/symm/safersk.h
/symm/salsa2012.h
/symm/salsa208.h
+/symm/salsa20-ietf.h
+/symm/salsa2012-ietf.h
+/symm/salsa208-ietf.h
/symm/sha224.h
/symm/sha384.h
/symm/whirlpool256.h
/symm/chacha12.h
/symm/chacha20.h
/symm/chacha8.h
+/symm/chacha12-ietf.h
+/symm/chacha20-ietf.h
+/symm/chacha8-ietf.h
/symm/xchacha.h
endif
TESTS += salsa20.t$(EXEEXT)
ALL_CIPHERS += salsa20 salsa2012 salsa208
+ALL_CIPHERS += salsa20-ietf salsa2012-ietf salsa208-ietf
ALL_CIPHERS += xsalsa20 xsalsa2012 xsalsa208
STUBS_HDR += Salsa20/12,salsa2012,salsa20
STUBS_HDR += Salsa20/8,salsa208,salsa20
+STUBS_HDR += Salsa20-IETF,salsa20-ietf,salsa20
+STUBS_HDR += Salsa20/12-IETF,salsa2012-ietf,salsa20
+STUBS_HDR += Salsa20/8-IETF,salsa208-ietf,salsa20
STUBS_HDR += XSalsa20,xsalsa20,salsa20
STUBS_HDR += XSalsa20/12,xsalsa2012,salsa20
STUBS_HDR += XSalsa20/8,xsalsa208,salsa20
TESTS += chacha.t$(EXEEXT)
EXTRA_DIST += t/chacha
ALL_CIPHERS += chacha20 chacha12 chacha8
+ALL_CIPHERS += chacha20-ietf chacha12-ietf chacha8-ietf
ALL_CIPHERS += xchacha20 xchacha12 xchacha8
STUBS_HDR += ChaCha20,chacha20,chacha
STUBS_HDR += ChaCha12,chacha12,chacha
STUBS_HDR += ChaCha8,chacha8,chacha
+STUBS_HDR += ChaCha20-IETF,chacha20-ietf,chacha
+STUBS_HDR += ChaCha12-IETF,chacha12-ietf,chacha
+STUBS_HDR += ChaCha8-IETF,chacha8-ietf,chacha
STUBS_HDR += XChaCha20,xchacha20,chacha
STUBS_HDR += XChaCha12,xchacha12,chacha
STUBS_HDR += XChaCha8,xchacha8,chacha
chacha_setnonce(ctx, nonce ? nonce : zerononce);
}
-/* --- @chacha_setnonce@ --- *
+/* --- @chacha_setnonce{,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
- * @const void *nonce@ = the nonce (@CHACHA_NONCESZ@ bytes)
+ * @const void *nonce@ = the nonce (@CHACHA_NONCESZ@ or
+ * @CHACHA_IETF_NONCESZ@ bytes)
*
* Returns: ---
*
chacha_seek(ctx, 0);
}
-/* --- @chacha_seek{,u64}@ --- *
+void chacha_setnonce_ietf(chacha_ctx *ctx, const void *nonce)
+{
+ const octet *n = nonce;
+
+ ctx->a[13] = LOAD32_L(n + 0);
+ ctx->a[14] = LOAD32_L(n + 4);
+ ctx->a[15] = LOAD32_L(n + 8);
+ chacha_seek_ietf(ctx, 0);
+}
+
+/* --- @chacha_seek{,u64,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
- * @unsigned long i@, @kludge64 i@ = new position to set
+ * @unsigned long i@, @kludge64 i@, @uint32 i@ = new position
*
* Returns: ---
*
ctx->bufi = CHACHA_OUTSZ;
}
-/* --- @chacha_tell{,u64}@ --- *
+void chacha_seek_ietf(chacha_ctx *ctx, uint32 i)
+ { ctx->a[12] = i; }
+
+/* --- @chacha_tell{,u64,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
*
kludge64 chacha_tellu64(chacha_ctx *ctx)
{ kludge64 i; SET64(i, ctx->a[13], ctx->a[12]); return (i); }
+uint32 chacha_tell_ietf(chacha_ctx *ctx)
+ { return (ctx->a[12]); }
+
/* --- @chacha{20,12,8}_encrypt@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
static void gsetiv(gcipher *c, const void *iv)
{ gctx *g = (gctx *)c; chacha_setnonce(&g->ctx, iv); }
+static void gsetiv_ietf(gcipher *c, const void *iv)
+ { gctx *g = (gctx *)c; chacha_setnonce_ietf(&g->ctx, iv); }
+
static void gdestroy(gcipher *c)
{ gctx *g = (gctx *)c; BURN(*g); S_DESTROY(g); }
#define DEFGCIPHER(r) \
\
- static const gcipher_ops gops_##r; \
+ static const gcipher_ops gops_##r, gops_##r##_ietf; \
\
static gcipher *ginit_##r(const void *k, size_t sz) \
{ return (ginit(k, sz, &gops_##r)); } \
\
+ static gcipher *ginit_##r##_ietf(const void *k, size_t sz) \
+ { return (ginit(k, sz, &gops_##r##_ietf)); } \
+ \
static void gencrypt_##r(gcipher *c, const void *s, \
void *t, size_t sz) \
{ gctx *g = (gctx *)c; CHACHA_ENCRYPT(r, &g->ctx, s, t, sz); } \
gencrypt_##r, gencrypt_##r, gdestroy, gsetiv, 0 \
}; \
\
+ static const gcipher_ops gops_##r##_ietf = { \
+ &chacha##r##_ietf, \
+ gencrypt_##r, gencrypt_##r, gdestroy, gsetiv_ietf, 0 \
+ }; \
+ \
const gccipher chacha##r = { \
"chacha" #r, chacha_keysz, \
CHACHA_NONCESZ, ginit_##r \
+ }; \
+ \
+ const gccipher chacha##r##_ietf = { \
+ "chacha" #r "-ietf", chacha_keysz, \
+ CHACHA_IETF_NONCESZ, ginit_##r##_ietf \
};
CHACHA_VARS(DEFGCIPHER)
static void gr_seek(void *r, kludge64 pos)
{ grctx *g = r; chacha_seeku64(&g->ctx, pos); }
+static void gr_seek_ietf(void *r, kludge64 pos)
+ { grctx *g = r; chacha_seek_ietf(&g->ctx, LO64(pos)); }
+
static kludge64 gr_tell(void *r)
{ grctx *g = r; return (chacha_tellu64(&g->ctx)); }
+static kludge64 gr_tell_ietf(void *r)
+{
+ grctx *g = r;
+ kludge64 pos;
+
+ SET64(pos, 0, chacha_tell_ietf(&g->ctx));
+ return (pos);
+}
+
static void gr_setnonce(void *r, const void *n)
{ grctx *g = r; chacha_setnonce(&g->ctx, n); }
+static void gr_setnonce_ietf(void *r, const void *n)
+ { grctx *g = r; chacha_setnonce_ietf(&g->ctx, n); }
+
static void grdestroy(grand *r)
{ grctx *g = (grctx *)r; BURN(*g); S_DESTROY(g); }
{ CHACHA_NONCESZ, gr_seek, gr_tell, \
gr_setnonce, gr_generate_##rr }; \
\
+ static const grops grops_##rr##_ietf = \
+ { CHACHA_IETF_NONCESZ, gr_seek_ietf, gr_tell_ietf, \
+ gr_setnonce_ietf, gr_generate_##rr }; \
+ \
static const grand_ops grops_rand_##rr = { \
"chacha" #rr, GRAND_CRYPTO, 0, \
grmisc, grdestroy, grword, \
grbyte, grword, grand_defaultrange, grfill \
}; \
\
+ static const grand_ops grops_rand_##rr##_ietf = { \
+ "chacha" #rr "-ietf", GRAND_CRYPTO, 0, \
+ grmisc, grdestroy, grword, \
+ grbyte, grword, grand_defaultrange, grfill \
+ }; \
+ \
grand *chacha##rr##_rand(const void *k, size_t ksz, const void *n) \
- { return (grinit(k, ksz, n, &grops_rand_##rr, &grops_##rr)); }
+ { return (grinit(k, ksz, n, &grops_rand_##rr, &grops_##rr)); } \
+ \
+ grand *chacha##rr##_ietf_rand(const void *k, size_t ksz, \
+ const void *n) \
+ { \
+ return (grinit(k, ksz, n, \
+ &grops_rand_##rr##_ietf, \
+ &grops_##rr##_ietf)); \
+ }
+
CHACHA_VARS(DEFGRAND)
#define DEFXGRAND(rr) \
kludge64 pos64; \
chacha_init(ctx, k, ksz, 0); \
if (nsz == 8) chacha_setnonce(ctx, n); \
+ else if (nsz == 12) chacha_setnonce_ietf(ctx, n); \
if (psz == 8) { LOAD64_(pos64, p); chacha_seeku64(ctx, pos64); } \
+ else if (psz == 4) chacha_seek_ietf(ctx, LOAD32(p)); \
} while (0)
#define XCHACHA_TESTSETUP(r, ctx, k, ksz, n, nsz, p, psz) do { \
/*----- Constants ---------------------------------------------------------*/
#define CHACHA_NONCESZ 8u
+#define CHACHA_IETF_NONCESZ 12u
#define CHACHA_KEYSZ 32u
#define CHACHA_OUTSZ 64u
const void */*key*/, size_t /*ksz*/,
const void */*nonce*/);
-/* --- @chacha_setnonce@ --- *
+/* --- @chacha_setnonce{,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
- * @const void *nonce@ = the nonce (@CHACHA_NONCESZ@ bytes)
+ * @const void *nonce@ = the nonce (@CHACHA_NONCESZ@ or
+ * @CHACHA_IETF_NONCESZ@ bytes)
*
* Returns: ---
*
*/
extern void chacha_setnonce(chacha_ctx */*ctx*/, const void */*nonce*/);
+extern void chacha_setnonce_ietf(chacha_ctx */*ctx*/, const void */*nonce*/);
-/* --- @chacha_seek{,u64}@ --- *
+/* --- @chacha_seek{,u64,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
- * @unsigned long i@, @kludge64 i@ = new position to set
+ * @unsigned long i@, @kludge64 i@, @uint32 i@ = new position
*
* Returns: ---
*
- * Use: Sets a new stream position, in units of ChaCha output
+ * Use: Sets a new stream position, in units of Chacha output
* blocks, which are @CHACHA_OUTSZ@ bytes each. Byte
- * granularity can be achieved by calling @chacha_encrypt@
+ * granularity can be achieved by calling @chachaR_encrypt@
* appropriately.
*/
extern void chacha_seek(chacha_ctx */*ctx*/, unsigned long /*i*/);
extern void chacha_seeku64(chacha_ctx */*ctx*/, kludge64 /*i*/);
+extern void chacha_seek_ietf(chacha_ctx */*ctx*/, uint32 /*i*/);
-/* --- @chacha_tell{,u64}@ --- *
+/* --- @chacha_tell{,u64,_ietf}@ --- *
*
* Arguments: @chacha_ctx *ctx@ = pointer to context
*
extern unsigned long chacha_tell(chacha_ctx */*ctx*/);
extern kludge64 chacha_tellu64(chacha_ctx */*ctx*/);
+extern uint32 chacha_tell_ietf(chacha_ctx */*ctx*/);
/* --- @chacha{20,12,8}_encrypt@ --- *
*
#define chacha20_keysz chacha_keysz
#define chacha12_keysz chacha_keysz
#define chacha8_keysz chacha_keysz
+#define chacha_ietf_keysz chacha_keysz
+#define chacha20_ietf_keysz chacha_keysz
+#define chacha12_ietf_keysz chacha_keysz
+#define chacha8_ietf_keysz chacha_keysz
#define xchacha_keysz chacha_keysz
#define xchacha20_keysz chacha_keysz
#define xchacha12_keysz chacha_keysz
#define xchacha8_keysz chacha_keysz
const gccipher chacha20, chacha12, chacha8;
+const gccipher chacha20_ietf, chacha12_ietf, chacha8_ietf;
const gccipher xchacha20, xchacha12, xchacha8;
/*----- Generic random number generator interface -------------------------*/
-/* --- @chacha{20,12,8}_rand@, @xchacha{20,12,8}_rand@ --- *
+/* --- @chacha{20,12,8}{,_ietf}_rand@, @xchacha{20,12,8}_rand@ --- *
*
* Arguments: @const void *k@ = pointer to key material
* @size_t ksz@ = size of key material
* @const void *n@ = pointer to nonce or null
- * (@CHACHA_NONCESZ@ or @XCHACHA_NONCESZ@)
+ * (@CHACHA_NONCESZ@, @CHACHA_IETF_NONCESZ@, or
+ * @XCHACHA_NONCESZ@)
*
* Returns: Pointer to generic random number generator instance.
*
const void */*n*/);
extern grand *chacha8_rand(const void */*k*/, size_t /*ksz*/,
const void */*n*/);
+extern grand *chacha20_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
+extern grand *chacha12_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
+extern grand *chacha8_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
extern grand *xchacha20_rand(const void */*k*/, size_t /*ksz*/,
const void */*n*/);
extern grand *xchacha12_rand(const void */*k*/, size_t /*ksz*/,
salsa20_setnonce(ctx, nonce ? nonce : zerononce);
}
-/* --- @salsa20_setnonce@ --- *
+/* --- @salsa20_setnonce{,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
- * @const void *nonce@ = the nonce (@SALSA20_NONCESZ@ bytes)
+ * @const void *nonce@ = the nonce (@SALSA20_NONCESZ@ or
+ * @SALSA20_IETF_NONCESZ@ bytes)
*
* Returns: ---
*
salsa20_seek(ctx, 0);
}
-/* --- @salsa20_seek{,u64}@ --- *
+void salsa20_setnonce_ietf(salsa20_ctx *ctx, const void *nonce)
+{
+ const octet *n = nonce;
+
+ ctx->a[ 5] = LOAD32_L(n + 0);
+ ctx->a[14] = LOAD32_L(n + 4);
+ ctx->a[11] = LOAD32_L(n + 8);
+ salsa20_seek_ietf(ctx, 0);
+}
+
+/* --- @salsa20_seek{,u64,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
- * @unsigned long i@, @kludge64 i@ = new position to set
+ * @unsigned long i@, @kludge64 i@, @uint32@ = new position
*
* Returns: ---
*
ctx->bufi = SALSA20_OUTSZ;
}
-/* --- @salsa20_tell{,u64}@ --- *
+void salsa20_seek_ietf(salsa20_ctx *ctx, uint32 i)
+ { ctx->a[8] = i; }
+
+/* --- @salsa20_tell{,u64,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
*
kludge64 salsa20_tellu64(salsa20_ctx *ctx)
{ kludge64 i; SET64(i, ctx->a[5], ctx->a[8]); return (i); }
+uint32 salsa20_tell_ietf(salsa20_ctx *ctx)
+ { return (ctx->a[5]); }
+
/* --- @salsa20{,12,8}_encrypt@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
static void gsetiv(gcipher *c, const void *iv)
{ gctx *g = (gctx *)c; salsa20_setnonce(&g->ctx, iv); }
+static void gsetiv_ietf(gcipher *c, const void *iv)
+ { gctx *g = (gctx *)c; salsa20_setnonce_ietf(&g->ctx, iv); }
+
static void gdestroy(gcipher *c)
{ gctx *g = (gctx *)c; BURN(*g); S_DESTROY(g); }
#define DEFGCIPHER(r) \
\
- static const gcipher_ops gops_##r; \
+ static const gcipher_ops gops_##r, gops_##r##_ietf; \
\
static gcipher *ginit_##r(const void *k, size_t sz) \
{ return (ginit(k, sz, &gops_##r)); } \
\
+ static gcipher *ginit_##r##_ietf(const void *k, size_t sz) \
+ { return (ginit(k, sz, &gops_##r##_ietf)); } \
+ \
static void gencrypt_##r(gcipher *c, const void *s, \
void *t, size_t sz) \
{ gctx *g = (gctx *)c; SALSA20_ENCRYPT(r, &g->ctx, s, t, sz); } \
gencrypt_##r, gencrypt_##r, gdestroy, gsetiv, 0 \
}; \
\
+ static const gcipher_ops gops_##r##_ietf = { \
+ &SALSA20_DECOR(salsa20, r, _ietf), \
+ gencrypt_##r, gencrypt_##r, gdestroy, gsetiv_ietf, 0 \
+ }; \
+ \
const gccipher SALSA20_DECOR(salsa20, r, ) = { \
SALSA20_NAME_##r, salsa20_keysz, \
SALSA20_NONCESZ, ginit_##r \
+ }; \
+ \
+ const gccipher SALSA20_DECOR(salsa20, r, _ietf) = { \
+ SALSA20_NAME_##r "-ietf", salsa20_keysz, \
+ SALSA20_IETF_NONCESZ, ginit_##r##_ietf \
};
SALSA20_VARS(DEFGCIPHER)
static void gr_seek(void *r, kludge64 pos)
{ grctx *g = r; salsa20_seeku64(&g->ctx, pos); }
+static void gr_seek_ietf(void *r, kludge64 pos)
+ { grctx *g = r; salsa20_seek_ietf(&g->ctx, LO64(pos)); }
+
static kludge64 gr_tell(void *r)
{ grctx *g = r; return (salsa20_tellu64(&g->ctx)); }
+static kludge64 gr_tell_ietf(void *r)
+{
+ grctx *g = r;
+ kludge64 pos;
+
+ SET64(pos, 0, salsa20_tell_ietf(&g->ctx));
+ return (pos);
+}
+
static void gr_setnonce(void *r, const void *n)
{ grctx *g = r; salsa20_setnonce(&g->ctx, n); }
+static void gr_setnonce_ietf(void *r, const void *n)
+ { grctx *g = r; salsa20_setnonce(&g->ctx, n); }
+
static void grdestroy(grand *r)
{ grctx *g = (grctx *)r; BURN(*g); S_DESTROY(g); }
{ SALSA20_NONCESZ, gr_seek, gr_tell, \
gr_setnonce, gr_generate_##rr }; \
\
+ static const grops grops_##rr##_ietf = \
+ { SALSA20_IETF_NONCESZ, gr_seek_ietf, gr_tell_ietf, \
+ gr_setnonce_ietf, gr_generate_##rr }; \
+ \
static const grand_ops grops_rand_##rr = { \
SALSA20_NAME_##rr, GRAND_CRYPTO, 0, \
grmisc, grdestroy, grword, \
grbyte, grword, grand_defaultrange, grfill \
}; \
\
+ static const grand_ops grops_rand_##rr##_ietf = { \
+ SALSA20_NAME_##rr "-ietf", GRAND_CRYPTO, 0, \
+ grmisc, grdestroy, grword, \
+ grbyte, grword, grand_defaultrange, grfill \
+ }; \
+ \
grand *SALSA20_DECOR(salsa20, rr, _rand) \
(const void *k, size_t ksz, const void *n) \
- { return (grinit(k, ksz, n, &grops_rand_##rr, &grops_##rr)); }
+ { return (grinit(k, ksz, n, &grops_rand_##rr, &grops_##rr)); } \
+ \
+ grand *SALSA20_DECOR(salsa20, rr, _ietf_rand) \
+ (const void *k, size_t ksz, const void *n) \
+ { \
+ return (grinit(k, ksz, n, \
+ &grops_rand_##rr##_ietf, \
+ &grops_##rr##_ietf)); \
+ }
+
SALSA20_VARS(DEFGRAND)
#define DEFXGRAND(rr) \
kludge64 pos64; \
salsa20_init(ctx, k, ksz, 0); \
if (nsz == 8) salsa20_setnonce(ctx, n); \
+ else if (nsz == 12) salsa20_setnonce_ietf(ctx, n); \
if (psz == 8) { LOAD64_(pos64, p); salsa20_seeku64(ctx, pos64); } \
+ else if (psz == 4) salsa20_seek_ietf(ctx, LOAD32(p)); \
} while (0)
#define XSALSA20_TESTSETUP(r, ctx, k, ksz, n, nsz, p, psz) do { \
/*----- Constants ---------------------------------------------------------*/
#define SALSA20_NONCESZ 8u
+#define SALSA20_IETF_NONCESZ 12u
#define SALSA20_KEYSZ 32u
#define SALSA20_OUTSZ 64u
const void */*key*/, size_t /*ksz*/,
const void */*nonce*/);
-/* --- @salsa20_setnonce@ --- *
+/* --- @salsa20_setnonce{,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
- * @const void *nonce@ = the nonce (@SALSA20_NONCESZ@ bytes)
+ * @const void *nonce@ = the nonce (@SALSA20_NONCESZ@ or
+ * @SALSA20_IETF_NONCESZ@ bytes)
*
* Returns: ---
*
*/
extern void salsa20_setnonce(salsa20_ctx */*ctx*/, const void */*nonce*/);
+extern void salsa20_setnonce_ietf(salsa20_ctx */*ctx*/,
+ const void */*nonce*/);
-/* --- @salsa20_seek{,u64}@ --- *
+/* --- @salsa20_seek{,u64,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
* @unsigned long i@, @kludge64 i@ = new position to set
extern void salsa20_seek(salsa20_ctx */*ctx*/, unsigned long /*i*/);
extern void salsa20_seeku64(salsa20_ctx */*ctx*/, kludge64 /*i*/);
+extern void salsa20_seek_ietf(salsa20_ctx */*ctx*/, uint32 /*i*/);
-/* --- @salsa20_tell{,u64}@ --- *
+/* --- @salsa20_tell{,u64,_ietf}@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
*
extern unsigned long salsa20_tell(salsa20_ctx */*ctx*/);
extern kludge64 salsa20_tellu64(salsa20_ctx */*ctx*/);
+extern uint32 salsa20_tell_ietf(salsa20_ctx */*ctx*/);
/* --- @salsa20{,12,8}_encrypt@ --- *
*
extern void xsalsa208_setnonce(xsalsa208_ctx */*ctx*/,
const void */*nonce*/);
-/* --- @xsalsa20{,12,8}_seek{,u64}@ --- *
+/* --- @xsalsa20{,12,8}_seek@, @xsalsa20{,12,8}_seeku64@ --- *
*
* Arguments: @xsalsa20R_ctx *ctx@ = pointer to context
* @unsigned long i@, @kludge64 i@ = new position to set
extern void xsalsa2012_seeku64(xsalsa2012_ctx */*ctx*/, kludge64 /*i*/);
extern void xsalsa208_seeku64(xsalsa208_ctx */*ctx*/, kludge64 /*i*/);
-/* --- @xsalsa20{,12,8}_tell{,u64}@ --- *
+/* --- @xsalsa20{,12,8}_tell@, @xsalsa20{,12,8}_tellu64@ --- *
*
* Arguments: @salsa20_ctx *ctx@ = pointer to context
*
extern const octet salsa20_keysz[];
#define salsa2012_keysz salsa20_keysz
#define salsa208_keysz salsa20_keysz
+#define salsa20_ietf_keysz salsa20_keysz
+#define salsa2012_ietf_keysz salsa20_keysz
+#define salsa208_ietf_keysz salsa20_keysz
#define xsalsa20_keysz salsa20_keysz
#define xsalsa2012_keysz salsa20_keysz
#define xsalsa208_keysz salsa20_keysz
const gccipher salsa20, salsa2012, salsa208;
+const gccipher salsa20_ietf, salsa2012_ietf, salsa208_ietf;
const gccipher xsalsa20, xsalsa2012, xsalsa208;
/*----- Generic random number generator interface -------------------------*/
-/* --- @salsa20{,12,8}_rand@, @xsalsa20{,12,8}_rand@ --- *
+/* --- @salsa20{,12,8}{,_ietf}_rand@, @xsalsa20{,12,8}{,_ietf}_rand@ --- *
*
* Arguments: @const void *k@ = pointer to key material
* @size_t ksz@ = size of key material
* @const void *n@ = pointer to nonce or null
- * (@SALSA20_NONCESZ@ or @XSALSA20_NONCESZ@)
+ * (@SALSA20_NONCESZ@, @SALSA20_IETF_NONCESZ@,
+ * or @XSALSA20_NONCESZ@)
*
* Returns: Pointer to generic random number generator instance.
*
const void */*n*/);
extern grand *salsa208_rand(const void */*k*/, size_t /*ksz*/,
const void */*n*/);
+extern grand *salsa20_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
+extern grand *salsa2012_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
+extern grand *salsa208_ietf_rand(const void */*k*/, size_t /*ksz*/,
+ const void */*n*/);
extern grand *xsalsa20_rand(const void */*k*/, size_t /*ksz*/,
const void */*n*/);
extern grand *xsalsa2012_rand(const void */*k*/, size_t /*ksz*/,
c46ec1b18ce8a878725a37e780dfb735
1ada31d5cf688221 "" 0 ""
826abdd84460e2e9349f0ef4af5b179b426e4b2d109a9c5bb44000ae51bea90a496beeef62a76850ff3f0402c4ddc99f6db07f151c1c0dfac2e56565d62896255b23132e7b469c7bfb88fa95d44ca5ae3e45e848a4108e98bad7a9eb15512784a6a9e6e591dce674120acaf9040ff50ff3ac30ccfb5e14204f5e4268b90a8804;
+
+ ## Tests from RFC7539.
+ 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+ 000000090000004a00000000 00000001 0 ""
+ 10f1e7e4d13b5915500fdd1fa32071c4c7d1f4c733c068030422aa9ac3d46c4ed2826446079faa0914c2d705d98b02a2b5129cd1de164eb9cbd083e8a2503c4e;
+ 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+ 000000000000004a00000000 00000001 0
+ 4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e
+ 6e2e359a2568f98041ba0728dd0d6981e97e7aec1d4360c20a27afccfd9fae0bf91b65c5524733ab8f593dabcd62b3571639d624e65152ab8f530c359f0861d807ca0dbf500d6a6156a38e088a22b65e52bc514d16ccf806818ce91ab77937365af90bbf74a35be6b40b8eedf2785e42874d;
+ 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
+ 000000000001020304050607 "" 0 ""
+ 8ad5a08b905f81cc815040274ab29471a833b637e3fd0da508dbb8e2fdd1a646;
+ 0000000000000000000000000000000000000000000000000000000000000000
+ 000000000000000000000000 "" 0 ""
+ 76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee65869f07e7be5551387a98ba977c732d080dcb0f29a048e3656912c6533e32ee7aed29b721769ce64e43d57133b074d839d531ed1f28510afb45ace10a1f4b794d6f;
+ 0000000000000000000000000000000000000000000000000000000000000001
+ 000000000000000000000000 00000001 0 ""
+ 3aeb5224ecf849929b9d828db1ced4dd832025e8018b8160b82284f3c949aa5a8eca00bbb4a73bdad192b5c42f73f2fd4e273644c8b36125a64addeb006c13a0;
+ 00ff000000000000000000000000000000000000000000000000000000000000
+ 000000000000000000000000 00000002 0 ""
+ 72d54dfbf12ec44b362692df94137f328fea8da73990265ec1bbbea1ae9af0ca13b25aa26cb4a648cb9b9d1be65b2c0924a66c54d545ec1b7374f4872e99f096;
+ 0000000000000000000000000000000000000000000000000000000000000000
+ 000000000000000000000002 "" 0 ""
+ c2c64d378cd536374ae204b9ef933fcd1a8b2288b3dfa49672ab765b54ee27c78a970e0e955c14f3a88e741b97c286f75f8fc299e8148362fa198a39531bed6d;
+ 0000000000000000000000000000000000000000000000000000000000000001
+ 000000000000000000000002 00000001 0
+ 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f
+ a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221;
+ 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
+ 000000000000000000000002 0000002a 0
+ 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e
+ 62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1;
+ 0000000000000000000000000000000000000000000000000000000000000001
+ 000000000000000000000002 "" 0 ""
+ ecfa254f845f647473d3cb140da9e87606cb33066c447b87bc2666dde3fbb739;
+ 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
+ 000000000000000000000002 "" 0 ""
+ 965e3bc6f9ec7ed9560808f4d229f94b137ff275ca9b3fcbdd59deaad23310ae;
}
## Homemade tests for skipping.
0f62b5085bae0154a7fa4da0f34699ec3f92e5388bde3184d72a7dd02376c91c
288ff65dc42b92f9 "" 131025 "" 36de843cccab0390b8b5862f1e4596ae;
+
+ ## Homemade test of IETF-style 12-byte nonces.
+ 0102030405060708090a0b0c0d0e0f10c9cacbcccdcecfd0d1d2d3d4d5d6d7d8
+ 7172737465666768696a6b6c 706f6e6d 0 ""
+ 45254427290f6bc1ff8b7a06aae9d9625990b66a1533c841ef31de22d772287e68c507e1c5991f02664e4cb054f5f6b8b1a0858206489577c0c384ecea67f64a;
+ 0102030405060708090a0b0c0d0e0f10
+ 7172737465666768696a6b6c 706f6e6d 0 ""
+ 27ad2ef81ec852113043feef25120df7f1c83d900a3732b9062ff6fd8f56bbe186556ef6a1a32bebe75eab3391d6701d0ee80510978cb78dab097ab568b6b1c1;
}
xsalsa20 {
~mdw / catacomb / commitdiff