From d634f56631ffad02dfe2ed6173270b196ab5fa6f Mon Sep 17 00:00:00 2001 From: philanc Date: Fri, 18 Nov 2016 19:01:21 -0500 Subject: [PATCH] removed rabbit, moved test --- Makefile | 4 +- README.md | 14 +- src/crypto_readme.md | 9 - src/luazen.c | 64 +---- src/rabbit-config.h | 278 ------------------ src/rabbit-machine.h | 49 ---- src/rabbit-portable.h | 303 -------------------- src/rabbit-sync.h | 364 ------------------------ src/rabbit.c | 344 ---------------------- test_luazen.lua => test/test_luazen.lua | 40 --- 10 files changed, 9 insertions(+), 1460 deletions(-) delete mode 100644 src/rabbit-config.h delete mode 100644 src/rabbit-machine.h delete mode 100644 src/rabbit-portable.h delete mode 100644 src/rabbit-sync.h delete mode 100644 src/rabbit.c rename test_luazen.lua => test/test_luazen.lua (79%) diff --git a/Makefile b/Makefile index 86afc16..a0cbf99 100644 --- a/Makefile +++ b/Makefile @@ -12,14 +12,14 @@ AR= ar CFLAGS= -Os -fPIC $(INCFLAGS) LDFLAGS= -fPIC -LUAZEN_O= luazen.o base58.o lzf_c.o lzf_d.o md5.o rabbit.o rc4.o sha1.o +LUAZEN_O= luazen.o base58.o lzf_c.o lzf_d.o md5.o rc4.o sha1.o luazen.so: src/*.c src/*.h $(CC) -c $(CFLAGS) src/*.c $(CC) -shared $(LDFLAGS) -o luazen.so $(LUAZEN_O) test: luazen.so - lua test_luazen.lua + lua test/test_luazen.lua clean: rm -f *.o *.a *.so diff --git a/README.md b/README.md index 1adb30d..ead2097 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,7 @@ The compression functions are based on the tiny **lzf** library. It is not as ef Endoding and decoding functions are provided for **base64** and **base58** (for base58, the BitCoin encoding alphabet is used) -Cryptographic functions include **md5**, **sha1**, **rc4** and **rabbit** - -Rabbit is a very fast stream cipher (faster and much stronger than rc4). It was one of the four eSTREAM finalists in 2008. See the rabbit presentation pages at [eSTREAM](http://www.ecrypt.eu.org/stream/rabbitpf.html) and at [ECRYPT II](http://www.ecrypt.eu.org/stream/e2-rabbit.html). Rabbit was also specified in [RFC 4503](http://www.ietf.org/rfc/rfc4503.txt) +Cryptographic functions include **md5**, **sha1**, and **rc4**. ### API ``` @@ -74,15 +72,6 @@ rc4(str, key) arguments and return are the same as rc4raw() key length must be 16 (or nil, error msg is returned) -rabbit(str, key, iv) - encrypt (or decrypt, as rabbit is symmetric) string str with - key string key and initial value string iv. - key must be 16 bytes. iv must be 8 bytes - return the encrypted string (same length as str) - or nil, error msg if the key or iv lengths are not correct - -- for more information and references on rabbit, see the comment - at the top of src/luazen/rabbit.c - md5(str) return the md5 hash of string str as a binary string (no hex encoding) @@ -101,7 +90,6 @@ The luazen library includes some code from various authors (see src/): - base58 functions by Luke Dashjr (MIT) - md5, sha1 by Cameron Rich (BSD) - lzf functions by Marc Alexander Lehmann (BSD, see src/lzf* headers) -- rabbit by Cryptico A/S (public domain, since 2008) (the code from these sources has been significantly modified - all bugs are probably mine!) diff --git a/src/crypto_readme.md b/src/crypto_readme.md index 800948a..de989ab 100644 --- a/src/crypto_readme.md +++ b/src/crypto_readme.md @@ -62,14 +62,5 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE ------------------------------------------------------------------------- ---- rabbit - -Original author/copyright owner: Cryptico A/S -Released into the public domain in 2008. -see http://www.ecrypt.eu.org/stream/phase3ip.html#rabbit -see also the rabbit.c header. - - ``` \ No newline at end of file diff --git a/src/luazen.c b/src/luazen.c index f4f7275..4d140ff 100644 --- a/src/luazen.c +++ b/src/luazen.c @@ -2,31 +2,15 @@ // --------------------------------------------------------------------- /* luazen -A small Lua extension library with crypto and compression functions -(stuff that is very slow and inefficient when done in pure Lua...) - -160412 - removed hmac_md5, hmac_sha1 (rather use tweetnacl) - added base58 encode/decode -150701 - replaced nacl-unknown with tweetnacl-20140427, incl sha512 - moved nacl to its own module ("luatweetnacl") -150628 - added nacl (nacl-unknown, ca. 2008) -150624 - test lzf to replace gzip (lzf is much smaller, albeit less efficient) -110622 - added macros from roberto's lpeg for 5.1/5.2 compat -110123 - fixed zip "dstln must be set to buf ln upon entry" (already fixed - but only for unzip...) -110122 - fixed luaL_reg to luaL_Reg (for lua5.2) - fixed unzip "dstln must be set to buf ln upon entry" +A small Lua extension library with low grade crypto and compression +functions (stuff that is very slow when done in pure Lua...). +See README.md. + +https://github.com/philanc/luazen */ -#define LUAZEN_VERSION "luazen-0.6" +#define LUAZEN_VERSION "luazen-0.7" #include #include @@ -39,7 +23,6 @@ A small Lua extension library with crypto and compression functions #include "md5.h" #include "sha1.h" #include "base58.h" -#include "rabbit-sync.h" //========================================================= // compatibility with Lua 5.2 --and lua 5.3, added 150621 @@ -202,35 +185,6 @@ static int luazen_rc4(lua_State *L) { return 1; } -//---------------------------------------------------------------------- -// rabbit stream cipher -// -static int luazen_rabbit(lua_State *L) { - // Lua: - // rabbit(plaintext, key, iv) returns encrypted text - // rabbit(encrypted, key, iv) returns decrypted text - // key: the encryption key - must be a 16-byte string - // iv: the initial value - must be a 8-byte string - // - size_t pln, kln, ivln; - const char *p = luaL_checklstring (L, 1, &pln); - const char *k = luaL_checklstring (L, 2, &kln); - const char *iv = luaL_checklstring (L, 3, &ivln); - if ((kln != 16) || (ivln != 8)) { - lua_pushnil (L); - lua_pushliteral (L, - "luazen: rabbit key and iv must be 16 and 8 bytes"); - return 2; - } - char * e = malloc(pln); // buffer for encrypted text - ECRYPT_ctx ctx; - ECRYPT_keysetup(&ctx, k, 16, 8); - ECRYPT_ivsetup(&ctx, iv); - ECRYPT_process_bytes(0, &ctx, p, e, pln); // 1st param is ignored - lua_pushlstring (L, e, pln); - free(e); - return 1; -} //---------------------------------------------------------------------- @@ -364,9 +318,6 @@ static int luazen_b64decode(lua_State *L) /** decode(s) */ } luaL_pushresult(&b); return 1; - //~ case 0: - //~ luaL_pushresult(&b); - //~ return 1; case '\n': case '\r': case '\t': case ' ': case '\f': case '\b': break; } //switch(c) @@ -412,9 +363,7 @@ static int luazen_b58decode(lua_State *L) { bufsz = eln; // more than enough! unsigned char *buf = malloc(bufsz); bln = bufsz; // give the result buffer size to b58tobin - //~ printf("dec bef eln=%d bln=%d \n", eln, bln); bool r = b58tobin(buf, &bln, e, eln); - //~ printf("dec aft eln=%d bln=%d \n", eln, bln); if (!r) { free(buf); lua_pushnil (L); @@ -436,7 +385,6 @@ static const struct luaL_Reg luazenlib[] = { {"unlzf", luazen_unlzf}, {"rc4", luazen_rc4}, {"rc4raw", luazen_rc4raw}, - {"rabbit", luazen_rabbit}, {"md5", luazen_md5}, {"sha1", luazen_sha1}, {"b64encode", luazen_b64encode}, diff --git a/src/rabbit-config.h b/src/rabbit-config.h deleted file mode 100644 index 1aceaa3..0000000 --- a/src/rabbit-config.h +++ /dev/null @@ -1,278 +0,0 @@ -/* ecrypt-config.h */ - -/* *** Normally, it should not be necessary to edit this file. *** */ - -#ifndef ECRYPT_CONFIG -#define ECRYPT_CONFIG - -/* ------------------------------------------------------------------------- */ - -/* Guess the endianness of the target architecture. */ - -/* - * The LITTLE endian machines: - */ -#if defined(__ultrix) /* Older MIPS */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(__alpha) /* Alpha */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(i386) /* x86 (gcc) */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(__i386) /* x86 (gcc) */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(_M_IX86) /* x86 (MSC, Borland) */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(_MSC_VER) /* x86 (surely MSC) */ -#define ECRYPT_LITTLE_ENDIAN -#elif defined(__INTEL_COMPILER) /* x86 (surely Intel compiler icl.exe) */ -#define ECRYPT_LITTLE_ENDIAN - -/* - * The BIG endian machines: - */ -#elif defined(sun) /* Newer Sparc's */ -#define ECRYPT_BIG_ENDIAN -#elif defined(__ppc__) /* PowerPC */ -#define ECRYPT_BIG_ENDIAN - -/* - * Finally machines with UNKNOWN endianness: - */ -#elif defined (_AIX) /* RS6000 */ -#define ECRYPT_UNKNOWN -#elif defined(__hpux) /* HP-PA */ -#define ECRYPT_UNKNOWN -#elif defined(__aux) /* 68K */ -#define ECRYPT_UNKNOWN -#elif defined(__dgux) /* 88K (but P6 in latest boxes) */ -#define ECRYPT_UNKNOWN -#elif defined(__sgi) /* Newer MIPS */ -#define ECRYPT_UNKNOWN -#else /* Any other processor */ -#define ECRYPT_UNKNOWN -#endif - -///--------------------------------------------------------------------- -/// ph: endianness not detected for ARM -/// => make it explicit - all the targets (x86, arm) are little endian -#undef ECRYPT_UNKNOWN -#define ECRYPT_LITTLE_ENDIAN -///--------------------------------------------------------------------- - - - -/* ------------------------------------------------------------------------- */ - -/* - * Find minimal-width types to store 8-bit, 16-bit, 32-bit, and 64-bit - * integers. - * - * Note: to enable 64-bit types on 32-bit compilers, it might be - * necessary to switch from ISO C90 mode to ISO C99 mode (e.g., gcc - * -std=c99), or to allow compiler-specific extensions. - */ - -#include - -/* --- check char --- */ - -#if (UCHAR_MAX / 0xFU > 0xFU) -#ifndef I8T -#define I8T char -#define U8C(v) (v##U) - -#if (UCHAR_MAX == 0xFFU) -#define ECRYPT_I8T_IS_BYTE -#endif - -#endif - -#if (UCHAR_MAX / 0xFFU > 0xFFU) -#ifndef I16T -#define I16T char -#define U16C(v) (v##U) -#endif - -#if (UCHAR_MAX / 0xFFFFU > 0xFFFFU) -#ifndef I32T -#define I32T char -#define U32C(v) (v##U) -#endif - -#if (UCHAR_MAX / 0xFFFFFFFFU > 0xFFFFFFFFU) -#ifndef I64T -#define I64T char -#define U64C(v) (v##U) -#define ECRYPT_NATIVE64 -#endif - -#endif -#endif -#endif -#endif - -/* --- check short --- */ - -#if (USHRT_MAX / 0xFU > 0xFU) -#ifndef I8T -#define I8T short -#define U8C(v) (v##U) - -#if (USHRT_MAX == 0xFFU) -#define ECRYPT_I8T_IS_BYTE -#endif - -#endif - -#if (USHRT_MAX / 0xFFU > 0xFFU) -#ifndef I16T -#define I16T short -#define U16C(v) (v##U) -#endif - -#if (USHRT_MAX / 0xFFFFU > 0xFFFFU) -#ifndef I32T -#define I32T short -#define U32C(v) (v##U) -#endif - -#if (USHRT_MAX / 0xFFFFFFFFU > 0xFFFFFFFFU) -#ifndef I64T -#define I64T short -#define U64C(v) (v##U) -#define ECRYPT_NATIVE64 -#endif - -#endif -#endif -#endif -#endif - -/* --- check int --- */ - -#if (UINT_MAX / 0xFU > 0xFU) -#ifndef I8T -#define I8T int -#define U8C(v) (v##U) - -#if (ULONG_MAX == 0xFFU) -#define ECRYPT_I8T_IS_BYTE -#endif - -#endif - -#if (UINT_MAX / 0xFFU > 0xFFU) -#ifndef I16T -#define I16T int -#define U16C(v) (v##U) -#endif - -#if (UINT_MAX / 0xFFFFU > 0xFFFFU) -#ifndef I32T -#define I32T int -#define U32C(v) (v##U) -#endif - -#if (UINT_MAX / 0xFFFFFFFFU > 0xFFFFFFFFU) -#ifndef I64T -#define I64T int -#define U64C(v) (v##U) -#define ECRYPT_NATIVE64 -#endif - -#endif -#endif -#endif -#endif - -/* --- check long --- */ - -#if (ULONG_MAX / 0xFUL > 0xFUL) -#ifndef I8T -#define I8T long -#define U8C(v) (v##UL) - -#if (ULONG_MAX == 0xFFUL) -#define ECRYPT_I8T_IS_BYTE -#endif - -#endif - -#if (ULONG_MAX / 0xFFUL > 0xFFUL) -#ifndef I16T -#define I16T long -#define U16C(v) (v##UL) -#endif - -#if (ULONG_MAX / 0xFFFFUL > 0xFFFFUL) -#ifndef I32T -#define I32T long -#define U32C(v) (v##UL) -#endif - -#if (ULONG_MAX / 0xFFFFFFFFUL > 0xFFFFFFFFUL) -#ifndef I64T -#define I64T long -#define U64C(v) (v##UL) -#define ECRYPT_NATIVE64 -#endif - -#endif -#endif -#endif -#endif - -/* --- check long long --- */ - -#ifdef ULLONG_MAX - -#if (ULLONG_MAX / 0xFULL > 0xFULL) -#ifndef I8T -#define I8T long long -#define U8C(v) (v##ULL) - -#if (ULLONG_MAX == 0xFFULL) -#define ECRYPT_I8T_IS_BYTE -#endif - -#endif - -#if (ULLONG_MAX / 0xFFULL > 0xFFULL) -#ifndef I16T -#define I16T long long -#define U16C(v) (v##ULL) -#endif - -#if (ULLONG_MAX / 0xFFFFULL > 0xFFFFULL) -#ifndef I32T -#define I32T long long -#define U32C(v) (v##ULL) -#endif - -#if (ULLONG_MAX / 0xFFFFFFFFULL > 0xFFFFFFFFULL) -#ifndef I64T -#define I64T long long -#define U64C(v) (v##ULL) -#endif - -#endif -#endif -#endif -#endif - -#endif - -/* --- check __int64 --- */ - -#if !defined(__STDC__) && defined(_UI64_MAX) - -#ifndef I64T -#define I64T __int64 -#define U64C(v) (v##ui64) -#endif - -#endif - -/* ------------------------------------------------------------------------- */ - -#endif diff --git a/src/rabbit-machine.h b/src/rabbit-machine.h deleted file mode 100644 index d006bed..0000000 --- a/src/rabbit-machine.h +++ /dev/null @@ -1,49 +0,0 @@ -/* ecrypt-machine.h */ - -/* - * This file is included by 'ecrypt-portable.h'. It allows to override - * the default macros for specific platforms. Please carefully check - * the machine code generated by your compiler (with optimisations - * turned on) before deciding to edit this file. - */ - -/* ------------------------------------------------------------------------- */ - -#if (defined(ECRYPT_DEFAULT_ROT) && !defined(ECRYPT_MACHINE_ROT)) - -#define ECRYPT_MACHINE_ROT - -#if (defined(WIN32) && defined(_MSC_VER)) - -#undef ROTL32 -#undef ROTR32 -#undef ROTL64 -#undef ROTR64 - -#include - -#pragma intrinsic(_lrotl) /* compile rotations "inline" */ -#pragma intrinsic(_lrotr) - -#define ROTL32(v, n) _lrotl(v, n) -#define ROTR32(v, n) _lrotr(v, n) -#define ROTL64(v, n) _rotl64(v, n) -#define ROTR64(v, n) _rotr64(v, n) - -#endif - -#endif - -/* ------------------------------------------------------------------------- */ - -#if (defined(ECRYPT_DEFAULT_SWAP) && !defined(ECRYPT_MACHINE_SWAP)) - -#define ECRYPT_MACHINE_SWAP - -/* - * If you want to overwrite the default swap macros, put it here. And so on. - */ - -#endif - -/* ------------------------------------------------------------------------- */ diff --git a/src/rabbit-portable.h b/src/rabbit-portable.h deleted file mode 100644 index dac3daa..0000000 --- a/src/rabbit-portable.h +++ /dev/null @@ -1,303 +0,0 @@ -/* ecrypt-portable.h */ - -/* - * WARNING: the conversions defined below are implemented as macros, - * and should be used carefully. They should NOT be used with - * parameters which perform some action. E.g., the following two lines - * are not equivalent: - * - * 1) ++x; y = ROTL32(x, n); - * 2) y = ROTL32(++x, n); - */ - -/* - * *** Please do not edit this file. *** - * - * The default macros can be overridden for specific architectures by - * editing 'ecrypt-machine.h'. - */ - -#ifndef ECRYPT_PORTABLE -#define ECRYPT_PORTABLE - -#include "rabbit-config.h" - -/* ------------------------------------------------------------------------- */ - -/* - * The following types are defined (if available): - * - * u8: unsigned integer type, at least 8 bits - * u16: unsigned integer type, at least 16 bits - * u32: unsigned integer type, at least 32 bits - * u64: unsigned integer type, at least 64 bits - * - * s8, s16, s32, s64 -> signed counterparts of u8, u16, u32, u64 - * - * The selection of minimum-width integer types is taken care of by - * 'ecrypt-config.h'. Note: to enable 64-bit types on 32-bit - * compilers, it might be necessary to switch from ISO C90 mode to ISO - * C99 mode (e.g., gcc -std=c99). - */ - -#ifdef I8T -typedef signed I8T s8; -typedef unsigned I8T u8; -#endif - -#ifdef I16T -typedef signed I16T s16; -typedef unsigned I16T u16; -#endif - -#ifdef I32T -typedef signed I32T s32; -typedef unsigned I32T u32; -#endif - -#ifdef I64T -typedef signed I64T s64; -typedef unsigned I64T u64; -#endif - -/* - * The following macros are used to obtain exact-width results. - */ - -#define U8V(v) ((u8)(v) & U8C(0xFF)) -#define U16V(v) ((u16)(v) & U16C(0xFFFF)) -#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF)) -#define U64V(v) ((u64)(v) & U64C(0xFFFFFFFFFFFFFFFF)) - -/* ------------------------------------------------------------------------- */ - -/* - * The following macros return words with their bits rotated over n - * positions to the left/right. - */ - -#define ECRYPT_DEFAULT_ROT - -#define ROTL8(v, n) \ - (U8V((v) << (n)) | ((v) >> (8 - (n)))) - -#define ROTL16(v, n) \ - (U16V((v) << (n)) | ((v) >> (16 - (n)))) - -#define ROTL32(v, n) \ - (U32V((v) << (n)) | ((v) >> (32 - (n)))) - -#define ROTL64(v, n) \ - (U64V((v) << (n)) | ((v) >> (64 - (n)))) - -#define ROTR8(v, n) ROTL8(v, 8 - (n)) -#define ROTR16(v, n) ROTL16(v, 16 - (n)) -#define ROTR32(v, n) ROTL32(v, 32 - (n)) -#define ROTR64(v, n) ROTL64(v, 64 - (n)) - -#include "rabbit-machine.h" - -/* ------------------------------------------------------------------------- */ - -/* - * The following macros return a word with bytes in reverse order. - */ - -#define ECRYPT_DEFAULT_SWAP - -#define SWAP16(v) \ - ROTL16(v, 8) - -#define SWAP32(v) \ - ((ROTL32(v, 8) & U32C(0x00FF00FF)) | \ - (ROTL32(v, 24) & U32C(0xFF00FF00))) - -#ifdef ECRYPT_NATIVE64 -#define SWAP64(v) \ - ((ROTL64(v, 8) & U64C(0x000000FF000000FF)) | \ - (ROTL64(v, 24) & U64C(0x0000FF000000FF00)) | \ - (ROTL64(v, 40) & U64C(0x00FF000000FF0000)) | \ - (ROTL64(v, 56) & U64C(0xFF000000FF000000))) -#else -#define SWAP64(v) \ - (((u64)SWAP32(U32V(v)) << 32) | (u64)SWAP32(U32V(v >> 32))) -#endif - -#include "rabbit-machine.h" - -#define ECRYPT_DEFAULT_WTOW - -#ifdef ECRYPT_LITTLE_ENDIAN -#define U16TO16_LITTLE(v) (v) -#define U32TO32_LITTLE(v) (v) -#define U64TO64_LITTLE(v) (v) - -#define U16TO16_BIG(v) SWAP16(v) -#define U32TO32_BIG(v) SWAP32(v) -#define U64TO64_BIG(v) SWAP64(v) -#endif - -#ifdef ECRYPT_BIG_ENDIAN -#define U16TO16_LITTLE(v) SWAP16(v) -#define U32TO32_LITTLE(v) SWAP32(v) -#define U64TO64_LITTLE(v) SWAP64(v) - -#define U16TO16_BIG(v) (v) -#define U32TO32_BIG(v) (v) -#define U64TO64_BIG(v) (v) -#endif - -#include "rabbit-machine.h" - -/* - * The following macros load words from an array of bytes with - * different types of endianness, and vice versa. - */ - -#define ECRYPT_DEFAULT_BTOW - -#if (!defined(ECRYPT_UNKNOWN) && defined(ECRYPT_I8T_IS_BYTE)) - -#define U8TO16_LITTLE(p) U16TO16_LITTLE(((u16*)(p))[0]) -#define U8TO32_LITTLE(p) U32TO32_LITTLE(((u32*)(p))[0]) -#define U8TO64_LITTLE(p) U64TO64_LITTLE(((u64*)(p))[0]) - -#define U8TO16_BIG(p) U16TO16_BIG(((u16*)(p))[0]) -#define U8TO32_BIG(p) U32TO32_BIG(((u32*)(p))[0]) -#define U8TO64_BIG(p) U64TO64_BIG(((u64*)(p))[0]) - -#define U16TO8_LITTLE(p, v) (((u16*)(p))[0] = U16TO16_LITTLE(v)) -#define U32TO8_LITTLE(p, v) (((u32*)(p))[0] = U32TO32_LITTLE(v)) -#define U64TO8_LITTLE(p, v) (((u64*)(p))[0] = U64TO64_LITTLE(v)) - -#define U16TO8_BIG(p, v) (((u16*)(p))[0] = U16TO16_BIG(v)) -#define U32TO8_BIG(p, v) (((u32*)(p))[0] = U32TO32_BIG(v)) -#define U64TO8_BIG(p, v) (((u64*)(p))[0] = U64TO64_BIG(v)) - -#else - -#define U8TO16_LITTLE(p) \ - (((u16)((p)[0]) ) | \ - ((u16)((p)[1]) << 8)) - -#define U8TO32_LITTLE(p) \ - (((u32)((p)[0]) ) | \ - ((u32)((p)[1]) << 8) | \ - ((u32)((p)[2]) << 16) | \ - ((u32)((p)[3]) << 24)) - -#ifdef ECRYPT_NATIVE64 -#define U8TO64_LITTLE(p) \ - (((u64)((p)[0]) ) | \ - ((u64)((p)[1]) << 8) | \ - ((u64)((p)[2]) << 16) | \ - ((u64)((p)[3]) << 24) | \ - ((u64)((p)[4]) << 32) | \ - ((u64)((p)[5]) << 40) | \ - ((u64)((p)[6]) << 48) | \ - ((u64)((p)[7]) << 56)) -#else -#define U8TO64_LITTLE(p) \ - ((u64)U8TO32_LITTLE(p) | ((u64)U8TO32_LITTLE((p) + 4) << 32)) -#endif - -#define U8TO16_BIG(p) \ - (((u16)((p)[0]) << 8) | \ - ((u16)((p)[1]) )) - -#define U8TO32_BIG(p) \ - (((u32)((p)[0]) << 24) | \ - ((u32)((p)[1]) << 16) | \ - ((u32)((p)[2]) << 8) | \ - ((u32)((p)[3]) )) - -#ifdef ECRYPT_NATIVE64 -#define U8TO64_BIG(p) \ - (((u64)((p)[0]) << 56) | \ - ((u64)((p)[1]) << 48) | \ - ((u64)((p)[2]) << 40) | \ - ((u64)((p)[3]) << 32) | \ - ((u64)((p)[4]) << 24) | \ - ((u64)((p)[5]) << 16) | \ - ((u64)((p)[6]) << 8) | \ - ((u64)((p)[7]) )) -#else -#define U8TO64_BIG(p) \ - (((u64)U8TO32_BIG(p) << 32) | (u64)U8TO32_BIG((p) + 4)) -#endif - -#define U16TO8_LITTLE(p, v) \ - do { \ - (p)[0] = U8V((v) ); \ - (p)[1] = U8V((v) >> 8); \ - } while (0) - -#define U32TO8_LITTLE(p, v) \ - do { \ - (p)[0] = U8V((v) ); \ - (p)[1] = U8V((v) >> 8); \ - (p)[2] = U8V((v) >> 16); \ - (p)[3] = U8V((v) >> 24); \ - } while (0) - -#ifdef ECRYPT_NATIVE64 -#define U64TO8_LITTLE(p, v) \ - do { \ - (p)[0] = U8V((v) ); \ - (p)[1] = U8V((v) >> 8); \ - (p)[2] = U8V((v) >> 16); \ - (p)[3] = U8V((v) >> 24); \ - (p)[4] = U8V((v) >> 32); \ - (p)[5] = U8V((v) >> 40); \ - (p)[6] = U8V((v) >> 48); \ - (p)[7] = U8V((v) >> 56); \ - } while (0) -#else -#define U64TO8_LITTLE(p, v) \ - do { \ - U32TO8_LITTLE((p), U32V((v) )); \ - U32TO8_LITTLE((p) + 4, U32V((v) >> 32)); \ - } while (0) -#endif - -#define U16TO8_BIG(p, v) \ - do { \ - (p)[0] = U8V((v) ); \ - (p)[1] = U8V((v) >> 8); \ - } while (0) - -#define U32TO8_BIG(p, v) \ - do { \ - (p)[0] = U8V((v) >> 24); \ - (p)[1] = U8V((v) >> 16); \ - (p)[2] = U8V((v) >> 8); \ - (p)[3] = U8V((v) ); \ - } while (0) - -#ifdef ECRYPT_NATIVE64 -#define U64TO8_BIG(p, v) \ - do { \ - (p)[0] = U8V((v) >> 56); \ - (p)[1] = U8V((v) >> 48); \ - (p)[2] = U8V((v) >> 40); \ - (p)[3] = U8V((v) >> 32); \ - (p)[4] = U8V((v) >> 24); \ - (p)[5] = U8V((v) >> 16); \ - (p)[6] = U8V((v) >> 8); \ - (p)[7] = U8V((v) ); \ - } while (0) -#else -#define U64TO8_BIG(p, v) \ - do { \ - U32TO8_BIG((p), U32V((v) >> 32)); \ - U32TO8_BIG((p) + 4, U32V((v) )); \ - } while (0) -#endif - -#endif - -#include "rabbit-machine.h" - -/* ------------------------------------------------------------------------- */ - -#endif diff --git a/src/rabbit-sync.h b/src/rabbit-sync.h deleted file mode 100644 index 8f2749f..0000000 --- a/src/rabbit-sync.h +++ /dev/null @@ -1,364 +0,0 @@ -/* ecrypt-sync.h */ - -/* - * Header file for synchronous stream ciphers without authentication - * mechanism. - * - * *** Please only edit parts marked with "[edit]". *** - */ - -#ifndef ECRYPT_SYNC -#define ECRYPT_SYNC - -#include "rabbit-portable.h" - -/* ------------------------------------------------------------------------- */ - -/* Cipher parameters */ - -/* - * The name of your cipher. - */ -#define ECRYPT_NAME "Rabbit Stream Cipher" - -/* - * Specify which key and IV sizes are supported by your cipher. A user - * should be able to enumerate the supported sizes by running the - * following code: - * - * for (i = 0; ECRYPT_KEYSIZE(i) <= ECRYPT_MAXKEYSIZE; ++i) - * { - * keysize = ECRYPT_KEYSIZE(i); - * - * ... - * } - * - * All sizes are in bits. - */ - -#define ECRYPT_MAXKEYSIZE 128 -#define ECRYPT_KEYSIZE(i) (128 + (i)*32) - -#define ECRYPT_MAXIVSIZE 64 -#define ECRYPT_IVSIZE(i) (64 + (i)*64) - -/* ------------------------------------------------------------------------- */ - -/* Data structures */ - -/* - * ECRYPT_ctx is the structure containing the representation of the - * internal state of your cipher. - */ - -typedef struct -{ - u32 x[8]; - u32 c[8]; - u32 carry; -} RABBIT_ctx; - -typedef struct -{ - /* - * Put here all state variable needed during the encryption process. - */ - RABBIT_ctx master_ctx; - RABBIT_ctx work_ctx; -} ECRYPT_ctx; - -/* ------------------------------------------------------------------------- */ - -/* Mandatory functions */ - -/* - * Key and message independent initialization. This function will be - * called once when the program starts (e.g., to build expanded S-box - * tables). - */ -void ECRYPT_init(void); - -/* - * Key setup. It is the user's responsibility to select the values of - * keysize and ivsize from the set of supported values specified - * above. - */ -void ECRYPT_keysetup( - ECRYPT_ctx* ctx, - const u8* key, - u32 keysize, /* Key size in bits. */ - u32 ivsize); /* IV size in bits. */ - -/* - * IV setup. After having called ECRYPT_keysetup(), the user is - * allowed to call ECRYPT_ivsetup() different times in order to - * encrypt/decrypt different messages with the same key but different - * IV's. - */ -void ECRYPT_ivsetup( - ECRYPT_ctx* ctx, - const u8* iv); - -/* - * Encryption/decryption of arbitrary length messages. - * - * For efficiency reasons, the API provides two types of - * encrypt/decrypt functions. The ECRYPT_encrypt_bytes() function - * (declared here) encrypts byte strings of arbitrary length, while - * the ECRYPT_encrypt_blocks() function (defined later) only accepts - * lengths which are multiples of ECRYPT_BLOCKLENGTH. - * - * The user is allowed to make multiple calls to - * ECRYPT_encrypt_blocks() to incrementally encrypt a long message, - * but he is NOT allowed to make additional encryption calls once he - * has called ECRYPT_encrypt_bytes() (unless he starts a new message - * of course). For example, this sequence of calls is acceptable: - * - * ECRYPT_keysetup(); - * - * ECRYPT_ivsetup(); - * ECRYPT_encrypt_blocks(); - * ECRYPT_encrypt_blocks(); - * ECRYPT_encrypt_bytes(); - * - * ECRYPT_ivsetup(); - * ECRYPT_encrypt_blocks(); - * ECRYPT_encrypt_blocks(); - * - * ECRYPT_ivsetup(); - * ECRYPT_encrypt_bytes(); - * - * The following sequence is not: - * - * ECRYPT_keysetup(); - * ECRYPT_ivsetup(); - * ECRYPT_encrypt_blocks(); - * ECRYPT_encrypt_bytes(); - * ECRYPT_encrypt_blocks(); - */ - -/* - * By default ECRYPT_encrypt_bytes() and ECRYPT_decrypt_bytes() are - * defined as macros which redirect the call to a single function - * ECRYPT_process_bytes(). If you want to provide separate encryption - * and decryption functions, please undef - * ECRYPT_HAS_SINGLE_BYTE_FUNCTION. - */ -#define ECRYPT_HAS_SINGLE_BYTE_FUNCTION -#ifdef ECRYPT_HAS_SINGLE_BYTE_FUNCTION - -#define ECRYPT_encrypt_bytes(ctx, plaintext, ciphertext, msglen) \ - ECRYPT_process_bytes(0, ctx, plaintext, ciphertext, msglen) - -#define ECRYPT_decrypt_bytes(ctx, ciphertext, plaintext, msglen) \ - ECRYPT_process_bytes(1, ctx, ciphertext, plaintext, msglen) - -void ECRYPT_process_bytes( - int action, /* 0 = encrypt; 1 = decrypt; */ - ECRYPT_ctx* ctx, - const u8* input, - u8* output, - u32 msglen); /* Message length in bytes. */ - -#else - -void ECRYPT_encrypt_bytes( - ECRYPT_ctx* ctx, - const u8* plaintext, - u8* ciphertext, - u32 msglen); /* Message length in bytes. */ - -void ECRYPT_decrypt_bytes( - ECRYPT_ctx* ctx, - const u8* ciphertext, - u8* plaintext, - u32 msglen); /* Message length in bytes. */ - -#endif - -/* ------------------------------------------------------------------------- */ - -/* Optional features */ - -/* - * For testing purposes it can sometimes be useful to have a function - * which immediately generates keystream without having to provide it - * with a zero plaintext. If your cipher cannot provide this function - * (e.g., because it is not strictly a synchronous cipher), please - * reset the ECRYPT_GENERATES_KEYSTREAM flag. - */ - -#define ECRYPT_GENERATES_KEYSTREAM -#ifdef ECRYPT_GENERATES_KEYSTREAM - -void ECRYPT_keystream_bytes( - ECRYPT_ctx* ctx, - u8* keystream, - u32 length); /* Length of keystream in bytes. */ - -#endif - -/* ------------------------------------------------------------------------- */ - -/* Optional optimizations */ - -/* - * By default, the functions in this section are implemented using - * calls to functions declared above. However, you might want to - * implement them differently for performance reasons. - */ - -/* - * All-in-one encryption/decryption of (short) packets. - * - * The default definitions of these functions can be found in - * "ecrypt-sync.c". If you want to implement them differently, please - * undef the ECRYPT_USES_DEFAULT_ALL_IN_ONE flag. - */ -#define ECRYPT_USES_DEFAULT_ALL_IN_ONE - -/* - * Undef ECRYPT_HAS_SINGLE_PACKET_FUNCTION if you want to provide - * separate packet encryption and decryption functions. - */ -#define ECRYPT_HAS_SINGLE_PACKET_FUNCTION -#ifdef ECRYPT_HAS_SINGLE_PACKET_FUNCTION - -#define ECRYPT_encrypt_packet( \ - ctx, iv, plaintext, ciphertext, mglen) \ - ECRYPT_process_packet(0, \ - ctx, iv, plaintext, ciphertext, mglen) - -#define ECRYPT_decrypt_packet( \ - ctx, iv, ciphertext, plaintext, mglen) \ - ECRYPT_process_packet(1, \ - ctx, iv, ciphertext, plaintext, mglen) - -void ECRYPT_process_packet( - int action, /* 0 = encrypt; 1 = decrypt; */ - ECRYPT_ctx* ctx, - const u8* iv, - const u8* input, - u8* output, - u32 msglen); - -#else - -void ECRYPT_encrypt_packet( - ECRYPT_ctx* ctx, - const u8* iv, - const u8* plaintext, - u8* ciphertext, - u32 msglen); - -void ECRYPT_decrypt_packet( - ECRYPT_ctx* ctx, - const u8* iv, - const u8* ciphertext, - u8* plaintext, - u32 msglen); - -#endif - -/* - * Encryption/decryption of blocks. - * - * By default, these functions are defined as macros. If you want to - * provide a different implementation, please undef the - * ECRYPT_USES_DEFAULT_BLOCK_MACROS flag and implement the functions - * declared below. - */ - -#define ECRYPT_BLOCKLENGTH 16 - -#undef ECRYPT_USES_DEFAULT_BLOCK_MACROS -#ifdef ECRYPT_USES_DEFAULT_BLOCK_MACROS - -#define ECRYPT_encrypt_blocks(ctx, plaintext, ciphertext, blocks) \ - ECRYPT_encrypt_bytes(ctx, plaintext, ciphertext, \ - (blocks) * ECRYPT_BLOCKLENGTH) - -#define ECRYPT_decrypt_blocks(ctx, ciphertext, plaintext, blocks) \ - ECRYPT_decrypt_bytes(ctx, ciphertext, plaintext, \ - (blocks) * ECRYPT_BLOCKLENGTH) - -#ifdef ECRYPT_GENERATES_KEYSTREAM - -#define ECRYPT_keystream_blocks(ctx, keystream, blocks) \ - ECRYPT_keystream_bytes(ctx, keystream, \ - (blocks) * ECRYPT_BLOCKLENGTH) - -#endif - -#else - -/* - * Undef ECRYPT_HAS_SINGLE_BLOCK_FUNCTION if you want to provide - * separate block encryption and decryption functions. - */ -#define ECRYPT_HAS_SINGLE_BLOCK_FUNCTION -#ifdef ECRYPT_HAS_SINGLE_BLOCK_FUNCTION - -#define ECRYPT_encrypt_blocks(ctx, plaintext, ciphertext, blocks) \ - ECRYPT_process_blocks(0, ctx, plaintext, ciphertext, blocks) - -#define ECRYPT_decrypt_blocks(ctx, ciphertext, plaintext, blocks) \ - ECRYPT_process_blocks(1, ctx, ciphertext, plaintext, blocks) - -void ECRYPT_process_blocks( - int action, /* 0 = encrypt; 1 = decrypt; */ - ECRYPT_ctx* ctx, - const u8* input, - u8* output, - u32 blocks); /* Message length in blocks. */ - -#else - -void ECRYPT_encrypt_blocks( - ECRYPT_ctx* ctx, - const u8* plaintext, - u8* ciphertext, - u32 blocks); /* Message length in blocks. */ - -void ECRYPT_decrypt_blocks( - ECRYPT_ctx* ctx, - const u8* ciphertext, - u8* plaintext, - u32 blocks); /* Message length in blocks. */ - -#endif - -#ifdef ECRYPT_GENERATES_KEYSTREAM - -void ECRYPT_keystream_blocks( - ECRYPT_ctx* ctx, - u8* keystream, - u32 blocks); /* Keystream length in blocks. */ - -#endif - -#endif - -/* - * If your cipher can be implemented in different ways, you can use - * the ECRYPT_VARIANT parameter to allow the user to choose between - * them at compile time (e.g., gcc -DECRYPT_VARIANT=3 ...). Please - * only use this possibility if you really think it could make a - * significant difference and keep the number of variants - * (ECRYPT_MAXVARIANT) as small as possible (definitely not more than - * 10). Note also that all variants should have exactly the same - * external interface (i.e., the same ECRYPT_BLOCKLENGTH, etc.). - */ -#define ECRYPT_MAXVARIANT 1 - -#ifndef ECRYPT_VARIANT -#define ECRYPT_VARIANT 1 -#endif - -#if (ECRYPT_VARIANT > ECRYPT_MAXVARIANT) -#error this variant does not exist -#endif - -/* ------------------------------------------------------------------------- */ - -#endif diff --git a/src/rabbit.c b/src/rabbit.c deleted file mode 100644 index 38e217c..0000000 --- a/src/rabbit.c +++ /dev/null @@ -1,344 +0,0 @@ -// Rabbit stream cipher - initially included in luazen 2016-04-13 - -// Rabbit was one of the four eSTREAM finalists in 2008 -// (for profile 1 -- sofware implementation) -// http://www.ecrypt.eu.org/stream/endofphase3.html - -// Rabbit presentation pages at eSTREAM and at ECRYPT II -// http://www.ecrypt.eu.org/stream/rabbitpf.html -// http://www.ecrypt.eu.org/stream/e2-rabbit.html - -// Rabbit was also specified in RFC 4503 -// http://www.ietf.org/rfc/rfc4503.txt - -// Released into the public domain in 2008. -// http://www.ecrypt.eu.org/stream/phase3ip.html#rabbit - -// the following copyright notice was included in the original ECRYPT -// submission. It has been kept as is. See the link above for the -// actual public domain release. - -// (end of luazen comment) - -/******************************************************************************/ -/* File name: rabbit.c */ -/*----------------------------------------------------------------------------*/ -/* Rabbit C source code in ECRYPT format */ -/*----------------------------------------------------------------------------*/ -/* Copyright (C) Cryptico A/S. All rights reserved. */ -/* */ -/* YOU SHOULD CAREFULLY READ THIS LEGAL NOTICE BEFORE USING THIS SOFTWARE. */ -/* */ -/* This software is developed by Cryptico A/S and/or its suppliers. */ -/* All title and intellectual property rights in and to the software, */ -/* including but not limited to patent rights and copyrights, are owned by */ -/* Cryptico A/S and/or its suppliers. */ -/* */ -/* The software may be used solely for non-commercial purposes */ -/* without the prior written consent of Cryptico A/S. For further */ -/* information on licensing terms and conditions please contact Cryptico A/S */ -/* at info@cryptico.com */ -/* */ -/* Cryptico, CryptiCore, the Cryptico logo and "Re-thinking encryption" are */ -/* either trademarks or registered trademarks of Cryptico A/S. */ -/* */ -/* Cryptico A/S shall not in any way be liable for any use of this software. */ -/* The software is provided "as is" without any express or implied warranty. */ -/* */ -/******************************************************************************/ - -#include "rabbit-sync.h" -#include "rabbit-portable.h" - -/* -------------------------------------------------------------------------- */ - -/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ -/* the upper 32 bits XOR the lower 32 bits */ -static u32 RABBIT_g_func(u32 x) -{ - /* Temporary variables */ - u32 a, b, h, l; - - /* Construct high and low argument for squaring */ - a = x&0xFFFF; - b = x>>16; - - /* Calculate high and low result of squaring */ - h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b; - l = x*x; - - /* Return high XOR low */ - return U32V(h^l); -} - -/* -------------------------------------------------------------------------- */ - -/* Calculate the next internal state */ -static void RABBIT_next_state(RABBIT_ctx *p_instance) -{ - /* Temporary variables */ - u32 g[8], c_old[8], i; - - /* Save old counter values */ - for (i=0; i<8; i++) - c_old[i] = p_instance->c[i]; - - /* Calculate new counter values */ - p_instance->c[0] = U32V(p_instance->c[0] + 0x4D34D34D + p_instance->carry); - p_instance->c[1] = U32V(p_instance->c[1] + 0xD34D34D3 + (p_instance->c[0] < c_old[0])); - p_instance->c[2] = U32V(p_instance->c[2] + 0x34D34D34 + (p_instance->c[1] < c_old[1])); - p_instance->c[3] = U32V(p_instance->c[3] + 0x4D34D34D + (p_instance->c[2] < c_old[2])); - p_instance->c[4] = U32V(p_instance->c[4] + 0xD34D34D3 + (p_instance->c[3] < c_old[3])); - p_instance->c[5] = U32V(p_instance->c[5] + 0x34D34D34 + (p_instance->c[4] < c_old[4])); - p_instance->c[6] = U32V(p_instance->c[6] + 0x4D34D34D + (p_instance->c[5] < c_old[5])); - p_instance->c[7] = U32V(p_instance->c[7] + 0xD34D34D3 + (p_instance->c[6] < c_old[6])); - p_instance->carry = (p_instance->c[7] < c_old[7]); - - /* Calculate the g-values */ - for (i=0;i<8;i++) - g[i] = RABBIT_g_func(U32V(p_instance->x[i] + p_instance->c[i])); - - /* Calculate new state values */ - p_instance->x[0] = U32V(g[0] + ROTL32(g[7],16) + ROTL32(g[6], 16)); - p_instance->x[1] = U32V(g[1] + ROTL32(g[0], 8) + g[7]); - p_instance->x[2] = U32V(g[2] + ROTL32(g[1],16) + ROTL32(g[0], 16)); - p_instance->x[3] = U32V(g[3] + ROTL32(g[2], 8) + g[1]); - p_instance->x[4] = U32V(g[4] + ROTL32(g[3],16) + ROTL32(g[2], 16)); - p_instance->x[5] = U32V(g[5] + ROTL32(g[4], 8) + g[3]); - p_instance->x[6] = U32V(g[6] + ROTL32(g[5],16) + ROTL32(g[4], 16)); - p_instance->x[7] = U32V(g[7] + ROTL32(g[6], 8) + g[5]); -} - -/* ------------------------------------------------------------------------- */ - -/* No initialization is needed for Rabbit */ -void ECRYPT_init(void) -{ - return; -} - -/* ------------------------------------------------------------------------- */ - -/* Key setup */ -void ECRYPT_keysetup(ECRYPT_ctx* ctx, const u8* key, u32 keysize, u32 ivsize) -{ - /* Temporary variables */ - u32 k0, k1, k2, k3, i; - - /* Generate four subkeys */ - k0 = U8TO32_LITTLE(key+ 0); - k1 = U8TO32_LITTLE(key+ 4); - k2 = U8TO32_LITTLE(key+ 8); - k3 = U8TO32_LITTLE(key+12); - - /* Generate initial state variables */ - ctx->master_ctx.x[0] = k0; - ctx->master_ctx.x[2] = k1; - ctx->master_ctx.x[4] = k2; - ctx->master_ctx.x[6] = k3; - ctx->master_ctx.x[1] = U32V(k3<<16) | (k2>>16); - ctx->master_ctx.x[3] = U32V(k0<<16) | (k3>>16); - ctx->master_ctx.x[5] = U32V(k1<<16) | (k0>>16); - ctx->master_ctx.x[7] = U32V(k2<<16) | (k1>>16); - - /* Generate initial counter values */ - ctx->master_ctx.c[0] = ROTL32(k2, 16); - ctx->master_ctx.c[2] = ROTL32(k3, 16); - ctx->master_ctx.c[4] = ROTL32(k0, 16); - ctx->master_ctx.c[6] = ROTL32(k1, 16); - ctx->master_ctx.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF); - ctx->master_ctx.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF); - ctx->master_ctx.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF); - ctx->master_ctx.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF); - - /* Clear carry bit */ - ctx->master_ctx.carry = 0; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - RABBIT_next_state(&(ctx->master_ctx)); - - /* Modify the counters */ - for (i=0; i<8; i++) - ctx->master_ctx.c[i] ^= ctx->master_ctx.x[(i+4)&0x7]; - - /* Copy master instance to work instance */ - for (i=0; i<8; i++) - { - ctx->work_ctx.x[i] = ctx->master_ctx.x[i]; - ctx->work_ctx.c[i] = ctx->master_ctx.c[i]; - } - ctx->work_ctx.carry = ctx->master_ctx.carry; -} - -/* ------------------------------------------------------------------------- */ - -/* IV setup */ -void ECRYPT_ivsetup(ECRYPT_ctx* ctx, const u8* iv) -{ - /* Temporary variables */ - u32 i0, i1, i2, i3, i; - - /* Generate four subvectors */ - i0 = U8TO32_LITTLE(iv+0); - i2 = U8TO32_LITTLE(iv+4); - i1 = (i0>>16) | (i2&0xFFFF0000); - i3 = (i2<<16) | (i0&0x0000FFFF); - - /* Modify counter values */ - ctx->work_ctx.c[0] = ctx->master_ctx.c[0] ^ i0; - ctx->work_ctx.c[1] = ctx->master_ctx.c[1] ^ i1; - ctx->work_ctx.c[2] = ctx->master_ctx.c[2] ^ i2; - ctx->work_ctx.c[3] = ctx->master_ctx.c[3] ^ i3; - ctx->work_ctx.c[4] = ctx->master_ctx.c[4] ^ i0; - ctx->work_ctx.c[5] = ctx->master_ctx.c[5] ^ i1; - ctx->work_ctx.c[6] = ctx->master_ctx.c[6] ^ i2; - ctx->work_ctx.c[7] = ctx->master_ctx.c[7] ^ i3; - - /* Copy state variables */ - for (i=0; i<8; i++) - ctx->work_ctx.x[i] = ctx->master_ctx.x[i]; - ctx->work_ctx.carry = ctx->master_ctx.carry; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - RABBIT_next_state(&(ctx->work_ctx)); -} - -/* ------------------------------------------------------------------------- */ - -/* Encrypt/decrypt a message of any size */ -void ECRYPT_process_bytes(int action, ECRYPT_ctx* ctx, const u8* input, - u8* output, u32 msglen) -{ - /* Temporary variables */ - u32 i; - u8 buffer[16]; - - /* Encrypt/decrypt all full blocks */ - while (msglen >= 16) - { - /* Iterate the system */ - RABBIT_next_state(&(ctx->work_ctx)); - - /* Encrypt/decrypt 16 bytes of data */ - *(u32*)(output+ 0) = *(u32*)(input+ 0) ^ U32TO32_LITTLE(ctx->work_ctx.x[0] ^ - (ctx->work_ctx.x[5]>>16) ^ U32V(ctx->work_ctx.x[3]<<16)); - *(u32*)(output+ 4) = *(u32*)(input+ 4) ^ U32TO32_LITTLE(ctx->work_ctx.x[2] ^ - (ctx->work_ctx.x[7]>>16) ^ U32V(ctx->work_ctx.x[5]<<16)); - *(u32*)(output+ 8) = *(u32*)(input+ 8) ^ U32TO32_LITTLE(ctx->work_ctx.x[4] ^ - (ctx->work_ctx.x[1]>>16) ^ U32V(ctx->work_ctx.x[7]<<16)); - *(u32*)(output+12) = *(u32*)(input+12) ^ U32TO32_LITTLE(ctx->work_ctx.x[6] ^ - (ctx->work_ctx.x[3]>>16) ^ U32V(ctx->work_ctx.x[1]<<16)); - - /* Increment pointers and decrement length */ - input += 16; - output += 16; - msglen -= 16; - } - - /* Encrypt/decrypt remaining data */ - if (msglen) - { - /* Iterate the system */ - RABBIT_next_state(&(ctx->work_ctx)); - - /* Generate 16 bytes of pseudo-random data */ - *(u32*)(buffer+ 0) = U32TO32_LITTLE(ctx->work_ctx.x[0] ^ - (ctx->work_ctx.x[5]>>16) ^ U32V(ctx->work_ctx.x[3]<<16)); - *(u32*)(buffer+ 4) = U32TO32_LITTLE(ctx->work_ctx.x[2] ^ - (ctx->work_ctx.x[7]>>16) ^ U32V(ctx->work_ctx.x[5]<<16)); - *(u32*)(buffer+ 8) = U32TO32_LITTLE(ctx->work_ctx.x[4] ^ - (ctx->work_ctx.x[1]>>16) ^ U32V(ctx->work_ctx.x[7]<<16)); - *(u32*)(buffer+12) = U32TO32_LITTLE(ctx->work_ctx.x[6] ^ - (ctx->work_ctx.x[3]>>16) ^ U32V(ctx->work_ctx.x[1]<<16)); - - /* Encrypt/decrypt the data */ - for (i=0; i= 16) - { - /* Iterate the system */ - RABBIT_next_state(&(ctx->work_ctx)); - - /* Generate 16 bytes of pseudo-random data */ - *(u32*)(keystream+ 0) = U32TO32_LITTLE(ctx->work_ctx.x[0] ^ - (ctx->work_ctx.x[5]>>16) ^ U32V(ctx->work_ctx.x[3]<<16)); - *(u32*)(keystream+ 4) = U32TO32_LITTLE(ctx->work_ctx.x[2] ^ - (ctx->work_ctx.x[7]>>16) ^ U32V(ctx->work_ctx.x[5]<<16)); - *(u32*)(keystream+ 8) = U32TO32_LITTLE(ctx->work_ctx.x[4] ^ - (ctx->work_ctx.x[1]>>16) ^ U32V(ctx->work_ctx.x[7]<<16)); - *(u32*)(keystream+12) = U32TO32_LITTLE(ctx->work_ctx.x[6] ^ - (ctx->work_ctx.x[3]>>16) ^ U32V(ctx->work_ctx.x[1]<<16)); - - /* Increment pointers and decrement length */ - keystream += 16; - length -= 16; - } - - /* Generate remaining pseudo-random data */ - if (length) - { - /* Iterate the system */ - RABBIT_next_state(&(ctx->work_ctx)); - - /* Generate 16 bytes of pseudo-random data */ - *(u32*)(buffer+ 0) = U32TO32_LITTLE(ctx->work_ctx.x[0] ^ - (ctx->work_ctx.x[5]>>16) ^ U32V(ctx->work_ctx.x[3]<<16)); - *(u32*)(buffer+ 4) = U32TO32_LITTLE(ctx->work_ctx.x[2] ^ - (ctx->work_ctx.x[7]>>16) ^ U32V(ctx->work_ctx.x[5]<<16)); - *(u32*)(buffer+ 8) = U32TO32_LITTLE(ctx->work_ctx.x[4] ^ - (ctx->work_ctx.x[1]>>16) ^ U32V(ctx->work_ctx.x[7]<<16)); - *(u32*)(buffer+12) = U32TO32_LITTLE(ctx->work_ctx.x[6] ^ - (ctx->work_ctx.x[3]>>16) ^ U32V(ctx->work_ctx.x[1]<<16)); - - /* Copy remaining data */ - for (i=0; iwork_ctx)); - - /* Encrypt/decrypt 16 bytes of data */ - *(u32*)(output+ 0) = *(u32*)(input+ 0) ^ U32TO32_LITTLE(ctx->work_ctx.x[0] ^ - (ctx->work_ctx.x[5]>>16) ^ U32V(ctx->work_ctx.x[3]<<16)); - *(u32*)(output+ 4) = *(u32*)(input+ 4) ^ U32TO32_LITTLE(ctx->work_ctx.x[2] ^ - (ctx->work_ctx.x[7]>>16) ^ U32V(ctx->work_ctx.x[5]<<16)); - *(u32*)(output+ 8) = *(u32*)(input+ 8) ^ U32TO32_LITTLE(ctx->work_ctx.x[4] ^ - (ctx->work_ctx.x[1]>>16) ^ U32V(ctx->work_ctx.x[7]<<16)); - *(u32*)(output+12) = *(u32*)(input+12) ^ U32TO32_LITTLE(ctx->work_ctx.x[6] ^ - (ctx->work_ctx.x[3]>>16) ^ U32V(ctx->work_ctx.x[1]<<16)); - - /* Increment pointers to input and output data */ - input += 16; - output += 16; - } -} - -/* ------------------------------------------------------------------------- */ diff --git a/test_luazen.lua b/test/test_luazen.lua similarity index 79% rename from test_luazen.lua rename to test/test_luazen.lua index 87a8bc0..14e077e 100644 --- a/test_luazen.lua +++ b/test/test_luazen.lua @@ -59,46 +59,6 @@ do assert(plain == lz.rc4(lz.rc4(plain, k), k)) end ------------------------------------------------------------------------- --- rabbit -do - local stx, xts = stohex, hextos - - -- quick test with some eSTREAM test vectors - local key, iv, txt, exp, ec - local key0 = ('\0'):rep(16) - local iv0 = ('\0'):rep(8) - local txt0 = ('\0'):rep(48) - ec = lz.rabbit(txt0, key0, iv0) - exp = xts[[ EDB70567375DCD7CD89554F85E27A7C6 - 8D4ADC7032298F7BD4EFF504ACA6295F - 668FBF478ADB2BE51E6CDE292B82DE2A ]] - assert(ec == exp) - - iv = '\x27\x17\xF4\xD2\x1A\x56\xEB\xA6' - ec = lz.rabbit(txt0, key0, iv) - exp = xts[[ 4D1051A123AFB670BF8D8505C8D85A44 - 035BC3ACC667AEAE5B2CF44779F2C896 - CB5115F034F03D31171CA75F89FCCB9F ]] - assert(ec == exp) - - --Set 5, vector# 63 - iv = xts "0000000000000001" - ec = lz.rabbit(txt0, key0, iv) - exp = xts[[ 55FB0B90A9FB953AE96D372BADBEBD30 - F531A454D31B669BCD8BAAD78C6C9994 - FFCCEC7ACB22F914A072DA22A617C0B7 ]] - assert(ec == exp) - - --Set6, vector# 0 - key = xts "0053A6F94C9FF24598EB3E91E4378ADD" - iv = xts "0D74DB42A91077DE" - ec = lz.rabbit(txt0, key, iv) - exp = xts[[ 75D186D6BC6905C64F1B2DFDD51F7BFC - D74F926E6976CD0A9B1A3AE9DD8CB43F - F5CD60F2541FF7F22C5C70CE07613989 ]] - assert(ec == exp) -end ------------------------------------------------------------------------ -- md5, sha1