Commit 626464da authored by Niels Möller's avatar Niels Möller

Drop support for 128-bit chacha keys.

parent 2c09c732
2014-03-04 Niels Möller <nisse@lysator.liu.se>
* chacha128-set-key.c (chacha128_set_key): Deleted file and
function. Support for 128-bit chacha keys may be reintroduced
later, if really needed.
* chacha.h: Deleted chacha128-related declarations.
* chacha-set-key.c (chacha_set_key): Drop support for 128-bit
keys.
* testsuite/chacha-test.c (test_main): #if:ed out all tests with
128-bit keys.
2014-02-16 Niels Möller <nisse@lysator.liu.se> 2014-02-16 Niels Möller <nisse@lysator.liu.se>
* gcm.h: Declarations for gcm-camellia256. * gcm.h: Declarations for gcm-camellia256.
......
...@@ -90,7 +90,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ ...@@ -90,7 +90,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
chacha-crypt.c chacha-core-internal.c \ chacha-crypt.c chacha-core-internal.c \
chacha-poly1305.c chacha-poly1305-meta.c \ chacha-poly1305.c chacha-poly1305-meta.c \
chacha-set-key.c chacha-set-nonce.c \ chacha-set-key.c chacha-set-nonce.c \
chacha128-set-key.c chacha256-set-key.c \ chacha256-set-key.c \
ctr.c des.c des3.c des-compat.c \ ctr.c des.c des3.c des-compat.c \
eax.c eax-aes128.c eax-aes128-meta.c \ eax.c eax-aes128.c eax-aes128-meta.c \
gcm.c gcm-aes.c \ gcm.c gcm-aes.c \
......
...@@ -33,9 +33,6 @@ chacha_set_key(struct chacha_ctx *ctx, size_t length, const uint8_t *key) ...@@ -33,9 +33,6 @@ chacha_set_key(struct chacha_ctx *ctx, size_t length, const uint8_t *key)
{ {
default: default:
abort (); abort ();
case CHACHA128_KEY_SIZE:
chacha128_set_key (ctx, key);
break;
case CHACHA256_KEY_SIZE: case CHACHA256_KEY_SIZE:
chacha256_set_key (ctx, key); chacha256_set_key (ctx, key);
break; break;
......
...@@ -37,14 +37,12 @@ extern "C" { ...@@ -37,14 +37,12 @@ extern "C" {
/* Name mangling */ /* Name mangling */
#define chacha_set_key nettle_chacha_set_key #define chacha_set_key nettle_chacha_set_key
#define chacha128_set_key nettle_chacha128_set_key
#define chacha256_set_key nettle_chacha256_set_key #define chacha256_set_key nettle_chacha256_set_key
#define chacha_set_nonce nettle_chacha_set_nonce #define chacha_set_nonce nettle_chacha_set_nonce
#define chacha_crypt nettle_chacha_crypt #define chacha_crypt nettle_chacha_crypt
#define _chacha_core _nettle_chacha_core #define _chacha_core _nettle_chacha_core
/* Possible keysizes, and a reasonable default. In octets. */ /* Possible keysizes, and a reasonable default. In octets. */
#define CHACHA128_KEY_SIZE 16
#define CHACHA256_KEY_SIZE 32 #define CHACHA256_KEY_SIZE 32
#define CHACHA_KEY_SIZE 32 #define CHACHA_KEY_SIZE 32
...@@ -70,9 +68,6 @@ struct chacha_ctx ...@@ -70,9 +68,6 @@ struct chacha_ctx
uint32_t state[_CHACHA_STATE_LENGTH]; uint32_t state[_CHACHA_STATE_LENGTH];
}; };
void
chacha128_set_key(struct chacha_ctx *ctx, const uint8_t *key);
void void
chacha256_set_key(struct chacha_ctx *ctx, const uint8_t *key); chacha256_set_key(struct chacha_ctx *ctx, const uint8_t *key);
......
/* chacha128-set-key.c
*
* ChaCha key setup for 128-bit keys.
* Based on the Salsa20 implementation in Nettle.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2013 Joachim Strömbergon
* Copyright (C) 2012 Simon Josefsson
* Copyright (C) 2012, 2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02111-1301, USA.
*/
/* Based on:
ChaCha specification (doc id: 4027b5256e17b9796842e6d0f68b0b5e) and reference
implementation dated 2008.01.20
D. J. Bernstein
Public domain.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include <string.h>
#include "chacha.h"
#include "macros.h"
void
chacha128_set_key(struct chacha_ctx *ctx, const uint8_t *key)
{
static const uint32_t tau[4] = {
/* "expand 16-byte k" */
0x61707865, 0x3120646e, 0x79622d36, 0x6b206574
};
ctx->state[8] = ctx->state[4] = LE_READ_UINT32(key + 0);
ctx->state[9] = ctx->state[5] = LE_READ_UINT32(key + 4);
ctx->state[10] = ctx->state[6] = LE_READ_UINT32(key + 8);
ctx->state[11] = ctx->state[7] = LE_READ_UINT32(key + 12);
memcpy (ctx->state, tau, sizeof(tau));
}
...@@ -100,7 +100,7 @@ void ...@@ -100,7 +100,7 @@ void
test_main(void) test_main(void)
{ {
/* Test vectors from draft-strombergson-chacha-test-vectors */ /* Test vectors from draft-strombergson-chacha-test-vectors */
#if 0
/* TC1: All zero key and IV. 128 bit key and 8 rounds. */ /* TC1: All zero key and IV. 128 bit key and 8 rounds. */
test_chacha (SHEX("0000000000000000 0000000000000000"), test_chacha (SHEX("0000000000000000 0000000000000000"),
SHEX("0000000000000000"), SHEX("0000000000000000"),
...@@ -130,7 +130,7 @@ test_main(void) ...@@ -130,7 +130,7 @@ test_main(void)
"8a7143d021978022 a384141a80cea306" "8a7143d021978022 a384141a80cea306"
"2f41f67a752e66ad 3411984c787e30ad"), "2f41f67a752e66ad 3411984c787e30ad"),
20); 20);
#endif
test_chacha (SHEX("0000000000000000 0000000000000000" test_chacha (SHEX("0000000000000000 0000000000000000"
"0000000000000000 0000000000000000"), "0000000000000000 0000000000000000"),
SHEX("0000000000000000"), SHEX("0000000000000000"),
...@@ -147,6 +147,7 @@ test_main(void) ...@@ -147,6 +147,7 @@ test_main(void)
/* TC2: Single bit in key set. All zero IV */ /* TC2: Single bit in key set. All zero IV */
#if 0
test_chacha (SHEX("0100000000000000 0000000000000000"), test_chacha (SHEX("0100000000000000 0000000000000000"),
SHEX("0000000000000000"), SHEX("0000000000000000"),
SHEX("03a7669888605a07 65e8357475e58673" SHEX("03a7669888605a07 65e8357475e58673"
...@@ -175,7 +176,7 @@ test_main(void) ...@@ -175,7 +176,7 @@ test_main(void)
"b3cebd0a5005e762 e562d1375b7ac445" "b3cebd0a5005e762 e562d1375b7ac445"
"93a991b85d1a60fb a2035dfaa2a642d5"), "93a991b85d1a60fb a2035dfaa2a642d5"),
20); 20);
#endif
test_chacha (SHEX("0100000000000000 0000000000000000" test_chacha (SHEX("0100000000000000 0000000000000000"
"0000000000000000 0000000000000000"), "0000000000000000 0000000000000000"),
SHEX("0000000000000000"), SHEX("0000000000000000"),
...@@ -191,6 +192,7 @@ test_main(void) ...@@ -191,6 +192,7 @@ test_main(void)
20); 20);
/* TC3: Single bit in IV set. All zero key */ /* TC3: Single bit in IV set. All zero key */
#if 0
test_chacha (SHEX("0000000000000000 0000000000000000"), test_chacha (SHEX("0000000000000000 0000000000000000"),
SHEX("0100000000000000"), SHEX("0100000000000000"),
SHEX("25f5bec6683916ff 44bccd12d102e692" SHEX("25f5bec6683916ff 44bccd12d102e692"
...@@ -219,7 +221,7 @@ test_main(void) ...@@ -219,7 +221,7 @@ test_main(void)
"4dfc50de711fb464 16c2553cc60f21bb" "4dfc50de711fb464 16c2553cc60f21bb"
"fd006491cb17888b 4fb3521c4fdd8745"), "fd006491cb17888b 4fb3521c4fdd8745"),
20); 20);
#endif
test_chacha (SHEX("0000000000000000 0000000000000000" test_chacha (SHEX("0000000000000000 0000000000000000"
"0000000000000000 0000000000000000"), "0000000000000000 0000000000000000"),
SHEX("0100000000000000"), SHEX("0100000000000000"),
...@@ -235,6 +237,7 @@ test_main(void) ...@@ -235,6 +237,7 @@ test_main(void)
20); 20);
/* TC4: All bits in key and IV are set. */ /* TC4: All bits in key and IV are set. */
#if 0
test_chacha (SHEX("ffffffffffffffff ffffffffffffffff"), test_chacha (SHEX("ffffffffffffffff ffffffffffffffff"),
SHEX("ffffffffffffffff"), SHEX("ffffffffffffffff"),
SHEX("2204d5b81ce66219 3e00966034f91302" SHEX("2204d5b81ce66219 3e00966034f91302"
...@@ -263,7 +266,7 @@ test_main(void) ...@@ -263,7 +266,7 @@ test_main(void)
"7c227c52ef796b6b ed9f9059ba0614bc" "7c227c52ef796b6b ed9f9059ba0614bc"
"f6dd6e38917f3b15 0e576375be50ed67"), "f6dd6e38917f3b15 0e576375be50ed67"),
20); 20);
#endif
test_chacha (SHEX("ffffffffffffffff ffffffffffffffff" test_chacha (SHEX("ffffffffffffffff ffffffffffffffff"
"ffffffffffffffff ffffffffffffffff"), "ffffffffffffffff ffffffffffffffff"),
SHEX("ffffffffffffffff"), SHEX("ffffffffffffffff"),
...@@ -279,6 +282,7 @@ test_main(void) ...@@ -279,6 +282,7 @@ test_main(void)
20); 20);
/* TC5: Every even bit set in key and IV. */ /* TC5: Every even bit set in key and IV. */
#if 0
test_chacha (SHEX("5555555555555555 5555555555555555"), test_chacha (SHEX("5555555555555555 5555555555555555"),
SHEX("5555555555555555"), SHEX("5555555555555555"),
SHEX("f0a23bc36270e18e d0691dc384374b9b" SHEX("f0a23bc36270e18e d0691dc384374b9b"
...@@ -307,7 +311,7 @@ test_main(void) ...@@ -307,7 +311,7 @@ test_main(void)
"a3e5d94b5666382c 6d130d822dd56aac" "a3e5d94b5666382c 6d130d822dd56aac"
"b0f8195278e7b292 495f09868ddf12cc"), "b0f8195278e7b292 495f09868ddf12cc"),
20); 20);
#endif
test_chacha (SHEX("5555555555555555 5555555555555555" test_chacha (SHEX("5555555555555555 5555555555555555"
"5555555555555555 5555555555555555"), "5555555555555555 5555555555555555"),
SHEX("5555555555555555"), SHEX("5555555555555555"),
...@@ -323,6 +327,7 @@ test_main(void) ...@@ -323,6 +327,7 @@ test_main(void)
20); 20);
/* TC6: Every odd bit set in key and IV. */ /* TC6: Every odd bit set in key and IV. */
#if 0
test_chacha (SHEX("aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"), test_chacha (SHEX("aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"),
SHEX("aaaaaaaaaaaaaaaa"), SHEX("aaaaaaaaaaaaaaaa"),
SHEX("312d95c0bc38eff4 942db2d50bdc500a" SHEX("312d95c0bc38eff4 942db2d50bdc500a"
...@@ -351,7 +356,7 @@ test_main(void) ...@@ -351,7 +356,7 @@ test_main(void)
"efce4537bb0ef7b5 73b32f32765f2900" "efce4537bb0ef7b5 73b32f32765f2900"
"7da53bba62e7a44d 006f41eb28fe15d6"), "7da53bba62e7a44d 006f41eb28fe15d6"),
20); 20);
#endif
test_chacha (SHEX("aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa" test_chacha (SHEX("aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"), "aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa"),
SHEX("aaaaaaaaaaaaaaaa"), SHEX("aaaaaaaaaaaaaaaa"),
...@@ -367,6 +372,7 @@ test_main(void) ...@@ -367,6 +372,7 @@ test_main(void)
20); 20);
/* TC7: Sequence patterns in key and IV. */ /* TC7: Sequence patterns in key and IV. */
#if 0
test_chacha (SHEX("0011223344556677 8899aabbccddeeff"), test_chacha (SHEX("0011223344556677 8899aabbccddeeff"),
SHEX("0f1e2d3c4b5a6978"), SHEX("0f1e2d3c4b5a6978"),
SHEX("29560d280b452840 0a8f4b795369fb3a" SHEX("29560d280b452840 0a8f4b795369fb3a"
...@@ -395,7 +401,7 @@ test_main(void) ...@@ -395,7 +401,7 @@ test_main(void)
"d1ce91fd8ee08280 34b411200a9745a2" "d1ce91fd8ee08280 34b411200a9745a2"
"85554475d12afc04 887fef3516d12a2c"), "85554475d12afc04 887fef3516d12a2c"),
20); 20);
#endif
test_chacha (SHEX("0011223344556677 8899aabbccddeeff" test_chacha (SHEX("0011223344556677 8899aabbccddeeff"
"ffeeddccbbaa9988 7766554433221100"), "ffeeddccbbaa9988 7766554433221100"),
SHEX("0f1e2d3c4b5a6978"), SHEX("0f1e2d3c4b5a6978"),
...@@ -406,6 +412,7 @@ test_main(void) ...@@ -406,6 +412,7 @@ test_main(void)
8); 8);
/* TC8: hashed string patterns */ /* TC8: hashed string patterns */
#if 0
test_chacha(SHEX("c46ec1b18ce8a878 725a37e780dfb735"), test_chacha(SHEX("c46ec1b18ce8a878 725a37e780dfb735"),
SHEX("1ada31d5cf688221"), SHEX("1ada31d5cf688221"),
SHEX("6a870108859f6791 18f3e205e2a56a68" SHEX("6a870108859f6791 18f3e205e2a56a68"
...@@ -434,7 +441,7 @@ test_main(void) ...@@ -434,7 +441,7 @@ test_main(void)
"a6a9e6e591dce674 120acaf9040ff50f" "a6a9e6e591dce674 120acaf9040ff50f"
"f3ac30ccfb5e1420 4f5e4268b90a8804"), "f3ac30ccfb5e1420 4f5e4268b90a8804"),
20); 20);
#endif
test_chacha(SHEX("c46ec1b18ce8a878 725a37e780dfb735" test_chacha(SHEX("c46ec1b18ce8a878 725a37e780dfb735"
"1f68ed2e194c79fb c6aebee1a667975d"), "1f68ed2e194c79fb c6aebee1a667975d"),
SHEX("1ada31d5cf688221"), SHEX("1ada31d5cf688221"),
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment