554E1DCA + A76833AFA424C3D5C4A2FE1CBECFCA3B + 617F46AF068A542D96D7064312311CD3 + B8685BBFA8129FDFAACD4F1320ADA997 + stream[192..255] = 74581CE56B91F4D0754DE4E24CBAAE31 + 45E6B1A2837A24C2BFB7018A2C0E6EE4 + 6EC36E29734187CC3377A04BF0F6A60B + 6096EF5F82FE2003D7ED1632EE0FFD39 + stream[256..319] = A3BA6FEAE953CAD1D555A7515B696D45 + 598CDA3B642709FFDD8EECEC3CAB7035 + 3330E6272ACB0363544F969B1821B072 + 9BD48F724700CF59EC4AF5B0F614B0ED + stream[448..511] = BFC43D8A25395A7336A0699A1C0269A2 + 8B073E6E16CE8F894FD15FF4F346F2CB + DC92F5E06C34AF7C18C51EC888FFB2AD + FAA438BE01B58B0D15EA9422255B809E + xor-digest = B473B218C02E949A076FF5680305C2A7 + EB4224C244BF901F06EE3530B59F1A2D + DAEBB7AF7C23CD7C244D4791339CCA09 + 9BD301FCEC9290981A86D58535E55632 + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 0B5B3D1E653759C67FDA0A4EA40F030F + 791B0CF5DB733DAE33F83AB056A772C0 + D310DBBF5372909A625B7BAB4D1FC47D + 6BC5D8427FB69A74E5CD8969D150DD84 + stream[192..255] = ED412E2D0767B19937EC5E40589F22C3 + 2B664EC630072125F79F21D0FB6C8ACA + B9A7878A3A0BD1373EEDBE6D2423CE8C + 2C919F2E984F55BA9A3F8C2448FD0696 + stream[256..319] = 1BF05992C88A50A7BE08A101ACFF7CBF + 3858AA19CB63DF58B650BCE68B55DB89 + B513211B66FFACB56280ABDB42EE0962 + 8DB84754656AD56348F206CE5C435065 + stream[448..511] = 453D632932E54389AF9F0BF2B9181D18 + F4EAF0724D407AC1C01EB4A03A1F6390 + F0AF4F7C7E919BF920FC0BFB4411EC80 + AC21462ECE37751F4B2D8B08CBBE983F + xor-digest = BB28BD314F2EA4E87EED413D526148FD + D2E42DCBED256663F87846E420282C4E + 690FFBE14F3E9E530E15F802923DD2B4 + 57015F004764DF3F08F8CFD005904546 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = AACE59C86B2E5AB9DCA66FBEBC3E7E0C + 866F3605BB4C920E926C311CF1A18FBF + 74DFE08FEF7457B87245143BFC181DD9 + 4630570E710052C0E7A0D14886581F6D + stream[192..255] = C589F2FA7249642EE4AD73436871FD54 + 6E3993139FDE18F5BCF310D754D66E23 + 339A9E7A33A112D3418B5987AD1C0E6D + 3A4A785F78B0B596FC6AC5B5490CF0AD + stream[256..319] = D88B511C4CFFC17137E017926B753B3D + FE5367FA3F3D38144F7AEF0792A641C1 + 698DA70D222F999A78F7AF69C14EF312 + BE8EA870AD873E6685B7561382482749 + stream[448..511] = 87E8902715929753474278A7B53EA327 + EA9E497C26AD48BB763A18B2C399213A + BD1204240B997A3A8711E395AFA6D121 + B49402EA3E992A2698A318CC02C7F981 + xor-digest = AAC5EB7C11DD6FF3120A804C81A06D3C + BFF22A0BA76725B3426BE11C5E9FC60B + C55035E7BF3F2732F86967A44EB2773E + D1FBB0CD8E82CF75305284FD46E3531E + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = B0C25602B985D242368955757B27FB07 + 6EDAB23F4985A1BC4B30BCA0FE767871 + 5E68FE3FBA4DB140E555E515D0D62CF1 + 8B26A04387A87635FCC6C9A4BCF488BE + stream[192..255] = B009F3F8EAF75703D49CA78AC924B613 + AEC45473713CE31AFBC1FCD263927666 + DBA064BD0A26E4D57146DA8821BB0CAA + 5A768F9E126034D6FB9B181A5AE623AA + stream[256..319] = D3EA08879D62D9C2C640010D4971C2B5 + B476A9E38EAEAEF693B421BEE680D7AC + 4EC743A9F5B3E85ECFDEC81749126A55 + 3D963CB21A77BCF954796DA3B3E5080A + stream[448..511] = 10C6C500636A6DC4FA2101D66DB53A54 + B6810DB73DCE979DDAC331F44F4AC10E + CFA79AB105F35C8A7E0F91560253EFCC + 7AAD27787D5CF8B1475B6CA9DCE80097 + xor-digest = 77CFED6347E72A650399430CCDE3ACD0 + 7CE45B7D5C9ECC725AA76F33913E5A56 + ECBEF3DAB8DAC3E3FDD98D587A1A6E6A + 71D01EC892FBA7B0B2E82A1C4FC447B0 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 6A4115CBC62CF756FEEDF37FC45E0628 + 9A3B36D1CFCFEE9D586CF5FA72E6614F + 17D572B02D55F3781CF8C28E0F0FF7FB + A44F67F65302184DA7EA1F50DD887710 + stream[192..255] = AD086017E3E0253DC9D0B7A4A50959E4 + F9000D8FEC2683438159EBFC53F45E9C + 85FA2B7CFFEEA333C031E9C44A4B37D3 + 475A10B7B07CEFC897037255DE34E115 + stream[256..319] = 256A5BDA46A30D87B505723A6C742951 + 2A7F600E12527A95A9F4BEA80A76A792 + BBA9F59FD5BAC9DD7EABF75D04C4C432 + 2E35D9B5B54ADC5A6B917EB167A15F0B + stream[448..511] = 37BA4A3BDBC0A3959E5E6A80F877969D + FC11733DAB4D1AECA5D019E0F6F3D180 + 1EE134F691E830BFC1B48D7AA2F4314A + BD17452CF884BD4B6C808FBEBE44A5BB + xor-digest = 676B9CC931C13642FDD6D27E2DB32991 + BAB0F142C825AA1706F53DC42CB28F20 + BF03B191813E1F6992A9859F9FCCAE0A + 5BD89773ED2E24D8E35A5152DAFA9EED + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = BF891676CCCECD390A2E711D12235A58 + 61DEA9AA913CA081FC98B7EFCBED1580 + 93E75AA27B458AE2AE2D4515E9ACA19D + B0C2A195CB7C726234B4788677B16D32 + stream[192..255] = 854D77AB1E25999EF5409F10CE870B8C + B86939A212BE570A719FB7E7EC1FF329 + 42B29A2A299FAC22B8FB01F76C8F48A7 + 7A5D43DBCB49D4A0C637A4FC17438130 + stream[256..319] = C103EE4DFB2019D3F80E4DEBF98CF341 + DD177B9877ADB0A11E80CCA9E22B582A + BB84CDDFE4579C7D32C6DD52C2BEB963 + E4DF92AF314A9F1D2C5819792875263E + stream[448..511] = 250B26FACCA0C4656A6F16E1A9F7A426 + BCD0B574DD0DE37D5D2143587CBB037F + 2CD00C3260E0BBA15E1D26C441AA0DBF + D0149971A933EF1623654D5436762D24 + xor-digest = 7B2F208B0F1624CF61BED60E98BF5A0F + 26E57806A6894CA043635F9A85D5AA11 + 0BE9CC2ADE70BA9CD47673C89FE15389 + 231EBC70AF24D11E8AA3560429EDBFC1 + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9D1812D4D1CDBF39F0B265E8871B0690 + 062292678733DE2D7BF114B4FCACC319 + 8CE01D56EE3C3E6F943DADA2588C4F65 + DF6D541F06E2947509F1E009DB9D0F10 + stream[192..255] = 7B884B3F3BB9F2936B66919C5993339D + D3E5C619C7B8F815BB131DA59A4FC7E5 + 741B337EF188C18FE1268A23F7BF83E0 + 6357E5AD512042F0FBFE2236C0EFFF31 + stream[256..319] = 59A4A95742B1FDEB81D22557B6C22B3D + DD3B47CB85FB15AFAE657EE5A61FC8BE + F3D5F082C43AAF86A76FFF9DB4D1F40A + F666D03EB4A516A9399C0E1D493C3A97 + stream[448..511] = 6767AD6AD7846F6DC81A65D1C4DD3A2E + F6709B91536504B5FB16F0620E9AB76D + 9D528BFF107BD2BD18D06147984822B2 + EEC70DBCAC7229817EAB2B17F6768E62 + xor-digest = E6AA8C7631B393AF94920234D16F1C3B + A8EF81756FFBB64167B799C66E789D24 + 063CA052EC322A62BDF931D2B0EE6C63 + F3144492EB24B94087E1379A45A01197 + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 6389093BB9AB75E59C2789D97C5B37EA + 24DD0651D7496D614D30002FCFD48030 + 3FF3D642C6B44E594D800318B5CDAEEC + 7F2126A3B03B41FEF10B13A85E742F7C + stream[192..255] = 8DED781C470FDCC61D18C5A728D790B0 + 0E82B0A73ADB83DCB407B910A362ABA8 + 6B6133B4D7609A261D2D7DBAC525808B + 23BE34184AE83F19549CACFF0CEC99B2 + stream[256..319] = 70A92B03DE3F73980B0AC3DA43432909 + D9281837B28634F4440D47BE640B0CB9 + 8302A6C68B43BEFA72100BBEC1570E6B + 380C9F064659AF621C57BAE4ECCDAC01 + stream[448..511] = 7C535EC78A02E334A514ACDE70E5D7B0 + 53F30CA42CBC6507077F68A6D367F5A7 + E7CBDE7BF2B200FE34EC35220C792F3C + 116F58A4A3CF39E9555179C1569F36C5 + xor-digest = D6956DEF953F4D1D8DCB131371977605 + FA0C8A4C7EDF2590F0E7A1AC16FA388C + 37A969B9183B250780976191B37F4404 + 6929110B9D1513B2CF4E2D155D172B09 + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = D215C7511591B798595393396587ADFA + 4F9560F29E8C51F3B78BD66E5AEAF6E6 + FD8AA0C1F118550B0922D468E89BBEB4 + 22A0BB03D3C182713033C7E8F3584DFE + stream[192..255] = 42A967B3958812A03DFAF28A1D3F14BD + C33AF3A80324A714BFC89D1F203FACE4 + 75BD46C774CF71A83D73778D314020B2 + 07CA5D6D4F519CF1342213AEBE0B1DB1 + stream[256..319] = EAAAE1629F4D0B2ABE666FE1183E9A99 + E3BDF6AF7A7DD791850AC732CA2BBF26 + 95552C58E76A2DA0CB5716476D1DF5D5 + F0C1A594B3A96B93ECC7D9A8049E9C7A + stream[448..511] = 1745E471E99050ACDD50CD00C9C2391E + 87EB23A8D5DD637F99DB10F236930415 + 7E0D203655B22CFE1C630A0FABDBB030 + B8BD796B8FF244B1A6C31351C5FC9888 + xor-digest = 38973BBFC3107DE4236AD0C4B3BD6E7D + 4AA6182203C4908828636A848410E435 + 44E82C12A4E1C8025D702BB767EFE648 + 91C894CBD647BB03EF65D7BA4BC459F5 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 7E11EE1FF504341A20D8D7BEBADD2251 + E1C53177DCFAA98AD9A7A6F47F8DD769 + B130223B7B461AF569B3D34F6A84A9F3 + 0F0B9DB1CB9EE64F29087810BAB13AFD + stream[192..255] = 1B5AD6AD85063A7600814FFC0FA14FEF + ECAC68D40BFFFEA3009001D488301240 + 16CD145E7DCD887B3A547A95FFD299DB + 7487DB06CF964FA588EB8EBF629EA778 + stream[256..319] = A8284D274B3737613835669E2A531213 + 93656BAE438D66EA41C19DAF455ABE4A + 9908BED31D09CE5DDF3BB28E0CD87C49 + 8DCD82E0E1A7AE2827AF9B84E5CFD659 + stream[448..511] = 1539E0BDABB5524A6E75BA30D92595A2 + 9E17A16D9EA9B198D2C0BDC7084B7E82 + 2043F27575F03E5956253BD2DB7DA51B + 3BBBB8091F8CBB2518B8026A4F863563 + xor-digest = 01F0F87A7F91D9FBEE2A4912A010CB03 + 35E05A12CF8562D0D94FD0661CC7E79B + FBEE4F6F5F31732EC899C8A4F0ACF506 + 270AF836E7A82BBFDF2DC201A1772C35 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 334483A8D13DCC20B7586229B4431804 + 1CFE2A919ECF0BD14094E65ED57E1B41 + 84C61F35E7B6A27B3BBFE9C5773B4D1B + C2B4CB1553D65CBF237DD0C80629033D + stream[192..255] = 496FF41AAC9104377A6353F6C0C7DC0A + DB9EB70E55578537FE01333A0376DC36 + C3BDBF74D912E39491B5994C38722DE0 + DEEAF4C56F11C9223F9BA8615CAA1DBA + stream[256..319] = EE7CDB35ED5D2297D7920352A62E4F78 + E932EFE0280C176C99B7E458D8A689A7 + 976197522DB47EADAA45B45702E2A8B8 + D4E86A6E242ACFA1A2DC8F116E417A7D + stream[448..511] = F6E280593F4EEF22E989795B675118AA + C56155B55347207A88F1284588E75344 + C428FF85EB49504CD261D9FFE3629015 + 21B4FC67925E48002795A9E01F358896 + xor-digest = E1CC8FB100B628DC16A5EC988A0F3F4C + 9E8E4C654DFC79A16ECA7DE901C66E0A + 9F02C4B9E1364AB1D51AAB100BAEACD3 + 2CF76B8A56AF37A84AC367543670900A + +Set 1, vector#117: + key = 00000000000000000000000000000400 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = F14213AAE4B9009E3E186711D38D2E5F + 7F9E1582C3119FAF35E2BD769C27AF98 + F91B1F3BE438B9C4D9E34A660C9503AF + 1028E46991791DD5BDA0F72402E918B8 + stream[192..255] = 261FBE670CF7AC3717B109D0DCDD11BB + 9D459DCD28170BD213B1504ECA80F682 + 0A5C00DE042F716D446321554185A067 + F518BBF40D494EE66299FC4ACCC35C9D + stream[256..319] = 19C6D1D61A4E25915E84155F6600FFC5 + D9A1D3D642B867A3A2C7220F31AAEEB5 + BC70D2B4FA31C8F33CEDDF4ACFBCC6C4 + 62BB6A20CC887332A0663A70AF3172E1 + stream[448..511] = 92A5DE3470C31234BAE98E5B7400353E + 4D38429A3908BABA871466E2F11FFF26 + 9A0FFB444A10E492C9F12E79D2B702FE + DBF8BD08B0CFCD25BCD001559E475DDD + xor-digest = 4AC00A08ACF888E710C9A077CE363905 + 55C62CAD164AFA1653A6BD93DCC25689 + 42807CC8547FDC5B7BB923C9C9CB7525 + F291ED7AB926A14A30CAD96DD8AF2638 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 17EDFEFE97F853B1F939DA6457560C27 + 235019D1D732D361F97A7CD2E820F8C9 + 6E4027CCE09699E9C2A3C3B9BB286718 + 2F2A032E33DA2FAE39783D4F51A830C9 + stream[192..255] = 5BC8F17A5D6EBB9A6C33DCD757891988 + 81E9D874426DF815B70189ED3BF71C4A + 2F1D767BA5214ADAB15A40A41CEDD65F + B2F6DB56ADD96AB53662DEBE1A0E9D3F + stream[256..319] = B267B2046D33190085B6C5D775C76C49 + 1976BCF86A5319DA1D47F7F92B1A3D3F + AEB4AD3B7ED8DA3796E27ABF9929DFE2 + 5B3CD790F5A8225554CF740A9DED9615 + stream[448..511] = D58E8620DB3317075B3C868E0403A1D3 + 6D98304037F5AA089775430118D91841 + BEC652CD06F4EF138D2F17CEDE63D3A8 + 714DB3251830AA1C9A93E0431CF23812 + xor-digest = 9DDFD866E937DE4EBB0CE08FC162794B + 5FD602CA6C0F96A32E3838F5A1554C07 + CBCB15F21000CA7E56227FA54C940B02 + CF3F7DA0A8B366555B2712776D5859F2 + +Set 1, vector#135: + key = 00000000000000000000000000000000 + 01000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 351C49EE8DA408D2CD177722640F1259 + E1D4A1A55A955E08F228669C6F5D70F9 + A70DF66B1E6125034E7D95D9CD8178BE + A06C1F3261B213E6A13605F44A50347C + stream[192..255] = 546F38423FB0531043A311A8D97F93F7 + 8BA2825D1FD4AF93AB9A84A12212FECF + BE4EF5DEBF1848BB92EC2BABE2222FB7 + E5010E81AB1976FD4AD5CC40A804B906 + stream[256..319] = 4B6B16E92BDEDF277B5FAE0721A97066 + CB08A4C1FDE7CB6BA864A86C11311407 + 2B83BDFF5104E7BA30E48798FA749323 + 65C4A2BB63BE9CC1DAEA27E41E492659 + stream[448..511] = BBAD9D3BF9B2AB18F53CC61B5B2BC669 + B5D099A28AF0A0D6A767A9DF069BD93B + AC1C1573DC64653E4750C6B5F119607F + 3D87F4B9608CEB7B697655442198F581 + xor-digest = 9EC62446507887A4BAEF4AA0881C350F + 2AD1E176D807057D6894E82BC0BC7DC6 + E56090A3B932214181FC8628153E9AAB + 171CF1E134C03593FBFE861AAD59D695 + +Set 1, vector#144: + key = 00000000000000000000000000000000 + 00008000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = A978B3B7AD8626992E684D011963B296 + 1C11D347FAABAE59012DF088B2158B95 + 347F9D5727D46511F797BE502AAA59FB + 1433AE57A76DA01B9EFE2B2F18D3E1C3 + stream[192..255] = CABDE46B1A00AFFFB7960C98E75D7636 + 894E24F3DC28DB1CD7F19015AEDB83D0 + 6E9B0C3C71F875ECA8006A9E6297B909 + E8C2AF9D9EA50B2EE4A1DB6BE26E422F + stream[256..319] = 671B2F0ED8042E321D16FED1F4F49B6F + 0F1BFA7A63C935A850BFE915661E4228 + 23005AB4DDF97123A5FF7E3ADF3C6CC1 + 0D35D01E004B3D0F84727E702C35DC01 + stream[448..511] = 4118ABF80B94D331328D18713BD0E175 + 1F3FC85716097AC87E5ED38C95805389 + 43BEB16E1F1DEB61E4D4E805177D29A6 + BFDD0FE173880375CACBB75F81C8CEEA + xor-digest = 7FE0C63F27E1B19CA76C791B55577730 + 3056B20E05426261D7F3A45A2755FADE + DB9C82B7A16484200FDECFFC48DCCC56 + 2B03E3C4F0EC6049EA0FBDC10185C023 + +Set 1, vector#153: + key = 00000000000000000000000000000000 + 00000040000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 77B1F4E8565511F209D9F4E70857AC6E + EAE6FD4295B77111078C52428F13C4F1 + EA3994D84A3776F022D1440D311BE28F + 18B13F86EDBDDA1038EDC3430D99FDB6 + stream[192..255] = 752C994D76E55E4BC3F4F99FE4849D7C + FD43C2ED45ED7FD22A820F88FEF67D84 + B61318A343034D99889E1A6D23363BC0 + 75052E87EAAC0FEA0110FEEA75336B6D + stream[256..319] = 0533B286A8606720FAAB245089F872F7 + 902FD62FF24D6365DED10CC8B79352A9 + D427D43F94E272E6601B77766BA92A6A + B81B0DC43F4318F2FF3FFC4BEB5F6E40 + stream[448..511] = FECF0372097707D5201D44B990ED9BDD + 37BBC59BEEFB42A4B9C50BB34E86307E + 08DAE67D4828397C3AEB5C61A5354738 + E925C28A7C3586E9EDEB9F3EF2E683A5 + xor-digest = 26BF1531988579B573AB3AE977DDCBFC + F0AF50970CB5B0F65CDC5CC2B6AC426E + E1B3CAABFDACC976DEA70C78485B00B1 + 811F4DBE4D669D3BC285C547B56B9856 + +Set 1, vector#162: + key = 00000000000000000000000000000000 + 00000000200000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 3FD280CFA9C36C58EB56F51FA6080D65 + 6A311646F7F67AE841E4B53A3034B4FD + FE2B02103AE3E21832980973FEE5A2B4 + 4C5106D024892EBE4173F592AE773B5A + stream[192..255] = BB8FEB595B5F8B4AF5F5B1816ADEE0A2 + C7811F3D6506E1F23F7A4998DB4F5957 + BA4C4392E11040A2B09691B297DEA4B2 + 8645743BCAD424992518CE276D76F072 + stream[256..319] = D1BCDE2A3AD99412D78415A8A8A0B6C9 + AC77B55EDC515274EFDCBCA243D905DE + A06DFBB0E4A6D54C32F8802E57C3570C + 82CBBBD38684027F952239A05704B0AB + stream[448..511] = C9AAEC8B510A7DBC4AECE67C058187F7 + B6A0101D2BE4D3168F51CEE50FAD4A08 + E79A3100AB7AC6144D24B3FB0EBE7327 + 25FEF2899DC2F93D1BDE45BC6EAFA01D + xor-digest = 1F5F5C678021795E41085C6B4C8B89E8 + EA5C4235EC260ACB8298E7B41B4214C8 + 0D9548F729C8A3BEA148640D36469804 + 063F77575346E5C5DAF592E6C8F6EDF2 + +Set 1, vector#171: + key = 00000000000000000000000000000000 + 00000000001000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9A9B00959B1DF85E0FDFB6D11F8041B7 + 0275DECB0DA973A3FE1350AFEBF53638 + 1B03F5EDD52C5BDBA41006EE6A2445C5 + 9202537B26B3C449563A68337751C5AB + stream[192..255] = 472D13AECC0A21B08B5AC0BC6F78AE66 + 0A8BB9A8A0342299368AE190EA45771F + EA778449ECF64B5444BE97AB67B7C6C5 + 740AFD88003146EAF8DF37EA74C09270 + stream[256..319] = E5A0D8170DFEA041CFB8098C77727642 + 64C56953A3F8E38361021687AE91AF63 + A3D68A9F13CE0616FD28328EA4A5C83F + 7326C1F0D6E3B9117411AF8F883E75A4 + stream[448..511] = F964DDBD3742CE89648D21EA49B14348 + 5CC815C641A787E67D7489E5AE0545F0 + A8C8534E195E47F9C0D224AD54BD72C0 + 6B677D0F7C9CF3554F09B481DFF6EDE7 + xor-digest = 76D7257AB0DD8BCA4D3509CD097ADBA2 + 663437D30B9D9E442E4B0E8D88430FB8 + 4D462E77BD84D9F02255AACB45F31C99 + 023FAFFFCEAB7EAEB6A2875CC0C1F406 + +Set 1, vector#180: + key = 00000000000000000000000000000000 + 00000000000008000000000000000000 + IV = 0000000000000000 + stream[0..63] = 95658A5DC01ADE96440F57FC3131C507 + E5BC4EFCA919FC4BC0A56DB364592260 + 8C19F042594B5C874757DFB8B0C0EF68 + D08F22ED5E078F9E7903B269E897313B + stream[192..255] = E120EFC63885CB2B93966C18875611D1 + 5ACBA57F51A61F723611747D8E3B0BC5 + 12213A722C12AE9FBC27943BAFF41A0C + 89ED713C2F7EA5F37166BDABB3F9B9D3 + stream[256..319] = 449CB554BB4E7C22D0BF1E1126DEC463 + 9699459CA6308C1DBD9DEAA9EC1C3986 + 128F85787D6D69B67468B85DF5CD09CE + 079B2C6653DAC10D3E2B45587C217488 + stream[448..511] = E193D5EE9B76BA0937190C5217A0A0CF + 23D56DF7C3CBB238BDEAC22582F7F190 + 95B54B0EF331217BD9FA14805B68CDC8 + DCAB90D45F5CA4D0F99B21977D4B04C3 + xor-digest = E1E5321447B92364109C47B538D9FA18 + 0C827EE76B94C162395D25A3A684B3CD + C685330FC8F3850AC996EAD26BDB7C01 + AC3F7EDDA7E45F5084EA26D8B1219185 + +Set 1, vector#189: + key = 00000000000000000000000000000000 + 00000000000000040000000000000000 + IV = 0000000000000000 + stream[0..63] = F115DEA8B1647092400004A0577D54FF + 8D098F83F67F425546C3F6FD92F70FBF + 8ECEEF26037840B9E70E09A2FDE0AF4C + 4C1826FACEDDC94CCEF1FD12AB84F0A2 + stream[192..255] = BFF169D7BB9B109E819AA8F338CCB626 + E6C9BD82E4B9C283EA8041200B72D576 + D8C0557BB31631F34377AB443C158B87 + 6797FFA1A434035BA37C3199A6EFC086 + stream[256..319] = 3423344BE7ED86D3A3FE5E84639BB7F3 + C9B597CD4B335179AB6B7DA36A1736EF + 1E2C2F266AA4DC2D82CA5B245115BEEA + 0F0D0F0B9E8B49570446CE25755D6363 + stream[448..511] = 9620F9FFE31ADB4D73704DFFFFC44387 + 32C0974FA3461FFA8EA448F371BF90B9 + 5A790DA7A9FED8A75DF2AE65582523CA + A4C1C0639F85678F9C0E7FDF947C15B2 + xor-digest = CFF2F6EEADA4C95BD7AF9DD28A6DD4DC + 5CB3D1AEEA820E56D11A7CCF64E0C1B1 + EC654B9C27E9F7B76F8F3E12D76E78E9 + 42B6531B05B2E359AB63C5E863515DC5 + +Set 1, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000200000000000000 + IV = 0000000000000000 + stream[0..63] = A8AAEE8B9C37DBDBAB9363CB1FD3BA04 + 941BE75883DFA5EF99E0BDC26F6A6FA5 + 312BD677F61E31DD249E3B3EFE8ED5FF + 41C3FFAE7AEDCA129A800A3DF0E675DB + stream[192..255] = DBB517248B189B1568F645D94AF87F81 + 1BA90D83FBFBC2DCFF33507424F8C5B5 + C0C59E4D92B640872FC47CF92D613549 + 8153ECC945BB9E97079F06C7671F289B + stream[256..319] = DF6D89322BF30452DBC5F11D16EB9F9B + DDC8B29A3B126AD076A32E14CBC6B71F + AB1F916D6D0FA3021A489D114614FA87 + CFD26BCBA656AD2722AA45192AAA0888 + stream[448..511] = 0E636E94D6B530AFA6BE7483D3A9147D + 4B0CB4E49BCF09A5F77804E27D0F5715 + B0064ADE088EB906978B25A76E1C8583 + 80E5BFF7C35A3DA9E4B904312AD4A9E6 + xor-digest = D74F629CE53414F34009F1DD2A6A7002 + 58B4E96AE3E6E7F5ABBD1BC77A4DE3C8 + C715B1E536AC3486CCCD7A3153A1A917 + 6A70B0602012371730647BFA6F732C2D + +Set 1, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000001000000000000 + IV = 0000000000000000 + stream[0..63] = AEDB2F5EF24F0EEF9E2B4C628176B6BC + 4C24583434A114B66FA10E8BC272B4AC + 38032EA4E99E8AE6FFD12C0B86BBFE83 + C92BD33C8486B84B37B9CD978CE3BD38 + stream[192..255] = F29797C98D102CAABBDA2E032068FEC9 + 04F06D9A533F95BEA95CB2E77932A4EF + C18B2C8FB073D52CD6CF40891EDD997E + 4C2A69EF5F35639BC2E228F23BF1D17C + stream[256..319] = 4303E0EAEAC68EA81D0C642755C404F8 + 7ECE033ACF4B9138AF510D6C19AA7048 + 5C297BB1B934063184FC999F04A946FD + 77657813CF4A6209FCC977A6EDC8DC81 + stream[448..511] = 960D9D1031F75897BC92449D8FC84809 + 108B084FC2069FC69A1DD5087E203221 + D04A640A6D4E2D855DB79844C330B402 + 627A33E2CC415B822D49BA1FDF7B2663 + xor-digest = 143732BEE18644909A29035D8AD8B127 + E90BA86920EF5A84A53576889868D4A4 + 1A40FC53AFEBD8F92FA34B4EFCFF2B7A + 6BB2390D0CD1D1F05E33C60B44449331 + +Set 1, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000008000000000 + IV = 0000000000000000 + stream[0..63] = 84B3B0E73D6D7AC3A5D9766A369AF105 + 8803934EFC4E3BE6D43CA981A8D93EE0 + D0C9FED2F483535FCC5D8BE6523C756C + 443E4B0D9262AA7FA1EF5C516809374D + stream[192..255] = 21722B0F64F730D9F3459413C475593D + 90DE1304BE7A80692A8AE5B20431B749 + FC2573B06C7ACC7173461CAB4B2869C3 + 12B45B2D6DFBBECACFA6A6EE67EB0EF1 + stream[256..319] = 3D7561C8F63E41C115C629BEE3C9CBEB + 17B5B9856CE2AA52A1215ADEA831E50B + 224472DD4781E398399B7A0D5C35D5A6 + 749DEA84255F7423D86905275CCF4251 + stream[448..511] = E10BDFE94C2E2F4CD60DE35B9F39A924 + CF56A70765C00241A8AE8CB25F527CE1 + 2C4DBB4FE0AFD828C22489D7F4BC0434 + AB3503217882E11D289A4FCC06FF549E + xor-digest = CCF2F481440C02E0326157D942869C70 + 942F90AA283EEF7CFA4A63B8EF8AFBD4 + 5D24EB83FC6885AD0213EE54CE208C52 + C284F78F1A11E7C4BB899052857DEBEE + +Set 1, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000040000000 + IV = 0000000000000000 + stream[0..63] = 9304017033ECE78F3789AAE6633F6275 + EBECE0C1090C951E0F74F1976A6A47E2 + 72C6183A8B18384D3E4997F000C7DC38 + AE0AC0AF03AE0C97964BCAA4B37EE6E4 + stream[192..255] = 03CFB50D0C1540CB800B8FB2EDA6E433 + 87131BDF1B53980A76BA82E23BBE1E02 + D4B41598C5090DB93AA3B3428E8252BB + F62F44D0FB2559FB0F80EBA91F4AECA5 + stream[256..319] = B28BF06ECD6D020AF76278AA056D89C6 + 093E64C0F9CB3DD8947E4C383497CC39 + CB17D7EAB3DC79EE50838A0F69678CC6 + 82C5E508777FCF5BE10419A8DA01DE9D + stream[448..511] = C041CCE57D8C431409902CA93C7ACFDB + 52C5DB935CEFFA978EF1C620D010E854 + 52251E5F5D2BE25FB983F664336C7CAC + ED4E9B5890CCBAFDA213F5C1D5765601 + xor-digest = 1ABC41147D20DB5A3CEF47C67BBF2362 + 1FD6BDFE1242AE82427B97FC6003B5B1 + 141C9DC8348F0EC68A7BA72B626FCF2F + 71E93B1540E816FED2CA637CA45492FA + +Set 1, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000200000 + IV = 0000000000000000 + stream[0..63] = C8703AC9568B26608DB924A742B57C96 + CD56F92F0406C24950EA4643AEB90270 + 19B389A4E430961AC5D77189187E7982 + C1131B1DA50A0D93B128925F69AACB45 + stream[192..255] = 5FC26EB16EB4AF14A389CC9D61EBC278 + 3614B7DC6597C2C3AE81DFA3F1FE539B + F98EC9EF2F8155DE7ECAED71C0502776 + B6B2DF312C1DC37F28F4D96EC5026CF9 + stream[256..319] = D023769606D9342B4D3F2E286E8B147E + 9CC022B86F8FDE6E735CF651783DDD8C + F477058656B60CBA44041A048417772E + 2F3FC737B880E2A565BBF8465729F1E2 + stream[448..511] = 96028706B0B88E2871ECFC1FAF4907D5 + 8D46469CD13AC6390190F7BE6550A45D + 6C178421C99395901F36DE791C045B09 + E28CA4891B54F93BB4EB9397866818DA + xor-digest = E439F6436C8A01AC4D3F93FFB1592FA3 + FA59696024C0D7E46D1DC35D3E3D2BE9 + B1E538C7E7423CB71FB5950521ABBC83 + DC052000A6EE087CE171F8DDEDD42567 + +Set 1, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000001000 + IV = 0000000000000000 + stream[0..63] = 14D46414B0FCD93B5D38DA16353997C9 + A17AC2D871F443775400446ACCA2A6B4 + B4161EE20086C0177159D382F1C1FD82 + 64629B8AA17030BCC8DF5A57B2F3320F + stream[192..255] = 6996AB9DC7D174CE8AEC33BF239858E2 + 4764CBFBE6ADCDB53DFE638EF04C80BF + 856D6ACD0DD860C884CC5BE2C1AA0294 + FADA6A6DB1019F651909DF6AE7D0FFD4 + stream[256..319] = 9E4FB6192A93CDF609BA07F14EA4CF1E + 0966B1022BCF84AB9B19413408B67A8F + 10AC8ACE77C5B23CF340271CDF120747 + 1E66449A7E4618A458FEB6C18BE00D60 + stream[448..511] = 167D1151BDB937E40C7C43651CB0F977 + 04F506B26326EEC3827F13C3884D181C + 768A09037CE283171F16BA31FB96D7A8 + 2C7769FE78B0E9C97599DDA06CE6D1AC + xor-digest = A043B753B458D58BDAA1B675A132932A + 98953F0D7DAE2C798BBB96A9A0C23E27 + EA1DC2CC2013FF31262523752C954A4F + 4CBFC22A7FC3D570E01BEA392510A503 + +Set 1, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000008 + IV = 0000000000000000 + stream[0..63] = 7F198D70B4B1D1634C1820DE2004B3BF + C5307C2498EAC95F0005CDE5EC9E1B6D + A514829EB2315B6B43DE24263422B601 + 9FCDDF446AB4869209948AF5D85EBC6C + stream[192..255] = A82DE85BD15E433D9E30ECFA1037A459 + 7ABB72CC02F23E54E851FB088DFDA84B + F454E568C36011DF2B1AAA60B0A9704B + D5A5B7AD0E9AE9196914805C97FAAA9F + stream[256..319] = 36A531D53D846DE8AC03A126337D2AAF + 0E4078BA7B13B3CF75522A0BB1D82D98 + 672C7EBFD0F45EDBF6091C39F59324D7 + AC1793EA30A264510F5EDBC6A656498D + stream[448..511] = 7FD9052862D77E7577C663E457C4379E + D61735F39CBBB3B832204F00D9E7B617 + 378DC8C45E177931B4ADEB2DC1AC6830 + B376B019B547C5C75671BF4183E5B22F + xor-digest = 958691D27F52C5C8D9B33123AA8DD942 + 10BA24B37689B3AC795EAF71CFBF329B + CF37CB4B90B6DBF0D434BB24D114A881 + 52DE2E2C8E3A24C1C8544E7A81323A23 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = BD78A2F8118A563C761DB4F2FBE055DA + 97F90988D27594D9C5DFD13A3EFEAA3F + 68F0D2564850ADF5017433968E4B3405 + AC49A39532124FCD6F47E415C7028A83 + stream[192..255] = B26D54A90A4AEF7DE8B88B79455D3B04 + D0004055E07F9C05DB26D41B62FB8BFD + 0BAD2CCDC915BAEF1953A6BAB7BD123D + 07B5D2589418AA12668DDB6D0BC09DC2 + stream[256..319] = 47C62DB21CAFADE41016CF4A5AA4DDC4 + E8A6D57DED1387F24A52D5FF462D8185 + 2B137782AA194514D0DA7E1DC256D4A8 + 5EF48002B1007A61D402738B6E43D125 + stream[448..511] = BF6D97632ABCB97B3C36A9B75238EE66 + 5A9DB8E36559131F6D4AC794C2DC3AD2 + 33224485A3E9A7970A75518307DA2B12 + 9B508AD24B585BDEBBC862A081590058 + xor-digest = 705061CAA93B6FDAD318167490426A28 + 5F290366788B9DD29524DA4F634735F4 + 3A207EADFD68AE4E79AC1FF9848AE84E + A0E6E6ACBE6AC760D6E57D451FF22499 + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = 502FD12A40DDA86F250C55F568945A27 + BE9C24BF82368D4D7EA486ACE021871F + F3F9C9312F40C58FD0B416E6A2F5C66E + B74C6860942E39DC148A606BEABCA7EB + stream[192..255] = 3A4B7E72E1E9013EA527DD37F6A51314 + FE28795C8B6E6A96BC0D0D8F3D5F20CF + 5F35123A8CFDDCCDDFD5577349BFAD70 + A65A18A22C5016F446E4C49F26D9FB4B + stream[256..319] = EBECDF20D74758F17B66ED18EAF26E92 + E2B689416B3DB2A6842387F08062409D + 6E90DFA56CDAEB88A7024A8A349799A2 + BE3CB7E85C03BA23EA6BC9ADE64F9493 + stream[448..511] = 711D518891711EEF4CB033FE55B7F1D8 + 49DDA255F786BCBD337C90FC4B80A0C6 + 21643A6035B501DD7499658DD398F097 + 9F6B289F19875201F36D3DF51DF4B632 + xor-digest = E15D07DB9BC223533EA9BD687FF62357 + BBFBF568DF5287E32D0BDD2D1471BE57 + 561E938601578E9FFF91619C7C86DA91 + 722E7F1EEC48B6FF8F57B9F7ABF020F7 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = C4BB00CBC2F1124644BDC37DAEBE800B + 4271593267C0CA277C47C7B19E10D5DF + 4DB5B6A7D2B6EDD40F1BE0FD820E71E7 + 2AFFAF5F3F7E6B406F3BC5E21895556C + stream[192..255] = 3D481F6F1284523C87D4F464103510DE + 2A9E47EF11D03AFCD850BF0FC377FECD + FA4057C44C184EB3D8F6CC12AD9A6B57 + 974142BEC7BF6E36436A7661A145F351 + stream[256..319] = A2F86C1089C3CB2632D845D8E373AAB9 + AA98ECDB22B64F6AF63AA21439E15A56 + 30275D9AF8CD410F05077532C70ED4F9 + C323983C39897D0993CED092C85F25A3 + stream[448..511] = 84334AE3D87C00B82CB91D453B365AFF + 6FEF3D128B15C57B208DA43A4DE3D504 + 633A282724E5DD71519E157B33515D96 + BF0762248933F1B1C7FA16E024FD8DB4 + xor-digest = C510020D8CED8452F08E369A1E6BE347 + 4C4095E89059EF437FE342E0C02F17A0 + FA087D33C3356DCA99E9E13DAD3C8919 + 92745749F426AEA36396D8AB23AF6FCE + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = A1C341AE3AE9CBF35A2FFDA900DC78FB + 519539C0F72386FD1B1ECECB73AB7C24 + FCC7D96273C4893994F27758F9FEA16F + E474DC77F7E3A08810B5BF62909E5804 + stream[192..255] = B8CFCE5902A2A2F7FFA470E3D7532B0D + 7200201BBDA9CDD5B3CAE361F05C1C6C + F96FD25D7073079F64FC7BB18A2592D8 + ABE1929259CBBC2AE89BEB766FB6B465 + stream[256..319] = EF4487C6CF18093E846CB1327E38115E + E5087E60DE0852FB5264BF68110859A6 + BC33F409258FB2C188092B9436E8F057 + 440663DAB906C76AEE616964CDB3DC7F + stream[448..511] = CB6A19F6596B5753AD573F026E4F8743 + 9AE38CF26ACC2DF5634697F504FE48E4 + 6E956D41A9979EA0DAB9AFFEE397CB04 + 311B05370041B159EA4EBF12B58245A5 + xor-digest = B0B017CD43CBBA4407B585CEBB3BADA8 + 1BE65B2A04653E3C3912FB6AD5AB0383 + 408503B86EE0802F8699C9E02E77D9FA + DF710E11A6B7523A7649851EFE06DEB8 + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = BF93B87312B2856584B1CD4036A61DA9 + 56476639F76AFC1B96FE8A5A8ABEA075 + BB16048F0CF9917D115B442C3233DC2C + 429D0E19B12FCD50433645EDA7FF03C3 + stream[192..255] = 2B28D6A80F35CB0C16AB7EC6375B69DC + 7C6D66815F4298F930520D374CF6DAE2 + 11341B82490E004814C3D3FDC92E075E + 97F987215E087EA4970938BA4FCDCF93 + stream[256..319] = D165570413A606D818F606F7BEE5B924 + B229AA26F691B691861D8F06701BAC41 + 19B7FBEFBED06C4CEA2910B2D4DD58D1 + CA5C3F232C23525235C22A62B6266E8E + stream[448..511] = 095CFF8CF39798CDC4029FBF3DB62BD3 + B8C0E3BCE1E7C91EA8B5D3322F1A4292 + 2ABDC1203335174C5D0BFD3769D9A579 + CB118FE140469F474FD64F04B6334A6A + xor-digest = A71C71DCFC3ED3CAF7A3E061C7954EEA + CB6B6AB503C7E8E34186768A35925C52 + 40E12AA9631CE5C696FC9462DDECA3EA + 7C30932182C1F3DAC105BC1534B4E805 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = 1120733B9370D243F6F1B52BF775E95D + 9AB2B7EA4B092D65DE2908DCA58DFADA + 9ECA767AA96700C61B37A5940C1C2E9F + 7E1A09179DE268EA974D269884293986 + stream[192..255] = 5C5BBA191E2FC38197B186A2C5A17694 + B0FFEFA6A51EDC5FD5CA8D21232E9389 + 48465D4097F489F5047D6227E3BD80A3 + FDF3EDBB7D73E8576ED1E85FC5F2C97E + stream[256..319] = 462D51A6931892C1D9226396E6667F4B + 86BC6803034357174F547E617F4C9A70 + B1BD76149EB15E378205ADF4FC97683B + C833A7924497FD3427FC15CD92D1B082 + stream[448..511] = 8ED91B4DC9473FF9F709B0B1936D54A5 + 21130ED889BAE71483A95477E0741EB8 + C80C04BA68585B2B9142747261B6515B + 63E986BC80C743A3A7E67AC068D552BD + xor-digest = AA1D2E8DEBD092EAF725D24E58916CB7 + AE51A821D9C02E7986D21E376B89AC21 + C311039D3AA6AB46FE530BFEDBBC894B + FECFD746C32714115A7586A2E920E17F + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = C601B6BC6027BA68B64393F248DE8B3E + 3E089ECBF716EB676AD04292FAA784F9 + BD6AD8E3A77180CA09CC46F027F437A0 + F0C36F36B565D1D96E16E98BF772DD12 + stream[192..255] = 8137B013574D6A3B8340F3CCCBA65172 + 78BB1CB29ABE8B52205C23F75C575058 + CDA9DC91D2B1F6078FCCD023B8F23308 + 531DDD41AA479B418D8BD2DC8D63FC06 + stream[256..319] = E7F7E1DF52B5F991B88615C70DA7F216 + E25D4B3648654FFF43F365360A7EF29B + 34BDC3AC1130E6785498FAC553B51638 + 8B68A801DE16025975DAE8D53863CE60 + stream[448..511] = C46BD8B37ADBEF8E11F078A5DF4C8C42 + E8DF021D8A94D1B41137F89353DCAC05 + CFFAEBA9E7D1618F86059C9E6C825A9F + B58FD32AE0C4C473C6704EB39BA8677F + xor-digest = 2B3DDED292619EC67AD252009C564CEA + FD99A959C064C3CB5ECD0FB43EB0D2F0 + 3941CF1739E10B84863D55E10E8697E6 + D39B5557CF61A41476BB73546B8985E4 + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = A342F1F443E77317CC3BE8A16D1152E9 + 684D89A49D647B9C641D66D475E84BEC + 37B190EBCBD9CFD2CDF1875ECA1E207E + FC63F2611C9C1D2EC709802DFF4B092E + stream[192..255] = 496C4D445B61EEBEA7F3178A16DF39FE + FB683B65D725605508156A747DBCEC76 + 8CEC9EE154F498B83B669B5CDED64972 + D561AD5B380CC935C66B95CCD6931B41 + stream[256..319] = 5D52BB16C1AB53C6B39136B5ECD0FF0E + D37CFF1CD7B795B8C6DC2FC6D11E8D7D + 053EEFCA3F4EAA49B68684FE584125AB + 0D26B970A06E3B0934F37AEB59A1D274 + stream[448..511] = 589012527D6CFE88F487F503657F35F2 + 7CB688ED762381B10A96184E381963E2 + 5F4172B28F6BC975364D416706966D20 + 8E1EB12F461086D43C6F8566CD00F1DE + xor-digest = 20B395380C965521DBBE6E58A9628D7A + BF86355DCB8343C8AE843AE661A23F33 + 55B38DE2F02878B08DC9EF9ADCB25D70 + 8D3F247AFC165C7DE17ABCB3F8AD6E5C + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = AAB04C19C70C17749B9BE1E07255A5EB + 05EFF0E71D832D3A6BA0329318B3E283 + 53472B0D558886792BC5836A7E265825 + 8F3A4F3787C52A9526177D37F8F08C4F + stream[192..255] = E1EBE11AFD3B7627C46A77A197920F1C + 3D2C5DDBBF65A0438DA3F83EEE372323 + 5BEA04DF7E08504BA7FF34A940C1BDE3 + 89062B9F02E7E74E5175751B7A57F548 + stream[256..319] = EBB7317413CAA37B4ECF5D70C4F5DB5C + 1EC54659CCAD09D9D6FB33ACEFE9E029 + 7619CA8CCE41E32407FB10A8D02BDC06 + 872DF91778963DA73CC80E1CF28B978E + stream[448..511] = 6B4C2C58B1AF907204935261B54130BA + 2FC71423A25C214CEB1E11FFEA3205B9 + C6D906CEF4A49756DE67AC5B90C6D55D + 5498F1A3482DA5BC0AAD468B9F6DF49E + xor-digest = 435BF985729B54177902F6FD552A4893 + C8BEF9F0B020A1A5BD8E7332EBE39B70 + 238DE493722977518AF8422ADBFD51E4 + 5723F85A3DBD65B874878A9F7324528D + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = BEB253BF80EC236DFE52CF8B9812312B + 03A5E6E836144A756D8318612B0CE00B + 44DB4E59572091BF52967977975C71B4 + 18D2215C754A7A8FB7C5BE7E778625F9 + stream[192..255] = EDB3F9282B8E29C0D67A746A6DE88AEC + 121BF597651323E83999CA305B5D66BC + 05BEFE85FDAACACBA5EA97AA8918A535 + D67B545CE3FCC25F63CCA10768584A26 + stream[256..319] = 7DE9BBCC97E07450381B9173E2ED5093 + 9DB570582EAB5785C8413341E00648EB + 42FC7032C5F05D52D6D303B1E6E22A85 + D3EA6B5875D38BA436D36C6B13C8FCE9 + stream[448..511] = 339F6AA77F7FD1654FAB0C7CBF847FD7 + D3D6C3D0B545CBBBE9DE9139F7727155 + 9B46FEE27430B0D0EDC8B2CFE872DAA8 + 0DCF920FE5C09FBB0C05296AF336C538 + xor-digest = 1A8EA71728D1C75E6BB431CC770139A7 + 9A9A48031B344564A0A0B572A3BD74C3 + 4DA48355C0C0737362E51423DE283546 + 716FA15C0FD39C4E47EC5C4B989FCA5D + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = 60CA11B797C8548C519E04286EF8E5D6 + 4B5099A29FC4D48059A1239C490450EB + D212D0A79A19BE683D6D5A4BD5DE162D + 68D73D34440D329567DCFE2E7181CF66 + stream[192..255] = E8E23059AAE2F3B5C36192513102401E + F32E7E60B1E3E9C0B2005724BD7CAB32 + 2D52C1C158EEA04E6341B386FBCA6EE6 + AB22ABCF4F9567D55B18658839B0F415 + stream[256..319] = A68BE851B4594EF4EC2384823ACDFA42 + E4178F6B249E8187BC2FDC8AA57CECE7 + B42260DE02C7976F4A8382072DE8DD71 + 77109610B96295084632AE5C221DFC3E + stream[448..511] = FFE73FEC0D0A6BC1017F9BB7D63706E2 + 8C2395971FBE6DF39C4EF21AC50C2B0D + B438681BC0863EBDD535270197B6B477 + 7BA13610569D4FE5D7AB12445AC41D17 + xor-digest = A2FEA7C6FCC7408D325B4CD49A2F5AEB + D7ECC0E665633B054352D58B548A4D5F + 8804E32149D13FF34726CE20883294E5 + CF84231A165004AD1B1FC7EDD476D710 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = 086EE1F7FE6A3702AAD117D83367C282 + 715082C01B4ACC70CE0D68D89793DB57 + D284CA73C919109EA81C1D0DAD01067E + 2A570F2882B1A8BFEBE06A4E621F87A0 + stream[192..255] = 78C21A6DC2A3674D09C81C72BB40B843 + 72A50C4BE38EE7B1ECB614F6334EA452 + A668B2BF5C235942ED4BDA1478645218 + 9FCABE8EE3885F705357559B2855EB53 + stream[256..319] = 3D31E2343A710E05FFD8D5182580A8CA + D6CC95D3A784D3EF114E6DB8AF71F2DD + 49B565EF1406FC96EFC7D4973418EB92 + 11D35CA399DC7CA8A0F80DC036B2437B + stream[448..511] = FDF571E6806116B684FD7D274BA37A6B + 9B28A339C045A410B467C61E5DB890DC + F3A2D0987321D563BF61A3D2077E5724 + CCC9AE68068F3EBC36D85E2F767726B8 + xor-digest = 86C275579ACBD9629C6C55C5AA26AA36 + 32319A00F6103820C47DF1E87449C933 + 4E0A3F6653976DC8821D34111174E935 + D4E0D22F8C11844DF6481FFA665F1084 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 86CFD326356856ED1972371B615030EC + 40B08E23AA0C2864642702D5B43D339E + 10CD594AF1F8F9E1334285B9AA850D7D + AFE359BDBE843E5C585B8A52D78F60EC + stream[192..255] = CE2C4B0D6F8A2D8552F50FBF6E34132E + 6743A649D6DA5A80C390CE95DCFD2DD6 + C6DDF8C1A9D5DB12651BE63213020B1B + B8CD7543162B688B07C2191FCDC4EB72 + stream[256..319] = 9AD4DB6D6DC9CC08FA9E28B6152A58AE + A7F5C943ACE7460FED25DC22757FFF9E + 3FB10AF1F0C151557A188CB5600494AF + F615DCC780849C3201B7FDC85C594912 + stream[448..511] = F29A436C80B185F949FE69CC4926E6AF + E74D179BA7BA6875C767210E6209F196 + 66667005D2D32D446F7E0C2DE6518665 + 5201523FC952CC92EEEE5FB46087F189 + xor-digest = 02823CD1801107255F8C4E822E76A042 + 3B783E0A7E5D33F5A15561DDECB99AEE + 91B41CB507FB010ED2D4582794F4B2C4 + 2B8D26CCDE7BE6204DEFF44BCDD43EF6 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = 213DD3DCE3BD83E16D92224AD4CBBC93 + B1E6B037AD26F7F80CE93A1BCEA7AA22 + F414237641A275697FDDFA83803DA526 + A044BC04F298F82BD97135CA821742B9 + stream[192..255] = BA2B544DF3F9FAA3E85C1A62313C3A84 + B0B72E1DBE6AA06CE5B3BE62E121C3B1 + D7ACE4118BF04CB816BD05B1732AEBEF + 18C48826A3A9BEE2DC19245667363EC9 + stream[256..319] = 4D7362FCFDA991F642D05B332DC008FF + F754EF715C7BDF0CCC22E1A3B53B38FA + D26F17D685D724A015289E400DC27EF4 + A471CA4F41EEEE5EA39679C48BDA06D6 + stream[448..511] = 684C3961C25A4D137C3AE50E9C21736F + E7DF4EBEF1D734EEC3F25537FF84E2BF + 235B9BF74A5E572897972D94F6C8197F + C6DE4D9F6B6D5F42D89C2E6E808A1D2B + xor-digest = 985A5757D3D1AEBDA6BB9D46ABDF8606 + EE80DB153B7AA794099877E24A270A38 + E5C7E6E713443259E85FD768636BB957 + 8DE0A9D9FBB9AFDC6137B72CB9E3DC49 + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = 0551BAB03BB4BE93992ADFF8C21A46F1 + 4A800C1F13FFB271A81CFFC7F1D2C4C6 + 77EE5A9A2FFDA1D9C8C34712ADD11F5F + 065F9E3309036AAC05A8CDC11A69BF7A + stream[192..255] = A48E21CE027ADFF9376F8DF73F083B58 + 22889D88AB09CB60E16B9CB7B31A5668 + D78C44EF5BA268D39608761323103E5F + CF57E473C0AE71891B4C569DCDD6D15C + stream[256..319] = 84293E84C7918880D268A75B59F418AB + 19E2E65D84C71B243BD361F567EE4E75 + 8B4D92E23E106D0C681DBDF21F6A1F79 + 128B49A0C44CE7C2A8E362DB98C4001D + stream[448..511] = F01AC73489301A414B97226F50B66E93 + 9B9C938A917EAAF0BA257AC7BCA7DA65 + 7C61EBA38BEBCABE03EB57EF85DE9F76 + 092B42810811CC5C8B2D38C157830618 + xor-digest = A03E63F97E770277278437C78FD6260B + EC6C48700E7ED9AC7DBFB9B29BEA55C1 + B188C8DF2238D4E2A723402CECB2082C + 146B51050E0E44321CC82A59DEBAFEC0 + +Set 2, vector#135: + key = 87878787878787878787878787878787 + 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = CEDBEDBBEA889C2F1297E66143D49331 + 6B17D6D49903C3526D491B50594669AA + CD5448D143130676316344D12F370738 + 6932EEDB15A4FF0C4AA884C50ED7597B + stream[192..255] = 73E08145584DED40393467D34F53CAFB + C1D49E187320601F673E9C83A6673027 + 3C16B05031C6AF55478280985C7B3B74 + 600FDD37F1786C7C11384150DB055DA5 + stream[256..319] = B8ED2CD03780285CAE3929D32D803292 + 5E23C9FBBC5793F9051C4471B14FDBAC + 967ACF4FF1AE5FA2EFC82E074397BD3F + F050503BC9C9DA0FDEC16A2B976F09B4 + stream[448..511] = E36AADF2E9EDB4F27575F95BBC56B7C7 + EE375DF2FB260F394D6B7AE2E0996747 + AB0CE3169072041471BC13DE9EE2EFE5 + 8D9D939EF3DF5F41A3B30109B2DC9CA3 + xor-digest = DA3B913915B231C14D7592448B78E54C + 71B96C1D4657AEAA9D35BF0A260E1B81 + F5848E18863585DD997D3B0B356B182E + 42FB631BF12DCFD04D49CA848E0C199F + +Set 2, vector#144: + key = 90909090909090909090909090909090 + 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = 1EAF9987509E6FFC3CFC0AC8C285EE2E + 270A123FAA1B22ADD2E42F46D6A268A9 + BE109873E2B0F2503AB7DD6EDAFCCC86 + 7BB723956716A6DB5DB82EE62697F1A8 + stream[192..255] = 48B47209D27B090CFD828733860FDAC7 + 4A06FE3FBB0FF0DF60C0E8E433E0D726 + 7A95110A2525DFA636F7FDDC5B5095A6 + 7710EFA1FC913F4FA35BE2FB4D694390 + stream[256..319] = 570F478690B4E918F8A813B790A4CD0F + 05D3AB1FCC9A7659CEF9D3128620576C + 8414F818ECE1D79724D2AFB599061BC6 + E281D1F9D145B7A2B222B17DEC46A08C + stream[448..511] = 5C28A972E602CADF119A184C4237F043 + 401944E09C82080D9BD6E519DEB6E0AC + 2DAE03A1A7AC16CAB95A7C1DB03E3521 + E816942939DD1F9822A5E0C4FDA1A263 + xor-digest = 9CE61928679DEC4956169C8547C4232E + 53A49690D65E4A151F29FA45640F5932 + F371F9785C9139A3A21116912FA3714F + 15D598192F5E003F6AB5DE5591EA5F78 + +Set 2, vector#153: + key = 99999999999999999999999999999999 + 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = 838BF86C9324F9EC7961B3BF5AFE68BA + F55583FCB27864ED3329F0613F20F04C + 9FD625F1C6C7F0F5B1E9A1FEA3A9E18C + AAA45993E014FD813C968112CA642E7B + stream[192..255] = 2403B2952FB9366AE4CAA38B5F28DE39 + 60D968107A0DB23C5160013DC08765AD + 7137781658B368F5CE80FAD4FBCC2368 + 85230940A4A09EDB80B6AD2C7739D690 + stream[256..319] = 76FDE2E157CCB2996694E32018F17F89 + F985175FEE5F81AC1D761582CC805FC6 + 2429F85A410BC66CFD1184ADD932C52A + F354120D7B39918BC11CAD25FA902E4A + stream[448..511] = 0628DB9A15D3294F2A4ABAA982C4CB08 + 9434446F61E6DEF2B552F42A3A76633B + 030E39C0F981FA2016F00C72ED2074CC + F09BC1D2D5F316139798C648A064EA77 + xor-digest = A4471FFB0477B66D98D8FF1A8D0B190D + BF08CAF284812D1C58DD199A7925F650 + FD68C5A9120AD708C6BAB4696874D88C + D49BE92A34049E8BBD0E119A9AE22ACD + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = 95E4B88A9404C242E7738754680F3EDB + 59DDBD3CB681E74643149DE0E8CB92C5 + F7759AA64709CB4690A677C1B00D5484 + C753D0840E77F3136A1BF8B548E6F992 + stream[192..255] = A82BDAE1A0587DD1BD42529A234EA560 + 67AE5B0646ED5D2F0D91E91B05AAB2F2 + 590E5E6FEBE556FAEE2EEBD18B146962 + 54ACB8D5FA530E1286D9BF25263B2B0E + stream[256..319] = 39B6F0D96EEE6BF0F535156CFF2DEBAF + 76E402D33A17B90E0A6E2594455E6350 + 08DC040016912FE5957F81F1C5957F20 + 62E297E437B524BEA66B18DB71DEB8A6 + stream[448..511] = 90575BC9ACE284748A5D5C88FBB67B14 + 1F0B2F997A286E499814B4450355E765 + DD8A12A758C482C77C318FF0224E8101 + A3A8AE151BE6FE749CFC540164BD57C9 + xor-digest = C0ED332BEC2029E9DE93B8B58109894F + 855180EB9F2345F344FA185DB23D81F8 + 3305D48C1A38D209555D535AB2AE6EC3 + B1EF3F40369D9DBA40C64CC08AC1F1BE + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = D776DBB5A293624CAC4E80E0EA62CA46 + EB16BA6F2416DFABAC5A788D20D7F99B + D192AD8DE4B8088F3FD610436645BB18 + F0977084CFF58EEFA9114B90737EAACC + stream[192..255] = 5B2CE8996EE58CD54F518470CC59B352 + FE36D1479D23B997AE4D5A3D775C9BE2 + 8944E1F227F73955A36CA488986A40E8 + 56D810044DFC60801CE0CEB1C7BDD74B + stream[256..319] = 8FA5126A205EDCE05992F46C67DA7BC7 + 4D7CE666F82698A0D01CD6F3C295E223 + 6ACB7ADC9DD16D1DA2D518EFA347AEE6 + CA40A41B915A2DBBE8DE7CBC77585679 + stream[448..511] = 53E4AC4B44A8FBA54F6360E9C9474E06 + DA67777F25D8A898E2E00F30DE66B145 + 63112FD92B8DEB2511A58951A2C5F4C3 + 86F0CFB5CC8EAEFC40F08DE5E4E35B57 + xor-digest = CEA5BB6799866C5D9ADF354C9C18D70C + D2CF126E90347393A7BCAC9526075F4D + 5F2CC464056006E4291F1ACA4C506D21 + F5E0C6DF1EC4E5EE5612E48649E92EDE + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = 66CC59EA2C9BD7A54DB3A6108CAE9CE5 + 18A6CCEDE8DE2494DD719BD85CBF2DBF + 8EA69971C985BDF5EE86183DF6C2ADF4 + 76968AC97BEF6F857248F2D2FE733CD1 + stream[192..255] = C62A000ECCCEB3196FAAA2C952428C9C + 86F886FE40F8D7BE4C036FF5D6179A8A + 15EF8916DD3E5FC94538D7125CED434F + 6AB07EC4364E853F38532FB438803D05 + stream[256..319] = 999D12E53E5DDFA5F1F1F9AE02A79D8F + CBE83316BEBF3A693CF5BC69C6CDF910 + 40A214335C287674E156C1DA21685433 + 3203C2A15CE8EE1F559A0FB904475B51 + stream[448..511] = F6C77629FF659B41A71A61CE2E00DBA4 + AF665389228FB92BB162231DE4F11CBE + 8FE89B1ABCC0FA090F900BEDC4CA7061 + 72E6D49AA6A75DD429945A7BE10DC6BA + xor-digest = B189D7A68E5A011EE4D7A74B13793C30 + 78DF4B22897763BD3576501ABF4EB945 + 740F3398D1DA826B44A7E3223340070C + 33F75157F1185734E51C7A8A1D626331 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = 2A0A0D51E38B3D4C958262699626F403 + 62B3DD64855AD052F5FF35634A5ADD29 + FE07711A312D244E0E788CB17AB9FA0F + 80F2011AB76C101989D1256FCF92ED27 + stream[192..255] = 9015DCB12AD8CDD7AE00B74DEE9756BC + FE1E96DB82DE2103046C8D32BA4AADFB + F4DCABD8DB61D3C2D24E6778DDA3D0D9 + 69DCAC2D9031DFFD817E32CDF93E7BF2 + stream[256..319] = 88FCD9683309F597CC1FEE3B597BD871 + 0ED01AA0205F0673B9B89571BD4268B9 + BC339CDB7C150DCF8A86E5F907798639 + 9A1C2D93A1A7130CE8EB3ACC153C2C64 + stream[448..511] = C471C3A2B9CCC7750DE5BE6FD0079A7B + 7B820E220B2F7E221300883158B4ABFD + 173275BC4CD3E268383EBA8B8FB9DBF4 + 501AD0A8EAF044154D23E31D46849E09 + xor-digest = D31495B1005A0AB28051F883E9C1D021 + E654646F328A2570F453D3A31CE1FF38 + 41FA0D3A70C0256042F26696B2518A83 + F6364F8C21E11BBB3A453786E4E63954 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = 400E1EE3FEEC8039F95C584ABB0F0109 + 1FBD677D35A588D00DDC1CB01CC4B6F2 + DBB96B093383CDA0C0C97E94C024834E + FED938CE6FED291E4529409C4B617443 + stream[192..255] = 4D6F8C12AA9A58EEF4928BDB441B7021 + 305ABE8FD224CCDB6769269AF74D5588 + 54EAC5E317B72023A6174AA2271435DF + ADB19B30D5C0D25CD5CFC45047F613FE + stream[256..319] = 17376A07C62F9902B5D0A094A31A25E7 + 453E593E9A00B455D3749F1E7FD1453C + 3FF1CF4DAD5C4D55EC22A074BA61B29E + E8B6873A6EE03EDF7A8D8A735D48F088 + stream[448..511] = C043C07842007AED090DBBBAD900EC4D + 62F9485DF314970027F0A831C632A47B + 5821E1DBE0B2F87A1C4695712D9954FB + 8431FC54FC6B6BCF31CC6CFE6226FA67 + xor-digest = F1DF86E9DDB7D9319A43E3FE1053FFE5 + 0AB03172ADFCDED6D647E714B93725DB + 0F72B11BABE129230F183199412CEB1F + 9E26A1F55E23264AA5371C7B8D9DD760 + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = 3A884901CE2FE7E2C92B83FCC7851711 + DC1A248C93D3D0CF51E60E723E3B286D + 7278705D7170915035A3A5633AB266D1 + 7800D09BC1D88BD30AF579F7A7741350 + stream[192..255] = 469BF47A16925A4A66A5FAACCE90DD17 + 63B025F46840645545CA8E631432CB63 + 5F6B40FE4D4E5FB11E8B0C6763B0809B + 1D33F3465AB3307EFCF9A07D63692182 + stream[256..319] = D2E3E70A50C52FAF3177DA9B37774E9C + CB0993025FFF6D512D09470D30F6CE5B + 9FD74CF69866894579C13873630BB756 + 8934B6C5734F1C248D844CA5F8FEB697 + stream[448..511] = F99A709234B57B1F480A636E418388FA + 5157F5E735C95CCF6F87DE0DE719685C + CA02458660E824211653B6A513E00E14 + 53499F9C4A316FCD1B3C3B0AABC4767A + xor-digest = 1E5D0C73621DCE21D371F75459529E8F + C06678530B2979DF405BCBB0B6902FCE + 4791404564791B9BD02EBDB2D7B177A7 + 672759322184041ADE6EE019047E805A + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = 6C79462F32EC653185AFDEF23A228CC5 + E0CD4516BBB3514544362D07AD9F5B64 + 9A7601234BD0C72C57825A6A3DBBCB41 + ED82FC1C98D5A9AD7AFC5AC84653BC11 + stream[192..255] = 6198891C9AF821BF222323674D8629DA + 64BE13792E65704653ECA9B24322847F + 5BBAA386465D5CA6C52C7863B83C45EA + C026B3D2EC279F2EB997EF6C09AD99A7 + stream[256..319] = 4895D171F47480D853E19921C35CA02C + F4C6D389F09B7CF449DB6EA59237ACE8 + AEF1A4A3AB2C07B065E60CF17B696BB3 + 4CF9423039D80B9214A7B8F770E5EAE2 + stream[448..511] = 228AE54F43635BD6CD905FC882E33330 + 557B0A31DC71A6B7C9809A5E7C91C4E8 + 45B4A78D40D3833FD03E2527D3246427 + 73B43E290F797857C510114B60719AE7 + xor-digest = 7A3F26F2DF71AF6726F7EA34B30B4019 + A7CA0339D8914620FEC91753267D8226 + EEE5CC55C45F34D1FC60A63920A3288D + 960FE1B82105079241AA8E3691C97107 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = 3B353E3E965216E8A472F98B8EF40551 + 5DB8F69ABEA40EDAAD45218F42E5D179 + 107D4F1B687B816948E6EC56B4CA7187 + 9AEBF0E038E66EDB45891F689DF25D76 + stream[192..255] = 190BE689A52CD2AAE9766D37E3208390 + D6AE3F26D46CD3E806F3EDDBCBE23BE9 + 5E352A5789C6FFDE9ED9AD3D16FCEC08 + 0CDBFAF768FC7A78AB2DFE1E95828AA4 + stream[256..319] = DF75A7F6B728E94DFF932DFD47CA2725 + 71A38607D7006E99DB8A5A184397BDEB + 6B9E7233444FDEBBE0FB26504B7AE2D3 + 9CE38C7EF60358A8B87440EC831F4CA3 + stream[448..511] = C22D227A340E0CA579AB4D5B7373C306 + 8BC88D5941079D465E1AAAB9182003B9 + 2248E697F2945DC3B048482417538156 + 82E48992D6D91C4EF63802D8EB97A9EA + xor-digest = 66242C4343D005DAC38B70886C518AF2 + CCAE53B67EC60251C9782D0476642AC4 + 53BD63EB7CF634E9CA2505C9FC430054 + DE068DB0045D190013468FED7C7FAACB + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 028F2FFF9F4A343F56ACD18E417BF1F4 + 06E5372F8675DA604B87F04658BCAACD + 2CA8BAC22310F418A9808D1BF51602EB + B40B17AF425FA62145AE9F07AEBCBE64 + stream[192..255] = 37B404CE286F761D03A5DFDF13998194 + B6E8B52E9C086A0735DC8D8CBA92E40E + 024EC906C0E07914BE6C94DF48EA6DAE + 8270E04D029F2464C4C2FE6E77B11FB7 + stream[256..319] = 6B168F77D7944C84EB60AD8786A2CBF9 + E013A440ED8BA0A349E90414B9B5FB3B + 7A69AD6E1B71079FBC7EBEF3B048AC20 + 717538534FC69019EF153071EA3000DF + stream[448..511] = B8BCDAC9713AFBB489E7065A5A1FAE83 + C72FD27E4F61A2EB9A9DE3D3EBB83727 + B33AA5A1B858B12DC056693305B35092 + 7D9F0F939C2EF9F5B968F840CCC2165F + xor-digest = AD64EE8B437E6631ACE86B34B0D2EDA5 + F7EAE0EE690DBCFAD119C51DAAC3CDBB + B41D6B0C34FAA0935C497FE8AEE2FCAB + 8A7BA6ABD43674EC54F6252C80882C87 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = 3EF82100AEB325413DDC66C1F0F3BB8B + 32CB76FC2BC6F554F227BE4F558BB529 + D16DE5C00742C9343B1C7697EDF58AED + F3DC8FF3D0F7AB4FCE824861A1325014 + stream[192..255] = 4938860A4056C19547C2F3D154BBC628 + BD04DACAF493C12835F2C9CFFD6E6363 + 8FB0C3DB9D128E9E89ACA87C1B8E846D + 63D16FD6113FA5701C793FA22F3DABEF + stream[256..319] = 9FE59D216EB945C2DFEC191C537A36F5 + FE9D314B81599347AC7C44BC66A4DFFE + CA30A8B5CFA643BDEA4F2328898D2133 + 8D5FB9656DBF839FA6CDCB2239970C22 + stream[448..511] = 738092AC1C945AA515EC7015EC1E0069 + E019E493AE21C3E591AF6B073EF291A2 + 494FA42AFDBE140586BCBC07E9097294 + 36D7A16E2EE7C9FEB2BB2C8296C5F719 + xor-digest = EF7E13981E3584A23EC45EF5D87A9987 + C0C1793CA69B4B1D45F5659441F94368 + 7F5B8BF8E927B8D6F9C457647769FBA5 + EF96F5FF096310B6A43F691815EF4071 + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = 576C594F6C5D1A1B37DDCBB458E4015B + F0825704553740C0DDAA61FA45CB0402 + 673E22FED29FAF73E4DBC9B5182FF904 + 44D0FDAFB6C7857B81E21193526CA955 + stream[192..255] = 953F56F89601AD6EC1B73E218406E917 + AD5EF96C6996069DDD51AC5E68FC4502 + 805698AA2E6536FF630CE0E9BAB6B769 + 2E5E0C13747A849444CFFCD53E901B03 + stream[256..319] = D1A5E8AAC58378BA64A931CB7D871FD0 + D472E121E6518449D75E2C43D5A4A04B + D7FB9FAFE7EEBB6E6F3BCD9BEC01A77A + E41701FC3D91F43F899E5B54286630EB + stream[448..511] = BA6DC9518AAF9E21E5AD3B5A5385C1CB + 93F201825B73FA907DF9BA5FCF018910 + 329721FA9F255024566D16C3DC90E448 + BB9198C46B013E123D7FFFA3E0B8F495 + xor-digest = 1BFB2203D3EA5A1E5CE6EE224F6DA465 + 81850FD8C686341B2DB7FC30A4C99B61 + C20B8EC02C21EDE6E18FC59AB1086E49 + 7D6B6F5E69C45B65C10387AD7787BD98 + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + 101112131415161718191A1B1C1D1E1F + IV = 0000000000000000 + stream[0..63] = 83B8FAFC9D0877ACE5B32BE82F2789C6 + 20E76D38E6E102FD5FBB7030C983F7CE + 0DE2CFFA74753DC7E267D26B6ADEDC24 + EBCD0F85C2F2384D7A46F7E0A3F12801 + stream[192..255] = 8CD28DE6B67C68923F9D43EE80B79A8A + 17CD699EF88219544714020835004093 + D31EB2569A49DAF0FEC5CEC7E5C0D109 + B81A37E1F283228D526B74B1121E4882 + stream[256..319] = 5380893F6A6101E0A326034DBEE3C4FB + A5CAFC6935396A83FBD9F6D8BB82F005 + ECF507F185E34D21E27CDF50BC7E860A + DC843EC1288B16DBE28189AB59BD2FD8 + stream[448..511] = BA8FAA38C8E337089F7BFCDC9F86E49E + AE5540C9CD3A9F69B739156FD68A2A53 + 002E0646DE04655BAEF5CFAA1CD2B103 + 130EE442087A9A67E0FEBB2024802FC5 + xor-digest = 0C1BD98719AAB70E1D01C8DEA9A44BC3 + 0D8529BA05F413A75A95003B4C4FF43A + 856A8C39DDE290074B2C95D0C8AFDC92 + 5CF768BA4A8076BACAB76A9FC8921D2B + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + 191A1B1C1D1E1F202122232425262728 + IV = 0000000000000000 + stream[0..63] = EE057BD65B2AE68A93C63B6990F05B12 + B18BB6DF74ECE11AF4549821D6206F5E + D0EB0FF4294A4637BA096F393BC0BCB3 + 482E126C6BB9483878D4644954C8EB80 + stream[192..255] = FDE4CC34D720F6C87C5664E246D4D638 + D59596DD9A53BB4701F5CC84473A2C54 + F312B8BF1E56BD3A9236524283088532 + D50E437F8653FF70D376162CD046CCF9 + stream[256..319] = 0D6666E291DA4072A2AD160B5DB1BB32 + 0BD1FD43B058F85DD7A65567BEDB9B40 + EAF9191A965E59D36BC859C2A99B79DE + 71076B3EAAC7CD3949246D27CB729EAA + stream[448..511] = 3370DDF88E879DBCA5EC693C2666468F + 7DB8C70FEA8BADB27977059D2D3F9968 + 75900742E7B867116F74BA3EF389E5EC + F9031A95E1E9DBFE54DCCAB7319CF42C + xor-digest = D92FB594A2D9DCA9A741D46E93843C14 + 1F896DAAE538AF8B390E2448F0A7AB90 + F9F98FBDC90161BE28F002C538932335 + 3B9BAF717D551F1272E0AC32EFBE3156 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + 22232425262728292A2B2C2D2E2F3031 + IV = 0000000000000000 + stream[0..63] = EBD0586F334692B88D4E5CD9CE8B0E2F + BA04F466344845B61C83C280D1D07699 + A1A8086762C51410B64BCAC7A21E9F33 + 34634E492D5E5F0E61DCBFF2A1FE5F42 + stream[192..255] = 155ADA79705DC5962CCE1A726F2B4607 + A82B724254BC834F7EDDDE385350BBED + E5DA4E31CC928190F6AC3AE3FBEF43FA + 46403CB408BEE59058DEB6BA705738E4 + stream[256..319] = FD6587B08C97AC268CD53DBC4AFB61C3 + DEC3AEC5AE9C0BF3200645704D88FA07 + 65C44D046410B6CE17562586E78E2388 + 0ABD53B287A745B92B807D929F08B044 + stream[448..511] = 96C6BFD84F37FE32BE534E1E7F0CDC04 + 4B5E52E6F882048AFBE4FEEE3865EB2F + 9C15671B7AA32F8F11DA799B32B3403F + 8D6A2649A9BAD8845D0F3D906C7FA9AD + xor-digest = E50EB70DD12B95502CC8A976F930F59C + 19DD52DC3C1A62E4A1A4BA343740C146 + 078C77A33F4A4501D6F80AABC5984C47 + 9FD19C560DF3DA0EC5E36C5CAF888229 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + 2B2C2D2E2F303132333435363738393A + IV = 0000000000000000 + stream[0..63] = 514715C4CB7F1960A1E64645A5CE592E + 70609C87FA3918753B82DD519711CAC9 + A2B3C52EBF5C3CD1AA4488026D133BA9 + A46931427722DEB5C38E45D0A64FB543 + stream[192..255] = 2C378DE00F67EC95C7AE7C44BE0BC183 + 9B3A6BD1FED4D4F0EC1C95BAB47953A8 + BEF51B0DA372CE06D892F1B130F65EFD + 2E41A5CD11A972709C6FE46FBEEFF7EA + stream[256..319] = 9E7A50E19E3FCD649BE2FAE1561C4596 + E7FB3CAD3C68B8C3E778AF650360C244 + 1788E381E9E91E98F19207C309BCB295 + F7FA67F5333B965AC7A909F0903B0FA9 + stream[448..511] = 4D3B613F5C0AF52800B3F20D2868A32B + F1F43FB2CDF878C1A4F08878F5E5ECCF + 197A880F654FF75712409B58A4EE9081 + C2AEE121485BF0736FF048171F00C7E3 + xor-digest = 82BD892940506AC1FF885F8B67570CA9 + 0219401950BCECDEC40A08C5D115CE1C + EFCD0CAF2458940AE4D3EA5BB5E863E3 + 9C1E6B508D0704960CF579770A44F012 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + 3435363738393A3B3C3D3E3F40414243 + IV = 0000000000000000 + stream[0..63] = D8EE9A7DE99A531FD0313A295960E7C2 + 903BF71C2E35B503979A04654FF0C474 + B97FF731859AFFD50233DF7F79D0D677 + C8A060D8035F24846C6988F8CC913150 + stream[192..255] = BD83BBC63837503B0D00D3887804D981 + 25FF300C52972BFBBE2B791CEC7700FC + 8E3D16A0244856E61EEF1B28F1B451DF + FE3EBA4CE8F7485875B729C074402C29 + stream[256..319] = AA470544D499CD6445757996DE604279 + DF407FEBD3DF80FCF5A95A41209635B1 + 923F7B397D6DB60242599F665020363C + 8F55DE21A12C0DAF16CC329680B261CA + stream[448..511] = 0780E9DC2B6AB4C580E048BC6BFE8287 + 9A402FD7E1E3FFF0BDD87E04ADED2CF6 + 75433652EB92D3EC693BABD5788477F8 + E496DA9D9E56A531DDB10D39FBAE953D + xor-digest = 468B0B5D26EEF40C460B8B27F99E296B + D5B1AEBF4BB067120318F90C4B7D695F + B46B432ED4300CFF3ED224A38AB1B886 + D061ACF1DED454E7A7C82FF37CD3EACA + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + 3D3E3F404142434445464748494A4B4C + IV = 0000000000000000 + stream[0..63] = 4C02E827DD736F3796F789602F437D2C + A857849F69BA55F9785D75F3B7F8B28C + 98E42A9BCC7BF598A7C24BB575B3BE3D + B2F192DDC3DD287531187536B8B7BE3C + stream[192..255] = 46D07278B5FC215DD83E2DFCAC7B72B9 + 27AF97AE3AE5713CA75E7B17E51C34EF + 8CA4BC628D7D1A786DA83856DC73FAD8 + DC87F3E279D248E8FEFB15EE23793C89 + stream[256..319] = A4C851C1238F37ABA543F792284682E8 + B7675C8A5E77D582E20E17A2F2D0A257 + A489F6157FEBA80F7CF77BF4D167D0F5 + 857FD88FAB6AE129324F9DDA0EF6FA6E + stream[448..511] = 8B236D38816556729804E4CAEB3FBE5E + 1FDD0A8E894CBCD45CC628626BC36918 + D2B995F32D76832C099CFC5F8B48B6AA + B971FBF598DC5456CFBC0C5C1C1D8096 + xor-digest = EB36CC013C52A9B8F1B4C9F6FCD74833 + 6FF43C7C61FED948B0E81D6BC391436C + 0C67A68734596C6A670134B141E13A35 + AC02A781635C6B48B65F1F613F22AE9F + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + 464748494A4B4C4D4E4F505152535455 + IV = 0000000000000000 + stream[0..63] = 39B089939B2A5F6C6B14ECC43D6685E5 + CF46968FD736EF7212AC957E33D16BEB + 19368EFF049046C385B9261FE840B70F + 2FFF653A44B722FA3A4D137F3975B8A5 + stream[192..255] = FD9ADF7990758BA30294EE4757BF166D + FBD15BC966FB7BA2D0139C95FC8D8180 + 4FC0BA88732D99D002002074C820EDB5 + 78AA07D5CF463D75DFC0EF4E727A27BE + stream[256..319] = D5C110F13C35C5B4A4518DE641AE74DA + DB29E7D737E770DF52588DD51A36CC97 + C6E68756932BAC8DCA84BB706CCE7E12 + A0488F02806740830C0EEA760416CB7F + stream[448..511] = 78DA32974D8BDE553FD204AC4833044A + A6D05511D9B78829D6815193BFD98788 + 7D26EB145AA7429AE3DD0AC34B83860A + BD746E6861921380B617CEBE08885AD3 + xor-digest = 8A1241E4B69825395BB9D5AB3F32D758 + 81A6D778CBEE4F6F515B64355C622360 + 1A86245DD75B0940BBDE6C28247A3B5E + BC9F5BC95096D030D76FBB989B306948 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + 4F505152535455565758595A5B5C5D5E + IV = 0000000000000000 + stream[0..63] = 4C025870D8B17661C922FE2F8E431C9B + 73FD6E280DF37B32EA6729069770D4A0 + D285FEE2D1213D79FBDFE861B3877FF7 + 81E259F88EB76980DE9BEEC0D3BD28C4 + stream[192..255] = F18DEA2E04E3F82F13008F9E9974388F + 24036378D927E5BEBA35DA6A9AA5A8A3 + 5F7068BF8989BE6547A0343C48322630 + 637C0208228FC9F01FF182191414065B + stream[256..319] = 7011EB6F07792AAADE37BEB8135C1F22 + C94495B11271F53DD090102AC84239E0 + 1027F25A7346B33521C866CC3D1DE42D + 4035CC9252992C7A98878CF929E63BF7 + stream[448..511] = B67AA826A02C7FBC328D8B1EB72E9114 + CBFD2879C98B5E2231D9E96D30F84C95 + D5F44F9E4F7B7759733785C65D31735D + F597A30692EACBD35DA21F3A71821AC7 + xor-digest = 3F27B46CBF54BC94C3C556CEF9371972 + B73452AC9831D7D9C2C6031DCE1B5D08 + DE4E50C6334516228E1A890AB3E8FE70 + D72D058E63D202854AE5F2B1A2A09FF0 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + 58595A5B5C5D5E5F6061626364656667 + IV = 0000000000000000 + stream[0..63] = 9E1B005B1072B05213869162B5E9940E + C8847C4A2D196E421C2BF7ACEA349EB7 + 4AFCA3DE0A62416A5B7EA34D90E83EF0 + 608B45F727326C1DB59ED8C7A82EF46D + stream[192..255] = 247D730C7FDE4B1CA99F39D29F535DE1 + 3ADBA3493B705CC5E279BBB8B190F325 + 2F21E742D8057CB3B4715CC696755540 + AA090950A422AE1C6C9087A6AC3C0314 + stream[256..319] = D6919E05F350D80BF9927EF17004A684 + 02FD3A990388478AFC98760FDCF0DDA6 + 0797C78224B0C7899721999C8806D6FC + 2C2CE8D428D273FE5FE8D6AD0F0CEE46 + stream[448..511] = 37B8AE6780C719C5F89E9B13147E915B + 4027B0419F52CC68D287391EB3954ED5 + E7BD1F1B653F146D8D0E6A13E6B8253C + 09FE17E11D5A99F719CD0072CEA40E80 + xor-digest = DD32748517CA537D50CE908F5934461B + B2BAD80FFD6CA8673B4E72A5F0DBDB08 + 03DA7BC2F61AB452D570DF1A589783E7 + 3F4216C3244D460147749053F4091E3F + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + 6162636465666768696A6B6C6D6E6F70 + IV = 0000000000000000 + stream[0..63] = F4A7F5AD819C8C5091C4AA8DCF2B990F + D75FDC9A5781F4876C31B0996251B3FC + BAB9E49DDD3174E521DEF3648BF7CD2F + E8CF29AD7A5CBDD38A67F2DB0FB25F8C + stream[192..255] = ED03729B234A7324BCAB8B12A6534449 + 7BC68E52D222248D2FA6BB2D057A597A + 1B1C61526E707DE6080E790B4BC8D6E0 + 0A674B050F4D1F80821D9EF93A48D790 + stream[256..319] = 78AF0C754358D14CA3236738C3F6081F + 015BCBCC2A91F1EC31777BEDD87727FA + 38A8E04BC5207507BB7D5DEACA995B40 + BCCC5AE61F13BDD048DAAB703165D173 + stream[448..511] = 94DEDE89A1EFA1C2EBF4197C50E6FAAC + 128E1CE69B4DD634851B4A542309C4A4 + BEC042388575B9F1FFD2BE7BF7C54230 + 3FAEF32100CECF47443900529C22E577 + xor-digest = CF3FFFC81C902D50374E2F5A61944421 + 8FB1A8B57A1509D7B3BFBC95AFAFBA85 + 79E9C73DA1177A4B1679F09297F7C544 + 56B0B59A20F3B9984F822091D03CE790 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + 6A6B6C6D6E6F70717273747576777879 + IV = 0000000000000000 + stream[0..63] = 2C3179280B545CEA99FC6F30C0E23FE1 + C4EB42EF4E5482BB832EB22C1C905692 + 07B1E1C2B9F0902159875470647F352C + C0C8614E084451A4365AE5DD103D76C9 + stream[192..255] = 64DC29E6EDBB55DB8E91CC286B4B901C + 98DE95307B8ADFF92336A30C5BE03E4F + 7533845EB44570427991461EDA67CE9A + 4B9ABB9A8FE989FDFABD5DCE7E6B7B4A + stream[256..319] = 8909CFCB450F16639F054474B628D9AF + E1FDB4CBF7468DD35CB78A148958578E + 87F85D1B374629E6C6DFA1C2C650A884 + 954A421E95586F8E451847265D868C47 + stream[448..511] = E5B942A3F2D4F4195CDBAD9030E603C4 + 53D86BF65B2A1A63C64EEF0FC5628C96 + F978F11C39CF588785DF38C11227999C + 787DD42A794502F6C8863DD2FA0DBC9C + xor-digest = 017E8528FE9F64A444AE6D69373598F7 + 0FD32398F3544EF98262B5DEC4014922 + 4E5FDC7690A243608750F8A4FCCE22AF + 8A1F5C8197DC7DC7E952C816FD6EB584 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + 737475767778797A7B7C7D7E7F808182 + IV = 0000000000000000 + stream[0..63] = FCC7F5C877E6A71303FB8861E1C54073 + 059FA8FB2AD9707A70A80EEC402245DF + 645A83570A59C9E0A8B7EEFA1B4C3E11 + A57DF5B6FFF412B5F71A2323D07527A0 + stream[192..255] = B176A3DD2C02C3F858A0F5C0A247578C + 9985A2B6401CC4BAF54FB3DD2FCDF07A + 987AA528366D17A013D67FD3C705E157 + 3259EB342CB4741D6BF59066D70E5B6C + stream[256..319] = A569B7591D79555C3DB66A552DD38D4F + 617A680972E8CEC4DEEB23CFEEE112A1 + 4CEBDBCEE70993C1BBE7CACD334F1D8C + 756F15E3D36EE82A8D9824959573CEDF + stream[448..511] = D2064A8B35ECE7717BDD68AFE71108CB + 4E7729FF3469818752A4A39616369BED + 53E5273E21D453B61EBE8D519B0023D6 + 15699D42F5135A7BE7A0222C02EA50CB + xor-digest = 27ACC332A47E720F902945AA735026EB + 9DB1C07CADA36F9320A3875E27C0519F + 6E542673B6437FD44D58FF70C1FFDD77 + 1232AFA84AAA3A0132CEBF47E9ED67D9 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + 7C7D7E7F808182838485868788898A8B + IV = 0000000000000000 + stream[0..63] = F417C17C2094CAF58DDD74601A53C17D + 5E50B247A730553E5157C5CA4486E5C7 + 4A4ED2F006CB89197DE1886A86AA7E24 + 56F995B1E044F7569FCC2C18BC65B006 + stream[192..255] = C717A0CB4BA11F522FC1D408878AF2EE + 7CD420430A4B768AC523B0E8A2182473 + 861055EBB25D223E4C7DB61469939025 + 745C4943ABB8BA68C1D199CED88D455C + stream[256..319] = 81794132A1B7B56B67D8BD0432405671 + 160FB5216146C20ED5C0CB8BD63C08E3 + 5C045397C7B7403AFE0D7C05B5840A06 + 1C67F4E6D0F0C3F7AB492D125B8B1101 + stream[448..511] = BE36DFCD4760BED0A1547D5A22FC335B + E6AE9AF6AD45C1E3136014251201C688 + C0EB6C80BC55B58554D3F795581C603B + 583B6453DA87BA4EC5D9A70BF05A31DD + xor-digest = E70D37AB9A241AE19C2098E5B2F9EB32 + F2C5910EDAAC4C404D72F2B37249EC02 + 06552F2F46AC890DC3D92061E248179B + 2FAE062C44FF451A573F25FE7C64828A + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + 85868788898A8B8C8D8E8F9091929394 + IV = 0000000000000000 + stream[0..63] = 0867C15DED499FA15E38A7EE81BED09C + 85C44E90D325C4081309279C79C494F8 + CE5EAC8DCC62C9ED5743C43E8DA21F5F + 4B3ED70D8C59EAE886B2428E5C0458B3 + stream[192..255] = CFA60BEA15AC7EA54C2D251B99C13F2B + 6CFBA54F5C57E1E1681CA3CF9F94E225 + 5C3F9AF9CF3181184FD5A8F6FDC728D6 + E43817977B649D1CC4742FCBFAEBFD1E + stream[256..319] = 7B0DD2AB4EDA5252E8E28D1B20929286 + 45F148ACF54C4F8239C6209E96014F85 + 64151D9338124301DB25AF2369F5FCA7 + 475EB55CCC0386CE29FA615E11BCB45D + stream[448..511] = 115417B139716618C4E7865B44739636 + 4E62EC23201866EFF48D99DC4F2F98E8 + 4B98581D955A577D84B75E446CD41FC9 + A06DF6FAD36CE86CC43D0F24030A8D12 + xor-digest = 1E6F6CF9B80191E1A0A0EC4328174271 + 6226A180B32C2A4D87CEA1FF808A4E7B + BF2A85DA581C31235C2DE3C86542678F + 02A1198FAFADC50A1EAC40E95BE6ADD3 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + 8E8F909192939495969798999A9B9C9D + IV = 0000000000000000 + stream[0..63] = 327B9777AE40E57CA0C9FB19615F9902 + E4FF711EF44375234CE7616A66B66BB4 + B6837A86DB7A6E4D4AAC2B996644706A + EAF0713ECFEF9E0D123829B5396898C2 + stream[192..255] = B8B1C65FA18B4009FCD2F9DC6A4C5CD9 + 050F812F8D98B5760E7844677DD72DB9 + B7EEFE64AE1E363CEF56CF80409E992B + C550118D605A90800CBE666288374584 + stream[256..319] = 6C99751BC6ED9DB85B292810979B4016 + 3BE35BEE7A3D662F906CF0393CDABC52 + 31861520581756B95CBA55A5E779B38B + C75FE5DD568C77EE397CE56DC09826A6 + stream[448..511] = FB113E907F6EB8FAD09BEC825207BE7F + 8078AA354C6978540F922BF185A93FCA + C3DB0ACF50CA48C7E237D67AD2FE9BB0 + 1A5BFBCACC9FEFE7C7C56506602B39FA + xor-digest = D0E390289A19FB5D067C4BD19D4204EE + 0AEFA3C13172AED8766357802B46C883 + E584EEA330F74E10D94466A238093DEA + C13C98F139B96443E0FD0EC778ACD673 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + 9798999A9B9C9D9E9FA0A1A2A3A4A5A6 + IV = 0000000000000000 + stream[0..63] = CB09EF82D2180BDCFC098C9B8F6C1F4D + 2BCEF48FB4EAFDB57C35B09CCEB62349 + C09006CC68A53BC1BE4257383091C981 + 2BE8B5FFBFA0FABA69E45732A8EBE011 + stream[192..255] = 8871EE16888B8C4CA6228AC60223EE31 + 323219056E38FDCF0E56320F11D06E1F + 48F3588A9776E9AA884837B9D648E9C1 + 71C1B5AB947E7520473ADB18F3F417F8 + stream[256..319] = 7DCFFC61967BCE7E7B04446CDDA8D6BA + C2F34418C63460F8AE83A56DAD434396 + 6DE060CF13FACD50220B1F19F2C0FFDE + 08660ED68A1903BD2EB879465F8ED0DB + stream[448..511] = E7140E9E6E9844DD22BA00981BF850F4 + BA1055D2615EC80E76201B7BE0C20EF9 + 3209330A43E6F1F9F306D667AF2E3533 + AD59623987E9B0522250FF86EFCF6207 + xor-digest = 4F572881E72B2D303CF8DD072A8F01C0 + 3666FBCC8DBB69C14C6448112D42A65D + 58AC5C398C41258237D185473253FEF3 + B4D60E1938EB15F48DAFE5AC79ABF26D + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + A0A1A2A3A4A5A6A7A8A9AAABACADAEAF + IV = 0000000000000000 + stream[0..63] = AF4A88B6D7BA5444F0804F6F2CE87EB6 + 3EE7E623001307852D51F79A12E6BD6E + 3107D7F76F48A6EC7BAF8FC53BBAA86B + 5F4F9E7B04E29527232FE800259C525C + stream[192..255] = 94848BE2392AFB3684A2ADA5FD4ECCE6 + 1DF6501700541A1703631FC8BFF13093 + 67F6EC80784A5ACFE444DFFBFECE61FB + 9DFF5A5409DDC1548FA8D679DB6A9757 + stream[256..319] = B0A6606F5BFC5C905D00E25F2B7CD2AD + F28775D2AA12DF98F3DA93D2A3B78423 + 9ADFB4E390FC6CD781D0337A518C0AE2 + BB854FF28EFA0936AB6DDCE49D78E6F7 + stream[448..511] = 658C2DF3F0BC5EEB68F3D14250414BDF + 692BFC1D567C6C51AF7831E57F3B427A + F0606199418BB6117C80C99EF8F28FAF + 4129FBFD71A5D76E597E55964434F0E2 + xor-digest = 6F54D491451FBB37E5D1506437C032E0 + 8677EFCA3371028C868F33089EEF0F28 + B741E89056C7275852132E5FCA348066 + 7119F0E79AE4CC526026AED9DAB42030 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + A9AAABACADAEAFB0B1B2B3B4B5B6B7B8 + IV = 0000000000000000 + stream[0..63] = 95733E2F1D8E8059A48968A151F73E39 + 6184A263525B81BD6096B43A92E50C21 + ED323850FE31DF4BCBB8F911D8E7C54D + CEDAEDD354F8BF8B3B5BE7C2FBF84231 + stream[192..255] = 0E889D735D17BE1DCA0BF6E82E51E2CA + B2A9E80F7EE3BD8DBEBC82DF4A3933B1 + 98248EC7CF944788F22CA93512F25A33 + D45635B09E09742B381B5A4FD15717AB + stream[256..319] = CF290909510205343FB2F9DA9A5A8716 + 7941F72E206AD184F8FE3FF30400CB53 + 80E28DA8E4BC18D79A0CBB120F5FD880 + 514E3272C876B13C0E7AB8DF2B594FCD + stream[448..511] = AA509B41C5443412ECAC27226A63A655 + 27C3FB7363A1559824B16EEB9171EC0D + 7C7E577592701B6D30621B2F3FE06DF7 + 4E9DC64EB0B4E95CA62FBA6758C393F2 + xor-digest = 48624F9FA8E8067FDFA3BA33B7859978 + 01C1C7FCB58A192E7DA4551BD19D8C3C + 1A4782A5479715E9CBF8A2CC08F19B11 + AAC8F58DD9F4CFCF1CDEFDC755E2B221 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1 + IV = 0000000000000000 + stream[0..63] = A27A589019A08049661CF58BC71C9AD2 + B98DCF1683F0BA96E6AD59E4DA61DE24 + 205B68B7926E7F8A8F2C549C2E650544 + 03CBD383BE73C75796B04EB476170501 + stream[192..255] = 281F8ABD5D7B64E9CFCE3D26DB934BC2 + 7E7E39C357A32D1B860897549219315E + 190599E5087AFF3249076100B192450A + 5B454FA8E18D6D012F46E52A50AE4A74 + stream[256..319] = 7647AB37D6350AA67973353A1F6AFDC3 + 540B7EB247FE3F02336108470B589EDD + 0C8BB044025B8212E75F7A86ECC19206 + 48C92AE445EF0E5F98CACC3A7F57EF62 + stream[448..511] = 98DC00FD1858D6E503916B9DA7249502 + C4B201EC03DD86EB77C0A3FF4290175D + 021B8297278BE49B797E685AD628EC94 + 523F8E5B5AEFBD7952586DC97BF1BAEA + xor-digest = 99DB035B11F05E0E8906FF868D08DC65 + 186AFD6A7A6E685062BADC746B9E4C10 + 6BBBB19ABBBF89B66AA3ABECCEDA2129 + 862975A3A935C5D2604CA083FD98C90D + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + BBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CA + IV = 0000000000000000 + stream[0..63] = D3320C4FC079F31269225D8CC7137059 + 6B3A921E7EA42F52D0A891C250625421 + 02358F00B9FB35C579488414B74EABAB + 631AF7F3E2E73288C5A893030DE610D4 + stream[192..255] = D1EB9B01EB5B05939519E0F9416B8508 + F4E2C6A75038E16BA347E90E4AD76148 + CB0EE152776D876FF8640C98829E3DA7 + DC45765707FB94089D91B8471C9DC087 + stream[256..319] = 69F42A91588B78EAAFF0E48E280FF630 + 50A1CDBB5B2F5A2FF285BC39EC606063 + 67287A0035D1855DFF8A6C2DD9F35088 + A8F2DA4DC28CE4520568577BC966EDEC + stream[448..511] = 2DE18A3614529AEF470D0DD62653FACA + B69452151125D7859AE6966CAA20A72E + 6C3446A78BBE769387F74FF41BDD1BA2 + 9494036F2D1112BC3EAD251E421873EB + xor-digest = 09958596ABF053D368FD158A8BE9DF0B + 66142B4DB31B9CC9C2E5081B237BDF1B + 09C5723DACAC0558D18BFB46694BA3E7 + 9DACF93CCB774586FB5BD8751988ABE0 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 + IV = 0000000000000000 + stream[0..63] = 01DA5AFB731512CA67F33A9CB49ECD96 + 52E9E29E5FB1C2C9FB64318D964BDCB1 + 5105AB5ECECB3CAFDB97730F4748F19D + 9B4C823752FE47770317939E99DE8036 + stream[192..255] = 3E096A7C107536127451F1754B26C236 + 5D258056510E15CFA379956D9C7802AF + C099050654D4C30D403A61E2F8F92807 + 8B57DE1A928F65138FC97B64C0271406 + stream[256..319] = 10D7B5BBB3574860532962464C27EC17 + 35DF90FBE3ABB38E6E265C3C5CF90FB9 + 0EF97238AC7B3565EEF84D32F4A99ED7 + 2127B83A0103A893C635980E0B1F8FE5 + stream[448..511] = 0ECC0EAC7F18E0CF8B08155430C19322 + 113B6A9665738F783BE47BA6DDFC74AD + 6D8CA697E7492F6E775F3D652EC103BF + CC00CB99F00481B89082E748C31C86A2 + xor-digest = 73941DA6A3CBF15F8AB88BA53884A105 + 7D9A3092AC274294100474D89BB032C5 + 26D57C3A42956B45C4517C6ACFDE293C + 39361A3C7B0755EF78ABE5018A9CDD8A + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + CDCECFD0D1D2D3D4D5D6D7D8D9DADBDC + IV = 0000000000000000 + stream[0..63] = CE4844C64AF769329745E0283CFA4062 + F85743714AA1A8921EACD6D9C83AB1EF + 25CE0B40DACC9A009C3F5B35CCF0BDD7 + 69EDF975A8B6AFBB2A21A0BF8A8D01AE + stream[192..255] = 7BB1B235885507C8195B59DCE4F87F98 + 44A55E37BB4DA46D61DD21C68424AE37 + 360E4F1FA1AEED7B4324A746171D3265 + D987A6FD23C866CDDFBC670BC0D47631 + stream[256..319] = 083B1FD1E84B72DA7EEB0F7963D6C44A + FD12BD9C442E14A56A9B4C0EF3598153 + E719C21DEABA2B40D6CF30BFC2A321D2 + E53D6FD09154D4FE99DDEC2E0F10D47F + stream[448..511] = E5589173547F4707536BA8AFA3286FBC + C6B2FEC43E6966E3030E560D8CD9B20E + 138D38BD0AEFB9B7A79336BB8837FD51 + 7A8E98D529F1AB2974C4009A19485332 + xor-digest = 5263179028C8DC5BC5E1AF65AA51B07D + 4425B164A11EDE46C4CDA4715B269386 + CBA943C5BBA3083C8485B472B68C1B73 + 4421457A9E5718D7115D94C627D09920 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5 + IV = 0000000000000000 + stream[0..63] = BF3F28F4838DE2A352EEE91E447E9440 + 840D5D34DF25A03FB6EF26EF8E640B4E + 533AE200E028BD67A586935DFB203D0A + 7D8DEDC9AD57292A67E8EC8098BE460A + stream[192..255] = 1DA6FB724EE6C2DAF2AED86ABBDCD1DD + 52A935EA39297AAFAF0E9D05BFADF1D6 + 30DACB531C48305CA617506F496BB269 + 8F58892AB489639582007A44E94EC531 + stream[256..319] = 9EC574D70037EE7455013FCE3A3E252A + 05FF49AB501DD10FAE97793AC7C54031 + FBA89060D673C88FD2661F7A04470D06 + 7536FFFED49EA5F285D62AED5C8A7A2A + stream[448..511] = 25FD505F53027E3736F2A84290EAE81B + 8E8212AF289CC6EFAC8388FB66CF5F76 + 15904A3A8B5701590A0FC47B02DFF16C + CAD62CEA5416BD8AFA3515D589D048D4 + xor-digest = 00A9BE6FD2C4BB3D44631BB15673E4B6 + 467E1F3BD78D4D2D3C266A2428420F36 + 11A7757F2715C70D18863E82458F3A18 + 3049C6DF7C9120A7AB706BCC8A6DE966 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE + IV = 0000000000000000 + stream[0..63] = 5D68C95D62D06896065752A27290F788 + FEED275ECB6447A00310DDF78DBE77CF + 83AB043340AA7DE7D512191B0B38B3DD + 25271D07C3B3D3182FE2A88260AA724F + stream[192..255] = 611C102D9E6A3DC5E230BE3533F6830F + 3FDF4517EB9F414DB5C9A8364BEF5590 + 5317B7A8ADE564984DCED895ACA19C28 + B38751E3BD5927F0FA95640E1DA044FC + stream[256..319] = 65617CA477EE1522A5F5B26D2CC7E91A + 93B744DA97BA28A14EAD5EF15DB7A32F + 1D17A9C64D1BC471242CFF40EFE9E33A + 7C4B7FD01810314C49621EA1700E7690 + stream[448..511] = E127D03FC9A331ACAD2B0F51532C3CDC + F094801747A23CEE9C6769578CB18FB3 + 8EF4A328D50ACEC17C4B33FB48DD8863 + F4395B9C0ED139F312F0128974C29FF5 + xor-digest = 4C2395D5F8A3B71781E513B2CD19E8AE + B031D176C3284BC10FC41BFCCCECFA1D + 426F125BCF3EF6E8F12CB39A4278A412 + 1B2384F31EF8CA3A8E643545F5AA9529 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7 + IV = 0000000000000000 + stream[0..63] = BB1874177DAC85AB55895D51F9FA009F + 2486B9CD65EE0D1F8B15AD3D3EE17585 + ED8772D6E05F766D6E7200A53DAEC7D1 + 68A048FC952235145CF223214B016316 + stream[192..255] = 82D9EFB1885B9B5F244F9CC6BA84A953 + 1C641EAE5FF9923122BF738C4EB7A44E + 7270FCA689A385F05A02693B3EFF8170 + 9AA9A2546F5865851DB9741FA4C73E51 + stream[256..319] = 84FE0056F5F896A91395E7477BDD1101 + 9B5ADAB25AAF626D86EA4E2341F3A0E6 + 7CCBB10283C3078587C1AB41A4E0026F + E4EDEDC19C30893C3596B1323694A0CF + stream[448..511] = AFD139C94A2EB414057012F68B6E98A6 + 04605A5DECF6A502A570AC530C2AFACE + C987E470855125D1B2CCDDF782E90AB7 + D2D21F202447E138886746ABBFA87591 + xor-digest = 73834176FBE16E8A046CEE2056BE0556 + 41E1EB10AF31C0CAAB708B5A0B4BD158 + D158145B351AD1D8911376A98EB157D7 + 6F4CB7D471BD466DA3CE8F665EB0261B + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF00 + IV = 0000000000000000 + stream[0..63] = B3613AF18B5CDCB42F7C1D4E3A06E42D + F8D2EB01CC7A176F821AB7603146F557 + 8B8A5FA1B8CD5C4E83252E35DF206097 + B3BDAC7F39C15C5E8AF9A604406FE41E + stream[192..255] = 946BC7E1C2EF60D94C08CC8CE421BAF2 + 8A15EEA34D3CB17FEE82693B1CB988F3 + 14A78A462DF5524B67A328E2867E82C7 + 344D9F412716DDF7BAC3002CF6219CAA + stream[256..319] = 2AF96C50F3108FDA22021898E5644E0F + 1D4C7DAEF3A6A87A3E5B84C10D418EA2 + E387A44459A5F3DAFBA9CF0FBD74C6EA + 46F1F515F49937C54C4FC4C80620598C + stream[448..511] = BFFECD78A142429D7A6336419FDCC484 + 951A0C4A89F896547834D60138AFA0D1 + 357457931F71C87BAB84161683F705B6 + 84EF5A8F8506D8C717562A0C9F99F555 + xor-digest = 250AC7E5D470732151CF8038D31A137B + 0D5867985EBE43FBEB172F56D9B56833 + 3592B8A161019C8CE1467EA082973E0A + 0465B7C940419997F00B6AE05D138C19 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + FAFBFCFDFEFF00010203040506070809 + IV = 0000000000000000 + stream[0..63] = 0F715A05810CFDB16519EED13BBD80F4 + 3A026D941D01554A8A881FA47D4206FF + 972C46F955AA6AD19E8E9ACD21D132C3 + 8ABBD6AEFD705E3FFC0E7662E1F35576 + stream[192..255] = B54A17D617EB0D6F49024484693F5274 + BBD6AD0B3C92973DEF35B9467DE8560F + D8540FBD152169A385556AC617198167 + 5FA748BC35E0D1228BAE6F29753FDA65 + stream[256..319] = 0BE6A98F6BA8DCCE357C62148A59CA54 + 1FFFAA5A3A8AE7A22B1EE8B7B17205A8 + 986BBBA25F4046680F4188131B0FED5F + C09849A28E605F4E32E024E8BCC18D73 + stream[448..511] = 1C07D9B563C2CC4996988514BCDC47E2 + F9211B5CE8860BD7B2CA336AC345A960 + F3BD198C08DDFE5C215719A628CA7EA4 + FD060DD654229F3D44A29B05188F450F + xor-digest = EDBEC56A789EF2CFAA351B2DD011A02F + F2147CD06CCBEA7E9DB53CD00AF70DCE + 4AAF3B75CC6A97487CD2837D6E81DA20 + 7568DCE27B027BED29CDD32F296FA317 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + 030405060708090A0B0C0D0E0F101112 + IV = 0000000000000000 + stream[0..63] = A909E3526CD204AE2FE6CC8C2013A733 + 5A76FF4B9DACC7427632440C2B949151 + 50CBDB96BB6208F0AA5982DD6F7D8141 + 7800E433390F640A4F7C975446E5DD45 + stream[192..255] = B96665B5E1A97BC7C31F04202903A19E + 7D593DF8849ECD8F0E0BEDE52530C463 + D8CECCEB18C53543412962DCE00FBD8D + 8BE5464749AEBC92CC0D0CFD353BF8A8 + stream[256..319] = ABA2978EBE03D0D59BA09E7539F25E82 + AB26376E0CCAC02BCBAF54D9B9B34322 + 6AC9F14268EE9591EC2DEE2E78DF107B + A735488688E3B0608D6D100031EA8C0D + stream[448..511] = BBD78EAD8DD6D88FFD2CFE4D2BC86DBC + 2DBAAC634F6A7C4D1F4451C33AFBBFA4 + 995EB25998291D975E21C9D5D42434C2 + 45EE6FA3EDEE0BFEA31E39EBFB644520 + xor-digest = 8EE841D7F30138B1E3E353FF8CA8F038 + 040508DBF641C4401A8E19B18AF663C8 + 82EA0B5AE66035865504A716F18ADE89 + EB5B5A6012A0056D650E412F1933CC21 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + 0C0D0E0F101112131415161718191A1B + IV = 0000000000000000 + stream[0..63] = 177D9C9719AABD1CF9E0CC0C20367D5C + 1795AAFE99AB1E4FA4509E088024F502 + 8D2DF7DF44E6A3FDAC343354C2FF78B4 + 51DCB2C28482E637E4AE4352BBE4034A + stream[192..255] = C75A98394355CFF1E940286FC4AD7800 + 40C1E7E5CE1885465A98BDBAB1DD4611 + 4D532B1FFF605E64A85D1B65CBFC7F26 + E21D06D6511B4399801E2EACD0CE8F9D + stream[256..319] = F8F9A9EB1A6663FF782C4449ED4E9BBF + 27E8D70EEEA2B12514F0DA47029D3DDE + 340B479CCA5CF51C9885833FD0343AD4 + 3F275A6635CD0022B69C05D312B86762 + stream[448..511] = 310B1C1055CE26E44D0AABD93C40C26F + CE6505A4CBAB6A21FE4BFDFC982E4A5E + 11F1ED02BAC8E8B33781EC1C564C9789 + 9896D1D9E739C2A7D23F0999E4090866 + xor-digest = 6E7E74B60DD78B4B36FC745FFC4C9CC6 + EFD771077BAEEDE737C51A030188D700 + 498190B6A0C8700BB94B3A4E6EFAE776 + 3C7EB049C5A84DE8E99A0BE4CB90B524 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0000000000000000 + stream[0..63] = 1F1465B6F9EF7D3D2B3409220F2D07C2 + 98680C9E2B598E8E8D77A1E04B37CE32 + 12F5ECA98D70E4C701495695127611CF + A5D2BF93707B33A66FB78401E77A5CA1 + stream[65472..65535] = 95388EAB63F86B786E8F66ABEF56B220 + 4861087F93458CDC41439832616CCC91 + A1A2746AD8F1C77DB3A5734BE3C41951 + C9816A2282EEDC3E7D517AD4DC9193BC + stream[65536..65599] = 72ED7F020F1F2B83753B25912ACC1E61 + E0EE3546E78A5CA40DA02482F31BDA1E + C3EAB316DAA9B1E1ED1770FC46ED3E0A + 6E0530F0C0CBFC04EDADDC40879DA1AD + stream[131008..131071] = 4A59395170EFD1B06C53D494AE6CA1C0 + A8CA1E43F7FF2EB1F3AD6681D2A625AB + A05D28A1CAF0814198BC0F61D5D8A375 + 57CA253AFC2F45A326CBE60B4E9D9DFD + xor-digest = 5F7DE14883814992002FAA1466A63335 + F0B673217DD236BBF6EDA3BB80B0C32D + AFD116A65F8B97AED60F1D8E7E7033EC + 39B2CFDE48ACC0643BC4106EBFE13957 + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 0000000000000000 + stream[0..63] = 04E01132C752BB8CC398FF4B2E39BC01 + 9ACB60879A7104DF4941FFE4DC12789A + 3D3027DE343A5E473A78D4A57F191E2B + 9300262A74ED2B57EAD32615B98D59AD + stream[65472..65535] = 53348E80938BD3FF9576957989240C42 + F14359EAF50E46D232F2E3D429C8724E + A71302A288CF7A0197420087CA7B974E + 6AA766899F95748C3E45E649B9B99238 + stream[65536..65599] = 3562F5EA35E66D5C89C865FC074E73D4 + 8D16D73AEFD538E78986E49A22E1753E + 6FC290EC0ED6DC29BE88319756D584A3 + FEA8A9F83AE078AAD17E55C0C28BF143 + stream[131008..131071] = FC09CC3BFBCC21CF3102BFB43DEEF449 + 94B50E7B005C3D4F70304BC1949B8940 + 16376091484BCCF747199F9F700A7277 + 201E9C46F6A8679DCA4386990DF997B9 + xor-digest = 1AB900B643FA352027A51320FCDA3428 + 1EDEAAABFE7CBC326932566312A85150 + 6BC9A380CD2AD7B340E6F51D1719BC44 + F5ED3951A04491FFCE0BB0E9CF80FFD4 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 0000000000000000 + stream[0..63] = 378AF306330D8023A3284FD664E84DAE + CA69FD5970A47A4596572C6B64102D04 + 9F0E5A37E0396F61D83963C68404BB83 + DFBDAB1E52AAA14CC665775AEFFE7AD4 + stream[65472..65535] = 22361925B3A9F33250F22974852411B4 + 57D090592C99E736F67E1B72509DF404 + 5E9B5C9D88087900CC9EC76537212892 + 332414F646AB8F17D4E22D8908B7822C + stream[65536..65599] = DEF1DA8721D35E1B0A4E03E127338CE5 + AE733FA60C76E4B73350624431BFD562 + 0E284C6666D0D4E81C179CD741FC0893 + C797B80C0644D3AABACDB617083EADB1 + stream[131008..131071] = 8EAC42F2CCD8C99F6C4427D5DAFDBFCD + 094C83004181D5C76E7A064FA68AA65F + 83B41ABAEFEDB962802EC933A18F289E + B128C5A1B9B57061E09B3505CAD9FF6C + xor-digest = 91A1BC3C1CD27F1579B55E9198135E36 + 18649894E5A3877EB54E351D9870A3AC + B8FFBE945FADD27E6AB8111666B992EE + 55BE43D41F44A13659B9B6C9307506B1 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 0000000000000000 + stream[0..63] = FC6AA05E99E4A91A2447F41FA0683DA8 + 82E1A6687CFFF5C7039DE6FA7FD37DED + 25DA5E60FA01A277F8B905FD71C1702C + 5A376AEF82B99CF88A5624F7C7F2F633 + stream[65472..65535] = A3E9D58192EBE39CB80A3F5C1F32A798 + C81721B6F7290EDBEDBBC897C32E502F + F4F2A4304CB33642E079E1548BAF4E03 + 7EB64D2E4CD69BB145451302B349DD56 + stream[65536..65599] = 174B70F75C49589AAA5CDC484A6C25D7 + 170A0AA32E68AF7CBEB80A885663B48E + BD377912F50998A34A993088A67D25C5 + 70C4E2CA6A1999445A10C8AC53DAC991 + stream[131008..131071] = B1D27DDFF03A06B18F2CC3217E184E98 + 493ECE07B9FA3A176FFD1436BD7A1C87 + 5AB56D30B4A10F961A9E120F95312334 + B6AB55A3F3EFBBF7AE2AC53AF4E7D6A7 + xor-digest = 59BC4CEE8169ED61E598D257EEC7AD5E + D5B44F794BB71E416FAE8C40D17F110B + A7338A498D8A4E16235791CDCB7C561B + 2E0290362CC9E555E787B5508A24FE7B + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = 172C5192CB6E645BC527B2539A8D7412 + 67C191CC59B5EBF40BE5276E4EECA9B4 + B31F3B434B2AAF28ECF61C58E927F7D0 + A021D87BF287C9C6D0754A5795C4C6B4 + stream[192..255] = AE2C5824C80C782B9243A0B6B4C67B65 + EC43D2812C6ACFA26B74BB515798FA4F + 639B4C644853FA9D1F8AB4EE052DB3BC + 97334FE7A564284926FE40AC9BFA970C + stream[256..319] = 14AE8E3920C80738C3981B839798876F + 5991F1BD0CD291FFA0405E8B8DBE9C2E + B9DBC808CB3BBBA11E8BFB7F6ED08AE3 + D21358F5A8162F1A165C4CEF7A1AC7C2 + stream[448..511] = 40E6619A9E4CBEEF3D99472CC523EA3C + 06E71DE9B54CED37BFA32772C99659D6 + 759AD3890D1FFF43CD560306BA39967F + 1B6618F7B021144E20A9DAC7F45B9492 + xor-digest = 4B5CA8587A2ABD6943CB7C856AF802F5 + 176051E66CD843E7272E260B46CA76C9 + E7AFE2D681B65741C61E9AA654FC5A31 + 3A28BD50B1DD0843A72FD47C231B6D7E + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = 8F63797D01A6C6B2D77C9413F5D31BCA + 4C7CC8BB21F94D45C81760EF9D91EE72 + 50C4E3C6A15C600F6EAB0AA236D97B9F + C144AC7E12CAA6CD7D5838D56F98657B + stream[192..255] = 0B1DE2F3711FB2A77CA531B35469CCCF + 11EAF706F0F6BB483EA5901E256D726B + 3117AC59BA673A36776E0F396859BCBD + 50EE61FC1432071AD4DF281164EB8545 + stream[256..319] = E069B0A27639F94E54906FA4138163B3 + F62560E0D93CC92D314276A3C1D707B4 + 5A4847DEAB9ED6E55F383DDC0E89B452 + 8EA98AAC4010DE942C1567E1E8ED7C19 + stream[448..511] = E55385BFD08171C5E13A7767CF3FD62B + ABDAEFACE62E54E18E053B60FD63EC95 + 69E85DCE892DF38A1BBB832B3E431A82 + A7C57603726ECFD79A2770C402B918CE + xor-digest = E0075B464F69E8A0750783BF2DD8554D + 0A03AE993D4A1744270F398F234AD159 + A7C9E892F88EA53064DBF4A869AF3347 + 533CA1F31AFC9533C5100425DA6A043D + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = FB7F2990D5CDE4AB446B5EADEDF8D8B4 + 8F729EA00C2262B16CB679472C99383E + 1994B8A08C8815548F739420F1C061DD + BD322248E3A923627D4EEA41F91EBAB7 + stream[192..255] = 9EE5558CF5E0948E8E3CBC3E9703E698 + 526ADD94CAB6D1849BDBD249F369BD6C + A2B650FCC023DFD7098F4351106E67F5 + 3A05639435A36BAC5FFD5DB6869B6158 + stream[256..319] = 583905D6D767FA9997FEF521D15858AB + DAC052C08CB0D9BB80F58AF0929EB8CA + 459AA99282439BEB1E9D8AF7E224CD1B + 18C2B53DACDA84007FC92A9675B6B61B + stream[448..511] = F6566C867579E835967F8797907B7158 + C5B9AFAB9112C93D6BF6C1A0C4E1AA60 + 3A1BC71DDAC476E9A5F647C3104AEECB + 5F838EACD6DCB0BC33E4D2A28BA25A87 + xor-digest = 2AD3B6F8335AEE45373C225C1E8A396A + 43E5BF7F3103527044EDF4247C77A43E + 484C55738C4ED787427DBF118616E080 + 740D5EE2714C2833C9AC4D0133520615 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = B2FC0377EEA35AA3AAF01ADD5EFCFF1C + FE60265276CFCF133227C29DB57A5BA0 + 1BD2BF9E89D8886DED21CB0D5596E64A + 4C4E56A476B8FD40659543706880A564 + stream[192..255] = 92C68371198642E1B604E35E0F761D32 + B314F371FC992FA301908C597A0816C6 + F8E905D7CFAB1FBB781BB2A8D0273394 + C250C141DDF563BE8667C12407114458 + stream[256..319] = A3B3F2B537B5D14D9C5D3C6908768D29 + D0AB912161D07CF8405F1F817BC03C6C + 08A7783CB19F2A482AF90878C3C3718F + 1CA490BC6C822C9C421987A6520F93B5 + stream[448..511] = C13E14A58F98700AE84D829903A73FFA + 12A518FF70DD9A646C142955626EC924 + 583F037E9A068FC61F08855DA46AEBE8 + 51439EEC2664E24317ADACEEA448A0F1 + xor-digest = E163E45F61BE8A2BCE80012F85E8B88D + 5E030B7F780644D4D9317CD3AC7C9016 + 795623569400FF041BB6FF2791F0963D + B3FC44ECB6256EE33CE18E15365A38AA + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = 174C5FB5D06A1697FBFDE5C4944C66B0 + E693E31544C371C4672833EDF54E376A + ED0954477C953D3A99B7C8DE28786A5F + 35B3E24777CCC482CE76E33EC37DD27D + stream[192..255] = 9C306A235BE1BABC7B4CF43AA82AD588 + EBA9A732D6319F046BC866B2FC4A286A + E0FAB642168B77A7469831955A70286F + E96B36CDF21F17EB2CC0A6FBC03EA70B + stream[256..319] = FBC4B1347B71CF7FB8D5561C123FFF59 + 730A2EA26AECC2C3CB69CFFE019C48F3 + 85FF6A2496EF1BC1418F0CD51A23084E + EC6456414C6280CE0ED1DAD55C2777F2 + stream[448..511] = 5FBC2A0F72C313E1E7B1DEB8181DEAAD + 1FD832FCA05D8B41F86C309B65A21502 + 5F5C349BE749969CB4AB25D69D0CA3D0 + 6ACC72613E68AE20F8E868F9D0D03D5F + xor-digest = CD90497EB1D63C244CF6F1CE9075594D + 02C12ACE88A444EFB40B275317036A85 + 73686B955B5FEE1436042298E7567D15 + 8A2E521D5BFFDFB4ACB78F04C67F56C9 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = 5E0DFECBFC8A0F838F37D16B2931EF1D + 0522930B3C84F7BD153A51BC11AF6286 + EED716F8FD6260F9BC378C247BB93DDB + CEB2673BA987FBF376593C7462D6DF5A + stream[192..255] = C1B1EFF210DF58DB48E9FB1B9AB4B011 + 2078BD28DED5A30E43FFE76AC1DB0690 + 8ADA2EDC57E0DCCA377E1E878C5FF3BC + 1EDC55131626D8988B37EC96F04DDB35 + stream[256..319] = 45B760A94E1755A79E656FDED62D20AB + FEEABF0CC92807DF40EF2C6C2DB8E271 + F559B38344F45F6D34F7C001E5CFBE45 + 98E3ABA99D754DFA0E7721E88423529B + stream[448..511] = 9C5391341CFB7C971FD65341A9AF2089 + 7E9C037B5971121E34F036FB835E7AC8 + C41191677E942692024787869299C47F + 2807BBC6696BBB38E252CEC5100C06D1 + xor-digest = FE62CF9D9F0E93BB8DA29344A6C40E85 + 253077FA0B541A9396E48AFEA38EDA9F + 9F24B1AF19F434E83CBC6F300E1B3B8A + 64DC64CD2C2C15FBCD062D473EB36F45 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = CB662B5518DD67BE68AAE547DB30E0D3 + B515117767C06B4C30B12FCC0C9A41D3 + 3BE1BB5752A13AEA54EC1D25765B59CE + B60C3D94BC6101EFD927954B79F1B60A + stream[192..255] = EA2E3C6B117E519A761FF82AED339A00 + C37C6BA0DA42ED10DD4EE65E7B1793C2 + E541B33B674698083CACD9BA3084D699 + 8E22B093D516CE830495C05F1FDC7390 + stream[256..319] = A42CD8A6C27B3DE8BB05A6456729A3FC + 83E8AC7FCAD766081D24F1567C88A267 + 1B58B78BC14481B5C9FCFAF911707ED8 + 66D87877E38DFD1C260E83E814C76CD5 + stream[448..511] = 2E00E43720FC16C9689ADFA41D75FFBE + 38B044E81963A303848DE66CAEDDF240 + DCF164BA7A2FBCC015A24155C7F93745 + BE13B53B986599CA0F108684517FD76A + xor-digest = E3ED010D96914D7D0F66B0647B5D316A + F7A623B7E9CCA3E753421694BC36389F + 5244D1FBE8CD5A65E32695F5BE91198A + 4D88394AD9A312EB99D1B6ADFB5FCC45 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = 51C469E3B4F9F1384612C4E52D03D714 + CC7169177A464839AB9E4ADE1863E40B + 69141F4E6D3ACEDCA5664D55526690E8 + CB6F06093AAD5B8FF617EB0E42140E6A + stream[192..255] = 723DA5F68B235084FFC5845C5D74D728 + 35D0F449A67E4A988786DAFF629C8B72 + 88340941529F46DDB8F4DA2627494C27 + 670DC1367841EDFBAAC45ED28AD5EDCE + stream[256..319] = AD71BB3D609BC1BC133389E4A1DF7429 + 1BFC75A1D9096CDC24C882B4097B864D + 3572AA3777D20F8696FC1213F8BABFE8 + BF622A77E5C6D669368D57EC68E26275 + stream[448..511] = 60BA081C35F53B712C52AF8CE62A2B4D + AB89914C8B8B1A8F21F8DD3FB9F5BAED + 82EAA11F24A289B5E7F6C9279BE5CB5B + 1C9BD8CEC87C953B512461A0C8CFDD13 + xor-digest = 06E1A7EA3D460C742549C4F12DE2DA39 + 5D10F6FB08E5A63FBDA7E8D5F3B16899 + 49E9CE174080E8E59DD7BA63D36D69E3 + 7BD295EE2D4B515584859D75A9E87582 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0D74DB42A91077DE + stream[0..63] = 52E20CF8775AE882F200C2999FE4BA31 + A7A18F1D5C9716191D123175E147BD4E + 8CA6ED166CE0FC8E65A5CA608420FC65 + 44C9700A0F2138E8C1A286FB8C1FBFA0 + stream[65472..65535] = 8FBC9FE8691BD4F082B47F5405EDFBC1 + 6F4D5A12DDCB2D754E8A9998D0B21955 + 7DFE2984F4A1D2DDA76B9596928CCE05 + 56F50066CD599E44EF5C14B226683AEF + stream[65536..65599] = BCBD01DD28961CC7AD3047386CBCC67C + 108D6AF11167E40D7AE1B2FC4518A867 + EFE402651D1D8851C4FD2330C597B36A + 46D5689E00FC96FECF9CE3E2211D44BE + stream[131008..131071] = 9166F31CD85B5BB18FC614E54E4AD67F + B8658E3BF9FB19B7A82F0FE7DC902DF5 + 63C6AC4F446748C4BC3E1405E124820D + C40941998F44A810E722787FCD47784C + xor-digest = 7E288D6B1C8C521CB4A535CC446E092D + B2EFFA99321A5C6E0C52DD15F383DB4C + 4EB394C3BBA4ABA7892E96DF4A02B324 + ABBB78AD72963BBFBF395A941D6E96FD + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 167DE44BB21980E7 + stream[0..63] = C07560B3E776B471C5E2931426CAF1ED + 3AE4B867087682CA9DFDC2BAE89350BD + 84821CAEFF85AAC49D7435A7D9889352 + F5279E36123F41728A14EF269FCB944B + stream[65472..65535] = EED1BB58F90C89E05CC68B2DB6055849 + B3D2B187B7F02F9A24CE342AF0FC47A3 + 74BD7590FBF4FD9EE59B1A381EBFD229 + AD2A2901B3FB610812900B9230E622E9 + stream[65536..65599] = 70F0493A1B6253CC5ED3450A31CF377D + 834BAD2072302927CCD830104BD305FF + 59D29417B232884EC959194D6047C3DD + 6656C47E320064EB0144F7341BC3D697 + stream[131008..131071] = D2CCF7C1AF2AB466E627DB440840969A + BDAB68D886AE6A38A13FEE1750CA97B5 + D3315B84084728862FBCC7D4A97C75C8 + 655FF9D6BBC26188636F3EDFE15C7D30 + xor-digest = 986A4F031423FB9FB0F03FF3EB0C992F + 6A97B8E5545C6E441C35CAA01D5CBE1C + 5854B8C2D327ACACC1B70603D7917B5D + A7F824B0CFE21CA857B438B940BD67EF + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 1F86ED54BB2289F0 + stream[0..63] = 512252910190D154D14D0B9232B88431 + 8CCB43819BD5421932C03A13F07B4010 + 83D789725AA9DA0B41CB6224945EDCB0 + FB6FD7C2342235C970F64E101C256864 + stream[65472..65535] = 97967455840A4AE5C1CACE491519138A + A35E5F02407D4A1FE5086D35F3551EF4 + 77D9289D1723797C1A49EC26629AFADC + 56A038A38C75881B6217FD7467255909 + stream[65536..65599] = 1BF82E3D5C54DAABCF8415F8A2A1A22E + 868806334FF3113604741C1DF2B9840F + 87DEEFB00723A8A1B24A4DA17ECDAD00 + 01F979DDAE2DF0C5E1E532C48F8E0D34 + stream[131008..131071] = 06D84F6A71348420329FCD0C41759AD1 + 8F9957A38F22893BA558C5051197285C + 6BE2FD6C96A5C662AFD31178E70F960A + AB3F479623A444B68191E4C528469388 + xor-digest = 1E26089DB2177310078B99B0AD543FD4 + 80F3704035BF62F70E6BAE530FAA011A + 18FA40A6BE989938EBEC6DD26BA501E4 + 05F09A9D77E98D292A299EABF7A5684B + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 288FF65DC42B92F9 + stream[0..63] = 99DB33AD11CE0CCB3BFDBF8D0C181604 + 52D014CDE989B4C411A559FF7C20A169 + E6DC9909D816BECEDC4063CE07CEA828 + F44BF9B6C9A0A0B200E1B52AF41859C5 + stream[65472..65535] = 2FF20264EEAF47AB7D57C36224535451 + 735AC836D32DD28AE63645CE952F7FDB + E6689C695977B1C76E60DD5B27ACA476 + D2620FDC9313E8489BA56A70C9F4C3A8 + stream[65536..65599] = EB30CDA727C0F8B7E45D5EF30DB7CBE0 + 21F2291E5F56938D56F687B737C3B427 + 545C56A6D3A0BF2B2F47B48493FAE45E + D50C2E9BBE49FD92D67C7649055F06FD + stream[131008..131071] = 0EBF6CC3CBCBE74E6EE807471B492A67 + 39A52F571131A250BCDFA076A26590D7 + EDE6751C0326A02CB11C58773552804F + D8686715355C5A5CC591963A75E994B4 + xor-digest = 08900BE1E024034E5884974485A84E21 + FC771F4E2F283292AF5CA780CEBE4745 + 18F9DCC5B45C10F3446B5AC5D55CE1D9 + D75AA2BAA93144FC634F200C6023EE29 + + + +End of test vectors + +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: Salsa20 +======================= +Profile: SW & HW +Key size: 128 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 4DFA5E481DA23EA09A31022050859936 + DA52FCEE218005164F267CB65F5CFD7F + 2B4F97E0FF16924A52DF269515110A07 + F9E460BC65EF95DA58F740B7D1DBB0AA + stream[192..255] = DA9C1581F429E0A00F7D67E23B730676 + 783B262E8EB43A25F55FB90B3E753AEF + 8C6713EC66C51881111593CCB3E8CB8F + 8DE124080501EEEB389C4BCB6977CF95 + stream[256..319] = 7D5789631EB4554400E1E025935DFA7B + 3E9039D61BDC58A8697D36815BF1985C + EFDF7AE112E5BB81E37ECF0616CE7147 + FC08A93A367E08631F23C03B00A8DA2F + stream[448..511] = B375703739DACED4DD4059FD71C3C47F + C2F9939670FAD4A46066ADCC6A564578 + 3308B90FFB72BE04A6B147CBE38CC0C3 + B9267C296A92A7C69873F9F263BE9703 + xor-digest = F7A274D268316790A67EC058F45C0F2A + 067A99FCDE6236C0CEF8E056349FE54C + 5F13AC74D2539570FD34FEAB06C57205 + 3949B59585742181A5A760223AFA22D4 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 0471076057830FB99202291177FBFE5D + 38C888944DF8917CAB82788B91B53D1C + FB06D07A304B18BB763F888A61BB6B75 + 5CD58BEC9C4CFB7569CB91862E79C459 + stream[192..255] = D1D7E97556426E6CFC21312AE3811425 + 9E5A6FB10DACBD88E4354B0472556935 + 2B6DA5ACAFACD5E266F9575C2ED8E6F2 + EFE4B4D36114C3A623DD49F4794F865B + stream[256..319] = AF06FAA82C73291231E1BD916A773DE1 + 52FD2126C40A10C3A6EB40F22834B8CC + 68BD5C6DBD7FC1EC8F34165C517C0B63 + 9DB0C60506D3606906B8463AA0D0EC2F + stream[448..511] = AB3216F1216379EFD5EC589510B8FD35 + 014D0AA0B613040BAE63ECAB90A9AF79 + 661F8DA2F853A5204B0F8E72E9D9EB4D + BA5A4690E73A4D25F61EE7295215140C + xor-digest = B76A7991D5EE58FC51B9035E077E1315 + D81F131FA1F26CF22005C6C4F2412243 + C401A850AFEFAADC5B052435B51177C7 + 0AE68CB9DF9B44681C2D8B7049D89333 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = BACFE4145E6D4182EA4A0F59D4076C7E + 83FFD17E7540E5B7DE70EEDDF9552006 + B291B214A43E127EED1DA1540F33716D + 83C3AD7D711CD03251B78B2568F2C844 + stream[192..255] = 56824347D03D9084ECCF358A0AE410B9 + 4F74AE7FAD9F73D2351E0A44DF127434 + 3ADE372BDA2971189623FD1EAA4B723D + 76F5B9741A3DDC7E5B3E8ED4928EF421 + stream[256..319] = 999F4E0F54C62F9211D4B1F1B79B227A + FB3116C9CF9ADB9715DE856A8EB31084 + 71AB40DFBF47B71389EF64C20E1FFDCF + 018790BCE8E9FDC46527FE1545D3A6EA + stream[448..511] = 76F1B87E93EB9FEFEC3AED69210FE4AB + 2ED577DECE01A75FD364CD1CD7DE1027 + 5A002DDBC494EE8350E8EEC1D8D6925E + FD6FE7EA7F610512F1F0A83C8949AEB1 + xor-digest = B9D233247408CD459A027430A23E6FCF + 3E9A3BAF0D0FC59E623F04D9C107D402 + 880620C64A111318ECE60C22737BECA4 + 21F7D3D004E7191ECE2C7075289B31BF + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 24F4E317B675336E68A8E2A3A04CA967 + AB96512ACBA2F832015E9BE03F08830F + CF32E93D14FFBD2C901E982831ED8062 + 21D7DC8C32BBC8E056F21BF9BDDC8020 + stream[192..255] = E223DE7299E51C94623F8EAD3A6DB045 + 4091EE2B54A498F98690D7D84DB7EFD5 + A2A8202435CAC1FB34C842AEECF643C6 + 3054C424FAC5A632502CD3146278498A + stream[256..319] = 5A111014076A6D52E94C364BD7311B64 + 411DE27872FC8641D92C9D811F2B5185 + 94935F959D064A9BE806FAD06517819D + 2321B248E1F37E108E3412CE93FA8970 + stream[448..511] = 8A9AB11BD5360D8C7F34887982B3F658 + 6C34C1D6CB49100EA5D09A24C6B835D5 + 77C1A1C776902D785CB5516D74E87480 + 79878FDFDDF0126B1867E762546E4D72 + xor-digest = 0423874278AE11EF0A29B3E6E1A5BA41 + E43671636615E3F1F6215750E5A1749A + CDFE0CEB74A11AC4862527C5849110C9 + A7A6F01E419372824BCAB90550340E81 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9907DB5E2156427AD15B167BEB0AD445 + 452478AFEE3CF71AE1ED8EAF43E001A1 + C8199AF9CFD88D2B782AA2F39845A26A + 7AC54E5BE15DB7BDFBF873E16BC05A1D + stream[192..255] = EBA0DCC03E9EB60AE1EE5EFE3647BE45 + 6E66733AA5D6353447981184A05F0F0C + B0AD1CB630C35DC253DE3FEBD10684CA + DBA8B4B85E02B757DED0FEB1C31D71A3 + stream[256..319] = BD24858A3DB0D9E552345A3C3ECC4C69 + BBAE4901016A944C0D7ECCAAB9027738 + 975EEA6A4240D94DA183A74D649B789E + 24A0849E26DC367BDE4539ADCCF0CAD8 + stream[448..511] = EE20675194FA404F54BAB7103F6821C1 + 37EE2347560DC31D338B01026AB6E571 + 65467215315F06360D85F3C5FE7A359E + 80CBFE735F75AA065BC18EFB2829457D + xor-digest = 19B8E721CD10577375FC6D0E6DC39B05 + 4E371860CE2AA310906EA7BAB28D737F + 2357B42E7DC1C48D597EA58B87602CE5 + C37EEDED2E0F4819938878AE7C50E151 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 0000000000000000 + stream[0..63] = A59CE982636F2C8C912B1E8105E2577D + 9C86861E61FA3BFF757D74CB9EDE6027 + D7D6DE775643FAF5F2C04971BDCB56E6 + BE8144366235AC5E01C1EDF8512AF78B + stream[192..255] = DF8F13F1059E54DEF681CD554439BAB7 + 24CDE604BE5B77D85D2829B3EB137F4F + 2466BEADF4D5D54BA4DC36F1254BEC4F + B2B367A59EA6DDAC005354949D573E68 + stream[256..319] = B3F542ECBAD4ACA0A95B31D281B930E8 + 021993DF5012E48A333316E712C4E19B + 58231AAE7C90C91C9CC135B12B490BE4 + 2CF9C9A2727621CA81B2C3A081716F76 + stream[448..511] = F64A6449F2F13030BE554DB00D24CD50 + A89F80CCFE97435EBF0C49EB08747BF7 + B2C89BE612629F231C1B3398D8B4CC3F + 35DBECD1CF1CFDFDECD481B72A51276A + xor-digest = 4134A74A52EA89BF22E05A467E37E082 + 15537896BE4D2BBDF29EA52A2303E64B + D954A18928543C82B68A21E4B830A775 + CBA9D1176EBF8DB92938DF6E59117B74 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 0000000000000000 + stream[0..63] = 7A8131B777F7FBFD33A06E396FF32D7D + 8C3CEEE9573F405F98BD6083FE57BAB6 + FC87D5F34522D2440F649741D9F87849 + BC8751EF432DEE5DCC6A88B34B6A1EA9 + stream[192..255] = 6573F813310565DB22219984E0919445 + 9E5BB8613237F012EBB8249666582ACA + 751ED59380199117DDB29A5298F95FF0 + 65D271AB66CF6BC6CDE0EA5FC4D304EB + stream[256..319] = 0E65CB6944AFBD84F5B5D00F307402B8 + 399BF02852ED2826EA9AA4A55FB56DF2 + A6B83F7F228947DFAB2E0B10EAAA09D7 + 5A34F165ECB4D06CE6AB4796ABA3206A + stream[448..511] = 11F69B4D034B1D7213B9560FAE89FF2A + 53D9D0C9EAFCAA7F27E9D119DEEEA299 + AC8EC0EA0529846DAF90CF1D9BFBE406 + 043FE03F1713F249084BDD32FD98CD72 + xor-digest = E9CFBD15B5F4AD02903851F46728F2DD + 5910273E7360F1571EF1442199143B6C + 28E5368A2E00E08ADAE73AF3489E0D6F + 0D8032984ADD139B6BF508A5EEE4434B + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 0000000000000000 + stream[0..63] = FE4DF972E982735FFAEC4D66F929403F + 7246FB5B2794118493DF068CD310DEB6 + 3EEEF12344E221A2D163CC666F5685B5 + 02F4883142FA867B0BA46BF17D011984 + stream[192..255] = 4694F79AB2F3877BD590BA09B413F1BD + F394C4D8F2C20F551AA5A07207433204 + C2BC3A3BA014886A08F4EC5E4D91CDD0 + 1D7A039C5B815754198B2DBCE68D25EA + stream[256..319] = D1340204FB4544EFD5DAF28EDCC6FF03 + B39FBEE708CAEF6ABD3E2E3AB5738B32 + 04EF38CACCC40B9FBD1E6F0206A2B564 + E2F9EA05E10B6DD061F6AB94374681C0 + stream[448..511] = BB802FB53E11AFDC3104044D70448079 + 41FDAEF1042E0D35972D80CE77B4D560 + 083EB4113CDBC4AC56014D7FF94291DC + 9387CEF74A0E165042BC12373C6E020C + xor-digest = FF021AEC5DC82F40BBF44CEA85287BCF + D70F16F557F07B1BF970407051F71C41 + 5B703A67CAF8E81CB22D9F09E0CBD247 + 5E9859355A48FDA9F48E38E2748BE41B + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 0000000000000000 + stream[0..63] = 8F8121BDD7B286465F03D64CA45A4A15 + 4BDF44560419A40E0B482CED194C4B32 + 4F2E9295C452B73B292BA7F55A692DEE + A5129A49167BA7AABBEED26E39B25E7A + stream[192..255] = 7E4388EDBBA6EC5882E9CBF01CFA6786 + 0F10F0A5109FCA7E865C3814EB007CC8 + 9585C2653BDCE30F667CF95A2AA425D3 + 5A531F558180EF3E32A9543AE50E8FD6 + stream[256..319] = 527FF72879B1B809C027DFB7B39D02B3 + 04D648CD8D70F4E0465615B334ED9E2D + 59703745467F1168A8033BA861841DC0 + 0E7E1AB5E96469F6DA01B8973D0D414A + stream[448..511] = 82653E0949A5D8E32C4D0A81BBF96F6A + 7249D4D1E0DCDCC72B90565D9AF4D0AC + 461C1EAC85E254DD5E567A009EEB3897 + 9A2FD1E4F32FAD15D177D766932190E1 + xor-digest = B2F239692CE50EECABD7A846AC333885 + 43CFC1061F33420B6F205809F3965D89 + 9C56C02D208DD3E9A1F0D5BBED8F5DAC + B164FD005DF907002302F40ADB6665CC + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 0000000000000000 + stream[0..63] = 52FA8BD042682CD5AA21188EBF3B9E4A + EE3BE38AE052C5B37730E52C6CEE33C9 + 1B492F95A67F2F6C15425A8623C0C2AE + 7275FFD0FCF13A0A293A784289BEACB4 + stream[192..255] = 5F43C508BA6F728D032841618F96B103 + 19B094027E7719C28A8A8637D4B0C4D2 + 25D602EA23B40D1541A3F8487F25B14A + 8CBD8D2001AC28EADFDC0325BA2C140E + stream[256..319] = 5C802C813FF09CAF632CA8832479F891 + FB1016F2F44EFA81B3C872E37468B818 + 3EB32D8BD8917A858AEF47524FCC05D3 + 688C551FC8A42C8D9F0509018706E40E + stream[448..511] = 4CDD40DC6E9C0E4F84810ABE712003F6 + 4B23C6D0C88E61D1F303C3BBD89B58AA + 098B44B5CD82EDCFC618D324A41317AC + 6FED20C9A0C54A9ED1F4DA3BF2EC3C66 + xor-digest = B72D2FEE4BFBC0F65005EE2797B0608A + 7A6D9CD1114B67C0ADEC7B4B6D793182 + 880777B0279E3DF27CBA820714629A96 + 034E4C71F5356254A0116CF3E9F7EF5C + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 0000000000000000 + stream[0..63] = 6262315C736E88717E9627EECF4F6B55 + BD10D5960A9961D572EFC7CBDB9A1F01 + 1733D3E17E4735BEFA16FE6B148F8661 + 4C1E37065A48ACF287FFE65C9DC44A58 + stream[192..255] = B43439584FB2FAF3B2937838D8000AC4 + CD4BC4E582212A7741A0192F71C1F11B + 58D7F779CA0E6E4B8BD58E00B50C3C53 + DAF843467064A2DBE2FAD6FF6F40ECD8 + stream[256..319] = EE51EE875F6F1B8AF0334F509DF5692B + 9B43CC63A586C2380AF3AE490DCD6CFF + 7907BC3724AE3BBEAD79D436E6DADDB2 + 2141B3BA46C9BEC0E01B9D4F7657B387 + stream[448..511] = E5A4FE4A2FCA9A9ED779A9574283DC21 + C85216D54486D9B182300D0593B1E2B0 + 10814F7066AEB955C057609CE9AF0D63 + F057E17B19F57FFB7287EB2067C43B8D + xor-digest = 8866D8F9E6F423A7DF10C77625014AA5 + 82C06CD861A88F40FB9CD1EBF0911188 + 4344BEEA5A724E6FD8DB98BF4E6B9BEA + 5318FA62813D1B49A2D529FC00CB5777 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 0000000000000000 + stream[0..63] = 82FD629BD82C3BE22910951E2E41F8FE + 187E2BD198F6113AFF44B9B0689AA520 + C8CCE4E8D3FBA69EDE748BCF18397214 + F98D7ACF4424866A8670E98EBAB715A3 + stream[192..255] = 342D80E30E2FE7A00B02FC62F7090CDD + ECBDFD283D42A00423113196A87BEFD8 + B9E8AAF61C93F73CC6CBE9CC5AEC182F + 3948B7857F96B017F3477A2EEC3AEB3B + stream[256..319] = 8233712B6D3CCB572474BE200D67E540 + 3FC62128D74CE5F790202C696BFFB7EE + 3CAD255324F87291273A7719278FA313 + 1ABA12342692A2C0C58D27BA3725761B + stream[448..511] = 782600E7357AC69EA158C725B3E1E940 + 51A0CB63D0D1B4B3DF5F5037E3E1DE45 + 850578E9D513B90B8E5882D4DCA9F42B + E32621F4DCC1C77B38F1B0AC1227C196 + xor-digest = F8AE82F9B77EF090AE0C72A5EAE21405 + 68BEF0B354BCDF4BD39732CD86C63A82 + AFD27F58C459272B3E8A4B9B558D856F + 8475CF3A1AD99074822A836CFE520DC5 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 0000000000000000 + stream[0..63] = D244F87EB315A7EEF02CA314B440777E + C6C44660020B43189693500F3279FA01 + 7257BE0AB087B81F85FD55AAC5845189 + C66E259B5412C4BDFD0EBE805FC70C8A + stream[192..255] = 5A2D8D3E431FB40E60856F05C7976206 + 42B35DAB0255764D986740699040702F + 6CDE058458E842CB6E1843EBD336D374 + 23833EC01DFFF9086FEECAB8A165D29F + stream[256..319] = 443CEF4570C83517ED55C2F57058BB70 + 294CC8D7342597E2CD850F6C02E355CA + EB43C0A41F4BB74FFE9F6B0D25799140 + D03792D667601AD7954D21BD7C174C43 + stream[448..511] = 959C8B16A0ADEC58B544BE33CCF03277 + E48C7916E333F549CDE16E2B4B6DCE2D + 8D76C50718C0E77BFBEB3A3CB3CA14BF + 40F65EBFAE1A5001EAB36E531414E87F + xor-digest = 4DC82B00DC54141CC890348496115C68 + 1DB10ABE8454FBD10B49EF951CD20C6F + 7FE8AAA10906E57CF05EE838F76C8B7A + 3F9E6BD6D21C49F1590C913026C71A3E + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 0000000000000000 + stream[0..63] = 44A74D35E73A7E7C37B009AE712783AC + 86ACE0C02CB175656AF79023D91C909E + D2CB2F5C94BF8593DDC5E054D7EB726E + 0E867572AF954F88E05A4DAFD00CCF0A + stream[192..255] = FEC113A0255391D48A37CDF607AE1226 + 86305DDAD4CF1294598F2336AB6A5A02 + 9D927393454C2E014868137688C0417A + 2D31D0FE9540D7246FE2F84D6052DE40 + stream[256..319] = 79C2F7431D69E54C0474D8160113F364 + 8156A8963817C34AC9A9AD222543666E + 7EAF03AF4EE03271C3ECED262E7B4C66 + B0F618BAF3395423274DD1F73E2675E3 + stream[448..511] = 75C1295C871B1100F27DAF19E5D5BF8D + 880B9A54CEFDF1561B4351A32898F3C2 + 6A04AB1149C24FBFA2AC963388E64C43 + 65D716BCE8330BC03FA178DBE5C1E6B0 + xor-digest = 65D58F845F973928ADF5803799901856 + A08952CF215154C52A5FF2DAD71E8B70 + 3DE107E5531491666353F323E790EB02 + 1B5EF66C13F43401F4F6A27F08CE11D5 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 0000000000000000 + stream[0..63] = E23A3638C836B1ACF7E27296E1F5A241 + 3C4CC351EFEF65E3672E7C2FCD1FA105 + 2D2C26778DB774B8FBA29ABED72D058E + E35EBA376BA5BC3D84F8E44ABD5DC2CC + stream[192..255] = 2A8BEB3C372A6570F54EB429FA7F562D + 6EF14DF725861EDCE8132620EAA00D8B + 1DFEF653B64E9C328930904A0EEB0132 + B277BB3D9888431E1F28CDB0238DE685 + stream[256..319] = CCBEB5CA57104B95BF7BA5B12C8B8553 + 4CE9548F628CF53EF02C337D788BCE71 + D2D3D9C355E7D5EB75C56D079CB7D99D + 6AF0C8A86024B3AF5C2FC8A028413D93 + stream[448..511] = D00A5FDCE01A334C37E75634A8037B49 + BEC06ACBD2243320E2CA41FB5619E6D8 + 75AB2007310D4149379C91EF4E199805 + BE261E5C744F0DF21737E01243B7116F + xor-digest = 2D72232A4485E0D2EEDC061939602077 + 4C100C5424FF742B2868E3A68E67E165 + 4C4711C54A34DA937359A26B8386AD20 + 39EB2021DCFBB6A11603AF56225DE098 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 6513ADAECFEB124C1CBE6BDAEF690B4F + FB00B0FCACE33CE806792BB414801998 + 34BFB1CFDD095802C6E95E251002989A + C22AE588D32AE79320D9BD7732E00338 + stream[192..255] = 75E9D0493CA05D2820408719AFC75120 + 692040118F76B8328AC279530D846670 + 65E735C52ADD4BCFE07C9D93C0091790 + 2B187D46A25924767F91A6B29C961859 + stream[256..319] = 0E47D68F845B3D31E8B47F3BEA660E2E + CA484C82F5E3AE00484D87410A1772D0 + FA3B88F8024C170B21E50E0989E94A26 + 69C91973B3AE5781D305D8122791DA4C + stream[448..511] = CCBA51D3DB400E7EB780C0CCBD3D2B5B + B9AAD82A75A1F746824EE5B9DAF7B794 + 7A4B808DF48CE94830F6C9146860611D + A649E735ED5ED6E3E3DFF7C218879D63 + xor-digest = 6D3937FFA13637648E477623277644AD + AD3854E6B2B3E4D68155356F68B30490 + 842B2AEA2E32239BE84E613C6CE1B9BD + 026094962CB1A6757AF5A13DDAF8252C + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = 169060CCB42BEA7BEE4D8012A02F3635 + EB7BCA12859FA159CD559094B3507DB8 + 01735D1A1300102A9C9415546829CBD2 + 021BA217B39B81D89C55B13D0C603359 + stream[192..255] = 23EF24BB24195B9FD574823CD8A40C29 + D86BD35C191E2038779FF696C712B6D8 + 2E7014DBE1AC5D527AF076C088C4A8D4 + 4317958189F6EF54933A7E0816B5B916 + stream[256..319] = D8F12ED8AFE9422B85E5CC9B8ADEC9D6 + CFABE8DBC1082BCCC02F5A7266AA074C + A284E583A35837798CC0E69D4CE93765 + 3B8CDD65CE414B89138615CCB165AD19 + stream[448..511] = F70A0FF4ECD155E0F033604693A51E23 + 63880E2ECF98699E7174AF7C2C6B0FC6 + 59AE329599A3949272A37B9B2183A091 + 0922A3F325AE124DCBDD735364055CEB + xor-digest = 30209DD68D46E5A30034EF6DCE74FE1A + B6C772AB22CD3D6C354A9C4607EF3F82 + 900423D29FB65E07FFA3AEAD94E940D6 + E52E305A10D60936D34BD03B3F342AB1 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = 05835754A1333770BBA8262F8A84D0FD + 70ABF58CDB83A54172B0C07B6CCA5641 + 060E3097D2B19F82E918CB697D0F347D + C7DAE05C14355D09B61B47298FE89AEB + stream[192..255] = 5525C22F425949A5E51A4EAFA18F62C6 + E01A27EF78D79B073AEBEC436EC8183B + C683CD3205CF80B795181DAFF3DC9848 + 6644C6310F09D865A7A75EE6D5105F92 + stream[256..319] = 2EE7A4F9C576EADE7EE325334212196C + B7A61D6FA693238E6E2C8B53B900FF1A + 133A6E53F58AC89D6A695594CE03F775 + 8DF9ABE981F23373B3680C7A4AD82680 + stream[448..511] = CB7A0595F3A1B755E9070E8D3BACCF95 + 74F881E4B9D91558E19317C4C254988F + 42184584E5538C63D964F8EF61D86B09 + D983998979BA3F44BAF527128D3E5393 + xor-digest = AD29013FD0A222EEBE65126380A26477 + BD86751B3B0A2B4922602E63E6ECDA52 + 3BA789633BEE6CFF64436A8644CCD7E8 + F81B062187A9595A8D2507ED774FA5CD + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = 72A8D26F2DF3B6713C2A053B3354DBA6 + C10743C7A8F19261CF0E7957905748DD + D6D3333E2CBC6611B68C458D5CDBA2A2 + 30AC5AB03D59E71FE9C993E7B8E7E09F + stream[192..255] = 7B6132DC5E2990B0049A5F7F357C9D99 + 7733948018AE1D4F9DB999F4605FD78C + B548D75AC4657D93A20AA451B8F35E0A + 3CD08880CCED7D4A508BA7FB49737C17 + stream[256..319] = EF7A7448D019C76ED0B9C18B5B2867CF + 9AD84B789FB037E6B107B0A4615737B5 + C1C113F91462CDA0BCB9ADDC09E8EA6B + 99E4835FED25F5CC423EEFF56D851838 + stream[448..511] = 6B75BDD0EC8D581CB7567426F0B92C9B + B5057A89C3F604583DB700A46D6B8DE4 + 1AF315AE99BB5C1B52C76272D1E262F9 + FC7022CE70B435C27AE443284F5F84C1 + xor-digest = 484F9FCB516547DD89AF46991B18F1DE + C4C6CBC7D52735E00FC3201B4650151C + 3D4FB9C119442B368B28E3C68ED83F10 + D9DA2FDED7DEB8F04827FA91CCDBF65B + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = 76240D13C7E59CBD4183D162834A5D36 + 37CD09EE4F5AFE9C28CFA9466A4089F6 + 5C80C224A87F956459B173D720274D09 + C573FCD128498D810460FDA1BB50F934 + stream[192..255] = 71AF115217F3B7F77A05B56E32AD0889 + BFA470B6DDC256D852C63B45688D7BC8 + DC610D347A2600D7769C67B28D1FA25F + 1AACFB8F9BB68BFE17357335D8FAC993 + stream[256..319] = 6573CC1ADC0DE744F6694E5FBB59E5BF + 5939CE5D13793E2F683C7F2C7DD9A460 + 575746688A0F17D419FE3E5F88654559 + 7B6705E1390542B4F953D568025F5BB3 + stream[448..511] = 809179FAD4AD9B5C355A09E99C8BE931 + 4B9DF269F162C1317206EB3580CAE58A + B93A408C23739EF9538730FE687C8DAC + 1CE95290BA4ACBC886153E63A613857B + xor-digest = D1781DCE3EFB8B13740F016264051354 + F323C81A13D42CE75E67180849AC49FF + A7EA95720696F86848A1A4B8506A95E3 + A61371DDE7F21167CC147173BFC4D78F + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = 3117FD618A1E7821EA08CDED410C8A67 + BDD8F7BE3FCA9649BD3E297FD83A80AD + 814C8904C9D7A2DC0DCAA641CFFF502D + 78AFF1832D34C263C1938C1ADF01238F + stream[192..255] = 1E8CB540F19EC7AFCB366A25F74C0004 + B682E06129030617527BECD16E3E3E00 + 27D818F035EDCDF56D8D4752AEF28BDB + FA0D3B008235173475F5FA105B91BEED + stream[256..319] = 637C3B4566BBEBBE703E4BF1C978CCD2 + 77AE3B8768DB97DF01983CDF3529B3EC + 6B1137CA6F231047C13EA38649D0058E + BE5EF7B7BBA140F22338E382F1D6AB3F + stream[448..511] = D407259B6355C343D64A5130DA55C057 + E4AF722B70AC8A074262233677A457AF + EAA34E7FD6F15959A4C781C4C978F7B3 + BC571BF66674F015A1EA5DB262E25BDC + xor-digest = 1F64F78101768FF5067B9A918444EF70 + 3FF06561E23B31C61BD43BCF86CFAD24 + 9942F73DC8F40AE49B14874B08F2A527 + A53DF496F37D067F1168268D4A134740 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = 7FED83B9283449AD8EBFC935F5F36407 + 5C9008ADE8626D350770E2DBD058F053 + F7E5300B088B1341EC54C2BEE72A520C + 35C673E79CC4ED0A6D8F4C15FBDD090B + stream[192..255] = D780206A2537106610D1C95BF7E9121B + EDE1F0B8DFBE83CBC49C2C653DD187F7 + D84A2F4607BF99A96B3B84FB792340D4 + E67202FB74EC24F38955F345F21CF3DB + stream[256..319] = 6CA21C5DC289674C13CFD4FCBDEA8356 + 0A90F53BB54F16DBF274F5CC56D7857C + D3E3B06C81C70C828DC30DADEBD92F38 + BB8C24136F37797A647584BCEE68DF91 + stream[448..511] = 471936CE9C84E131C4C5792B769654B8 + 9644BFAFB1149130E580FD805A325B62 + 8CDE5FAE0F5C7CFFEF0D931F8F517A92 + 9E892D3789B74217A81BAEFE441E47ED + xor-digest = 0073DA29855E96EA5C414B9BD2E1C0F4 + 987D3F1EB1CA73C4AA10180B99A43774 + 4857EB36586593B81088AADE5D89BBC6 + 8FBD8B0D268080746D6BE38DBC9396CD + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = C224F33B124D6692263733DFD5BF5271 + 7D1FB45EC1CEDCA6BF92BA44C1EADA85 + F7B031BCC581A890FD275085C7AD1C3D + 652BCA5F4D7597DECDB2232318EABC32 + stream[192..255] = 090325F54C0350AD446C19ABDCAEFF52 + EC57F5A13FB55FEDE4606CEC44EC658B + BB13163481D2C84BF9409313F6470A0D + A9803936094CC29A8DE7613CBFA77DD5 + stream[256..319] = 1F66F5B70B9D12BC7092C1846498A2A0 + 730AA8FA8DD97A757BBB878320CE6633 + E5BCC3A5090F3F75BE6E72DD1E8D95B0 + DE7DBFDD764E484E1FB854B68A7111C6 + stream[448..511] = F8AE560041414BE888C7B5EB3082CC7C + 4DFBBA5FD103F522FBD95A7166B91DE6 + C78FB47413576EC83F0EDE6338C9EDDB + 81757B58C45CBD3A3E29E491DB1F04E2 + xor-digest = 542B2672401C5D1225CC704365753E33 + D0827A863C4897FFCE1B724CD10B2A0E + 8A4E4CDAB7357424FC6DC78440037240 + B8FD5299907A946CE77DAFA5322AB73D + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = 11BF31E22D7458C189092A1DE3A4905B + A2FA36858907E3511FB63FDFF2C5C2A1 + 5B651B2C2F1A3A43A718642152806967 + 2B6BB0AEC10452F1DAA9FC73FF5A396A + stream[192..255] = D1E1619E4BD327D2A124FC52BC15B194 + 0B05394ECE5926E1E1ADE7D3FC8C6E91 + E43889F6F9C1FD5C094F6CA25025AE4C + CC4FDC1824936373DBEE16D62B81112D + stream[256..319] = F900E9B0665F84C939D5FE4946FA7B41 + E34F06058522A2DB49E210E3E5385E58 + 97C24F6350C6CCA578285325CC16F558 + 6DC662FFBEA41BAC68996BAAB9F32D1F + stream[448..511] = 40587ECAD15841F1BD1D236A61051574 + A974E15292F777ABDED64D2B761892BE + F3DD69E479DE0D02CC73AF76E81E8A77 + F3CEE74180CB5685ACD4F0039DFFC3B0 + xor-digest = C3E5CC5C7CEA1B3885EB9CEF2D1FAF18 + E7DE1CFD7237F2D6D344F3DF7168A88E + C88C1314CB6F5A3EAE1BC468B4FAD75E + 8A42BE8607705C9A7950302461AD9B3F + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = EBC464423EADEF13E845C595A9795A58 + 5064F478A1C8582F07A4BA68E81329CB + 26A13C2EA0EFE9094B0A749FDB1CC6F9 + C2D293F0B395E14EB63075A39A2EDB4C + stream[192..255] = F4BBBBCE9C5869DE6BAF5FD4AE835DBE + 5B7F1752B2972086F3383E9D180C2FE5 + 5618846B10EB68AC0EB0865E0B167C6D + 3A843B29336BC1100A4AB7E8A3369959 + stream[256..319] = 3CEB39E3D740771BD49002EA8CD99851 + 8A8C70772679ECAF2030583AED43F77F + 565FECDBEF333265A2E1CC42CB606980 + AEF3B24C436A12C85CBDC5EBD97A9177 + stream[448..511] = EF651A98A98C4C2B61EA8E7A673F5D4F + D832D1F9FD19EE4537B6FEC7D11C6B2F + 3EF5D764EEAD396A7A2E32662647BFC0 + 7F02A557BA6EF046C8DE3781D74332B0 + xor-digest = 88A96FF895BF2A827FC26DB2BB75DC69 + 8E8E1B7E231997AB2942E981EF1633EA + 061F6B323B99519828FB41A6F5CCC79C + 57F6DDDD34DEAB38514A54C4886626E5 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = F40253BAA835152E1582646FD5BD3FED + 638EB3498C80BFB941644A7750BBA565 + 3130CC97A937A2B27AFBB3E679BC42BE + 87F83723DC6F0D61DCE9DE8608AC62AA + stream[192..255] = A5A1CD35A230ED57ADB8FE16CD2D2EA6 + 055C32D3E621A0FD6EB6717AA916D478 + 57CD987C16E6112EDE60CCB0F7014642 + 2788017A6812202362691FDA257E5856 + stream[256..319] = 81F0D04A929DB4676F6A3E6C15049779 + C4EC9A12ACF80168D7E9AA1D6FA9C13E + F2956CEE750A89103B48F22C06439C5C + E9129996455FAE2D7775A1D8D39B00CE + stream[448..511] = 3F6D60A0951F0747B94E4DDE3CA4ED4C + 96694B7534CD9ED97B96FAAD3CF00D4A + EF12919D410CD9777CD5F2F3F2BF160E + BBA3561CC24345D9A09978C3253F6DCB + xor-digest = 554F89BF1AD5602655B800DB9B3CCFFA + 1B267D57654DCF3FDDA81A59DF68B022 + 555E63DE51E7A83668E7F1AE09EEB5B8 + 748DEF8580B304199C4D117CF9A94E78 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = ED5FF13649F7D8EDFC783EFDF2F843B3 + 68776B19390AF110BEF12EAC8EC58A2E + 8CDAB6EC9049FBDA23A615C536C3A313 + 799E21668C248EC864D5D5D99DED80B3 + stream[192..255] = 845ACE9B870CF9D77597201988552DE5 + 3FD40D2C8AC51ABE1335F6A2D0035DF8 + B10CACAD851E000BAC6EA8831B2FBCFE + B7C94787E41CC541BAC3D9D26DB4F19D + stream[256..319] = 981580764B81A4E12CA1F36634B59136 + 5E4BDB6C12DE13F2F337E72E018029C5 + A0BECDA7B6723DD609D81A314CE39619 + 0E82848893E5A44478B08340F90A73F3 + stream[448..511] = 4CD3B072D5720E6C64C9476552D1CFF4 + D4EF68DCBD11E8D516F0C248F9250B57 + 1990DD3AFC0AE8452896CCCC0BD0EFDF + 17B616691AB3DF9AF6A42EDCA54BF9CD + xor-digest = 52D590BB5E396FCC2E00D9C51B3C0BF0 + 73E123C7EE69B528B0F0F87B57DC6907 + F4B57FD5F5B10D602B1F723E9FDD5510 + AEC60CD0DD50ED4B60FA355859638C2C + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 78ED06021C5C7867D176DA2A96C4BBAA + 494F451F21875446393E9688205ED63D + EA8ADEB1A2381201F576C5A541BC8887 + 4078608CA8F2C2A6BDCDC1081DD254CC + stream[192..255] = C1747F85DB1E4FB3E29621015314E3CB + 261808FA6485E59057B60BE82851CFC9 + 48966763AF97CB9869567B763C745457 + 5022249DFE729BD5DEF41E6DBCC68128 + stream[256..319] = 1EE4C7F63AF666D8EDB2564268ECD127 + B4D015CB59487FEAF87D0941D42D0F8A + 24BD353D4EF765FCCF07A3C3ACF71B90 + E03E8AEA9C3F467FE2DD36CEC00E5271 + stream[448..511] = 7AFF4F3A284CC39E5EAF07BA6341F065 + 671147CA0F073CEF2B992A7E21690C82 + 71639ED678D6A675EBDAD48336584213 + 15A2BA74754467CCCE128CCC62668D0D + xor-digest = FB3FE601D4E58B0766F02FA15C332391 + 3CD745E905AD74EA5DABA77BC25D282D + D66D98204E101F06D60BA446A21331AF + 6DDEB70679DEF46B886EB8A75C916380 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = D935C93A8EBB90DB53A27BF9B41B3345 + 23E1DFDE3BFFC09EA97EFB9376D38C7D + 6DC67AAB21EA3A5C07B6503F986F7E8D + 9E11B3150BF0D38F36C284ADB31FACF8 + stream[192..255] = DA88C48115010D3CD5DC0640DED2E652 + 0399AAFED73E573CBAF552C6FE06B1B3 + F3ADE3ADC19DA311B675A6D83FD48E38 + 46825BD36EB88001AE1BD69439A0141C + stream[256..319] = 14EA210224DAF4FC5D647C78B6BFEF7D + 724DC56DCDF832B496DEAD31DD948DB1 + 944E17AB2966973FD7CCB1BC9EC0335F + 35326D5834EE3B08833358C4C28F70DE + stream[448..511] = D5346E161C083E00E247414F44E0E737 + 5B435F426B58D482A37694331D7C5DC9 + 7D8953E6A852625282973ECCFD012D66 + 4C0AFA5D481A59D7688FDB54C55CD04F + xor-digest = BB5EAC1AB84C70857245294309C023C4 + B1A4199D16877BC847BCBB1B0A8D1B54 + 4289D6C8BF27212AAFFD42021669BB24 + 77A4F815FA01B3F7E88299240155265B + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = 45A43A587C45607441CE3AE200467977 + 88879C5B77FDB90B76F7D2DF27EE8D94 + 28A5B5AF35E2AAE242E6577BEC92DA09 + 29A6AFB3CB8F8496375C98085460AB95 + stream[192..255] = 14AE0BA973AE19E6FD674413C276AB9D + 99AA0048822AFB6F0B68A2741FB5CE2F + 64F3D862106EF2BDE19B39209F75B92B + DBE9015D63FDFD7B9E8A776291F4E831 + stream[256..319] = C26FA1812FFC32EFF2954592A0E1E5B1 + 26D5A2196624156E3DFD0481205B24D5 + 613B0A75AF3CBC8BBE5911BE93125BD3 + D3C50C92910DBA05D80666632E5DF9EF + stream[448..511] = AD0DABE5AF74AB4F62B4699E0D667BBF + 01B4DCF0A45514554CAC4DFDE453EFF1 + E51BE5B74B37512C40E3608FB0E65A3F + D4EAFA27A3BB0D6E1300C594CB0D1254 + xor-digest = 0F1A4B0994EE03B6C381FE4BB8E33C0E + E47C395BB59922C5537EEBFD12549422 + 0F743B93D867085E027E56623F795056 + 08179A39FF52D4C00A45A5FB8F618C49 + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = 09E15E82DFA9D821B8F68789978D0940 + 48892C624167BA88AD767CAEFDE80E25 + F57467156B8054C8E88F3478A2897A20 + 344C4B05665E7438AD1836BE86A07B83 + stream[192..255] = 2D752E53C3FCA8D3CC4E760595D588A6 + B321F910B8F96459DBD42C6635063246 + 60A527C66A53B406709262B0E42F11CB + 0AD2450A1FB2F48EA85C1B39D4408DB9 + stream[256..319] = 1EC94A21BD2C0408D3E15104FA25D15D + 6E3E0D3F8070D84184D35B6302BF62AE + A282E3640820CC09E1528B684B740018 + 0598D6960EC92E4EC4C9E533E1BA06F1 + stream[448..511] = D0AC302C5CC256351E24CFFD11F0BD8A + 0BE1277EDDCB3EE4D530E051712A710D + F4513FD6438B7A355CCF4FEDA9A60F2A + C375508F998C642E6C51724FE9462F7F + xor-digest = B7F32B6FADB48BB8DA231BDBDC469723 + 2BAE5F8F8345F9F14A991FF851CC3C64 + 1DF4913A5C550FC898F95AC299ED8915 + 5A434DC4B1E37D82EA137BB763F68BC7 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = EA869D49E7C75E07B551C24EBE351B4E + 7FD9CB26413E55A8A977B766650F81EF + CA06E30107F76DC97EA9147FFA7CA66A + FD4D4DA538CDA1C27E8D948CC406FB89 + stream[192..255] = 436A8EC10421116CD03BF95A4DAAE630 + 1BB8C724B3D481099C70B26109971CCE + ACBCE35C8EE98BBB0CD553B5C4181125 + 00262C7EA10FAAC8BA9A30A04222D8E2 + stream[256..319] = 47487A34DE325E79838475B1757D5D29 + 3C931F9E57579FCA5E04A40E4A0A38CF + D1614F9CEF75F024FFF5D972BD671DC9 + FB2A80F64E8A2D82C3BAA5DDFD1E6821 + stream[448..511] = 3FDCAD4E7B069391FAB74C836D58DE23 + 95B27FFAE47D633912AE97E7E3E60264 + CA0DC540D33122320311C5CFC9E26D63 + 2753AC45B6A8E81AC816F5CA3BBDB1D6 + xor-digest = E30E770C75C94EE022BEA6B95241E5D7 + 163D7C55AAF20FE7150768CEE6E11037 + 42902FA4F928CDCF31335944DCDEBADD + E36FE089D2EB93677E9DF75234E1B3C8 + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = 7B3AA4599561C9059739C7D18D342CF2 + E73B3B9E1E85D38EDB41AEFADD81BF24 + 1580885078CA10D338598D18B3E4B693 + 155D12D362D533494BA48142AB068F68 + stream[192..255] = D27864FC30D5FD278A9FB83FADADFD2F + E72CE78A2563C031791D55FF31CF5946 + 4BE7422C81968A70E040164603DC0B0A + EEE93AC497CC0B770779CE6058BE80CF + stream[256..319] = 4C5A87029660B65782FD616F48CFD600 + 6DFB158682DC80E085E52163BE2947E2 + 70A0FD74DC8DC2F5920E59F28E225280 + FAC96BA78B8007E3D0DF6EF7BF835993 + stream[448..511] = F5A2ECD04452358970E4F8914FC08E82 + 926ECFF33D9FC0977F10241E7A50E528 + 996A7FB71F79FC30BF881AF6BA19016D + DC077ED22C58DC57E2BDBDA1020B30B2 + xor-digest = 8C9995B52F4AC9CA25E5C956850FFE90 + D396530617298D89659C2F863995FB06 + 0B65ADFED6AA977EDBB4FC2F6774335E + 9DEBC61E05E92718A340F79368E74273 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = 9776A232A31A22E2F10D203A2A1B60B9 + D28D64D6D0BF32C8CCA1BBF6B57B1482 + BCC9FCF7BBE0F8B61C4BF64C540474BC + F1F9C1C808CCBE6693668632A4E8653B + stream[192..255] = 5C746D64A3195079079028D74CE029A8 + 7F72B30B34B6C7459998847C42F2E44D + 843CF196229EED471B6BBDBA63BE3B52 + 9B8AF4B5846EB0AB008261E161707B76 + stream[256..319] = F780FE5204AC188A680F41068A9F5018 + 2D9154D6D5F1886034C270A8C3AF61DF + 945381B7ADCA546E153DBF0E6EA2DDDA + 4EDA3E7F7CF4E2043C5E20AF659282B4 + stream[448..511] = 71D24CD8B4A70554906A32A5EFDFA8B8 + 34C324E6F35240257A0A27485103616D + D41C8F4108D1FC76AB72AF166100AB17 + 212492A72099ACF6F9EB53AC50BD8B8B + xor-digest = B2217FF55077D373B735C1A7D8B784F5 + 187AF2F028FE906F85B938277CAC918C + E87BEA508AFF86B9071F2B7E4F88A3B1 + F3323151C9DF441FE6F266CF8F01A0B9 + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = 62DF49A919AF1367D2AAF1EB608DE1FD + F8B93C2026389CEBE93FA389C6F28458 + 48EBBE70B3A3C8E79061D78E9ED24ED9 + AA7BB6C1D726AA060AEFC4FFE70F0169 + stream[192..255] = E7A4DF0D61453F612FB558D1FAE198AA + B1979F91E1792C99423E0C5733459365 + 70915B60210F1F9CA8845120E6372659 + B02A179A4D679E8EDDDDF8843ABAB7A4 + stream[256..319] = C9501A02DD6AFB536BD2045917B016B8 + 3C5150A7232E945A53B4A61F90C5D0FB + 6E6AC45182CBF428772049B32C825D1C + 33290DBEEC9EF3FE69F5EF4FAC95E9B1 + stream[448..511] = B8D487CDD057282A0DDF21CE3F421E2A + C9696CD36416FA900D12A20199FE0018 + 86C904AB629194AECCC28E59A54A1357 + 47B7537D4E017B66538E5B1E83F88367 + xor-digest = 4EB0E761F6BD6A738DC295C0B1B737FC + FDB2A68FF50EB198D699CC71141EC6EB + 54434D40B592A65F2F5C50B6027D4F52 + 9307969E1D74028FF4BD6A44CEAA121C + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = 6F703F3FF0A49665AC70CD9675902EE7 + 8C60FF8BEB931011FC89B0F28D6E176A + 9AD4D494693187CB5DB08FF727477AE6 + 4B2EF7383E76F19731B9E23186212720 + stream[192..255] = AD26886ABF6AD6E0CA4E305E468DA1B3 + 69F0ADD3E14364C8A95BD78C5F2762B7 + 2915264A022AD11B3C6D312B5F6526E0 + 183D581B57973AFB824945BFB78CEB8F + stream[256..319] = FE29F08A5C157B87C600CE4458F274C9 + 86451983FE5AE561DF56139FF33755D7 + 1100286068A32559B169D8C2161E215D + BC32FAEA11B652284795C144CF3E693E + stream[448..511] = 7974578366C3E999028FA8318D82AAAA + 8ED3FD4DFB111CBF0F529C251BA91DC6 + ACFA9795C90C954CEA287D23AD979028 + E974393B4C3ABA251BCB6CECCD09210E + xor-digest = 88BE85838404EA4F0FFDD192C43E3B93 + 329C4A4919234D116E4393EA26110022 + BED2B427EC719178E6F1A9B9B08BEF5B + F2FE4A9CC869CB6BD2D989F750EDA78F + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = 61900F2EF2BEA2F59971C82CDFB52F27 + 9D81B444833FF02DD0178A53A8BFB9E1 + FF3B8D7EC799A7FBB60EADE8B1630C12 + 1059AA3E756702FEF9EEE7F233AFC79F + stream[192..255] = D27E0784038D1B13833ACD396413FF10 + D35F3C5C04A710FC58313EEBC1113B2C + FA20CBD1AEA4433C6650F16E7C3B6830 + 2E5F6B58D8E4F26D91F19FE981DEF939 + stream[256..319] = B658FB693E80CE50E3F64B910B660BEB + 142B4C4B61466424A9884D22EB80B8B4 + 0C26BEA869118ED068DCC83F9E4C68F1 + 7A3597D0FE0E36700D01B4252EE0010E + stream[448..511] = 9FC658A20D3107A34680CC75EB3F76D6 + A2150490E9F6A3428C9AD57F2A252385 + C956B01C31C978E219BE351A534DB23B + 99908DACC6726196742D0B7E1D88472C + xor-digest = DA74A6EC8D54723B1797751F786CB1B5 + 17995EBF297A034AF744EEF86833CC5B + A3DCBDB4D3FAB47F5BA37463CEC80F45 + DAE1A48FBB80148A39CA789BAE09D39F + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = 42D1C40F11588014006445E81C8219C4 + 370E55E06731E09514956834B2047EE2 + 8A9DAECC7EB25F34A311CC8EA28EDCD2 + 4A539160A0D8FDAA1A26E9F0CDFE0BE3 + stream[192..255] = 976201744266DEABBA3BFE206295F40E + 8D9D169475C11659ADA3F6F25F11CEF8 + CD6B851B1F72CD3E7D6F0ABAF8FB929D + DB7CF0C7B128B4E4C2C977297B2C5FC9 + stream[256..319] = D3601C4CD44BBEEFD5DAD1BDFF12C190 + A5F0B0CE95C019972863F4309CE566DE + 62BECB0C5F43360A9A09EB5BAB87CF13 + E7AB42D71D5E1229AF88667D95E8C96F + stream[448..511] = 69EAA4BAAAA795BCF3B96E79C931A1F2 + D2DD16A242714358B106F38C1234A5BB + D269E68A03539EFAFA79455ADBE1B984 + E9766B0720947E1365FDF076F73639CD + xor-digest = 54E422EB1EB2DBDB338798E0D352A87A + D5F5A28BC5F77E1B42913E6500723A93 + 6D4019D703DC93A1DF7C65AB74F1FC1A + 4D38C519A8338B73A435FC7491DFC769 + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = 9C09F353BF5ED33EDEF88D73985A14DB + C1390F08236461F08FDCAF9A7699FD7C + 4C602BE458B3437CEB1464F451ED021A + 0E1C906BA59C73A8BA745979AF213E35 + stream[192..255] = 437E3C1DE32B0DB2F0A57E41A7282670 + AC223D9FD958D111A8B45A70A1F863E2 + 989A97386758D44060F6BFFF5434C908 + 88B4BB4EDAE6528AAADC7B81B8C7BEA3 + stream[256..319] = 94007100350C946B6D12B7C6A2FD1215 + 682C867257C12C74E343B79E3DE79A78 + 2D74663347D8E633D8BE9D288A2A64A8 + 55C71B4496587ADECCB4F30706BB4BD9 + stream[448..511] = 585D0C2DB901F4004846ADBAA754BCA8 + 2B66A94C9AF06C914E3751243B87581A + FAE281312A492DBEE8D6BB64DD748F44 + 5EF88F82AB44CBA33D767678914BDE77 + xor-digest = BB97F09B9FCEC06B6124310BBDD1E9CE + 8D3793F62FF1337F520DE2A90FE2592A + F2636DFA20466FDAA9329443ACC0E9A5 + 0492621AF5790CAE5642E6F7D9AF400D + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = 4965F30797EE95156A0C141D2ACA5232 + 04DD7C0F89C6B3F5A2AC1C59B8CF0DA4 + 01B3906A6A3C94DA1F1E0046BD895052 + CB9E95F667407B4EE9E579D7A2C91861 + stream[192..255] = 8EDF23D6C8B062593C6F32360BF271B7 + ACEC1A4F7B66BF964DFB6C0BD93217BB + C5FACC720B286E93D3E9B31FA8C4C762 + DF1F8A3836A8FD8ACBA384B8093E0817 + stream[256..319] = 44FA82E9E469170BA6E5E8833117DAE9 + E65401105C5F9FEA0AF682E53A627B4A + 4A621B63F7CE5265D3DFADFBFD4A2B6C + 2B40D2249EB0385D959F9FE73B37D67D + stream[448..511] = 828BA57593BC4C2ACB0E8E4B8266C1CC + 095CE9A761FB68FC57D7A2FCFF768EFB + 39629D3378549FEE08CCF48A4A4DC2DD + 17E72A1454B7FA82E2ACF90B4B8370A7 + xor-digest = 8A365EE7E7BC9198EC88A39F5047431D + 1632CBB0D1E812957595E7A0763DFA46 + 953070863838812A9504F7A376078FEA + 9444B27E15FC043AE2D375D37DB1C6C3 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = 5C7BA38DF4789D45C75FCC71EC9E5751 + B3A60AD62367952C6A87C0657D6DB3E7 + 1053AC73E75FF4B66177B3325B1BBE69 + AEE30AD5867D68B660603FE4F0BF8AA6 + stream[192..255] = B9C7460E3B6C313BA17F7AE115FC6A8A + 499943C70BE40B8EF9842C8A934061E1 + E9CB9B4ED3503165C528CA6E0CF2622B + B1F16D24657BDAEDB9BA8F9E193B65EB + stream[256..319] = 406CD92883E991057DFD80BC8201067F + 35700264A4DFC28CF23EE32573DCB420 + 91FEF27548613999E5C5463E840FE957 + 60CF80CC5A05A74DE49E7724273C9EA6 + stream[448..511] = F13D615B49786D74B6591BA6887A7669 + 136F34B69D31412D4A9CB90234DAFCC4 + 1551743113701EF6191A577C7DB72E2C + B723C738317848F7CC917E1510F02791 + xor-digest = B31C13C287692760C2710CC4812A4CD3 + 535248839E0B5220185BE58BBCE6A70D + 629E0749D40D9E79F698FFAFF7B9C530 + 06419AAAD9AC1FAC2286F66DEC96AEB3 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 5B06F5B01529B8C57B73A410A61DD757 + FE5810970AA0CBFAD3404F17E7C7B645 + 9DD7F615913A0EF2DCC91AFC57FA660D + 6C7352B537C65CD090F1DE51C1036AB5 + stream[192..255] = 0F613F9E9F03199DF0D0A5C5BE253CDF + 138903876DE7F7B0F40B2F840F322F27 + 0C0618D05ABB1F013D8744B231555A8E + CB14A9E9C9AF39EDA91D36700F1C25B3 + stream[256..319] = 4D9FAB87C56867A687A03BF3EDCC224A + C54D04450AB6F78A642715AF62CF5192 + 15E2CDF5338E45554B852B6FB552BCAF + 5C599BDF9FA679962F038976CDA2DEFA + stream[448..511] = E0F80A9BF168EB523FD9D48F19CA96A1 + 8F89C1CF11A3ED6EC8AEAB99082DE99B + E46DE2FB23BE4A305F185CF3A8EA377C + CA1EF46FD3192D03DCAE13B79960FEF4 + xor-digest = AB020EA09B2573D7106EAA1D177F2E4A + 1F8E2237AD1481F9923DDF973A79CFC2 + 1A0B8CDDD22D3D78C488D0CC9BE8FAA8 + C74F0F2CFE619B7D7EA5B2E697E23372 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = E7BC9C13F83F51E8855E83B81AF1FFB9 + 676300ABAB85986B0B44441DDEFAB83B + 8569C4732D8D991696BD7B6694C6CB20 + 872A2D4542192BE81AA7FF8C1634FC61 + stream[192..255] = 0B429A2957CBD422E94012B49C443CBC + 2E13EFDE3B867C6018BABFDE9ED3B803 + 6A913C770D77C60DCD91F23E03B3A576 + 66847B1CACFCBCFF57D9F2A2BAD6131D + stream[256..319] = EA2CBD32269BB804DD2D641452DC09F9 + 64CB2BCD714180E94609C1209A8C26D1 + 256067F1B86AA4F886BB3602CF96B4DD + 7039F0326CD24D7C2D69DE22D9E24624 + stream[448..511] = CA0DD398EA7E543F1F680BF83E2B773B + BB5B0A931DEADDEC0884F7B823FC686E + 71D7E4C033C65B03B292426CE4E1A7A8 + A9D037303E6D1F0F45FDFB0FFE322F93 + xor-digest = 0D67BC1CFE545A6AE2F51A7FB2F32FC6 + 2E08707F9CBF2E08245E4594E9DB2A7E + CBB6AB7190831C3D7D8F9D606231668E + 447C4EA29D69B4344952A97A77CC71CB + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = C93DA97CB6851BCB95ABFAF547C20DF8 + A54836178971F748CF6D49AEF3C9CE8C + E7D284571D871EFD51B6A897AF698CD8 + F2B050B6EB21A1A58A9FC77200B1A032 + stream[192..255] = 5B4144FD0C46CEE4348B598EEF76D16B + 1A71CBF85F4D9926402133846136C59F + BE577B8B7EB8D6A67A48358573C06876 + 6AC76A308A14154E2FA9BD9DCA8842E6 + stream[256..319] = 3BF67A79DF6FE3C32DA7A53CD0D37237 + 16A99BF7D168A25C93C29DF2945D9BCB + F78B669195411BD86D3F890A462734AB + 10F488E9952334D7242E51AC6D886D60 + stream[448..511] = 65629AA9654930681578EEC971A48D83 + 90FBF82469A385B8BCF28B2C1E9F13CE + FC06F54335B4D5DE011F3DCE2B94D38F + 1A04871E273FCD2A8FA32C0E08710E69 + xor-digest = E308FAEC064EC30CA1BEA7C2A02E95F4 + ABCBF7D7762557BE9872726F9020162F + 9B4EA11F621426EED6297C947BB3FAC2 + 69A8D0F38672EFBD72FDCCBEB8475221 + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 0000000000000000 + stream[0..63] = 2DD5C3F7BA2B20F76802410C68868889 + 5AD8C1BD4EA6C9B140FB9B90E21049BF + 583F527970EBC1A4C4C5AF117A5940D9 + 2B98895B1902F02BF6E9BEF8D6B4CCBE + stream[192..255] = AB56CC2C5BFFEF174BBE28C48A17039E + CB795F4C2541E2F4AE5C69CA7FC2DED4 + D39B2C7B936ACD5C2ECD4719FD6A3188 + 323A14490281CBE8DAC48E4664FF3D3B + stream[256..319] = 9A18E827C33633E932FC431D697F0775 + B4C5B0AD26D1ACD5A643E3A01A065821 + 42A43F48E5D3D9A91858887310D39969 + D65E7DB788AFE27D03CD985641967357 + stream[448..511] = 752357191E8041ABB8B5761FAF9CB9D7 + 3072E10B4A3ED8C6ADA2B05CBBAC298F + 2ED6448360F63A51E073DE02338DBAF2 + A8384157329BC31A1036BBB4CBFEE660 + xor-digest = F3BCF4D6381742839C5627050D4B227F + EB1ECCC527BF605C4CB9D6FB0618F419 + B51846707550BBEEE381E44A50A406D0 + 20C8433D08B19C98EFC867ED9897EDBB + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 0000000000000000 + stream[0..63] = 0F8DB5661F92FB1E7C760741430E15BB + 36CD93850A901F88C40AB5D03C3C5FCE + 71E8F16E239795862BEC37F63490335B + B13CD83F86225C8257AB682341C2D357 + stream[192..255] = 002734084DF7F9D6613508E587A4DD42 + 1D317B45A6918B48E007F53BEB3685A9 + 235E5F2A7FACC41461B1C22DC55BF82B + 54468C8523508167AAF83ABBFC39C67B + stream[256..319] = 3C9F43ED10724681186AC02ACFEC1A3A + 090E6C9AC1D1BC92A5DBF407664EBCF4 + 563676257518554C90656AC1D4F167B8 + B0D3839EB8C9E9B127665DCE0B1FD78C + stream[448..511] = 46B7C56E7ED713AAB757B24056AF58C6 + AD3C86270CFEAE4AADB35F0DB2D96932 + 1A38388D00ED9C2AD3A3F6D8BE0DE7F7 + ADA068F67525A0996DE5E4DF490DF700 + xor-digest = FDAEDE318DDD9EE44670318D51E812A2 + F9B6EAEB18B9EBDC0FB76D95CD0AE8C9 + 5792F6EA71332404798505D947B89B04 + 1D56FAD3B0D92BEC06428EC5A841EB82 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 0000000000000000 + stream[0..63] = 4B135E9A5C9D54E6E019B5A2B48B9E6E + 17F6E6667B9D43BC3F892AD6ED64C584 + 4FE52F75BD67F5C01523EE026A385108 + 3FBA5AC0B6080CE3E6A2F5A65808B0AC + stream[192..255] = E45A7A605BCFBBE77E781BBE78C270C5 + AC7DAD21F015E90517672F1553724DDA + 12692D23EC7E0B420A93D249C4383566 + 22D45809034A1A92B3DE34AEB4421168 + stream[256..319] = 14DEA7F82A4D3C1796C3911ABC2EFE9D + C9EB79C42F72691F8CB8C353ECBCC0DC + 6159EC13DFC08442F99F0F68355D704E + 5649D8B34836B5D2C46F8999CD570B17 + stream[448..511] = CA6A357766527EA439B56C970E2E089C + 30C94E62CB07D7FE1B1403540C2DA9A6 + 362732811EF811C9D04ED4880DC0038D + 5FDCE22BDE2668CD75107D7926EC98B5 + xor-digest = DE518E6B67BAEC2A516CCAB0475341C4 + BCC652ABE49ECCAA64E87248441A8F72 + 7BE173CACEBF8895B07DE8DDD28F1EE8 + AA739855F1E6DB70765AB1B55BC3B1ED + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 0000000000000000 + stream[0..63] = E04A423EF2E928DCA81E10541980CDE5 + C8054CC3CF437025B629C13677D41167 + 21123EE13F889A991C03A2E5ADC0B12B + 9BBC63CB60A23543445919AF49EBC829 + stream[192..255] = F6E1D7DBD22E05430EBFBEA15E751C83 + 76B4743681DE6AC3E257A3C3C1F9EC6A + 63D0A04BF3A07F64E6B167A49CD3FDAA + B89A05E438B1847E0DC6E9108A8D4C71 + stream[256..319] = FC2B2A1A96CF2C73A8901D334462ED56 + D57ABD985E4F2210D7366456D2D1CDF3 + F99DFDB271348D00C7E3F51E6738218D + 9CD0DDEFF12341F295E762C50A50D228 + stream[448..511] = 1F324485CC29D2EAEC7B31AE7664E8D2 + C97517A378A9B8184F50801524867D37 + 6652416A0CA96EE64DDF26138DB5C58A + 3B22EF9037E74A9685162EE3DB174A0E + xor-digest = 697048C59621DBC7D47B6BE93A5060C4 + B2DFBDB1E7E444F1FC292C06C12974D1 + 26EA9C8FD09C63945E4D9107CD0A1AC5 + 7161CA8C7CFEF55CB60E52666C705EC6 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 0000000000000000 + stream[0..63] = 361A977EEB47543EC9400647C0C16978 + 4C852F268B34C5B163BCA81CFC5E746F + 10CDB464A4B1365F3F44364331568DB2 + C4707BF81AA0E0B3AB585B9CE6621E64 + stream[192..255] = E0F8B9826B20AEEC540EABA9D12AB8EB + 636C979B38DE75B87102C9B441876C39 + C2A5FD54E3B7AB28BE342E377A328895 + 6C1A2645B6B76E8B1E21F871699F627E + stream[256..319] = 850464EEED2251D2B5E2FE6AE2C11663 + E63A02E30F59186172D625CFF2A646FA + CB85DC275C7CA2AF1B61B95F22A5554F + BAD63C0DCC4B5B333A29D270B6366AEF + stream[448..511] = 4387292615C564C860AE78460BBEC30D + ECDFBCD60AD2430280E3927353CEBC21 + DF53F7FD16858EF7542946442A26A1C3 + DA4CEFF5C4B781AD6210388B7905D2C7 + xor-digest = 2FADEF81A5C4051CAC55E16C68CC6EEF + CEE2D4966BAE782E3D885CAA2271EFBB + E33F9313FD00632DC73441823713A487 + 94C21E812E30A1DD4B2AE858A27E7C88 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 0000000000000000 + stream[0..63] = 9F25D8BD7FBC7102A61CB590CC69D1C7 + 2B31425F11A685B80EAC771178030AF0 + 52802311ED605FF07E81AD7AAC79B6A8 + 1B24113DB5B4F927E6481E3F2D750AB2 + stream[192..255] = DAEF37444CB2B068124E074BAD188195 + 3D61D5BA3BFBF37B21BC47935D74820E + 9187086CEF67EB86C88DDD62C48B9089 + A9381750DC55EA4736232AE3EDB9BFFE + stream[256..319] = B6C621F00A573B60571990A95A4FEC4A + C2CA889C70D662BB4FF54C8FAAE0B7C4 + 5B8EC5414AE0F080B68E2943ABF76EA2 + ABB83F9F93EF94CB3CFE9A4CEED337CD + stream[448..511] = 6F17EAE9346878BB98C97F6C81DD2E41 + 5FDEB54305FE2DF74AFC65627C376359 + FB2E7841FF75744A715DF952851C1CBC + DD241BADF37B3618E0097B3A084E1B54 + xor-digest = 8D1890B66A56552BE334B3472344F53D + D2782D4ABB4514D0F5B761436C997402 + 02A4B1244A1A7F485EFDB52C0065263F + EE5A7D7DFC2BB754304CE9B2724119EB + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 0000000000000000 + stream[0..63] = 3466360F26B76484D0C4FD63965E5561 + 8BDBFDB2213D8CA5A72F2FE6E0A13548 + D06E87C8A6EEA392FE52D3F5E0F6559D + 331828E96A07D99C6C0A42EFC24BA96D + stream[192..255] = AB7184066D8E0AB537BB24D777088BC4 + 41E00481834B5DD5F6297D6F221532BC + 56F638A8C84D42F322767D3D1E11A3C6 + 5085A8CA239A4FDD1CDF2AC72C1E354F + stream[256..319] = 55F29F112B07544EDA3EBB5892DBB91E + 46F8CBC905D0681D8E7109DF816ABFB8 + AE6A0F9833CDF34A29F25D67A60D3633 + 8A10346FEBE72CCF238D8670C9F2B59C + stream[448..511] = 0657453B7806D9EA777FFFBE05028C76 + DCFF718BC9B6402A3CAEC3BCCB7231E6 + D3DDB00D5A9637E1E714F47221FFCC11 + B1425D9653F7D777292B146556A89787 + xor-digest = C2A8D317E3B1CB884A2C3B07F11FD388 + 33282A9FBD1F6AF5C33CBE1E18D99B64 + 99A241EA83A56605BC6B99259FBAAED4 + BDDA788B08CAAA93D2E00C6B5392ECF0 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 0000000000000000 + stream[0..63] = 40AD59C99464D95702727406E4C82C85 + 7FA48911319A3FCC231DC91C990E19D4 + D9D5972B6A6F21BD12C118365ECAABC8 + 9F9C3B63FFF77D8EA3C55B2322B57D0E + stream[192..255] = DBF23042C787DDF6FFCE32A792E39DF9 + E0332B0A2A2F2A5F96A14F51FAAB7C27 + 14E07C3ADCA32D0DE5F8968870C7F0E8 + 1FE263352C1283965F8C210FC25DE713 + stream[256..319] = 455E3D1F5F44697DA562CC6BF77B9309 + 9C4AFAB9F7F300B44AD9783A9622BD54 + 3EFDB027D8E71236B52BEE57DD2FB3EE + 1F5B9022AB96A59AE7DF50E6933B3209 + stream[448..511] = F11D47D8C57BBF862E0D6238BC0BF6A5 + 2500A62BB037B3A33E87525259B8E547 + 35F664FCEDF11BA2C0F3AEB9C944BCE7 + 7FFD26D604674DF8905A73CB7E230A4F + xor-digest = F021DE2B24C80A48DE6F7F807F1EF2F8 + 13D72A77E7BFC12515F9F5755CEFF64C + B5829CA780627A7920F3963E28005677 + B85A56017A6F5A403DA49F8F8B71581D + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 0000000000000000 + stream[0..63] = D8B1A4CB2A5A8DE1F798254A41F61DD4 + FB1226A1B4C62FD70E87B6ED7D57902A + 69642E7E21A71C6DC6D5430DCE89F16F + CCC9AAD48743974473753A6FF7663FD9 + stream[192..255] = D4BA9BC857F74A28CACC734844849C3E + DCB9FB952023C97E80F5BFA445178CAB + 92B4D9AA8A6D4E79B81993B831C73765 + 10E74E30E7E68AD3188F8817DA8243F2 + stream[256..319] = B7039E6F6C4D5D7F750ED014E6501188 + 17994F0D3C31B071CC16932A412E627D + 2486CCB9E43FCA79039D3E0F63577406 + F5B6420F5587CF9DAC40118AA6F170A8 + stream[448..511] = 1ABA14E7E9E6BA4821774CBC2B63F410 + 381E4D661F82BAB1B182005B6D42900D + C658C6224F959E05095BC8081920C8AD + 11148D4F8BD746B3F0059E15C47B9414 + xor-digest = AD0620EB4E71605CDEA447A02E638F0C + 2A0096EA666010761DB03CFC85629680 + 44D213B15EC69E1E5811EEBE7C96B616 + 6BE36E42B16F9F4BE0CC71B456C1FCA1 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 0000000000000000 + stream[0..63] = 235E55E2759C6781BBB947133EDD4D91 + C9746E7E4B2E5EF833A92BE6086C57C6 + 729655D4C4253EC17ACF359012E80175 + 7E7A6EB0F713DEC40491266604B83311 + stream[192..255] = 247BEAAC4A785EF1A55B469A1AEE8530 + 27B2D37C74B8DA58A8B92F1360968513 + C0296585E6745E727C34FFCE80F5C72F + 850B999721E3BF1B6C3A019DBEE464C1 + stream[256..319] = E7DDB25678BF6EECA2DA2390C9F333EB + 61CD899DD823E7C19474643A4DA31335 + 2556E44A9C0006C8D54B1FD0313D574A + 08B86138394BA1194E140A62A96D7F01 + stream[448..511] = DB417F9C1D9FD49FC96DB5E981F0C3F8 + 484E3BDC559473963D12D982FEA287A3 + 9A36D69DDBBCF1CA2C9FB7F4B2B37F3D + A755838A67C48822F4C1E82E65A07151 + xor-digest = 119D1DDC7C95982B6B035FD4A4D8C5C9 + FD2518FFBC69C3C6A7F600174A391614 + 6287F19BDDDAB385D2C6A39C593935F2 + 88B2F3E8895B9519EC71BA453319CC1F + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 0000000000000000 + stream[0..63] = F27A0A59FA3D1274D934EACCFA0038AF + C3B866D2BFA4A8BA81D698DBCA5B65D5 + 2F3A1AC9855BEEEB3B41C510F7489E35 + AB22CB4444816208C282C461FF16A7BC + stream[192..255] = 522594154A2E4843083ABCA886102DA8 + 14500C5AADAAB0C8FB40381B1D750F9D + A9A1831D8000B30BD1EFA854DC903D63 + D53CD80A10D642E332DFFC9523792150 + stream[256..319] = 5D092D8E8DDA6C878A3CFBC1EC8DD13F + 2A1B073916097AEC4C3E56A229D8E282 + DDB656DAD60DBC7DF44DF124B19920FC + C27FCADB1782F1B73E0A78C161270700 + stream[448..511] = 8F75BF72995AD23E9ADFEA351F26E42B + E2BE8D67FB810ABCBD5FAE552DC10D1E + 281D94D5239A4EA311784D7AC7A764FA + 88C7FD7789E803D11E65DD6AC0F9E563 + xor-digest = 55AC113CC018689601F39AA80FA4FA26 + EE655D40F315C6B694FFAE74A09D382B + 62A4E7C60F75167361871A82561FFAC4 + 53BFED061D6B01672008308C92D241FF + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 0000000000000000 + stream[0..63] = 654037B9120AEB60BD08CC07FFEC5985 + C914DAD04CD1277312B4264582A4D85A + 4CB7B6CC0EB8AD16475AD8AE99888BC3 + FDE6A5B744851C5FC77EAB50CFAD021D + stream[192..255] = E52D332CD0DE31F44CDCAB6C71BD38C9 + 4417870829D3E2CFDAC40137D066EA48 + 2786F146137491B8B9BC05675C4F88A8 + B58686E18D63BE71B6FEFEF8E46D0273 + stream[256..319] = 28959548CE505007768B1AA6867D2C00 + 9F969675D6E6D54496F0CC1DC8DD1AFB + A739E8565323749EAA7B03387922C50B + 982CB8BC7D602B9B19C05CD2B87324F9 + stream[448..511] = D420AEC936801FEE65E7D6542B37C919 + 0E7DB10A5934D3617066BEA8CC80B8EA + AAFC82F2860FA760776418B4FF148DFD + 58F21D322909E7BF0EC19010A168FAF7 + xor-digest = 5BAFB9BEA29B3658A5BBF649E09455B7 + 0FB262AB938B65FE71652A0662FF0FB5 + 14C35AF438A72A6122AC1AA8591477AE + AEB78214C63E41255E87230481D1A793 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 0000000000000000 + stream[0..63] = 0DB7EA55A79C045818C29E99D8A4B664 + 33E4C77DF532D71BA720BD5D82629F12 + 76EF0BF93E636A6F71F91B947DFA7CAA + A1B0512AA531603197B86ABA2B0829D1 + stream[192..255] = A62EAFD63CED0D5CE9763609697E78A7 + 59A797868B94869EC54B44887D907F01 + 542028DEDDF420496DE84B5DA9C6A401 + 2C3D39DF6D46CE90DD45AF10FA0F8AAF + stream[256..319] = 7C2AD3F01023BC8E49C5B36AFE7E67DC + A26CCD504C222BD6AF467D4C6B07B792 + 61E9714FDD1E35C31DA4B44DB8D4FC05 + 69F885F880E63B5ABB6BA0BFEE2CE80C + stream[448..511] = 066D3C8D46F45891430A85852FF53744 + 8EBDD6CE8A799CCF7EAF88425FBD60D3 + 2A1741B39CC3C73371C2C9A36544D3C3 + B0F02D2596ACC61C60A6671F112F185E + xor-digest = 6EE5BF7E194B03A7DDC92FC74A398FF8 + 22471FEF6DD399426F7372E445E1EE36 + 5ED7164CD09120A79CCF03D0A2A309DC + 5932441B64DDC6FDC9E183DA9F825106 + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 0000000000000000 + stream[0..63] = 3FE4BD60364BAB4F323DB8097EC189E2 + A43ACD0F5FFA5D65D8BDB0D79588AA9D + 86669E143FD5915C31F7283F1180FCAB + CDCB64B680F2B63BFBA2AF3FC9836307 + stream[192..255] = F1788B6CA473D314F6310675FC716252 + 8285A538B4C1BE58D45C97349C8A3605 + 7774A4F0E057311EEA0D41DFDF131D47 + 32E2EAACA1AB09233F8124668881E580 + stream[256..319] = FEF434B35F024801A77400B31BD0E735 + 22BEC7D10D8BF8743F991322C660B4FD + 2CEE5A9FDE0D614DE8919487CBD5C6D1 + 3FEB55C254F96094378C72D8316A8936 + stream[448..511] = 338FD71531C8D07732FD7F9145BBC368 + 932E3F3E4C72D2200A4F780AF7B2C3AA + 91C1ED44DBEAA9A2F1B3C64DCE8DCD27 + B307A4104D5C755693D848BEA2C2D23B + xor-digest = 7ABF3C4E6E8CCAC05AA336DF2156E195 + 7DFDAD45995FF6268B9708DAED9C2097 + F8F0F2A0EE5FBF4A7B511ED2E8E56179 + 93E915E9BAABA30D758A9691E9D8578A + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 0000000000000000 + stream[0..63] = 062187DAA84742580D76E1D55EE4DE2E + 3B0C454F383CFDDE567A008E4E8DAA3C + E645D5BEDA64A23F0522D8C15E6DA0AD + 88421577A78F2A4466BD0BFA243DA160 + stream[192..255] = 4CC379C5CF66AA9FB0850E50ED8CC58B + 72E8441361904449DAABF04D3C464DE4 + D56B22210B4336113DAA1A19E1E15339 + F047DA5A55379C0E1FE448A20BC10266 + stream[256..319] = BD2C0F58DBD757240AEB55E06D5526FE + 7088123CE2F7386699C3E2780F5C3F86 + 374B7CB9505299D639B89D7C717BA8A2 + AEED0C529F22F8C5006913D1BE647275 + stream[448..511] = 54D61231409D85E46023ED5EFF8FDC1F + 7A83CACDDB82DD8D1FA7CDEA0E088A61 + D02BCE7FA7EC3B73B66953DA467BE4B9 + 12EBE2A46B56A8BF0D925A919B7B22E3 + xor-digest = 9F569A8133067D1D4651BAE70DB3FE20 + 1649A1DA469C7D7C0B0DF16968285BF4 + ED0F36ED1CF9F213B2EC4BFF83D455FF + C8B19E82DAE61408141F221C255DDFAB + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 0000000000000000 + stream[0..63] = 1A74C21E0C929282548AD36F5D6AD360 + E3A9100933D871388F34DAFB286471AE + D6ACC48B470476DC5C2BB593F59DC17E + F772F56922391BF23A0B2E80D65FA193 + stream[192..255] = B9C8DAC399EF111DE678A9BD8EC24F34 + 0F6F785B19984328B13F78072666955A + B837C4E51AC95C36ECBEFFC07D9B37F2 + EE9981E8CF49FD5BA0EADDE2CA37CC8D + stream[256..319] = 3B0283B5A95280B58CEC0A8D65328A7A + 8F3655A4B39ECBE88C6322E93011E13C + FF0A370844851F4C5605504E8266B301 + DD9B915CA8DCD72E169AEA2033296D7F + stream[448..511] = 4F9CA1676901DDC313D4EE17B815F6B5 + AC11AF03BF02517FB3B10E9302FCBF67 + C284B5C7612BBE7249365BCAC07FD4C2 + C7AE78F3FDA1880B2DAA20E4EC70F93B + xor-digest = 9B9EA936FD4385D3516304BEFC44BC6D + 5B60C97925B52CE269F2843496DEBD33 + 5A07ADA2EC87BA27E306CFFB884935D7 + 74EE317C7307740B884095278D1DB0C2 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 0000000000000000 + stream[0..63] = 0281FB6B767A90231AB6A19EB1E4FB76 + A041063FE23AC835797DFA178CC2D7C2 + 8DFAD591D2EAF26A985332F8DC74537D + F7E0A5F26946BCF7D70B6C3D9DD859D2 + stream[192..255] = 088ED6D7AB26EEC97518EBF387B0644F + D22266E578F141A7218F94AE2EE5885A + 67A9FA304F6880A781EE05C1251A7EAD + 4C3025D833B59739C68D3D7F3A844148 + stream[256..319] = 6B48D13EC0EB1CD0CDAC5D5E09DC7BE4 + AE02BE4283DDC7FA68E802A31508E6EA + 7197E5AC10805FDEB6824AEEF8178BAA + 45D7E419CF9237155D379B38F994EF98 + stream[448..511] = 7E71823935822D048B67103FF56A709A + 25517DCE5CFBB807B496EEF79EFFBCD1 + 0D23BAD02758814F593B2CD4AC062699 + AEC02B25A7E0D1BAE598AFDBE4333FE7 + xor-digest = 0D4802AF0B0F92FFF2F80FE65FE5D1FB + DFEF122231028FE36CC164D1D39185A1 + 869AD43D08C6E1C9F8A9113CE2CEF0A0 + 22629C6FAC1C27E6DDF2A46C52293681 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 0000000000000000 + stream[0..63] = D4ACE9BF4A76822D685E93E7F77F2A79 + 46A76E3BF0910854C960331A41835D40 + 902BC1CF3F8A30D4C8391087EC3A03D8 + 81E4734A5B830EFD55DA84159879D97F + stream[192..255] = 5BD8BB7ED009652150E62CF6A17503BA + E55A9F4ECD45B5E2C60DB74E9AE6C8BF + 44C71000912442E24ED2816243A7794D + 5B1203A246E40BE02F285294399388B1 + stream[256..319] = 55433BDEA349E8849D7DF899193F029A + 9F09405D7AFE842CB2C79F0E55C88913 + B0776825D8D036A69DDDCD6AFCA6588F + 69F0946A86D32C3585F3813B8CCB56AF + stream[448..511] = 0B67F00FA0BB7D1ED5E4B46A68794864 + 5239422656F77EF2AFEA34FFF98DA7A8 + 90970F09137AF0FABD754C296DD3C6F2 + 7539BC3AE78FFA6CDCCC75E944660BB4 + xor-digest = 9D6D8BAB5F6EDB5450EA2D5751741351 + 199ED720B0572410FD698C99F2E0DB92 + C0E62E68AEE0CC6CDB6EA8898BFD29E8 + E106470DE4E5C66F94FE0258A2D24CA3 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 0000000000000000 + stream[0..63] = 92A067C3724F662120C25FAF4B9EC419 + C392D98E5CB8C5EE5842C1D5C704DE87 + 8C8C68C55BA83D63C5DEEC24CFF7230D + 3F6FBF6E49520C20CFE422798C676A47 + stream[192..255] = 133C9A30B917C583D84FB0AAC2C63B5F + 6758AC8C2951196E9460ADBE3417D914 + 90F0A195DC5682F984069506CA75DC1D + 79A7AE1DCDF9E0219D4E6A005BA72EDD + stream[256..319] = 091D38749503B63238B1E3260855B76C + 5CFE9D012265FB7F58EB8CAA76B45645 + 9C54F051274DDAE06BEC6D7EB8B9FF59 + 5302D9D68F2AF1057581D5EE97CCEEDD + stream[448..511] = 3FCCB960792B7136768BBA4C3D69C597 + 88F04602C10848A7BCBED112F860998D + 9E9A788998D1DC760F7ECF40597446D8 + F39CD4D4013F472BB125DE6A43E9799D + xor-digest = 12464226235C1DDDAFA37DF12F3A0444 + 42C0EEE521DBB7B3239C86ADB61AD6A0 + A418D3804252DC3658A3AE82473023A8 + D190E1EDB1DAFA3CF566573511CF8F19 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 0000000000000000 + stream[0..63] = AC3DE1B9F6DF6D6117B671A639BF0761 + 24A0A6D293B107554E9D662A8BFC3F34 + 17C59437C981A0FDF9853EDF5B9C38FE + 74072C8B78FE5EBA6B8B970FE0CE8F1F + stream[192..255] = 23112BD4E7F978D15F8B16F6EDB130D7 + 2F377233C463D710F302B9D7844C8A47 + FB2DFDD60235572859B7AF100149C87F + 6ED6CE2344CDF917D3E94700B05E2EEF + stream[256..319] = E8DDFE8916B97519B6FCC881AEDDB42F + 39EC77F64CAB75210B15FBE104B02FC8 + 02A775C681E79086D0802A49CE6212F1 + 77BF925D10425F7AD199AB06BD4D9802 + stream[448..511] = F9D681342E65348868500712C2CA8481 + D08B7176A751EF880014391A54680992 + 6597B10E85761664558F34DA486D3D44 + 54829C2D337BBA3483E62F2D72A0A521 + xor-digest = 75BEFA10DACA457FFE4753A13543F996 + 4CF17E6941318C931575A0865B1C86C1 + 2EE5E031EFD125A3D56C4B7846C19484 + 507CC551C5CB558533E288BA0D2C14F1 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 0000000000000000 + stream[0..63] = 21BD228837BFB3ACB2DFC2B6556002B6 + A0D63A8A0637533947615E61FE567471 + B26506B3D3B23F3FDB90DFAC6515961D + 0F07FD3D9E25B5F31B07E29657E000BF + stream[192..255] = 2CF15E4DC1192CA86AA3B3F64841D8C5 + CD7067696674B6D6AB36533284DA3ABF + D96DD87830AE8FA723457BE53CB3404B + 7A0DCBB4AF48A40FC946C5DEB7BD3A59 + stream[256..319] = E3B15D2A87F61C2CE8F37DCEB896B5CA + 28D1DA6A3A71704309C0175BB6116911 + 9D5CBE34FC8F052961FF15F2C8F06CD6 + F8E889694E2C69E918DD29C33F125D31 + stream[448..511] = CCD1C951D6339694972E902166A13033 + A1B0C07313DC5927FE9FB3910625332C + 4F0C96A8896E3FC26EFF2AF9484D28B8 + CB36FF4883634B40C2891FA53B6620B1 + xor-digest = 1E6FA2DF675C21D1AA9819BA05D3C96D + 3463D6F0758286BBB41A63F8748B94C8 + B652C60C5D4655E8436F2379CA7088B4 + 9625667F386BC5A2F25FD0BFB0088FAA + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 0000000000000000 + stream[0..63] = 7943AD4AA5F62E08E1AE450E84CFF27D + E3B204A2BCA315B981906D5A13F68AB0 + 34D3396EA8A41001AF49834368805B37 + D5380FB14821E3F7F4B44231784306F3 + stream[192..255] = 415F5381C9A58A29045E77A1E91E6726 + DFCEBC71E4F52B36DBD7432D158F2ADB + 31CF5F52D8456952C09B45A16B289B7A + 32687716B8EDFF0B1E5D0FC16DCCFA88 + stream[256..319] = CE317CB853E2AFA22392D4B8AE345A91 + 0807F8DE3A14A820CDA771C2F2F3629A + 65A1CC7A54DDEC182E29B4DACEA5FBFA + 4FAC8F54338C7B854CD58ABA74A2ACFF + stream[448..511] = 5804F61C5C07EC3C2D37DF746E4C96A1 + AD5E004C2585F3F401CB3AF62CB975F8 + 64375BE3A7117079810418B07DABCCEE + 61B6EC98EA4F28B0D88941CB6BE2B9D2 + xor-digest = 9DBDBD0C3B340F294B1EB42CAD3111F0 + A5CF6A0B6206976022C6A2D6303A235B + 717542C25397879A27480D67AC5A245D + 0C58334CD801764A948060CA6F99E2D6 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 0000000000000000 + stream[0..63] = A4FB9A02500A1F86145956E16D04975E + 2A1F9D2283D8AD55C17A9BD6E0C8B561 + 6658132B8928F908FEC7C6D08DBFBC55 + 73449F28AA0EF2884E3A7637233E45CD + stream[192..255] = 74D169573560C14692BBE2498FDA0ED7 + 866A11EE4F26BB5B2E9E2559F089B35E + C9972634C5A969DD16EB4341782C6C29 + FBBF4D11ECB4133D1F9CA576963973EB + stream[256..319] = D28966E675759B82EDE324ABA1121B82 + EAB964AB3E10F0FE9DF3FCC04AFC8386 + 3A43FD6B7FC0AD592C93B80BE99207CB + A8A55DDEA56DD811AAD3560B9A26DE82 + stream[448..511] = E362A817CCD304126E214D7A0C8E9EB9 + 3B33EB15DE324DDDFB5C870EA22279C7 + 8E28EFF95974C2B935FC9F1BF531D372 + EF7244D2CC620CEBDE5D8096AD7926B3 + xor-digest = 3DD73F824FD1D9CB55B7E37C9C8A55C7 + EBB0866564AEA680BBBD431554D89E81 + FF280B563D5991438CEA5C183C607ADC + 23CC72CDE3A4D2CEB27B81ED8E5C9215 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 0000000000000000 + stream[0..63] = FF879F406EAF43FABC6BE563ADA47C27 + 872647F244C7FAE428E4130F17B47138 + 0E1E1CD06C50309760FDEE0BC91C31D0 + CA797E07B173C6202D2916EEBA9B6D1C + stream[192..255] = 61E724B288AECF393483371C1BE653F3 + 7BBA313D220173A43459F0BCE195E45C + 49B3B5FB1B0539DE43B5B4F2960D8E6E + 5BC81DAF07E9EFBB760881441FA8823B + stream[256..319] = F77AC22945ECD60EBCAF4BA19A59B078 + B3C3BC36D1DDA6B9969B458C2019D68E + FD04D75DDC6041BBCD69747651D2DA7F + BED721081F8147367585CABB1C50CF0C + stream[448..511] = 7475DCD3545B810445AFCA0C0AFA93A9 + 11EA99991A5D639AB32DDF69AA21C45A + 53DCB998FDAE5F9A82EC8501123EAE3D + 99351C43311F8430DB3D230E12DA77D2 + xor-digest = A61CDBCF6F79213D2A789543B0EA3D8A + 22BA4FB8118C1D40AE56EC8238861566 + 20CED8AA76FFE917C1E52060F91EE73B + C75E913D072C50B3D939E04F69493553 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 0000000000000000 + stream[0..63] = 2B4C4185E2FDFAE75DABFF32632FB5D9 + 823359F15E2D17FF74FAC844E5016A4A + 64C2C47498A15029FBEB6E4893381E65 + 6D2A2B9712524827B151C6E67D990388 + stream[192..255] = D870A94C4856EF818C5D93B2187F09C7 + 32E4491103B8A49B14CDC118F1607E2D + 8443740F20220DF076B981D90436E9C3 + 09282C1CEAAE6375002AD1CA9CCF720C + stream[256..319] = 5091AE53E13948DAE57F6B0BE95B8F46 + A1F53553767B98F9799A0F0AC468AEB3 + 40C20E23FA1A8CAE7387CEA127A7A0F3 + 635667BF028DE15179093B706306B99C + stream[448..511] = 02323B1FA2C863D3B4A89CFC143013A6 + EEA8265BBD1B8FE243DEA2F4B19A5726 + 593564E7E7021FD042F58077A5821C2F + 415BC38D6DD2BE29A5400E4B1D65B2A2 + xor-digest = 9B29085D13B4992B077E3A878A5918B5 + 92C98C8A83956EC20EFE673A24C48C91 + 5D8DB1A4A66F62F1A3E7D6ADF6DC8845 + DD7A6D43F9DBF6C1EA21639060469AD6 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 0000000000000000 + stream[0..63] = 9A5509AB6D2AB05C7DBA61B0CC9DD844 + B352A293E7D96B5C0066ACDB548DB857 + 0459E989B83AF10A2C48E9C00E02671F + 436B39C174494787D1ECEB3417C3A533 + stream[192..255] = 8A913EBA25B4D5B485E67F97E83E10E0 + B858780D482A6840C88E7981F59DC51F + 2A86109E9CD526FCFA5DBF30D4AB5753 + 51027E5A1C923A00007260CE7948C53D + stream[256..319] = 0A901AB3EBC2B0E4CBC154821FB7A0E7 + 2682EC9876144C4DC9E05098B6EFCCCB + 90E2F03837553C579CDD0A647D6A6963 + 50000CA57628B1E48E96242226A92ECC + stream[448..511] = 9CDB39B79A464F2CCA3637F04EBAEA35 + 7A229FC6A9BA5B83171A0A8945B6F117 + 56EBC9F4201D0BA09C39F97767213046 + 32AA6A68ADE5B90268AEE335E13B1D39 + xor-digest = 695757EDF4992CE9E1C088D62CAB18A3 + 8F56EE71F1F4866E88D1A02E07CB89B9 + 133F0B02A23BA39622E84E19DACDF323 + 97F29E50151F78524B717093131A10B1 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 0000000000000000 + stream[0..63] = 37EDAFA4F5EDC64EBF5F74E543493A53 + 93353DE345A70467A9EC9F61EEFE0ED4 + 532914B3EA6C2D889DA9E22D45A7DD32 + 1EA5F1F6978A7B2E2A15D705DE700CE4 + stream[192..255] = C415739777C22430DAB2037F6287E516 + B1CE142111456D8919E8CD19C2B2D30D + 8A1B662C26137F20F87C2802A2F3E66D + 8CEB9D3C1B4368195856249A379BD880 + stream[256..319] = 0381733EC9B2073F9E4E995447118411 + 2D99B23FA4A87B4025C6AF955E93E0D5 + 7DD37011E1624175F970BDA7D625224B + AB0F021E6453DBA894A5074C447D24BC + stream[448..511] = F9D45C7E0E7A26F2E7E2C07F68AF1191 + CC699964C01654522924A98D6790A946 + A04CD9586455D5A537CBA4D10B3C2718 + 745C24875156483FE662B11E0634EAEA + xor-digest = E0FE8129B73BCADA14FB385E6D3DB22D + 84C9755D63E93141202576FB5B2D3647 + D47B2F6378BC8567E4416976443FAE76 + 3C2B5FA46F2670C301A5B22802513D2D + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 0000000000000000 + stream[0..63] = B935A7B6D798932D879795A182E7C194 + BECEFF32522C2F3FFF55A5C6D32A91D2 + BA9F144DB280ABA7BA8A7921AFA3BD82 + CA742DDBEAF8AF72299936E9C2FEA59E + stream[192..255] = 6F32248B6EF4CDAE06864B6477893440 + F0E0217421D7081D1F0DA197B5263674 + 0E9BDD59068BEDE48BF52C43446C12CD + 4F10ED22BFDDFA915FA0FB1A73F9139C + stream[256..319] = BF01A4ED868EF9080DF80689E589897C + 021DCA18073F9291E1D158DC26266556 + 728DD130629D3760F541439147F4C1CA + 279FB98040E9FCE50998E42D6259DE1F + stream[448..511] = 0F2B116CD687C91FBA1EDEAD586411E9 + 66D9EA1076863EC3FDFC254DD5C93ED6 + AE1B01982F63A8EB13D839B2510AD02C + DE24210D97A7FA9623CAC00F4C5A1107 + xor-digest = C6970385CA89CDFCACA9E90DA2A2FE99 + 58EF83B9BF04DBE7A3B3437503688831 + 05FF6665D9F91D4DBBBCAF31B555ED3D + D07C3AC824281730BF834693C596AD54 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 0000000000000000 + stream[0..63] = 09D36BFFDDCD3ADC8EB0ABEEB3794CE1 + FFBDED9CFC315D21A53C221B27722FE3 + F10E20D47DDCFD3CCDE9C1BAAF01F551 + 1D3F14F88BF741A7F6578C3BC9024B2B + stream[192..255] = 552502A1B2D0F29806DE512F3314FC8E + 19518E35D9DB1EBC9034EA46E5815AB9 + DF0F403E997E676BF47C0116D5E9B817 + 26B99D65AA4315F1E5906F6E39B1297E + stream[256..319] = 6BF351A501E8D1B4BAF4BFD04726DC4F + 50200463DCC13FF3BE93E6C4D4304CE0 + 9E6A1CEA41BFB93D6DBAD713298F79CF + F6F5BB81F456E33A3396D02F2E33BDC5 + stream[448..511] = 715F8FFB2BC25CD89E46B706EF871207 + EFE736AA3CB961B06E7B439E8E4F76E2 + 944AF7BD49EEC47B4A2FD716D191E858 + 59C74FD0B4A505ACE9F80EEB39403A1F + xor-digest = D51B519D78CDBC8DF5CB1CEA5EBBA6E4 + 6530535D84CBF1696EBF238D3F7AA4A1 + D2F1EF5FF092DB57943E28501C64CFF0 + 4619197ED4A3D82EEEB2B2E9648D7494 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0000000000000000 + stream[0..63] = BE4EF3D2FAC6C4C3D822CE67436A407C + C237981D31A65190B51053D13A19C89F + C90ACB45C8684058733EDD259869C58E + EF760862BEFBBCA0F6E675FD1FA25C27 + stream[65472..65535] = F5666B7BD1F4BC8134E0E45CDB69876D + 1D0ADAE6E3C17BFBFE4BCE02461169C5 + 4B787C6EF602AF92BEBBD66321E0CAF0 + 44E1ADA8CCB9F9FACFC4C1031948352E + stream[65536..65599] = 292EEB202F1E3A353D9DC6188C5DB434 + 14C9EF3F479DF988125EC39B30C014A8 + 09683084FBCDD5271165B1B1BF54DAB4 + 40577D864CD186867876F7FDA5C79653 + stream[131008..131071] = C012E8E03878A6E7D236FEC001A9F895 + B4F58B2AF2F3D237A944D93273F5F3B5 + 45B1220A6A2C732FC85E7632921F2D36 + 6B3290C7B0A73FB61D49BC7616FC02B8 + xor-digest = 196D1A0977F0585B23367497D449E11D + E328ECD944BC133F786348C9591B35B7 + 189CDDD934757ED8F18FBC984DA377A8 + 07147F1A6A9A8759FD2A062FD76D275E + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 0000000000000000 + stream[0..63] = BA1A48247B8C44AAF12F5645D65FF7F4 + E4D7C404EE0CBB691355FAEB82D03B99 + AD0FDFC20A1E593973E5B8F0264F7FB0 + 538292A4C8FE8218A1DA3EB7B71EEA64 + stream[65472..65535] = 03A24E89D69D5E1DA98B0367CF626F33 + D558B1208AB120B6B1778BFF640F56DA + 715FE1B681D8CC0F305D6645B439BA81 + D3C446A428B31BB18E9DA1E2A900B0FD + stream[65536..65599] = 6A28ADD4F926759CEBB0AFC5D5DA5243 + 1F2E7ECBBD1E9DEAF368137E35F1AFBD + 65852214FA06310C3175FCF364810F62 + 7E3703E9AC5458A8B681EB03CEECD872 + stream[131008..131071] = E8D8AB5E245B9A83A77B30F19E3706F0 + 37272E42F9C6CD7E8156C923535EF119 + B633E896E97C404C6D87565EEA08EB7F + F6319FF3E631B6CDD18C53EE92CCEEA0 + xor-digest = 2BD4F834BC7B3C128E291B2BCE7DA0A5 + BA1A17E2785093B7F32B7D605AE63276 + F8256998EC1E0B5A7FD2D66EE9B0B705 + E49435EDF8BACE1BE770738A403B8F14 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 0000000000000000 + stream[0..63] = 8313F4A86F697AAC985182862E4FC623 + 3511C46B6DAEEDB94B63461111CB4768 + 72F1BC3B4E8EE80A4ADE7D1A8CD49C17 + 1D3A550D3F39B7775734225579B8B60A + stream[65472..65535] = 6AFA6F539C0F3B0B9DEB0235E7EB2E14 + B111615D4FBC5BF7FFE75E160DEDA3D9 + 932125469AEC00539ECE8FCF8067CB0F + B542C2064267BEA7D9AD6365314D5C2C + stream[65536..65599] = 296F2B5D22F5C96DA78304F5800E0C87 + C56BC1BACD7A85D35CFECE17427393E1 + 611975CC040D27DF6A5FABC89ADDE328 + AE8E9CB4F64CFA0CB38FE525E39BDFE4 + stream[131008..131071] = 86C8139FD7CED7B5432E16911469C7A5 + 6BDD8567E8A8993BA9FA1394348C2283 + F2DF5F56E207D52A1DA070ABF7B516CF + 2A03C6CD42D6EA2C217EC02DF8DDCA9C + xor-digest = DEEBF1FCF222519E26EC6556EA449080 + 92923B357CB88D1A1C1B03341F5C6A98 + 4C70E9DB735377615C0476D46DA9897B + 48127A0D224241E79FE8CF51B005EF93 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 0000000000000000 + stream[0..63] = 62765613D127804ECD0F82D208D70156 + 3B1685EEF67945DAE2900307CDB14EA6 + 2474A439D8BAE8005493455471E7BCB9 + DB75F0596F3FB47E65B94DC909FDE140 + stream[65472..65535] = 00A0D5B2CE7B95E142D21B57B187C29C + 19B101CD063196D9B32A3075FB5D54A2 + 0D3CE57CBEC6CA684CB0E5306D5E21E5 + 657F35B8FB419A0251EA5CD94113E23B + stream[65536..65599] = AAC2D29404A015047DEFB4F11460958D + A989141026FE9325F15954363FC78898 + D4A20F6870F4D2B124590973F6956096 + 940E2324F7C63384A85BACF53F7755E3 + stream[131008..131071] = 0A543607FE352336ACFEDFE6B74359E0 + B26B19FD45A8938C6C0A6DB68A137749 + 5B65211558D0CB9ECA9DA2C0E50702B6 + 88B2DEC53AAA2FBF11BD149F4F445696 + xor-digest = D124AA942DC1D54D5B9B4BC6804F9990 + 543EAF31FF441F0CD16B961C817EA4A7 + 6AF71F678BBB482052B2BA767B4F9265 + B65C3D839D182D093B560AEB09184C0C + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = B66C1E4446DD9557E578E223B0B76801 + 7B23B267BB0234AE4626BF443F219776 + 436FB19FD0E8866FCD0DE9A9538F4A09 + CA9AC0732E30BCF98E4F13E4B9E201D9 + stream[192..255] = 462920041C5543954D6230C531042B99 + 9A289542FEB3C129C5286E1A4B4CF118 + 7447959785434BEF0D05C6EC8950E469 + BBA6647571DDD049C72D81AC8B75D027 + stream[256..319] = DD84E3F631ADDC4450B9813729BD8E7C + C8909A1E023EE539F12646CFEC03239A + 68F3008F171CDAE514D20BCD584DFD44 + CBF25C05D028E51870729E4087AA025B + stream[448..511] = 5AC8474899B9E28211CC7137BD0DF290 + D3E926EB32D8F9C92D0FB1DE4DBE452D + E3800E554B348E8A3D1B9C59B9C77B09 + 0B8E3A0BDAC520E97650195846198E9D + xor-digest = 104639D9F65C879F7DFF8A82A94C130C + D6C727B3BC8127943ACDF0AB7AD6D28B + F2ADF50D81F50C53D0FDFE15803854C7 + D67F6C9B4752275696E370A467A4C1F8 + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = 1A643637B9A9D868F66237163E2C7D97 + 6CEDC2ED0E18C98916614C6C0D435B44 + 8105B355AE1937A3F718733CE1526231 + 6FA3243A27C9E93D29745C1B4DE6C17B + stream[192..255] = CDDB6BD210D7E92FBFDD18B22A03D66C + C695A93F34FB033DC14605536EEEA06F + FC4F1E4BACFCD6EB9DA65E36C46B26A9 + 3F60EAA9EC43307E2EA5C7A68558C01A + stream[256..319] = 5FC02B90B39F3E90B8AEC15776F2A94F + D8C26B140F798C93E1759957F99C613B + 8B4177A7B877D80A9B9C76C2B84E21A6 + DF803F0DB651E1D0C88FB3743A79938F + stream[448..511] = B4BC18F7279AC64BB6140A586F45AC96 + E549C0CA497F59B875C614DE605A8BFF + 63AB3F1E00DAEAE7A5CC7A7796E9BACC + DD469E9100EABCD6E69301EA59C4B76A + xor-digest = 4EF8F9A7D50D7ABEC1A104565E9E20BF + 35FACFDD5600B0360E3ECBDE626CC693 + 4A52173415C05BA5EE681D649CB60D18 + 6970CF18BC028AF829054903FDEB37BA + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = 94B7B07E184BC24A0904290B2601FC3A + C70BEAD7B1FC3294360ED4EF16813453 + 0B4D1F3F28A3C3B248B2E914A8DCBD53 + 26A240C9BB361A8A93D023725BDCD4E3 + stream[192..255] = 27C7A2C4EAA1E2E8798CA71EA50B7E5A + CD9FC82263D11781EFC16142CFD21A63 + 4DB2B860B54A9979AFA187CE0667D176 + 23FC91EC1E5E6C31A8089628AC76F9F0 + stream[256..319] = C2CD243516E5919D6C5C478469260813 + ABE8E6F54BE8E11D48FEC043CDADA19B + EFE9CB0C22A9BB30B98E4CFCF1A55EF1 + 263B209CE15FEAEF8237CFAF7E5286D6 + stream[448..511] = 84489BD680FB11E5CAA0F5535ABA86DC + FF30AC031CEFED9897F2528035977726 + 70E1E164FA06A28DD9BAF625B576166A + 4C4BF4CADD003D5DF2B0E6D9142DD8B3 + xor-digest = 783AD910F37369EFB54DD9A00D54CDB7 + 2EEAF2693C121B13344025E08DF874AC + 4BBC08B8FA916B423B0F4667A6D1BAEC + 3016B999FF9FAB317161422E4FF925AB + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = 2E6C8BE7DD335292EE9152641B0E4EFB + 43D27434E4BE70EAC4CAFAE5C38B2E5B + 06E70B9966F4EDD9B4C4589E18E61F05 + B78E7849B6496F33E2FCA3FC8360824C + stream[192..255] = 1006D6A04165A951C7EE31EEB0F6C32B + D0B089683C001942886FCEF9E700D15A + DB117652735C546D30177DC14FA68708 + D591C3254C05B84BF0DCBC3105F06A6F + stream[256..319] = 2196ADA05BED2BD097A43E4C5BE6C940 + 4A353689939DCB9C4F82278BDB0EB505 + F70FFD9921B46645EDDFCF47405FD3E6 + 7CAE732B367A0B0F2B57A503161FA5DE + stream[448..511] = 4A3504DAC25F59489C769090D822E89E + 1338AC73F22DB2614B43D640525EF996 + 9D6B7E3900ADCBE056AB818E0FF708E3 + B0A8E63531F252C384DD3DE7318EA866 + xor-digest = 33533F81725EA5444E0642A07A334AE5 + AC3DD16214F6FE196A60A4343AFA5026 + E1602E84D3E672EEDB9FB5BB6F44C023 + 66C28BD8E3CF673BB34F438CF82561E2 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = 1D3FD8BAF2A13BCD2A49B50F8DFB0522 + 8E366B4FD2ECD6973DFF116289D7E0AF + 55EFB875345204B5FCE27A1C6DF79531 + B3175647526BF5C028C454BADEFBECD6 + stream[192..255] = F639D0D23CC5817501517216ADA14241 + D08495F17CDEAFB883CE619A3255EC3F + EAADFA224CF354C425A74D3DDAAA0C86 + E44016238C142B36944EF53A1EC7DF92 + stream[256..319] = 9CAE4D4639696A188E08BC1B01774608 + 5D18418F82DC90742BB6D172414ACC13 + A4721B018B2CC002CB6E6FFE4A4E252C + C4BF5DE975684C8805036F4C76660DC8 + stream[448..511] = CB2A2CB3136F5CC71FD95A4A242B15E5 + 1C8E3BAE52FEC9C1B591B86DFDDC2442 + 353DF500B2B9868A6C609655FC1A3E03 + 347608D12D3923457EEEB34960F4DB31 + xor-digest = D623CA4753D2197E68B87B1ACBD84CC9 + A056EC02F83D7E399CE2C4ACCF7934A5 + A0CAE68FC0EB88098AA39DA88881C7B2 + 4C137195F32DA5CA86631CB84A6BC3B2 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = 2DCAD75F5621A673A471FDE8728FACF6 + D3146C10A0903DE12FBDCE134CC0F11B + 2D2ABBDBADFA19303E264011A1B9EFEC + AB4DFBC37E3D0F090D6B069505525D3A + stream[192..255] = 02C401ACF6D160CC1D80E11CB4F3038A + 4C5B61C995CD94E15D7F95A0A18C49D5 + DA265F6D88D68A39B55DB3505039D13E + AB9DEBD408CE7A79C375FD3FEBEF86C8 + stream[256..319] = 83D92AF769F5BF1FA894613D3DF447EB + D461CFFC0CA3A9843E8441EC91DEBC67 + BE9162EABC5607A6D3FCAD4426EF4F9F + 3B42CEC8C287C194B2211DEA4549D5D5 + stream[448..511] = D3F86930112EAFC7AA430444693BAE77 + 3F014D0798CAF3652A3432460F326DA8 + 8E82BE1E08C220B5FCBCE238B982E37D + 1E60DCBF1747D437D42DB21ADF5EECF2 + xor-digest = 0BF26BADEFCB5BB32C43410920FF5E0F + 2720E8BB1C94DD5D04F0853F298C3ABA + 8FF670AF163C5D24BCAF13AD0A04196A + 2B89E82CF88846C77C77A097E234010F + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = D8E137C510CDBB1C788677F44F3D3F2E + 4C19FCEB51E7C2ECBDB175E933F44625 + C7B0168E446CCCA900B9DB12D53E89E1 + B917A69BDB888935B3B795D743D0D0E6 + stream[192..255] = E168F81B5BFB769F3380690D423E251E + 0F4BEEBE0B02F19AFFADBD94212B8063 + D77A665FD53F8F1A1CC682599C74F415 + 3642EC7DADA034403A90E1E5DA40C896 + stream[256..319] = 574774CFB8452E82777371616E0AC224 + E29939E725B99EA8CFB4A9BF459A70D6 + AB1991E85E06905ACCDA8D1911F82835 + 9C4FD7614A55C1E30171934412D46B3E + stream[448..511] = 21FE9B1F82E865CC305F04FA2C69EA97 + 6D90A41590A3BD242337D87D28E3041D + 3D0F74CA24A74453CB679FDFFEE45AA6 + 3B2DDE513D3F9E28E86346D9A4114CD7 + xor-digest = 3E25D50331D9840FBD4F8B0FD10A9D64 + 6A5E8E0ADE57CCDECF346B2973631740 + 382139165B0E0E78A53E4B6CAABE6517 + BF02B7B2905F9A64A60F412CA78E6929 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = 42DCF10EA1BCBA82C88DDCDF905C9C78 + 42A78AE57117F09CE51517C0C70063CF + 1F6BC955EF8806300972BD5FC715B0ED + 38A111610A81EBA855BB5CD1AEA0D74E + stream[192..255] = 261E70245994E208CDF3E868A19E26D3 + B74DBFCB6416DE95E202228F18E56622 + 521759F43A9A71EB5F8F705932B0448B + 42987CEC39A4DF03E62D2C24501B4BDE + stream[256..319] = 9E433A4BF223AA0126807E8041179CC4 + 760516D3537109F72124E3534A24EA7D + B225C60063190FD57FF8595D60B2A8B4 + AE37384BB4FCD5B65234EE4FB0A1EBEA + stream[448..511] = 3F9803DD763449758F008D77C8940F8A + FB755833ED080A10513D800BA3A83B1C + 028A53AED0A65177C58B116E574745D0 + F28506A9DACD6F8A3D81613E00B12FDB + xor-digest = C0CA35A30730FCE3A6B08FD9707EBD1C + 8154F54266696A99430BCA8B9F94FDD1 + A78CCB43CB67C58EFF3B171A38597F12 + AA6A424088C062B97613691B7D12CDE6 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE + stream[0..63] = 05E1E7BEB697D999656BF37C1B978806 + 735D0B903A6007BD329927EFBE1B0E2A + 8137C1AE291493AA83A821755BEE0B06 + CD14855A67E46703EBF8F3114B584CBA + stream[65472..65535] = 1A70A37B1C9CA11CD3BF988D3EE4612D + 15F1A08D683FCCC6558ECF2089388B8E + 555E7619BF82EE71348F4F8D0D2AE464 + 339D66BFC3A003BF229C0FC0AB6AE1C6 + stream[65536..65599] = 4ED220425F7DDB0C843232FB03A7B1C7 + 616A50076FB056D3580DB13D2C295973 + D289CC335C8BC75DD87F121E85BB9981 + 66C2EF415F3F7A297E9E1BEE767F84E2 + stream[131008..131071] = E121F8377E5146BFAE5AEC9F422F474F + D3E9C685D32744A76D8B307A682FCA1B + 6BF790B5B51073E114732D3786B985FD + 4F45162488FEEB04C8F26E27E0F6B5CD + xor-digest = 620BB4C2ED20F4152F0F86053D3F5595 + 8E1FBA48F5D86B25C8F31559F3158072 + 6E7ED8525D0B9EA5264BF97750713476 + 1EF65FE195274AFBF000938C03BA59A7 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E7 + stream[0..63] = EF5236C33EEEC2E337296AB237F99F56 + A48639744788E128BC05275D4873B9F0 + FAFDA8FAF24F0A61C2903373F3DE3E45 + 9928CD6F2172EA6CDBE7B0FBF45D3DAD + stream[65472..65535] = 29412152F2750DC2F951EC969B4E9587 + DCD2A23DAADCBC20677DDFE89096C883 + E65721FC8F7BFC2D0D1FD6143D8504CB + 7340E06FE324CE3445081D3B7B72F3B3 + stream[65536..65599] = 49BFE800381794D264028A2E32D318E7 + F6FD9B377ED3A12274CE21D40CCEF04D + 55791AF99849989C21D00E7D4E7B9FF4 + D46AABC44AED676B5C69CF32BE386205 + stream[131008..131071] = C3E16260DD666D8D8FBF1529D0E8151A + 931663D75FA0046132E4AD78D8BE7F8D + 7F41AAEFDE58BA80B962B8B68762CDF3 + E4B06E05D73D22CC33F1E1592D5116F4 + xor-digest = 10879B33D24115E4774C71711B563B67 + CCD891E3825EDB58E182EC92648AE51C + DDC29A6A776C0AB3182DDDA1E180D55D + FAB024A3121BE45ECA59FF1A3715434C + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F0 + stream[0..63] = 8B354C8F8384D5591EA0FF23E7960472 + B494D04B2F787FC87B6569CB9021562F + F5B1287A4D89FB316B69971E9B861A10 + 9CF9204572E3DE7EAB4991F4C7975427 + stream[65472..65535] = B8B26382B081B45E135DF7F8C468ACEA + 56EB33EC38F292E3246F5A90233DDDC1 + CD977E0996641C3FA4BB42E7438EE04D + 8C275C57A69EEA872A440FC6EE39DB21 + stream[65536..65599] = C0BA18C9F84D6A2E10D2CCCC041D736A + 943592BB626D2832A9A6CCC1005DDB9E + A1694370FF15BD486B77629BB363C3B1 + 21811BCCFB18537502712A63061157D8 + stream[131008..131071] = 870355A6A03D4BC9038EA0CB2F4B8006 + B42D70914FBFF76A80D2567BE8404B03 + C1124BCE2FD863CE7438A5680D23C5E1 + F8ED3C8A6DB656BFF7B060B8A8966E09 + xor-digest = 888FA87DB4EC690A180EF022AF6615F0 + 677DB73B6A9E0CFACEBBB5B2A8816B2A + D0338A812E03F4DFB26AF9D66160348C + B9EE72B63B2866E8281A2DB793A3A68E + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F9 + stream[0..63] = 71DAEE5142D0728B41B6597933EBF467 + E43279E30978677078941602629CBF68 + B73D6BD2C95F118D2B3E6EC955DABB6D + C61C4143BC9A9B32B99DBE6866166DC0 + stream[65472..65535] = 906258725DDD0323D8E3098CBDAD6B7F + 941682A4745E4A42B3DC6EDEE565E6D9 + C65630610CDB14B5F110425F5A6DBF18 + 70856183FA5B91FC177DFA721C5D6BF0 + stream[65536..65599] = 09033D9EBB07648F92858913E220FC52 + 8A10125919C891CCF8051153229B958B + A9236CADF56A0F328707F7E9D5F76CCB + CAF5E46A7BB9675655A426ED377D660E + stream[131008..131071] = F9876CA5B5136805445520CDA425508A + E0E36DE975DE381F80E77D951D885801 + CEB354E4F45A2ED5F51DD61CE0994227 + 7F493452E0768B2624FACA4D9E0F7BE4 + xor-digest = 0F4039E538DAB20139A4FEDCF07C00C4 + 5D81FD259D0C64A29799A6EE2FF2FA8B + 480A8A3CC7C7027A6CE0A197C4432295 + 5E4D4B00C94BF5B751E61B891F3FD906 + + + +End of test vectors + +Primitive Name: Salsa20 +======================= +Profile: SW & HW +Key size: 256 bits +IV size: 64 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = E3BE8FDD8BECA2E3EA8EF9475B29A6E7 + 003951E1097A5C38D23B7A5FAD9F6844 + B22C97559E2723C7CBBD3FE4FC8D9A07 + 44652A83E72A9C461876AF4D7EF1A117 + stream[192..255] = 57BE81F47B17D9AE7C4FF15429A73E10 + ACF250ED3A90A93C711308A74C6216A9 + ED84CD126DA7F28E8ABF8BB63517E1CA + 98E712F4FB2E1A6AED9FDC73291FAA17 + stream[256..319] = 958211C4BA2EBD5838C635EDB81F513A + 91A294E194F1C039AEEC657DCE40AA7E + 7C0AF57CACEFA40C9F14B71A4B3456A6 + 3E162EC7D8D10B8FFB1810D71001B618 + stream[448..511] = 696AFCFD0CDDCC83C7E77F11A649D79A + CDC3354E9635FF137E929933A0BD6F53 + 77EFA105A3A4266B7C0D089D08F1E855 + CC32B15B93784A36E56A76CC64BC8477 + xor-digest = 50EC2485637DB19C6E795E9C73938280 + 6F6DB320FE3D0444D56707D7B456457F + 3DB3E8D7065AF375A225A70951C8AB74 + 4EC4D595E85225F08E2BC03FE1C42567 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 01F191C3A1F2CC6EBED78095A05E062E + 1228154AF6BAE80A0E1A61DF2AE15FBC + C37286440F66780761413F23B0C2C9E4 + 678C628C5E7FB48C6EC1D82D47117D9F + stream[192..255] = 86D6F824D58012A14A19858CFE137D76 + 8E77597B96A4285D6B65D88A7F1A8778 + 4BF1A3E44FC9D3525DDC784F5D99BA22 + 2712420181CABAB00C4B91AAEDFF521C + stream[256..319] = 287A9DB3C4EEDCC96055251B73ED361B + A727C2F326EF6944F9449FB7A3DDC396 + A88D9D0D853FADE365F82789D57F9B40 + 10F963BC498F176A93FD51723FCD4D55 + stream[448..511] = E0D62E2E3B37FDD906C934FAA35D5E8A + 89A517DD0F24CF33DE8495C5FF24F4B1 + 476B3E826A1C90D74507C3991CEF4067 + E316A04B97AEFFA5E9D1F33CB0609B9E + xor-digest = 44936C5AE8EA99630920CEC7C0FE9E8E + A6C5166366D543D3A6FCCE3EAE9B0DF6 + 28C61B62CABD61B44F5610440C6798E9 + 3B820711202105D120398ECB96C0C102 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = C29BA0DA9EBEBFACDEBBDD1D16E5F598 + 7E1CB12E9083D437EAAAA4BA0CDC909E + 53D052AC387D86ACDA8D956BA9E6F654 + 3065F6912A7DF710B4B57F27809BAFE3 + stream[192..255] = 77DE29C19136852CC5DF78B5903CAC7B + 8C91345350CF97529D90F18055ECB75A + C86A922B2BD3BD1DE3E2FB6DF9153166 + 09BDBAB298B37EA0C5ECD917788E2216 + stream[256..319] = 1985A31AA8484383B885418C78210D0E + 84CBC7070A2ED22DCAAC6A739EAD5881 + 8E5F7755BE3BF0723A27DC69612F18DC + 8BF9709077D22B78A365CE6131744651 + stream[448..511] = 9618FCA736A8ECA00BD1194FC9855085 + 526ECD47A8DE1F8DB298AD49FCE935EA + 63B548597092ABAD6338F41AF87586A7 + 0505F2537902B81F55E53599DABA84CC + xor-digest = C442D7538E8129F048E38EA1A6FFA5F8 + 29F5B54D26A01DB1C0FA1B2E07418FB1 + 872C5D96CDC250746C26BD803903E28D + 7DEC66DED9AB7DE6797C502B3D1B246D + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = FF852567EB72687DC56C122D61B2FB2A + 4FB9E8E8DA62313B618D10F8E0DA521B + 176E879CD78E641043F0FA4A22211566 + 429B7C68EC645FF5E44B2505D61A2D71 + stream[192..255] = E5B040B199C3DFC8DB1F41C74C798AE2 + 62105477AEB1CE761D6FFF1CAB15AA1A + 7B7CE26B9CCE6DC33FD4522BF8F73E70 + B843D67FC06FA2258F9709DB14FBD54C + stream[256..319] = 55706075E5FED81E2205994609868EFC + 383B3E4CC295C4214356BA41FC72BFE5 + 4E6936FE6684EAF93C5973DDCD8E8F23 + 767B82D783953F89AF4E808C90BEEABD + stream[448..511] = 7ECE71883742EE852C94F01AD85EA1A6 + 76CC7CBC6EDFCF1BAE751455A923FAAC + 806BB72E6A982EC7A38F112445E25EB6 + BC5B49C5E6C22DC8748DEE0942F6E8B2 + xor-digest = 0058982850C947A63750238409A95FFF + CA5A559990EF1A60F038ADAAF965DD6B + 3931693C24AF075CC27663683B7B15D1 + 0F7A4B6BD1AD61F35D67A7E632ADBF2D + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = AF6E2EE1D5021675A92F02C764AFD94A + F3097F53532FC965EB861D6D12A3A012 + ABA683A5281238CE76E3AF3944736752 + AD86A5FD16E7DAFAF241ECFB0ADBBDFE + stream[192..255] = 19444E6D7C3D8BEC0957C3E785E1EEFD + 56B857F21CF8D325A4285F8DEF5078FF + 7B7EFB5E3B20F6E0906265B6F7580A04 + 9CEC5DF1872DCCB54081054C0FC15514 + stream[256..319] = 7EB544ADBF57D042E3A6753B13C65843 + 0399764CF90D007E48DAFE3DA1FE3F90 + 8EF4BFA6AF96DCD54197DA0D3A10FA35 + 6A374DA08B9A84044E70EC70ED050D46 + stream[448..511] = 57224DA912C62801DB393D5E3F4EDFF7 + D61BA895F88C7391FE5C943B88CC4642 + 0D11C3F1884B628F03C04A3C10F03FFB + CFC652D066BFD8DBF52DA2A72B9B9AC5 + xor-digest = 9796755E92C0BBCABFF65DCC865EF240 + BF5C2105C98EFFD368155FB2DFD06D3F + 2A4D7CCEE6A73DE51DF37F953BAF6BD7 + EA28AE0B9DA94B7D2E05FC44389B4101 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = D203CC523351942C94E215F6D5CC1425 + C5FFB2EA9A916C0D4F7B343333A58D94 + 1DE20B5F543E3EE63C29D981469ACE48 + 86ED9DEF839D4FBD20CDF9D001F1B89B + stream[192..255] = 9E37D2BE6473F4FA87ED294765816BB0 + 8CCA625418155F6704CB48082A860581 + A9CF69D9145D0DCB2621E1515013DD3E + 18819BEC5C186628ED545BFF7E4AC1C2 + stream[256..319] = B8648B92B5A7B3B991722F0053909A3F + 052E8F7DABE7FE0E34498C1C550DE9D5 + 3CE0818DDBA82F0616B3F79AD72B0BF9 + B5FA2F2B8032B1860FAB0804934FBD00 + stream[448..511] = 0CD554D10A975BEA79AEAC663F5FF984 + 15883EB558925C5ECFA53D77FAB4B884 + FE4D705B1E1B34A938C1C2D8528E1FAB + 4C9A7512F12707B78F2B6BFEE8D76E57 + xor-digest = D570E4908F0A350A7D18A3039A94F070 + 3F5FB6A5630594BEB15E15EC175F8E46 + E3F1A3ABD993DDE832224D3192DB8A1D + 1E71A5009E2A6AB27C6A5989848F59C1 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = C45E28A2C9A80AC07A760580DCD96340 + 26651B25BA2332FDAFC9AA16998317B9 + 751A446302CDE95525C709E79CB55951 + 4E4A54FD73ADAAF0AB3A3F1ADDABBADA + stream[192..255] = 17937670127CBF691AFDAD6D36994F0A + 40B3F369C21691B887CFE20B0F63D125 + 8896C88CAB669ED6FABE464A700DA937 + C43AABB45E60F14E6EBA69FBC9F2FCF3 + stream[256..319] = 2690AB8F4616302C49D79CFE3AE29AA7 + 9C4D1036E0CBB1D24C4682BCA0E1C1A5 + 80904001185286AC3C63BFBF909F4A36 + 525D2A732D7D166A52E087444DE24469 + stream[448..511] = 9E5E91D8BE1E46B0BAD46ED9ACCD440A + 01882556B51C2B7CCC987A6C554201FC + 6CE8DA0B1CD42C011A085EB8FBA0F8F2 + 623B6B9627EAEB91C05CFA3090A28040 + xor-digest = B33D0D25BFA4A067F09A452AC147B2F4 + C46BEC615D17D020CB9F39393433CF8B + 244607E5B7ACC4701A89EAB887D9035F + BC18163F59304929BAA5F25CE05FF43E + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 5F7B6B86B0C197B960D8250B5106CFEB + F6F4DE0D94D3958945FA979534AFE19C + D5305C55A1404C59302F05ACC819D3A3 + B0BDB9D154A45C0DEE52F25012DAA445 + stream[192..255] = 20F99149AA74F631D22BEA8D85EC84A6 + 57C2E8703B45ED36458F0ED47408C3C7 + E6624A184E7CED17C93CBC9960914A61 + E71083308CB7A55D7723C2B9E6A2F087 + stream[256..319] = EBB0F7194EA7AE5D28B916D361B19394 + A163A6EB124D37A372A798135E4F2FDF + 2EF422997F5AA1F9DFA3B1826431AA62 + 99E0AEB44D844E297604D27974EAAD6B + stream[448..511] = 65CA9CAE36B65F58085D561A91CFDBE1 + EA0400CDEB4AA1B987FAC06702590D8B + 39B6228E6F4B81BB91852971DE2D3436 + C8C24FA193BC10BFC5534BF5915A245B + xor-digest = 884DDB758C2D7D1FA5B9DAC42756F87D + 9C1CF9E1EAA1B0B5BB032D2E8763EAEE + 261129C8340F163ABD66EEEEF507EAE5 + BD230703C2A7C16FFCC23D063238F99C + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = B96FCF5A182789AD14E53FB2E981E496 + B47C6B44BE7EF95692F19AE24E193219 + 6E180778AC04A0EB2497497680587FEB + F412BB3A67E9538CA5B2A373E16E60F3 + stream[192..255] = 953544577886B26F2F8D7BD237D7AE8E + 5D425523F6180C9591206E10E166C7E3 + 06537355EFD9C32FF1C8808537BA12D5 + B0E303DBCEC7DB3DA6E3A16DACB1E7FB + stream[256..319] = 9B416AA89BDC5589A1C9046D2D308B8A + CA852008C6503B373250C2639C693D9E + 164FC0E94FCFBB35D67D45DE1A3D838F + 302915E78470EB47654B87540AADF90A + stream[448..511] = 3911737593809A1A9FD14F57950AEFCA + 66E1E45475D39335DC01FFA72E431A85 + 01E146994FAA64BA37AF255F1951B33F + CB28AAC76BB08AA0917B53B9ED64CDAD + xor-digest = DFED948E3423CF3689FFCBFAD85BD98A + 9785A39C7CAFCE10EC7C89686F9B45E0 + F335D8FB649B07CA88D5D264CB47F133 + 32538D762A8A38C5E1EEE97D25DF6442 + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 2B08D82E92AC352247211D5F0791DAC9 + D585ABF67DADFBD7B5AC60EB2EEF4C72 + F6F71CA110DEE4CB2F19FABE4F442B2F + 5F9FB1C94FBD553C21CD5B0CEF139880 + stream[192..255] = AAD0055BF85562F06118CB260CB0BD5F + 374CD798021593F03A67134EA8A73B22 + F00F09BAB770D1287FFF17CCF5F1CF32 + 86833B57F4397B16A9F8351922042810 + stream[256..319] = 724D557F9D7DA4AFCB5DC6D1040DD8BF + A14A0CC61F7206606BC99385D15BFED8 + 9C4D69EFE5711A9E256C908AFF2734D6 + 501C9D1AEB7CCD1029413BF7FA40848C + stream[448..511] = 8960F4D83E21984B3A6D5D1B667944ED + 12814CD390B107A502A4BBA620E3CE9F + 6DAF2D4629C828C59E86F09F1F435B4D + 40A1595C3D5B6E0744FFA546B22EF865 + xor-digest = E63E2A4BFE4910ACEAEF896FC499955A + 04FCFE14F46F9A5273E9B61216A8AED3 + 77A50ECE7429AB7FD8FC3A97C3A1B70E + 27B13A5B5486335B07132260FACD3E81 + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = C9969A75572ABFAA28FBE769A287A676 + 3B534AF50B697C31B7F4CD8F50DDF2F2 + 17B3C5532E95F73AF11B0693D5A33A34 + DAFBB64635A195EC9477FDFD69AE7540 + stream[192..255] = 6B358B53A60B9542F582FDE14B2711F2 + 6CD1B7421B4D872B95E347CDD7D763C8 + 73C2A8730A802AECA326FD63C8C4205C + FC1A6E2F4DF7A6ACF1E22A2BCA5379A9 + stream[256..319] = AF64A04DB6B9CA63429E0D81CE975FD0 + 2A5E3BB8C1A0C3D35636AE22F3733201 + 2DF59549BAC23E992A1E4DD481F91956 + 40C4D6EE0E083702DB18328D42D93BF7 + stream[448..511] = 3F3FD5559C9C0CE3B5B484BD15E75CAB + B252CC44961C1ACA86B1722FCF205408 + EF9841F947224170ECAC6503F7A8FEAE + 7281ED1D9A18C4C00D12C8E40F21876F + xor-digest = E759CFE55228EF54198A82FF8E11D269 + 05EC81CAD0A4736124A5391D34ADB50A + 3956FA5321AFCD7AECA3E9D3E0FAF913 + 502358257426307F76EB55A8184DBA88 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 698BFC90B147715FB9F0CA1DDC94EE10 + 3082316701CDD1DF2EAE752BA485F585 + 9E131D0D9233B16890BD5946CBCF116D + B50E8E2DCAE104162C7B76CB3D11445C + stream[192..255] = 07D49AB7BA8451A2A68DF473C6D1E91D + 407038568FADA2DB948ABFBBE408401F + DF5960241325F2981DC17EAF1C333CDC + 91E27EC064734234656AED7A944AD78A + stream[256..319] = C152FCF951DAECBD48EC1D0122A4EA00 + 9FB8FD03E35E283109DAA4E033783990 + DADE92932BC6410CE1B6ADE414AAF782 + 8DA024FB2C3F4135DF6C42A347BD3E25 + stream[448..511] = BD0CD02750FE445A0C03D2EA30D73684 + 07DF4B13CBE8E3CE2DE2780F9A90983B + 9EB919DEF1EC22EBEE10F584B6FE8F99 + 1374666D378C7C20CB5AD1771FA7C799 + xor-digest = 7D24B8DDED30B6B17567C7AE46FE517B + C5700ED002A54CE30DB17A2ABC9F37F7 + 1F6395D4E2C7467AB73483B89AEDC212 + B9FEEA18E4C08DBDFD8A39DA31FB7EC5 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 07AE6801D7A94836ED52CCD69D9E97F6 + 34B136A234B978BAE4302F475B0A6B0E + A7905CEE090F648962BB969CB4D65228 + 03E1ACD1DCBEFC2E7482C0D426E4BD95 + stream[192..255] = 145DF9D539C59467F55E67D959FC8C8B + 2CB0397F64D6F122C3F2F1A19E0D67B6 + 9696EADDC6DDA6E80D5A0C0AC1F555A9 + 21C054E0E75EBB246C8E20A854A38E93 + stream[256..319] = 2BF710E9709B5178E5E50B421BAAF59E + B1F267F41C60E9E91695D658BAD32497 + B56868B8738BAA6A15BDE89D69900ED2 + 742F26285504C3D4748F77EECC0D4A67 + stream[448..511] = E93A249CE755F099C81FA40B5DA6256E + E185FA1EFC475EB404BB68C13A921FA5 + 78785537DD65964B9BF77F68DBAE4926 + 9F5061B19AF08B82C372AC69EB64D762 + xor-digest = FA4EC052E9C9712474F1BCDB5C09A6D8 + 9A9F1843381F098CF3F9ADFDE0115133 + FE977491C6365F5C5BB78BFF42B20EC2 + 60193927289B597BE42EA7A0FFF6C3A2 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = A374C1F86586B0D5A121E1F734EE70CC + 7072284B322BF61F88336EBE84B53219 + F4D1FEE2C5EECC4A421BA8AEA9D108E7 + 21A7A82DD979F2559BB0E45CC88C8780 + stream[192..255] = B0CA15C769D66B26CA4A6D4772AE3521 + AEA4696890998954F33ACA8638FA50E2 + 9981C2F84596D9371644D18E3EB267E8 + FCCC98D95A2FB38639D32468A3013B5F + stream[256..319] = 1CC3AE9293EE9CA19C12D9ABD7000F99 + 047B86A868E82A839DD95418EECB23CB + 4B4A08E3EF69CC639DBADF3F5F33FAD5 + 0762C2603DFC48882EE8D2346FDB426B + stream[448..511] = 0D6EC570BB04230AC35B49A1271336CA + 721E0395F63D306554158154CA12FB62 + E8D45CF5E21A311554DE9DF5D90CA99E + 9B7FAFEFAD3597B50A17FEEDD9966884 + xor-digest = 4C47AD8677A22F3587C4C25DD7A4A8CF + E144E34FA7567088BD9DC4001911A531 + 83860E9CDCAB006CF50AC00B95C95725 + BAE29E53648CD27B4183A213E5855E8A + +Set 1, vector#126: + key = 00000000000000000000000000000002 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 19F23D5CB3C7303D56AFF18413835EF3 + DF7405C30BE5F19C72FE8746BA04610D + D5D261FB3A0E8C11D2478F4A4D6CF820 + 9730187BB1386C03229F4EB02C5B4422 + stream[192..255] = 7B814D9DB8DC9C8397C23550DE194BE2 + 74694399A8B2BEF6B8095704C2A29E00 + DEED66C8191F67BA9C048CA41DA4DB05 + FDEAECBBD0727AD9664563991A22EA46 + stream[256..319] = 7B4DC904BA9FC0CBB054FB57DAE11C58 + C9505A98E319B43FBB9C30DA2CA7E6B8 + 7A42F1E40774A6657EB3EB2C33B5D365 + BB92A8CA0CCD5B71C17F7022DD840E14 + stream[448..511] = 5B2DB8E73DB53C289E8479F524953BAF + D881E8A366899440175CB2B93F8EBF25 + 3911652B3C7EA35B41B409B4BBD0BD93 + 95AE5A2AE2368B7A43A0F9844239E3C2 + xor-digest = F80AD4DE8D937A57E230BFD00A4AB8C0 + 65DA8978DD9C51E6F998E393C0B888BA + C772F76BE8AD5D501425465AC5C05D82 + 63925189E928BCA52AC7F4A738D46102 + +Set 1, vector#135: + key = 00000000000000000000000000000000 + 01000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = B18CFBA23F81884FBFEA037648B1715C + EFAEF1D8CD5C98957353E82B838FE332 + 672B3D7C2905979698F6F6D98EAAE8F9 + 8DA16EF393CB150228FE6438440C5759 + stream[192..255] = BF285CEEEE6D66ED9A401AF86B4F1B0E + 69B5ABF625D0C35220F9E6198FF5C225 + A728EEBF67EDC8690ADFB6A2E43ED7BD + 2956A4915A8FF4BC584C803C87B03956 + stream[256..319] = 0FBE7818D981B60177DD1C7ED21FC23F + F088EEB3A36A3DB18E37BAA312642BE6 + 481F6FBD4C6A3DCF6990D3F5E0F02813 + F66F42B4384F3821E9F2A5CC7AC37029 + stream[448..511] = A72F53B68BF3E6972515790869B97667 + E353E1CC089AFA194B8ACFCC4C033567 + 4B2E9E0290501D24D87B80AF12C636B9 + 3902F09252F77812802151798FDB831D + xor-digest = 8811ABBCDCD51C0E367CF0E2A78935BE + 1FC6E462D026D995CC1B754E2DE7CB83 + BC06112D2AC813006F2A32F8789AA939 + 4DDF3A43DF247BFE94F456054AA057A9 + +Set 1, vector#144: + key = 00000000000000000000000000000000 + 00008000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 0EEF3E17B6B9388FB55C2C0AEF9716CB + 106786EEB0E606E124C41AB552EF3389 + 7902AA2AE93D9E4628E785B356C53AC9 + 70BDEE2A7DDBAB427371903EF3EC9FA5 + stream[192..255] = BA437BE85A1152B673AB7F39345534C2 + 6B53227FC8E99B6EEBCBBDC00B436DBD + E6AEF836EC78AC581F251D0C61F56404 + D275B1DF39294B26CF24F4AC0792D176 + stream[256..319] = 381C3C583CFB20763CDBE072668FD1A2 + 557A35901CDC8595393181AF1610300E + D751154C050D8CE0354EFD30D05251A9 + 7F215A48F8924B4A68FD475C793A0543 + stream[448..511] = 15E30D96D2A42C99DB1030B5280A6313 + 2AA665B57DEB3AC6AAC8DDC1450C899B + D0DAE783A224134232687459917CC525 + 6D76929A153950DBFF7D12CA21EE77C9 + xor-digest = 360A5D8ADE0ED311ADAFEDE072335406 + 51A262FA795DF4B5FD3FB0041702B961 + 49DD5DE99DE88D28EC9E87264AD9C5C1 + 6CC9C1A21E01678E6800B3140F6E34E8 + +Set 1, vector#153: + key = 00000000000000000000000000000000 + 00000040000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = AE5572D5E61A992162AEEE513815339C + 93A994DB12576D087EA4A9A98EA5946C + F58794B43515A4B55C5E9B28A882DADE + 7D3BFE82B32EC3B604D2C1E1B37B1B99 + stream[192..255] = 247616FFD99152BBFA71D2225AB667DD + 1999ED6E2AC64F60F43B3DD1EA5E574A + 47C52B82E3FBA3443996EB1E842D11EF + 78572638CA556157674B0A38ADF26F8C + stream[256..319] = 1BE7BBE4FA4078886183F1DC9E296911 + 96106D005F5D653AAE744B2506401723 + 30F38DA7C5CA81F38A879D79FAED5B23 + 37045434875074B65D7E126DAF8B728F + stream[448..511] = 89048CF63BC3AC13B4637487735B9976 + 2707C4161EBD6788289F2BAE38D3B68D + 14C9A49E26573E3604D8D9907D151C75 + 6728F3D9A2A6BC118E62390BC0DBACA9 + xor-digest = 9FBC8803149CCF3117F715A0343789DE + B0D5B7B16E34689DF65B83B5111AF91C + 590865CE8A73D8DD5A6D040832CA4604 + 488D0592F87F90D74545439F9A6DE8E5 + +Set 1, vector#162: + key = 00000000000000000000000000000000 + 00000000200000000000000000000000 + IV = 0000000000000000 + stream[0..63] = BA66E5BA75AD8C4030AE54B554E07A97 + 29685FDF033CCC35A153334E9FC93A90 + 3C79F281907BADF6F37123819ACA25E1 + F03BA0AC69D9B2D5E447F59F31A7A402 + stream[192..255] = 6B0FC33710282B08A33917D23186B1CE + 0964104B5B8FC229CFD79BAEFF04FF97 + 07AD12904B3673B15B72428BB3FDC0FD + DECFF9AF8606456774B1B3B53AE74C5F + stream[256..319] = FFD0D5ECE17F9C1890199A4F201333F3 + D55A0AE07B1DBC50A704FE66493B71AC + F802534FCD7BAF86B140CF87C582BC02 + 59EFE52CB2D1A64524F948A86F756E21 + stream[448..511] = 81EF72B6DD7F8043A078486BF0DFA634 + 7CF53FF6432432B45CC740533243D6E8 + E936A5E6C1CB688388D6D97BFE48C430 + 0325A4B5DE69825E6CB5409FE9518708 + xor-digest = 6F8913AC7CC348D3F4A795850332BA5B + 9E6C87113F126686D5E10F728D8585AD + 3872C4FD4CDB446C23FD56E288E1FEEF + 3D65E9C600B7BAD4D476CCF40830B410 + +Set 1, vector#171: + key = 00000000000000000000000000000000 + 00000000001000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 59DBEE08FB86EBCBEBFFBF087F9DD881 + 2AFFFD75414B5162B5E7AE540BFA8777 + 5BEC4982E1F4B6985DC8B2B25F061947 + 61BD6BC5EFD66B2A1EB12833733E5490 + stream[192..255] = C54CDD55BBBC09038A772D1FEE876EF1 + 88110319FD6D7B306E9F5ACBF3C47824 + 9E4CD2C8C11900DBAA39F8F7D57724E3 + 70606016AFC49DEF5248964A416E0DC8 + stream[256..319] = EE1C6E2F9DA5404012821C3DBE703D47 + 1FF717042C20DDB4743246448F431DE1 + 53BADF69A059D161189D20B8F22F1F7C + C491B5B2F5CDFE7A779A0F9DB0C60586 + stream[448..511] = 85E92E3EA90E7EB79A9D3894D0B21153 + DA80FCC6DA7631A1C38EB38C78A1BEF2 + 321265349CB5FCFA22E5FD02648BB37E + 74D3152011F7640A0FD42DCC9457B2AC + xor-digest = AF4B9782FA0332C8A6344DECDAE4FC2A + B63769CA35799A664FCC0A91A6F3C0E0 + 689281D6D2BB4A856286BADB4986DD56 + 4B7BDEB2867F5A2E20FE0B4311C77924 + +Set 1, vector#180: + key = 00000000000000000000000000000000 + 00000000000008000000000000000000 + IV = 0000000000000000 + stream[0..63] = FD1D039AE6D953654A63334A92CEC647 + A671CAB6374DB63B89DA1A12B99C231D + C7B9418D44210CB0C88F114EAA54AE4A + 096FEFCCBF51062E8EFD169715677F28 + stream[192..255] = 119152E46B97338C5E50A28DB78757E6 + B21C9C03AA9D96B5FDAC9D352AADF2F9 + FA0FCA07649582E7288297E9CC765846 + 2D929ACED1F14E3AEE634CD2086D1762 + stream[256..319] = F9C91CA01A70253BC6D88A8DFA00537C + E635634769E8867B279C1A052A921F14 + 8810FC8854BDF58F99E36FEDBC6E6E6F + 78BC8F82DCD18D408B3B4F8BFEF12F12 + stream[448..511] = C22A3D49E727785EA32E83E79E349D62 + C2647AC6D531BA2D466CCD7CF29D04D1 + 015D41A79C9BE4B0AE1844DBDBCD7FE6 + 765EB95A0D5E121F48840937AB399C6E + xor-digest = 422309F77B0CBD9E17E58372079547B2 + A42EC06690AE889CB3095B8489734124 + 2D7951F73579E2F66B26503723CABA8F + 5EAF869887D090BCF20344757A8105D0 + +Set 1, vector#189: + key = 00000000000000000000000000000000 + 00000000000000040000000000000000 + IV = 0000000000000000 + stream[0..63] = 72491EC81A704E3694C83FCCC47CF5E8 + 7B66F7B7979F78D8150A606ACDCB4492 + F64A9D7D9DAD5042F8738DB462F4728C + 2475F5FDEE985CD3601FA31F576712C3 + stream[192..255] = 17566EFAC19AFD1ADDEC66F42695006C + EDFBA525E8F41DB02BE50D2AC4CB497E + A10C6DA38ACF39BB608F40AD854F69C4 + 4A0FC6696F6FA8361CF26D5411B1C7C9 + stream[256..319] = E3CE396F970BC54C9E46B6129B48616D + F7FBD0293B1EFEB772D99CA90BCE12A4 + AF729DA0B94223A3D2F0B9605DC04BF9 + AE82E065C1B963039802BE6354D3EB2C + stream[448..511] = C0B2081FF9B7F2DDD59EE6808F6181F0 + 4CD19D4B0D3F032D5FC0EA2B81D49276 + BD6E540648576CEAE720411523889D3C + F14BF05DA43D8D6155B7D98B021F269E + xor-digest = 85395D5EA1C9428817FCEA56DA0978E4 + C4B244D9556FE87F19806664A8D9BC42 + C0A69A717F1AAD4E09200120A517B73A + 2F3FE01BE24B201508D801E416AD6AA6 + +Set 1, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000200000000000000 + IV = 0000000000000000 + stream[0..63] = E3D058FC000427B4F0802300E5D7FE9F + 8E3F68E9E8339E9F4C5DE62252E14857 + 71371DE4D2E1C97DC4172AA378924AB4 + 2CADF887136B88D6FEB6514538EBA847 + stream[192..255] = 80CE800DC11805A7522E3B423699D68B + 51BCCE201ECA4F8E465C5A58A558A71F + 019A22593CBC148A76647A527E635A23 + 4096EB22F081F39B5A9DC7649277726B + stream[256..319] = 30A91E7D2CDB7D1B080750B433A14F7B + 6EE602EB53D67AC65B7E4219B533AA6C + CBC1FCAC070270D595CF9E90FD3C2D02 + A707F7C1F97059DB3644F50D236933B0 + stream[448..511] = 79FA6D08B8DF687EFE868E67643CB5A9 + FC5FECEEC258E67D831D20AD3C8CBECB + 51F1712A0BAE64202FBF66A1FAE767C1 + 68A9B0C4BE89FCF2F6D2DBC5CA96A4BB + xor-digest = B76429935B5D578116D0A303D8A435C8 + 93BE1D132E2025922F192D5985E198BC + 5F07F6F16A8FAD5CCFB4487826366AA9 + B60FCED5994A8740B0DDFE3F9AD2A408 + +Set 1, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000001000000000000 + IV = 0000000000000000 + stream[0..63] = FF0D93064CDBD91A8D6BD0B9267A4F93 + DF7D3C76BAA5D0D14798812203C55A34 + 3BD50E6931394DAB88F514F44E2A1FB5 + 8EF3A915F3B60DAB35E36174AD92B3B1 + stream[192..255] = 074A711F8BB92EA6953D21F9FD7AAEA9 + 1C12D18A2B18E8D325DB04029B5E8EBA + 43C408D3D4EBE049440CFB716BC3ECA9 + 1929E009ED7EA0EA7273E32C13F44346 + stream[256..319] = 6BD5DE42827A81941C72012219EED591 + BE1AFE19DF91C8B7284DF2AF4050D7EB + 674DBE78680EF4F8963D59ACB05B43D6 + A52B7CEBEBDED9D3268D0500699A036F + stream[448..511] = 9748C1BA603FE3DD4435A25F2ABF18B4 + 9F25ECEBC3514785406425E03ACD369A + EC91463FDD5F3611F06870D513B10DB7 + 730F3328C22312DE7329DF8CB43DA5C2 + xor-digest = BF19031B4F8884F9A290E543C517998E + C8442A227DE1D46F5F441D5D586A215D + B4A24A2965F5FD3C70ABF296C55C4333 + E3C9B2FF671080BBA28C24FDBD2C8370 + +Set 1, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000008000000000 + IV = 0000000000000000 + stream[0..63] = DCC597DC08E1AD1451E69D857AF803BB + DBF7CD6D510D5C59C9D6C66EB153CC79 + F9A6228ADEE570983E959788628F174E + 5833B5CFA350C0C2D8A18F7FE46BB4E1 + stream[192..255] = 8CCB839CB382DB591B5C80F6DD7EAE7E + AECB3C8BF29C9C6074058A5EA04E2E58 + 675B4537B8FD061BA7E4195AD2A3EC29 + FD260FD19F0AAB3DCB7BD483ED8FB860 + stream[256..319] = 73E92E3449C863E55E9A41B0DB35805F + 344FB07E4C3CEFF25B261819140C849B + E90639644C542880946582842CE5B1D9 + FA2DF07B5589C8C68BED84E15DED4AF2 + stream[448..511] = 693C7F397D23C831431264E9BF4EE963 + B8A43C6ED939B324FCB8AF1032BAC678 + C71F1DE8BA3A8090948872FA9C747AB7 + 67F7D162FD8B6F484B81AA54151612A6 + xor-digest = E6732941C20C6DFF6276F6A21A461777 + 638799041F1A360D7C8C88B1A8E9CA8D + 989360840F8E16C72890220E51A7913B + 6B5B74A70D75B7D9F26BF7FB5C8C7C78 + +Set 1, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000040000000 + IV = 0000000000000000 + stream[0..63] = C94A72C1B17F8B9F26420BF06B3A5445 + 20C658D5F77ED7D62CC65AF824BD5678 + 98EE4928AF0E2BEDEA64D5A7C22749C3 + C16369D274EFD2A6DF2CFCCB130A1144 + stream[192..255] = 2130A7225D4C78BBBB8C5122C18851A9 + 32A78E360E62E56058027C624DA49EEC + 34DCE5ED9F66D78B44334CE0E3317AFF + 5BC78261FA4C96A642E846CDCEA4C242 + stream[256..319] = 575EAB318220A54E5B2B0A8EC7F54429 + 0719FE422C646E1114D807201416F37E + B5CECDB278AFC7CDE84E6DB5CA164840 + 2BF9654D1C4E96A3E7BF5C19C84CDA71 + stream[448..511] = EAFC6C17BF190180FFD817644D7933C2 + F86989ADF705A72B04CDF8227A164596 + 7BADE4A0E706039BD84702395B9A44DC + 7368E198B01335577A28028FE2F6056D + xor-digest = B26E45B88EB4359878EC471C5A5814D5 + 10F435CE44D1A77A50468BE21F48F7B3 + 7D5B2DDA0389405CEEA8998A9C3480CE + 9F30A02408B065F28543BFCBBB159AC3 + +Set 1, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000200000 + IV = 0000000000000000 + stream[0..63] = 832A824C044E27605AD9A3201EF106C1 + A19B6FC6EA5B328DC1D1FC59086C498D + 47E7568CFA9616D7D5E63D9C087CC426 + B4276752E0FF14D7F1E258F9A28A54BA + stream[192..255] = CFC021E1EDACD733768D3412C0DA7177 + 7AF74D147D075BD5497BAD89B84D0A66 + F7F4D0E46B77510AE3FB57C0DB9F9922 + 111337BDFF89A9169DB16B38F305BEC8 + stream[256..319] = CE311109342E1A41ADA17363B0AB030D + 1BE9C62F15C2A5D8FEE2BC9819F2E064 + 6880D350E547824BDDFD5BE89C43F23D + FFA366BE34629F6EE929E2701EFA6829 + stream[448..511] = DCE864E5E336A7B51A7FFE9E4C8C1FBE + F5F4755A0877EE91D61D1F20F29485FA + A879323F2566590917417C4AC0076CB9 + 81EE78C58741506F725BC58743957CAC + xor-digest = 335D243CF73622A761D728CA87A083E8 + F7EA67FEFE422833C9B963A9433DF43B + 02606FC5D67FFAB71724AD78339F51DF + B7CFD78C0F5472EF7727AA5C967969EB + +Set 1, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000001000 + IV = 0000000000000000 + stream[0..63] = 28DD9E566F018FDA0251E1E648057E85 + 211831E215AE21525E04C932736245C2 + 288AD4A197E4ECA04003B85C3B80D02A + 9B82C28E7662A34467946A34257D8D0B + stream[192..255] = DDC4A6A1AAF92AB32D2958DE67BBA593 + 338D7EE4E3A412C2374A5D63E6CD7F56 + 51F518251CEEFE1E63636DB2F432F407 + 88D4C0163738446515A62637695D782E + stream[256..319] = 107AAEEDD6C459411921177468E3D013 + 50C40AEB41EE50AE196754BBCE5559B9 + 7276957DC73141981DC087209378F87F + 89C8423ACE0EAE8C5EFEEDEBCBB20618 + stream[448..511] = A3FE61185B31AA80EA384B36CEC7F41F + 19F2E55614BE22852E796963326B9F49 + 72E8A316D4A6653CCE3FE06014C0F5BB + 6E4E64B439109608FEC6A44C15384C13 + xor-digest = 3597FEEBE687F754D35F2BC480810C34 + 1A1D557F867C07B83CB8A8890CD090F0 + 0E6C6CA3CA9B804AD70B40747DCFF18C + 7F830FA6630EFBAEAB4B022C22B892A6 + +Set 1, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000008 + IV = 0000000000000000 + stream[0..63] = E48C2F264BF9E8374B78FB652BAFF1E3 + 3ECB4B1C635D76A64ECFC4BDE00EE5C8 + 77E1094D6480CA382815CCCD5CC36770 + 46E801C29A860EB032420DCAEEBC36F4 + stream[192..255] = D2EEE83D63F96B0B7E6D8E0C72B6581D + 50AF4081017CD62A73789C8C2DC5483F + CB4067C71FDBFD6EA8882FFBAC63BC9C + 5E4F438A2ECBC71627646539A5BFE1DD + stream[256..319] = BDDA0B90B24A4FF5D535E12D075DCE84 + 6D6741F809D105DC03552A3F13AC88B2 + F98411A1C19CB32FA3F595CDD8F87608 + 3C057E42BDD903A055F13182CA080F4D + stream[448..511] = 44E931EF73A9AFA565EB9A8E6AB1AA3B + 9F14FC198B41909CB31B532F9EB776FA + B51FFD895E7F266D1D275463282BD7F6 + 62FBBBB5629890A4C68B6F6CF8200623 + xor-digest = 151F615109FC211C0A7AA4DD2CEBB984 + CFE9ED0486E8C552233AED574E9983F9 + A9DD738D23F2D307DC313C634A42A805 + 18B616A250C0725694750A29413DA8F1 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000000 + stream[0..63] = 9A97F65B9B4C721B960A672145FCA8D4 + E32E67F9111EA979CE9C4826806AEEE6 + 3DE9C0DA2BD7F91EBCB2639BF989C625 + 1B29BF38D39A9BDCE7C55F4B2AC12A39 + stream[192..255] = 2F3C3E10649160B44321B7F830D7D222 + 699FAE0E834C76C3997985B5404808AB + 7E6E99AA1FEC2730749213E7F37A291A + A6B5AFD2E524C2D608F34D4959930436 + stream[256..319] = 8598D1FA94516B474B69DA83E3C1312C + 49A05B8283B880B31872CD1EA7D8F1B2 + D60A86CBA8184F949EA7AE8502A582DB + 392E85C4D70D3D17B2E57D817A98ED6E + stream[448..511] = F86C7489712FB77896706FC892D9A1C8 + 4BB53D081F6EB4AE1C68B1190CBB0B41 + 484E9E2B6FEA0A31BF124415921E5CF3 + 7C26493A5BC08F7620A8C80503C4C76F + xor-digest = 7C3A1499A63B507B0BC75824ABEEAA26 + 109101C5B915F0F554DD9950045D02FA + FF815CA8B2C7CFF3625765697B80B026 + 7EA87E25412564BD71DD05843A60465E + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + 09090909090909090909090909090909 + IV = 0000000000000000 + stream[0..63] = 7041E747CEB22ED7812985465F503331 + 24F971DA1C5D6EFE5CA201B886F31046 + E757E5C3EC914F60ED1F6BCE2819B681 + 0953F12B8BA1199BF82D746A8B8A88F1 + stream[192..255] = 4EE90AFB713AE7E01295C74381180A38 + 16D7020D5A396C0D97AAA783EAABB6EC + 44D5111157F2212D1B1B8FCA7893E8B5 + 20CD482418C272AB119B569A2B9598EB + stream[256..319] = 355624D12E79ADAB81153B58CD22EAF1 + B2A32395DEDC4A1C66F4D274070B9800 + EA95766F0245A8295F8AADB36DDBBDFA + 936417C8DBC6235D19494036964D3E70 + stream[448..511] = 5CF38C1232023E6A6EF66C315BCB2A43 + 28642FAABB7CA1E889E039E7C444B34B + B3443F596AC730F3DF3DFCDB343C307C + 80F76E43E8898C5E8F43DC3BB280ADD0 + xor-digest = 8FE7F0A88BD73434364D9D9FFC95F837 + 2C8F2B8808A7996239C9FA7E81F61D46 + AD3C4CD426F149B186A298C554CCE61E + 661678F992DB556AFBDC541C814D3C21 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + 12121212121212121212121212121212 + IV = 0000000000000000 + stream[0..63] = 7BCD4C5528F4BEAE0FC9F164CEBEC73E + D89CE32DA46EB68CA3CEDAA7C7A580FB + 1C50D291F31C38DB2811864F6654098E + 141A2213828593A98B7D0020BF0D6D93 + stream[192..255] = 87DCAB67C8D5A90D17AF198D3A22D432 + BC82C06872F0E61B3A3D1A1FC14527D1 + E8C3C9CA50E5BF529621C2860ED304F2 + 7E6E427A9BC64D0FC6E2E16BD40C434C + stream[256..319] = 121F38D31A0ED8A6D72F4C6A4678A7B0 + D3054A6268D02C9C6766069427722606 + 36CD6D79F81C64412A93F10DB68D1B86 + 962DFC41434B1C65AF4770F7D185514A + stream[448..511] = BEDDFB9B60B204E0332726D7D7E90640 + FF29318A164A9551D9FA477D7E437273 + A0E08EC35046CAE10BDAEB959F44E9C2 + A09FFFBAA7A89B7B9F1AF34948FFFE9D + xor-digest = 3F8C09148423C1FBE286530726434747 + F6362345A359A66A6066EAD149C4B1C3 + B33E35608825D5618D924A7D5CDE0CB8 + F2A0626D34F894C293FCAA83D162A460 + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 0000000000000000 + stream[0..63] = 944B67EAB62DF3756085CEE577D0C1DA + 4DD7CD17B85F9B9C51004107C8AA6935 + 7E413AEA37BB512BD8246F2D03E2748D + 3BB24B60C1FBE4D1A55237FFE3D4D604 + stream[192..255] = A9574AD5FC6A0D4A57FBE98AB5122A54 + E2C355524AAC38580C659AE4E906F14C + 3FB5A096586FA808F5F266182D26C784 + 72B116652EE1874CB5CF007DF2E2BB5A + stream[256..319] = EE5A306A60C83E209ACC5F3D60E17D90 + FDDC0D790BBB7B1EEB635924A4C7AEBF + 3ADE18F1F2F03C1E74093847B8F9225A + 9588E92A826444BDD143B38CC3934FBD + stream[448..511] = 33DDC526B91BD452296DC8ABAEE7C65A + E7D8CA37FE66166B67570726639841C8 + 559405236A37A104FAA3F5A1A1932D57 + FFE36EC16D439B1C291DD11638C50730 + xor-digest = 8FF9D4A8277BA858B70F05FBAF80FC6E + 31AC1CC81E8D847721CB632FA757C4B4 + BAF548A4764EBA7206009A5B99A00089 + 7717410EAA1D4ADC9F6D619EC2D6C511 + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + 24242424242424242424242424242424 + IV = 0000000000000000 + stream[0..63] = 0FDF243C21DA8B291097C9F385DFF2AD + 4FDCA5EB4FA7E4C23CC61FA1A582EB23 + 5AE23454DF6F19B259E498F746F9EF35 + 491F77DC53BD596AACCB9FB7B5EE8ABC + stream[192..255] = A92CE971EA8E2ED7614325F0C47CE1D7 + 200B94EEB7FB4E31CDE640696ED6449F + B29A9F19EABE323B776EE9460C2448E2 + DF83206A401074E3254C5AD6C194BD99 + stream[256..319] = 6F988009D4C82F523611DE08FEA23680 + 02FA5A615E8EA831A76C7CABCC92E1BC + C02249FD76DDEA5C00FEBC391613857C + 97CD684B23C6D9B40F1C5254404F7CA4 + stream[448..511] = 61503589A014A6F800A5D93803517581 + 988262122B30755A337F81EF3B326125 + 51ABCE838C0A57795EED2F26173DE6B7 + E4BB6E37EE7F98383658A7BC47976321 + xor-digest = 3AA2F283D77DD949C9EBF1B4EA95D9CE + AEC299832AE766A1BD617F56473D3031 + 2B81DF89D0EB79669F1A044042213F93 + DC7F0A2D4B6F089153C6FF9095C4E69C + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 0000000000000000 + stream[0..63] = 3D9EA1F4A3036C92CF9E0D6BB20824C0 + F57818B3C84DF65AE4A1DE2A058F8BEE + 242F9BEA42A78383F98AC998BE4B1EA5 + 401BEA5250611CFE6505AA5F43C9A262 + stream[192..255] = 8C2F23B3E0255982DB921D035B507433 + 2EB98C31143E19F5FAA40547D0819157 + BBA1B6B5C3177AE45074CF5E711195F9 + 281A71E62617F3A1E582D4F89FDAEC4F + stream[256..319] = 5D1ED872FD20FDE0C98FD76503F538B7 + 538F5061D3A3B12385B4BAE7C8CECA20 + E47EBD5C96F88D78230B5D3909CA9B0A + 4BDDA1FD1F561ABEC60524C51559EF45 + stream[448..511] = EA2F040B9DD538FB258C9289F5CB76B2 + 335C7D05F5B9B2CD591B55AC8FAB882D + 07EC54EDD33D4B24D6AD69841C219C5D + 26DDC827C67D0A6AC12D0A4E0DBE9A78 + xor-digest = 04A255960FBBF45E8E9E0828035FA11D + A684C2A7099AB00DB1D3E117B78026F2 + 8F69523A4B9A9F570C49FC02E1F2FBE9 + 6F2CA223DC8105A5A6FD0E2CFCDC9AF0 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + 36363636363636363636363636363636 + IV = 0000000000000000 + stream[0..63] = E0E9C87C82202453CDE753D368DA1842 + 9279F0B97446FB12A0436C6BE1AA7514 + 3E98B740F6F9CEC72A1EA38D4EF2BC65 + E1AF3AE13C5ADF6DA16A2131739C0084 + stream[192..255] = A43046BAE6A4A2C288CA187C72A21E88 + 047CE98C64147F2F853617A54A3057C7 + 0F48823ECA4B82609924CC9453D57F1D + 3ACF7D302592BCF9B1439F28B3EE5F34 + stream[256..319] = 08DFF1999015561E0817C20CED5E979C + 6BED0512A69CCB4C6F6FA480CCE4348A + 076F549355D22DDC52728F833447DAED + 83D7012F3F59A8BE495078B72B299753 + stream[448..511] = C66109B099BAD13AF2F36F5AED7AA0F0 + 0320D8B109EABC7428362B7CC43C284D + 04EC23DFA4F2A5ED2A7BE2A64CF42F9B + F973C6F2AFDB1AB7B7E5F9499B9DE964 + xor-digest = 9F9D95E6B8F6E9682B03C0F78E06DD42 + 35E62C6DDBC601EAA3D36D6E6F8B95C4 + 50198564F812801FD2893F1B12A59158 + B9506624CE698A648E1928A42BC72ACF + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 0000000000000000 + stream[0..63] = 18B631E89190A2C763AD5F1DBC57B565 + EAD588F7DC85C3DD75E7D7E74C1D4429 + E2FB3C6CB687A620EB7050CCD49B54D0 + F147302BFB7ADC6D1EB235A60338D190 + stream[192..255] = FE2017B0E26C72416B6789071D0EABE4 + 8DA7531CAD058597AB3742792C791678 + 44C84243B910FCA131C4EB3D39BD6341 + 842F96F4059261438A81423586EEE459 + stream[256..319] = 5FA44FAD6149C7E80BA6A98A8C861993 + F7D39F1CAEAD07CEB96CBB9BD9153C97 + 8B8957C82F88EC2EDD1BCC207627CDB7 + 029AFC907BBEAFAA14444F66CB9A20EA + stream[448..511] = CF4DD50E4D99B8A26A9ED0F8CEE5FC10 + E8410C7071CCFD6939C09AE576C3A5ED + D2F03412E40C8BAD8DC72FAFD2ED76A1 + AF3BDD674EC5428BD400E2D4AE9026EF + xor-digest = 1C945357BA98CA7AAFD28A5A39DE3DD5 + B5F640CC7F0A567172706069637AF5C3 + 975923080CA3FAF9367294D495A02052 + C0C473E4B779AFF3BDD9EE665D55EA9F + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + 48484848484848484848484848484848 + IV = 0000000000000000 + stream[0..63] = 82492EEE44E22AD4DFCA2032BA401F73 + 7D4BC35CE8546EB6314EDC25E69DAC16 + C8A9EBED6EAB895B7D72BFACEAA14E36 + 3F9A9773E43B077A1991EAC1EEA83EC5 + stream[192..255] = CB11B43F7E98D75576BB1B1AB33A4E6E + CD9CBCEEB36718B22C14F430A8BE7BCA + BCBCDE60D775DF441FCD808E79D05FAF + E3AA199D45DC174272EA3DD0057D9BD4 + stream[256..319] = 7D237FF28E20F0FDCAE42A7D0D7AEFEC + 8AF23CF2906E305341FDF8FF75C0B9CB + C8F19696CE8D31D15E27EAB0AFFCE92A + AFD1BC29E9B80895B3A7CF57ED434D96 + stream[448..511] = 5ED806ACF2490F17AB82438484FCBF61 + 6A17015069B88DFC2C4CE76A2F564E4C + 5786A7514CE542709E90101094DEBBF4 + 8954F9BF8F4773E06DEE7FB9231AA457 + xor-digest = C77654229F128DE04A121608381F5F05 + 7F7EC90BA31DCA134CB4AB45EF911F8A + 0AA71DCAB706277802FA880A73EE5153 + 7451838D05B4ADDD796FA005E7F136DD + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + 51515151515151515151515151515151 + IV = 0000000000000000 + stream[0..63] = C7FC0F8C8D2064FE05BEC4A641560FCB + C41A60718B1DF62AA297E754756CDB68 + 48C5BF60721B49A854A7A4D4BF2D36EE + 943A3B3922A638293B32F15A7E9A1357 + stream[192..255] = 987A15FE80E62B043B2C7C0953A27D04 + 83B2A7ECC03AD33C2F99FAB7FD2A7EE7 + 0181F7913429F89027E392FC3B73F4A7 + 5E475BA1D7DD4DA0F32D776BBABF270C + stream[256..319] = CEBF798ED076B963AC8EA9465F7EBB90 + 6E09F80247C1FE09C86D1BEF3DE4F4AF + 94B51FECC1C58E1E8CD225C2F68CCEAF + C36C029DDCE9380AE9FBC867E145F658 + stream[448..511] = FD7E885A72C796E642EA628C6ECDC508 + 9F465F57E55D51170C039B253B14EB9D + 195A3712CDEA2624A5382880192DE3FA + 0DA2A86EF3A61220DB949596FE1C318F + xor-digest = DBE3B90391D0169C64BC96AA925975E5 + 89CAE70CBE36AE6835496B1977D1ECF7 + 9F9D3E161698CFAA3F7AF57DE535488D + A06A8B686577A52BC358FE25F95EA2E6 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 0000000000000000 + stream[0..63] = 6C3645C8621D8E7286911278BAB37C5E + EBAA2AD321AB8ECA62D13372156F8B87 + FB87FBE02B1EFE39AB0EBE41553E5348 + 073053048A0D4DBDA1880230CD23A4F1 + stream[192..255] = BB161E8441B29DE15C9A02F447766354 + E7E590B42AE566935F0A6D7E864AF5EB + B288C0C63812B0917970547225899573 + 7C804E58F7BEA1596B7343B0CBDC6AA3 + stream[256..319] = 6EC6A41251D6FE041CD87EB3996369F1 + 390E649F012712F9DA4D1F4DFF96CF74 + 91CAA6836C09BA8C55ABB656B4F51F7B + 4AF829B5DC89F460287EFAD064C44F28 + stream[448..511] = 3D54A399D5B92252CCF9E6A0C054D4A5 + EDBFA58A3B53981BBA50EE9BB379D71A + C9775A0D793AFC79A64C708D0F9A7D7B + E061D5A5D50DBF32480AABEBC128D198 + xor-digest = C8340B28A1E4A5AADAC14966D92094DD + 56EAB9C48C53327CFA62608FBF20456A + 23DEC3B658FBEC9EC1FB6B56651245DB + 58D6FF770F1404659BC697685BBDA62B + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + 63636363636363636363636363636363 + IV = 0000000000000000 + stream[0..63] = D417644E8A37FF8840772A55960C4B06 + 4DA371869EA07FD02D7F8EFEF0BDB7CE + 308173B8BAFDCA6064CEBE09609377B6 + 542CE73D44A0134C95C452D9B83A4B35 + stream[192..255] = 2974AF76C0EB09874EFAF061BFD45636 + E6AD9C2BA71A1B4FAE493C04205B5CCA + A1D361DED0F1BF8C2FF2DE70F4B68E1E + B1B6E63B19EE1842DA4ABC52C88714D8 + stream[256..319] = 934392340254B83FA7A9888D1CA9959B + A221FF1C487B214FE6703C4BCE02EF62 + 4DE46A76670712B381E2EE017B67DBAA + 3726CE1CFB39038FD0059EFCB2346385 + stream[448..511] = F234ED6FEFF11821E19D73E31BFAF745 + 126D80E0743623A179303C5A7827582A + ACFEE4845E8D3FD98AB990C710020B42 + 542DAB392D6A1BFE058E200FEFA00006 + xor-digest = 42453E59A686950A5E37CE26842A5939 + 52CFAC24B39A3D7B2D7A4BA65BB95460 + D5A493A51F5F1D97B30B6752A826BFD2 + CD6EC49B87ED1815F2E47DBBE99BC904 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 0000000000000000 + stream[0..63] = 1456A98D271F43A5FF29B3D0BCC35B78 + 50C4D9DA5BBA43B752A1A541A4FC88DC + 0FC4C89F35ACF1B540F5C3207A0BF359 + 490D482232936E5C0B818C3DE6EF2012 + stream[192..255] = E8DFC363183330BBCC8498913A28545C + 6905F858D314939FA148C4C6600CD23A + 941F88F2FF08D7567202F335F5A90A0E + A92B9D73A2C710CFE22BE0D180BA1A42 + stream[256..319] = 77ACAD59AC794EC38C13805E9638F145 + DEE96C36C9C07A1811DCC1531A462144 + AC1F4B2245A570C42B25EB646D4655D6 + EA646776B0445C8B5670AB2B11203823 + stream[448..511] = 9A1BBE72AEC868E45B28B9FE3570381D + A759D1484B710A2AFB385DB7EAC5A2C6 + 5E2EFF9204C5DF6A684ED55C2D09FBD1 + 7E2FB6B4FF4BAD3ABD201DCEE340305A + xor-digest = A5832EF363D2FD5B01270B6776A5C8EE + C08491D8064752E4B5AC53993EED1A5C + 24673C6B2A47FC31C91F2EEB995836D8 + 20E8061303E9DB8C81384798C4265AE9 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + 75757575757575757575757575757575 + IV = 0000000000000000 + stream[0..63] = 8F04C8F40319569CB4B04458528135E8 + 35AF2C69561F0F0F5B6009B540B85ED1 + BC7612C9EC7A200B08AEDF07DB08ABC3 + 9FA48E63AC81974175AE3A4AC9429985 + stream[192..255] = DD98FBC3465BBD56ED0BF2F2367498B0 + E2854E514A27C7410AAF8E0B44117EAF + A5EDA0C7FA2106C03DB8AF62E5ED136B + 4BCA0B82CF2EA19FDADE4101C57117E2 + stream[256..319] = 7CA321B64434A90CE08E00A99D9456CB + 7A0779D4F0FC12346C01A5A1310528DD + 2E0EA2F58A8795BD138687645A7054DC + 2FA74835B1B45F4B68E3CEAAA315C250 + stream[448..511] = 076AB5564DB74D830CF96E6B90897E5F + 2E597619B47FF74B190C16735E902BDF + 111FA384ED3F8055343F4561C731F783 + 7072FAB81825304DC3D4CC02404E539D + xor-digest = D725AAE2FE26DE0129790BC7BE3BEFC5 + 83A8C7D9F4508C8582A40855D4A79C00 + 098B8CAB2878A30F12FEE5F1B192C21F + DF3D41F5EBC784784B3DEC5C89D0716B + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 0000000000000000 + stream[0..63] = DFD428440260E1B64579A6940EE53907 + 8CF48977E4B61DD0C708B52B42A607AB + C0A0774F49FD8599E4A4CA3B7C54FEDC + 353D2467DEECDB9FFC8350C79414CFBB + stream[192..255] = F4C7C343C6DFB6F7EA25DBF6DFBD31D2 + 595C45C4CD1C057308FFA60C1AF1BBCA + 888C6C8097E97319566A7EBD80DA4F0E + DDBD22015CC363E5AC01BE42770660C8 + stream[256..319] = F1792B445D52BD4FC99557ABBECBCE74 + 257A62EEA110EF9CB3CB0388922A7FBB + 5FCBCE5BCE44818F930284E4E360973D + 49607E1B0E1D97C618EBA4D909A50375 + stream[448..511] = 7A2EB3ABE2F83C4B40A15F4AAA89D5C9 + 72B911AAFFF5069FA3E7396162CFDBBB + 6A16E222C15878D9C8A00AD8201F1889 + 9F060851A3147AC2F3385FD8144BCD32 + xor-digest = 65FAF34064FE19847014B10AD550DF15 + B05A8A3D6B7EB64C94FD0EB61774A8E1 + 03DFB43B3C4E0BB074848DDC6A928449 + 2AE5E03E36FAAB8D46E8D647753B825A + +Set 2, vector#135: + key = 87878787878787878787878787878787 + 87878787878787878787878787878787 + IV = 0000000000000000 + stream[0..63] = 47756F1D1EEDDF06790A5E39083186D3 + 16E3258B9C5B7D25E478E817308E2B90 + A5DC4A8C03A38AE1757B6EFAE73B058A + 7CEA675CEE9A01E9BBC7B15DC5424E64 + stream[192..255] = FE6FB2E0BDF120B585D082602D2648D6 + D95D14C3E8DF44F7D9BF650709578C0A + A5D775BAA12A3C1153CF44AE2A3BAC49 + 534210F8BB8AAE7F54DF049AE368678F + stream[256..319] = DA0D9214302984F36B92EDCA76765B8D + 5E748EE13176CFA41345AB0EFBD7CB54 + 737DC606DE60E4355233E63B1EDAF48A + B84DF854E47D1D746B3AA5CCC0A5DA62 + stream[448..511] = 8373EFD791B51A07B840A7FACA4307CE + 9F5FB71A0C7891CEF7E7754A414B61D6 + 593A5EEB782FBF28998F4174C63733BF + A7EE172290A0A854AD6C36757AEE0911 + xor-digest = 11BDAED16F1C5D38F8EAE0B9FC6E63BF + F0E7A087247A25A20135BB7A5500F937 + F34ADA22153862AE37C963764901DFB0 + 18E9D8245DB4F275A38C10BA393EFAFB + +Set 2, vector#144: + key = 90909090909090909090909090909090 + 90909090909090909090909090909090 + IV = 0000000000000000 + stream[0..63] = 6AB7A8C769386FB6067059D0EE3DBC97 + 1EFAEF4AC10C74A2F17527EA5A8C6E0C + DF1FA10F27A29911BB57BF3E7A6DBDCE + 4AF3E7BB730F47AC79DC917DA646A8B7 + stream[192..255] = 1DD701A2698617855C38017B0ADE1E17 + D22D9717E21AD8635CE6A40CECC7EE43 + 83D5483F414B9F2285D200500CCA85C3 + D45F4F25550E3701B675D7E1B8266C6B + stream[256..319] = 5D331C1544CFD44E3588C2EA0D889F44 + D5742E7AFE9581CAF23CB668B0530C84 + A89D63F948969DBC0D0574911EC0307E + CE9CF38C5FCDE75462D1C472455A78ED + stream[448..511] = A55713DFAA272076529BC5A33558A7D5 + 206C1C070648DBAA348C78556631AD99 + F8F16DDDA2E5779B155DD9377A8E575C + 257FE7E08ABE9B3A378027EA06539810 + xor-digest = 8672FFC244BBC43DD6210AF1BDE1A607 + C41F3243FC149BA8988B7FEF41C4A7E9 + 61F5E992F51CDD23B183C4DB710E89AB + BAFFC13FBDD613EA098F9D7375742F8C + +Set 2, vector#153: + key = 99999999999999999999999999999999 + 99999999999999999999999999999999 + IV = 0000000000000000 + stream[0..63] = E548ECEAF4B4AF1F8572F7113C7D8FF9 + 61837C15ECC6BEAAB80F38CB15022B50 + BCB1FA414A798C954DAFB572CF22A9A4 + D82F7561186C31BA0199EAE1678CC4CF + stream[192..255] = 9E5D061279348E0D5DA552A82DDD3795 + 37F928DCA393AE75AED13F63BD60DEE4 + 32C96D1B2365B59FEE3C0E18515966D6 + 642F2E156C30C704A77DCB5629AC6167 + stream[256..319] = 9CDCAD9CB247AB21BA9E93C936936994 + C6C320841C745D6DFC85110367B36C88 + 67CFAB60F6A67A1656C645BFDBF196AC + 974A4165BF81FBE715CB6C3954E217FD + stream[448..511] = FE5134E8B0BC016D3ED3594B6EEF2F06 + FAFE2F4C89CB4E2627B232BACFDCA8A4 + 80B1C55DF4C0AF1E630A617CEDE0A48F + 900A9CF815362C098A76D29360414735 + xor-digest = 6C7EF2493D05F6A8BBBB583EF1E361FC + 0F808F749BD13D2E6F23BDF76A9003FA + D08E8C1D840D2236C6C3686211353DB1 + 4B5B421A75DD362E413D33D02A5D5658 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 0000000000000000 + stream[0..63] = D0854334E4619E3EFBB2A53D59F89866 + F67220CE00A3116313FB9CB645339766 + 0CA976A8B3477F76FF8FA485D61E3758 + 3DA5F35A8FAD678B7C2B9EC97321DFD0 + stream[192..255] = 92D4924C3E682EECBF9AD3A5453BE7BD + 56D9FD73F16BA0CA09FBD0C136BCD595 + 2FE55744B1871E4C8726611F291B282C + 2219C817C88086A5A7BDC513DCCA473D + stream[256..319] = CAC309E4AA3ED635D68E5AFD9F4CB0BA + DB229E8EB560B16645CA2A71B35B7C3D + 757C156983F7D053B0430F9634402B8E + 4FDE6926135473BA8560C3AE1FD5BF48 + stream[448..511] = 980DB26FDBF49D5D890B65EB01AAEBD5 + CC118812BDE441A71871206D67683889 + 828622C6336DEA09DB6ADE0772A3D091 + F77B1F3115E1341EF11F41F7CD0505D6 + xor-digest = 3306A1B9675C78ADACEA0291207055CF + 68522DB3DA07A5EC9C91361B015B1896 + 33E4451B8F7B811EF5CD0A056AC7A07D + BC1AB3A9DA16DEC28A006FD9928B53C4 + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + ABABABABABABABABABABABABABABABAB + IV = 0000000000000000 + stream[0..63] = 6CD6B451B1C793485006B3B51470E6AB + 20163502C30240C4A3C6406482A2770D + 550AD77D0091632C719BA33769823D2D + 8147396466F1A2A857060A42ECCE0A0E + stream[192..255] = 81298474E6D86A66AE4CBCEE495D8740 + 502CBE5CC91174865A615B193B55BA4F + CD2337667292D3F3C428B9FEF090207E + 2DEF037917A2244FFD3AE8161CEBA42A + stream[256..319] = 367B062DFFD72A6EF6CEB3AE7FE59684 + 690F40A9F276E8021994ED475BE1F08F + A5C99E3A1AE1E68A92D02C5C14BE0E67 + A1B989E7033274993D1685D4B2DAE6D0 + stream[448..511] = 43C53B82CFBB199FFF9C5719ED1EF470 + AAAD578C5778A9DD3C2D77C7BAF41CC3 + 0F5F7B4C91FED81E9A661093EE20FC3B + BA55FF8447C899C6E12A0A0F5ECE3BA3 + xor-digest = 7772EA572BE1609E5D20201E7F147A6F + DC25DCCF12D25DEBCAAFB9E9BD1E11A6 + FD26D5B416743F495268D00B4B6CB798 + B0AC43498541EFA188907F9E78AF0424 + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 0000000000000000 + stream[0..63] = EE879D01C8E20CE8CACDDB464348F69C + 6551F70383A82933C3A765B8AC138581 + 8D67C69841FF2B4B8BC209ECFC0FE765 + C44C42C9CD6EFF90E0A6DAB153F52D04 + stream[192..255] = 8D7D377A3072E9571F9AE00D25E875A4 + D9BAB98A3EA348BF823F12F44DABAE28 + 317BAA3A71EB3D7C4C2EC3EF87E828CB + 862FBFC99C7ECBC629D22DB8EB82156D + stream[256..319] = 97B547A3E920FB054416A5787EAB5C76 + 38FA6CCDEC816613FC855EAAFB4887C1 + 3A38094D89570BF17E55E5E1EC275ECD + 122142C9126DE5E9411F06805071983F + stream[448..511] = CCA815558FFE08873C9AF373FAA546B2 + FB3EA3059EFD02CB778D01962E87EFA8 + 5F24BC5BEFD4ED02C986C0229D70ABA0 + D4E97328780FBD0ECB367A8C085414E9 + xor-digest = 00AADA5BD15D2585CDB0EF205F20E4B3 + 3452AF75D4CE8C36925514CAFDB519EB + E387FAFF8DDC7856AD1CE68A7BBAEE29 + 5347BE2A647434AC4CFCE3D2C925905F + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 0000000000000000 + stream[0..63] = DED8C79CC623162C2074FC7B4876F754 + 1B959209AC6573E6D25D1F1E649CC241 + 31A2F1B1B9E9E0FA639F8AF373CCAB88 + 3C659001BD120449997871E6A1D5AD8E + stream[192..255] = 1E946CF03C4C89D19DDB9C48EACFE7FA + A48235899DF49232CE2A586130BAD63D + 52540151FBC02E3BFEF082A63A900C42 + 0D6D7A11E289C34387A6155ABB71816A + stream[256..319] = 3CCAA2AEA81296ED9171B608FD8DEAEA + 3EA5B8A87B17B10751A01713EDE6A156 + 652783C26C0247E347860C06AD633AAE + 2C0AFB239291A6E7729F8838A4D97533 + stream[448..511] = 065DCB330DDC528BD42DC6A0F85179A3 + 531CF900DC5F7D3B5455DC49D451161F + 9AFD79A619DD951C854019412532D33C + 9DE6F9AE44394208653CF12D316F4A70 + xor-digest = 74D888BC6614CDD372E03DE0E92A0512 + DAD7CE19C19B1E05F34BE79F1222BEFE + E92190397CDA031A0FDE5098FF31CEC1 + CDC0FD7B422A6424119C46C506BF39CA + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 0000000000000000 + stream[0..63] = 36AFBAFFF746195D8784CB72A16D12AA + 604CDBF567955F15FB55DD42FAE8DDC4 + E6CEA63B6F8E2815F3094005E403FEA3 + 0EEDD68B5F2573EFD03A4E2BC41AEC32 + stream[192..255] = 4F7E1CE5E727D83989222ACF56776F0A + FD1B00E9A5734408E1513313E0CA347C + C37D8DE7AF4F6C5C7EF311BDA97BD8F4 + 52F89B4D44411D63105BECADC661D558 + stream[256..319] = 2677C65207F10008A28E0D3D2C7D43A6 + 71A96CB9A98ED1ECDEBA8F5AFAF4DDF3 + F7B078346EB1DAEB1047D2E656EFB331 + F3A71302E6FB547568D6A8A2871EB5B2 + stream[448..511] = C39BC4103ED0D8FE8C7D5FC072C94080 + DF9DAB70F627D8BD68719A721836554F + 3A2CFD08616170F4E3C3B0420BB41FBE + 9A84C43D405B9EE32285BB5051CD5E83 + xor-digest = C6AFC707ACCB8F10DFDA45A836C85603 + D2F5E30BFFC0A9FDDE48666153F395EE + 0BF93F900D59C7FA70632F644521A5FC + FE28882311D315D53BC10755698FC81C + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 0000000000000000 + stream[0..63] = AA68F6EB41DB62A2C5E4E9AAF21D7D43 + 1C29A66303854A68EF737872CBF7C505 + 918B87CE4DB6B3D84BC039906AC0561D + F79F0A57CFA762B8B9C2991F1DC98032 + stream[192..255] = 7BC0564BAF3C88CF14FCD2020433CEDF + 65EE68DF4AFAB7E040DFC396A856617F + 677217529B839EB9DF47AFD6758CAACD + 75E734FCC653ED5AC25C8A7B1AEBAA49 + stream[256..319] = AD21BBE24EA84C0859B2EF3E09070493 + 6A6D2A97DF912207D3F50D63FCD56676 + 61A47AD0DF1FA8DDE08EAD7201AF15FA + 85BCBA0962D7921397E35E60149BB4EB + stream[448..511] = 8914307989CD704120A6DAC52789B845 + 7260A2939CA0E02A4C41C46ECE890305 + 9F58A2B0F3D93B45160D08A13737D51E + 984B97CD4A28DC2D92155FCADA3F8033 + xor-digest = 2EE47E155D995B266EFC7E0A995172EB + AD6A1201A20D9A9F5397FFB815AE6246 + 760EF488A9C45FB9B820E32A42E21634 + E995CECF6E9E05FD14FFDCA92313AC0E + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 0000000000000000 + stream[0..63] = 596EA70BBA1A4DE2F8ED2AF37A0CE6D1 + 2443354659CD0C41203EB345E160CF05 + 6F8D71314AA7221D86F868304F34D5B3 + ED4D51072FE7B12568B859077B6F920D + stream[192..255] = 26716254A9C7067808EDC0D31D54D289 + 88A3F655C10931E217B3C9A8A4B557D2 + 8AD6C701612A8D848FED1589CCFBBE7B + 566496F4662B1D98FCFC70C1716E5347 + stream[256..319] = B33C15E9488DE8A97AFE67FBFAF47FFE + 5C3934B05B5E2EA061A41A2BF0D81FB6 + 054C824B492775E3E8300DAD609BCEA5 + 837392668C0B54FECE2F2945F18160D3 + stream[448..511] = A1F72ECB02649F01D4396574EA80BBCB + 8934FCF989CF1D7CF7410B0A93E08C10 + 0A229C952DA999789662E1666CA71C65 + 4DBEB2C5BBC20BB67DF67CD39B51B4CB + xor-digest = 7ABDAB4EA81129864F2CEB9157C01178 + A413889D86A1D54F964F3D70C5A4326E + 3FDBEA3C5B77F4EFBBE94CC2DB808B96 + A81BCEF94D3FC039CB13A754D4E4A1E6 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 0000000000000000 + stream[0..63] = 6D221A5561813E4B6BF1A3821F0BC95B + 3D51004ED29EAECD26016E5B7F628BA0 + 6B2BA4D650D685C3BA9FB51E305EEB36 + A11CA08C431E0740D59D521FBDDBF716 + stream[192..255] = 9C9EEBCA7428A88562FAD4EC9800EB7D + E4EBE571855B40D3F1D9770236EF0131 + 70A6BF8CF9C1880A1BC3C58193777098 + 89384D19F4F9D6E8098E8E326B9AC4B7 + stream[256..319] = 86ECBB7CA8E1526F538805A692C354B8 + E335BAC919CB4355C15B40D721328BE9 + 81105395FD27BB6F0515A427469DF557 + DC92EB010C49C332BFEB1A98154BF0AA + stream[448..511] = 0503DAA102F9CDFBFF854D6015BF484A + 201F69E6E789A757B8DAB005D5859027 + 849ECA4E951AE28126FB6C63BB65EF61 + 94C9661F9E40CAAB817CBE89595096EC + xor-digest = A3008548B817A82F3D4D2813B5777952 + A5D46CD710AC4F8417273ABDF65BF0D3 + D519C5D0CA1CFFE8F265338084F54DC3 + 65C61F376DF6F1DC4B2BC6BA63E2FF11 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 0000000000000000 + stream[0..63] = 304665A82B0838D4EA0A7737855CEAB0 + 44583FBF2F8E68D7B3B191600ADAEB33 + 538942A71998F68DA9A0D4BAC36A5052 + CBEAEFFCABC6B506E5F805F8105D5E79 + stream[192..255] = 96B62FE40229E2CEBEAE44431F01A0A4 + 3FA080D685215BEA4705B6B78187751B + E1DFA0DCC1C8D6A2040C0716F524CF40 + 42889F743A3EDC01EBDFD3A6FF3E92DD + stream[256..319] = D1667A839D7725E602FD36A69117D039 + AE92EC7032432323A61AFB1602F17E4F + B66F0BB5A5F4C54329F7217497B3546F + FF9938966B05789E0CA65CBF34DB1B2D + stream[448..511] = 3557FC69A9D44C66FB022ED8D4D349C1 + D82A41DA40E3687B197DFC070000B69C + 2FD9B1F9F99C63BF3ED82F2CCBD2A6ED + 20A14ABA05F6855078DF5C73A4D50493 + xor-digest = AA453B1E7AC7D53F54827BDBAD419A21 + AA49AC5A55E96622D028D3D600F37D89 + 2C084D404A006404B18620F84BDF872E + F7E90203875719F0B90FA8A900FDC22D + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 0000000000000000 + stream[0..63] = BF9634C2D81B6400C2ADACFCC0C353CE + 3AC45A2EB636AE9D2D6B8DB6107511C9 + 399FB22CA2DF6406307EADEED423E72B + 72411E11530B1814AB196A74DFD4FA61 + stream[192..255] = 50F32FC8C94BEFCE5E51F3E774134ACA + D60BF3DE49BFE1F17DDD88395C4880AC + 926528971A3D74796303A4064F67733B + A2AB545344B97F555525C0A5611151DE + stream[256..319] = A6E426963373DCDCE54C1827F683859D + F11857D7BEB1EEA10FF137CF6B395635 + 53C79E92295B1FA385C59BC201612C70 + 39341B55D49139B88A16544AEDBDA967 + stream[448..511] = EB50C1AFCDFBF83EDA42011C141B67CD + 041598209605800EAFF2EE6A99A6C958 + 9621B778FA4DB6D2FC4980030B86F3C8 + 670B46BED56A511B9A18E60B1FED27D5 + xor-digest = BEE123C7EF4E2D25DB862CC720D9FEA7 + 4B329C3B1588342B6104DCA139FB1A3B + E0E1A1779D973C3F4473D76309B8FA2F + 831F295B150445F44E4F46336014FA7D + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 0000000000000000 + stream[0..63] = 356DD71DBC2B216B7A439E07BCC1348F + 769F7EF482486C92E8FD8EB050224838 + AB1F4DFCD2FB196AFD4C4FFBF51B9124 + 6BF45AE8131B8D5CAFA29FC3025A3597 + stream[192..255] = C09481306DB9FF12F1798A21A3031921 + B237E1B54A73F724CC0378379DB2FD86 + 8DF08983A3D26C32379E3B132A6F1766 + 646A963AA56C8F5D45B35F79B24D27C0 + stream[256..319] = 6C198E30BBAD2E329A7A3ED5C383340F + 90EADD9F44AB7F339E6BE9217366188C + 4C8D721BD6DC5D5D192A8E854013EBE2 + 66633893015AFBED28EA42F928B27F60 + stream[448..511] = FF9B8ED2074ABD83B51AA93A65E5E303 + 774CD6874D344236B1EFD39A3605984E + DFEBCFB5B41AC09AAD500F71AF6D77A0 + 7CE81A5E0E1E29C857609143B5BE0BA6 + xor-digest = 1858D5470ABE500EC2CC40158C700E5A + 78CF094440F2081ED694C47AD054D7C0 + 0E77B67920631ED3E5C86B400FFD70D6 + 244CEC58F08DD3C4AE05778B514163FC + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + 101112131415161718191A1B1C1D1E1F + IV = 0000000000000000 + stream[0..63] = B580F7671C76E5F7441AF87C146D6B51 + 3910DC8B4146EF1B3211CF12AF4A4B49 + E5C874B3EF4F85E7D7ED539FFEBA73EB + 73E0CCA74FBD306D8AA716C7783E89AF + stream[192..255] = 9B5B5406977968E7F472DE2924EFFD0E + 8EA74C954D23FCC21E4ED87BBA9E0F79 + D1477D1810368F02259F7F53966F91CE + B50ECD3DA10363E7F08EEAB83A0EF71A + stream[256..319] = 68E43AA40C5D5718E636D8E3B0AB3830 + D61698A12EB15BD9C923FF40A23E80BE + 026B7E1349265AD9C20A6C8A60256F4A + CD1D7AD0DCBE1DFF3058ACD9E1B4C537 + stream[448..511] = 343ED5D011373AF376308D0B0DAB7806 + A4B4D3BF9B898181D546EFCF83D7464C + FC56AE76F03F3711174DC67AC9363E69 + 84F5A447BD25642A00754F1133BFD953 + xor-digest = 8C03E9237FEE95D5041C753C204D2B35 + 764E4A53035A76F9EFBADD7E63E60B69 + BF23F7C5FD39B2249B0C628FB654D521 + 4EB588371E5D2F34BF51396AF3ACB666 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + 191A1B1C1D1E1F202122232425262728 + IV = 0000000000000000 + stream[0..63] = 0DD83B7F93629BA8E489E30FE4B6EE54 + 9BAFB44CB794AAEF2EF07116649FD4C4 + 4DAC52560EFB34FF1A2E56FC0DD86F2D + 56C2C5C97089FC4C35C6788F36E6F142 + stream[192..255] = 19A8C09135CBB83C6140BBEB60099BDB + 469178F58B6DC87AD2B33CAE53A83B46 + A3BCE1289A68528D5A32A8867587FCC7 + F4DFE8EEA78BB2A9C40B9F6D8797BFE3 + stream[256..319] = 2E4E97BAAE813AD2C14848ABAB7C51A7 + 4BF3153C63101F4E6E4EEA56B470F0A6 + 78FAC3AA6CC300A51A7A345356D3FE1E + 3A56242086CA61A1E8E43F6703CDF6DE + stream[448..511] = 306FBEFC44132B66D527F5E75D171868 + EE8CBC6DAEFD6FC5B3730541CEA82CF6 + 7D41B8783D75117D266B924502D5AA5F + 28FF44A13AA2179DD8F0F4AD4B29024F + xor-digest = 25B9F46F897C9060052B08E0E70C8FAC + C9FAC41A4057E304209D39EE0807987A + C77A8A723BE07A22E9AB6BB8DC358A54 + 14E6C31C1C6B9D9E107AF74594134307 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + 22232425262728292A2B2C2D2E2F3031 + IV = 0000000000000000 + stream[0..63] = 4B094A8031FEA02C5CBDC1E2A64B13A9 + A0976897FCBD92A15738330CD1F85448 + EBD8B7E61A76855C64BE1BE78034ADEB + FFDEDFCF064AB92744760DFBF59F0A9D + stream[192..255] = F807DF0420C6D87DAD3A1811A96B5E4D + 2B2F284CD9130F51D307521BD2CABE72 + 1F1BAC0EF6219B7ACF8923C026C7F9AD + 8762CC9A9F8847750511D3697E165689 + stream[256..319] = AFB3798B54C003AA6C05C7893C5DB290 + AC7FAFE8C25D3E66AC699BBA3A880330 + 70D17C0314DAEAF51DBDA0C9DF36B713 + A913BD397B41DA7FF410A593568AB2BE + stream[448..511] = 67AFD443E67F5FF76A247EFCF3D54649 + 0649CDE396FE3AA34549C3ABC8F7447D + DB7A666C0402AFA25ADC47E95B8924B4 + B1C955C11A746FD4C0DA15432C1B83B7 + xor-digest = 842B6DBFACE3D7D24AC981C56F398BD9 + C19DB3B086F4ECF5473CAB197AD6C170 + BF57A238BD47FED65726CF2D58AD701F + B66E27C2026772AC8C706B77186BA837 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + 2B2C2D2E2F303132333435363738393A + IV = 0000000000000000 + stream[0..63] = AE39508EAC9AECE7BF97BB20B9DEE41F + 87D947F828913598DB72CC232948565E + 837E0BF37D5D387B2D7102B43BB5D823 + B04ADF3CECB6D93B9BA752BEC5D45059 + stream[192..255] = CF7F36734A7AD1EF4D9A4AA518A91C14 + 64184688F31E5E775E879E01E82FB42E + AEE8F382AA0701D54AF5DB788858CCDF + 801DED1E18BA4195019AA3111BA111AC + stream[256..319] = AB84E643D214E8DE9274720A1557A1E0 + 471F00394934A83A324D4270949BD448 + A7BB6B5D5FA40E9831AE5B4EA7D8D34E + 071EB56EFD84F127C8E34DA9BF633B46 + stream[448..511] = E757CA957797D6416E17F852AFFBF191 + AF98EB8CF73DCBBA0BCE8EFA29B958E3 + 9C0085F0076E0B4E31289A4F2DF35855 + ADD6BBEC725FC2860D4F49AB4EEA6C87 + xor-digest = DCF2DD4BD229E2325045FBE0DA487A00 + 256DA072F2EC9FADF50897E8C0379308 + 28C6C1971EFBEA4155758DAEC6404CB0 + E312243E7757060D600EB8094FB66995 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + 3435363738393A3B3C3D3E3F40414243 + IV = 0000000000000000 + stream[0..63] = 5DDE22EEE0ED12CF83F433441A3799B3 + A4415A2018A60BDE0A0F8E08993820C8 + 20998D420F346D8B808CBED40FC7CBD0 + CC43949B0A16F0EF2577CECAD03DCAD6 + stream[192..255] = 5C86A6AB19AD083676D609D2C094FFC2 + 921CD8D4580815522BA72AA20FEC59D5 + 64F1EDF2E2AE4810C69701BCD515A939 + D9C156254F28DE5C90C6CA2B0A385D53 + stream[256..319] = 956A71BB6344DDF03A8B828A03FEA914 + 8585BB8D21E52134F1FA9541A57519F4 + 4C2D56C8746E9FB40EB1FCF3551A5F95 + 38B90606924F3D082987B77C127D1DB7 + stream[448..511] = 2160DB576116DD75880E4DE9A7505308 + 05EBD00F48B6BFB62679F93EDBD42766 + A51AD3052C64174B5B027F6D5DD02059 + 2F5BBC369D48708295259F4B9519B19B + xor-digest = 5923F3E59743F7BD9E6C9E81DB5E0007 + 02C2A1BF996C3F00C43D2BF32FBD0F62 + 38B3EC2AB846972C48171EE53B5A9722 + 2CCC6DF5B470C5C1ECC1F6FF89F74043 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + 3D3E3F404142434445464748494A4B4C + IV = 0000000000000000 + stream[0..63] = BDF4E0BB6B36D01A31EE2E76F2379D33 + 286ABFA82F6872677955777DEE0B1662 + A65D85EBC56A7995A6F6CF995154C444 + C27CEF3EABC85B8985C7FA94C8ECB065 + stream[192..255] = 8835BF6D66FD567BCDA956673D9DA182 + 701921B79AAAB6039D65ABE1C7178923 + BC39C8A56FDEC8FEAAC4C29707914F68 + CA6CBEDE4DBE9FEAAF84DA2DFEC56E96 + stream[256..319] = A2751597632CF806C8246F7F9D9C4A72 + DE85C8C0C36A769F32A062DFCD45635B + 0C7131BFB38CE253886D4918CC4B7DBA + 780CAE5FA0F22479F445C0AD1285F35D + stream[448..511] = 1130339E16298874524D18F68266246C + A0B2060607B60689D025BD30BC6DE7FF + 5DDB90249319C9EA13195200ACADB595 + 14D56FC358D7A0D3BAEA374E34EA2E9D + xor-digest = EBF45CE390507D94E9969EF42C62C8B3 + C6649FF841003830CD716EF712BAD8F2 + A47575AF99B8F93F12C14FAD7CC03D6F + 0D4C5C5E5C6D997053C9C36DAA99BBCC + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + 464748494A4B4C4D4E4F505152535455 + IV = 0000000000000000 + stream[0..63] = 51B180F1C9C31388F8B3DE8734F3918F + F6DEC759689E6A54D0EAF8734DECAB2C + A2ACA4DFAA260AB781769B83CF94C2A0 + 166F2643585CAB42220D200F92074363 + stream[192..255] = 147CE4098C9884493CF00DD28B6439A5 + B794F871CCC4FFE349CABF3963C6BACE + D799AAB7F778B59473EDE8CB475056A1 + E7F5D0BE68DE84C535A8FB67724E0C6D + stream[256..319] = 7F0BCA1B790CD5C8F8CFD047AFE1C5BF + DDA8C8E0BBAF0567D4AE6B63C9E32770 + 51D1200ED8740D60FBBADC20CAC825A0 + 819CB66398FF7CFA38F3CE5CF23BAC37 + stream[448..511] = 74C2B38820E2614D4AC42477185346D7 + 5EC3BB41DC9810610C5B745A1B423A3C + BF14A7E45C08C5E7C1CAE65B8839F030 + A8E52500776B45EA65885322FC1B3A57 + xor-digest = 109865F93CCF7C2EF35211EE91967DFE + 6A45DD309EF3FEB5375F05F1429F7C88 + 0D712F67A547462D01CDC15D72AA32CD + A5F4D630AD5186D951E34A8E1F9F6D20 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + 4F505152535455565758595A5B5C5D5E + IV = 0000000000000000 + stream[0..63] = AADBA970B29F5BB8522C3817E849E5D0 + 417863554D16D6FC42405CA5A826A82A + 7F0ADD295D02DF3EB565E10CA1902E7E + E84CC977614F325AA0BCA298F64871C4 + stream[192..255] = 23453B14E9067B2733C88A3137650D83 + BF2EDEA3BD78D336765151C9DC15A534 + 5394C7B0E1B0DD3BEF7C7BBBB84AB0B5 + 7992446F8DD102F90B0D72728686EC17 + stream[256..319] = 0291E9B6188CB3E43F98B576C9C114B4 + E1165A39B33E32E7260D6767058C45B0 + 93717E09868B400557E750557417E7C7 + F0DA6A8AB0179630023EEE17B0362575 + stream[448..511] = D98E6AF3B8A4BE5EE6CD4F067FDDE869 + FA2569648498460C0B2E4A3A4652FB71 + 77D02D632BFEF2C3511F1D374AAADDE1 + 4542AC660114716E5CAF854AA5C2CF1A + xor-digest = 989C4606DDB85C89396FD3D07C6D0341 + 6D90B980843BDB761E51AE7887E10E6A + F845E1D71C310A84473701B2D27AC832 + 6721A660A63B5EA4E265D1F2B2027093 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + 58595A5B5C5D5E5F6061626364656667 + IV = 0000000000000000 + stream[0..63] = 53AD3698A011F779AD71030F3EFBEBA0 + A7EE3C55789681B1591EF33A7BE521ED + 68FC36E58F53FFD6E1369B00E390E973 + F656ACB097E0D603BE59A0B8F7975B98 + stream[192..255] = A04698274C6AC6EC03F66ED3F94C08B7 + 9FFDBF2A1610E6F5814905E73AD6D0D2 + 8164EEB8450D8ED0BB4B644761B43512 + 52DD5DDF00C31E3DABA0BC17691CCFDC + stream[256..319] = B826C7F071E796D34E3BFFB3C96E76A1 + 209388392806947C7F19B86D379FA3AE + DFCD19EBF49803DACC6E577E5B97B0F6 + D2036B6624D8196C96FCF02C865D30C1 + stream[448..511] = B505D41E2C207FA1C0A0E93413DDCFFC + 9BECA8030AFFAC2466E56482DA0EF428 + E63880B5021D3051F18679505A2B9D4F + 9B2C5A2D271D276DE3F51DBEBA934436 + xor-digest = 7849651A820B1CDFE36D5D6632716534 + E0635EDEFD538122D80870B60FB055DB + 637C7CA2B78B116F83AFF46E40F8F71D + 4CD6D2E1B750D5E011D1DF2E80F7210A + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + 6162636465666768696A6B6C6D6E6F70 + IV = 0000000000000000 + stream[0..63] = B2995CDC9255E4E6177398EECE05F338 + BE14825E8025598C1B4B0B80013E5D4B + C195802ACF47326F309C58809E044CA0 + 2027CCE97D80F7AEBA6D0376C96BFD7A + stream[192..255] = 0B89114F6F4111D2C7C33B0CC3DE682F + 932E9B060BD3D1E17801ADBF7F034819 + 2D1F77F99104BE2FE62AA14CAF17D0C2 + 35243B76D298C9CB51F7E5E02914027D + stream[256..319] = A93BEF16E18FB3D34FD342AEAC4EC93F + 474910948F5E25F20C3C6AF50FBFFD14 + 8B8272DF4AAE7400843AE11502D06196 + 59F3F2484D5D5659BC340039CAC03B20 + stream[448..511] = 031AB90E5D0C95ED116B7D03EFDD3543 + ACDA91FE89071680C1B025F305538F7E + 7154BDF131351E68F0F0ADDD40FB5183 + 0DD7761114BB4BA9692BD72500E7B2A3 + xor-digest = F72CEF83AF80636D318B6C1623368883 + 65438DF6E3B8611FBF3D602746BD8077 + 961880B5FD7ED4C6BD13C360B50BA7AF + E838ABA36FD1B21FED0AA6B095D04F60 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + 6A6B6C6D6E6F70717273747576777879 + IV = 0000000000000000 + stream[0..63] = 447D16E09F139ADBFDBC742D248EC354 + 67F165D42937FBA97B816016613DE365 + B0C23E4145CA71A3680B382CFF6D615C + E7B2B02AEE1B6CAE692E4D09B2B47CE4 + stream[192..255] = 49DEBE1A89CE85C6BC52DCE9E80422D0 + 523FA99D29132F3B292B695EC641C0E3 + C3C339414349F83BAAF6E534E426DA98 + 2BB80981B58401128A158AEB75FD48E7 + stream[256..319] = E661F70FC1DCB4437D4DE0C4F6540EFC + 14D319CF67906DDBF41BA8FA8FD1B17E + A8452CCB67F4078A8CEB2953218F97C7 + 73850D1CB882656A6486C0D12F9324EE + stream[448..511] = 7916FA50772F5BCD5DBF87F6733466B7 + E0DC28687A5AFDEE5BDFCA4A197E7B6D + 82072AC49F2C7944519999FCE9438AF9 + 80EC5576BEF6454C43AEC151A488A405 + xor-digest = 62E4E63373B0DD84227A80FDE16A2B25 + 27AF035FAFE70CCF3B67F0CB2C22DF85 + AF7FFAF9B34E05C6AE9E42C9C6DC457B + C223D886718E3B0022BD15FF398FC2CE + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + 737475767778797A7B7C7D7E7F808182 + IV = 0000000000000000 + stream[0..63] = D356187B3A555932420B005EEA1703CB + 6C568987D54316540561425C078A0BC1 + 6011BD3A1E88C62039608DDB65C35453 + 8E6E6BE417066D824B4CC3F4842D1B7D + stream[192..255] = FC9DB2F6F1A10BB4690291F108119B07 + C7D908E2A3C35BDEDF1F0B79041C04B9 + 1D63CE0D20459F3A99BF37AB195D907D + 3EBF1C75C5B7272D29ED83C0ECAE915F + stream[256..319] = 2193BE6883F2B56B74312E46F422441C + C1A54EF08360C87F70AF598751E24F28 + 5E7A0C2F886147DFEC52B34466F3A598 + 8DDAF657AF45A452495F852233F3E312 + stream[448..511] = 42822BF1D4BFD3122C2C842CE59BD9AD + 4616D916AADBBADB1A7F710EED2F7211 + 653055D94569FA2BE4C2BA8B758E2956 + 2C7A3354074705A28891B5E66EB8A7D7 + xor-digest = 8DBE66E2AAD0332B5D3B001C2EDFB91E + 9335910ACC1E28F2150289D7A414DCF8 + ACE6EC6CE70A985602E8E10B61F0736B + 0076F2E181758E99DE3628079B9C41B6 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + 7C7D7E7F808182838485868788898A8B + IV = 0000000000000000 + stream[0..63] = 4C2EB1D4A9A84064F43082EAC25C741F + A49F2579FCB069A2B072B4D7EB704B38 + E00DB35E0D9C2077E58B9403D73904B9 + BDAF16A1C79A0A25B0B9BC06E49D2659 + stream[192..255] = DBB77843D3F626E1F577ED0AB0D90348 + 66237611BC25FEA9713D5D001D2FE59F + 51A5C201D1EE6F7844BF231C34BB489A + CB3EA4434226248FDA91597AC400C8D2 + stream[256..319] = 3AC1C77E12C7B3CD306743B805738AAA + 8269B47132D1902ECEAD7EC403E2CE6F + D3EA6DFF1FE350995BAC330874EB0777 + EA659488C3991432A1FF9CDE7ABB9D34 + stream[448..511] = FFC9E408A4521EFDA22B2D4C30F22781 + D17CB1C709C4ECB2FD03ABEF56B4DD98 + 6379C068662A5CBC01053A0A7B3D1A0E + 9B9AB81EEB8F57EDED3BE1EE75ED340B + xor-digest = 0030ABB5B1F3B9615878BB05AE84977C + 6F5DFC18FDD5C2C7CDA6AC2E00997C43 + 4DF73B9AE21A6C58D0D856801A072B23 + DCBA58AC011983C8AEA55A48F8A38FCC + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + 85868788898A8B8C8D8E8F9091929394 + IV = 0000000000000000 + stream[0..63] = B36D9BB49A62689A751CF5C971A15F70 + 439E56DC516F15F958369E3DA2500EC4 + D51CE469B050037570D03B0948D9FF82 + F2AD1B1D65FA5D782CAE515E03BA6A60 + stream[192..255] = 0A4DE80091F11609F0AE9BE3AA9BE969 + 9AA1C0BDEE5C1DE5C00C36C642D7FF87 + 2195871708F2A2325DE93F81462E7305 + 4CECEFA7C1906CDAE88F874135D5B95D + stream[256..319] = F69916317394BF360EB6E726751B7050 + 96C5BF1317554006E4E832123D7E43CE + 74A06499BF685BB0AAC8E19C41C75B1C + 840FD9375F656AD2B1377B5A0B26289A + stream[448..511] = 5A49B471376394B09890CA0A5A72410A + B34ED9B829B127FB5677026E1BFC75B4 + AFE9DBF53B5C1B4D8BEB5CEDB678D697 + FE56DACBA9D6DEA9C57CD8243153755A + xor-digest = 9DEC1D2B309A5B7872F2AF1F30A5ACB0 + FC656DFE3C88B5C098DB3D5CE76F3ADC + C9D4BEB8C29B81C3EF3BB24D34A93A52 + DD659F62FD9BCBEAEC440BEB08B342D7 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + 8E8F909192939495969798999A9B9C9D + IV = 0000000000000000 + stream[0..63] = 4E7DB2320A4A7717959C27182A53072B + 9D18874644B42B319963B5512340AA4D + C7088FE4803EE59CC25E77AC29D13E72 + 20654487F4A3BF2D39C073C7D231DB17 + stream[192..255] = 58A4B8F161BE5C1AC1573FB95C216AAE + ADBF17205072225CD2236439A574B40A + 2AD76749E37AAEC60B52D79F5DA5459F + 094244FDE783122FACE929D94E914A87 + stream[256..319] = BE41A549607DA00691D0C3734D1F9CF7 + 1A0D21056E50BC89F29135989432FDB5 + C2340BFF6D181946BACD49D4B28A5104 + 97990B241CE021280159DFAAC44DA45C + stream[448..511] = E7CEFE15DADB07044C730CE7650E4124 + 687B7781C85C472EF6D3DD6C7150B050 + 001904552B59778F2BAEA8C0CA29900F + 0470F14CCED15E2D83FB1A06A0C57C7E + xor-digest = 81B127B36F506C56D5D62AA866E93BD5 + 2F97F96D353D50F613B9CF2270743A29 + 4B4082749139ADC010A6C12B05A77533 + EA699A1FDDEFFE1B28880AC98F7FAD71 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + 9798999A9B9C9D9E9FA0A1A2A3A4A5A6 + IV = 0000000000000000 + stream[0..63] = EE17A6C5E4275B77E5CE6B0549B556A6 + C3B98B508CC370E5FA9C4EA928F7B516 + D8C481B89E3B6BE41F964EE23F226A97 + E13F0B1D7F3C3FBBFF2E49A9A9B2A87F + stream[192..255] = 1246C91147270CA53D2CEACA1D11D00B + F83BB8F1C893E6F10118807D71021972 + 586592F9935827B03EA663B7CF032AA7 + ED9F1F9EE15409B18E08D12F4880E162 + stream[256..319] = 6B6AC56A7E4C7636D6589886D8D27462 + 41BACAF2A1C102C5D0DE1603E4C7A92B + 42F609BCB73BC5BFC0927EF075C72656 + 7018B47870365138EE821345C958F917 + stream[448..511] = DA438732BA03CBB9AFFF4B796A0B4482 + EA5880D7C3B02E2BE135B81D63DF351E + EECEFA571731184CD5CB7EEA0A1D1626 + 83BA706373017EE078B8068B14953FBF + xor-digest = C06DCD6409120BCC16F4412019C0D958 + 3BFDE4F32A6AE9B469A4112211B77654 + 355FB3ECEE657E1B8C20E570A83A9CC6 + E58656A63AD343E0C241DE558EB4EFE3 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + A0A1A2A3A4A5A6A7A8A9AAABACADAEAF + IV = 0000000000000000 + stream[0..63] = 14530F67317B09CB008EA4FD08813F80 + 4AC63D6B1D595D21E244E11AA4F153E1 + 256DF77976F713B4F7DD1DF64E7016BB + F9460A1A7CC7F3E9D28D8D19A69EB0B4 + stream[192..255] = 6C025A7A0A9F32AE768D35C56231AFFF + 5E9A283260E54F442D1F3263A837545C + 234F7701D1A5B568DDA76A5D596F532C + 4F950425A2F79CD74203CCBB27293020 + stream[256..319] = CA585389DDA8D79B73CA2C64B476C776 + 0DC029271B359EB10D09B90FEF816E96 + 432CCEDFB51322F7AEA6DEB896E048FA + 2AAD234F89C45FC25967DF99955B1234 + stream[448..511] = 7DECE5C4BA2E08A2A61A37D9DD56BC89 + 2E141874A572AE4342067CBD4E080933 + 1851640E5D6EF48F73A4A638C74471C1 + 85E731136BAC231B0803A66A4CDB6A4C + xor-digest = 99D13A0741CCC1C40D655993BE02D21C + 6BDB707DCF4FE3EE7866FC62F9C23EBF + C1C57844796FF8B71CDC8F569E75D960 + 0EFA123DCDDD96E33C1090238E750B34 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + A9AAABACADAEAFB0B1B2B3B4B5B6B7B8 + IV = 0000000000000000 + stream[0..63] = 9B05907B8F2EE3E831D9A0BE6203DBED + 012C381B7E3225B52282B9D0BA5A5A6A + A367F7C553177557B87FFAA73C59E123 + B8B2F069B6C0F6DF25CC0A340CD2550D + stream[192..255] = 4274D6C7996E9E605D378A52CB5AECCC + E6EF862FC0F40091C79FDC93DE2B7CF8 + 4B484FC874687BE243965F92080444D2 + 206123C6815E9A497610283D79EB8FA9 + stream[256..319] = B9EBAF94F5CD2CCDAA2F8804E586DE09 + 98A5E2E79D9C2E9F6267A16B314C3748 + 07E7DD80A3115D2F64F1A7B6AF174AD6 + 8EA04962D48C7F0BCA72D9CDA9945FB1 + stream[448..511] = A08547DA215E1372CED1AC1192431AF3 + 52B670CE9FF5F1F3A598CB17961D7780 + F1D08A6C69BF2EF73BB54DAC8308D320 + 66CB8132DE497FDD9BB54739A54A57AC + xor-digest = 71B9D8900F2C9E50E4E8E31D22C1E008 + 9113A28C9E4039B00E181FC3AC2CBAC0 + 70EA10B1E44ADF4C46D767A1945D5414 + 42E4C1322099B3EAC9AF05736E2BFDDC + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1 + IV = 0000000000000000 + stream[0..63] = 7D0FF0DCB7CAAC90E548E24BEEA22D10 + 1C927E0A9BD559BC32BA70B346659F41 + 8FD9E36202D3AF35CB836F1BD15087DE + 0D01FFF0BD42BC24B01A65CAD6F38E2C + stream[192..255] = 12E246BA025A6174789C631646D092A8 + 865094571FF71BC28A38BEACEB08A822 + 72441DE97C1F273A9AE185B1F05B2953 + EC37C940EE4C3AB5C901FF563563CCC9 + stream[256..319] = 2B48A7B5979BD5D27E841D2A6ED203D7 + 9126471DB9201444D07FCEA31A66D22F + DC65636F451B8D51365639CE2F5090B8 + D08E14FE955580CB3692F4A35410D9BA + stream[448..511] = A94E650CCC1ADEE62D2BAC9AA8969BA1 + 911429B6B9287E2E8A553752EDDF6F82 + 132FA5620E1F4F671EDF9C2EF1B76DB1 + CE63A8A61EDF905A8D5D195D8EE7A116 + xor-digest = 6492816A5383705890130321A2A5AFB7 + B76B54481A48AF1F307EAA0AF41FB5FD + 45CA6F00FE72C7D5C09E48406575651B + 5674BC9488CF5EE93986F830947BF1A6 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + BBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CA + IV = 0000000000000000 + stream[0..63] = F943B21C04A85C22ED1FC5BFBACAAF93 + 2CB889EF7CD4472089B16B6DDA5C72E9 + A8F11B66CFC7677D72FB8908018B2A32 + F6B37A2AC811665D8266841199C066AE + stream[192..255] = E877CA4C8570A4A0CF06FECCCF0430BB + C63077B80518C4BFEC10BA18ABB08C0B + 3FD72D94EED86F1A9A38385AD4395A96 + 7ABB10B245D71680E50C2918CB5AE210 + stream[256..319] = 89B67848C1661AFE6D54D7B7A92EB3FF + AB5D4E1438B6BEB9E51DE6733F08A71F + F16B676851ADD55712C5EE91B3F89381 + 0352A3C0DC7093FCC6D11810C475F472 + stream[448..511] = 14ABC36FB047EB4137390D3AA3486407 + 7400CDF9AC001025BA6F45BEDD460ECD + 2FD4C16064F5579C50ACC64361EE9470 + 468B39F5CABCF366E0AE7DEA4EB1FEB1 + xor-digest = 85D10891442BBD49CB301840BC9BFFDC + AAC81AAAAD8E6CF18E35C17B8E14255F + 10650F031203035A67B68E4DA9414BF3 + 3C229E3F7C253F55771460CA6E804B09 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 + IV = 0000000000000000 + stream[0..63] = 5F76E49A712A9B36D646FDB1355FA862 + DE02BDC06E9AA4DF8DC0749102ADB071 + D575101D0CA6E36034EE3A039CF5239B + 817466A88DE350081D91090D79842DF5 + stream[192..255] = 48AEECB9BA29A1B52B2A5F58597980CF + 2B5A31CD6DB97B98A4DB560500705ED7 + 0BF7D9946DF6B2D26C77E2BC3152F23C + 2302F08ADE124F97E9E45F2894832434 + stream[256..319] = BD9BFA707093FD92BE49E0B0FD0A9E89 + 0AFD92AC6A50375173CE0C966C9D9A87 + E2B538445E697EA193BD33D60DC9F107 + 1784CDA56C8AAD2BC67E17C9F5BDBAF8 + stream[448..511] = 1477E6B19CA394B91496C5C1E1EFE3D4 + 68D157B035C87A4667F6559F56C84ABF + 3CE27D85D85784C40081EA064835904D + AE34A9277900B6F2F0B67F44B6B41776 + xor-digest = E7FDF2693C8481BADDA0503996EAA6F8 + 201C2422907DC27CF747F8325B5FAB10 + 0567204E731A896F0128BFD87993C5C0 + 80B05AA3C75C9675BB7F9CBF935F502A + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + CDCECFD0D1D2D3D4D5D6D7D8D9DADBDC + IV = 0000000000000000 + stream[0..63] = 1D8D3CB0B17972779FBD8339BDBC5D0C + 4178C943381AFA6FA974FF792C78B4BB + 5E0D8A2D2F9988C01F0FF7CE8AD310B6 + 6FA3B8D8CB507E507C4516BC9E7603B6 + stream[192..255] = F32D0691B1832478889516518C441ADB + 8F0FE2165B15043756BB37928EBCA33F + 9C166A5907F7F85CCF45CE6BFB68E725 + 748FA39528149A0E96B0B6C656854F88 + stream[256..319] = 66A7226EA4CF4DB203592F0C678BA8D2 + 99F26E212F2874681E29426A579469B2 + CA747B8620E7E48A7E77D50E5C45FF62 + A733D6052B2FB4AAB4AC782539193A76 + stream[448..511] = 25CCCD9E6FF25D8D6525E621BC376F6A + F73C749E80213260F1418B0C191B1F24 + C1922DAD397EFA6062BBE9E3612D35D5 + 30F49C5D9D4F11E4CB2B3A4E66731FA8 + xor-digest = 92BE9D3D0940E7447B043A3C0150AE8A + E28BC1F1D3EF2318E447210936356401 + 729A21A8BBA3FE17EAC0334B9E42E2BE + FE94CF0FEDBA97460B1BC07813A48053 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5 + IV = 0000000000000000 + stream[0..63] = 9D2EB0E9A93A0EF9F8ABCE0916C06EEB + E9C8EBB52A8112CD352A8E2E4EE84DFD + 44B7C8251D0D1A36EA69CEB8C595D527 + DA0EF26A2C5A5F443DC3040C6BF2DA49 + stream[192..255] = A86842C08DA057352B70FB63EBD1516F + D56E7BB389BBBB22F8EDE940DC7036CF + E10104AB81A51F23CFE35CCCC07BF50D + 40A2438F3B3AEAB62953406A9E7D7BF3 + stream[256..319] = 9EE5EE22FFEDB13C11A81B0E5EC82DB6 + 303F22A62F0FD0574CE7007AF1EA2FCC + 23D9C4196EBE897AB0D00371429F518E + C150063EAE314EE72EFADB1AA7714AC6 + stream[448..511] = 125ACD159548C79FCC93BFEC7B832C5D + 387AFD85A0537BB6A49A8C3F4673306B + D76E17AC601629E00AB5AFF62B269491 + AD996A624C6B1888BF13785AD63DEC7C + xor-digest = 9772AADF9F5BE8C14EC8304D594AF93E + 1285357C9DFE9C10A1D45E5EB7D5BDCC + FCBF529FDCA3E620EB097575BFE68B08 + 04E63DD07C5FE3C8D8E28E2277E0358E + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE + IV = 0000000000000000 + stream[0..63] = 1D99BD420A9EBE17CF6144EEBE46A4B5 + D8CE913F571DCEDEE6C6E3CFA27572F5 + 9983D4B2CADC292A956983AF7250CA81 + A23A9EDA42417CC150597891045FF321 + stream[192..255] = D53AB2E60871F42D10E6747FE358E562 + 14D7CE3E7BA38E51354C801B72E5D515 + DD805F8FDBA9F1BC81C5926DBE8CDBD2 + 3B006714CC8D550671036F6FD2991825 + stream[256..319] = FD97553220FB51132C33EBDA78606A24 + 5C5E3578A69754BF4FC11D6242605160 + B4085DFDFC3D11505F72DC15CC16C683 + 37798E0DABD37C67B2E8912E498EA940 + stream[448..511] = A2D9199683D73F01DDD77BD46CD5BCEF + 37CD9D4ECBA40B6C51446DCC68BCAD18 + 9FBEFEFC3D82131ECF98263299DC0CA9 + 1DD349E4DD348A88B2E3D7AA2D20CC13 + xor-digest = 0F8AA6C52B1A2A36DA0EBE5C16BA2360 + 2E48161F836C228A0B8A413F6E0699A0 + 4DA22789A18C53A5125CFE51B9D7B5A1 + D9957CDED4D1F48744944B65D2AE2290 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7 + IV = 0000000000000000 + stream[0..63] = B9751AF24FCF14907948F7AD36E2649A + 9A07B637F84D34E961EE82B7C33A9CC3 + 7B96DA6A956AFF4A629546C422802767 + AD9F24BB2E79F09FCD43775FAC965123 + stream[192..255] = 6C4CB6AD15DDCE11F1BF68FFF1376E0F + 4CE35ABCE777F4AB1D6906D09184689D + B697D1CFFAF46C5B85AD9F21CFF0D756 + 3DF67CF86D4199FA055F4BE18AFA34C2 + stream[256..319] = 35F4A1BBB9DA8476A82367A5607C72A0 + C273A8D1F94DC4D62FDB2FA303858678 + FABCD6C6EBA64849640BFB6FE4ADB340 + 28FAE26F802EA0ECE37D2AC2F2560CE8 + stream[448..511] = 3D208E3CFAF58AF11BCC527F948A3B75 + E1751A28A76CBFE94204783820AD7FEE + 7C98B318EDA2DC87111D18978CEE0C0C + E39F1469E7CB3EEEDBD6BF30DA68DF34 + xor-digest = 7843987CBFAF3BC7DABD22E793F0F1B6 + 599E7774A6FAAA79B81A956F7C20964A + 884A766CD76FDCDB67AAFAEACF24D221 + 5C5CE400F056F81A9EB0951A468502D9 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF00 + IV = 0000000000000000 + stream[0..63] = EA444200CDE137A48DD3728CFC0FE82A + 1CD6F0F412C0343639052B6471F8321C + 3C9A38986A5F882A26ABCFB342D3FF50 + 4E2EBF01D8CDA2408AE1A9023F4D64CA + stream[192..255] = 5C20B3CECA032C29E7B8118BB8B946F9 + 90A9DD8895D9D7FE620727087DB8C6E9 + 6973741552A24E8C3B9EC81FA2B06E5F + F4283201639C83CC0C6AF8AA20FBDDD9 + stream[256..319] = 4DB2FF5167737BB90AD337FE16C10BD9 + E4D2B8D6FBD172F5448D099D24FEAEA9 + B30224AB670781C667292D04C76EFEC2 + 476B2D33ADA7A7132677E4B8270C68CD + stream[448..511] = 5AB9F03158EA17B1D845CDC688C3BB0F + F1AC5CEAA2F16DB3178223D1471D0191 + 0E9D5BB3C6D0C9CC652C0ACF527B4F44 + 94B0DE521164493800E132B272A42A22 + xor-digest = E7CADB2D003E6B1FB7ED9E085806817E + A548D2F1AFEF99ADED650D1B3DDF3533 + C1E86435B9040DEEC83CEA60A501F35F + 8538B9A4B3836B7D23A909100E244801 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + FAFBFCFDFEFF00010203040506070809 + IV = 0000000000000000 + stream[0..63] = 99A8CCEC6C5B2A0B6E336CB20652241C + 32B24D34ACC0457EF679178EDE7CF805 + 805A9305C7C49909683BD1A803327817 + 627CA46FE8B929B6DF0012BD864183BE + stream[192..255] = 2D226C11F47B3C0CCD0959B61F59D5CC + 30FCEF6DBB8CBB3DCC1CC25204FCD449 + 8C37426A63BEA3282B1A8A0D60E13EB2 + FE59241A9F6AF426689866EDC769E1E6 + stream[256..319] = 482FE1C128A15C1123B5655ED546DF01 + 4CE0C455DBF5D3A13D9CD4F0E2D1DAB9 + F12FB68C544261D7F88EAC1C6CBF993F + BBB8E0AA8510BFF8E73835A1E86EADBB + stream[448..511] = 0597188A1C19255769BE1C210399AD17 + 2EB46C52F92FD541DF2EAD71B1FF8EA7 + ADD380EC71A5FD7ADB5181EADD1825EC + 02779A4509BE5832708CA2836C1693A5 + xor-digest = 0F8D6440841701C8C9BA58C0A86262AE + 0220D0655B0B8C6DE7D2987BCC211A59 + F2A23C932D0C17DF87C6B5F80AACB5AC + 5A7894CB6B7552D0C0E235F1FCEAC442 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + 030405060708090A0B0C0D0E0F101112 + IV = 0000000000000000 + stream[0..63] = B4C0AFA503BE7FC29A62058166D56F8F + 5D27DC246F75B9AD8760C8C39DFD8749 + 2D3B76D5D9637F009EADA14458A52DFB + 09815337E72672681DDDC24633750D83 + stream[192..255] = DBBA0683DF48C335A9802EEF02522563 + 54C9F763C3FDE19131A6BB7B85040624 + B1D6CD4BF66D16F7482236C8602A6D58 + 505EEDCCA0B77AED574AB583115124B9 + stream[256..319] = F0C5F98BAE05E019764EF6B65E0694A9 + 04CB9EC9C10C297B1AB1A6052365BB78 + E55D3C6CB9F06184BA7D425A92E7E987 + 757FC5D9AFD7082418DD64125CA6F2B6 + stream[448..511] = 5A5FB5C8F0AFEA471F0318A4A2792F7A + A5C67B6D6E0F0DDB79961C34E3A564BA + 2EECE78D9AFF45E510FEAB1030B102D3 + 9DFCECB77F5798F7D2793C0AB09C7A04 + xor-digest = E940A6B3F4FF6EEDB11FF692E60C1246 + 392EB04AF868088EE85D813B0600CA91 + E8C384620F059B6537F29431A534ADFF + 92DB33C3615465AE4B19E6196F14C0DE + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + 0C0D0E0F101112131415161718191A1B + IV = 0000000000000000 + stream[0..63] = 2064790538ACDF1DE3852C465070D962 + FE2993BDD20C96DED5B2E5FA33283374 + 2A6B03966D47F8874D39C501ECFE0045 + 725C463530967ED1499097906B9775C3 + stream[192..255] = 9F880124435347E31FDF6EF96981FAB3 + 1A912D0B70210CBED6DDC9813521CCE2 + B5C2B80193A59DCD933026D262E8EC74 + F5880028FBB06166E0A304453A3A54BB + stream[256..319] = 8A3F922FCDE48CE6C2E324EAA639DECC + E7257A25C420A2435BBA98740DF6C92A + 8FA18F1D4E67C5F75F314219BB769685 + A0C028D115321D10D58B46E5D58ABB4E + stream[448..511] = 905C86F2F2C1E0454963E21D7498E8F4 + 67ECF23F8B02671F57584322E9952223 + 58D4FD541714BF12EFB189ACEA624AFF + 2D55B252974D39D8598E8A066536ACB2 + xor-digest = 4750CDBC728F8AB112C58235A5891BA1 + 84B79BAF5172AC7C530F57023F1E9CFD + 26071B4826FF3C6971DC2A7DD8FB35B0 + 054D59D5538746F0C4C2D1A8DE6DC771 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0000000000000000 + stream[0..63] = F9D2DC274BB55AEFC2A0D9F8A982830F + 6916122BC0A6870F991C6ED8D00D2F85 + 94E3151DE4C5A19A9A06FBC191C87BF0 + 39ADF971314BAF6D02337080F2DAE5CE + stream[65472..65535] = 05BDA8EE240BA6DC53A42C14C17F620F + 6FA799A6BC88775E04EEF427B4B9DE5A + 5349327FCADA077F385BA321DB4B3939 + C0F49EA99801790B0FD32986AFC41B85 + stream[65536..65599] = FED5279620FBCBDD3C3980B11FCE4787 + E6F9F97772BEAAD0EF215FDCD0B3A16F + BB56D72AFD5FD52E6A584BF840914168 + D04A594FFDDA959A63EB4CF42694F03F + stream[131008..131071] = F161DCE8FA4CF80F8143DDB21FA1BFA3 + 1CA4DC0A412233EDE80EF72DAA1B8039 + 4BCE3875CA1E1E195D58BC3197F803A8 + 9C433A59A0718C1A009BCB4DA2AC1778 + xor-digest = 2052F9A2853E989133D10938222AC76D + B8B4CBA135ACB59970DDF9C074C6271A + 5C4E2A7A00D2D697EDFC9B1FF9B365C8 + 7347B23020663A30711A71E3A02AB00C + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 0000000000000000 + stream[0..63] = 2F634849A4EDC206CE3E3F89949DF4E6 + EA9A0E3EE87F0AB108C4D3B789ACE673 + 07AC8C54F07F30BAD9640B7F6EDEEC9D + B15E51599EB15E1CA94739FEA5F1E3D7 + stream[65472..65535] = EB2B0FD63C7EEEAA5A4D712EEEFC0A7E + 214BEB04D3FDA19C32250949868216D3 + A659B312E13EC66C5832E970F9C91FF9 + 4F7463439A9827ECCA52248D3CC604CD + stream[65536..65599] = 425E0DF93A3DE6B22E0871EB4E435691 + D77B5C471228DE302A79001F89F7E77D + 837C5CA0177B2206568EDC2EB0F169D5 + 6B414B9DCCDC928659B4BE1E0DEDFF73 + stream[131008..131071] = 6AA3D6938B6B54B4CB8D2885274A991B + 4A0D5CCF35D981953EC64452FACC8640 + B5ACFA39A372E38BE4E10EE68E7F1B50 + 5A5660CDFBAE8DCBFCC9A3847BBB6BA4 + xor-digest = 61F90A34A70BEE706D298B31B281BFC7 + 2CF9E82394F6AD7277AAFE176CDB6D62 + 8E723AC403D892A85AC907D48DD2C3CB + CB6C622297670AD2590BE9A774B07D65 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 0000000000000000 + stream[0..63] = 0A8BBD088ABADC4D57D3389E32175878 + 125BD89DE7E9D05DBF29B753F5F0C2CB + F0EEF9333526E9308A114E06EB9564EB + 35C28EA93C17BEF0466748079A355B9C + stream[65472..65535] = F47FDFF047F0303F6CCE2510FA2475F0 + 7784D5F0FBD63D1746BD8CE4BB02802C + 3052A375D7DE75D439174E7B19CEBA3B + 9546DB027F14FFDB9EF542D5768CE5A7 + stream[65536..65599] = 40FEC0EE1697D63CB04299A17C446DE0 + 6B3407D10C6DD2143DFA24EB7362D09A + 6857C6AA83A191D65B05EBBBC8133D12 + 2BDE75900C86FCD8785EECE48659C3B0 + stream[131008..131071] = 7820087794D46993E984536E7B74C615 + 67AB34C6C0A90090DB080E6EB79532FB + 414CD1145A781A2C55519A3E3AD19FA6 + D78790313EBE19A86F61068E4C8E508D + xor-digest = 67125CED828BA1AC0E22B29E75886255 + ED129F94F30B83E81E9DACFC4D2BD1DD + 782BCC1929B62D754D1CC0AB120A24A4 + 8FB8190CEF0519F73B404C97A83E3925 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 0000000000000000 + stream[0..63] = 4A671A2AE75DB7555BEA5995DC53AF8D + C1E8776AF917A3AB2CA9827BCED53DA7 + 00B779820F17294751A2C37EF5CCCFE9 + 7BF7481E85AFC9ECAE431B7CF05F6153 + stream[65472..65535] = 15C415BE73C12230AC9505B92B2B1273 + 7F6FB2FAAF9C51F22ECCB8CBED36A27A + 1E0738E1252D26E8E5E5651FE8AA02CC + 9887D141A7CBAE80F01BE09B314005BB + stream[65536..65599] = 1C48158413F5EC5E64D2FA4786D91D27 + 27DF6BECD614F6AE745CF2B6F35CD824 + 3E5F1C440BEDE01E6C8A1145F2AB77FA + 24D634DE88F955D4F830D4A548A926D0 + stream[131008..131071] = A9BE2FB00C8BD01054153F77EC0C633C + E8DF7F78E994907B9F387FF090CB3B95 + 4271FEADF50C9084106F4285FF4F534D + AEC130AAE287D47033179BBAEEB36CE6 + xor-digest = FE8E842CB0F33D020632A0A682AF9EF0 + AD3715E3DBAF4CD3591D46B1CE47FCEB + 6D3A04AE59AF466E22EE507FB8BD58F7 + 4C643E138029521638A3B066305F60DF + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 8000000000000000 + stream[0..63] = 2ABA3DC45B4947007B14C851CD694456 + B303AD59A465662803006705673D6C3E + 29F1D3510DFC0405463C03414E0E07E3 + 59F1F1816C68B2434A19D3EEE0464873 + stream[192..255] = EFF0C107DCA563B5C0048EB488B40341 + ED34052790475CD204A947EB480F3D75 + 3EF5347CEBB0A21F25B6CC8DE6B48906 + E604F554A6B01B23791F95C4A93A4717 + stream[256..319] = E3393E1599863B52DE8C52CF26C752FB + 473B74A34D6D9FE31E9CA8DD6292522F + 13EB456C5BE9E5432C06E1BA3965D454 + 48936BC98376BF903969F049347EA05D + stream[448..511] = FC4B2EF3B6B3815C99A437F16BDB06C5 + B948692786081D91C48CC7B072ABB901 + C0491CC6900F2FEA217BFFC70C43EDD6 + 65E3E020B59AAA43868E9949FBB9AE22 + xor-digest = FE40F57D1586D7664C2FCA5AB10BD7C7 + 9DE3234836E76949F9DC01CBFABC6D6C + 42AB27DDC748B4DF7991092972AB4985 + CEC19B3E7C2C85D6E25A338DEC288282 + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0040000000000000 + stream[0..63] = F28343BCF4C946FC95DCAAED9DA10B27 + 7E573FC8EBC8CEE246FDDC533D29C2EA + 05451ED9A821C4161EE0AFA32EC0FCA0 + DAD124B702DA9248B3D2AA64489C9D26 + stream[192..255] = C65F799168D6B229D0281309526B746C + 490D3EDC0F6408A04339275FCE04BDF4 + 656AB5868495C32D238FDB97869A9332 + E09CB7BE8031D38B8F565FB5469C8459 + stream[256..319] = 03E48FD41282FCD62C7217ED64153E55 + B558F82A613245C3D8A885542346AA39 + 27DE9734C0581338C3DE5DB443EC4227 + E3F82677D259D2D42601D187C79BF87A + stream[448..511] = 551F95AD9751E4F4BACE7FD48B6A3C67 + E86C4B1E5B747BA60377B07FE8365E09 + F8973085F8A6086FC56BD88168D8C561 + 8B01B159EF29F658C85FD117925D46E0 + xor-digest = 17E005D5257D3ECE55DBE678290C9E1F + E0D1E18CA8D54F6271E83D1A94580D8A + 597403F680674F564D130D71111ADD2D + A17E21268D5A8407CB2721730776DC94 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000200000000000 + stream[0..63] = 621F3014E0ADC8022868C3D9070BC49E + 48BC6B504AFF11CB17957F0EBFB7612F + 7FCB67C60A2FBD7A4BD7C312E8F50AF3 + CA7520821D73DB47189DAD557C436DDC + stream[192..255] = 42C8DFE869C90018825E2037BB5E2EBB + C4A4A42660AFEA8A2E385AFBBC63EF30 + 98D052FF4A52ED12107EE71C1AEC271E + 6870538FCEAA1191B4224A6FFDCE5327 + stream[256..319] = 4214DA4FAF0DF7FC2955D81403C9D49E + E87116B1975C5823E28D9A08C5B1189D + C52BCBEF065B637F1870980CB778B75A + DDA41613F5F4728AD8D8D189FBF0E76D + stream[448..511] = 4CA854257ECE95E67383FC8665C3A823 + 8B87255F815CA4DEC2D57DB72924C60C + B20A7EE40C559406AAAB25BE5F47184D + D187ED7EA191133F3000CB88DCBAC433 + xor-digest = 3191EA19C819BC3382B2C085B709E569 + 54D91532C88F49E77BACCCBCE6312A46 + A6079A13DF08EFEE0F1A6C95BE79E919 + 87677D1CAAE2E0CE253B3EE47F825EAF + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000001000000000 + stream[0..63] = D2DB1A5CF1C1ACDBE81A7A4340EF5343 + 5E7F4B1A50523F8D283DCF851D696E60 + F2DE7456181B8410D462BA6050F061F2 + 1C787FC12434AF58BF2C59CA9077F3B0 + stream[192..255] = 6CE020B3E83765A11F9AE157AD2D07D1 + EA4E9FBBF386C83FEF54319746E5F997 + D35BE9F73B99772DA97054FF07301314 + 3FF9E5B47C61966D8525F17265F48D08 + stream[256..319] = FFEAB16EEA5C43BFD08D2591F9A40293 + 24CDDC83A840B2C136B7CE99AF3A66CB + 3084E4E2CA6F44AC5CEAF7A1157BE267 + 3DF688B43BD51B9A8444CE194E3CA7F2 + stream[448..511] = 0D3873FD47A7B3400115C40574469D21 + 5BCE0679ED5CF9E374E473B4427DE498 + 5804DD75151D72EE367A3F066E641B7F + 5CF28A67215B74DD80EB3FC02E12A308 + xor-digest = 838960663A70C2CACD205BC38D8BCC12 + 8438D6A03006727EF1440B1D3C7FD557 + CC4A02AC9CF7D51DCFE3862ACCDEEEBE + B15393EE6D8E4483710932C4B44990B5 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000008000000 + stream[0..63] = 22E129373F7589D9EAFFF18DEA63432E + 38D0245BAE221D3635BEE176760552B8 + 9B6BC49CFEB7D9A5B358963C488ED8FA + D01F1C72307CADEEF9C20273FB5D6775 + stream[192..255] = 6E6FFCB8B324EE4FF55E64449B2A356B + D53D8AB7747DFFC0B3D044E0BE1A736B + 4AB2109624600FE8CA7E6949A4DF82AC + A5C96D039F78B67767A1B66FAB0EF24B + stream[256..319] = C3DF823DBA0F84D70E425D0C2C88DCE3 + CAEC3ACCA435B5A2832BE2E0F0AA46AD + 3F288AFE49BE5C345DC65445D26993F5 + 1E3F46E0C1B02B5AEDF73D68336AA04F + stream[448..511] = 443B0FDC4F8365AB93A07682EBCA7B92 + 42259A26DAB3574B2E562CCABDB25633 + 96F331146347C26D5DB49C87054642F8 + 60FC1A0B87468ED0B5CB9C30D72EA8F7 + xor-digest = 8D2110EA7CABD4A3DAEC4768131D8AED + 9E7E1EB1E1F553F7EE38FB339B648444 + 0F43AB7C7F17BB593BF2CFB53688CC74 + F00A32117039DA4745F78E66059000E6 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000040000 + stream[0..63] = DC302570A4D1C44F31D9FA55C7712B11 + AE770BFAA3F8631DFF924BCF00A09C90 + 6571B024CE5264215E516D73416BF3E3 + CE373CAE669DB1A057EFD7EB184243B6 + stream[192..255] = A52427068F8048FC5E3E6E94A1A616CD + 11F5A9ED4F8899F780F67836EEC4FADB + B19C183C6946541F182F224104DF9444 + 66D96A6CE7F2EFE723807A8738950AD9 + stream[256..319] = D1410A14DFA3DA5C9BDF18A34476F7C0 + D7A8373331741ED62682C555EA8B62A8 + 1EDB10DB9479BAF2CD532CFB18357A92 + FF90897315F69CEE526DE31329CFA06B + stream[448..511] = 9CA44AF188E42090F9969FB5F771C987 + 557912B83261760EE80A809F7E398A66 + D56049FFDFFBD3E16633537B84AFB38E + 564B717A0C26EBFEE907B8EF7FDA31F0 + xor-digest = BBF40E80EBBCBCC93067CAC497FD4403 + D1E797AC131A593D06BCA34ED650CB3D + 70403B26550EBB76E00CE04CB15F28CA + 99F1700ABBA462F041D474E008488F0D + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000200 + stream[0..63] = 98951956F4BD5E2E9DC624CCD2D79E60 + 6D24A4DB51D413FDAF9A9741A6F079B4 + 21400FDA0B4D8785578BB318BDAD4ABC + A8C2D1BA3BA4E18C2F5572499F345BC1 + stream[192..255] = C3A267F0EB87ED714E09CABC2780FEF6 + E5F665BBBBB44C8448D8EB42D88275CD + 62AD759AAC9F4080F73993DE50FF94E8 + 34E2CF7B74A91E68B38EACE9C12922C2 + stream[256..319] = 78BD0BB32A69E62362EE7E31F1DD9E96 + CA6E196844EFD9459F270D612119DFA4 + 5DD1522967629143CECD585CFE62B7FD + 9D1503A62A238C35A66595C49DD71575 + stream[448..511] = C17F946C14A492392A1C554993F406B2 + EA806E4186D97FCB420C21FB4245A3DB + 4EBA2BCB59D2C33CE2CD5044A79A96F9 + 5182112D9724E16AD9E965047DA71F05 + xor-digest = 0094C2C02618E924D6CD7C96CBD6A44A + 33D3983DEAD3084C1A694490B367CE6D + 7732300C3BA3848C2EA143031A980BE4 + 9C1354A528D1E1E1B1A55AFF18BD0F92 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 0000000000000001 + stream[0..63] = B47F96AA96786135297A3C4EC56A613D + 0B80095324FF43239D684C57FFE42E1C + 44F3CC011613DB6CDC880999A1E65AED + 1287FCB11C839C37120765AFA73E5075 + stream[192..255] = 97128BD699DDC1B4B135D94811B5D2D6 + B2ADCBDC1ED8D3CF86ECF65A1750DE66 + CA5F1C2ED350DC2F497396E029DBD4A0 + 6FDDA6238BE7D120DD41E9F19E6DEEA2 + stream[256..319] = FF8065AD901A2DFC5C01642A840F7593 + AE032946058E54EA67300FBF7B928C20 + 3244EF546762BA640032B6A2514122DE + 0CA969283F70CE21F981A5D668274F0D + stream[448..511] = 1309268BE548EFEC38D79DF4334CA949 + AB15A2A1003E2B97969FE0CD74A16A06 + 5FE8691F03CBD0ECFCF6312F2EE0697F + 44BD3BF3E60320B289CBF21B428C8922 + xor-digest = 1115D387A0C41A67543BE13DD539AB84 + 4D9A2CC98C20BB6E7B092268C060884F + 53774E3B044C6058B137CCCADF9F7026 + 96B3D40DFF3835341E4BF01BDD1C8FB1 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0D74DB42A91077DE + stream[0..63] = F5FAD53F79F9DF58C4AEA0D0ED9A9601 + F278112CA7180D565B420A48019670EA + F24CE493A86263F677B46ACE1924773D + 2BB25571E1AA8593758FC382B1280B71 + stream[65472..65535] = B70C50139C63332EF6E77AC54338A407 + 9B82BEC9F9A403DFEA821B83F7860791 + 650EF1B2489D0590B1DE772EEDA4E3BC + D60FA7CE9CD623D9D2FD5758B8653E70 + stream[65536..65599] = 81582C65D7562B80AEC2F1A673A9D01C + 9F892A23D4919F6AB47B9154E08E699B + 4117D7C666477B60F8391481682F5D95 + D96623DBC489D88DAA6956B9F0646B6E + stream[131008..131071] = A13FFA1208F8BF50900886FAAB40FD10 + E8CAA306E63DF39536A1564FB760B242 + A9D6A4628CDC878762834E27A541DA2A + 5E3B3445989C76F611E0FEC6D91ACACC + xor-digest = C349B6A51A3EC9B712EAED3F90D8BCEE + 69B7628645F251A996F55260C62EF31F + D6C6B0AEA94E136C9D984AD2DF3578F7 + 8E457527B03A0450580DD874F63B1AB9 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 167DE44BB21980E7 + stream[0..63] = 3944F6DC9F85B128083879FDF190F7DE + E4053A07BC09896D51D0690BD4DA4AC1 + 062F1E47D3D0716F80A9B4D85E6D6085 + EE06947601C85F1A27A2F76E45A6AA87 + stream[65472..65535] = 36E03B4B54B0B2E04D069E690082C8C5 + 92DF56E633F5D8C7682A02A65ECD1371 + 8CA4352AACCB0DA20ED6BBBA62E177F2 + 10E3560E63BB822C4158CAA806A88C82 + stream[65536..65599] = 1B779E7A917C8C26039FFB23CF0EF8E0 + 8A1A13B43ACDD9402CF5DF38501098DF + C945A6CC69A6A17367BC03431A86B3ED + 04B0245B56379BF997E25800AD837D7D + stream[131008..131071] = 7EC6DAE81A105E67172A0B8C4BBE7D06 + A7A8759F914FBEB1AF62C8A552EF4A4F + 56967EA29C7471F46F3B07F7A3746E95 + 3D315821B85B6E8CB40122B96635313C + xor-digest = C3EAAF32836BACE32D04E1124231EF47 + E101367D6305413A0EEB07C60698A287 + 6E4D031870A739D6FFDDD208597AFF0A + 47AC17EDB0167DD67EBA84F1883D4DFD + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 1F86ED54BB2289F0 + stream[0..63] = 3FE85D5BB1960A82480B5E6F4E965A44 + 60D7A54501664F7D60B54B06100A37FF + DCF6BDE5CE3F4886BA77DD5B44E95644 + E40A8AC65801155DB90F02522B644023 + stream[65472..65535] = C8D6E54C29CA204018A830E266CEEE0D + 037DC47E921947302ACE40D1B996A6D8 + 0B598677F3352F1DAA6D9888F891AD95 + A1C32FFEB71BB861E8B07058515171C9 + stream[65536..65599] = B79FD776542B4620EFCB88449599F234 + 03E74A6E91CACC50A05A8F8F3C0DEA8B + 00E1A5E6081F5526AE975B3BC0450F1A + 0C8B66F808F1904B971361137C93156F + stream[131008..131071] = 7998204FED70CE8E0D027B206635C08C + 8BC443622608970E40E3AEDF3CE790AE + EDF89F922671B45378E2CD03F6F62356 + 529C4158B7FF41EE854B1235373988C8 + xor-digest = 3CD23C3DC90201ACC0CF49B440B6C417 + F0DC8D8410A716D5314C059E14B1A8D9 + A9FB8EA3D9C8DAE12B21402F674AA95C + 67B1FC514E994C9D3F3A6E41DFF5BBA6 + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 288FF65DC42B92F9 + stream[0..63] = 5E5E71F90199340304ABB22A37B6625B + F883FB89CE3B21F54A10B81066EF87DA + 30B77699AA7379DA595C77DD59542DA2 + 08E5954F89E40EB7AA80A84A6176663F + stream[65472..65535] = 2DA2174BD150A1DFEC1796E921E9D6E2 + 4ECF0209BCBEA4F98370FCE629056F64 + 917283436E2D3F45556225307D5CC5A5 + 65325D8993B37F1654195C240BF75B16 + stream[65536..65599] = ABF39A210EEE89598B7133377056C2FE + F42DA731327563FB67C7BEDB27F38C7C + 5A3FC2183A4C6B277F901152472C6B2A + BCF5E34CBE315E81FD3D180B5D66CB6C + stream[131008..131071] = 1BA89DBD3F98839728F56791D5B7CE23 + 5036DE843CCCAB0390B8B5862F1E4596 + AE8A16FB23DA997F371F4E0AACC26DB8 + EB314ED470B1AF6B9F8D69DD79A9D750 + xor-digest = E00EBCCD70D69152725F9987982178A2 + E2E139C7BCBE04CA8A0E99E318D9AB76 + F988C8549F75ADD790BA4F81C176DA65 + 3C1A043F11A958E169B6D2319F4EEC1A + + + +End of test vectors diff --git a/t/cipher_test_vectors_ltc.t b/t/cipher_test_vectors_ltc.t index 3658176..09943a0 100644 --- a/t/cipher_test_vectors_ltc.t +++ b/t/cipher_test_vectors_ltc.t @@ -32,7 +32,7 @@ my $name; my $size; while (my $l = ) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^[\s]*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//g; my ($k, $v) = split /:/, $l; @@ -58,7 +58,7 @@ for my $n (sort keys %$tv) { next unless $tv->{$n}->{$ks}->{$i}; my $ct = Crypt::Cipher->new($N, $key)->encrypt($bytes); is(unpack('H*', $ct), lc($tv->{$n}->{$ks}->{$i}), "$N/$ks/$i"); - $bytes = $ct; + $bytes = $ct; $key = substr($ct x 100, 0, $ks); } } diff --git a/t/cipher_test_vectors_openssl.t b/t/cipher_test_vectors_openssl.t index aa2d95a..ccd752c 100644 --- a/t/cipher_test_vectors_openssl.t +++ b/t/cipher_test_vectors_openssl.t @@ -12,7 +12,7 @@ use Crypt::Mode::CTR; use Crypt::Cipher; while (my $l = ) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^\s*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//; next if !$l || $l =~ /^#/; @@ -63,7 +63,7 @@ while (my $l = ) { die "UNKNOWN MODE '$mode'"; } #warn "[$cipher|$mode, ".length($key).", ".length($iv).", ".length($pt).", ".length($ct).", ".length($flag)."]\n"; -} +} __DATA__ #cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt) @@ -120,29 +120,29 @@ AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3 AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688 AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4 -# ECB-AES192.Encrypt and ECB-AES192.Decrypt +# ECB-AES192.Encrypt and ECB-AES192.Decrypt AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E -# ECB-AES256.Encrypt and ECB-AES256.Decrypt +# ECB-AES256.Encrypt and ECB-AES256.Decrypt AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8 AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870 AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7 # For all CBC encrypts and decrypts, the transformed sequence is # AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec -# CBC-AES128.Encrypt and CBC-AES128.Decrypt +# CBC-AES128.Encrypt and CBC-AES128.Decrypt AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2 AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516 AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7 -# CBC-AES192.Encrypt and CBC-AES192.Decrypt +# CBC-AES192.Encrypt and CBC-AES192.Decrypt AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8 AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0 AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD -# CBC-AES256.Encrypt and CBC-AES256.Decrypt +# CBC-AES256.Encrypt and CBC-AES256.Decrypt AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6 AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461 @@ -150,12 +150,12 @@ AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F # We don't support CFB{1,8}-AESxxx.{En,De}crypt # For all CFB128 encrypts and decrypts, the transformed sequence is # AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec -# CFB128-AES128.Encrypt +# CFB128-AES128.Encrypt AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1 AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1 AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1 -# CFB128-AES128.Decrypt +# CFB128-AES128.Decrypt AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0 AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0 AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0 @@ -170,44 +170,44 @@ AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:0001020304050607080 AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0 AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0 AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0 -# CFB128-AES256.Encrypt +# CFB128-AES256.Encrypt AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1 -# CFB128-AES256.Decrypt +# CFB128-AES256.Decrypt AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0 AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0 # For all OFB encrypts and decrypts, the transformed sequence is # AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec -# OFB-AES128.Encrypt -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 -AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 -# OFB-AES128.Decrypt +# OFB-AES128.Encrypt +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 +AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 +# OFB-AES128.Decrypt AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0 AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0 AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0 AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0 -# OFB-AES192.Encrypt -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 -# OFB-AES192.Decrypt -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 -AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 -# OFB-AES256.Encrypt +# OFB-AES192.Encrypt +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 +# OFB-AES192.Decrypt +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 +AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 +# OFB-AES256.Encrypt AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1 -# OFB-AES256.Decrypt +# OFB-AES256.Decrypt AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 @@ -263,19 +263,19 @@ CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDE CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1 CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1 -# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt +# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96 CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636 CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A -# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt +# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3 CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366 CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26 -# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt +# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28 @@ -283,19 +283,19 @@ CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF # For all CBC encrypts and decrypts, the transformed sequence is # CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec -# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt +# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887 CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54 CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980 -# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt +# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93 CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5 CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449 CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08 -# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt +# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50 CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83 @@ -304,13 +304,13 @@ CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF # We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt # For all CFB128 encrypts and decrypts, the transformed sequence is # CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec -# CFB128-CAMELLIA128.Encrypt +# CFB128-CAMELLIA128.Encrypt CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1 CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1 CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1 -# CFB128-CAMELLIA128.Decrypt +# CFB128-CAMELLIA128.Decrypt CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0 CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0 @@ -328,13 +328,13 @@ CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677D CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0 CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0 -# CFB128-CAMELLIA256.Encrypt +# CFB128-CAMELLIA256.Encrypt CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1 CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1 CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1 -# CFB128-CAMELLIA256.Decrypt +# CFB128-CAMELLIA256.Decrypt CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0 CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0 @@ -342,37 +342,37 @@ CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF # For all OFB encrypts and decrypts, the transformed sequence is # CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec -# OFB-CAMELLIA128.Encrypt +# OFB-CAMELLIA128.Encrypt CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1 -# OFB-CAMELLIA128.Decrypt +# OFB-CAMELLIA128.Decrypt CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0 CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0 -# OFB-CAMELLIA192.Encrypt +# OFB-CAMELLIA192.Encrypt CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1 -# OFB-CAMELLIA192.Decrypt +# OFB-CAMELLIA192.Decrypt CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0 CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0 -# OFB-CAMELLIA256.Encrypt +# OFB-CAMELLIA256.Encrypt CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1 CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1 CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1 CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1 -# OFB-CAMELLIA256.Decrypt +# OFB-CAMELLIA256.Decrypt CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0 CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0 CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0 @@ -386,4 +386,4 @@ SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1 SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1 SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1 -SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1 \ No newline at end of file +SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1 diff --git a/t/cipher_twofish_test_vectors_bc.t b/t/cipher_twofish_test_vectors_bc.t index 11f616a..ce4fdff 100644 --- a/t/cipher_twofish_test_vectors_bc.t +++ b/t/cipher_twofish_test_vectors_bc.t @@ -13,7 +13,7 @@ while (my $l = ) { my ($k, $v) = split /:/, $pair; $d->{$k} = $v; } - + my $c = Crypt::Cipher::Twofish->new(pack('H*',$d->{key})); my $result = pack('H*', $d->{pt}); $result = $c->encrypt($result) for(1..$d->{iter}); diff --git a/t/cipher_xtea_test_vectors_bc.t b/t/cipher_xtea_test_vectors_bc.t index 4a4dbb8..9304920 100644 --- a/t/cipher_xtea_test_vectors_bc.t +++ b/t/cipher_xtea_test_vectors_bc.t @@ -13,7 +13,7 @@ while (my $l = ) { my ($k, $v) = split /:/, $pair; $d->{$k} = $v; } - + my $c = Crypt::Cipher::XTEA->new(pack('H*',$d->{key})); my $result = pack('H*', $d->{pt}); $result = $c->encrypt($result) for(1..$d->{iter}); diff --git a/t/crypt-misc.t b/t/crypt-misc.t index e7064ae..d8892f3 100644 --- a/t/crypt-misc.t +++ b/t/crypt-misc.t @@ -1,8 +1,23 @@ use strict; use warnings; -use Test::More tests => 41; +use Test::More tests => 680; -use Crypt::Misc qw(encode_b64 decode_b64 encode_b64u decode_b64u pem_to_der der_to_pem read_rawfile write_rawfile slow_eq is_v4uuid random_v4uuid); +use Crypt::Misc qw( encode_b64 decode_b64 + encode_b64u decode_b64u + encode_b58b decode_b58b + encode_b58f decode_b58f + encode_b58r decode_b58r + encode_b58t decode_b58t + encode_b58s decode_b58s + encode_b32r decode_b32r + encode_b32b decode_b32b + encode_b32z decode_b32z + encode_b32c decode_b32c + pem_to_der der_to_pem + read_rawfile write_rawfile + slow_eq is_v4uuid random_v4uuid + increment_octets_be increment_octets_le + ); is(encode_b64(pack("H*","702fad4215a04a657f011d3ea5711879c696788c91d2")), "cC+tQhWgSmV/AR0+pXEYecaWeIyR0g==", "encode_b64"); is(unpack("H*", decode_b64("cC+tQhWgSmV/AR0+pXEYecaWeIyR0g==")), "702fad4215a04a657f011d3ea5711879c696788c91d2", "decode_b64"); @@ -54,3 +69,79 @@ my $uuid = random_v4uuid; ok($uuid, 'random_v4uuid'); ok(is_v4uuid($uuid), 'is_v4uuid'); +my @hex = (qw/fb + 9534 + 93e5de + ac143db0 + bd82426d56 + d0cd21a99345 + 95df02e1c24160 + 390b1835d5845413 + e9a141e7ae08ab7684 + 12e8c059cb511d10fabc + 5bfe0e44cd99e982da61dd + 990417ce7f929341e01e88c4 + 99cbc040b3e8629c8854615134 + be294ddb946fdfbce7e70abe7c7c + 92031ecbb3aa0a7e34479b1bf7b57c + a50e6f53a4fd2cf52d443fe815f17b90 + 39d41e163cf2f2be61d0b18d13508a158f + 792a745c10c0abb3de5f73bdb32a901456ce + 4897c2083c3952a778c08fe234859cbc06fa6a + b3a79f01ecc9a11c703de44dbfb7b9bb7f230de9 + eba9fa4f4908f74bd0dda6adea37413dcd29a9b623 + 619eb868071f31e2c604de3752a8cc7706d156d7deb3 + 055489debeb244419a587e7f59c42ffa49dbfe537b5c10 + 16c945707cb0421c8adc7d300564b98192a0d15a796f293a + c89c8664e43f792bd6348a1ad079ad45dfc02e617597186084 + 2496818ec6f81fcf225c8c73dce933f5322faf41a40c6b4df1c6 + 4d63b1afb4077a1939d46d2b3e5a82637fbef9e87ff72fb1d8d2e7 + 5cba279be0d5cf4bedf92d700fdc6acbe601d454a39e10c666b7017e + c2f2c48f4c4ae9bfa7203d2667c54d1af2d6031d2c8c3639afd172d06b + 303e72e0f19ce9195594ec1c849183a74caf6381c73a41a809f0e1a8c90e + 36589f8310f0f366327b4565180698e20f41aeee8338e14d98bde4671316c7 + b3291646007104bb06d9f12f806abde0b4ce137fc5a9f895d4a847161f563b0f + 01a4afec2458d3403de9631e7c70b418465c6fdaf48bec167ae39045ed518fdf1f + 9a8205871065078385dec5beeeebff48ff2f85a191438979dc1bf06dfdc09ef4c3d0 + 16bccfed44ddd4b8fae8b84d411744d35becb9ff6e893805cab9e93464c301bdb63128 + f80358a25a8ba8d071c4734ef0fd8349bde4f0ebb0e7a3f8bfef8ced5027f041dc77cbee + 6cbdffd01cf7901cca8426406397fac12f5738ac121161a2ae31958ba69706065fb21e9fd2 + 00 + 0000 + 000000 + 00000000 + 0000000000 + ff + ffff + ffffff + ffffffff + ffffffffff + 00fa + 00003d + 000079ec + 0000a21acb + 0000538487a3 + 00003e7f8143b5 + 0000161c1c88c3a9 + 0000317cf0558dd0df + 00007292d21fc70db6e1 + 000057bfcd39753080702a + 0000e0e553536a659155bf1b + /); + +for my $h (@hex) { + my $b = pack("H*", $h); + is(unpack("H*", decode_b64 (encode_b64 ($b))), $h); + is(unpack("H*", decode_b64u(encode_b64u($b))), $h); + is(unpack("H*", decode_b58b(encode_b58b($b))), $h); + is(unpack("H*", decode_b58f(encode_b58f($b))), $h); + is(unpack("H*", decode_b58r(encode_b58r($b))), $h); + is(unpack("H*", decode_b58t(encode_b58t($b))), $h); + is(unpack("H*", decode_b58s(encode_b58s($b))), $h); + is(unpack("H*", decode_b32r(encode_b32r($b))), $h); + is(unpack("H*", decode_b32b(encode_b32b($b))), $h); + is(unpack("H*", decode_b32z(encode_b32z($b))), $h); + is(unpack("H*", decode_b32c(encode_b32c($b))), $h); +} + +is(decode_b58b("111OIl0"), undef, "bug: decode_b58b + invalid input"); diff --git a/t/data/cryptx_priv_dh1.bin b/t/data/cryptx_priv_dh1.bin index 1b73aebc8b9e4743c36c0b7a1f55a7478b83040c..828312d11a77be7cc7d16acecec522310ea1361e 100644 GIT binary patch literal 317 zcmV-D0mA+;f&n=K0RRI62Y>>C0RaI2|NsC0|NsBV589$3Xu>qa#$tX23^h(lyqE;>bZiL97$JNz zkX}YEHqJZao_8!54u%7pCxfEw2cnO)#a-}kOj60-E6etkSQi*Ml}UW+m1^Y`(k2*~ z`UMaba*kSxtg2}L|NsC0|Ns920RjRjbINKFu~}ROs|e`ehg+73;$^~~KT`Y0gAWH9 P>Pq#ZZ6nXTmJkwW*Bg?^ literal 529 zcmV+s0`C160RaF3AOisa0IQm+KzB_%)ONKmg6Hlnij6?ch`&R5g?yA$W~zaiKW48h zE2wF9V3#bm3C@g%*tqO!X<6-M7h?r@Qmo2Avk{$h&Ro0Gr)Zb!yGiX>8dfp&6aR;> zvN&@$N8OJ^msmEKT<*)VI9lI=#XN!0@xK-Mg3%T_`FmuM`>0B7qhS*;qTXleEHdK*{NKthjah!BPM!AMW7!=+9+a6IOD280(TmQmd_IPJf9 zC!mxW_=+-XcJBn(5k=U2eJ#%$B#Kcf50GGK;g_`8>ZQbjh(-4FJ zNEP{gPj7U`k>C0RaI2|NsC0|NsBV589$3Xu>qa#$tX23^h(lyqE;>bZiL97$JNz zkX}YEHqJZao_8!54u%7pCxfEw2cnO)#a-}kOj60-E6etkSQi*Ml}UW+m1^Y`(k2*~ z`UMaba*kSxtg2}L|NsC0|Ns920RjRjd(q^P%i$)BSuDeIb+R>Y7`TK^)*FA)aZ{t$ P@yZmG|5?75vxc{X1iO{N literal 529 zcmV+s0`C160RaF3AOisa0B15I|DE}NaY*!%^%#-~ZmneqThhdNaGSPayHWOKHj&mc z1kNeho`{CZn^|Rlys@p*6_qZLVKcQO$7o>b;8JPn1r24Hf_ynTzA)n-rYUQ6$_vjr zsbYhg!oaNnG>7XO^EcW-qms|2Y5h6NEK)o$ni)90tSE(vtL!1i2Br%mt(v}s1D29f zMwQ{?0#b4Nqgj#u`sj>f^hGPWdF@-rV2SQ@GQfDs6In@X0~1fjBkeB%KGRKJH)m=u zQE1WU(P^HVdz`W+KZjT%883h_x?(w6Vx%}-9#di{+fx<#V@jb{GnVFc&X6NK1rz#^}M@T&7 zZRwqf34P)|rKlhDPvr9=Pf=YB4z?)Y8b8z5=M=JA^eliX@4aMGn3ly{9w&o-()UCx z)h%(I)@r@2&&?$mMTKxhJiys;zH({7R;+7$YPhoRUR9N8zZ!QH^G~W5}+h}n#^&(^3qH&($ESveB8I@IML^S(; TWwD!~Qtcq0+kKDpp(4VB6XFD@ diff --git a/t/data/cryptx_priv_dh_pg1.bin b/t/data/cryptx_priv_dh_pg1.bin index 5e9bd0e1238c5bcd751151e1ca18566a25ef9b82..25f288bbbdfeb5b6715e4ae3264cee6bbebc2312 100644 GIT binary patch delta 71 zcmV-N0J#5`2E76gFoFR&0s#O60tbKsf&l@u76JhQEdl`o0w_K&c1+sR?f%C%;u(yb dPp`T{bjYVVo-f?I5tU7gNW*nGo=e`74#~&`8DRhb delta 547 zcmV+;0^I$*0+$AV7XbkP0sjC2001Ig&uGI1ONqr~P6)PW66~5`!cS^Le#|`fc56Lu z2XMWXh1q#5rQi>V?#$Rg>w^Cw=RBy<0pI=dCtcd!=8xw4VyZ3)hTmYWN72a)JP|Ll zAY58TAuv_rCq0<~&D{y9Awqlqjyf%q;!%biEa$RT0R6Uq<>ZeE(;gy-`S|Q5^KfMW zcwsE8t+3L24PAH#9?j1;bOoQAu~g+ulJR&o$X{0XahON1rq9HSdZoQKg!HI}tV)S` ziNzZ=?V7aV;;K9Wba-ji9o#(b4Ju?0fUd4%t|DR1eop=pGo9#q={&8A1q+6E=2cvU zMeC)zdRp**&5f>TL-wiL26e)s00961DZ4iYP;t@1I^fvFRpL%wRB2SXg(eQnY8oLW zFVE7}Gq6|>Y5=$n*HI(vH>2l-_=xTTY!EcflMJPVWb0~KppelKI90EtjGB349wju_ z^FOUk$p1*_jD}uOduQ6zv<+mvXUqOl^>4gqWYA)No?icBH5&1s^O!eV+~P02^Poi9 zvbO4~MA4^@PxnBG7hY>$7(ycP7WBp#g-7`d3f!Y5UZ)g{wSHcOE_w7g`IXPZta+dv zEHa!2P}N`B+{XI$)`bX??!a^Xcg%m7*wYu(0^+EiL16$LuJk>u4>)c}hYdx4u`I>6 l4sTZ)8DN$%%Zo#uw$kuS_@{Jdk7xk^000620RXWN0Raqx3EKbw diff --git a/t/data/cryptx_priv_dh_pg2.bin b/t/data/cryptx_priv_dh_pg2.bin index 9344acb867099ddd623bb1e111f84f46fea10bd0..045c486ef78e4b61470ebc2820e31c9e55f34c2f 100644 GIT binary patch delta 71 zcmV-N0J#5`2E76gFoFR&0s#O60tbKsf&l@u76JhQEdl`o0w^pZ@vB63Fxj5if(4Nw dDl+xp;OQ<%x!B!r+LY0AKq>~Yt7YW77{#;18J++D delta 547 zcmV+;0^I$*0+$AV7XbkP0sjC2003Sdif4a;J6%n*HM)`qsyS`Rw@DmNC7$3!d(K$@ z4jNOW&7KEHwR)!hEA(l0KtHptX;XoS+cyE$iK;eCKUJzOIZbuJ?gjd$yvX~wpFh4X-n{8M3OM524Z8sMm=VmY?s;V4)BJvldj>u)bRl#LbqbUaJc3&{jJ zp&47TzK(4E$39K9M4~V>GqiAtNDk)4I6m~qgZEi7lvoK?H}!a zLmWE)DED#v`3yu0G32Y5D~guh8#D93St4hsS(>YFc}n3|wqLuspYU1|-BK!%DMcuZ z9psZt2aflDi390~InU2z4kwjS00961A!mQtzx8I%!iyA2YOC{$W@ZUPwdW z+f1+=r2gAto-D$<{AVNY{W7EXArlpjbEK9KY3i_J$Q6kzJW$jeW%)jjM3ZhHthQIq zbhVR!tJS?FECQ&UgYp}qG7&aJzK%VB!q5W$gj$Jzq{VQc6g;oZDKX--=dwk5nVOWR z^vLuOSzRfb1^Y>52QNnBTnTjsm?d)4XbtEj8q--Y@K)@)(PgcDX7>?YFb6Zg#33tF z@WOACI$`mrTA9NB{i7nF=U%CEuQ8MRBALTf##my9R3Gh55gHt3X_s$lffc~e&%K_t l&_Mbc?WUZDk(rcz>BzkTu;SHRolgM(000620RXWN0Ra-_|GEGG diff --git a/t/data/cryptx_pub_dh1.bin b/t/data/cryptx_pub_dh1.bin index 4b2d81805de47e39156dfa7e4f74f3c31f1e96d6..cb753662dea96ca9e3ec28fe7ad655c9e171d1d2 100644 GIT binary patch literal 536 zcmV+z0_XiOf&vr*0RRI62LJ+s0RaI2|NsC0|NsBV589$3Xu>qa#$tX23^h(lyqE;>bZiL97$JNz zkX}YEHqJZao_8!54u%7pCxfEw2cnO)#a-}kOj60-E6etkSQi*Ml}UW+m1^Y`(k2*~ z`UMaba*kSxtg2}L|NsC0|Ns920RjSo0RaH}PHMr*JM-w@Fo$x+9i;D%KNJv~VMNJc zHJsFRWJ{t-k*0^kVaD4cIS=sa-0+{)ZT>%dMx~@e2YZZD-9AU+Js_uY0aYfAG4RSh z%d`v+jDS(Xq|MBvz0-D*#@6nI_(KX6z+pDR_)RF(Unx;g)q!y;79Du#N~fOXOeh^K z&JK&gqQMH{K0m((sk?dm%+(+#%8*oXX ajI>gU>AD;RmaVF08dfp&6aR;> zvN&@$N8OJ^msmEKT<*)VI9lI=#XN!0@xK-Mg3%T_`Fmuqa#$tX23^h(lyqE;>bZiL97$JNz zkX}YEHqJZao_8!54u%7pCxfEw2cnO)#a-}kOj60-E6etkSQi*Ml}UW+m1^Y`(k2*~ z`UMaba*kSxtg2}L|NsC0|Ns920RjSo0RU3|nPvA;<-Bjy%oPQ?BRjSvrL}LBeN*nC z3*4lA98t*;@o>~!Mn~L)S_xZ2$c@4oJU=j2zV>GB5n^VY)N%c*LlwN;-ZfK;lWgH^_Ep({eXS`aQ_*97 ZA7ZZ^{HV7i&(Pb;8JPn1r24Hf_ynTzA)n-rYUQ6$_vjr zsbYhg!oaNnG>7XO^EcW-qms|2Y5h6NEK)o$ni)90tSE(vtL!1i2Br%mt(v}s1D29f zMwQ{?0#b4Nqgj#u`sj>f^hGPWdF@-rV2SQ@GQfDs6In@X0~1fjBkeB%KGRKJH)m=u zQE1WU(P^HVdz`W+KZjT%883%U*dOW&THIuz9Z_yuv}&X`vm=}iTOc{`Hbsvc>&4xsxiJdpLp|O3Hf|l(*({d!E2-JhROf{ delta 285 zcmV+&0pk9b1d{}R7XbkP0RI31001Ig&uGI1ONqr~P6)PW66~5`!cS^Le#|`fc56Lu z2XMWXh1q#5rQi>V?#$Rg>w^Cw=RBy<0pI=dCtcd!=8xw4VyZ3)hTmYWN72a)JP|Ll zAY58TAuv_rCq0<~&D{y9Awqlqjyf%q;!%biEa$RT0R6Uq<>ZeE(;gy-`S|Q5^KfMW zcwsE8t+3L24PAH#9?j1;bOoQAu~g+ulJR&o$X{0XahON1rq9HSdZoQKg!HI}tV)S` ziNzZ=?V7aV;;K9Wba-ji9o#(b4Ju?0fUd4%t|DR1eop=pGo9#q={&8A1q+6E=2cvU jMeC)zdRp)l&5f>TL-wiL26e)s0RR910ssL3u@3~QY&7pAiB$jq delta 285 zcmV+&0pk9b1d{}R7XbkP0RI31003Sdif4a;J6%n*HM)`qsyS`Rw@DmNC7$3!d(K$@ z4jNOW&7KEHwR)!hEA(l0KtHptX;XoS+cyE$iK;eCKUJzOIZbuJ?gjd$yvX~wpFh4X-n{8M3OM524Z8sMm=VmY?s;V4)BJvldj>u)bRl#LbqbUaJc3&{jJ zp&47TzK(4E$39K9M4~V>GqiAtNDk)4I6m~qgZEi7lvoK?H}!a zLmWE)DED#v`3yu0G32Y5D~guh8#D93St4hsS(>YFc}n3|wqLuspYU1|-BK!%DMcuZ j9psZt2afj?i390~InU2z4kwjS0RR910ssL3u@3v>?hmARu zg_(!7AV0gb*g#I4*U;R++|UFF4U7z;#CeSj3``6xpBy z#ni;e$Z*I>bC#zQkK&!5JHywXJu)Zv#Fy97rWV^;HNE)NPyajeZ_4(yj!pvl#Rq5X z=3VD5yX~Hs)B3_2x?ko-v_G?G(4Deh#mfHmvR0fIlbSLGuRzObq~*8 zZc^@TAPzW+z1-W^D z^cSB#FpFbS)Uow%I2Xq}Fql+$K0}>()^@*B=lm^fnN4MQE2Y(sM9lo_^d~Iin@Ymz z1|GYAf4>>CUsvLL_Nz(S`p_zV%ZR;tDdp9A>JzqI6Z~}jQ^?j|@+rIYQ|fNITLd$; zXSl`E!P83+8T2wzl{DZ!a9qUb}yXobk#^$x}zHk6q#sJ9}Du zsn>^Fll`o%lV6IL_!MW?e_O8jOmqw5^@powG9Q|~Kjo9^{k_fm^)|$q7S-?B`*YE> yy#DzP7qTB&N-NHNBjoX!O)qMZ(01$BDrFZO7iW9 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2b_160 qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2b_160->hashsize, 20, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2b_160')->hashsize, 20, 'hashsize/5'); is( Crypt::Digest::BLAKE2b_160->new->hashsize, 20, 'hashsize/6'); +is( blake2b_160("A","A","A"), pack("H*","14517ce78b0c7e5e5b7f096f1f3c046f01c46901"), 'blake2b_160 (raw/tripple_A)'); +is( blake2b_160_hex("A","A","A"), "14517ce78b0c7e5e5b7f096f1f3c046f01c46901", 'blake2b_160 (hex/tripple_A)'); +is( blake2b_160_b64("A","A","A"), "FFF854sMfl5bfwlvHzwEbwHEaQE=", 'blake2b_160 (base64/tripple_A)'); +is( blake2b_160_b64u("A","A","A"), "FFF854sMfl5bfwlvHzwEbwHEaQE", 'blake2b_160 (base64url/tripple_A)'); +is( digest_data('BLAKE2b_160', "A","A","A"), pack("H*","14517ce78b0c7e5e5b7f096f1f3c046f01c46901"), 'blake2b_160 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2b_160', "A","A","A"), "14517ce78b0c7e5e5b7f096f1f3c046f01c46901", 'blake2b_160 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2b_160', "A","A","A"), "FFF854sMfl5bfwlvHzwEbwHEaQE=", 'blake2b_160 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2b_160', "A","A","A"), "FFF854sMfl5bfwlvHzwEbwHEaQE", 'blake2b_160 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2b_160->new->add("A","A","A")->hexdigest, "14517ce78b0c7e5e5b7f096f1f3c046f01c46901", 'blake2b_160 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2b_160->new->add("A")->add("A")->add("A")->hexdigest, "14517ce78b0c7e5e5b7f096f1f3c046f01c46901", 'blake2b_160 (OO3/tripple_A)'); + is( blake2b_160(""), pack("H*","3345524abf6bbe1809449224b5972c41790b6cf2"), 'blake2b_160 (raw/1)'); is( blake2b_160_hex(""), "3345524abf6bbe1809449224b5972c41790b6cf2", 'blake2b_160 (hex/1)'); diff --git a/t/digest_blake2b_256.t b/t/digest_blake2b_256.t index 1b71737..a4f1d09 100644 --- a/t/digest_blake2b_256.t +++ b/t/digest_blake2b_256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2b_256 qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2b_256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2b_256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::BLAKE2b_256->new->hashsize, 32, 'hashsize/6'); +is( blake2b_256("A","A","A"), pack("H*","cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649"), 'blake2b_256 (raw/tripple_A)'); +is( blake2b_256_hex("A","A","A"), "cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649", 'blake2b_256 (hex/tripple_A)'); +is( blake2b_256_b64("A","A","A"), "zcQzkpZ1P5MKpFRwD9De1uHgh3LeqEmFnhfbvYXK5kk=", 'blake2b_256 (base64/tripple_A)'); +is( blake2b_256_b64u("A","A","A"), "zcQzkpZ1P5MKpFRwD9De1uHgh3LeqEmFnhfbvYXK5kk", 'blake2b_256 (base64url/tripple_A)'); +is( digest_data('BLAKE2b_256', "A","A","A"), pack("H*","cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649"), 'blake2b_256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2b_256', "A","A","A"), "cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649", 'blake2b_256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2b_256', "A","A","A"), "zcQzkpZ1P5MKpFRwD9De1uHgh3LeqEmFnhfbvYXK5kk=", 'blake2b_256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2b_256', "A","A","A"), "zcQzkpZ1P5MKpFRwD9De1uHgh3LeqEmFnhfbvYXK5kk", 'blake2b_256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2b_256->new->add("A","A","A")->hexdigest, "cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649", 'blake2b_256 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2b_256->new->add("A")->add("A")->add("A")->hexdigest, "cdc4339296753f930aa454700fd0ded6e1e08772dea849859e17dbbd85cae649", 'blake2b_256 (OO3/tripple_A)'); + is( blake2b_256(""), pack("H*","0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8"), 'blake2b_256 (raw/1)'); is( blake2b_256_hex(""), "0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8", 'blake2b_256 (hex/1)'); diff --git a/t/digest_blake2b_384.t b/t/digest_blake2b_384.t index 1ed548b..f686152 100644 --- a/t/digest_blake2b_384.t +++ b/t/digest_blake2b_384.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2b_384 qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2b_384->hashsize, 48, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2b_384')->hashsize, 48, 'hashsize/5'); is( Crypt::Digest::BLAKE2b_384->new->hashsize, 48, 'hashsize/6'); +is( blake2b_384("A","A","A"), pack("H*","9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685"), 'blake2b_384 (raw/tripple_A)'); +is( blake2b_384_hex("A","A","A"), "9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685", 'blake2b_384 (hex/tripple_A)'); +is( blake2b_384_b64("A","A","A"), "mqB9nK8Xv/SXR/yUiOtrq83NV1YW+FqRdY7lDm5JpIhL9vtGtCTgrmaQcczYyxaF", 'blake2b_384 (base64/tripple_A)'); +is( blake2b_384_b64u("A","A","A"), "mqB9nK8Xv_SXR_yUiOtrq83NV1YW-FqRdY7lDm5JpIhL9vtGtCTgrmaQcczYyxaF", 'blake2b_384 (base64url/tripple_A)'); +is( digest_data('BLAKE2b_384', "A","A","A"), pack("H*","9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685"), 'blake2b_384 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2b_384', "A","A","A"), "9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685", 'blake2b_384 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2b_384', "A","A","A"), "mqB9nK8Xv/SXR/yUiOtrq83NV1YW+FqRdY7lDm5JpIhL9vtGtCTgrmaQcczYyxaF", 'blake2b_384 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2b_384', "A","A","A"), "mqB9nK8Xv_SXR_yUiOtrq83NV1YW-FqRdY7lDm5JpIhL9vtGtCTgrmaQcczYyxaF", 'blake2b_384 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2b_384->new->add("A","A","A")->hexdigest, "9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685", 'blake2b_384 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2b_384->new->add("A")->add("A")->add("A")->hexdigest, "9aa07d9caf17bff49747fc9488eb6babcdcd575616f85a91758ee50e6e49a4884bf6fb46b424e0ae669071ccd8cb1685", 'blake2b_384 (OO3/tripple_A)'); + is( blake2b_384(""), pack("H*","b32811423377f52d7862286ee1a72ee540524380fda1724a6f25d7978c6fd3244a6caf0498812673c5e05ef583825100"), 'blake2b_384 (raw/1)'); is( blake2b_384_hex(""), "b32811423377f52d7862286ee1a72ee540524380fda1724a6f25d7978c6fd3244a6caf0498812673c5e05ef583825100", 'blake2b_384 (hex/1)'); diff --git a/t/digest_blake2b_512.t b/t/digest_blake2b_512.t index 02d2a33..ac1132a 100644 --- a/t/digest_blake2b_512.t +++ b/t/digest_blake2b_512.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2b_512 qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2b_512->hashsize, 64, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2b_512')->hashsize, 64, 'hashsize/5'); is( Crypt::Digest::BLAKE2b_512->new->hashsize, 64, 'hashsize/6'); +is( blake2b_512("A","A","A"), pack("H*","dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823"), 'blake2b_512 (raw/tripple_A)'); +is( blake2b_512_hex("A","A","A"), "dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823", 'blake2b_512 (hex/tripple_A)'); +is( blake2b_512_b64("A","A","A"), "3aXJKuWtugR9MX+Z3FipBZtajAkH+V2M3c9b/aqOTHTd2EvCaDzcLRajQP9XmOG/S9LIODMmEfJmu2KHDTO4Iw==", 'blake2b_512 (base64/tripple_A)'); +is( blake2b_512_b64u("A","A","A"), "3aXJKuWtugR9MX-Z3FipBZtajAkH-V2M3c9b_aqOTHTd2EvCaDzcLRajQP9XmOG_S9LIODMmEfJmu2KHDTO4Iw", 'blake2b_512 (base64url/tripple_A)'); +is( digest_data('BLAKE2b_512', "A","A","A"), pack("H*","dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823"), 'blake2b_512 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2b_512', "A","A","A"), "dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823", 'blake2b_512 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2b_512', "A","A","A"), "3aXJKuWtugR9MX+Z3FipBZtajAkH+V2M3c9b/aqOTHTd2EvCaDzcLRajQP9XmOG/S9LIODMmEfJmu2KHDTO4Iw==", 'blake2b_512 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2b_512', "A","A","A"), "3aXJKuWtugR9MX-Z3FipBZtajAkH-V2M3c9b_aqOTHTd2EvCaDzcLRajQP9XmOG_S9LIODMmEfJmu2KHDTO4Iw", 'blake2b_512 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2b_512->new->add("A","A","A")->hexdigest, "dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823", 'blake2b_512 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2b_512->new->add("A")->add("A")->add("A")->hexdigest, "dda5c92ae5adba047d317f99dc58a9059b5a8c0907f95d8cddcf5bfdaa8e4c74ddd84bc2683cdc2d16a340ff5798e1bf4bd2c838332611f266bb62870d33b823", 'blake2b_512 (OO3/tripple_A)'); + is( blake2b_512(""), pack("H*","786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce"), 'blake2b_512 (raw/1)'); is( blake2b_512_hex(""), "786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce", 'blake2b_512 (hex/1)'); diff --git a/t/digest_blake2s_128.t b/t/digest_blake2s_128.t index eafbcf7..b46783b 100644 --- a/t/digest_blake2s_128.t +++ b/t/digest_blake2s_128.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2s_128 qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2s_128->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2s_128')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::BLAKE2s_128->new->hashsize, 16, 'hashsize/6'); +is( blake2s_128("A","A","A"), pack("H*","a2a5699c7579ee354f4d20fa75f09cb6"), 'blake2s_128 (raw/tripple_A)'); +is( blake2s_128_hex("A","A","A"), "a2a5699c7579ee354f4d20fa75f09cb6", 'blake2s_128 (hex/tripple_A)'); +is( blake2s_128_b64("A","A","A"), "oqVpnHV57jVPTSD6dfCctg==", 'blake2s_128 (base64/tripple_A)'); +is( blake2s_128_b64u("A","A","A"), "oqVpnHV57jVPTSD6dfCctg", 'blake2s_128 (base64url/tripple_A)'); +is( digest_data('BLAKE2s_128', "A","A","A"), pack("H*","a2a5699c7579ee354f4d20fa75f09cb6"), 'blake2s_128 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2s_128', "A","A","A"), "a2a5699c7579ee354f4d20fa75f09cb6", 'blake2s_128 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2s_128', "A","A","A"), "oqVpnHV57jVPTSD6dfCctg==", 'blake2s_128 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2s_128', "A","A","A"), "oqVpnHV57jVPTSD6dfCctg", 'blake2s_128 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2s_128->new->add("A","A","A")->hexdigest, "a2a5699c7579ee354f4d20fa75f09cb6", 'blake2s_128 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2s_128->new->add("A")->add("A")->add("A")->hexdigest, "a2a5699c7579ee354f4d20fa75f09cb6", 'blake2s_128 (OO3/tripple_A)'); + is( blake2s_128(""), pack("H*","64550d6ffe2c0a01a14aba1eade0200c"), 'blake2s_128 (raw/1)'); is( blake2s_128_hex(""), "64550d6ffe2c0a01a14aba1eade0200c", 'blake2s_128 (hex/1)'); diff --git a/t/digest_blake2s_160.t b/t/digest_blake2s_160.t index e30a01b..0380239 100644 --- a/t/digest_blake2s_160.t +++ b/t/digest_blake2s_160.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2s_160 qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2s_160->hashsize, 20, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2s_160')->hashsize, 20, 'hashsize/5'); is( Crypt::Digest::BLAKE2s_160->new->hashsize, 20, 'hashsize/6'); +is( blake2s_160("A","A","A"), pack("H*","f44c709aebd62a7a13bd6ee5979981970a60e117"), 'blake2s_160 (raw/tripple_A)'); +is( blake2s_160_hex("A","A","A"), "f44c709aebd62a7a13bd6ee5979981970a60e117", 'blake2s_160 (hex/tripple_A)'); +is( blake2s_160_b64("A","A","A"), "9ExwmuvWKnoTvW7ll5mBlwpg4Rc=", 'blake2s_160 (base64/tripple_A)'); +is( blake2s_160_b64u("A","A","A"), "9ExwmuvWKnoTvW7ll5mBlwpg4Rc", 'blake2s_160 (base64url/tripple_A)'); +is( digest_data('BLAKE2s_160', "A","A","A"), pack("H*","f44c709aebd62a7a13bd6ee5979981970a60e117"), 'blake2s_160 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2s_160', "A","A","A"), "f44c709aebd62a7a13bd6ee5979981970a60e117", 'blake2s_160 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2s_160', "A","A","A"), "9ExwmuvWKnoTvW7ll5mBlwpg4Rc=", 'blake2s_160 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2s_160', "A","A","A"), "9ExwmuvWKnoTvW7ll5mBlwpg4Rc", 'blake2s_160 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2s_160->new->add("A","A","A")->hexdigest, "f44c709aebd62a7a13bd6ee5979981970a60e117", 'blake2s_160 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2s_160->new->add("A")->add("A")->add("A")->hexdigest, "f44c709aebd62a7a13bd6ee5979981970a60e117", 'blake2s_160 (OO3/tripple_A)'); + is( blake2s_160(""), pack("H*","354c9c33f735962418bdacb9479873429c34916f"), 'blake2s_160 (raw/1)'); is( blake2s_160_hex(""), "354c9c33f735962418bdacb9479873429c34916f", 'blake2s_160 (hex/1)'); diff --git a/t/digest_blake2s_224.t b/t/digest_blake2s_224.t index b96349a..eeb96f7 100644 --- a/t/digest_blake2s_224.t +++ b/t/digest_blake2s_224.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2s_224 qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2s_224->hashsize, 28, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2s_224')->hashsize, 28, 'hashsize/5'); is( Crypt::Digest::BLAKE2s_224->new->hashsize, 28, 'hashsize/6'); +is( blake2s_224("A","A","A"), pack("H*","8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006"), 'blake2s_224 (raw/tripple_A)'); +is( blake2s_224_hex("A","A","A"), "8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006", 'blake2s_224 (hex/tripple_A)'); +is( blake2s_224_b64("A","A","A"), "jCc44Y0LlkWHDX2ktSdWzvRsXz0YX06pPDYQBg==", 'blake2s_224 (base64/tripple_A)'); +is( blake2s_224_b64u("A","A","A"), "jCc44Y0LlkWHDX2ktSdWzvRsXz0YX06pPDYQBg", 'blake2s_224 (base64url/tripple_A)'); +is( digest_data('BLAKE2s_224', "A","A","A"), pack("H*","8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006"), 'blake2s_224 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2s_224', "A","A","A"), "8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006", 'blake2s_224 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2s_224', "A","A","A"), "jCc44Y0LlkWHDX2ktSdWzvRsXz0YX06pPDYQBg==", 'blake2s_224 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2s_224', "A","A","A"), "jCc44Y0LlkWHDX2ktSdWzvRsXz0YX06pPDYQBg", 'blake2s_224 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2s_224->new->add("A","A","A")->hexdigest, "8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006", 'blake2s_224 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2s_224->new->add("A")->add("A")->add("A")->hexdigest, "8c2738e18d0b9645870d7da4b52756cef46c5f3d185f4ea93c361006", 'blake2s_224 (OO3/tripple_A)'); + is( blake2s_224(""), pack("H*","1fa1291e65248b37b3433475b2a0dd63d54a11ecc4e3e034e7bc1ef4"), 'blake2s_224 (raw/1)'); is( blake2s_224_hex(""), "1fa1291e65248b37b3433475b2a0dd63d54a11ecc4e3e034e7bc1ef4", 'blake2s_224 (hex/1)'); diff --git a/t/digest_blake2s_256.t b/t/digest_blake2s_256.t index 7441c1b..71ff957 100644 --- a/t/digest_blake2s_256.t +++ b/t/digest_blake2s_256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::BLAKE2s_256 qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::BLAKE2s_256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('BLAKE2s_256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::BLAKE2s_256->new->hashsize, 32, 'hashsize/6'); +is( blake2s_256("A","A","A"), pack("H*","8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6"), 'blake2s_256 (raw/tripple_A)'); +is( blake2s_256_hex("A","A","A"), "8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6", 'blake2s_256 (hex/tripple_A)'); +is( blake2s_256_b64("A","A","A"), "jU/p9TaP85fOdERkD1IvCQWXWRwhOSJiE42mdQvx3/Y=", 'blake2s_256 (base64/tripple_A)'); +is( blake2s_256_b64u("A","A","A"), "jU_p9TaP85fOdERkD1IvCQWXWRwhOSJiE42mdQvx3_Y", 'blake2s_256 (base64url/tripple_A)'); +is( digest_data('BLAKE2s_256', "A","A","A"), pack("H*","8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6"), 'blake2s_256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('BLAKE2s_256', "A","A","A"), "8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6", 'blake2s_256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('BLAKE2s_256', "A","A","A"), "jU/p9TaP85fOdERkD1IvCQWXWRwhOSJiE42mdQvx3/Y=", 'blake2s_256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('BLAKE2s_256', "A","A","A"), "jU_p9TaP85fOdERkD1IvCQWXWRwhOSJiE42mdQvx3_Y", 'blake2s_256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::BLAKE2s_256->new->add("A","A","A")->hexdigest, "8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6", 'blake2s_256 (OO/tripple_A)'); +is( Crypt::Digest::BLAKE2s_256->new->add("A")->add("A")->add("A")->hexdigest, "8d4fe9f5368ff397ce7444640f522f090597591c21392262138da6750bf1dff6", 'blake2s_256 (OO3/tripple_A)'); + is( blake2s_256(""), pack("H*","69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9"), 'blake2s_256 (raw/1)'); is( blake2s_256_hex(""), "69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9", 'blake2s_256 (hex/1)'); diff --git a/t/digest_chaes.t b/t/digest_chaes.t index 82534d1..82b496e 100644 --- a/t/digest_chaes.t +++ b/t/digest_chaes.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::CHAES qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::CHAES->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('CHAES')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::CHAES->new->hashsize, 16, 'hashsize/6'); +is( chaes("A","A","A"), pack("H*","f01416b4c3f6389816b2fcd0b4cf9e41"), 'chaes (raw/tripple_A)'); +is( chaes_hex("A","A","A"), "f01416b4c3f6389816b2fcd0b4cf9e41", 'chaes (hex/tripple_A)'); +is( chaes_b64("A","A","A"), "8BQWtMP2OJgWsvzQtM+eQQ==", 'chaes (base64/tripple_A)'); +is( chaes_b64u("A","A","A"), "8BQWtMP2OJgWsvzQtM-eQQ", 'chaes (base64url/tripple_A)'); +is( digest_data('CHAES', "A","A","A"), pack("H*","f01416b4c3f6389816b2fcd0b4cf9e41"), 'chaes (digest_data_raw/tripple_A)'); +is( digest_data_hex('CHAES', "A","A","A"), "f01416b4c3f6389816b2fcd0b4cf9e41", 'chaes (digest_data_hex/tripple_A)'); +is( digest_data_b64('CHAES', "A","A","A"), "8BQWtMP2OJgWsvzQtM+eQQ==", 'chaes (digest_data_b64/tripple_A)'); +is( digest_data_b64u('CHAES', "A","A","A"), "8BQWtMP2OJgWsvzQtM-eQQ", 'chaes (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::CHAES->new->add("A","A","A")->hexdigest, "f01416b4c3f6389816b2fcd0b4cf9e41", 'chaes (OO/tripple_A)'); +is( Crypt::Digest::CHAES->new->add("A")->add("A")->add("A")->hexdigest, "f01416b4c3f6389816b2fcd0b4cf9e41", 'chaes (OO3/tripple_A)'); + is( chaes(""), pack("H*","4047929f1f572643b55f829eb3291d11"), 'chaes (raw/1)'); is( chaes_hex(""), "4047929f1f572643b55f829eb3291d11", 'chaes (hex/1)'); diff --git a/t/digest_keccak224.t b/t/digest_keccak224.t new file mode 100644 index 0000000..10daf0e --- /dev/null +++ b/t/digest_keccak224.t @@ -0,0 +1,116 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 8*3 + 9*4 + 10 + 6; + +use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); +use Crypt::Digest::Keccak224 qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u ); + +is( Crypt::Digest::hashsize('Keccak224'), 28, 'hashsize/1'); +is( Crypt::Digest->hashsize('Keccak224'), 28, 'hashsize/2'); +is( Crypt::Digest::Keccak224::hashsize, 28, 'hashsize/3'); +is( Crypt::Digest::Keccak224->hashsize, 28, 'hashsize/4'); +is( Crypt::Digest->new('Keccak224')->hashsize, 28, 'hashsize/5'); +is( Crypt::Digest::Keccak224->new->hashsize, 28, 'hashsize/6'); + +is( keccak224("A","A","A"), pack("H*","92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252"), 'keccak224 (raw/tripple_A)'); +is( keccak224_hex("A","A","A"), "92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252", 'keccak224 (hex/tripple_A)'); +is( keccak224_b64("A","A","A"), "krnSolIi0qA2xTvU3SRrQHPRAOCuIKxyQPWyUg==", 'keccak224 (base64/tripple_A)'); +is( keccak224_b64u("A","A","A"), "krnSolIi0qA2xTvU3SRrQHPRAOCuIKxyQPWyUg", 'keccak224 (base64url/tripple_A)'); +is( digest_data('Keccak224', "A","A","A"), pack("H*","92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252"), 'keccak224 (digest_data_raw/tripple_A)'); +is( digest_data_hex('Keccak224', "A","A","A"), "92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252", 'keccak224 (digest_data_hex/tripple_A)'); +is( digest_data_b64('Keccak224', "A","A","A"), "krnSolIi0qA2xTvU3SRrQHPRAOCuIKxyQPWyUg==", 'keccak224 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Keccak224', "A","A","A"), "krnSolIi0qA2xTvU3SRrQHPRAOCuIKxyQPWyUg", 'keccak224 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Keccak224->new->add("A","A","A")->hexdigest, "92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252", 'keccak224 (OO/tripple_A)'); +is( Crypt::Digest::Keccak224->new->add("A")->add("A")->add("A")->hexdigest, "92b9d2a25222d2a036c53bd4dd246b4073d100e0ae20ac7240f5b252", 'keccak224 (OO3/tripple_A)'); + + +is( keccak224(""), pack("H*","f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd"), 'keccak224 (raw/1)'); +is( keccak224_hex(""), "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd", 'keccak224 (hex/1)'); +is( keccak224_b64(""), "9xg3UCuo4Qg3vdjTZa24VZGJVgL8VStItzkKvQ==", 'keccak224 (base64/1)'); +is( digest_data('Keccak224', ""), pack("H*","f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd"), 'keccak224 (digest_data_raw/1)'); +is( digest_data_hex('Keccak224', ""), "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd", 'keccak224 (digest_data_hex/1)'); +is( digest_data_b64('Keccak224', ""), "9xg3UCuo4Qg3vdjTZa24VZGJVgL8VStItzkKvQ==", 'keccak224 (digest_data_b64/1)'); +is( digest_data_b64u('Keccak224', ""), "9xg3UCuo4Qg3vdjTZa24VZGJVgL8VStItzkKvQ", 'keccak224 (digest_data_b64u/1)'); +is( Crypt::Digest::Keccak224->new->add("")->hexdigest, "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd", 'keccak224 (OO/1)'); + +is( keccak224("123"), pack("H*","5c52615361ce4c5469f9d8c90113c7a543a4bf43490782d291cb32d8"), 'keccak224 (raw/2)'); +is( keccak224_hex("123"), "5c52615361ce4c5469f9d8c90113c7a543a4bf43490782d291cb32d8", 'keccak224 (hex/2)'); +is( keccak224_b64("123"), "XFJhU2HOTFRp+djJARPHpUOkv0NJB4LSkcsy2A==", 'keccak224 (base64/2)'); +is( digest_data('Keccak224', "123"), pack("H*","5c52615361ce4c5469f9d8c90113c7a543a4bf43490782d291cb32d8"), 'keccak224 (digest_data_raw/2)'); +is( digest_data_hex('Keccak224', "123"), "5c52615361ce4c5469f9d8c90113c7a543a4bf43490782d291cb32d8", 'keccak224 (digest_data_hex/2)'); +is( digest_data_b64('Keccak224', "123"), "XFJhU2HOTFRp+djJARPHpUOkv0NJB4LSkcsy2A==", 'keccak224 (digest_data_b64/2)'); +is( digest_data_b64u('Keccak224', "123"), "XFJhU2HOTFRp-djJARPHpUOkv0NJB4LSkcsy2A", 'keccak224 (digest_data_b64u/2)'); +is( Crypt::Digest::Keccak224->new->add("123")->hexdigest, "5c52615361ce4c5469f9d8c90113c7a543a4bf43490782d291cb32d8", 'keccak224 (OO/2)'); + +is( keccak224("test\0test\0test\n"), pack("H*","7cbb8e9a6026e7c8324ab2f1cba55a1aff03b7b0424b8915b0439179"), 'keccak224 (raw/3)'); +is( keccak224_hex("test\0test\0test\n"), "7cbb8e9a6026e7c8324ab2f1cba55a1aff03b7b0424b8915b0439179", 'keccak224 (hex/3)'); +is( keccak224_b64("test\0test\0test\n"), "fLuOmmAm58gySrLxy6VaGv8Dt7BCS4kVsEOReQ==", 'keccak224 (base64/3)'); +is( digest_data('Keccak224', "test\0test\0test\n"), pack("H*","7cbb8e9a6026e7c8324ab2f1cba55a1aff03b7b0424b8915b0439179"), 'keccak224 (digest_data_raw/3)'); +is( digest_data_hex('Keccak224', "test\0test\0test\n"), "7cbb8e9a6026e7c8324ab2f1cba55a1aff03b7b0424b8915b0439179", 'keccak224 (digest_data_hex/3)'); +is( digest_data_b64('Keccak224', "test\0test\0test\n"), "fLuOmmAm58gySrLxy6VaGv8Dt7BCS4kVsEOReQ==", 'keccak224 (digest_data_b64/3)'); +is( digest_data_b64u('Keccak224', "test\0test\0test\n"), "fLuOmmAm58gySrLxy6VaGv8Dt7BCS4kVsEOReQ", 'keccak224 (digest_data_b64u/3)'); +is( Crypt::Digest::Keccak224->new->add("test\0test\0test\n")->hexdigest, "7cbb8e9a6026e7c8324ab2f1cba55a1aff03b7b0424b8915b0439179", 'keccak224 (OO/3)'); + + +is( keccak224_file('t/data/binary-test.file'), pack("H*","8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e"), 'keccak224 (raw/file/1)'); +is( keccak224_file_hex('t/data/binary-test.file'), "8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e", 'keccak224 (hex/file/1)'); +is( keccak224_file_b64('t/data/binary-test.file'), "jxZR/6uQNhkxShs9fImu+8H49UEomxiJMgsajg==", 'keccak224 (base64/file/1)'); +is( digest_file('Keccak224', 't/data/binary-test.file'), pack("H*","8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e"), 'keccak224 (digest_file_raw/file/1)'); +is( digest_file_hex('Keccak224', 't/data/binary-test.file'), "8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e", 'keccak224 (digest_file_hex/file/1)'); +is( digest_file_b64('Keccak224', 't/data/binary-test.file'), "jxZR/6uQNhkxShs9fImu+8H49UEomxiJMgsajg==", 'keccak224 (digest_file_b64/file/1)'); +is( digest_file_b64u('Keccak224', 't/data/binary-test.file'), "jxZR_6uQNhkxShs9fImu-8H49UEomxiJMgsajg", 'keccak224 (digest_file_b64u/file/1)'); +is( Crypt::Digest::Keccak224->new->addfile('t/data/binary-test.file')->hexdigest, "8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e", 'keccak224 (OO/file/1)'); +{ + open(my $fh, '<', 't/data/binary-test.file'); + binmode($fh); + is( Crypt::Digest::Keccak224->new->addfile($fh)->hexdigest, "8f1651ffab903619314a1b3d7c89aefbc1f8f541289b1889320b1a8e", 'keccak224 (OO/filehandle/1)'); + close($fh); +} + +is( keccak224_file('t/data/text-CR.file'), pack("H*","28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8"), 'keccak224 (raw/file/2)'); +is( keccak224_file_hex('t/data/text-CR.file'), "28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8", 'keccak224 (hex/file/2)'); +is( keccak224_file_b64('t/data/text-CR.file'), "KP+KFzguH6EcN81uJUO/JX+RSq43YO93BzmHyA==", 'keccak224 (base64/file/2)'); +is( digest_file('Keccak224', 't/data/text-CR.file'), pack("H*","28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8"), 'keccak224 (digest_file_raw/file/2)'); +is( digest_file_hex('Keccak224', 't/data/text-CR.file'), "28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8", 'keccak224 (digest_file_hex/file/2)'); +is( digest_file_b64('Keccak224', 't/data/text-CR.file'), "KP+KFzguH6EcN81uJUO/JX+RSq43YO93BzmHyA==", 'keccak224 (digest_file_b64/file/2)'); +is( digest_file_b64u('Keccak224', 't/data/text-CR.file'), "KP-KFzguH6EcN81uJUO_JX-RSq43YO93BzmHyA", 'keccak224 (digest_file_b64u/file/2)'); +is( Crypt::Digest::Keccak224->new->addfile('t/data/text-CR.file')->hexdigest, "28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8", 'keccak224 (OO/file/2)'); +{ + open(my $fh, '<', 't/data/text-CR.file'); + binmode($fh); + is( Crypt::Digest::Keccak224->new->addfile($fh)->hexdigest, "28ff8a17382e1fa11c37cd6e2543bf257f914aae3760ef77073987c8", 'keccak224 (OO/filehandle/2)'); + close($fh); +} + +is( keccak224_file('t/data/text-CRLF.file'), pack("H*","26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa"), 'keccak224 (raw/file/3)'); +is( keccak224_file_hex('t/data/text-CRLF.file'), "26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa", 'keccak224 (hex/file/3)'); +is( keccak224_file_b64('t/data/text-CRLF.file'), "JmWQCHWUI83kTEmEdIr2th19TqXH6Bvlj7cvqg==", 'keccak224 (base64/file/3)'); +is( digest_file('Keccak224', 't/data/text-CRLF.file'), pack("H*","26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa"), 'keccak224 (digest_file_raw/file/3)'); +is( digest_file_hex('Keccak224', 't/data/text-CRLF.file'), "26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa", 'keccak224 (digest_file_hex/file/3)'); +is( digest_file_b64('Keccak224', 't/data/text-CRLF.file'), "JmWQCHWUI83kTEmEdIr2th19TqXH6Bvlj7cvqg==", 'keccak224 (digest_file_b64/file/3)'); +is( digest_file_b64u('Keccak224', 't/data/text-CRLF.file'), "JmWQCHWUI83kTEmEdIr2th19TqXH6Bvlj7cvqg", 'keccak224 (digest_file_b64u/file/3)'); +is( Crypt::Digest::Keccak224->new->addfile('t/data/text-CRLF.file')->hexdigest, "26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa", 'keccak224 (OO/file/3)'); +{ + open(my $fh, '<', 't/data/text-CRLF.file'); + binmode($fh); + is( Crypt::Digest::Keccak224->new->addfile($fh)->hexdigest, "26659008759423cde44c4984748af6b61d7d4ea5c7e81be58fb72faa", 'keccak224 (OO/filehandle/3)'); + close($fh); +} + +is( keccak224_file('t/data/text-LF.file'), pack("H*","2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b"), 'keccak224 (raw/file/4)'); +is( keccak224_file_hex('t/data/text-LF.file'), "2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b", 'keccak224 (hex/file/4)'); +is( keccak224_file_b64('t/data/text-LF.file'), "ICFxfRb5n0k5YNCDmjyysBvoB4wotCXX8chmKw==", 'keccak224 (base64/file/4)'); +is( digest_file('Keccak224', 't/data/text-LF.file'), pack("H*","2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b"), 'keccak224 (digest_file_raw/file/4)'); +is( digest_file_hex('Keccak224', 't/data/text-LF.file'), "2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b", 'keccak224 (digest_file_hex/file/4)'); +is( digest_file_b64('Keccak224', 't/data/text-LF.file'), "ICFxfRb5n0k5YNCDmjyysBvoB4wotCXX8chmKw==", 'keccak224 (digest_file_b64/file/4)'); +is( digest_file_b64u('Keccak224', 't/data/text-LF.file'), "ICFxfRb5n0k5YNCDmjyysBvoB4wotCXX8chmKw", 'keccak224 (digest_file_b64u/file/4)'); +is( Crypt::Digest::Keccak224->new->addfile('t/data/text-LF.file')->hexdigest, "2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b", 'keccak224 (OO/file/4)'); +{ + open(my $fh, '<', 't/data/text-LF.file'); + binmode($fh); + is( Crypt::Digest::Keccak224->new->addfile($fh)->hexdigest, "2021717d16f99f493960d0839a3cb2b01be8078c28b425d7f1c8662b", 'keccak224 (OO/filehandle/4)'); + close($fh); +} diff --git a/t/digest_keccak256.t b/t/digest_keccak256.t new file mode 100644 index 0000000..2582147 --- /dev/null +++ b/t/digest_keccak256.t @@ -0,0 +1,116 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 8*3 + 9*4 + 10 + 6; + +use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); +use Crypt::Digest::Keccak256 qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u ); + +is( Crypt::Digest::hashsize('Keccak256'), 32, 'hashsize/1'); +is( Crypt::Digest->hashsize('Keccak256'), 32, 'hashsize/2'); +is( Crypt::Digest::Keccak256::hashsize, 32, 'hashsize/3'); +is( Crypt::Digest::Keccak256->hashsize, 32, 'hashsize/4'); +is( Crypt::Digest->new('Keccak256')->hashsize, 32, 'hashsize/5'); +is( Crypt::Digest::Keccak256->new->hashsize, 32, 'hashsize/6'); + +is( keccak256("A","A","A"), pack("H*","2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a"), 'keccak256 (raw/tripple_A)'); +is( keccak256_hex("A","A","A"), "2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a", 'keccak256 (hex/tripple_A)'); +is( keccak256_b64("A","A","A"), "IHBQQAOge0cT14OuemZCqzuVm3xXXG5PpPM+t0PbYxo=", 'keccak256 (base64/tripple_A)'); +is( keccak256_b64u("A","A","A"), "IHBQQAOge0cT14OuemZCqzuVm3xXXG5PpPM-t0PbYxo", 'keccak256 (base64url/tripple_A)'); +is( digest_data('Keccak256', "A","A","A"), pack("H*","2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a"), 'keccak256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('Keccak256', "A","A","A"), "2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a", 'keccak256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('Keccak256', "A","A","A"), "IHBQQAOge0cT14OuemZCqzuVm3xXXG5PpPM+t0PbYxo=", 'keccak256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Keccak256', "A","A","A"), "IHBQQAOge0cT14OuemZCqzuVm3xXXG5PpPM-t0PbYxo", 'keccak256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Keccak256->new->add("A","A","A")->hexdigest, "2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a", 'keccak256 (OO/tripple_A)'); +is( Crypt::Digest::Keccak256->new->add("A")->add("A")->add("A")->hexdigest, "2070504003a07b4713d783ae7a6642ab3b959b7c575c6e4fa4f33eb743db631a", 'keccak256 (OO3/tripple_A)'); + + +is( keccak256(""), pack("H*","c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470"), 'keccak256 (raw/1)'); +is( keccak256_hex(""), "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470", 'keccak256 (hex/1)'); +is( keccak256_b64(""), "xdJGAYb3IzySfn2y3McDwOUAtlPKgic7e/rYBF2FpHA=", 'keccak256 (base64/1)'); +is( digest_data('Keccak256', ""), pack("H*","c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470"), 'keccak256 (digest_data_raw/1)'); +is( digest_data_hex('Keccak256', ""), "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470", 'keccak256 (digest_data_hex/1)'); +is( digest_data_b64('Keccak256', ""), "xdJGAYb3IzySfn2y3McDwOUAtlPKgic7e/rYBF2FpHA=", 'keccak256 (digest_data_b64/1)'); +is( digest_data_b64u('Keccak256', ""), "xdJGAYb3IzySfn2y3McDwOUAtlPKgic7e_rYBF2FpHA", 'keccak256 (digest_data_b64u/1)'); +is( Crypt::Digest::Keccak256->new->add("")->hexdigest, "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470", 'keccak256 (OO/1)'); + +is( keccak256("123"), pack("H*","64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107"), 'keccak256 (raw/2)'); +is( keccak256_hex("123"), "64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107", 'keccak256 (hex/2)'); +is( keccak256_b64("123"), "ZOYEeHy/GUhB57aNfNKHhvbJoKOrn4sKDofLQ4erAQc=", 'keccak256 (base64/2)'); +is( digest_data('Keccak256', "123"), pack("H*","64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107"), 'keccak256 (digest_data_raw/2)'); +is( digest_data_hex('Keccak256', "123"), "64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107", 'keccak256 (digest_data_hex/2)'); +is( digest_data_b64('Keccak256', "123"), "ZOYEeHy/GUhB57aNfNKHhvbJoKOrn4sKDofLQ4erAQc=", 'keccak256 (digest_data_b64/2)'); +is( digest_data_b64u('Keccak256', "123"), "ZOYEeHy_GUhB57aNfNKHhvbJoKOrn4sKDofLQ4erAQc", 'keccak256 (digest_data_b64u/2)'); +is( Crypt::Digest::Keccak256->new->add("123")->hexdigest, "64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107", 'keccak256 (OO/2)'); + +is( keccak256("test\0test\0test\n"), pack("H*","fbc121310d505fb7172a28e0e9e8c7d2976c9f63a739fe60bc298467bc72bb86"), 'keccak256 (raw/3)'); +is( keccak256_hex("test\0test\0test\n"), "fbc121310d505fb7172a28e0e9e8c7d2976c9f63a739fe60bc298467bc72bb86", 'keccak256 (hex/3)'); +is( keccak256_b64("test\0test\0test\n"), "+8EhMQ1QX7cXKijg6ejH0pdsn2OnOf5gvCmEZ7xyu4Y=", 'keccak256 (base64/3)'); +is( digest_data('Keccak256', "test\0test\0test\n"), pack("H*","fbc121310d505fb7172a28e0e9e8c7d2976c9f63a739fe60bc298467bc72bb86"), 'keccak256 (digest_data_raw/3)'); +is( digest_data_hex('Keccak256', "test\0test\0test\n"), "fbc121310d505fb7172a28e0e9e8c7d2976c9f63a739fe60bc298467bc72bb86", 'keccak256 (digest_data_hex/3)'); +is( digest_data_b64('Keccak256', "test\0test\0test\n"), "+8EhMQ1QX7cXKijg6ejH0pdsn2OnOf5gvCmEZ7xyu4Y=", 'keccak256 (digest_data_b64/3)'); +is( digest_data_b64u('Keccak256', "test\0test\0test\n"), "-8EhMQ1QX7cXKijg6ejH0pdsn2OnOf5gvCmEZ7xyu4Y", 'keccak256 (digest_data_b64u/3)'); +is( Crypt::Digest::Keccak256->new->add("test\0test\0test\n")->hexdigest, "fbc121310d505fb7172a28e0e9e8c7d2976c9f63a739fe60bc298467bc72bb86", 'keccak256 (OO/3)'); + + +is( keccak256_file('t/data/binary-test.file'), pack("H*","7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8"), 'keccak256 (raw/file/1)'); +is( keccak256_file_hex('t/data/binary-test.file'), "7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8", 'keccak256 (hex/file/1)'); +is( keccak256_file_b64('t/data/binary-test.file'), "cEb1+tds95Oh9EwVm2Vid62j9CgFesgWDQT9zcWw/Lg=", 'keccak256 (base64/file/1)'); +is( digest_file('Keccak256', 't/data/binary-test.file'), pack("H*","7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8"), 'keccak256 (digest_file_raw/file/1)'); +is( digest_file_hex('Keccak256', 't/data/binary-test.file'), "7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8", 'keccak256 (digest_file_hex/file/1)'); +is( digest_file_b64('Keccak256', 't/data/binary-test.file'), "cEb1+tds95Oh9EwVm2Vid62j9CgFesgWDQT9zcWw/Lg=", 'keccak256 (digest_file_b64/file/1)'); +is( digest_file_b64u('Keccak256', 't/data/binary-test.file'), "cEb1-tds95Oh9EwVm2Vid62j9CgFesgWDQT9zcWw_Lg", 'keccak256 (digest_file_b64u/file/1)'); +is( Crypt::Digest::Keccak256->new->addfile('t/data/binary-test.file')->hexdigest, "7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8", 'keccak256 (OO/file/1)'); +{ + open(my $fh, '<', 't/data/binary-test.file'); + binmode($fh); + is( Crypt::Digest::Keccak256->new->addfile($fh)->hexdigest, "7046f5fad76cf793a1f44c159b656277ada3f428057ac8160d04fdcdc5b0fcb8", 'keccak256 (OO/filehandle/1)'); + close($fh); +} + +is( keccak256_file('t/data/text-CR.file'), pack("H*","288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18"), 'keccak256 (raw/file/2)'); +is( keccak256_file_hex('t/data/text-CR.file'), "288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18", 'keccak256 (hex/file/2)'); +is( keccak256_file_b64('t/data/text-CR.file'), "KI1HiXIipvvW2Fk80GeW5sPrVjem6vj8Az3JJDzgHBg=", 'keccak256 (base64/file/2)'); +is( digest_file('Keccak256', 't/data/text-CR.file'), pack("H*","288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18"), 'keccak256 (digest_file_raw/file/2)'); +is( digest_file_hex('Keccak256', 't/data/text-CR.file'), "288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18", 'keccak256 (digest_file_hex/file/2)'); +is( digest_file_b64('Keccak256', 't/data/text-CR.file'), "KI1HiXIipvvW2Fk80GeW5sPrVjem6vj8Az3JJDzgHBg=", 'keccak256 (digest_file_b64/file/2)'); +is( digest_file_b64u('Keccak256', 't/data/text-CR.file'), "KI1HiXIipvvW2Fk80GeW5sPrVjem6vj8Az3JJDzgHBg", 'keccak256 (digest_file_b64u/file/2)'); +is( Crypt::Digest::Keccak256->new->addfile('t/data/text-CR.file')->hexdigest, "288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18", 'keccak256 (OO/file/2)'); +{ + open(my $fh, '<', 't/data/text-CR.file'); + binmode($fh); + is( Crypt::Digest::Keccak256->new->addfile($fh)->hexdigest, "288d47897222a6fbd6d8593cd06796e6c3eb5637a6eaf8fc033dc9243ce01c18", 'keccak256 (OO/filehandle/2)'); + close($fh); +} + +is( keccak256_file('t/data/text-CRLF.file'), pack("H*","a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1"), 'keccak256 (raw/file/3)'); +is( keccak256_file_hex('t/data/text-CRLF.file'), "a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1", 'keccak256 (hex/file/3)'); +is( keccak256_file_b64('t/data/text-CRLF.file'), "pEcDuF1e5/NbPAwhxkbWlZeNDsXqNqGgWndCfF+WTuE=", 'keccak256 (base64/file/3)'); +is( digest_file('Keccak256', 't/data/text-CRLF.file'), pack("H*","a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1"), 'keccak256 (digest_file_raw/file/3)'); +is( digest_file_hex('Keccak256', 't/data/text-CRLF.file'), "a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1", 'keccak256 (digest_file_hex/file/3)'); +is( digest_file_b64('Keccak256', 't/data/text-CRLF.file'), "pEcDuF1e5/NbPAwhxkbWlZeNDsXqNqGgWndCfF+WTuE=", 'keccak256 (digest_file_b64/file/3)'); +is( digest_file_b64u('Keccak256', 't/data/text-CRLF.file'), "pEcDuF1e5_NbPAwhxkbWlZeNDsXqNqGgWndCfF-WTuE", 'keccak256 (digest_file_b64u/file/3)'); +is( Crypt::Digest::Keccak256->new->addfile('t/data/text-CRLF.file')->hexdigest, "a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1", 'keccak256 (OO/file/3)'); +{ + open(my $fh, '<', 't/data/text-CRLF.file'); + binmode($fh); + is( Crypt::Digest::Keccak256->new->addfile($fh)->hexdigest, "a44703b85d5ee7f35b3c0c21c646d695978d0ec5ea36a1a05a77427c5f964ee1", 'keccak256 (OO/filehandle/3)'); + close($fh); +} + +is( keccak256_file('t/data/text-LF.file'), pack("H*","188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4"), 'keccak256 (raw/file/4)'); +is( keccak256_file_hex('t/data/text-LF.file'), "188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4", 'keccak256 (hex/file/4)'); +is( keccak256_file_b64('t/data/text-LF.file'), "GIR2xx3ir8t+2p28VgteteTmgaVYVopBBo621zjvpPQ=", 'keccak256 (base64/file/4)'); +is( digest_file('Keccak256', 't/data/text-LF.file'), pack("H*","188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4"), 'keccak256 (digest_file_raw/file/4)'); +is( digest_file_hex('Keccak256', 't/data/text-LF.file'), "188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4", 'keccak256 (digest_file_hex/file/4)'); +is( digest_file_b64('Keccak256', 't/data/text-LF.file'), "GIR2xx3ir8t+2p28VgteteTmgaVYVopBBo621zjvpPQ=", 'keccak256 (digest_file_b64/file/4)'); +is( digest_file_b64u('Keccak256', 't/data/text-LF.file'), "GIR2xx3ir8t-2p28VgteteTmgaVYVopBBo621zjvpPQ", 'keccak256 (digest_file_b64u/file/4)'); +is( Crypt::Digest::Keccak256->new->addfile('t/data/text-LF.file')->hexdigest, "188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4", 'keccak256 (OO/file/4)'); +{ + open(my $fh, '<', 't/data/text-LF.file'); + binmode($fh); + is( Crypt::Digest::Keccak256->new->addfile($fh)->hexdigest, "188476c71de2afcb7eda9dbc560b5eb5e4e681a558568a41068eb6d738efa4f4", 'keccak256 (OO/filehandle/4)'); + close($fh); +} diff --git a/t/digest_keccak384.t b/t/digest_keccak384.t new file mode 100644 index 0000000..935816d --- /dev/null +++ b/t/digest_keccak384.t @@ -0,0 +1,116 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 8*3 + 9*4 + 10 + 6; + +use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); +use Crypt::Digest::Keccak384 qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u ); + +is( Crypt::Digest::hashsize('Keccak384'), 48, 'hashsize/1'); +is( Crypt::Digest->hashsize('Keccak384'), 48, 'hashsize/2'); +is( Crypt::Digest::Keccak384::hashsize, 48, 'hashsize/3'); +is( Crypt::Digest::Keccak384->hashsize, 48, 'hashsize/4'); +is( Crypt::Digest->new('Keccak384')->hashsize, 48, 'hashsize/5'); +is( Crypt::Digest::Keccak384->new->hashsize, 48, 'hashsize/6'); + +is( keccak384("A","A","A"), pack("H*","173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297"), 'keccak384 (raw/tripple_A)'); +is( keccak384_hex("A","A","A"), "173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297", 'keccak384 (hex/tripple_A)'); +is( keccak384_b64("A","A","A"), "FztUXg/YF4T4wCTKgDZBk2CC7vmlrOc/r3OtaOzeYCnMNFpcVJOE4Ndifcv1jQKX", 'keccak384 (base64/tripple_A)'); +is( keccak384_b64u("A","A","A"), "FztUXg_YF4T4wCTKgDZBk2CC7vmlrOc_r3OtaOzeYCnMNFpcVJOE4Ndifcv1jQKX", 'keccak384 (base64url/tripple_A)'); +is( digest_data('Keccak384', "A","A","A"), pack("H*","173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297"), 'keccak384 (digest_data_raw/tripple_A)'); +is( digest_data_hex('Keccak384', "A","A","A"), "173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297", 'keccak384 (digest_data_hex/tripple_A)'); +is( digest_data_b64('Keccak384', "A","A","A"), "FztUXg/YF4T4wCTKgDZBk2CC7vmlrOc/r3OtaOzeYCnMNFpcVJOE4Ndifcv1jQKX", 'keccak384 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Keccak384', "A","A","A"), "FztUXg_YF4T4wCTKgDZBk2CC7vmlrOc_r3OtaOzeYCnMNFpcVJOE4Ndifcv1jQKX", 'keccak384 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Keccak384->new->add("A","A","A")->hexdigest, "173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297", 'keccak384 (OO/tripple_A)'); +is( Crypt::Digest::Keccak384->new->add("A")->add("A")->add("A")->hexdigest, "173b545e0fd81784f8c024ca803641936082eef9a5ace73faf73ad68ecde6029cc345a5c549384e0d7627dcbf58d0297", 'keccak384 (OO3/tripple_A)'); + + +is( keccak384(""), pack("H*","2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff"), 'keccak384 (raw/1)'); +is( keccak384_hex(""), "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff", 'keccak384 (hex/1)'); +is( keccak384_b64(""), "LCMUamOims+Z5zuI+MJOqn3GCqdxeAzMAGr7+o/iR5st0rITYjN0QawStRWRGVf/", 'keccak384 (base64/1)'); +is( digest_data('Keccak384', ""), pack("H*","2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff"), 'keccak384 (digest_data_raw/1)'); +is( digest_data_hex('Keccak384', ""), "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff", 'keccak384 (digest_data_hex/1)'); +is( digest_data_b64('Keccak384', ""), "LCMUamOims+Z5zuI+MJOqn3GCqdxeAzMAGr7+o/iR5st0rITYjN0QawStRWRGVf/", 'keccak384 (digest_data_b64/1)'); +is( digest_data_b64u('Keccak384', ""), "LCMUamOims-Z5zuI-MJOqn3GCqdxeAzMAGr7-o_iR5st0rITYjN0QawStRWRGVf_", 'keccak384 (digest_data_b64u/1)'); +is( Crypt::Digest::Keccak384->new->add("")->hexdigest, "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff", 'keccak384 (OO/1)'); + +is( keccak384("123"), pack("H*","7dd34ccaae92bfc7eb541056d200db23b6bbeefe95be0d2bb43625113361906f0afc701dbef1cfb615bf98b1535a84c1"), 'keccak384 (raw/2)'); +is( keccak384_hex("123"), "7dd34ccaae92bfc7eb541056d200db23b6bbeefe95be0d2bb43625113361906f0afc701dbef1cfb615bf98b1535a84c1", 'keccak384 (hex/2)'); +is( keccak384_b64("123"), "fdNMyq6Sv8frVBBW0gDbI7a77v6Vvg0rtDYlETNhkG8K/HAdvvHPthW/mLFTWoTB", 'keccak384 (base64/2)'); +is( digest_data('Keccak384', "123"), pack("H*","7dd34ccaae92bfc7eb541056d200db23b6bbeefe95be0d2bb43625113361906f0afc701dbef1cfb615bf98b1535a84c1"), 'keccak384 (digest_data_raw/2)'); +is( digest_data_hex('Keccak384', "123"), "7dd34ccaae92bfc7eb541056d200db23b6bbeefe95be0d2bb43625113361906f0afc701dbef1cfb615bf98b1535a84c1", 'keccak384 (digest_data_hex/2)'); +is( digest_data_b64('Keccak384', "123"), "fdNMyq6Sv8frVBBW0gDbI7a77v6Vvg0rtDYlETNhkG8K/HAdvvHPthW/mLFTWoTB", 'keccak384 (digest_data_b64/2)'); +is( digest_data_b64u('Keccak384', "123"), "fdNMyq6Sv8frVBBW0gDbI7a77v6Vvg0rtDYlETNhkG8K_HAdvvHPthW_mLFTWoTB", 'keccak384 (digest_data_b64u/2)'); +is( Crypt::Digest::Keccak384->new->add("123")->hexdigest, "7dd34ccaae92bfc7eb541056d200db23b6bbeefe95be0d2bb43625113361906f0afc701dbef1cfb615bf98b1535a84c1", 'keccak384 (OO/2)'); + +is( keccak384("test\0test\0test\n"), pack("H*","d05c31062f5401c5d370cf84949937c52764626a61d2bbd5bf5c50f6f742ebcf9269691a3c70ef83dc49f4e186e5d908"), 'keccak384 (raw/3)'); +is( keccak384_hex("test\0test\0test\n"), "d05c31062f5401c5d370cf84949937c52764626a61d2bbd5bf5c50f6f742ebcf9269691a3c70ef83dc49f4e186e5d908", 'keccak384 (hex/3)'); +is( keccak384_b64("test\0test\0test\n"), "0FwxBi9UAcXTcM+ElJk3xSdkYmph0rvVv1xQ9vdC68+SaWkaPHDvg9xJ9OGG5dkI", 'keccak384 (base64/3)'); +is( digest_data('Keccak384', "test\0test\0test\n"), pack("H*","d05c31062f5401c5d370cf84949937c52764626a61d2bbd5bf5c50f6f742ebcf9269691a3c70ef83dc49f4e186e5d908"), 'keccak384 (digest_data_raw/3)'); +is( digest_data_hex('Keccak384', "test\0test\0test\n"), "d05c31062f5401c5d370cf84949937c52764626a61d2bbd5bf5c50f6f742ebcf9269691a3c70ef83dc49f4e186e5d908", 'keccak384 (digest_data_hex/3)'); +is( digest_data_b64('Keccak384', "test\0test\0test\n"), "0FwxBi9UAcXTcM+ElJk3xSdkYmph0rvVv1xQ9vdC68+SaWkaPHDvg9xJ9OGG5dkI", 'keccak384 (digest_data_b64/3)'); +is( digest_data_b64u('Keccak384', "test\0test\0test\n"), "0FwxBi9UAcXTcM-ElJk3xSdkYmph0rvVv1xQ9vdC68-SaWkaPHDvg9xJ9OGG5dkI", 'keccak384 (digest_data_b64u/3)'); +is( Crypt::Digest::Keccak384->new->add("test\0test\0test\n")->hexdigest, "d05c31062f5401c5d370cf84949937c52764626a61d2bbd5bf5c50f6f742ebcf9269691a3c70ef83dc49f4e186e5d908", 'keccak384 (OO/3)'); + + +is( keccak384_file('t/data/binary-test.file'), pack("H*","16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc"), 'keccak384 (raw/file/1)'); +is( keccak384_file_hex('t/data/binary-test.file'), "16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc", 'keccak384 (hex/file/1)'); +is( keccak384_file_b64('t/data/binary-test.file'), "FqWn2C3h7sHLu1HEA90PwCVg3fSIwbjGm5tM8VhedRQk38wGzwuvL/c9kxxvckC8", 'keccak384 (base64/file/1)'); +is( digest_file('Keccak384', 't/data/binary-test.file'), pack("H*","16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc"), 'keccak384 (digest_file_raw/file/1)'); +is( digest_file_hex('Keccak384', 't/data/binary-test.file'), "16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc", 'keccak384 (digest_file_hex/file/1)'); +is( digest_file_b64('Keccak384', 't/data/binary-test.file'), "FqWn2C3h7sHLu1HEA90PwCVg3fSIwbjGm5tM8VhedRQk38wGzwuvL/c9kxxvckC8", 'keccak384 (digest_file_b64/file/1)'); +is( digest_file_b64u('Keccak384', 't/data/binary-test.file'), "FqWn2C3h7sHLu1HEA90PwCVg3fSIwbjGm5tM8VhedRQk38wGzwuvL_c9kxxvckC8", 'keccak384 (digest_file_b64u/file/1)'); +is( Crypt::Digest::Keccak384->new->addfile('t/data/binary-test.file')->hexdigest, "16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc", 'keccak384 (OO/file/1)'); +{ + open(my $fh, '<', 't/data/binary-test.file'); + binmode($fh); + is( Crypt::Digest::Keccak384->new->addfile($fh)->hexdigest, "16a5a7d82de1eec1cbbb51c403dd0fc02560ddf488c1b8c69b9b4cf1585e751424dfcc06cf0baf2ff73d931c6f7240bc", 'keccak384 (OO/filehandle/1)'); + close($fh); +} + +is( keccak384_file('t/data/text-CR.file'), pack("H*","d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc"), 'keccak384 (raw/file/2)'); +is( keccak384_file_hex('t/data/text-CR.file'), "d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc", 'keccak384 (hex/file/2)'); +is( keccak384_file_b64('t/data/text-CR.file'), "1CoL+yqVu/66N1sUbr4375ly0lgJuToY/RdU+4atkTmsLKceXNFxMCTs2gYmOjnM", 'keccak384 (base64/file/2)'); +is( digest_file('Keccak384', 't/data/text-CR.file'), pack("H*","d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc"), 'keccak384 (digest_file_raw/file/2)'); +is( digest_file_hex('Keccak384', 't/data/text-CR.file'), "d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc", 'keccak384 (digest_file_hex/file/2)'); +is( digest_file_b64('Keccak384', 't/data/text-CR.file'), "1CoL+yqVu/66N1sUbr4375ly0lgJuToY/RdU+4atkTmsLKceXNFxMCTs2gYmOjnM", 'keccak384 (digest_file_b64/file/2)'); +is( digest_file_b64u('Keccak384', 't/data/text-CR.file'), "1CoL-yqVu_66N1sUbr4375ly0lgJuToY_RdU-4atkTmsLKceXNFxMCTs2gYmOjnM", 'keccak384 (digest_file_b64u/file/2)'); +is( Crypt::Digest::Keccak384->new->addfile('t/data/text-CR.file')->hexdigest, "d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc", 'keccak384 (OO/file/2)'); +{ + open(my $fh, '<', 't/data/text-CR.file'); + binmode($fh); + is( Crypt::Digest::Keccak384->new->addfile($fh)->hexdigest, "d42a0bfb2a95bbfeba375b146ebe37ef9972d25809b93a18fd1754fb86ad9139ac2ca71e5cd1713024ecda06263a39cc", 'keccak384 (OO/filehandle/2)'); + close($fh); +} + +is( keccak384_file('t/data/text-CRLF.file'), pack("H*","06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982"), 'keccak384 (raw/file/3)'); +is( keccak384_file_hex('t/data/text-CRLF.file'), "06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982", 'keccak384 (hex/file/3)'); +is( keccak384_file_b64('t/data/text-CRLF.file'), "BiiLNQblCArrvN+qulmFrInj5CJ/0yuKUyZABkyYv+qZGl6IzACzB/0N0tHIejmC", 'keccak384 (base64/file/3)'); +is( digest_file('Keccak384', 't/data/text-CRLF.file'), pack("H*","06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982"), 'keccak384 (digest_file_raw/file/3)'); +is( digest_file_hex('Keccak384', 't/data/text-CRLF.file'), "06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982", 'keccak384 (digest_file_hex/file/3)'); +is( digest_file_b64('Keccak384', 't/data/text-CRLF.file'), "BiiLNQblCArrvN+qulmFrInj5CJ/0yuKUyZABkyYv+qZGl6IzACzB/0N0tHIejmC", 'keccak384 (digest_file_b64/file/3)'); +is( digest_file_b64u('Keccak384', 't/data/text-CRLF.file'), "BiiLNQblCArrvN-qulmFrInj5CJ_0yuKUyZABkyYv-qZGl6IzACzB_0N0tHIejmC", 'keccak384 (digest_file_b64u/file/3)'); +is( Crypt::Digest::Keccak384->new->addfile('t/data/text-CRLF.file')->hexdigest, "06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982", 'keccak384 (OO/file/3)'); +{ + open(my $fh, '<', 't/data/text-CRLF.file'); + binmode($fh); + is( Crypt::Digest::Keccak384->new->addfile($fh)->hexdigest, "06288b3506e5080aebbcdfaaba5985ac89e3e4227fd32b8a532640064c98bfea991a5e88cc00b307fd0dd2d1c87a3982", 'keccak384 (OO/filehandle/3)'); + close($fh); +} + +is( keccak384_file('t/data/text-LF.file'), pack("H*","14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71"), 'keccak384 (raw/file/4)'); +is( keccak384_file_hex('t/data/text-LF.file'), "14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71", 'keccak384 (hex/file/4)'); +is( keccak384_file_b64('t/data/text-LF.file'), "FLVNEYgVT3AX/3sz4h5C75PJHXnqa0SiIwAq3G2JuHXTvLJcGJrqgnVgVAr75c9x", 'keccak384 (base64/file/4)'); +is( digest_file('Keccak384', 't/data/text-LF.file'), pack("H*","14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71"), 'keccak384 (digest_file_raw/file/4)'); +is( digest_file_hex('Keccak384', 't/data/text-LF.file'), "14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71", 'keccak384 (digest_file_hex/file/4)'); +is( digest_file_b64('Keccak384', 't/data/text-LF.file'), "FLVNEYgVT3AX/3sz4h5C75PJHXnqa0SiIwAq3G2JuHXTvLJcGJrqgnVgVAr75c9x", 'keccak384 (digest_file_b64/file/4)'); +is( digest_file_b64u('Keccak384', 't/data/text-LF.file'), "FLVNEYgVT3AX_3sz4h5C75PJHXnqa0SiIwAq3G2JuHXTvLJcGJrqgnVgVAr75c9x", 'keccak384 (digest_file_b64u/file/4)'); +is( Crypt::Digest::Keccak384->new->addfile('t/data/text-LF.file')->hexdigest, "14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71", 'keccak384 (OO/file/4)'); +{ + open(my $fh, '<', 't/data/text-LF.file'); + binmode($fh); + is( Crypt::Digest::Keccak384->new->addfile($fh)->hexdigest, "14b54d1188154f7017ff7b33e21e42ef93c91d79ea6b44a223002adc6d89b875d3bcb25c189aea827560540afbe5cf71", 'keccak384 (OO/filehandle/4)'); + close($fh); +} diff --git a/t/digest_keccak512.t b/t/digest_keccak512.t new file mode 100644 index 0000000..1c8618d --- /dev/null +++ b/t/digest_keccak512.t @@ -0,0 +1,116 @@ +### BEWARE - GENERATED FILE, DO NOT EDIT MANUALLY! + +use strict; +use warnings; + +use Test::More tests => 8*3 + 9*4 + 10 + 6; + +use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); +use Crypt::Digest::Keccak512 qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u ); + +is( Crypt::Digest::hashsize('Keccak512'), 64, 'hashsize/1'); +is( Crypt::Digest->hashsize('Keccak512'), 64, 'hashsize/2'); +is( Crypt::Digest::Keccak512::hashsize, 64, 'hashsize/3'); +is( Crypt::Digest::Keccak512->hashsize, 64, 'hashsize/4'); +is( Crypt::Digest->new('Keccak512')->hashsize, 64, 'hashsize/5'); +is( Crypt::Digest::Keccak512->new->hashsize, 64, 'hashsize/6'); + +is( keccak512("A","A","A"), pack("H*","a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391"), 'keccak512 (raw/tripple_A)'); +is( keccak512_hex("A","A","A"), "a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391", 'keccak512 (hex/tripple_A)'); +is( keccak512_b64("A","A","A"), "oCQ6iRWE9IrrWWd0WHBdIJwN79l3ZVy4pseCmKydWYFXFlnh01AkKF1xjdH2A4dq14X1nqgUuR7mGkQzhWxjkQ==", 'keccak512 (base64/tripple_A)'); +is( keccak512_b64u("A","A","A"), "oCQ6iRWE9IrrWWd0WHBdIJwN79l3ZVy4pseCmKydWYFXFlnh01AkKF1xjdH2A4dq14X1nqgUuR7mGkQzhWxjkQ", 'keccak512 (base64url/tripple_A)'); +is( digest_data('Keccak512', "A","A","A"), pack("H*","a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391"), 'keccak512 (digest_data_raw/tripple_A)'); +is( digest_data_hex('Keccak512', "A","A","A"), "a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391", 'keccak512 (digest_data_hex/tripple_A)'); +is( digest_data_b64('Keccak512', "A","A","A"), "oCQ6iRWE9IrrWWd0WHBdIJwN79l3ZVy4pseCmKydWYFXFlnh01AkKF1xjdH2A4dq14X1nqgUuR7mGkQzhWxjkQ==", 'keccak512 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Keccak512', "A","A","A"), "oCQ6iRWE9IrrWWd0WHBdIJwN79l3ZVy4pseCmKydWYFXFlnh01AkKF1xjdH2A4dq14X1nqgUuR7mGkQzhWxjkQ", 'keccak512 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Keccak512->new->add("A","A","A")->hexdigest, "a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391", 'keccak512 (OO/tripple_A)'); +is( Crypt::Digest::Keccak512->new->add("A")->add("A")->add("A")->hexdigest, "a0243a891584f48aeb59677458705d209c0defd977655cb8a6c78298ac9d5981571659e1d35024285d718dd1f603876ad785f59ea814b91ee61a4433856c6391", 'keccak512 (OO3/tripple_A)'); + + +is( keccak512(""), pack("H*","0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e"), 'keccak512 (raw/1)'); +is( keccak512_hex(""), "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e", 'keccak512 (hex/1)'); +is( keccak512_b64(""), "DqtC3kw865I1/JGs/+dGspwpqMNmt8YOTmfEZvNqQwTAD6nK+dh5drpGm8vgZxO0NfCR7ydp+xYM2rM9NnBoDg==", 'keccak512 (base64/1)'); +is( digest_data('Keccak512', ""), pack("H*","0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e"), 'keccak512 (digest_data_raw/1)'); +is( digest_data_hex('Keccak512', ""), "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e", 'keccak512 (digest_data_hex/1)'); +is( digest_data_b64('Keccak512', ""), "DqtC3kw865I1/JGs/+dGspwpqMNmt8YOTmfEZvNqQwTAD6nK+dh5drpGm8vgZxO0NfCR7ydp+xYM2rM9NnBoDg==", 'keccak512 (digest_data_b64/1)'); +is( digest_data_b64u('Keccak512', ""), "DqtC3kw865I1_JGs_-dGspwpqMNmt8YOTmfEZvNqQwTAD6nK-dh5drpGm8vgZxO0NfCR7ydp-xYM2rM9NnBoDg", 'keccak512 (digest_data_b64u/1)'); +is( Crypt::Digest::Keccak512->new->add("")->hexdigest, "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e", 'keccak512 (OO/1)'); + +is( keccak512("123"), pack("H*","8ca32d950873fd2b5b34a7d79c4a294b2fd805abe3261beb04fab61a3b4b75609afd6478aa8d34e03f262d68bb09a2ba9d655e228c96723b2854838a6e613b9d"), 'keccak512 (raw/2)'); +is( keccak512_hex("123"), "8ca32d950873fd2b5b34a7d79c4a294b2fd805abe3261beb04fab61a3b4b75609afd6478aa8d34e03f262d68bb09a2ba9d655e228c96723b2854838a6e613b9d", 'keccak512 (hex/2)'); +is( keccak512_b64("123"), "jKMtlQhz/StbNKfXnEopSy/YBavjJhvrBPq2GjtLdWCa/WR4qo004D8mLWi7CaK6nWVeIoyWcjsoVIOKbmE7nQ==", 'keccak512 (base64/2)'); +is( digest_data('Keccak512', "123"), pack("H*","8ca32d950873fd2b5b34a7d79c4a294b2fd805abe3261beb04fab61a3b4b75609afd6478aa8d34e03f262d68bb09a2ba9d655e228c96723b2854838a6e613b9d"), 'keccak512 (digest_data_raw/2)'); +is( digest_data_hex('Keccak512', "123"), "8ca32d950873fd2b5b34a7d79c4a294b2fd805abe3261beb04fab61a3b4b75609afd6478aa8d34e03f262d68bb09a2ba9d655e228c96723b2854838a6e613b9d", 'keccak512 (digest_data_hex/2)'); +is( digest_data_b64('Keccak512', "123"), "jKMtlQhz/StbNKfXnEopSy/YBavjJhvrBPq2GjtLdWCa/WR4qo004D8mLWi7CaK6nWVeIoyWcjsoVIOKbmE7nQ==", 'keccak512 (digest_data_b64/2)'); +is( digest_data_b64u('Keccak512', "123"), "jKMtlQhz_StbNKfXnEopSy_YBavjJhvrBPq2GjtLdWCa_WR4qo004D8mLWi7CaK6nWVeIoyWcjsoVIOKbmE7nQ", 'keccak512 (digest_data_b64u/2)'); +is( Crypt::Digest::Keccak512->new->add("123")->hexdigest, "8ca32d950873fd2b5b34a7d79c4a294b2fd805abe3261beb04fab61a3b4b75609afd6478aa8d34e03f262d68bb09a2ba9d655e228c96723b2854838a6e613b9d", 'keccak512 (OO/2)'); + +is( keccak512("test\0test\0test\n"), pack("H*","32c764ac224dfa7a5c8205dada12006a56d15a6377b6fcd65b6e17be8759459ae847d9d7cadf335d4b477541db19883a4d4a7e2dae8f9f8504f4e36cc3417e00"), 'keccak512 (raw/3)'); +is( keccak512_hex("test\0test\0test\n"), "32c764ac224dfa7a5c8205dada12006a56d15a6377b6fcd65b6e17be8759459ae847d9d7cadf335d4b477541db19883a4d4a7e2dae8f9f8504f4e36cc3417e00", 'keccak512 (hex/3)'); +is( keccak512_b64("test\0test\0test\n"), "MsdkrCJN+npcggXa2hIAalbRWmN3tvzWW24XvodZRZroR9nXyt8zXUtHdUHbGYg6TUp+La6Pn4UE9ONsw0F+AA==", 'keccak512 (base64/3)'); +is( digest_data('Keccak512', "test\0test\0test\n"), pack("H*","32c764ac224dfa7a5c8205dada12006a56d15a6377b6fcd65b6e17be8759459ae847d9d7cadf335d4b477541db19883a4d4a7e2dae8f9f8504f4e36cc3417e00"), 'keccak512 (digest_data_raw/3)'); +is( digest_data_hex('Keccak512', "test\0test\0test\n"), "32c764ac224dfa7a5c8205dada12006a56d15a6377b6fcd65b6e17be8759459ae847d9d7cadf335d4b477541db19883a4d4a7e2dae8f9f8504f4e36cc3417e00", 'keccak512 (digest_data_hex/3)'); +is( digest_data_b64('Keccak512', "test\0test\0test\n"), "MsdkrCJN+npcggXa2hIAalbRWmN3tvzWW24XvodZRZroR9nXyt8zXUtHdUHbGYg6TUp+La6Pn4UE9ONsw0F+AA==", 'keccak512 (digest_data_b64/3)'); +is( digest_data_b64u('Keccak512', "test\0test\0test\n"), "MsdkrCJN-npcggXa2hIAalbRWmN3tvzWW24XvodZRZroR9nXyt8zXUtHdUHbGYg6TUp-La6Pn4UE9ONsw0F-AA", 'keccak512 (digest_data_b64u/3)'); +is( Crypt::Digest::Keccak512->new->add("test\0test\0test\n")->hexdigest, "32c764ac224dfa7a5c8205dada12006a56d15a6377b6fcd65b6e17be8759459ae847d9d7cadf335d4b477541db19883a4d4a7e2dae8f9f8504f4e36cc3417e00", 'keccak512 (OO/3)'); + + +is( keccak512_file('t/data/binary-test.file'), pack("H*","369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8"), 'keccak512 (raw/file/1)'); +is( keccak512_file_hex('t/data/binary-test.file'), "369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8", 'keccak512 (hex/file/1)'); +is( keccak512_file_b64('t/data/binary-test.file'), "Npt3nzT16yjLwE9WJOZIl6Y9xeVlLpQU+yTiUvkdTWQ1jR2DfDQ8XzOPav2IjwzMR3DKbDSoHgwPKINrfkBH+A==", 'keccak512 (base64/file/1)'); +is( digest_file('Keccak512', 't/data/binary-test.file'), pack("H*","369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8"), 'keccak512 (digest_file_raw/file/1)'); +is( digest_file_hex('Keccak512', 't/data/binary-test.file'), "369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8", 'keccak512 (digest_file_hex/file/1)'); +is( digest_file_b64('Keccak512', 't/data/binary-test.file'), "Npt3nzT16yjLwE9WJOZIl6Y9xeVlLpQU+yTiUvkdTWQ1jR2DfDQ8XzOPav2IjwzMR3DKbDSoHgwPKINrfkBH+A==", 'keccak512 (digest_file_b64/file/1)'); +is( digest_file_b64u('Keccak512', 't/data/binary-test.file'), "Npt3nzT16yjLwE9WJOZIl6Y9xeVlLpQU-yTiUvkdTWQ1jR2DfDQ8XzOPav2IjwzMR3DKbDSoHgwPKINrfkBH-A", 'keccak512 (digest_file_b64u/file/1)'); +is( Crypt::Digest::Keccak512->new->addfile('t/data/binary-test.file')->hexdigest, "369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8", 'keccak512 (OO/file/1)'); +{ + open(my $fh, '<', 't/data/binary-test.file'); + binmode($fh); + is( Crypt::Digest::Keccak512->new->addfile($fh)->hexdigest, "369b779f34f5eb28cbc04f5624e64897a63dc5e5652e9414fb24e252f91d4d64358d1d837c343c5f338f6afd888f0ccc4770ca6c34a81e0c0f28836b7e4047f8", 'keccak512 (OO/filehandle/1)'); + close($fh); +} + +is( keccak512_file('t/data/text-CR.file'), pack("H*","6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793"), 'keccak512 (raw/file/2)'); +is( keccak512_file_hex('t/data/text-CR.file'), "6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793", 'keccak512 (hex/file/2)'); +is( keccak512_file_b64('t/data/text-CR.file'), "bsa1r5uKNatJkQAChvhbLiU/4A9ZBK1LmZhZxhxQscjyMFD2rZf4e+vY4Oa4J3iWtRI74qP5YetZR1mVLEm3kw==", 'keccak512 (base64/file/2)'); +is( digest_file('Keccak512', 't/data/text-CR.file'), pack("H*","6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793"), 'keccak512 (digest_file_raw/file/2)'); +is( digest_file_hex('Keccak512', 't/data/text-CR.file'), "6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793", 'keccak512 (digest_file_hex/file/2)'); +is( digest_file_b64('Keccak512', 't/data/text-CR.file'), "bsa1r5uKNatJkQAChvhbLiU/4A9ZBK1LmZhZxhxQscjyMFD2rZf4e+vY4Oa4J3iWtRI74qP5YetZR1mVLEm3kw==", 'keccak512 (digest_file_b64/file/2)'); +is( digest_file_b64u('Keccak512', 't/data/text-CR.file'), "bsa1r5uKNatJkQAChvhbLiU_4A9ZBK1LmZhZxhxQscjyMFD2rZf4e-vY4Oa4J3iWtRI74qP5YetZR1mVLEm3kw", 'keccak512 (digest_file_b64u/file/2)'); +is( Crypt::Digest::Keccak512->new->addfile('t/data/text-CR.file')->hexdigest, "6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793", 'keccak512 (OO/file/2)'); +{ + open(my $fh, '<', 't/data/text-CR.file'); + binmode($fh); + is( Crypt::Digest::Keccak512->new->addfile($fh)->hexdigest, "6ec6b5af9b8a35ab4991000286f85b2e253fe00f5904ad4b999859c61c50b1c8f23050f6ad97f87bebd8e0e6b8277896b5123be2a3f961eb594759952c49b793", 'keccak512 (OO/filehandle/2)'); + close($fh); +} + +is( keccak512_file('t/data/text-CRLF.file'), pack("H*","f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf"), 'keccak512 (raw/file/3)'); +is( keccak512_file_hex('t/data/text-CRLF.file'), "f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf", 'keccak512 (hex/file/3)'); +is( keccak512_file_b64('t/data/text-CRLF.file'), "9oYHpqDJhFeAui45xBdI/1cYjZPdm4FAVz8KNVjdT3eo4sg0ipNuQ2APK7L98qc7uicET7UbbBF4f0U75Af7rw==", 'keccak512 (base64/file/3)'); +is( digest_file('Keccak512', 't/data/text-CRLF.file'), pack("H*","f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf"), 'keccak512 (digest_file_raw/file/3)'); +is( digest_file_hex('Keccak512', 't/data/text-CRLF.file'), "f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf", 'keccak512 (digest_file_hex/file/3)'); +is( digest_file_b64('Keccak512', 't/data/text-CRLF.file'), "9oYHpqDJhFeAui45xBdI/1cYjZPdm4FAVz8KNVjdT3eo4sg0ipNuQ2APK7L98qc7uicET7UbbBF4f0U75Af7rw==", 'keccak512 (digest_file_b64/file/3)'); +is( digest_file_b64u('Keccak512', 't/data/text-CRLF.file'), "9oYHpqDJhFeAui45xBdI_1cYjZPdm4FAVz8KNVjdT3eo4sg0ipNuQ2APK7L98qc7uicET7UbbBF4f0U75Af7rw", 'keccak512 (digest_file_b64u/file/3)'); +is( Crypt::Digest::Keccak512->new->addfile('t/data/text-CRLF.file')->hexdigest, "f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf", 'keccak512 (OO/file/3)'); +{ + open(my $fh, '<', 't/data/text-CRLF.file'); + binmode($fh); + is( Crypt::Digest::Keccak512->new->addfile($fh)->hexdigest, "f68607a6a0c9845780ba2e39c41748ff57188d93dd9b8140573f0a3558dd4f77a8e2c8348a936e43600f2bb2fdf2a73bba27044fb51b6c11787f453be407fbaf", 'keccak512 (OO/filehandle/3)'); + close($fh); +} + +is( keccak512_file('t/data/text-LF.file'), pack("H*","241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446"), 'keccak512 (raw/file/4)'); +is( keccak512_file_hex('t/data/text-LF.file'), "241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446", 'keccak512 (hex/file/4)'); +is( keccak512_file_b64('t/data/text-LF.file'), "JB6sQnTNdsYmP6Z5EdP3aK+3kcKA8Dx1f1wtBn6wIOUsSsk04nEs01C/y+ARFOCCTexyFA8DVbYV8SayDFfERg==", 'keccak512 (base64/file/4)'); +is( digest_file('Keccak512', 't/data/text-LF.file'), pack("H*","241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446"), 'keccak512 (digest_file_raw/file/4)'); +is( digest_file_hex('Keccak512', 't/data/text-LF.file'), "241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446", 'keccak512 (digest_file_hex/file/4)'); +is( digest_file_b64('Keccak512', 't/data/text-LF.file'), "JB6sQnTNdsYmP6Z5EdP3aK+3kcKA8Dx1f1wtBn6wIOUsSsk04nEs01C/y+ARFOCCTexyFA8DVbYV8SayDFfERg==", 'keccak512 (digest_file_b64/file/4)'); +is( digest_file_b64u('Keccak512', 't/data/text-LF.file'), "JB6sQnTNdsYmP6Z5EdP3aK-3kcKA8Dx1f1wtBn6wIOUsSsk04nEs01C_y-ARFOCCTexyFA8DVbYV8SayDFfERg", 'keccak512 (digest_file_b64u/file/4)'); +is( Crypt::Digest::Keccak512->new->addfile('t/data/text-LF.file')->hexdigest, "241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446", 'keccak512 (OO/file/4)'); +{ + open(my $fh, '<', 't/data/text-LF.file'); + binmode($fh); + is( Crypt::Digest::Keccak512->new->addfile($fh)->hexdigest, "241eac4274cd76c6263fa67911d3f768afb791c280f03c757f5c2d067eb020e52c4ac934e2712cd350bfcbe01114e0824dec72140f0355b615f126b20c57c446", 'keccak512 (OO/filehandle/4)'); + close($fh); +} diff --git a/t/digest_md2.t b/t/digest_md2.t index 312011d..58b5686 100644 --- a/t/digest_md2.t +++ b/t/digest_md2.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::MD2 qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::MD2->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('MD2')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::MD2->new->hashsize, 16, 'hashsize/6'); +is( md2("A","A","A"), pack("H*","8788c1729761fdad983b830f04b19e86"), 'md2 (raw/tripple_A)'); +is( md2_hex("A","A","A"), "8788c1729761fdad983b830f04b19e86", 'md2 (hex/tripple_A)'); +is( md2_b64("A","A","A"), "h4jBcpdh/a2YO4MPBLGehg==", 'md2 (base64/tripple_A)'); +is( md2_b64u("A","A","A"), "h4jBcpdh_a2YO4MPBLGehg", 'md2 (base64url/tripple_A)'); +is( digest_data('MD2', "A","A","A"), pack("H*","8788c1729761fdad983b830f04b19e86"), 'md2 (digest_data_raw/tripple_A)'); +is( digest_data_hex('MD2', "A","A","A"), "8788c1729761fdad983b830f04b19e86", 'md2 (digest_data_hex/tripple_A)'); +is( digest_data_b64('MD2', "A","A","A"), "h4jBcpdh/a2YO4MPBLGehg==", 'md2 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('MD2', "A","A","A"), "h4jBcpdh_a2YO4MPBLGehg", 'md2 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::MD2->new->add("A","A","A")->hexdigest, "8788c1729761fdad983b830f04b19e86", 'md2 (OO/tripple_A)'); +is( Crypt::Digest::MD2->new->add("A")->add("A")->add("A")->hexdigest, "8788c1729761fdad983b830f04b19e86", 'md2 (OO3/tripple_A)'); + is( md2(""), pack("H*","8350e5a3e24c153df2275c9f80692773"), 'md2 (raw/1)'); is( md2_hex(""), "8350e5a3e24c153df2275c9f80692773", 'md2 (hex/1)'); diff --git a/t/digest_md4.t b/t/digest_md4.t index b83d061..f20f9aa 100644 --- a/t/digest_md4.t +++ b/t/digest_md4.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::MD4 qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::MD4->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('MD4')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::MD4->new->hashsize, 16, 'hashsize/6'); +is( md4("A","A","A"), pack("H*","17c3b38c112ac61c1f0d46555f379f14"), 'md4 (raw/tripple_A)'); +is( md4_hex("A","A","A"), "17c3b38c112ac61c1f0d46555f379f14", 'md4 (hex/tripple_A)'); +is( md4_b64("A","A","A"), "F8OzjBEqxhwfDUZVXzefFA==", 'md4 (base64/tripple_A)'); +is( md4_b64u("A","A","A"), "F8OzjBEqxhwfDUZVXzefFA", 'md4 (base64url/tripple_A)'); +is( digest_data('MD4', "A","A","A"), pack("H*","17c3b38c112ac61c1f0d46555f379f14"), 'md4 (digest_data_raw/tripple_A)'); +is( digest_data_hex('MD4', "A","A","A"), "17c3b38c112ac61c1f0d46555f379f14", 'md4 (digest_data_hex/tripple_A)'); +is( digest_data_b64('MD4', "A","A","A"), "F8OzjBEqxhwfDUZVXzefFA==", 'md4 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('MD4', "A","A","A"), "F8OzjBEqxhwfDUZVXzefFA", 'md4 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::MD4->new->add("A","A","A")->hexdigest, "17c3b38c112ac61c1f0d46555f379f14", 'md4 (OO/tripple_A)'); +is( Crypt::Digest::MD4->new->add("A")->add("A")->add("A")->hexdigest, "17c3b38c112ac61c1f0d46555f379f14", 'md4 (OO3/tripple_A)'); + is( md4(""), pack("H*","31d6cfe0d16ae931b73c59d7e0c089c0"), 'md4 (raw/1)'); is( md4_hex(""), "31d6cfe0d16ae931b73c59d7e0c089c0", 'md4 (hex/1)'); diff --git a/t/digest_md5.t b/t/digest_md5.t index c4b2240..2f617b1 100644 --- a/t/digest_md5.t +++ b/t/digest_md5.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::MD5 qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::MD5->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('MD5')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::MD5->new->hashsize, 16, 'hashsize/6'); +is( md5("A","A","A"), pack("H*","e1faffb3e614e6c2fba74296962386b7"), 'md5 (raw/tripple_A)'); +is( md5_hex("A","A","A"), "e1faffb3e614e6c2fba74296962386b7", 'md5 (hex/tripple_A)'); +is( md5_b64("A","A","A"), "4fr/s+YU5sL7p0KWliOGtw==", 'md5 (base64/tripple_A)'); +is( md5_b64u("A","A","A"), "4fr_s-YU5sL7p0KWliOGtw", 'md5 (base64url/tripple_A)'); +is( digest_data('MD5', "A","A","A"), pack("H*","e1faffb3e614e6c2fba74296962386b7"), 'md5 (digest_data_raw/tripple_A)'); +is( digest_data_hex('MD5', "A","A","A"), "e1faffb3e614e6c2fba74296962386b7", 'md5 (digest_data_hex/tripple_A)'); +is( digest_data_b64('MD5', "A","A","A"), "4fr/s+YU5sL7p0KWliOGtw==", 'md5 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('MD5', "A","A","A"), "4fr_s-YU5sL7p0KWliOGtw", 'md5 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::MD5->new->add("A","A","A")->hexdigest, "e1faffb3e614e6c2fba74296962386b7", 'md5 (OO/tripple_A)'); +is( Crypt::Digest::MD5->new->add("A")->add("A")->add("A")->hexdigest, "e1faffb3e614e6c2fba74296962386b7", 'md5 (OO3/tripple_A)'); + is( md5(""), pack("H*","d41d8cd98f00b204e9800998ecf8427e"), 'md5 (raw/1)'); is( md5_hex(""), "d41d8cd98f00b204e9800998ecf8427e", 'md5 (hex/1)'); diff --git a/t/digest_ripemd128.t b/t/digest_ripemd128.t index e655aa2..d91faf1 100644 --- a/t/digest_ripemd128.t +++ b/t/digest_ripemd128.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::RIPEMD128 qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::RIPEMD128->hashsize, 16, 'hashsize/4'); is( Crypt::Digest->new('RIPEMD128')->hashsize, 16, 'hashsize/5'); is( Crypt::Digest::RIPEMD128->new->hashsize, 16, 'hashsize/6'); +is( ripemd128("A","A","A"), pack("H*","c2750c6ca0c35d367de2993c3f55e1df"), 'ripemd128 (raw/tripple_A)'); +is( ripemd128_hex("A","A","A"), "c2750c6ca0c35d367de2993c3f55e1df", 'ripemd128 (hex/tripple_A)'); +is( ripemd128_b64("A","A","A"), "wnUMbKDDXTZ94pk8P1Xh3w==", 'ripemd128 (base64/tripple_A)'); +is( ripemd128_b64u("A","A","A"), "wnUMbKDDXTZ94pk8P1Xh3w", 'ripemd128 (base64url/tripple_A)'); +is( digest_data('RIPEMD128', "A","A","A"), pack("H*","c2750c6ca0c35d367de2993c3f55e1df"), 'ripemd128 (digest_data_raw/tripple_A)'); +is( digest_data_hex('RIPEMD128', "A","A","A"), "c2750c6ca0c35d367de2993c3f55e1df", 'ripemd128 (digest_data_hex/tripple_A)'); +is( digest_data_b64('RIPEMD128', "A","A","A"), "wnUMbKDDXTZ94pk8P1Xh3w==", 'ripemd128 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('RIPEMD128', "A","A","A"), "wnUMbKDDXTZ94pk8P1Xh3w", 'ripemd128 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::RIPEMD128->new->add("A","A","A")->hexdigest, "c2750c6ca0c35d367de2993c3f55e1df", 'ripemd128 (OO/tripple_A)'); +is( Crypt::Digest::RIPEMD128->new->add("A")->add("A")->add("A")->hexdigest, "c2750c6ca0c35d367de2993c3f55e1df", 'ripemd128 (OO3/tripple_A)'); + is( ripemd128(""), pack("H*","cdf26213a150dc3ecb610f18f6b38b46"), 'ripemd128 (raw/1)'); is( ripemd128_hex(""), "cdf26213a150dc3ecb610f18f6b38b46", 'ripemd128 (hex/1)'); diff --git a/t/digest_ripemd160.t b/t/digest_ripemd160.t index f290f9e..c9e064c 100644 --- a/t/digest_ripemd160.t +++ b/t/digest_ripemd160.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::RIPEMD160 qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::RIPEMD160->hashsize, 20, 'hashsize/4'); is( Crypt::Digest->new('RIPEMD160')->hashsize, 20, 'hashsize/5'); is( Crypt::Digest::RIPEMD160->new->hashsize, 20, 'hashsize/6'); +is( ripemd160("A","A","A"), pack("H*","e4e130acc1d2a5a63c17efb1eedbd02be28443d1"), 'ripemd160 (raw/tripple_A)'); +is( ripemd160_hex("A","A","A"), "e4e130acc1d2a5a63c17efb1eedbd02be28443d1", 'ripemd160 (hex/tripple_A)'); +is( ripemd160_b64("A","A","A"), "5OEwrMHSpaY8F++x7tvQK+KEQ9E=", 'ripemd160 (base64/tripple_A)'); +is( ripemd160_b64u("A","A","A"), "5OEwrMHSpaY8F--x7tvQK-KEQ9E", 'ripemd160 (base64url/tripple_A)'); +is( digest_data('RIPEMD160', "A","A","A"), pack("H*","e4e130acc1d2a5a63c17efb1eedbd02be28443d1"), 'ripemd160 (digest_data_raw/tripple_A)'); +is( digest_data_hex('RIPEMD160', "A","A","A"), "e4e130acc1d2a5a63c17efb1eedbd02be28443d1", 'ripemd160 (digest_data_hex/tripple_A)'); +is( digest_data_b64('RIPEMD160', "A","A","A"), "5OEwrMHSpaY8F++x7tvQK+KEQ9E=", 'ripemd160 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('RIPEMD160', "A","A","A"), "5OEwrMHSpaY8F--x7tvQK-KEQ9E", 'ripemd160 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::RIPEMD160->new->add("A","A","A")->hexdigest, "e4e130acc1d2a5a63c17efb1eedbd02be28443d1", 'ripemd160 (OO/tripple_A)'); +is( Crypt::Digest::RIPEMD160->new->add("A")->add("A")->add("A")->hexdigest, "e4e130acc1d2a5a63c17efb1eedbd02be28443d1", 'ripemd160 (OO3/tripple_A)'); + is( ripemd160(""), pack("H*","9c1185a5c5e9fc54612808977ee8f548b2258d31"), 'ripemd160 (raw/1)'); is( ripemd160_hex(""), "9c1185a5c5e9fc54612808977ee8f548b2258d31", 'ripemd160 (hex/1)'); diff --git a/t/digest_ripemd256.t b/t/digest_ripemd256.t index 6b13664..d9809bf 100644 --- a/t/digest_ripemd256.t +++ b/t/digest_ripemd256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::RIPEMD256 qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::RIPEMD256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('RIPEMD256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::RIPEMD256->new->hashsize, 32, 'hashsize/6'); +is( ripemd256("A","A","A"), pack("H*","0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82"), 'ripemd256 (raw/tripple_A)'); +is( ripemd256_hex("A","A","A"), "0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82", 'ripemd256 (hex/tripple_A)'); +is( ripemd256_b64("A","A","A"), "DJdlgmMUNdT7xCR1gQWgWmIq4ncm85V3SFjX6isvXYI=", 'ripemd256 (base64/tripple_A)'); +is( ripemd256_b64u("A","A","A"), "DJdlgmMUNdT7xCR1gQWgWmIq4ncm85V3SFjX6isvXYI", 'ripemd256 (base64url/tripple_A)'); +is( digest_data('RIPEMD256', "A","A","A"), pack("H*","0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82"), 'ripemd256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('RIPEMD256', "A","A","A"), "0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82", 'ripemd256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('RIPEMD256', "A","A","A"), "DJdlgmMUNdT7xCR1gQWgWmIq4ncm85V3SFjX6isvXYI=", 'ripemd256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('RIPEMD256', "A","A","A"), "DJdlgmMUNdT7xCR1gQWgWmIq4ncm85V3SFjX6isvXYI", 'ripemd256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::RIPEMD256->new->add("A","A","A")->hexdigest, "0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82", 'ripemd256 (OO/tripple_A)'); +is( Crypt::Digest::RIPEMD256->new->add("A")->add("A")->add("A")->hexdigest, "0c976582631435d4fbc424758105a05a622ae27726f395774858d7ea2b2f5d82", 'ripemd256 (OO3/tripple_A)'); + is( ripemd256(""), pack("H*","02ba4c4e5f8ecd1877fc52d64d30e37a2d9774fb1e5d026380ae0168e3c5522d"), 'ripemd256 (raw/1)'); is( ripemd256_hex(""), "02ba4c4e5f8ecd1877fc52d64d30e37a2d9774fb1e5d026380ae0168e3c5522d", 'ripemd256 (hex/1)'); diff --git a/t/digest_ripemd320.t b/t/digest_ripemd320.t index 4dc576d..716a472 100644 --- a/t/digest_ripemd320.t +++ b/t/digest_ripemd320.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::RIPEMD320 qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::RIPEMD320->hashsize, 40, 'hashsize/4'); is( Crypt::Digest->new('RIPEMD320')->hashsize, 40, 'hashsize/5'); is( Crypt::Digest::RIPEMD320->new->hashsize, 40, 'hashsize/6'); +is( ripemd320("A","A","A"), pack("H*","4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60"), 'ripemd320 (raw/tripple_A)'); +is( ripemd320_hex("A","A","A"), "4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60", 'ripemd320 (hex/tripple_A)'); +is( ripemd320_b64("A","A","A"), "TPNLKIfx3RVD+wzpUL8VX7fJPGPWGtxn6FjBCD/VTkp+HasbmzO6YA==", 'ripemd320 (base64/tripple_A)'); +is( ripemd320_b64u("A","A","A"), "TPNLKIfx3RVD-wzpUL8VX7fJPGPWGtxn6FjBCD_VTkp-HasbmzO6YA", 'ripemd320 (base64url/tripple_A)'); +is( digest_data('RIPEMD320', "A","A","A"), pack("H*","4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60"), 'ripemd320 (digest_data_raw/tripple_A)'); +is( digest_data_hex('RIPEMD320', "A","A","A"), "4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60", 'ripemd320 (digest_data_hex/tripple_A)'); +is( digest_data_b64('RIPEMD320', "A","A","A"), "TPNLKIfx3RVD+wzpUL8VX7fJPGPWGtxn6FjBCD/VTkp+HasbmzO6YA==", 'ripemd320 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('RIPEMD320', "A","A","A"), "TPNLKIfx3RVD-wzpUL8VX7fJPGPWGtxn6FjBCD_VTkp-HasbmzO6YA", 'ripemd320 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::RIPEMD320->new->add("A","A","A")->hexdigest, "4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60", 'ripemd320 (OO/tripple_A)'); +is( Crypt::Digest::RIPEMD320->new->add("A")->add("A")->add("A")->hexdigest, "4cf34b2887f1dd1543fb0ce950bf155fb7c93c63d61adc67e858c1083fd54e4a7e1dab1b9b33ba60", 'ripemd320 (OO3/tripple_A)'); + is( ripemd320(""), pack("H*","22d65d5661536cdc75c1fdf5c6de7b41b9f27325ebc61e8557177d705a0ec880151c3a32a00899b8"), 'ripemd320 (raw/1)'); is( ripemd320_hex(""), "22d65d5661536cdc75c1fdf5c6de7b41b9f27325ebc61e8557177d705a0ec880151c3a32a00899b8", 'ripemd320 (hex/1)'); diff --git a/t/digest_sha1.t b/t/digest_sha1.t index c042d09..a77bef7 100644 --- a/t/digest_sha1.t +++ b/t/digest_sha1.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA1 qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA1->hashsize, 20, 'hashsize/4'); is( Crypt::Digest->new('SHA1')->hashsize, 20, 'hashsize/5'); is( Crypt::Digest::SHA1->new->hashsize, 20, 'hashsize/6'); +is( sha1("A","A","A"), pack("H*","606ec6e9bd8a8ff2ad14e5fade3f264471e82251"), 'sha1 (raw/tripple_A)'); +is( sha1_hex("A","A","A"), "606ec6e9bd8a8ff2ad14e5fade3f264471e82251", 'sha1 (hex/tripple_A)'); +is( sha1_b64("A","A","A"), "YG7G6b2Kj/KtFOX63j8mRHHoIlE=", 'sha1 (base64/tripple_A)'); +is( sha1_b64u("A","A","A"), "YG7G6b2Kj_KtFOX63j8mRHHoIlE", 'sha1 (base64url/tripple_A)'); +is( digest_data('SHA1', "A","A","A"), pack("H*","606ec6e9bd8a8ff2ad14e5fade3f264471e82251"), 'sha1 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA1', "A","A","A"), "606ec6e9bd8a8ff2ad14e5fade3f264471e82251", 'sha1 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA1', "A","A","A"), "YG7G6b2Kj/KtFOX63j8mRHHoIlE=", 'sha1 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA1', "A","A","A"), "YG7G6b2Kj_KtFOX63j8mRHHoIlE", 'sha1 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA1->new->add("A","A","A")->hexdigest, "606ec6e9bd8a8ff2ad14e5fade3f264471e82251", 'sha1 (OO/tripple_A)'); +is( Crypt::Digest::SHA1->new->add("A")->add("A")->add("A")->hexdigest, "606ec6e9bd8a8ff2ad14e5fade3f264471e82251", 'sha1 (OO3/tripple_A)'); + is( sha1(""), pack("H*","da39a3ee5e6b4b0d3255bfef95601890afd80709"), 'sha1 (raw/1)'); is( sha1_hex(""), "da39a3ee5e6b4b0d3255bfef95601890afd80709", 'sha1 (hex/1)'); diff --git a/t/digest_sha224.t b/t/digest_sha224.t index 7489768..7d7244b 100644 --- a/t/digest_sha224.t +++ b/t/digest_sha224.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA224 qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA224->hashsize, 28, 'hashsize/4'); is( Crypt::Digest->new('SHA224')->hashsize, 28, 'hashsize/5'); is( Crypt::Digest::SHA224->new->hashsize, 28, 'hashsize/6'); +is( sha224("A","A","A"), pack("H*","808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018"), 'sha224 (raw/tripple_A)'); +is( sha224_hex("A","A","A"), "808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018", 'sha224 (hex/tripple_A)'); +is( sha224_b64("A","A","A"), "gIdRr195NvINHHlQjZjAeeQuwmgC7iOKWkhgGA==", 'sha224 (base64/tripple_A)'); +is( sha224_b64u("A","A","A"), "gIdRr195NvINHHlQjZjAeeQuwmgC7iOKWkhgGA", 'sha224 (base64url/tripple_A)'); +is( digest_data('SHA224', "A","A","A"), pack("H*","808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018"), 'sha224 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA224', "A","A","A"), "808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018", 'sha224 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA224', "A","A","A"), "gIdRr195NvINHHlQjZjAeeQuwmgC7iOKWkhgGA==", 'sha224 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA224', "A","A","A"), "gIdRr195NvINHHlQjZjAeeQuwmgC7iOKWkhgGA", 'sha224 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA224->new->add("A","A","A")->hexdigest, "808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018", 'sha224 (OO/tripple_A)'); +is( Crypt::Digest::SHA224->new->add("A")->add("A")->add("A")->hexdigest, "808751af5f7936f20d1c79508d98c079e42ec26802ee238a5a486018", 'sha224 (OO3/tripple_A)'); + is( sha224(""), pack("H*","d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"), 'sha224 (raw/1)'); is( sha224_hex(""), "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f", 'sha224 (hex/1)'); diff --git a/t/digest_sha256.t b/t/digest_sha256.t index c0f79cc..0f1e2e6 100644 --- a/t/digest_sha256.t +++ b/t/digest_sha256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA256 qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('SHA256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::SHA256->new->hashsize, 32, 'hashsize/6'); +is( sha256("A","A","A"), pack("H*","cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358"), 'sha256 (raw/tripple_A)'); +is( sha256_hex("A","A","A"), "cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358", 'sha256 (hex/tripple_A)'); +is( sha256_b64("A","A","A"), "yxrSEZ2Pr7aVZlEO5xJmH58UuDOFAG75KuxH9SOjg1g=", 'sha256 (base64/tripple_A)'); +is( sha256_b64u("A","A","A"), "yxrSEZ2Pr7aVZlEO5xJmH58UuDOFAG75KuxH9SOjg1g", 'sha256 (base64url/tripple_A)'); +is( digest_data('SHA256', "A","A","A"), pack("H*","cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358"), 'sha256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA256', "A","A","A"), "cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358", 'sha256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA256', "A","A","A"), "yxrSEZ2Pr7aVZlEO5xJmH58UuDOFAG75KuxH9SOjg1g=", 'sha256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA256', "A","A","A"), "yxrSEZ2Pr7aVZlEO5xJmH58UuDOFAG75KuxH9SOjg1g", 'sha256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA256->new->add("A","A","A")->hexdigest, "cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358", 'sha256 (OO/tripple_A)'); +is( Crypt::Digest::SHA256->new->add("A")->add("A")->add("A")->hexdigest, "cb1ad2119d8fafb69566510ee712661f9f14b83385006ef92aec47f523a38358", 'sha256 (OO3/tripple_A)'); + is( sha256(""), pack("H*","e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"), 'sha256 (raw/1)'); is( sha256_hex(""), "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", 'sha256 (hex/1)'); diff --git a/t/digest_sha384.t b/t/digest_sha384.t index 506bb4b..c65defb 100644 --- a/t/digest_sha384.t +++ b/t/digest_sha384.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA384 qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA384->hashsize, 48, 'hashsize/4'); is( Crypt::Digest->new('SHA384')->hashsize, 48, 'hashsize/5'); is( Crypt::Digest::SHA384->new->hashsize, 48, 'hashsize/6'); +is( sha384("A","A","A"), pack("H*","8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe"), 'sha384 (raw/tripple_A)'); +is( sha384_hex("A","A","A"), "8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe", 'sha384 (hex/tripple_A)'); +is( sha384_b64("A","A","A"), "ilt8GbzRcE1SH4a5YY2G3g7Uj6KXEa1NFiMPfSazYRG+r3/v6LO+ehfODhQMoAL+", 'sha384 (base64/tripple_A)'); +is( sha384_b64u("A","A","A"), "ilt8GbzRcE1SH4a5YY2G3g7Uj6KXEa1NFiMPfSazYRG-r3_v6LO-ehfODhQMoAL-", 'sha384 (base64url/tripple_A)'); +is( digest_data('SHA384', "A","A","A"), pack("H*","8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe"), 'sha384 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA384', "A","A","A"), "8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe", 'sha384 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA384', "A","A","A"), "ilt8GbzRcE1SH4a5YY2G3g7Uj6KXEa1NFiMPfSazYRG+r3/v6LO+ehfODhQMoAL+", 'sha384 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA384', "A","A","A"), "ilt8GbzRcE1SH4a5YY2G3g7Uj6KXEa1NFiMPfSazYRG-r3_v6LO-ehfODhQMoAL-", 'sha384 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA384->new->add("A","A","A")->hexdigest, "8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe", 'sha384 (OO/tripple_A)'); +is( Crypt::Digest::SHA384->new->add("A")->add("A")->add("A")->hexdigest, "8a5b7c19bcd1704d521f86b9618d86de0ed48fa29711ad4d16230f7d26b36111beaf7fefe8b3be7a17ce0e140ca002fe", 'sha384 (OO3/tripple_A)'); + is( sha384(""), pack("H*","38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"), 'sha384 (raw/1)'); is( sha384_hex(""), "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b", 'sha384 (hex/1)'); diff --git a/t/digest_sha3_224.t b/t/digest_sha3_224.t index 6e2ecf3..75aebe6 100644 --- a/t/digest_sha3_224.t +++ b/t/digest_sha3_224.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA3_224 qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA3_224->hashsize, 28, 'hashsize/4'); is( Crypt::Digest->new('SHA3_224')->hashsize, 28, 'hashsize/5'); is( Crypt::Digest::SHA3_224->new->hashsize, 28, 'hashsize/6'); +is( sha3_224("A","A","A"), pack("H*","c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b"), 'sha3_224 (raw/tripple_A)'); +is( sha3_224_hex("A","A","A"), "c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b", 'sha3_224 (hex/tripple_A)'); +is( sha3_224_b64("A","A","A"), "wJ1a99mgIcSEBBIY88N4f9QnS2T/0BLtyg/lWw==", 'sha3_224 (base64/tripple_A)'); +is( sha3_224_b64u("A","A","A"), "wJ1a99mgIcSEBBIY88N4f9QnS2T_0BLtyg_lWw", 'sha3_224 (base64url/tripple_A)'); +is( digest_data('SHA3_224', "A","A","A"), pack("H*","c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b"), 'sha3_224 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA3_224', "A","A","A"), "c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b", 'sha3_224 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA3_224', "A","A","A"), "wJ1a99mgIcSEBBIY88N4f9QnS2T/0BLtyg/lWw==", 'sha3_224 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA3_224', "A","A","A"), "wJ1a99mgIcSEBBIY88N4f9QnS2T_0BLtyg_lWw", 'sha3_224 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA3_224->new->add("A","A","A")->hexdigest, "c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b", 'sha3_224 (OO/tripple_A)'); +is( Crypt::Digest::SHA3_224->new->add("A")->add("A")->add("A")->hexdigest, "c09d5af7d9a021c484041218f3c3787fd4274b64ffd012edca0fe55b", 'sha3_224 (OO3/tripple_A)'); + is( sha3_224(""), pack("H*","6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"), 'sha3_224 (raw/1)'); is( sha3_224_hex(""), "6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7", 'sha3_224 (hex/1)'); diff --git a/t/digest_sha3_256.t b/t/digest_sha3_256.t index 6c813bd..bbb25d4 100644 --- a/t/digest_sha3_256.t +++ b/t/digest_sha3_256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA3_256 qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA3_256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('SHA3_256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::SHA3_256->new->hashsize, 32, 'hashsize/6'); +is( sha3_256("A","A","A"), pack("H*","7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa"), 'sha3_256 (raw/tripple_A)'); +is( sha3_256_hex("A","A","A"), "7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa", 'sha3_256 (hex/tripple_A)'); +is( sha3_256_b64("A","A","A"), "fcuCeh9afL6kI+djp90MeCTjUSx/HOSM1XEPYDtPHvo=", 'sha3_256 (base64/tripple_A)'); +is( sha3_256_b64u("A","A","A"), "fcuCeh9afL6kI-djp90MeCTjUSx_HOSM1XEPYDtPHvo", 'sha3_256 (base64url/tripple_A)'); +is( digest_data('SHA3_256', "A","A","A"), pack("H*","7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa"), 'sha3_256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA3_256', "A","A","A"), "7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa", 'sha3_256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA3_256', "A","A","A"), "fcuCeh9afL6kI+djp90MeCTjUSx/HOSM1XEPYDtPHvo=", 'sha3_256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA3_256', "A","A","A"), "fcuCeh9afL6kI-djp90MeCTjUSx_HOSM1XEPYDtPHvo", 'sha3_256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA3_256->new->add("A","A","A")->hexdigest, "7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa", 'sha3_256 (OO/tripple_A)'); +is( Crypt::Digest::SHA3_256->new->add("A")->add("A")->add("A")->hexdigest, "7dcb827a1f5a7cbea423e763a7dd0c7824e3512c7f1ce48cd5710f603b4f1efa", 'sha3_256 (OO3/tripple_A)'); + is( sha3_256(""), pack("H*","a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"), 'sha3_256 (raw/1)'); is( sha3_256_hex(""), "a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a", 'sha3_256 (hex/1)'); diff --git a/t/digest_sha3_384.t b/t/digest_sha3_384.t index dadc964..91784b7 100644 --- a/t/digest_sha3_384.t +++ b/t/digest_sha3_384.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA3_384 qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA3_384->hashsize, 48, 'hashsize/4'); is( Crypt::Digest->new('SHA3_384')->hashsize, 48, 'hashsize/5'); is( Crypt::Digest::SHA3_384->new->hashsize, 48, 'hashsize/6'); +is( sha3_384("A","A","A"), pack("H*","3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4"), 'sha3_384 (raw/tripple_A)'); +is( sha3_384_hex("A","A","A"), "3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4", 'sha3_384 (hex/tripple_A)'); +is( sha3_384_b64("A","A","A"), "NVXtimNLI1+wemkeGTSz6BIoyFm8HBes3rtLq4LNY/BuF8rtWFUztGFbxuP7LgvE", 'sha3_384 (base64/tripple_A)'); +is( sha3_384_b64u("A","A","A"), "NVXtimNLI1-wemkeGTSz6BIoyFm8HBes3rtLq4LNY_BuF8rtWFUztGFbxuP7LgvE", 'sha3_384 (base64url/tripple_A)'); +is( digest_data('SHA3_384', "A","A","A"), pack("H*","3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4"), 'sha3_384 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA3_384', "A","A","A"), "3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4", 'sha3_384 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA3_384', "A","A","A"), "NVXtimNLI1+wemkeGTSz6BIoyFm8HBes3rtLq4LNY/BuF8rtWFUztGFbxuP7LgvE", 'sha3_384 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA3_384', "A","A","A"), "NVXtimNLI1-wemkeGTSz6BIoyFm8HBes3rtLq4LNY_BuF8rtWFUztGFbxuP7LgvE", 'sha3_384 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA3_384->new->add("A","A","A")->hexdigest, "3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4", 'sha3_384 (OO/tripple_A)'); +is( Crypt::Digest::SHA3_384->new->add("A")->add("A")->add("A")->hexdigest, "3555ed8a634b235fb07a691e1934b3e81228c859bc1c17acdebb4bab82cd63f06e17caed585533b4615bc6e3fb2e0bc4", 'sha3_384 (OO3/tripple_A)'); + is( sha3_384(""), pack("H*","0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"), 'sha3_384 (raw/1)'); is( sha3_384_hex(""), "0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004", 'sha3_384 (hex/1)'); diff --git a/t/digest_sha3_512.t b/t/digest_sha3_512.t index f8ab9aa..5dbf5c6 100644 --- a/t/digest_sha3_512.t +++ b/t/digest_sha3_512.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA3_512 qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA3_512->hashsize, 64, 'hashsize/4'); is( Crypt::Digest->new('SHA3_512')->hashsize, 64, 'hashsize/5'); is( Crypt::Digest::SHA3_512->new->hashsize, 64, 'hashsize/6'); +is( sha3_512("A","A","A"), pack("H*","852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857"), 'sha3_512 (raw/tripple_A)'); +is( sha3_512_hex("A","A","A"), "852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857", 'sha3_512 (hex/tripple_A)'); +is( sha3_512_b64("A","A","A"), "hSz0TrjThxXIR5drbeUmVkE211b6mbStWoJf1uO6XYkce0V2sRQQpulR//ozmbFL4dpCItU7WjX/I21lmJnoVw==", 'sha3_512 (base64/tripple_A)'); +is( sha3_512_b64u("A","A","A"), "hSz0TrjThxXIR5drbeUmVkE211b6mbStWoJf1uO6XYkce0V2sRQQpulR__ozmbFL4dpCItU7WjX_I21lmJnoVw", 'sha3_512 (base64url/tripple_A)'); +is( digest_data('SHA3_512', "A","A","A"), pack("H*","852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857"), 'sha3_512 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA3_512', "A","A","A"), "852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857", 'sha3_512 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA3_512', "A","A","A"), "hSz0TrjThxXIR5drbeUmVkE211b6mbStWoJf1uO6XYkce0V2sRQQpulR//ozmbFL4dpCItU7WjX/I21lmJnoVw==", 'sha3_512 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA3_512', "A","A","A"), "hSz0TrjThxXIR5drbeUmVkE211b6mbStWoJf1uO6XYkce0V2sRQQpulR__ozmbFL4dpCItU7WjX_I21lmJnoVw", 'sha3_512 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA3_512->new->add("A","A","A")->hexdigest, "852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857", 'sha3_512 (OO/tripple_A)'); +is( Crypt::Digest::SHA3_512->new->add("A")->add("A")->add("A")->hexdigest, "852cf44eb8d38715c847976b6de526564136d756fa99b4ad5a825fd6e3ba5d891c7b4576b11410a6e951fffa3399b14be1da4222d53b5a35ff236d659899e857", 'sha3_512 (OO3/tripple_A)'); + is( sha3_512(""), pack("H*","a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"), 'sha3_512 (raw/1)'); is( sha3_512_hex(""), "a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26", 'sha3_512 (hex/1)'); diff --git a/t/digest_sha512.t b/t/digest_sha512.t index 15ce8b1..2af4c6b 100644 --- a/t/digest_sha512.t +++ b/t/digest_sha512.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA512 qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA512->hashsize, 64, 'hashsize/4'); is( Crypt::Digest->new('SHA512')->hashsize, 64, 'hashsize/5'); is( Crypt::Digest::SHA512->new->hashsize, 64, 'hashsize/6'); +is( sha512("A","A","A"), pack("H*","8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385"), 'sha512 (raw/tripple_A)'); +is( sha512_hex("A","A","A"), "8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385", 'sha512 (hex/tripple_A)'); +is( sha512_b64("A","A","A"), "jXCNGLVN85YtaW8GmtQtrXditdTTyX7l+i2uBnPtRlRRZMB4uNs9WcS5YCDkMW8Xuz2Rvx9rwIlrvnVBbrjDhQ==", 'sha512 (base64/tripple_A)'); +is( sha512_b64u("A","A","A"), "jXCNGLVN85YtaW8GmtQtrXditdTTyX7l-i2uBnPtRlRRZMB4uNs9WcS5YCDkMW8Xuz2Rvx9rwIlrvnVBbrjDhQ", 'sha512 (base64url/tripple_A)'); +is( digest_data('SHA512', "A","A","A"), pack("H*","8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385"), 'sha512 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA512', "A","A","A"), "8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385", 'sha512 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA512', "A","A","A"), "jXCNGLVN85YtaW8GmtQtrXditdTTyX7l+i2uBnPtRlRRZMB4uNs9WcS5YCDkMW8Xuz2Rvx9rwIlrvnVBbrjDhQ==", 'sha512 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA512', "A","A","A"), "jXCNGLVN85YtaW8GmtQtrXditdTTyX7l-i2uBnPtRlRRZMB4uNs9WcS5YCDkMW8Xuz2Rvx9rwIlrvnVBbrjDhQ", 'sha512 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA512->new->add("A","A","A")->hexdigest, "8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385", 'sha512 (OO/tripple_A)'); +is( Crypt::Digest::SHA512->new->add("A")->add("A")->add("A")->hexdigest, "8d708d18b54df3962d696f069ad42dad7762b5d4d3c97ee5fa2dae0673ed46545164c078b8db3d59c4b96020e4316f17bb3d91bf1f6bc0896bbe75416eb8c385", 'sha512 (OO3/tripple_A)'); + is( sha512(""), pack("H*","cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"), 'sha512 (raw/1)'); is( sha512_hex(""), "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e", 'sha512 (hex/1)'); diff --git a/t/digest_sha512_224.t b/t/digest_sha512_224.t index dc2033d..ad19e43 100644 --- a/t/digest_sha512_224.t +++ b/t/digest_sha512_224.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA512_224 qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA512_224->hashsize, 28, 'hashsize/4'); is( Crypt::Digest->new('SHA512_224')->hashsize, 28, 'hashsize/5'); is( Crypt::Digest::SHA512_224->new->hashsize, 28, 'hashsize/6'); +is( sha512_224("A","A","A"), pack("H*","3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3"), 'sha512_224 (raw/tripple_A)'); +is( sha512_224_hex("A","A","A"), "3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3", 'sha512_224 (hex/tripple_A)'); +is( sha512_224_b64("A","A","A"), "PVoLdC9MYdMVxs6GRXqfowkDiA0wVYxozkcTsw==", 'sha512_224 (base64/tripple_A)'); +is( sha512_224_b64u("A","A","A"), "PVoLdC9MYdMVxs6GRXqfowkDiA0wVYxozkcTsw", 'sha512_224 (base64url/tripple_A)'); +is( digest_data('SHA512_224', "A","A","A"), pack("H*","3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3"), 'sha512_224 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA512_224', "A","A","A"), "3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3", 'sha512_224 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA512_224', "A","A","A"), "PVoLdC9MYdMVxs6GRXqfowkDiA0wVYxozkcTsw==", 'sha512_224 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA512_224', "A","A","A"), "PVoLdC9MYdMVxs6GRXqfowkDiA0wVYxozkcTsw", 'sha512_224 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA512_224->new->add("A","A","A")->hexdigest, "3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3", 'sha512_224 (OO/tripple_A)'); +is( Crypt::Digest::SHA512_224->new->add("A")->add("A")->add("A")->hexdigest, "3d5a0b742f4c61d315c6ce86457a9fa30903880d30558c68ce4713b3", 'sha512_224 (OO3/tripple_A)'); + is( sha512_224(""), pack("H*","6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4"), 'sha512_224 (raw/1)'); is( sha512_224_hex(""), "6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4", 'sha512_224 (hex/1)'); diff --git a/t/digest_sha512_256.t b/t/digest_sha512_256.t index d5412c2..147918c 100644 --- a/t/digest_sha512_256.t +++ b/t/digest_sha512_256.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::SHA512_256 qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::SHA512_256->hashsize, 32, 'hashsize/4'); is( Crypt::Digest->new('SHA512_256')->hashsize, 32, 'hashsize/5'); is( Crypt::Digest::SHA512_256->new->hashsize, 32, 'hashsize/6'); +is( sha512_256("A","A","A"), pack("H*","b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4"), 'sha512_256 (raw/tripple_A)'); +is( sha512_256_hex("A","A","A"), "b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4", 'sha512_256 (hex/tripple_A)'); +is( sha512_256_b64("A","A","A"), "sopilp2LmwIpe6YVxIW+Lf/vkHykGcKklABAJtbEvfQ=", 'sha512_256 (base64/tripple_A)'); +is( sha512_256_b64u("A","A","A"), "sopilp2LmwIpe6YVxIW-Lf_vkHykGcKklABAJtbEvfQ", 'sha512_256 (base64url/tripple_A)'); +is( digest_data('SHA512_256', "A","A","A"), pack("H*","b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4"), 'sha512_256 (digest_data_raw/tripple_A)'); +is( digest_data_hex('SHA512_256', "A","A","A"), "b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4", 'sha512_256 (digest_data_hex/tripple_A)'); +is( digest_data_b64('SHA512_256', "A","A","A"), "sopilp2LmwIpe6YVxIW+Lf/vkHykGcKklABAJtbEvfQ=", 'sha512_256 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('SHA512_256', "A","A","A"), "sopilp2LmwIpe6YVxIW-Lf_vkHykGcKklABAJtbEvfQ", 'sha512_256 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::SHA512_256->new->add("A","A","A")->hexdigest, "b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4", 'sha512_256 (OO/tripple_A)'); +is( Crypt::Digest::SHA512_256->new->add("A")->add("A")->add("A")->hexdigest, "b28a62969d8b9b02297ba615c485be2dffef907ca419c2a494004026d6c4bdf4", 'sha512_256 (OO3/tripple_A)'); + is( sha512_256(""), pack("H*","c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a"), 'sha512_256 (raw/1)'); is( sha512_256_hex(""), "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a", 'sha512_256 (hex/1)'); diff --git a/t/digest_test_vectors_ltc.t b/t/digest_test_vectors_ltc.t index da12c44..1b90f37 100644 --- a/t/digest_test_vectors_ltc.t +++ b/t/digest_test_vectors_ltc.t @@ -23,7 +23,7 @@ my $tv; my $hash; while (my $l = ) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^[\s]*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//; my ($k, $v) = split /:/, $l; diff --git a/t/digest_tiger192.t b/t/digest_tiger192.t index 8f0cf7f..9e14403 100644 --- a/t/digest_tiger192.t +++ b/t/digest_tiger192.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::Tiger192 qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::Tiger192->hashsize, 24, 'hashsize/4'); is( Crypt::Digest->new('Tiger192')->hashsize, 24, 'hashsize/5'); is( Crypt::Digest::Tiger192->new->hashsize, 24, 'hashsize/6'); +is( tiger192("A","A","A"), pack("H*","04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9"), 'tiger192 (raw/tripple_A)'); +is( tiger192_hex("A","A","A"), "04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9", 'tiger192 (hex/tripple_A)'); +is( tiger192_b64("A","A","A"), "BGgiU6zE5gkgFCKtUK1r4sUc8WmLCkHJ", 'tiger192 (base64/tripple_A)'); +is( tiger192_b64u("A","A","A"), "BGgiU6zE5gkgFCKtUK1r4sUc8WmLCkHJ", 'tiger192 (base64url/tripple_A)'); +is( digest_data('Tiger192', "A","A","A"), pack("H*","04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9"), 'tiger192 (digest_data_raw/tripple_A)'); +is( digest_data_hex('Tiger192', "A","A","A"), "04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9", 'tiger192 (digest_data_hex/tripple_A)'); +is( digest_data_b64('Tiger192', "A","A","A"), "BGgiU6zE5gkgFCKtUK1r4sUc8WmLCkHJ", 'tiger192 (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Tiger192', "A","A","A"), "BGgiU6zE5gkgFCKtUK1r4sUc8WmLCkHJ", 'tiger192 (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Tiger192->new->add("A","A","A")->hexdigest, "04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9", 'tiger192 (OO/tripple_A)'); +is( Crypt::Digest::Tiger192->new->add("A")->add("A")->add("A")->hexdigest, "04682253acc4e609201422ad50ad6be2c51cf1698b0a41c9", 'tiger192 (OO3/tripple_A)'); + is( tiger192(""), pack("H*","3293ac630c13f0245f92bbb1766e16167a4e58492dde73f3"), 'tiger192 (raw/1)'); is( tiger192_hex(""), "3293ac630c13f0245f92bbb1766e16167a4e58492dde73f3", 'tiger192 (hex/1)'); diff --git a/t/digest_whirlpool.t b/t/digest_whirlpool.t index 4eb7b6f..16a1a3d 100644 --- a/t/digest_whirlpool.t +++ b/t/digest_whirlpool.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 8*3 + 9*4 + 6; +use Test::More tests => 8*3 + 9*4 + 10 + 6; use Crypt::Digest qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u ); use Crypt::Digest::Whirlpool qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u ); @@ -15,6 +15,17 @@ is( Crypt::Digest::Whirlpool->hashsize, 64, 'hashsize/4'); is( Crypt::Digest->new('Whirlpool')->hashsize, 64, 'hashsize/5'); is( Crypt::Digest::Whirlpool->new->hashsize, 64, 'hashsize/6'); +is( whirlpool("A","A","A"), pack("H*","a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64"), 'whirlpool (raw/tripple_A)'); +is( whirlpool_hex("A","A","A"), "a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64", 'whirlpool (hex/tripple_A)'); +is( whirlpool_b64("A","A","A"), "pN6jjHQ/MY23Fp4orCev8XOUK2e1b5iB2kZL2sSPR8xIHuKXRlV88BPRxUx6dpEsE4CxaCUd9xGCk1Ef2JqaZA==", 'whirlpool (base64/tripple_A)'); +is( whirlpool_b64u("A","A","A"), "pN6jjHQ_MY23Fp4orCev8XOUK2e1b5iB2kZL2sSPR8xIHuKXRlV88BPRxUx6dpEsE4CxaCUd9xGCk1Ef2JqaZA", 'whirlpool (base64url/tripple_A)'); +is( digest_data('Whirlpool', "A","A","A"), pack("H*","a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64"), 'whirlpool (digest_data_raw/tripple_A)'); +is( digest_data_hex('Whirlpool', "A","A","A"), "a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64", 'whirlpool (digest_data_hex/tripple_A)'); +is( digest_data_b64('Whirlpool', "A","A","A"), "pN6jjHQ/MY23Fp4orCev8XOUK2e1b5iB2kZL2sSPR8xIHuKXRlV88BPRxUx6dpEsE4CxaCUd9xGCk1Ef2JqaZA==", 'whirlpool (digest_data_b64/tripple_A)'); +is( digest_data_b64u('Whirlpool', "A","A","A"), "pN6jjHQ_MY23Fp4orCev8XOUK2e1b5iB2kZL2sSPR8xIHuKXRlV88BPRxUx6dpEsE4CxaCUd9xGCk1Ef2JqaZA", 'whirlpool (digest_data_b64u/tripple_A)'); +is( Crypt::Digest::Whirlpool->new->add("A","A","A")->hexdigest, "a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64", 'whirlpool (OO/tripple_A)'); +is( Crypt::Digest::Whirlpool->new->add("A")->add("A")->add("A")->hexdigest, "a4dea38c743f318db7169e28ac27aff173942b67b56f9881da464bdac48f47cc481ee29746557cf013d1c54c7a76912c1380b168251df7118293511fd89a9a64", 'whirlpool (OO3/tripple_A)'); + is( whirlpool(""), pack("H*","19fa61d75522a4669b44e39c1d2e1726c530232130d407f89afee0964997f7a73e83be698b288febcf88e3e03c4f0757ea8964e59b63d93708b138cc42a66eb3"), 'whirlpool (raw/1)'); is( whirlpool_hex(""), "19fa61d75522a4669b44e39c1d2e1726c530232130d407f89afee0964997f7a73e83be698b288febcf88e3e03c4f0757ea8964e59b63d93708b138cc42a66eb3", 'whirlpool (hex/1)'); diff --git a/t/jwk.t b/t/jwk.t index 11e4c36..1438520 100644 --- a/t/jwk.t +++ b/t/jwk.t @@ -147,7 +147,7 @@ my $EC1 = { curve_cofactor => 1, curve_Gx => "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", curve_Gy => "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", - curve_name => "secp256r1", + curve_oid => "1.2.840.10045.3.1.7", curve_order => "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", curve_prime => "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", k => "F3BD0C07A81FB932781ED52752F60CC89A6BE5E51934FE01938DDB55D8F77801", @@ -167,7 +167,7 @@ my $EC2 = { curve_cofactor => 1, curve_Gx => "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", curve_Gy => "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", - curve_name => "secp256r1", + curve_oid => "1.2.840.10045.3.1.7", curve_order => "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", curve_prime => "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", k => "", @@ -183,7 +183,7 @@ my $EC2 = { is($kh->{pub_x}, $EC1->{pub_x}, "EC x test HASH1"); is($kh->{pub_y}, $EC1->{pub_y}, "EC y test HASH1"); is($kh->{k}, $EC1->{k}, "EC k test HASH1"); - is($kh->{curve_name}, "secp256r1", "EC curve test HASH1"); + is($kh->{curve_oid}, "1.2.840.10045.3.1.7", "EC curve test HASH1"); ok($ec->is_private, "EC private test HASH1"); my $jwk = $ec->export_key_jwk('private'); my $jwkp = $ec->export_key_jwk('public'); @@ -205,7 +205,7 @@ my $EC2 = { is($kh->{pub_x}, $EC1->{pub_x}, "EC x test JWK1"); is($kh->{pub_y}, $EC1->{pub_y}, "EC y test JWK1"); is($kh->{k}, $EC1->{k}, "EC k test JWK1"); - is($kh->{curve_name}, "secp256r1", "EC curve test JWK1"); + is($kh->{curve_oid}, "1.2.840.10045.3.1.7", "EC curve test JWK1"); ok($ec->is_private, "EC private test JWK1"); $jwk_tp = $ec->export_key_jwk_thumbprint('SHA256'); is($jwk_tp, $ec1_jwk_thumbprint_sha256, 'export_key_jwk_thumbprint(SHA256)'); @@ -215,7 +215,7 @@ my $EC2 = { is($kh->{pub_x}, $EC1->{pub_x}, "EC x test JWK2"); is($kh->{pub_y}, $EC1->{pub_y}, "EC y test JWK2"); is($kh->{k}, "", "EC k test JWK2"); - is($kh->{curve_name}, "secp256r1", "EC curve test JWK2"); + is($kh->{curve_oid}, "1.2.840.10045.3.1.7", "EC curve test JWK2"); ok(!$ec->is_private, "EC !private test JWK2"); $jwk_tp = $ec->export_key_jwk_thumbprint('SHA256'); is($jwk_tp, $ec1_jwk_thumbprint_sha256, 'export_key_jwk_thumbprint(SHA256)'); @@ -227,7 +227,7 @@ my $EC2 = { is($kh->{pub_x}, $EC1->{pub_x}, "EC x test HASH2"); is($kh->{pub_y}, $EC1->{pub_y}, "EC y test HASH2"); is($kh->{k}, "", "EC k test HASH2"); - is($kh->{curve_name}, "secp256r1", "EC curve test HASH2"); + is($kh->{curve_oid}, "1.2.840.10045.3.1.7", "EC curve test HASH2"); ok(!$ec->is_private, "EC private test HASH2"); } diff --git a/t/key_derivation.t b/t/key_derivation.t index 48a2564..88a96d6 100644 --- a/t/key_derivation.t +++ b/t/key_derivation.t @@ -13,7 +13,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"; my $expected_okm = "3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/1"); @@ -30,7 +30,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"; my $expected_okm = "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/2"); @@ -47,7 +47,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"; my $expected_okm = "8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/3"); @@ -64,7 +64,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"; my $expected_okm = "085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/4"); @@ -81,7 +81,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "8adae09a2a307059478d309b26c4115a224cfaf6"; my $expected_okm = "0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/5"); @@ -98,7 +98,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"; my $expected_okm = "0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/6"); @@ -115,7 +115,7 @@ use Crypt::KeyDerivation qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract); my $expected_prk = "2adccada18779e7c2077ad2eb19d3f3e731385dd"; my $expected_okm = "2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"; - my $prk = hkdf_extract($keying_material, $salt, $hash_name); + my $prk = hkdf_extract($keying_material, $salt, $hash_name); my $okm1 = hkdf_expand($prk, $hash_name, $len, $info); my $okm2 = hkdf($keying_material, $salt, $hash_name, $len, $info); is(unpack("H*", $prk), $expected_prk, "PRK hkdf_extract/7"); diff --git a/t/mac_blake2b.t b/t/mac_blake2b.t index 0e275a9..b04b8ae 100644 --- a/t/mac_blake2b.t +++ b/t/mac_blake2b.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 36; +use Test::More tests => 36 + 8; use Crypt::Mac::BLAKE2b qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u ); @@ -43,3 +43,12 @@ is( unpack('H*', blake2b(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test is( blake2b_hex(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'dc29010f123a4cd59c91da5fc494375962502ca2179021ebca2f6dd41befa8d2', 'BLAKE2b/func+hex/6'); is( blake2b_b64(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), '3CkBDxI6TNWckdpfxJQ3WWJQLKIXkCHryi9t1BvvqNI=', 'BLAKE2b/func+b64/6'); is( blake2b_b64u(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), '3CkBDxI6TNWckdpfxJQ3WWJQLKIXkCHryi9t1BvvqNI', 'BLAKE2b/func+b64u/6'); + +is( unpack('H*', Crypt::Mac::BLAKE2b->new(32, '12345678901234561234567890123456')->add("A","A","A")->mac), '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::BLAKE2b->new(32, '12345678901234561234567890123456')->add("A")->add("A")->add("A")->mac), '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/oo3+raw/tripple_A'); +is( Crypt::Mac::BLAKE2b->new(32, '12345678901234561234567890123456')->add("A","A","A")->hexmac, '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/oo+hex/tripple_A'); +is( Crypt::Mac::BLAKE2b->new(32, '12345678901234561234567890123456')->add("A")->add("A")->add("A")->hexmac, '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/oo3+hex/tripple_A'); +is( unpack('H*', blake2b(32, '12345678901234561234567890123456',"A","A","A")), '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/func+raw/tripple_A'); +is( blake2b_hex (32, '12345678901234561234567890123456',"A","A","A"), '794a20cc22c1f9f278aa1219ded10105cc9cfd264e66a327f32fbc309b2d404f', 'BLAKE2b/func+hex/tripple_A'); +is( blake2b_b64 (32, '12345678901234561234567890123456',"A","A","A"), 'eUogzCLB+fJ4qhIZ3tEBBcyc/SZOZqMn8y+8MJstQE8=', 'BLAKE2b/func+b64/tripple_A'); +is( blake2b_b64u(32, '12345678901234561234567890123456',"A","A","A"), 'eUogzCLB-fJ4qhIZ3tEBBcyc_SZOZqMn8y-8MJstQE8', 'BLAKE2b/func+b64u/tripple_A'); diff --git a/t/mac_blake2s.t b/t/mac_blake2s.t index 5698556..179ea9b 100644 --- a/t/mac_blake2s.t +++ b/t/mac_blake2s.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 36; +use Test::More tests => 36 + 8; use Crypt::Mac::BLAKE2s qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u ); @@ -43,3 +43,12 @@ is( unpack('H*', blake2s(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test is( blake2s_hex(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'a31f0e2ba5e73a3aab7e14503690515662758279075d7b68512709824923e65c', 'BLAKE2s/func+hex/6'); is( blake2s_b64(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'ox8OK6XnOjqrfhRQNpBRVmJ1gnkHXXtoUScJgkkj5lw=', 'BLAKE2s/func+b64/6'); is( blake2s_b64u(32,'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'ox8OK6XnOjqrfhRQNpBRVmJ1gnkHXXtoUScJgkkj5lw', 'BLAKE2s/func+b64u/6'); + +is( unpack('H*', Crypt::Mac::BLAKE2s->new(32, '12345678901234561234567890123456')->add("A","A","A")->mac), '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::BLAKE2s->new(32, '12345678901234561234567890123456')->add("A")->add("A")->add("A")->mac), '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/oo3+raw/tripple_A'); +is( Crypt::Mac::BLAKE2s->new(32, '12345678901234561234567890123456')->add("A","A","A")->hexmac, '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/oo+hex/tripple_A'); +is( Crypt::Mac::BLAKE2s->new(32, '12345678901234561234567890123456')->add("A")->add("A")->add("A")->hexmac, '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/oo3+hex/tripple_A'); +is( unpack('H*', blake2s(32, '12345678901234561234567890123456',"A","A","A")), '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/func+raw/tripple_A'); +is( blake2s_hex (32, '12345678901234561234567890123456',"A","A","A"), '8acd7813fe7251676d1cf2817c09a25840fa9a1df7143536448a5dfdf7365725', 'BLAKE2s/func+hex/tripple_A'); +is( blake2s_b64 (32, '12345678901234561234567890123456',"A","A","A"), 'is14E/5yUWdtHPKBfAmiWED6mh33FDU2RIpd/fc2VyU=', 'BLAKE2s/func+b64/tripple_A'); +is( blake2s_b64u(32, '12345678901234561234567890123456',"A","A","A"), 'is14E_5yUWdtHPKBfAmiWED6mh33FDU2RIpd_fc2VyU', 'BLAKE2s/func+b64u/tripple_A'); diff --git a/t/mac_f9.t b/t/mac_f9.t index 374468c..73011dd 100644 --- a/t/mac_f9.t +++ b/t/mac_f9.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::F9 qw( f9 f9_hex f9_b64 f9_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', f9('Blowfish','12345678901234561234567890123456',"test\0test\0t is( f9_hex('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'fa83d84023c43a81', 'F9/func+hex/12'); is( f9_b64('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), '+oPYQCPEOoE=', 'F9/func+b64/12'); is( f9_b64u('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), '-oPYQCPEOoE', 'F9/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::F9->new('AES', '1234567890123456')->add("A","A","A")->mac), 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::F9->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->mac), 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/oo3+raw/tripple_A'); +is( Crypt::Mac::F9->new('AES', '1234567890123456')->add("A","A","A")->hexmac, 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/oo+hex/tripple_A'); +is( Crypt::Mac::F9->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->hexmac, 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/oo3+hex/tripple_A'); +is( unpack('H*', f9('AES', '1234567890123456',"A","A","A")), 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/func+raw/tripple_A'); +is( f9_hex ('AES', '1234567890123456',"A","A","A"), 'a30e9e0ee8cd9d7401f9a9967e82b5a1', 'F9/func+hex/tripple_A'); +is( f9_b64 ('AES', '1234567890123456',"A","A","A"), 'ow6eDujNnXQB+amWfoK1oQ==', 'F9/func+b64/tripple_A'); +is( f9_b64u('AES', '1234567890123456',"A","A","A"), 'ow6eDujNnXQB-amWfoK1oQ', 'F9/func+b64u/tripple_A'); diff --git a/t/mac_hmac.t b/t/mac_hmac.t index f7b4def..404d1fc 100644 --- a/t/mac_hmac.t +++ b/t/mac_hmac.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::HMAC qw( hmac hmac_hex hmac_b64 hmac_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', hmac('Whirlpool','secretkey',"test\0test\0test\n")), 'dab6a22e0 is( hmac_hex('Whirlpool','secretkey',"test\0test\0test\n"), 'dab6a22e05b46ce641e022e6ea2b42646a25b994ed15fed09145e3906d159efba37b899c344f589b3ad5868cd631a8eb304d21dedf47e364c791ccfa665681f7', 'HMAC/func+hex/12'); is( hmac_b64('Whirlpool','secretkey',"test\0test\0test\n"), '2raiLgW0bOZB4CLm6itCZGoluZTtFf7QkUXjkG0Vnvuje4mcNE9YmzrVhozWMajrME0h3t9H42THkcz6ZlaB9w==', 'HMAC/func+b64/12'); is( hmac_b64u('Whirlpool','secretkey',"test\0test\0test\n"), '2raiLgW0bOZB4CLm6itCZGoluZTtFf7QkUXjkG0Vnvuje4mcNE9YmzrVhozWMajrME0h3t9H42THkcz6ZlaB9w', 'HMAC/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::HMAC->new('SHA1', 'secretkey')->add("A","A","A")->mac), '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::HMAC->new('SHA1', 'secretkey')->add("A")->add("A")->add("A")->mac), '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/oo3+raw/tripple_A'); +is( Crypt::Mac::HMAC->new('SHA1', 'secretkey')->add("A","A","A")->hexmac, '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/oo+hex/tripple_A'); +is( Crypt::Mac::HMAC->new('SHA1', 'secretkey')->add("A")->add("A")->add("A")->hexmac, '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/oo3+hex/tripple_A'); +is( unpack('H*', hmac('SHA1', 'secretkey',"A","A","A")), '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/func+raw/tripple_A'); +is( hmac_hex ('SHA1', 'secretkey',"A","A","A"), '99070fd56a6595bbb458747d63808344fed0b9c1', 'HMAC/func+hex/tripple_A'); +is( hmac_b64 ('SHA1', 'secretkey',"A","A","A"), 'mQcP1Wpllbu0WHR9Y4CDRP7QucE=', 'HMAC/func+b64/tripple_A'); +is( hmac_b64u('SHA1', 'secretkey',"A","A","A"), 'mQcP1Wpllbu0WHR9Y4CDRP7QucE', 'HMAC/func+b64u/tripple_A'); diff --git a/t/mac_hmac_nist.t b/t/mac_hmac_nist.t new file mode 100644 index 0000000..5acb93f --- /dev/null +++ b/t/mac_hmac_nist.t @@ -0,0 +1,206 @@ +use strict; +use warnings; + +use Test::More tests => 36; + +use Crypt::Mac::HMAC 'hmac_hex'; + +# test vectors from https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines/example-values#aMsgAuth + +# https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/HMAC_SHA3-224.pdf +{ + my $input = "Sample message for keylen) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^[\s]*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//; if ($l=~/^HMAC-([^\n\r]+)/) { @@ -42,13 +42,13 @@ my $zeros = '\0' x 255; for my $n (sort keys %$tv) { my $N = $trans->{$n} || die "FATAL: unknown name '$n'"; - my $key = substr($seq, 0, Crypt::Digest->hashsize($N)); + my $key = substr($seq, 0, Crypt::Digest->hashsize($N)); for my $i (0..255) { my $bytes = substr($seq, 0, $i); next unless $tv->{$n}->{$i}; my $result = Crypt::Mac::HMAC->new($N, $key)->add($bytes)->mac; is(unpack('H*', $result), lc($tv->{$n}->{$i}), "$N/$i"); - $bytes = $result; + $bytes = $result; $key = substr($result x 100, 0, Crypt::Digest->hashsize($N)); } } diff --git a/t/mac_omac.t b/t/mac_omac.t index 6f84bc8..ea8ae32 100644 --- a/t/mac_omac.t +++ b/t/mac_omac.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::OMAC qw( omac omac_hex omac_b64 omac_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', omac('Blowfish','12345678901234561234567890123456',"test\0test\ is( omac_hex('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), '40e6d018b49ada77', 'OMAC/func+hex/12'); is( omac_b64('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'QObQGLSa2nc=', 'OMAC/func+b64/12'); is( omac_b64u('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'QObQGLSa2nc', 'OMAC/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::OMAC->new('AES', '1234567890123456')->add("A","A","A")->mac), '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::OMAC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->mac), '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/oo3+raw/tripple_A'); +is( Crypt::Mac::OMAC->new('AES', '1234567890123456')->add("A","A","A")->hexmac, '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/oo+hex/tripple_A'); +is( Crypt::Mac::OMAC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->hexmac, '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/oo3+hex/tripple_A'); +is( unpack('H*', omac('AES', '1234567890123456',"A","A","A")), '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/func+raw/tripple_A'); +is( omac_hex ('AES', '1234567890123456',"A","A","A"), '49b745733f380fb4cdd8ce1ff1e52abc', 'OMAC/func+hex/tripple_A'); +is( omac_b64 ('AES', '1234567890123456',"A","A","A"), 'SbdFcz84D7TN2M4f8eUqvA==', 'OMAC/func+b64/tripple_A'); +is( omac_b64u('AES', '1234567890123456',"A","A","A"), 'SbdFcz84D7TN2M4f8eUqvA', 'OMAC/func+b64u/tripple_A'); diff --git a/t/mac_omac_test_vectors_ltc.t b/t/mac_omac_test_vectors_ltc.t index 8576d8e..92e8833 100644 --- a/t/mac_omac_test_vectors_ltc.t +++ b/t/mac_omac_test_vectors_ltc.t @@ -32,7 +32,7 @@ my $name; my $ks; while (my $l = ) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^[\s]*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//; if ($l=~/^OMAC-([a-z0-9\+\-]+).*?(\d+)/i) { @@ -52,13 +52,13 @@ my $zeros = '\0' x 255; for my $n (sort keys %$tv) { for my $ks (sort keys %{$tv->{$n}}) { my $N = $trans->{$n} || die "FATAL: unknown name '$n'"; - my $key = substr($seq, 0, $ks); + my $key = substr($seq, 0, $ks); for my $i (0..255) { my $bytes = substr($seq, 0, $i); next unless $tv->{$n}->{$ks}->{$i}; my $result = Crypt::Mac::OMAC->new($N, $key)->add($bytes)->mac; is(unpack('H*', $result), lc($tv->{$n}->{$ks}->{$i}), "$N/$i"); - $bytes = $result; + $bytes = $result; $key = substr($result x 100, 0, $ks); } } diff --git a/t/mac_pelican.t b/t/mac_pelican.t index b46815f..1ece329 100644 --- a/t/mac_pelican.t +++ b/t/mac_pelican.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::Pelican qw( pelican pelican_hex pelican_b64 pelican_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', pelican('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n" is( pelican_hex('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), '8a798fcb2181d9f9ed81fcd2a7f6cd4e', 'Pelican/func+hex/12'); is( pelican_b64('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'inmPyyGB2fntgfzSp/bNTg==', 'Pelican/func+b64/12'); is( pelican_b64u('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'inmPyyGB2fntgfzSp_bNTg', 'Pelican/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::Pelican->new('1234567890123456')->add("A","A","A")->mac), '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::Pelican->new('1234567890123456')->add("A")->add("A")->add("A")->mac), '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/oo3+raw/tripple_A'); +is( Crypt::Mac::Pelican->new('1234567890123456')->add("A","A","A")->hexmac, '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/oo+hex/tripple_A'); +is( Crypt::Mac::Pelican->new('1234567890123456')->add("A")->add("A")->add("A")->hexmac, '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/oo3+hex/tripple_A'); +is( unpack('H*', pelican('1234567890123456',"A","A","A")), '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/func+raw/tripple_A'); +is( pelican_hex ('1234567890123456',"A","A","A"), '6f7dda998b3fdfeaa80737e5127532a5', 'Pelican/func+hex/tripple_A'); +is( pelican_b64 ('1234567890123456',"A","A","A"), 'b33amYs/3+qoBzflEnUypQ==', 'Pelican/func+b64/tripple_A'); +is( pelican_b64u('1234567890123456',"A","A","A"), 'b33amYs_3-qoBzflEnUypQ', 'Pelican/func+b64u/tripple_A'); diff --git a/t/mac_pmac.t b/t/mac_pmac.t index 19bec12..6ca6e53 100644 --- a/t/mac_pmac.t +++ b/t/mac_pmac.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::PMAC qw( pmac pmac_hex pmac_b64 pmac_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', pmac('Blowfish','12345678901234561234567890123456',"test\0test\ is( pmac_hex('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), '3797cde072a8e286', 'PMAC/func+hex/12'); is( pmac_b64('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'N5fN4HKo4oY=', 'PMAC/func+b64/12'); is( pmac_b64u('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'N5fN4HKo4oY', 'PMAC/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::PMAC->new('AES', '1234567890123456')->add("A","A","A")->mac), 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::PMAC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->mac), 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/oo3+raw/tripple_A'); +is( Crypt::Mac::PMAC->new('AES', '1234567890123456')->add("A","A","A")->hexmac, 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/oo+hex/tripple_A'); +is( Crypt::Mac::PMAC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->hexmac, 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/oo3+hex/tripple_A'); +is( unpack('H*', pmac('AES', '1234567890123456',"A","A","A")), 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/func+raw/tripple_A'); +is( pmac_hex ('AES', '1234567890123456',"A","A","A"), 'c46c52ff026e4e24837bc51a7e21f8cb', 'PMAC/func+hex/tripple_A'); +is( pmac_b64 ('AES', '1234567890123456',"A","A","A"), 'xGxS/wJuTiSDe8UafiH4yw==', 'PMAC/func+b64/tripple_A'); +is( pmac_b64u('AES', '1234567890123456',"A","A","A"), 'xGxS_wJuTiSDe8UafiH4yw', 'PMAC/func+b64u/tripple_A'); diff --git a/t/mac_pmac_test_vectors_ltc.t b/t/mac_pmac_test_vectors_ltc.t index c892a93..4b8d225 100644 --- a/t/mac_pmac_test_vectors_ltc.t +++ b/t/mac_pmac_test_vectors_ltc.t @@ -32,7 +32,7 @@ my $name; my $ks; while (my $l = ) { - $l =~ s/[\r\n]*$//; + $l =~ s/[\r\n]*$//; $l =~ s/^[\s]*([^\s\r\n]+).*?/$1/; $l =~ s/\s+//; if ($l=~/^PMAC-([a-z0-9\+\-]+).*?(\d+)/i) { @@ -52,13 +52,13 @@ my $zeros = '\0' x 255; for my $n (sort keys %$tv) { for my $ks (sort keys %{$tv->{$n}}) { my $N = $trans->{$n} || die "FATAL: unknown name '$n'"; - my $key = substr($seq, 0, $ks); + my $key = substr($seq, 0, $ks); for my $i (0..255) { my $bytes = substr($seq, 0, $i); next unless $tv->{$n}->{$ks}->{$i}; my $result = Crypt::Mac::PMAC->new($N, $key)->add($bytes)->mac; is(unpack('H*', $result), lc($tv->{$n}->{$ks}->{$i}), "$N/$i"); - $bytes = $result; + $bytes = $result; $key = substr($result x 100, 0, $ks); } } diff --git a/t/mac_poly1305.t b/t/mac_poly1305.t index ed29f56..2f0036f 100644 --- a/t/mac_poly1305.t +++ b/t/mac_poly1305.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 36; +use Test::More tests => 36 + 8; use Crypt::Mac::Poly1305 qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u ); @@ -43,3 +43,12 @@ is( unpack('H*', poly1305('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n is( poly1305_hex('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), '4c02cea60201d83ae4b2d644789422e5', 'Poly1305/func+hex/6'); is( poly1305_b64('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'TALOpgIB2DrkstZEeJQi5Q==', 'Poly1305/func+b64/6'); is( poly1305_b64u('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',"test\0test\0test\n"), 'TALOpgIB2DrkstZEeJQi5Q', 'Poly1305/func+b64u/6'); + +is( unpack('H*', Crypt::Mac::Poly1305->new('12345678901234561234567890123456')->add("A","A","A")->mac), '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::Poly1305->new('12345678901234561234567890123456')->add("A")->add("A")->add("A")->mac), '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/oo3+raw/tripple_A'); +is( Crypt::Mac::Poly1305->new('12345678901234561234567890123456')->add("A","A","A")->hexmac, '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/oo+hex/tripple_A'); +is( Crypt::Mac::Poly1305->new('12345678901234561234567890123456')->add("A")->add("A")->add("A")->hexmac, '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/oo3+hex/tripple_A'); +is( unpack('H*', poly1305('12345678901234561234567890123456',"A","A","A")), '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/func+raw/tripple_A'); +is( poly1305_hex ('12345678901234561234567890123456',"A","A","A"), '7c1e6c34ad72384ac4f52eb49f642abc', 'Poly1305/func+hex/tripple_A'); +is( poly1305_b64 ('12345678901234561234567890123456',"A","A","A"), 'fB5sNK1yOErE9S60n2QqvA==', 'Poly1305/func+b64/tripple_A'); +is( poly1305_b64u('12345678901234561234567890123456',"A","A","A"), 'fB5sNK1yOErE9S60n2QqvA', 'Poly1305/func+b64u/tripple_A'); diff --git a/t/mac_xcbc.t b/t/mac_xcbc.t index 50686c4..b756356 100644 --- a/t/mac_xcbc.t +++ b/t/mac_xcbc.t @@ -3,7 +3,7 @@ use strict; use warnings; -use Test::More tests => 72; +use Test::More tests => 72 + 8; use Crypt::Mac::XCBC qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u ); @@ -79,3 +79,12 @@ is( unpack('H*', xcbc('Blowfish','12345678901234561234567890123456',"test\0test\ is( xcbc_hex('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), '98276a4a6aafd86b', 'XCBC/func+hex/12'); is( xcbc_b64('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'mCdqSmqv2Gs=', 'XCBC/func+b64/12'); is( xcbc_b64u('Blowfish','12345678901234561234567890123456',"test\0test\0test\n"), 'mCdqSmqv2Gs', 'XCBC/func+b64u/12'); + +is( unpack('H*', Crypt::Mac::XCBC->new('AES', '1234567890123456')->add("A","A","A")->mac), 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/oo+raw/tripple_A'); +is( unpack('H*', Crypt::Mac::XCBC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->mac), 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/oo3+raw/tripple_A'); +is( Crypt::Mac::XCBC->new('AES', '1234567890123456')->add("A","A","A")->hexmac, 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/oo+hex/tripple_A'); +is( Crypt::Mac::XCBC->new('AES', '1234567890123456')->add("A")->add("A")->add("A")->hexmac, 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/oo3+hex/tripple_A'); +is( unpack('H*', xcbc('AES', '1234567890123456',"A","A","A")), 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/func+raw/tripple_A'); +is( xcbc_hex ('AES', '1234567890123456',"A","A","A"), 'da243c0a133fc33cd1f96b872c0bec9b', 'XCBC/func+hex/tripple_A'); +is( xcbc_b64 ('AES', '1234567890123456',"A","A","A"), '2iQ8ChM/wzzR+WuHLAvsmw==', 'XCBC/func+b64/tripple_A'); +is( xcbc_b64u('AES', '1234567890123456',"A","A","A"), '2iQ8ChM_wzzR-WuHLAvsmw', 'XCBC/func+b64u/tripple_A'); diff --git a/t/mbi_ltm_01load.t b/t/mbi_ltm_01load.t index f4fccb4..c974521 100644 --- a/t/mbi_ltm_01load.t +++ b/t/mbi_ltm_01load.t @@ -10,4 +10,4 @@ BEGIN { use_ok('Math::BigInt'); # Math::BigInt is required for the tests }; -diag "Math::BigInt VERSION=$Math::BigInt::VERSION\n"; \ No newline at end of file +diag "Math::BigInt VERSION=$Math::BigInt::VERSION\n"; diff --git a/t/mbi_ltm_bigfltpm.t b/t/mbi_ltm_bigfltpm.t index f63c98c..3540868 100644 --- a/t/mbi_ltm_bigfltpm.t +++ b/t/mbi_ltm_bigfltpm.t @@ -38,4 +38,4 @@ SKIP: { is(ref($e->{_e}->[0]), '', '$e->{_e}->[0] is a scalar'); } -require './t/mbi_ltm/bigfltpm.inc'; # all tests here for sharing +require './t/mbi_ltm/bigfltpm.inc'; # all tests here for sharing diff --git a/t/mbi_ltm_biglog.t b/t/mbi_ltm_biglog.t index f4ea0ab..34ea355 100644 --- a/t/mbi_ltm_biglog.t +++ b/t/mbi_ltm_biglog.t @@ -110,11 +110,11 @@ is ($cl->new('10')->blog(10,10), '1.000000000'); is ($cl->new('20')->blog(20,10), '1.000000000'); is ($cl->new('100')->blog(100,10), '1.000000000'); -is ($cl->new('100')->blog(10,10), '2.000000000'); # 10 ** 2 == 100 -is ($cl->new('400')->blog(20,10), '2.000000000'); # 20 ** 2 == 400 +is ($cl->new('100')->blog(10,10), '2.000000000'); # 10 ** 2 == 100 +is ($cl->new('400')->blog(20,10), '2.000000000'); # 20 ** 2 == 400 -is ($cl->new('4')->blog(2,10), '2.000000000'); # 2 ** 2 == 4 -is ($cl->new('16')->blog(2,10), '4.000000000'); # 2 ** 4 == 16 +is ($cl->new('4')->blog(2,10), '2.000000000'); # 2 ** 2 == 4 +is ($cl->new('16')->blog(2,10), '4.000000000'); # 2 ** 4 == 16 is ($cl->new('1.2')->bpow('0.3',10), '1.056219968'); is ($cl->new('10')->bpow('0.6',10), '3.981071706'); @@ -165,19 +165,19 @@ test_bpow ('0.2','0.41',10, '0.5169187652'); # test bexp() with cached results is ($cl->new(1)->bexp(), '2.718281828459045235360287471352662497757', 'bexp(1)'); -is ($cl->new(2)->bexp(40), $cl->new(1)->bexp(45)->bpow(2,40), 'bexp(2)'); +is ($cl->new(2)->bexp(40), $cl->new(1)->bexp(45)->bpow(2,40), 'bexp(2)'); -is ($cl->new("12.5")->bexp(61), $cl->new(1)->bexp(65)->bpow(12.5,61), 'bexp(12.5)'); +is ($cl->new("12.5")->bexp(61), $cl->new(1)->bexp(65)->bpow(12.5,61), 'bexp(12.5)'); ############################################################################# # test bexp() with big values (non-cached) -is ($cl->new(1)->bexp(100), +is ($cl->new(1)->bexp(100), '2.718281828459045235360287471352662497757247093699959574966967627724076630353547594571382178525166427', 'bexp(100)'); -is ($cl->new("12.5")->bexp(91), $cl->new(1)->bexp(95)->bpow(12.5,91), - 'bexp(12.5) to 91 digits'); +is ($cl->new("12.5")->bexp(91), $cl->new(1)->bexp(95)->bpow(12.5,91), + 'bexp(12.5) to 91 digits'); # all done 1; @@ -190,5 +190,3 @@ sub test_bpow print "# Tried: $x->bpow($y,$scale);\n" unless ok ($cl->new($x)->bpow($y,$scale),$result); } - - diff --git a/t/mbi_ltm_bigroot.t b/t/mbi_ltm_bigroot.t index 2eac4b0..f9d11df 100644 --- a/t/mbi_ltm_bigroot.t +++ b/t/mbi_ltm_bigroot.t @@ -24,7 +24,7 @@ is (Math::BigInt->config()->{lib}, 'Math::BigInt::LTM', 'LTM loaded'); my $cl = "Math::BigFloat"; my $c = "Math::BigInt"; -# 2 ** 240 = +# 2 ** 240 = # 1766847064778384329583297500742918515827483896875618958121606201292619776 # takes way too long @@ -47,4 +47,3 @@ sub test_broot $result =~ s/\..*//; is ($c->new($x)->bpow($n)->broot($y,$scale),$result, "Try: $c $x->bpow($n)->broot($y,$s) == $result"); } - diff --git a/t/mbi_ltm_bugs.t b/t/mbi_ltm_bugs.t old mode 100755 new mode 100644 diff --git a/t/mode_cbc.t b/t/mode_cbc.t index 09a41db..0499251 100644 --- a/t/mode_cbc.t +++ b/t/mode_cbc.t @@ -6,14 +6,14 @@ use Crypt::Mode::CBC; my @tests; # test vectors from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf -push @tests, +push @tests, { padding=>'none', key=>'2b7e151628aed2a6abf7158809cf4f3c', iv=>'000102030405060708090a0b0c0d0e0f', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7' }, { padding=>'none', key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', iv=>'000102030405060708090a0b0c0d0e0f', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd' }, { padding=>'none', key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', iv=>'000102030405060708090a0b0c0d0e0f', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b' }, -; +; # test vectors produced by Crypt::CBC -push @tests, +push @tests, { mode=>'AES+Crypt::CBC', padding=>'standard', len=>45, key=>'4cdc909dc310796429e26bcaca1b21329f5060813b7d17bf1a65f293154b54a9', iv=>'9124d8cfafd3d732e597f463d35a8a43', pt=>'ad67301bcd23a5d7b4601f93db3e6b5db71243fa00244182d0a2df6f0384a09f117821b7b70a4bcdc0a73a70130851f704a7aca59b96a3e5b8dc89efa7ee7846a906a3eb591bf8b6b472ae07113ac3cccfb1bc84723ed1472c1f59705eae7b9fbd6df2b38d2eac2a6c726b9f92', ct=>'588c33d96d99477bc6305c829a1fb188ab165f60ccadac67daaefb8054cfe8093cbb6fba14b684c26cd10c66db87cf1aa8cd69c98180d1d7cb6edc9191332863653ea707cb9ec4da0c7d4381cac33faa938a53df3519d06859260be7ac582674cdedfa411f4cd0204c8b2132d4b100cc' }, { mode=>'AES+Crypt::CBC', padding=>'standard', len=>46, key=>'0c1afd6567e265240aacef873eb78ff11ce0e53931ca7de49143d8a2b1c84df5', iv=>'df5f1521ed1ee7b47ae7e5ef0ac49abb', pt=>'13436402bb6c57b3f202e88cd4d21d828e85856415000e5ef01f9fe43bf100ee5b94ea29e3246200dcddbc5779dce5e219c078bbad8cd878727c0c27f179c100beefcc832f605c8e8f27251a8b51b2475d5170ff8100c95d4d875d386016535a13373f7e15d798e0c39c94193b24', ct=>'3eb5203a12d11b2fe629cd764a9963ad7f314d0efe75806c12e00f3bfe916c765a318be81337d1cb43f20c030f8af6e31991fb09477d06baa3492836f884470177584ad32241ac8fd66469fdd858ce1d04e90375689e70a4bc40be149b1df6cabc5943cff8e7cecdac6fe81fc0aac8f8' }, { mode=>'AES+Crypt::CBC', padding=>'standard', len=>47, key=>'9dd6b591b1589ff6fb5bbd41a8da4b1449674155119285857d719d44281daa3d', iv=>'321d48c36326dcc951aa208542d2fdd7', pt=>'75e4309485e3df2006c411a316073973e8adf51bfd6287a7833f15e18f2f6b571c192a527bd6290722713eb77c9116a28b321cc5decd44a5a49a13750d43e99e4d360e647300cb7b9d31a82c39d8885e6d2b5521f1c7339b30d3947bddc7323a50891f4d37a7bc9cc6971037373722', ct=>'f1f7d95a90ece772a931e3c1f919da110246268291d10d5b2a3ff62596f0cd2a0c3dbdab41e210424f5a1d35b72a4df26a32d4c9ac80e808438f31e07a4f16555a82bade488a73afe239e6c557f100cf17632a8f767445ad6db8f7d2775f63f4b4e73fc5180b20334f941f8c49f7968a' }, @@ -68,7 +68,7 @@ for (@tests) { my $m = Crypt::Mode::CBC->new('AES', $_->{padding}); for my $l (1..33) { - + { $m->start_encrypt(pack("H*",$_->{key}), pack("H*",$_->{iv})); my $i = 0; @@ -80,7 +80,7 @@ for (@tests) { $ct .= $m->finish; is(unpack("H*",$ct), $_->{ct}, "cipher text match [l=$l]"); } - + { $m->start_decrypt(pack("H*",$_->{key}), pack("H*",$_->{iv})); my $i = 0; @@ -92,7 +92,7 @@ for (@tests) { $pt .= $m->finish; is(unpack("H*",$pt), $_->{pt}, "plain text match [l=$l]"); } - - } + + } } } diff --git a/t/mode_cfb.t b/t/mode_cfb.t index 78b17d4..386cc7f 100644 --- a/t/mode_cfb.t +++ b/t/mode_cfb.t @@ -4,14 +4,14 @@ use Test::More tests => 12; use Crypt::Mode::CFB; my @tests = ( - { key=>'2b7e151628aed2a6abf7158809cf4f3c', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', + { key=>'2b7e151628aed2a6abf7158809cf4f3c', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6' }, - { key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c', + { key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c', ct=>'cdc80d6fddf18cab34c25909c99a417467ce7f7f81173621961a2b70171d3d7a2e1e8a1dd59b88b1c8e60fed1efac4c9c05f9f9ca9834fa042ae8fba584b' }, - { key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417b', + { key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417b', ct=>'dc7e84bfda79164b7ecd8486985d386039ffed143b28b1c832113c6331e5407bdf10132415e54b92a13ed0a8267ae2f975a385741ab9cef82031623d' }, ); diff --git a/t/mode_ctr.t b/t/mode_ctr.t index 623894a..ebe2128 100644 --- a/t/mode_ctr.t +++ b/t/mode_ctr.t @@ -1,6 +1,6 @@ use strict; use warnings; -use Test::More tests => 8; +use Test::More tests => 24; use Crypt::Mode::CTR; @@ -15,10 +15,28 @@ sub do_test { my $pt = pack("H*", $a{pt}); my $key = pack("H*", $a{key}); my $iv = pack("H*", $a{iv}); + # test: encrypt/decrypt in a single step my $ct_out = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->encrypt($pt, $key, $iv); - is(unpack("H*", $ct_out), $a{ct}, "cipher text [m=$a{mode}, w=$a{width}]"); + is(unpack("H*", $ct_out), $a{ct}, "cipher text1 [m=$a{mode}, w=$a{width}]"); my $pt_out = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->decrypt($ct_out, $key, $iv); - is(unpack("H*", $pt_out), $a{pt}, "plain text [m=$a{mode}, w=$a{width}]"); + is(unpack("H*", $pt_out), $a{pt}, "plain text1 [m=$a{mode}, w=$a{width}]"); + # test: add(@in) + my $mode; + my @in = map { pack("H*", $_) } ($a{pt} =~ /(..)/g); + $mode = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->start_encrypt($key, $iv); + $ct_out = $mode->add(@in) . $mode->finish; + is(unpack("H*", $ct_out), $a{ct}, "cipher text2 [m=$a{mode}, w=$a{width}]"); + $mode = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->start_encrypt($key, $iv); + $ct_out = join ('', map { $mode->add($_) } @in) . $mode->finish; + is(unpack("H*", $ct_out), $a{ct}, "cipher text3 [m=$a{mode}, w=$a{width}]"); + # test: add(?)->add(?)->add(?)->add(?) + @in = split //, $ct_out; + $mode = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->start_decrypt($key, $iv); + $pt_out = $mode->add(@in) . $mode->finish; + is(unpack("H*", $pt_out), $a{pt}, "plain text2 [m=$a{mode}, w=$a{width}]"); + $mode = Crypt::Mode::CTR->new('AES', $a{mode}, $a{width})->start_decrypt($key, $iv); + $pt_out = join ('', map { $mode->add($_) } @in) . $mode->finish; + is(unpack("H*", $pt_out), $a{pt}, "plain text3 [m=$a{mode}, w=$a{width}]"); } do_test(%$_) for ( diff --git a/t/mode_ecb.t b/t/mode_ecb.t index 0f7dab1..1e01933 100644 --- a/t/mode_ecb.t +++ b/t/mode_ecb.t @@ -6,14 +6,14 @@ use Crypt::Mode::ECB; my @tests; # test vectors from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf -push @tests, +push @tests, { padding=>'none', key=>'2b7e151628aed2a6abf7158809cf4f3c', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4' }, { padding=>'none', key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'bd334f1d6e45f25ff712a214571fa5cc974104846d0ad3ad7734ecb3ecee4eefef7afd2270e2e60adce0ba2face6444e9a4b41ba738d6c72fb16691603c18e0e' }, { padding=>'none', key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'f3eed1bdb5d2a03c064b5a7e3db181f8591ccb10d410ed26dc5ba74a31362870b6ed21b99ca6f4f9f153e7b1beafed1d23304b7a39f9f3ff067d8d8f9e24ecc7' }, -; +; # test vectors produced by Crypt::ECB -push @tests, +push @tests, { mode=>'AES+Crypt::ECB', padding=>'standard', len=>45, key=>'9c1975bc3f89e58f790e8e1cdaeea5cc1147fa43c5da2f9ae681274bd406a663', pt=>'a99303fcd37a6c39acb2dd2f3955cbcdf2d4643cc5542019f549ca2b62a4b27a099f42e0a8fb90fc53f0f32c5402f89822215472d1a5c5e8e299090cfeb80151222922c91aa0a8e21ff07147ca62a4542cc36fb437ff2f56be51e6db4e763252960b4a02cfda2fb8a74a63c0fa', ct=>'b52d56dfbd230e87af5d6cd122b050ba4dacfa112e214359d04626efbf57ccde810246076261e0dd7be797bc9b07b20c3a737f72822498fecc68d73ff6c057a1313684058ff1110af0e59347953e1b337b6dbcb852f9210099ea4b54482ae4d9069193d5cb22c6cdfad968a27771b38b' }, { mode=>'AES+Crypt::ECB', padding=>'standard', len=>46, key=>'11748a8de11e393c610eb582ee3534414f7187790435cdcbe1fd5f7c6db757be', pt=>'ff6da3d97b3907fcc171090bdcc97a43d98cde4bd76937eb672e3a4ce04b15de634d6c320bbe0b84304e52fbf004111f0d0671674196b3ea380f09295a04deb1f26b4d49bc239669bbed6b9316277516914ca4f30d570c156ea90f58565cbf26ead7c6d04eb411b83ef2445a914c', ct=>'91f00f683e3a381ebadb9553db928776fa972a06ca73a31e38ba6501d0f7b27c0013dcf3b25b3206ccd2083fcc815eaa3f843fa14ceca9e54a687b69d0e515dff1cf4b756744f242955b766c87473275ffa6c2191c89ad064c4b83e95ded84514613bc5d7763ffc0b0ec2281bf36d76c' }, { mode=>'AES+Crypt::ECB', padding=>'standard', len=>47, key=>'d36ba22781e756dfe5e64bc9729e7d50bc00a24133ea90de1d77e666e9b39bb5', pt=>'a74a52d0a02d9e959127a1fa84790605828c6e1e8a9d71ff78320b1bc888affb3e19db2c5e62233ef6ab4adf89524efe369b12259925461b88d412d8276e5e80f327addee10c3e99778e0df730cf70509faef08e7c22b2142cc6201474465b47af54e99299290117eca9514a583ecf', ct=>'1e768190063599f2be4309a27c2d1b294714bb567f231ea9ad17fe31c183b3ab2d3db1b95a3e646aa88c35d98b3ce193640e2013e643b5da787087a2a115b1f61370e42943c90c384c64b128eeaa06c98b0c7b9e9a3c2b875100c5fb9703c5e94dc394c45ffc079d2ba75ad2b342100e' }, @@ -55,7 +55,7 @@ for (@tests) { my $ct = pack("H*", $_->{ct}); my $m = Crypt::Mode::ECB->new('AES', $_->{padding}); for my $l (1..33) { - + { $m->start_encrypt(pack("H*",$_->{key})); my $i = 0; @@ -67,7 +67,7 @@ for (@tests) { $ct .= $m->finish; is(unpack("H*",$ct), $_->{ct}, "cipher text match [l=$l]"); } - + { $m->start_decrypt(pack("H*",$_->{key})); my $i = 0; @@ -79,7 +79,7 @@ for (@tests) { $pt .= $m->finish; is(unpack("H*",$pt), $_->{pt}, "plain text match [l=$l]"); } - - } + + } } } diff --git a/t/mode_ofb.t b/t/mode_ofb.t index 84266db..843d2ea 100644 --- a/t/mode_ofb.t +++ b/t/mode_ofb.t @@ -4,14 +4,14 @@ use Test::More tests => 12; use Crypt::Mode::OFB; my @tests = ( - { key=>'2b7e151628aed2a6abf7158809cf4f3c', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', + { key=>'2b7e151628aed2a6abf7158809cf4f3c', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710', ct=>'3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e' }, - { key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c', + { key=>'8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c', ct=>'cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9ac' }, - { key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', iv=>'000102030405060708090a0b0c0d0e0f', - pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417b', + { key=>'603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4', iv=>'000102030405060708090a0b0c0d0e0f', + pt=>'6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417b', ct=>'dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8b' }, ); diff --git a/t/pk_dh.t b/t/pk_dh.t index ec0b82e..7c43a35 100644 --- a/t/pk_dh.t +++ b/t/pk_dh.t @@ -1,8 +1,9 @@ use strict; use warnings; -use Test::More tests => 74; +use Test::More tests => 60; -use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_sign_hash dh_verify_hash dh_shared_secret); +use Crypt::Misc 'decode_b64'; +use Crypt::PK::DH qw(dh_shared_secret); { my $k; @@ -11,16 +12,16 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ ok($k, 'load cryptx_priv_dh1.bin'); ok($k->is_private, 'is_private cryptx_priv_dh1.bin'); is($k->size, 256, 'size'); - is(uc($k->key2hash->{x}), 'FBC1062F73B9A17BB8473A2F5A074911FA7F20D28FBF5D7F4DAF58016CE03A391BA57CB80067EB2D59AD1AA66869F5F37A1B57D440428F67881085F7C1484FADC3A54E39703CE679068417269651DD3438EDBF7827A09419F88A326B76EF04D81145D87D7D2DCF1B24902202B971BBF2EEF956A1EA1A88770097B94C859AE4F06DDDEB9ED31084004815F97D4F6F74C791CF1EC1836013DF835B653E8704981D52FF2323F7AFE22915B82CBA7EBF0558ACA6A182A6F3D631B843B72137D4E5B07603A7517F6768B375FC6C38F7B767C63E5A3DD99CD9EA0992C236EB827EAD4E877430F260020E64CBA26DAA8DEEF5D216C11941C48F76FE2B097BB5D504FBCF', 'key2hash'); - + is(uc($k->key2hash->{x}), '73CA6A11B1595C06AB08E8E0875B9689E265C29E3F52FBC7830F071AEA4AF5A26D23CFBC96101267', 'key2hash'); + $k = Crypt::PK::DH->new('t/data/cryptx_priv_dh2.bin'); ok($k, 'load cryptx_priv_dh2.bin'); ok($k->is_private, 'is_private cryptx_priv_dh2.bin'); - + $k = Crypt::PK::DH->new('t/data/cryptx_pub_dh1.bin'); ok($k, 'load cryptx_pub_dh1.bin'); ok(!$k->is_private, 'is_private cryptx_pub_dh1.bin'); - + $k = Crypt::PK::DH->new('t/data/cryptx_pub_dh2.bin'); ok($k, 'load cryptx_pub_dh2.bin'); ok(!$k->is_private, 'is_private cryptx_pub_dh2.bin'); @@ -33,16 +34,16 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ ok($k, 'load cryptx_priv_dh_pg1.bin'); ok($k->is_private, 'is_private cryptx_priv_dh_pg1.bin'); is($k->size, 256, 'size'); - is(uc($k->key2hash->{x}), '29BB37065071D1C23AE0D8C555E24E5E546954B985260ECC6A1A21252FCFD2D633B0580F6A00B80ED75123EC37A3E784F888EE026C1034CD930CA58464EB6A59A090D1113855AFA48C9A79631E2534D7F33FAD4DC8FF48E88C865E517B67DAD4B40D64BD67CBFE52F56FBC6764D0629E5EFF63351AF19FF398375BDCE22FBDF3A044DAB2B6EAAA44D1A78F4FF74088175E6B5F184222F116F4C6188547F90B0ADCA3255EA7148CB57E5E852E79F438F995CFC3AC79A01D2C329C0750D55FDADCC6FAF6D6850892EEC073FD77CC7F98D8D317D402E2A89E4161001DAEF43DAC0F386E48870D457FB12CC5B70E6F5719609631CB8B439DB6D2F04CF8A774678F68', 'key2hash'); - + is(uc($k->key2hash->{x}), '3E2F764CDAD2EDFEC737E2198C9C4FAFBA4274C8A73A9E2FDCBC11954D8B48C375399E4BDE930EC9', 'key2hash'); + $k = Crypt::PK::DH->new('t/data/cryptx_priv_dh_pg2.bin'); ok($k, 'load cryptx_priv_dh_pg2.bin'); ok($k->is_private, 'is_private cryptx_priv_dh_pg2.bin'); - + $k = Crypt::PK::DH->new('t/data/cryptx_pub_dh_pg1.bin'); ok($k, 'load cryptx_pub_dh_pg1.bin'); ok(!$k->is_private, 'is_private cryptx_pub_dh_pg1.bin'); - + $k = Crypt::PK::DH->new('t/data/cryptx_pub_dh_pg2.bin'); ok($k, 'load cryptx_pub_dh_pg2.bin'); ok(!$k->is_private, 'is_private cryptx_pub_dh_pg2.bin'); @@ -53,26 +54,12 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ $pr1->import_key('t/data/cryptx_priv_dh1.bin'); my $pu1 = Crypt::PK::DH->new; $pu1->import_key('t/data/cryptx_pub_dh1.bin'); - - my $ct = $pu1->encrypt("secret message"); - my $pt = $pr1->decrypt($ct); - ok(length $ct > 100, 'encrypt ' . length($ct)); - is($pt, "secret message", 'decrypt'); - - my $sig = $pr1->sign_message("message"); - ok(length $sig > 60, 'sign_message ' . length($sig)); - ok($pu1->verify_message($sig, "message"), 'verify_message'); - my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = $pr1->sign_hash($hash, 'SHA1'); - ok(length $sig > 60, 'sign_hash ' . length($sig)); - ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); - my $pr2 = Crypt::PK::DH->new; $pr2->import_key('t/data/cryptx_priv_dh2.bin'); my $pu2 = Crypt::PK::DH->new; $pu2->import_key('t/data/cryptx_pub_dh2.bin'); - + my $ss1 = $pr1->shared_secret($pu2); my $ss2 = $pr2->shared_secret($pu1); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); @@ -83,26 +70,12 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ $pr1->import_key('t/data/cryptx_priv_dh_pg1.bin'); my $pu1 = Crypt::PK::DH->new; $pu1->import_key('t/data/cryptx_pub_dh_pg1.bin'); - - my $ct = $pu1->encrypt("secret message"); - my $pt = $pr1->decrypt($ct); - ok(length $ct > 100, 'encrypt ' . length($ct)); - is($pt, "secret message", 'decrypt'); - - my $sig = $pr1->sign_message("message"); - ok(length $sig > 60, 'sign_message ' . length($sig)); - ok($pu1->verify_message($sig, "message"), 'verify_message'); - my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = $pr1->sign_hash($hash, 'SHA1'); - ok(length $sig > 60, 'sign_hash ' . length($sig)); - ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); - my $pr2 = Crypt::PK::DH->new; $pr2->import_key('t/data/cryptx_priv_dh_pg2.bin'); my $pu2 = Crypt::PK::DH->new; $pu2->import_key('t/data/cryptx_pub_dh_pg2.bin'); - + my $ss1 = $pr1->shared_secret($pu2); my $ss2 = $pr2->shared_secret($pu1); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); @@ -121,21 +94,7 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ is(uc(unpack('H*',$pr1->export_key_raw('public'))),'4B9ECB56202EDBC6578072A4519EBE625DE8972877462240F62393C59A6C04AA159E56505156E7DF645FF6EC588E0778A96B78B26A0793D90A4B5C5EC4C61EA69D21C630843ACC2BFD3864CD9DA9600BA8F1B7D8542B01F7251AA3AC257C7AC65A1D2BCF51A8E3E67D9544599B0956710E2B052CDA9B565CDD121CC123364B480E9E7E2237D3D6B5B1E200C7BF858C54CCD3175736DB28336210A16F8F0ACEC08847EF7905FAB7E97E626CFD13CBDF167441FEEB72CB6E7407DFC59F03249F79312A94DA89B1D61196B41E90C08D2C801FD7BEA02A47A1CDA1581F57BA700C1BCDDE6338718E19079055194CAF176D85464957D405B04CC3DD9756C211E11BF2'); is(uc(unpack('H*',$pu1->export_key_raw('public'))),'4B9ECB56202EDBC6578072A4519EBE625DE8972877462240F62393C59A6C04AA159E56505156E7DF645FF6EC588E0778A96B78B26A0793D90A4B5C5EC4C61EA69D21C630843ACC2BFD3864CD9DA9600BA8F1B7D8542B01F7251AA3AC257C7AC65A1D2BCF51A8E3E67D9544599B0956710E2B052CDA9B565CDD121CC123364B480E9E7E2237D3D6B5B1E200C7BF858C54CCD3175736DB28336210A16F8F0ACEC08847EF7905FAB7E97E626CFD13CBDF167441FEEB72CB6E7407DFC59F03249F79312A94DA89B1D61196B41E90C08D2C801FD7BEA02A47A1CDA1581F57BA700C1BCDDE6338718E19079055194CAF176D85464957D405B04CC3DD9756C211E11BF2'); - my $ct = $pu1->encrypt("secret message"); - my $pt = $pr1->decrypt($ct); - ok(length $ct > 100, 'encrypt ' . length($ct)); - is($pt, "secret message", 'decrypt'); - - my $sig = $pr1->sign_message("message"); - ok(length $sig > 60, 'sign_message ' . length($sig)); - ok($pu1->verify_message($sig, "message"), 'verify_message'); - - my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = $pr1->sign_hash($hash, 'SHA1'); - ok(length $sig > 60, 'sign_hash ' . length($sig)); - ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); - - my $pr2 = Crypt::PK::DH->new; + my $pr2 = Crypt::PK::DH->new; $pr2->import_key_raw(pack('H*','473156C909EBB0A6F61F707CDDD7E6401BFDE22BC57B8D3CCC30C4CD3FF7678CCD9B022167AA774786F367FE5B5924A3C1E09AA71264F94E7ABA87FFA888913BB9592613F8AD87FBE82E99064B00CE3294CFD410BCFB4C88A46F5F8532633458C317DF40F395C2F08A822D84BF4291A1A63DE1F6D0F460DB81C685ADD0F26262307823227C17B4671BCF74A6337738BB4596337644656A060F1BB109640878D23F56E493719D6EF60FEA7AC85123CFB6E476392789AC1FE4F4CA371DB2863192ADE424F3EFDEE52D4CB445B99B10566A4B6F6DC813C265DC0052D710AEAA0969392BD478A46AB9C7A0E2FA27964A759938904FCEFAC4CE061C9927764AAB57DC'),'private','ike2048'); my $pu2 = Crypt::PK::DH->new; $pu2->import_key_raw(pack('H*','774A01FF19C1603040DFBB5C8A44F11CE8719F757C2AF6B2921EDDDEF27F77D5F2DAF9539BCBCB30F80D76E054C489C9E6533051767E6220539C871F23D3B6F80D84037A6FBAB3AE6AF8F214A60A816D6F0F6C3F31801DCD6EA771F41A2A5618BC333D650F46F22FEA81A94F4E00CD05B83F8FE257A2607E62519D9BF8B8C96D0587FB2BCEC8D18DDCF66EBBB8A56623953531EE27C68C8C37E6413FD2C98339F491A0472E5D4DFADC7BF30E89A2CE2081EE3CF9F9B0FFCD902A3021CAC14A4AD7E00F6202C8A9AB93BF96E33838FB9178DC8A8F995ABD81F28F5A137A78E813ABD185498A3A50CB3021CF58BE9D0200C19928AA097D306ABAD9874E0F217482'),'public','ike2048'); @@ -145,10 +104,82 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); } +{ + my $k = Crypt::PK::DH->new; + my $p = <<"MARKER"; +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA7DIdWuBlIVFTnN9t9SP5tjajNgmQtBuhRlBQJIaHxblApAP9XZgS +iuAdkZugjvYb83bFzrjdo+TyKCUKZwVp8pv8LHEG90K54BsZwlbyjHHVlWFcQPIh +XYMg7YKEVcOPg0ZRty55g2u6IMMlMl16WWubHvtAeI0qVU7VUA6vuy7qAOauaZWo +0klH0zGkc8s1NGectcNbk8GmlUop+7JLUh3K0ikHVPYx2OJHjBhTz2vPgTdlcbHb ++dQIMdLFBOySNKv141QsDBo1ugu0Cxx02We6FFp1k5k4le+yGhFtLotE4OlZtcZW +xyjO1D0DrX8p6PeI4OmMAeGgGmDNBGreywIBAg== +-----END DH PARAMETERS----- +MARKER + $k->generate_key(\$p); + ok($k, 'generate_key PEM'); + ok($k->is_private, 'is_private'); + ok($k->export_key('private'), 'export_key_pem pri'); + ok($k->export_key('public'), 'export_key_pem pub'); +} + +{ + my $k = Crypt::PK::DH->new; + my $p = decode_b64(<<"MARKER"); +MIIBCAKCAQEA7DIdWuBlIVFTnN9t9SP5tjajNgmQtBuhRlBQJIaHxblApAP9XZgS +iuAdkZugjvYb83bFzrjdo+TyKCUKZwVp8pv8LHEG90K54BsZwlbyjHHVlWFcQPIh +XYMg7YKEVcOPg0ZRty55g2u6IMMlMl16WWubHvtAeI0qVU7VUA6vuy7qAOauaZWo +0klH0zGkc8s1NGectcNbk8GmlUop+7JLUh3K0ikHVPYx2OJHjBhTz2vPgTdlcbHb ++dQIMdLFBOySNKv141QsDBo1ugu0Cxx02We6FFp1k5k4le+yGhFtLotE4OlZtcZW +xyjO1D0DrX8p6PeI4OmMAeGgGmDNBGreywIBAg== +MARKER + $k->generate_key(\$p); + ok($k, 'generate_key DER'); + ok($k->is_private, 'is_private'); + ok($k->export_key('private'), 'export_key_pem pri'); + ok($k->export_key('public'), 'export_key_pem pub'); +} + +{ + my $k = Crypt::PK::DH->new; + $k->generate_key({ + g=>"0x2", + p=>"0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1". + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD". + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245". + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED". + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D". + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F". + "83655D23DCA3AD961C62F356208552BB9ED529077096966D". + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B". + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9". + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510". + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64". + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7". + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B". + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C". + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31". + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" + }); + ok($k, 'generate_key HASH'); + ok($k->is_private, 'is_private'); + ok($k->export_key('private'), 'export_key_pem pri'); + ok($k->export_key('public'), 'export_key_pem pub'); +} + +{ + my $k = Crypt::PK::DH->new; + $k->generate_key('ike2048'); + ok($k, 'generate_key groupname'); + ok($k->is_private, 'is_private'); + ok($k->export_key('private'), 'export_key_pem pri'); + ok($k->export_key('public'), 'export_key_pem pub'); +} + { my $k = Crypt::PK::DH->new; $k->generate_key(256); - ok($k, 'generate_key'); + ok($k, 'generate_key groupsize'); ok($k->is_private, 'is_private'); ok($k->export_key('private'), 'export_key_pem pri'); ok($k->export_key('public'), 'export_key_pem pub'); @@ -173,36 +204,12 @@ use Crypt::PK::DH qw(dh_encrypt dh_decrypt dh_sign_message dh_verify_message dh_ } { - my $ct = dh_encrypt('t/data/cryptx_pub_dh1.bin', 'test string'); - ok($ct, 'dh_encrypt'); - my $pt = dh_decrypt('t/data/cryptx_priv_dh1.bin', $ct); - ok($pt, 'dh_decrypt'); - my $sig = dh_sign_message('t/data/cryptx_priv_dh1.bin', 'test string'); - ok($sig, 'dh_sign_message'); - ok(dh_verify_message('t/data/cryptx_pub_dh1.bin', $sig, 'test string'), 'dh_verify_message'); - my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = dh_sign_hash('t/data/cryptx_priv_dh1.bin', $hash, 'SHA1'); - ok($sig, 'dh_sign_hash'); - ok(dh_verify_hash('t/data/cryptx_pub_dh1.bin', $sig, $hash, 'SHA1'), 'dh_verify_hash'); - my $ss1 = dh_shared_secret('t/data/cryptx_priv_dh1.bin', 't/data/cryptx_pub_dh2.bin'); my $ss2 = dh_shared_secret('t/data/cryptx_priv_dh2.bin', 't/data/cryptx_pub_dh1.bin'); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); } { - my $ct = dh_encrypt('t/data/cryptx_pub_dh_pg1.bin', 'test string'); - ok($ct, 'dh_encrypt'); - my $pt = dh_decrypt('t/data/cryptx_priv_dh_pg1.bin', $ct); - ok($pt, 'dh_decrypt'); - my $sig = dh_sign_message('t/data/cryptx_priv_dh_pg1.bin', 'test string'); - ok($sig, 'dh_sign_message'); - ok(dh_verify_message('t/data/cryptx_pub_dh_pg1.bin', $sig, 'test string'), 'dh_verify_message'); - my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = dh_sign_hash('t/data/cryptx_priv_dh_pg1.bin', $hash, 'SHA1'); - ok($sig, 'dh_sign_hash'); - ok(dh_verify_hash('t/data/cryptx_pub_dh_pg1.bin', $sig, $hash, 'SHA1'), 'dh_verify_hash'); - my $ss1 = dh_shared_secret('t/data/cryptx_priv_dh_pg1.bin', 't/data/cryptx_pub_dh_pg2.bin'); my $ss2 = dh_shared_secret('t/data/cryptx_priv_dh_pg2.bin', 't/data/cryptx_pub_dh_pg1.bin'); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); diff --git a/t/pk_dsa.t b/t/pk_dsa.t index 80335f6..3fb7f69 100644 --- a/t/pk_dsa.t +++ b/t/pk_dsa.t @@ -1,8 +1,9 @@ use strict; use warnings; -use Test::More tests => 44; +use Test::More tests => 62; use Crypt::PK::DSA qw(dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash); +use Crypt::Misc 'decode_b64'; { my $k; @@ -16,43 +17,43 @@ use Crypt::PK::DSA qw(dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_messag $k = Crypt::PK::DSA->new('t/data/cryptx_priv_dsa2.der'); ok($k, 'load cryptx_priv_dsa2.der'); ok($k->is_private, 'is_private cryptx_priv_dsa2.der'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_pub_dsa1.der'); ok($k, 'load cryptx_pub_dsa1.der'); ok(!$k->is_private, 'is_private cryptx_pub_dsa1.der'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_pub_dsa2.der'); ok($k, 'load cryptx_pub_dsa2.der'); ok(!$k->is_private, 'is_private cryptx_pub_dsa2.der'); - + $k = Crypt::PK::DSA->new('t/data/openssl_dsa1.der'); ok($k, 'load openssl_dsa1.der'); ok($k->is_private, 'is_private openssl_dsa1.der'); - + $k = Crypt::PK::DSA->new('t/data/openssl_dsa2.der'); ok($k, 'load openssl_dsa2.der'); ok($k->is_private, 'is_private openssl_dsa2.der'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_priv_dsa1.pem'); ok($k, 'load cryptx_priv_dsa1.pem'); ok($k->is_private, 'is_private cryptx_priv_dsa1.pem'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_priv_dsa2.pem'); ok($k, 'load cryptx_priv_dsa2.pem'); ok($k->is_private, 'is_private cryptx_priv_dsa2.pem'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_pub_dsa1.pem'); ok($k, 'load cryptx_pub_dsa1.pem'); ok(!$k->is_private, 'is_private cryptx_pub_dsa1.pem'); - + $k = Crypt::PK::DSA->new('t/data/cryptx_pub_dsa2.pem'); ok($k, 'load cryptx_pub_dsa2.pem'); ok(!$k->is_private, 'is_private cryptx_pub_dsa2.pem'); - + $k = Crypt::PK::DSA->new('t/data/openssl_dsa1.pem'); ok($k, 'load openssl_dsa1.pem'); ok($k->is_private, 'is_private openssl_dsa1.pem'); - + $k = Crypt::PK::DSA->new('t/data/openssl_dsa2.pem'); ok($k, 'load openssl_dsa2.pem'); ok($k->is_private, 'is_private openssl_dsa2.pem'); @@ -63,7 +64,7 @@ use Crypt::PK::DSA qw(dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_messag $pr1->import_key('t/data/cryptx_priv_dsa1.der'); my $pu1 = Crypt::PK::DSA->new; $pu1->import_key('t/data/cryptx_pub_dsa1.der'); - + my $ct = $pu1->encrypt("secret message"); my $pt = $pr1->decrypt($ct); ok(length $ct > 200, 'encrypt ' . length($ct)); @@ -74,24 +75,110 @@ use Crypt::PK::DSA qw(dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_messag ok($pu1->verify_message($sig, "message"), 'verify_message'); my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = $pr1->sign_hash($hash, 'SHA1'); + $sig = $pr1->sign_hash($hash); ok(length $sig > 60, 'sign_hash ' . length($sig)); - ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); - + ok($pu1->verify_hash($sig, $hash), 'verify_hash'); + my $pr2 = Crypt::PK::DSA->new; $pr2->import_key('t/data/cryptx_priv_dsa2.der'); my $pu2 = Crypt::PK::DSA->new; $pu2->import_key('t/data/cryptx_pub_dsa2.der'); - + #my $ss1 = $pr1->shared_secret($pu2); #my $ss2 = $pr2->shared_secret($pu1); #is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); } +{ + my $k = Crypt::PK::DSA->new; + $k->generate_key(\<<"MARKER"); +-----BEGIN DSA PARAMETERS----- +MIICLAKCAQEA3dZSaDnP5LgH44CDYc2wfGLtq4rbBgtOVvLkvh4j29CTiOUDRC1H +ivkTdtGrI3DdrAFeKieFYDJ1RJFbru+8/RYE7YfaR5Y3OUI4Vdf26guMViLLVjSL +W43Td50ZZziLmmYzn3cliokShe9f5/mtuLJ0uJRq7QxgHj7bgmvJvORvi4QXSCOn +nmCOgEfhoU1Vj/PePjtjeZWbLyGFXHC7vpvqePrsFtbUlBzIr2mr7JuHB3rAl7A4 +1VL6lexqONRa4rQuVxiX0vp3iit9Cx02EwrZODdlifssd9Kceu2UsvifjmCBPyv8 +6nmmEOtxh/xduuOBtVWXeZHSwIDUQvSJFwIhAK/ZDSl9iNuZ/TRwqQ3JRU3MjXCU +/US6/LU1qqjQATk7AoIBACoqauphNZmUZYOilArBfYCMtUwS0FNG6wfUMWDMd46z +/hv7equa9b75sT1uHyiUVuPD2hRhR3xNYkKSX9Kx8NGKj/bGDyaEW+Ud852N6BTo +9vzZ4GjKVBGe44Wa8eynVgVE5/r0z6OfHkV7uOxlGEdYgIooUbIsY7w0DmaR2FVZ +AMjGMg+L6CpulfvdETYi9LQafY4jRkgGWTc9h/2RYGhQUti1PheY1AlDYpubO8am +ZBG6vMBaANLx6Pv+lle4ltVvDVhwTK5APyfN1vVdEvVmU1/6zHZEnuiDAT8XI1rH +S1+SGX11RIn6uPVL1c0RjgW8/JZ6EeM8NvLdBiYYBuI= +-----END DSA PARAMETERS----- +MARKER + ok($k, 'generate_key PEM'); + ok($k->is_private, 'is_private'); + ok($k->export_key_pem('private'), 'export_key_pem pri'); + ok($k->export_key_pem('public'), 'export_key_pem pub'); + ok($k->export_key_der('private'), 'export_key_der pri'); + ok($k->export_key_der('public'), 'export_key_der pub'); +} + +{ + my $k = Crypt::PK::DSA->new; + $k->generate_key(\decode_b64(<<"MARKER")); +MIICLAKCAQEA3dZSaDnP5LgH44CDYc2wfGLtq4rbBgtOVvLkvh4j29CTiOUDRC1H +ivkTdtGrI3DdrAFeKieFYDJ1RJFbru+8/RYE7YfaR5Y3OUI4Vdf26guMViLLVjSL +W43Td50ZZziLmmYzn3cliokShe9f5/mtuLJ0uJRq7QxgHj7bgmvJvORvi4QXSCOn +nmCOgEfhoU1Vj/PePjtjeZWbLyGFXHC7vpvqePrsFtbUlBzIr2mr7JuHB3rAl7A4 +1VL6lexqONRa4rQuVxiX0vp3iit9Cx02EwrZODdlifssd9Kceu2UsvifjmCBPyv8 +6nmmEOtxh/xduuOBtVWXeZHSwIDUQvSJFwIhAK/ZDSl9iNuZ/TRwqQ3JRU3MjXCU +/US6/LU1qqjQATk7AoIBACoqauphNZmUZYOilArBfYCMtUwS0FNG6wfUMWDMd46z +/hv7equa9b75sT1uHyiUVuPD2hRhR3xNYkKSX9Kx8NGKj/bGDyaEW+Ud852N6BTo +9vzZ4GjKVBGe44Wa8eynVgVE5/r0z6OfHkV7uOxlGEdYgIooUbIsY7w0DmaR2FVZ +AMjGMg+L6CpulfvdETYi9LQafY4jRkgGWTc9h/2RYGhQUti1PheY1AlDYpubO8am +ZBG6vMBaANLx6Pv+lle4ltVvDVhwTK5APyfN1vVdEvVmU1/6zHZEnuiDAT8XI1rH +S1+SGX11RIn6uPVL1c0RjgW8/JZ6EeM8NvLdBiYYBuI= +MARKER + ok($k, 'generate_key DER'); + ok($k->is_private, 'is_private'); + ok($k->export_key_pem('private'), 'export_key_pem pri'); + ok($k->export_key_pem('public'), 'export_key_pem pub'); + ok($k->export_key_der('private'), 'export_key_der pri'); + ok($k->export_key_der('public'), 'export_key_der pub'); +} + +{ + my $k = Crypt::PK::DSA->new; + $k->generate_key({ + p => "A5903F7DF15D5C0769797820". + "6CFEED0113CD1C15298198E9". + "1F2231135A7BC42568BE8F8D". + "357B7EE9AD4E99F9F628EA2C". + "9294425FA1C7732253D478CD". + "1E242FA81B12C2A9ADB46D14". + "AC83875A2D8BF6A1DCF57EC6". + "4668DB3751358EB4F5A620A9". + "0F28C3D5F62DC1E85E3CC724". + "A12018B038FFA4B917AABC66". + "543BDD11784134CB", + q => "B3CA2D8B0823160915E6B73E". + "DD3B0015DFE1E897", + g => "5C9F25D69C86E8002BE04F56". + "90230BD008A816E7C8E9A96E". + "C0DBC630C62A8B42E41C8504". + "E682F52C02CDA74740CFA1A4". + "A608B8D827C5762EB69FED68". + "3D17DBC9050C16DEB9EC5A3E". + "02DF7B0E338AFFC01F878352". + "A2C82FB458F95DD60A7E23FE". + "322173F34F98452B0D16DCE2". + "23B15840F82B6AFCDFC6D848". + "9C5859DA0E4BE8B9", + }); + ok($k, 'generate_key HASH'); + ok($k->is_private, 'is_private'); + ok($k->export_key_pem('private'), 'export_key_pem pri'); + ok($k->export_key_pem('public'), 'export_key_pem pub'); + ok($k->export_key_der('private'), 'export_key_der pri'); + ok($k->export_key_der('public'), 'export_key_der pub'); +} + { my $k = Crypt::PK::DSA->new; $k->generate_key(20, 128); - ok($k, 'generate_key'); + ok($k, 'generate_key size'); ok($k->is_private, 'is_private'); ok($k->export_key_pem('private'), 'export_key_pem pri'); ok($k->export_key_pem('public'), 'export_key_pem pub'); @@ -108,7 +195,7 @@ use Crypt::PK::DSA qw(dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_messag ok($sig, 'dsa_sign_message'); ok(dsa_verify_message('t/data/cryptx_pub_dsa1.der', $sig, 'test string'), 'dsa_verify_message'); my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); - $sig = dsa_sign_hash('t/data/cryptx_priv_dsa1.der', $hash, 'SHA1'); + $sig = dsa_sign_hash('t/data/cryptx_priv_dsa1.der', $hash); ok($sig, 'dsa_sign_hash'); - ok(dsa_verify_hash('t/data/cryptx_pub_dsa1.der', $sig, $hash, 'SHA1'), 'dsa_verify_hash'); + ok(dsa_verify_hash('t/data/cryptx_pub_dsa1.der', $sig, $hash), 'dsa_verify_hash'); } diff --git a/t/pk_ecc.t b/t/pk_ecc.t index 27fd0b8..7d7b9fc 100644 --- a/t/pk_ecc.t +++ b/t/pk_ecc.t @@ -3,18 +3,7 @@ use warnings; use Test::More tests => 121; use Crypt::PK::ECC qw(ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret); - -sub read_file { - my ($file) = @_; - return unless $file; - if (open(my $fh, "<", $file)) { - local $/; - binmode($fh); - my $content = <$fh>; - close($fh); - return $content; - } -} +use Crypt::Misc qw(read_rawfile); { my ($k, $k2); @@ -41,28 +30,28 @@ sub read_file { $k = Crypt::PK::ECC->new('t/data/cryptx_priv_ecc2.der'); ok($k, 'load cryptx_priv_ecc2.der'); ok($k->is_private, 'is_private cryptx_priv_ecc2.der'); - + $k = Crypt::PK::ECC->new('t/data/cryptx_pub_ecc1.der'); ok($k, 'load cryptx_pub_ecc1.der'); ok(!$k->is_private, 'is_private cryptx_pub_ecc1.der'); - + $k = Crypt::PK::ECC->new('t/data/cryptx_pub_ecc2.der'); ok($k, 'load cryptx_pub_ecc2.der'); ok(!$k->is_private, 'is_private cryptx_pub_ecc2.der'); - + ### XXX-TODO regenerate keys $k = Crypt::PK::ECC->new('t/data/cryptx_priv_ecc1.pem'); ok($k, 'load cryptx_priv_ecc1.pem'); ok($k->is_private, 'is_private cryptx_priv_ecc1.pem'); - + $k = Crypt::PK::ECC->new('t/data/cryptx_priv_ecc2.pem'); ok($k, 'load cryptx_priv_ecc2.pem'); ok($k->is_private, 'is_private cryptx_priv_ecc2.pem'); - + $k = Crypt::PK::ECC->new('t/data/cryptx_pub_ecc1.pem'); ok($k, 'load cryptx_pub_ecc1.pem'); ok(!$k->is_private, 'is_private cryptx_pub_ecc1.pem'); - + $k = Crypt::PK::ECC->new('t/data/cryptx_pub_ecc2.pem'); ok($k, 'load cryptx_pub_ecc2.pem'); ok(!$k->is_private, 'is_private cryptx_pub_ecc2.pem'); @@ -70,14 +59,14 @@ sub read_file { for (qw( cryptx_pub_ecc1.der cryptx_pub_ecc1.pem cryptx_pub_ecc2.der cryptx_pub_ecc2.pem )) { $k = Crypt::PK::ECC->new("t/data/$_"); - is($k->export_key_der('public'), read_file("t/data/$_"), 'export_key_der public') if (substr($_, -3) eq "der"); - is($k->export_key_pem('public'), read_file("t/data/$_"), 'export_key_pem public') if (substr($_, -3) eq "pem"); + is($k->export_key_der('public'), read_rawfile("t/data/$_"), 'export_key_der public') if (substr($_, -3) eq "der"); + is($k->export_key_pem('public'), read_rawfile("t/data/$_"), 'export_key_pem public') if (substr($_, -3) eq "pem"); } for (qw( cryptx_priv_ecc1.der cryptx_priv_ecc1.pem cryptx_priv_ecc2.der cryptx_priv_ecc2.pem )) { $k = Crypt::PK::ECC->new("t/data/$_"); - is($k->export_key_der('private'), read_file("t/data/$_"), 'export_key_der private') if (substr($_, -3) eq "der"); - is($k->export_key_pem('private'), read_file("t/data/$_"), 'export_key_pem private') if (substr($_, -3) eq "pem"); + is($k->export_key_der('private'), read_rawfile("t/data/$_"), 'export_key_der private') if (substr($_, -3) eq "der"); + is($k->export_key_pem('private'), read_rawfile("t/data/$_"), 'export_key_pem private') if (substr($_, -3) eq "pem"); } for (qw( openssl_ec1.pub.pem openssl_ec1.pub.der openssl_ec1.pubc.der openssl_ec1.pubc.pem @@ -99,12 +88,12 @@ sub read_file { $pr1->import_key('t/data/cryptx_priv_ecc1.der'); my $pu1 = Crypt::PK::ECC->new; $pu1->import_key('t/data/cryptx_pub_ecc1.der'); - + my $ct = $pu1->encrypt("secret message"); my $pt = $pr1->decrypt($ct); ok(length $ct > 30, 'encrypt ' . length($ct)); is($pt, "secret message", 'decrypt'); - + my $sig = $pr1->sign_message("message"); ok(length $sig > 60, 'sign_message ' . length($sig)); ok($pu1->verify_message($sig, "message"), 'verify_message'); @@ -116,13 +105,13 @@ sub read_file { my $hash = pack("H*","04624fae618e9ad0c5e479f62e1420c71fff34dd"); $sig = $pr1->sign_hash($hash, 'SHA1'); ok(length $sig > 60, 'sign_hash ' . length($sig)); - ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); - + ok($pu1->verify_hash($sig, $hash, 'SHA1'), 'verify_hash'); + my $pr2 = Crypt::PK::ECC->new; $pr2->import_key('t/data/cryptx_priv_ecc2.der'); my $pu2 = Crypt::PK::ECC->new; $pu2->import_key('t/data/cryptx_pub_ecc2.der'); - + my $ss1 = $pr1->shared_secret($pu2); my $ss2 = $pr2->shared_secret($pu1); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); @@ -153,7 +142,7 @@ sub read_file { $sig = ecc_sign_hash('t/data/cryptx_priv_ecc1.der', $hash, 'SHA1'); ok($sig, 'ecc_sign_hash'); ok(ecc_verify_hash('t/data/cryptx_pub_ecc1.der', $sig, $hash, 'SHA1'), 'ecc_verify_hash'); - + my $ss1 = ecc_shared_secret('t/data/cryptx_priv_ecc1.der', 't/data/cryptx_pub_ecc2.der'); my $ss2 = ecc_shared_secret('t/data/cryptx_priv_ecc2.der', 't/data/cryptx_pub_ecc1.der'); is(unpack("H*",$ss1), unpack("H*",$ss2), 'shared_secret'); @@ -168,8 +157,8 @@ for my $priv (qw/openssl_ec-short.pem openssl_ec-short.der/) { is(uc($k->key2hash->{pub_x}), 'A01532A3C0900053DE60FBEFEFCCA58793301598D308B41E6F4E364E388C2711', "key2hash $priv"); is(uc($k->curve2hash->{prime}), 'FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', "curve2hash $priv"); is($k->key2hash->{curve_name}, "secp256r1", "EC curve_name is lowercase"); - is($k->export_key_der('private_short'), read_file($f), 'export_key_der private_oid') if (substr($priv, -3) eq "der"); - is($k->export_key_pem('private_short'), read_file($f), 'export_key_pem private_oid') if (substr($priv, -3) eq "pem"); + is($k->export_key_der('private_short'), read_rawfile($f), 'export_key_der private_oid') if (substr($priv, -3) eq "der"); + is($k->export_key_pem('private_short'), read_rawfile($f), 'export_key_pem private_oid') if (substr($priv, -3) eq "pem"); } for my $pub (qw/openssl_ec-short.pub.pem openssl_ec-short.pub.der/) { @@ -180,8 +169,8 @@ for my $pub (qw/openssl_ec-short.pub.pem openssl_ec-short.pub.der/) { is($k->size, 32, "$pub size"); is(uc($k->key2hash->{pub_x}), 'A01532A3C0900053DE60FBEFEFCCA58793301598D308B41E6F4E364E388C2711', "key2hash $pub"); is($k->key2hash->{curve_name}, "secp256r1", "EC curve_name is lowercase"); - is($k->export_key_der('public_short'), read_file($f), 'export_key_der public_short') if (substr($pub, -3) eq "der"); - is($k->export_key_pem('public_short'), read_file($f), 'export_key_pem public_short') if (substr($pub, -3) eq "pem"); + is($k->export_key_der('public_short'), read_rawfile($f), 'export_key_der public_short') if (substr($pub, -3) eq "der"); + is($k->export_key_pem('public_short'), read_rawfile($f), 'export_key_pem public_short') if (substr($pub, -3) eq "pem"); } { @@ -190,16 +179,24 @@ for my $pub (qw/openssl_ec-short.pub.pem openssl_ec-short.pub.der/) { ok($@, 'key not generated'); # known curves lookup - my $params = $Crypt::PK::ECC::curve{secp384r1}; + my $params = { # NIST P-384 + prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", + A => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", + B => "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", + Gx => "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", + Gy => "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", + order => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", + cofactor => 1, + }; $k = Crypt::PK::ECC->new; ok($k->generate_key($params), "generate_key hash params"); is($k->key2hash->{curve_name}, 'secp384r1', "key2hash curve_name"); - is($k->key2hash->{curve_oid}, $params->{oid}, "key2hash curve_oid"); + is($k->key2hash->{curve_oid}, '1.3.132.0.34', "key2hash curve_oid"); ok($k->export_key_der('private_short'), "export_key_der auto oid"); $k = Crypt::PK::ECC->new; - ok($k->generate_key({ %$params, A => '0' }), "generate_key invalid auto oid"); - is($k->key2hash->{curve_name}, 'custom', "key2hash custom curve_name"); + ok($k->generate_key({ %$params, cofactor => 6 }), "generate_key invalid auto oid"); + ok(!exists($k->key2hash->{curve_name}) || $k->key2hash->{curve_name} eq 'custom', "key2hash custom curve_name"); ok(!exists($k->key2hash->{curve_oid}), "key2hash curve_oid doesn't exist"); eval { $k->export_key_der('private_short'); }; ok($@, "export_key_der invalid auto oid"); diff --git a/t/pk_ecc_test_vectors_openssl.t b/t/pk_ecc_test_vectors_openssl.t index 9569c52..982f869 100644 --- a/t/pk_ecc_test_vectors_openssl.t +++ b/t/pk_ecc_test_vectors_openssl.t @@ -77,7 +77,7 @@ for my $h (@$data) { for my $h (@$data) { my $ec_pri = Crypt::PK::ECC->new->import_key_raw(pack("H*",$h->{PRI}), $h->{CURVE}); my $ec_pub = Crypt::PK::ECC->new->import_key_raw(pack("H*",$h->{PUB}), $h->{CURVE}); - my $ec_pubc = Crypt::PK::ECC->new->import_key_raw(pack("H*",$h->{PUBC}), $h->{CURVE}); + my $ec_pubc = Crypt::PK::ECC->new->import_key_raw(pack("H*",$h->{PUBC}), $h->{CURVE}); is( unpack("H*", $ec_pub ->export_key_raw('public_compressed')), $h->{PUBC}, "$h->{PRI_FILE}/ec_pub public compressed"); is( unpack("H*", $ec_pub ->export_key_raw('public')) , $h->{PUB}, "$h->{PRI_FILE}/ec_pub public uncompressed"); is( unpack("H*", $ec_pubc->export_key_raw('public_compressed')), $h->{PUBC}, "$h->{PRI_FILE}/ec_pubc public compressed"); diff --git a/t/pk_rsa.t b/t/pk_rsa.t index 8105bee..7e49a18 100644 --- a/t/pk_rsa.t +++ b/t/pk_rsa.t @@ -1,6 +1,6 @@ use strict; use warnings; -use Test::More tests => 45; +use Test::More tests => 49; use Crypt::PK::RSA qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash); @@ -16,46 +16,54 @@ use Crypt::PK::RSA qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_messag $k = Crypt::PK::RSA->new('t/data/cryptx_priv_rsa2.der'); ok($k, 'load cryptx_priv_rsa2.der'); ok($k->is_private, 'is_private cryptx_priv_rsa2.der'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_pub_rsa1.der'); ok($k, 'load cryptx_pub_rsa1.der'); ok(!$k->is_private, 'is_private cryptx_pub_rsa1.der'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_pub_rsa2.der'); ok($k, 'load cryptx_pub_rsa2.der'); ok(!$k->is_private, 'is_private cryptx_pub_rsa2.der'); - + $k = Crypt::PK::RSA->new('t/data/openssl_rsa1.der'); ok($k, 'load openssl_rsa1.der'); ok($k->is_private, 'is_private openssl_rsa1.der'); - + $k = Crypt::PK::RSA->new('t/data/openssl_rsa2.der'); ok($k, 'load openssl_rsa2.der'); ok($k->is_private, 'is_private openssl_rsa2.der'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_priv_rsa1.pem'); ok($k, 'load cryptx_priv_rsa1.pem'); ok($k->is_private, 'is_private cryptx_priv_rsa1.pem'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_priv_rsa2.pem'); ok($k, 'load cryptx_priv_rsa2.pem'); ok($k->is_private, 'is_private cryptx_priv_rsa2.pem'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_pub_rsa1.pem'); ok($k, 'load cryptx_pub_rsa1.pem'); ok(!$k->is_private, 'is_private cryptx_pub_rsa1.pem'); - + $k = Crypt::PK::RSA->new('t/data/cryptx_pub_rsa2.pem'); ok($k, 'load cryptx_pub_rsa2.pem'); ok(!$k->is_private, 'is_private cryptx_pub_rsa2.pem'); - + $k = Crypt::PK::RSA->new('t/data/openssl_rsa1.pem'); ok($k, 'load openssl_rsa1.pem'); ok($k->is_private, 'is_private openssl_rsa1.pem'); - + $k = Crypt::PK::RSA->new('t/data/openssl_rsa2.pem'); ok($k, 'load openssl_rsa2.pem'); ok($k->is_private, 'is_private openssl_rsa2.pem'); + + # X509 + $k = Crypt::PK::RSA->new('t/data/openssl_rsa-x509.pem'); + ok($k, 'openssl_rsa-x509.pem'); + ok(!$k->is_private, 'not private openssl_rsa-x509.pem'); + $k = Crypt::PK::RSA->new('t/data/openssl_rsa-x509.der'); + ok($k, 'openssl_rsa-x509.der'); + ok(!$k->is_private, 'not private openssl_rsa-x509.der'); } { @@ -63,12 +71,12 @@ use Crypt::PK::RSA qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_messag $pr1->import_key('t/data/cryptx_priv_rsa1.der'); my $pu1 = Crypt::PK::RSA->new; $pu1->import_key('t/data/cryptx_pub_rsa1.der'); - + my $ct = $pu1->encrypt("secret message"); my $pt = $pr1->decrypt($ct); ok(length $ct > 200, 'encrypt ' . length($ct)); is($pt, "secret message", 'decrypt'); - + my $sig = $pr1->sign_message("message"); ok(length $sig > 60, 'sign_message ' . length($sig)); ok($pu1->verify_message($sig, "message"), 'verify_message'); diff --git a/t/pkcs8.t b/t/pkcs8.t index 96eaef3..feb1a86 100644 --- a/t/pkcs8.t +++ b/t/pkcs8.t @@ -1,6 +1,6 @@ use strict; use warnings; -use Test::More tests => 8; +use Test::More tests => 12; use Crypt::PK::RSA; use Crypt::PK::ECC; @@ -38,7 +38,7 @@ for my $f (qw/pkcs8.rsa-priv-nopass.pem pkcs8.rsa-priv-nopass.der/) { ### XXX-FIXME password protected pkcs8 private keys are not supported ### for my $f (qw/pkcs8.rsa-priv-pass.der pkcs8.rsa-priv-pass.pem/) { -### $rsa->import_key("t/data/$f"); +### $rsa->import_key("t/data/$f", "secret"); ### ok($rsa->is_private, "RSA is_private $f"); ### } @@ -47,8 +47,7 @@ for my $f (qw/pkcs8.ec-short-priv-nopass.der pkcs8.ec-short-priv-nopass.pem pkcs ok($ec->is_private, "ECC is_private $f"); } -### XXX-FIXME password protected pkcs8 private keys are not supported -### for my $f (qw/pkcs8.ec-priv-pass.der pkcs8.ec-priv-pass.pem pkcs8.ec-short-priv-pass.der pkcs8.ec-short-priv-pass.pem/) { -### $ec->import_key("t/data/$f"); -### ok($ec->is_private, "ECC is_private $f"); -### } +for my $f (qw/pkcs8.ec-priv-pass.der pkcs8.ec-priv-pass.pem pkcs8.ec-short-priv-pass.der pkcs8.ec-short-priv-pass.pem/) { + $ec->import_key("t/data/$f", "secret"); + ok($ec->is_private, "ECC is_private $f (pw)"); +} diff --git a/t/prng.t b/t/prng.t index 210d28e..8573f17 100644 --- a/t/prng.t +++ b/t/prng.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/prng_chacha20.t b/t/prng_chacha20.t index f2b8182..e3807cc 100644 --- a/t/prng_chacha20.t +++ b/t/prng_chacha20.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/prng_fortuna.t b/t/prng_fortuna.t index c14a5f9..6b2239c 100644 --- a/t/prng_fortuna.t +++ b/t/prng_fortuna.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/prng_rc4.t b/t/prng_rc4.t index a88ecf4..37c1cfb 100644 --- a/t/prng_rc4.t +++ b/t/prng_rc4.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/prng_sober128.t b/t/prng_sober128.t index 7bb032e..dc5ef24 100644 --- a/t/prng_sober128.t +++ b/t/prng_sober128.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/prng_yarrow.t b/t/prng_yarrow.t index ee43337..c69d004 100644 --- a/t/prng_yarrow.t +++ b/t/prng_yarrow.t @@ -11,42 +11,42 @@ ok($r, 'new'); my $sum = 0; $sum += $r->double for (1..1000); my $avg = $sum/1000; - ok($avg>0.4 && $avg<0.6, "rand $avg"); + ok($avg>0.4 && $avg<0.6, "rand $avg"); } { my $sum = 0; $sum += $r->double(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += $r->int32 for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { my $sum = 0; $sum += rand(80) for (1..1000); my $avg = $sum/1000; - ok($avg>30 && $avg<50, "rand $avg"); + ok($avg>30 && $avg<50, "rand $avg"); } { my $sum = 0; $sum += rand(-180) for (1..1000); my $avg = $sum/1000; - ok($avg>-100 && $avg<-80, "rand $avg"); + ok($avg>-100 && $avg<-80, "rand $avg"); } { my $sum = 0; $sum += irand for (1..1000); my $avg = $sum/1000; - ok($avg>2**30 && $avg<2**32, "rand $avg"); + ok($avg>2**30 && $avg<2**32, "rand $avg"); } { @@ -56,7 +56,7 @@ ok($r, 'new'); like($r->bytes_hex(55), qr/^[0-9A-Fa-f]{110}$/, "bytes_hex"); like($r->bytes_b64(60), qr/^[A-Za-z0-9+\/=]{80}$/, "bytes_b64"); like($r->bytes_b64u(60), qr/^[A-Za-z0-9_-]{80}$/, "bytes_b64u"); - + like(random_string(45), qr/^[A-Z-a-z0-9]+$/, 'string'); like(random_string_from("ABC,.-", 45), qr/^[ABC,\,\.\-]+$/, 'string'); is(length random_bytes(55), 55, "bytes"); diff --git a/t/wycheproof.t b/t/wycheproof.t new file mode 100644 index 0000000..608e848 --- /dev/null +++ b/t/wycheproof.t @@ -0,0 +1,244 @@ +# rebuild: +# rm -f src/liballinone.a && touch CryptX.xs && make && perl -Mblib t/wycheproof.t + +use strict; +use warnings; + +use Test::More; + +plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS }; +plan tests => 1298; + +use CryptX; +use Crypt::Misc 'read_rawfile'; +use Crypt::Digest 'digest_data'; + +if (1) { + use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify); + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/aes_gcm_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; # 1 + my $comment = $t->{comment}; # "" + my $result = $t->{result}; # "valid" + my $aad = pack "H*", $t->{aad}; # "6578616d706c65" + my $ct = pack "H*", $t->{ct}; # "5d349ead175ef6b1def6fd" + my $iv = pack "H*", $t->{iv}; # "752abad3e0afb5f434dc4310" + my $key = pack "H*", $t->{key}; # "ee8e1ed9ff2540ae8f2ba9f50bc2f27c" + my $msg = pack "H*", $t->{msg}; # "48656c6c6f20776f726c64" + my $tag = pack "H*", $t->{tag}; # "4fbcdeb7e4793f4a1d7e4faa70100af1" + # do the test + my ($ct2, $tag2) = eval { gcm_encrypt_authenticate('AES', $key, $iv, $aad, $msg) }; + my $pt2 = eval { gcm_decrypt_verify('AES', $key, $iv, $aad, $ct, $tag) }; + my $testname = "type=$type tcId=$tcId comment='$comment' expected-result=$result"; + if ($result eq 'valid') { + is(unpack("H*", $ct2), $t->{ct}, "$testname CT-v"); + is(unpack("H*", $tag2), $t->{tag}, "$testname TAG-v"); + is(unpack("H*", $pt2), $t->{msg}, "$testname PT-v"); + } + elsif ($result eq 'invalid') { + #isnt(unpack("H*", $ct2), $t->{ct}, "$testname CT-i"); + #isnt(unpack("H*", $tag2), $t->{tag}, "$testname TAG-i"); + is($pt2, undef, "$testname PT-i"); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} + +if (1) { + use Crypt::PK::RSA; + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/rsa_signature_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; + my $keyDer = pack "H*", $g->{keyDer}; + my $keyPem = $g->{keyPem}; + my $sha = $g->{sha}; + $sha =~ s/-//g; # SHA-1 >> SHA1 + ok(Crypt::PK::RSA->new( \$keyDer ), "Crypt::PK::RSA->new + DER type: $type/$sha"); + ok(Crypt::PK::RSA->new( \$keyPem ), "Crypt::PK::RSA->new + PEM type: $type/$sha"); + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; + my $comment = $t->{comment}; + my $result = $t->{result}; + my $message = pack "H*", $t->{message}; + my $sig = pack "H*", $t->{sig}; + # do the test + my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; + my $pk = Crypt::PK::RSA->new( \$keyPem ); + my $valid = $pk->verify_message($sig, $message, $sha,"v1.5"); + if ($result eq 'valid' || $result eq 'acceptable') { + ok($valid, $testname); + } + elsif ($result eq 'invalid') { + ok(!$valid, $testname); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} + +if (1) { + use Crypt::PK::DSA; + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/dsa_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; # "DSAVer" + my $keyDer = pack "H*", $g->{keyDer}; + my $keyPem = $g->{keyPem}; + my $sha = $g->{sha}; # "SHA-1" + $sha =~ s/-//g; # SHA-1 >> SHA1 + ok(Crypt::PK::DSA->new( \$keyDer ), "Crypt::PK::DSA->new + DER type=$type/$sha"); + ok(Crypt::PK::DSA->new( \$keyPem ), "Crypt::PK::DSA->new + PEM type=$type/$sha"); + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; + my $comment = $t->{comment}; + my $result = $t->{result}; + my $message = pack "H*", $t->{message}; + my $sig = pack "H*", $t->{sig}; + # skip unsupported tests: + next if $tcId==12 && $result eq 'acceptable' && $comment eq "Legacy:ASN encoding of s misses leading 0"; + next if $tcId==13 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; + next if $tcId==14 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; + next if $tcId==15 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; + next if $tcId==16 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; + next if $tcId==17 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; + next if $tcId==18 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; + next if $tcId==19 && $result eq 'acceptable' && $comment eq "BER:indefinite length"; + next if $tcId==20 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; + next if $tcId==21 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; + # do the test + my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; + my $pk = Crypt::PK::DSA->new( \$keyPem ); + my $hash = digest_data($sha, $message); + my $valid_h = $pk->verify_hash($sig, $hash); + my $valid = $pk->verify_message($sig, $message, $sha); + if ($result eq 'valid' || $result eq 'acceptable') { + ok($valid, $testname); + } + elsif ($result eq 'invalid') { + ok(!$valid, $testname); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} + +if (1) { + use Crypt::PK::ECC; + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; + my $keyDer = pack "H*", $g->{keyDer}; + my $keyPem = $g->{keyPem}; + my $sha = $g->{sha}; + $sha =~ s/-//g; # SHA-1 >> SHA1 + ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha"); + ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha"); + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; + my $comment = $t->{comment}; + my $result = $t->{result}; + my $message = pack "H*", $t->{message}; + my $sig = pack "H*", $t->{sig}; + # skip unsupported tests: + next if $tcId==9 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; + next if $tcId==10 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; + next if $tcId==12 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; + next if $tcId==13 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; + next if $tcId==14 && $result eq 'acceptable' && $comment eq "BER:indefinite length"; + next if $tcId==15 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; + next if $tcId==16 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; + # do the test + my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; + my $pk = Crypt::PK::ECC->new( \$keyPem ); + my $valid = $pk->verify_message($sig, $message, $sha); + if ($result eq 'valid' || $result eq 'acceptable') { + ok($valid, "$testname verify_message=$valid"); + } + elsif ($result eq 'invalid') { + ok(!$valid, "$testname verify_message=$valid"); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} + +if (1) { + use Crypt::PK::ECC; + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_webcrypto_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; + my $keyDer = pack "H*", $g->{keyDer}; + my $keyPem = $g->{keyPem}; + my $sha = $g->{sha}; + my $jwk = $g->{jwk}; + $sha =~ s/-//g; # SHA-1 >> SHA1 + ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha"); + ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha"); + ok(Crypt::PK::ECC->new( $jwk ), "Crypt::PK::ECC->new + JWK type=$type/$sha"); + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; + my $comment = $t->{comment}; + my $result = $t->{result}; + my $message = pack "H*", $t->{message}; + my $sig = pack "H*", $t->{sig}; + # do the test + my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; + my $pk = Crypt::PK::ECC->new( \$keyPem ); + my $valid = $pk->verify_message_rfc7518($sig, $message, $sha); + if ($result eq 'valid' || $result eq 'acceptable') { + ok($valid, "$testname verify_message=$valid"); + } + elsif ($result eq 'invalid') { + ok(!$valid, "$testname verify_message=$valid"); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} + +if (1) { + use Crypt::PK::ECC; + + my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdh_webcrypto_test.json'; + for my $g (@{$tests->{testGroups}}) { + my $type = $g->{type}; + for my $t (@{$g->{tests}}) { + my $tcId = $t->{tcId}; + my $comment = $t->{comment}; + my $name = $t->{name}; + my $result = $t->{result}; + my $shared = pack "H*", $t->{shared}; + # do the test + my $testname = "type=$type/$name tcId=$tcId comment='$comment' expected-result=$result"; + my $pub = Crypt::PK::ECC->new( $t->{public} ); + my $pri = Crypt::PK::ECC->new( $t->{private} ); + my $shared_hex = unpack "H*", $pri->shared_secret($pub); + if ($result eq 'valid' || $result eq 'acceptable') { + is($shared_hex, $t->{shared}, $testname); + } + elsif ($result eq 'invalid') { + isnt($shared_hex, $t->{shared}, $testname); + } + else { + ok(0, "UNEXPECTED result=$result"); + } + } + } +} diff --git a/t/wycheproof/aes_gcm_test.json b/t/wycheproof/aes_gcm_test.json new file mode 100644 index 0000000..2173922 --- /dev/null +++ b/t/wycheproof/aes_gcm_test.json @@ -0,0 +1,669 @@ +{ + "algorithm": "AES-GCM", + "generatorVersion": "0.0a8", + "numberOfTests": 50, + "testGroups": [ + { + "ivSize": 96, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "", + "ct": "26073cc1d851beff176384dc9896d5ff", + "iv": "028318abc1824029138141a2", + "key": "5b9604fe14eadba931b0ccf34843dab9", + "msg": "001d0c231287c1182784554ca3a21908", + "result": "valid", + "tag": "0a3ea7a5487cb5f7d70fb6c58d038554", + "tcId": 1 + }, + { + "aad": "00112233445566778899aabbccddeeff", + "comment": "", + "ct": "49d8b9783e911913d87094d1f63cc765", + "iv": "921d2507fa8007b7bd067d34", + "key": "5b9604fe14eadba931b0ccf34843dab9", + "msg": "001d0c231287c1182784554ca3a21908", + "result": "valid", + "tag": "1e348ba07cca2cf04c618cb4d43a5b92", + "tcId": 2 + }, + { + "aad": "aac39231129872a2", + "comment": "", + "ct": "eea945f3d0f98cc0fbab472a0cf24e87", + "iv": "0432bc49ac34412081288127", + "key": "aa023d0478dcb2b2312498293d9a9129", + "msg": "2035af313d1346ab00154fea78322105", + "result": "valid", + "tag": "4bb9b4812519dadf9e1232016d068133", + "tcId": 3 + }, + { + "aad": "", + "comment": "", + "ct": "ff", + "iv": "327182bee515d2b15f949477", + "key": "dc25a94c28b9d18a6468f41428fae84d", + "msg": "6f", + "result": "valid", + "tag": "62870f416e1fb63486127df9555ebcdb", + "tcId": 4 + }, + { + "aad": "", + "comment": "", + "ct": "4bd185849ab0f4d0", + "iv": "0cfe85626ce523b3204ca873", + "key": "bd6ffed2d59c492aec86368e02f6baeb", + "msg": "3c3b3a363f3a504e", + "result": "valid", + "tag": "742f379ab07b2c8c0c0eff4ce9327218", + "tcId": 5 + }, + { + "aad": "", + "comment": "", + "ct": "11afae2b91b71126e31d868e3482f907", + "iv": "5fe1b8445d7a2bce3ffd01c5", + "key": "6b21264d4ffdaa70021f6ea94f3f7729", + "msg": "6538395b746031796f5b60303261684e", + "result": "valid", + "tag": "b5133f5ce864f55641c121fb48c77e8c", + "tcId": 6 + }, + { + "aad": "", + "comment": "", + "ct": "ca741e2b8f4bfb75f3a897869664982be5e1feb1c3588621", + "iv": "1e0055ab643fe8d851f27501", + "key": "3f89802f2f430d027d9d27ab10095a1e", + "msg": "78446a4e313d634d524834637040456b793c6e4d4166544c", + "result": "valid", + "tag": "ab9a540db92381a4768ea81f08230100", + "tcId": 7 + }, + { + "aad": "15", + "comment": "", + "ct": "fa2ac3a4d15e01d64b642c4dc75f95e0", + "iv": "2071ec1a1d0ff802349fc01b", + "key": "f08afe018379b19417388302c3508983", + "msg": "566464646d4639476d5e4673653e3838", + "result": "valid", + "tag": "d95cea01fafb2c8c21cebfcbc412f87a", + "tcId": 8 + }, + { + "aad": "0b2bc21ab1fbff11e376e1a65ca2a1", + "comment": "", + "ct": "1e3373677b4615745a57ce43c0874702", + "iv": "460b321e66c90ae86f878da7", + "key": "7c7337a75c47230f579ff763e544b63b", + "msg": "4c565d4051404f4f35633a63455d7676", + "result": "valid", + "tag": "6c0314734528fe2863f2dc16f313e5ff", + "tcId": 9 + }, + { + "aad": "2eb61446950c83695522fdeb92220645", + "comment": "", + "ct": "107150b5349540a6b953c033d3ed0eec", + "iv": "787c817bf07a25ec613f4fbb", + "key": "9bd978c97f84c67e967a6dc71a9dd29a", + "msg": "4d36343f6e38716e476476394764635b", + "result": "valid", + "tag": "87ec1d4fee69de2efe606138b99a1c56", + "tcId": 10 + }, + { + "aad": "62a76634d40bb93ce8bd140e418bf88f002e1b88396511f5ddd9b099abe7b722", + "comment": "", + "ct": "8e0b9ca71471c5d509167fb138d65834", + "iv": "da22d5718083aee0b1ecf18c", + "key": "a3b604ee4889e9986b1d760779acb0da", + "msg": "453b3b34344076413d3b5b46373f725c", + "result": "valid", + "tag": "7cc68eb3039691eeea5b211c9f39244a", + "tcId": 11 + }, + { + "aad": "", + "comment": "special case", + "ct": "f62d84d649e56bc8cfedc5d74a51e2f7", + "iv": "000000000000000000000000", + "key": "00112233445566778899aabbccddeeff", + "msg": "ebd4a3e10cf6d41c50aeae007563b072", + "result": "valid", + "tag": "ffffffffffffffffffffffffffffffff", + "tcId": 12 + }, + { + "aad": "", + "comment": "special case", + "ct": "431f31e6840931fd95f94bf88296ff69", + "iv": "ffffffffffffffffffffffff", + "key": "00112233445566778899aabbccddeeff", + "msg": "d593c4d8224f1b100c35e4f6c4006543", + "result": "valid", + "tag": "00000000000000000000000000000000", + "tcId": 13 + }, + { + "aad": "", + "comment": "special case", + "ct": "d8eba6a5a03403851abc27f6e15d84c0", + "iv": "00112233445566778899aabb", + "key": "00112233445566778899aabbccddeeff", + "msg": "7fd49ba712d0d28f02ef54ed18db43f8", + "result": "valid", + "tag": "00000000000000000000000000000000", + "tcId": 14 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 64, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "aac39231129872a2", + "comment": "", + "ct": "64c36bb3b732034e3a7d04efc5197785", + "iv": "0432bc49ac344120", + "key": "aa023d0478dcb2b2312498293d9a9129", + "msg": "2035af313d1346ab00154fea78322105", + "result": "valid", + "tag": "b7d0dd70b00d65b97cfd080ff4b819d1", + "tcId": 15 + }, + { + "aad": "", + "comment": "unusual IV size", + "ct": "553763110458769a08e3c5d9", + "iv": "22117438f0762c77", + "key": "b215270c3e1055888599f1e5f6188e57", + "msg": "7675613a6c356e663d483264", + "result": "valid", + "tag": "14fed4270ed847fec690988c729672d1", + "tcId": 16 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 128, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "1a0293d8f90219058902139013908190bc490890d3ff12a3", + "comment": "", + "ct": "64069c2d58690561f27ee199e6b479b6369eec688672bde9", + "iv": "3254202d854734812398127a3d134421", + "key": "2034a82547276c83dd3212a813572bce", + "msg": "02efd2e5782312827ed5d230189a2a342b277ce048462193", + "result": "valid", + "tag": "9b7abadd6e69c1d9ec925786534f5075", + "tcId": 17 + }, + { + "aad": "", + "comment": "J0:000102030405060708090a0b0c0d0e0f", + "ct": "00078d109d92143fcd5df56721b884fac64ac7762cc09eea2a3c68e92a17bdb575f87bda18be564e", + "iv": "f95fde4a751913202aeeee32a0b55753", + "key": "00112233445566778899aabbccddeeff", + "msg": "00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "result": "valid", + "tag": "152a65045fe674f97627427af5be22da", + "tcId": 18 + }, + { + "aad": "", + "comment": "J0:00000000000000000000000000000000", + "ct": "84d4c9c08b4f482861e3a9c6c35bc4d91df927374513bfd49f436bd73f325285daef4ff7e13d46a6", + "iv": "7b95b8c356810a84711d68150a1b7750", + "key": "00112233445566778899aabbccddeeff", + "msg": "00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "result": "valid", + "tag": "213a3cb93855d18e69337eee66aeec07", + "tcId": 19 + }, + { + "aad": "", + "comment": "J0:ffffffffffffffffffffffffffffffff", + "ct": "948ca37a8e6649e88aeffb1c598f3607007702417ea0e0bc3c60ad5a949886de968cf53ea6462aed", + "iv": "1a552e67cdc4dc1a33b824874ebf0bed", + "key": "00112233445566778899aabbccddeeff", + "msg": "00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "result": "valid", + "tag": "99b381bfa2af9751c39d1b6e86d1be6a", + "tcId": 20 + }, + { + "aad": "", + "comment": "J0:000102030405060708090a0bffffffff", + "ct": "127af9b39ecdfc57bb11a2847c7c2d3d8f938f40f877e0c4af37d0fe9af033052bd537c4ae978f60", + "iv": "99821c2dd5daecded07300f577f7aff1", + "key": "00112233445566778899aabbccddeeff", + "msg": "00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "result": "valid", + "tag": "07eb2fe4a958f8434d40684899507c7c", + "tcId": 21 + }, + { + "aad": "", + "comment": "J0:000102030405060708090a0bfffffffe", + "ct": "0cf6ae47156b14dce03c8a07a2e172b1127af9b39ecdfc57bb11a2847c7c2d3d8f938f40f877e0c4", + "iv": "5e4a3900142358d1c774d8d124d8d27d", + "key": "00112233445566778899aabbccddeeff", + "msg": "00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "result": "valid", + "tag": "f145c2dcaf339eede427be934357eac0", + "tcId": 22 + }, + { + "aad": "", + "comment": "special case", + "ct": "1cd5a06214235ceb044d4bad7b047312", + "iv": "ffffffffffffffffffffffffffffffff", + "key": "00112233445566778899aabbccddeeff", + "msg": "4d82639c39d3f3490ee903dd0be7afcf", + "result": "valid", + "tag": "ffffffffffffffffffffffffffffffff", + "tcId": 23 + }, + { + "aad": "", + "comment": "unusual IV size", + "ct": "d6db136eb9bd4cdaf0bd1913", + "iv": "44b926c2a249611e14475b6cfe4d7dae", + "key": "c79117e417d6d45e37a52441cbfaa47b", + "msg": "623734365060575b423b303a", + "result": "valid", + "tag": "54132cb206112184c889e1f15b83fe1f", + "tcId": 24 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 96, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "00000000ffffffff", + "comment": "", + "ct": "e27abdd2d2a53d2f136b", + "iv": "00112233445566778899aabb", + "key": "92ace3e348cd821092cd921aa3546374299ab46209691bc28b8752d17f123c20", + "msg": "00010203040506070809", + "result": "valid", + "tag": "9a4a2579529301bcfb71c78d4060f52c", + "tcId": 25 + }, + { + "aad": "aabbccddeeff", + "comment": "", + "ct": "", + "iv": "00112233445566778899aabb", + "key": "29d3a44f8723dc640239100c365423a312934ac80239212ac3df3421a2098123", + "msg": "", + "result": "valid", + "tag": "2a7d77fa526b8250cb296078926b5020", + "tcId": 26 + }, + { + "aad": "", + "comment": "", + "ct": "11", + "iv": "61de8c2f27065bb3f1235d55", + "key": "a68e06009f0c9630fed700e67d4960378cc1c86ae6cc79a6ac6a9042bf83039a", + "msg": "7a", + "result": "valid", + "tag": "05402b6d9671f281c34848fed708da8b", + "tcId": 27 + }, + { + "aad": "", + "comment": "", + "ct": "aecefdde647dbfd9", + "iv": "27f3c472caf75d6102ef5f0d", + "key": "fe65ab5e97e2adff16bb5cf71f31d09754ce2a246aeaedc5647afb54dce7b68d", + "msg": "493d425c4b3f6d51", + "result": "valid", + "tag": "02af89a1eadcb29077a26203314a7dc3", + "tcId": 28 + }, + { + "aad": "", + "comment": "", + "ct": "3ddf2af410318b26750139bf4ec13460", + "iv": "6f5485754cd243aecd2c9e43", + "key": "9c6edc8b05d7bceb455a6b915f16f117e244ff788a8c20c25fd6e0a49566d781", + "msg": "5031613a625a7348753b323c4f3f7835", + "result": "valid", + "tag": "4e4bc7648e7fb0976c4cb9c2fb3ca540", + "tcId": 29 + }, + { + "aad": "", + "comment": "", + "ct": "28bbe0d13c0f43422df882a2dc9e011b4d4fd5bc9e73c515", + "iv": "3d3f629413e65f8b6e55ec8e", + "key": "c786bc3074dad0f11efecfd24dd9f9df9fec79161d1ffd5acb18fc69fe3f3e0f", + "msg": "635569643f32513f655a6e5c423547744259725e454b616d", + "result": "valid", + "tag": "bbf623568c0bd3b94b5201af8711a8d2", + "tcId": 30 + }, + { + "aad": "45", + "comment": "", + "ct": "69c3ee7e6d4bae0d747164980d6b9b0c", + "iv": "c0dfc8a34a8c946504f882c5", + "key": "44a85d703964debdf04efe8748c7953da193ecd7ce4453673d86b96c5a1b3154", + "msg": "5a416a725a6d69746269316f6c747566", + "result": "valid", + "tag": "5221ece0acc54017981f0cdad17839b2", + "tcId": 31 + }, + { + "aad": "e19b62570639e9329109d81795f82f", + "comment": "", + "ct": "54d25cd9f65a56ee17a4cb88fbc7489d", + "iv": "6f6a2fc05f916819550e1ec0", + "key": "afc8d84a39c7b984670d42712c1e6b86aa8bf9458e20054da9aa4de627aadb69", + "msg": "45353c45306243584277445f317a355a", + "result": "valid", + "tag": "8e535d739362959710ec3ddb486e8bc2", + "tcId": 32 + }, + { + "aad": "d0468a40ded0439cdf41cfa5662181d8", + "comment": "", + "ct": "ec23144c64749090e581928d86681f3e", + "iv": "b74599e72c0309e162658615", + "key": "62f210a5cdfaa9c341c5c25ca1510fbbe611d433091d064eb62dbbcfbc95f15b", + "msg": "5a6551343a4b45685c49795b5a557449", + "result": "valid", + "tag": "ce0594dabb2b4db89460e085bc44e684", + "tcId": 33 + }, + { + "aad": "6387afe729e73233e3860de9c1a6617b37bab1eedaba9fcb53618e7eac3d8009", + "comment": "", + "ct": "fcfc653448912e1d9f5413dc92c7678b", + "iv": "74852c78eb5a479ec8620ae4", + "key": "34135b6afae2248312d68c1e28db5a4cbbfd3ccc5b4aab357353bd2541d45c59", + "msg": "34356b523f4a6d5c3237325043353e50", + "result": "valid", + "tag": "1b3acf71c1fdcfa8d61d585d10004f6d", + "tcId": 34 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 96, + "keySize": 192, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "", + "ct": "7a", + "iv": "e6bfc54c87a8e2a9b539eedb", + "key": "6c7a0c4c8515ed6c7d4eca4916bb0c8362d282afeacbe3f9", + "msg": "3c", + "result": "valid", + "tag": "106daeade85585d997e65bc4564fe125", + "tcId": 35 + }, + { + "aad": "", + "comment": "", + "ct": "16f812c2be4121b6", + "iv": "6d7baec9ed558f82aa1128cd", + "key": "35a0d16c02ec630e360e9d7243a82c76ac36668c0b59413e", + "msg": "5c513c3a74763674", + "result": "valid", + "tag": "f35ba677c07a76aea8e70a81918d35cf", + "tcId": 36 + }, + { + "aad": "", + "comment": "", + "ct": "21c250e0f28c494c944bd1345d6daa51", + "iv": "cffd1a7e8d52cf3c0c4bbb8e", + "key": "ddeb7f10bbd1b82c115165e6c1547d224e3449933ea3bfe9", + "msg": "526a3b4e7472324a5b3a5b553b4b443f", + "result": "valid", + "tag": "bbaea6623cf22328efcd21bf3656987e", + "tcId": 37 + }, + { + "aad": "", + "comment": "", + "ct": "034c477eee703e11b0f354d5912c16fd512c69cccbc22211", + "iv": "56f2119df4070d2e767861e8", + "key": "b567dc2ed4684ccfb582d80ff9b15ef520a325f0b8201cdc", + "msg": "306c3e337a60677956536e346472534679707a6552624e3f", + "result": "valid", + "tag": "d8ecc0925d544d9e2906504e4f006bea", + "tcId": 38 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 120, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "fde7899c326af98d67b07890", + "iv": "ca2a23ea38e82a4304021e0984800c", + "key": "a9ded7b2cbce3621d310006444ce80a3", + "msg": "665470423738756779357345", + "result": "valid", + "tag": "a545ed6b98a8b49c6588232e3d876de7", + "tcId": 39 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 160, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "35a123fa123571aa0d242a66", + "iv": "9ce715dd2a59b4a6bf7451c7a144b97f3e62c0a0", + "key": "1e7cc3c9116b0a2d25154e1f4ae97796", + "msg": "6c74623b3346665333613c3d", + "result": "valid", + "tag": "831a00839d8c008c9d1cb0f9a8d17255", + "tcId": 40 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 64, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "99add354679e324c3277506c", + "iv": "bd3b080f33229c69", + "key": "b22f6e946ab41994781b4bfff1e3f44e3daaf4d9ad788bbfa39a8caa2bc112cf", + "msg": "3b353b365e37784a5833354c", + "result": "valid", + "tag": "174fd057b60654548d833f9d6d9626e8", + "tcId": 41 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 120, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "992b01084e37fbe3a6cfd456", + "iv": "479e398a4805a347a5c4c16ddfe621", + "key": "0d20b8ef8b05c48f691a5dd9b49b6c0637aee0567257b6c3ce35a5823c337294", + "msg": "527979696037335d553a4767", + "result": "valid", + "tag": "1cd717548e768aa0f9932311d443bf0e", + "tcId": 42 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 128, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "fa93631a76a63d8096bb11f3", + "iv": "ad581e8f55a8d283f0dfebae9d0c6484", + "key": "cc4a246cb3e166c194e59f465db9adf92a8974cd472744c062728ccbae687aac", + "msg": "6b4d3e67695a79544b725046", + "result": "valid", + "tag": "fb1c7f1c3d5c0155ae18eb9bc13f7758", + "tcId": 43 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 160, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "unusual IV size", + "ct": "b35920ed04f6a7dcf8d075a9", + "iv": "3293e555aa1cb29f839d571e811b8e84807a0031", + "key": "3a95937dd23f0997fae31a26821d99e8e338016c05ad30718f41fa04aced12f8", + "msg": "5578554a61324e4c3142483a", + "result": "valid", + "tag": "fa0c75f97432e5ef97445ccf99a90231", + "tcId": 44 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 0, + "keySize": 128, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "", + "iv": "", + "key": "b1e11d771f1ea274a3386d3879738d64", + "msg": "", + "result": "invalid", + "tag": "ec5c4805da277942d7ad6ea2d212d909", + "tcId": 45 + }, + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "8766b19d2e07b51ddfe8c85ea440ee2e", + "iv": "", + "key": "fb6c0503a1cd5219a2d5daa2e32a1520", + "msg": "446e39493339594b7247494d41344739", + "result": "invalid", + "tag": "5154e473735b026452a57060f3be5f66", + "tcId": 46 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 0, + "keySize": 192, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "", + "iv": "", + "key": "0955fa25af91994f0407ff1e2f3b09af4074c13fbba6aa0b", + "msg": "", + "result": "invalid", + "tag": "bec27fcd432323a3162cbcfc4a4ae53b", + "tcId": 47 + }, + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "a284cb5110f73225954d0a74fc24b024", + "iv": "", + "key": "0750d0d5d4df4985fcc726177e6b325e90c7e9c5f4922e43", + "msg": "793b50665c4c79647534646231496748", + "result": "invalid", + "tag": "8fe5ddb632fa6d72af5fe114c95bcaa3", + "tcId": 48 + } + ], + "type": "AES-GCM" + }, + { + "ivSize": 0, + "keySize": 256, + "tagSize": 128, + "tests": [ + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "", + "iv": "", + "key": "57163950d52c957068dc2ae7184911402887458e65ae212e54369eac864376a8", + "msg": "", + "result": "invalid", + "tag": "6397e0239baa358c90bc5a8bb69d3330", + "tcId": 49 + }, + { + "aad": "", + "comment": "0 size IV is not valid", + "ct": "77bbd2bc21a7cb2f1b62510a659db421", + "iv": "", + "key": "c242c762169e049fa7952d14123f61add08f9cd3cdb0784d7241f073244f0580", + "msg": "3669513131313f386240783b573b666f", + "result": "invalid", + "tag": "b2015bf3387d68cd2e9785d0b8bc46c8", + "tcId": 50 + } + ], + "type": "AES-GCM" + } + ] +} diff --git a/t/wycheproof/dsa_test.json b/t/wycheproof/dsa_test.json new file mode 100644 index 0000000..a3c78c6 --- /dev/null +++ b/t/wycheproof/dsa_test.json @@ -0,0 +1,1494 @@ +{ + "algorithm" : "DSA", + "generatorVersion" : "0.0a10", + "numberOfTests" : 206, + "testGroups" : [ + { + "keyDer" : "3081f03081a806072a8648ce38040130819c024100fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17021500962eddcc369cba8ebb260ee6b6a126d9346e38c50240678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca403430002407cc153f191171bdf13b6541c07dc611debc41efa18e1df5c2e42c2612e0e936abdcc28e66ce73bdedf449b5d39ec8e509a4767907345f38710638abe5c316ce5", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIHwMIGoBgcqhkjOOAQBMIGcAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII\n864WF64B81uRpH5t9jQTxeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqO\nuyYO5rahJtk0bjjFAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUD\nC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykA0MAAkB8wVPxkRcb3xO2VBwH\n3GEd68Qe+hjh31wuQsJhLg6Tar3MKOZs5zve30SbXTnsjlCaR2eQc0XzhxBjir5c\nMWzl\n-----END PUBLIC KEY-----", + "sha" : "SHA-1", + "type" : "DSAVer", + "key" : { + "g" : "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", + "keyType" : "DSA public key", + "p" : "0fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", + "q" : "0962eddcc369cba8ebb260ee6b6a126d9346e38c5", + "y" : "7cc153f191171bdf13b6541c07dc611debc41efa18e1df5c2e42c2612e0e936abdcc28e66ce73bdedf449b5d39ec8e509a4767907345f38710638abe5c316ce5" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "302c021426184de880bd04090541530d4951dffb2200b2cf02143c2cfef8b2c62eb572547f173fb4973ac7225207", + "tcId" : 1 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "302c02141c71bdda8343c3b8c8503772a3dca7f5ebc3e018021421c7aff53838a6ee5fdf4c4b66f7ae67241021f1", + "tcId" : 2 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "302c02142b6a1d97f043cf8ac1574af5eae78b3d01e444e80214787affc9a23bf98848ccb99a0339ef9ec7ae767e", + "tcId" : 3 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "302d02150087e0e4ae54fe9fa55abe4914380dccd7d546eee902147a075d0115c06d17194665739ab713a0734b3d36", + "tcId" : 4 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "302c02144ce8e8d2abb5f230a5fdcf6f2d8f81bb1b80ed5502140d63dbfd1100d3caf0580d93101f21e699633a56", + "tcId" : 5 + } + ] + }, + { + "keyDer" : "308203423082023506072a8648ce3804013082022802820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d0282010016a65c58204850704e7502a39757040d34da3a3478c154d4e4a5c02d242ee04f96e61e4bd0904abdac8f37eeb1e09f3182d23c9043cb642f88004160edf9ca09b32076a79c32a627f2473e91879ba2c4e744bd2081544cb55b802c368d1fa83ed489e94e0fa0688e32428a5c78c478c68d0527b71c9a3abb0b0be12c44689639e7d3ce74db101a65aa2b87f64c6826db3ec72f4b5599834bb4edb02f7c90e9a496d3a55d535bebfc45d4f619f63f3dedbb873925c2f224e07731296da887ec1e4748f87efb5fdeb75484316b2232dee553ddaf02112b0d1f02da30973224fe27aeda8b9d4b2922d9ba8be39ed9e103a63c52810bc688b7e2ed4316e1ef17dbde0382010500028201001e77f842b1ae0fcd9929d394161d41e14614ff7507a9a31f4a1f14d22e2a627a1f4e596624883f1a5b168e9425146f22d5f6ee28757414714bb994ba1129f015d6e04a717edf9b530a5d5cab94f14631e8b4cf79aeb358cc741845553841e8ac461630e804a62f43676ba6794af66899c377b869ea612a7b9fe6611aa96be52eb8b62c979117bbbcca8a7ec1e1ffab1c7dfcfc7048700d3ae3858136e897701d7c2921b5dfef1d1f897f50d96ca1b5c2edc58cada18919e35642f0807eebfa00c99a32f4d095c3188f78ed54711be0325c4b532aeccd6540a567c327225440ea15319bde06510479a1861799e25b57decc73c036d75a0702bd373ca231349931", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIIDQjCCAjUGByqGSM44BAEwggIoAoIBAQCPeTXZuarpv6vtiHrPSVG28y7Fnjuv\nNxjo6sSWHz79NgbnQ1GpxBgzObgJ58KuHFObp0dbhdARrbi0eYd1SYRpXKwOjxSz\nNggooi/6JxEKPWKpk0U0CaD+aWxGWPhL3SCBnDcJoBBXsZWtzQAjPbpUhLYpH51k\njviDRIZ3l5zsBLQ0pqwudemYXeI9sCkvwRGMn/qdgYHnM423krcw17njSVkvaAmY\nchU5Feo9a4tGU8YzRY+AOzKkwuDycpAlbk4/ijsIOKHEUOThjBopo33fXqFD3ktm\n/wSQPtXPFiPhWNSHxgjpfyEc2B3KI8tuOAdl+CLjQr5ITAV2OTlgHNZnAh0AuvaW\npoV499/e5/pnyXfHhe8ysjO65YDAvNVpXQKCAQAWplxYIEhQcE51AqOXVwQNNNo6\nNHjBVNTkpcAtJC7gT5bmHkvQkEq9rI837rHgnzGC0jyQQ8tkL4gAQWDt+coJsyB2\np5wypifyRz6Rh5uixOdEvSCBVEy1W4AsNo0fqD7UielOD6BojjJCilx4xHjGjQUn\ntxyaOrsLC+EsRGiWOefTznTbEBplqiuH9kxoJts+xy9LVZmDS7TtsC98kOmkltOl\nXVNb6/xF1PYZ9j897buHOSXC8iTgdzEpbaiH7B5HSPh++1/et1SEMWsiMt7lU92v\nAhErDR8C2jCXMiT+J67ai51LKSLZuovjntnhA6Y8UoELxoi34u1DFuHvF9veA4IB\nBQACggEAHnf4QrGuD82ZKdOUFh1B4UYU/3UHqaMfSh8U0i4qYnofTllmJIg/GlsW\njpQlFG8i1fbuKHV0FHFLuZS6ESnwFdbgSnF+35tTCl1cq5TxRjHotM95rrNYzHQY\nRVU4QeisRhYw6ASmL0Nna6Z5SvZomcN3uGnqYSp7n+ZhGqlr5S64tiyXkRe7vMqK\nfsHh/6scffz8cEhwDTrjhYE26JdwHXwpIbXf7x0fiX9Q2WyhtcLtxYytoYkZ41ZC\n8IB+6/oAyZoy9NCVwxiPeO1UcRvgMlxLUyrszWVApWfDJyJUQOoVMZveBlEEeaGG\nF5niW1fezHPANtdaBwK9NzyiMTSZMQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-224", + "type" : "DSAVer", + "key" : { + "g" : "16a65c58204850704e7502a39757040d34da3a3478c154d4e4a5c02d242ee04f96e61e4bd0904abdac8f37eeb1e09f3182d23c9043cb642f88004160edf9ca09b32076a79c32a627f2473e91879ba2c4e744bd2081544cb55b802c368d1fa83ed489e94e0fa0688e32428a5c78c478c68d0527b71c9a3abb0b0be12c44689639e7d3ce74db101a65aa2b87f64c6826db3ec72f4b5599834bb4edb02f7c90e9a496d3a55d535bebfc45d4f619f63f3dedbb873925c2f224e07731296da887ec1e4748f87efb5fdeb75484316b2232dee553ddaf02112b0d1f02da30973224fe27aeda8b9d4b2922d9ba8be39ed9e103a63c52810bc688b7e2ed4316e1ef17dbde", + "keyType" : "DSA public key", + "p" : "08f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "q" : "0baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "y" : "1e77f842b1ae0fcd9929d394161d41e14614ff7507a9a31f4a1f14d22e2a627a1f4e596624883f1a5b168e9425146f22d5f6ee28757414714bb994ba1129f015d6e04a717edf9b530a5d5cab94f14631e8b4cf79aeb358cc741845553841e8ac461630e804a62f43676ba6794af66899c377b869ea612a7b9fe6611aa96be52eb8b62c979117bbbcca8a7ec1e1ffab1c7dfcfc7048700d3ae3858136e897701d7c2921b5dfef1d1f897f50d96ca1b5c2edc58cada18919e35642f0807eebfa00c99a32f4d095c3188f78ed54711be0325c4b532aeccd6540a567c327225440ea15319bde06510479a1861799e25b57decc73c036d75a0702bd373ca231349931" + }, + "tests" : [ + { + "comment" : "valid", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 6 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c5970bf65c8cd0da10edfe80430ab0b456cefbc3913116a31f024f240021c58ca06a899c7fadedb2d31abf917f9de2e4b97d1b3c323de04fd519d", + "tcId" : 7 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021c00ff3f02204b98d07a502c00ff8a59a41497c38f5193e68ccc16d080021d00b51491eae8112ce48ed85896ba2632cd90fd02e83a7a17a420157b0e", + "tcId" : 8 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021c39fcb3f986c4fb681f2f5d4a50dd9b3b898ca8df674fbf2760666294021d00b0205076df3997e815fefa0a20e33700460ec66f53415799eb58802a", + "tcId" : 9 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303e021d008588cdf67cff154f19b9007b0b9e8149902c24771435c02c807713e5021d008595d7291eabc7bd81dc7566544e8abba81b764d4edb0dc619cf14c0", + "tcId" : 10 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c521c90b08df83c821e329c7275b88648a9c16031b3acd223806a61bd021c6443cc6666b43702f1a158430ce20529883b03e02ce2d6869c62084e", + "tcId" : 11 + }, + { + "comment" : "Legacy:ASN encoding of s misses leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021cade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 12 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "30813d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 13 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303e02811c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 14 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd02811d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 15 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3082003d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 16 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303f0282001c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 17 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0282001d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 18 + }, + { + "comment" : "BER:indefinite length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3080021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 19 + }, + { + "comment" : "BER:prepending 0's to integer", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303f021e00001e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 20 + }, + { + "comment" : "BER:prepending 0's to integer", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021f000000ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 21 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 22 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 23 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021d1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 24 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021b1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 25 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021e00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 26 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021c00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 27 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3085010000003d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 28 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30420285010000001c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 29 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3042021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0285010000001d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 30 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "308901000000000000003d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 31 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046028901000000000000001c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 32 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd028901000000000000001d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 33 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30847fffffff021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 34 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304102847fffffff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 35 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd02847fffffff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 36 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3084ffffffff021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 37 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30410284ffffffff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 38 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0284ffffffff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 39 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3085ffffffffff021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 40 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30420285ffffffffff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 41 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3042021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0285ffffffffff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 42 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3088ffffffffffffffff021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 43 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30450288ffffffffffffffff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 44 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0288ffffffffffffffff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 45 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30ff021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 46 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d02ff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 47 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd02ff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 48 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3080021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 49 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d02801e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 50 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd028000ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 51 + }, + { + "comment" : "removing sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "", + "tcId" : 52 + }, + { + "comment" : "appending 0's to sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 53 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f0000021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 54 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 55 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0000021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 56 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360500", + "tcId" : 57 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021e1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0500021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 58 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021f00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360500", + "tcId" : 59 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3042498177303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 60 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30412500303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 61 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360004deadbeef", + "tcId" : 62 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30422221498177021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 63 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304122202500021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 64 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045221e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0004deadbeef021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 65 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3042021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2222498177021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 66 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd22212500021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 67 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd221f021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360004deadbeef", + "tcId" : 68 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045aa00bb00cd00303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 69 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3043aa02aabb303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 70 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30452224aa00bb00cd00021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 71 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30432222aa02aabb021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 72 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2225aa00bb00cd00021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 73 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3043021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2223aa02aabb021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 74 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3080303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 75 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30412280021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0000021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 76 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2280021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 77 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3080313d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 78 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30412280031c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0000021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 79 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2280031d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 80 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "2e3d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 81 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "323d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 82 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ff3d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 83 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d001c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 84 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d041c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 85 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303dff1c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 86 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd001d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 87 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd041d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 88 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cdff1d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 89 + }, + { + "comment" : "dropping value of sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3000", + "tcId" : 90 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041300102303c1c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 91 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041222002011e021b41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 92 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3041021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd2221020100021cade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 93 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862", + "tcId" : 94 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c1c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 95 + }, + { + "comment" : "prepend empty sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f3000021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 96 + }, + { + "comment" : "append empty sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862363000", + "tcId" : 97 + }, + { + "comment" : "sequence of sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 98 + }, + { + "comment" : "truncated sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "301e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd", + "tcId" : 99 + }, + { + "comment" : "repeat element in sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "305c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 100 + }, + { + "comment" : "removing integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "301f021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 101 + }, + { + "comment" : "appending 0's to integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021e1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0000021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 102 + }, + { + "comment" : "appending 0's to integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021f00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000", + "tcId" : 103 + }, + { + "comment" : "dropping value of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30210200021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 104 + }, + { + "comment" : "dropping value of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3020021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0200", + "tcId" : 105 + }, + { + "comment" : "modify first byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1f41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 106 + }, + { + "comment" : "modify first byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d01ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 107 + }, + { + "comment" : "modify last byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cc021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 108 + }, + { + "comment" : "modify last byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786237", + "tcId" : 109 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021b1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 110 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021b41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 111 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021c00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862", + "tcId" : 112 + }, + { + "comment" : "leading ff in integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021dff1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 113 + }, + { + "comment" : "leading ff in integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021eff00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 114 + }, + { + "comment" : "infinity", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022090180021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 115 + }, + { + "comment" : "infinity", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3021021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd090180", + "tcId" : 116 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00d9384b2032d060e59848f87cb4535936bc25fa77959e96d7f88e332a021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 117 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021dff634b1dd327de7125da7903ad2163ca2addc096101fd395567ee36070021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 118 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021ce1be4b8652a896fa469f01eb15246e4f330cb7bc2546e9e8c4473633021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 119 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d009cb4e22cd8218eda2586fc52de9c35d5223f69efe02c6aa9811c9f90021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 120 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021dff26c7b4dfcd2f9f1a67b707834baca6c943da05886a6169280771ccd6021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 121 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d011e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 122 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00e1be4b8652a896fa469f01eb15246e4f330cb7bc2546e9e8c4473633021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe8786236", + "tcId" : 123 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d0168dcf02f57b0caef7ddc183bee1ca94ee09c1a02ee4b0200a54dcb93", + "tcId" : 124 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021cf2efc2e24cbedb2fc00c236c5b2d1a430236b59b7880007f2ba2f8d9", + "tcId" : 125 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021dff5219a6772dc82cf0610be22bdb5b1e370e969830cc9a7ec017879dca", + "tcId" : 126 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021c0d103d1db34124d03ff3dc93a4d2e5bcfdc94a64877fff80d45d0727", + "tcId" : 127 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021dfe97230fd0a84f35108223e7c411e356b11f63e5fd11b4fdff5ab2346d", + "tcId" : 128 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303c021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021c5219a6772dc82cf0610be22bdb5b1e370e969830cc9a7ec017879dca", + "tcId" : 129 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020100021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 130 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020100020100", + "tcId" : 131 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020100020101", + "tcId" : 132 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201000201f0", + "tcId" : 133 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020100021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 134 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020100021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 135 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020100021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 136 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010802010002820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 137 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008020100090380fe01", + "tcId" : 138 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020101021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 139 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020101020100", + "tcId" : 140 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020101020101", + "tcId" : 141 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201010201f0", + "tcId" : 142 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020101021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 143 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020101021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 144 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022020101021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 145 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010802010102820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 146 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008020101090380fe01", + "tcId" : 147 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30220201f0021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 148 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f0020100", + "tcId" : 149 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f0020101", + "tcId" : 150 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f00201f0", + "tcId" : 151 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30220201f0021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 152 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30220201f0021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 153 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30220201f0021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 154 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "308201080201f002820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 155 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30080201f0090380fe01", + "tcId" : 156 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 157 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d020100", + "tcId" : 158 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d020101", + "tcId" : 159 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d0201f0", + "tcId" : 160 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 161 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 162 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 163 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30820124021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d02820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 164 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d090380fe01", + "tcId" : 165 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 166 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e020100", + "tcId" : 167 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e020101", + "tcId" : 168 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e0201f0", + "tcId" : 169 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 170 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 171 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 172 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30820124021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e02820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 173 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e090380fe01", + "tcId" : 174 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d0100000000000000000000000000000000000000000000000000000000021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 175 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d0100000000000000000000000000000000000000000000000000000000020100", + "tcId" : 176 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d0100000000000000000000000000000000000000000000000000000000020101", + "tcId" : 177 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3022021d01000000000000000000000000000000000000000000000000000000000201f0", + "tcId" : 178 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d0100000000000000000000000000000000000000000000000000000000021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 179 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d0100000000000000000000000000000000000000000000000000000000021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 180 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "303e021d0100000000000000000000000000000000000000000000000000000000021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 181 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30820124021d010000000000000000000000000000000000000000000000000000000002820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 182 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024021d0100000000000000000000000000000000000000000000000000000000090380fe01", + "tcId" : 183 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082012402820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 184 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010802820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667020100", + "tcId" : 185 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010802820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667020101", + "tcId" : 186 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010802820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd6670201f0", + "tcId" : 187 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082012402820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 188 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082012402820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 189 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082012402820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 190 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082020a02820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd66702820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 191 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010a02820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667090380fe01", + "tcId" : 192 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024090380fe01021dff450969597a870820211805983688387a10cd4dcc451a7f3f432a96a3", + "tcId" : 193 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008090380fe01020100", + "tcId" : 194 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008090380fe01020101", + "tcId" : 195 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008090380fe010201f0", + "tcId" : 196 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024090380fe01021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "tcId" : 197 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024090380fe01021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695e", + "tcId" : 198 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3024090380fe01021d0100000000000000000000000000000000000000000000000000000000", + "tcId" : 199 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3082010a090380fe0102820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "tcId" : 200 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "300a090380fe01090380fe01", + "tcId" : 201 + } + ] + }, + { + "keyDer" : "308203423082023506072a8648ce3804013082022802820101008f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667021d00baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d0282010016a65c58204850704e7502a39757040d34da3a3478c154d4e4a5c02d242ee04f96e61e4bd0904abdac8f37eeb1e09f3182d23c9043cb642f88004160edf9ca09b32076a79c32a627f2473e91879ba2c4e744bd2081544cb55b802c368d1fa83ed489e94e0fa0688e32428a5c78c478c68d0527b71c9a3abb0b0be12c44689639e7d3ce74db101a65aa2b87f64c6826db3ec72f4b5599834bb4edb02f7c90e9a496d3a55d535bebfc45d4f619f63f3dedbb873925c2f224e07731296da887ec1e4748f87efb5fdeb75484316b2232dee553ddaf02112b0d1f02da30973224fe27aeda8b9d4b2922d9ba8be39ed9e103a63c52810bc688b7e2ed4316e1ef17dbde0382010500028201001e77f842b1ae0fcd9929d394161d41e14614ff7507a9a31f4a1f14d22e2a627a1f4e596624883f1a5b168e9425146f22d5f6ee28757414714bb994ba1129f015d6e04a717edf9b530a5d5cab94f14631e8b4cf79aeb358cc741845553841e8ac461630e804a62f43676ba6794af66899c377b869ea612a7b9fe6611aa96be52eb8b62c979117bbbcca8a7ec1e1ffab1c7dfcfc7048700d3ae3858136e897701d7c2921b5dfef1d1f897f50d96ca1b5c2edc58cada18919e35642f0807eebfa00c99a32f4d095c3188f78ed54711be0325c4b532aeccd6540a567c327225440ea15319bde06510479a1861799e25b57decc73c036d75a0702bd373ca231349931", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIIDQjCCAjUGByqGSM44BAEwggIoAoIBAQCPeTXZuarpv6vtiHrPSVG28y7Fnjuv\nNxjo6sSWHz79NgbnQ1GpxBgzObgJ58KuHFObp0dbhdARrbi0eYd1SYRpXKwOjxSz\nNggooi/6JxEKPWKpk0U0CaD+aWxGWPhL3SCBnDcJoBBXsZWtzQAjPbpUhLYpH51k\njviDRIZ3l5zsBLQ0pqwudemYXeI9sCkvwRGMn/qdgYHnM423krcw17njSVkvaAmY\nchU5Feo9a4tGU8YzRY+AOzKkwuDycpAlbk4/ijsIOKHEUOThjBopo33fXqFD3ktm\n/wSQPtXPFiPhWNSHxgjpfyEc2B3KI8tuOAdl+CLjQr5ITAV2OTlgHNZnAh0AuvaW\npoV499/e5/pnyXfHhe8ysjO65YDAvNVpXQKCAQAWplxYIEhQcE51AqOXVwQNNNo6\nNHjBVNTkpcAtJC7gT5bmHkvQkEq9rI837rHgnzGC0jyQQ8tkL4gAQWDt+coJsyB2\np5wypifyRz6Rh5uixOdEvSCBVEy1W4AsNo0fqD7UielOD6BojjJCilx4xHjGjQUn\ntxyaOrsLC+EsRGiWOefTznTbEBplqiuH9kxoJts+xy9LVZmDS7TtsC98kOmkltOl\nXVNb6/xF1PYZ9j897buHOSXC8iTgdzEpbaiH7B5HSPh++1/et1SEMWsiMt7lU92v\nAhErDR8C2jCXMiT+J67ai51LKSLZuovjntnhA6Y8UoELxoi34u1DFuHvF9veA4IB\nBQACggEAHnf4QrGuD82ZKdOUFh1B4UYU/3UHqaMfSh8U0i4qYnofTllmJIg/GlsW\njpQlFG8i1fbuKHV0FHFLuZS6ESnwFdbgSnF+35tTCl1cq5TxRjHotM95rrNYzHQY\nRVU4QeisRhYw6ASmL0Nna6Z5SvZomcN3uGnqYSp7n+ZhGqlr5S64tiyXkRe7vMqK\nfsHh/6scffz8cEhwDTrjhYE26JdwHXwpIbXf7x0fiX9Q2WyhtcLtxYytoYkZ41ZC\n8IB+6/oAyZoy9NCVwxiPeO1UcRvgMlxLUyrszWVApWfDJyJUQOoVMZveBlEEeaGG\nF5niW1fezHPANtdaBwK9NzyiMTSZMQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "DSAVer", + "key" : { + "g" : "16a65c58204850704e7502a39757040d34da3a3478c154d4e4a5c02d242ee04f96e61e4bd0904abdac8f37eeb1e09f3182d23c9043cb642f88004160edf9ca09b32076a79c32a627f2473e91879ba2c4e744bd2081544cb55b802c368d1fa83ed489e94e0fa0688e32428a5c78c478c68d0527b71c9a3abb0b0be12c44689639e7d3ce74db101a65aa2b87f64c6826db3ec72f4b5599834bb4edb02f7c90e9a496d3a55d535bebfc45d4f619f63f3dedbb873925c2f224e07731296da887ec1e4748f87efb5fdeb75484316b2232dee553ddaf02112b0d1f02da30973224fe27aeda8b9d4b2922d9ba8be39ed9e103a63c52810bc688b7e2ed4316e1ef17dbde", + "keyType" : "DSA public key", + "p" : "08f7935d9b9aae9bfabed887acf4951b6f32ec59e3baf3718e8eac4961f3efd3606e74351a9c4183339b809e7c2ae1c539ba7475b85d011adb8b47987754984695cac0e8f14b3360828a22ffa27110a3d62a993453409a0fe696c4658f84bdd20819c3709a01057b195adcd00233dba5484b6291f9d648ef883448677979cec04b434a6ac2e75e9985de23db0292fc1118c9ffa9d8181e7338db792b730d7b9e349592f68099872153915ea3d6b8b4653c633458f803b32a4c2e0f27290256e4e3f8a3b0838a1c450e4e18c1a29a37ddf5ea143de4b66ff04903ed5cf1623e158d487c608e97f211cd81dca23cb6e380765f822e342be484c05763939601cd667", + "q" : "0baf696a68578f7dfdee7fa67c977c785ef32b233bae580c0bcd5695d", + "y" : "1e77f842b1ae0fcd9929d394161d41e14614ff7507a9a31f4a1f14d22e2a627a1f4e596624883f1a5b168e9425146f22d5f6ee28757414714bb994ba1129f015d6e04a717edf9b530a5d5cab94f14631e8b4cf79aeb358cc741845553841e8ac461630e804a62f43676ba6794af66899c377b869ea612a7b9fe6611aa96be52eb8b62c979117bbbcca8a7ec1e1ffab1c7dfcfc7048700d3ae3858136e897701d7c2921b5dfef1d1f897f50d96ca1b5c2edc58cada18919e35642f0807eebfa00c99a32f4d095c3188f78ed54711be0325c4b532aeccd6540a567c327225440ea15319bde06510479a1861799e25b57decc73c036d75a0702bd373ca231349931" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "54657374", + "result" : "valid", + "sig" : "303c021c50ab097237324f8fc734140e23c11d515939277a182712f7914986a1021c24a4522acf7885deae134d25b679fea410f8c24afdb140c909522d14", + "tcId" : 202 + }, + { + "comment" : "random signature", + "message" : "54657374", + "result" : "valid", + "sig" : "303d021c79bacf75ffe84e6a2159e0152d568781f7fd41e0a14c1200b21b21b7021d00962f1d0404b0318b0e6eee0b95d22d94eb36b51b6f8884e70b973812", + "tcId" : 203 + }, + { + "comment" : "random signature", + "message" : "54657374", + "result" : "valid", + "sig" : "303e021d008dea6005d17a3eaad584bed597ff29ca1c91833e1d93a398640a05c9021d00a871f0d68ac9ff53e4714555c8cdc498ccd28ec4924aaf42a65c0db9", + "tcId" : 204 + }, + { + "comment" : "random signature", + "message" : "54657374", + "result" : "valid", + "sig" : "303d021d00b5e1ee34d2b07ec24262238d3ef3f691827780baaa2107be3131cfb9021c2bdbe0d5cffee75072c5c4c358a7b6dac45e763555430739b593c2fe", + "tcId" : 205 + }, + { + "comment" : "random signature", + "message" : "54657374", + "result" : "valid", + "sig" : "303d021d00adf128e21e06d3d22c819904f0be159bdedfbf21fc22843255762b07021c646f551ee7e3455f8c3299e9568c581f81d31bc1d1a0373407b18dc6", + "tcId" : 206 + } + ] + } + ] +} diff --git a/t/wycheproof/ecdh_webcrypto_test.json b/t/wycheproof/ecdh_webcrypto_test.json new file mode 100644 index 0000000..87cebc9 --- /dev/null +++ b/t/wycheproof/ecdh_webcrypto_test.json @@ -0,0 +1,1300 @@ +{ + "algorithm" : "ECDH", + "generatorVersion" : "0.0a11", + "numberOfTests" : 57, + "testGroups" : [ + { + "type" : "ECDHComp", + "tests" : [ + { + "comment" : "normal case", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "5af492c029f055e700150fdf074bbc3b376b3286a0e1a4feb267960bbb0a148e", + "tcId" : 1, + "private" : { + "crv" : "P-256", + "d" : "TEKm94QkBRnu2W9CQgBCYrabdRQ436q7mBfeypPoHIc", + "ext" : "true", + "kty" : "EC", + "x" : "WyqqM6oDsZdjGfMIvj6sGGkXhyB-6RPNgCNYBbHz7F4", + "y" : "h5IjGBoRRdQKxucb6rv-EVZwIqZv2XRLi3_rvK-dxSI" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "yISNawZIGrhSC2XREZbJe30drwGpT6gWmocmXgm12So", + "y" : "0dac4Rq3NgDALW02mtKKwd0hPoqR-H3kK7FohxSMzkc" + } + }, + { + "comment" : "normal case", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "7ee811a7cc92be6c5d6879d6399c467675c34c1f9c2261e1df4ad7d4dc4de93d192a5020feeb61712e4401cf369700ff", + "tcId" : 2, + "private" : { + "crv" : "P-384", + "d" : "XPNFF3sB7GKqQwJJE7JfjRq-9B92mXqz1v1fWh6-uQ3mnecJw5JwbbWAPsI7NhAt", + "ext" : "true", + "kty" : "EC", + "x" : "ymo32uc2KIgSIck9N6h11vy4zGzXuOnw0-jvC3h_IqlOvEJ9gUXeK8XUkn7xBGvh", + "y" : "D0e3Bgt0wn4KwyJJDKwHqV6FB7xe3afuTXKBEV7hpj_rqFQqZZsrdz8TJUqjtD5Z" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "y5F1hPIu6IHPMTVd_4jagQ4S6NqKEWrV4bF5Rr04FfqRRqWWoSBNBQVhQuK_OFur", + "y" : "0nxF1hhtRBy9qvLFZka-r4cSfZyb86ICsdIIIJqJ6My4vouAeLucCI5TTuJqTEQ-" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "0000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 4, + "private" : { + "crv" : "P-256", + "d" : "V3__4ATEMyhY8ARpZPC-Tl_iZS6vzyYWdDu8Y6sBg3k", + "ext" : "true", + "kty" : "EC", + "x" : "I7gdSwHAhxe3tQ8izFrv0PsGLoIA2Mskr1QoWPE4Bi8", + "y" : "CNN26pJpxC4OZYPeFbigQYBnb4r1OrUsf1l2wz5uIuc" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "Z_TxDYzhUV5lUiOTCuRbbYQwp1KNzMBZ7L9_8NSZzpQ", + "y" : "PVLyBeRI9xmjw-s9oUkWNH4Vurydaps86bzHPismQWg" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "00000000ffffffff00000000ffffffff00000000ffffffff0000000100000000", + "tcId" : 5, + "private" : { + "crv" : "P-256", + "d" : "FY8M1ObgQ6QJpszBP4-649T22PFI17GyzzxJeMqUGng", + "ext" : "true", + "kty" : "EC", + "x" : "SjM1g2j5_2Np3xDBYW_i7BsxFkFO2cl5OGRVGhfrHBg", + "y" : "AvVlj5C266JG6T5Ohhu2idHQcrIjuJsbvRApRAhXQvk" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "3wOehQMUhX2O2yc_8yPZ0mb5l0jvPn_PUsqRbOs2PwM", + "y" : "zZycmVJCIQlJaHWyUSEz7taOqXI4v_0UEJQz2sSp-Nk" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010001", + "tcId" : 6, + "private" : { + "crv" : "P-256", + "d" : "GQkQmmjEUaDxUMYyhE-cMN5WPQXe4YHR-Sd4b_bkD_0", + "ext" : "true", + "kty" : "EC", + "x" : "cTTJ44nkV_b62xyriRhErvgE0Ul0WY8594uT18wY2eI", + "y" : "lCFFPIrYYgK2qZCzIb8Mp6dT0-8UMEmc_HOU_R75coA" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "JdqrnBMBeqmPeE1x15Q8XnaPABJIH7yncU43kF2FTwY", + "y" : "WPiNVKFUExBWMeKqfay65gysGzyd4XOfJ6nCv9I0oOw" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "7fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff", + "tcId" : 7, + "private" : { + "crv" : "P-256", + "d" : "00-WuNQUk2E8yO_NxDljiGGOdWRVGL1sGd7JOOkPnOM", + "ext" : "true", + "kty" : "EC", + "x" : "2f8GYyCcsHFQo0hGPSu8FbTOIychG7d-b7d8iEch_-0", + "y" : "yCsGEV5BgWq-Y-7zt21qghpZVy9P3cMS09tC2DrO0QA" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "gGBkbTWiSK0C0KjZBpUn0G6pwplS9Y2mCQusShezSx4", + "y" : "vmXp2Bh6znrY0dNYS07MxpmpV-4yfzwy6rrC3UlZetM" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "8000000000000000000000000000000000000000000000000000000000000004", + "tcId" : 8, + "private" : { + "crv" : "P-256", + "d" : "Wj2UZ9nw8WmL8VSGJ4L0NhUMjBA9iMqrImBT1zA_pcA", + "ext" : "true", + "kty" : "EC", + "x" : "LXoHReBeihHt83forxIbehHNNH1VLhs1eYvKUGkKrY0", + "y" : "uTDrHtcNtyhy-Y_6_Mc-t5e2-iOvqNWgJw7sC7AozgU" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "q8GaAT7v2FB6SxuTPVFVM8y_rSoSnqiwpxZ_Hu8ObQI", + "y" : "nHZLhfynaWPPWAFvx1K9UdzX8z_UCU5d55A5SX550CY" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "ff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff", + "tcId" : 9, + "private" : { + "crv" : "P-256", + "d" : "X3n2bE6P1Vjxqea9LDFYrzhmrpNC6ec_AsYE0efWmbw", + "ext" : "true", + "kty" : "EC", + "x" : "g35sLwD15_TqXQUHszyc5c_N9hsfLqsFp9mtBjSmqSM", + "y" : "-UvQSiSIpJkLPEKy33MbvcJc9nENkv4QExgUBQB4HtE" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "nhtwFE914Csb_UApjwESl2tZvPbtRJHPqISi4x2-y5o", + "y" : "SQBYhqVRzPNiih8_eNfCqRRQGc-SxYmdMbJwoisd2Fs" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "ffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff", + "tcId" : 10, + "private" : { + "crv" : "P-256", + "d" : "GYByC6k5US0eYVKwWavZdx7F-OpKAbWiO-ZpsDU4Qr0", + "ext" : "true", + "kty" : "EC", + "x" : "lGtMphj7_zUNmVfFHAcS9z9OCSweJ04l6DkWSLBszHE", + "y" : "vGESfIjmiAXDa9zDhdHfBwBWWBxHmY86bc9TKCBSlng" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "cnH8JXOPBGBW9uU-OZgIAev9HXPPlGwxcmFUHywlTyc", + "y" : "0lOb82YIt-6rvGd7oXZs_1mIcCj7D8oKEUZX5k105qg" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 11, + "private" : { + "crv" : "P-384", + "d" : "yUtG-GHczuzVFQuXWBtPedDrkt2tG4GeX_yy6V6Hm4005blcOLYd45gjX3N8zYKq", + "ext" : "true", + "kty" : "EC", + "x" : "XvcwMIRsP7gKVAjdPBhULB3ylSxbQyD1fBLFgakWnEFluAosTL2QU95E2xpVN0MV", + "y" : "uraiwhV9ED1BvbZPq5UitbdZg33hohJRadF86SCyN7-GmNrlOhEFqnF-o7PB9rDp" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "gfuq69ezpardRLQ9VEmrstzpzpWxSRy4r1I_rOkKHg_kFSQzVn3vDNzEqQeKQHIA", + "y" : "1oBddqoXFUrLWBx0zVJ5JUGnt0OkcjJSNEKlM_BBq6XjO5-Ctpy9uS8lpk_49ih2" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002", + "tcId" : 12, + "private" : { + "crv" : "P-384", + "d" : "0N7muMMenSJu_bYD1y3wN7FIIGFBp60fq9ZNr_DyTEDFaRab1c2PLWnxZwvU1xm8", + "ext" : "true", + "kty" : "EC", + "x" : "M3DOkQjZ_j2pDm-PDGzdW88lBrWNfSolI7LyJJlsAFDO9cog1Lf_MWGm80oJDdgW", + "y" : "FfrGsxqv2nffIfMUy1GCEzLTPOeEr2m6_0PuMW9fm2UCAMsVUCxbzBtb1nyZXvFt" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "MFLwgeT22ujEUvcNdw2mxUYaJtF-oCheDNYr6qfIRhroSvz5R3lBSMeZj0rquHhJ", + "y" : "iJ6-sff5hF5m2LniNu0JWAGz5htREd0C9036d9S2oFubcjApcHXNohUPya1P1TM0" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff", + "tcId" : 13, + "private" : { + "crv" : "P-384", + "d" : "D7CfwAS8fz2OvdO9t33e1bFAW0fEYFQV4taAGHJVAnDNf8TmZXVFPOCvr7gpClTM", + "ext" : "true", + "kty" : "EC", + "x" : "175rvtMdoJASJSXZ4VsugjNMUIB9wpGSznSKUChjy-jq47szrk23ZpiC0yBXtk-v", + "y" : "_ZUyY4erc7k4B89v4n_kB6kTI1NBO2fxTxZabkubimochVwNvk0kbXQq41NLcZS5" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "Gb-ku-UUrJjEFct4kO-FCIkUj67HU4j2VJBeGnrPC-bmXzJUwa39tChOIc4YrTrM", + "y" : "wZ6iWL9Z5S9L-9AbHReSxTNeSxqy56tfrGMP7cIOeP3GLip85xCl1HGyLc4gDCv_" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff", + "tcId" : 14, + "private" : { + "crv" : "P-384", + "d" : "xgpoyacaA-DRj0mqSoDPW99cNakj57inqOZIC_aljU_-ja1QnveTu5VT-IErVFaJ", + "ext" : "true", + "kty" : "EC", + "x" : "lj9GrksnYrR5iKn1mIHL1IAuMP5B5Elp0Xvv27YI_PTQccaq-Ou5ntPylMUzHe1y", + "y" : "PAwkFHgnQuMabaPPjsIvr4DdBXSR1dJ00Asz6ZyslCorTVKCbxGQDo7qTtHTWKtT" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "OCSThhnjCYVKqk07KFHarvYBy1-n5zHy71-nIFZ19yZn4wnaK3OzCDhHbvH-vfy_", + "y" : "oc9rkMnhsPjxuRxG4YIZ4SV67wSf1mMNeF8xefnXBw9_BIO857pbbHifq6k7K3K4" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0008000", + "tcId" : 15, + "private" : { + "crv" : "P-384", + "d" : "I6ItVmh5RIJtO8XLTtOromnKohI1JTbDzNo0hb-Q_Ri1TJ1kkqcznWN4yBmp0zpf", + "ext" : "true", + "kty" : "EC", + "x" : "wg18n8h9e5guY6l2vF7UdlWMeLKlk3X0-EBJctlkbSpOmBUKOUHLlPZ62zJcXH9c", + "y" : "38LiWgWKuv0NRjUc8rCFo2d6Q6T98KYC-DxXD9jepg11vtF5tNqn--ofXADnusHx" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "0-m3-Cpll7v4BfekNYHAln410f-wlPXfaG2msh7DNzKZesFccMNsdDiidzq2rVQ1", + "y" : "1qsGv2ekstg34nybDH-FzDrf0kRuKKpLVgOU9JQ81FdsH4Bb_Uh3WoK4_jXtzM_Z" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002", + "tcId" : 16, + "private" : { + "crv" : "P-384", + "d" : "bWHZtZfa2RzHtC0YGCUb-KOwmJUhqZUjgaU9rL2abeOdxqkModI_b35D3_dlS9Nh", + "ext" : "true", + "kty" : "EC", + "x" : "lctf7qgcgdK9ln0siFC1KkaKiDNgE51ulveCH65ZJ1xiy_6HFWvGljuDttMUkdq-", + "y" : "tXCGiAA0_9g8AET2oclM88neIGgDpmdHSHxslcAr0ds8Irl2sSAjraJ95NSu2gyn" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "3sfFArTfOdx4alKo4SVuMNhLAPyQM6eJFttq3Ql5rqu_i5M1lvHtYeZqIq2cH6m9", + "y" : "QvGllFc0mOVgaAqQF_GvoXQmoVJg0QTIIabHh3Wspy7qy0irVm8dpKxzbit8qJOf" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "fff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff", + "tcId" : 17, + "private" : { + "crv" : "P-384", + "d" : "mKcUqEZN55w554M6uYXPc1Kfei2DkBygNyAoQV8DtwYqmOUiECDxlyNQYludwUnG", + "ext" : "true", + "kty" : "EC", + "x" : "jOm7u_gNzMp5wd3aUrkybrTPSAGQ7mmuEkYqePSD_LM3TktieWl7dcgeQ73rNLFv", + "y" : "zCP24hQmQnEbi3iQC2VBn_1Ah-inR5ppHBgPzEvXWwFoz1lK_uzIKm69qoIgYZw9" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "zbs2N62pGygHN1n2u4O0akBKWnvmWD7qLJu4TTlhRVxXzdmh9_6AtOM4dKy2GyXX", + "y" : "RmNU8rZfvXZjWRVtcAKs6hGWqRYXMvA0Vp5dNWqZcUnwgFnFXxk4f-3wtCsRHg6Q" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "ffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff", + "tcId" : 18, + "private" : { + "crv" : "P-384", + "d" : "wSOgjOGyS0THIPlyqZdqYTnSLi0UolDiO9gKInMIkThJi-77xLTiPpQdN124OyiR", + "ext" : "true", + "kty" : "EC", + "x" : "U1vW-LFEqwLorzODSawOWSrZdUiiRSM_vrzMGzz1VqzGM2iIDWSW8pBYeecvvFAe", + "y" : "UqmVNd3fqF_zdBhGbfCLoH1A2NBnuXWbnRKLgkrQM4qUJSI4zI3oLJcUBKyTbPhV" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "FX2pFpSuM62j94lwjdrK-8ppETMSLJUZoSAGdhvDkZAlFgT--DrJXnZ18GldlQQC", + "y" : "Zajmf3FRa4jAEVbwLP3habKSJjF2jLhqUBNmh1nBnMJRjt07gEACpuwJhAxRdC_L" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffe", + "tcId" : 19, + "private" : { + "crv" : "P-384", + "d" : "xh8uHXNp6vfEyQcCNQy50MOnMVFVbRb5_mgEimS9pWMwtdYTTtFvYZfyxI1KCTB1", + "ext" : "true", + "kty" : "EC", + "x" : "aIb04bpycj0d6zAvDMjTpM6T1FwDtnziNt8sQLqlAeuCKdQO619P9uwU4_tilLKq", + "y" : "Tq3rWf3EYkB1IxTDSoWhZNpC2h7kfpGtkbfyQqzviz6RWKp4Ue1ICfu9qVZa91eu" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "q39AYquQt0BdQ6VKuiNC30e55iTHfHqs9ogJK_kunUCWu0vDsnn2tWVbYDii57go", + "y" : "uqIRUwq6RUG3v49Sy4L-8H9Czx6RO_x0o2ZoZjVjEYcdpEv7I3rwFqO1yLcSbrRS" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 20, + "private" : { + "crv" : "P-521", + "d" : "AVKh0rHG7Pkd3_PuLDYXWSHmODNUmBjhPcYkoayV1g3HZnZRlu1fROV3rOIloeHvRYdrFx_NB5INebN1qaUMNRqB", + "ext" : "true", + "kty" : "EC", + "x" : "AKlNmCvHHVNVD7yVQZDT0ndwQrHFb-CUb1Q5hpcyIZBfm6ztMv2w23vx6l4-7rWaxEaCGFhFuKs4UFt8JBIs3g6Z", + "y" : "AM9y8f1YkPLcaCxYgDGJVlltBFJNpRu6tFaMueJmi_4TQPdHMfUACPTu3ZPiMOJfLAHjdj-40SuS1DE95PcxdVtE" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AS3urkDLLXtha3NhL90XI0u07sy8om0WO7EbHvsPeJgM0iufl35-RuReyDHZzV10rh-AoHn8y1zITpqxnu8oblJ_", + "y" : "AC3Pf4WBRCJec-AxWwruShMAKA3GE5e-XD4HhAxEVsJQ8VDNT4dlBhjpmUs91Vl-Yq-nhAVSbVRceiYm8-ripeex" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 21, + "private" : { + "crv" : "P-521", + "d" : "ATmak4nm7hXp1MKCw8hx9rnwRfslPzg0E48tyiLkTJq0PiUlXPIop9zJLOp_zTJxol0otFSGDMQHN7UUuOWataAG", + "ext" : "true", + "kty" : "EC", + "x" : "AVjKsZhF9cafY1ZWqEl5rWLBHKUYICfLSotbTrFxs1Gzqsp5rPvXEiGTw3JoUXUanYAiTlDO4D35pYKrehMka8e6", + "y" : "AZpeA_ZGbMfb9gefRvzM66QJF4ywd7fX4i7bD6LxWN6X4YvP0TA-9IgEY9P8rmNtEVWNHOQ7lYMXyG3pSJXCiVmo" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Ab3YIomLurxIHOuHAhK8KzsSUsU-YK4Gr379y2CHaIo9kgP_rh18DiXCoUEvoIIx8gwGTZzzOeRuTPbZRQo5tA8d", + "y" : "ADD0l0D-8kB5R3GyXenua2pqLjvxMB7XKkYTVTvikv-dr7kj5-zdWAI0bvdYua9iDydcbvNBIfCqnIMrcCuN-tTv" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002", + "tcId" : 22, + "private" : { + "crv" : "P-521", + "d" : "Ae0B8AuUv5AvAslCh-nNsc5Rp3aiJaOeDq2r5hDxZOtHXDFWPlYZLG4IVeRITPyvroD8ajdheE5fLTk9xkAwLAlN", + "ext" : "true", + "kty" : "EC", + "x" : "AMJZVTWNZBnvGzroqMvz7iQ_l7EdyH_wfH82VUN-yh5HRB8Zhixc1_ZrRAFIBTRXbG3OhpnkbBynsz93elFLmrS1", + "y" : "ADUZa4-xrZuR6TkvperZvyQpU9LA6anRWvtBpfErRRutoNOXNNqZd4iJM9UrOwgMuwD3EcjHi5LcFlU9fnhAX-4F" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AWImM20DIMkwVqKq5Oj8KGQB7lAiAamgp-MsdmgGpbGoRdHD7BC70po-yvLRKWx0j8wcvDtLBgSlN56X9IiV3_-8", + "y" : "ALjyFlEqqyfyfxY2USOCXRU1-NNCJgg95ZaX3AwhJK2osJI_5gl6ZGsR269YSc8lvzz-DMQSkSN6izsJewFYWE35" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "00003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff", + "tcId" : 23, + "private" : { + "crv" : "P-521", + "d" : "AHCj4dIfcZmOPuhsdHE1_QFbirc5UuwhQSVRGJvnNfMqbvkgwJdDwoh35_rOrvDobZkMCUo2gjywt-jeb1MoTXXL", + "ext" : "true", + "kty" : "EC", + "x" : "AckwlINJRsmZceEqzmdGd6OkBOpgGt7BuIL1_1qKj8KPd0IEVzJOnMIKtllYm6mcb5CjImhB9OTMf2TfbfikDx8z", + "y" : "AYop_NDJXvj0A2PHJ4oHLfNybIsJ_yuprFdBxil-CDxyYfOoxxKYwZJqv5dFvahgBq2pcxlUtY_edhyo3t87W5Vn" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AFRRtylPwcqFK3-rIUMWNocMLgrAOgcbHuBpzjmQe8H-F4PQb22UmMthmg5bV3HUTAUo8CN_fKYHG5Mp-vhlCDw0", + "y" : "APnnz_jAwOl6YVA6S-X3i32oAfBRIKgvAGP6-4a1rn3bUxbbX0E6DHxyvXDHBagiswvCTcpmbgf1K2DWl0lYAdvr" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 24, + "private" : { + "crv" : "P-521", + "d" : "AWkrrEpAH1ySoeLzWa29MPCf1d_1AGnmgl5ctM38yHn5HJnANExaKUqMBrOBv5uqqplBUFX7nNL3l4dd7WqaPFIa", + "ext" : "true", + "kty" : "EC", + "x" : "AC3_tgsEuNpiRbo91tSKWj56AQpSbGt1tXpheP-BY-x73ByOHUyH6yiBYeHcdXwi1iLr9utUubAOk0eXUANOYOfe", + "y" : "AZPGwdcwZSHbhKuduwfvNyo44kzrWP7Hao6soA6tRAB8bWu-ZqY9VfazCp4UviSfL5npVBVlyWHrbJzm6_rZZ6u5" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "ACpQ9eN9V7C6ykS76ZP0u-UARYdeEbXT1ktF1049JBufZvm7AjNXgEIh5smS5edyPsQ2E3CpKCrRb9zBsZDfeUmm", + "y" : "ADRPkod4ORmJNXBkni6W6xjFgQWzJYWyineMsSJcIx5SgFJzFd0wKpJ4r4NoMEQYP7Hro6pwuPb8lzsh3kXq8k3o" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01ff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff", + "tcId" : 25, + "private" : { + "crv" : "P-521", + "d" : "AVvfMqtnNDa9_sm8S7JMZH6FGX8Rtx3uHHwwqabohiviiTJISFwRwEdc3rrO5XcEbY0R4h2JFj2D_51KB0TsYnt6", + "ext" : "true", + "kty" : "EC", + "x" : "Afrx9MyHjAQXLzWtY8E3Npgc5RHmb_7NJZBnC8IScQExr1Mw6YLdSIApLgebYCItsxn8NI1ePq7Yel40vdYjDmHF", + "y" : "AQgpwUfPeLtojxZr3CZ7TRkfOW94MFH6Qd3-RKrNxCfWhDbFn08eizxx9MeDYTTBi7QP7YjgGsNwQHdYynaQCrJl" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AapJCiTqodo1UEqh71rQPTFdFWAingHpYzYEcQkoNlaN78YHsEh13mq3t4rfAySlSHISiAxhLCUoNE8A0qJH9-uo", + "y" : "AbGIwEWcIGbHLtJ8jZdQZlvsq5PPXrp9nv66HuRZIvv4zFjE6EFlmiy05SRbQVdNIxXTPRYzTc3zD2ap0AI6Sp8F" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01ff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010000", + "tcId" : 26, + "private" : { + "crv" : "P-521", + "d" : "AQRGx7aakMJAtvNZjVcMNtuPiKmi0sR4HbQvx2SiPwIE8av5AQ4489sfWCLJEQT1LJmr7z7uCs_RkZnYQfA5nsRY", + "ext" : "true", + "kty" : "EC", + "x" : "AOzcaMvbri-f4B1RYhnAj0-ma1NDDxi4bTiA56rGUB1jToLVVmtUlf19ejkW7IXaEbIxdOvoPFDyEuQ25lEVviI2", + "y" : "AAALPmt-i6XKCpayvbbEsXVQgACrzwFm1hH2apTQZ9AuXHMCxqlRtuLWox49b3UWQQxguKUxC-Wp3N6Vc69L0258" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "ARcwdNExeWI1KkBYFq3NrPwHLihiab5Om7EWUye1rUJQ_sqBLSAZ8aH5gunT3LS4govxtGeFJT3591GYZCCx_YR4", + "y" : "AL6RaKyYB3FkjvdvupBdCR-TMtMFZoTeiYdiOF17lbowRVEuU0ueOZtC3g-oeUVdR38PAb8qjyBuTUjTfy-PAwFg" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01ffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff", + "tcId" : 27, + "private" : { + "crv" : "P-521", + "d" : "AEf0gpI9gWUpV2YOJXZbq-_NNs1-0gaz_cqsTCWJryIlZIFpjfAR7E7TYsVWJJOcQ06KThPTq_f465-pNYV6GM0e", + "ext" : "true", + "kty" : "EC", + "x" : "AbbjwscOPKDPxOhuY5Adis_BFWuAtvp6CACwigg7nQsVVMfmmz-2rabNDVM9xfO-IyJluN2iIXfWqfsso9ZfqwNa", + "y" : "AN0O-aSlTwMFZMh61_w6Dd6WFF4RSgvTUTKrgBbfwvJ51oEFS2N9wkAO6n9BF5LtGEs05Rk4c7YiHW7cduSTGaP7" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "ALerrg1ExBfKvxgAcbHCrRng59VuQrYtenCecu0zFvM6qCfT-K25W10QlV0CUb2ghufXhEHoYcloPvqAs_9s4fbK", + "y" : "ADkJ75dRag1VYGkeFmYAoHo4srO0iLCnA-UkhCPnFnBeMgYymD1w2jgvQAgaklc0Hu-9UaD7p1_Nf-1TjpWJtUow" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01ffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc000000080000002", + "tcId" : 28, + "private" : { + "crv" : "P-521", + "d" : "AVq5Tiol6wETE9p3S4QwJkOnBOLHsjacK2jJwqKNg29fcQYU2F1VfIXn_z_W2gCOA1pfV1nxjFHy71Zbvjt0On74", + "ext" : "true", + "kty" : "EC", + "x" : "AAiC9FSE0AUJRyxhAyzUpiQ9jx6rK--jcvGKfjhV3wOQc8ESnfvM6Ht6a6q4et-ZpudHxtKYEVbg_Sj-DFPf3In-", + "y" : "AS4ou5BmSLHuNP15FUxCpaWYcVSAZbEpByTXeaAF4pGrjKAn-QJQTEoeCRzSpaRNOnNuQ4R_RmEYxhWBKGg0GMGV" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AIADDBIkyBDQ9Mdh5Q55qU38Z5MKqGaZMc6u-lYk_BxYqWpjzkBnNLFnfnEPNB5Pe1VB5rBZ2Bgnklo-E_DErnUV", + "y" : "ATMiYwjDaF7zYFgwtWB1j-yPSeB86uTsOl-jZn1xcuIrFJ5rt5SRZCD770ODhWqd0FZ6XimVkkN_C86DfLhRNFtV" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd", + "tcId" : 29, + "private" : { + "crv" : "P-521", + "d" : "AV9Wm2yFPuZTEtzoREML-T4ePjFF-qBX1fuKnACO_UXwGLXX63QY8BnW3yTKIRHsLbYZAYl-mcln98Lf031gFvE9", + "ext" : "true", + "kty" : "EC", + "x" : "AFRFfw2juwn-o9pRWj-iWoh6CJnQK-PQuGrRxgCv3-PY4MGCuEWkS9vm4uBoebJqLLrktoCQk9QajjOVO54eXX3Q", + "y" : "AWBlktVWdA9WSpA2tAU7qiJrt6wahs1APs0DpDra-co5-_qPVJ4MNRGccMm8NIalEpH-BKTzTa0ulEnkKO_WGkzH" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AcV8ffR7tx_RPXFPhG66Wy6v_YdvF_DPBRyC2MBdVnqkDA5qRbb13O7MPDOKIbZByBSPo0fYwWWuJJQyHy6ifvhB", + "y" : "AVEsOm9DnGCIOdriD6SoT3HpQV6AsJzKG51vehjIngB9QGWjwcMhTZc1vy4FqnOk135hOH18JdBMyp2RvezglWmQ" + } + }, + { + "comment" : "edge cases for shared secret", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe", + "tcId" : 30, + "private" : { + "crv" : "P-521", + "d" : "AE4aqLfxx8CRwT3QCLZlGuNRCmYhcpKx1cQKa5yYRCJdoRoFfHBmXKEFpPcn02d56w84wAxo5IqLuiSF6iwBXSP7", + "ext" : "true", + "kty" : "EC", + "x" : "ASeR1fEZFj-lqdUm56zzdw9ye2XQ9rZuNGed20Y89cvpCC3k-qGhjERJWVCJEwvbGWHfG3dikPws3bd4BpNF8imw", + "y" : "AUTDJdEeJ3cOzU0w5QHaygcoV7heHoc6mIxLepOattgSh86q9gpuMlEToVuILBB-XLmDXDPcUAfcTugkSgMt0Cb3" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AGjidY0tiJL7AbgOV75-ZWrkGFHTKhuYfycXv1yUfBUcy97QljiYb9SOHs8g_tdMc-iclHf9jMP33Anyc6mLWIke", + "y" : "AEWBC6A7bwhGzO7Km2FkS2gAMDm36KRmlOJ4y_EHSwh3wtC-AwMkUesZLwA7bIlsvLGom3MC4Hi9E7Nczgurhg0H" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "64ebddd0211545e08fff948c3c252bafdb61245146915b8524f27cd6ec766d4f", + "tcId" : 31, + "private" : { + "crv" : "P-256", + "d" : "9WHNIE2tXPb9P1qiTZSGfw8xzSIXbrwjDlu4IMNDGK4", + "ext" : "true", + "kty" : "EC", + "x" : "G5TtS3gQhifa-fzyckvupwbKxmfGuveNC2CwLpchqH8", + "y" : "FBD5sLTkev2U75DG792XrwCybeK4X-rSkP7OeenV668" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + "y" : "ZkhceA4vg9ckM71dhKBrtlQcKvMdrocXKL-FahdPk_Q" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "11c2b3d789d5879ae2b6c5bf25e970d246ae19f27e96d2a53b85b844662bfeba", + "tcId" : 32, + "private" : { + "crv" : "P-256", + "d" : "37nCPA2bNyQYlt2dwyPl499ok2n2P9GDC1PC6Kq3_ps", + "ext" : "true", + "kty" : "EC", + "x" : "qPLjpu-qN03vykV-b3Zmsev1gum3iwur3ptEBN1jqO4", + "y" : "33Y3hU4lZy8u_ZKc1TJGIhY5TFyqHWH7NGVwikCbE2g" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAP____8AAAAA_____wAAAAD_____AAAAAQAAAAA", + "y" : "RiwEZuQYAiONbJJey-_HR8_lBeoZavmi0RtihQ_OlG4" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "827b389dd5c08c79f1315302342539be601a7f755bdca98d6702846107a31870", + "tcId" : 33, + "private" : { + "crv" : "P-256", + "d" : "fQCkXannaJDeh2kAnq5HI7wLxvzj6x5t-HoWWOhDLMY", + "ext" : "true", + "kty" : "EC", + "x" : "_FJoFGfalGIOTH-b1D-ibY0CN8prxadt3__i8MY5nhw", + "y" : "DgvkRsg976wXQkGkRFNW8a8fN1Vr8bD3Ak3V03Q0wgQ" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wABAAE", + "y" : "aEyKlYbtb5y-RHBYp9ohCLqx5eCmDR9z5OLnE_Cj3-A" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "bb25fc9cb64eb69e52f9d1d4c0d9dc7563d2342738b8545bd849c9616f7c35b8", + "tcId" : 34, + "private" : { + "crv" : "P-256", + "d" : "7y30Hg3QXiSRil8iTHd33Y9yg3JzVR_PUJ2SaUeNfOQ", + "ext" : "true", + "kty" : "EC", + "x" : "HwhwsMS0T9wPDfjxu0mxkLOfESsQUmIYa4V1KwHrlDc", + "y" : "H5yuPQ9-ah6D2MO84W-0MBzRBQzBP4Q11teY74VB7ZA" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "f_8AAf_8AAf_8AAf_8AAf_8AAf_8AAf_8AAf_8AAf_8", + "y" : "LiITyvAwM-D9D3lRFU9ubDqSRKcvrKZenOnutcjhzqk" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01d6936718941de1c689a8d11cf98c0d50cd18b40589e5e4efc2ab7692e9a11d", + "tcId" : 35, + "private" : { + "crv" : "P-256", + "d" : "ynQhnwWzXOkr-9Ne4QB_C_gSAjx2gdpSX_aFifK9S0Q", + "ext" : "true", + "kty" : "EC", + "x" : "3v4g84h9rNVn81C14Uxr2QQWp1VZpW33GQ8qfm34ulI", + "y" : "SEPuncA58RBm9OslWclcvGWZOoNftu-1vu1Efc4sYiE" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ", + "y" : "K-h4nbgbtIcKnmDFwYyAyD3kZCdygfGvHmQIQ6GjFI4" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "b040da667e626da3ecba81774abe5c78b0913269c4a338e96169280cd960cb11", + "tcId" : 36, + "private" : { + "crv" : "P-256", + "d" : "dbAXHkNIjNBS9ai8xc1rlIBwtq5u2HFxAHATVr7xORA", + "ext" : "true", + "kty" : "EC", + "x" : "ioFLm07OAbhKONV6TmTlamuJaIwHEzSeeGuNcosgoLk", + "y" : "jPuKN9axMkHxUMyjgbTTnE9Tq-QJq5u-gmnJ8Y2iFlQ" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "_wAAAAH____8AAAAB_____AAAAAf____wAAAAH____8", + "y" : "XfgPxsria2wZUvvQDtF07hIJ0GkzX1tIWI4p6AuRka0" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-256", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "4936cc116991029c526353880d1662c358030966cd55a9a8160fe2d159aeb4e7", + "tcId" : 37, + "private" : { + "crv" : "P-256", + "d" : "XOqmj1_5DbRu0cV4_bPB1JTKV2EImMcAmCiQxztru9Y", + "ext" : "true", + "kty" : "EC", + "x" : "oXuqPe7_EUlvhfee5l1fOFn5X5Jb1wNjVcenVgTJyJg", + "y" : "29Xvv-xNR8wUyBM_47j4bGb-C3vDFXLKhv0iCc391vo" + }, + "public" : { + "crv" : "P-256", + "ext" : "true", + "kty" : "EC", + "x" : "__8AAAAD____8AAAAD____8AAAAD____8AAAAD____8", + "y" : "LGNlDmpdMy4ph90Jp5AI6PqrvTfknLAWv7ksjND12nc" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "4e895e34c332213a5df19fabddc6b902d692839babb725d3df788565dab301ce21297ac9bb22634d28f4591bdca4bbbb", + "tcId" : 38, + "private" : { + "crv" : "P-384", + "d" : "T1tn2EWp3XrtJUF4-8hqnhI17p1Y3MLSIw4g_yMkj1ZeJVbJxfeCYc-Kh5O34xL5", + "ext" : "true", + "kty" : "EC", + "x" : "SnFhQe1E4hE8LFnQIHsmKuPj1Hvfp7ghcjeQ6l1Abj1bdfwmQexehMePbqPkz7mx", + "y" : "FdjHSmVoLnYQaACnx952lcm_Le0dPco8Mf83dOx8nZ6JyWoDe1tk2eInNlmxyJD3" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + "y" : "PPme8E9RpepjC6P5-WDdWToUyb45_SvSFdO0sIqq-Gu_kn8sRuUqsG-3QriFDlIe" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "359842f1ba4c9be3d068c74399581ba6a322c6d3ab720d0224f71cf5ca550d1071a2b385adc8fb47fbfe74d25d4736a9", + "tcId" : 39, + "private" : { + "crv" : "P-384", + "d" : "50d0UvWbIrGM0eMD2D1wZuZPg6OCsnGbhPgVynGjTaKmbAPI4aj78fDP4HjyZNoe", + "ext" : "true", + "kty" : "EC", + "x" : "bIby6GKIm_c1VxP2_R3JJaD2a7WfrGIbGhKoFbDY6zWN4Lwzb8ujjRJhB0BlG4sK", + "y" : "dcKT0WCM0Sf9srQn-YUtmD--lpd9jZkD5AIWKzrDg10igwmh0lgQi_w1NgUguTXB" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC", + "y" : "cyFSRC-27lw-bOHZIMBZvGI1Y4FNeQQrkDzmDx1Eh_zNRQqG2gPz5u1SXQIBe_2z" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "71716edde561d5f3160f49150d65d2d7288d828de14ca915b835547687e3b9156bc2575e24687393ad6aae3544367355", + "tcId" : 40, + "private" : { + "crv" : "P-384", + "d" : "rzWr72rzurTFbm6_jsnAgXH-H9VodWaGyETRKJC5n7ao06d5zoivfDUYh8iehcLH", + "ext" : "true", + "kty" : "EC", + "x" : "Ir2zHCrFMrmIUiUr4Zy6260S1oKzexrvWSUEu0e9BlXZZQqHf69RUmhxsbwPsf05", + "y" : "zRVH8sgQIsx9VOscHN-EAGyLiMQwny0x5faJVqFFE6uqtq05Jq7Peg0Jiwd-sEBk" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAP____8AAAAA_____wAAAAD_____AAAAAP____8AAAAA_____wAAAAD_____", + "y" : "cDcDhUE9Pv9vo0B7ok9oLCsBtRRF299e97DdCXnxfnE-CQgVcfHpTftmvyggAvOf" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "54a2e9e30ff3dcdf15bb0630dff2af17ae2ddadc9a908a6e844762af8f43b7dc3bb59212e626be44adf94efd3c9bf748", + "tcId" : 41, + "private" : { + "crv" : "P-384", + "d" : "lat_maoDiHjgtmOALbi0oV019jqEsoSKVEW8Hadq-sDPpexpBAH7c2TlUhfVKOfb", + "ext" : "true", + "kty" : "EC", + "x" : "k7C1k5ErkiAP3jUFHdgT5sw2WF4oPXNIUuLiWazarSE1mNY6uPCnvPvzc19-ufIR", + "y" : "p3OImY5TpcRNr0cht6RZOo14saiFmxNNQKWKXVmGl7s-9dJ9ulpYqf_Sp3vWts5-" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wAA__8AAP__", + "y" : "ES4ZHx94u8VLbMTwseWa6Mb_Ggf1Eo5B36KCjhtlONT6LKI5TGqrNEncs_xOtEwJ" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "6125603f2419093887c94cdc24030a53774e68436d9db29e58199ff5043f38850c94a843ced979247f2ca1bd48e712f7", + "tcId" : 42, + "private" : { + "crv" : "P-384", + "d" : "OriTivAVWkEw0xPlfSEL1XuyfRoo9WXwPFrlaxFY_jHpWXKku0EjnQis9js5i716", + "ext" : "true", + "kty" : "EC", + "x" : "BnGd_rVJP9RPKD1nBm4EJHkAk6UuM3n1WH9-w2tUGC-HHM-ELlLY2imgCV205lLz", + "y" : "9DWhsjsMME952LVjIxeC8Gw-KTiK1jmnOTmWHbLj9lw0hiK8t9RPS4iQ4bCwxAB2" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "AH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAIAA", + "y" : "AopMjaWgURL-YCXvQZCJad4g0F2WaOXIUu8tSSFy3cKgpiL8SIFk_MGgdrhylCry" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "60d73748120e538409c65508f4fd2c4575ee333d1103be329fd95eda92fdb45665de27db2d3f3ba5c5ce0d448d33442d", + "tcId" : 43, + "private" : { + "crv" : "P-384", + "d" : "LgLDmLopfrvWYzRGKWleU8ZSMaPiSMLLBKrJWGwXPvD-USKpohFKBUCxI-x6hDuZ", + "ext" : "true", + "kty" : "EC", + "x" : "P0lK0BgW2hvIautb__wcM9wJxsgN0h_9jP6OEkt2uVQSlzOxnkWGjlQrnQthW8W2", + "y" : "h_lSVNmK7k9renQhp30NyVF_PTDhBNH7CDUQi2O9ttMZsu2LgMCzUmQYcdIRDcy8" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC", + "y" : "B5faTAdRztFt6A0Wq3xlSl3CfQkmJtCGWhkqHF6nwbiMn8qwV5RnQeQcwoyA7Aua" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "acafe3aa06c90ff391128a2ba4b569d3f76b65ff1ec1e9c98780722c336810768014be29db1c7b523c68f3246b2765c4", + "tcId" : 44, + "private" : { + "crv" : "P-384", + "d" : "u5P9WvZZwf3krTQVlA_9dx6HLwp4CwBuEWupeU7xskBvkFQkLEsWgc6ODACeDJ34", + "ext" : "true", + "kty" : "EC", + "x" : "aahIFrSc4nFAKY6U6YSFH8SbW5tLaXzgNUzMwFQB4mV9yshGl_J30i-pYrqgf-KT", + "y" : "kKd0wGLab0vwL9vcZXrF4f9Wwl_YpTtBgdTNBVAsfN7gnDO0_KgUjyiuC8V0YADC" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "__AAAAAf____wAAAAH____8AAAAB_____AAAAAf____wAAAAH____8AAAAB_____", + "y" : "bHCJiub7MfovCGViry0QSGukxv1eQd_kqmFZi0cHo7wnamL-sbmFV-OxfAJfet9O" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "2f6bdffd0381853dc2c493512138ee843d4f7f0d19fde184f1a438887c741acb066654e45ea79d230c3f3cb376c22665", + "tcId" : 45, + "private" : { + "crv" : "P-384", + "d" : "t7k8StSVU9m_UnPXIr7cpsZHinyGKtb-ihWaapXGXvBb_Q_7DAkhlodltTuOjBNa", + "ext" : "true", + "kty" : "EC", + "x" : "rZ7Tz-zApVpyC7uD66RRSVxnXAtg9qLorxkVbamhRqt52ztcCT6isv5C73FO_J9S", + "y" : "SeQr0j5HOA0cdzcPNj1tHq5RNO7DXT47l07tk41gIEPN2TI6h8CQ1teO7oliUXzl" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____", + "y" : "SYerrkEoCcL6SP0jsb355iL1pgbEQRchX_phsY70blSn-78R-aa6WcmRtK5QH-3O" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-384", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "7ac7f7cf745457b1a58ea3cddc0337d47211b44403ab4ea47559be4350e8e87ef1aaf153e88eee72a3bdfa88aff1bad1", + "tcId" : 46, + "private" : { + "crv" : "P-384", + "d" : "G6nOPd7d4YRu2aiuR2rGsJhaHbgu-YD4KWcolBGqjhFF7r4vEut4Z7hJPHCmkYfo", + "ext" : "true", + "kty" : "EC", + "x" : "OdLPzPwjOGKxUaUEWtPkWQcU-lZMiMY7ltEg-sv8cDexBg1YAehFcvNHTNd9Eoco", + "y" : "4cv-rRGl9hZpU7SdqV25z_tQxBHl3H9M8zYJ-rQ1gvjsvszDI9lWfc2Yda6GEauI" + }, + "public" : { + "crv" : "P-384", + "ext" : "true", + "kty" : "EC", + "x" : "__________________________________________7_____AAAAAAAAAAD____-", + "y" : "cyFSRC-27lw-bOHZIMBZvGI1Y4FNeQQrkDzmDx1Eh_zNRQqG2gPz5u1SXQIBe_2z" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "008a0e65c8611c570562e3eef2172e5fef175d211ca7613d3f301dd8babd9b47d400c31551ac4c06ef3850750a4cc6a012f31bcc556c41ba61054eb6af6829360842", + "tcId" : 47, + "private" : { + "crv" : "P-521", + "d" : "AKpIH05r5B-hJdYsfs2K1lPebZvuR-CKsJizim-_8jVMkK26amEEKxpylsbVT-aP0kR6-Rx_Jxl9IzyBSyPyWHCt", + "ext" : "true", + "kty" : "EC", + "x" : "AP9uLiYau8O5k7k5b5HVp4wr56kfwhAkJk7K5GoGBaQ79oEgzdbbZA4-Xk5kvHcCt6A9JjhR98ADxmEoAR-GtHN6", + "y" : "ACu39ZDjMkyQwIVvi1B4bwOPxZcAuitpWsXGXkh4vWzxvL9hKQ1exhkyu1gLyYipMAM8zZRQgcnGqQncxm8syuWK" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + "y" : "ANIOyf6mtXfBDSbKG7RG9AspnmSLGtUIqtBoiW_uP45hS8YwVNV3K_AaZdQS4LyqjpZdL10zLX85-EbUQK4AH0-H" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "012d650d8f3b211999aea626d97a2a359c98cf42ee4a7ce3353ddfea8e303102d60f1b82c207524bfe2c8f280d9d6c1345fe3f61ff889071310cbc5644a6d8683e66", + "tcId" : 48, + "private" : { + "crv" : "P-521", + "d" : "AR4Zxy_JL1yzPdR6rG0nq-06vo32mba1JskRrZPRiBAjcf6dNrGITYhWC_V3gtyeEODQbSDlmdvbI4BLN8vPGfxe", + "ext" : "true", + "kty" : "EC", + "x" : "ACZGXGdGsWYaZ0fOuHCpoJ-8D_caLh8TQQYbcZgB8nXUpBKqn0vKcW1f9_XZVzTVYFKiDjyDIDH34dkf6d3yJwec", + "y" : "AKv_XqoNtUyzdkKqU1ivxekOMmpKa7PKe9PjeCF5pzeVVg-1-6QBZcVOmAlXm2Y-QARvqtvTQbx0FValfOTeNgAj" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB", + "y" : "ABDlm-k8TyacAmnHnir9ZdauqptwHqzBlPs-4D30eEm_VQ7GNuvuDd1KFvHNlAZgWvOPWEVndw4_Jy1ojIMuhDVk" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "0090cd100d3a35ce5f9fc6c3dbefd3810d5096ed63e5ee046c26c28984f825a0ce6ff3d643e7ea1648b21dc8daad4286673aa84e28f256bbd978606a1fcca2942f7e", + "tcId" : 49, + "private" : { + "crv" : "P-521", + "d" : "AcfptciIDkTS-s55K0RvlPXZYl3MiXLWQIhQApWyG0rNBlExohWmt4I37TqsKPkuUetp6E5-LNjKfG72RFUZbfi2", + "ext" : "true", + "kty" : "EC", + "x" : "ADmHGMepW0phM-0eOFYStqNF3raQTXAi9FSxb0e8UJiElG4uB4qS_48UaRfqxOrmt-RUoB2lmqmVveoTdSdvtotC", + "y" : "AMxzlDgVrRolQOtp84UBNp9LX_n01wzS7y9RhaAQC_asgVt8IOymIuOAsdGo4JNeYUI7Zg30fS-elK8XVMa8DPzO" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC", + "y" : "ANklT9-ABJasszeQsQPF7p-sEoMv5UbGMiJbD3_OPaRXSxqHm2I9ci-o_DTV_CqHMarWkamou4tVTJWgUdaqUFrP" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "019c5a8fb31bfec0a892308140c2d4db952066bf0fb5b613c2674634723269da8fd19f1f93cbab0acd80a268f9d108b9a6103505e710b49ed6f3ec10a9a1aab0cb1d", + "tcId" : 50, + "private" : { + "crv" : "P-521", + "d" : "AEYv-AnJxUVNa43Cn7jWp0rMBxXHi-pd25Nfu2wd2vVNiw1OAP_KhduvhluBC6KWTZhpHwCNJhbyy5WiMbbfiKxL", + "ext" : "true", + "kty" : "EC", + "x" : "AYMOoz0H-qWHNgCRhOi5vBMJcnSwGP9TKaNfoNthhA0misgNSJuLwEAUct3lk61FnOLDp-wOXWyWfxtiV14LZKIb", + "y" : "AYLV9C9-sY5659HSeOojg7nt3Y_TZKiZR_XaavQZZZT9HwWOFVCA8s4OAbURON0bCi1DBqInrCxJ7WiiXp3HmzyZ" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____AAAAA_____", + "y" : "AM0oOdhXtGmfXI6KAZR4biaoYvCGtLqAdGrlIl7Tqmj5a3quxVIlgwu5j1LXUiEUGJe6SdejHrvwttfTE1LlJmGQ" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "001e6f34d1c431b605ba5ad341a6d4b21b7c9691d79ae8070fd56705d5ee60c98e3956f12ce58bb831452541b43ffafd102dea31bb4e964da6a3023745554011ebbe", + "tcId" : 51, + "private" : { + "crv" : "P-521", + "d" : "AeONg5fKDfXtk9-RlPUuOZz26gPs_jHUcxlqe5XPrG3PBxAmMQESzT1ZbWy1aZx6Gtqcq-rZOO2WrosQZgs-MV53", + "ext" : "true", + "kty" : "EC", + "x" : "ALwl2eMdd-N5-DAfX84o2w-_iUTtYgq47BBS5uSGUWcYHug7BU3CTUBrKmYafhUQIqnIYxRPsflRVMqnncnxJglb", + "y" : "AOq4DoCisqFOiANEtfs0lwIipGH_vkuPHGWNgaWw4oZlzT424fTyWIC4sj_RZc1sTPWD4kT5ROCnZcemPrVRkzyn" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + "y" : "AAgT2YKRGfQv-pX-qLqegeTNamypf7B3jhLl9d_jUgHdTMqOyg0uOVVVmXBBOB5qwfGN30x04LbpBBz9yh0cEDCR" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01367e24697254f96336f32098b6a35dd364c1dfc897c03404ccc8b7b9d207b1fdb9c66bc55d586002c561651842f7a11a7b8f4208ffa14f2b81c867ed6ac5b311d8", + "tcId" : 52, + "private" : { + "crv" : "P-521", + "d" : "AEsWMPirCvc1jgUh5gZJQumH5N4pnOSFfhhCOuXC-URm2HqR6JudLVfMJ_2mSTDEf8ZtYb0Kw4N7s-D_VL_wlzvt", + "ext" : "true", + "kty" : "EC", + "x" : "AWZCsAy5TErC8oCtxpdkWNdeBmsBC_blA3Z9OTcgnfqH6Z6YQvUtj3_XaVS2vShKMd_xkPc9CyEjNPIsUJ_5miOd", + "y" : "Acgw-GCBGqMPwDF4k9giSYYiEXXYJUhe848wvoZfqL3OqY6cBY9bZXMGRMzwNWVjJK8TpITJHqUq_PXSQpRTrDVP" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af8AAAAA_____wAAAAD_____AAAAAP____8AAAAA_____wAAAAD_____AAAAAP____8AAAAA_____wAAAAD_____", + "y" : "AB_oAMUOVAErdaM-S-fQfI1g8paAo5XpUaajHFCWsOqSj8LL8yfdeE3Ap8pG6nOZK3WLVkE2S0q6Oek3mKTZJaAI" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "0028cde4500ebb4f53aa89d08b162020d53921d43035d585d5645172334c9b0df46e6b0bf66a5240239d51ef1017c14173313317fb544a889efa83effccece7eaea5", + "tcId" : 53, + "private" : { + "crv" : "P-521", + "d" : "AGSRnAUCVCS-_7fN2JLqlXl1gLNlaiyaC9C6UKFmcZN4yeeg79TzMqFPwCHCrhhe89p2BAs4U9Y5gycIOmTa7B96", + "ext" : "true", + "kty" : "EC", + "x" : "AQ8Us1RKPVn2xxhkRI0_7tqkE5acYGGaG9hnqgp7Nbvw1UprVgWUO8tp2rwfyfvlGc56FIcbmahQTFhNnKq4k6T_", + "y" : "AAd77iaKst0JYgHEOnz79w-ZseypWs56oKGXzM1CJ_DUj3zHw45O2GhZ_VfAVEHd1prLKYgqN6n6FQ6EuWhJ9Qih" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af8AAP__AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wAA__8AAP__AAD__wAA__8AAQAA", + "y" : "AI3Rih9eSCFAvnm7ZaIa1gyJh-UyyENF8BNa_9Ruxx7wKxyjrVbzAdlV-jBsEi1EHW_tz4uFXvJWNQv2nSOnIHrZ" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01f11556b0c2544695555c2c142ebbf72572244e043b755dfca7adcd32d1ff68177a70af88fdbad573f22943522c5e40a99794e3e629518d471f302bdd5cf0be729b", + "tcId" : 54, + "private" : { + "crv" : "P-521", + "d" : "ADl_dtWjNwzJxNPMypvvZQIh4hL8nLY-0GZQoinG9y5L9dh-erUW3nwCgLn1-mZI4F9qIxNxpdPL6WuapnyEJuPE", + "ext" : "true", + "kty" : "EC", + "x" : "AOVtRhkHpYEOdY37Ctitf8tdcazfFeYJpGDIND4IE5Zsurd8gqMeSyp89mOH84HYc1-sBF5JhQ-bF3Pqj2W4-vhi", + "y" : "ASX4TFfru6w_bk3u9k71gKNWFQgDENvSHSLRQhDSCi7w2PHTs9tdJM48O9C7WYw7EImq4oiK3D1jnHbkOyCwLfyd" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af_AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__AAH__", + "y" : "ALEcZo-9VJ82iJ97Y0NAUdom8VcFg5E2sbFKCRUtehgup4BsNUeKMtOqPJwWJ6YVGevscbNvp3RJAluIKeJ_MHg0" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "00f8f1e1940e2a69e733f8a7a5c9a2d30cad0dd901e702a0687cc83913f0123bbf9ffe5ae4ff6c5630118268e8e67f4327482b9b7e69a93ef4da1d3abe00e3692482", + "tcId" : 55, + "private" : { + "crv" : "P-521", + "d" : "AGiax25EUHBf6o5rTio6wNt2Z1BZdO3Y2ht6Nwj-nUi2sP8oGnmRfx1Qo3k8tGyzTke1Bisrhb_NFo_oByKuRVxt", + "ext" : "true", + "kty" : "EC", + "x" : "ATu4_yZKbhiOikpAwZFrAw5TthD8lUyOjEfH3F8Pwx65KrWdzCTsUxlytYdvO2VGVGGLrfIBRKQeQA6DHxTeRIN1", + "y" : "AY6_5hJv8HywySeUmLI64-Tyjrwof-9xEGkcF13wZC5t780Nsn78-whvVaeMxfl--bKWCF-8cq-ylayu-LRueG_p" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af___wAAAAH____8AAAAB_____AAAAAf____wAAAAH____8AAAAB_____AAAAAf____wAAAAH____8AAAACAAAAC", + "y" : "AKp178Co2qwdc_MsnFUkFLzPRK-OdDMbR0OefcxJoTWz7mHp9pcX2JtLujVnoZWu2hP77GNL8phLXsa2-A9ZeO1a" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "008567b96fddfb4acc4b0317e5a8144b879e762bd611a8d8d0825c7af7a464d27eee6b721f7bf4aa431b095743299f36c27b0b520432472b040a9807f21abdb78dcb", + "tcId" : 56, + "private" : { + "crv" : "P-521", + "d" : "AMRVHZr067NGsXtKirPSRFaj2KL9oSIC90jdOYlU4CJTLzssF1bZC0BqnOX9AzxAz3C7-ny0LK7Ik3VbgnDy6GQ8", + "ext" : "true", + "kty" : "EC", + "x" : "ABLN5qTrWH6RKn_frzdnVX3XWnW-sQ63iWeknyzshq-U1Fw_tEFN0AN7sV-JzjQaDDkuHyegXmtxfNuJPBI2AzBe", + "y" : "AM6aaQYwMBmQKDRt1cvTDEdK6CMahJOePc7IYRix5VKgsbmBfCv7F9_xE5nexRTjDzGv309LnvVJQ0kk9Fv6f2u7" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af_____________________________________________________________________________________9", + "y" : "ABDlm-k8TyacAmnHnir9ZdauqptwHqzBlPs-4D30eEm_VQ7GNuvuDd1KFvHNlAZgWvOPWEVndw4_Jy1ojIMuhDVk" + } + }, + { + "comment" : "edge cases for ephemeral key", + "curve" : "P-521", + "name" : "EcdhTestVector", + "result" : "valid", + "shared" : "01c0ed430408acb310910db1933c22d021030c8b9c011b201325484911eec542605283f2a41c02f20ea6d96291293ce16794a759bbe1428bd6f4bc53a1db40e80b0e", + "tcId" : 57, + "private" : { + "crv" : "P-521", + "d" : "AWFrDPqiz_GzwVebeJ-MTnUZsc0Aw-nLZ8PkYl70WQdMhFe9aMQTp5ocQCC0h1_QQBEQxzTYioxfyLTVqA7W7xQ9", + "ext" : "true", + "kty" : "EC", + "x" : "AfAnhZSidHsHhjPfcqc0MsllGBwegXg2tIcHQB3vOeRRvgjL_bLoaYHmp8fZ5ZVrBQcGQ7AMBfB86XiKe-27q_zS", + "y" : "AE16Vy45Ij40KlRqhAFe_SSI7u5tfr5GfAmAPyeHVlM7ryOAOoohrLymiwSLJEmHCukT97D3xbIPdX_1eQyPWrit" + }, + "public" : { + "crv" : "P-521", + "ext" : "true", + "kty" : "EC", + "x" : "Af_____________________________________________________________________________________-", + "y" : "ANklT9-ABJasszeQsQPF7p-sEoMv5UbGMiJbD3_OPaRXSxqHm2I9ci-o_DTV_CqHMarWkamou4tVTJWgUdaqUFrP" + } + } + ] + } + ] +} diff --git a/t/wycheproof/ecdsa_test.json b/t/wycheproof/ecdsa_test.json new file mode 100644 index 0000000..2322cf0 --- /dev/null +++ b/t/wycheproof/ecdsa_test.json @@ -0,0 +1,2254 @@ +{ + "algorithm" : "ECDSA", + "generatorVersion" : "0.0a10", + "numberOfTests" : 273, + "testGroups" : [ + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044af4f6d1d734798d4c4c6f97c4fff392ee65dc252d617b154ca835ea1535b104fb069171d00e87a92e6c4db1d892bc09b04b5da8bd9b09cfaa41d0a526e55237", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESvT20dc0eY1MTG+XxP/zku5l3CUt\nYXsVTKg16hU1sQT7BpFx0A6HqS5sTbHYkrwJsEtdqL2bCc+qQdClJuVSNw==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "4af4f6d1d734798d4c4c6f97c4fff392ee65dc252d617b154ca835ea1535b104", + "wy" : "0fb069171d00e87a92e6c4db1d892bc09b04b5da8bd9b09cfaa41d0a526e55237" + }, + "tests" : [ + { + "comment" : "signature malleability", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221008b8d6e21d0c0bb5185319715ccbce2902802e1eca070b7226dec70ceca023883", + "tcId" : 1 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100dc6483cb966474fc22f2e68660e5e52f3bfa403b962de583576177c0dab2a260022100db4526559f5145e2fc5aa10d1d993a811973144f99b86474599a9f1e212c07f1", + "tcId" : 2 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "304402201f0819fe1695c49555d6f3c1648a04c24cc59bad4120b3a66e997481d4e973a002206cf5660873b490ee99563c958a02178890191b7da31bd87e43161d83a6ad0efe", + "tcId" : 3 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100b925b7d5a274ec43833fc87d66e50d8bf0be579912d882be3300e7167985448f022100e319bfd2931d9a83b709dd5509d0d907188fa03d3025f842ca9123d052be6c70", + "tcId" : 4 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100d2cb5feded860091556d8710ad7e7aab7a6350d2d97238177604d8d330e0357a022100cab37fcb3ef1fd4485aca7d75dd4685b56f5078383936ad84f8af4c12b874c40", + "tcId" : 5 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3045022100bcf08f55b39ec37c3939d58e9eb6d42f21bccff63f661eecd06c89acb689067b022062e2ba2ec55bb9fe5aaa888d5836deff0abf45cbbaf2f8228b31d2cefa380466", + "tcId" : 6 + }, + { + "comment" : "valid", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 7 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "308145022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 8 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "304602812100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 9 + }, + { + "comment" : "BER:long form encoding of length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f028120747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 10 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "30820045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 11 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "30470282002100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 12 + }, + { + "comment" : "BER:length contains leading 0", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02820020747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 13 + }, + { + "comment" : "BER:indefinite length", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3080022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 14 + }, + { + "comment" : "BER:prepending 0's to integer", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "30470223000000b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 15 + }, + { + "comment" : "BER:prepending 0's to integer", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02220000747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 16 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 17 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 18 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022200b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 19 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022000b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 20 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 21 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f021f747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 22 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30850100000045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 23 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a0285010000002100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 24 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02850100000020747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 25 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3089010000000000000045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 26 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304e028901000000000000002100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 27 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304e022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0289010000000000000020747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 28 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30847fffffff022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 29 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304902847fffffff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 30 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02847fffffff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 31 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3084ffffffff022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 32 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30490284ffffffff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 33 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0284ffffffff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 34 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3085ffffffffff022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 35 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a0285ffffffffff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 36 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0285ffffffffff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 37 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3088ffffffffffffffff022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 38 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d0288ffffffffffffffff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 39 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0288ffffffffffffffff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 40 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30ff022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 41 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304502ff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 42 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02ff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 43 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3080022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 44 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045028000b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 45 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0280747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 46 + }, + { + "comment" : "removing sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "", + "tcId" : 47 + }, + { + "comment" : "appending 0's to sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 48 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30470000022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 49 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 50 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f00000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 51 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0500", + "tcId" : 52 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022300b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f05000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 53 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0222747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0500", + "tcId" : 54 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a4981773045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 55 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304925003045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 56 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30473045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0004deadbeef", + "tcId" : 57 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a2226498177022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 58 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304922252500022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 59 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d2223022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0004deadbeef0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 60 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304a022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f22254981770220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 61 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f222425000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 62 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f22220220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0004deadbeef", + "tcId" : 63 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304daa00bb00cd003045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 64 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304baa02aabb3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 65 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d2229aa00bb00cd00022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 66 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304b2227aa02aabb022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 67 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304d022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f2228aa00bb00cd000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 68 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304b022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f2226aa02aabb0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 69 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30803045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 70 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30492280022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f00000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 71 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f22800220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 72 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30803145022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 73 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30492280032100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f00000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 74 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f22800320747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 75 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "2e45022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 76 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3245022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 77 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ff45022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 78 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045002100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 79 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045042100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 80 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045ff2100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 81 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0020747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 82 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0420747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 83 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3fff20747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 84 + }, + { + "comment" : "dropping value of sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3000", + "tcId" : 85 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304930010230442100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 86 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "304922250201000220b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 87 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f2224020174021f7291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 88 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ec", + "tcId" : 89 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30442100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 90 + }, + { + "comment" : "prepend empty sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30473000022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 91 + }, + { + "comment" : "append empty sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce3000", + "tcId" : 92 + }, + { + "comment" : "sequence of sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30473045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 93 + }, + { + "comment" : "truncated sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3023022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f", + "tcId" : 94 + }, + { + "comment" : "repeat element in sequence", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3067022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 95 + }, + { + "comment" : "removing integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30220220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 96 + }, + { + "comment" : "appending 0's to integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022300b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f00000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 97 + }, + { + "comment" : "appending 0's to integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0222747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000", + "tcId" : 98 + }, + { + "comment" : "dropping value of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "302402000220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 99 + }, + { + "comment" : "dropping value of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3025022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0200", + "tcId" : 100 + }, + { + "comment" : "modify first byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022101b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 101 + }, + { + "comment" : "modify first byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220757291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 102 + }, + { + "comment" : "modify last byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3e0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 103 + }, + { + "comment" : "modify last byte of integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260eccf", + "tcId" : 104 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022000b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 105 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30440220b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 106 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f021f747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ec", + "tcId" : 107 + }, + { + "comment" : "truncate integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f021f7291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 108 + }, + { + "comment" : "leading ff in integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30460222ff00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 109 + }, + { + "comment" : "leading ff in integer", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221ff747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 110 + }, + { + "comment" : "infinity", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30250901800220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 111 + }, + { + "comment" : "infinity", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f090180", + "tcId" : 112 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022101b7babae8332b54b9a3a05b7004579821656e9c5fbb7d96607df713de366051900220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 113 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30440220b7babaea332b54b7a3a05b7004579821eba0a7046d4e595696837e583d9a06ee0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 114 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30450221ff48454516ccd4ab475c5fa48ffba867de57785e4deb9a082475c2b6e4c602d3c10220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 115 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022048454515ccd4ab485c5fa48ffba867de145f58fb92b1a6a9697c81a7c265f9120220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 116 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30450221fe48454517ccd4ab465c5fa48ffba867de9a9163a04482699f8208ec21c99fae700220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 117 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3044022048454516ccd4ab475c5fa48ffba867de57785e4deb9a082475c2b6e4c602d3c10220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 118 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f022101747291dc2f3f44b07ace68ea33431d6f51cb136eadbe85e7798724b72ec4121f", + "tcId" : 119 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221ff747291de2f3f44ae7ace68ea33431d6fd7fd1e135f8f48dd92138f3135fdc77d", + "tcId" : 120 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02208b8d6e22d0c0bb5085319715ccbce2906b1be73ef959189d7a32a60bcd9f1332", + "tcId" : 121 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221fe8b8d6e23d0c0bb4f85319715ccbce290ae34ec9152417a188678db48d13bede1", + "tcId" : 122 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f022101747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 123 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0221008b8d6e22d0c0bb5085319715ccbce2906b1be73ef959189d7a32a60bcd9f1332", + "tcId" : 124 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020100020100", + "tcId" : 125 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020100020101", + "tcId" : 126 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201000201f0", + "tcId" : 127 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020100022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 128 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020100022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 129 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020100022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 130 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020100022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 131 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020100022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 132 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008020100090380fe01", + "tcId" : 133 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020101020100", + "tcId" : 134 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3006020101020101", + "tcId" : 135 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201010201f0", + "tcId" : 136 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020101022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 137 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020101022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 138 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020101022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 139 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 140 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026020101022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 141 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3008020101090380fe01", + "tcId" : 142 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f0020100", + "tcId" : 143 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f0020101", + "tcId" : 144 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30060201f00201f0", + "tcId" : 145 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30260201f0022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 146 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30260201f0022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 147 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30260201f0022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 148 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30260201f0022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 149 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30260201f0022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 150 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "30080201f0090380fe01", + "tcId" : 151 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020100", + "tcId" : 152 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101", + "tcId" : 153 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510201f0", + "tcId" : 154 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 155 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 156 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 157 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 158 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 159 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3028022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551090380fe01", + "tcId" : 160 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550020100", + "tcId" : 161 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550020101", + "tcId" : 162 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325500201f0", + "tcId" : 163 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 164 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 165 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 166 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 167 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 168 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3028022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550090380fe01", + "tcId" : 169 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552020100", + "tcId" : 170 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552020101", + "tcId" : 171 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325520201f0", + "tcId" : 172 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 173 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 174 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 175 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 176 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 177 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3028022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552090380fe01", + "tcId" : 178 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff020100", + "tcId" : 179 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff020101", + "tcId" : 180 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff0201f0", + "tcId" : 181 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 182 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 183 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 184 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 185 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 186 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3028022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff090380fe01", + "tcId" : 187 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000001000000000000000000000001000000000000000000000000020100", + "tcId" : 188 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff00000001000000000000000000000001000000000000000000000000020101", + "tcId" : 189 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3026022100ffffffff000000010000000000000000000000010000000000000000000000000201f0", + "tcId" : 190 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000001000000000000000000000000022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 191 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000001000000000000000000000000022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 192 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000001000000000000000000000000022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 193 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000001000000000000000000000000022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 194 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000001000000000000000000000000022100ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 195 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "3028022100ffffffff00000001000000000000000000000001000000000000000000000000090380fe01", + "tcId" : 196 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1wXRb4CYfi2bGmlX0pziL+v30Q+l\nFRUxgkFcg2G6rKSx/BBe5c6A1RTsEji+riA3pvg2JVk2INRggZ6GghYJJg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4", + "wy" : "0b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926" + }, + "tests" : [ + { + "comment" : "k*G has a large x-coordinate", + "message" : "54657374", + "result" : "valid", + "sig" : "303502104319055358e8617b0c46353d039cdaab022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 197 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1wXRb4CYfi2bGmlX0pziL+v30Q+l\nFRUxgkFcg2G6rKSx/BBe5c6A1RTsEji+riA3pvg2JVk2INRggZ6GghYJJg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4", + "wy" : "0b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926" + }, + "tests" : [ + { + "comment" : "r too large", + "message" : "54657374", + "result" : "invalid", + "sig" : "3046022100ffffffff00000001000000000000000000000000fffffffffffffffffffffffc022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 198 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200043cd8d2f81d6953b0844c09d7b560d527cd2ef67056893eadafa52c8501387d59ee41fdb4d10402ce7a0c5e3b747adfa3a490b62a6b7719068903485c0bb6dc2d", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPNjS+B1pU7CETAnXtWDVJ80u9nBW\niT6tr6UshQE4fVnuQf200QQCznoMXjt0et+jpJC2Kmt3GQaJA0hcC7bcLQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "3cd8d2f81d6953b0844c09d7b560d527cd2ef67056893eadafa52c8501387d59", + "wy" : "0ee41fdb4d10402ce7a0c5e3b747adfa3a490b62a6b7719068903485c0bb6dc2d" + }, + "tests" : [ + { + "comment" : "r,s are large", + "message" : "54657374", + "result" : "valid", + "sig" : "3046022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 199 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "small r and s", + "message" : "54657374", + "result" : "valid", + "sig" : "3006020105020101", + "tcId" : 200 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "r is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "3026022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632556020101", + "tcId" : 201 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "s is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "3026020105022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 202 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040203736fcb198b15d8d7a0c80f66dddd15259240aa78d08aae67c467de04503434383438d5041ea9a387ee8e4d4e84b4471b160c6bcf2568b072f8f20e87a996", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAgNzb8sZixXY16DID2bd3RUlkkCq\neNCKrmfEZ94EUDQ0ODQ41QQeqaOH7o5NToS0RxsWDGvPJWiwcvjyDoeplg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "203736fcb198b15d8d7a0c80f66dddd15259240aa78d08aae67c467de045034", + "wy" : "34383438d5041ea9a387ee8e4d4e84b4471b160c6bcf2568b072f8f20e87a996" + }, + "tests" : [ + { + "comment" : "point at infinity during verify", + "message" : "54657374", + "result" : "invalid", + "sig" : "304402207fffffff800000007fffffffffffffffde737d56d38bcf4279dce5617e3192a80220555555550000000055555555555555553ef7a8e48d07df81a693439654210c70", + "tcId" : 203 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004a17f5b75a35ed64623ca5cbf1f91951292db0c23f0c2ea24c3d0cad0988cabc083a7a618625c228940730b4fa3ee64faecbb2fc20fdde7c58b3a3f6300424dc6", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoX9bdaNe1kYjyly/H5GVEpLbDCPw\nwuokw9DK0JiMq8CDp6YYYlwiiUBzC0+j7mT67Lsvwg/d58WLOj9jAEJNxg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0a17f5b75a35ed64623ca5cbf1f91951292db0c23f0c2ea24c3d0cad0988cabc0", + "wy" : "083a7a618625c228940730b4fa3ee64faecbb2fc20fdde7c58b3a3f6300424dc6" + }, + "tests" : [ + { + "comment" : "u1 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "30440220555555550000000055555555555555553ef7a8e48d07df81a693439654210c700220532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "tcId" : 204 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d0301070342000404ba0cba291a37db13f33bf90dab628c04ec8393a0200419e9eaa1ebcc9fb5c31f3a0a0e6823a49b625ad57b12a32d4047970fc3428f0f0049ecf4265dc12f62", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBLoMuikaN9sT8zv5DatijATsg5Og\nIAQZ6eqh68yftcMfOgoOaCOkm2Ja1XsSoy1AR5cPw0KPDwBJ7PQmXcEvYg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "4ba0cba291a37db13f33bf90dab628c04ec8393a0200419e9eaa1ebcc9fb5c3", + "wy" : "1f3a0a0e6823a49b625ad57b12a32d4047970fc3428f0f0049ecf4265dc12f62" + }, + "tests" : [ + { + "comment" : "u1 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "30450220555555550000000055555555555555553ef7a8e48d07df81a693439654210c70022100acd155416a8b77f34089464733ff7cd39c400e9c69af7beb9eac5054ed2ec72c", + "tcId" : 205 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004692b6c828e0feed63d8aeaa2b7322f9ccbe8723a1ed39f229f204a434b8900efa1f6f6abcb38ea3b8fde38b98c7c271f274af56a8c5628dc3329069ae4dd5716", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaStsgo4P7tY9iuqitzIvnMvocjoe\n058inyBKQ0uJAO+h9varyzjqO4/eOLmMfCcfJ0r1aoxWKNwzKQaa5N1XFg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "692b6c828e0feed63d8aeaa2b7322f9ccbe8723a1ed39f229f204a434b8900ef", + "wy" : "0a1f6f6abcb38ea3b8fde38b98c7c271f274af56a8c5628dc3329069ae4dd5716" + }, + "tests" : [ + { + "comment" : "u2 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "30440220555555550000000055555555555555553ef7a8e48d07df81a693439654210c700220555555550000000055555555555555553ef7a8e48d07df81a693439654210c70", + "tcId" : 206 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d0301070342000400cefd9162d13e64cb93687a9cd8f9755ebb5a3ef7632f800f84871874ccef09543ecbeaf7e8044ef721be2fb5f549e4b8480d2587404ebf7dbbef2c54bc0cb1", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAM79kWLRPmTLk2h6nNj5dV67Wj73\nYy+AD4SHGHTM7wlUPsvq9+gETvchvi+19UnkuEgNJYdATr99u+8sVLwMsQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0cefd9162d13e64cb93687a9cd8f9755ebb5a3ef7632f800f84871874ccef09", + "wy" : "543ecbeaf7e8044ef721be2fb5f549e4b8480d2587404ebf7dbbef2c54bc0cb1" + }, + "tests" : [ + { + "comment" : "u2 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "30450220555555550000000055555555555555553ef7a8e48d07df81a693439654210c70022100aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1", + "tcId" : 207 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e2a964fc00d377a8592b8b61aafa7a4aaa7c7b9fd2b41d6e0e17bd1ba5677edcd", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAVgTd1W5AfeXqQ1MqIh+Ajyy72Oy\nuiwNRV7a70LPI34qlk/ADTd6hZK4thqvp6Sqp8e5/StB1uDhe9G6VnftzQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e", + "wy" : "2a964fc00d377a8592b8b61aafa7a4aaa7c7b9fd2b41d6e0e17bd1ba5677edcd" + }, + "tests" : [ + { + "comment" : "weak key", + "message" : "54657374", + "result" : "valid", + "sig" : "304502206f2347cab7dd76858fe0555ac3bc99048c4aacafdfb6bcbe05ea6c42c4934569022100f21d907e3890916dc4fa1f4703c1e50d3f54ddf7383e44023a41de562aa18ed8", + "tcId" : 208 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237ed569b03ef2c8857b6d4749e550585b5558384603d4be291f1e842e45a9881232", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAVgTd1W5AfeXqQ1MqIh+Ajyy72Oy\nuiwNRV7a70LPI37VabA+8siFe21HSeVQWFtVWDhGA9S+KR8ehC5FqYgSMg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e", + "wy" : "0d569b03ef2c8857b6d4749e550585b5558384603d4be291f1e842e45a9881232" + }, + "tests" : [ + { + "comment" : "duplication bug", + "message" : "54657374", + "result" : "invalid", + "sig" : "304502206f2347cab7dd76858fe0555ac3bc99048c4aacafdfb6bcbe05ea6c42c4934569022100f21d907e3890916dc4fa1f4703c1e50d3f54ddf7383e44023a41de562aa18ed8", + "tcId" : 209 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200043f7137e42b6c5d98c6bb61bce91426f8e2c2f33fdc893a0d32be1ba0042c21c59c0df75782993e9a31ef773dc73eeb038cd6594f43ecca77fe586105efa19833", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEP3E35CtsXZjGu2G86RQm+OLC8z/c\niToNMr4boAQsIcWcDfdXgpk+mjHvdz3HPusDjNZZT0Psynf+WGEF76GYMw==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "3f7137e42b6c5d98c6bb61bce91426f8e2c2f33fdc893a0d32be1ba0042c21c5", + "wy" : "09c0df75782993e9a31ef773dc73eeb038cd6594f43ecca77fe586105efa19833" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "304502203c3fe1264b2995df966337a6ede98fc5c71893e352696703cf863c7e63ac0627022100bcb0a9a02e57ce80f72d91eee92a99ba5b16a3411f9dd541bfdf44a7f2ad54cc", + "tcId" : 210 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "3045022100a3f9d3ea2c35bb1899508129e0edaf40292ec3b895dc0c6396d9b162b8d88134022073a92358fc9921bf80b3f0f6244d73b141f007a632e8c3cd1f988752e6492c79", + "tcId" : 211 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "304402203c137c3cf8feb9eb4f7f5984e954918dd408b4df79534150919694d07877067f02202ca4c9d4440262934ca5c8b2cc4bfab3348462b5ab3a308d097dee9b8077a0c0", + "tcId" : 212 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "3045022005916c5b5d012f85a11fb8adccee8403674dd259e9b158594a3979346d38620c022100945e551009e002951ad9551ed507feca41103c3bf23a156eaefd0c844f3567be", + "tcId" : 213 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "3044022007c1801de1ec0c089fcbc6301deaa0c161ae59c7e367c6f0376d3fcfcbc6a3e5022006d8ff0b593ed08b35e781551e8ca8222a8f4524e07dc055ec9b78567fe7cd81", + "tcId" : 214 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "30450220204ff2e911d442d3e46979b2177894bd07cf25485b990f6f162335f916e9d2d00221009825c6539cc3a4d1be8ef523fe28f99f5445377f70471bffbd88362909ee4fde", + "tcId" : 215 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "304502206a2e4b1eda9b5e5426e0fe6f2fe3180793ec1ae414b4c1164c1cb85a85af49b00221008a40315be22f196eb6d4dca64adab267778eaef5884a074573cb4f2bed185519", + "tcId" : 216 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "3045022100aaedd77d46a678ca6200a38fcb35550d6c523b6e929efe621673307c295c7de602201dbf3d1edcebd7f7caa604ec3d967a213c57ca2f016ed1c281a2bbce2978c59a", + "tcId" : 217 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "304402204491da1b704c0410cf6d3ed7c40e770f35d54dd79eb7646537b5e48654b9a28e02204118b53ab6da09a9fcc23af86d8fb8db903a596883167c29042bc13618a3a1b1", + "tcId" : 218 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "304502205f9da7e8a353a0b324b512a6d7bc9daa655041c09e1aebd281f85b6445ba7ca3022100fb1386685b75f05d836a9a7c2aa698b543fac3cb3a54a256efa9f6f1efaaaedb", + "tcId" : 219 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004013d6e38dfa75ddb2e7822a68192ba40b947bdbbb666d40c63d03b757eb512ed826bfe58bb2706af6ed7b771c98d86133a8d6f5ac6ec22c589cef90e43480f2b2bee0061d76af46853de2a9e2b444cba5adbeb38ad82541a483350c313ff259b93e0d64085566c6c2bb6ff0fbdbd46e69c48b37ec3905d06234bbbd8ca4198d564c8e465", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBPW4436dd2y54IqaBkrpAuUe9u7Zm\n1Axj0Dt1frUS7YJr/li7Jwavbte3ccmNhhM6jW9axuwixYnO+Q5DSA8rK+4AYddq\n9GhT3iqeK0RMulrb6zitglQaSDNQwxP/JZuT4NZAhVZsbCu2/w+9vUbmnEizfsOQ\nXQYjS7vYykGY1WTI5GU=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp521r1", + "type" : "ECPublicKey", + "wx" : "13d6e38dfa75ddb2e7822a68192ba40b947bdbbb666d40c63d03b757eb512ed826bfe58bb2706af6ed7b771c98d86133a8d6f5ac6ec22c589cef90e43480f2b2bee", + "wy" : "61d76af46853de2a9e2b444cba5adbeb38ad82541a483350c313ff259b93e0d64085566c6c2bb6ff0fbdbd46e69c48b37ec3905d06234bbbd8ca4198d564c8e465" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "30818702411b01186e46e19d71dc2062453be3b4b94c27556069ac5211f6cdb99d4b4d89405c2da8663a32dcec5515cb7357564b32a6ce33f379f3df35b4e2a5db855ad1d7be024200efea92828d6cf125504a247141adc9ecf35fde30c7e0487eff4fbe2f3949b7788d034968a198dcfb4ad1bb6b873ef9f5c8683757aa716f8c00dbc1ccc534c2fece", + "tcId" : 220 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "3081880242016f39b566c7e037f0c5dfe9f453fb1dc488fa610c341408333326cb632d16dda66af7286e4237de3310cffd6863398257fe2c9e1deb30d61d098c7d5c255b4b45d9024201a49858926129db492d53130bedd4c9be18ac9f7bfd7d62eaf99fe12f58e81d2786b12da9c13b3f025f94f5398e784e909ff363125b98dc35ba850400ef8e4efa2d", + "tcId" : 221 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "308187024200fcec8495af424d3d6468cf79a0b2d6a2ff7d3c249e78ea1f157e1558066e5118558a830ba105dc8a29b8375642593f0e5c2d23b62a39954ad7a4be3e82a69d817b02410960873c13cd81af95e3980db5fdc537bebfc9ebae4d94d05a276d3bdd86b65ec60175471ae661e16c225c6e17635664a20e8160f7365e4034ca625642de17d479", + "tcId" : 222 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "308187024171ad3beb8abd01e53fed56ea34f1bd9ae252d290e5c5ae364ae60ce67b0f42186254db2783333a97eeabf2a84b6bcb4683107e03d97bb3e67d400cc8c314a20939024200dc4afe3dca6572fd4a56ba150d3a5266d7828f2c764c416fa2b2e64b1c694040d1fe8061e742c9212ec4330a0d1e312ad65ec4623821d3327da583b78e6a2539ed", + "tcId" : 223 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "308188024200e53d62a974603f05997fce2df0cb2df83a34cc34b56d71db12cf980db9834e1a322a17fad9ba8d7ea58e2d31de4688527fc5f18424470a51383dbcb177c97c2f6f024201668d2e11b296637f7886291eb339ecfbd630be841b622f81df118cdd16ecebfd0999dca4f82b7fc4f17be81c64d6903ca2a9d854702b6783b1bb47455fc9665032", + "tcId" : 224 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "308186024107250d6a30bc7c47a63f2aebb3eb0b7b9be3bf833f761bf6a56cd1300224e5753c85987f9e61401c0434ab1566b6a3e5519575415c24417c69c39fc43dab11d3cb024157f319ebf47bbfe2b7d38a3da246b135f31baa455c72c5869016d7fcabdaec581efc5b756d0f451ad079f697961225e55495fbac374bb246fd499c1ba7b9bbae57", + "tcId" : 225 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "308188024200d2b0e8938f97fad395fa00d91888f9ba29d4df80626cc278ad233c9a9fdc5fd1762cb6a53bc34d1f6f0b1b42dd0ac5bde7c3f95becf6fe39f356a47ffa7cc2343a024201cb90ceb1c46d9d0f584d0e8b58b21a5e9d7b101dc253a1109fe99715f32223b4e02ac3a880e8eeb7d4a92a7d10d33543fad8c78cfb0700bf794f0497f4c8276c3c", + "tcId" : 226 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "3081880242018a4cffe3fbacdaffe208bbd0c682ffdfc7d77a41d05e71f8e5bfe3685279bc62dd35e3ac1c6bec556bfe3ba0b12c6ef6124dcf05bc61d66856c00740bd271856c8024200a6105606f6bdf923a8dd1a70802a98d42b83293dbd8e78799d9093e22819edc20754e0da61f05c0650069a2f766c0e2caea947d436c9a4cf1d7c4881315fa840b6", + "tcId" : 227 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "3081880242010bc1d5bcda1e17bb6abffe483005885455d6042eb89dc346765017a270524ad03d8bce116860c79f9a33085b6d9a9ec0bd03944bd117cc24a46e4cfd58a75afa18024201db04999a96b4caa3725d1fd178e0471e05ea8800fce35e1cf52d1c8006083898a28cf8b106eb58588a0aa642bb91581aa940f3e02b9fdcb064cf29cf012b449cb4", + "tcId" : 228 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "3081880242017381d2a07c84ebe2fb4356f07c27a2d110d6d1ef7c0a23dfb3a038dbbc53d457d3207039bdfb46bacae9d9ed821d46ce328d3d2acdf9641331b28713998d0398dd024200b6b943a7300d396d07a76c29e80a88c1ff1a6def766fb72022db7bb006e311e6cfbc4452390962461e767a97383d2f908122645e82710dd7fbbeff947d2e488bad", + "tcId" : 229 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004e10ba0fabf162af055b859b7d939435cce257ffa274349456403292bb8cb60e9fa1a0a6408df5e4e3675f47621c8f29cda59832a7acedcd3315f6a8ea848afc8", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4Qug+r8WKvBVuFm32TlDXM4lf/on\nQ0lFZAMpK7jLYOn6GgpkCN9eTjZ19HYhyPKc2lmDKnrO3NMxX2qOqEivyA==\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0e10ba0fabf162af055b859b7d939435cce257ffa274349456403292bb8cb60e9", + "wy" : "0fa1a0a6408df5e4e3675f47621c8f29cda59832a7acedcd3315f6a8ea848afc8" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3045022100f5a4fa630913d5ad82d46e31c305e6b0933b4d9aaaf52997cf86527e36fb784c02206534b74e9d19ae8756afdde2876ad90195863f7c04ee61997eab183d175cf770", + "tcId" : 230 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "304502204ccf6585c28ed8ec75d4023f2f8827c3e87c30fa884d992f53b3515ea6060d6b022100b80de22c729068f2191aa7bb638cb26b0018914981b4ab20a09d48333147b9a4", + "tcId" : 231 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30460221009f14dfcd5b7963d2f6d3ea0925bfcbdbf3b6a9500d080efbb787f6b792886312022100eae1881b232e64f10dd41b0b94c8c4e662ff3be7d25f1137ede60737664a2c7b", + "tcId" : 232 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100e43b319bd4d94cd6beeb23caf950dbb448d713de4830ac4f749a30149932cdfb0221008118d54087fae841c61eca28622f95a315f8d9f505ba30fea43c17a7b48e6f9a", + "tcId" : 233 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3045022100d66f8bfe727d5697feda9fd2a7be014454329f6a72414b69a181a7a7bc6614d402203e7aa1f19cb90fa30cebd30ce5c3022748f050a418d1d42550a76f4eb497b0e7", + "tcId" : 234 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3046022100db555ffefc339c394d1a8059390a78aa9eba72dc008421f581f78ed1b29c3e910221009082dba3909cfc596ade6108a199d66fc1f726016eae2871c8e343bc14639bb3", + "tcId" : 235 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30440220190dd08a839b27641f1145fc8e04e8d71a55f2be835d360bd1c5f5d357c749490220474915b4bc6d81437eaff2f438e05bedcfd10f4222984782f3202ee32b55253d", + "tcId" : 236 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "304502200159de0f5c777d001cf22e46cccd10dc01a124f12bc707aaaf305d3e05f0fc1a022100c2314c660d0107473edaf36e718248971522c20adea9e7b1f01fe174510ab00d", + "tcId" : 237 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3045022100ed5137b13ce59346a00a2380e3ff1a874f52172ecd601652dd12e38ce638bb410220776161b448299c2cbcd9856dcd2aeea99423d817895ce9c5d3071c81bf7b0218", + "tcId" : 238 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "304402206c5fa55a3cc7d21fcdbbd353acaff2c33bcce0a7768277dfea9999c49b80e78e022029316ba855bcfdfed36032e648413beaea51675286ed5fc7c67a623ec6ab550b", + "tcId" : 239 + } + ] + }, + { + "keyDer" : "304e301006072a8648ce3d020106052b81040021033a0004043d002e8a7578988a8013868221598c76b22591f95b6328a07f60ff1bb55957b1a83fce6aeeb38f2c1489d170e51fd3ba396e4dd4997314", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nME4wEAYHKoZIzj0CAQYFK4EEACEDOgAEBD0ALop1eJiKgBOGgiFZjHayJZH5W2Mo\noH9g/xu1WVexqD/Oau6zjywUidFw5R/TujluTdSZcxQ=\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp224r1", + "type" : "ECPublicKey", + "wx" : "43d002e8a7578988a8013868221598c76b22591f95b6328a07f60ff", + "wy" : "1bb55957b1a83fce6aeeb38f2c1489d170e51fd3ba396e4dd4997314" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c31788aeb1f7e5a8ef02691c94b6ef09c178177e1efd0b66024e2bbf0021c61b855d33928aa6a06ce4744459246912bb546299dc1361afe8b54f6", + "tcId" : 240 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021c535fd315dc20cffdb12d9760e78f265b372cbab47d16d452b7323e29021d00b647908b7afbc054bd8da42a2c919542e3f46ee500c701c73077bcdb", + "tcId" : 241 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303e021d00c4732d71dfa662e7954ff9bebfd649d0979fb3b1cff0f003d2bb2491021d00a646d691a1298e7c35a97a3b466a24fb6920b4fadbe879c7753b6cc0", + "tcId" : 242 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c5234ab61f3968397d91b43782dd4c1d6fb9d3efe408179350776fbc9021c2eb655fb47d872f419455708db8eeb887798c8b4f2c7a97676dba7b8", + "tcId" : 243 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021c0130551eb38f5031878979407512b41539e433dc286d1fede4b80be3021d009bd60de297786209c5432b806a54b7631621d46de47d48842ff681c5", + "tcId" : 244 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c27d821f9c9cf6318f2a037de60fa4782c351ba4ff80d932d213c4d07021c62ee9b287ba2a0b3e30ddd3fc64e7929bdad9113a1282c10643ad592", + "tcId" : 245 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303c021c1016ed7dbcb22340942aa8f0e7a84101d96dc42eb55ca2d681632e90021c5c16afccd82d04f8c444de978fe63d5450d07e12b203c32b2196b495", + "tcId" : 246 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021d00ed965e2d4693550bb57f5e02ddb4decd39a6e04877acff12a73a8235021c355bcf5024e4c59fbd085b93309d9c5bbe1a46753ffb4f721a893886", + "tcId" : 247 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303e021d00bafa121f3eaa86be5126d205415bbac620a5629055ca27d3df9b8678021d00b85d2b3b11517a994317139d28b75772dec6aeb21b1e9fa07886ad8c", + "tcId" : 248 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "303d021d00dc63d34b62603b5f6f5e3a55b65d0571b5d1c5aebe0b2ebb5ffac3a9021c6a88c49cb0d3dd86bae375f93c299dcd32c372ce201e4ab50b31d233", + "tcId" : 249 + } + ] + }, + { + "keyDer" : "3076301006072a8648ce3d020106052b810400220362000437c5fdb948494b3fd8bb5ec5930025276fa55d43f660e1f06b74a4462063f4735ed0a6d9dfdee6797b70655755e8e2e373d53d1f06fe73b766f5c4e06b788dea92b7a17d7cc1abb95d2c90cb2c09b5a2de2e672126debc46516e910952a91dfa", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEN8X9uUhJSz/Yu17FkwAlJ2+lXUP2YOHw\na3SkRiBj9HNe0KbZ397meXtwZVdV6OLjc9U9Hwb+c7dm9cTga3iN6pK3oX18wau5\nXSyQyywJtaLeLmchJt68RlFukQlSqR36\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp384r1", + "type" : "ECPublicKey", + "wx" : "37c5fdb948494b3fd8bb5ec5930025276fa55d43f660e1f06b74a4462063f4735ed0a6d9dfdee6797b70655755e8e2e3", + "wy" : "73d53d1f06fe73b766f5c4e06b788dea92b7a17d7cc1abb95d2c90cb2c09b5a2de2e672126debc46516e910952a91dfa" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3064023063a13e9cff9933f28be9d5512a41e7d360267d969787bb547de033ec25f4ce8d4241739136ef85c87d4fc26b508e6b0a02300d58575ba57ac5677cf1c0c482310f2ac49bd8e7777cbae1c4255a203b43fc4c57cf80d29054305a4816fa585d1d796f", + "tcId" : 250 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3064022f2d4f256b6cb1a53506a80dcc9168819143d406429c5d6a250382de196d5d85f15d55a03c2f75438c50ee88e500bfcc023100fb09a8ac3864ae3392d4ff8c6735525daccc3c406abf2b55127c1073e637a2d6ffebed7d7e76c33080323732f932b061", + "tcId" : 251 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3066023100ab7f86f08c50b3d270130751f841d7872d9cd9da32a20d45af87829ad1b3114ed37c40971abf1b9b901bb90e86ec66ed023100f7a2d3aed355f4fa173e5011da4759bf842c607f45e9716f95a55d9c164901113ed50df4883c52b83db7905d34edb7cf", + "tcId" : 252 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3066023100d6b7b5fb43b88233c0c08039489b0ff9c356488887aead4a4c67761d9dae82ae53346cc4d962453c95d8c6cc8138b15a0231009f9651cff09767563d5821940d16ef418d80b682af5137bfef8ff12ad0c5b0df90cd936b4ac75b750f52b8609b49cb00", + "tcId" : 253 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30650231009f04654cfa89783482e23f24a63e0161108b963353856216e8f668b61ce33cb552d9eaf110c1ebf0c7d674410e9efbf20230411c2050c857b0f312ccc3e69afff849bf89e0ff3868ff5693d69c16d901d4d976306b8f5e7cc0a908faa88a06aa4839", + "tcId" : 254 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30650230221ce3308b394973315c1ae936d41cbe103b3c480d0249063b491c6f282b6a003910cd1b53f78333d1d6bd0fc45cb775023100f7ae3e8c0849282145e8d411e69bb9abf8df77da4c794b639d0fa16e828ca74034e0d190636fb902cce42d29df3ae674", + "tcId" : 255 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3066023100fe157fe0d7830b2df78a6f41581b3982e2fe2b37d0c50a90804b9fa51fafb64f88b8a4a2a8899eb85709805626bb2374023100b5e8e146185dd26e1a7178f64377456e2bb56e6e3322d27bc8899a14bed7d8652e09d03dfc1730e3ac8ba1f6f0d7fe8d", + "tcId" : 256 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3065023100d9533df0741a9d3435366d9347259457bf1ace27f436b809a36a04f73a6499aaf1778bfdae763b16f6ab8329beef4cba0230282693221bf9ee2883c2793bccf45bcc50eceafeae3d6f0b0e7e55edda06bc36deebaabb3aee25339b37e7b2fc420f1d", + "tcId" : 257 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "306402304b36a23584076fc30ab2ef9e6b026ce1e60a7d380dc6be69fe2c1e1ec6edb737a8cc85c1486e810d00190cbcb6272bc6023030c794a0cca240578eda7d89b5f0a34b05330e926f7576327550fc444c3aee66c4d913c8d90be9b405486c8c879d1080", + "tcId" : 258 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3065023100d1993840050f853b6b046e3761a6007dca17f24bd96cc38cf08cee3b25ce1142cbe1b23bd97f49f1f73667f9956a0b8502305d1b757f67de261d5b7729a0cb582a0d4133ba6ffb329315328e43a2d3345b670a6c44ddaef6ff4b400616cdc0ecaf83", + "tcId" : 259 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000400252ba02b52511e0d27c926f51933deb9da574b65790d0586514afe02478a384c7709702304fa45d891f74ea5b7774658ec7f6bd665b7b857a19946ed97a13e12370122a5e01c6cc84e4ccf55a27b836a31e3faa91a27b8967b85abd815595f76bf7a0ed524ac8730bcb3b0c536907c8d492718bbbcc581d27b8d347fbe7844f65675fb", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAJSugK1JRHg0nySb1GTPeudpXS2V5\nDQWGUUr+AkeKOEx3CXAjBPpF2JH3TqW3d0ZY7H9r1mW3uFehmUbtl6E+EjcBIqXg\nHGzITkzPVaJ7g2ox4/qpGie4lnuFq9gVWV92v3oO1SSshzC8s7DFNpB8jUknGLu8\nxYHSe400f754RPZWdfs=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp521r1", + "type" : "ECPublicKey", + "wx" : "252ba02b52511e0d27c926f51933deb9da574b65790d0586514afe02478a384c7709702304fa45d891f74ea5b7774658ec7f6bd665b7b857a19946ed97a13e1237", + "wy" : "122a5e01c6cc84e4ccf55a27b836a31e3faa91a27b8967b85abd815595f76bf7a0ed524ac8730bcb3b0c536907c8d492718bbbcc581d27b8d347fbe7844f65675fb" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30818702412a996b82715ac9f1fe285a850a617e51ebabf92b521aa0c8548b6ab3fd218ae9bfd63f04416943a4c6ea6a9d679b770a40fb2298511c9e1541f08f63680dcb920d0242011e06a29b2b4b4342d23a5e1986fd5ec5970719a9afa019b17be2b29655187b0ed1d81359dd48d3dcb8c8ca201b33038dfb5980165de4797ae9108d3544dce9e9f2", + "tcId" : 260 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30818802420143eefbaa995087d553835fe93afcf43364d834e37302317c0587b7c86604dde272474e7f2501463280e0e979eb59e79e9f7a3236d967230fc5677fad4b29b424a1024201578a2dbb28cb4e7ca50bd237253b7912f3c8a7cb455d7da98c599855838b0dde6ed83276ab8eaefb312756cd3e16e53377358a98b8c612168e84261b510ea42253", + "tcId" : 261 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "30818702420131247501344d5aac53cdc31d65e22ab02bf552c246f0fa92ea7d24999bf6df4474c64af6c892ad05b1c3d83634c3420f55993d10589352674ffbec71552ff66bb102412655b482f9231e3ba0283b96d0a934c6f0c6282f7907e8d0aa1e6707d0410a78d036461b5e5d3cf7f0e7ceb23c24f334d6cbc2f1d1684039a14c22d8538debb62b", + "tcId" : 262 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "308188024201538632e5ba4b1119240dbe68e026a9ffe934ad46f129fae49dd30caf2dec9e45504be132685474c6ba473f39f9439717939b3dc725a82488c77b17358511a3eae90242015d36c05195a17382a229a61a011639f8c309696d68e1f3b95d0053ee23bf6cb6249bf7a4fc9f1517147a33438c66edef6c587f00d3de8635be84a785d5e7baf319", + "tcId" : 263 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "308188024200fafebd657159b7a0f5d9e3b58ceffcb30056407fdbbf345f416d9cfadfc22edd4f31d9ba39a8e3a0ab1a4154f2417ed99cf80600cf95ecb5ce8b0e7ee79cf84c7a024201c47968f0a10144d6f399a270bf8c663eb083c2c6629f13704e855a84d78fe4fd9e4ffd81191882b6ba51b220cb6bc94c55f89a8182460a321325a0c978f57bc17b", + "tcId" : 264 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3081870241138ffe382f05a34b2aea9bc90c2c5cac363d2cbd3af5c4fd1b39e75a92b34d6a1e6f0304a29a1b53651bda15840e1a93971bf20121c2d72d61481b95c3777116cc024201076665a62dd5dc147b30eb6521deaab06125d77b020c756940b21e1ff66f0d9b18b0013427b72a5ace91ccb790f94d0fea8f058f75324d4803283d2d3ea725a09c", + "tcId" : 265 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "308188024201a1f9f065bab50e83ab6c8c9008df1bfcb74f344f02efadab68c41d6f89c082157b978562bd4afea4769fbab392224682ef2683b449888f83205917e0918bbec217024201f7c1b72a0c0be8dddda08219060254bfc1e3e3c65427e89eff7868a7d9cfee31ee6653d455041ffa273b1ea383518b33231da95ea353a4d9ff3e5fa8c94c99e8f7", + "tcId" : 266 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3081880242018270e7745dad6d8488720f4c93b69700d9717503887288c671d916cd649595f9783591833116b2ef912fa72d259ab7114ae3a182a9864a7edd4e6fcb3990649ce702420146242a4a3483946bc090a40ac39339fc124368e7535c84530a98aa3bbcece21909605d4c045b22f611ee5bc33179f11dd0d528c7b64ca241a47a273430b5a4e844", + "tcId" : 267 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "308188024201a04b162ee70667cd609d86eb5410b9d7c0c72a95ff3b3cab5c2d51023806a221d18db37a130be74b32356b29f6e6420bc022f83f60999b4176d5c9e31d900f226b0242011eb2c375e10607769fee41fa0ab61bd7c4b2761776851590e75bc2c91a0d1f5db1e8031df3ae6ae753e7ee9465c7fb547f97ebf080f756d33e323b0ba0afeeef23", + "tcId" : 268 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "3081880242009dc34469da72d84ac5addcb57e8b47186733860fc0ed44ea83ed28987cec9549102e537db86589e27204015cd2b2bf197dba0c21f28f01bcb16e0c0ee623e395fb024200db1653be45deca922f80d620f5524d9ce88cbcc9e5ee6c6be6227836f8badf6d99138bdde1ba7b9ee3395382e827f2adbea608ca51175a64c483f1342193f52bbd", + "tcId" : 269 + } + ] + }, + { + "keyDer" : "304e301006072a8648ce3d020106052b81040021033a0004d90c6ccc60a40e92013f34fbeaa6d9e765e4a25f937f53faf6dc8595e603a9c4b1a60a5a51531b2fb1b57e38151a859c204f0f6c27b6feb6", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE2QxszGCkDpIBPzT76qbZ52Xkol+Tf1P6\n9tyFleYDqcSxpgpaUVMbL7G1fjgVGoWcIE8PbCe2/rY=\n-----END PUBLIC KEY-----", + "sha" : "SHA-1", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp224r1", + "type" : "ECPublicKey", + "wx" : "0d90c6ccc60a40e92013f34fbeaa6d9e765e4a25f937f53faf6dc8595", + "wy" : "0e603a9c4b1a60a5a51531b2fb1b57e38151a859c204f0f6c27b6feb6" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "303d021d00a2dfa28cce02d4006d07d3251a8ad54328571941869f48f3fcbcc316021c6d5cbf4e497d80bb1ad7955b441917872580c8977b4c026420ff449d", + "tcId" : 270 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004e49b6e5e078e9aa4364583f037efd94fb1058b9de125cb2a471981c343e662b2beaa75937c479c738574093053a2d54218753a967da74c0064d52e6a4db2cd73", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5JtuXgeOmqQ2RYPwN+/ZT7EFi53h\nJcsqRxmBw0PmYrK+qnWTfEecc4V0CTBTotVCGHU6ln2nTABk1S5qTbLNcw==\n-----END PUBLIC KEY-----", + "sha" : "SHA-224", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp256r1", + "type" : "ECPublicKey", + "wx" : "0e49b6e5e078e9aa4364583f037efd94fb1058b9de125cb2a471981c343e662b2", + "wy" : "0beaa75937c479c738574093053a2d54218753a967da74c0064d52e6a4db2cd73" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "30460221008febf29c959ccc9c138a3190b9e22d1721a14351ddb2be669aa4370b944fc318022100d41f7637c75f4f4631aa2dbd42e1282f8a9ac13fb869339d10c3a00a5953397b", + "tcId" : 271 + } + ] + }, + { + "keyDer" : "3076301006072a8648ce3d020106052b8104002203620004a884162c27b9b66355f98c71d58a568d1306a3cbb530f527355deabc9a91ee1e7c9a0f0667435ec7ccb2507eb93c5ea8b2326d0e69c1e053e49b55de8d6257a07f1421dcfd49290c962d71ea5e5585917d406bd78a345f721e183e2d53a394b2", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqIQWLCe5tmNV+Yxx1YpWjRMGo8u1MPUn\nNV3qvJqR7h58mg8GZ0Nex8yyUH65PF6osjJtDmnB4FPkm1XejWJXoH8UIdz9SSkM\nli1x6l5VhZF9QGvXijRfch4YPi1To5Sy\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp384r1", + "type" : "ECPublicKey", + "wx" : "0a884162c27b9b66355f98c71d58a568d1306a3cbb530f527355deabc9a91ee1e7c9a0f0667435ec7ccb2507eb93c5ea8", + "wy" : "0b2326d0e69c1e053e49b55de8d6257a07f1421dcfd49290c962d71ea5e5585917d406bd78a345f721e183e2d53a394b2" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "306502305158cdcc24d284b3427c1364844c04129b5d2d802bfa10401f81fc9c6fc0a4e66dd9c3d9a9964707494c497a5f702949023100c48ae0e2e4610bf39902f14e9abd0e3e785218711320dd353b0c5c4699f575570e0d6855dfcc8cbf28e88cadc3802cea", + "tcId" : 272 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b8104002303818600040024654b7e0621518502ecf70d7dce95c1000dacc7ea72be66462b2ae13befdc7fcbcb188f811c41ab67b0cb6490a8fd51a6561103b7b8b61413ce7324574ef9aa37009a61befa9b2b32c250b96e7868cb9de26e480b7ff608fdd64e02a392e216098a0d3383975375df15671fbe8d32165bf954e8b4b3efcef764ecca11dfda98e2073c", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAJGVLfgYhUYUC7PcNfc6VwQANrMfq\ncr5mRisq4Tvv3H/LyxiPgRxBq2ewy2SQqP1RplYRA7e4thQTznMkV075qjcAmmG+\n+psrMsJQuW54aMud4m5IC3/2CP3WTgKjkuIWCYoNM4OXU3XfFWcfvo0yFlv5VOi0\ns+/O92TsyhHf2pjiBzw=\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "key" : { + "curve" : "secp521r1", + "type" : "ECPublicKey", + "wx" : "24654b7e0621518502ecf70d7dce95c1000dacc7ea72be66462b2ae13befdc7fcbcb188f811c41ab67b0cb6490a8fd51a6561103b7b8b61413ce7324574ef9aa37", + "wy" : "09a61befa9b2b32c250b96e7868cb9de26e480b7ff608fdd64e02a392e216098a0d3383975375df15671fbe8d32165bf954e8b4b3efcef764ecca11dfda98e2073c" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "308188024201d9422e516e19f29b1d44450c9a7f63c6621a111f6ac69bbd58a0bcb19dc76d4ffe32dd3ebe796f3b5bf908f882545ba40025bbfd7a67d02507789fe6696384f921024201878e7aa8b9c5dda694c3e9f4bc702ad74ce1e30d959097dfffd173fe57a55fbacfeabe6f514654ea21961f9f2d1f07782f7db156c2807df333de15ec57f58d8099", + "tcId" : 273 + } + ] + } + ] +} diff --git a/t/wycheproof/ecdsa_webcrypto_test.json b/t/wycheproof/ecdsa_webcrypto_test.json new file mode 100644 index 0000000..021d152 --- /dev/null +++ b/t/wycheproof/ecdsa_webcrypto_test.json @@ -0,0 +1,1594 @@ +{ + "algorithm" : "ECDSA", + "generatorVersion" : "0.0a11", + "numberOfTests" : 123, + "testGroups" : [ + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044af4f6d1d734798d4c4c6f97c4fff392ee65dc252d617b154ca835ea1535b104fb069171d00e87a92e6c4db1d892bc09b04b5da8bd9b09cfaa41d0a526e55237", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESvT20dc0eY1MTG+XxP/zku5l3CUt\nYXsVTKg16hU1sQT7BpFx0A6HqS5sTbHYkrwJsEtdqL2bCc+qQdClJuVSNw==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "SvT20dc0eY1MTG-XxP_zku5l3CUtYXsVTKg16hU1sQQ", + "y" : "-waRcdAOh6kubE2x2JK8CbBLXai9mwnPqkHQpSblUjc" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "4af4f6d1d734798d4c4c6f97c4fff392ee65dc252d617b154ca835ea1535b104", + "wy" : "0fb069171d00e87a92e6c4db1d892bc09b04b5da8bd9b09cfaa41d0a526e55237" + }, + "tests" : [ + { + "comment" : "signature malleability", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f8b8d6e21d0c0bb5185319715ccbce2902802e1eca070b7226dec70ceca023883", + "tcId" : 1 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "f67dd15cef0128e9a4fb3c3e9958dd08039eba90453e8993a54251e667a317ab7e59ce34928cc502a3b3c3758cfb6f4907a2d463b0aba52291793b5854245944", + "tcId" : 2 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "56179fa191744e602ae7f6ae46e42312c6e336fc83a628ee455c6229b46c33413f0bd962a1a81406a29bc03a4b61c08e9503e75eba0bc29e8bc65494a25d3744", + "tcId" : 3 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "ca3503dfdf49e158b08046eb3ff169ae4b7f299cfd432ad9d7598ec952dac1c11cfc4c46c9eea69e577310202df187d32c058d9fef2d32bc5283642b79d1373b", + "tcId" : 4 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "9483c852f5b725da505e8cf57b9148b2772a1f2acc6f479fe8f176e69e1377f5b3cce9b6a9d46d9af3b992f8e947b72b165ac9e216966d34c533a6626796164b", + "tcId" : 5 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "1656802176c0e98da5512de8f9080f4dd91163c8a7422d1e930d58075309edef88be892159f048816a046d05d426f5d38d38e3f41d52617239fe8f5ae93b1abc", + "tcId" : 6 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "01b7babae8332b54b9a3a05b7004579821656e9c5fbb7d96607df713de3660519000747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 7 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "48454515ccd4ab485c5fa48ffba867de145f58fb92b1a6a9697c81a7c265f912747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 8 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "01b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f00747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 9 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "48454516ccd4ab475c5fa48ffba867de57785e4deb9a082475c2b6e4c602d3c1747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 10 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f01747291dc2f3f44b07ace68ea33431d6f51cb136eadbe85e7798724b72ec4121f", + "tcId" : 11 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f01747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce", + "tcId" : 12 + }, + { + "comment" : "Modified r or s, e.g. by adding or subtracting the order of the group", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f8b8d6e22d0c0bb5085319715ccbce2906b1be73ef959189d7a32a60bcd9f1332", + "tcId" : 13 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 14 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 15 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 16 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 17 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 18 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000000ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 19 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000000ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 20 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 21 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 22 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000001ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 23 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000001ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 24 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000001ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 25 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000001ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 26 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000001ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 27 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 28 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 29 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 30 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 31 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 32 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 33 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 34 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325500000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 35 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325500000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 36 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 37 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 38 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 39 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 40 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 41 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325520000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 42 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325520000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 43 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 44 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 45 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 46 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 47 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 48 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 49 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 50 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 51 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 52 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 53 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffffffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 54 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000ffffffffffffffffffffffffffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 55 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff000000010000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "tcId" : 56 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff000000010000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 57 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000001000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", + "tcId" : 58 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000001000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550", + "tcId" : 59 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000001000000000000000000000000ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 60 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000001000000000000000000000000ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", + "tcId" : 61 + }, + { + "comment" : "Signatures with special case values for r and s.", + "message" : "48656c6c6f", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000001000000000000000000000000ffffffff00000001000000000000000000000001000000000000000000000000", + "tcId" : 62 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1wXRb4CYfi2bGmlX0pziL+v30Q+l\nFRUxgkFcg2G6rKSx/BBe5c6A1RTsEji+riA3pvg2JVk2INRggZ6GghYJJg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "1wXRb4CYfi2bGmlX0pziL-v30Q-lFRUxgkFcg2G6rKQ", + "y" : "sfwQXuXOgNUU7BI4vq4gN6b4NiVZNiDUYIGehoIWCSY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "0d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4", + "wy" : "0b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926" + }, + "tests" : [ + { + "comment" : "k*G has a large x-coordinate", + "message" : "54657374", + "result" : "valid", + "sig" : "000000000000000000000000000000004319055358e8617b0c46353d039cdaabffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 63 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1wXRb4CYfi2bGmlX0pziL+v30Q+l\nFRUxgkFcg2G6rKSx/BBe5c6A1RTsEji+riA3pvg2JVk2INRggZ6GghYJJg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "1wXRb4CYfi2bGmlX0pziL-v30Q-lFRUxgkFcg2G6rKQ", + "y" : "sfwQXuXOgNUU7BI4vq4gN6b4NiVZNiDUYIGehoIWCSY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "0d705d16f80987e2d9b1a6957d29ce22febf7d10fa515153182415c8361baaca4", + "wy" : "0b1fc105ee5ce80d514ec1238beae2037a6f83625593620d460819e8682160926" + }, + "tests" : [ + { + "comment" : "r too large", + "message" : "54657374", + "result" : "invalid", + "sig" : "ffffffff00000001000000000000000000000000fffffffffffffffffffffffcffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 64 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200043cd8d2f81d6953b0844c09d7b560d527cd2ef67056893eadafa52c8501387d59ee41fdb4d10402ce7a0c5e3b747adfa3a490b62a6b7719068903485c0bb6dc2d", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPNjS+B1pU7CETAnXtWDVJ80u9nBW\niT6tr6UshQE4fVnuQf200QQCznoMXjt0et+jpJC2Kmt3GQaJA0hcC7bcLQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "PNjS-B1pU7CETAnXtWDVJ80u9nBWiT6tr6UshQE4fVk", + "y" : "7kH9tNEEAs56DF47dHrfo6SQtiprdxkGiQNIXAu23C0" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "3cd8d2f81d6953b0844c09d7b560d527cd2ef67056893eadafa52c8501387d59", + "wy" : "0ee41fdb4d10402ce7a0c5e3b747adfa3a490b62a6b7719068903485c0bb6dc2d" + }, + "tests" : [ + { + "comment" : "r,s are large", + "message" : "54657374", + "result" : "valid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e", + "tcId" : 65 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "SgPvn5LrJoyvpgEHJImlY4D6DcQxcddxKBOzoZoeteU", + "y" : "PiE-KKYIzpovShf9gwxmVAGKebPgJj2RqLqQYi328vA" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "small r and s", + "message" : "54657374", + "result" : "valid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 66 + }, + { + "comment" : "incorrect size of signature", + "message" : "54657374", + "result" : "acceptable", + "sig" : "0501", + "tcId" : 67 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "SgPvn5LrJoyvpgEHJImlY4D6DcQxcddxKBOzoZoeteU", + "y" : "PiE-KKYIzpovShf9gwxmVAGKebPgJj2RqLqQYi328vA" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "r is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325560000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 68 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200044a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e53e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESgPvn5LrJoyvpgEHJImlY4D6DcQx\ncddxKBOzoZoeteU+IT4opgjOmi9KF/2DDGZUAYp5s+AmPZGoupBiLfby8A==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "SgPvn5LrJoyvpgEHJImlY4D6DcQxcddxKBOzoZoeteU", + "y" : "PiE-KKYIzpovShf9gwxmVAGKebPgJj2RqLqQYi328vA" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "4a03ef9f92eb268cafa601072489a56380fa0dc43171d7712813b3a19a1eb5e5", + "wy" : "3e213e28a608ce9a2f4a17fd830c6654018a79b3e0263d91a8ba90622df6f2f0" + }, + "tests" : [ + { + "comment" : "s is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "0000000000000000000000000000000000000000000000000000000000000005ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552", + "tcId" : 69 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040203736fcb198b15d8d7a0c80f66dddd15259240aa78d08aae67c467de04503434383438d5041ea9a387ee8e4d4e84b4471b160c6bcf2568b072f8f20e87a996", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAgNzb8sZixXY16DID2bd3RUlkkCq\neNCKrmfEZ94EUDQ0ODQ41QQeqaOH7o5NToS0RxsWDGvPJWiwcvjyDoeplg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "AgNzb8sZixXY16DID2bd3RUlkkCqeNCKrmfEZ94EUDQ", + "y" : "NDg0ONUEHqmjh-6OTU6EtEcbFgxrzyVosHL48g6HqZY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "203736fcb198b15d8d7a0c80f66dddd15259240aa78d08aae67c467de045034", + "wy" : "34383438d5041ea9a387ee8e4d4e84b4471b160c6bcf2568b072f8f20e87a996" + }, + "tests" : [ + { + "comment" : "point at infinity during verify", + "message" : "54657374", + "result" : "invalid", + "sig" : "7fffffff800000007fffffffffffffffde737d56d38bcf4279dce5617e3192a8555555550000000055555555555555553ef7a8e48d07df81a693439654210c70", + "tcId" : 70 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004a17f5b75a35ed64623ca5cbf1f91951292db0c23f0c2ea24c3d0cad0988cabc083a7a618625c228940730b4fa3ee64faecbb2fc20fdde7c58b3a3f6300424dc6", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoX9bdaNe1kYjyly/H5GVEpLbDCPw\nwuokw9DK0JiMq8CDp6YYYlwiiUBzC0+j7mT67Lsvwg/d58WLOj9jAEJNxg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "oX9bdaNe1kYjyly_H5GVEpLbDCPwwuokw9DK0JiMq8A", + "y" : "g6emGGJcIolAcwtPo-5k-uy7L8IP3efFizo_YwBCTcY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "0a17f5b75a35ed64623ca5cbf1f91951292db0c23f0c2ea24c3d0cad0988cabc0", + "wy" : "083a7a618625c228940730b4fa3ee64faecbb2fc20fdde7c58b3a3f6300424dc6" + }, + "tests" : [ + { + "comment" : "u1 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "555555550000000055555555555555553ef7a8e48d07df81a693439654210c70532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "tcId" : 71 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d0301070342000404ba0cba291a37db13f33bf90dab628c04ec8393a0200419e9eaa1ebcc9fb5c31f3a0a0e6823a49b625ad57b12a32d4047970fc3428f0f0049ecf4265dc12f62", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBLoMuikaN9sT8zv5DatijATsg5Og\nIAQZ6eqh68yftcMfOgoOaCOkm2Ja1XsSoy1AR5cPw0KPDwBJ7PQmXcEvYg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "BLoMuikaN9sT8zv5DatijATsg5OgIAQZ6eqh68yftcM", + "y" : "HzoKDmgjpJtiWtV7EqMtQEeXD8NCjw8ASez0Jl3BL2I" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "4ba0cba291a37db13f33bf90dab628c04ec8393a0200419e9eaa1ebcc9fb5c3", + "wy" : "1f3a0a0e6823a49b625ad57b12a32d4047970fc3428f0f0049ecf4265dc12f62" + }, + "tests" : [ + { + "comment" : "u1 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "555555550000000055555555555555553ef7a8e48d07df81a693439654210c70acd155416a8b77f34089464733ff7cd39c400e9c69af7beb9eac5054ed2ec72c", + "tcId" : 72 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d03010703420004692b6c828e0feed63d8aeaa2b7322f9ccbe8723a1ed39f229f204a434b8900efa1f6f6abcb38ea3b8fde38b98c7c271f274af56a8c5628dc3329069ae4dd5716", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaStsgo4P7tY9iuqitzIvnMvocjoe\n058inyBKQ0uJAO+h9varyzjqO4/eOLmMfCcfJ0r1aoxWKNwzKQaa5N1XFg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "aStsgo4P7tY9iuqitzIvnMvocjoe058inyBKQ0uJAO8", + "y" : "ofb2q8s46juP3ji5jHwnHydK9WqMVijcMykGmuTdVxY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "692b6c828e0feed63d8aeaa2b7322f9ccbe8723a1ed39f229f204a434b8900ef", + "wy" : "0a1f6f6abcb38ea3b8fde38b98c7c271f274af56a8c5628dc3329069ae4dd5716" + }, + "tests" : [ + { + "comment" : "u2 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "555555550000000055555555555555553ef7a8e48d07df81a693439654210c70555555550000000055555555555555553ef7a8e48d07df81a693439654210c70", + "tcId" : 73 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d0301070342000400cefd9162d13e64cb93687a9cd8f9755ebb5a3ef7632f800f84871874ccef09543ecbeaf7e8044ef721be2fb5f549e4b8480d2587404ebf7dbbef2c54bc0cb1", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAM79kWLRPmTLk2h6nNj5dV67Wj73\nYy+AD4SHGHTM7wlUPsvq9+gETvchvi+19UnkuEgNJYdATr99u+8sVLwMsQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "AM79kWLRPmTLk2h6nNj5dV67Wj73Yy-AD4SHGHTM7wk", + "y" : "VD7L6vfoBE73Ib4vtfVJ5LhIDSWHQE6_fbvvLFS8DLE" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "0cefd9162d13e64cb93687a9cd8f9755ebb5a3ef7632f800f84871874ccef09", + "wy" : "543ecbeaf7e8044ef721be2fb5f549e4b8480d2587404ebf7dbbef2c54bc0cb1" + }, + "tests" : [ + { + "comment" : "u2 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "555555550000000055555555555555553ef7a8e48d07df81a693439654210c70aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1", + "tcId" : 74 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e2a964fc00d377a8592b8b61aafa7a4aaa7c7b9fd2b41d6e0e17bd1ba5677edcd", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAVgTd1W5AfeXqQ1MqIh+Ajyy72Oy\nuiwNRV7a70LPI34qlk/ADTd6hZK4thqvp6Sqp8e5/StB1uDhe9G6VnftzQ==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "AVgTd1W5AfeXqQ1MqIh-Ajyy72OyuiwNRV7a70LPI34", + "y" : "KpZPwA03eoWSuLYar6ekqqfHuf0rQdbg4XvRulZ37c0" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e", + "wy" : "2a964fc00d377a8592b8b61aafa7a4aaa7c7b9fd2b41d6e0e17bd1ba5677edcd" + }, + "tests" : [ + { + "comment" : "weak key", + "message" : "54657374", + "result" : "valid", + "sig" : "6f2347cab7dd76858fe0555ac3bc99048c4aacafdfb6bcbe05ea6c42c4934569f21d907e3890916dc4fa1f4703c1e50d3f54ddf7383e44023a41de562aa18ed8", + "tcId" : 75 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d030107034200040158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237ed569b03ef2c8857b6d4749e550585b5558384603d4be291f1e842e45a9881232", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAVgTd1W5AfeXqQ1MqIh+Ajyy72Oy\nuiwNRV7a70LPI37VabA+8siFe21HSeVQWFtVWDhGA9S+KR8ehC5FqYgSMg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "AVgTd1W5AfeXqQ1MqIh-Ajyy72OyuiwNRV7a70LPI34", + "y" : "1WmwPvLIhXttR0nlUFhbVVg4RgPUvikfHoQuRamIEjI" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "158137755b901f797a90d4ca8887e023cb2ef63b2ba2c0d455edaef42cf237e", + "wy" : "0d569b03ef2c8857b6d4749e550585b5558384603d4be291f1e842e45a9881232" + }, + "tests" : [ + { + "comment" : "duplication bug", + "message" : "54657374", + "result" : "invalid", + "sig" : "6f2347cab7dd76858fe0555ac3bc99048c4aacafdfb6bcbe05ea6c42c4934569f21d907e3890916dc4fa1f4703c1e50d3f54ddf7383e44023a41de562aa18ed8", + "tcId" : 76 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004011d2fc994df204b63f05ae8420ca390559b80c4988ef639b95c469e5cb24cf216540cbebc470bcaa0466612dbde6d03098c6996e0a05f02902183ceba4b530f4f3500a99e4cdc8a50c0d98d870944e56548dc4cf6bbbf3d6978efbc8fc8778b33e132d2c185c20844cf3df394d522259317e3931f0130f23f6500c880f3a8319ab44a0e", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBHS/JlN8gS2PwWuhCDKOQVZuAxJiO\n9jm5XEaeXLJM8hZUDL68RwvKoEZmEtvebQMJjGmW4KBfApAhg866S1MPTzUAqZ5M\n3IpQwNmNhwlE5WVI3Ez2u789aXjvvI/Id4sz4TLSwYXCCETPPfOU1SIlkxfjkx8B\nMPI/ZQDIgPOoMZq0Sg4=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AR0vyZTfIEtj8FroQgyjkFWbgMSYjvY5uVxGnlyyTPIWVAy-vEcLyqBGZhLb3m0DCYxpluCgXwKQIYPOuktTD081", + "y" : "AKmeTNyKUMDZjYcJROVlSNxM9ru_PWl477yPyHeLM-Ey0sGFwghEzz3zlNUiJZMX45MfATDyP2UAyIDzqDGatEoO" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "11d2fc994df204b63f05ae8420ca390559b80c4988ef639b95c469e5cb24cf216540cbebc470bcaa0466612dbde6d03098c6996e0a05f02902183ceba4b530f4f35", + "wy" : "0a99e4cdc8a50c0d98d870944e56548dc4cf6bbbf3d6978efbc8fc8778b33e132d2c185c20844cf3df394d522259317e3931f0130f23f6500c880f3a8319ab44a0e" + }, + "tests" : [ + { + "comment" : "k*G has a large x-coordinate", + "message" : "54657374", + "result" : "valid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000000005ae79787c40d069948033feb708f65a2fc44a36477663b851449048e16ec79bf501fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386406", + "tcId" : 77 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004011d2fc994df204b63f05ae8420ca390559b80c4988ef639b95c469e5cb24cf216540cbebc470bcaa0466612dbde6d03098c6996e0a05f02902183ceba4b530f4f3500a99e4cdc8a50c0d98d870944e56548dc4cf6bbbf3d6978efbc8fc8778b33e132d2c185c20844cf3df394d522259317e3931f0130f23f6500c880f3a8319ab44a0e", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBHS/JlN8gS2PwWuhCDKOQVZuAxJiO\n9jm5XEaeXLJM8hZUDL68RwvKoEZmEtvebQMJjGmW4KBfApAhg866S1MPTzUAqZ5M\n3IpQwNmNhwlE5WVI3Ez2u789aXjvvI/Id4sz4TLSwYXCCETPPfOU1SIlkxfjkx8B\nMPI/ZQDIgPOoMZq0Sg4=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AR0vyZTfIEtj8FroQgyjkFWbgMSYjvY5uVxGnlyyTPIWVAy-vEcLyqBGZhLb3m0DCYxpluCgXwKQIYPOuktTD081", + "y" : "AKmeTNyKUMDZjYcJROVlSNxM9ru_PWl477yPyHeLM-Ey0sGFwghEzz3zlNUiJZMX45MfATDyP2UAyIDzqDGatEoO" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "11d2fc994df204b63f05ae8420ca390559b80c4988ef639b95c469e5cb24cf216540cbebc470bcaa0466612dbde6d03098c6996e0a05f02902183ceba4b530f4f35", + "wy" : "0a99e4cdc8a50c0d98d870944e56548dc4cf6bbbf3d6978efbc8fc8778b33e132d2c185c20844cf3df394d522259317e3931f0130f23f6500c880f3a8319ab44a0e" + }, + "tests" : [ + { + "comment" : "r too large", + "message" : "54657374", + "result" : "invalid", + "sig" : "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386406", + "tcId" : 78 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004019a029c77fed04cab1ab8937fda8128fc19bf8c41a8f242f6a9ca6f0ae813c1709b8b03e26a9298fe59f99e3706ffc28c43d26a11690d2ffd815a33ea329076697800125b2a4b635f514fd5d63215672f311ae5935c1774ed5d8a44897b68191e6369ab26df915e2066a943e59a3577319dac5a86640bc8c718d2b159479fdd22d11441", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBmgKcd/7QTKsauJN/2oEo/Bm/jEGo\n8kL2qcpvCugTwXCbiwPiapKY/ln5njcG/8KMQ9JqEWkNL/2BWjPqMpB2aXgAElsq\nS2NfUU/V1jIVZy8xGuWTXBd07V2KRIl7aBkeY2mrJt+RXiBmqUPlmjV3MZ2sWoZk\nC8jHGNKxWUef3SLRFEE=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AZoCnHf-0EyrGriTf9qBKPwZv4xBqPJC9qnKbwroE8Fwm4sD4mqSmP5Z-Z43Bv_CjEPSahFpDS_9gVoz6jKQdml4", + "y" : "ABJbKktjX1FP1dYyFWcvMRrlk1wXdO1dikSJe2gZHmNpqybfkV4gZqlD5Zo1dzGdrFqGZAvIxxjSsVlHn90i0RRB" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "19a029c77fed04cab1ab8937fda8128fc19bf8c41a8f242f6a9ca6f0ae813c1709b8b03e26a9298fe59f99e3706ffc28c43d26a11690d2ffd815a33ea3290766978", + "wy" : "125b2a4b635f514fd5d63215672f311ae5935c1774ed5d8a44897b68191e6369ab26df915e2066a943e59a3577319dac5a86640bc8c718d2b159479fdd22d11441" + }, + "tests" : [ + { + "comment" : "r,s are large", + "message" : "54657374", + "result" : "valid", + "sig" : "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e9138640701fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386406", + "tcId" : 79 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004005f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e99900a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAX1BZMINJ+eu7TRxVwK/M9iFi7B3R\nLvPtkGZWkk/9mcq58GsOshjP8HikZ3pc4cwHZSvJdq78cywo9n7weKQ06ZkApdFN\n8xBjDXbsA8tvm5W/GiJDgQXIjNn9PayA+Fet04Jx2LqQFoSybUNtSoWa1M2l6Wd7\nc8qz8+XkGj15lmByeas=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AF9QWTCDSfnru00cVcCvzPYhYuwd0S7z7ZBmVpJP_ZnKufBrDrIYz_B4pGd6XOHMB2UryXau_HMsKPZ-8HikNOmZ", + "y" : "AKXRTfMQYw127APLb5uVvxoiQ4EFyIzZ_T2sgPhXrdOCcdi6kBaEsm1DbUqFmtTNpelne3PKs_Pl5Bo9eZZgcnmr" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "5f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e999", + "wy" : "0a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab" + }, + "tests" : [ + { + "comment" : "small r and s", + "message" : "54657374", + "result" : "valid", + "sig" : "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 80 + }, + { + "comment" : "incorrect size of signature", + "message" : "54657374", + "result" : "acceptable", + "sig" : "0101", + "tcId" : 81 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004005f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e99900a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAX1BZMINJ+eu7TRxVwK/M9iFi7B3R\nLvPtkGZWkk/9mcq58GsOshjP8HikZ3pc4cwHZSvJdq78cywo9n7weKQ06ZkApdFN\n8xBjDXbsA8tvm5W/GiJDgQXIjNn9PayA+Fet04Jx2LqQFoSybUNtSoWa1M2l6Wd7\nc8qz8+XkGj15lmByeas=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AF9QWTCDSfnru00cVcCvzPYhYuwd0S7z7ZBmVpJP_ZnKufBrDrIYz_B4pGd6XOHMB2UryXau_HMsKPZ-8HikNOmZ", + "y" : "AKXRTfMQYw127APLb5uVvxoiQ4EFyIzZ_T2sgPhXrdOCcdi6kBaEsm1DbUqFmtTNpelne3PKs_Pl5Bo9eZZgcnmr" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "5f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e999", + "wy" : "0a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab" + }, + "tests" : [ + { + "comment" : "r is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e9138640a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "tcId" : 82 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004005f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e99900a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAX1BZMINJ+eu7TRxVwK/M9iFi7B3R\nLvPtkGZWkk/9mcq58GsOshjP8HikZ3pc4cwHZSvJdq78cywo9n7weKQ06ZkApdFN\n8xBjDXbsA8tvm5W/GiJDgQXIjNn9PayA+Fet04Jx2LqQFoSybUNtSoWa1M2l6Wd7\nc8qz8+XkGj15lmByeas=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AF9QWTCDSfnru00cVcCvzPYhYuwd0S7z7ZBmVpJP_ZnKufBrDrIYz_B4pGd6XOHMB2UryXau_HMsKPZ-8HikNOmZ", + "y" : "AKXRTfMQYw127APLb5uVvxoiQ4EFyIzZ_T2sgPhXrdOCcdi6kBaEsm1DbUqFmtTNpelne3PKs_Pl5Bo9eZZgcnmr" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "5f5059308349f9ebbb4d1c55c0afccf62162ec1dd12ef3ed906656924ffd99cab9f06b0eb218cff078a4677a5ce1cc07652bc976aefc732c28f67ef078a434e999", + "wy" : "0a5d14df310630d76ec03cb6f9b95bf1a22438105c88cd9fd3dac80f857add38271d8ba901684b26d436d4a859ad4cda5e9677b73cab3f3e5e41a3d7996607279ab" + }, + "tests" : [ + { + "comment" : "s is larger than n", + "message" : "54657374", + "result" : "invalid", + "sig" : "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000101fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e9138640a", + "tcId" : 83 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004013b73be0ec4f18b36fdc20aac9675580a20cc725ed0de6fea63ab6111b4aaecc69b1fdf05bb1c7a71c4b7a5a1eaaff23be15604f405b5ecd3b3ed6afea8e49cd64900912180c981f480d2b8b7438988b03a0c5efdbd2da094f082f7fa57ecc41fde8c65d3c9d80f34f9124e151da55d96d2a9b991672de79449bcc1c0192b7650ae90b7", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBO3O+DsTxizb9wgqslnVYCiDMcl7Q\n3m/qY6thEbSq7MabH98Fuxx6ccS3paHqr/I74VYE9AW17NOz7Wr+qOSc1kkAkSGA\nyYH0gNK4t0OJiLA6DF79vS2glPCC9/pX7MQf3oxl08nYDzT5Ek4VHaVdltKpuZFn\nLeeUSbzBwBkrdlCukLc=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "ATtzvg7E8Ys2_cIKrJZ1WAogzHJe0N5v6mOrYRG0quzGmx_fBbscenHEt6Wh6q_yO-FWBPQFtezTs-1q_qjknNZJ", + "y" : "AJEhgMmB9IDSuLdDiYiwOgxe_b0toJTwgvf6V-zEH96MZdPJ2A80-RJOFR2lXZbSqbmRZy3nlEm8wcAZK3ZQrpC3" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "13b73be0ec4f18b36fdc20aac9675580a20cc725ed0de6fea63ab6111b4aaecc69b1fdf05bb1c7a71c4b7a5a1eaaff23be15604f405b5ecd3b3ed6afea8e49cd649", + "wy" : "0912180c981f480d2b8b7438988b03a0c5efdbd2da094f082f7fa57ecc41fde8c65d3c9d80f34f9124e151da55d96d2a9b991672de79449bcc1c0192b7650ae90b7" + }, + "tests" : [ + { + "comment" : "point at infinity during verify", + "message" : "54657374", + "result" : "invalid", + "sig" : "00fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd28c343c1df97cb35bfe600a47b84d2e81ddae4dc44ce23d75db7db8f489c320400aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad", + "tcId" : 84 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000401c01eab9ba6ddd21e33421034acd6ac923a409fab349e0380bfaa54b404890086a5e12fb09e1352712cfde15abc2563079a73d333c9c79c670fb06b5d802aa9b77600a76a28d03f657c61bf87ff78e7733a069556d2bd638b79316ab70b5a2809bc8a98a2a843238d4abe2698b2aa6aede1b2541bf3dcd007cf9cd5c4d4969c4f7ffccb", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBwB6rm6bd0h4zQhA0rNaskjpAn6s0\nngOAv6pUtASJAIal4S+wnhNScSz94Vq8JWMHmnPTM8nHnGcPsGtdgCqpt3YAp2oo\n0D9lfGG/h/9453M6BpVW0r1ji3kxarcLWigJvIqYoqhDI41KviaYsqpq7eGyVBvz\n3NAHz5zVxNSWnE9//Ms=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AcAeq5um3dIeM0IQNKzWrJI6QJ-rNJ4DgL-qVLQEiQCGpeEvsJ4TUnEs_eFavCVjB5pz0zPJx5xnD7BrXYAqqbd2", + "y" : "AKdqKNA_ZXxhv4f_eOdzOgaVVtK9Y4t5MWq3C1ooCbyKmKKoQyONSr4mmLKqau3hslQb89zQB8-c1cTUlpxPf_zL" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "1c01eab9ba6ddd21e33421034acd6ac923a409fab349e0380bfaa54b404890086a5e12fb09e1352712cfde15abc2563079a73d333c9c79c670fb06b5d802aa9b776", + "wy" : "0a76a28d03f657c61bf87ff78e7733a069556d2bd638b79316ab70b5a2809bc8a98a2a843238d4abe2698b2aa6aede1b2541bf3dcd007cf9cd5c4d4969c4f7ffccb" + }, + "tests" : [ + { + "comment" : "u1 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad0000c6ee9e33cf5c6715a1d148fd73f7318884b41adcb916021e2bc0e800a5c5dd97f5142178f6ae88c8fdd98e1afb0ce4c8d2c54b5f37b30b7da1997bb33b0b8a31", + "tcId" : 85 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000400186365c73588807a51005412db004b45f5f7be3a6074e6119042978dbfbc5a431e16cc930747e6cd7511505b4c9349cedf908a5a9dbd33cdb0aeccbf69454457fb0014620a29a2691d8038d39e1e4de7c4243c8c42601e719945c1297c1a4b10d7415af37bf1ed0ddc9030bce530185dfdfc4658ff635f6bd9660becc8ff9eca4fddfa", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAGGNlxzWIgHpRAFQS2wBLRfX3vjpg\ndOYRkEKXjb+8WkMeFsyTB0fmzXURUFtMk0nO35CKWp29M82wrsy/aUVEV/sAFGIK\nKaJpHYA4054eTefEJDyMQmAecZlFwSl8GksQ10Fa83vx7Q3ckDC85TAYXf38Rlj/\nY19r2WYL7Mj/nspP3fo=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "ABhjZcc1iIB6UQBUEtsAS0X19746YHTmEZBCl42_vFpDHhbMkwdH5s11EVBbTJNJzt-QilqdvTPNsK7Mv2lFRFf7", + "y" : "ABRiCimiaR2AONOeHk3nxCQ8jEJgHnGZRcEpfBpLENdBWvN78e0N3JAwvOUwGF39_EZY_2Nfa9lmC-zI_57KT936" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "186365c73588807a51005412db004b45f5f7be3a6074e6119042978dbfbc5a431e16cc930747e6cd7511505b4c9349cedf908a5a9dbd33cdb0aeccbf69454457fb", + "wy" : "14620a29a2691d8038d39e1e4de7c4243c8c42601e719945c1297c1a4b10d7415af37bf1ed0ddc9030bce530185dfdfc4658ff635f6bd9660becc8ff9eca4fddfa" + }, + "tests" : [ + { + "comment" : "u1 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad01ff391161cc30a398ea5e2eb7028c08ce777b4be52346e9fde1d43f17ff5a3a22625c72660ac8810da281f2732dfbfcc10768f07e5951e93c3119d63b6b562cd9d8", + "tcId" : 86 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004002e2a746b55e05bc130d374c8abb8bf651a2e2b025404f08545befcb95c9f7f681f6f5b9bf2ebc45d4c8572921d3ab5dce144ea5d50ebec89b8c8f010ea31494863008c816f122d5d63b5fea00d1a00ed23577f7ef7d48f3973568353d468368ec77cbc9e3c5012839b74833087d51ba3e680ab5375be680ea8c18f7b619f32b141f281", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQALip0a1XgW8Ew03TIq7i/ZRouKwJU\nBPCFRb78uVyff2gfb1ub8uvEXUyFcpIdOrXc4UTqXVDr7Im4yPAQ6jFJSGMAjIFv\nEi1dY7X+oA0aAO0jV39+99SPOXNWg1PUaDaOx3y8njxQEoObdIMwh9Ubo+aAq1N1\nvmgOqMGPe2GfMrFB8oE=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AC4qdGtV4FvBMNN0yKu4v2UaLisCVATwhUW-_Llcn39oH29bm_LrxF1MhXKSHTq13OFE6l1Q6-yJuMjwEOoxSUhj", + "y" : "AIyBbxItXWO1_qANGgDtI1d_fvfUjzlzVoNT1Gg2jsd8vJ48UBKDm3SDMIfVG6PmgKtTdb5oDqjBj3thnzKxQfKB" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "2e2a746b55e05bc130d374c8abb8bf651a2e2b025404f08545befcb95c9f7f681f6f5b9bf2ebc45d4c8572921d3ab5dce144ea5d50ebec89b8c8f010ea31494863", + "wy" : "08c816f122d5d63b5fea00d1a00ed23577f7ef7d48f3973568353d468368ec77cbc9e3c5012839b74833087d51ba3e680ab5375be680ea8c18f7b619f32b141f281" + }, + "tests" : [ + { + "comment" : "u2 == 1", + "message" : "54657374", + "result" : "valid", + "sig" : "00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad", + "tcId" : 87 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000400d379f79826b04198df371ab0519d1a7f0a4f199d6149ca8b7f13a5da09cba024fbe7d4ff7fd7a8a93b5cbcaf3c68243f630d47d8f2b652b6a7d6b1c522a75fa9f201c660722d95c83c6b9457944acc671e881e8d17b07362f2f82799456f2f15d662d36aa09d5a5236288d3c1382e3e2308f46867d53c588a370857fae4d32f0a3ddaf", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA03n3mCawQZjfNxqwUZ0afwpPGZ1h\nScqLfxOl2gnLoCT759T/f9eoqTtcvK88aCQ/Yw1H2PK2Uran1rHFIqdfqfIBxmBy\nLZXIPGuUV5RKzGceiB6NF7BzYvL4J5lFby8V1mLTaqCdWlI2KI08E4Lj4jCPRoZ9\nU8WIo3CFf65NMvCj3a8=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "ANN595gmsEGY3zcasFGdGn8KTxmdYUnKi38TpdoJy6Ak--fU_3_XqKk7XLyvPGgkP2MNR9jytlK2p9axxSKnX6ny", + "y" : "AcZgci2VyDxrlFeUSsxnHogejRewc2Ly-CeZRW8vFdZi02qgnVpSNiiNPBOC4-Iwj0aGfVPFiKNwhX-uTTLwo92v" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "0d379f79826b04198df371ab0519d1a7f0a4f199d6149ca8b7f13a5da09cba024fbe7d4ff7fd7a8a93b5cbcaf3c68243f630d47d8f2b652b6a7d6b1c522a75fa9f2", + "wy" : "1c660722d95c83c6b9457944acc671e881e8d17b07362f2f82799456f2f15d662d36aa09d5a5236288d3c1382e3e2308f46867d53c588a370857fae4d32f0a3ddaf" + }, + "tests" : [ + { + "comment" : "u2 == n - 1", + "message" : "54657374", + "result" : "valid", + "sig" : "00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8c5d782813fba87792a9955c2fd033745693c9892d8896d3a3e7a925f85bd76ad015555555555555555555555555555555555555555555555555555555555555555518baf05027f750ef25532ab85fa066e8ad2793125b112da747cf524bf0b7aed5c", + "tcId" : 88 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000401400fa3bc87482ec1ba75346a129ec8f79456e7d6343b2a6be22490884b8f8b89114c0e5f9558d7627adeae53ff8ce37baf94b99d04f75098ca8e3e77c6be02bc3e01690d770806bde9f4d2760293aba6076066f1762e8448f0d08724ef311ff7596f35e8b6a9346de65bea924b9d30bb972e3b38878172f9040378a0db47299e979856", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBQA+jvIdILsG6dTRqEp7I95RW59Y0\nOypr4iSQiEuPi4kRTA5flVjXYnrerlP/jON7r5S5nQT3UJjKjj53xr4CvD4BaQ13\nCAa96fTSdgKTq6YHYGbxdi6ESPDQhyTvMR/3WW816LapNG3mW+qSS50wu5cuOziH\ngXL5BAN4oNtHKZ6XmFY=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AUAPo7yHSC7BunU0ahKeyPeUVufWNDsqa-IkkIhLj4uJEUwOX5VY12J63q5T_4zje6-UuZ0E91CYyo4-d8a-Arw-", + "y" : "AWkNdwgGven00nYCk6umB2Bm8XYuhEjw0Ick7zEf91lvNei2qTRt5lvqkkudMLuXLjs4h4Fy-QQDeKDbRymel5hW" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "1400fa3bc87482ec1ba75346a129ec8f79456e7d6343b2a6be22490884b8f8b89114c0e5f9558d7627adeae53ff8ce37baf94b99d04f75098ca8e3e77c6be02bc3e", + "wy" : "1690d770806bde9f4d2760293aba6076066f1762e8448f0d08724ef311ff7596f35e8b6a9346de65bea924b9d30bb972e3b38878172f9040378a0db47299e979856" + }, + "tests" : [ + { + "comment" : "weak key", + "message" : "54657374", + "result" : "valid", + "sig" : "0090c8d0d718cb9d8d81094e6d068fb13c16b4df8c77bac676dddfe3e68855bed06b9ba8d0f8a80edce03a9fac7da561e24b1cd22d459239a146695a671f81f73aaf00a24fbd602ff7012b6b00e9aa1683b45bfa2d62dc768737e8da92cad52f069efbea526acc68096fc0ef9960c6b989bf8922aea38fd463d02c0e7c25e336f32b0874", + "tcId" : 89 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000401400fa3bc87482ec1ba75346a129ec8f79456e7d6343b2a6be22490884b8f8b89114c0e5f9558d7627adeae53ff8ce37baf94b99d04f75098ca8e3e77c6be02bc3e0096f288f7f942160b2d89fd6c5459f89f990e89d17bb70f2f78db10cee008a690ca174956cb9219a4156db462cf4468d1c4c7787e8d06fbfc875f24b8d6616867a9", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBQA+jvIdILsG6dTRqEp7I95RW59Y0\nOypr4iSQiEuPi4kRTA5flVjXYnrerlP/jON7r5S5nQT3UJjKjj53xr4CvD4AlvKI\n9/lCFgstif1sVFn4n5kOidF7tw8veNsQzuAIppDKF0lWy5IZpBVttGLPRGjRxMd4\nfo0G+/yHXyS41mFoZ6k=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AUAPo7yHSC7BunU0ahKeyPeUVufWNDsqa-IkkIhLj4uJEUwOX5VY12J63q5T_4zje6-UuZ0E91CYyo4-d8a-Arw-", + "y" : "AJbyiPf5QhYLLYn9bFRZ-J-ZDonRe7cPL3jbEM7gCKaQyhdJVsuSGaQVbbRiz0Ro0cTHeH6NBvv8h18kuNZhaGep" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "1400fa3bc87482ec1ba75346a129ec8f79456e7d6343b2a6be22490884b8f8b89114c0e5f9558d7627adeae53ff8ce37baf94b99d04f75098ca8e3e77c6be02bc3e", + "wy" : "096f288f7f942160b2d89fd6c5459f89f990e89d17bb70f2f78db10cee008a690ca174956cb9219a4156db462cf4468d1c4c7787e8d06fbfc875f24b8d6616867a9" + }, + "tests" : [ + { + "comment" : "duplication bug", + "message" : "54657374", + "result" : "invalid", + "sig" : "0090c8d0d718cb9d8d81094e6d068fb13c16b4df8c77bac676dddfe3e68855bed06b9ba8d0f8a80edce03a9fac7da561e24b1cd22d459239a146695a671f81f73aaf00a24fbd602ff7012b6b00e9aa1683b45bfa2d62dc768737e8da92cad52f069efbea526acc68096fc0ef9960c6b989bf8922aea38fd463d02c0e7c25e336f32b0874", + "tcId" : 90 + } + ] + }, + { + "keyDer" : "3059301306072a8648ce3d020106082a8648ce3d0301070342000482efed52b9053723f669085c5aae160e7b995362aadfb715224c3b75c78c39ede4f52fd89da37fae31b852ce0f5ef5897dfc79de579435a938e1e723a2f4df06", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgu/tUrkFNyP2aQhcWq4WDnuZU2Kq\n37cVIkw7dceMOe3k9S/YnaN/rjG4Us4PXvWJffx53leUNak44ecjovTfBg==\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-256", + "kid" : "none", + "kty" : "EC", + "x" : "gu_tUrkFNyP2aQhcWq4WDnuZU2Kq37cVIkw7dceMOe0", + "y" : "5PUv2J2jf64xuFLOD171iX38ed5XlDWpOOHnI6L03wY" + }, + "key" : { + "curve" : "secp256r1", + "keySize" : 256, + "type" : "ECPublicKey", + "wx" : "082efed52b9053723f669085c5aae160e7b995362aadfb715224c3b75c78c39ed", + "wy" : "0e4f52fd89da37fae31b852ce0f5ef5897dfc79de579435a938e1e723a2f4df06" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "1e63913374b3ead80d4b27bfdf7a50eb063c39bc585ea43cbd12f9dce3071a44a7bbd74b1eac2c54fccec9a3523ca29c95b7ace517ab2b0f4995d220481ce326", + "tcId" : 91 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "e3f4fced8145c2ad8da913d8e15ba196f10a85d44a320c94a09cb194aea8ef1883afe416680a2c0cc915753ec869d9f2117256abecf234164613722bd7a8cb7c", + "tcId" : 92 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "9f30cc8eafbeacc166a1af87664bef8b2add9c1988841f5de200feaaee1393fdd986454e46e388e11d6d3fb10d7eea364b814751975327401ad124951dbdda45", + "tcId" : 93 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "67e8a0b9ba82d0c4e1ad9fad1592a179c6dac964215c8a519863141e053f55dd6c41d1be827bb6b5658ccf8c0ff16d87f3ce16d62a7641b64a107191d6531ad7", + "tcId" : 94 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "9963a72f589bcf7d4a561f8b0bed9af6e5a1309a1f5ab1791ce179d68478fe905c6870382a1ea973a84f85d8365b8d6e67527a5bdc9b80526a28968e7884758c", + "tcId" : 95 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "74a6f79b92039e101a3a45ad6287d16a05107d07899ec858eade5d51b7b5f61d79f33dc00dbed4edb967eda02768731b4dc5bffe6764e7258b2d7bbf223947c6", + "tcId" : 96 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "5a5599a21beec4979655e89a77ab145566296f71095c457a40ef52efd98c4bd5cb7b8beff27c7bb66c5ed2aad94b7e204c4c0a4748d1f35aff4b6eeb25236e4b", + "tcId" : 97 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "d1a536b7938286c12f3d7cc12d779cfd7662dd1b1a80a0e50d6f15d8ec34d1748eedd5e3bf94ce409210e4c58fae664657dc160d41525fd7f62a17d614ccae50", + "tcId" : 98 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "3e594afa1518a97360941a8930785150ec14cbd9d390da407155557e47540fd7590aeb35acb45eebf80e590585329e0543d3ebd6536321429cd6905541667d8f", + "tcId" : 99 + }, + { + "comment" : "random signature", + "message" : "00000000000000000000000000000000", + "result" : "valid", + "sig" : "ff84c44ad23cb2bb9a92309c92c41487e618442f54decd53532f84e14326c49787fccaa0107558605d49ddf10bf83c561dbd75035e3acfd17bb5d49f2de1e15f", + "tcId" : 100 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004008299c4e2bbbc1a061eb5d09c5ca6655e923fd85f08376cc8de849cf0e3cfa45d242976899c27551cccc30f9d9a82d2baa396e020def5454652239858d1eb44a33b00202ef1fbd2b2717fd75e40975aec6ed7f5c060fb04291711402d503840976b9f6ad826a05957f8691b4cfd8e2b4a774908d7c7ea94e47c33e5763309404cdd5e4a", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAgpnE4ru8GgYetdCcXKZlXpI/2F8I\nN2zI3oSc8OPPpF0kKXaJnCdVHMzDD52agtK6o5bgIN71RUZSI5hY0etEozsAIC7x\n+9KycX/XXkCXWuxu1/XAYPsEKRcRQC1QOECXa59q2CagWVf4aRtM/Y4rSndJCNfH\n6pTkfDPldjMJQEzdXko=\n-----END PUBLIC KEY-----", + "sha" : "SHA-512", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AIKZxOK7vBoGHrXQnFymZV6SP9hfCDdsyN6EnPDjz6RdJCl2iZwnVRzMww-dmoLSuqOW4CDe9UVGUiOYWNHrRKM7", + "y" : "ACAu8fvSsnF_115Al1rsbtf1wGD7BCkXEUAtUDhAl2ufatgmoFlX-GkbTP2OK0p3SQjXx-qU5Hwz5XYzCUBM3V5K" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "08299c4e2bbbc1a061eb5d09c5ca6655e923fd85f08376cc8de849cf0e3cfa45d242976899c27551cccc30f9d9a82d2baa396e020def5454652239858d1eb44a33b", + "wy" : "202ef1fbd2b2717fd75e40975aec6ed7f5c060fb04291711402d503840976b9f6ad826a05957f8691b4cfd8e2b4a774908d7c7ea94e47c33e5763309404cdd5e4a" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "01901935f873695f6d978537d1932a74b594e98ee672348f9a25abe2cf8b8aae31208c90f80fe508c356302f11f4b7d8180aa1c70207483c560133ada3060dce63c9004acb84ee9ca82af573e5ab9ec86820e60d12f20168862cf34429219dd6d8610298af6d01a57c4b5d867acbb9faab0628501a489a6ec63273022e72aa1aaec8dfc5", + "tcId" : 101 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "008b2d6f870aa5a329e2cfd2d7b557879ed300154058e2c55569312d929d43e44b761fba188745e047cabd77ad54b5ec3f301ad5725e41dc07e28cabdd0f948d10e201496e8da0f64dda20666dd78dfb529695f32df3d4c33e402dfe85db1ebce89396553aef4d62cb3bac401241ab9938040a6d22b36bb866d3878a7001c646e2ade4fd", + "tcId" : 102 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "0102dc32e8f53daeb00ac0b9ea88a3496b19be2831261660e2ef599c08623c3bb4cb7f9d4e5d24e9b50256b3243292b6a5d7de11e371aae3e88abdb01112b5fc31e400ed4642d1a5d4456a8bd94037d180cfe2faadb1fccf434fcbb12eb0a353064a9764bb8b8d689320e8a83af8045109c2007f1486627cc7ac0c5c713a419075862434", + "tcId" : 103 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "002be69063cb7c574e1f15b2f762b9499411ee01f786e1bd6876c753b640cf0c4861ec5e85f0a7ec4f430ac7f4cd6c8afda97df7f7914549770b46f429931c8a02ad00898a7ded6b2a1ae812bf52fa1afb219b9b28b6b5e8e09f2eb3a3a364eed565664ae25dde99fd3421821e241e28cc9b3168943fb5ef56c7c9fb3a7bbba4c4e20f75", + "tcId" : 104 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "0019c52156a6044e89a69d35d5ea3855108c39f038652be3a3819fd38c4f087510918c5a013b1e06c5c463db7aae0c584316dae3062d90da918ff474e687d7bd9c5101caf79795bca185e27c985083ee936455d1c60c1c7e3d95e032cef0d80bf1426df5cdf1b9a5edbec533bc737c24b77b4694f233ec2f5e88d9effdd2a9b8d3b800d4", + "tcId" : 105 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "00e903e8ad55d36cfdf951f631d4226b5bf79c17e7c2f53c4dabecfbf8675d38ed29e150fbf1d86f44c730df7777410e9df72a5a88cbe5f52e083585d1765ca3055300b85d63f3c4e2f36691e165026696a9eeb8adc4c0e32bf56c03de418eed3fd48057e9d402dc124d710e2536986472cf75b87ec283574223cb193af34966ea93183f", + "tcId" : 106 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "006c5437ca8b2f853c2a4216d9e7379c4400bd5fb2b74d6c4af5658589d4894eff0c754465569c45804c0b3b105a917ea53006cfbc7f0e967b14014dda4f1a6a3f0101620b46f91afbde439d2f479555ed03b5210df454926d2473513b6342016bbb24b1eb10f16d5666732b977ca4938dfed9bbf36aab261f924f153a4eded721da124b", + "tcId" : 107 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "005f49f8e46ee467fba634e7b2c7a089eabadfd82727a4dd4e8e20c2eef15d795cf287c62f86cc64cd988b83a4271084b32c2176ef15815026220c17a5d1255e953e01bae15b61f0ad85db8c4aaa70aab509e6ebf32ffab91c90e63da1670f94d1ea54d50e98dfb3f67626a27c047b457a20fdae6110acd4ffc96f17d38e90af8bd7b819", + "tcId" : 108 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "0044a5b08f9d5031efe823a3f7b2226ea7c88e7d770acd5943a5804fe6f48a1421aee3c530145c20680ae35b198e5a0565a71748b37f3944708d40e1acaf928bdd7f008d5fbe874e1b709f4b20e78e08755ce1792a724bdc2e48816193d77e95e021f1baf99c8d26a981b5c882c56a70f8a06dec227a3f29204f9f582c72eaccd1f96165", + "tcId" : 109 + }, + { + "comment" : "random signature", + "message" : "0000000000000000000000000000000000000000", + "result" : "valid", + "sig" : "0077751cca360c5abf093605729cfc68e1c80b255b01e3d12b632d00b6dfdc8e37c74cf4d862d66c7989d2f999af58d33720cae0aa83251a968be4db122d3470c9f901af02304c5bdc546c2d06785ef906367d7117e6efec63151ad02d5346f7253206a70125dde96824f17005aaaebaa50f7c4d2bc1f7b653075fbc9c1a8afa225630c2", + "tcId" : 110 + } + ] + }, + { + "keyDer" : "3076301006072a8648ce3d020106052b8104002203620004820ee7b7457b52790f012e3f0a0e315d6a4270ff8ffeae9404a4c43d1e47a8fcfcae1a6ff4751635f42aaf94b0e3654de80847146fb7360f4aee71cdbf54eb16387d07d6e6894be68a5dfb62aed5b1f839596ea7bac188a4b766eb94e33f22d5", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEgg7nt0V7UnkPAS4/Cg4xXWpCcP+P/q6U\nBKTEPR5HqPz8rhpv9HUWNfQqr5Sw42VN6AhHFG+3Ng9K7nHNv1TrFjh9B9bmiUvm\nil37Yq7Vsfg5WW6nusGIpLdm65TjPyLV\n-----END PUBLIC KEY-----", + "sha" : "SHA-384", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-384", + "kid" : "none", + "kty" : "EC", + "x" : "gg7nt0V7UnkPAS4_Cg4xXWpCcP-P_q6UBKTEPR5HqPz8rhpv9HUWNfQqr5Sw42VN", + "y" : "6AhHFG-3Ng9K7nHNv1TrFjh9B9bmiUvmil37Yq7Vsfg5WW6nusGIpLdm65TjPyLV" + }, + "key" : { + "curve" : "secp384r1", + "keySize" : 384, + "type" : "ECPublicKey", + "wx" : "0820ee7b7457b52790f012e3f0a0e315d6a4270ff8ffeae9404a4c43d1e47a8fcfcae1a6ff4751635f42aaf94b0e3654d", + "wy" : "0e80847146fb7360f4aee71cdbf54eb16387d07d6e6894be68a5dfb62aed5b1f839596ea7bac188a4b766eb94e33f22d5" + }, + "tests" : [ + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "6d61307eb3042c72fa2e5051e5d7fd969357bbf7a77ef28db8e5c35431a253e47fd271c5b14a377f41e9db9353c33e848bf9412381b9fe33fdb00757af2e08440d36d4fc7ee0c085850daae1f8df972ab8299f381be2951e8e0b1e1eb9b5f803", + "tcId" : 111 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "87c43936c6b260236bc47417f0fdc6c5dabfd38576f74135dff1fad9daade052098c82e46e1dd4577168dab9a2af95f1a7f1fd50ee1a7b34b4ddeea66ce3b0455377c47cc75cbdcd7f7848b3dd6c567dcfcb77a29951ea6bf5e6d30bfbd7b064", + "tcId" : 112 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "cacd409cefcf1fc0d10b7f4cdfd751c4e207a71f7e602bfb855a592f5b33e6d666443ee9c9abd1258aa65ca06318447e50fbc450a2d2d6669a790cecac7748bc11111429fa0631a1c2f8ce0d8abb60d2b699db316f1b88e748f3f8af2b4623b2", + "tcId" : 113 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "8bfd7fe7562e19381fe51cdf5784fc8248e71a19ec73db9ab59a49eb28bd05763b0789072a6449dbcf32dc227eebaca8c7f49385fd9e3c8c4199030e238bf1c38b0000a03bd230d303cd0cb06e9a1cf70248c35da5258db2bb2047ff4b13bd9e", + "tcId" : 114 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "4936aacd98530d41afb1adcb0429d6e18d55b8956f7996f47dc5fe712bb5484ea9c992cc8fd7c5e50a5312c9a1fca21e68a97212b13a2d1d95fe45a434051cdebdb4886e9f23392384a32f61b50990e123241b06813095ffd557d181af38cdb3", + "tcId" : 115 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "323afee80faf41d30344b29d7c5dc63960c9f229f2cffe66a5d58fc0918ff15996e9e65879aad3c9ebddb3f67568db09f70abf2c40cd360dec66fd59df3dc3b845f90657e82f4b9f1da8aab9df5f45003224cb4b6519274d2925b245edbc3543", + "tcId" : 116 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "e52d47dc305382258dcfc364bcfbec863e844c75768dee340c9a5c6f0f98904726f500a2997f8f835a4db5968e6f727b7e9e3a2c64e66064f15a527a8a44396c29db47397058d0498cca36ed93ae76d92918087fd367e2db74ca807db6d33d1f", + "tcId" : 117 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "bffd543c002ab7740588aef8212205cef78baa907ab537634f5c3cfad76013d5085ec4f734fd085e0e153c6d86cf798bd237c58554f0c00888676c7b0147ffd7e336824775a4f675956be1daf617e2834abdc465c2e72b42032b6364ed926dc9", + "tcId" : 118 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "176847a307aebae41f08db05411eedac6f47f20ffde5a5e10c9bf45d1b244eef2c724497f4857f2f06aee4cac11ac37c9c80f7283350fde434d6b0fbccc8f26434ad2ad9a5bc9e3665dfd11009f68cb959aab1e1c5b2481cd987836854650f7d", + "tcId" : 119 + }, + { + "comment" : "random signature", + "message" : "48656c6c6f", + "result" : "valid", + "sig" : "be2eec483e0c2d9fad3e03163bdfaadc6baef5ffe3373aa1a48cfc0c00fd67da56dff871a98be8fab8645bf5ca645d65aae76f1d6acd4bfdbe683b5315a956ed96f57e82ff04932e837e759b40d8dcc73521a289508a7a71e430f680d6c0fb3d", + "tcId" : 120 + } + ] + }, + { + "keyDer" : "3076301006072a8648ce3d020106052b8104002203620004031fbb3c18dfaff249ed5b7ddcfb0282197fda8708cc4d2c49000939c413dcb907e275efccaec2a13ef98638ebb90c07015df32d9c8cef5c0a3cbccff96d36d5738201b8430c231acde7c831bb5a270cec6d35f5427443a0b0242ff2289ba07c", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEAx+7PBjfr/JJ7Vt93PsCghl/2ocIzE0s\nSQAJOcQT3LkH4nXvzK7CoT75hjjruQwHAV3zLZyM71wKPLzP+W021XOCAbhDDCMa\nzefIMbtaJwzsbTX1QnRDoLAkL/Iom6B8\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-384", + "kid" : "none", + "kty" : "EC", + "x" : "Ax-7PBjfr_JJ7Vt93PsCghl_2ocIzE0sSQAJOcQT3LkH4nXvzK7CoT75hjjruQwH", + "y" : "AV3zLZyM71wKPLzP-W021XOCAbhDDCMazefIMbtaJwzsbTX1QnRDoLAkL_Iom6B8" + }, + "key" : { + "curve" : "secp384r1", + "keySize" : 384, + "type" : "ECPublicKey", + "wx" : "31fbb3c18dfaff249ed5b7ddcfb0282197fda8708cc4d2c49000939c413dcb907e275efccaec2a13ef98638ebb90c07", + "wy" : "15df32d9c8cef5c0a3cbccff96d36d5738201b8430c231acde7c831bb5a270cec6d35f5427443a0b0242ff2289ba07c" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "f131a61e2bb3c8260b0f1b8fbbd57dfea3194fb9e4ea5eb1f343f67f013358e94f5b1a550bcccd6d6e40d065be590706bba3db852eef1c12d71f5e351c8d1790e8a11af575f13b0c992c4984e1e17d259e4e02917f480847e5c2b9430335ba94", + "tcId" : 121 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b81040023038186000400f3762f3ceb3a7dbbad769c6733b665aec3a802f8069345173dfbabe93fa6624e2a65ade6b849e05c59b01c7b709d36933c50c6ffd89e85e959571f8f9a25c1603701fb8f0d50bdfb4dca4e25d746dde110524b00cd6c272b2f5e6db3c99382bcf0b8eec5034645dc139baac5dc23f43c1f91ff8ed086d33192ee2f534fd0ca7a840e85", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA83YvPOs6fbutdpxnM7ZlrsOoAvgG\nk0UXPfur6T+mYk4qZa3muEngXFmwHHtwnTaTPFDG/9iehelZVx+PmiXBYDcB+48N\nUL37TcpOJddG3eEQUksAzWwnKy9ebbPJk4K88LjuxQNGRdwTm6rF3CP0PB+R/47Q\nhtMxku4vU0/QynqEDoU=\n-----END PUBLIC KEY-----", + "sha" : "SHA-384", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "APN2LzzrOn27rXacZzO2Za7DqAL4BpNFFz37q-k_pmJOKmWt5rhJ4FxZsBx7cJ02kzxQxv_YnoXpWVcfj5olwWA3", + "y" : "AfuPDVC9-03KTiXXRt3hEFJLAM1sJysvXm2zyZOCvPC47sUDRkXcE5uqxdwj9Dwfkf-O0IbTMZLuL1NP0Mp6hA6F" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "0f3762f3ceb3a7dbbad769c6733b665aec3a802f8069345173dfbabe93fa6624e2a65ade6b849e05c59b01c7b709d36933c50c6ffd89e85e959571f8f9a25c16037", + "wy" : "1fb8f0d50bdfb4dca4e25d746dde110524b00cd6c272b2f5e6db3c99382bcf0b8eec5034645dc139baac5dc23f43c1f91ff8ed086d33192ee2f534fd0ca7a840e85" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "016e9c9ec1320d9403f5b86df59158da27830857f77f58d5c4d34bad9af3f5a422be7f406c994ed865ed6555c326a8f1c7749212cd8dded24f943ff9655072d233bb0127b8318f719866ece8b0092e9c4cbdd212c99e644c1bde2b9c97ff82af6e2e40bbac92e0acd01a2d7a1fa10a7ee725c140b7418c1d5f56688ca0096726987e3aa2", + "tcId" : 122 + } + ] + }, + { + "keyDer" : "30819b301006072a8648ce3d020106052b810400230381860004016894136702a1ff2de14be80fa8ee832777d885caa90182281195187a8c24dfeb92bd33685a78dd348ae4042a02fa25524b7c111f04111df9fe3df830dabd8a8dcf00abe007cdd100461bec9a3dc0c51a6da36f9637aec3fee4c781cf016b190c67f87392a59e6afbba6ca89603dcb1ae07a6c695e6e1694ec440fae62214e016db01f5", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBaJQTZwKh/y3hS+gPqO6DJ3fYhcqp\nAYIoEZUYeowk3+uSvTNoWnjdNIrkBCoC+iVSS3wRHwQRHfn+Pfgw2r2Kjc8Aq+AH\nzdEARhvsmj3AxRpto2+WN67D/uTHgc8BaxkMZ/hzkqWeavu6bKiWA9yxrgemxpXm\n4WlOxED65iIU4BbbAfU=\n-----END PUBLIC KEY-----", + "sha" : "SHA-256", + "type" : "ECDSAVer", + "jwk" : { + "crv" : "P-521", + "kid" : "none", + "kty" : "EC", + "x" : "AWiUE2cCof8t4UvoD6jugyd32IXKqQGCKBGVGHqMJN_rkr0zaFp43TSK5AQqAvolUkt8ER8EER35_j34MNq9io3P", + "y" : "AKvgB83RAEYb7Jo9wMUabaNvljeuw_7kx4HPAWsZDGf4c5Klnmr7umyolgPcsa4HpsaV5uFpTsRA-uYiFOAW2wH1" + }, + "key" : { + "curve" : "secp521r1", + "keySize" : 521, + "type" : "ECPublicKey", + "wx" : "16894136702a1ff2de14be80fa8ee832777d885caa90182281195187a8c24dfeb92bd33685a78dd348ae4042a02fa25524b7c111f04111df9fe3df830dabd8a8dcf", + "wy" : "0abe007cdd100461bec9a3dc0c51a6da36f9637aec3fee4c781cf016b190c67f87392a59e6afbba6ca89603dcb1ae07a6c695e6e1694ec440fae62214e016db01f5" + }, + "tests" : [ + { + "comment" : "Hash weaker than DL-group", + "message" : "48656c6c6f", + "result" : "acceptable", + "sig" : "0062ecd31c77761bc89143b044efcb514e9c6ef4b5a0999203e14aba19d3f7b484e20b3833ade5f5f49d30e1282a2b22a14ee8816709595edf8f42f5630f92d303450147d4a41d4ada8896a4462d925fcb7cfd95e57048b73de44f2e292ab3009e3877723b8d0641046b622c65d5c0bde0ff46789ca2c205c6117736c5f971fd208eae8f", + "tcId" : 123 + } + ] + } + ] +} diff --git a/t/wycheproof/rsa_signature_test.json b/t/wycheproof/rsa_signature_test.json new file mode 100644 index 0000000..fca44a1 --- /dev/null +++ b/t/wycheproof/rsa_signature_test.json @@ -0,0 +1,3289 @@ +{ + "algorithm" : "RSASig", + "generatorVersion" : "0.0a10", + "numberOfTests" : 362, + "testGroups" : [ + { + "e" : "10001", + "keyAsn" : "30818902818100ab9014dc47d44b6d260fc1fef9ab022042fd9566e9d7b60c54100cb6e1d4edc98590467d0502c17fce69d00ac5efb40b2cb167d8a44ab93d73c4d0f109fb5a26c2f8823236ff517cf84412e173679cfae42e043b6fec81f9d984b562517e6febe1f72295dbc3fdfc19d3240aa75515563f31dad83563f3a315acf9a0b351a23f0203010001", + "keyDer" : "30819f300d06092a864886f70d010101050003818d0030818902818100ab9014dc47d44b6d260fc1fef9ab022042fd9566e9d7b60c54100cb6e1d4edc98590467d0502c17fce69d00ac5efb40b2cb167d8a44ab93d73c4d0f109fb5a26c2f8823236ff517cf84412e173679cfae42e043b6fec81f9d984b562517e6febe1f72295dbc3fdfc19d3240aa75515563f31dad83563f3a315acf9a0b351a23f0203010001", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrkBTcR9RLbSYPwf75qwIgQv2V\nZunXtgxUEAy24dTtyYWQRn0FAsF/zmnQCsXvtAsssWfYpEq5PXPE0PEJ+1omwviC\nMjb/UXz4RBLhc2ec+uQuBDtv7IH52YS1YlF+b+vh9yKV28P9/BnTJAqnVRVWPzHa\n2DVj86MVrPmgs1GiPwIDAQAB\n-----END PUBLIC KEY-----", + "keysize" : 1024, + "n" : "0ab9014dc47d44b6d260fc1fef9ab022042fd9566e9d7b60c54100cb6e1d4edc98590467d0502c17fce69d00ac5efb40b2cb167d8a44ab93d73c4d0f109fb5a26c2f8823236ff517cf84412e173679cfae42e043b6fec81f9d984b562517e6febe1f72295dbc3fdfc19d3240aa75515563f31dad83563f3a315acf9a0b351a23f", + "sha" : "SHA-256", + "type" : "RSASigVer", + "tests" : [ + { + "comment" : "valid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "valid", + "sig" : "68ea71ee1911687eb54b3d19cedcfd44719d0b24accccc59bdafd84e4eba48ef0be7f115e7073f9f273286a7dcee3b94cdbe208e30ae496987479d3aa12ab0e12685ab592d7693a494e6ad27d526ed3ab5912c7f81e09983931794c2165c22fd859e0f9af1a93a4dfe144098c562731e6059d236b52cb865996c87a9baf7f103", + "tcId" : 1 + }, + { + "comment" : "Legacy:missing NULL", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "302f300b06096086480165030402010420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "acceptable", + "sig" : "253e1d19bbe91064f2364c1e7db3ba8eb6dc5b19202e440eab6fbdf28c8c6ec05b812983713c338c72b6e99b8edf506a89ff9fc8e5c2c52362097a56dc228060eca01e1ff318c6c81617691438703411c1f953b21cd74331f87c9b8b189fdffdfe8550bd2bd1d47be915f8604a0f472199dd705e19b1b815f99b68d60bc257c7", + "tcId" : 2 + }, + { + "comment" : "long form encoding of length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "308131300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "52f46d508e31f030b17c537888585f919037562e15f1924543601a41f9b701ee416ad73d6576b4eaaa64e685289dc478751dfe2d7e588252bfe2d43f4b3a31c6c6c39a9df884a2fc2e45f09c2150a830974b1c9d26090830b37bf06f1d57be1da34ebb016e9db7ce2c34e94872c89567ff6f2ab35a1a9fb6632e100c7d7af834", + "tcId" : 3 + }, + { + "comment" : "long form encoding of length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303230810d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3f34017b3172aaeec72d208308e9b83150699f86634b948847eab56f0169fef51b5636a96866f4f0f4c649400489e047803a91f2b2f32ab715065e20770c4e2788946b85aca5c90efdd6a9458dd9b6f797f96a3de88d2e4896afe147d8c0389943828100061903a30eaff1dadd98d3e49dba56cdcfa5f215d9c615f974f4a0bc", + "tcId" : 4 + }, + { + "comment" : "long form encoding of length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300e06810960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1478337676aa47ca72ea7557facff06f6c777f56063f4487d345e43dc56a6bc5f8a891085d53a32c9d1c3cf7f469e7f56847b0b1b9b5b784526078271f21d0550afc40f81e2b8e8dec851d87511cace965edceb83cb96c8d6616e1ee75bb22c54412fc942a6f71c9fc609a31a69d34b774a97c1ba4f85cca28d9993db8543f75", + "tcId" : 5 + }, + { + "comment" : "long form encoding of length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300e06096086480165030402010581000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "77ba423e600bdd761ed10e7c00698a87fe1322f5f42b2902a0be7a24b1cf44f613fa55edeb2ded0475f8e1a13e5368f9a2bfc4f2f926ef289a2207bf3689fc1c8ec3e5463064a7f51bbc993966cc4016319b7c95f282372f1ff848d7fca753a81d905b3341b0fbf60ba186e750f3171cfc84288eff8742bda432bd6c8dc04f9f", + "tcId" : 6 + }, + { + "comment" : "long form encoding of length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300d06096086480165030402010500048120532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9460ee79bb990bc3fe28cfca92363e6ff6900e3b61b3a402f06024a72b7a65d62094b4419e93900995eb121327f72b26b139bab3e5e2bd0c82e0cf6357f3b16f1c1dd4407a9a820f20e3baaa2259614d9ee3e015e1c1778befa13aff1e545ea1758cba4713631d63180a91b52df394294441642964a024f45b2251c90e002ec0", + "tcId" : 7 + }, + { + "comment" : "length contains leading 0", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30820031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "96ac043d3cada45aed0dbdc4662dcf7855553a5effa1077048b51c7e9bfff7c2bb3486ea42894d4b4afb26a3b3bd32cb68d5c4d8ca2622f50d8c56fdc25baf83b9909ecb096419ddc13578dcc8121007f7204ee82c517ae03de70fa23ef2390602029a0cbc8a96c5b781d857dbf12802aa561f5f41ea35aa0babb91b9f891762", + "tcId" : 8 + }, + { + "comment" : "length contains leading 0", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30333082000d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2a70643572a7cda975d9e2c0827837e60eaa78c297b1ff75b84f654a91fe33294ccbeda52676ece50fcc03018151e66c24940bd0574ab85a6599231d587f4a6e0ae841cb6696e7dcfd182cb75001304e36887bc4fe3b373828f8b0e62ac2300a626c9e6a2cd05bb7910e74da2978dae1948f855b3b455cd30367160e21581cab", + "tcId" : 9 + }, + { + "comment" : "length contains leading 0", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0682000960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "27778e39b45dee1e7003f1d315d3466fc111791187ddc056784c158df92097e123021e11918b6df8d905304db732e83d904bc914271b03def4ee129c3fc8adcc4f81b690e09e70e46c8b920093f304e64ecb7358740e976d28538a9eecf09ec1e1cd47df9107968207b21538cabe076bcc07c3862c46a793fcf638c70a972885", + "tcId" : 10 + }, + { + "comment" : "length contains leading 0", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201058200000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3a879e9f883b158908014f3617cae3315d47afdadd30840494f68d91c04dfe81bd16a40c7d21238cd1816928d989a232a3492325ab0f95d4426e3fb7d58c9908191dc557d8779dabb282287b7860c30e0796283428e0276447235809882ee990deb0f4312c01e7ddf0690406eeacb660acc6957bb670904cfd8d04df5e3ebda2", + "tcId" : 11 + }, + { + "comment" : "length contains leading 0", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d0609608648016503040201050004820020532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2b82155f363a3b283ae455f59e41c29dec2fbd8c7438b0e347aec5b38c7c895cb7d326870e4fbdb935fcbb561f223bd926dbe8b95ef5eaab27920dbe30c641e99f526a9bc356af54198b459b59383135a82cd5b6edab7da0b1a51d939b2f9951e1432d637c4f04a3546ed9c890143ae364602b94eabdaa2a45e4bdf0b5bdfa71", + "tcId" : 12 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1dda56dc953aeee7fd76ae7166d92ab9e3d1d9759e76f8f1d7634a73cbf69e39d8249153d7c2d83c9664db13552f0c78df34b8a67e7b6c10bcc61b5ead7ba62ce0ec7ba8ac78d146f7e4cadee6f6250e0bc3100660e7afbe3afa17fa288d97549b4c8cacc00ac5c942673485739f89c9e5e63ad2be97a8f2313f5c5b095e7542", + "tcId" : 13 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "692c143b82196a391a3546607336e6f3bc047412645cf0def0d62d1b42234c14da138bb7f451b45073bbda2aba23412e83bc40d4e7de3e0684f2cad7d059f2d6831aa3d2ece4964ca75cd41dce23c5ba495c15345b36947b4b5a051fe1b84e148b5ae21f112d2245b1acbaeef9dc4a0c408829b9d2b1b5ab1d3a40af0a27b99e", + "tcId" : 14 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300e060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "66c31a45b2287425a20f65c3eba9cc58c370882f5fc62921935491fbd516df9baf9b28304a21d9008b61a92779ecfb3b0c03f6d74354f5159956e3fc1d35bd7376289378f05d7a71e05ab32794f2566a54635e8dc64740acbe10a293ceddbebe8499b520f406023a134eb9927ebb788b92488f036d109ec0a40ac52372e847b3", + "tcId" : 15 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300c060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7b85536bdcda4ad3fc40129f2ff9dc85d9ec049913784064e7358686640446278a2006d93fb33429407597e5d8c783e3f7aee8a7791d69139f3c802a6547f01bf987415eec2447b0e8c4f3aee7ae2085d141fa34ca6634bc109dede93285d5c40cfcd98bd47ceb9cc1890dfff53b7ebb8038533580c7a67fe14c0c422e20cd64", + "tcId" : 16 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060a60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5d77fba3cbb1905d83aa532fcc3227a95d7931bf0c2ab51f8118824de9dc029bd2470adf48b41c694ec7359d00a1336990c30ee368dd40bd681ba74794415d3997e7a756659397bf6abd44ca91c12a8580a3f5d1cdbc7f3be0c23c72334ce9b1419e6540dab73f5ff8ab57d0bbbe92b688bd3495f9344822b622042c2491bc41", + "tcId" : 17 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060860864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7b5476fb78f389d1131764e7a13322f86008924c8c098f6d74f2df4dcc5a504cd786b3eaae33295cd1e87a2bbd1a06cb385674d465110a9a990d52de9a67f1c13ecaaa86383d489423c084fae9ecd2e9b109f4f04b8c013e3409128f3a079c068c1ad27bc2a20e76ad149325b7b0f0bd804a4e33949a98aac49076260702b0b0", + "tcId" : 18 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105010420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6034e1253e4860a29096e392076794cfcea166a30b340cc09f77baa5952c06d148bd89b750c3112930ef210a50a7d3f6569da89912b5e50e824116e73a15536958f75779506d07e67ec9c0cd8de4b51dfbb0fe56926feed18ffbd83b0cdd50d56326c54adf97e629378ae5f0f02fcda3da1aa98cb1d1990946edec711a85a0d8", + "tcId" : 19 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000421532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a44cd265e1ecea83fc74e9eef746ef173277cc96f69a1798590ddee7ce5b5c34a82ad58a5c042db19005e04eec4159900ea764c0d008c52b94577d1c438661fb767902d9d1bbd6a90bdc4df685ec5951eac81d8b4dd36bceef7b6f919e85b6c994c7cf22a804f15cebe63b77f47b3bc2c2aaa68c6362c27a574b849efafe72e9", + "tcId" : 20 + }, + { + "comment" : "wrong length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d06096086480165030402010500041f532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a160aa43f4873cada34bea5ccd2be9dce07940ee1c08eaad524a5019993bc753ce92cccada706b483f106ff20b327b35e7c83955ad3bbff3f26ced3489877d1b5bf285d61afcb30219c02a440da61030e301aadb901a525345d1a651a21c31a62ac9fb71738c3e215a8941ca9a3c4910679c5e774530c28788f6eddd7a31c024", + "tcId" : 21 + }, + { + "comment" : "uint32 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30850100000031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1369c78f816a9baf027e255de0c258125be90f35b8daafee87f2ffef2d465e0694af4401cc5cdc7ca78b08d5688ceefbddc02abc5495d47c6829d696f8370ea427e7e0225eaf22cda720bbb5881edd16b19bbf2ca86654c65b4ad481c13fb38af00d77922f46b311f936c51f4610f6bdb514b366aa05f029c1e63e3cfcf9763d", + "tcId" : 22 + }, + { + "comment" : "uint32 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30363085010000000d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "41d4c1ea43cb207af8bfc1552e31da7ca5744b68c4e00c3bf55f4edd4c81e91c01f44fa05290dbaa1fdcdcc775f6032a049b4965345c16aac6994b06cda9e0387dbff96cdb115e014f69bb057faca2f618c70a31edd0beaef7acdcc0fb7c83b2f07a8b9de48aa04b7c973920af5b8dc20aac343251ddf4c2277985c3db1dac2f", + "tcId" : 23 + }, + { + "comment" : "uint32 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303630120685010000000960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "76bae6c330b9ab33aa9f2abe8559c51fb95f953a75e48053ab99078069214b509dd1b5080ac6819e32912619372d71a9ff1a67449dd699e5bc6ec0e18d1893dfb5bd571d933926d05b0d9fd7036ba4556e209369d1c57ec49cd9075e583c257c6fd4899c2a8bbb157547812cc692f264bf54712c71ee090b974d99b4d1629696", + "tcId" : 24 + }, + { + "comment" : "uint32 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303630120609608648016503040201058501000000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3480a5c22f092f259b5bc4fdb9a33c044c24a645b57d61920effde1dc0bbfe53738023f16025841f9323b40f72c11091941bbdfaf7c2fbf77ad6626dbd6a3b7abb3ee916d96a922b11c86ce80ee67dec619bb98e9246d35a33b11b3a4e2a3a130e8b57ed4bcdd4b4e73aec3f9e3d50d3db5e29cffeb186846c72d09468d018ed", + "tcId" : 25 + }, + { + "comment" : "uint32 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3036300d0609608648016503040201050004850100000020532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5b3d3a198d4b36c6d9641db181fff59407a25bf1571f85e47bad1eaf138079872b93b9eb51aae09b48d6f4ef56badd96a6584277d8f3c6e4a4e11275f72021b50a1665ddaaa56a2a7caa7da6b4d502c5214e17042811154d411dd2197c250264bb69ba43adf668d4f7b81d932afa55e378214bb19ddeb431f702a91dd11e23bb", + "tcId" : 26 + }, + { + "comment" : "uint64 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3089010000000000000031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1cc5577d04e34550e7f3d136064547efa30b9413e2c423b5a320eaaaf11cbebb91e13bbe3874e4650e057a8e38c8a366c473f35e0de82b22f846721a09e3f279ebdf54c8df395a9041333f09cb7bed5291bc1842857c4ce6ad5a1c2c476c1efddd5fe42824c25e0581aa7bb8f621d3b53566637c6266bb1bd0a5b7fb79c72616", + "tcId" : 27 + }, + { + "comment" : "uint64 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303a308901000000000000000d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6e56d1746105344b34fb8299d173f4a5032cbce3556ca9d1eee35f8b31818efc121a1a9599c24fef8531243016dd6288d67b4bf9fdbf2c90fba5b1661be03531b5e15385ea465d1376010f0af761e8fb1afff7823dcef8dc100d97c192e9a7d03c82321d83fd8ecf67207c65cf182e1104ec5669536070cf1e3fe73c5e27edeb", + "tcId" : 28 + }, + { + "comment" : "uint64 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303a3016068901000000000000000960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "37a413f9202591b8860cd9d68515ab522ae800e9a71793b479f1fb74ab8c9b07e72fe82dabe1189d028b813610e5e57c055af2d32837551fdb0cd93d7669a3c02a14c460f4c92136a4d11cfb7dcc76401bb5b699fbc64d302736d68c3591ecd59220107cd63f55c83edd38c4568e6f7749c0d9baebfb7c8ae1bf2179101745a9", + "tcId" : 29 + }, + { + "comment" : "uint64 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303a3016060960864801650304020105890100000000000000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9fa8aac224bb50697103d457e7fc870853b23670ee5b8c7395d68ed82b30db18ae34a569abdcdf19238ffca8f5e435327dbe605bdc1a6dd3eaa3c2beb33f00642984a2034bf3b3e8de3ec7009e35069d5b27253c4aadcb4f163148e157252e3b9334abb6cf0299161c12908529f52de9416ec6218af7a6963fcc987c5024ea71", + "tcId" : 30 + }, + { + "comment" : "uint64 overflow in length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303a300d060960864801650304020105000489010000000000000020532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0f50bc6b1b94aeb6805dee51c92860693de47c4925ab90b57a46e0485a9afeed45083eade73bee684cd07048e632d1dd24aa2efc42c1f85e4fd7b7058dbeafb53a3d5b1cb1e7dded3352c3c92ded891839263a501afaa78fedfd04546c43d16f7a52b800abc9ab1ef827ae0eb19d9b52def2435f1477a48dff61800b4db830e4", + "tcId" : 31 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30847fffffff300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9dcc651cc0a1b4d406112c0d1ebd7a9fb5a2c9d9f9cffbeab2d2821e5ed01efa9d191665794649bd1f588b729e8fba1eaa37a5a736a5863973c338a92b2665d6ead13b72a19d2da778febb94b150e8d750340a3b856fca8b3b6e3cbfecb9c397c23f46912ba546ab0f64ed88404ce317f8fb2278b68950e9712d6b11f5cdfcaa", + "tcId" : 32 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303530847fffffff060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0397d14205c2f52423ef69c874294dc2b37d5be5d5647f7e83f1dd6783cb41cce52e6de1dc8c9e93ca1ef887d4c0ea79cd8b26391d638bbd8080bce830bf1bd7fb1de31346f28d609874fafd4a34fb7bee900441f55589ec3c5e190106d8816cadfcfb445834739cafaaa3903ed93cedc41a76aa0ce18fb49a3a73b7b5928735", + "tcId" : 33 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301106847fffffff60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2c3ffd881c1c0ce2e4c98282d6011179a89b1e84b17072bcbbb64164e5e05410d0414a1fdbbc04564f3d80f3891f28c3f02e92bf97b4339b5bd4699614e236d4223cef0688c44b297eb9c0e22246b4cb28983b102a446dc76671206c3b77af6897f2f445512abda37bc9c37257dd4f1c6f0e6ec40929eb6b0058682b9d2f6c66", + "tcId" : 34 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353011060960864801650304020105847fffffff0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "668bd06eafe953fca6a17b0da0f9006ceadb09ad904786b7530148df7eedc146d20a5472c39677d65e59934c00227fb662b3474596e6072f56d2c00c3d31e66f0da85f4670e75c3f2c910c0fec8c98bc31fb2eceff80350b78aec0d316e9bbb331544d8a3d0b1649291396c717e350bebba3d3c3a0b1d55f010879b8c7b7d4f9", + "tcId" : 35 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d0609608648016503040201050004847fffffff532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "87482257ae1d18d0357428b756ae35a48549536a3439ca3c148eee64f4c096d896219097d55c14a25eb1490779f6b1471aed238cc0d6aaf265c12ac086d04de9b79a37518056dfacc12cb4916c17505fc7e2e6c1e0db720a286ea65bde4d3da1d2dcb8d0276e8ce73f3f923209149955285c602572cfd24c82e8d96d45f569e6", + "tcId" : 36 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3084ffffffff300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "03aadd447f36952dfe73ae89e5c656b7d37ec92535e547cca62a7747f3831f2f613c7dc094f3d5c4c6b9e02b21ed4626930ef3948b42ed41f4cf468d2474acadf1c75599c5619e4872e6d3dfd93abe92234165135ed265e0c0f64fddf23e50c1f9fdcede8778a8ca008ab00f8afa887da3f4699df9f1140953232f36d035b03f", + "tcId" : 37 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353084ffffffff060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "31afd9a0d827755352b16de04de42e98a8c72f08919ed475530a00c762b8a03bde22634dd856a7eede4b4947d780cb3efe55775e16d7f46f209dbcb5569b2d9469cc271aa850f74960f7c741928055925349821e32e1e0fe5a040010a39a4b6a343f7f35c204106b3617e528a99dcaea8a93766adcfe7be31cdb98f7f7f14669", + "tcId" : 38 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303530110684ffffffff60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "16ac0aa2d727ef5fbf0305259ee6fa40827c92419f819673fd64cc2dc2dbfe7ce1cfcf06e26d45f59cb3d9afd30d7a6265863fe856e0a0b1b9508b1e7a2dfb0f87f5ebfc444bbdae504abde7daa33bffb991551940df682c8e2c45edef0563b34d4f11e1955e83c2145ee321165517d1532abd64dc613a280fc30670bba1f898", + "tcId" : 39 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301106096086480165030402010584ffffffff0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0fe0c75dae62462e66e7277b03c9113727419f7d4db7b2a567c0c189fb6328e1f73d5d44e2196b436f4c2f0f12950d419774c8a51c55f9b2217f904c4f03d5f5754174719dfb85f62795ef75e6d54e703bf231fd8472250f529f85294f29f6c5653ef585079c3b3d8f931da80a46c8afeef37696fb0e7986d413bb1996b8ad57", + "tcId" : 40 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d060960864801650304020105000484ffffffff532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9ef993e6ccf015b0b0de75b51213a1c3efcaf66bf83655287484ef28d984806226a7af1704fa6a7fc02984b44449f83ae24761021e49ba6117505c1e609406b002215de27d696643c3354fb48e6c64e7300944edaeb96e4872275f75532f5aab94358d4954522fc7903439e99223d8124e79a3f519050b6b576b77d5abe7c3e3", + "tcId" : 41 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3085ffffffffff300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0fbc20d18ef2dce383ef9640232e44fc287cd97bdb1a18614a77a6d72da5db05df264fff4964b3395445a5b75f4098be8c923ec613efa49e87877c08ce52e9e8b491eaab77ed2336179f1e447bc53e0d9fb9cbd2f2c5e180acdc946df4cdb0a878f27dc010adb1d080330e0bed852181bf97dc4372049ac6ab5802c0d650ffa9", + "tcId" : 42 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30363085ffffffffff060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3df42c382b86647a466ffc743dc4713259bd7dfdc909939738e59e3d1eb11d104537762c50eb55d4677a005f7f925ffc7ef0751ffe0c4320a6cf0733e738a404b2672f3dd11fa97bf9d84b786a47c63bbc962d52873765a6de3a57590c2cec68118af81d7dac4f7ce6c101811f2fa364a34fe704d674be5a28531d6e8c4fe120", + "tcId" : 43 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303630120685ffffffffff60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a66d9848a3db7e49d8053c4a3869415c0bb58fd265276c99a66ed1df84e162cfe8f0820229d2ac2f99d9753eed39af46649409cf559ca6edc8c47e550b7a4cf24fac756389e365ad73ddfa67e72d042ec494644c5f277f60864dc90d6cbfdf556396c795192077f51f173477b934871e2a960f7ac3e6e8c8039956a5061bccf2", + "tcId" : 44 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3036301206096086480165030402010585ffffffffff0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7561668d5b2f8fd3190be8244d4d0550043dc0a7e80dfac83eb6f6ddbf448d424082fafc332e473d434b37ce7605352594ce632f4d5de30951581af907fff6c01814022c31a31b3d130673a56b4ef7763bad595053af0174df395b802722f5046e408c978e2b5a9a63f8ea80e932f76513928253f432c8bdc7ee51872d315b7a", + "tcId" : 45 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3036300d060960864801650304020105000485ffffffffff532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5a836168587968425c4e103bae20603e0ae6f714ccdc603a865bb3541b65eee9dd0d9ee21cc66c7a83403fce2413b97f1c1239947e94614f6f2eb731387c8b9d956242bd9fb0545eb2c874ca1a167222034649894b41fd0fa935cf52e583a5e9a4b503cf9f2b238c025bf2e22ed78e7a64bcac1d38302cc2361c71b854e79123", + "tcId" : 46 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3088ffffffffffffffff300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "97c602416f2131d34f2a57acecf26365a30c12f77e5beac095533848ce227302092c6f44b47f011d6eb0a91f8024d1935d8bb274c42b57875115a94281fd3cb198f9334758d3200c1c721f6babef332c02a89968a7089f7783993bdd54f809f8372437798d2364040c1faabfb00faabf28cd6ae4ffea29ae2c08a6a7e6074700", + "tcId" : 47 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30393088ffffffffffffffff060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2a970dc291a1dc935cca6985dda703bcc1ece2e40817ce8fa79b6e8fe84e113686e6e65570d46bf22147bcbc389cb5f86f92dc185f556d15e7614cef119fcd7305a31fd2f8710812f35f9f0bd8a1a6e5be3163de644370c67181b7575635dfb9f717f78631d62db714b2a19cea7079ff13c8926ae0c601e4befb6541b02a7e20", + "tcId" : 48 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303930150688ffffffffffffffff60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6e16d110235cd11e32b114ca9dac0cd6a1b041a6d2c61941d49bb458241281f62a4e2b1bf3cebc3e67e8c062ec67a51a599a553b09732e23e1d09fb2b20be7fd311a7122414d535651718a1421d4239276c227b96506729a09e3ff2779dd1c79de4d402623039b826e2bb4d26d1b56775fce14ed0203a9ebd8f042d981705a77", + "tcId" : 49 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039301506096086480165030402010588ffffffffffffffff0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0716d252488e08f10a25cec94714e6105bd4e13ff019431190864cb0f4378d315f4bd0fdf186e1f2d45a6e97eb04fb2013273e178ce4f82a0b67bf9d021b1d8ab73d753adf2073ee1ad6190b2163139db63778a3670b7cce23f45efb601bd59644a431cbe534ecdf4c4c58ed02ed03863ee32d296b5736c010305fec655b1a44", + "tcId" : 50 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039300d060960864801650304020105000488ffffffffffffffff532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "03e52a2ed638bfb9184a0ee3698502af3a19bb959a984957de5101e6f7a62cccc2ec2a6293fa9d76fabf3ce7e4bf35c65a5f864bc003686a1e05b57c5af6ad588e05a5225479422d7b78c5bedddaec7f4b8c1e9ab7478c1ee253847324e025434b76a01b82a40123ab31ec9862c6016885dc6cbfe97801503369fd3688bdaaf8", + "tcId" : 51 + }, + { + "comment" : "incorrect length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30ff300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9c4217830da16424a6c80a62e1e1cc0c589e3324267b4498e89af96998f83524b67c703e46860ca55631f1e659096366b60557dbbc8aa8a3a7ff6a887f1afcc55d336458ae25b015061adc391b8a449a7546e48d7e1d783e5684730333b0e2a32c13d36e342e31a9c1c447c0585545e08ce4f6340529413aaba6872280bbd7a7", + "tcId" : 52 + }, + { + "comment" : "incorrect length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303130ff060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5aa35d19b312de94d0123619500c15ec79fd838f6f18e75e79a11e50d0eca9406ecb38de68e11cf107f80ce2d62573bd1e4062fe78f30cf4bdfe9bb571488887d9dfaa2d6031f3b7efdd0dd78f04d980abfe641f490faee10e86dcc9b729bda0b127b448d33b1e1b76373794c284d1aecb5b813a2defdae3723eafaaf3606eac", + "tcId" : 53 + }, + { + "comment" : "incorrect length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d06ff60864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "971daa114a33b412a3aa1c3a93d5e1cb9810210019fe4e6dd0c70361a99f1a0676563bca2a05915df2ef2e38cab387ea16405d371d1a382ac286f1f97d4fdcf84464413986d54d6e2c7aeb8d5afffdc6de31684ecc7df721957d331bfa588a5f2a65c52f29ba5e4585bc69539e1945f1c4306f8d664d9cedde6684254ac704e0", + "tcId" : 54 + }, + { + "comment" : "incorrect length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105ff0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1f5bf49483eb6f33a5575ec2a8d49388523ee41223210f05e1f9f73bcb5a8973dfaa0093247460885f034e4ed7cd888c63f9f0f74dba7065f00cbfe5d9cc0dc7aebd7893acc3f32d5cc03763b59a0a846554ef58569f153301dd6080d428c8330718e733b92e76367f4eb75213de1495bdb1a5743deb55a77919adb45bb6bc4a", + "tcId" : 55 + }, + { + "comment" : "incorrect length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d0609608648016503040201050004ff532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7bffc77cda9ff6bfbbd5a92fa6d4cf5a9f48a083c37a9437e5d82c0ad9f625aac8917c8df8bb4db5ef879431bacf360399c6607711082d6bfc5264f40631f2a742a3494c039146c3f41c7b53aa754afd35410a0a26c6957dfec86797268861036bacb5dc8fa6ca2893b26a3e4b186d4ae774a3822aa1e99ba4bf6bc3d53b2c99", + "tcId" : 56 + }, + { + "comment" : "indefinte length without termination", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3080300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3e461f3131735907cec3208f19a7ecfaa8f3bedf587d1c586773899f3fed55cf669ba736c9478b93ff058fc063e62433bb0da4d6da8254a00a6b1e1527dba86d89ca412cb952a988009d8874163683e729c7544b9c83e07b77467b4329e04bdee552ab0513f92dcc7376ed59718b645b50bd50661c783d559eaceb12f7bf5d10", + "tcId" : 57 + }, + { + "comment" : "indefinte length without termination", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30313080060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "81312384fb68fc608aa019df2a251d5a77dbff379c99d2804bc5ea766f051a80dcab2f63ec0b60d2b26391b35a83a5b75c7449fb0b32bd28d78f1138dde33b223d141e293bf007c5d028b34cd6055a4ed7aa31881c8514a2a091690405f8a708da65b34730233168dc08cd81733d2717db133f5d54ada593184bd008e5a7f016", + "tcId" : 58 + }, + { + "comment" : "indefinte length without termination", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d068060864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1d1150ce975992c50b3cbe98f2373621929c7a90f8dc5a9434a06159fb614acdfbd09851b297505db51aea8132a8f082fe72ea23099aea18494d2a73aaa6b9b6b04ca6d20a88c5dcea917f92c5df7943254fa9c3b1e7eca05a2ae2f796726d9296c880cf0872b8c32082a3a42b9cd099d286b586b0efce95908c8ffd27835572", + "tcId" : 59 + }, + { + "comment" : "indefinte length without termination", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105800420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7c64ae50883b449f68f941c9892dc1e1f446bc3a779ce9906bf5f6751dd110162ee03a99d1b556ff380f176263846e76aea5e7078927ec6c076a79c64450f6ce8e7a9faab4040a31c145564107120cb524451e4fec4b1ae3702d0b063c660031b61fb6c2d0cb46d17c5f4605124057d5ce3a0ded2019a14718de1374e0e87124", + "tcId" : 60 + }, + { + "comment" : "indefinte length without termination", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000480532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "65e61f63db5ef3a5de4a11aa39e3f4a6d3d952336c19f0fd60255b376d459d318fe4234a3a6c883090617306f98659577f7670054fc4f2d4c82bf7fde24bd1a231c71644d487d65beead86828e48a3e081fa6d4666b86b899ea57c99a67c0ae75947f2a4e5dbce3025421b3213224e29a55faf0cab8d9411b629baabf7c9ba6a", + "tcId" : 61 + }, + { + "comment" : "removing sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "", + "result" : "invalid", + "sig" : "5df1c4a701c6fc1f2daf6f4538f29c3452667424c05edcbdaba4a1678c8b5bc0e89656a0e48aef46642e0bb597813688904e9d74cbd377a3d9d2c965bd3ed06f136f10367ea3eecf89a97508389448a31ae0e79ed3725d0c4e99a516daa4116479bc53da5d7c2f26c7ec6310d4cb4174bb781405630a9b1c147b0e1da3a7faf9", + "tcId" : 62 + }, + { + "comment" : "removing sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30220420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3e43837b92ebe4df08586fced3dce46aeb2fdb6ec2bd0c58e823f6e6363b9b676786929d13ede60a8d8d0daaf71f0de8880ed0fdac8706eb2f324394145818b641d1049cc7552bc6273d86e901099c78297381faec5c518fb6de429700f3bbfef76cdecbb60088b9f2a77d75b8ff86f06cf23850e3183a267c0ea34f4f839015", + "tcId" : 63 + }, + { + "comment" : "appending 0's to sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "26d20fecdcf0b7d6a0472754aecbe115c39d580ce9d78b67d1a6395aa6ce6689bf6d0d96545341fbf04956a48c47f7d30bda017acb1d8e24ce596aacd3e05b1afa571d19f5316142557f765e4c5d080bc5336b79e2c02d8833d076ac9d7794ffbe85c66d0db97e1f5bd2ecb46afb15c19a8fe083fa593420e996a483c2a3a766", + "tcId" : 64 + }, + { + "comment" : "appending 0's to sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1163082ba8d48352df7eab96a0067539faff24374a630aa4393461a0aac716606625d706699dfc22cf3aff89fcc278f83a0adac87aa0bf192dd86a97031515de1933a23849478ebed20e4203abfb47345bc18f38da5d45e829997b10107c536999b2ce10b2781e1db03e10cc2bdbc2e0ff4c3db5d271ce83c1e7e267e7c1e107", + "tcId" : 65 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30330000300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0ded592bef1fa809841e0d7365e66af12f4239be0928656e7c49a043b9f2b18b9bd2dfe93a810c6e6c8ae6cb8a5c9d6e9d39a96a10b3bbdb92a7b8f575c2db4841c1b628160f956f54e0c58d3b6fd4d640b0a06d39476daba7be04b63a75f38bbf7517d9751d2b12d2dc00e44de7263275dce6b0c0af65d3c04878d6fc1be2ac", + "tcId" : 66 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0000060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "95a42e5d9bd9ad5a8579444e8167bdecec16116a7900117b298c82d5560f1d16e9fbe963764727fef9111f2465e66177b576bdb8c70a58e3df6ff69edd2d6827c97d626b09c24cc49f223cd5d2db2916c54fd8f2ac7301723449b1823f2ff48c56849f7d608312d4bb7a97f90ba218f99cb773fba0a34909618f5d25854d7687", + "tcId" : 67 + }, + { + "comment" : "appending unused 0's", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "2344c598a8905b350f20de5cf0cee60253729a54be45b0b19acc109ac15862efab2e7c96e92bc990ed6959a40d725c24c25c8d223a46f490905c1448d8dbf7c9c427bc2e896bdce6d2c1daabdc93ce177f9525ac69d899bded12443338834a16d885456057461740c5140cb9a89a017851f9e99e38c1727fe5ccad9a7a8709d6", + "tcId" : 68 + }, + { + "comment" : "appending unused 0's", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d0609608648016503040201050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a08cbe4009080f73cef03116ea949d1dbacce7025f7f61040fb4e052754d5b2d74c2dd06c0dfe1d09b97aa5739c809bec6d8cb27e852e9fef353bfa32964b99495a6dc63d6ce77460ac280c74c0cabdef794f74930f7f8827af1c6690d22ec2df3af497837bbe900a890e3feeaca2c0d16b0017155390ff0396a35ecb62b5992", + "tcId" : 69 + }, + { + "comment" : "appending unused 0's", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201000005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "500df36bd7d0b56642e2d5dab6e4ec0b148e7b8673cfab40e45c5dad5efc469b3321ce027a3a7ff5689366a18a32267d161a1266491b055f11557c35bd0d4f43df11b8a26f7b13c54be423b87b30b1dca956151c3ec3df03b30918a413179b0e064bf434736b323408e3f1330743c8bdbbb9d466dc1e21710c12e2e3b638b172", + "tcId" : 70 + }, + { + "comment" : "appending null value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250500", + "result" : "invalid", + "sig" : "11a382fe570e0cfeb515955b70ec89a9353cda0c5a5d3cfa3e16e41340eccaa18ba21ad87c4a54a7131c4a7cf9afed68b1c1645568bab9b0fe7dfe0437abbe1fb6cf06bb690f46aa2eca034093ded661c38954341f3f35abe484015150307ecafd06d4309836771dfe29bfe56350d68725e0cd02b1479c6f99eeba2d59f40626", + "tcId" : 71 + }, + { + "comment" : "appending null value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201050005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "110f3f188df46da58cdd46b5d460ba3d2f8d00d907289634d52a3ce693eb232cd6db738c48c8aa22d923d4f81d55925b3d4ff29ad9869f97a244d37b860cbd4646c6318c041729a7aaf473b61a93cccd62fe223d1be00364f03d722f43c7beff98c3fde573e7e6a0ce7d4a2a4bcf279765e29769bd4f884ce41fb808ac3d541a", + "tcId" : 72 + }, + { + "comment" : "appending null value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f060b608648016503040201050005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "470416ee76f0bbdbd2812b533813e4463b799f4036e6955f3e174f6287e3c73d57c32875607e2eaf06d612cc85170ba5df31286edb645ae9ceb9e62064050f3e7f6b36fe8fdae7a3bd89b6acc523c923b9d3f3e5f57d80c9100b39dde75caf46adcae56668149ce0b80762bc459ac598241dd79c6b4fe0220ad53e3c591243fe", + "tcId" : 73 + }, + { + "comment" : "appending null value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201050205000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "100714ee0d38c541c2632e96885a7ce0afcb22f0cbd84c556f19d1b44bce75a8fdf141e975dda1812b4465050d4615a51c3b9816606c7ac88d6b684df938e7a8852835dcf5bf0ee45f2e413290691832095af77eef0e7a86f72167dbb03758e68561f7f06afc6e902ba19fad57e00cb43c0fb2a5ead689a146c79c9e6188bd85", + "tcId" : 74 + }, + { + "comment" : "appending null value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d060960864801650304020105000422532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250500", + "result" : "invalid", + "sig" : "44eaf5ded57ac5c25c17eb31c2e071400b46b9022641347b2edb0b14efbd4eac5f71e4bfbe791e164c003667387e57ae22c6b00e69971d7245e381f6459e5f88d9dc0fdb385b777fe99e5e4d79aec057e41a1e457fe2b91a5f4a8878d2eaa1c3ad8393d281eca07ebd287364a19045029fa7ed0e62a21e5e42a88a52ea4abc8b", + "tcId" : 75 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30364981773031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3b8b17b4c7b66b2fa3be8eb404e32b6fc0b9e56bbe678bddc8f7ef7c042c12ae5290b9c4201b35d10e409f3b7eb7760f5dee7fef09c30ea858b78bc9637dab245b8f83ee83c75a7aa3d5234b0b6dcdec385f8cd305dfef92aa83cc0ecde8f20f08af78b600c1f802695c243502397dd161b6151a72ac20596a7d7efd8e321298", + "tcId" : 76 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303525003031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "762d30b302cd76b021e237f28017e48488ff3bb30ff9e92db5b1e76eec2ee91c9af03e1c5038afc22591b1cd8cfae648a33ab77901f9f3736e50eea83f7c7a4546dc55c0265fb17dfdd30250fa3881e34e51b4f2e54554ad098eee952ec888e911a0ea5df42c0560bcb4bdd718c88d834b534917e555c38fd1ec3593b2f25b39", + "tcId" : 77 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30333031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250004deadbeef", + "result" : "invalid", + "sig" : "8cbf9d425abef67ff0a7fb648e70b82b1556ac80e46dcff37145b9041bee2bbbfa56817e04994c9cf1123c6df2aeeb1637595eb1e20adef51d657943fd67826ac5d5dfba106ae9cd243f12746917a446ce955034b46ceb0f4d542b7bcd06ad3e6e10899d5338e6d8caf3d4de3cbf45d45a58d946a64d0bc13e97a4ab4e6b6016", + "tcId" : 78 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30363012498177300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2f4944e5191dde165950a381eee6cce3fd40214e6a9851919f5441b4efb7ae5724db46e92a747937c3c8f9329facb7a71ad5f380e44dad0436cd05fc312bf3cbf05c4873ab2125d605848cf97ef976f7ba8ab6949bdac5152bf1a66945caeddbd89346965a33a8fe0a0ba63b59beb05a44b6d84e1fd93506edcc48da12d488a6", + "tcId" : 79 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303530112500300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "975d07b7295268a8662aedbd2b65b5eb10bb496077f41b90d12d34ebc7e492f0c7f3a41d4164a279f06ea616f91968628be4ceecd4a554477bc76cc6b2e6bda4042dc253327c4b8fc40e9242cbc8b835114a7379a3081bae4b2803a99deb4a540f8c149ca5db3a61c7bc9f61cd7e55521660a06603849896c791a18d1c7360e1", + "tcId" : 80 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039300f300d060960864801650304020105000004deadbeef0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "37352cd11eb5ff7380bfb7c0d3e8d9979ae7cb489a71c31a077d59496547b0c95a760387ed50eefde0b762222f05a6033740f6e010693edf3ef8ab5f9c57f4eb1f6ccd83287dcc2e90857defe5ba4109bf79ad84ab069c85a25758d22536c6882919245fa2d7e7921b3635d984deeb6555cabdfc46a42c75875d55924c8bac62", + "tcId" : 81 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30363012260e498177060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "05df1fa9290a68415b86468a57394c052f00abdd6c65eb4fbbd834cc117cee4bba99764906fdc46e78bd9d554d15cf0284a64dd0c19877115c425a1ba70c1a4339a54ba7fd60ec809b9b789dc06997c2f25e890d8bdb1bc945c0daa8c61feab5bca471bd520126b6db3d6077f55428e0e7374da961dc5cba5397604303eec6d5", + "tcId" : 82 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353011260d2500060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1fb1960934683292a4c92cf3d582cd5fe68888a5b0f6c2e64538289da7f96a9efcc36bdbf1fdc0cc0b3b36c6af608309de58c6151112f3a78599ade4a718b359547a4cac9a020e5e7e7117d1bfeb3ec21bfe9732825e624b27ddf8a946eb858b30461706f769a54b0478e0753388951d98129383590186b80836608f7e06c72f", + "tcId" : 83 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30393015260b06096086480165030402010004deadbeef05000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7e4f953b288c20fd5bec56a00745db9be03590efcb637e2ce2119a0a1846e9f38c0ebc5f2498ebde6217d81c9939b6d6a6f35ba54ee50d6313d3f2579751e7ae8d31ef4b0e99ca2e96c80459a7e5ff51f6f31e9c965be19097de13017c90037aa482d197c986f50bf2d5e1acb3f3024605e46d963410a4a623c898d0d773a78e", + "tcId" : 84 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303630120609608648016503040201250549817705000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "53b8fdeb2d8aee9796a56afe4934221610ad028ae6f9478c90d4e865f3f78b3d27b383f87086d50fc4d96c5004d8a22a0c5d32afad45fd68fcc3e9115bdfddab605c81f31d0a8ccffcfd5fdbfa0f0a4386649198b11c10f33ec5bd73c713a6af706e617a3a1e967f6ac025e7f283e49bb9ea1fe3a4f27d9f6caaf1bf4981ba06", + "tcId" : 85 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301106096086480165030402012504250005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "90a5d10e2e19f7e016d5126a3d3eb91432611ebfd411b07a4be15aa48c39df33f3a2855f1e150ad34c7f83973bd73eca6575dcbac4086aa0a38db3d6e6ee2e9f419768493fb4829f1f6d67f80359f82d95483d6057de17fd388ae46687c429dea4d9f7a286c95fb1b9df0f1ba40a4263307789952b1bd07cdcb3b5cef10d9d2e", + "tcId" : 86 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303930150609608648016503040201250205000004deadbeef0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a88d38e8c765b7e439f42294e71c1689a318ed5414efdf474196989829d4989fce8910798f4d7873fb43d3a501fa15c8019813104e4699597246db66f96c838e45aa3596a1d26cbe9f6ee91c077422953b402f7e11f8768a2f132295bff79a0d10ab843cbcf2c921113992336638f4052446f52815328ba4946510a6b701d448", + "tcId" : 87 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3036300d0609608648016503040201050024254981770420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a34e59121976568352ea031232f6da386623a1c6866e36d6c6c07168de977faf6e008f14fe22a27d42664925f756f4b57f5258ceaa8197c3c172068dabf3c6cd46b3cf0262931bea731249781f28361c25cba9b64f678c0b2692056469624d0204bf2bf9c4e87407372838926e6b34e68cfb31e2870bfb5b0fdfa2ec1e177149", + "tcId" : 88 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d06096086480165030402010500242425000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7f642b5702c331dd76b7ff66578a2c0547d91c556b7b9751443d911729fb5ce8426515ba068e2839cfdc956eb813c25d65a2d5213b59302c0ed5e6fb95c49002edb1605f8f622912fdc309d92e6e3f188ba19e991fab0a7018ae4f6e70927d91cffec51b2dcc8113908faa1173ec9ed72350aa93a8cadef8bfa7305bae22bdf9", + "tcId" : 89 + }, + { + "comment" : "including garbage", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039300d0609608648016503040201050024220420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250004deadbeef", + "result" : "invalid", + "sig" : "0abb75f2fac084da0b99bc823c021c4872e23302a6a25e400b6f25d60f7c903899a69dc548676106b44f37c1e6d2604eb995a16880a2a8e2cc9e0ccb2b984ae482036f69a6ad31a2b5836e73e0d30c3e10f8b93c7587d7c0f2371183edc3b8cd0fd7bc325b1cf75e1079f8d6df53fe495722cc1ce707cca49bc6f4ed2ca6c4f9", + "tcId" : 90 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039aa00bb00cd003031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9f2234b108a45abaed850e19d2f9576f59bb83dbc6165da61c4798638f9c98587c7eb92a8c901dc4430e4a47dc05681ae811ffcad6f7a604c43551cd0f5d123549435d622f7efec578301efd49dc6b139abbc3c7d6a26858f6d18f09b863a145d6483c9efc6c322fec1341b6362dc1d752c714efcdfb09097a0ce6df7dbe88a9", + "tcId" : 91 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3037aa02aabb3031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "24ba137a293599ab7e50a0a4f8c7a5cd02dda6a4568c93f84d00ff47296564563c9051b334db2fd2c081b23d322d4870a61b2435d651d7efb4e1b0920e759f7fd81a937bbc85ff43dbe2b702dec3acf4db68d5fd7b8a2f6d32cc49a7300dd659623b391927a2442d69c6c3c29e59eb80b1d0a95bec6d18a6223cf4357eb7cc96", + "tcId" : 92 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30393015aa00bb00cd00300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "04023dd35fa479f8156794d02935f8669c023c774b95c5a0e02837e32ccaf7a4ba5195835a15de6a21796eb96bdaed868f9e8b7f0a5a21c1a3058f53aadb62d6ee74cd70b2c38f17e42a1f7ffd88955731b4e15368211ad53f617aacbb54a7e7078740ba6daaca81c1b321b748ea1d13f7aece490226636ecac41bdc275175d6", + "tcId" : 93 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30373013aa02aabb300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "253bed76e4b8465ebfffd1b7214ce586294d3bea290517ca2bfc417ba9d8e72d286570c348dc6084fd379c2bf4dae424189964639533e17c409ae18e445210ed4dc98de4ad7336554740d1532d5010a1bd7ebbc33ba48a3365d50669e4f4522d0e5ff7a3bdb1c42c42dee647a8a3ce16633eb33bbc0a869e12cf99f9481dcf85", + "tcId" : 94 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303930152611aa00bb00cd00060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0775598491297eb9004eed66234ded82e047ea2f06837425e6bd27f33b1373667f3ff4961d60f85edede88ec2bba2680151da3763f0df9785b31771da7e643862ff9ba944ab54bb1356ee113e420002a873f1eb381660f3eb84b1d6b25ccb8b82ad12ad0a449c4de205144873329e80ae8a84d1d3c1660b3303cbef28b48a553", + "tcId" : 95 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30373013260faa02aabb060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a73df043d06ae53a37773016a4e21d3f1093c50e079b189c4bd7db3e2e9875b14e5374cb8e7394a9f1b45c7e4e9dd516198bf5055b30ea4d205f39fddaab3da0cec63524bdae2ae166a3874c59057d93855d6e6314fc5da8111ff58666a73c00a105311859f27d2fb92f507531b9d681e219861e4f0b2b979c185af2690eb4f7", + "tcId" : 96 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039301506096086480165030402012508aa00bb00cd0005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "17e5a889b8139593e192f7af684c918f2751f157214863f88984ff3d8c9e381d1bee5ee788fc82869f4c3d8483e3c17c873a850a7a5c85e4518cbd8531b331a308a0368a868bb7995ce0f8a7ac5ba53b88c31c958dfabb36ed461472505b598418185b864f381342c29dc80e55ca7c2095e7788e7e8d385d61de605f74e431b9", + "tcId" : 97 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3037301306096086480165030402012506aa02aabb05000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a659f7c44e4589e9f6658b0b57e82e65d5ee9fbe2376894f558a7ca4b6e3c5032f953d1dccfb9b76bbc53dd5d1a52cfc092c6ca279b37c0a43c99ec0553d7ef4d9bf9361a1c4a3fb7496aa58c0af518312e18819fffdafd1a230a38440a6fbb0e69babaa977b8b5fe08ed7c6d59c0391ccd80b42a0c0102264b0ed6af8524e9e", + "tcId" : 98 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3039300d060960864801650304020105002428aa00bb00cd000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "83fd4599a47bc0852ee1a12b2d97fceae6d8442fd089df1d21ecc252a410982410bbd2cc6bbca219502c2934ac593a09beefdeb54b0692b3e5724b79b0f5c53541b62b0c4bf80a658af71d5964fc6a1fd7823370d00e24dcead4bdc86bcd883fe3f48dc7f8468ce99b7580306007021b68b48ace274e3c09a1b5e21fc7542ef0", + "tcId" : 99 + }, + { + "comment" : "including undefined tags", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3037300d060960864801650304020105002426aa02aabb0420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "4bab6fc6948143f8ec7c8ad86a0c5cda5bd8151c24ca7916857778729c882581603363fde0ae2a28b6f8f2c8ce8d5f6b6e731bf8ef735bd31318069544295b54b04ff2abd1e11900373931164586d7c830bae704f7314eebf1d32b3a171274ed456e335d2a0b998ac441053ef096a037bfa6e5cdf3835c45ede383f0ee8feeec", + "tcId" : 100 + }, + { + "comment" : "using composition with indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30803031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "2d9940c172e83a1ce38ce52741e694c7b62c77a63c0523ef68ffde402b0cdf7102afa7005a731d399757b69d313c2970a61f785c12fe79aad5398a956a2c004faec802691b00246cb759b0db432739febfef9abece7bd95e6ad980eb9d8b53886f739035b71fecd5e5ef0f0c0990a9f8fc0aa5d18089471dbd53488c23630415", + "tcId" : 101 + }, + { + "comment" : "using composition with indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353080300d0609608648016503040201050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "69fd1dfca1b436593840f946e6113a79018c6cbc4e2b4562b12d06c03c7cfc1e724841ec59aeb0371c67a76a089a3f83f837255719bd648bc0888339c54223c25a238e717d1a90691fcf9690a3fef132f034cc03926ba8ae21dbb68467669cd19837907ca58237b6619be08a92ccf8e5756e3caec34a3c2a4622d7154a72256f", + "tcId" : 102 + }, + { + "comment" : "using composition with indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301126800609608648016503040201000005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "58c64866f9c1b6cd94c33fd708375ee8462f89efb1c72322174a1c5ed9117885bfa4a02ef0acc16d6a078800b84e9fbdb7f8f4f232091326811e71639fc1321b31c15c9fccb68f77c79b2e39b817478539636966c0adb23407401a4c68e6cf5589104a5557650ac389e4fb2a64191014c4e8f9af48f8a28f555d5cc32d7a87aa", + "tcId" : 103 + }, + { + "comment" : "using composition with indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301106096086480165030402012580050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0ba4e7900332ef20ad600bd4b8c0bab55c1030138c6131c1cf14a45fa98e10ea297ff6c2b8de3d92bcab6f1d303f4f8168848b2fee58ca40fb1f1c7eeb808c212b413f6f302d2e3904c2be2fa77fac21d04352a0abb07aae028e54d9e08ce37a6c210ae47095890d668cc1c296c9db1b5ddec30b722790260dc26c85e35f6692", + "tcId" : 104 + }, + { + "comment" : "using composition with indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d0609608648016503040201050024800420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "6f7b739d7e604a1123a232be4d0909a890eb3ad115f822b91592563a55fa59711f7ad17d1370abd4a6af6dac7ba08b6ae111291b0c8fd0626bc068022a8eff5ea5b797cc7fd35a81130a9394f051d2bb6bdf6190c11b964dbe2e4021a71ee8b405d0baf91ad5897d9ce22c8c1dd0e7dfee0e6abd979f5a1cd9443116c212b806", + "tcId" : 105 + }, + { + "comment" : "using composition with wrong tag", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30803131300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "53e00d738939553ca6f742ccc3671c88fd2319dc438d046f06011e088b57df8703813a53fa9c68a8b2de333445fb739726ac2b6ce3b2800e3082f48b823a06d0b2a83fc4c0b2e6a40fc2d86b73030e974f101dc6fd6a24abcc6cb347eeed08a4c8086d1fc5fd68b0b36fce0c79e5187c38c8a4cd35973b1755643aa28496fbd4", + "tcId" : 106 + }, + { + "comment" : "using composition with wrong tag", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353080310d0609608648016503040201050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9382e341df276efda17aaa4410801a3ba0e4ccd5f0b61cde2416c7a8345cab1bb1fcc4a4a1d7c4a03a9d9ef68c83f2b3e08fc5893324159cd3dbae159bab67b109e55db550b540aa6142531528281732f63235785e145ea0defac4e67e825b30fbe9ff19687436d600ca412053e2430a1d1b637d4db255f1616713f3a2ad135b", + "tcId" : 107 + }, + { + "comment" : "using composition with wrong tag", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301126800709608648016503040201000005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "01ed4d8d4a342729f18182bc4f7645ca0a5216b57d4d26b874832983d19741673aa7c0e01705ada27ab779b9b84f431e83c621a2dd7ae5f501ec369273d297144b76477f4408bca5ef6a59053c1ffde80bc228f99dcaaffb4c520c507b3a941399042f0c535015d86b2b5a95696b71ed61ff2bb585442b85fa2477268b71f77e", + "tcId" : 108 + }, + { + "comment" : "using composition with wrong tag", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035301106096086480165030402012580040000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "21782ca777e07848b600c37bb0a881707e580fe822d5dbb78f4809251a5cd74cb6f3636194cec8bab9040339da6531c730060ff5ac39ac9ad56a2371fe21e02ce08da18778d2256276c47ef0261d9c453360fbc4a2cc1dc7a8965ac2ccc17b460b0fe359ae4fa53f75efc68e96762cff5d98be46fbeacce2edf1d1bf5e158653", + "tcId" : 109 + }, + { + "comment" : "using composition with wrong tag", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d0609608648016503040201050024800520532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "1eb6de862a77d435e62635b620be37fc8be499500c19b4d87b3f993b9710f55476d3f3ac27d5ab2c1ec36dded088bc50ba5c0540934fdbb5ed3309babd766726ae833aec211a526caa82bf08f1704b66128f24c912c8c3719170090fe1a2738b0da32f91d35546a9a499618428d368b326203aeafce635668d3d5fde15762d84", + "tcId" : 110 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "2e31300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5770bbbb883f93f7c29bdab32e496f2e9063110fe648705fd0b1dc927052fc9ace9b36d898d19cd4f862b777b7c790d767b8313f735ff567c34cfb31f29644540645beea182cabdf789ff9ac3f68cc20444af0b9d4ec0bc8992945063fdb733cccef7590a10bdf491bc21c38f25ff65a581b40343e30529c3dbb71f62189ba3f", + "tcId" : 111 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3231300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "359dfbf40d3c2383f58bef1d518abe9852ca80d797393e4e1a9380ef08aa851d585213e8897c6f701ab680b0f63ccf5ea4216331918ca9a984fb6ba549f4bd066ec1fc4f1ed053fa5658b01df674a21322ba7e21fba6cbb3a8eb5565fb7bc269f99c65981efa650dde613ccd6d3927cdae45922d94dcf7ca5188bf5acf84035f", + "tcId" : 112 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "ff31300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "24a61067121e9b4363b816b7c5750584c23f3c3200ca929fdedbe95d7504c56ea7dffd762074e44e96e22147943f2b704003967270b2be1bd1baadc3861c4cae91bd41530c67220349db4481d324d9927d52fe85618ddab2598996c5813f3299e1afb020b24003fa94f94a0c6c02b3183295e0de79eda021dccc5539cd7874ce", + "tcId" : 113 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30312e0d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "11b8d1dc2fa2afbc32f048d7454ba032b432a2ecd438506aa72c697a5c118e9e231a0c6b6340b5564402b7e837c59dd36f726fd626621b8f543964198484087eded70e7bb1dd63df2cea33198b9d02dd28e3b8bd006ba991a8b3bf06ac928bef45cba2362f2e11a5fbfb0310e84e8b7ba1e17c315adc1f34519134c36689619d", + "tcId" : 114 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031320d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "8748f029d5294dc917cf4fb347e0046f903c088fd976ca97b1322738549df7c56cd67349d66596338fe418b29de9e8af8872fcdbb55e1a6f74e9965fe7a365b846b667d0ae50df23083be73cceb59db545a3e1a560f6ce0e9eaee57b5f95b8487a3987c00f364d0f148ead6d7e6a37b05456b913b7a79c0547b80da2a2893881", + "tcId" : 115 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031ff0d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2bfc087003f3b98f0c8c5273de34f5e4d5047e909cd80e222072f6a7926ced5ae169131342640f2be11bde2f7565c3c63d0335614dd278915514de8421f4521f0138109a5c9778f86647b8a42815b6b861f173f5a6df893873f99c5e62bc3c086150e3b7d7abb943ecbe5806068abc433e9052d9bdfa19a58d19da463dbf3b23", + "tcId" : 116 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d040960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "0fe03eea6c50ab664bebc7d64346762aa29b08b61f2877973cd543c9533c9d0451db8d836eb46e8d64283306efd7ef6387cdc3c794f7474f2e7d51b9df078095adc85fb810cae52434c9cee5048fbff72610778397fd83204f44bb87f7637373d111dd16e18287bd9ffe816683bc3663f586082fe0811ff6a06c0264b67f7716", + "tcId" : 117 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d080960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "748b9e64195314003ca31f726bb3d3294abd8eb376365acc5b1cd36934bbe1a9bae99ceb7c1a40c910bca6007ced7961ecc9ac74c7a6424cc87b6b9610320ab9c5b527d986c6e8ed21e677bbe2ee7752e2dbcfceecc2dd6da3f6c6b9c81435e9e060dcd67ba834729761dfc9570b79bb1b8ead7bc1325c2233e445eeed12dcad", + "tcId" : 118 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300dff0960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7379bc96dd40d37a7f8e58f87c10fb94f250a964a55b2abead479b368e60e442e6eb864952308eb45eef1d318b6a5ffce634fcb886dbfa062060b9809cf89a09a26fd334ca22a1917fd219900ec0c68164c308cb9cbca3fb2b89ed8637c5540f7a5886ab1e52c503e20edd6316e41c746e53917e107ef5308590800ad378ac97", + "tcId" : 119 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020103000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "4a2478918565be6b46fe61e5f66cd1befb7a3026b5a1502e9a42636b0b924a02e85d7ffdfd8671b1d6d3e604e3ac6a5302db4e0ae0975d0661efa018d6ba0c632a6381368dcb75926542c74823a8c6d8732619764d5a61062fb3b17ae243bd691c97c8f9821af9526abcb522ec8e9dca32de1989e576e336af9dddc3e766541b", + "tcId" : 120 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020107000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "5ec392c91cc165ae59013337e7f7d5f2f9b3a6d45b6f6beee6dbf93e7b9607900f4672555a57de6e9e1aee1fc9b7adfc0dc00e122e84b0233c0d615dd0d79764fdc9d1b0e541f2de0083ab479f313a07f55f51390d1c2274858b219b1ec0601b82a2f7648ae95ec17099067a173e3e83959b6c06f149af0e4610761aab5be1a5", + "tcId" : 121 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d0609608648016503040201ff000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6173aef07a7057c3e97f6b7d4d7266918876f9fad86000b4c8ec7f83ee491563115b0cb5d580df8c97feb0d95866eabb79147926f5395c5189554749f4a2c75c0d96325971635be029062e1f27536c5041bb42f42e1fa10e21bb8e9a2e2502f2a7299dfe3bd8720ecb8a57238056ab0eb546de8dc0e56b317c73ab1e19772596", + "tcId" : 122 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000220532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3b80c72f3b7ada8b38b30527bca41180b4a89b066f44a17b9df5963dca46517d9160326afee7a34b650b9e7746e764958ce6a0a6268481a8df40e0a95a81ab0f0bd20c050becfc0c4b03ebda19749a4a1dd3ce925fafd9a4006a835eedf221a6ceab6aac6bc74f743fe171ef8c01935f8901e1ec9ff6e33ae8311851fa14a65e", + "tcId" : 123 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000620532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "4b0eaf3ae1c7a3322dcfabee0569aaafba51e0f34fa6afc325bacc853ccd2daa3dca56c918325bf553af02ddd19fb597c368dd18892d52d9e935dc51d38347ebae2a7f90c78504355f6899ab4452d5f51d2025381d81042a08582dc50bc1078246ee69652043bb747969a7450659e333193990f34a8ce3f036221193e700489c", + "tcId" : 124 + }, + { + "comment" : "changing tag value", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d06096086480165030402010500ff20532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "1fe7b390bcbd5bc1904e676111653e14e581e7817b45294bb790e4e62f3010aaaa77e246b29729f2b7da65a2f437b8d9c4fe3b26baad367a19fd7b1758d04c2f788c45e5309a833522b46d7255dd5ef70ed006ef966aa7c648bd0b893b8e1566961c16e9554fb729ec81819f1b3da890d413a153f487c030c7581da9531bf134", + "tcId" : 125 + }, + { + "comment" : "dropping value of sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3000", + "result" : "invalid", + "sig" : "317379f37cb7f21fd03259a27db3575d491a248df82e67b39d4956a1c619094fcde001544f0fa70c64dc0d0440fb21d2860a20a911cbb397792bf3eafa5cc050e78b1e7bb29d041cfa0287bdf54a90a7a8bff5c870e898fe34bb522477daf8e003bc22891b789ff215869cceb92610c4b03210d19506058d941e6fce7a3cd786", + "tcId" : 126 + }, + { + "comment" : "dropping value of sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "302430000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2de802ddacb7e47e27875943d5098419bca3b170bf74f1c4b4a8ac420d4469d9aea97592fbeaaa1dcb5fd20bb97afc5f7abae17a9bb85c5490db97010c5217c88f9f52b5e209cf5fba5f0594f4e4450114dd0348ece336870a1333f7660caf959056ba13b77d35239eea164ddbc8808f8e7e1beb070f551b6e95f90d5bdbd925", + "tcId" : 127 + }, + { + "comment" : "using composition", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303530013030300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "09342a8fb8402b5e50fbf8c5d1cae415ce02c0a803adfed88188982129e8480918dc21616bb5f8381e8dfe13f63234090c32e542a005df70df5e8e00dd2a478d10fff1b61efbdcf0e410236f7c031c9a5f7cd0db9098f8a32a6a49f408e72c4a29b7d27e8041ba605bf089bbdb9777e19b31ecca0d49b90d54701721af79cf3a", + "tcId" : 128 + }, + { + "comment" : "using composition", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353011300106300c0960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3ef90c414a64601c538c286f2c35f32445039799b8c266eed605027578edda796a409d905a751bf5c1cdea97840437fa82733d8f27efbbc05da732887078a8f547bbfb54607a54f893df7dde0c35c45f9c2402bed0405c72e98175e5b9d6f90224e07d12e8c1bbad2fc8b1a14c42dd5fb7e554db5edae89d335705c672cd7b55", + "tcId" : 129 + }, + { + "comment" : "using composition", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353011260d0601600608864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3ad3e4ec3636b5eb8aac2161c04d228491ca0d9da2abd69d8904054373940b39b5c025c011c9b9508a25ec25b24a0837cdd6a27cb5c8ba3683d90ba5912ede9a21f2f7e851dc49dfebea8807576be703a6a87ca44c370db76812b9929a54fb8e2259453ccaf47da1b8ddc5b7322c20197604b9e028ec00bd7eb48012274d5b81", + "tcId" : 130 + }, + { + "comment" : "using composition", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3035300d060960864801650304020105002424040153041f2eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "778d93be708d56defbb6dedcfec2a917a3772b2810e26143db1f9d0f26c4fbb8de8db5818aa32ebb2cdcd7960e593ace2c3c3eb682c930cbffcfa6b34438ee2a786a9707d5d10902f7f4d8fc677106275fcb6cb08f56f341e0f52af590e0bdfa2f2bf95693265e87f5046bcf3e6de34810e8eaa479f3afa2b0a98b175007c209", + "tcId" : 131 + }, + { + "comment" : "truncate sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e", + "result" : "invalid", + "sig" : "a3e0e0cb9f7cdf8a2b95139f7c475f274bb63252385f62e66f82158f429e74d83df9ab1040717d34b6a5e009b6ac95960826ee83bb298ecf900425ff03a8f156053b57eac6086d61dd3a8085b84c83bebbe3270164e3147ddee8966a026796401fa48da70f5d949386eccad26b0016543f3f90c8ac2874100dce13f03845509c", + "tcId" : 132 + }, + { + "comment" : "truncate sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "84345c9d3de7b5da2156d3669a731c4baf6726c4c231bc8bcaef950d7ac37ca8d86e9c9558404f313de3fdf09024d25491b0a933cc3958033210b1c4f90070ddd083005873762566ff2cd7f6915b4cb430f5e7e1bca8c2ec32b4ddee48aba667f9d614a27c3bb40c6cb7f0cd77d3d17257f197974d1871cc09c9583cc6af8e15", + "tcId" : 133 + }, + { + "comment" : "truncate sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300c0609608648016503040201050420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "227aaebca262d2189c479ab46d8715a34100bc1975c2d3991a4ade27376f068756cc9d89e903713bc28394d202d81b32126d7eb09154261841227cba6ea0a60d0ed9302f816fb4dd241dcd2d746d5c1b068c42c0b2bd567ef799cbfd0a83e8a30c4fa2f7296dceca38c36ab597ba992f658ef7955d32d38847870afbca35d836", + "tcId" : 134 + }, + { + "comment" : "truncate sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300c0960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a4316d438c7091b3bd5ec09aeea9095cb5046d8f08642b087c34985c34377bdafe74285d00862fba20572ce7a06dfe62b4fc08704d1cfb161cd88478e7e1c5451e0bdcce0fdd83c0e37fba5168ae03fcf4ccf60fa12c9b0acb39fe99b06933b9e0774f41151e0564ef805144c0cb76101672c287912197155d91bf036e84d1ce", + "tcId" : 135 + }, + { + "comment" : "indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3080300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "447904593d2796cb9851fc38f6494697af3eff1997568a320a0e6a50d62b484d7254c99cad3897f7383da73ee48ee824f7f6819c7dfce18021e7cb43b48cd77532c6af28e9adbe8005c576415c379bb7bd164a49010f0b243f60064f1986d1923146be8e8a4eceb9263445f32e49e5cef3e500467f3cfa9102b51b2772df803a", + "tcId" : 136 + }, + { + "comment" : "indefinite length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303330800609608648016503040201050000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "01ce4a92bfbefd1de73607085c875704ff40751537bbce8ae2df9b10db01443154f415a936b38f937f7514763e20de0c55a1b441c5b10a09c7e09a7070cbc88becfaa8d39ab1cb93f4e2d1dfbc973715b04bf5d21f2cbab061ce36c81642fea43d0b11317961886d8783c628947b8f14be0864674e84c4af5f9dbb1f95b327a1", + "tcId" : 137 + }, + { + "comment" : "prepend empty sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30333000300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "361f80a57ddb48796e50b3e6467cb00a9e1e193330ecd2cd6a31f649b49eac27e295450efe03e09e59f1829cc661d36b0fe904602c644aad7ec8cb2ca3099078b6d4f7b9233dc159fd1a6189451fedbd176e436f6605f2b889fc7197ebb520accd7f90e543da44453c7ba1948e83e31f5907d1989d982acbb348ca2216fe050d", + "tcId" : 138 + }, + { + "comment" : "prepend empty sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f3000060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "674c01596bf71fccd36aa81b000be007f6cff713e5f6ffe58b25e790f9a1f6542ba3f68e1eeaf1bb1ac6c3d55aeaf08140f6cc3d0474f6bd87ee442568346553ceb34efb5301a4d3a5b3f28a5fb038ccfe8444524d18adfa042aa1685fc3a5f9005da5688853b8660ba74f0e32c5be38c743b0048ca9b9fc19a35a5ff4e2c48f", + "tcId" : 139 + }, + { + "comment" : "append empty sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e253000", + "result" : "invalid", + "sig" : "07ba2b5d519b1f60dc455d6ad90b4135cb45c5da5a2a2c9b8cb954165394a0f40145ebf2b1a3ff1d47f5031d542d25041fe9b6d78aab623c40eedcd8467618168ad02af8a696573c5c63cae0b2c26583b0240848d663fdd0195322bc2c8dbf9b5db2ff9cc3e75e70480e51da0d6dd402fa87772ddef5256467205cf41a42d18a", + "tcId" : 140 + }, + { + "comment" : "append empty sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201050030000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9fd302307455d4e946c1ccee65b0941c3550c823279cc52c4f29ecff72a12ac40ef6b7e37b7dd774b7735bbae89b0792908bafc47f0b0a11637042fc8541b346151bdadc3990e64b6d1807dd0e7f9266ceb3f686a9813341f835562d3c8c84868a1f98db97d3e695ce4a25fce80b828d010d6323120362ac48700abff8a7116e", + "tcId" : 141 + }, + { + "comment" : "sequence of sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30333031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "247aa1cb69ccb72795c93809d7c3a5e52de98ec5285196058a6ab18ec2f5d9fef5545ab5df923f63bd58f5f247b3d824bf161bcb56d325d4e2fc7eb3765dd81b5580422abf2a3bca8d8af94cf6a9a3133b1494f66d5cbe938d30b9308b5ce2cc6d3df37d3299b6a7616d40afcc7935d80225e1a89a7a63ebff13a66e21280a6a", + "tcId" : 142 + }, + { + "comment" : "sequence of sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6d6248f823020a9604bbafe5acc103d9bd020624585c95805533de22afa3b6b1b511f8805296ee4d3e96d707c91e55df8959464ddb6d6a3d62b1cb248754302b2833406300f4975d913f1b90f95e3673e2c57d6181d73a360e8c818b8a9dd1e7a4fdcd68683f11dd47c2d395f20b0ce9c59eede6ae6aa58a707c4ea8d1a73a9a", + "tcId" : 143 + }, + { + "comment" : "truncated sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "300f300d06096086480165030402010500", + "result" : "invalid", + "sig" : "941d41c39aa8bf3879d16cb78c5486589e7b97e56a0249c4f613060d26b786598fd2d34bc4e99cc8888137975937307d6a328059a09f3b994bf955c7de4a2841a0d10bbbebb2db3b332656f258c66c8d50cf9155ba94e1cb21a78e6147af76958ddd997665b6d8f67ea8f5e1fdbebd7df635f20494489c895d33ae4c7f248bad", + "tcId" : 144 + }, + { + "comment" : "repeat element in sequence", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3053300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "a32afeafa2c3b58bef55776ef6daaac6647485dde100d968e0449d1a2d5a121807ca2fdd70e2e9cf524cae4f263e11837000df85f0886b718ff45cd316c8d031b746dabfb956dd6118a37e0dabcda1ce9c728afd9a5f2448f5b15d27982218888d457752485119f53219315bf63141c9c0802327226a096403ece022cb27c0df", + "tcId" : 145 + }, + { + "comment" : "removing oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3026300205000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6098a732419cd71887548ccf4fbf3edeaf9fe7b220bd747ae1b995b746de1f4d7b48c73ddb71903f50ccf7c93be9c8219de5a75ecc302ab50356069dfaf642f32ec580a283519fbcf04784860b0660174dfb7e1e527bb320960bde8f6c605bc3c1055b878d2adbb44e1b6c41add15cb603345c4fe2d1c0158fa03f21b4c015e0", + "tcId" : 146 + }, + { + "comment" : "appending 0's to oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f060b608648016503040201000005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2f08cdca4d621007acd15b1f4e3c39882a8aef706878e8f101e7fb250798a3528dcbf4d3327ceb0754a2ca0850794094dde8a875cb947d624d386ddb9593259c53ef2311260ac3c9cd1277050ec98d105188f590f198ba908ddcf3f9ed18f5a96cc6b353fadde007658f87ff4c201db7621d69c8278305f3e9f2041a2dddfad0", + "tcId" : 147 + }, + { + "comment" : "prepending 0's to oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f060b000060864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "10078ea73abb9bbb879c9d8139b1758170fb73b34f39cdc83e6a725439e315a5cba4421fe15e8c80d8fda0a9aba9a12c23aab41f7328d4191e6c7c3a53a505ab518dce078439347945671ab06a2cd5375457b3bf181c40a1a4be1ea8305c9a401488532c7cdc1150fb9c46a2e846ce4a2fd9ee863d0b0b8af7f10360acc47f10", + "tcId" : 148 + }, + { + "comment" : "dropping value of oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30283004060005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "69a74665f61787b54b522937c534e95e91917f5dd4fa9e3472add6e21dc033a275408f35c71ff6cc029e25986fe6dced8ed053a9040aac32fc444e9252d2bd4081fe3e51ace15a0f694c0b8953dd6afa7f8cac67f4d8e17513b415c14b439a634274893885907e2ea428a6e242154a58a031fedae31c73df7cd4e2f5591496cb", + "tcId" : 149 + }, + { + "comment" : "modify first byte of oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060961864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "8f3b544724810d462cc9b19f356e61efe7c192dd63511a9f1f63286ca81f89477c2b464f8e51a97ee138dcf8c6709d79a78591081384af7cb5e182c9867b826013e6191efddddcc39909d3ffbb18944503b69d774c959831a8092f4790a4933521100c3e9741c3b58e1d24b75425ee28fde4e40c249b4dccd726cb06cb9ad2e3", + "tcId" : 150 + }, + { + "comment" : "modify last byte of oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3933d6937e977caac37a07a5c4ae503565af57e6c4e830004147f8bbf6784f79666d89cb4cac60e3f0aff2d5ed6a182921e490c958bfa49c86fcf0270914c102275b0878f01795c7a2f44a8a6f5306aa67a81f9294089876801503989e749d152c3e34906291f1f54bb6232fdd3d51e807f70927bf38ef70bd2ba45f0323acf2", + "tcId" : 151 + }, + { + "comment" : "truncate oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300c0608608648016503040205000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "7b2f6581fb0b4f913ed38c0ea20dff2bd60723f2bc3f1022ceb946e48adb75b1e0be031dd8b706d82967f93c6b6ba496d8c4b49aea9970e139b18fefdce30a4ec04f77625eaca4c7d1265cebbbcf53b63a113cf06bc50e4a416a771cd28785a0075631a3ef60c9212e224aaa063e7d8109c27e248e6422b26acd02ec012b7bf3", + "tcId" : 152 + }, + { + "comment" : "truncate oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300c0608864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "4dc9e86e076a395b530868d9fec9f858bd6e8c10cc1e32cae7653abb3f23991c677e970ee468c7f35022f3241f5d35673a8cf4ce9134b1e63a994dc7abc8cf4b9dbbb126b314312539931a0163c911f0234f5c3f683c9376f2ecaa3294d71a1274f6c63b84ea8faf826eacb05e4fa5459b787ff384b2cfe0f1f4c755f32b5c50", + "tcId" : 153 + }, + { + "comment" : "wrong oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "302d300906052b0e03021a05000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "8bbc9167821885a728260bf9831120ecc42c14b2b07854169c86421146367d1bec66d8c3daadd115f16a29754e7fa8fb70a63966f7838484615d4364311b6c3f6e73ecd8ced0adb52db2c374297119f5fe571bd5396529d13b7225e87db5b5b0df38e4c56f2349071b09ff5c1ded919b398d4aff38c6ae29af6f6ff99d3e8836", + "tcId" : 154 + }, + { + "comment" : "longer oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300e060a6086480165030402010105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2054d402bf6a148b52972b830c8c8a16a6aeddbcd5c2ae3fd83de67c666e712fa98650308658837a67ab87b2c444bedc7cf995c19af433da9343f260049b1bcb436ebe27d8a502728dfb0daac5d2710e2c39fa000b909aede07ad7a0d27629e0ac27ed9fcd41a39e09f7acdec4c2df77f38c535f46e3b96f2772a81e65e74bb8", + "tcId" : 155 + }, + { + "comment" : "oid with modified node", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304021105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "3a94d241563a2ad97574ec82baefccd9dd114e21fa9169d0f54c4d0f57826224804ddc9b29c1905c59f39bd6aa3366705a85f5e6e18c0eb0f67986b5265e7371865b618e90e5c5313f0b6fce2343aa12d4ed44d6770fa08d4f1342608a4fb627a273f3a1f1340d1f5c55957ce51048e3690a845851009cbfe38d3c96e96d4172", + "tcId" : 156 + }, + { + "comment" : "oid with modified node", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "30353011060d6086480165030402888080800105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "079cb62831dbeb40a638402865cc92cb49913dae214babc3f4f8d69d64cf14362c23c8dd6ebcee9c44633dd54a62bb2f0042c20033728fc2f8ff482cf0be3ee103bacf757b50319495d9a838844ea1064f4bd1f1ebdc1b71a318c3c8f7d76ebd79ef2f3991d4d87e110d60e5fc655adfa4a8e792e46c1c7aa96156b884e2f7a9", + "tcId" : 157 + }, + { + "comment" : "large integer in oid", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "303a3016061260864801650304028280808080808080800105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "2c9083459ba6504dc10e0e63edf8ede8bdb4a9728673306908ad4e8f25656d4865f0748b9fd2cf7b51db0a2c659e0ce021fef3d2d3d0cf7c45343729c2001a19d37e29398a9a7e92d7f62693252261f1f7406b54af5447db6e846f981722059b7bb09ba95268c321c156ff659e0ce8e709d2819d5ce15f5dcfa54c55114a611a", + "tcId" : 158 + }, + { + "comment" : "oid with invalid node", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300e060a608648016503040201e005000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9a76669c75f0f11399699f76e7bfbefc0d29feb5a8d86de1f751eedbb5c9e7b81ecbc224534db67cfe1b611951a6ff499d86e11cac4a1725e2ff707085a81a76c73d5b53d1b0b2c4fab2d2eebe57eca83242a261cfca768abcd8e1f42e3841d698bef3d4f16ac2dfab0fd42ef0abb0463474367dff7ec99d665a9838f2cfc24c", + "tcId" : 159 + }, + { + "comment" : "oid with invalid node", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3032300e060a6080864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "6674ec2352f0d3e90f4b72086f39815db11b056babc57644c8a703014f439baa46e8ed961714d5c7b5f0ec97ba3fe5ab867c16b7e1de089868dcb195fc20cc42fa1b3d3060f50cca77281bb6be18d65a1ee8e5a381e21e7f02e819752b71327a28719c7284f6425bc9241abb08d000faf58d48848d7f4b8d68b28266e663f36b", + "tcId" : 160 + }, + { + "comment" : "appending 0's to null", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300f0609608648016503040201050200000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "8d18a5e0a81522b56eb9e4f43bee15475cdfc7881006150cc230e76028283375a13425fe5a106f2626346a65817010a5510b157b234a16fcb9426909a524a288161537be91ab13033ed296f5f8c1e5c3bdb963f12d7b5eded46106f7c2dc1ae9c451415303cb7e6a3f59809b922183b9638197909d5730e5b1e89705fbbe8464", + "tcId" : 161 + }, + { + "comment" : "composed null", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3037301306096086480165030402012580aa00bb0000000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "80c9add3930a98b726fe543b4350c593d28e77f9f53f1ea04c2bfca30f157309eeb41e5a675bc0045823df8e99f2e55d2567f4b78e36eb8af1b45c50e33e6634dcfdc4094407b760d8b60f76995edd05920a6a89e22168a788557bfc7cf01d47d21448a65f9766bb217bcac1124020b6b062fd0e7bbe3e142ec88652eb617513", + "tcId" : 162 + }, + { + "comment" : "appending 0's to digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d060960864801650304020105000422532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e250000", + "result" : "invalid", + "sig" : "51640e26e8764936a7d9d709b3e0f52a5f1843453f2c6107a8e7fd6dad8b1c02ecc71659cd4134be952c03ee83c190bea4ea7260e5472c3cdf87b6ad45b5c974957ee9b4bf6f30152c2d939f722cff32e5482db96f3e283532b96716d3624daf16767e0ecdad16c97e56e4e076d64b92af329d2d6a2f8d14b59d1b84853659ab", + "tcId" : 163 + }, + { + "comment" : "prepending 0's to digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3033300d0609608648016503040201050004220000532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "9080bd4ac03b7ecedd45f8165360d4848bdfe1c9212ee1a4debc1aa92886cd7947a2df5435789bbb0b3e8f78815aac80e2cff14e1939e9ec32f42e7c29ed4029c88cafb64e8523dc85217c40d1bba900468a69c5bd4d12ac67401698fbffaa5159907ad459d3843e12487b3b2315c585881bc42e45543f7cf25110ab7e0a19f4", + "tcId" : 164 + }, + { + "comment" : "dropping value of digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3011300d060960864801650304020105000400", + "result" : "invalid", + "sig" : "5f66f645307346216d3ba9c3d8b29e96270cb3b2e686a676fe975c10b8c26fda8d8eb172628bb3dcd726160c13ab8c5afb1d6ae943ea4c18d00465d97c0d2bcc27a63c18457ff8d6e3f5ba373b4be7b6f4c610f83578613f4fe41a40d86230afce0bb8d4496425a5bf0a80c6b1b1e2a981cd44c31a9aa603748c3d2fd2b85478", + "tcId" : 165 + }, + { + "comment" : "modify first byte of digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000420522eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "8ccff4ab4fd8534b6b50593f775bf6684391225adc37745e7ff25a4c4baff78a252aa1177ea3f3f09d2791da50ba19cef40ab8915379f128bba3271069cc2c02725e09f0b2cdfa0d313eba3f5a7e231588fd617b7d90b285e88a944d7d0a7fe9cc558dfe8103391ab2e6fbf762d829a55ed4486b5d888957078ffcf49e8ec352", + "tcId" : 166 + }, + { + "comment" : "modify last byte of digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e24", + "result" : "invalid", + "sig" : "694b90d259b8dbe290f5851ede2ebf3bb718c1674ab1d3b7b6418e8ef7ea0760bf3ce69d98a7a3baae5aee488cddfb877972fa88ad05996879d0ce15aca53591423bf1b1b3ff02f823cdbb26bb80e3f7b83c3b7ac01ad7806335f871cd7b7e9e64708c200a9cd092589131aeb7db15655174000cf7db782bd54325ea956a1a15", + "tcId" : 167 + }, + { + "comment" : "truncate digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300d06096086480165030402010500041f532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e", + "result" : "invalid", + "sig" : "888cd9bdece5ceeef0fea92727ef1a1d996960f3f551bf108682f8103590323669ba1ab48becd14a49b87a900434d0ca7670d094b08b2f851834757bef580d2d3278d85b88036ea90d4c2a673dfafeb0c3701332c2b77493110d9b28dade7e985ec27240c90498372fc00ac8e0e5547e4d59cdd19022b8d961f3b63630b5448d", + "tcId" : 168 + }, + { + "comment" : "truncate digest", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300d06096086480165030402010500041f2eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "762c745262627d0df634d6cce41fb8af3cb855fc2d974b8093b035e9d11e510b9b7e7d61581b8f262fc1c4b8a6da3f6d609512e32f16416c7449c623c1773417032ddf2a559d7eb3af129fd02f83b5e35f5b5c065b1e0bc6481f38b6361f0b018b5e7166e8e67dddcf1550222f125efde241a27b0e7f670d15346dde082a8c4e", + "tcId" : 169 + }, + { + "comment" : "wrong hash in padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3030300c06082a864886f70d020505000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "27830ed405bc9d34009ec6258b766100273b4dcf2a9b3cf6ae31029837c6e24cf6e819734c1fd10c2c23db34d227d98d3498850f083ecd78b648baccfd4647a572607dedbc2b8ab7a595c0594ece904380e7f395ba4840a81367e99275cde1064fc6f7fbd564c5f26ddd0103991ae8262eaf16623685b43f77ea7a05d080166a", + "tcId" : 170 + }, + { + "comment" : "wrong hash in padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020205000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "4cdfa8cd615bcdefa253d75212e4ed0a1fd60841656c6a749690cb0c6c3cd723b518560c3b11a734010acf6e38f0526338351d9b58351826b360c851d3c86429f38eb689e8555aa2a23157e197faebdd29bc49f84c10dacca655cd5fa50fdec86a72f0ff1c7f8feeec31fee188fbfa72776a7b5cdae1c1506830bd3a00181b13", + "tcId" : 171 + }, + { + "comment" : "wrong hash in padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020305000420532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25", + "result" : "invalid", + "sig" : "024746d8dd71ecfe33cf0ad7ab8ddab9dfeb5740ec47b8ddd668f07b8f7610f726692404ac14c3a1947ff4246fe0a9e216131489125e71df68d60930fac06a20e948a3e4948aff5e3f9772155f8bd6772b1cefd8180ae719afc061e2f0d68a69769930b8d90ca4ecd6c7b20d04f0cc939502e698ad1c500403763c0205f6870d", + "tcId" : 172 + }, + { + "comment" : "wrong hash in signature", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3020300c06082a864886f70d0205050004100cbc6611f5540bd0809a388dc95a615b", + "result" : "invalid", + "sig" : "3a152ced8b5e0efa33cd57d4afe67f31ed3b9fb22e7b0ff32795cd9510374fa09fc63a3366465f83ba4d44e36418a5c1d171b6ca05d8c74a242983d5e5912cd05bdbd75fcfd5b4eda7cadab21e6dcefca8e2ab7303871ef360beff45564a01bdc887d9e849e407c6aa5b12055647f6c9df49758d1272f7cb476f51088e21f246", + "tcId" : 173 + }, + { + "comment" : "wrong hash in signature", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000414640ab2bae07bedc4c163f679a746f7ab7fb5d1fa", + "result" : "invalid", + "sig" : "3765b8800e6ccf29544d834034e39f8fe7a2e6dfd7e6b4a8f81df091bbfd7aa17edfa6005024fe04d35c340a2215fd3f1cf4b4dfdd3c8ad09e6df2c2256c7541e19c2e80051d1ef5df5c384bfb6be88c4415eb2740db2d9fb3214890a8a0f19146dfb7897bacc02700a89139dc8fb21b2a7bbfbd43604d7f384cc00aecefb4ef", + "tcId" : 174 + }, + { + "comment" : "wrong hash in signature", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3041300d0609608648016503040202050004307b8f4654076b80eb963911f19cfad1aaf4285ed48e826f6cde1b01a79aa73fadb5446e667fc4f90417782c91270540f3", + "result" : "invalid", + "sig" : "5c5b097c21ac2eb156de39d1eaebe3b96082f54b0171469a94edf7d2027ebfdebc0837f766cfefec577e7b797c7a082df2ecc826e55d39927b01c2da26f8f6814ec993e3b93ee87a3418322b65ac652b3bba6d34373a13fd40b66be489938fadf67bbda762f6ee09a1ddc41382051d4a9a946e0df832bc65b7d5dd58cc5a402b", + "tcId" : 175 + }, + { + "comment" : "wrong hash in signature", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "3051300d060960864801650304020305000440c6ee9e33cf5c6715a1d148fd73f7318884b41adcb916021e2bc0e800a5c5dd97f5142178f6ae88c8fdd98e1afb0ce4c8d2c54b5f37b30b7da1997bb33b0b8a31", + "result" : "invalid", + "sig" : "0ede4ac9ffcb6d3d42c75cf73303a28ba6089941f68dcf392a75b071f6c149a109cab95b80a679ca3b29ae44e51c18a2db4c72211ae6b959c7f22e854c45f20f5560446f33be4819f08d981d2fb176d48039ac4acd28127d593f9e219ad40e2a5ee911b334b3b8bb290f2327524e3faae2c028745e03d58882bfe503c4ff04b2", + "tcId" : 176 + }, + { + "comment" : "using PKCS#1 encryption padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "0002ff...00", + "result" : "invalid", + "sig" : "6c0b3edf5f6e5d3f07057d0b752e89cfdd1c289ad18a0ba94670cd36547734e2c7bb32dd49709f0f7149944c450c23b7f2d360e3602cad5ddff7fd9d711eef6dd4c32e66c4433f041fffefe112024a655bc5bacbd0914bbb2b2a41a91b1293fe9478ddca926a13e6131cc5e9b70625eac1e533ce8171a2dc7b2c4a490e966445", + "tcId" : 177 + }, + { + "comment" : "using PKCS#1 encryption padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "0002ff...00", + "result" : "invalid", + "sig" : "1acce04e348a5c8377c54d8ddd8ec2d8c5cb9b195863c32eb716745f3462b5f249b612aefb31ba484949d0a0cb5cb8e1f06c1cec58fe5ffff6ba796218c46c3e527c7ab0c4276ccbafd133812faec33721a08542e7e3a34449bebbb28bd0f28994c6801ba5c971991004e31de8f728f6bc37a4ec7b049c1f2dc64d4be9415462", + "tcId" : 178 + }, + { + "comment" : "invalid PKCS#1 signature padding", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "0001ff...ee00", + "result" : "invalid", + "sig" : "61a4066d0b64964100ecf583325cad10b53912aba1bf3606720d2bdd8e21120bb0b5e4323987d96039819ccce0e5e90854bc0e5c239ab198f75b00355a04e4eb1f855f76697cd65732820575306eb9323954bc5913568a7278fcdeff8e8acad4481e3559f8c44a0be3bc02bae437c3146e4516632b3fe788c3a0e44171155728", + "tcId" : 179 + }, + { + "comment" : "PKCS#1 padding too short", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "000001ff...", + "result" : "invalid", + "sig" : "979a313677883b0980997f1cb525f43401739945860149dcad80f602df8abed4fd85bcd6e174d9183a5a44008fd77b5a5abcffbcfd4f47ccd2dabef963d9b228310d99000ed0cebbf61438cbe586985bcffb3923a8467a97ae791d0b04925c0894b5a41583d6de72d4369f481f66abce41a577fb128fc0b0aeec746ec089d834", + "tcId" : 180 + }, + { + "comment" : "invalid length", + "message" : "54657374", + "name" : "RsaSignatureTestVector", + "padding" : "2 bytes too long", + "result" : "invalid", + "sig" : "ab9014dc47d44b6d260fc1fef9ab022042fd9566e9d7b60c54100cb6e1d4edc98590467d0502c17fce69d00ac5efb40b2cb167d8a44ab93d73c4d0f109fb5a26c2f8823236ff517cf84412e173679cfae42e043b6fec81f9d984b562517e6febe1f72295dbc3fdfc19d3240aa75515563f31dad83563f3a315acf9a0b351a23f0000", + "tcId" : 181 + } + ] + }, + { + "e" : "10001", + "keyAsn" : "308189028181009e62337ef7d4fabec2561bb45a18a362022b23666571bbc762c1c717a14a46d8f58119072aa26245e71fc6945540335163798fcbdea04b3104ee23f2c3874bbfb3e7e0c1ba5f1fca909265274414db6957a5eb668e0e36a388784355d528e51a6a4a9a9c6b6ab912812a268dac9dcacf1c13507768e63b1f82f8af29c3786a170203010001", + "keyDer" : "30819f300d06092a864886f70d010101050003818d00308189028181009e62337ef7d4fabec2561bb45a18a362022b23666571bbc762c1c717a14a46d8f58119072aa26245e71fc6945540335163798fcbdea04b3104ee23f2c3874bbfb3e7e0c1ba5f1fca909265274414db6957a5eb668e0e36a388784355d528e51a6a4a9a9c6b6ab912812a268dac9dcacf1c13507768e63b1f82f8af29c3786a170203010001", + "keyPem" : "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCeYjN+99T6vsJWG7RaGKNiAisj\nZmVxu8diwccXoUpG2PWBGQcqomJF5x/GlFVAM1FjeY/L3qBLMQTuI/LDh0u/s+fg\nwbpfH8qQkmUnRBTbaVel62aODjajiHhDVdUo5RpqSpqca2q5EoEqJo2sncrPHBNQ\nd2jmOx+C+K8pw3hqFwIDAQAB\n-----END PUBLIC KEY-----", + "keysize" : 1024, + "n" : "09e62337ef7d4fabec2561bb45a18a362022b23666571bbc762c1c717a14a46d8f58119072aa26245e71fc6945540335163798fcbdea04b3104ee23f2c3874bbfb3e7e0c1ba5f1fca909265274414db6957a5eb668e0e36a388784355d528e51a6a4a9a9c6b6ab912812a268dac9dcacf1c13507768e63b1f82f8af29c3786a17", + "sha" : "SHA-1", + "type" : "RSASigVer", + "tests" : [ + { + "comment" : "valid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "valid", + "sig" : "8aa2c8a167fa230a1d1ea6bf5286d3ba6e675ca57cc5ca8cb26fdf465810c19af36cbdf843319f7af9b2954f372ef16891918aaa2ab64dbd1cd0ea54351ff2b3437fae5ec947971662c1f75ef6892b6899b77343fe87665c5b74df322b59f017e5488a67ec836ccc3f873788d60992d43f64b736507c455b649119373ba1aea4", + "tcId" : 182 + }, + { + "comment" : "Legacy:missing NULL", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "301f300706052b0e03021a0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "acceptable", + "sig" : "707e19417b5b3cb975795e5d53cb2db69bf80699e69114955aea5ff45755eb365fd34a18290db1975c32388eaed0d446b44138bf18b012f7da3ed067de6e444a5a66a35633c875254ed3d1b120ce657873e888af703e649076b368e90d761cb3e14cf79099026cb4a4c1f20c771c1d7544fccebd6d642506146e3d28acb6cf6b", + "tcId" : 183 + }, + { + "comment" : "long form encoding of length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "308121300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5b4cb0b22300dc4913e7c1cb82e86663462e4b30d03053f697d59252e01339cd230b72afc8623e185db939108f3a47814f418b5411dbd3365d45b609f93b1f4fa10b7b908430a9f7d97037161cbeb2a1af0223b6657179a9bd2efa8c40a2f57b20755042b401e81d3fa3d4faf69d05cfdf3b7c3d5d3cce8fe036e9899db34de5", + "tcId" : 184 + }, + { + "comment" : "long form encoding of length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302230810906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "264bb84974efc808ded6a363c50bba6c1ad8acea4d26f86afb81839d8ecfe7041db3ace271f308399bf3bd2effd70c3b17e968f084867a0d95299a8dd0bc27e516925d3b8c0e748d5f91dfc87eebc383ecfdf6bf46cd28912bd4cfb9949f7660f1dbdba527db82cfca5aad1f99cebb1d7b554d4038238a4755b25c2348397e2f", + "tcId" : 185 + }, + { + "comment" : "long form encoding of length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300a0681052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "23fad8546f338cec2aa7fd93387b8f1e735e3fc3337350276efad8950161e6cbc7dfd28c7272be65c9dd469cbfc8ddeb6945880234a60c0778d5e8f185b95b0caeda346ce5b8231f94c076d056e2aa7245072ee055f37e7392ad4c158dab92263e4803d82939c7ede603c3467c14c61a5743df002358cc63eab3648d8ca8ec2a", + "tcId" : 186 + }, + { + "comment" : "long form encoding of length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300a06052b0e03021a0581000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "64513a079e0bd31939110d49d36101fd2a49c6d940637b9900fd317a64d174ef64acea808329b700954471c8282d1f246ca3172481fddfda77bbe24deb8d3d20200e78ee9cfbd97b063c1da700a50f635cc32ed74efc59407b8af422e01f728997c9a2dd6f8fd0fc89c9c5a9b0a2038cb006f3e8a8bd86ec129db6ae95b18ffd", + "tcId" : 187 + }, + { + "comment" : "long form encoding of length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300906052b0e03021a0500048114f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "79547cc01aba5ccca5e0337304e02c48455df528e61037516262e151d4378f3447a730b894d63974c3df0cecd708bffd53742c908b718ea1e09786f00b58f434a10e5014fc5ee96c8c87aa0cd73348a470c369b71bee3d78e3b7a640d605736f3b3691253d853473e34e0eee9533abf655e0e490744a354309c3639ca5e0e084", + "tcId" : 188 + }, + { + "comment" : "length contains leading 0", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30820021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6dde5d8a638e4cda4551a295aa037c0db901578d70b6943d58f842e2b334822e986506768fbd73bd46e62f11acc308eb9b0f9fc8831729fdf630bb0b9ac8a9ce484e1fdf5d1099659ff452c132096d085b624e521ec0cd76449f50e57fa39adfb91d1c4cad4b9651cfda905689c24b3118970f78ca6240b48cba83d19da8ae91", + "tcId" : 189 + }, + { + "comment" : "length contains leading 0", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30233082000906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "28a4c4957ee24b104aa7f68d8d7fe5275abfe1c449f6e2d41d2741081e4e0248ff40acbfe0bf7652af44f4f369de583c355af6a5af87500330710b976f1bd3a705c216255d71589c341b237024337d38161946dd0ee3fc822b06c96775c6be57a906eb7c6178751537bb181e47acae959862253c34e979c3def80038488d0482", + "tcId" : 190 + }, + { + "comment" : "length contains leading 0", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b068200052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "08cc5258ab3d68d796e5dd868d676ce9c2774d1eb6a16b4bbf0acaa0baf9d812ed0138a17ab8a64dbb913e33a88a388883889bfde6922cca5ca98d5fd1ac13fa87eb1b5701cb4ef5271057b39cceafa0f8509f9151383058a1349460db1895b3d7fbc043771ebd48538e9c208c34719f21b2d60dfb7a06a3ef42d1f2a90826b8", + "tcId" : 191 + }, + { + "comment" : "length contains leading 0", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a058200000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "118bdd711ce909f3e6894be2c5f7fbd21b6e542205e63447848bd6be079874f2858e9640ca8723cd4f73d1d272780aef52200d991cf620f7345f20ed4b5c978f93dfa495a24680c762ff1f1c4c3d0513b818b2cdedc63cacaa76af3b4672e0c3eae523b410d7c03ce4b9d2f65f92e580e4e7f04d3f62047db3968e33f0f1f40c", + "tcId" : 192 + }, + { + "comment" : "length contains leading 0", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a050004820014f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7c2ddfeb9611939302c4791b44d2eaec63ba700853c84c928e11f50a5fb15c47a2f0ad91962aa88e944c0a655db19ea4bda87e386ae820fea49725c75e13b26a7c7d9dc63e353259d318246a3ec3c4b7d2ff8e6af164fe73ef35eeb76e921a523f48db83d541b3abca995d807968cb960fe192ffc0501a0840a1f5bf1b332123", + "tcId" : 193 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5065698891c73f55ade9d829053b14086b977af8f8ddcb9d2b5d236bced0821b00cca31a26b43a838ed36f96d823205fe79644ab4d431d2072f823bf9dd60bde8c2af3e2f4af0fcd734f285c0f8e0b9e5cfb5b7cf5d4131ad2122862c7bb6d9a9d6a7ec674703c79e4712ea84bc178da4bbf08355b2c248a5887a9b87702f70d", + "tcId" : 194 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "33ab162433e5c9677c2ef33d2949c64167afc165223a79ea96bc1096e0654db370f84b30f3ae03da910e6343fdc9f7413e9422f76dfe4287dfaf7250567076a4b2cba812b784410ff19f412df89f1af8b9a5ea4809b7f60b8b5b4063d07dd17311b5b0b75599ea8988c605b06cee2b6bcf79f20ad7c4bd67cf179511ceb9fb21", + "tcId" : 195 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300a06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7cb2655e9bc1e633b46656d28db5bf457cfd6a6557ebe511a694ecd36987fcf94a6de7a3f73d47777990697b5663fe59b838fc0a7fcc0604a08e951fb1ef4dcdae0bc09c6733815a65ed465e86e98bd08ccce8df0a7822f1dd74fd8ff7add8314387ed2bb5474c7c282333bcc962af3f0506a15971f30967f49bbb22cf3e99d4", + "tcId" : 196 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300806052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5e147003f7061b46a6046dc91374cbb2f1113ddb56dee64f203a513b421330655c123fc2c51a79ce70fef2884b6b444ff8639d5448a0781f8f0503009cac89a58fa0bf73b698011d80986379dfa0b8923591f2c310cdea8982f8b87dffc4ce27e5a1a75f44c40e95898d0ae12cabb94fff41116f1d96dfc8fb5834965b750cbc", + "tcId" : 197 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906062b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8cf10e501268713c12ae5c26c5982c082a912ba2d22501a12438118067ac19957b0191498fb2113d1ca2db5fad32761f282b4c7684827b35a1709297c9bded1fe61a4e1963d32aaf4cd0ba5c51ad9c1aa3494c47afca86a264293d9a940310d6c1d8bc3e51ea3e12488e87f624e738f3568b21ab5f7a8b299b5eb0d7147ca794", + "tcId" : 198 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906042b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8ee3b703c37759112397fbc6410d9c95a93084f544a26756071b298ba563b2c22962befb038d995912ef5b48f5ffb9d187be72f835d0afa764eaaaffa2cf42b0918e8b364bdef42a482e571cb949342654c91e3012776620cdb590323326e2861d1abdae6ea2fae95d7304b25255aae9d7309324bfb6b47cc2555e5191e95a79", + "tcId" : 199 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05010414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7ab24ebda94da9c07a8742a96884e7006e36c15fadc0d41721d8192581ace97b040af10f79bdf1041ce48bfbdfe0e2807042ef91efb0136acd592346bc8c572bd0da5f6400406971b8d84b021c0550e32b9ae8cc4481b8979979170d7690158dc95f2fea00e05566a2369a3eb34794cfa6792128d72774eb0fb504490a5e9484", + "tcId" : 200 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000415f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "49877ff5a25db5d9736e7c0198f7908dd0eaf2f2ac754d6456073df7a1b8d87f49fe9ed7caac03e92cf8bf253626c2ec049c4dd4615bacc5a617ffd874934ad868db7c5d7db8e37bddaa22b557b49bf8ee769bcd0d0faee45adaeca042fdfabe0864256a64389208ea8a825d373c439e220a60fb30ddf96427741e5771b89200", + "tcId" : 201 + }, + { + "comment" : "wrong length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000413f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6acf67de89d21ac6c0e0360dc872eabd3d9f315a46921fbc835391f4e5df2d5a73826cccc3ae099c76c5e0b5dcf13f76316cad72f2715be8927fe83273cb5b10dce6b4a58236e90028146519ee975599e2cfce518be7e20701b82d24e1448654a89a52cdad64c33ef916e1d3a40eaeb07a7b1509a151ca7a8c3f37b734dbcdd3", + "tcId" : 202 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30850100000021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8291239e82027853aad5ec6526dc14eb2e4d6f62459cec895e311302e531a472dc720a55f01089ad3ff96608cd0804dcc4816441f92e77b9dc59d85a7b750cef32013fc888ce4bab028152ed07d31e1232cfbdcdbf096cfbbed22be93a8cca41ffd69575c3e47aa6f3c4bb895690622ad253c60db7fad789b3508252120f2905", + "tcId" : 203 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30263085010000000906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0c0a60f4426a0922599d12bf623821ef3a69e88b8f3df39c998b91951bf8fd9f12f379db75bd051943076b73f145f6de4e82c050bdff9989bfb7430c6b4483502d291e666fc1b93e61a2e7dfc4f3b3d0f695ac605772a8f54a85148b76285aa0ae2a993d5061dccac1afeb9605771de9b51d6891e875c384d8827faef2388555", + "tcId" : 204 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e068501000000052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "52d65dbd6d48dce0dbc538883d3508588966c4932afcb22457221c34414a59d8effbcb805c6320b5edb024c745afec75bb7c698d9e903fffeaf7a4ee8c36d7f44482f5116d8d7758f08c889ad777405f204e1c5b75e1dd2721f46679fa13a98f8bfc07885ad67a43fe4c05ded4c36f8d7e1bf5695bd348192986f1b40c60527e", + "tcId" : 205 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e06052b0e03021a058501000000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "485b9c137230f1bd439b4b5753be8267f386e1725d63d6c29bef2759c8fc81d4bfe2b5759e9dfd1772fe2cb661d320ec8fc831cf6e4abe8e18d622893a7ee92c64907c15427e7748faa3d1445e7721260e70be4f32167d60462fae53bfc2d943501b8634e443a940d9f41a1391119305a0367799909a7b83fdf7374721d4efcc", + "tcId" : 206 + }, + { + "comment" : "uint32 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300906052b0e03021a050004850100000014f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "73c06cbffd5b65aa863f4d61321d840689ab69885ecc340748b8c4ad290945074fb58c73a419ea9f56e9ad70d1b133567a6c3e8e42a9b009241179eb154d7fd1603b6e25db969bb62eac8477addf62f1437d225c57725f3a017073c7418e70adf1e5caf81740e9503ff395b956bc90aced537e846968d879e1a17f4823aa3ffc", + "tcId" : 207 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3089010000000000000021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5d718291abc4c814b265b5eb7c41d96648ada9e6baeca90e4dc851a1655a64aadc072ed9402f583f6f56b1d885c9423f4b708afa978c3c941969188b44b04d4d787bb6079e3527d6c1e36cd5fffbd33178cb6f23c4e1302b3a59cebe6353b6b10a005e6f24a5ef8350900b3717646917d1efdaf8aab1a3e994d5627a8d11e577", + "tcId" : 208 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302a308901000000000000000906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1849ce77edf490fe5825f6bd1d6b4c312227fa9296ebb4f5e9a48dcb9b9a8918362a92d8a620dd3cec378f67beda0216b4c39fe07903bdeaed853f8884ba017fafce472c751284cfcd4db8fd5b93dd821eb43a202747927f1bcb947ad76ebd9d6085b616e8f8485b31889b95f28c4bf06dd4852142ac2f5ae707d1ed4f23cb5e", + "tcId" : 209 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302a301206890100000000000000052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0d3eb2ba13141b7d5fb65b0ebca47b979bb51778e762bde3c4cf33b02f84b0567214eaf31dfdc8197c2e84d9a85af76e8bf832a5ca2797af79b0293d85f513e421714e364ac5a5551a066063f008d6eb7c3bfdda6c6fed53e0161cb607ff7e78916f301cd81dd63f351eab77395c718b56d8d0b73b4806229999fb98aaa7751a", + "tcId" : 210 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302a301206052b0e03021a05890100000000000000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "88b8e16d5527fc54feac2b63c905964e71c47701dad5944aba4847460b235c09e9ffa8bc6e59390dfa8d739893cbb32f5b06ec7f1fc918ffa0c364e0b5985dc05aafe98a8b86b18168d7705231dede7f0ffef76e6805a35a0ed9a78bebedcc274169f242aab6c33541c840a1e50cf09720b2aecfc356ed88ce1090bc54499f6c", + "tcId" : 211 + }, + { + "comment" : "uint64 overflow in length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302a300906052b0e03021a05000489010000000000000014f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "54bbb6fa9891afe6101547c34599fd1fb4bfb3dbe0c57fcaba3bd3700f0ee7d658ccd24bde5394aadc7480f181b90576a74de3c705b85bf214d9d8284be4b00b12678891989c3e3e16f53185fa590c016c29fd6ea02f97f1a872100969fdc57654b691122f2eddbeb6dc558ade5854fc8f26c11c5c32638bd4f7253099c7d1bf", + "tcId" : 212 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30847fffffff300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0dd112d02c49ae5057f4b89c14b871e5a446e96dca84c6d0d012c95615cf43ebd42e79d034fdcdc93de62e3b11dc11dba63dacf300190d443e3796e0c95a5db3955f799ec1bcdd4ecf69b708fec727b76401e989f5cdd612773f65e1a357e0b2942b78aac09dea9eb0d86463aca289a0af876eb4ee031bdf10e0df27516ebafa", + "tcId" : 213 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302530847fffffff06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "603d34e2f71dabf90d862e828a0579fef915972f070c495da35fb279808ccf4bdbb0a43f666d203aa494f0a3012f5a4518c2a83fd8a8d3f1537be15174f22a355124657fef6e1b673c4010e8514cb133f63a15a7245ba9fd8acd03c080e4e89531c0ee3b41612e34b136c07c469c042b2b2718dc600cc1f4069063d0989fa188", + "tcId" : 214 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06847fffffff2b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "11238413d11b4c1e0e311fee14bc4b3370c9943fc22c8b9429487bcb920e091d9edd0341bfc79070337854884267cbbc0f41dc34746c3e56096bc03cfa9d58e812d2bb9cf7dd90f3f16c048036255c0338c3777073a925f565ca9c9f78c7edb856f20a541275f84eef9a022e94dfeeeae4f07416cfefd742c21da502a1fe80c1", + "tcId" : 215 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06052b0e03021a05847fffffff0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8364095ecbfbd1f50f2964bce941395095071e45e9ab55edfef6ec767dc3790ac237a11132e6e087e96c226fd338783d4de817abfb9e134c2dd61dd4e400188f50be2a7cf3f96804011b5240da29bb1e8f7d4337c8e1f2af0acc1536057b0114a23172c6d37f9128ba4c2b719158ad70c5c44033e532c58d0d79c4508470465e", + "tcId" : 216 + }, + { + "comment" : "length = 2**31 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a050004847ffffffff7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8a3d7f621509191a435d03f94a338c1aeb99a824eac10a7c8575d1848f16af74dd87db6137a590d3e0cffa18cb5c52e1ab42688c2d50afa5a29730a98d6cd60e24f13c7dfd8500a9442954a23e773560a11b1a2a3fc087a28ff2520aeeff2a058928c9af14e90125b0d534bfec11eb1a02227e7d513569f3f8dc6e35f6fe6136", + "tcId" : 217 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3084ffffffff300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "149a74b89d1eb542f383ce0f24f8665b1387529770f561cee91f39e3af3e82c1cb0f589f4d6d5e9fbe92a8105993d55c205cbf9b4ec4c3085739ae1ae2ef4615d43040926813981d4b626f3c71e08981b8c900952eb23d8b9da218fc3f1f113a27682ead4466157e9043188d331a9632c8972ac7bca5729132bcf4b76309fcf4", + "tcId" : 218 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30253084ffffffff06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3b55f4f1b497c53dc4fe59e8e2c8bd48f9199bae420e43e5a22fcefe047a5fd6422de99742ab6b3f946a908d382852359f5f80037976287f4806ee3edbfb94a01d81fcc9c28afbbe8d824089bca34f939d5298152bfa11e69e047a6379723d5d187c1cee5f437517ea237d0a024d2d21316666f867411b0b84f6010dbf3fc2f7", + "tcId" : 219 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d0684ffffffff2b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "99a4a625ecb0c1c339c42b058d05f8cc6cd47bb29deb1df909fc16083e08ea18f482dc3932f0f81a0881c8a4e450d52da647fe501baa9363ce0261729beb173e3c6b3ecfb392ce93d89ea4c0e911ee2b95574a966c23276b9495b2ef6dee3a054c728c4ebb1cb294c703e1320a7d3cace4acdb57c605ab1c197448d5b890e71c", + "tcId" : 220 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06052b0e03021a0584ffffffff0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4473370a0f1cbe032dd66017379c5605c69fb77c74af9f119f93b4df107cda358dd074a7c8a2a4b3afb3bdd4d6074be90e6e8018fe482121cea28e7d42b4a64e0fad25c86d4792099812b74dfd225efefe1a4c9b664a3786c9e2070bd7ec4bbf666a4fdacf5966d121fd17169db07d47f04beae689080c76592527346d3741ec", + "tcId" : 221 + }, + { + "comment" : "length = 2**32 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a05000484fffffffff7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1157bd4955170a4d8dbb6c3e20faf50fdc20140cd2f0ba30f2b3b059742b747f501e8fd4df0c614d247d7c7ffb91365e6bfb5ce36d21364cde0ddf7d9b10c1b1fa0ef1aa37deecfcb0002094a6b2971854f70912e62e91275091ecdbf0c218c0a3a4d7c5ddc7eed97c317f46ea2b554d391d08a5d015ffdf1c51de55f8048d1f", + "tcId" : 222 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3085ffffffffff300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "50af5b10a7fb4f26fe6abe148cbf8169fc5f7260e732f4ae4ccb79877a3b1c8d6fbc476a43db9f5e94c8c13fb256ce767aacd02445b47bcc54f535ce67251ee94a63b33dac77cff65d3de5aff42f12939f10320d40ac448cde70bcd8a40fa20dc91354f97521d847e45aaeb9fe38a8c9c0a3ebaaa34046a620654e305cbc3289", + "tcId" : 223 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30263085ffffffffff06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4635e85ef3201bd0c0f1e57a2fda4c1a7b68f36db6ca9f1f034c75bad695a67964086d3d7f7a7505ff10cd77f1017908634f309fd5e0d4a406c1c579b08b397305e0e6a57390738c2e663449a72c0894bb3beb0933cd12c469181b139ee21ca9954dfd88b0ebc6f0e8d29c7b45b2bf5714e17ea9950e0d5b476b55aa0b717bfc", + "tcId" : 224 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e0685ffffffffff2b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6cec5f74cea80f137a424880ca5254507315b6e50376a969a444aa0c33d5a9079fbdd417662c16048a249a94d251685742ebe4fba882e797bc77f6d28105136b2ba9bd5ec3080343d00d7bb9f579a334c945c1239680c11170e0470e801bdf6f9789a5428cf97b0af0f2fa77db2f8fc00182b1bf9601acde6fd5158b4f57bcaf", + "tcId" : 225 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e06052b0e03021a0585ffffffffff0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0513eb217a06590004cbfcb0bc94c0c6f79b488fffbba9d85e289e42b91824c8c4e1dc04f3ad6f6ce6e8480c96889bef3c62105bdff8af972264cf0110b4e522fd26ff6af8147990143828fa3aa2ba25066369357e19fce0b8f90d048ac1ef19380fe493fb70ac9660d5258dc0657a6270166d3400c2421bbf57bcfe10e2ad64", + "tcId" : 226 + }, + { + "comment" : "length = 2**40 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300906052b0e03021a05000485fffffffffff7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5b0df944013467b97409704eb2130b06e537f746c5387dbb858651f4446887f874977dfbe9d5fd26d0be6ed9ed9381b9a8511710d0756434ce897cb00863c652ddf3a6b2df37f9308a46dcf2027ea523f124c9f32c2d9a09b5d1928e2677dfaf5e0d8a00c3d0edc5c1441f017011a16f2e0788fb2d8d22e395b4d79a8375ba49", + "tcId" : 227 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3088ffffffffffffffff300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "52be2fd82c24a1fcbcc3d832732eb97b1032933fa6af3b7fd8d63fca652d4b3a40c8488695414049f416f4eb01095767d75325662accd8c47bb75500ea4a99ac1fbd01815d0b8ddf450e097380c53715298c22fd3150b8417a66f499495372f07e98578e407ca2d226c69533c80b08f58e1fc0ca1cacb8652fc9374e12f6278e", + "tcId" : 228 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30293088ffffffffffffffff06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "2703db8b7d2f7a879c235f95a9a39870074efea76b73663c50c4581eb2debb494472402d271b115a14fdc14eaea36cdb4c199260abd321d8cfbd1f56b1954761c5c61ad3ec1e440b53f1cceb156d8638b597eee1eb717b110f30fcea92f47e7c1ba438b1b161967f555bd14f0bcbcd21833aeb2c6b8b3f5c4727d07ddf009b11", + "tcId" : 229 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302930110688ffffffffffffffff2b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "927d2fcf22048a79d64b34aaa94de24a10770a95e32f0a6e2b9bd5a9c1e502e9fca540e54aca240091923bf4a64fd703b30fb5cec96c8da5431373bfec653da1ab25cff5024e1a029cca12469db0ca362ecefadf60991fc1c1615154450d9e1b54abad613f5ddccb5545e615c6168d0247f8e7c061659c9946c3af1e373a618a", + "tcId" : 230 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029301106052b0e03021a0588ffffffffffffffff0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1da7bb65b41d9e5fb8b895882b9b6c2aa5ba32e7297c8eb3d64e5ae4311ad229692296cc27eb84e8673c29b65c35b1d52038d8b4136b334f4bd385621d7ddd6e0b5718c65834dcee0e7841a154f1953b130573995ad5cb29849490366936ee8a383f33f6cab3221d21d86c42ad8fff91efc5257ab8e9279df968d477167e75cb", + "tcId" : 231 + }, + { + "comment" : "length = 2**64 - 1", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029300906052b0e03021a05000488fffffffffffffffff7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4c3a7204c4807d5b44fc36eff6b0513730fde67c74eb7a7d0484b7a5b89e444e89b07170ec0ff4ec4f58b9f13c3bb82cba0081b737f62277dbbc678933dc3faad4dcdd61c8b4d62c7a1c9a6dc40c564b36bcfb9aff90e9c642afd81a8c9911351e3f0b78e0ad6850c937a69ee2a639be88473682d7c4a6edc77365cfcfe91075", + "tcId" : 232 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30ff300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "32107f36c8b86cee3154d197a6e281869070fa9947177aff8cfea5942b3fbc323452b002f957f19083b57d59e6279d80821fa33c1f450ef5f805eabf1782f729dad2f9d0e63462e901dcd449c7fb14a8c42ec9599d30cf1b16b45550061f5b6f7f91c4c2bcb1613daaec5984e634fdd65a19cf24cd29d093406d7f5f4c443a23", + "tcId" : 233 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302130ff06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5ebb4faf49a82b1fda92b2ccc8de0d158bf62f819359d06c6a4a2a508bf728635296d188d5a221b40cde9d51e107b8e8f73ed2a0c3cbd92325ddea1cad1f72ff6491133ab7a2847f3d339cb2317e8b9e336516a7a9d84fa8fb2b481df9e1ec397fe97d18227ab98c2fa55f080569aedc7025af770674a5b33c61b811922058dd", + "tcId" : 234 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906ff2b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "531ddbfca4d3202639ecda32eed51b2fcffaa0cc6a0e97bdc1df71ab3b800f3e80f661b118d9cd82dfa1ae35cc3a364dd2a1c688e90cb6b6a215485e5e30679838bea37edcbe982ae858ebb461a45ff687332be102eb65746d9539a693b489c3cd5901adecc2d4afeca278fcf3b21774f2d11090f436d949d4ef96480839b678", + "tcId" : 235 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05ff0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4ec4e1b4bb0ce0b002b8cc0b47fbc2baa9be415e35d77fb95906620322a63fed39595837d1a547cffc5f50c34a4daebf3a15d7d7ede9e583ffefb77ca4e4cd953b91a8608ede58a5500dbb71ad24bfa2b07bbec03b702c53baf4a1053d4834376b205854cee7e0dbaa1ec60f72ef238fbce20d76f9549b485b41173da58356aa", + "tcId" : 236 + }, + { + "comment" : "incorrect length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a050004fff7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7d54aa05c2043d5f6330ab97726ae0407d0f6be65cc1146b374d3e7f75583beb5ad0ba0361b2cd6bcfcfa01987cfdd4423047fa6f909b3fe3840262c55b3f2c0385cd8474cb92eedf9eb9113e9e83d0ae220124493c3df2380df4cea3e88b81d9e3947feebd788c2417c644974f6b909c1e44b75b74240b370f8663e9a1f63b3", + "tcId" : 237 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3080300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1573e93ebc5caf4eba58c9d80b89c0b62de2073a85f5872a22ea283f37366fbb8c6c7f4b0a4f459505d95da2921d8aefa640d81f5dffb9e0e679c69ccb310eda59f36d49b33219b30ee3b0f680e2794654c99e63effef73b09891f67c403283999943d4ded2c823797ac2773aed7a0af88cade66f4a203fe91c8d86d720fbd36", + "tcId" : 238 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021308006052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "9dc2d9a253cf809bf178002806d1c9883f5c74a0734f70dea7e322f2ea00a00a3bc864dc4f0fa90bdf0af0a8e46f893f6405a63998ed27f18cdffd1b46a183763e3bcfc4c491a023468f1b355d12be2118e4381d960fa2548afa12a6ea46da03268d1d050bd942ec8c2bf584f8d2ff00ff975860686311b1dd17d1ad6f262d66", + "tcId" : 239 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906802b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3b1240c785cab25d0ebd26078da7323bd28352a878cd405419cef18938d27dede67112d32f6a60d22b14c78e0f5c392bc9f53f2a71769e21a9dd4b5d8495a203ff0e715a1173ce69f3c966d83e8ac9a45ad534c36b77d1cd120a6a3236ce023099b19acb39a25ec420f8765829b77cb048a5136b597645caafbc34d3c09723c1", + "tcId" : 240 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05800414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "84bbedc08a146e7f8923dbc116c9793d1bac3608d71f962664d2a155bc06b8a02d3a346e067f347cdf50ba537c14c1c8bfabcae5ff982e5543b626f89627d1a4bace0928115d22d2b0daa5285afab45c9d54e5fe1832494f432b32bafb8a922360f5f545b15dc189b7e64dfbe96372b401ad519162488f0123934a9c0512b4d3", + "tcId" : 241 + }, + { + "comment" : "indefinte length without termination", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000480f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "15a6c89db01ecf6d5f4d3a1535bdadcab861655619500b010851340b88cf8ec2547bf402137751006ac9d675b42308f939eed23d010fa36006eee53b94d63c3ef3800665038ffb4f017c1f3f5f8e9b909fd555e67cb002fbe261a42bd7b617525c5027d5af82aae2b6fd29abe4f503dc5f2620aff14d7b7798fdb8d4a7629db2", + "tcId" : 242 + }, + { + "comment" : "removing sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "", + "result" : "invalid", + "sig" : "14951bfe3fa22176d5ff4ad5f7dec0d0954e25a2381c91bc17707034ba19087c9f5b167d250129b95b41c883c69a5628196f9733cdff2daacb49ab61ee430582aab7c785e4f70f2320ea1d18da9ed0bd4f96e597977c2aaf0c2b8a3dfd8015d08195e3446efe12788fb7cbfd612d309a13952682b65f03a8c9440fd735fb2078", + "tcId" : 243 + }, + { + "comment" : "removing sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30160414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "40868e6b6d88f66b2478d680ea58466d642e141951f69c1f25bc3f23211100441857b33253b4cf1668b6568b858d1c604e6062022c71c0d764f260c1924972ce44a89b508a3a220cc5b545c4166974e6b619d3d6cfd0b72be7f31070e743eb7611230b4da746f64dec399f71bbe8aa998a99f746bd422be6d02f0e80f5e9a337", + "tcId" : 244 + }, + { + "comment" : "appending 0's to sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "34bff75efb6f79769cdf1dae7cbf4be4644b03b7e44ba74a277281e229a6bdd96f922884fdf97705a456ad07e13f90578ce2b3aad819879be2c4097ebe5329e8eb72598005d02c6e73d8ecdbb45fab138cd88259320397f6b90a5108adab63ea07e1b86f5e20455368cfec220782a63aa7aea41761ead5952f9c7da59135f0e9", + "tcId" : 245 + }, + { + "comment" : "appending 0's to sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "96d9ab79a2c8db9e9a483d5c36c0c3ee430eed6bd8385e4b7b655b7428a28d609ef4a9d413269572cc4be679497329042a1e1b0b090cfbc9a9236b94942e33e2e54a593efc3821ced8110042f4e56a521f4f46a3305dfcd1b899c0f092aeba78ecb8731a91c2a64bfbe7e00d46d85275a04c2269a74cbdf3ee6d6aa4867c8728", + "tcId" : 246 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30230000300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "26ec2f6585eb6e732d8430faad988f8223db0f11b8e56c14370697f083f16daf1ce571f73ed43162b40abe8736a43b99cb3c6c6e4a2fd5e2cc75bf779f10abd718eb0f252fa867b4d08cd8ab3f80745c2d368ceaac264427b96dac8b4b7aeeb3303cf4bdb7a45cac40f991c1fe53e8dc530c6dd76302dd8f6bfcd86d6ab290b2", + "tcId" : 247 + }, + { + "comment" : "prepending 0's to sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b000006052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "9e4c79c5fe53b5514cd9a3f3d6d898b53f92859d7f862f66b08585ebd6efcead5b69df6d12b1dfed30abf729558f340def7ffd341bc599102ee3cad5459b11457a2a463cdc40594fea9b7d8d0a99b952aa442a25f77991d34a2dbb0b5d73946d5780c176f0cd977a4e2c26b3b25406b7092c2d8ca14205007fcd0b776d01278b", + "tcId" : 248 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "94c2d05aa194c25bbf274f9b1a312f87128d3c177cda66961cc8388a3ed5c658cdf320bc6af14e57b1569ee6f96280e5fa98ca6eb67017cf3077fa63d9f7a916c445dceacf73d06fe53060a11a4c9ebf0e6203890c0da57324d86fa92e8f9b854c262b57046b1422c9aabd40edbef96f97c015690a4dd1f84bcc02867067d35c", + "tcId" : 249 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "789468845b4388391ff3baafc966a3957f2db65a01fb34132be2445c22b303fcdaa4379c14a9291f3a7e1f23948c5c6b3d1d61934d3e5689267a14b122017df19da59a762114b4db56b17fd61043caede4ad0c8f89ddf180456d5695b337525f6dee1d1806c69a14868ccbe6edfa523795a9422057a3dd9ca8636e5026ca74ea", + "tcId" : 250 + }, + { + "comment" : "appending unused 0's", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a000005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "65929dfb1cfa05e3a405e1fd566e86a0627ad471101f5b2ace5d2a225641a521ecf2638b5de2c9f691dc0d4260ec49ce2b05bac8064e5a16881bba6dcf7fbb890896c27ca5fad9bfe6259aaaca16d94f01c24f13e30285caa9d610ad26457376c332bba7ab26d6bf832c7aeb2746faa914936c9ee51f9475861db055a89a1cf0", + "tcId" : 251 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00500", + "result" : "invalid", + "sig" : "81bacc6576415739b7cdf7ec09bbe148be54e8e9b1941992d6c3108cfd3bf095e9f2b4d0c9101136def16587e2121e6ce9d705be253c1597b4963ec43e99ff48d2cfc1ca6141a7c6c309d7a09312dcc5d2b985c38c89bc532578e19f544a0d22262306482973163a93a0e7845479214300f00cb9a01bc5253650d79446c4aa7d", + "tcId" : 252 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a050005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "42b488de85d7a4dfd153e07d965116dc20c05b971faf7c7c899dda96b3325947a36652cf1c6861011307c47b45fccdf1520c39a56e5ecc1292f336ae19256a2e68ca1d3e8930456e53b3778ccaf50a79f8bbce54489281f7dfd376473951f1a893460503cdec4ed81c722906fbde5b9553ace4f794e600b00e79b11822d13ff0", + "tcId" : 253 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06072b0e03021a050005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "497311a6c38b7b78634e563139cd5255d5db5f49950b9a45928f0e0b84c9db2bda1072389bdd5c44b229a4038d5dd111e4681fd94fa09775e7670fa7de90f1362621f1ca85fb9c79d941fc34b121f60e38b211b3bbed00edbada6f53aaec2555ed59145af32235232a322519fd408ace24b819e0e3c9bd0a6597d84f9530d208", + "tcId" : 254 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a050205000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "637bfa1961468a3ceae4f91bb9fdf7815d171cdc947a8cedb8beb9077f2096b65500a15c99f512c34acde371be79690acb660bcfe55c0d1a812d12d079f516a6d48b3d35c5c10f21987ac6ba830839a83b1d140c15c57a9df09dd0b1cceb323b1c9a0d854510116d0fa5d16443ea5fec8fc1ec782c76936beef5bd420d789494", + "tcId" : 255 + }, + { + "comment" : "appending null value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a05000416f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00500", + "result" : "invalid", + "sig" : "7fbadbb2cb7b323b8f1dfe78abd8e6b78df62aee4cd2d261ba32c05fa321caabf2ec7486bc9811999e48b3b1b06fa1c590fb7b014fe6137165357b4977821e74323eb64a338e98cb0133cc2a9a46e1691fe45dec76781e60022eecbaa6773e911589e831ac2a485c9654fdf3cfc73b66029295eef4c8065f831abafd960ac0b7", + "tcId" : 256 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30264981773021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7d63040570a002364293787b3c0340b7c460eea2cc307d4a6542662a04c0f07ebbc27457f1745129eeddf08156c977e8e346b112024b50c2e3d3686b8e87dd0e35d4f5499cb14049e61e81a5b43fe306ef02b644f20f8db8ed738de9dc630dca8de629a9bc268bee600b7c13c35eaebbbd4e018df9659354efd9bcd5452f578d", + "tcId" : 257 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302525003021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0cc6704e2d24718199b007a9a590a3a63aad1d5f769bb29d2c233f38cd994ad8359522e9c1af260bd8c526de9528de4bf67ea0a34286eaf9e015e4276be490214a52e4f66d44d6f71b7e5c07850a18072ef3e15ce31ad0a085ac59501abc4552a5a2762d484ab494a281801eeebe59d20187f3b6a168cf23f0893b3ea100bba8", + "tcId" : 258 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30233021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00004deadbeef", + "result" : "invalid", + "sig" : "2916f598221ebb2894a79ae4580d3e7cf6af6a5d345d4be8b254b9efa08d267e3c25570a515ae47a22fe24a914218bd7bb8322e96d49cf16076cd5cefab88db6609438d939f392c2c985272c7561726e51c85ade312ea1b77cc96b0d681f6f2695106d6e8dd5fd5556ed88151cc0a4302f61f5f3db1e714ce11356fd6c6d46e2", + "tcId" : 259 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e498177300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "934016d53fdc1e94095ad0c3b39fd01983a037a5344c486edf74efe2daa9da8e1b8e597176faba7ecc9562d432ff98dc205d00cb3937221a6efd35c42674058db4edeec5b6bc86f49e31201e8c6d5b0fe3d0463e2b36bfcd9bbfd055e89034446da971bc3dfe793350f2f85862baf328c542199ad55fd56bd1f75094eb5e09e2", + "tcId" : 260 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d2500300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5ef2282d6b3b03eeb68b8f1fa17bb20d7f3bd2a66f2450ad97048183c3647de4cf533442f92e2ea850b09c552be9e99419a48891e4952a0d4d886cc1a7115563a49c3490fb8e146b368d3a9f9d98567d6ad03799e6d6415cd325a413d43be0ddd2d5b3706c0bb0432989bda8a5d4543b832638ff3ee4ceaaf239acf0c1ac2f53", + "tcId" : 261 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029300b300906052b0e03021a05000004deadbeef0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "88f59da879a63cb4fa4523cda167443e78b2878e8143a54cb0e237ff51e45d34d17d59ce704b72c185346c7093b79fcc0700516dec9c5cb8c3bd7bc21a1f46f593b38b4dc52f80e06a1eb7631bf2590dc7001c122bd2fbe260547c9d13010094ad1e5e75255cbbda3539b1454e3914e6c1e8c93f58b36381b844c39d08770c64", + "tcId" : 262 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e260a49817706052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1458cdaa71d53e60633583b0ca0edd905eaae3dc86350c4803a5fb5d1620b31713930cbe5d21d9530cd791c1cd10007078799a9359b09f39c61394f0d2ffe366efd4485830aceff2296da12a1f9b6677a1b8349cf6b832e7b9821e1be8d5e39a7e892062926066312b231306ba32cff73b03e9be39f12eb1a559e7e18d912f85", + "tcId" : 263 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d2609250006052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "7f2c73434ec35a0db8a6e89d81171d7df1e1479d4b5e00da0d5e1223c95ebf9eaecb9f5d7b2705ea3e06f42828fc6c6c3cd3af52e3dc20c164789785aa88cbdb63c4b973b4f871c085670039612d4a9f50f0ff84e38c576b09bcc9d55d6c66418f0e8737b1c0e8abc3c2dcee84d7861e58d4cbe887d022a3250f28059c5d4288", + "tcId" : 264 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30293011260706052b0e03021a0004deadbeef05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "51d48f38227999d2d1af07719ec317d34e2ee5e42650a6b59b2d0057b7df31a2b551a736c621f5a8e4345fa755f57e55ff80a61c041c7c28e9148b020913b72d6a0ea7cf2f956b567eaed32ea647687505e11d756581fa1d0b593207c6f2db3a75a0923a375731b925779fc3ade0a00997ce4cda3ec6e981e91e1af78b12dc26", + "tcId" : 265 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300e06052b0e03021a250549817705000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "55dc53df20ba602ce3b36914347d0a2c22ece2b11ca27b9f8807ffd36545ae33f4a665b6a125253a5cd7c358c52d75b65cac14f9553252ec770c25ad03693a1b6f44470a7418bb55ef5d6a0528ff0174119b1b43c1fd1d07a2506603def7f66d45afb99ba70178b3774cc1f3b4421addb8fee0c22e86416b0b1f3c19356ee38f", + "tcId" : 266 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06052b0e03021a2504250005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1ff67456aa711438c0bf7e46aedf2cd4ebca7d0e9f8b3f98af54c949a1e27026281f77ecc61ae1a981afda0bf7aae38619c5447508b0fea79a588d0d2806ae0f67b32d6dac4b2ad58dfd413d235543666ddfe31d8545015edf25b5b90cf0f8c592f048d009a293dfd1e7bb50a37d52c1540bccf99d8fe2c1299cdbc563d96b45", + "tcId" : 267 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029301106052b0e03021a250205000004deadbeef0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6af2cd04b32de5d3cf8ce985bca6f581e96dfb4ec483b1d2c06cf4439bde888524b2e6675c4fd4e10277752d269c87fe1c4eb70a72a2596cf53f1f4f0ba3e82212e72e09774781c888a96e8870658bd9c248bb1f0f7e3c44f4cd284dd6c611cda266f2f841ec1215295edb5291ff1e5111701258441f06b1ed85e16452a02cf5", + "tcId" : 268 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3026300906052b0e03021a050024194981770414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0541e9a8f0735076b58133e205803982f403cd1203407ebff3534a48eb35f06842fd496d505739fb07dd85f48b3b24685e1d6c7be539edc862cd9b6869097c7344847201842aeea3ebe3595557cb93269898e2109226a2f4eca5bfef0851a5fceb2d6bac753faf6dec4911610e6b40d827a00502537a6fe743d616558813df8a", + "tcId" : 269 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a0500241825000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5e21d6a684e3daf0be25155cf79874a6bfaee2b771d38ab8895f031cf25a9a05fc8e1d421ce78944bf57a3f0214ee090c42cec51decdc0dc3ab376deaa4603d59eb3ec8b4470e6d8b00b53651873d48f6f2cbd035bacd0f7b24633a025b8ea9dc7c55dfc6578601849e9aaaccdf5fd4d1611b45ed3abe2010079e64de8ab74e0", + "tcId" : 270 + }, + { + "comment" : "including garbage", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029300906052b0e03021a050024160414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00004deadbeef", + "result" : "invalid", + "sig" : "1f96486457eb037dc9e2464e507d720adcf90f48a0dd1d42bf4239df64e5ef25556ec27290a8d87fc9fb89ad0a8547980f6b2bd7efd0dbe425559bdf08005fb762b92d0aea2f33c17002ab9a911e457532f0134d2e35db6b3393436de160faca0a2c82509ec929d2893bf82a83bfe1a59fc9189e7ca846998b39919d3ec4d6ed", + "tcId" : 271 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029aa00bb00cd003021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "48eedcec184b7ade4fb34efac030a4ce140fcd91a1a1e986bf5232e8db9160f076d9ae36ca23246efd53ece2014ea56d5e596b42ce66e3c585d5e6a4cadcd779c6df0d8c43e7945cf02a07dd3851258ed021ade9cfe6fc3df222ebbd6b9e3f39b4331a11c4ea401592883b4f8da7372526f4f3e7acfdad447846ac8160e5ce38", + "tcId" : 272 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027aa02aabb3021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "107ae9af715ac312dcae1f831a818dd55caa33e659ac6f1a15ef41ebed6207cb54a7faa7e45b519a3ca9c304a645f24ee9ad3eb83d6856ce4809e5d7137ed30e919c9615382e9e8767495495cb7dc4cc27e2ee8932c47cdc6c9154391993108cf952fbada535823368843adbfb06d874c14634659f7dd89b02a14377a5c1e8c0", + "tcId" : 273 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30293011aa00bb00cd00300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "34b98ee9fe1600e2806f67ea122dfc989aa727f16c8e2cf704b1f05026105b595528692c16a052725a2ea47c4ea2ef13c2f5f9a9304d11607a25b8cb261e64658c6047627e9a7651730b81376d9fd978547c270d15f5c57126e3b41b39ca687d6c8be52bf2552104ca06ef64dfe317095b835cdac2840d4f0d3febcc3863684c", + "tcId" : 274 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027300faa02aabb300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "358ce2879366fcebb1212839560958d6a3cfc4cffe2a05e9c7ccbdf18b6427f419a2c1e85fd82e27bc63315a9742d141ca157a435c4f20758e4011b8b0b33b9fb5f0006170c3bbdf4d2fe16888404dbf8b9c00ef30bf45ea68371b76a692f98e79c6c5a574e410a8505d5166112f43cffc506a9d46276cbedfec64f1b2697584", + "tcId" : 275 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30293011260daa00bb00cd0006052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5affee843b343a6d142406d3d89366a9149d642ca12a661c5d0eb0c1b5e15d3c90dc134eb76aff110b1964ed6566469c47e54aba7145c5601412cd38c630e05236c169f2ac6491795408d410a763f0090e299ad9022ebacfcf2f8f0f248674402479db2387e9eefe47c86c2430e529cd13e213753332fc4a3541de49dd1f3920", + "tcId" : 276 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027300f260baa02aabb06052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5cf35c6711fb8b297ec405496e8db527ad1cbcc55ce6122b24ed917fb989c28e369354900abb96f41457f15754fd1060710c6e984db30eb73300cfd890454e97957a589de151225827b5a12384717a7ad92aeb941e1e148e8d008e11598bc7b8a3eac35f2af5584f61335a608c5206e5e24cf934ef2009367f3403e8da2dd0cb", + "tcId" : 277 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029301106052b0e03021a2508aa00bb00cd0005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6e037fa40b3ce48ea72b28bc1ce8cc01188e6f84addcbefa2c729179043b3804d6ff1f25d85c2b9d72acce9c9c64e3f63ecffac670f76b2be75d63b3cee45b72f8758345021177ed13b66ecf0082e3c4418cc92713bb9867c8d28b78f30ff599e82f17734d0772e1e733c0b74fbf31c4f1ee99dbb89b5b113a7f628742d3b2a2", + "tcId" : 278 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027300f06052b0e03021a2506aa02aabb05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5e7bf33ad4d9393d6b368764fac6395ed8ba3da7bf04a0f95d8426684bf0e9f2f78c9e49189bbeec883955af428e6e4527b871aeac21feb8231162f5380077c1fdf63a7cd4be65f813663dd82e732cfb3e1cd09298abbc42fbddc3551772f492627e657febca487db5c03c54850327eacc44dbf4a7c230f1c8166138cbd95587", + "tcId" : 279 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3029300906052b0e03021a0500241caa00bb00cd000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0c57e98c13628c8188a0095b98d312cf0fa1a1d2039700ab4c607fe75ea0fab11c2c84e5d22d26b014ae1c2aa948efbb1197e39eafc49cf9f010a7b2be4ab9dfa94ad48ce5dcd5c7fd405f55922146cbc541b9ebc1c89f30a2a3f7cf4a8b14797ff4a60922ac710e7496931ff69e4c0d4e06375c05a7ef1910cbd6c3cae5bbb8", + "tcId" : 280 + }, + { + "comment" : "including undefined tags", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027300906052b0e03021a0500241aaa02aabb0414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "874f05aca449fe8b39b29dff1eb20b145ca4bccd25981176d33b6b41a1dcb48b7a668782549013deeceae3599309f541bfd4a15eb984a401bec4f0facce679c0608d962964b85df739ad19a926de875f6404ca5b209891d380f6e53140b1bfc05a2cf1db336d3a01e8777614299b6e2f683f2406b295f3366d77505cb2e56875", + "tcId" : 281 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30803021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "123c3ba6d4a5de10837fe12e9b2c61ecb00c93c7d25aa440b7c739df817ccb37be122c5f5570e44a943ee345590c5ca0597605c1487986dfb75245f8e89e4f29aaf3c8eb5c5e8944a63baee4d0143ea2765b0f297a1da8a51981c26a807cf4f9a1aee00bb75cedfbf6466098f7aa27f1e3e63f4f0b7b8c40fc837c23248e914c", + "tcId" : 282 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30253080300906052b0e03021a050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "2220dc736ee3c63b5d5915050c6687b3861b52e664ce1ab501681d6e40990f02dfaf96f240adf2dfec05edcb268f6dda4129f901f7416660d56ab3a4145bc354fd11a1dc4e1535a4b8a61498508019ac38b61636356a641b8fb4d4739eb84b4fc49647fad35668ead0743aea841214a6e628ab2b5488de6e60d012c0566fe78d", + "tcId" : 283 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d268006052b0e03021a000005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "51fc2dc54c9a46a30ea1c7ea262e86c85110f8bbe42d5abaa3eafb13fa7f3e2424090476c2e50e5eb74d3b6f5e5fe379f3935afe5ed940d443fbcb8686f999c6fdc9e508a5fc7c27bc17169eb5d8e0421ebe7d04260c60435f56d4f614ab9dc0b9298c45fd660c352d35d2985831622eea08010bc27c887f95cb33699759e630", + "tcId" : 284 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06052b0e03021a2580050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "87fb9a61395878aafc1fb4a872d8e2db7db123ce4b2d67cd36a7f6e7e190d0bef9487f54340c28fe55d1bd9c38afe166924c787169890493d5cd2a5c79317064313b77a481ddb8bff9a917da32899448d9104ab67dcc856aee617a0a65631609f0632d58bb6585b4dd0c4a8bb41fa0dab99a08489feda41f1e7e5e1fde382952", + "tcId" : 285 + }, + { + "comment" : "using composition with indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a050024800414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "442ac72092d6956bc846d7be909704dc4633e3e59e6ff4bcc97bc9d412645dc17ec3db8bd885150bacfbb085dc90bdf26129637876a4d5713beee0385cb5ea7fa6ae57208df368b4ba95720a716d58ca6ee5a03ede1cc7f2ef31d8c459576ef72f6ba1b5d9409efc74932543ed601f957913a12304c2e29dac219d78ed12203a", + "tcId" : 286 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30803121300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "2ebe12f793a821425e9513256ce1517b03b6bc19e2c2347e94651054caffb1f5d6101d4f3402d5945b4aecd04dacc3ba89d1123916d44941715951e9fd59bf0614a0534762e86275a8f1b0b16fd9a9d146946cff740c206ba6b27b26e8d1fc43b2b4d117e144973091674607844f86fce6f07a2a63acf8df67d3827141ad432b", + "tcId" : 287 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30253080310906052b0e03021a050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6e4d642285fa7a46daf985135181712e84efd52cebe8885b52c61a5cec753c1f8c8ba42886b584faf1551da81232214c2088060e6843d0d319a5e877bd4c500f6832f537306285011e5d8b98e2fe00bd38885211478f27b0d037c34d79d7f4d5828403d20b5463a7e1e2de2398c79fed33bc9eee2fdab52bb40acf9fb68a16a8", + "tcId" : 288 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d268007052b0e03021a000005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0de20757fb64e3633c36e8965fcc20631e9e890152e3a1d2d6a91fbe9ebd56bb99126050c79b41ef0c107086106738a91d0e815d3218404c1db9d4e8526e085ae10195b9cee788fdf7ba9d28c614bce268af0cc58b8a959fb4c24bfceeb5bcfcc4e326d9de825bcbd8eed0df37de2add59f8879326a7e6bfa2a36eb48eba2f36", + "tcId" : 289 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06052b0e03021a2580040000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "2e48a4122de8e1779d169f5a6ab72eba7ca3b0c31ea73d41fd82047e18559ff9706acb85f92872124b4020ae001dadc76b61c0e166df0af677f886cde8e13dc8c2b5c93d62cee44cf3bbdc74756d249d3c59834e079154f6646a8c69a2320cf7bc3925523bc2ca3f8fa7d63650321d2a4de3ef3726f74a2020ff5db397454242", + "tcId" : 290 + }, + { + "comment" : "using composition with wrong tag", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a050024800514f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "6726053471ecf6651529165c96db60559a525efb27d31de913a44d885d33e404fa9dd7d28de94a7d8dfaed297ae500a55bb3535d77dad3031f7edf7bcd636534621d870c28fe64f7b4752f59cb1490208405bf38dc054311473286c52a59a8c6060827ce9a2ccaae9739030927aaa5225d45655be1fd826eaa6b27a8e20a4f31", + "tcId" : 291 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "2e21300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4aba9d2c7a58610d7d3f1050cf5c1558369823c1a344c1573b64d3e8483e04995176f05c255ba67e8bfdcc6c7ca640a4ae423bb3c027f8b14318467e6ce1086db7307c0c9c56acd0372c9f53ad17e117df0557e5548d8d7bb6b9545ace3354f5400b832accea7c60c2585b34881461ee6595f0fd564de7f49a7f0228a042c39d", + "tcId" : 292 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3221300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8c7108f3eab93fdfe930ff1a149a071019936122a4ba0524e309c9af89664f4a202a4f49a4288d80f759521de7e0e04409b5d9f4cb93a722724e34bce76607f9a4c46081abc5a606cda70a859ac1fc931afd10d22a7a4c224cffea888979cb314e9a8dd75a85059bc282c923ca5fd6b508cf4e0c21a93f5d179d05228316eed2", + "tcId" : 293 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "ff21300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5200334dfd766b1052dbe9d422f94b979b60afe3d9a2d60aa5eccf0e449357296eccc321561534450ddec51de1b6dc6b94e1e8b1ca52714230f9f7081a36eab655827defce738670c769953dce9696110689c1db5d475c4b1b030db86cab46745b4f23d68dbe3951e089786101d19548816f78343c942f31373519aabee6e520", + "tcId" : 294 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30212e0906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3fc2126ef4b90f42dc8817fb368e4fc5ca34105ae98b3298425af76d2a304ffdabf8d246a53385e0b1c2a2c46205d64eae7be9edb22d5d9bbfa50bca0ca7a8b279ca8eb0ef3aa94d48ec1120010148a58bb576258ec2fd57d10c3d60ed4d94160c5256a24973e5a8333a4f54c288a18494eeff5579e52ee8a45af1ef9943d6a8", + "tcId" : 295 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021320906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8cda31b963c774894aeea363abc4af9a8b83cd4aec6cc9197423e7bf9f6935bce978a148d9179f47c092f3de5bf9229f37f86e7586d8fe197cabf27b99a902e561d722b0359a738523aef87286d19cb36d7b430aef83d9828df1aa334ec3835648b3b2af8c2c65f9ac8990d2f4df370d49da6f81dc93cb7035ee931093d843dc", + "tcId" : 296 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021ff0906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "426aa261ad32507dbd08dc315b39368e8909824128abb746c65743fee574b42840489d54c8c5d6c5553e8ae1a3f14bdf4ae3677fec308864ad9d5ac5439976e9379904c6ae5a24e73daa34822e846a0eced7314b4cddc0111c21387d56f89f03a470b79514dfa97c405c8ca9dfbb6f2e3610a8eb5d6c52b37b200a1519026e7e", + "tcId" : 297 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300904052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "126d30c8acb2fdaee4e622a2b4f2a16c56b50d03c3fa4ef5a417e9aac346512483e1f4fb7217ff640197d31b0d6f4c41403945dcef37da312f33eb845fb862ec9994060b085c005c6feb382547a4fa1a7d6e7383c81c8ff7a51b539cb55c94d41fa804d9d6968b57a2e8c946f5260d835167b3b5a8302bb054638b9842ac963b", + "tcId" : 298 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300908052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "44715b61effca0e94098d7dba43839ab8999dca771968c09b9263a9d732d000db443e4253394eb357cb05bc0d2a715d4d9a0a64b64e3ae7938e040bc9ce6f2b2a5172a564bf970a56a12dbe54d96bc9a6d5d1ee78b112e7c5447015dd461ce824062161f513f17cce02f259a80fa78e655b9c09d5f129fcab8df0a045d19142f", + "tcId" : 299 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30213009ff052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5ec2194d5f835d6dba9c4ab2bdebbed946f106fcd2a3c6a623e67e6f8ed7ffd8eb4d41f0bbfdcaad34a34d84f9a735f78de159748efe2fe3629f7f185e681dbc5c48025469fc890222e5be9884c550e5cc483f6854184df13162f20d1daeab78eccbc52988815997887e4e52ab7b756885442c7ddb557e726642bccabdfe78fb", + "tcId" : 300 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a03000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "2fb77b5a5766d1e898af896192abf3f347100053b920dbaa931a8f210f1b84d522b283e59f6f6f5b7b13d4a3ffd21d2e0b64d1b275501b0bfadd23e89361f327e8fc7f29992dde2e5ecd85ae81cc1740228f983b02bb9875eb30597fd247a8351ba87a5ad5ae32cc4596b4105904a19e5805b92c266f66a9516fc2ca519ceb14", + "tcId" : 301 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a07000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6a853a5244bf6d3795dd7047da88403f24831169f0fe2f7b789109f279d01e092d5e35d837644c4b83614bd40ae164290cb4fe6fb6eea7dd271195d0b81715a32184342c8c83a82ab6fc62ad58e299b619489d5670c65a6f9faae11909a825da0c4486ea2ba1002f5f8d1dfaccfee2312c9098ee684675f920e61a3f6ff11480", + "tcId" : 302 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021aff000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "16f7787a9f5760f025b2e03886ae1a6c83a99a7495eb57e01b687434a1aa27e5f73e0440a0e6d45d7dae80b7f3d9dda8e2bd37540eac08bfd75f13371daa98a334af10762a55b684bef3c67ee6072717ee9fe67397fd612837e0c449d0404382a1b59adb19bebe32f29b1374b36f9649c0c5fe838252c15e2c8b92ba02bf607d", + "tcId" : 303 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000214f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "71629cae46ffacf0f7af338c56deb86464d037b1c38baf338eea05164a1bc15db208b8e3054d828dfa10aa5595d20e9010d071baff42f5d39264ba7a10ab263a30cf169021bafc2647bccb1f624abd87ea18750fb3380e7b0bcc0e12f96ffb6b98caebf9f2faee4644c8d6f0d8d33511725ac390f99fae9b40968de60a50dbb2", + "tcId" : 304 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000614f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "656312f836bcfdfb4e38f88994a2295bb55ecff0e745974753b22a15c67c64c92c329693917050fae66f565310f8ef8cf4b37dd47eae088adafc34cb0a2eb1d34223ff51bd230d3946fd8d4abb8ed8d4c923bdff7011052e07b358bc5d59deca4a3d82999e54fb5d521564e9ce1fc69c3968adf31a5837fdecc0c9552297ecda", + "tcId" : 305 + }, + { + "comment" : "changing tag value", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a0500ff14f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8fe1efcfcfb09cb4bcea76590fb8fac5ad9428898848d3c20efb256ba2532dcd77603bbc2cb7c5902e099081f6a54ecfa4b0669d5391c10f391aebfc636fef14bb7bda71f12e0d9f164a2ad47abba6103986eba5cbb0b1a4bc3887a51ebe614e0dfa60afe1c5c0bd76911d01450952408384fb88e795897c0ed64e28c5f00b71", + "tcId" : 306 + }, + { + "comment" : "dropping value of sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3000", + "result" : "invalid", + "sig" : "2b58ee609310e66e3d812f20eb3a9e2995bbd5947b5569c0c23aad8638590a43c8610e25fe6c248b74392ebe9f4edabb1e5b918e227f49bb9df288f5755d06f7a22e8e7e3d63b21ac023d35067142f301bde6f6ce017ffdd256647861801e3dcf38b18888b9986eb2c944937fe1706e28988f0781b7acc83c4a0ef4b40b25b44", + "tcId" : 307 + }, + { + "comment" : "dropping value of sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "301830000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1bf19d3dbdc4d1ce61350bb52d11ef6ecde6816b875ce7fa7361bb2edf84115313cb95d21f3472b7d178e27c0701c6ab528a735fc0ced0a8af81c78d96227ffecc545c8cb7a49fe269e97d647b5b01e0996f29689504b1ff4e4d8e08fab6756ce9603c0bd622b4e74eb8c18373ac1efd5074d08ddaf8fd7c3204e25fc0c99328", + "tcId" : 308 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302530013030200906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "5e1f0d448504349b31c8a5ed03e066c7dd7878622fe42d645bae8592aee87e1056504d92a88a3626c54fe3da07649ae6bb30315f3c3b358beed1afd38d414785906dbbc6d0e188f9006756a545a1d1979a496449689ee3cc067072624ef5f2de8a1f6f0c798e8bbbb9b6e14db12512feaff11063dc3ca3a5b3bd5926bcabbd78", + "tcId" : 309 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d3001063008052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "18d30faf84664f79faa0dd0285c408fe54793df5858ed7cc367d62847470e32f433edb77c30f0d0dd549220cb18eba18d1076820ec27ac37bbd8b989b847ed8c84ed1930e7ea8566a9d043807b0f03fae51aa0046483343ae06831743fa79f4438190164e9d5e75610bb5fb9201365dd9dd4aa6b5dcafcfd73161dde7da40e99", + "tcId" : 310 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d260906012b06040e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "981a4523b61116d28d4bdb8d80969f7fe1cfbb06f4dd218d05fa332680b1342d20f0e4d4a1a6401ad777615fc56e3ca2fccaf07139f43ebe1d92d20605f8c894d88e8c062487fa86f51b2026dd12ba68077c3551d928990848bf0de07cd880194f2ac276af86c1e55e25044be3c7204ddafdcd61795a9e3b7885a88f43aa6b8f", + "tcId" : 311 + }, + { + "comment" : "using composition", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300906052b0e03021a050024180401f70413ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "98d603185c1e2927622056c9053a62e17ea4aab5808418725cf8887720f5f3500cfe6ffa00513e45b72c9fe44d288d06555bf715282f6feb685df2f44bfcb3ed541653139eeeaeabeae9d52514495b604512a9ad6223f68a860612b668f5a0993ebd5c9ce9cc00baa80484d60b01c23a6abf40be03cd1cce3317563b1f9326f5", + "tcId" : 312 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0ab", + "result" : "invalid", + "sig" : "3b5c1e0d3dc103755b67feb766d58968f94e8d8af6a209f6d28e7c0541a4fdf7a6976f664414f5ee0beb9369a59681291fb2c902853fcaa01bd065fb7a1da967849cf45bf558e375058591b3af1b5c8a18da21d5dd7598e7e3aebe0478180200294b86d88b1c39e224bc1dc22f1a8e537e05db467b5a04dc70ab9346c79fddd0", + "tcId" : 313 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30200906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "61b6f98e16e4809448e56d9845850b748bdb64064ed4851c141c57e93c37744bd91f54f5ffd9264f151294e6f73bc8d5a51daa06b9121bfea1f28847229875ab87a7297dc383987db1f6bc1133e344a95af6d34fd18105d154ca951e4e6f64f9fde7994207ddd5eb6bb2a07037f13c8d853a8b8684431d5ecf1cc9bde41cda49", + "tcId" : 314 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300806052b0e03021a050414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8c05912e8ebe5f2cc9fcbc2410bcb63b217756cd961db8caba316634c6ce191f365a21137602373f357461e9020b702025c61e3571cac6967a8f68375a9cd4792222b59c54e21649776f6e7d5995448779f7f9d32bb4e0e4e2b612b5c2b8574d98d01b9cdd26965541c0a67d484e13d4f49095ff7030b180569058376c7926a5", + "tcId" : 315 + }, + { + "comment" : "truncate sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30203008052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8bf895e0a26741d142767e67e73f102180a5e2083ee27d869585cd02c0211673641ab3e4f84cfdb2748b0a3a39db047fca2261c7ab3a7bac575990741d15c543f83f9da27fb5da3362ad1ce1a0eccf853b9e0a36f851b6cb5734cd22bc3b621193db37e13dd06d8854ff111dac2c939618aa041abce70123cb14d62d527223c1", + "tcId" : 316 + }, + { + "comment" : "indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3080300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "5280f9fd14542d5b61a951893b081540d922ba15a7a650aced363106d97b69aff5b1ad624528b7560dce27c3a3e8f8657c8b0e9b83ab63342550fea7469ec14ef1cf48ed33515d56c7872d5eae8cf2480ae7549a8ce4c56748d08c4f3a61bd13b9c9ead6bcaa113bf3f85a112057658689ea075fc8ac7d74216918d588865ec7", + "tcId" : 317 + }, + { + "comment" : "indefinite length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023308006052b0e03021a050000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "88cd60c74205ced62ae7bf35eae4c86826ca946a9b3bf190ab8069734489058191b6a501b6766fce0f5a3e5f7a39c0deae40aa66ab36b5a2a39d955650118ded3a8dba0df5b50056058cd643630133c4f2cbaaf8055cbe96e63e8fef8074fa23e1f1d5a1b5cb5ecde5fde92c78441f2907aa53ae9e3e09f0a7a7628e4e2be5df", + "tcId" : 318 + }, + { + "comment" : "prepend empty sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30233000300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "91c68a2673606cff82abf69c9e2d591315595a3a0b612d6d2708528be0184c9116195f58cb4109a69f8d2f7cbf4036affcebe7a1615a914833b921b915ea12b16324e6e74f95d6eb5b03201d67b945f03296ffb37ef7cda908e83f44dbed24a54e81b71f840668fa4fd82b29c0e1c5b1c021d481c73a662668603d3fbf5182dd", + "tcId" : 319 + }, + { + "comment" : "prepend empty sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b300006052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "17c921fb3a8535f2e472df2c447a60f2fe49a4afeefa065f1c84e50dc97f989268ae6bf1e8d77f5b2edd59c2c7f3653b7565902c5b889ec7007fb9006f244257649888a4a1883146c88828717d381018b1f00d656d5e092172f49fadb42f913a92ae1eb4e01e3c2490e1dc52a109e37094188bcaa181898d97ea2c0203a885a8", + "tcId" : 320 + }, + { + "comment" : "append empty sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf03000", + "result" : "invalid", + "sig" : "077b2d2e79ff380612aa3f9c79e8b7a580ffafdab8ca3ec86501c40248b3459c0c7b2590fc18ccfba2b0e7a34c67b8d3a7ed92fa686170475666570d38464720b4983e5c374f1b6c604226284a62e20a8a37341abd72f238aec8a2cdfeff00c512c28e608ce98e4bf3640c61509ec56f7e2143216214eb5b06bfd0fa448ba633", + "tcId" : 321 + }, + { + "comment" : "append empty sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a050030000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "2121389e8b2282bf6022c45e7a3ac9f42bd7f13ea37060f6989bacc72fb6e887db8128024698a5c76adea034c69604b1f56e062627c840cd2f80802e6f2764606b96b78506614198844319bf7726b95afdfd19d5ffda1ccb159646bee5c3d81adf56f2b54edf749ca99a86bc9452f6a307eae06f028f86b4af17137f6a2352cb", + "tcId" : 322 + }, + { + "comment" : "sequence of sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "30233021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "059efdc649108b988ee6a63697701a3c98bf7c770dd525844dd6e936d0f468b3c786f82a03c4b1d23caca0dd2a62a6ac43f58b6cb311a819f7b9f48cb9b59b17306deebf1d69a7d93a2d9381e48ddd0ef1d0a07dc5a5568eeefb3832dbbad503e21141f6dd58a5bf503a469d49dd3edc5f3a712b7e63d8ae734ee1808a9654f9", + "tcId" : 323 + }, + { + "comment" : "sequence of sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "21d94c3d46c49bc86f376e2d4fba1495f98558e9f76136ba001f1f90befb6311771b700c1252894a5348491c262329e99cc52ee68e577615ebe73d59210f8ddd8b91ddced5fe98cd832b57a4c583318377892bb15bb7d545cc7a182fb47c3149b99e4db5f12df9105a055d0925d8f3d747a2f25ba1dd00a5184afa46695197e3", + "tcId" : 324 + }, + { + "comment" : "truncated sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "300b300906052b0e03021a0500", + "result" : "invalid", + "sig" : "690c052df7c7079aa3bbcc9d4699ac50bf0dd90b1d6822046c7ad1429900ce2c4882af9decd580fab0698e5ce3185bcc234561e051533283d022831fd8b19434e4bdbc84223ddcd99d1a8f28a9ba222394312d11d81ee95831b4264d5434c3122c30afaf6b990ccb4f6991f60e78195d3aed5f670c4c2fdc034a514b92c67519", + "tcId" : 325 + }, + { + "comment" : "repeat element in sequence", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3037300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4f4f38364932377af52adb8c51c5bd705088ddbfda713458377c3997915766ae05da5c797cbf24a9c73d36fa61b1b0bfb9c14e429c0b66fd6fe1ec041b9d14946588dc384a7a69bf2ab69fd8da67d0e1fab2dbf1838959cadd0d3ca03c9c0bc929d207be60ff8e08bfbb03f4423cd81fc5f587bbff3985d2beef69dce295b903", + "tcId" : 326 + }, + { + "comment" : "removing oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "301a300205000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6ea8317813355faec271a659d62cc94f7408fe73178a2de00407136a53b69d77136b9ef4533e3cda580761f42a683d4a02a2abb7aeb941a44854832d18950d8efc43ae8de29c0c97873761d126e15e7816d173dcaf9315dfa045681d9a4b37b2ce1578ffcbfb4c30cba6e1746ec3f95d310839d75ea873ffcc0ee82513342a71", + "tcId" : 327 + }, + { + "comment" : "appending 0's to oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06072b0e03021a000005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "990ac0a5dbe9f30114427c45925353e49c235ec8fc5b19724bffa75eb7e93987ed97dc3107e2ec26b9bb2c51d53f92158fca0baea0d881cb829e0bfcbc88f0021bf967e44a245eadf78fa8eed67aee696fde1a2a79e05a7c6a049f3af282a394f743bb4eedc9798b2d3290e8255a2339fb7a694e789a6fa38e2a236b948f48e1", + "tcId" : 328 + }, + { + "comment" : "prepending 0's to oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b060700002b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3c8995341ca2811f9e976e8157e708aa59b38f8e1a24ed16d8b30a19fa23c5df8b1ac2b3c82fbf91800918a2ad6b9320b10e39fb391254a3d954a278faffa97a2052513ccc8b17783faed189b8a4d997d7baba3053d6ab6493e2e36b3ee5046ea62d37a835a51390252dff088cc3a0a33cd1a82e557a0be0d5871b4fa18c05e2", + "tcId" : 329 + }, + { + "comment" : "dropping value of oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "301c3004060005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "87b5cb8841fa252f38c375b39ccce2d0361397a8436d2f37ca3e2293e554ca27fea1095683e42f274ccead1876d89dbb4e5dcca8e28972aeabe3d818144e96c020bef1de944724d1c2a813c633f8e7f8b6f8c8950d2c89dd26534430ff9cb6f5f08b332638b1385770a69bbbf6f76342b8270e2bd440df058c2ad55f9a0dd679", + "tcId" : 330 + }, + { + "comment" : "modify first byte of oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052a0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "288ea84a615e75c398407dc72e2482ffc013e09b1ba302790d17d0949e286c156584e6098858501b0c5c763615e59d840ec53269bf0ff5bab1f79c8e717497e705724fe933343106bab5b9e619b0a111a59b72be36372efb6fb981be725e3408a1185a5f42d486d8c052af448f0abedbeafaa1d5d8caf5fc03d85329fe675f9a", + "tcId" : 331 + }, + { + "comment" : "modify last byte of oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021b05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "222c07c03d0c5bb3cbe70a8835447ff9af92ce32245f0e1de0481d87bd174731093f9b84aa5381b107c00fde8ed78030026d87951f8e5b6180827ff2a0a277db3a8f5031a82b83259bf6baab154cda64b372ba3cac5c629459284d986f3c2367e8b14f6dec7d38628e4ecb884158cc78ac39f4c9ee537d45370b089418d7227e", + "tcId" : 332 + }, + { + "comment" : "truncate oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300806042b0e030205000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3fcd54aa3d66afce987282cbfe09f0a6eb30d0c94227bef8a2c9fccba44f1c8aa080b361b13eed4c9d0d37caf26fe61ddac8347102d9080cb17f2cfdba7e217df3f8c19039d466241264ae8caf15652c8f72a6ae292dc71c80049d679034ad19bc745d6155cb2efde963f738cfea08f7bba8894f472beff5deebe33173033317", + "tcId" : 333 + }, + { + "comment" : "truncate oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300806040e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4ad8a7e4a92ee9aeb1bf3ee9392abe141d435a6ebd1799d90f5417e6daef65d37bf33c8c5255d52ce5d8b2cc223cd0c68a6061450df5c6694e2b911c8c25e6384a70fb19a50e10bfbc494fe5a62d9db915b7c77a27d17788f0567110bb046b8aa42d3ee1ea444c20b983226cf094f4cbfab24855c68f1e2e9fefd41b2dc7903b", + "tcId" : 334 + }, + { + "comment" : "wrong oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d060960864801650304020105000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "949fecb83ddc236d3c622c9b6118fe0bf524080594c731636eb735e7d1285b5b6c527a2346b51c42fcf706184c4edd79ac98750dcf35973920aa19dee689cb7654b4785d2755b0dde4113c293e301f4e0331cf166bd8c7ae07031165fa4c02a3d6d70422fe42c7c6077a1f1dcbdc0de257363d51951ed1e2b8cb66684d42a8b4", + "tcId" : 335 + }, + { + "comment" : "longer oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300a06062b0e03021a0105000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "8a52f6b0275fe745b429d0a4a42122269277de6a5eacd0daf79166cf8ab8ad061e74d91ee1877bb6ca50b9bcc5f0677702184e6d8ffc841fe3b6c24c9cd6dc017824bad65d89a47a21e54f87005afb3f13cf11d10383458548394211074f19da555205026f4fcdfafb73041bb84f1dd9e8012bb1473314c85bb3460d51ab5f13", + "tcId" : 336 + }, + { + "comment" : "oid with modified node", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03022a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "216fc9e3ee6438bf1934f30ea7a86aba6ecbfc04fbbced4576a6c59f7a9f5a761d6a97d262142489807e4ca1b9bc02c86a80e093b55fc97bc943be0403bcf390f6140de964199f753b7afe430308b871fc0c596c1b08ca74006a10bdbd6a53064796747bbc203383ac7916ca1ef1a2def714e9f5f9ce9584cb09bd677ef374be", + "tcId" : 337 + }, + { + "comment" : "oid with modified node", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d06092b0e0302888080801a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "135f14404b953bbcf4580133f0432cd746a5601ae01c5542924a1b28fc422c501c732dc330bb81d8df7a2a3829e6c5a151e81333832cb124d513f5b6fe799e207999c3010bf30689cc4b8b3bdb081d7351b47196de41e9f988c2eed49c22c7b0a6ca3eed511080fdc17d263b82ba668d3225da4fe66bffae68c536c4e38b2dcc", + "tcId" : 338 + }, + { + "comment" : "large integer in oid", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "302a3012060e2b0e03028280808080808080801a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "21fb0d97e5e1a178b08e2bd646f59ab8ad1a7a955afa71d4c0e4631069ec8436abff03327b696c90b91f7769fe0b085a83ed2bed876a9da05f273b58ed057429ddf25a8b1bc0c87ccfbc8394864405c0b7c27d4a4b589d7a5711f36d8922729169520d7bffd52aefc41205a6ee8a54609d0533c64bc8e88b3d58ed9a04d2f9fa", + "tcId" : 339 + }, + { + "comment" : "oid with invalid node", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300a06062b0e03021ae005000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "9be13e0d25b9cd6a1b8544fb488254319505a1fb27fda933f8b91f6f325b5beffdb71dbf377093da2e0ca3098c891cf7d8a8762e1e27ba1d4e6491ac3fa4c8ad3d4e4937621904a347d197fb373c62766ad14525e2c32913e7fe6f045eaca77c9a5025a6746f9c7b94cab054c476548dd1eb3e01c5923ed681fa04d47ba126d2", + "tcId" : 340 + }, + { + "comment" : "oid with invalid node", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3022300a06062b800e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4738deff4b32a30dd68b0abc1971dd2af9a500b5f6922558b96ac9b1ab4a50328b2ba9a48e7c207a02ddf642728930f4004d337483eaa0a01fb038a7a6c289672bdaf1016120f2faea563f179d3d623d3ec9bb5d936ea2a7f74d2bd70a06c83e904df55f5142c5c6b6f75221397dabcb19e069436b94ca764a5016141496503d", + "tcId" : 341 + }, + { + "comment" : "appending 0's to null", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300b06052b0e03021a050200000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "977a5c762a4dcbe9551a4a0bcfe96114aa59187e6dd0164cbbec2d28ff9d11e413a1de7f274704c24229c99ce9b5a3d98872db56310be7259a2fa44e652c4d02f8802360d3a29ded2a7de0a183001e74b3aa3fe594867294461d6a23160481ecdee9c05c28ce066021847a23366cb147013f57ce53a24791dd1873527f1323f0", + "tcId" : 342 + }, + { + "comment" : "composed null", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3027300f06052b0e03021a2580aa00bb0000000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "79a42d1f294f82bd6ad48818f1f634733fbefea7def5ea32a1ed56de994ac047011695a0c8a11813d042ee6784cb172da76aa0ed892e53d4bf99fc21301a91181e7c93a56646190aeeb4a1c212d34d17484521580d84adb41b2a5cc285963509d0c832e5a2252e5cb028839d9db7bdabb7689219b97d699277ed004ca6389b61", + "tcId" : 343 + }, + { + "comment" : "appending 0's to digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a05000416f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf00000", + "result" : "invalid", + "sig" : "37ddb1b141539dfc350974039429b948cfd8acc40ecab7270b3e560f0876cec68fa22c8dbf09c8c25955819a5cfc6d251ab99cd06c013792207caa2ada95d4fc01a6d89329e211869c02c648a64b721e92ef3aa767569ba2f0c7c376772926a95ededa5d3f0ce10ab3b2b25f70fee1702dfedb0605ef6401f3f44c464ee98110", + "tcId" : 344 + }, + { + "comment" : "prepending 0's to digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3023300906052b0e03021a050004160000f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "85c2c430e7cc2e989e729186cb1256a5f7e78bbb6e135b36a43059389f57cc7fd67ccf20becc0d9e63731ae4ee77e926754ee5226991f9bd46203f7fb88562b00974dad035b1a0f39cba567dc0ed3cb3f7bf51326e62b0f82d8aaf8cc8dfb96c08c64235dc2a4f612bc29a8d4fb4b1edff1cd517d1c981a809ce9708a547a765", + "tcId" : 345 + }, + { + "comment" : "dropping value of digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "300d300906052b0e03021a05000400", + "result" : "invalid", + "sig" : "708e3d4577c0ced7b4d729b5124169f67836738bc18f82537dbe1c9a48054769ed0888751a823eedd05408ed934a555655d473dcec0fb5c6f19aee82f1dedf3f4fa14171c3ccbd3f1f9920f233a21be4341134f25636cbdd55918e9da76568c3ba55c630ee3e9eaa4dba7bd989fe0534925d1c47592214eb4869bcd42b60c92d", + "tcId" : 346 + }, + { + "comment" : "modify first byte of digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000414f6ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "0a581f33a2e1e1665032331dcd1baefb9048af3efa9d6e24ae8e73fb0611422db4426bf804c08ea5ee7089574d4b657cb526437bf677fe3f9e140ee76f4ee2a9514bf0772670de18141840d93f12975013b84dfb74fb450f3bf2cf1cb0cd0267fe521f01d85efd8726be12e9c574907e97a2834cf00910b164732e5daeff4acc", + "tcId" : 347 + }, + { + "comment" : "modify last byte of digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3021300906052b0e03021a05000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf1", + "result" : "invalid", + "sig" : "0c64af0070eb86bb4abe059fce3fe3ced43fb4c19d1c3560877ef54c575530d0473ff2691781c2f7d7aa971b07e517888dc50cd63b0b07e2eb5aa18c6c5ea7f5c9e8e4c7d283808e40920c83cdba64a7e9d01b1e15710b1caa6da8686cc2e4e3b8cc276204c3e21f3e352e81e081660b18a8e6057f2227b117c2c9c5021be26d", + "tcId" : 348 + }, + { + "comment" : "truncate digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300906052b0e03021a05000413f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0ab", + "result" : "invalid", + "sig" : "313624a0449c7f2f19878797dab59c91ed45ca0910aed355737635283d56edc7f470628e119a70f7d40b238e0ead042ec1c1c377272fa3ca975cc21eeec934f758ce70f19e00f592a0e5a4aad8e9956d9fd7dbbc126b6a001f20c42b517ba54511630382612f2bacb9711c87d9a19897c8c44f7905f548b558fada6a2c9912c7", + "tcId" : 349 + }, + { + "comment" : "truncate digest", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300906052b0e03021a05000413ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "4a3539eaceb4691d856020b9acc11854892df705ad7994759dea2efe0c5384e8f86ebeb3f4360ab0bc7d35c8ca520c8d0a1c869f3979ddedbb60437e798332a0ef7a52ca86b430ebc6aa57114f6057c8f18066ca1483cbe8a8ad3a1e96476a21d53ac6f6a4e18ee965371ebe58184fdcec67f0d42cd16d6ce6800ec87978b759", + "tcId" : 350 + }, + { + "comment" : "wrong hash in padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3024300c06082a864886f70d020505000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "1d8eb339d60f873bf3dd07816dbd8a5b5e61805e26654e5a5869fcbef176a61a3b2c173778ce5fb7323dee2f4e42a272474576e8942ce04c66a17d2ccc093e529df580d047159f7c1266af51b7a7f07f43a28e309111540a80fa76b25b6d86f9d2fc99a28d1715567545509f80beb700fe9cfb82be7bc801794b7d32eb9b584d", + "tcId" : 351 + }, + { + "comment" : "wrong hash in padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d060960864801650304020205000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "3b2ead8d64cf96e26db3ba9d1ff63a187a715d04e3a7dfcf6c85790896793bc19c0ea6c5266cd4ebc25b859a07ad6459942eb46f3efcb9adbc29f3fa5acf0013d5baf3089e3ec5cd3401ae282670d27493b0ee33e391a9d32283b224036405c9d61bbb470dc8a69762bc35483d3d26c1c8e16c311e5d3e284f1d51383ce7bdcb", + "tcId" : 352 + }, + { + "comment" : "wrong hash in padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3025300d060960864801650304020305000414f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0", + "result" : "invalid", + "sig" : "6b23ad94314f022d64a7b525aa933b7aef8184b66473572bf41c00f899dbeeb95755da7c749a0ce5cb09d3567ebd4ceb0033a1b16cfa13e85fd1745640a5306229a14a9c67c07f75058ad1dfebee25c44ba3bbf75fa053ef74717ea7f972dcf7d7d23901a3aed841e0ca419aa570a605e0d189d2b51ce3f00497c0bf16998ade", + "tcId" : 353 + }, + { + "comment" : "wrong hash in signature", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3020300c06082a864886f70d0205050004108b1a9953c4611296a827abf8c47804d7", + "result" : "invalid", + "sig" : "53ee28bf3582045ff9a6f7d813b9453fc5813245b198d98cb141f6f36202240746b9d3778006aa4cd3905bffed0fde38157d8e8809228871fb48037706ddaaebd31ecebe3dae0516539509bfaea18dc1fc3c7f29620f3214db5d70005e1323094aa8f94ac9d64d9d02ff2010178425027145740b40640a43ff24db043a7a2d2b", + "tcId" : 354 + }, + { + "comment" : "wrong hash in signature", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3031300d060960864801650304020105000420185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969", + "result" : "invalid", + "sig" : "171b1a7fa8cf97283809515866708d449f184d675613cbd33e91586f8e238946f860915f0fb6a390bc7cedfcf7d1621f49f3c6f39b7412d75660fbe3c2326c48399b7d41dfceeadabf0cbfc4b7dd756d8bdc38d28e80fb60e743fdf6d81973959d2c6b111fa0d8f3c9c8677c0c8030001b12f3e2c5990822154b1b762162dd7d", + "tcId" : 355 + }, + { + "comment" : "wrong hash in signature", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3041300d0609608648016503040202050004303519fe5ad2c596efe3e276a6f351b8fc0b03db861782490d45f7598ebd0ab5fd5520ed102f38c4a5ec834e98668035fc", + "result" : "invalid", + "sig" : "9810d39416595ad79cf376b41e6e5f94fb89f61ae78bc5a0c710fab15d369dd7f050b035e5c2b8cdfe10d06be739bae08b47afd0b7dd2b226905f3ee718ccd5b5fb5b951558a62d83a2f3ba5dd1990d2d3e05c461e33ccaa1bbc22350c3ca157351a5b88ad3b1f524fc5cec5c1714a8ab3ef709e462434a6048133846fd1d85b", + "tcId" : 356 + }, + { + "comment" : "wrong hash in signature", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "3051300d0609608648016503040203050004403615f80c9d293ed7402687f94b22d58e529b8cc7916f8fac7fddf7fbd5af4cf777d3d795a7a00a16bf7e7f3fb9561ee9baae480da9fe7a18769e71886b03f315", + "result" : "invalid", + "sig" : "57532194f33bfddba2e848b9342342114e2c6dcffe228cb97b72ac9e26b77cd336a6fa5c8152db0d536c6fb3cc48487a89cfcf42990593fd0dad420b46fa87ea2b9c9962025dcc2b8a6d5a0476408a62d9c276fb5eb8e97e5f1726918fef41c0d12ad420525a803d804002061c3bf355a3c4fee4ce42016cb0e0531d2657726d", + "tcId" : 357 + }, + { + "comment" : "using PKCS#1 encryption padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "0002ff...00", + "result" : "invalid", + "sig" : "572ecc55660cc4f8888559092f54e4ee0dc6a57d0722bcba6b608869bc0e86ed53f8d88180b40c006ff10dbf32ba2c6bf3558e22a688f7d68a6d38740b99dd2a2eaa6fc94fe9fa76a0bf775c0eca5751ce7837a3da3db7dc648fb94ed0def4996eb40e168d49417dfd82c86f2c586fc49dfa37a6335b8a76aee84c755610948b", + "tcId" : 358 + }, + { + "comment" : "using PKCS#1 encryption padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "0002ff...00", + "result" : "invalid", + "sig" : "849f48195c7ae50b762ff93e350bacdf52e3eef5f86dbec5115d74ccfb2c9a49cc91115f6935b71deb424865666ba070299e17e64c3ce5019e1481ee195cffb4fc1f92f026cea579bbe9f78d7c665dd7f65af7c3221bae50d5c0b50ede25a3993979d167a86db511b9ace4f11c331f892f06e72d17e934da9a83a3c703b3409b", + "tcId" : 359 + }, + { + "comment" : "invalid PKCS#1 signature padding", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "0001ff...ee00", + "result" : "invalid", + "sig" : "29b9b831e6694768910397fbe53e0a6868f75e3910d600e3421349bc4321d93067c78f6294b00e52e9c2fafdef67e0a460c3d76e6196fec6aab5c4964a4782c5da021466908d106193ec1b6b0bae4c9a5e3fcc4a355565c1dcfb76c489b4c3ad11b6f2182188470edf748eaf81646fcc164c60c1a55e9334076d8b5ce3d09808", + "tcId" : 360 + }, + { + "comment" : "PKCS#1 padding too short", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "000001ff...", + "result" : "invalid", + "sig" : "583dc8ac657ac9d55c74b6505f1a7a4b2225c038f36cc66d76a7eb8c818195b138e8bb2b26ac5a01ce32aa3f590815f0ecdf693877bdb12c5dd55b947b91f83d66639874ca263d1227dd0b6531e3eedf0b1e87a92b8db4be7c3c40d70865f56c8e0b6cf6607d47ed44acff9c4360d65f847f4ae947a13e4a56dff1d11503bc9b", + "tcId" : 361 + }, + { + "comment" : "invalid length", + "message" : "48656c6c6f", + "name" : "RsaSignatureTestVector", + "padding" : "2 bytes too long", + "result" : "invalid", + "sig" : "9e62337ef7d4fabec2561bb45a18a362022b23666571bbc762c1c717a14a46d8f58119072aa26245e71fc6945540335163798fcbdea04b3104ee23f2c3874bbfb3e7e0c1ba5f1fca909265274414db6957a5eb668e0e36a388784355d528e51a6a4a9a9c6b6ab912812a268dac9dcacf1c13507768e63b1f82f8af29c3786a170000", + "tcId" : 362 + } + ] + } + ] +} diff --git a/typemap b/typemap index f68633a..ef62d73 100644 --- a/typemap +++ b/typemap @@ -17,8 +17,11 @@ Crypt::AuthEnc::OCB T_PTROBJ Crypt::AuthEnc::ChaCha20Poly1305 T_PTROBJ Crypt::Stream::ChaCha T_PTROBJ +Crypt::Stream::Salsa20 T_PTROBJ Crypt::Stream::RC4 T_PTROBJ Crypt::Stream::Sober128 T_PTROBJ +Crypt::Stream::Sosemanuk T_PTROBJ +Crypt::Stream::Rabbit T_PTROBJ Crypt::Mac::F9 T_PTROBJ Crypt::Mac::HMAC T_PTROBJ