Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
Nettle
nettle
Commits
a6b67c34
Commit
a6b67c34
authored
Apr 17, 2012
by
Niels Möller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Moved salsa20_set_key to a separate file. Inlined salsa20_hash into salsa20_crypt.
parent
cca6c377
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
120 additions
and
84 deletions
+120
-84
ChangeLog
ChangeLog
+7
-0
Makefile.in
Makefile.in
+1
-1
salsa20-set-key.c
salsa20-set-key.c
+88
-0
salsa20.c
salsa20.c
+24
-83
No files found.
ChangeLog
View file @
a6b67c34
2012-04-17 Niels Möller <nisse@lysator.liu.se>
* salsa20.c (salsa20_hash): Deleted function, inlined into
salsa20_crypt.
(salsa20_set_key, salsa20_set_iv): Moved, to...
* salsa20-set-key.c: ...new file.
2012-04-15 Niels Möller <nisse@lysator.liu.se>
* testsuite/salsa20-test.c (test_salsa20_stream): New function.
...
...
Makefile.in
View file @
a6b67c34
...
...
@@ -81,7 +81,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
md2.c md2-meta.c md4.c md4-meta.c
\
md5.c md5-compress.c md5-compat.c md5-meta.c
\
ripemd160.c ripemd160-compress.c ripemd160-meta.c
\
salsa20.c
\
salsa20.c
salsa20-set-key.c
\
sha1.c sha1-compress.c sha1-meta.c
\
sha256.c sha256-compress.c sha224-meta.c sha256-meta.c
\
sha512.c sha512-compress.c sha384-meta.c sha512-meta.c
\
...
...
salsa20-set-key.c
0 → 100644
View file @
a6b67c34
/* salsa20-set-key.c
*
* The Salsa20 stream cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2012 Simon Josefsson, Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/* Based on:
salsa20-ref.c version 20051118
D. J. Bernstein
Public domain.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "salsa20.h"
#include "macros.h"
void
salsa20_set_key
(
struct
salsa20_ctx
*
ctx
,
unsigned
length
,
const
uint8_t
*
key
)
{
static
const
uint32_t
sigma
[
4
]
=
{
/* "expand 32-byte k" */
0x61707865
,
0x3320646e
,
0x79622d32
,
0x6b206574
};
static
const
uint32_t
tau
[
4
]
=
{
/* "expand 16-byte k" */
0x61707865
,
0x3120646e
,
0x79622d36
,
0x6b206574
};
const
uint32_t
*
constants
;
assert
(
length
==
SALSA20_MIN_KEY_SIZE
||
length
==
SALSA20_MAX_KEY_SIZE
);
ctx
->
input
[
1
]
=
LE_READ_UINT32
(
key
+
0
);
ctx
->
input
[
2
]
=
LE_READ_UINT32
(
key
+
4
);
ctx
->
input
[
3
]
=
LE_READ_UINT32
(
key
+
8
);
ctx
->
input
[
4
]
=
LE_READ_UINT32
(
key
+
12
);
if
(
length
==
SALSA20_MAX_KEY_SIZE
)
{
/* recommended */
ctx
->
input
[
11
]
=
LE_READ_UINT32
(
key
+
16
);
ctx
->
input
[
12
]
=
LE_READ_UINT32
(
key
+
20
);
ctx
->
input
[
13
]
=
LE_READ_UINT32
(
key
+
24
);
ctx
->
input
[
14
]
=
LE_READ_UINT32
(
key
+
28
);
constants
=
sigma
;
}
else
{
/* kbits == 128 */
ctx
->
input
[
11
]
=
ctx
->
input
[
1
];
ctx
->
input
[
12
]
=
ctx
->
input
[
2
];
ctx
->
input
[
13
]
=
ctx
->
input
[
3
];
ctx
->
input
[
14
]
=
ctx
->
input
[
4
];
constants
=
tau
;
}
ctx
->
input
[
0
]
=
constants
[
0
];
ctx
->
input
[
5
]
=
constants
[
1
];
ctx
->
input
[
10
]
=
constants
[
2
];
ctx
->
input
[
15
]
=
constants
[
3
];
}
void
salsa20_set_iv
(
struct
salsa20_ctx
*
ctx
,
const
uint8_t
*
iv
)
{
ctx
->
input
[
6
]
=
LE_READ_UINT32
(
iv
+
0
);
ctx
->
input
[
7
]
=
LE_READ_UINT32
(
iv
+
4
);
ctx
->
input
[
8
]
=
0
;
ctx
->
input
[
9
]
=
0
;
}
salsa20.c
View file @
a6b67c34
...
...
@@ -33,7 +33,6 @@
# include "config.h"
#endif
#include <assert.h>
#include <string.h>
#include "salsa20.h"
...
...
@@ -56,107 +55,49 @@
x0 ^= ROTL32(18, x3 + x2); \
} while(0)
static
void
salsa20_hash
(
uint32_t
*
output
,
const
uint32_t
*
input
)
{
uint32_t
x
[
_SALSA20_INPUT_LENGTH
];
int
i
;
memcpy
(
x
,
input
,
sizeof
(
x
));
for
(
i
=
20
;
i
>
0
;
i
-=
2
)
{
QROUND
(
x
[
0
],
x
[
4
],
x
[
8
],
x
[
12
]);
QROUND
(
x
[
5
],
x
[
9
],
x
[
13
],
x
[
1
]);
QROUND
(
x
[
10
],
x
[
14
],
x
[
2
],
x
[
6
]);
QROUND
(
x
[
15
],
x
[
3
],
x
[
7
],
x
[
11
]);
QROUND
(
x
[
0
],
x
[
1
],
x
[
2
],
x
[
3
]);
QROUND
(
x
[
5
],
x
[
6
],
x
[
7
],
x
[
4
]);
QROUND
(
x
[
10
],
x
[
11
],
x
[
8
],
x
[
9
]);
QROUND
(
x
[
15
],
x
[
12
],
x
[
13
],
x
[
14
]);
}
for
(
i
=
0
;
i
<
_SALSA20_INPUT_LENGTH
;
++
i
)
{
uint32_t
t
=
x
[
i
]
+
input
[
i
];
/* NOTE: We return a word array of byte-swapped values, rather
than using a byte array and LE_WRITE_UINT32, to avoid having
to care about unaligned bytes. */
output
[
i
]
=
LE_SWAP32
(
t
);
}
}
void
salsa20_set_key
(
struct
salsa20_ctx
*
ctx
,
unsigned
length
,
const
uint8_t
*
key
)
{
static
const
uint32_t
sigma
[
4
]
=
{
/* "expand 32-byte k" */
0x61707865
,
0x3320646e
,
0x79622d32
,
0x6b206574
};
static
const
uint32_t
tau
[
4
]
=
{
/* "expand 16-byte k" */
0x61707865
,
0x3120646e
,
0x79622d36
,
0x6b206574
};
const
uint32_t
*
constants
;
assert
(
length
==
SALSA20_MIN_KEY_SIZE
||
length
==
SALSA20_MAX_KEY_SIZE
);
ctx
->
input
[
1
]
=
LE_READ_UINT32
(
key
+
0
);
ctx
->
input
[
2
]
=
LE_READ_UINT32
(
key
+
4
);
ctx
->
input
[
3
]
=
LE_READ_UINT32
(
key
+
8
);
ctx
->
input
[
4
]
=
LE_READ_UINT32
(
key
+
12
);
if
(
length
==
SALSA20_MAX_KEY_SIZE
)
{
/* recommended */
ctx
->
input
[
11
]
=
LE_READ_UINT32
(
key
+
16
);
ctx
->
input
[
12
]
=
LE_READ_UINT32
(
key
+
20
);
ctx
->
input
[
13
]
=
LE_READ_UINT32
(
key
+
24
);
ctx
->
input
[
14
]
=
LE_READ_UINT32
(
key
+
28
);
constants
=
sigma
;
}
else
{
/* kbits == 128 */
ctx
->
input
[
11
]
=
ctx
->
input
[
1
];
ctx
->
input
[
12
]
=
ctx
->
input
[
2
];
ctx
->
input
[
13
]
=
ctx
->
input
[
3
];
ctx
->
input
[
14
]
=
ctx
->
input
[
4
];
constants
=
tau
;
}
ctx
->
input
[
0
]
=
constants
[
0
];
ctx
->
input
[
5
]
=
constants
[
1
];
ctx
->
input
[
10
]
=
constants
[
2
];
ctx
->
input
[
15
]
=
constants
[
3
];
}
void
salsa20_set_iv
(
struct
salsa20_ctx
*
ctx
,
const
uint8_t
*
iv
)
{
ctx
->
input
[
6
]
=
LE_READ_UINT32
(
iv
+
0
);
ctx
->
input
[
7
]
=
LE_READ_UINT32
(
iv
+
4
);
ctx
->
input
[
8
]
=
0
;
ctx
->
input
[
9
]
=
0
;
}
void
salsa20_crypt
(
struct
salsa20_ctx
*
ctx
,
unsigned
length
,
uint8_t
*
c
,
const
uint8_t
*
m
)
{
uint32_t
output
[
_SALSA20_INPUT_LENGTH
];
if
(
!
length
)
return
;
for
(;;)
{
salsa20_hash
(
output
,
ctx
->
input
);
uint32_t
x
[
_SALSA20_INPUT_LENGTH
];
int
i
;
memcpy
(
x
,
ctx
->
input
,
sizeof
(
x
));
for
(
i
=
0
;
i
<
10
;
i
++
)
{
QROUND
(
x
[
0
],
x
[
4
],
x
[
8
],
x
[
12
]);
QROUND
(
x
[
5
],
x
[
9
],
x
[
13
],
x
[
1
]);
QROUND
(
x
[
10
],
x
[
14
],
x
[
2
],
x
[
6
]);
QROUND
(
x
[
15
],
x
[
3
],
x
[
7
],
x
[
11
]);
QROUND
(
x
[
0
],
x
[
1
],
x
[
2
],
x
[
3
]);
QROUND
(
x
[
5
],
x
[
6
],
x
[
7
],
x
[
4
]);
QROUND
(
x
[
10
],
x
[
11
],
x
[
8
],
x
[
9
]);
QROUND
(
x
[
15
],
x
[
12
],
x
[
13
],
x
[
14
]);
}
for
(
i
=
0
;
i
<
_SALSA20_INPUT_LENGTH
;
++
i
)
{
uint32_t
t
=
x
[
i
]
+
ctx
->
input
[
i
];
x
[
i
]
=
LE_SWAP32
(
t
);
}
ctx
->
input
[
9
]
+=
(
++
ctx
->
input
[
8
]
==
0
);
/* stopping at 2^70 length per nonce is user's responsibility */
if
(
length
<=
SALSA20_BLOCK_SIZE
)
{
memxor3
(
c
,
m
,
(
uint8_t
*
)
output
,
length
);
memxor3
(
c
,
m
,
(
uint8_t
*
)
x
,
length
);
return
;
}
memxor3
(
c
,
m
,
(
uint8_t
*
)
output
,
SALSA20_BLOCK_SIZE
);
memxor3
(
c
,
m
,
(
uint8_t
*
)
x
,
SALSA20_BLOCK_SIZE
);
length
-=
SALSA20_BLOCK_SIZE
;
c
+=
SALSA20_BLOCK_SIZE
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment