int rsa_signdepad(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x; _ARGCHK(in != NULL); _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); if (*outlen < inlen/3) { return CRYPT_BUFFER_OVERFLOW; } /* check padding bytes */ for (x = 0; x < inlen/3; x++) { if (in[x] != (unsigned char)0xFF || in[x+(inlen/3)+(inlen/3)] != (unsigned char)0xFF) { return CRYPT_INVALID_PACKET; } } for (x = 0; x < inlen/3; x++) { out[x] = in[x+(inlen/3)]; } *outlen = inlen/3; return CRYPT_OK; }
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key) #endif { unsigned long L, R; int r; _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(key != NULL); /* load it */ LOAD32H(R, &ct[0]); LOAD32H(L, &ct[4]); /* undo last keying */ R ^= key->blowfish.K[17]; L ^= key->blowfish.K[16]; /* do 16 rounds */ for (r = 15; r > 0; ) { L ^= F(R); R ^= key->blowfish.K[r--]; R ^= F(L); L ^= key->blowfish.K[r--]; L ^= F(R); R ^= key->blowfish.K[r--]; R ^= F(L); L ^= key->blowfish.K[r--]; } /* store */ STORE32H(L, &pt[0]); STORE32H(R, &pt[4]); }
int rsa_signpad(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x, y; _ARGCHK(in != NULL); _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); if (*outlen < (3 * inlen)) { return CRYPT_BUFFER_OVERFLOW; } /* check inlen */ if (inlen > 512) { return CRYPT_PK_INVALID_SIZE; } for (y = x = 0; x < inlen; x++) out[y++] = (unsigned char)0xFF; for (x = 0; x < inlen; x++) out[y++] = in[x]; for (x = 0; x < inlen; x++) out[y++] = (unsigned char)0xFF; *outlen = 3 * inlen; return CRYPT_OK; }
int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb) { _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(ofb != NULL); return ofb_encrypt(ct, pt, len, ofb); }
void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key) #endif { unsigned long a,b,c,d,temp; int r; _ARGCHK(key != NULL); _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); LOAD32L(a,&pt[0]); LOAD32L(b,&pt[4]); LOAD32L(c,&pt[8]); LOAD32L(d,&pt[12]); #define ROUND(i) \ a ^= RC[r+i]; \ THETA(key->noekeon.K, a,b,c,d); \ PI1(a,b,c,d); \ GAMMA(a,b,c,d); \ PI2(a,b,c,d); for (r = 0; r < 16; r += 2) { ROUND(0); ROUND(1); } #undef ROUND a ^= RC[16]; THETA(key->noekeon.K, a, b, c, d); STORE32L(a,&ct[0]); STORE32L(b,&ct[4]); STORE32L(c,&ct[8]); STORE32L(d,&ct[12]); }
int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) { unsigned long temp; _ARGCHK(key != NULL); _ARGCHK(skey != NULL); if (keylen != 16) { return CRYPT_INVALID_KEYSIZE; } if (num_rounds != 16 && num_rounds != 0) { return CRYPT_INVALID_ROUNDS; } LOAD32L(skey->noekeon.K[0],&key[0]); LOAD32L(skey->noekeon.K[1],&key[4]); LOAD32L(skey->noekeon.K[2],&key[8]); LOAD32L(skey->noekeon.K[3],&key[12]); LOAD32L(skey->noekeon.dK[0],&key[0]); LOAD32L(skey->noekeon.dK[1],&key[4]); LOAD32L(skey->noekeon.dK[2],&key[8]); LOAD32L(skey->noekeon.dK[3],&key[12]); THETA(zero, skey->noekeon.dK[0], skey->noekeon.dK[1], skey->noekeon.dK[2], skey->noekeon.dK[3]); return CRYPT_OK; }
int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb) { int err; _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(cfb != NULL); if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) { return err; } /* is blocklen/padlen valid? */ if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) || cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) { return CRYPT_INVALID_ARG; } while (len-- > 0) { if (cfb->padlen == cfb->blocklen) { cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key); cfb->padlen = 0; } cfb->pad[cfb->padlen] = *ct; *pt = *ct ^ cfb->IV[cfb->padlen]; ++pt; ++ct; ++cfb->padlen; } return CRYPT_OK; }
void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key) { ulong32 R, L; _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(key != NULL); LOAD32H(R,&ct[0]); LOAD32H(L,&ct[4]); if (key->cast5.keylen > 10) { R ^= FI(L, key->cast5.K[15], key->cast5.K[31]); L ^= FIII(R, key->cast5.K[14], key->cast5.K[30]); R ^= FII(L, key->cast5.K[13], key->cast5.K[29]); L ^= FI(R, key->cast5.K[12], key->cast5.K[28]); } R ^= FIII(L, key->cast5.K[11], key->cast5.K[27]); L ^= FII(R, key->cast5.K[10], key->cast5.K[26]); R ^= FI(L, key->cast5.K[9], key->cast5.K[25]); L ^= FIII(R, key->cast5.K[8], key->cast5.K[24]); R ^= FII(L, key->cast5.K[7], key->cast5.K[23]); L ^= FI(R, key->cast5.K[6], key->cast5.K[22]); R ^= FIII(L, key->cast5.K[5], key->cast5.K[21]); L ^= FII(R, key->cast5.K[4], key->cast5.K[20]); R ^= FI(L, key->cast5.K[3], key->cast5.K[19]); L ^= FIII(R, key->cast5.K[2], key->cast5.K[18]); R ^= FII(L, key->cast5.K[1], key->cast5.K[17]); L ^= FI(R, key->cast5.K[0], key->cast5.K[16]); STORE32H(L,&pt[0]); STORE32H(R,&pt[4]); }
int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, int keylen, int num_rounds, symmetric_CFB *cfb) { int x, err; _ARGCHK(IV != NULL); _ARGCHK(key != NULL); _ARGCHK(cfb != NULL); if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { return err; } /* copy data */ cfb->cipher = cipher; cfb->blocklen = cipher_descriptor[cipher].block_length; for (x = 0; x < cfb->blocklen; x++) cfb->IV[x] = IV[x]; /* init the cipher */ if ((err = cipher_descriptor[cipher].setup(key, keylen, num_rounds, &cfb->key)) != CRYPT_OK) { return err; } /* encrypt the IV */ cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->IV, cfb->IV, &cfb->key); cfb->padlen = 0; return CRYPT_OK; }
int yarrow_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng) { hash_state md; int err; _ARGCHK(buf != NULL); _ARGCHK(prng != NULL); if ((err = hash_is_valid(prng->yarrow.hash)) != CRYPT_OK) { return err; } /* start the hash */ hash_descriptor[prng->yarrow.hash].init(&md); /* hash the current pool */ if ((err = hash_descriptor[prng->yarrow.hash].process(&md, prng->yarrow.pool, hash_descriptor[prng->yarrow.hash].hashsize)) != CRYPT_OK) { return err; } /* add the new entropy */ if ((err = hash_descriptor[prng->yarrow.hash].process(&md, buf, len)) != CRYPT_OK) { return err; } /* store result */ if ((err = hash_descriptor[prng->yarrow.hash].done(&md, prng->yarrow.pool)) != CRYPT_OK) { return err; } return CRYPT_OK; }
int ctr_start(int cipher, const unsigned char *count, const unsigned char *key, int keylen, int num_rounds, symmetric_CTR *ctr) { int x, err; _ARGCHK(count != NULL); _ARGCHK(key != NULL); _ARGCHK(ctr != NULL); /* bad param? */ if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { return err; } /* setup cipher */ if ((err = cipher_descriptor[cipher].setup(key, keylen, num_rounds, &ctr->key)) != CRYPT_OK) { return err; } /* copy ctr */ ctr->blocklen = cipher_descriptor[cipher].block_length; ctr->cipher = cipher; ctr->padlen = 0; ctr->mode = 0; for (x = 0; x < ctr->blocklen; x++) { ctr->ctr[x] = count[x]; } cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key); return CRYPT_OK; }
int rsa_pad(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int wprng, prng_state *prng) { unsigned char buf[1536]; unsigned long x; int err; _ARGCHK(in != NULL); _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); /* is output big enough? */ if (*outlen < (3 * inlen)) { return CRYPT_BUFFER_OVERFLOW; } /* get random padding required */ if ((err = prng_is_valid(wprng)) != CRYPT_OK) { return err; } /* check inlen */ if (inlen > 512) { return CRYPT_PK_INVALID_SIZE; } if (prng_descriptor[wprng].read(buf, inlen*2-2, prng) != (inlen*2 - 2)) { return CRYPT_ERROR_READPRNG; } /* pad it like a sandwhich * * Looks like 0xFF R1 M R2 0xFF * * Where R1/R2 are random and exactly equal to the length of M minus one byte. */ for (x = 0; x < inlen-1; x++) { out[x+1] = buf[x]; } for (x = 0; x < inlen; x++) { out[x+inlen] = in[x]; } for (x = 0; x < inlen-1; x++) { out[x+inlen+inlen] = buf[x+inlen-1]; } /* last and first bytes are 0xFF */ out[0] = out[inlen+inlen+inlen-1] = (unsigned char)0xFF; /* clear up and return */ #ifdef CLEAN_STACK zeromem(buf, sizeof(buf)); #endif *outlen = inlen*3; return CRYPT_OK; }
int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key) { unsigned char buf2[5120]; unsigned long y, z; _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); _ARGCHK(key != NULL); /* type valid? */ if (!(key->type == PK_PRIVATE || key->type == PK_PRIVATE_OPTIMIZED) && (type == PK_PRIVATE || type == PK_PRIVATE_OPTIMIZED)) { return CRYPT_PK_INVALID_TYPE; } /* start at offset y=PACKET_SIZE */ y = PACKET_SIZE; /* output key type */ buf2[y++] = type; /* output modulus */ OUTPUT_BIGNUM(&key->N, buf2, y, z); /* output public key */ OUTPUT_BIGNUM(&key->e, buf2, y, z); if (type == PK_PRIVATE || type == PK_PRIVATE_OPTIMIZED) { OUTPUT_BIGNUM(&key->d, buf2, y, z); } if (type == PK_PRIVATE_OPTIMIZED) { OUTPUT_BIGNUM(&key->dQ, buf2, y, z); OUTPUT_BIGNUM(&key->dP, buf2, y, z); OUTPUT_BIGNUM(&key->pQ, buf2, y, z); OUTPUT_BIGNUM(&key->qP, buf2, y, z); OUTPUT_BIGNUM(&key->p, buf2, y, z); OUTPUT_BIGNUM(&key->q, buf2, y, z); } /* check size */ if (*outlen < y) { return CRYPT_BUFFER_OVERFLOW; } /* store packet header */ packet_store_header(buf2, PACKET_SECT_RSA, PACKET_SUB_KEY); /* copy to the user buffer */ memcpy(out, buf2, (size_t)y); *outlen = y; /* clear stack and return */ #ifdef CLEAN_STACK zeromem(buf2, sizeof(buf2)); #endif return CRYPT_OK; }
int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) #endif { unsigned long L[64], S[50], A, B, i, j, v, s, t, l; _ARGCHK(skey != NULL); _ARGCHK(key != NULL); /* test parameters */ if (num_rounds == 0) { num_rounds = rc5_desc.default_rounds; } if (num_rounds < 12 || num_rounds > 24) { return CRYPT_INVALID_ROUNDS; } /* key must be between 64 and 1024 bits */ if (keylen < 8 || keylen > 128) { return CRYPT_INVALID_KEYSIZE; } /* copy the key into the L array */ for (A = i = j = 0; i < (unsigned long)keylen; ) { A = (A << 8) | ((unsigned long)(key[i++] & 255)); if ((i & 3) == 0) { L[j++] = BSWAP(A); A = 0; } } if ((keylen & 3) != 0) { A <<= (unsigned long)((8 * (4 - (keylen&3)))); L[j++] = BSWAP(A); } /* setup the S array */ t = (unsigned long)(2 * (num_rounds + 1)); S[0] = 0xB7E15163UL; for (i = 1; i < t; i++) S[i] = S[i - 1] + 0x9E3779B9UL; /* mix buffer */ s = 3 * MAX(t, j); l = j; for (A = B = i = j = v = 0; v < s; v++) { A = S[i] = ROL(S[i] + A + B, 3); B = L[j] = ROL(L[j] + A + B, (A+B)); i = (i + 1) % t; j = (j + 1) % l; } /* copy to key */ for (i = 0; i < t; i++) { skey->rc5.K[i] = S[i]; } skey->rc5.rounds = num_rounds; return CRYPT_OK; }
int ocb_done_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct, unsigned char *tag, unsigned long *taglen) { _ARGCHK(ocb != NULL); _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(tag != NULL); _ARGCHK(taglen != NULL); return __ocb_done(ocb, pt, ptlen, ct, tag, taglen, 0); }
int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc) { _ARGCHK(IV != NULL); _ARGCHK(cbc != NULL); if (len != (unsigned long)cbc->blocklen) { return CRYPT_INVALID_ARG; } memcpy(cbc->IV, IV, len); return CRYPT_OK; }
int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) #endif { unsigned long L[64], S[50], A, B, i, j, v, s, t, l; _ARGCHK(key != NULL); _ARGCHK(skey != NULL); /* test parameters */ if (num_rounds != 0 && num_rounds != 20) { return CRYPT_INVALID_ROUNDS; } /* key must be between 64 and 1024 bits */ if (keylen < 8 || keylen > 128) { return CRYPT_INVALID_KEYSIZE; } /* copy the key into the L array */ for (A = i = j = 0; i < (unsigned long)keylen; ) { A = (A << 8) | ((unsigned long)(key[i++] & 255)); if (!(i & 3)) { L[j++] = BSWAP(A); A = 0; } } /* handle odd sized keys */ if (keylen & 3) { A <<= (8 * (4 - (keylen&3))); L[j++] = BSWAP(A); } /* setup the S array */ t = 44; /* fixed at 20 rounds */ S[0] = 0xB7E15163UL; for (i = 1; i < t; i++) S[i] = S[i - 1] + 0x9E3779B9UL; /* mix buffer */ s = 3 * MAX(t, j); l = j; for (A = B = i = j = v = 0; v < s; v++) { A = S[i] = ROL(S[i] + A + B, 3); B = L[j] = ROL(L[j] + A + B, (A+B)); i = (i + 1) % t; j = (j + 1) % l; } /* copy to key */ for (i = 0; i < t; i++) { skey->rc6.K[i] = S[i]; } return CRYPT_OK; }
int ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ECB *ecb) { int err; _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(ecb != NULL); if ((err = cipher_is_valid(ecb->cipher)) != CRYPT_OK) { return err; } cipher_descriptor[ecb->cipher].ecb_decrypt(ct, pt, &ecb->key); return CRYPT_OK; }
int ecb_start(int cipher, const unsigned char *key, int keylen, int num_rounds, symmetric_ECB *ecb) { int err; _ARGCHK(key != NULL); _ARGCHK(ecb != NULL); if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { return err; } ecb->cipher = cipher; ecb->blocklen = cipher_descriptor[cipher].block_length; return cipher_descriptor[cipher].setup(key, keylen, num_rounds, &ecb->key); }
unsigned long yarrow_read(unsigned char *buf, unsigned long len, prng_state *prng) { _ARGCHK(buf != NULL); _ARGCHK(prng != NULL); /* put buf in predictable state first */ zeromem(buf, len); /* now randomize it */ if (ctr_encrypt(buf, buf, len, &prng->yarrow.ctr) != CRYPT_OK) { return 0; } return len; }
int sha256_done(hash_state * md, unsigned char *hash) { int i; _ARGCHK(md != NULL); _ARGCHK(hash != NULL); if (md->sha256.curlen >= sizeof(md->sha256.buf)) { return CRYPT_INVALID_ARG; } /* increase the length of the message */ md->sha256.length += md->sha256.curlen * 8; /* append the '1' bit */ md->sha256.buf[md->sha256.curlen++] = (unsigned char)0x80; /* if the length is currently above 56 bytes we append zeros * then compress. Then we can fall back to padding zeros and length * encoding like normal. */ if (md->sha256.curlen > 56) { while (md->sha256.curlen < 64) { md->sha256.buf[md->sha256.curlen++] = (unsigned char)0; } sha256_compress(md, md->sha256.buf); md->sha256.curlen = 0; } /* pad upto 56 bytes of zeroes */ while (md->sha256.curlen < 56) { md->sha256.buf[md->sha256.curlen++] = (unsigned char)0; } /* store length */ STORE64H(md->sha256.length, md->sha256.buf+56); sha256_compress(md, md->sha256.buf); /* copy output */ for (i = 0; i < 8; i++) { STORE32H(md->sha256.state[i], hash+(4*i)); } #ifdef CLEAN_STACK zeromem(md, sizeof(hash_state)); #endif return CRYPT_OK; }
int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, unsigned long length) { int err; _ARGCHK(eax != NULL); _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); /* encrypt */ if ((err = ctr_encrypt(pt, ct, length, &eax->ctr)) != CRYPT_OK) { return err; } /* omac ciphertext */ return omac_process(&eax->ctomac, ct, length); }
int yarrow_ready(prng_state *prng) { int ks, err; _ARGCHK(prng != NULL); if ((err = hash_is_valid(prng->yarrow.hash)) != CRYPT_OK) { return err; } if ((err = cipher_is_valid(prng->yarrow.cipher)) != CRYPT_OK) { return err; } /* setup CTR mode using the "pool" as the key */ ks = (int)hash_descriptor[prng->yarrow.hash].hashsize; if ((err = cipher_descriptor[prng->yarrow.cipher].keysize(&ks)) != CRYPT_OK) { return err; } if ((err = ctr_start(prng->yarrow.cipher, /* what cipher to use */ prng->yarrow.pool, /* IV */ prng->yarrow.pool, ks, /* KEY and key size */ 0, /* number of rounds */ &prng->yarrow.ctr)) != CRYPT_OK) { return err; } return CRYPT_OK; }
int safer_sk128_setup(const unsigned char *key, int keylen, int numrounds, symmetric_key *skey) { _ARGCHK(key != NULL); _ARGCHK(skey != NULL); if (numrounds != 0 && (numrounds < 6 || numrounds > SAFER_MAX_NOF_ROUNDS)) { return CRYPT_INVALID_ROUNDS; } if (keylen != 16) { return CRYPT_INVALID_KEYSIZE; } Safer_Expand_Userkey(key, key+8, (unsigned int)(numrounds != 0?numrounds:SAFER_SK128_DEFAULT_NOF_ROUNDS), 1, skey->safer.key); return CRYPT_OK; }
int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen) { unsigned char buf[MAXBLOCKSIZE]; unsigned char isha[MAXBLOCKSIZE]; unsigned long hashsize, i; int hash, err; _ARGCHK(hmac != NULL); _ARGCHK(hashOut != NULL); hash = hmac->hash; if((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } /* get the hash message digest size */ hashsize = hash_descriptor[hash].hashsize; // Get the hash of the first HMAC vector plus the data if ((err = hash_descriptor[hash].done(&hmac->md, isha)) != CRYPT_OK) { return err; } // Create the second HMAC vector vector for step (3) for(i=0; i < HMAC_BLOCKSIZE; i++) { buf[i] = hmac->key[i] ^ 0x5C; } // Now calculate the "outer" hash for step (5), (6), and (7) hash_descriptor[hash].init(&hmac->md); hash_descriptor[hash].process(&hmac->md, buf, HMAC_BLOCKSIZE); hash_descriptor[hash].process(&hmac->md, isha, hashsize); hash_descriptor[hash].done(&hmac->md, buf); // copy to output for (i = 0; i < hashsize && i < *outlen; i++) { hashOut[i] = buf[i]; } *outlen = i; #ifdef CLEAN_STACK zeromem(isha, sizeof(buf)); zeromem(buf, sizeof(isha)); zeromem(hmac, sizeof(*hmac)); #endif return CRYPT_OK; }
int rand_prime(mp_int *N, long len, prng_state *prng, int wprng) { unsigned char buf[260]; int err, step, ormask; _ARGCHK(N != NULL); /* pass a negative size if you want a prime congruent to 3 mod 4 */ if (len < 0) { step = 4; ormask = 3; len = -len; } else { step = 2; ormask = 1; } /* allow sizes between 2 and 256 bytes for a prime size */ if (len < 2 || len > 256) { return CRYPT_INVALID_PRIME_SIZE; } /* valid PRNG? */ if ((err = prng_is_valid(wprng)) != CRYPT_OK) { return err; } /* read the prng */ if (prng_descriptor[wprng].read(buf+2, (unsigned long)len, prng) != (unsigned long)len) { return CRYPT_ERROR_READPRNG; } /* set sign byte to zero */ buf[0] = (unsigned char)0; /* Set the top byte to 0x01 which makes the number a len*8 bit number */ buf[1] = (unsigned char)0x01; /* set the LSB to the desired settings * (1 for any prime, 3 for primes congruent to 3 mod 4) */ buf[len+1] |= (unsigned char)ormask; /* read the number in */ if (mp_read_raw(N, buf, 2+len) != MP_OKAY) { return CRYPT_MEM; } /* add the step size to it while N is not prime */ if ((err = next_prime(N, step)) != CRYPT_OK) { return err; } #ifdef CLEAN_STACK zeromem(buf, sizeof(buf)); #endif return CRYPT_OK; }
int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen) { int err, x; _ARGCHK(state != NULL); _ARGCHK(out != NULL); if ((err = cipher_is_valid(state->cipher_idx)) != CRYPT_OK) { return err; } if ((state->buflen > (int)sizeof(state->block)) || (state->buflen < 0) || (state->block_len > (int)sizeof(state->block)) || (state->buflen > state->block_len)) { return CRYPT_INVALID_ARG; } /* handle padding. If multiple xor in L/x */ if (state->buflen == state->block_len) { /* xor Lr against the checksum */ for (x = 0; x < state->block_len; x++) { state->checksum[x] ^= state->block[x] ^ state->Lr[x]; } } else { /* otherwise xor message bytes then the 0x80 byte */ for (x = 0; x < state->buflen; x++) { state->checksum[x] ^= state->block[x]; } state->checksum[x] ^= 0x80; } /* encrypt it */ cipher_descriptor[state->cipher_idx].ecb_encrypt(state->checksum, state->checksum, &state->key); /* store it */ for (x = 0; x < state->block_len && x <= (int)*outlen; x++) { out[x] = state->checksum[x]; } *outlen = x; #ifdef CLEAN_STACK zeromem(state, sizeof(*state)); #endif return CRYPT_OK; }
int rsa_depad(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { unsigned long x; _ARGCHK(in != NULL); _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); if (*outlen < inlen/3) { return CRYPT_BUFFER_OVERFLOW; } for (x = 0; x < inlen/3; x++) { out[x] = in[x+(inlen/3)]; } *outlen = inlen/3; return CRYPT_OK; }
int cast5_keysize(int *desired_keysize) { _ARGCHK(desired_keysize != NULL); if (*desired_keysize < 5) { return CRYPT_INVALID_KEYSIZE; } else if (*desired_keysize > 16) { *desired_keysize = 16; } return CRYPT_OK; }
int noekeon_keysize(int *desired_keysize) { _ARGCHK(desired_keysize != NULL); if (*desired_keysize < 16) { return CRYPT_INVALID_KEYSIZE; } else { *desired_keysize = 16; return CRYPT_OK; } }