int
compute_checksum(uchar_t *cksum_buf, int cksum, uchar_t *buf, int64_t bytes)
{
if (cksum == CKSUM_CRC64) {
uint64_t *ck = (uint64_t *)cksum_buf;
*ck = lzma_crc64(buf, bytes, 0);
} else if (cksum == CKSUM_SKEIN256) {
Skein_512_Ctxt_t ctx;
Skein_512_Init(&ctx, 256);
Skein_512_Update(&ctx, buf, bytes);
Skein_512_Final(&ctx, cksum_buf);
} else if (cksum == CKSUM_SKEIN512) {
Skein_512_Ctxt_t ctx;
Skein_512_Init(&ctx, 512);
Skein_512_Update(&ctx, buf, bytes);
Skein_512_Final(&ctx, cksum_buf);
} else if (cksum == CKSUM_SHA256) {
if (cksum_provider == PROVIDER_OPENSSL) {
SHA256_CTX ctx;
SHA256_Init(&ctx);
SHA256_Update(&ctx, buf, bytes);
SHA256_Final(cksum_buf, &ctx);
} else {
SHA256_Context ctx;
opt_SHA256_Init(&ctx);
opt_SHA256_Update(&ctx, buf, bytes);
opt_SHA256_Final(&ctx, cksum_buf);
}
} else if (cksum == CKSUM_SHA512) {
SHA512_CTX ctx;
SHA512_Init(&ctx);
SHA512_Update(&ctx, buf, bytes);
SHA512_Final(cksum_buf, &ctx);
} else if (cksum == CKSUM_KECCAK256) {
if (Keccak_Hash(256, buf, bytes, cksum_buf) != 0)
return (-1);
} else if (cksum == CKSUM_KECCAK512) {
if (Keccak_Hash(512, buf, bytes, cksum_buf) != 0)
return (-1);
} else {
return (-1);
}
return (0);
}
static int
skein_incremental(void *buf, size_t size, void *arg)
{
Skein_512_Ctxt_t *ctx = arg;
(void) Skein_512_Update(ctx, buf, size);
return (0);
}
int Skein_512(const u08b_t *msg, size_t msgByteCnt, u08b_t *hashVal) {
Skein_512_Ctxt_t ctx;
if (Skein_512_Init(&ctx)) return SKEIN_FAIL;
if (Skein_512_Update(&ctx, msg, msgByteCnt)) return SKEIN_FAIL;
if (Skein_512_Final(&ctx, hashVal)) return SKEIN_FAIL;
return SKEIN_SUCCESS;
}
/* [identical to Skein_512_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_512_Update(ctx,key,keyBytes); /* hash the key */
Skein_512_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0; i<SKEIN_512_STATE_WORDS; i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(512,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
int skein_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
char *msg;
unsigned char hash[20];
} tests[] = {
{ {0xFF, 0x00 },
{ 0x42, 0xAA, 0x6B, 0xD9, 0xCA, 0x92, 0xE9, 0x0E, 0xA2, 0x8D, 0xF6, 0xF6, 0xF2, 0xD0, 0xD9, 0xB8,
0x5A, 0x2D, 0x19, 0x07, 0xEE, 0x4D, 0xC1, 0xB1, 0x71, 0xAC, 0xE7, 0xEB, 0x11, 0x59, 0xBE, 0x3B,
0xD1, 0xBC, 0x56, 0x58, 0x6D, 0x92, 0x49, 0x2B, 0x6E, 0xFF, 0x9B, 0xE0, 0x33, 0x06, 0x99, 0x4C,
0x65, 0xA3, 0x32, 0xC4, 0xC2, 0x41, 0x60, 0xF4, 0x66, 0x55, 0x04, 0x0E, 0x55, 0x8E, 0x83, 0x29 }
},
{ { 0xFF, 0xFE, 0xFD, 0xFC, 0xFB, 0xFA, 0xF9, 0xF8, 0xF7, 0xF6, 0xF5, 0xF4, 0xF3, 0xF2, 0xF1, 0xF0,
0xEF, 0xEE, 0xED, 0xEC, 0xEB, 0xEA, 0xE9, 0xE8, 0xE7, 0xE6, 0xE5, 0xE4, 0xE3, 0xE2, 0xE1, 0xE0,
0xDF, 0xDE, 0xDD, 0xDC, 0xDB, 0xDA, 0xD9, 0xD8, 0xD7, 0xD6, 0xD5, 0xD4, 0xD3, 0xD2, 0xD1, 0xD0,
0xCF, 0xCE, 0xCD, 0xCC, 0xCB, 0xCA, 0xC9, 0xC8, 0xC7, 0xC6, 0xC5, 0xC4, 0xC3, 0xC2, 0xC1, 0xC0,
0x00 },
{ 0x04, 0xF9, 0x6C, 0x6F, 0x61, 0xB3, 0xE2, 0x37, 0xA4, 0xFA, 0x77, 0x55, 0xEE, 0x4A, 0xCF, 0x34,
0x49, 0x42, 0x22, 0x96, 0x89, 0x54, 0xF4, 0x95, 0xAD, 0x14, 0x7A, 0x1A, 0x71, 0x5F, 0x7A, 0x73,
0xEB, 0xEC, 0xFA, 0x1E, 0xF2, 0x75, 0xBE, 0xD8, 0x7D, 0xC6, 0x0B, 0xD1, 0xA0, 0xBC, 0x60, 0x21,
0x06, 0xFA, 0x98, 0xF8, 0xE7, 0x23, 0x7B, 0xD1, 0xAC, 0x09, 0x58, 0xE7, 0x6D, 0x30, 0x66, 0x78 }
}
};
int i;
unsigned char tmp[64];
Skein_512_Ctxt_t md;
for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
Skein_512_Init(&md, 512);
Skein_512_Update(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
Skein_512_Final(&md, tmp);
if (XMEMCMP(tmp, tests[i].hash, 20) != 0) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
int skeinUpdate(SkeinCtx_t *ctx, const uint8_t *msg,
size_t msgByteCnt)
{
int ret = SKEIN_FAIL;
Skein_Assert(ctx, SKEIN_FAIL);
switch (ctx->skeinSize) {
case Skein256:
ret = Skein_256_Update(&ctx->m.s256, (const u08b_t*)msg, msgByteCnt);
break;
case Skein512:
ret = Skein_512_Update(&ctx->m.s512, (const u08b_t*)msg, msgByteCnt);
break;
case Skein1024:
ret = Skein1024_Update(&ctx->m.s1024, (const u08b_t*)msg, msgByteCnt);
break;
}
return ret;
}
int
hmac_update(mac_ctx_t *mctx, uchar_t *data, uint64_t len)
{
int cksum = mctx->mac_cksum;
if (cksum == CKSUM_SKEIN256 || cksum == CKSUM_SKEIN512) {
Skein_512_Update(mctx->mac_ctx, data, len);
} else if (cksum == CKSUM_SHA256 || cksum == CKSUM_CRC64) {
if (cksum_provider == PROVIDER_OPENSSL) {
if (HMAC_Update(mctx->mac_ctx, data, len) == 0)
return (-1);
} else {
opt_HMAC_SHA256_Update(mctx->mac_ctx, data, len);
}
} else if (cksum == CKSUM_SHA512) {
if (HMAC_Update(mctx->mac_ctx, data, len) == 0)
return (-1);
} else if (cksum == CKSUM_KECCAK256 || cksum == CKSUM_KECCAK512) {
// Keccak takes data length in bits so we have to scale
while (len > KECCAK_MAX_SEG) {
uint64_t blen;
blen = KECCAK_MAX_SEG;
if (Keccak_Update(mctx->mac_ctx, data, blen << 3) != 0)
return (-1);
len -= KECCAK_MAX_SEG;
}
if (Keccak_Update(mctx->mac_ctx, data, len << 3) != 0)
return (-1);
} else {
return (-1);
}
return (0);
}
void
SKEIN512_Update(SKEIN512_CTX * ctx, const void *in, size_t len)
{
Skein_512_Update(ctx, in, len);
}