1 | /* spritz.h */ |
1 | /* spritz.h, spritz C implementation, header |
2 | /* (C)2015 Marc Alexander Lehmann, all rights reserved */ |
2 | * |
|
|
3 | * Copyright (c) 2015 Marc Alexander Lehmann <libev@schmorp.de> |
|
|
4 | * All rights reserved. |
|
|
5 | * |
|
|
6 | * Redistribution and use in source and binary forms, with or without modifica- |
|
|
7 | * tion, are permitted provided that the following conditions are met: |
|
|
8 | * |
|
|
9 | * 1. Redistributions of source code must retain the above copyright notice, |
|
|
10 | * this list of conditions and the following disclaimer. |
|
|
11 | * |
|
|
12 | * 2. Redistributions in binary form must reproduce the above copyright |
|
|
13 | * notice, this list of conditions and the following disclaimer in the |
|
|
14 | * documentation and/or other materials provided with the distribution. |
|
|
15 | * |
|
|
16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED |
|
|
17 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- |
|
|
18 | * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO |
|
|
19 | * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- |
|
|
20 | * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
|
|
21 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; |
|
|
22 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
|
|
23 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- |
|
|
24 | * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
|
25 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
|
26 | * |
|
|
27 | * Alternatively, the contents of this file may be used under the terms of |
|
|
28 | * the GNU General Public License ("GPL") version 2 or any later version, |
|
|
29 | * in which case the provisions of the GPL are applicable instead of |
|
|
30 | * the above. If you wish to allow the use of your version of this file |
|
|
31 | * only under the terms of the GPL and not to allow others to use your |
|
|
32 | * version of this file under the BSD license, indicate your decision |
|
|
33 | * by deleting the provisions above and replace them with the notice |
|
|
34 | * and other provisions required by the GPL. If you do not delete the |
|
|
35 | * provisions above, a recipient may use your version of this file under |
|
|
36 | * either the BSD or the GPL. |
|
|
37 | */ |
|
|
38 | #ifndef SPRITZ_H |
|
|
39 | #define SPRITZ_H |
3 | |
40 | |
4 | #include <stdint.h> |
41 | #include <stdint.h> |
5 | #include <sys/types.h> |
42 | #include <sys/types.h> |
6 | |
43 | |
7 | /*******************************************************************************/ |
44 | /*******************************************************************************/ |
… | |
… | |
23 | void spritz_init (spritz_state *s); |
60 | void spritz_init (spritz_state *s); |
24 | void spritz_update (spritz_state *s); |
61 | void spritz_update (spritz_state *s); |
25 | void spritz_whip (spritz_state *s, uint_fast16_t r); |
62 | void spritz_whip (spritz_state *s, uint_fast16_t r); |
26 | void spritz_crush (spritz_state *s); |
63 | void spritz_crush (spritz_state *s); |
27 | void spritz_shuffle (spritz_state *s); |
64 | void spritz_shuffle (spritz_state *s); |
28 | void spritz_absorb_nibble (spritz_state *s, uint8_t x); |
|
|
29 | void spritz_absorb (spritz_state *s, const void *I, size_t I_len); |
65 | void spritz_absorb (spritz_state *s, const void *I, size_t I_len); |
30 | void spritz_absorb_stop (spritz_state *s); |
66 | void spritz_absorb_stop (spritz_state *s); |
31 | void spritz_absorb_and_stop (spritz_state *s, const void *I, size_t I_len); /* commonly used helper function */ |
67 | void spritz_absorb_and_stop (spritz_state *s, const void *I, size_t I_len); /* commonly used helper function */ |
32 | uint8_t spritz_output (spritz_state *s); |
68 | uint8_t spritz_output (spritz_state *s); |
33 | void spritz_squeeze (spritz_state *s, void *P, size_t P_len); |
69 | void spritz_squeeze (spritz_state *s, void *P, size_t P_len); |
… | |
… | |
35 | |
71 | |
36 | /*******************************************************************************/ |
72 | /*******************************************************************************/ |
37 | /* the spritz-xor cipher */ |
73 | /* the spritz-xor cipher */ |
38 | |
74 | |
39 | /* no IV is used if IV_len == 0 */ |
75 | /* no IV is used if IV_len == 0 */ |
40 | void spritz_xor_init (spritz_state *s, const void *K, size_t K_len, const void *IV, size_t IV_len); |
76 | void spritz_cipher_xor_init (spritz_state *s, const void *K, size_t K_len, const void *IV, size_t IV_len); |
41 | |
77 | |
42 | /* can be called multiple times/incrementally */ |
78 | /* can be called multiple times/incrementally */ |
43 | /* can work inplace */ |
79 | /* can work inplace */ |
44 | /* works for both encryption and decryption */ |
80 | /* works for both encryption and decryption */ |
45 | void spritz_xor_crypt (spritz_state *s, const void *I, void *O, size_t len); |
81 | void spritz_cipher_xor_crypt (spritz_state *s, const void *I, void *O, size_t len); |
46 | |
82 | |
47 | /*******************************************************************************/ |
83 | /*******************************************************************************/ |
48 | /* the spritz hash */ |
84 | /* the spritz hash */ |
49 | |
85 | |
50 | static void spritz_hash_init (spritz_state *s); |
86 | static void spritz_hash_init (spritz_state *s); |
… | |
… | |
59 | static void spritz_mac_finish (spritz_state *s, void *H, size_t H_len); /* must be called at most once at the end */ |
95 | static void spritz_mac_finish (spritz_state *s, void *H, size_t H_len); /* must be called at most once at the end */ |
60 | |
96 | |
61 | /*******************************************************************************/ |
97 | /*******************************************************************************/ |
62 | /* spritz authenticated encryption */ |
98 | /* spritz authenticated encryption */ |
63 | |
99 | |
64 | void spritz_aead_init (spritz_state *s, const void *K, size_t K_len); |
100 | static void spritz_aead_xor_init (spritz_state *s, const void *K, size_t K_len); |
65 | static void spritz_aead_nonce (spritz_state *s, const void *N, size_t N_len); /* must be called after construction, before associated_data */ |
101 | static void spritz_aead_xor_nonce (spritz_state *s, const void *N, size_t N_len); /* must be called after construction, before associated_data */ |
66 | static void spritz_aead_associated_data (spritz_state *s, const void *D, size_t D_len); /* must be called after nonce, before crypt */ |
102 | static void spritz_aead_xor_associated_data (spritz_state *s, const void *D, size_t D_len); /* must be called after nonce, before crypt */ |
67 | void spritz_aead_crypt (spritz_state *s, const void *I, void *O, size_t len); |
103 | void spritz_aead_xor_crypt (spritz_state *s, const void *I, void *O, size_t len); |
68 | /* must be called after associated_data, only once, before finish */ |
104 | /* must be called after associated_data, only once, before finish */ |
69 | /* works for both encryption and decryption */ |
105 | /* works for both encryption and decryption */ |
70 | static void spritz_aead_finish (spritz_state *s, void *H, size_t H_len); /* must be called at most once at the end */ |
106 | static void spritz_aead_xor_finish (spritz_state *s, void *H, size_t H_len); /* must be called at most once at the end */ |
71 | |
107 | |
72 | /*******************************************************************************/ |
108 | /*******************************************************************************/ |
73 | /* the spritz drbg/csprng */ |
109 | /* the spritz drbg/csprng */ |
74 | |
110 | |
75 | /* constructor takes a seed if S_len != 0, same add spritz_prng_put */ |
111 | /* constructor takes a seed if S_len != 0, same as spritz_prng_add */ |
76 | void spritz_prng_init (spritz_state *s, const void *S, size_t S_len); |
112 | void spritz_prng_init (spritz_state *s, const void *S, size_t S_len); |
77 | static void spritz_prng_put (spritz_state *s, const void *S, size_t S_len); /* add additional entropy */ |
113 | static void spritz_prng_add (spritz_state *s, const void *S, size_t S_len); /* add additional entropy */ |
78 | static void spritz_prng_get (spritz_state *s, void *R, size_t R_len); /* get random bytes */ |
114 | static void spritz_prng_get (spritz_state *s, void *R, size_t R_len); /* get random bytes */ |
79 | |
115 | |
80 | /*******************************************************************************/ |
116 | /*******************************************************************************/ |
81 | /* inline functions - some functions are so simple, they are defined inline */ |
117 | /* inline functions - some functions are so simple, they are defined inline */ |
82 | |
118 | |
… | |
… | |
109 | } |
145 | } |
110 | |
146 | |
111 | /* spritz authenticated encryption inline functions */ |
147 | /* spritz authenticated encryption inline functions */ |
112 | |
148 | |
113 | static void |
149 | static void |
|
|
150 | spritz_aead_xor_init (spritz_state *s, const void *K, size_t K_len) |
|
|
151 | { |
|
|
152 | spritz_mac_init (s, K, K_len); |
|
|
153 | } |
|
|
154 | |
|
|
155 | static void |
114 | spritz_aead_nonce (spritz_state *s, const void *N, size_t N_len) |
156 | spritz_aead_xor_nonce (spritz_state *s, const void *N, size_t N_len) |
115 | { |
157 | { |
116 | spritz_absorb_and_stop (s, N, N_len); |
158 | spritz_absorb_and_stop (s, N, N_len); |
117 | } |
159 | } |
118 | |
160 | |
119 | static void |
161 | static void |
120 | spritz_aead_associated_data (spritz_state *s, const void *D, size_t D_len) |
162 | spritz_aead_xor_associated_data (spritz_state *s, const void *D, size_t D_len) |
121 | { |
163 | { |
122 | spritz_absorb_and_stop (s, D, D_len); |
164 | spritz_absorb_and_stop (s, D, D_len); |
123 | } |
165 | } |
124 | |
166 | |
125 | static void |
167 | static void |
126 | spritz_aead_finish (spritz_state *s, void *H, size_t H_len) |
168 | spritz_aead_xor_finish (spritz_state *s, void *H, size_t H_len) |
127 | { |
169 | { |
128 | spritz_mac_finish (s, H, H_len); |
170 | spritz_mac_finish (s, H, H_len); |
129 | } |
171 | } |
130 | |
172 | |
131 | /* the spritz drbg/csprng inline functions */ |
173 | /* the spritz drbg/csprng inline functions */ |
132 | |
174 | |
133 | static void |
175 | static void |
134 | spritz_prng_put (spritz_state *s, const void *S, size_t S_len) |
176 | spritz_prng_add (spritz_state *s, const void *S, size_t S_len) |
135 | { |
177 | { |
136 | spritz_absorb (s, S, S_len); |
178 | spritz_absorb (s, S, S_len); |
137 | } |
179 | } |
138 | |
180 | |
139 | /* get random bytes */ |
181 | /* get random bytes */ |
… | |
… | |
141 | spritz_prng_get (spritz_state *s, void *R, size_t R_len) |
183 | spritz_prng_get (spritz_state *s, void *R, size_t R_len) |
142 | { |
184 | { |
143 | spritz_squeeze (s, R, R_len); |
185 | spritz_squeeze (s, R, R_len); |
144 | } |
186 | } |
145 | |
187 | |
|
|
188 | #endif |
|
|
189 | |