Commit 4c4f6647 authored by Niels Möller's avatar Niels Möller

Separate salsa20 set_key functions for 128 and 256 bits.

parent 61d9a6a0
2014-01-20 Niels Möller <nisse@lysator.liu.se>
* Makefile.in (nettle_SOURCES): Added salsa20-set-nonce.c,
salsa20-128-set-key.c, and salsa20-256-set-key.c.
* salsa20.h: Declare new functions.
(SALSA20_128_KEY_SIZE, SALSA20_256_KEY_SIZE): New constants.
(salsa20_set_iv): Define as an alias for salsa20_set_nonce.
* salsa20-set-key.c (salsa20_set_key): Use salsa20_128_set_key and
salsa20_256_set_key.
(salsa20_set_iv): Renamed and moved...
* salsa20-set-nonce.c (salsa20_set_nonce): ... new file, new name.
* salsa20-256-set-key.c (salsa20_256_set_key): New file and
function.
* salsa20-128-set-key.c (salsa20_128_set_key): New file and
function.
2014-01-13 Niels Möller <nisse@lysator.liu.se>
* nettle-types.h (union nettle_block16): New type, replacing union
......
......@@ -94,6 +94,8 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
ripemd160.c ripemd160-compress.c ripemd160-meta.c \
salsa20-core-internal.c \
salsa20-crypt.c salsa20r12-crypt.c salsa20-set-key.c \
salsa20-set-nonce.c \
salsa20-128-set-key.c salsa20-256-set-key.c \
sha1.c sha1-compress.c sha1-meta.c \
sha256.c sha256-compress.c sha224-meta.c sha256-meta.c \
sha512.c sha512-compress.c sha384-meta.c sha512-meta.c \
......
/*
* The Salsa20 stream cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2012 Simon Josefsson
* Copyright (C) 2012-2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02111-1301, USA.
*/
/* Based on:
salsa20-ref.c version 20051118
D. J. Bernstein
Public domain.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "salsa20.h"
#include "macros.h"
void
salsa20_128_set_key(struct salsa20_ctx *ctx, const uint8_t *key)
{
ctx->input[11] = ctx->input[1] = LE_READ_UINT32(key + 0);
ctx->input[12] = ctx->input[2] = LE_READ_UINT32(key + 4);
ctx->input[13] = ctx->input[3] = LE_READ_UINT32(key + 8);
ctx->input[14] = ctx->input[4] = LE_READ_UINT32(key + 12);
/* "expand 16-byte k" */
ctx->input[0] = 0x61707865;
ctx->input[5] = 0x3120646e;
ctx->input[10] = 0x79622d36;
ctx->input[15] = 0x6b206574;
}
/*
* The Salsa20 stream cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2012 Simon Josefsson
* Copyright (C) 2012-2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02111-1301, USA.
*/
/* Based on:
salsa20-ref.c version 20051118
D. J. Bernstein
Public domain.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "salsa20.h"
#include "macros.h"
void
salsa20_256_set_key(struct salsa20_ctx *ctx, const uint8_t *key)
{
ctx->input[1] = LE_READ_UINT32(key + 0);
ctx->input[2] = LE_READ_UINT32(key + 4);
ctx->input[3] = LE_READ_UINT32(key + 8);
ctx->input[4] = LE_READ_UINT32(key + 12);
ctx->input[11] = LE_READ_UINT32(key + 16);
ctx->input[12] = LE_READ_UINT32(key + 20);
ctx->input[13] = LE_READ_UINT32(key + 24);
ctx->input[14] = LE_READ_UINT32(key + 28);
/* "expand 32-byte k" */
ctx->input[0] = 0x61707865;
ctx->input[5] = 0x3320646e;
ctx->input[10] = 0x79622d32;
ctx->input[15] = 0x6b206574;
}
......@@ -33,7 +33,7 @@
# include "config.h"
#endif
#include <assert.h>
#include <stdlib.h>
#include "salsa20.h"
......@@ -43,46 +43,15 @@ void
salsa20_set_key(struct salsa20_ctx *ctx,
size_t length, const uint8_t *key)
{
static const uint32_t sigma[4] = {
/* "expand 32-byte k" */
0x61707865, 0x3320646e, 0x79622d32, 0x6b206574
};
static const uint32_t tau[4] = {
/* "expand 16-byte k" */
0x61707865, 0x3120646e, 0x79622d36, 0x6b206574
};
const uint32_t *constants;
assert (length == SALSA20_MIN_KEY_SIZE || length == SALSA20_MAX_KEY_SIZE);
ctx->input[1] = LE_READ_UINT32(key + 0);
ctx->input[2] = LE_READ_UINT32(key + 4);
ctx->input[3] = LE_READ_UINT32(key + 8);
ctx->input[4] = LE_READ_UINT32(key + 12);
if (length == SALSA20_MAX_KEY_SIZE) { /* recommended */
ctx->input[11] = LE_READ_UINT32(key + 16);
ctx->input[12] = LE_READ_UINT32(key + 20);
ctx->input[13] = LE_READ_UINT32(key + 24);
ctx->input[14] = LE_READ_UINT32(key + 28);
constants = sigma;
} else { /* kbits == 128 */
ctx->input[11] = ctx->input[1];
ctx->input[12] = ctx->input[2];
ctx->input[13] = ctx->input[3];
ctx->input[14] = ctx->input[4];
constants = tau;
}
ctx->input[0] = constants[0];
ctx->input[5] = constants[1];
ctx->input[10] = constants[2];
ctx->input[15] = constants[3];
}
void
salsa20_set_iv(struct salsa20_ctx *ctx, const uint8_t *iv)
{
ctx->input[6] = LE_READ_UINT32(iv + 0);
ctx->input[7] = LE_READ_UINT32(iv + 4);
ctx->input[8] = 0;
ctx->input[9] = 0;
switch (length)
{
case SALSA20_128_KEY_SIZE:
salsa20_128_set_key (ctx, key);
break;
case SALSA20_256_KEY_SIZE:
salsa20_256_set_key (ctx, key);
break;
default:
abort();
}
}
/* salsa20-set-nonce.c
*
* The Salsa20 stream cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2012 Simon Josefsson, Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02111-1301, USA.
*/
/* Based on:
salsa20-ref.c version 20051118
D. J. Bernstein
Public domain.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "salsa20.h"
#include "macros.h"
void
salsa20_set_nonce(struct salsa20_ctx *ctx, const uint8_t *nonce)
{
ctx->input[6] = LE_READ_UINT32(nonce + 0);
ctx->input[7] = LE_READ_UINT32(nonce + 4);
ctx->input[8] = 0;
ctx->input[9] = 0;
}
......@@ -35,20 +35,27 @@ extern "C" {
/* Name mangling */
#define salsa20_set_key nettle_salsa20_set_key
#define salsa20_set_iv nettle_salsa20_set_iv
#define salsa20_128_set_key nettle_salsa20_128_set_key
#define salsa20_256_set_key nettle_salsa20_256_set_key
#define salsa20_set_nonce nettle_salsa20_set_nonce
#define salsa20_crypt nettle_salsa20_crypt
#define _salsa20_core _nettle_salsa20_core
#define salsa20r12_crypt nettle_salsa20r12_crypt
/* Minimum and maximum keysizes, and a reasonable default. In
* octets.*/
/* Alias for backwards compatibility */
#define salsa20_set_iv nettle_salsa20_set_nonce
/* In octets.*/
#define SALSA20_128_KEY_SIZE 16
#define SALSA20_256_KEY_SIZE 32
#define SALSA20_BLOCK_SIZE 64
#define SALSA20_IV_SIZE 8
/* Aliases */
#define SALSA20_MIN_KEY_SIZE 16
#define SALSA20_MAX_KEY_SIZE 32
#define SALSA20_KEY_SIZE 32
#define SALSA20_BLOCK_SIZE 64
#define SALSA20_IV_SIZE 8
#define _SALSA20_INPUT_LENGTH 16
......@@ -66,6 +73,11 @@ struct salsa20_ctx
uint32_t input[_SALSA20_INPUT_LENGTH];
};
void
salsa20_128_set_key(struct salsa20_ctx *ctx, const uint8_t *key);
void
salsa20_256_set_key(struct salsa20_ctx *ctx, const uint8_t *key);
void
salsa20_set_key(struct salsa20_ctx *ctx,
size_t length, const uint8_t *key);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment