Home Explore Help
Sign In
c
/
libtom.libtomcrypt
mirror of https://github.com/libtom/libtomcrypt.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Update AES integration of fortuna

* Use `aes_` based API instead of `rijndael_`, so we can profit from
  a potential hardware accelerated version of AES.
* Add option to use 'encrypt_only' variant of AES inside fortuna

Signed-off-by: Steffen Jaeckel <[email protected]>
Steffen Jaeckel 2 years ago
parent
090f52755c
commit
0e12dbd964
4 changed files with 50 additions and 30 deletions
Unified View Show Diff Stats
  1. 18 18
      .github/workflows/main.yml
  2. 8 3
      src/headers/tomcrypt_custom.h
  3. 4 1
      src/misc/crypt/crypt.c
  4. 20 8
      src/prngs/fortuna.c

+ 18 - 18
.github/workflows/main.yml
View File 

@@ -34,24 +34,24 @@ jobs:
 
         cc: [ gcc, clang ]
 
         cc: [ gcc, clang ]
 
         os: [ ubuntu-20.04, ubuntu-22.04 ]
 
         os: [ ubuntu-20.04, ubuntu-22.04 ]
 
         config:
 
         config:
 
-          - { BUILDNAME: 'META_BUILDS',          BUILDOPTIONS: '-DGMP_DESC',                                          BUILDSCRIPT: '.ci/meta_builds.sh' }
 
-          - { BUILDNAME: 'VALGRIND',             BUILDOPTIONS: '',                                                    BUILDSCRIPT: '.ci/valgrind.sh' }
 
-          - { BUILDNAME: 'STOCK',                BUILDOPTIONS: '',                                                    BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK-MPI',            BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM',           BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK+AESNI',          BUILDOPTIONS: '-msse4.1 -maes',                                      BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'EASY',                 BUILDOPTIONS: '-DLTC_EASY',                                          BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'SMALL',                BUILDOPTIONS: '-DLTC_SMALL_CODE',                                    BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'NOTABLES',             BUILDOPTIONS: '-DLTC_NO_TABLES',                                     BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'SMALL+NOTABLES',       BUILDOPTIONS: '-DLTC_SMALL_CODE -DLTC_NO_TABLES',                    BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'NO_FAST',              BUILDOPTIONS: '-DLTC_NO_FAST',                                       BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'NO_FAST+NOTABLES',     BUILDOPTIONS: '-DLTC_NO_FAST -DLTC_NO_TABLES',                       BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'NO_ASM',               BUILDOPTIONS: '-DLTC_NO_ASM',                                        BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'NO_TIMING_RESISTANCE', BUILDOPTIONS: '-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING', BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'PTHREAD',              BUILDOPTIONS: '-DLTC_PTHREAD',                                       BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK+ARGTYPE=1',      BUILDOPTIONS: '-DARGTYPE=1',                                         BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK+ARGTYPE=2',      BUILDOPTIONS: '-DARGTYPE=2',                                         BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK+ARGTYPE=3',      BUILDOPTIONS: '-DARGTYPE=3',                                         BUILDSCRIPT: '.ci/run.sh' }
 
-          - { BUILDNAME: 'STOCK+ARGTYPE=4',      BUILDOPTIONS: '-DARGTYPE=4',                                         BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'META_BUILDS',             BUILDOPTIONS: '-DGMP_DESC',                                                           BUILDSCRIPT: '.ci/meta_builds.sh' }
 
+          - { BUILDNAME: 'VALGRIND',                BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/valgrind.sh' }
 
+          - { BUILDNAME: 'STOCK',                   BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK-MPI',               BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM',                            BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK+AESNI',             BUILDOPTIONS: '-msse4.1 -maes',                                                       BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'EASY',                    BUILDOPTIONS: '-DLTC_EASY',                                                           BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'SMALL',                   BUILDOPTIONS: '-DLTC_SMALL_CODE',                                                     BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'NO_TABLES',               BUILDOPTIONS: '-DLTC_NO_TABLES',                                                      BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'NO_FAST',                 BUILDOPTIONS: '-DLTC_NO_FAST',                                                        BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'NO_FAST+SMALL+NO_TABLES', BUILDOPTIONS: '-DLTC_NO_FAST -DLTC_SMALL_CODE -DLTC_NO_TABLES',                       BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'NO_ASM',                  BUILDOPTIONS: '-DLTC_NO_ASM',                                                         BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'NO_TIMING_RESISTANCE',    BUILDOPTIONS: '-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING',                  BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'FORTUNA_CUSTOM_OPTIONS',  BUILDOPTIONS: '-DLTC_FORTUNA_USE_ENCRYPT_ONLY -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC', BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'PTHREAD',                 BUILDOPTIONS: '-DLTC_PTHREAD',                                                        BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK+ARGTYPE=1',         BUILDOPTIONS: '-DARGTYPE=1',                                                          BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK+ARGTYPE=2',         BUILDOPTIONS: '-DARGTYPE=2',                                                          BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK+ARGTYPE=3',         BUILDOPTIONS: '-DARGTYPE=3',                                                          BUILDSCRIPT: '.ci/run.sh' }
 
+          - { BUILDNAME: 'STOCK+ARGTYPE=4',         BUILDOPTIONS: '-DARGTYPE=4',                                                          BUILDSCRIPT: '.ci/run.sh' }
 
     steps:
 
     steps:
 
       - uses: actions/checkout@v2
 
       - uses: actions/checkout@v2
 
       - name: install dependencies
 
       - name: install dependencies

+ 8 - 3
src/headers/tomcrypt_custom.h
View File 

@@ -375,9 +375,9 @@
 
 
 
 /* with non-glibc or glibc 2.17+ prefer clock_gettime over gettimeofday */
 
 /* with non-glibc or glibc 2.17+ prefer clock_gettime over gettimeofday */
 
 #if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
 
 #if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
 
-#if __GLIBC_PREREQ(2, 17)
 
-  #define LTC_CLOCK_GETTIME
 
-#endif
 
+   #if __GLIBC_PREREQ(2, 17)
 
+      #define LTC_CLOCK_GETTIME
 
+   #endif
 
 #elif defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L
 
 #elif defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L
 
   #define LTC_CLOCK_GETTIME
 
   #define LTC_CLOCK_GETTIME
 
 #endif
 
 #endif
 
@@ -407,6 +407,11 @@
 
 #define LTC_FORTUNA_POOLS 32
 
 #define LTC_FORTUNA_POOLS 32
 
 #endif
 
 #endif
 
 
 
+/* at compile time you can decide whether fortuna uses the regular AES APIs
 
+ * or whether it will use the 'encrypt_only' variants.
 
+ * This is useful for custom builds of libtomcrypt for size-constrained targets. */
 
+/* #define LTC_FORTUNA_USE_ENCRYPT_ONLY */
 
+
 
 #endif /* LTC_FORTUNA */
 
 #endif /* LTC_FORTUNA */

+ 4 - 1
src/misc/crypt/crypt.c
View File 

@@ -315,9 +315,12 @@ const char *crypt_build_settings =
 
 #if defined(LTC_FORTUNA)
 
 #if defined(LTC_FORTUNA)
 
     "   Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", "
 
     "   Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", "
 
 #if defined(LTC_FORTUNA_RESEED_RATELIMIT_TIMED)
 
 #if defined(LTC_FORTUNA_RESEED_RATELIMIT_TIMED)
 
-    "LTC_FORTUNA_RESEED_RATELIMIT_TIMED, "
 
+    "LTC_FORTUNA_RESEED_RATELIMIT_TIMED"
 
 #else
 
 #else
 
     "LTC_FORTUNA_RESEED_RATELIMIT_STATIC, " NAME_VALUE(LTC_FORTUNA_WD)
 
     "LTC_FORTUNA_RESEED_RATELIMIT_STATIC, " NAME_VALUE(LTC_FORTUNA_WD)
 
+#endif
 
+#if defined(LTC_FORTUNA_USE_ENCRYPT_ONLY)
 
+    ", LTC_FORTUNA_USE_ENCRYPT_ONLY"
 
 #endif
 
 #endif
 
     ")\n"
 
     ")\n"
 
 #endif
 
 #endif

+ 20 - 8
src/prngs/fortuna.c
View File 

@@ -39,6 +39,18 @@ we reseed automatically when len(pool0) >= 64 or every LTC_FORTUNA_WD calls to t
 
    #error LTC_FORTUNA_POOLS must be in [4..32]
 
    #error LTC_FORTUNA_POOLS must be in [4..32]
 
 #endif
 
 #endif
 
 
 
+#ifdef LTC_FORTUNA_USE_ENCRYPT_ONLY
 
+#define AES_SETUP aes_enc_setup
 
+#define AES_ENC   aes_enc_ecb_encrypt
 
+#define AES_DONE  aes_enc_done
 
+#define AES_TEST  aes_enc_test
 
+#else
 
+#define AES_SETUP aes_setup
 
+#define AES_ENC   aes_ecb_encrypt
 
+#define AES_DONE  aes_done
 
+#define AES_TEST  aes_test
 
+#endif
 
+
 
 const struct ltc_prng_descriptor fortuna_desc = {
 
 const struct ltc_prng_descriptor fortuna_desc = {
 
     "fortuna",
 
     "fortuna",
 
     64,
 
     64,
 
@@ -146,7 +158,7 @@ static int s_fortuna_reseed(prng_state *prng)
 
    if ((err = sha256_done(&md, prng->u.fortuna.K)) != CRYPT_OK) {
 
    if ((err = sha256_done(&md, prng->u.fortuna.K)) != CRYPT_OK) {
 
       return err;
 
       return err;
 
    }
 
    }
 
-   if ((err = rijndael_setup(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) {
 
+   if ((err = AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) {
 
       return err;
 
       return err;
 
    }
 
    }
 
    s_fortuna_update_iv(prng);
 
    s_fortuna_update_iv(prng);
 
@@ -236,7 +248,7 @@ int fortuna_start(prng_state *prng)
 
 
 
    /* reset bufs */
 
    /* reset bufs */
 
    zeromem(prng->u.fortuna.K, 32);
 
    zeromem(prng->u.fortuna.K, 32);
 
-   if ((err = rijndael_setup(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) {
 
+   if ((err = AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) {
 
       for (x = 0; x < LTC_FORTUNA_POOLS; x++) {
 
       for (x = 0; x < LTC_FORTUNA_POOLS; x++) {
 
           sha256_done(&prng->u.fortuna.pool[x], tmp);
 
           sha256_done(&prng->u.fortuna.pool[x], tmp);
 
       }
 
       }
 
@@ -395,7 +407,7 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
 
    /* handle whole blocks without the extra XMEMCPY */
 
    /* handle whole blocks without the extra XMEMCPY */
 
    while (outlen >= 16) {
 
    while (outlen >= 16) {
 
       /* encrypt the IV and store it */
 
       /* encrypt the IV and store it */
 
-      rijndael_ecb_encrypt(prng->u.fortuna.IV, out, &prng->u.fortuna.skey);
 
+      AES_ENC(prng->u.fortuna.IV, out, &prng->u.fortuna.skey);
 
       out += 16;
 
       out += 16;
 
       outlen -= 16;
 
       outlen -= 16;
 
       s_fortuna_update_iv(prng);
 
       s_fortuna_update_iv(prng);
 
@@ -403,19 +415,19 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
 
 
 
    /* left over bytes? */
 
    /* left over bytes? */
 
    if (outlen > 0) {
 
    if (outlen > 0) {
 
-      rijndael_ecb_encrypt(prng->u.fortuna.IV, tmp, &prng->u.fortuna.skey);
 
+      AES_ENC(prng->u.fortuna.IV, tmp, &prng->u.fortuna.skey);
 
       XMEMCPY(out, tmp, outlen);
 
       XMEMCPY(out, tmp, outlen);
 
       s_fortuna_update_iv(prng);
 
       s_fortuna_update_iv(prng);
 
    }
 
    }
 
 
 
    /* generate new key */
 
    /* generate new key */
 
-   rijndael_ecb_encrypt(prng->u.fortuna.IV, prng->u.fortuna.K   , &prng->u.fortuna.skey);
 
+   AES_ENC(prng->u.fortuna.IV, prng->u.fortuna.K   , &prng->u.fortuna.skey);
 
    s_fortuna_update_iv(prng);
 
    s_fortuna_update_iv(prng);
 
 
 
-   rijndael_ecb_encrypt(prng->u.fortuna.IV, prng->u.fortuna.K+16, &prng->u.fortuna.skey);
 
+   AES_ENC(prng->u.fortuna.IV, prng->u.fortuna.K+16, &prng->u.fortuna.skey);
 
    s_fortuna_update_iv(prng);
 
    s_fortuna_update_iv(prng);
 
 
 
-   if (rijndael_setup(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey) != CRYPT_OK) {
 
+   if (AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey) != CRYPT_OK) {
 
       tlen = 0;
 
       tlen = 0;
 
    }
 
    }
 
 
 
@@ -512,7 +524,7 @@ int fortuna_test(void)
 
    if ((err = sha256_test()) != CRYPT_OK) {
 
    if ((err = sha256_test()) != CRYPT_OK) {
 
       return err;
 
       return err;
 
    }
 
    }
 
-   return rijndael_test();
 
+   return AES_TEST();
 
 #endif
 
 #endif
 
 }
 
 }