Added encryption function for 12-round salsa20.

diff --git a/Makefile.in b/Makefile.in
index 2db76c51080501aa701c71a19a3f2c7bd9bdced5..424ab34d0b491281ef4c35fbbb2aa6c49a060617 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -86,7 +86,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
                 gosthash94.c \
                 ripemd160.c ripemd160-compress.c ripemd160-meta.c \
                 salsa20-core-internal.c \
-                salsa20-crypt.c salsa20-set-key.c \
+                salsa20-crypt.c salsa20r12-crypt.c salsa20-set-key.c \
                 sha1.c sha1-compress.c sha1-meta.c \
                 sha256.c sha256-compress.c sha224-meta.c sha256-meta.c \
                 sha512.c sha512-compress.c sha384-meta.c sha512-meta.c \

diff --git a/salsa20.h b/salsa20.h
index d95d002c04626641e4876e0ec76a63405e1b2f0d..1c5cc4acf86b870425c4e6faa25315ab92fac3be 100644 (file)
--- a/salsa20.h
+++ b/salsa20.h
@@ -39,6 +39,8 @@ extern "C" {
 #define salsa20_crypt nettle_salsa20_crypt
 #define _salsa20_core _nettle_salsa20_core
 
+#define salsa20r12_crypt nettle_salsa20r12_crypt
+
 /* Minimum and maximum keysizes, and a reasonable default. In
  * octets.*/
 #define SALSA20_MIN_KEY_SIZE 16
@@ -76,6 +78,11 @@ salsa20_crypt(struct salsa20_ctx *ctx,
              unsigned length, uint8_t *dst,
              const uint8_t *src);
 
+void
+salsa20r12_crypt(struct salsa20_ctx *ctx,
+             unsigned length, uint8_t *dst,
+             const uint8_t *src);
+
 void
 _salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds);
 

diff --git a/salsa20r12-crypt.c b/salsa20r12-crypt.c
new file mode 100644 (file)
index 0000000..0c82217
--- /dev/null
+++ b/salsa20r12-crypt.c
@@ -0,0 +1,74 @@
+/* salsa20r12-crypt.c
+ *
+ * The Salsa20 stream cipher.
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+/* Based on:
+   salsa20-ref.c version 20051118
+   D. J. Bernstein
+   Public domain.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "salsa20.h"
+
+#include "macros.h"
+#include "memxor.h"
+
+void
+salsa20r12_crypt(struct salsa20_ctx *ctx,
+             unsigned length,
+             uint8_t *c,
+             const uint8_t *m)
+{
+  uint32_t x[_SALSA20_INPUT_LENGTH];
+
+  if (!length)
+    return;
+  
+  for (;;)
+    {
+
+      _salsa20_core (x, ctx->input, 12);
+
+      ctx->input[9] += (++ctx->input[8] == 0);
+
+      /* stopping at 2^70 length per nonce is user's responsibility */
+      
+      if (length <= SALSA20_BLOCK_SIZE)
+       {
+         memxor3 (c, m, (uint8_t *) x, length);
+         return;
+       }
+      memxor3 (c, m, (uint8_t *) x, SALSA20_BLOCK_SIZE);
+
+      length -= SALSA20_BLOCK_SIZE;
+      c += SALSA20_BLOCK_SIZE;
+      m += SALSA20_BLOCK_SIZE;
+    }
+}