The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
comp128.c
Go to the documentation of this file.
1 /*
2  * This program is is free software; you can redistribute it and/or modify
3  * it under the terms of the GNU General Public License as published by
4  * the Free Software Foundation; either version 2 of the License, or (at
5  * your option) any later version.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15  */
16 
17 /**
18  * @file comp128.c
19  * @brief Implementations of comp128v1, comp128v2, comp128v3 algorithms
20  *
21  * Comp128v1 was inspired by code from:
22  * Marc Briceno <marc@scard.org>, Ian Goldberg <iang@cs.berkeley.edu>,
23  * and David Wagner <daw@cs.berkeley.edu>
24  *
25  * But it has been fully rewritten (Sylvain Munaut <tnt@246tNt.com>) from various PDFs found online
26  * describing the algorithm because the licence of the code referenced above was unclear.
27  * A comment snippet from the original code is included below, it describes where the doc came
28  * from and how the algorithm was reverse engineered.
29  *
30  * Comp128v2 & v3 is a port of the python code from:
31  * http://www.hackingprojects.net/
32  * The author of the original code is Tamas Jos <tamas.jos@skelsec.com>
33  *
34  * @note The above GPL license only applies to comp128v1, the license for comp128v2 and comp128v3 is unknown.
35  *
36  * @copyright 2013 The FreeRADIUS server project
37  * @copyright 2013 Hacking projects [http://www.hackingprojects.net/]
38  * @copyright 2009 Sylvain Munaut (tnt@246tNt.com)
39  */
40 RCSID("$Id: 7c955398a865c22512ab16fab1428d09b541d513 $")
41 
42 #include "comp128.h"
43 #include <stdio.h>
44 /* 512 bytes */
45 static uint8_t const comp128v1_t0[] = {
46  102, 177, 186, 162, 2, 156, 112, 75, 55, 25, 8, 12, 251, 193, 246, 188,
47  109, 213, 151, 53, 42, 79, 191, 115, 233, 242, 164, 223, 209, 148, 108, 161,
48  252, 37, 244, 47, 64, 211, 6, 237, 185, 160, 139, 113, 76, 138, 59, 70,
49  67, 26, 13, 157, 63, 179, 221, 30, 214, 36, 166, 69, 152, 124, 207, 116,
50  247, 194, 41, 84, 71, 1, 49, 14, 95, 35, 169, 21, 96, 78, 215, 225,
51  182, 243, 28, 92, 201, 118, 4, 74, 248, 128, 17, 11, 146, 132, 245, 48,
52  149, 90, 120, 39, 87, 230, 106, 232, 175, 19, 126, 190, 202, 141, 137, 176,
53  250, 27, 101, 40, 219, 227, 58, 20, 51, 178, 98, 216, 140, 22, 32, 121,
54  61, 103, 203, 72, 29, 110, 85, 212, 180, 204, 150, 183, 15, 66, 172, 196,
55  56, 197, 158, 0, 100, 45, 153, 7, 144, 222, 163, 167, 60, 135, 210, 231,
56  174, 165, 38, 249, 224, 34, 220, 229, 217, 208, 241, 68, 206, 189, 125, 255,
57  239, 54, 168, 89, 123, 122, 73, 145, 117, 234, 143, 99, 129, 200, 192, 82,
58  104, 170, 136, 235, 93, 81, 205, 173, 236, 94, 105, 52, 46, 228, 198, 5,
59  57, 254, 97, 155, 142, 133, 199, 171, 187, 50, 65, 181, 127, 107, 147, 226,
60  184, 218, 131, 33, 77, 86, 31, 44, 88, 62, 238, 18, 24, 43, 154, 23,
61  80, 159, 134, 111, 9, 114, 3, 91, 16, 130, 83, 10, 195, 240, 253, 119,
62  177, 102, 162, 186, 156, 2, 75, 112, 25, 55, 12, 8, 193, 251, 188, 246,
63  213, 109, 53, 151, 79, 42, 115, 191, 242, 233, 223, 164, 148, 209, 161, 108,
64  37, 252, 47, 244, 211, 64, 237, 6, 160, 185, 113, 139, 138, 76, 70, 59,
65  26, 67, 157, 13, 179, 63, 30, 221, 36, 214, 69, 166, 124, 152, 116, 207,
66  194, 247, 84, 41, 1, 71, 14, 49, 35, 95, 21, 169, 78, 96, 225, 215,
67  243, 182, 92, 28, 118, 201, 74, 4, 128, 248, 11, 17, 132, 146, 48, 245,
68  90, 149, 39, 120, 230, 87, 232, 106, 19, 175, 190, 126, 141, 202, 176, 137,
69  27, 250, 40, 101, 227, 219, 20, 58, 178, 51, 216, 98, 22, 140, 121, 32,
70  103, 61, 72, 203, 110, 29, 212, 85, 204, 180, 183, 150, 66, 15, 196, 172,
71  197, 56, 0, 158, 45, 100, 7, 153, 222, 144, 167, 163, 135, 60, 231, 210,
72  165, 174, 249, 38, 34, 224, 229, 220, 208, 217, 68, 241, 189, 206, 255, 125,
73  54, 239, 89, 168, 122, 123, 145, 73, 234, 117, 99, 143, 200, 129, 82, 192,
74  170, 104, 235, 136, 81, 93, 173, 205, 94, 236, 52, 105, 228, 46, 5, 198,
75  254, 57, 155, 97, 133, 142, 171, 199, 50, 187, 181, 65, 107, 127, 226, 147,
76  218, 184, 33, 131, 86, 77, 44, 31, 62, 88, 18, 238, 43, 24, 23, 154,
77  159, 80, 111, 134, 114, 9, 91, 3, 130, 16, 10, 83, 240, 195, 119, 253};
78 
79 /* 256 bytes */
80 static uint8_t const comp128v1_t1[] = {
81  19, 11, 80, 114, 43, 1, 69, 94, 39, 18, 127, 117, 97, 3, 85, 43,
82  27, 124, 70, 83, 47, 71, 63, 10, 47, 89, 79, 4, 14, 59, 11, 5,
83  35, 107, 103, 68, 21, 86, 36, 91, 85, 126, 32, 50, 109, 94, 120, 6,
84  53, 79, 28, 45, 99, 95, 41, 34, 88, 68, 93, 55, 110, 125, 105, 20,
85  90, 80, 76, 96, 23, 60, 89, 64, 121, 56, 14, 74, 101, 8, 19, 78,
86  76, 66, 104, 46, 111, 50, 32, 3, 39, 0, 58, 25, 92, 22, 18, 51,
87  57, 65, 119, 116, 22, 109, 7, 86, 59, 93, 62, 110, 78, 99, 77, 67,
88  12, 113, 87, 98, 102, 5, 88, 33, 38, 56, 23, 8, 75, 45, 13, 75,
89  95, 63, 28, 49, 123, 120, 20, 112, 44, 30, 15, 98, 106, 2, 103, 29,
90  82, 107, 42, 124, 24, 30, 41, 16, 108, 100, 117, 40, 73, 40, 7, 114,
91  82, 115, 36, 112, 12, 102, 100, 84, 92, 48, 72, 97, 9, 54, 55, 74,
92  113, 123, 17, 26, 53, 58, 4, 9, 69, 122, 21, 118, 42, 60, 27, 73,
93  118, 125, 34, 15, 65, 115, 84, 64, 62, 81, 70, 1, 24, 111, 121, 83,
94  104, 81, 49, 127, 48, 105, 31, 10, 6, 91, 87, 37, 16, 54, 116, 126,
95  31, 38, 13, 0, 72, 106, 77, 61, 26, 67, 46, 29, 96, 37, 61, 52,
96  101, 17, 44, 108, 71, 52, 66, 57, 33, 51, 25, 90, 2, 119, 122, 35};
97 
98 /* 128 bytes */
99 static uint8_t const comp128v1_t2[] = {
100  52, 50, 44, 6, 21, 49, 41, 59, 39, 51, 25, 32, 51, 47, 52, 43,
101  37, 4, 40, 34, 61, 12, 28, 4, 58, 23, 8, 15, 12, 22, 9, 18,
102  55, 10, 33, 35, 50, 1, 43, 3, 57, 13, 62, 14, 7, 42, 44, 59,
103  62, 57, 27, 6, 8, 31, 26, 54, 41, 22, 45, 20, 39, 3, 16, 56,
104  48, 2, 21, 28, 36, 42, 60, 33, 34, 18, 0, 11, 24, 10, 17, 61,
105  29, 14, 45, 26, 55, 46, 11, 17, 54, 46, 9, 24, 30, 60, 32, 0,
106  20, 38, 2, 30, 58, 35, 1, 16, 56, 40, 23, 48, 13, 19, 19, 27,
107  31, 53, 47, 38, 63, 15, 49, 5, 37, 53, 25, 36, 63, 29, 5, 7};
108 
109 /* 64 bytes */
110 static uint8_t const comp128v1_t3[] = {
111  1, 5, 29, 6, 25, 1, 18, 23, 17, 19, 0, 9, 24, 25, 6, 31,
112  28, 20, 24, 30, 4, 27, 3, 13, 15, 16, 14, 18, 4, 3, 8, 9,
113  20, 0, 12, 26, 21, 8, 28, 2, 29, 2, 15, 7, 11, 22, 14, 10,
114  17, 21, 12, 30, 26, 27, 16, 31, 11, 7, 13, 23, 10, 5, 22, 19};
115 
116 /* 32 bytes */
117 static uint8_t const comp128v1_t4[] = {
118  15, 12, 10, 4, 1, 14, 11, 7, 5, 0, 14, 7, 1, 2, 13, 8,
119  10, 3, 4, 9, 6, 0, 3, 2, 5, 6, 8, 9, 11, 13, 15, 12};
120 
121 static uint8_t const *_comp128_table[] = { comp128v1_t0, comp128v1_t1, comp128v1_t2, comp128v1_t3, comp128v1_t4 };
122 
123 /* 256 bytes */
124 static uint8_t const comp128v23_t0[] = {
125  197, 235, 60, 151, 98, 96, 3, 100, 248, 118, 42, 117, 172, 211, 181, 203,
126  61, 126, 156, 87, 149, 224, 55, 132, 186, 63, 238, 255, 85, 83, 152, 33,
127  160, 184, 210, 219, 159, 11, 180, 194, 130, 212, 147, 5, 215, 92, 27, 46,
128  113, 187, 52, 25, 185, 79, 221, 48, 70, 31, 101, 15, 195, 201, 50, 222,
129  137, 233, 229, 106, 122, 183, 178, 177, 144, 207, 234, 182, 37, 254, 227, 231,
130  54, 209, 133, 65, 202, 69, 237, 220, 189, 146, 120, 68, 21, 125, 38, 30,
131  2, 155, 53, 196, 174, 176, 51, 246, 167, 76, 110, 20, 82, 121, 103, 112,
132  56, 173, 49, 217, 252, 0, 114, 228, 123, 12, 93, 161, 253, 232, 240, 175,
133  67, 128, 22, 158, 89, 18, 77, 109, 190, 17, 62, 4, 153, 163, 59, 145,
134  138, 7, 74, 205, 10, 162, 80, 45, 104, 111, 150, 214, 154, 28, 191, 169,
135  213, 88, 193, 198, 200, 245, 39, 164, 124, 84, 78, 1, 188, 170, 23, 86,
136  226, 141, 32, 6, 131, 127, 199, 40, 135, 16, 57, 71, 91, 225, 168, 242,
137  206, 97, 166, 44, 14, 90, 236, 239, 230, 244, 223, 108, 102, 119, 148, 251,
138  29, 216, 8, 9, 249, 208, 24, 105, 94, 34, 64, 95, 115, 72, 134, 204,
139  43, 247, 243, 218, 47, 58, 73, 107, 241, 179, 116, 66, 36, 143, 81, 250,
140  139, 19, 13, 142, 140, 129, 192, 99, 171, 157, 136, 41, 75, 35, 165, 26
141 };
142 
143 /* 256 bytes */
144 static uint8_t const comp128v23_t1[] = {
145  170, 42, 95, 141, 109, 30, 71, 89, 26, 147, 231, 205, 239, 212, 124, 129,
146  216, 79, 15, 185, 153, 14, 251, 162, 0, 241, 172, 197, 43, 10, 194, 235,
147  6, 20, 72, 45, 143, 104, 161, 119, 41, 136, 38, 189, 135, 25, 93, 18,
148  224, 171, 252, 195, 63, 19, 58, 165, 23, 55, 133, 254, 214, 144, 220, 178,
149  156, 52, 110, 225, 97, 183, 140, 39, 53, 88, 219, 167, 16, 198, 62, 222,
150  76, 139, 175, 94, 51, 134, 115, 22, 67, 1, 249, 217, 3, 5, 232, 138,
151  31, 56, 116, 163, 70, 128, 234, 132, 229, 184, 244, 13, 34, 73, 233, 154,
152  179, 131, 215, 236, 142, 223, 27, 57, 246, 108, 211, 8, 253, 85, 66, 245,
153  193, 78, 190, 4, 17, 7, 150, 127, 152, 213, 37, 186, 2, 243, 46, 169,
154  68, 101, 60, 174, 208, 158, 176, 69, 238, 191, 90, 83, 166, 125, 77, 59,
155  21, 92, 49, 151, 168, 99, 9, 50, 146, 113, 117, 228, 65, 230, 40, 82,
156  54, 237, 227, 102, 28, 36, 107, 24, 44, 126, 206, 201, 61, 114, 164, 207,
157  181, 29, 91, 64, 221, 255, 48, 155, 192, 111, 180, 210, 182, 247, 203, 148,
158  209, 98, 173, 11, 75, 123, 250, 118, 32, 47, 240, 202, 74, 177, 100, 80,
159  196, 33, 248, 86, 157, 137, 120, 130, 84, 204, 122, 81, 242, 188, 200, 149,
160  226, 218, 160, 187, 106, 35, 87, 105, 96, 145, 199, 159, 12, 121, 103, 112
161 };
162 
163 static inline void _comp128_compression_round(uint8_t *x, int n, const uint8_t *tbl)
164 {
165  int i, j, m, a, b, y, z;
166  m = 4 - n;
167  for (i = 0; i < (1 << n); i++) {
168  for (j = 0; j < (1 << m); j++) {
169  a = j + i * (2 << m);
170  b = a + (1 << m);
171  y = (x[a] + (x[b] << 1)) & ((32 << m) - 1);
172  z = ((x[a] << 1) + x[b]) & ((32 << m) - 1);
173  x[a] = tbl[y];
174  x[b] = tbl[z];
175  }
176  }
177 }
178 
179 static inline void _comp128_compression(uint8_t *x)
180 {
181  int n;
182  for (n = 0; n < 5; n++) {
183  _comp128_compression_round(x, n, _comp128_table[n]);
184  }
185 }
186 
187 static inline void _comp128_bitsfrombytes(uint8_t *x, uint8_t *bits)
188 {
189  int i;
190 
191  memset(bits, 0x00, 128);
192  for (i = 0; i < 128; i++) {
193  if (x[i >> 2] & (1 << (3 - (i & 3)))) {
194  bits[i] = 1;
195  }
196  }
197 }
198 
199 static inline void _comp128_permutation(uint8_t *x, uint8_t *bits)
200 {
201  int i;
202  memset(&x[16], 0x00, 16);
203  for (i = 0; i < 128; i++) {
204  x[(i >> 3) + 16] |= bits[(i * 17) & 127] << (7 - (i & 7));
205  }
206 }
207 
208 /** Calculate comp128v1 sres and kc from ki and rand
209  *
210  * This code derived from a leaked document from the GSM standards.
211  * Some missing pieces were filled in by reverse-engineering a working SIM.
212  * We have verified that this is the correct COMP128 algorithm.
213  *
214  * The first page of the document identifies it as
215  * _Technical Information: GSM System Security Study_.
216  * 10-1617-01, 10th June 1988.
217  * The bottom of the title page is marked
218  * Racal Research Ltd.
219  * Worton Drive, Worton Grange Industrial Estate,
220  * Reading, Berks. RG2 0SB, England.
221  * Telephone: Reading (0734) 868601 Telex: 847152
222  * The relevant bits are in Part I, Section 20 (pages 66--67). Enjoy!
223  *
224  * Note: There are three typos in the spec (discovered by reverse-engineering).
225  * First, "z = (2 * x[n] + x[n]) mod 2^(9-j)" should clearly read
226  * "z = (2 * x[m] + x[n]) mod 2^(9-j)".
227  * Second, the "k" loop in the "Form bits from bytes" section is severely
228  * botched: the k index should run only from 0 to 3, and clearly the range
229  * on "the (8-k)th bit of byte j" is also off (should be 0..7, not 1..8,
230  * to be consistent with the subsequent section).
231  * Third, SRES is taken from the first 8 nibbles of x[], not the last 8 as
232  * claimed in the document. (And the document doesn't specify how Kc is
233  * derived, but that was also easily discovered with reverse engineering.)
234  * All of these typos have been corrected in the following code.
235  *
236  * @param[out] sres 4 byte value derived from ki and rand.
237  * @param[out] kc 8 byte value derived from ki and rand.
238  * @param[in] ki known only by the SIM and AuC (us in this case).
239  * @param[in] rand 16 bytes of randomness.
240  */
241 void comp128v1(uint8_t sres[static 4], uint8_t kc[static 8],
242  uint8_t const ki[static 16], uint8_t const rand[static 16])
243 {
244  int i;
245  uint8_t x[32], bits[128];
246 
247  /* x[16-31] = RAND */
248  memcpy(&x[16], rand, 16);
249 
250  /*
251  * Round 1-7
252  */
253  for (i = 0; i < 7; i++) {
254  /* x[0-15] = Ki */
255  memcpy(x, ki, 16); //-V512
256 
257  /* Compression */
258  _comp128_compression(x);
259 
260  /* FormBitFromBytes */
261  _comp128_bitsfrombytes(x, bits);
262 
263  /* Permutation */
264  _comp128_permutation(x, bits);
265  }
266 
267  /*
268  * Round 8 (final)
269  * x[0-15] = Ki
270  */
271  memcpy(x, ki, 16); //-V512
272 
273  /* Compression */
274  _comp128_compression(x);
275 
276  /* Output stage */
277  for (i = 0; i < 8; i += 2) sres[i >> 1] = x[i] << 4 | x[i + 1];
278 
279  for (i = 0; i < 12; i += 2) {
280  kc[i>>1] = (x[i + 18] << 6) |
281  (x[i + 19] << 2) |
282  (x[i + 20] >> 2);
283  }
284 
285  kc[6] = (x[30] << 6) | (x[31] << 2);
286  kc[7] = 0;
287 }
288 
289 static void _comp128v23(uint8_t *rand, uint8_t const *kxor)
290 {
291  uint8_t temp[16];
292  uint8_t km_rm[32];
293 
294  int i, j, k, z;
295 
296  memset(&temp, 0, sizeof(temp));
297  memcpy(km_rm, rand, 16);
298  memcpy(km_rm + 16, kxor, 16);
299  memset(rand, 0, 16);
300 
301  for (i = 0; i < 5; i++) {
302  j = 0;
303 
304  for (z = 0; z < 16; z++) {
305  temp[z] = comp128v23_t0[comp128v23_t1[km_rm[16 + z]] ^ km_rm[z]];
306  }
307 
308  while ((1 << i) > j) {
309  k = 0;
310 
311  while ((1 << (4 - i)) > k) {
312  km_rm[(((2 * k) + 1) << i) + j] =
313  comp128v23_t0[comp128v23_t1[temp[(k << i) + j]] ^ (km_rm[(k << i) + 16 + j])];
314  km_rm[(k << (i + 1)) + j] = temp[(k << i) + j];
315  k++;
316  }
317  j++;
318  }
319  }
320 
321  for (i = 0; i < 16; i++) {
322  for (j = 0; j < 8; j++) {
323  rand[i] = rand[i] ^ (((km_rm[(19 * (j + 8 * i) + 19) % 256 / 8] >> (3 * j + 3) % 8) & 1) << j);
324  }
325  }
326 }
327 
328 /** Calculate comp128v2 or comp128v3 sres and kc from ki and rand
329  *
330  * @param[out] sres 4 byte value derived from ki and rand.
331  * @param[out] kc 8 byte value derived from ki and rand.
332  * @param[in] ki known only by the SIM and AuC (us in this case).
333  * @param[in] rand 16 bytes of randomness.
334  * @param[in] v2 if true we use version comp128-2 else we use comp128-3.
335  */
336 void comp128v23(uint8_t sres[static 4], uint8_t kc[static 8],
337  uint8_t const ki[static 16], uint8_t const rand[static 16], bool v2)
338 {
339  uint8_t k_mix[16];
340  uint8_t rand_mix[16];
341  uint8_t katyvasz[16];
342  uint8_t buffer[16];
343 
344  /* Every day IM suffling... */
345  int i;
346 
347  for (i = 0; i < 8; i++) {
348  k_mix[i] = ki[15 - i];
349  k_mix[15 - i] = ki[i];
350  }
351 
352  for (i = 0; i < 8; i++) {
353  rand_mix[i] = rand[15 - i];
354  rand_mix[15 - i] = rand[i];
355  }
356 
357  for (i = 0; i < 16; i++) {
358  katyvasz[i] = k_mix[i] ^ rand_mix[i];
359  }
360 
361  for (i = 0; i < 8; i++) {
362  _comp128v23(rand_mix, katyvasz);
363  }
364 
365  for (i = 0; i < 16; i++) {
366  buffer[i] = rand_mix[15 - i];
367  }
368 
369  if (v2) {
370  buffer[15] = 0x00;
371  buffer[14] = 4 * (buffer[14] >> 2);
372  }
373 
374  for (i = 0; i < 4; i++) {
375  buffer[8 + i - 4] = buffer[8 + i];
376  buffer[8 + i] = buffer[8 + i + 4];
377  }
378 
379  /*
380  * The algorithm uses 16 bytes until this point, but only 12 bytes are effective
381  * also 12 bytes coming out from the SIM card.
382  */
383  memcpy(sres, buffer, 4);
384  memcpy(kc, buffer + 4, 8);
385 }
386 
387 #if 0
388 #include <stdlib.h>
389 #include <ctype.h>
390 static int hextoint(char x)
391 {
392  x = toupper(x);
393  if (x >= 'A' && x <= 'F') {
394  return x-'A' + 10;
395  } else if (x >= '0' && x <= '9') {
396  return x-'0';
397  }
398 
399  fprintf(stderr, "Bad input.\n");
400 
401  fr_exit_now(EXIT_FAILURE);
402 }
403 
404 int main(int argc, char **argv)
405 {
406  uint8_t rand[16], key[16], sres[4], kc[8];
407  int version;
408  int i;
409 
410  if ((argc != 4) ||
411  (strlen(argv[1]) != 34) || (strlen(argv[2]) != 34) ||
412  (strncmp(argv[1], "0x", 2) != 0) || (strncmp(argv[2], "0x", 2) != 0) ||
413  !(version = atoi(argv[3]))) {
414  error:
415  fprintf(stderr, "Usage: %s 0x<key> 0x<rand> [1|2|3]\n", argv[0]);
416  fr_exit_now(EXIT_FAILURE);
417  }
418 
419  for (i = 0; i < 16; i++) {
420  key[i] = (hextoint(argv[1][(2 * i) + 2]) << 4) | hextoint(argv[1][(2 * i) + 3]);
421  }
422 
423  for (i = 0; i < 16; i++) {
424  rand[i] = (hextoint(argv[2][(2 * i) + 2]) << 4) | hextoint(argv[2][(2 * i) + 3]);
425  }
426 
427  switch (version) {
428  case 3:
429  comp128v23(sres, kc, key, rand, false);
430  break;
431 
432  case 2:
433  comp128v23(sres, kc, key, rand, true);
434  break;
435 
436  case 1:
437  comp128v1(sres, kc, key, rand);
438  break;
439 
440  default:
441  fprintf(stderr, "Invalid version, must be 1, 2 or 3");
442  goto error;
443  }
444 
445  /* Output in vector format <Ki>,<rand>,<sres><Kc> */
446  for (i = 0; i < 16; i++) {
447  printf("%02X", key[i]);
448  }
449  printf(",");
450  for (i = 0; i < 16; i++) {
451  printf("%02X", rand[i]);
452  }
453  printf(",");
454  for (i = 0; i < 4; i++) {
455  printf("%02X", sres[i]);
456  }
457  for (i = 0; i < 8; i++) {
458  printf("%02X", kc[i]);
459  }
460  printf("\n");
461 
462  return 0;
463 }
464 #endif
buffer
static int const char char buffer[256]
Definition: acutest.h:574
n
int n
Definition: acutest.h:577
RCSID
#define RCSID(id)
Definition: build.h:481
_comp128_compression_round
static void _comp128_compression_round(uint8_t *x, int n, const uint8_t *tbl)
Definition: comp128.c:163
comp128v1_t4
static uint8_t const comp128v1_t4[]
Definition: comp128.c:117
comp128v23_t1
static uint8_t const comp128v23_t1[]
Definition: comp128.c:144
comp128v1
void comp128v1(uint8_t sres[static 4], uint8_t kc[static 8], uint8_t const ki[static 16], uint8_t const rand[static 16])
Calculate comp128v1 sres and kc from ki and rand.
Definition: comp128.c:241
_comp128_table
static uint8_t const * _comp128_table[]
Definition: comp128.c:121
_comp128_permutation
static void _comp128_permutation(uint8_t *x, uint8_t *bits)
Definition: comp128.c:199
comp128v23
void comp128v23(uint8_t sres[static 4], uint8_t kc[static 8], uint8_t const ki[static 16], uint8_t const rand[static 16], bool v2)
Calculate comp128v2 or comp128v3 sres and kc from ki and rand.
Definition: comp128.c:336
_comp128_bitsfrombytes
static void _comp128_bitsfrombytes(uint8_t *x, uint8_t *bits)
Definition: comp128.c:187
comp128v1_t0
static uint8_t const comp128v1_t0[]
Definition: comp128.c:45
comp128v1_t2
static uint8_t const comp128v1_t2[]
Definition: comp128.c:99
_comp128_compression
static void _comp128_compression(uint8_t *x)
Definition: comp128.c:179
_comp128v23
static void _comp128v23(uint8_t *rand, uint8_t const *kxor)
Definition: comp128.c:289
comp128v1_t3
static uint8_t const comp128v1_t3[]
Definition: comp128.c:110
comp128v23_t0
static uint8_t const comp128v23_t0[]
Definition: comp128.c:124
comp128v1_t1
static uint8_t const comp128v1_t1[]
Definition: comp128.c:80
y
size_t y
Definition: dbuff.c:67
fr_exit_now
#define fr_exit_now(_x)
Exit without calling atexit() handlers, producing a log message in debug builds.
Definition: debug.h:234
main
int main(int argc, char **argv)
Definition: dhcpclient.c:521
uint8_t
unsigned char uint8_t
Definition: merged_model.c:30
Generated by   doxygen 1.9.1