Compare f85d16a ... +2 ... 10df003

Showing 33 of 82 files from the diff.
Other files ignored by Codecov
.gitignore has changed.
.editorconfig has changed.
win/bee2.def has changed.
apps/bsum/bsum.c has changed.

@@ -5,7 +5,7 @@
Loading
5 5
\project bee2 [cryptographic library]
6 6
\author (C) Sergey Agievich [agievich@{bsu.by|gmail.com}]
7 7
\created 2015.11.02
8 -
\version 2019.07.08
8 +
\version 2020.03.24
9 9
\license This program is released under the GNU General Public License 
10 10
version 3. See Copyright Notices in bee2/info.h.
11 11
*******************************************************************************
@@ -128,58 +128,58 @@
Loading
128 128
void botpHOTPStart(void* state, size_t digit, const octet key[], 
129 129
	size_t key_len)
130 130
{
131 -
	botp_hotp_st* s = (botp_hotp_st*)state;
131 +
	botp_hotp_st* st = (botp_hotp_st*)state;
132 132
	ASSERT(6 <= digit && digit <= 8);
133 -
	ASSERT(memIsDisjoint2(key, key_len, s, botpHOTP_keep()));
134 -
	s->digit = digit;
135 -
	beltHMACStart(s->stack + beltHMAC_keep(), key, key_len);
133 +
	ASSERT(memIsDisjoint2(key, key_len, state, botpHOTP_keep()));
134 +
	st->digit = digit;
135 +
	beltHMACStart(st->stack + beltHMAC_keep(), key, key_len);
136 136
}
137 137
138 138
void botpHOTPStepS(void* state, const octet ctr[8])
139 139
{
140 -
	botp_hotp_st* s = (botp_hotp_st*)state;
141 -
	ASSERT(memIsDisjoint2(ctr, 8, s, botpHOTP_keep()) || ctr == s->ctr);
142 -
	memMove(s->ctr, ctr, 8);
140 +
	botp_hotp_st* st = (botp_hotp_st*)state;
141 +
	ASSERT(memIsDisjoint2(ctr, 8, state, botpHOTP_keep()) || ctr == st->ctr);
142 +
	memMove(st->ctr, ctr, 8);
143 143
}
144 144
145 145
void botpHOTPStepR(char* otp, void* state)
146 146
{
147 -
	botp_hotp_st* s = (botp_hotp_st*)state;
147 +
	botp_hotp_st* st = (botp_hotp_st*)state;
148 148
	// pre
149 -
	ASSERT(memIsDisjoint2(otp, s->digit + 1, state, botpHOTP_keep()) || 
150 -
		otp == s->otp);
149 +
	ASSERT(memIsDisjoint2(otp, st->digit + 1, state, botpHOTP_keep()) || 
150 +
		otp == st->otp);
151 151
	// вычислить имитовставку
152 -
	memCopy(s->stack, s->stack + beltHMAC_keep(), beltHMAC_keep());
153 -
	beltHMACStepA(s->ctr, 8, s->stack);
154 -
	beltHMACStepG(s->mac, s->stack);
152 +
	memCopy(st->stack, st->stack + beltHMAC_keep(), beltHMAC_keep());
153 +
	beltHMACStepA(st->ctr, 8, st->stack);
154 +
	beltHMACStepG(st->mac, st->stack);
155 155
	// построить пароль
156 -
	botpDT(otp, s->digit, s->mac, 32);
156 +
	botpDT(otp, st->digit, st->mac, 32);
157 157
	// инкремент счетчика
158 -
	botpCtrNext(s->ctr);
158 +
	botpCtrNext(st->ctr);
159 159
}
160 160
161 161
bool_t botpHOTPStepV(const char* otp, void* state)
162 162
{
163 -
	botp_hotp_st* s = (botp_hotp_st*)state;
163 +
	botp_hotp_st* st = (botp_hotp_st*)state;
164 164
	// pre
165 165
	ASSERT(strIsValid(otp));
166 166
	ASSERT(memIsDisjoint2(otp, strLen(otp) + 1, state, botpHOTP_keep()));
167 167
	// сохранить счетчик
168 -
	memCopy(s->ctr1, s->ctr, 8);
168 +
	memCopy(st->ctr1, st->ctr, 8);
169 169
	// проверить пароль
170 -
	botpHOTPStepR(s->otp, state);
171 -
	if (strEq(s->otp, otp))
170 +
	botpHOTPStepR(st->otp, state);
171 +
	if (strEq(st->otp, otp))
172 172
		return TRUE;
173 173
	// вернуться к первоначальному счетчику
174 -
	memCopy(s->ctr, s->ctr1, 8);
174 +
	memCopy(st->ctr, st->ctr1, 8);
175 175
	return FALSE;
176 176
}
177 177
178 178
void botpHOTPStepG(octet ctr[8], const void* state)
179 179
{
180 -
	const botp_hotp_st* s = (const botp_hotp_st*)state;
181 -
	ASSERT(memIsDisjoint2(ctr, 8, state, botpHOTP_keep()) || ctr == s->ctr);
182 -
	memMove(ctr, s->ctr, 8);
180 +
	const botp_hotp_st* st = (const botp_hotp_st*)state;
181 +
	ASSERT(memIsDisjoint2(ctr, 8, state, botpHOTP_keep()) || ctr == st->ctr);
182 +
	memMove(ctr, st->ctr, 8);
183 183
}
184 184
185 185
err_t botpHOTPRand(char* otp, size_t digit, const octet key[], size_t key_len, 
@@ -252,39 +252,39 @@
Loading
252 252
void botpTOTPStart(void* state, size_t digit, const octet key[], 
253 253
	size_t key_len)
254 254
{
255 -
	botp_totp_st* s = (botp_totp_st*)state;
255 +
	botp_totp_st* st = (botp_totp_st*)state;
256 256
	ASSERT(6 <= digit && digit <= 8);
257 -
	ASSERT(memIsDisjoint2(key, key_len, s, botpTOTP_keep()));
258 -
	s->digit = digit;
259 -
	beltHMACStart(s->stack + beltHMAC_keep(), key, key_len);
257 +
	ASSERT(memIsDisjoint2(key, key_len, state, botpTOTP_keep()));
258 +
	st->digit = digit;
259 +
	beltHMACStart(st->stack + beltHMAC_keep(), key, key_len);
260 260
}
261 261
262 262
void botpTOTPStepR(char* otp, tm_time_t t, void* state)
263 263
{
264 -
	botp_totp_st* s = (botp_totp_st*)state;
264 +
	botp_totp_st* st = (botp_totp_st*)state;
265 265
	// pre
266 266
	ASSERT(t != TIME_ERR);
267 -
	ASSERT(memIsDisjoint2(otp, s->digit + 1, state, botpHOTP_keep()) || 
268 -
		otp == s->otp);
267 +
	ASSERT(memIsDisjoint2(otp, st->digit + 1, state, botpHOTP_keep()) || 
268 +
		otp == st->otp);
269 269
	// вычислить имитовставку
270 -
	memCopy(s->stack, s->stack + beltHMAC_keep(), beltHMAC_keep());
271 -
	botpTimeToCtr(s->t, t);
272 -
	beltHMACStepA(s->t, 8, s->stack);
273 -
	beltHMACStepG(s->mac, s->stack);
270 +
	memCopy(st->stack, st->stack + beltHMAC_keep(), beltHMAC_keep());
271 +
	botpTimeToCtr(st->t, t);
272 +
	beltHMACStepA(st->t, 8, st->stack);
273 +
	beltHMACStepG(st->mac, st->stack);
274 274
	// построить пароль
275 -
	botpDT(otp, s->digit, s->mac, 32);
275 +
	botpDT(otp, st->digit, st->mac, 32);
276 276
}
277 277
278 278
bool_t botpTOTPStepV(const char* otp, tm_time_t t, void* state)
279 279
{
280 -
	botp_totp_st* s = (botp_totp_st*)state;
280 +
	botp_totp_st* st = (botp_totp_st*)state;
281 281
	// pre
282 282
	ASSERT(strIsValid(otp));
283 283
	ASSERT(t != TIME_ERR);
284 284
	ASSERT(memIsDisjoint2(otp, strLen(otp) + 1, state, botpTOTP_keep()));
285 285
	// вычислить и проверить пароль
286 -
	botpTOTPStepR(s->otp, t, state);
287 -
	return strEq(s->otp, otp);
286 +
	botpTOTPStepR(st->otp, t, state);
287 +
	return strEq(st->otp, otp);
288 288
}
289 289
290 290
err_t botpTOTPRand(char* otp, size_t digit, const octet key[], size_t key_len, 
@@ -375,14 +375,14 @@
Loading
375 375
bool_t botpOCRAStart(void* state, const char* suite, const octet key[], 
376 376
	size_t key_len)
377 377
{
378 -
	botp_ocra_st* s = (botp_ocra_st*)state;
378 +
	botp_ocra_st* st = (botp_ocra_st*)state;
379 379
	const char* suite_save = suite;
380 380
	// pre
381 381
	ASSERT(strIsValid(suite));
382 -
	ASSERT(memIsDisjoint2(suite, strLen(suite) + 1, s, botpOCRA_keep()));
383 -
	ASSERT(memIsDisjoint2(key, key_len, s, botpOCRA_keep()));
382 +
	ASSERT(memIsDisjoint2(suite, strLen(suite) + 1, state, botpOCRA_keep()));
383 +
	ASSERT(memIsDisjoint2(key, key_len, state, botpOCRA_keep()));
384 384
	// подготовить state
385 -
	memSetZero(s, botpOCRA_keep());
385 +
	memSetZero(st, botpOCRA_keep());
386 386
	// разбор suite: префикс
387 387
	if (!strStartsWith(suite, ocra_prefix))
388 388
		return FALSE;
@@ -395,7 +395,7 @@
Loading
395 395
	// разбор suite: digit
396 396
	if (*suite < '4' || *suite > '9')
397 397
		return FALSE;
398 -
	s->digit = (size_t)(*suite++ - '0');
398 +
	st->digit = (size_t)(*suite++ - '0');
399 399
	// разбор suite: DataInput
400 400
	if (*suite++ != ':')
401 401
		return FALSE;
@@ -405,7 +405,7 @@
Loading
405 405
		if (*++suite != '-')
406 406
			return FALSE;
407 407
		++suite;
408 -
		s->ctr_len = 8;
408 +
		st->ctr_len = 8;
409 409
	}
410 410
	// разбор suite: q
411 411
	if (*suite++ != 'Q')
@@ -415,16 +415,16 @@
Loading
415 415
	case 'A':
416 416
	case 'N':
417 417
	case 'H':
418 -
		s->q_type = *suite++;
418 +
		st->q_type = *suite++;
419 419
		break;
420 420
	default:
421 421
		return FALSE;
422 422
	}
423 423
	if (suite[0] < '0' || suite[0] > '9' || suite[1] < '0' || suite[1] > '9')
424 424
		return FALSE;
425 -
	s->q_max = (size_t)(suite[0] - '0');
426 -
	s->q_max *= 10, s->q_max += (size_t)(suite[1] - '0');
427 -
	if (s->q_max < 4 || s->q_max > 64)
425 +
	st->q_max = (size_t)(suite[0] - '0');
426 +
	st->q_max *= 10, st->q_max += (size_t)(suite[1] - '0');
427 +
	if (st->q_max < 4 || st->q_max > 64)
428 428
		return FALSE;
429 429
	suite += 2;
430 430
	// разбор suite: p
@@ -434,22 +434,22 @@
Loading
434 434
		if (strStartsWith(suite, ocra_hbelt))
435 435
		{
436 436
			suite += strLen(ocra_hbelt);
437 -
			s->p_len = 32;
437 +
			st->p_len = 32;
438 438
		}
439 439
		else if (strStartsWith(suite, ocra_sha1))
440 440
		{
441 441
			suite += strLen(ocra_sha1);
442 -
			s->p_len = 20;
442 +
			st->p_len = 20;
443 443
		}
444 444
		else if (strStartsWith(suite, ocra_sha256))
445 445
		{
446 446
			suite += strLen(ocra_sha256);
447 -
			s->p_len = 32;
447 +
			st->p_len = 32;
448 448
		}
449 449
		else if (strStartsWith(suite, ocra_sha512))
450 450
		{
451 451
			suite += strLen(ocra_sha512);
452 -
			s->p_len = 64;
452 +
			st->p_len = 64;
453 453
		}
454 454
		else
455 455
			return FALSE;
@@ -462,10 +462,10 @@
Loading
462 462
			suite[1] < '0' || suite[1] > '9' ||
463 463
			suite[2] < '0' || suite[2] > '9')
464 464
			return FALSE;
465 -
		s->s_len = (size_t)(suite[0] - '0');
466 -
		s->s_len *= 10, s->s_len += (size_t)(suite[1] - '0');
467 -
		s->s_len *= 10, s->s_len += (size_t)(suite[2] - '0');
468 -
		if (s->s_len > 512)
465 +
		st->s_len = (size_t)(suite[0] - '0');
466 +
		st->s_len *= 10, st->s_len += (size_t)(suite[1] - '0');
467 +
		st->s_len *= 10, st->s_len += (size_t)(suite[2] - '0');
468 +
		if (st->s_len > 512)
469 469
			return FALSE;
470 470
		suite += 3;
471 471
	}
@@ -475,24 +475,24 @@
Loading
475 475
		suite += 2;
476 476
		if (*suite < '1' || *suite > '9')
477 477
			return FALSE;
478 -
		s->ts = (size_t)(*suite++ - '0');
478 +
		st->ts = (size_t)(*suite++ - '0');
479 479
		if (*suite >= '0' && *suite <= '9')
480 -
			s->ts *= 10, s->ts += (size_t)(*suite++ - '0');
480 +
			st->ts *= 10, st->ts += (size_t)(*suite++ - '0');
481 481
		switch (*suite++)
482 482
		{
483 483
		case 'S':
484 -
			if (s->ts > 59)
484 +
			if (st->ts > 59)
485 485
				return FALSE;
486 486
			break;
487 487
		case 'M':
488 -
			if (s->ts > 59)
488 +
			if (st->ts > 59)
489 489
				return FALSE;
490 -
			s->ts *= 60;
490 +
			st->ts *= 60;
491 491
			break;
492 492
		case 'H':
493 -
			if (s->ts > 48)
493 +
			if (st->ts > 48)
494 494
				return FALSE;
495 -
			s->ts *= 3600;
495 +
			st->ts *= 3600;
496 496
			break;
497 497
		default:
498 498
			return FALSE;
@@ -502,87 +502,89 @@
Loading
502 502
	if (*suite)
503 503
		return FALSE;
504 504
	// запуск HMAC 
505 -
	beltHMACStart(s->stack + beltHMAC_keep(), key, key_len);
506 -
	beltHMACStepA(suite_save, strLen(suite_save) + 1, s->stack);
505 +
	beltHMACStart(st->stack + beltHMAC_keep(), key, key_len);
506 +
	beltHMACStepA(suite_save, strLen(suite_save) + 1,
507 +
		st->stack + beltHMAC_keep());
507 508
	return TRUE;
508 509
}
509 510
510 511
void botpOCRAStepS(void* state, const octet ctr[8], const octet p[], 
511 512
	const octet s[])
512 513
{
513 -
	botp_ocra_st* ss = (botp_ocra_st*)state;
514 +
	botp_ocra_st* st = (botp_ocra_st*)state;
514 515
	// pre
515 -
	ASSERT(memIsValid(ss, botpOCRA_keep()));
516 +
	ASSERT(memIsValid(state, botpOCRA_keep()));
516 517
	// загрузить сtr
517 -
	if (ss->ctr_len)
518 +
	if (st->ctr_len)
518 519
	{
519 -
		ASSERT(memIsDisjoint2(ctr, 8, ss, botpOCRA_keep()) || ctr == ss->ctr);
520 -
		memMove(ss->ctr, ctr, 8);
520 +
		ASSERT(memIsDisjoint2(ctr, 8, st, botpOCRA_keep()) || ctr == st->ctr);
521 +
		memMove(st->ctr, ctr, 8);
521 522
	}
522 523
	// загрузить p
523 -
	if (ss->p_len)
524 +
	if (st->p_len)
524 525
	{
525 -
		ASSERT(memIsDisjoint2(p, ss->p_len, ss, botpOCRA_keep()) || p == ss->p);
526 -
		memMove(ss->p, p, ss->p_len);
526 +
		ASSERT(memIsDisjoint2(p, st->p_len, st, botpOCRA_keep()) || p == st->p);
527 +
		memMove(st->p, p, st->p_len);
527 528
	}
528 529
	// загрузить s
529 -
	if (ss->s_len)
530 +
	if (st->s_len)
530 531
	{
531 -
		ASSERT(memIsDisjoint2(p, ss->s_len, s, botpOCRA_keep()) || s == ss->s);
532 -
		memMove(ss->s, s, ss->s_len);
532 +
		ASSERT(memIsDisjoint2(p, st->s_len, s, botpOCRA_keep()) || s == st->s);
533 +
		memMove(st->s, s, st->s_len);
533 534
	}
534 535
}
535 536
536 537
void botpOCRAStepR(char* otp, const octet q[], size_t q_len, tm_time_t t, 
537 538
	void* state)
538 539
{
539 -
	botp_ocra_st* s = (botp_ocra_st*)state;
540 +
	botp_ocra_st* st = (botp_ocra_st*)state;
540 541
	// pre
541 -
	ASSERT(memIsDisjoint2(otp, s->digit + 1, state, botpOCRA_keep()) || 
542 -
		otp == s->otp);
543 -
	ASSERT(4 <= q_len && q_len <= 2 * s->q_max);
544 -
	ASSERT(memIsValid(q, q_len));
542 +
	ASSERT(memIsDisjoint2(otp, st->digit + 1, state, botpOCRA_keep()) || 
543 +
		otp == st->otp);
544 +
	ASSERT(4 <= q_len && q_len <= 2 * st->q_max);
545 +
	ASSERT(memIsDisjoint2(q, q_len, state, botpOCRA_keep() || q == st->q));
545 546
	ASSERT(t != TIME_ERR);
546 547
	// вычислить имитовставку
547 -
	memCopy(s->stack, s->stack + beltHMAC_keep(), beltHMAC_keep());
548 -
	if (s->ctr_len)
549 -
		beltHMACStepA(s->ctr, 8, s->stack), botpCtrNext(s->ctr);
550 -
	memSetZero(s->q + q_len, 128 - q_len);
551 -
	beltHMACStepA(s->q, 128, s->stack);
552 -
	if (s->p_len)
553 -
		beltHMACStepA(s->p, s->p_len, s->stack);
554 -
	if (s->s_len)
555 -
		beltHMACStepA(s->s, s->s_len, s->stack);
556 -
	if (s->ts)
557 -
		botpTimeToCtr(s->t, t), beltHMACStepA(s->t, 8, s->stack);
558 -
	beltHMACStepG(s->mac, s->stack);
548 +
	memCopy(st->stack, st->stack + beltHMAC_keep(), beltHMAC_keep());
549 +
	if (st->ctr_len)
550 +
		beltHMACStepA(st->ctr, 8, st->stack), botpCtrNext(st->ctr);
551 +
	memMove(st->q, q, q_len);
552 +
	memSetZero(st->q + q_len, 128 - q_len);
553 +
	beltHMACStepA(st->q, 128, st->stack);
554 +
	if (st->p_len)
555 +
		beltHMACStepA(st->p, st->p_len, st->stack);
556 +
	if (st->s_len)
557 +
		beltHMACStepA(st->s, st->s_len, st->stack);
558 +
	if (st->ts)
559 +
		botpTimeToCtr(st->t, t), beltHMACStepA(st->t, 8, st->stack);
560 +
	beltHMACStepG(st->mac, st->stack);
559 561
	// построить пароль
560 -
	botpDT(otp, s->digit, s->mac, 32);
562 +
	botpDT(otp, st->digit, st->mac, 32);
561 563
}
562 564
563 565
bool_t botpOCRAStepV(const char* otp, const octet q[], size_t q_len, 
564 566
	tm_time_t t, void* state)
565 567
{
566 -
	botp_ocra_st* s = (botp_ocra_st*)state;
568 +
	botp_ocra_st* st = (botp_ocra_st*)state;
567 569
	// pre
568 570
	ASSERT(strIsValid(otp));
569 571
	ASSERT(memIsDisjoint2(otp, strLen(otp) + 1, state, botpOCRA_keep()));
570 572
	// сохранить счетчик
571 -
	memCopy(s->ctr1, s->ctr, 8);
573 +
	memCopy(st->ctr1, st->ctr, 8);
572 574
	// проверить пароль
573 -
	botpOCRAStepR(s->otp, q, q_len, t, state);
574 -
	if (strEq(s->otp, otp))
575 +
	botpOCRAStepR(st->otp, q, q_len, t, state);
576 +
	if (strEq(st->otp, otp))
575 577
		return TRUE;
576 578
	// вернуться к первоначальному счетчику
577 -
	memCopy(s->ctr, s->ctr1, 8);
579 +
	memCopy(st->ctr, st->ctr1, 8);
578 580
	return FALSE;
579 581
}
580 582
581 583
void botpOCRAStepG(octet ctr[8], const void* state)
582 584
{
583 -
	const botp_ocra_st* s = (const botp_ocra_st*)state;
584 -
	ASSERT(memIsDisjoint2(ctr, 8, state, botpOCRA_keep()) || ctr == s->ctr);
585 -
	memMove(ctr, s->ctr, 8);
585 +
	const botp_ocra_st* st = (const botp_ocra_st*)state;
586 +
	ASSERT(memIsDisjoint2(ctr, 8, state, botpOCRA_keep()) || ctr == st->ctr);
587 +
	memMove(ctr, st->ctr, 8);
586 588
}
587 589
588 590
err_t botpOCRARand(char* otp, const char* suite, const octet key[],	

@@ -5,7 +5,7 @@
Loading
5 5
\project bee2 [cryptographic library]
6 6
\author (C) Sergey Agievich [agievich@{bsu.by|gmail.com}]
7 7
\created 2012.12.18
8 -
\version 2019.06.26
8 +
\version 2020.03.24
9 9
\license This program is released under the GNU General Public License 
10 10
version 3. See Copyright Notices in bee2/info.h.
11 11
*******************************************************************************
@@ -45,194 +45,194 @@
Loading
45 45
46 46
void beltHMACStart(void* state, const octet key[], size_t len)
47 47
{
48 -
	belt_hmac_st* s = (belt_hmac_st*)state;
49 -
	ASSERT(memIsDisjoint2(key, len, s, beltHMAC_keep()));
48 +
	belt_hmac_st* st = (belt_hmac_st*)state;
49 +
	ASSERT(memIsDisjoint2(key, len, state, beltHMAC_keep()));
50 50
	// key <- key || 0
51 51
	if (len <= 32)
52 52
	{
53 -
		memCopy(s->block, key, len);
54 -
		memSetZero(s->block + len, 32 - len);
53 +
		memCopy(st->block, key, len);
54 +
		memSetZero(st->block + len, 32 - len);
55 55
#if (OCTET_ORDER == BIG_ENDIAN)
56 -
		beltBlockRevU32(s->block);
57 -
		beltBlockRevU32(s->block + 16);
56 +
		beltBlockRevU32(st->block);
57 +
		beltBlockRevU32(st->block + 16);
58 58
#endif
59 59
	}
60 60
	// key <- beltHash(key)
61 61
	else
62 62
	{
63 -
		beltBlockSetZero(s->ls_in);
64 -
		beltBlockAddBitSizeU32(s->ls_in, len);
65 -
		beltBlockSetZero(s->ls_in + 4);
66 -
		u32From(s->h_in, beltH(), 32);
63 +
		beltBlockSetZero(st->ls_in);
64 +
		beltBlockAddBitSizeU32(st->ls_in, len);
65 +
		beltBlockSetZero(st->ls_in + 4);
66 +
		u32From(st->h_in, beltH(), 32);
67 67
		while (len >= 32)
68 68
		{
69 -
			beltBlockCopy(s->block, key);
70 -
			beltBlockCopy(s->block + 16, key + 16);
69 +
			beltBlockCopy(st->block, key);
70 +
			beltBlockCopy(st->block + 16, key + 16);
71 71
#if (OCTET_ORDER == BIG_ENDIAN)
72 -
			beltBlockRevU32(s->block);
73 -
			beltBlockRevU32(s->block + 16);
72 +
			beltBlockRevU32(st->block);
73 +
			beltBlockRevU32(st->block + 16);
74 74
#endif
75 -
			beltCompr2(s->ls_in + 4, s->h_in, (u32*)s->block, s->stack);
75 +
			beltCompr2(st->ls_in + 4, st->h_in, (u32*)st->block, st->stack);
76 76
			key += 32;
77 77
			len -= 32;
78 78
		}
79 79
		if (len)
80 80
		{
81 -
			memCopy(s->block, key, len);
82 -
			memSetZero(s->block + len, 32 - len);
81 +
			memCopy(st->block, key, len);
82 +
			memSetZero(st->block + len, 32 - len);
83 83
#if (OCTET_ORDER == BIG_ENDIAN)
84 -
			beltBlockRevU32(s->block);
85 -
			beltBlockRevU32(s->block + 16);
84 +
			beltBlockRevU32(st->block);
85 +
			beltBlockRevU32(st->block + 16);
86 86
#endif
87 -
			beltCompr2(s->ls_in + 4, s->h_in, (u32*)s->block, s->stack);
87 +
			beltCompr2(st->ls_in + 4, st->h_in, (u32*)st->block, st->stack);
88 88
		}
89 -
		beltCompr(s->h_in, s->ls_in, s->stack);
90 -
		beltBlockCopy(s->block, s->h_in);
91 -
		beltBlockCopy(s->block + 16, s->h_in + 4);
89 +
		beltCompr(st->h_in, st->ls_in, st->stack);
90 +
		beltBlockCopy(st->block, st->h_in);
91 +
		beltBlockCopy(st->block + 16, st->h_in + 4);
92 92
	}
93 93
	// сформировать key ^ ipad
94 94
	for (len = 0; len < 32; ++len)
95 -
		s->block[len] ^= 0x36;
95 +
		st->block[len] ^= 0x36;
96 96
	// начать внутреннее хэширование
97 -
	beltBlockSetZero(s->ls_in);
98 -
	beltBlockAddBitSizeU32(s->ls_in, 32);
99 -
	beltBlockSetZero(s->ls_in + 4);
100 -
	u32From(s->h_in, beltH(), 32);
101 -
	beltCompr2(s->ls_in + 4, s->h_in, (u32*)s->block, s->stack);
102 -
	s->filled = 0;
97 +
	beltBlockSetZero(st->ls_in);
98 +
	beltBlockAddBitSizeU32(st->ls_in, 32);
99 +
	beltBlockSetZero(st->ls_in + 4);
100 +
	u32From(st->h_in, beltH(), 32);
101 +
	beltCompr2(st->ls_in + 4, st->h_in, (u32*)st->block, st->stack);
102 +
	st->filled = 0;
103 103
	// сформировать key ^ opad [0x36 ^ 0x5C == 0x6A]
104 104
	for (; len--; )
105 -
		s->block[len] ^= 0x6A;
105 +
		st->block[len] ^= 0x6A;
106 106
	// начать внешнее хэширование [будет хэшироваться ровно два блока]
107 -
	beltBlockSetZero(s->ls_out);
108 -
	beltBlockAddBitSizeU32(s->ls_out, 32 * 2);
109 -
	beltBlockSetZero(s->ls_out + 4);
110 -
	u32From(s->h_out, beltH(), 32);
111 -
	beltCompr2(s->ls_out + 4, s->h_out, (u32*)s->block, s->stack);
107 +
	beltBlockSetZero(st->ls_out);
108 +
	beltBlockAddBitSizeU32(st->ls_out, 32 * 2);
109 +
	beltBlockSetZero(st->ls_out + 4);
110 +
	u32From(st->h_out, beltH(), 32);
111 +
	beltCompr2(st->ls_out + 4, st->h_out, (u32*)st->block, st->stack);
112 112
}
113 113
114 114
void beltHMACStepA(const void* buf, size_t count, void* state)
115 115
{
116 -
	belt_hmac_st* s = (belt_hmac_st*)state;
117 -
	ASSERT(memIsDisjoint2(buf, count, s, beltHMAC_keep()));
116 +
	belt_hmac_st* st = (belt_hmac_st*)state;
117 +
	ASSERT(memIsDisjoint2(buf, count, state, beltHMAC_keep()));
118 118
	// обновить длину
119 -
	beltBlockAddBitSizeU32(s->ls_in, count);
119 +
	beltBlockAddBitSizeU32(st->ls_in, count);
120 120
	// есть накопленные данные?
121 -
	if (s->filled)
121 +
	if (st->filled)
122 122
	{
123 -
		if (count < 32 - s->filled)
123 +
		if (count < 32 - st->filled)
124 124
		{
125 -
			memCopy(s->block + s->filled, buf, count);
126 -
			s->filled += count;
125 +
			memCopy(st->block + st->filled, buf, count);
126 +
			st->filled += count;
127 127
			return;
128 128
		}
129 -
		memCopy(s->block + s->filled, buf, 32 - s->filled);
130 -
		count -= 32 - s->filled;
131 -
		buf = (const octet*)buf + 32 - s->filled;
129 +
		memCopy(st->block + st->filled, buf, 32 - st->filled);
130 +
		count -= 32 - st->filled;
131 +
		buf = (const octet*)buf + 32 - st->filled;
132 132
#if (OCTET_ORDER == BIG_ENDIAN)
133 -
		beltBlockRevU32(s->block);
134 -
		beltBlockRevU32(s->block + 16);
133 +
		beltBlockRevU32(st->block);
134 +
		beltBlockRevU32(st->block + 16);
135 135
#endif
136 -
		beltCompr2(s->ls_in + 4, s->h_in, (u32*)s->block, s->stack);
137 -
		s->filled = 0;
136 +
		beltCompr2(st->ls_in + 4, st->h_in, (u32*)st->block, st->stack);
137 +
		st->filled = 0;
138 138
	}
139 139
	// цикл по полным блокам
140 140
	while (count >= 32)
141 141
	{
142 -
		beltBlockCopy(s->block, buf);
143 -
		beltBlockCopy(s->block + 16, (const octet*)buf + 16);
142 +
		beltBlockCopy(st->block, buf);
143 +
		beltBlockCopy(st->block + 16, (const octet*)buf + 16);
144 144
#if (OCTET_ORDER == BIG_ENDIAN)
145 -
		beltBlockRevU32(s->block);
146 -
		beltBlockRevU32(s->block + 16);
145 +
		beltBlockRevU32(st->block);
146 +
		beltBlockRevU32(st->block + 16);
147 147
#endif
148 -
		beltCompr2(s->ls_in + 4, s->h_in, (u32*)s->block, s->stack);
148 +
		beltCompr2(st->ls_in + 4, st->h_in, (u32*)st->block, st->stack);
149 149
		buf = (const octet*)buf + 32;
150 150
		count -= 32;
151 151
	}
152 152
	// неполный блок?
153 153
	if (count)
154 -
		memCopy(s->block, buf, s->filled = count);
154 +
		memCopy(st->block, buf, st->filled = count);
155 155
}
156 156
157 157
static void beltHMACStepG_internal(void* state)
158 158
{
159 -
	belt_hmac_st* s = (belt_hmac_st*)state;
159 +
	belt_hmac_st* st = (belt_hmac_st*)state;
160 160
	// pre
161 -
	ASSERT(memIsValid(s, beltHash_keep()));
162 -
	// создать копии второй части s->ls_in и s->h_in
163 -
	beltBlockCopy(s->s1, s->ls_in + 4);
164 -
	beltBlockCopy(s->h1_in, s->h_in);
165 -
	beltBlockCopy(s->h1_in + 4, s->h_in + 4);
161 +
	ASSERT(memIsValid(state, beltHash_keep()));
162 +
	// создать копии второй части st->ls_in и st->h_in
163 +
	beltBlockCopy(st->s1, st->ls_in + 4);
164 +
	beltBlockCopy(st->h1_in, st->h_in);
165 +
	beltBlockCopy(st->h1_in + 4, st->h_in + 4);
166 166
	// есть необработанные данные?
167 -
	if (s->filled)
167 +
	if (st->filled)
168 168
	{
169 -
		memSetZero(s->block + s->filled, 32 - s->filled);
169 +
		memSetZero(st->block + st->filled, 32 - st->filled);
170 170
#if (OCTET_ORDER == BIG_ENDIAN)
171 -
		beltBlockRevU32(s->block);
172 -
		beltBlockRevU32(s->block + 16);
171 +
		beltBlockRevU32(st->block);
172 +
		beltBlockRevU32(st->block + 16);
173 173
#endif
174 -
		beltCompr2(s->ls_in + 4, s->h1_in, (u32*)s->block, s->stack);
174 +
		beltCompr2(st->ls_in + 4, st->h1_in, (u32*)st->block, st->stack);
175 175
#if (OCTET_ORDER == BIG_ENDIAN)
176 -
		beltBlockRevU32(s->block + 16);
177 -
		beltBlockRevU32(s->block);
176 +
		beltBlockRevU32(st->block + 16);
177 +
		beltBlockRevU32(st->block);
178 178
#endif
179 179
	}
180 180
	// последний блок внутреннего хэширования
181 -
	beltCompr(s->h1_in, s->ls_in, s->stack);
182 -
	// восстановить сохраненную часть s->ls_in
183 -
	beltBlockCopy(s->ls_in + 4, s->s1);
184 -
	// создать копии второй части s->ls_out и s->h_out
185 -
	beltBlockCopy(s->s1, s->ls_out + 4);
186 -
	beltBlockCopy(s->h1_out, s->h_out);
187 -
	beltBlockCopy(s->h1_out + 4, s->h_out + 4);
188 -
	// обработать блок s->h1_in
189 -
	beltCompr2(s->ls_out + 4, s->h1_out, s->h1_in, s->stack);
181 +
	beltCompr(st->h1_in, st->ls_in, st->stack);
182 +
	// восстановить сохраненную часть st->ls_in
183 +
	beltBlockCopy(st->ls_in + 4, st->s1);
184 +
	// создать копии второй части st->ls_out и st->h_out
185 +
	beltBlockCopy(st->s1, st->ls_out + 4);
186 +
	beltBlockCopy(st->h1_out, st->h_out);
187 +
	beltBlockCopy(st->h1_out + 4, st->h_out + 4);
188 +
	// обработать блок st->h1_in
189 +
	beltCompr2(st->ls_out + 4, st->h1_out, st->h1_in, st->stack);
190 190
	// последний блок внешнего хэширования
191 -
	beltCompr(s->h1_out, s->ls_out, s->stack);
192 -
	// восстановить сохраненную часть s->ls_out
193 -
	beltBlockCopy(s->ls_out + 4, s->s1);
191 +
	beltCompr(st->h1_out, st->ls_out, st->stack);
192 +
	// восстановить сохраненную часть st->ls_out
193 +
	beltBlockCopy(st->ls_out + 4, st->s1);
194 194
}
195 195
196 196
void beltHMACStepG(octet mac[32], void* state)
197 197
{
198 -
	belt_hmac_st* s = (belt_hmac_st*)state;
198 +
	belt_hmac_st* st = (belt_hmac_st*)state;
199 199
	ASSERT(memIsValid(mac, 32));
200 200
	beltHMACStepG_internal(state);
201 -
	u32To(mac, 32, s->h1_out);
201 +
	u32To(mac, 32, st->h1_out);
202 202
}
203 203
204 204
void beltHMACStepG2(octet mac[], size_t mac_len, void* state)
205 205
{
206 -
	belt_hmac_st* s = (belt_hmac_st*)state;
206 +
	belt_hmac_st* st = (belt_hmac_st*)state;
207 207
	ASSERT(mac_len <= 32);
208 208
	ASSERT(memIsValid(mac, mac_len));
209 209
	beltHMACStepG_internal(state);
210 -
	u32To(mac, mac_len, s->h1_out);
210 +
	u32To(mac, mac_len, st->h1_out);
211 211
}
212 212
213 213
bool_t beltHMACStepV(const octet mac[32], void* state)
214 214
{
215 -
	belt_hmac_st* s = (belt_hmac_st*)state;
215 +
	belt_hmac_st* st = (belt_hmac_st*)state;
216 216
	ASSERT(memIsValid(mac, 32));
217 217
	beltHMACStepG_internal(state);
218 218
#if (OCTET_ORDER == BIG_ENDIAN)
219 -
	beltBlockRevU32(s->h1_out);
220 -
	beltBlockRevU32(s->h1_out + 4);
219 +
	beltBlockRevU32(st->h1_out);
220 +
	beltBlockRevU32(st->h1_out + 4);
221 221
#endif
222 -
	return memEq(mac, s->h1_out, 32);
222 +
	return memEq(mac, st->h1_out, 32);
223 223
}
224 224
225 225
bool_t beltHMACStepV2(const octet mac[], size_t mac_len, void* state)
226 226
{
227 -
	belt_hmac_st* s = (belt_hmac_st*)state;
227 +
	belt_hmac_st* st = (belt_hmac_st*)state;
228 228
	ASSERT(mac_len <= 32);
229 229
	ASSERT(memIsValid(mac, mac_len));
230 230
	beltHMACStepG_internal(state);
231 231
#if (OCTET_ORDER == BIG_ENDIAN)
232 -
	beltBlockRevU32(s->h1_out);
233 -
	beltBlockRevU32(s->h1_out + 4);
232 +
	beltBlockRevU32(st->h1_out);
233 +
	beltBlockRevU32(st->h1_out + 4);
234 234
#endif
235 -
	return memEq(mac, s->h1_out, mac_len);
235 +
	return memEq(mac, st->h1_out, mac_len);
236 236
}
237 237
238 238
err_t beltHMAC(octet mac[32], const void* src, size_t count,

@@ -1,4 +1,4 @@
Loading
1 -
/*
1 +
/*
2 2
*******************************************************************************
3 3
\file gfp.c
4 4
\brief Prime fields

@@ -1,4 +1,4 @@
Loading
1 -
/*
1 +
/*
2 2
*******************************************************************************
3 3
\file obj.c
4 4
\brief Compound objects

@@ -5,7 +5,7 @@
Loading
5 5
\project bee2 [cryptographic library]
6 6
\author (C) Sergey Agievich [agievich@{bsu.by|gmail.com}]
7 7
\created 2012.12.18
8 -
\version 2017.09.28
8 +
\version 2020.03.24
9 9
\license This program is released under the GNU General Public License 
10 10
version 3. See Copyright Notices in bee2/info.h.
11 11
*******************************************************************************
@@ -34,48 +34,48 @@
Loading
34 34
35 35
void beltECBStart(void* state, const octet key[], size_t len)
36 36
{
37 -
	belt_ecb_st* s = (belt_ecb_st*)state;
38 -
	ASSERT(memIsValid(s, beltECB_keep()));
39 -
	beltKeyExpand2(s->key, key, len);
37 +
	belt_ecb_st* st = (belt_ecb_st*)state;
38 +
	ASSERT(memIsValid(state, beltECB_keep()));
39 +
	beltKeyExpand2(st->key, key, len);
40 40
}
41 41
42 42
void beltECBStepE(void* buf, size_t count, void* state)
43 43
{
44 -
	belt_ecb_st* s = (belt_ecb_st*)state;
44 +
	belt_ecb_st* st = (belt_ecb_st*)state;
45 45
	ASSERT(count >= 16);
46 -
	ASSERT(memIsDisjoint2(buf, count, s, beltECB_keep()));
46 +
	ASSERT(memIsDisjoint2(buf, count, state, beltECB_keep()));
47 47
	// цикл по полным блокам
48 48
	while(count >= 16)
49 49
	{
50 -
		beltBlockEncr(buf, s->key);
50 +
		beltBlockEncr(buf, st->key);
51 51
		buf = (octet*)buf + 16;
52 52
		count -= 16;
53 53
	}
54 54
	// неполный блок? кража блока
55 55
	if (count)
56 56
	{
57 57
		memSwap((octet*)buf - 16, buf, count);
58 -
		beltBlockEncr((octet*)buf - 16, s->key);
58 +
		beltBlockEncr((octet*)buf - 16, st->key);
59 59
	}
60 60
}
61 61
62 62
void beltECBStepD(void* buf, size_t count, void* state)
63 63
{
64 -
	belt_ecb_st* s = (belt_ecb_st*)state;
64 +
	belt_ecb_st* st = (belt_ecb_st*)state;
65 65
	ASSERT(count >= 16);
66 -
	ASSERT(memIsDisjoint2(buf, count, s, beltECB_keep()));
66 +
	ASSERT(memIsDisjoint2(buf, count, state, beltECB_keep()));
67 67
	// цикл по полным блокам
68 68
	while(count >= 16)
69 69
	{
70 -
		beltBlockDecr(buf, s->key);
70 +
		beltBlockDecr(buf, st->key);
71 71
		buf = (octet*)buf + 16;
72 72
		count -= 16;
73 73
	}
74 74
	// неполный блок? кража блока
75 75
	if (count)
76 76
	{
77 77
		memSwap((octet*)buf - 16, buf, count);
78 -
		beltBlockDecr((octet*)buf - 16, s->key);
78 +
		beltBlockDecr((octet*)buf - 16, st->key);
79 79
	}
80 80
}
81 81

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Click to load this diff.
Loading diff...

Learn more Showing 8 files with coverage changes found.

Changes in src/crypto/bash/bash_hash.c
-1
+1
Loading file...
Changes in src/math/qr.c
-1
+1
Loading file...
Changes in src/crypto/brng.c
-1
+1
Loading file...
Changes in src/math/pp.c
-2
+2
Loading file...
Changes in src/math/ec2.c
-1
+1
Loading file...
Changes in src/math/ecp.c
-1
+1
Loading file...
New file src/crypto/belt/belt_che.c
New
Loading file...
Changes in src/math/pri.c
-1
+1
Loading file...
Files Coverage
src 0.29% 84.51%
Project Totals (65 files) 84.51%
Loading