Provided by: libtomcrypt-dev_1.17-3.2ubuntu1_amd64 bug


       libtomcrypt - public domain open source crypthographic toolkit


       #include <tomcrypt.h>

       Link with -ltomcrypt (use pkg-config --libs libtomcrypt)


       libtomcrypt  is documented in /usr/share/doc/libtomcrypt-dev/crypt.pdf. To give you a very
       brief introduction, the following example is provided.


         /* AES-XTS example for libtomcrypt. (c) 2008 Michael Stapelberg, Public Domain */
         #include <stdint.h>
         #include <string.h>
         #include <tomcrypt.h>

         static symmetric_xts xts;

          * Initializes AES-XTS for use with encrypt(). Key must be at least 32 bytes long, only
          * the first 32 bytes will be used.
         void initialize_xts(unsigned char *key) {
           int idx, err;
           unsigned char aeskey1[16], aeskey2[16];

           /* You can use 32 different ciphers simultaneously. Before using a cipher, you must register it. */

           /* Get the index of the cipher registered before */
           if ((idx = find_cipher("aes")) == -1) {
                   fprintf(stderr, "ERROR: AES not available in libtomcrypt. Please upgrade/fix libtomcrypt.\n");

           /* Set up the two private keys required by AES-XTS (see 3.4.10 of crypt.pdf) */
           strncpy((char*)aeskey1, key, 16);
           strncpy((char*)aeskey2, key+16, 16);

           printf("Initializing with keys \"%.16s\" and \"%.16s\" (AES-XTS)\n", aeskey1, aeskey2);

           /* Initialize AES-XTS */
           if ((err = xts_start(idx, aeskey1, aeskey2, 16, 0, &xts)) != CRYPT_OK) {
                   fprintf(stderr, "ERROR starting XTS: %s\n", error_to_string(err));

          * Encrypts the input (of input_size) and stores the result in output. The piece index
          * is required because XTS wants a tweak for each block so that it doesn't generate
          * patterns which would be visible in the encrypted output.
         void encrypt(const uint8_t *input, uint8_t *output, int input_size, int piece_idx) {
           unsigned char tweak[256];
           int err;

           memset(tweak, '\0', 256);
           snprintf((char*)tweak, 256, "%d", piece_idx);

           if ((err = xts_encrypt(input, input_size, output, tweak, &xts)) != CRYPT_OK) {
                   fprintf(stderr, "ERROR in AES encryption: %d: %s\n", err, error_to_string(err));




       libtomcrypt was written by Tom St Denis.

       This manual page was written by Michael Stapelberg <>, for the Debian
       project (and may be used by others).

                                            June 2009                              LIBTOMCRYPT(3)