开源密码函数库-LibTomCrypt
2024-06-19 15:18:59 
阿炯
LibTomCrypt是一个开源的、功能强大的加密库,主要用C语言编写。该库旨在提供全面的密码学算法实现,包括对称加密、非对称加密、哈希函数、消息认证码(MAC)、伪随机数生成器(PRNG)等。它被设计为轻量级且易于集成,广泛应用于需要加密和安全功能的项目中。在公有领域协议下授权使用。
LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
特性
多种加密算法:包括AES、DES、3DES、Blowfish、RC5、RC6等。
哈希算法:如MD5、SHA-1、SHA-256、RIPEMD-160等。
消息认证码(MAC):HMAC、OMAC等。
非对称加密算法:RSA、DSA、ECC等。
伪随机数生成器(PRNG):包括Yarrow、Fortuna等。
轻量级:适合嵌入式系统和资源受限的环境。
Written entirely in portable ISO C source (except for things like RNGs for natural reasons)
Builds out of the box on virtually every box. All that is required is GCC for the source to build
Includes a 180+ page user manual in PDF format (with working examples in it)
Block Ciphers
Ciphers come with an ECB encrypt/decrypt, setkey and self-test interfaces.
All ciphers have the same prototype which facilitates using multiple ciphers at runtime.
Some of the ciphers are flexible in terms of code size and memory usage.
Ciphers Supported:
AES (aka Rijndael)
Anubis (with optional tweak as proposed by the developers)
Blowfish
CAST5
Camellia
DES, two-key 3DES, 3DES
KASUMI
Khazad
Multi2
Noekeon
RC2
RC5
RC6
SAFER (K64, SK64, K128, SK128)
SAFER+
SEED
Skipjack
Twofish
XTEA
Stream Ciphers
Stream ciphers come with setup, opt. set IV, crypt, done and self-test interfaces.
ChaCha RC4 SOBER-128
All stream ciphers also come with a keystream interface which acts as if crypting with 0-bytes.
Chaining Modes
Modes come with a start, encrypt/decrypt and set/get IV interfaces.
Modes supported:
CBC CFB CTR ECB
F8 Chaining Mode
LRW mode (IEEE)
OFB XTS
One-Way Hash Functions
Hashes come with init, process, done and self-test interfaces.
All hashes use the same prototypes for the interfaces.
Hashes supported:
Blake2b (160/256/384/512)
Blake2s (128/160/224/256)
MD2-4-5
RIPE-MD (128/160/256/320)
SHA-1
SHA-2 (224/256/384/512/512-224/512-256)
SHA-3 (224/256/384/512)
SHA-3-SHAKE
TIGER-192
WHIRLPOOL
Message Authentication
Blake2b MAC
Blake2s MAC
CMAC, also known as OMAC1 (supports all ciphers)
F9 MAC
HMAC (FIPS-198, supports all hashes)
PMAC Authentication
Pelican MAC
Poly1305 MAC
XCBC MAC
Message Encrypt+Authenticate Modes
CCM Mode (NIST spec)
ChaCha20-Poly1305 (IETF spec RFC7539)
EAX Mode
GCM Mode (IEEE spec)
OCB Mode v1
OCB Mode v3 (IETF spec RFC7253)
Pseudo-Random Number Generators
ChaCha20
Fortuna
RC4
SOBER-128
Yarrow
Support for /dev/random, /dev/urandom and the Win32 CSP RNG
Public Key Algorithms
RSA (via PKCS #1)
ECC (EC-DSA X9.62 signatures, X9.63 EC-DH)
With fast Fixed Point ECC support as well
X9.63 uncompressed import/export of public keys
DSA
Diffie-Hellman
The math routines are pluggable which means you can use your own math provider if you want. The library has support built in for:
LibTomMath
TomsFastMath
GMP (GNU Multi Precision Arithmetic Library)
Other standards
PKCS #1 (v1.5 EMSA&EME and v2.0/v2.1 OAEP&PSS)
PKCS #5 (PBKDF1, OpenSSL-compatible PBKDF1 and PBKDF2)
ASN.1 DER for BOOLEAN, INTEGER, BIT STRING, OCTET STRING, NULL, SEQUENCE, SET, SET OF, CHOICE, OBJECT IDENTIFIER, IA5 STRING, PRINTABLE STRING, TELETEX STRING, UTCTIME and GENERALIZED TIME types.
Support to detect CONSTRUCTED or CONTEXT SPECIFIC types is also provided.
Base64 and Base64-URL (RFC4648)
HKDF (RFC5869)
Checksum algorithms: Adler32 CRC-32
Portable code builds out of the box with a conforming C compiler
Builds out of the box for i686, x86_64, ppc32, ppc64, arm, aarch64, s390, s390x, SPARC, SPARC64, Altera NIOS2, Xilinx Microblaze, …
Includes some platform optimizations for i386, x86_64 and ppc32.
LibTomCrypt builds out of the box with GCC >2.95, clang, mingw-gcc (32- and 64-bit), cygwin-gcc, HP cc, IBM xlc as well as Visual C++ >v6.00-SP5. It can be reconfigured to eliminate algorithms, use different build options (e.g. smaller or faster code) or use different build tools. It has been successfully tested on numerous platforms.
示例1:AES加密和解密
#include <tomcrypt.h>
#include <iostream>
#include <cstring>
void aes_example() {
unsigned char key[16], pt[16], ct[16], vt[16];
symmetric_key skey;
// 初始化密钥和明文
std::memset(key, 0, sizeof(key));
std::strcpy(reinterpret_cast<char*>(pt), "Hello World!");
// 设置AES密钥
if (aes_setup(key, sizeof(key), 0, &skey) != CRYPT_OK) {
std::cerr << "Error setting up AES" << std::endl;
return;
}
// 加密
if (aes_ecb_encrypt(pt, ct, &skey) != CRYPT_OK) {
std::cerr << "Error encrypting with AES" << std::endl;
return;
}
// 解密
if (aes_ecb_decrypt(ct, vt, &skey) != CRYPT_OK) {
std::cerr << "Error decrypting with AES" << std::endl;
return;
}
std::cout << "Original: " << pt << std::endl;
std::cout << "Encrypted: ";
for(int i = 0; i < 16; ++i) {
std::cout << std::hex << (int)ct[i] << " ";
}
std::cout << std::endl;
std::cout << "Decrypted: " << vt << std::endl;
}
int main() {
aes_example();
return 0;
}
示例2:SHA-256哈希
#include <tomcrypt.h>
#include <iostream>
#include <cstring>
void sha256_example() {
unsigned char hash[32];
hash_state md;
// 初始化SHA-256
sha256_init(&md);
sha256_process(&md, reinterpret_cast<const unsigned char*>("Hello World!"), std::strlen("Hello World!"));
sha256_done(&md, hash);
std::cout << "SHA-256 Hash: ";
for(int i = 0; i < 32; ++i) {
std::cout << std::hex << (int)hash[i];
}
std::cout << std::endl;
}
int main() {
sha256_example();
return 0;
}
LibTomCrypt是一个高度可配置且功能齐全的加密库,非常适合需要实现各种加密功能的C/C++项目。它提供了丰富的算法选择和简单的API,可以满足大多数加密需求。通过学习和使用LibTomCrypt,可以有效地增强应用程序的安全性。
最新版本:
项目主页:
https://www.libtom.net/LibTomCrypt/
https://github.com/libtom/libtomcrypt