/**
Register a hash with the descriptor table
@param hash The hash you wish to register
@return value >= 0 if successfully added (or already present), -1 if unsuccessful
*/
int register_hash(const struct ltc_hash_descriptor *hash)
{
int x;
LTC_ARGCHK(hash != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name == NULL) {
XMEMCPY(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor));
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
/* no spot */
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
/**
Register a PRNG with the descriptor table
@param prng The PRNG you wish to register
@return value >= 0 if successfully added (or already present), -1 if unsuccessful
*/
int register_prng(const struct ltc_prng_descriptor *prng)
{
int x;
LTC_ARGCHK(prng != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_prng_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (XMEMCMP(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) {
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return x;
}
}
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (prng_descriptor[x].name == NULL) {
XMEMCPY(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor));
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return x;
}
}
/* no spot */
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return -1;
}
/**
Register a PRNG with the descriptor table
@param prng The PRNG you wish to register
@return value >= 0 if successfully added (or already present), -1 if unsuccessful
*/
int register_prng(const struct ltc_prng_descriptor *prng)
{
int x;
LTC_ARGCHK(prng != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_prng_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (prng_descriptor[x] == prng) {
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return x;
}
}
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (prng_descriptor[x] == NULL) {
prng_descriptor[x] = prng;
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return x;
}
}
/* no spot */
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return -1;
}
int register_cipher(const struct ltc_cipher_descriptor *cipher)
{
int x;
LTC_ARGCHK(cipher != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].name != NULL && cipher_descriptor[x].ID == cipher->ID) {
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].name == NULL) {
XMEMCPY(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor));
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
/* no spot */
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return -1;
}
/**
Register a hash with the descriptor table
@param hash The hash you wish to register
@return value >= 0 if successfully added (or already present), -1 if unsuccessful
*/
int register_hash(const struct ltc_hash_descriptor *hash)
{
int x;
LTC_ARGCHK(hash != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x] == hash) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x] == NULL) {
hash_descriptor[x] = hash;
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
/* no spot */
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
/*
Test if a hash index is valid
@param idx The index of the hash to search for
@return CRYPT_OK if valid
*/
int hash_is_valid(int idx) {
LTC_MUTEX_LOCK(<c_hash_mutex);
if ((idx < 0) || (idx >= TAB_SIZE) || (hash_descriptor[idx].name == NULL)) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_INVALID_HASH;
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_OK;
}
/*
Test if a PRNG index is valid
@param idx The index of the PRNG to search for
@return CRYPT_OK if valid
*/
int prng_is_valid(int idx) {
LTC_MUTEX_LOCK(<c_prng_mutex);
if ((idx < 0) || (idx >= TAB_SIZE) || (prng_descriptor[idx].name == NULL)) {
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return CRYPT_INVALID_PRNG;
}
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return CRYPT_OK;
}
char* cipher_name(int idx)
{
LTC_MUTEX_LOCK(<c_cipher_mutex);
if (idx < 0 || idx >= TAB_SIZE || cipher_descriptor[idx].name == NULL) {
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return NULL;
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return cipher_descriptor[idx].name;
}
/*
Test if a hash index is valid
@param idx The index of the hash to search for
@return CRYPT_OK if valid
*/
int hash_is_valid(int idx)
{
LTC_MUTEX_LOCK(<c_hash_mutex);
if (idx < 0 || idx >= TAB_SIZE || hash_descriptor[idx] == NULL) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_INVALID_HASH;
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_OK;
}
/*
Test if a cipher index is valid
@param idx The index of the cipher to search for
@return CRYPT_OK if valid
*/
int cipher_is_valid(int idx)
{
LTC_MUTEX_LOCK(<c_cipher_mutex);
if (idx < 0 || idx >= TAB_SIZE || cipher_descriptor[idx].name == NULL) {
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return CRYPT_INVALID_CIPHER;
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return CRYPT_OK;
}
/**
Find a hash by ID number
@param ID The ID (not same as index) of the hash to find
@return >= 0 if found, -1 if not present
*/
int find_hash_id(unsigned char ID)
{
int x;
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x] && hash_descriptor[x]->ID == ID) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
/**
Find a cipher by ID number
@param ID The ID (not same as index) of the cipher to find
@return >= 0 if found, -1 if not present
*/
INT find_cipher_id(UCHAR ID)
{
INT x;
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].ID == ID) {
x = (cipher_descriptor[x].name == NULL) ? -1 : x;
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return -1;
}
/**
Find a registered hash by name
@param name The name of the hash to look for
@return >= 0 if found, -1 if not present
*/
int find_hash(const char *name)
{
int x;
LTC_ARGCHK(name != NULL);
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name != NULL && XSTRCMP(hash_descriptor[x].name, name) == 0) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
int find_cipher_id(unsigned char ID)
{
int x;
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].ID == ID) {
x = (cipher_descriptor[x].name == NULL) ? -1 : x;
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return -1;
}
/**
Find a registered cipher by name
@param name The name of the cipher to look for
@return >= 0 if found, -1 if not present
*/
int find_cipher(const char *name)
{
int x;
LTC_ARGCHK(name != NULL);
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].name != NULL && !XSTRCMP(cipher_descriptor[x].name, name)) {
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return -1;
}
/**
Find a registered PRNG by name
@param name The name of the PRNG to look for
@return >= 0 if found, -1 if not present
*/
int find_prng(const char *name)
{
int x;
LTC_ARGCHK(name != NULL);
LTC_MUTEX_LOCK(<c_prng_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if ((prng_descriptor[x].name != NULL) && strcmp(prng_descriptor[x].name, name) == 0) {
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return -1;
}
int find_hash_oid(const unsigned long *ID, unsigned long IDlen)
{
int x;
LTC_ARGCHK(ID != NULL);
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name != NULL && hash_descriptor[x].OIDlen == IDlen && !XMEMCMP(hash_descriptor[x].OID, ID, sizeof(unsigned long) * IDlen)) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
INT find_hash_oid(const ULONG *ID, ULONG IDlen)
{
INT x;
LTC_ARGCHK(ID != NULL);
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name != NULL && hash_descriptor[x].OIDlen == IDlen && !XMEMCMP(hash_descriptor[x].OID, ID, sizeof(ULONG) * IDlen)) {
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return -1;
}
/**
Add entropy to the PRNG state
@param in The data to add
@param inlen Length of the data to add
@param prng PRNG state to update
@return CRYPT_OK if successful
*/
int chacha20_prng_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng)
{
unsigned char buf[40];
unsigned long i;
int err;
LTC_ARGCHK(prng != NULL);
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen > 0);
LTC_MUTEX_LOCK(&prng->lock);
if (prng->ready) {
/* chacha20_prng_ready() was already called, do "rekey" operation */
if ((err = chacha_keystream(&prng->chacha.s, buf, sizeof(buf))) != CRYPT_OK) goto LBL_UNLOCK;
for(i = 0; i < inlen; i++) buf[i % sizeof(buf)] ^= in[i];
/* key 32 bytes, 20 rounds */
if ((err = chacha_setup(&prng->chacha.s, buf, 32, 20)) != CRYPT_OK) goto LBL_UNLOCK;
/* iv 8 bytes */
if ((err = chacha_ivctr64(&prng->chacha.s, buf + 32, 8, 0)) != CRYPT_OK) goto LBL_UNLOCK;
/* clear KEY + IV */
zeromem(buf, sizeof(buf));
}
else {
/* chacha20_prng_ready() was not called yet, add entropy to ent buffer */
while (inlen--) prng->chacha.ent[prng->chacha.idx++ % sizeof(prng->chacha.ent)] ^= *in++;
}
err = CRYPT_OK;
LBL_UNLOCK:
LTC_MUTEX_UNLOCK(&prng->lock);
return err;
}
/**
Unregister a PRNG from the descriptor table
@param prng The PRNG descriptor to remove
@return CRYPT_OK on success
*/
int unregister_prng(const struct ltc_prng_descriptor *prng)
{
int x;
LTC_ARGCHK(prng != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_prng_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (memcmp(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) != 0) {
prng_descriptor[x].name = NULL;
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return CRYPT_OK;
}
}
LTC_MUTEX_UNLOCK(<c_prng_mutex);
return CRYPT_ERROR;
}
/**
Read from the PRNG
@param out Destination
@param outlen Length of output
@param prng The active PRNG to read from
@return Number of octets read
*/
unsigned long yarrow_read(unsigned char *out, unsigned long outlen, prng_state *prng)
{
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
/* put out in predictable state first */
zeromem(out, outlen);
/* now randomize it */
if (ctr_encrypt(out, out, outlen, &prng->yarrow.ctr) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return 0;
}
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return outlen;
}
/**
Unregister a hash from the descriptor table
@param hash The hash descriptor to remove
@return CRYPT_OK on success
*/
int unregister_hash(const struct ltc_hash_descriptor *hash)
{
int x;
LTC_ARGCHK(hash != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_hash_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
hash_descriptor[x].name = NULL;
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_OK;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return CRYPT_ERROR;
}
/**
Read from the PRNG
@param out Destination
@param outlen Length of output
@param prng The active PRNG to read from
@return Number of octets read
*/
unsigned long chacha20_prng_read(unsigned char *out, unsigned long outlen, prng_state *prng)
{
if (outlen == 0 || prng == NULL || out == NULL) return 0;
LTC_MUTEX_LOCK(&prng->lock);
if (!prng->ready) { outlen = 0; goto LBL_UNLOCK; }
if (chacha_keystream(&prng->chacha.s, out, outlen) != CRYPT_OK) outlen = 0;
LBL_UNLOCK:
LTC_MUTEX_UNLOCK(&prng->lock);
return outlen;
}
/**
Unregister a cipher from the descriptor table
@param cipher The cipher descriptor to remove
@return CRYPT_OK on success
*/
int unregister_cipher(const struct ltc_cipher_descriptor *cipher)
{
int x;
LTC_ARGCHK(cipher != NULL);
/* is it already registered? */
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (XMEMCMP(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor)) == 0) {
cipher_descriptor[x].name = NULL;
cipher_descriptor[x].ID = 255;
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return CRYPT_OK;
}
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return CRYPT_ERROR;
}
/**
Terminate the PRNG
@param prng The PRNG to terminate
@return CRYPT_OK if successful
*/
int chacha20_prng_done(prng_state *prng)
{
int err;
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->lock);
prng->ready = 0;
err = chacha_done(&prng->chacha.s);
LTC_MUTEX_UNLOCK(&prng->lock);
LTC_MUTEX_DESTROY(&prng->lock);
return err;
}
/**
Find a cipher flexibly. First by name then if not present by block and key size
@param name The name of the cipher desired
@param blocklen The minimum length of the block cipher desired (octets)
@param keylen The minimum length of the key size desired (octets)
@return >= 0 if found, -1 if not present
*/
int find_cipher_any(const char *name, int blocklen, int keylen)
{
int x;
LTC_ARGCHK(name != NULL);
x = find_cipher(name);
if (x != -1) return x;
LTC_MUTEX_LOCK(<c_cipher_mutex);
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].name == NULL) {
continue;
}
if (blocklen <= (int)cipher_descriptor[x].block_length && keylen <= (int)cipher_descriptor[x].max_key_length) {
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return x;
}
}
LTC_MUTEX_UNLOCK(<c_cipher_mutex);
return -1;
}
/**
Import a PRNG state
@param in The PRNG state
@param inlen Size of the state
@param prng The PRNG to import
@return CRYPT_OK if successful
*/
int yarrow_import(const unsigned char *in, unsigned long inlen, prng_state *prng)
{
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
if (inlen != 64) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return CRYPT_INVALID_ARG;
}
if ((err = yarrow_start(prng)) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
err = yarrow_add_entropy(in, 64, prng);
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
/**
Export the PRNG state
@param out [out] Destination
@param outlen [in/out] Max size and resulting size of the state
@param prng The PRNG to export
@return CRYPT_OK if successful
*/
int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
{
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
/* we'll write 64 bytes for s&g's */
if (*outlen < 64) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
*outlen = 64;
return CRYPT_BUFFER_OVERFLOW;
}
if (yarrow_read(out, 64, prng) != 64) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return CRYPT_ERROR_READPRNG;
}
*outlen = 64;
return CRYPT_OK;
}
/**
Terminate the PRNG
@param prng The PRNG to terminate
@return CRYPT_OK if successful
*/
int yarrow_done(prng_state *prng)
{
int err;
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
/* call cipher done when we invent one ;-) */
/* we invented one */
err = ctr_done(&prng->yarrow.ctr);
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
/**
Make the PRNG ready to read from
@param prng The PRNG to make active
@return CRYPT_OK if successful
*/
int yarrow_ready(prng_state *prng)
{
int ks, err;
LTC_ARGCHK(prng != NULL);
LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
if ((err = hash_is_valid(prng->yarrow.hash)) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
if ((err = cipher_is_valid(prng->yarrow.cipher)) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
/* setup CTR mode using the "pool" as the key */
ks = (int)hash_descriptor[prng->yarrow.hash].hashsize;
if ((err = cipher_descriptor[prng->yarrow.cipher].keysize(&ks)) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
if ((err = ctr_start(prng->yarrow.cipher, /* what cipher to use */
prng->yarrow.pool, /* IV */
prng->yarrow.pool, ks, /* KEY and key size */
0, /* number of rounds */
CTR_COUNTER_LITTLE_ENDIAN, /* little endian counter */
&prng->yarrow.ctr)) != CRYPT_OK) {
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return err;
}
LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
return CRYPT_OK;
}
