Commit 8ae5b576 authored by Niels Möller's avatar Niels Möller

* Initial checkin.

Rev: src/nettle/.bootstrap:1.1
Rev: src/nettle/.c-style:1.1
Rev: src/nettle/AUTHORS:1.1
Rev: src/nettle/ChangeLog:1.1
Rev: src/nettle/Makefile.am:1.1
Rev: src/nettle/NEWS:1.1
Rev: src/nettle/README:1.1
Rev: src/nettle/aes.c:1.1
Rev: src/nettle/aes.h:1.1
Rev: src/nettle/arcfour.c:1.1
Rev: src/nettle/arcfour.h:1.1
Rev: src/nettle/configure.in:1.1
Rev: src/nettle/macros.h:1.1
Rev: src/nettle/md5.c:1.1
Rev: src/nettle/md5.h:1.1
Rev: src/nettle/memxor.c:1.1
Rev: src/nettle/memxor.h:1.1
Rev: src/nettle/testsuite/.c-style:1.1
Rev: src/nettle/testsuite/Makefile.am:1.1
Rev: src/nettle/testsuite/aes-test.m4:1.1
Rev: src/nettle/testsuite/arcfour-test.m4:1.1
Rev: src/nettle/testsuite/macros.m4:1.1
Rev: src/nettle/testsuite/md5-test.m4:1.1
Rev: src/nettle/testsuite/run-tests:1.1
Rev: src/nettle/testsuite/testutils.c:1.1
Rev: src/nettle/testsuite/testutils.h:1.1
parent a4f63af3
aclocal && autoconf && autoheader && automake -a
2001-04-13 Niels Mller <nisse@cuckoo.hack.org>
* Initial checkin.
## Process this file with automake to produce Makefile.in
SUBDIRS = . testsuite
AUTOMAKE_OPTIONS = foreign
lib_LIBRARIES = libnettle.a
include_HEADERS = arcfour.h
noinst_LIBRARIES = libsymmetric.a
noinst_PROGRAMS = desTest desdata
libnettleincludedir = $(includedir)/nettle
libnettle_a_SOURCES = aes.c aes.h arcfour.c arcfour.h md5.c md5.h
# When compiling with lsh, this is set to to -DLSH -I/path/to/lsh/include
# INCLUDES = @crypto_cpp_flags@
libnettle_a_LIBADD = @LIBOBJS@
desTest_LDADD = libsymmetric.a
des_headers = parity.h rotors.h keymap.h
BUILT_SOURCES = desSmallFips.c desSmallCore.c desQuickFips.c desQuickCore.c \
$(des_headers)
libsymmetric_a_SOURCES = desCode.h desKerb.c desUtil.c desQuick.c \
$(BUILT_SOURCES) \
sha.c md5.c idea.c rc4.c cast.c
# Generate DES headers.
$(des_headers): desdata
./desdata $@ > $@
# Generate DES sources. Slowest to quickest.
desSmallFips.c:
@echo > $@ '#include "desCode.h"'
@echo >> $@ 'ENCRYPT(DesSmallFipsEncrypt,TEMPSMALL,\
LOADFIPS,KEYMAPSMALL,SAVEFIPS)'
@echo >> $@ 'DECRYPT(DesSmallFipsDecrypt,TEMPSMALL,\
LOADFIPS,KEYMAPSMALL,SAVEFIPS)'
desSmallCore.c:
@echo > $@ '#include "desCode.h"'
@echo >> $@ 'ENCRYPT(DesSmallCoreEncrypt,TEMPSMALL,\
LOADCORE,KEYMAPSMALL,SAVECORE)'
@echo >> $@ 'DECRYPT(DesSmallCoreDecrypt,TEMPSMALL,\
LOADCORE,KEYMAPSMALL,SAVECORE)'
desQuickFips.c:
@echo > $@ '#include "desCode.h"'
@echo >> $@ 'ENCRYPT(DesQuickFipsEncrypt,TEMPQUICK,\
LOADFIPS,KEYMAPQUICK,SAVEFIPS)'
@echo >> $@ 'DECRYPT(DesQuickFipsDecrypt,TEMPQUICK,\
LOADFIPS,KEYMAPQUICK,SAVEFIPS)'
desQuickCore.c:
@echo > $@ '#include "desCode.h"'
@echo >> $@ 'ENCRYPT(DesQuickCoreEncrypt,TEMPQUICK,\
LOADCORE,KEYMAPQUICK,SAVECORE)'
@echo >> $@ 'DECRYPT(DesQuickCoreDecrypt,TEMPQUICK,\
LOADCORE,KEYMAPQUICK,SAVECORE)'
EXTRA_DIST = macros.h
This diff is collapsed.
/* aes.h
*
* The aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The GNU MP Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the GNU MP Library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef NETTLE_AES_H_INCLUDED
#define NETTLE_AES_H_INCLUDED
#include <stdint.h>
#define AES_BLOCK_SIZE 16
/* Variable key size between 128 and 256 bits. But the only valid
* values are 16 (128 bits), 24 (192 bits) and 32 (256 bits). */
#define AES_MIN_KEY_SIZE 16
#define AES_MAX_KEY_SIZE 32
#define AES_KEY_SIZE 32
struct aes_ctx
{
uint32_t keys[60]; /* maximum size of key schedule */
uint32_t ikeys[60]; /* inverse key schedule */
unsigned nrounds; /* number of rounds to use for our key size */
};
void
aes_set_key(struct aes_ctx *ctx,
unsigned length, const uint8_t *key);
void
aes_encrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src);
void
aes_decrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src);
#endif /* NETTLE_AES_H_INCLUDED */
/* arcfour.c
*
* This implements the Arcfour stream cipher with 128 bit keys.
*
* The Arcfour cipher is believed to be compatible with the RC4 cipher.
* RC4 is a registered trademark of RSA Data Security Inc.
*
* The arcfour/rc4 stream cipher.
*/
/* lsh, an implementation of the ssh protocol
*
* Copyright (C) 1998 Niels Mller
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
/* nettle, low-level cryptographics library
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The GNU MP Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the GNU MP Library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#include "arcfour.h"
#include <assert.h>
#ifdef RCSID
RCSID("$Id$");
#endif
#define SWAP(a,b) do { int _t = a; a = b; b = _t; } while(0)
void arcfour_init(struct arcfour_ctx *ctx)
void
arcfour_set_key(struct arcfour_ctx *ctx,
unsigned length, const uint8_t *key)
{
unsigned i;
unsigned i, j, k;
assert(length >= ARCFOUR_MIN_KEY_SIZE);
assert(length <= ARCFOUR_MAX_KEY_SIZE);
/* Initialize context */
for (i = 0; i<256; i++)
ctx->S[i] = i;
}
/* This mode of operation is non-standard and possibly insecure. */
#if 0
void arcfour_update_key(struct arcfour_ctx *ctx,
UINT32 length, const UINT8 *key)
{
register UINT8 i = ctx->i;
register UINT8 j = ctx->j;
unsigned k;
for (k = 0; k<length; k++)
for (i = j = k = 0; i<256; i++)
{
i++; i &= 0xff;
j += ctx->S[i] + key[k]; j &= 0xff;
SWAP(ctx->S[i], ctx->S[j]);
/* Repeat key as needed */
k = (k + 1) % length;
}
ctx->i = i; ctx->j = j;
ctx->i = ctx->j = 0;
}
#endif
void arcfour_stream(struct arcfour_ctx *ctx,
UINT32 length, UINT8 *dest)
void
arcfour_crypt(struct arcfour_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src)
{
register UINT8 i = ctx->i;
register UINT8 j = ctx->j;
unsigned k;
register uint8_t i, j;
for (k = 0; k<length; k++)
i = ctx->i; j = ctx->j;
while(length--)
{
i++; i &= 0xff;
j += ctx->S[i]; j &= 0xff;
SWAP(ctx->S[i], ctx->S[j]);
dest[k] = ctx->S[ (ctx->S[i] + ctx->S[j]) & 0xff ];
*dst++ = *src++ ^ ctx->S[ (ctx->S[i] + ctx->S[j]) & 0xff ];
}
ctx->i = i; ctx->j = j;
}
void arcfour_set_key(struct arcfour_ctx *ctx, UINT32 length, const UINT8 *key)
void
arcfour_stream(struct arcfour_ctx *ctx,
unsigned length, uint8_t *dst)
{
register UINT8 j; /* Depends on the eight-bitness of these variables. */
unsigned i;
UINT32 k;
/* Initialize context */
arcfour_init(ctx);
assert(length);
/* Expand key */
i = j = k = 0;
for ( ; i<256; i++)
{
j += ctx->S[i] + key[k]; j &= 0xff;
SWAP(ctx->S[i], ctx->S[j]);
k = (k+1) % length; /* Repeat key if needed */
}
ctx->i = ctx->j = 0;
}
void arcfour_crypt(struct arcfour_ctx *ctx, UINT8 *dest,
UINT32 length, const UINT8 *src)
{
register UINT8 i, j;
register uint8_t i, j;
i = ctx->i; j = ctx->j;
while(length--)
......@@ -118,7 +83,8 @@ void arcfour_crypt(struct arcfour_ctx *ctx, UINT8 *dest,
i++; i &= 0xff;
j += ctx->S[i]; j &= 0xff;
SWAP(ctx->S[i], ctx->S[j]);
*dest++ = *src++ ^ ctx->S[ (ctx->S[i] + ctx->S[j]) & 0xff ];
*dst++ = ctx->S[ (ctx->S[i] + ctx->S[j]) & 0xff ];
}
ctx->i = i; ctx->j = j;
}
/* arcfour.h
*
* The arcfour/rc4 stream cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The GNU MP Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the GNU MP Library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef NETTLE_ARCFOUR_H_INCLUDED
#define NETTLE_ARCFOUR_H_INCLUDED
#include <stdint.h>
/* Minimum and maximum keysizes, and a reasonable default. In
* octets.*/
#define ARCFOUR_MIN_KEY_SIZE 1
#define ARCFOUR_MAX_KEY_SIZE 256
#define ARCFOUR_KEY_SIZE 16
struct arcfour_ctx
{
uint8_t S[256];
uint8_t i;
uint8_t j;
};
void
arcfour_set_key(struct arcfour_ctx *ctx,
unsigned length, const uint8_t *key);
void
arcfour_crypt(struct arcfour_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src);
void
arcfour_stream(struct arcfour_ctx *ctx,
unsigned length, uint8_t *dst);
#endif /* NETTLE_ARCFOUR_H_INCLUDED */
dnl -*- mode: shell-script; sh-indentation: 2; -*-
dnl $Id$
dnl Process this file with autoconf to produce a configure script.
# $Id$
AC_INIT(sha.c)
AC_INIT(arcfour.c)
AC_PROG_MAKE_SET
AM_INIT_AUTOMAKE(libnettle, 0.1)
AM_CONFIG_HEADER(config.h)
dnl Checks for programs.
AC_PROG_CC
AC_PROG_CPP
AC_PROG_MAKE_SET
AC_PROG_RANLIB
AM_PROG_CC_STDC
dnl Checks for libraries.
if test "x$am_cv_prog_cc_stdc" = xno ; then
AC_ERROR([the C compiler doesn't handle ANSI-C])
fi
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS(sys/time.h)
AC_PATH_PROG(M4, m4, m4)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_INLINE
AC_TYPE_UID_T
AC_TYPE_SIZE_T
AC_HEADER_TIME
dnl Needed by the supplied memcmp.c
AC_C_BIGENDIAN
AC_CHECK_SIZEOF(short, 2)
AC_CHECK_SIZEOF(int, 4)
AC_CHECK_SIZEOF(long, 4)
AC_REPLACE_FUNCS(memxor)
# Set these flags *last*, or else the test programs won't compile
if test x$GCC = xyes ; then
CFLAGS="$CFLAGS -ggdb3 -Wall -W \
-Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes \
-Waggregate-return \
-Wpointer-arith -Wbad-function-cast -Wnested-externs"
# Don't enable -Wcast-align as it results in tons of warnings in the
# DES code. And when using stdio.
fi
dnl Checks for library functions.
AC_FUNC_MEMCMP
AC_OUTPUT(Makefile testsuite/Makefile)
AC_OUTPUT(Makefile)
/* macros.h
*
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The GNU MP Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the GNU MP Library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef NETTLE_MACROS_H_INCLUDED
#define NETTLE_MACROS_H_INCLUDED
/* Reads a 32-bit integer, in network, big-endian, byte order */
#define READ_UINT32(p) \
( (((uint32_t) (p)[0]) << 24) \
| (((uint32_t) (p)[1]) << 16) \
| (((uint32_t) (p)[2]) << 8) \
| ((uint32_t) (p)[3]))
#define WRITE_UINT32(p, i) \
do { \
(p)[0] = ((i) >> 24) & 0xff; \
(p)[1] = ((i) >> 16) & 0xff; \
(p)[2] = ((i) >> 8) & 0xff; \
(p)[3] = (i) & 0xff; \
} while(0)
/* And the other, little-endian, byteorder */
#define LE_READ_UINT32(p) \
( (((uint32_t) (p)[3]) << 24) \
| (((uint32_t) (p)[2]) << 16) \
| (((uint32_t) (p)[1]) << 8) \
| ((uint32_t) (p)[0]))
#define LE_WRITE_UINT32(p, i) \
do { \
(p)[3] = ((i) >> 24) & 0xff; \
(p)[2] = ((i) >> 16) & 0xff; \
(p)[1] = ((i) >> 8) & 0xff; \
(p)[0] = (i) & 0xff; \
} while(0)
#endif /* NETTLE_MACROS_H_INCLUDED */
/*
* $Id$
/* md5.c
*
* md5.c : Implementation of the MD5 hash function
*
* Part of the Python Cryptography Toolkit, version 1.0.1
* Colin Plumb's original code modified by A.M. Kuchling
* The md5 hash function.
*/
/* nettle, low-level cryptographics library
*
* Further hacked and adapted to pike by Niels Mller
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The GNU MP Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the GNU MP Library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#include "crypto_types.h"
/* Based on public domain code hacked by Colin Plumb, Andrew Kuchling, and
* Niels Mller. */
#include "md5.h"
#include <string.h>
#include "macros.h"
void md5_copy(struct md5_ctx *dest, struct md5_ctx *src)
{
int i;
dest->count_l=src->count_l;
dest->count_h=src->count_h;
for(i=0; i<MD5_DIGESTLEN; i++)
dest->digest[i]=src->digest[i];
for(i=0; i < src->index; i++)
dest->block[i] = src->block[i];
dest->index = src->index;
}
#include <assert.h>
void md5_init(struct md5_ctx *ctx)
/* A block, treated as a sequence of 32-bit words. */
#define MD5_DATA_LENGTH 16
static void
md5_transform(uint32_t *digest, const uint32_t *data);
static void
md5_block(struct md5_ctx *ctx, const uint8_t *block);
void
md5_init(struct md5_ctx *ctx)
{
ctx->digest[0] = 0x67452301;
ctx->digest[1] = 0xefcdab89;
......@@ -37,6 +53,119 @@ void md5_init(struct md5_ctx *ctx)
ctx->index = 0;
}
void
md5_update(struct md5_ctx *ctx,
unsigned length,
const uint8_t *data)
{
if (ctx->index)
{
/* Try to fill partial block */
unsigned left = MD5_DATA_SIZE - ctx->index;
if (length < left)
{
memcpy(ctx->block + ctx->index, data, length);
ctx->index += length;
return; /* Finished */
}
else
{
memcpy(ctx->block + ctx->index, data, left);
md5_block(ctx, ctx->block);
data += left;
length -= left;
}
}
while (length >= MD5_DATA_SIZE)
{
md5_block(ctx, data);
data += MD5_DATA_SIZE;
length -= MD5_DATA_SIZE;
}
if ((ctx->index = length)) /* This assignment is intended */
/* Buffer leftovers */
memcpy(ctx->block, data, length);
}
/* Final wrapup - pad to MD5_DATA_SIZE-byte boundary with the bit
* pattern 1 0* (64-bit count of bits processed, LSB-first) */
void
md5_final(struct md5_ctx *ctx)
{
uint32_t data[MD5_DATA_LENGTH];
unsigned i;
unsigned words;
i = ctx->index;
/* Set the first char of padding to 0x80. This is safe since there
* is always at least one byte free */
assert(i < MD5_DATA_SIZE);
ctx->block[i++] = 0x80;
/* Fill rest of word */
for( ; i & 3; i++)
ctx->block[i] = 0;
/* i is now a multiple of the word size 4 */
words = i >> 2;
for (i = 0; i < words; i++)
data[i] = LE_READ_UINT32(ctx->block + 4*i);
if (words > (MD5_DATA_LENGTH-2))
{ /* No room for length in this block. Process it and
* pad with another one */
for (i = words ; i < MD5_DATA_LENGTH; i++)
data[i] = 0;
md5_transform(ctx->digest, data);
for (i = 0; i < (MD5_DATA_LENGTH-2); i++)
data[i] = 0;
}
else
for (i = words ; i < MD5_DATA_LENGTH - 2; i++)
data[i] = 0;
/* There are 512 = 2^9 bits in one block
* Little-endian order => Least significant word first */
data[MD5_DATA_LENGTH-1] = (ctx->count_h << 9) | (ctx->count_l >> 23);
data[MD5_DATA_LENGTH-2] = (ctx->count_l << 9) | (ctx->index << 3);
md5_transform(ctx->digest, data);
}
void
md5_digest(const struct md5_ctx *ctx,
unsigned length,
uint8_t *digest)
{
unsigned i;
unsigned words;
unsigned leftover;
assert(length <= MD5_DIGEST_SIZE);
words = length / 4;
leftover = length % 4;
/* Little endian order */
for (i = 0; i < words; i++, digest += 4)
LE_WRITE_UINT32(digest, ctx->digest[i]);
if (leftover)
{
uint32_t word;
unsigned j;
assert(i < _MD5_DIGEST_LENGTH);
/* Still least significant byte first. */
for (word = ctx->digest[i], j = 0; j < leftover;
j++, word >>= 8)
digest[j] = word & 0xff;
}
}
/* MD5 functions */
#define F1(x, y, z) (z ^ (x & (y ^ z)))
#define F2(x, y, z) F1(z, x, y)
......@@ -45,16 +174,21 @@ void md5_init(struct md5_ctx *ctx)
#define ROUND(f, w, x, y, z, data, s) \
( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
/* Perform the MD5 transformation on one full block of 16 32-bit words. */
static void md5_transform(struct md5_ctx *ctx, UINT32 *data)
/* Perform the MD5 transformation on one full block of 16 32-bit
* words.
*
* Compresses 20 (_MD5_DIGEST_LENGTH + MD5_DATA_LENGTH) words into 4
* (_MD5_DIGEST_LENGTH) words. */
static void
md5_transform(uint32_t *digest, const uint32_t *data)
{
UINT32 a, b, c, d;
a = ctx->digest[0];
b = ctx->digest[1];
c = ctx->digest[2];
d = ctx->digest[3];
uint32_t a, b, c, d;
a = digest[0];
b = digest[1];
c = digest[2];
d = digest[3];
ROUND(F1, a, b, c, d, data[ 0] + 0xd76aa478, 7);
ROUND(F1, d, a, b, c, data[ 1] + 0xe8c7b756, 12);
......@@ -124,27 +258,17 @@ static void md5_transform(struct md5_ctx *ctx, UINT32 *data)
ROUND(F4, c, d, a, b, data[ 2] + 0x2ad7d2bb, 15);
ROUND(F4, b, c, d, a, data[ 9] + 0xeb86d391, 21);
ctx->digest[0] += a;
ctx->digest[1] += b;
ctx->digest[2] += c;
ctx->digest[3] += d;