ReactOS 0.4.16-dev-122-g325d74c
tomcrypt.h File Reference
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <basetsd.h>
Include dependency graph for tomcrypt.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  tag_rc2_key
 
struct  tag_des_key
 
struct  tag_des3_key
 
struct  tag_aes_key
 
struct  tag_md2_state
 
struct  rc4_prng
 
union  Prng_state
 
struct  mp_int
 
struct  Rsa_key
 

Macros

#define CONST64(a, b)   ((((ULONG64)(a)) << 32) | (b))
 
#define STORE32H(x, y)
 
#define LOAD32H(x, y)
 
#define ROR(x, y)
 
#define MIN(x, y)   ( ((x)<(y))?(x):(y) )
 
#define byte(x, n)   (((x) >> (8 * (n))) & 255)
 
#define DIGIT_BIT   28
 
#define MP_DIGIT_BIT   DIGIT_BIT
 
#define MP_MASK   ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
 
#define MP_DIGIT_MAX   MP_MASK
 
#define MP_LT   -1 /* less than */
 
#define MP_EQ   0 /* equal to */
 
#define MP_GT   1 /* greater than */
 
#define MP_ZPOS   0 /* positive integer */
 
#define MP_NEG   1 /* negative */
 
#define MP_OKAY   0 /* ok result */
 
#define MP_MEM   -2 /* out of mem */
 
#define MP_VAL   -3 /* invalid input */
 
#define MP_RANGE   MP_VAL
 
#define MP_YES   1 /* yes response */
 
#define MP_NO   0 /* no response */
 
#define LTM_PRIME_BBS   0x0001 /* BBS style prime */
 
#define LTM_PRIME_SAFE   0x0002 /* Safe prime (p-1)/2 == prime */
 
#define LTM_PRIME_2MSB_OFF   0x0004 /* force 2nd MSB to 0 */
 
#define LTM_PRIME_2MSB_ON   0x0008 /* force 2nd MSB to 1 */
 
#define MP_PREC   64 /* default digits of precision */
 
#define MP_WARRAY   (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
 
#define DIGIT(m, k)   ((m)->dp[(k)])
 
#define mp_iszero(a)   (((a)->used == 0) ? MP_YES : MP_NO)
 
#define mp_iseven(a)   (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
 
#define mp_isodd(a)   (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
 
#define PRIME_SIZE   256
 
#define mp_prime_random(a, t, size, bbs, cb, dat)   mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
 
#define mp_read_raw(mp, str, len)   mp_read_signed_bin((mp), (str), (len))
 
#define mp_raw_size(mp)   mp_signed_bin_size(mp)
 
#define mp_toraw(mp, str)   mp_to_signed_bin((mp), (str))
 
#define mp_read_mag(mp, str, len)   mp_read_unsigned_bin((mp), (str), (len))
 
#define mp_mag_size(mp)   mp_unsigned_bin_size(mp)
 
#define mp_tomag(mp, str)   mp_to_unsigned_bin((mp), (str))
 
#define mp_tobinary(M, S)   mp_toradix((M), (S), 2)
 
#define mp_tooctal(M, S)   mp_toradix((M), (S), 8)
 
#define mp_todecimal(M, S)   mp_toradix((M), (S), 10)
 
#define mp_tohex(M, S)   mp_toradix((M), (S), 16)
 
#define PK_PRIVATE   0 /* PK private keys */
 
#define PK_PUBLIC   1 /* PK public keys */
 
#define MIN_RSA_SIZE   384
 
#define MAX_RSA_SIZE   16384
 

Typedefs

typedef ULONG64 ulong64
 
typedef ULONG32 ulong32
 
typedef struct tag_rc2_key rc2_key
 
typedef struct tag_des_key des_key
 
typedef struct tag_des3_key des3_key
 
typedef struct tag_aes_key aes_key
 
typedef struct tag_md2_state md2_state
 
typedef union Prng_state prng_state
 
typedef unsigned long mp_digit
 
typedef ulong64 mp_word
 
typedef int mp_err
 
typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat)
 
typedef struct Rsa_key rsa_key
 

Enumerations

enum  {
  CRYPT_OK =0 , CRYPT_ERROR , CRYPT_NOP , CRYPT_INVALID_KEYSIZE ,
  CRYPT_INVALID_ROUNDS , CRYPT_FAIL_TESTVECTOR , CRYPT_BUFFER_OVERFLOW , CRYPT_INVALID_PACKET ,
  CRYPT_INVALID_PRNGSIZE , CRYPT_ERROR_READPRNG , CRYPT_INVALID_CIPHER , CRYPT_INVALID_HASH ,
  CRYPT_INVALID_PRNG , CRYPT_MEM , CRYPT_PK_TYPE_MISMATCH , CRYPT_PK_NOT_PRIVATE ,
  CRYPT_INVALID_ARG , CRYPT_FILE_NOTFOUND , CRYPT_PK_INVALID_TYPE , CRYPT_PK_INVALID_SYSTEM ,
  CRYPT_PK_DUP , CRYPT_PK_NOT_FOUND , CRYPT_PK_INVALID_SIZE , CRYPT_INVALID_PRIME_SIZE
}
 

Functions

int rc2_setup (const unsigned char *key, int keylen, int bits, int num_rounds, rc2_key *skey)
 
void rc2_ecb_encrypt (const unsigned char *pt, unsigned char *ct, rc2_key *key)
 
void rc2_ecb_decrypt (const unsigned char *ct, unsigned char *pt, rc2_key *key)
 
int des_setup (const unsigned char *key, int keylen, int num_rounds, des_key *skey)
 
void des_ecb_encrypt (const unsigned char *pt, unsigned char *ct, const des_key *key)
 
void des_ecb_decrypt (const unsigned char *ct, unsigned char *pt, const des_key *key)
 
int des3_setup (const unsigned char *key, int keylen, int num_rounds, des3_key *skey)
 
void des3_ecb_encrypt (const unsigned char *pt, unsigned char *ct, const des3_key *key)
 
void des3_ecb_decrypt (const unsigned char *ct, unsigned char *pt, const des3_key *key)
 
int aes_setup (const unsigned char *key, int keylen, int rounds, aes_key *skey)
 
void aes_ecb_encrypt (const unsigned char *pt, unsigned char *ct, aes_key *skey)
 
void aes_ecb_decrypt (const unsigned char *ct, unsigned char *pt, aes_key *skey)
 
int md2_init (md2_state *md)
 
int md2_process (md2_state *md, const unsigned char *buf, unsigned long len)
 
int md2_done (md2_state *md, unsigned char *hash)
 
int rc4_start (prng_state *prng)
 
int rc4_add_entropy (const unsigned char *buf, unsigned long len, prng_state *prng)
 
int rc4_ready (prng_state *prng)
 
unsigned long rc4_read (unsigned char *buf, unsigned long len, prng_state *prng)
 
charmp_error_to_string (int code)
 
int mp_init_multi (mp_int *mp,...)
 
void mp_clear_multi (mp_int *mp,...)
 
int mp_shrink (mp_int *a)
 
int mp_set_int (mp_int *a, unsigned long b)
 
unsigned long mp_get_int (const mp_int *a)
 
int mp_init_set (mp_int *a, mp_digit b)
 
int mp_init_set_int (mp_int *a, unsigned long b)
 
int mp_copy (const mp_int *a, mp_int *b)
 
int mp_init_copy (mp_int *a, const mp_int *b)
 
int mp_rand (mp_int *a, int digits)
 
int mp_xor (mp_int *a, mp_int *b, mp_int *c)
 
int mp_or (mp_int *a, mp_int *b, mp_int *c)
 
int mp_and (mp_int *a, mp_int *b, mp_int *c)
 
int mp_neg (mp_int *a, mp_int *b)
 
int mp_cmp (const mp_int *a, const mp_int *b)
 
int mp_add (mp_int *a, mp_int *b, mp_int *c)
 
int mp_sub (mp_int *a, mp_int *b, mp_int *c)
 
int mp_mul (const mp_int *a, const mp_int *b, mp_int *c)
 
int mp_mod (const mp_int *a, mp_int *b, mp_int *c)
 
int mp_cmp_d (const mp_int *a, mp_digit b)
 
int mp_sub_d (mp_int *a, mp_digit b, mp_int *c)
 
int mp_div_3 (mp_int *a, mp_int *c, mp_digit *d)
 
int mp_expt_d (mp_int *a, mp_digit b, mp_int *c)
 
int mp_addmod (mp_int *a, mp_int *b, mp_int *c, mp_int *d)
 
int mp_submod (mp_int *a, mp_int *b, mp_int *c, mp_int *d)
 
int mp_mulmod (const mp_int *a, const mp_int *b, mp_int *c, mp_int *d)
 
int mp_invmod (const mp_int *a, mp_int *b, mp_int *c)
 
int mp_gcd (const mp_int *a, const mp_int *b, mp_int *c)
 
int mp_exteuclid (mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3)
 
int mp_lcm (const mp_int *a, const mp_int *b, mp_int *c)
 
int mp_n_root (mp_int *a, mp_digit b, mp_int *c)
 
int mp_sqrt (mp_int *arg, mp_int *ret)
 
int mp_is_square (mp_int *arg, int *ret)
 
int mp_jacobi (mp_int *a, mp_int *n, int *c)
 
int mp_dr_is_modulus (mp_int *a)
 
int mp_reduce_is_2k (mp_int *a)
 
int mp_exptmod (const mp_int *a, const mp_int *b, mp_int *c, mp_int *d)
 
int mp_prime_fermat (mp_int *a, mp_int *b, int *result)
 
int mp_prime_rabin_miller_trials (int size)
 
int mp_prime_next_prime (mp_int *a, int t, int bbs_style)
 
int mp_prime_random_ex (mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat)
 
int mp_count_bits (const mp_int *a)
 
int mp_unsigned_bin_size (const mp_int *a)
 
int mp_read_unsigned_bin (mp_int *a, const unsigned char *b, int c)
 
int mp_to_unsigned_bin (const mp_int *a, unsigned char *b)
 
int mp_read_signed_bin (mp_int *a, unsigned char *b, int c)
 
int mp_to_signed_bin (mp_int *a, unsigned char *b)
 
int mp_read_radix (mp_int *a, char *str, int radix)
 
int mp_toradix (mp_int *a, char *str, int radix)
 
int mp_toradix_n (mp_int *a, char *str, int radix, int maxlen)
 
int mp_radix_size (mp_int *a, int radix, int *size)
 
int mp_fread (mp_int *a, int radix, FILE *stream)
 
int mp_fwrite (mp_int *a, int radix, FILE *stream)
 
int rsa_make_key (int size, long e, rsa_key *key)
 
int rsa_exptmod (const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, rsa_key *key)
 
void rsa_free (rsa_key *key)
 

Variables

const charmp_s_rmap
 

Macro Definition Documentation

◆ byte

#define byte (   x,
  n 
)    (((x) >> (8 * (n))) & 255)

Definition at line 118 of file tomcrypt.h.

◆ CONST64

#define CONST64 (   a,
  b 
)    ((((ULONG64)(a)) << 32) | (b))

Definition at line 78 of file tomcrypt.h.

◆ DIGIT

#define DIGIT (   m,
  k 
)    ((m)->dp[(k)])

Definition at line 233 of file tomcrypt.h.

◆ DIGIT_BIT

#define DIGIT_BIT   28

Definition at line 186 of file tomcrypt.h.

◆ LOAD32H

#define LOAD32H (   x,
  y 
)
Value:
{ x = ((unsigned long)((y)[0] & 255)<<24) | \
((unsigned long)((y)[1] & 255)<<16) | \
((unsigned long)((y)[2] & 255)<<8) | \
((unsigned long)((y)[3] & 255)); }
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
GLint GLint GLint GLint GLint GLint y
Definition: gl.h:1548
#define long
Definition: qsort.c:33

Definition at line 91 of file tomcrypt.h.

◆ LTM_PRIME_2MSB_OFF

#define LTM_PRIME_2MSB_OFF   0x0004 /* force 2nd MSB to 0 */

Definition at line 211 of file tomcrypt.h.

◆ LTM_PRIME_2MSB_ON

#define LTM_PRIME_2MSB_ON   0x0008 /* force 2nd MSB to 1 */

Definition at line 212 of file tomcrypt.h.

◆ LTM_PRIME_BBS

#define LTM_PRIME_BBS   0x0001 /* BBS style prime */

Definition at line 209 of file tomcrypt.h.

◆ LTM_PRIME_SAFE

#define LTM_PRIME_SAFE   0x0002 /* Safe prime (p-1)/2 == prime */

Definition at line 210 of file tomcrypt.h.

◆ MAX_RSA_SIZE

#define MAX_RSA_SIZE   16384

Definition at line 454 of file tomcrypt.h.

◆ MIN

#define MIN (   x,
  y 
)    ( ((x)<(y))?(x):(y) )

Definition at line 116 of file tomcrypt.h.

◆ MIN_RSA_SIZE

#define MIN_RSA_SIZE   384

Definition at line 453 of file tomcrypt.h.

◆ MP_DIGIT_BIT

#define MP_DIGIT_BIT   DIGIT_BIT

Definition at line 188 of file tomcrypt.h.

◆ MP_DIGIT_MAX

#define MP_DIGIT_MAX   MP_MASK

Definition at line 190 of file tomcrypt.h.

◆ MP_EQ

#define MP_EQ   0 /* equal to */

Definition at line 194 of file tomcrypt.h.

◆ MP_GT

#define MP_GT   1 /* greater than */

Definition at line 195 of file tomcrypt.h.

◆ mp_iseven

#define mp_iseven (   a)    (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)

Definition at line 249 of file tomcrypt.h.

◆ mp_isodd

#define mp_isodd (   a)    (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)

Definition at line 250 of file tomcrypt.h.

◆ mp_iszero

#define mp_iszero (   a)    (((a)->used == 0) ? MP_YES : MP_NO)

Definition at line 248 of file tomcrypt.h.

◆ MP_LT

#define MP_LT   -1 /* less than */

Definition at line 193 of file tomcrypt.h.

◆ mp_mag_size

#define mp_mag_size (   mp)    mp_unsigned_bin_size(mp)

Definition at line 439 of file tomcrypt.h.

◆ MP_MASK

#define MP_MASK   ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))

Definition at line 189 of file tomcrypt.h.

◆ MP_MEM

#define MP_MEM   -2 /* out of mem */

Definition at line 201 of file tomcrypt.h.

◆ MP_NEG

#define MP_NEG   1 /* negative */

Definition at line 198 of file tomcrypt.h.

◆ MP_NO

#define MP_NO   0 /* no response */

Definition at line 206 of file tomcrypt.h.

◆ MP_OKAY

#define MP_OKAY   0 /* ok result */

Definition at line 200 of file tomcrypt.h.

◆ MP_PREC

#define MP_PREC   64 /* default digits of precision */

Definition at line 219 of file tomcrypt.h.

◆ mp_prime_random

#define mp_prime_random (   a,
  t,
  size,
  bbs,
  cb,
  dat 
)    mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)

Definition at line 399 of file tomcrypt.h.

◆ MP_RANGE

#define MP_RANGE   MP_VAL

Definition at line 203 of file tomcrypt.h.

◆ mp_raw_size

#define mp_raw_size (   mp)    mp_signed_bin_size(mp)

Definition at line 436 of file tomcrypt.h.

◆ mp_read_mag

#define mp_read_mag (   mp,
  str,
  len 
)    mp_read_unsigned_bin((mp), (str), (len))

Definition at line 438 of file tomcrypt.h.

◆ mp_read_raw

#define mp_read_raw (   mp,
  str,
  len 
)    mp_read_signed_bin((mp), (str), (len))

Definition at line 435 of file tomcrypt.h.

◆ mp_tobinary

#define mp_tobinary (   M,
  S 
)    mp_toradix((M), (S), 2)

Definition at line 442 of file tomcrypt.h.

◆ mp_todecimal

#define mp_todecimal (   M,
  S 
)    mp_toradix((M), (S), 10)

Definition at line 444 of file tomcrypt.h.

◆ mp_tohex

#define mp_tohex (   M,
  S 
)    mp_toradix((M), (S), 16)

Definition at line 445 of file tomcrypt.h.

◆ mp_tomag

#define mp_tomag (   mp,
  str 
)    mp_to_unsigned_bin((mp), (str))

Definition at line 440 of file tomcrypt.h.

◆ mp_tooctal

#define mp_tooctal (   M,
  S 
)    mp_toradix((M), (S), 8)

Definition at line 443 of file tomcrypt.h.

◆ mp_toraw

#define mp_toraw (   mp,
  str 
)    mp_to_signed_bin((mp), (str))

Definition at line 437 of file tomcrypt.h.

◆ MP_VAL

#define MP_VAL   -3 /* invalid input */

Definition at line 202 of file tomcrypt.h.

◆ MP_WARRAY

#define MP_WARRAY   (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))

Definition at line 222 of file tomcrypt.h.

◆ MP_YES

#define MP_YES   1 /* yes response */

Definition at line 205 of file tomcrypt.h.

◆ MP_ZPOS

#define MP_ZPOS   0 /* positive integer */

Definition at line 197 of file tomcrypt.h.

◆ PK_PRIVATE

#define PK_PRIVATE   0 /* PK private keys */

Definition at line 449 of file tomcrypt.h.

◆ PK_PUBLIC

#define PK_PUBLIC   1 /* PK public keys */

Definition at line 450 of file tomcrypt.h.

◆ PRIME_SIZE

#define PRIME_SIZE   256

Definition at line 371 of file tomcrypt.h.

◆ ROR

#define ROR (   x,
  y 
)
Value:
( ((((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)((y)&31)) | \
((unsigned long)(x)<<(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)

Definition at line 110 of file tomcrypt.h.

◆ STORE32H

#define STORE32H (   x,
  y 
)
Value:
{ (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \
(y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); }

Definition at line 87 of file tomcrypt.h.

Typedef Documentation

◆ aes_key

◆ des3_key

◆ des_key

◆ ltm_prime_callback

typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat)

Definition at line 231 of file tomcrypt.h.

◆ md2_state

◆ mp_digit

Definition at line 184 of file tomcrypt.h.

◆ mp_err

typedef int mp_err

Definition at line 214 of file tomcrypt.h.

◆ mp_word

typedef ulong64 mp_word

Definition at line 185 of file tomcrypt.h.

◆ prng_state

typedef union Prng_state prng_state

◆ rc2_key

◆ rsa_key

◆ ulong32

typedef ULONG32 ulong32

Definition at line 84 of file tomcrypt.h.

◆ ulong64

typedef ULONG64 ulong64

Definition at line 79 of file tomcrypt.h.

Enumeration Type Documentation

◆ anonymous enum

anonymous enum
Enumerator
CRYPT_OK 
CRYPT_ERROR 
CRYPT_NOP 
CRYPT_INVALID_KEYSIZE 
CRYPT_INVALID_ROUNDS 
CRYPT_FAIL_TESTVECTOR 
CRYPT_BUFFER_OVERFLOW 
CRYPT_INVALID_PACKET 
CRYPT_INVALID_PRNGSIZE 
CRYPT_ERROR_READPRNG 
CRYPT_INVALID_CIPHER 
CRYPT_INVALID_HASH 
CRYPT_INVALID_PRNG 
CRYPT_MEM 
CRYPT_PK_TYPE_MISMATCH 
CRYPT_PK_NOT_PRIVATE 
CRYPT_INVALID_ARG 
CRYPT_FILE_NOTFOUND 
CRYPT_PK_INVALID_TYPE 
CRYPT_PK_INVALID_SYSTEM 
CRYPT_PK_DUP 
CRYPT_PK_NOT_FOUND 
CRYPT_PK_INVALID_SIZE 
CRYPT_INVALID_PRIME_SIZE 

Definition at line 42 of file tomcrypt.h.

42 {
43 CRYPT_OK=0, /* Result OK */
44 CRYPT_ERROR, /* Generic Error */
45 CRYPT_NOP, /* Not a failure but no operation was performed */
46
47 CRYPT_INVALID_KEYSIZE, /* Invalid key size given */
48 CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */
49 CRYPT_FAIL_TESTVECTOR, /* Algorithm failed test vectors */
50
51 CRYPT_BUFFER_OVERFLOW, /* Not enough space for output */
52 CRYPT_INVALID_PACKET, /* Invalid input packet given */
53
54 CRYPT_INVALID_PRNGSIZE, /* Invalid number of bits for a PRNG */
55 CRYPT_ERROR_READPRNG, /* Could not read enough from PRNG */
56
57 CRYPT_INVALID_CIPHER, /* Invalid cipher specified */
58 CRYPT_INVALID_HASH, /* Invalid hash specified */
59 CRYPT_INVALID_PRNG, /* Invalid PRNG specified */
60
61 CRYPT_MEM, /* Out of memory */
62
63 CRYPT_PK_TYPE_MISMATCH, /* Not equivalent types of PK keys */
64 CRYPT_PK_NOT_PRIVATE, /* Requires a private PK key */
65
66 CRYPT_INVALID_ARG, /* Generic invalid argument */
67 CRYPT_FILE_NOTFOUND, /* File Not Found */
68
69 CRYPT_PK_INVALID_TYPE, /* Invalid type of PK key */
70 CRYPT_PK_INVALID_SYSTEM,/* Invalid PK system specified */
71 CRYPT_PK_DUP, /* Duplicate key already in key ring */
72 CRYPT_PK_NOT_FOUND, /* Key not found in keyring */
73 CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */
74
75 CRYPT_INVALID_PRIME_SIZE/* Invalid size of prime requested */
76};
@ CRYPT_ERROR
Definition: tomcrypt.h:44
@ CRYPT_MEM
Definition: tomcrypt.h:61
@ CRYPT_PK_INVALID_TYPE
Definition: tomcrypt.h:69
@ CRYPT_INVALID_CIPHER
Definition: tomcrypt.h:57
@ CRYPT_PK_TYPE_MISMATCH
Definition: tomcrypt.h:63
@ CRYPT_INVALID_PRIME_SIZE
Definition: tomcrypt.h:75
@ CRYPT_PK_INVALID_SYSTEM
Definition: tomcrypt.h:70
@ CRYPT_INVALID_PRNG
Definition: tomcrypt.h:59
@ CRYPT_ERROR_READPRNG
Definition: tomcrypt.h:55
@ CRYPT_INVALID_ROUNDS
Definition: tomcrypt.h:48
@ CRYPT_PK_NOT_FOUND
Definition: tomcrypt.h:72
@ CRYPT_INVALID_ARG
Definition: tomcrypt.h:66
@ CRYPT_INVALID_PACKET
Definition: tomcrypt.h:52
@ CRYPT_FILE_NOTFOUND
Definition: tomcrypt.h:67
@ CRYPT_INVALID_KEYSIZE
Definition: tomcrypt.h:47
@ CRYPT_PK_NOT_PRIVATE
Definition: tomcrypt.h:64
@ CRYPT_INVALID_PRNGSIZE
Definition: tomcrypt.h:54
@ CRYPT_NOP
Definition: tomcrypt.h:45
@ CRYPT_BUFFER_OVERFLOW
Definition: tomcrypt.h:51
@ CRYPT_OK
Definition: tomcrypt.h:43
@ CRYPT_PK_INVALID_SIZE
Definition: tomcrypt.h:73
@ CRYPT_PK_DUP
Definition: tomcrypt.h:71
@ CRYPT_INVALID_HASH
Definition: tomcrypt.h:58
@ CRYPT_FAIL_TESTVECTOR
Definition: tomcrypt.h:49

Function Documentation

◆ aes_ecb_decrypt()

void aes_ecb_decrypt ( const unsigned char ct,
unsigned char pt,
aes_key skey 
)

Definition at line 1165 of file aes.c.

1166{
1167 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
1168 int Nr, r;
1169
1170 Nr = skey->Nr;
1171 rk = skey->dK;
1172
1173 LOAD32H(s0, ct ); s0 ^= rk[0];
1174 LOAD32H(s1, ct + 4); s1 ^= rk[1];
1175 LOAD32H(s2, ct + 8); s2 ^= rk[2];
1176 LOAD32H(s3, ct + 12); s3 ^= rk[3];
1177
1178 r = Nr >> 1;
1179 for (;;) {
1180
1181 t0 =
1182 Td0(byte(s0, 3)) ^
1183 Td1(byte(s3, 2)) ^
1184 Td2(byte(s2, 1)) ^
1185 Td3(byte(s1, 0)) ^
1186 rk[4];
1187 t1 =
1188 Td0(byte(s1, 3)) ^
1189 Td1(byte(s0, 2)) ^
1190 Td2(byte(s3, 1)) ^
1191 Td3(byte(s2, 0)) ^
1192 rk[5];
1193 t2 =
1194 Td0(byte(s2, 3)) ^
1195 Td1(byte(s1, 2)) ^
1196 Td2(byte(s0, 1)) ^
1197 Td3(byte(s3, 0)) ^
1198 rk[6];
1199 t3 =
1200 Td0(byte(s3, 3)) ^
1201 Td1(byte(s2, 2)) ^
1202 Td2(byte(s1, 1)) ^
1203 Td3(byte(s0, 0)) ^
1204 rk[7];
1205
1206 rk += 8;
1207 if (--r == 0) {
1208 break;
1209 }
1210
1211
1212 s0 =
1213 Td0(byte(t0, 3)) ^
1214 Td1(byte(t3, 2)) ^
1215 Td2(byte(t2, 1)) ^
1216 Td3(byte(t1, 0)) ^
1217 rk[0];
1218 s1 =
1219 Td0(byte(t1, 3)) ^
1220 Td1(byte(t0, 2)) ^
1221 Td2(byte(t3, 1)) ^
1222 Td3(byte(t2, 0)) ^
1223 rk[1];
1224 s2 =
1225 Td0(byte(t2, 3)) ^
1226 Td1(byte(t1, 2)) ^
1227 Td2(byte(t0, 1)) ^
1228 Td3(byte(t3, 0)) ^
1229 rk[2];
1230 s3 =
1231 Td0(byte(t3, 3)) ^
1232 Td1(byte(t2, 2)) ^
1233 Td2(byte(t1, 1)) ^
1234 Td3(byte(t0, 0)) ^
1235 rk[3];
1236 }
1237
1238 s0 =
1239 (Td4[byte(t0, 3)] & 0xff000000) ^
1240 (Td4[byte(t3, 2)] & 0x00ff0000) ^
1241 (Td4[byte(t2, 1)] & 0x0000ff00) ^
1242 (Td4[byte(t1, 0)] & 0x000000ff) ^
1243 rk[0];
1244 STORE32H(s0, pt);
1245 s1 =
1246 (Td4[byte(t1, 3)] & 0xff000000) ^
1247 (Td4[byte(t0, 2)] & 0x00ff0000) ^
1248 (Td4[byte(t3, 1)] & 0x0000ff00) ^
1249 (Td4[byte(t2, 0)] & 0x000000ff) ^
1250 rk[1];
1251 STORE32H(s1, pt+4);
1252 s2 =
1253 (Td4[byte(t2, 3)] & 0xff000000) ^
1254 (Td4[byte(t1, 2)] & 0x00ff0000) ^
1255 (Td4[byte(t0, 1)] & 0x0000ff00) ^
1256 (Td4[byte(t3, 0)] & 0x000000ff) ^
1257 rk[2];
1258 STORE32H(s2, pt+8);
1259 s3 =
1260 (Td4[byte(t3, 3)] & 0xff000000) ^
1261 (Td4[byte(t2, 2)] & 0x00ff0000) ^
1262 (Td4[byte(t1, 1)] & 0x0000ff00) ^
1263 (Td4[byte(t0, 0)] & 0x000000ff) ^
1264 rk[3];
1265 STORE32H(s3, pt+12);
1266}
#define Td1(x)
Definition: aes.c:240
#define Td2(x)
Definition: aes.c:241
#define Td3(x)
Definition: aes.c:242
static const ulong32 Td4[256]
Definition: aes.c:167
#define Td0(x)
Definition: aes.c:239
#define STORE32H(x, y)
Definition: tomcrypt.h:87
ULONG32 ulong32
Definition: tomcrypt.h:84
#define byte(x, n)
Definition: tomcrypt.h:118
#define LOAD32H(x, y)
Definition: tomcrypt.h:91
#define pt(x, y)
Definition: drawing.c:79
GLdouble GLdouble GLdouble r
Definition: gl.h:2055
struct S1 s1
struct S2 s2
ulong32 dK[64]
Definition: tomcrypt.h:133

Referenced by encrypt_block_impl(), and KsecDecryptMemoryAes().

◆ aes_ecb_encrypt()

void aes_ecb_encrypt ( const unsigned char pt,
unsigned char ct,
aes_key skey 
)

Definition at line 1064 of file aes.c.

1065{
1066 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
1067 int Nr, r;
1068
1069 Nr = skey->Nr;
1070 rk = skey->eK;
1071
1072 LOAD32H(s0, pt ); s0 ^= rk[0];
1073 LOAD32H(s1, pt + 4); s1 ^= rk[1];
1074 LOAD32H(s2, pt + 8); s2 ^= rk[2];
1075 LOAD32H(s3, pt + 12); s3 ^= rk[3];
1076
1077 r = Nr >> 1;
1078 for (;;) {
1079 t0 =
1080 Te0(byte(s0, 3)) ^
1081 Te1(byte(s1, 2)) ^
1082 Te2(byte(s2, 1)) ^
1083 Te3(byte(s3, 0)) ^
1084 rk[4];
1085 t1 =
1086 Te0(byte(s1, 3)) ^
1087 Te1(byte(s2, 2)) ^
1088 Te2(byte(s3, 1)) ^
1089 Te3(byte(s0, 0)) ^
1090 rk[5];
1091 t2 =
1092 Te0(byte(s2, 3)) ^
1093 Te1(byte(s3, 2)) ^
1094 Te2(byte(s0, 1)) ^
1095 Te3(byte(s1, 0)) ^
1096 rk[6];
1097 t3 =
1098 Te0(byte(s3, 3)) ^
1099 Te1(byte(s0, 2)) ^
1100 Te2(byte(s1, 1)) ^
1101 Te3(byte(s2, 0)) ^
1102 rk[7];
1103
1104 rk += 8;
1105 if (--r == 0) {
1106 break;
1107 }
1108
1109 s0 =
1110 Te0(byte(t0, 3)) ^
1111 Te1(byte(t1, 2)) ^
1112 Te2(byte(t2, 1)) ^
1113 Te3(byte(t3, 0)) ^
1114 rk[0];
1115 s1 =
1116 Te0(byte(t1, 3)) ^
1117 Te1(byte(t2, 2)) ^
1118 Te2(byte(t3, 1)) ^
1119 Te3(byte(t0, 0)) ^
1120 rk[1];
1121 s2 =
1122 Te0(byte(t2, 3)) ^
1123 Te1(byte(t3, 2)) ^
1124 Te2(byte(t0, 1)) ^
1125 Te3(byte(t1, 0)) ^
1126 rk[2];
1127 s3 =
1128 Te0(byte(t3, 3)) ^
1129 Te1(byte(t0, 2)) ^
1130 Te2(byte(t1, 1)) ^
1131 Te3(byte(t2, 0)) ^
1132 rk[3];
1133 }
1134
1135 s0 =
1136 (Te4_3[byte(t0, 3)]) ^
1137 (Te4_2[byte(t1, 2)]) ^
1138 (Te4_1[byte(t2, 1)]) ^
1139 (Te4_0[byte(t3, 0)]) ^
1140 rk[0];
1141 STORE32H(s0, ct);
1142 s1 =
1143 (Te4_3[byte(t1, 3)]) ^
1144 (Te4_2[byte(t2, 2)]) ^
1145 (Te4_1[byte(t3, 1)]) ^
1146 (Te4_0[byte(t0, 0)]) ^
1147 rk[1];
1148 STORE32H(s1, ct+4);
1149 s2 =
1150 (Te4_3[byte(t2, 3)]) ^
1151 (Te4_2[byte(t3, 2)]) ^
1152 (Te4_1[byte(t0, 1)]) ^
1153 (Te4_0[byte(t1, 0)]) ^
1154 rk[2];
1155 STORE32H(s2, ct+8);
1156 s3 =
1157 (Te4_3[byte(t3, 3)]) ^
1158 (Te4_2[byte(t0, 2)]) ^
1159 (Te4_1[byte(t1, 1)]) ^
1160 (Te4_0[byte(t2, 0)]) ^
1161 rk[3];
1162 STORE32H(s3, ct+12);
1163}
static const ulong32 Te4_2[]
Definition: aes.c:514
static const ulong32 Te4_0[]
Definition: aes.c:444
#define Te2(x)
Definition: aes.c:236
static const ulong32 Te4_1[]
Definition: aes.c:479
static const ulong32 Te4_3[]
Definition: aes.c:549
#define Te0(x)
Definition: aes.c:234
#define Te3(x)
Definition: aes.c:237
#define Te1(x)
Definition: aes.c:235
ulong32 eK[64]
Definition: tomcrypt.h:133

Referenced by encrypt_block_impl(), and KsecEncryptMemoryAes().

◆ aes_setup()

int aes_setup ( const unsigned char key,
int  keylen,
int  rounds,
aes_key skey 
)

Definition at line 937 of file aes.c.

938{
939 int i, j;
940 ulong32 temp, *rk;
941 ulong32 *rrk;
942
943 if (keylen != 16 && keylen != 24 && keylen != 32) {
945 }
946
947 if (rounds != 0 && rounds != (10 + ((keylen/8)-2)*2)) {
949 }
950
951 skey->Nr = 10 + ((keylen/8)-2)*2;
952
953 /* setup the forward key */
954 i = 0;
955 rk = skey->eK;
956 LOAD32H(rk[0], key );
957 LOAD32H(rk[1], key + 4);
958 LOAD32H(rk[2], key + 8);
959 LOAD32H(rk[3], key + 12);
960 if (keylen == 16) {
961 j = 44;
962 for (;;) {
963 temp = rk[3];
964 rk[4] = rk[0] ^ setup_mix(temp) ^ rcon[i];
965 rk[5] = rk[1] ^ rk[4];
966 rk[6] = rk[2] ^ rk[5];
967 rk[7] = rk[3] ^ rk[6];
968 if (++i == 10) {
969 break;
970 }
971 rk += 4;
972 }
973 } else if (keylen == 24) {
974 j = 52;
975 LOAD32H(rk[4], key + 16);
976 LOAD32H(rk[5], key + 20);
977 for (;;) {
978 temp = rk[5];
979 rk[ 6] = rk[ 0] ^ setup_mix(temp) ^ rcon[i];
980 rk[ 7] = rk[ 1] ^ rk[ 6];
981 rk[ 8] = rk[ 2] ^ rk[ 7];
982 rk[ 9] = rk[ 3] ^ rk[ 8];
983 if (++i == 8) {
984 break;
985 }
986 rk[10] = rk[ 4] ^ rk[ 9];
987 rk[11] = rk[ 5] ^ rk[10];
988 rk += 6;
989 }
990 } else if (keylen == 32) {
991 j = 60;
992 LOAD32H(rk[4], key + 16);
993 LOAD32H(rk[5], key + 20);
994 LOAD32H(rk[6], key + 24);
995 LOAD32H(rk[7], key + 28);
996 for (;;) {
997 temp = rk[7];
998 rk[ 8] = rk[ 0] ^ setup_mix(temp) ^ rcon[i];
999 rk[ 9] = rk[ 1] ^ rk[ 8];
1000 rk[10] = rk[ 2] ^ rk[ 9];
1001 rk[11] = rk[ 3] ^ rk[10];
1002 if (++i == 7) {
1003 break;
1004 }
1005 temp = rk[11];
1006 rk[12] = rk[ 4] ^ setup_mix(ROR(temp, 8));
1007 rk[13] = rk[ 5] ^ rk[12];
1008 rk[14] = rk[ 6] ^ rk[13];
1009 rk[15] = rk[ 7] ^ rk[14];
1010 rk += 8;
1011 }
1012 } else {
1013 j = 4;
1014 }
1015
1016 rk = skey->dK;
1017 rrk = skey->eK + j - 4;
1018
1019 *rk++ = *rrk++;
1020 *rk++ = *rrk++;
1021 *rk++ = *rrk++;
1022 *rk = *rrk;
1023 rk -= 3; rrk -= 3;
1024
1025 for (i = 1; i < skey->Nr; i++) {
1026 rrk -= 4;
1027 rk += 4;
1028 temp = rrk[0];
1029 rk[0] =
1030 Tks0[byte(temp, 3)] ^
1031 Tks1[byte(temp, 2)] ^
1032 Tks2[byte(temp, 1)] ^
1033 Tks3[byte(temp, 0)];
1034 temp = rrk[1];
1035 rk[1] =
1036 Tks0[byte(temp, 3)] ^
1037 Tks1[byte(temp, 2)] ^
1038 Tks2[byte(temp, 1)] ^
1039 Tks3[byte(temp, 0)];
1040 temp = rrk[2];
1041 rk[2] =
1042 Tks0[byte(temp, 3)] ^
1043 Tks1[byte(temp, 2)] ^
1044 Tks2[byte(temp, 1)] ^
1045 Tks3[byte(temp, 0)];
1046 temp = rrk[3];
1047 rk[3] =
1048 Tks0[byte(temp, 3)] ^
1049 Tks1[byte(temp, 2)] ^
1050 Tks2[byte(temp, 1)] ^
1051 Tks3[byte(temp, 0)];
1052 }
1053
1054 rrk -= 4;
1055 rk += 4;
1056 *rk++ = *rrk++;
1057 *rk++ = *rrk++;
1058 *rk++ = *rrk++;
1059 *rk = *rrk;
1060
1061 return CRYPT_OK;
1062}
static ulong32 setup_mix(ulong32 temp)
Definition: aes.c:929
static const ulong32 Tks1[]
Definition: aes.c:818
static const ulong32 Tks0[]
Definition: aes.c:783
static const ulong32 Tks2[]
Definition: aes.c:853
static const ulong32 Tks3[]
Definition: aes.c:888
static const ulong32 rcon[]
Definition: aes.c:923
#define ROR(x, y)
Definition: tomcrypt.h:110
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
static calc_node_t temp
Definition: rpn_ieee.c:38
Definition: copy.c:22

Referenced by KsecGetAesKey(), KsecInitializeEncryptionSupport(), and setup_key_impl().

◆ des3_ecb_decrypt()

void des3_ecb_decrypt ( const unsigned char ct,
unsigned char pt,
const des3_key key 
)

Definition at line 1485 of file des.c.

1486{
1487 ulong32 work[2];
1488 LOAD32H(work[0], ct+0);
1489 LOAD32H(work[1], ct+4);
1490 desfunc(work, des3->dk[0]);
1491 desfunc(work, des3->dk[1]);
1492 desfunc(work, des3->dk[2]);
1493 STORE32H(work[0],pt+0);
1494 STORE32H(work[1],pt+4);
1495}
static void desfunc(ulong32 *block, const ulong32 *keys)
Definition: des.c:1357

Referenced by encrypt_block_impl(), and KsecDecryptMemoryDes3().

◆ des3_ecb_encrypt()

void des3_ecb_encrypt ( const unsigned char pt,
unsigned char ct,
const des3_key key 
)

Definition at line 1473 of file des.c.

1474{
1475 ulong32 work[2];
1476 LOAD32H(work[0], pt+0);
1477 LOAD32H(work[1], pt+4);
1478 desfunc(work, des3->ek[0]);
1479 desfunc(work, des3->ek[1]);
1480 desfunc(work, des3->ek[2]);
1481 STORE32H(work[0],ct+0);
1482 STORE32H(work[1],ct+4);
1483}

Referenced by encrypt_block_impl(), and KsecEncryptMemoryDes3().

◆ des3_setup()

int des3_setup ( const unsigned char key,
int  keylen,
int  num_rounds,
des3_key skey 
)

Definition at line 1432 of file des.c.

1433{
1434 if(num_rounds != 0 && num_rounds != 16) {
1435 return CRYPT_INVALID_ROUNDS;
1436 }
1437
1438 if (keylen != 24) {
1439 return CRYPT_INVALID_KEYSIZE;
1440 }
1441
1442 deskey(key, EN0, des3->ek[0]);
1443 deskey(key+8, DE1, des3->ek[1]);
1444 deskey(key+16, EN0, des3->ek[2]);
1445
1446 deskey(key, DE1, des3->dk[2]);
1447 deskey(key+8, EN0, des3->dk[1]);
1448 deskey(key+16, DE1, des3->dk[0]);
1449
1450 return CRYPT_OK;
1451}
static void deskey(const unsigned char *key, short edf, ulong32 *keyout)
Definition: des.c:1285
#define DE1
Definition: des.c:35
#define EN0
Definition: des.c:34

Referenced by KsecGetDes3Key(), KsecInitializeEncryptionSupport(), and setup_key_impl().

◆ des_ecb_decrypt()

void des_ecb_decrypt ( const unsigned char ct,
unsigned char pt,
const des_key key 
)

Definition at line 1463 of file des.c.

1464{
1465 ulong32 work[2];
1466 LOAD32H(work[0], ct+0);
1467 LOAD32H(work[1], ct+4);
1468 desfunc(work, des->dk);
1469 STORE32H(work[0],pt+0);
1470 STORE32H(work[1],pt+4);
1471}
static const WCHAR des[]
Definition: oid.c:1212

Referenced by encrypt_block_impl().

◆ des_ecb_encrypt()

void des_ecb_encrypt ( const unsigned char pt,
unsigned char ct,
const des_key key 
)

Definition at line 1453 of file des.c.

1454{
1455 ulong32 work[2];
1456 LOAD32H(work[0], pt+0);
1457 LOAD32H(work[1], pt+4);
1458 desfunc(work, des->ek);
1459 STORE32H(work[0],ct+0);
1460 STORE32H(work[1],ct+4);
1461}

Referenced by encrypt_block_impl().

◆ des_setup()

int des_setup ( const unsigned char key,
int  keylen,
int  num_rounds,
des_key skey 
)

Definition at line 1416 of file des.c.

1417{
1418 if (num_rounds != 0 && num_rounds != 16) {
1419 return CRYPT_INVALID_ROUNDS;
1420 }
1421
1422 if (keylen != 8) {
1423 return CRYPT_INVALID_KEYSIZE;
1424 }
1425
1426 deskey(key, EN0, des->ek);
1427 deskey(key, DE1, des->dk);
1428
1429 return CRYPT_OK;
1430}

Referenced by setup_key_impl().

◆ md2_done()

int md2_done ( md2_state md,
unsigned char hash 
)

Definition at line 125 of file md2.c.

126{
127 unsigned long i, k;
128
129 if (md2->curlen >= sizeof(md2->buf)) {
130 return CRYPT_INVALID_ARG;
131 }
132
133 /* pad the message */
134 k = 16 - md2->curlen;
135 for (i = md2->curlen; i < 16; i++) {
136 md2->buf[i] = (unsigned char)k;
137 }
138
139 /* hash and update */
142
143 /* hash checksum */
144 memcpy(md2->buf, md2->chksum, 16);
146
147 /* output is lower 16 bytes of X */
148 memcpy(hash, md2->X, 16);
149
150 return CRYPT_OK;
151}
#define md2
Definition: compat-1.3.h:2014
unsigned char
Definition: typeof.h:29
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
int k
Definition: mpi.c:3369
Definition: _hash_fun.h:40
static void md2_compress(md2_state *md2)
Definition: md2.c:69
static void md2_update_chksum(md2_state *md2)
Definition: md2.c:55

Referenced by finalize_hash_impl().

◆ md2_init()

int md2_init ( md2_state md)

Definition at line 91 of file md2.c.

92{
93 /* MD2 uses a zero'ed state... */
94 memset(md2->X, 0, sizeof(md2->X));
95 memset(md2->chksum, 0, sizeof(md2->chksum));
96 memset(md2->buf, 0, sizeof(md2->buf));
97 md2->curlen = 0;
98 return CRYPT_OK;
99}
#define memset(x, y, z)
Definition: compat.h:39

◆ md2_process()

int md2_process ( md2_state md,
const unsigned char buf,
unsigned long  len 
)

Definition at line 101 of file md2.c.

102{
103 unsigned long n;
104
105 if (md2->curlen > sizeof(md2->buf)) {
106 return CRYPT_INVALID_ARG;
107 }
108 while (len > 0) {
109 n = MIN(len, (16 - md2->curlen));
110 memcpy(md2->buf + md2->curlen, buf, (size_t)n);
111 md2->curlen += n;
112 buf += n;
113 len -= n;
114
115 /* is 16 bytes full? */
116 if (md2->curlen == 16) {
119 md2->curlen = 0;
120 }
121 }
122 return CRYPT_OK;
123}
#define MIN(x, y)
Definition: rdesktop.h:171
GLdouble n
Definition: glext.h:7729
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
GLenum GLsizei len
Definition: glext.h:6722

◆ mp_add()

int mp_add ( mp_int a,
mp_int b,
mp_int c 
)

Definition at line 891 of file mpi.c.

892{
893 int sa, sb, res;
894
895 /* get sign of both inputs */
896 sa = a->sign;
897 sb = b->sign;
898
899 /* handle two cases, not four */
900 if (sa == sb) {
901 /* both positive or both negative */
902 /* add their magnitudes, copy the sign */
903 c->sign = sa;
904 res = s_mp_add (a, b, c);
905 } else {
906 /* one positive, the other negative */
907 /* subtract the one with the greater magnitude from */
908 /* the one of the lesser magnitude. The result gets */
909 /* the sign of the one with the greater magnitude. */
910 if (mp_cmp_mag (a, b) == MP_LT) {
911 c->sign = sb;
912 res = s_mp_sub (b, a, c);
913 } else {
914 c->sign = sa;
915 res = s_mp_sub (a, b, c);
916 }
917 }
918 return res;
919}
static struct sockaddr_in sa
Definition: adnsresfilter.c:69
#define MP_LT
Definition: tomcrypt.h:193
superblock * sb
Definition: btrfs.c:4261
GLuint res
Definition: glext.h:9613
const GLubyte * c
Definition: glext.h:8905
GLboolean GLboolean GLboolean b
Definition: glext.h:6204
GLboolean GLboolean GLboolean GLboolean a
Definition: glext.h:6204
static int mp_cmp_mag(const mp_int *a, const mp_int *b)
Definition: mpi.c:1090
static int s_mp_add(mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:3925
static int s_mp_sub(const mp_int *a, const mp_int *b, mp_int *c)
Definition: mpi.c:4412

Referenced by fast_mp_invmod(), mp_div(), mp_invmod_slow(), mp_karatsuba_mul(), mp_karatsuba_sqr(), mp_mod(), mp_reduce(), and rsa_exptmod().

◆ mp_addmod()

int mp_addmod ( mp_int a,
mp_int b,
mp_int c,
mp_int d 
)

◆ mp_and()

int mp_and ( mp_int a,
mp_int b,
mp_int c 
)

◆ mp_clear_multi()

void mp_clear_multi ( mp_int mp,
  ... 
)

Definition at line 1032 of file mpi.c.

1033{
1034 mp_int* next_mp = mp;
1035 va_list args;
1036 va_start(args, mp);
1037 while (next_mp != NULL) {
1038 mp_clear(next_mp);
1039 next_mp = va_arg(args, mp_int*);
1040 }
1041 va_end(args);
1042}
char * va_list
Definition: acmsvcex.h:78
#define va_end(ap)
Definition: acmsvcex.h:90
#define va_start(ap, A)
Definition: acmsvcex.h:91
#define va_arg(ap, T)
Definition: acmsvcex.h:89
#define NULL
Definition: types.h:112
static void mp_clear(mp_int *a)
Definition: mpi.c:255
#define args
Definition: format.c:66
Definition: match.c:390

Referenced by fast_mp_invmod(), mp_exptmod(), mp_invmod_slow(), mp_lcm(), rsa_exptmod(), rsa_free(), and rsa_make_key().

◆ mp_cmp()

int mp_cmp ( const mp_int a,
const mp_int b 
)

Definition at line 1046 of file mpi.c.

1047{
1048 /* compare based on sign */
1049 if (a->sign != b->sign) {
1050 if (a->sign == MP_NEG) {
1051 return MP_LT;
1052 } else {
1053 return MP_GT;
1054 }
1055 }
1056
1057 /* compare digits */
1058 if (a->sign == MP_NEG) {
1059 /* if negative compare opposite direction */
1060 return mp_cmp_mag(b, a);
1061 } else {
1062 return mp_cmp_mag(a, b);
1063 }
1064}
#define MP_NEG
Definition: tomcrypt.h:198
#define MP_GT
Definition: tomcrypt.h:195

Referenced by fast_mp_invmod(), mp_div(), mp_invmod_slow(), mp_prime_miller_rabin(), mp_reduce(), and rsa_exptmod().

◆ mp_cmp_d()

int mp_cmp_d ( const mp_int a,
mp_digit  b 
)

Definition at line 1067 of file mpi.c.

1068{
1069 /* compare based on sign */
1070 if (a->sign == MP_NEG) {
1071 return MP_LT;
1072 }
1073
1074 /* compare based on magnitude */
1075 if (a->used > 1) {
1076 return MP_GT;
1077 }
1078
1079 /* compare the only digit of a to b */
1080 if (a->dp[0] > b) {
1081 return MP_GT;
1082 } else if (a->dp[0] < b) {
1083 return MP_LT;
1084 } else {
1085 return MP_EQ;
1086 }
1087}
#define MP_EQ
Definition: tomcrypt.h:194

Referenced by fast_mp_invmod(), mp_invmod_slow(), mp_prime_is_prime(), mp_prime_miller_rabin(), mp_reduce(), and rsa_make_key().

◆ mp_copy()

int mp_copy ( const mp_int a,
mp_int b 
)

Definition at line 1156 of file mpi.c.

1157{
1158 int res, n;
1159
1160 /* if dst == src do nothing */
1161 if (a == b) {
1162 return MP_OKAY;
1163 }
1164
1165 /* grow dest */
1166 if (b->alloc < a->used) {
1167 if ((res = mp_grow (b, a->used)) != MP_OKAY) {
1168 return res;
1169 }
1170 }
1171
1172 /* zero b and copy the parameters over */
1173 {
1174 register mp_digit *tmpa, *tmpb;
1175
1176 /* pointer aliases */
1177
1178 /* source */
1179 tmpa = a->dp;
1180
1181 /* destination */
1182 tmpb = b->dp;
1183
1184 /* copy all the digits */
1185 for (n = 0; n < a->used; n++) {
1186 *tmpb++ = *tmpa++;
1187 }
1188
1189 /* clear high digits */
1190 for (; n < b->used; n++) {
1191 *tmpb++ = 0;
1192 }
1193 }
1194
1195 /* copy used count and sign */
1196 b->used = a->used;
1197 b->sign = a->sign;
1198 return MP_OKAY;
1199}
unsigned long mp_digit
Definition: tomcrypt.h:184
#define MP_OKAY
Definition: tomcrypt.h:200
static int mp_grow(mp_int *a, int size)
Definition: mpi.c:106

Referenced by fast_mp_invmod(), mp_abs(), mp_div(), mp_div_2d(), mp_div_d(), mp_exptmod_fast(), mp_init_copy(), mp_invmod_slow(), mp_mod_2d(), mp_mul_2d(), rsa_make_key(), and s_mp_exptmod().

◆ mp_count_bits()

int mp_count_bits ( const mp_int a)

Definition at line 1203 of file mpi.c.

1204{
1205 int r;
1206 mp_digit q;
1207
1208 /* shortcut */
1209 if (a->used == 0) {
1210 return 0;
1211 }
1212
1213 /* get number of digits and add that */
1214 r = (a->used - 1) * DIGIT_BIT;
1215
1216 /* take the last digit and count the bits in it */
1217 q = a->dp[a->used - 1];
1218 while (q > 0) {
1219 ++r;
1220 q >>= ((mp_digit) 1);
1221 }
1222 return r;
1223}
#define DIGIT_BIT
Definition: tomcrypt.h:186
GLdouble GLdouble GLdouble GLdouble q
Definition: gl.h:2063

Referenced by encrypt_block_impl(), mp_div(), mp_exptmod_fast(), mp_montgomery_calc_normalization(), mp_reduce_2k(), mp_reduce_2k_setup(), mp_unsigned_bin_size(), and s_mp_exptmod().

◆ mp_div_3()

int mp_div_3 ( mp_int a,
mp_int c,
mp_digit d 
)

◆ mp_dr_is_modulus()

int mp_dr_is_modulus ( mp_int a)

◆ mp_error_to_string()

char * mp_error_to_string ( int  code)

◆ mp_expt_d()

int mp_expt_d ( mp_int a,
mp_digit  b,
mp_int c 
)

◆ mp_exptmod()

int mp_exptmod ( const mp_int a,
const mp_int b,
mp_int c,
mp_int d 
)

Definition at line 1917 of file mpi.c.

1918{
1919 int dr;
1920
1921 /* modulus P must be positive */
1922 if (P->sign == MP_NEG) {
1923 return MP_VAL;
1924 }
1925
1926 /* if exponent X is negative we have to recurse */
1927 if (X->sign == MP_NEG) {
1928 mp_int tmpG, tmpX;
1929 int err;
1930
1931 /* first compute 1/G mod P */
1932 if ((err = mp_init(&tmpG)) != MP_OKAY) {
1933 return err;
1934 }
1935 if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) {
1936 mp_clear(&tmpG);
1937 return err;
1938 }
1939
1940 /* now get |X| */
1941 if ((err = mp_init(&tmpX)) != MP_OKAY) {
1942 mp_clear(&tmpG);
1943 return err;
1944 }
1945 if ((err = mp_abs(X, &tmpX)) != MP_OKAY) {
1946 mp_clear_multi(&tmpG, &tmpX, NULL);
1947 return err;
1948 }
1949
1950 /* and now compute (1/G)**|X| instead of G**X [X < 0] */
1951 err = mp_exptmod(&tmpG, &tmpX, P, Y);
1952 mp_clear_multi(&tmpG, &tmpX, NULL);
1953 return err;
1954 }
1955
1956 dr = 0;
1957
1958 /* if the modulus is odd use the fast method */
1959 if (mp_isodd (P) == 1) {
1960 return mp_exptmod_fast (G, X, P, Y, dr);
1961 } else {
1962 /* otherwise use the generic Barrett reduction technique */
1963 return s_mp_exptmod (G, X, P, Y);
1964 }
1965}
#define G(r, i, a, b, c, d)
Definition: blake2b-ref.c:117
#define Y(I)
#define P(row, col)
#define MP_VAL
Definition: tomcrypt.h:202
#define mp_isodd(a)
Definition: tomcrypt.h:250
static int mp_exptmod_fast(const mp_int *G, const mp_int *X, mp_int *P, mp_int *Y, int mode)
Definition: mpi.c:1976
void mp_clear_multi(mp_int *mp,...)
Definition: mpi.c:1032
int mp_invmod(const mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:2391
static int s_mp_exptmod(const mp_int *G, const mp_int *X, mp_int *P, mp_int *Y)
Definition: mpi.c:4011
int mp_exptmod(const mp_int *G, const mp_int *X, mp_int *P, mp_int *Y)
Definition: mpi.c:1917
static int mp_init(mp_int *a)
Definition: mpi.c:202
static int mp_abs(const mp_int *a, mp_int *b)
Definition: mpi.c:290
#define err(...)

Referenced by mp_exptmod(), mp_prime_miller_rabin(), and rsa_exptmod().

◆ mp_exteuclid()

int mp_exteuclid ( mp_int a,
mp_int b,
mp_int U1,
mp_int U2,
mp_int U3 
)

◆ mp_fread()

int mp_fread ( mp_int a,
int  radix,
FILE stream 
)

◆ mp_fwrite()

int mp_fwrite ( mp_int a,
int  radix,
FILE stream 
)

◆ mp_gcd()

int mp_gcd ( const mp_int a,
const mp_int b,
mp_int c 
)

Definition at line 2228 of file mpi.c.

2229{
2230 mp_int u, v;
2231 int k, u_lsb, v_lsb, res;
2232
2233 /* either zero than gcd is the largest */
2234 if (mp_iszero (a) == 1 && mp_iszero (b) == 0) {
2235 return mp_abs (b, c);
2236 }
2237 if (mp_iszero (a) == 0 && mp_iszero (b) == 1) {
2238 return mp_abs (a, c);
2239 }
2240
2241 /* optimized. At this point if a == 0 then
2242 * b must equal zero too
2243 */
2244 if (mp_iszero (a) == 1) {
2245 mp_zero(c);
2246 return MP_OKAY;
2247 }
2248
2249 /* get copies of a and b we can modify */
2250 if ((res = mp_init_copy (&u, a)) != MP_OKAY) {
2251 return res;
2252 }
2253
2254 if ((res = mp_init_copy (&v, b)) != MP_OKAY) {
2255 goto __U;
2256 }
2257
2258 /* must be positive for the remainder of the algorithm */
2259 u.sign = v.sign = MP_ZPOS;
2260
2261 /* B1. Find the common power of two for u and v */
2262 u_lsb = mp_cnt_lsb(&u);
2263 v_lsb = mp_cnt_lsb(&v);
2264 k = MIN(u_lsb, v_lsb);
2265
2266 if (k > 0) {
2267 /* divide the power of two out */
2268 if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) {
2269 goto __V;
2270 }
2271
2272 if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) {
2273 goto __V;
2274 }
2275 }
2276
2277 /* divide any remaining factors of two out */
2278 if (u_lsb != k) {
2279 if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) {
2280 goto __V;
2281 }
2282 }
2283
2284 if (v_lsb != k) {
2285 if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) {
2286 goto __V;
2287 }
2288 }
2289
2290 while (mp_iszero(&v) == 0) {
2291 /* make sure v is the largest */
2292 if (mp_cmp_mag(&u, &v) == MP_GT) {
2293 /* swap u and v to make sure v is >= u */
2294 mp_exch(&u, &v);
2295 }
2296
2297 /* subtract smallest from largest */
2298 if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) {
2299 goto __V;
2300 }
2301
2302 /* Divide out all factors of two */
2303 if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) {
2304 goto __V;
2305 }
2306 }
2307
2308 /* multiply by 2**k which we divided out at the beginning */
2309 if ((res = mp_mul_2d (&u, k, c)) != MP_OKAY) {
2310 goto __V;
2311 }
2312 c->sign = MP_ZPOS;
2313 res = MP_OKAY;
2314__V:mp_clear (&u);
2315__U:mp_clear (&v);
2316 return res;
2317}
#define MP_ZPOS
Definition: tomcrypt.h:197
#define mp_iszero(a)
Definition: tomcrypt.h:248
const GLdouble * v
Definition: gl.h:2040
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble * u
Definition: glfuncs.h:240
static void mp_exch(mp_int *a, mp_int *b)
Definition: mpi.c:192
static void mp_zero(mp_int *a)
Definition: mpi.c:278
int mp_init_copy(mp_int *a, const mp_int *b)
Definition: mpi.c:2344
static int mp_mul_2d(const mp_int *a, int b, mp_int *c)
Definition: mpi.c:1432
static int mp_cnt_lsb(const mp_int *a)
Definition: mpi.c:1128
static int mp_div_2d(const mp_int *a, int b, mp_int *c, mp_int *d)
Definition: mpi.c:1310

Referenced by mp_lcm(), and rsa_make_key().

◆ mp_get_int()

unsigned long mp_get_int ( const mp_int a)

Definition at line 2320 of file mpi.c.

2321{
2322 int i;
2323 unsigned long res;
2324
2325 if (a->used == 0) {
2326 return 0;
2327 }
2328
2329 /* get number of digits of the lsb we have to read */
2330 i = MIN(a->used,(int)((sizeof(unsigned long)*CHAR_BIT+DIGIT_BIT-1)/DIGIT_BIT))-1;
2331
2332 /* get most significant digit of result */
2333 res = DIGIT(a,i);
2334
2335 while (--i >= 0) {
2336 res = (res << DIGIT_BIT) | DIGIT(a,i);
2337 }
2338
2339 /* force result to 32-bits always so it is consistent on non 32-bit platforms */
2340 return res & 0xFFFFFFFFUL;
2341}
#define DIGIT(m, k)
Definition: tomcrypt.h:233
#define CHAR_BIT
Definition: urlcache.c:62

Referenced by export_private_key_impl(), and export_public_key_impl().

◆ mp_init_copy()

int mp_init_copy ( mp_int a,
const mp_int b 
)

Definition at line 2344 of file mpi.c.

2345{
2346 int res;
2347
2348 if ((res = mp_init (a)) != MP_OKAY) {
2349 return res;
2350 }
2351 return mp_copy (b, a);
2352}
int mp_copy(const mp_int *a, mp_int *b)
Definition: mpi.c:1156

Referenced by duplicate_key_impl(), mp_div(), mp_gcd(), mp_prime_miller_rabin(), mp_reduce(), and mp_to_unsigned_bin().

◆ mp_init_multi()

int mp_init_multi ( mp_int mp,
  ... 
)

Definition at line 2354 of file mpi.c.

2355{
2356 mp_err res = MP_OKAY; /* Assume ok until proven otherwise */
2357 int n = 0; /* Number of ok inits */
2358 mp_int* cur_arg = mp;
2359 va_list args;
2360
2361 va_start(args, mp); /* init args to next argument from caller */
2362 while (cur_arg != NULL) {
2363 if (mp_init(cur_arg) != MP_OKAY) {
2364 /* Oops - error! Back-track and mp_clear what we already
2365 succeeded in init-ing, then return error.
2366 */
2367 va_list clean_args;
2368
2369 /* end the current list */
2370 va_end(args);
2371
2372 /* now start cleaning up */
2373 cur_arg = mp;
2374 va_start(clean_args, mp);
2375 while (n--) {
2376 mp_clear(cur_arg);
2377 cur_arg = va_arg(clean_args, mp_int*);
2378 }
2379 va_end(clean_args);
2380 res = MP_MEM;
2381 break;
2382 }
2383 n++;
2384 cur_arg = va_arg(args, mp_int*);
2385 }
2386 va_end(args);
2387 return res; /* Assumed ok, if error flagged above. */
2388}
#define MP_MEM
Definition: tomcrypt.h:201
int mp_err
Definition: tomcrypt.h:214

Referenced by fast_mp_invmod(), import_private_key_impl(), import_public_key_impl(), mp_invmod_slow(), mp_lcm(), rsa_exptmod(), and rsa_make_key().

◆ mp_init_set()

int mp_init_set ( mp_int a,
mp_digit  b 
)

◆ mp_init_set_int()

int mp_init_set_int ( mp_int a,
unsigned long  b 
)

◆ mp_invmod()

int mp_invmod ( const mp_int a,
mp_int b,
mp_int c 
)

Definition at line 2391 of file mpi.c.

2392{
2393 /* b cannot be negative */
2394 if (b->sign == MP_NEG || mp_iszero(b) == 1) {
2395 return MP_VAL;
2396 }
2397
2398 /* if the modulus is odd we can use a faster routine instead */
2399 if (mp_isodd (b) == 1) {
2400 return fast_mp_invmod (a, b, c);
2401 }
2402
2403 return mp_invmod_slow(a, b, c);
2404}
static int mp_invmod_slow(const mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:2407
static int fast_mp_invmod(const mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:314

Referenced by mp_exptmod(), and rsa_make_key().

◆ mp_is_square()

int mp_is_square ( mp_int arg,
int ret 
)

◆ mp_jacobi()

int mp_jacobi ( mp_int a,
mp_int n,
int c 
)

◆ mp_lcm()

int mp_lcm ( const mp_int a,
const mp_int b,
mp_int c 
)

Definition at line 2807 of file mpi.c.

2808{
2809 int res;
2810 mp_int t1, t2;
2811
2812
2813 if ((res = mp_init_multi (&t1, &t2, NULL)) != MP_OKAY) {
2814 return res;
2815 }
2816
2817 /* t1 = get the GCD of the two inputs */
2818 if ((res = mp_gcd (a, b, &t1)) != MP_OKAY) {
2819 goto __T;
2820 }
2821
2822 /* divide the smallest by the GCD */
2823 if (mp_cmp_mag(a, b) == MP_LT) {
2824 /* store quotient in t2 so that t2 * b is the LCM */
2825 if ((res = mp_div(a, &t1, &t2, NULL)) != MP_OKAY) {
2826 goto __T;
2827 }
2828 res = mp_mul(b, &t2, c);
2829 } else {
2830 /* store quotient in t2 so that t2 * a is the LCM */
2831 if ((res = mp_div(b, &t1, &t2, NULL)) != MP_OKAY) {
2832 goto __T;
2833 }
2834 res = mp_mul(a, &t2, c);
2835 }
2836
2837 /* fix the sign to positive */
2838 c->sign = MP_ZPOS;
2839
2840__T:
2841 mp_clear_multi (&t1, &t2, NULL);
2842 return res;
2843}
static int mp_div(const mp_int *a, const mp_int *b, mp_int *c, mp_int *d)
Definition: mpi.c:1565
int mp_gcd(const mp_int *a, const mp_int *b, mp_int *c)
Definition: mpi.c:2228
int mp_mul(const mp_int *a, const mp_int *b, mp_int *c)
Definition: mpi.c:3107
int mp_init_multi(mp_int *mp,...)
Definition: mpi.c:2354
#define __T(x)
Definition: vfdio.h:17

Referenced by rsa_make_key().

◆ mp_mod()

int mp_mod ( const mp_int a,
mp_int b,
mp_int c 
)

Definition at line 2847 of file mpi.c.

2848{
2849 mp_int t;
2850 int res;
2851
2852 if ((res = mp_init (&t)) != MP_OKAY) {
2853 return res;
2854 }
2855
2856 if ((res = mp_div (a, b, NULL, &t)) != MP_OKAY) {
2857 mp_clear (&t);
2858 return res;
2859 }
2860
2861 if (t.sign != b->sign) {
2862 res = mp_add (b, &t, c);
2863 } else {
2864 res = MP_OKAY;
2865 mp_exch (&t, c);
2866 }
2867
2868 mp_clear (&t);
2869 return res;
2870}
GLdouble GLdouble t
Definition: gl.h:2047
int mp_add(mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:891
int t
Definition: mpi.c:3369

Referenced by mp_exptmod_fast(), mp_mulmod(), mp_sqrmod(), rsa_make_key(), and s_mp_exptmod().

◆ mp_mul()

int mp_mul ( const mp_int a,
const mp_int b,
mp_int c 
)

Definition at line 3107 of file mpi.c.

3108{
3109 int res, neg;
3110 neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG;
3111
3112 /* use Karatsuba? */
3113 if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) {
3114 res = mp_karatsuba_mul (a, b, c);
3115 } else
3116 {
3117 /* can we use the fast multiplier?
3118 *
3119 * The fast multiplier can be used if the output will
3120 * have less than MP_WARRAY digits and the number of
3121 * digits won't affect carry propagation
3122 */
3123 int digs = a->used + b->used + 1;
3124
3125 if ((digs < MP_WARRAY) &&
3126 MIN(a->used, b->used) <=
3127 (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
3128 res = fast_s_mp_mul_digs (a, b, c, digs);
3129 } else
3130 res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */
3131 }
3132 c->sign = (c->used > 0) ? neg : MP_ZPOS;
3133 return res;
3134}
#define MP_WARRAY
Definition: tomcrypt.h:222
ulong64 mp_word
Definition: tomcrypt.h:185
static int mp_karatsuba_mul(const mp_int *a, const mp_int *b, mp_int *c)
Definition: mpi.c:2589
static const int KARATSUBA_MUL_CUTOFF
Definition: mpi.c:42
static int fast_s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs)
Definition: mpi.c:604
#define s_mp_mul(a, b, c)
Definition: mpi.c:95
ActualNumberDriverObjects * sizeof(PDRIVER_OBJECT)) PDRIVER_OBJECT *DriverObjectList

Referenced by mp_exptmod_fast(), mp_karatsuba_mul(), mp_lcm(), mp_mulmod(), mp_reduce(), rsa_exptmod(), rsa_make_key(), and s_mp_exptmod().

◆ mp_mulmod()

int mp_mulmod ( const mp_int a,
const mp_int b,
mp_int c,
mp_int d 
)

Definition at line 3138 of file mpi.c.

3139{
3140 int res;
3141 mp_int t;
3142
3143 if ((res = mp_init (&t)) != MP_OKAY) {
3144 return res;
3145 }
3146
3147 if ((res = mp_mul (a, b, &t)) != MP_OKAY) {
3148 mp_clear (&t);
3149 return res;
3150 }
3151 res = mp_mod (&t, c, d);
3152 mp_clear (&t);
3153 return res;
3154}
#define d
Definition: ke_i.h:81
int mp_mod(const mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:2847

Referenced by mp_exptmod_fast(), and rsa_exptmod().

◆ mp_n_root()

int mp_n_root ( mp_int a,
mp_digit  b,
mp_int c 
)

◆ mp_neg()

int mp_neg ( mp_int a,
mp_int b 
)

◆ mp_or()

int mp_or ( mp_int a,
mp_int b,
mp_int c 
)

◆ mp_prime_fermat()

int mp_prime_fermat ( mp_int a,
mp_int b,
int result 
)

◆ mp_prime_next_prime()

int mp_prime_next_prime ( mp_int a,
int  t,
int  bbs_style 
)

◆ mp_prime_rabin_miller_trials()

int mp_prime_rabin_miller_trials ( int  size)

Definition at line 3382 of file mpi.c.

3383{
3384 int x;
3385
3386 for (x = 0; x < (int)(sizeof(sizes)/(sizeof(sizes[0]))); x++) {
3387 if (sizes[x].k == size) {
3388 return sizes[x].t;
3389 } else if (sizes[x].k > size) {
3390 return (x == 0) ? sizes[0].t : sizes[x - 1].t;
3391 }
3392 }
3393 return sizes[x-1].t + 1;
3394}
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31
GLsizeiptr size
Definition: glext.h:5919
static const struct @541 sizes[]

Referenced by rand_prime().

◆ mp_prime_random_ex()

int mp_prime_random_ex ( mp_int a,
int  t,
int  size,
int  flags,
ltm_prime_callback  cb,
void dat 
)

Definition at line 3412 of file mpi.c.

3413{
3414 unsigned char *tmp, maskAND, maskOR_msb, maskOR_lsb;
3415 int res, err, bsize, maskOR_msb_offset;
3416
3417 /* sanity check the input */
3418 if (size <= 1 || t <= 0) {
3419 return MP_VAL;
3420 }
3421
3422 /* LTM_PRIME_SAFE implies LTM_PRIME_BBS */
3423 if (flags & LTM_PRIME_SAFE) {
3425 }
3426
3427 /* calc the byte size */
3428 bsize = (size>>3)+((size&7)?1:0);
3429
3430 /* we need a buffer of bsize bytes */
3431 tmp = HeapAlloc(GetProcessHeap(), 0, bsize);
3432 if (tmp == NULL) {
3433 return MP_MEM;
3434 }
3435
3436 /* calc the maskAND value for the MSbyte*/
3437 maskAND = ((size&7) == 0) ? 0xFF : (0xFF >> (8 - (size & 7)));
3438
3439 /* calc the maskOR_msb */
3440 maskOR_msb = 0;
3441 maskOR_msb_offset = ((size & 7) == 1) ? 1 : 0;
3442 if (flags & LTM_PRIME_2MSB_ON) {
3443 maskOR_msb |= 1 << ((size - 2) & 7);
3444 } else if (flags & LTM_PRIME_2MSB_OFF) {
3445 maskAND &= ~(1 << ((size - 2) & 7));
3446 }
3447
3448 /* get the maskOR_lsb */
3449 maskOR_lsb = 0;
3450 if (flags & LTM_PRIME_BBS) {
3451 maskOR_lsb |= 3;
3452 }
3453
3454 do {
3455 /* read the bytes */
3456 if (cb(tmp, bsize, dat) != bsize) {
3457 err = MP_VAL;
3458 goto error;
3459 }
3460
3461 /* work over the MSbyte */
3462 tmp[0] &= maskAND;
3463 tmp[0] |= 1 << ((size - 1) & 7);
3464
3465 /* mix in the maskORs */
3466 tmp[maskOR_msb_offset] |= maskOR_msb;
3467 tmp[bsize-1] |= maskOR_lsb;
3468
3469 /* read it in */
3470 if ((err = mp_read_unsigned_bin(a, tmp, bsize)) != MP_OKAY) { goto error; }
3471
3472 /* is it prime? */
3473 if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; }
3474 if (res == MP_NO) {
3475 continue;
3476 }
3477
3478 if (flags & LTM_PRIME_SAFE) {
3479 /* see if (a-1)/2 is prime */
3480 if ((err = mp_sub_d(a, 1, a)) != MP_OKAY) { goto error; }
3481 if ((err = mp_div_2(a, a)) != MP_OKAY) { goto error; }
3482
3483 /* is it prime? */
3484 if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; }
3485 }
3486 } while (res == MP_NO);
3487
3488 if (flags & LTM_PRIME_SAFE) {
3489 /* restore a to the original value */
3490 if ((err = mp_mul_2(a, a)) != MP_OKAY) { goto error; }
3491 if ((err = mp_add_d(a, 1, a)) != MP_OKAY) { goto error; }
3492 }
3493
3494 err = MP_OKAY;
3495error:
3496 HeapFree(GetProcessHeap(), 0, tmp);
3497 return err;
3498}
#define GetProcessHeap()
Definition: compat.h:736
#define HeapAlloc
Definition: compat.h:733
#define HeapFree(x, y, z)
Definition: compat.h:735
#define LTM_PRIME_BBS
Definition: tomcrypt.h:209
#define MP_NO
Definition: tomcrypt.h:206
#define LTM_PRIME_2MSB_OFF
Definition: tomcrypt.h:211
#define LTM_PRIME_2MSB_ON
Definition: tomcrypt.h:212
#define LTM_PRIME_SAFE
Definition: tomcrypt.h:210
GLbitfield flags
Definition: glext.h:7161
#define error(str)
Definition: mkdosfs.c:1605
static HMODULE MODULEINFO DWORD cb
Definition: module.c:33
static int mp_prime_is_prime(mp_int *a, int t, int *result)
Definition: mpi.c:3313
static int mp_add_d(mp_int *a, mp_digit b, mp_int *c)
Definition: mpi.c:924
int mp_sub_d(mp_int *a, mp_digit b, mp_int *c)
Definition: mpi.c:3808
int mp_read_unsigned_bin(mp_int *a, const unsigned char *b, int c)
Definition: mpi.c:3502
static int mp_div_2(const mp_int *a, mp_int *b)
Definition: mpi.c:142
static int mp_mul_2(const mp_int *a, mp_int *b)
Definition: mpi.c:2879

Referenced by rand_prime().

◆ mp_radix_size()

int mp_radix_size ( mp_int a,
int  radix,
int size 
)

◆ mp_rand()

int mp_rand ( mp_int a,
int  digits 
)

◆ mp_read_radix()

int mp_read_radix ( mp_int a,
char str,
int  radix 
)

◆ mp_read_signed_bin()

int mp_read_signed_bin ( mp_int a,
unsigned char b,
int  c 
)

◆ mp_read_unsigned_bin()

int mp_read_unsigned_bin ( mp_int a,
const unsigned char b,
int  c 
)

Definition at line 3502 of file mpi.c.

3503{
3504 int res;
3505
3506 /* make sure there are at least two digits */
3507 if (a->alloc < 2) {
3508 if ((res = mp_grow(a, 2)) != MP_OKAY) {
3509 return res;
3510 }
3511 }
3512
3513 /* zero the int */
3514 mp_zero (a);
3515
3516 /* read the bytes in */
3517 while (c-- > 0) {
3518 if ((res = mp_mul_2d (a, 8, a)) != MP_OKAY) {
3519 return res;
3520 }
3521
3522 a->dp[0] |= *b++;
3523 a->used += 1;
3524 }
3525 mp_clamp (a);
3526 return MP_OKAY;
3527}
static void mp_clamp(mp_int *a)
Definition: mpi.c:1017

Referenced by import_private_key_impl(), import_public_key_impl(), mp_prime_random_ex(), and rsa_exptmod().

◆ mp_reduce_is_2k()

int mp_reduce_is_2k ( mp_int a)

◆ mp_set_int()

int mp_set_int ( mp_int a,
unsigned long  b 
)

Definition at line 3687 of file mpi.c.

3688{
3689 int x, res;
3690
3691 mp_zero (a);
3692
3693 /* set four bits at a time */
3694 for (x = 0; x < 8; x++) {
3695 /* shift the number up four bits */
3696 if ((res = mp_mul_2d (a, 4, a)) != MP_OKAY) {
3697 return res;
3698 }
3699
3700 /* OR in the top four bits of the source */
3701 a->dp[0] |= (b >> 28) & 15;
3702
3703 /* shift the source up to the next four bits */
3704 b <<= 4;
3705
3706 /* ensure that digits are not clamped off */
3707 a->used += 1;
3708 }
3709 mp_clamp (a);
3710 return MP_OKAY;
3711}

Referenced by import_private_key_impl(), import_public_key_impl(), and rsa_make_key().

◆ mp_shrink()

int mp_shrink ( mp_int a)

Definition at line 3714 of file mpi.c.

3715{
3716 mp_digit *tmp;
3717 if (a->alloc != a->used && a->used > 0) {
3718 if ((tmp = HeapReAlloc(GetProcessHeap(), 0, a->dp, sizeof (mp_digit) * a->used)) == NULL) {
3719 return MP_MEM;
3720 }
3721 a->dp = tmp;
3722 a->alloc = a->used;
3723 }
3724 return MP_OKAY;
3725}
#define HeapReAlloc
Definition: compat.h:734

Referenced by rsa_make_key().

◆ mp_sqrt()

int mp_sqrt ( mp_int arg,
mp_int ret 
)

◆ mp_sub()

int mp_sub ( mp_int a,
mp_int b,
mp_int c 
)

Definition at line 3771 of file mpi.c.

3772{
3773 int sa, sb, res;
3774
3775 sa = a->sign;
3776 sb = b->sign;
3777
3778 if (sa != sb) {
3779 /* subtract a negative from a positive, OR */
3780 /* subtract a positive from a negative. */
3781 /* In either case, ADD their magnitudes, */
3782 /* and use the sign of the first number. */
3783 c->sign = sa;
3784 res = s_mp_add (a, b, c);
3785 } else {
3786 /* subtract a positive from a positive, OR */
3787 /* subtract a negative from a negative. */
3788 /* First, take the difference between their */
3789 /* magnitudes, then... */
3790 if (mp_cmp_mag (a, b) != MP_LT) {
3791 /* Copy the sign from the first */
3792 c->sign = sa;
3793 /* The first has a larger or equal magnitude */
3794 res = s_mp_sub (a, b, c);
3795 } else {
3796 /* The result has the *opposite* sign from */
3797 /* the first number. */
3798 c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS;
3799 /* The second has a larger magnitude */
3800 res = s_mp_sub (b, a, c);
3801 }
3802 }
3803 return res;
3804}

Referenced by fast_mp_invmod(), mp_div(), mp_invmod_slow(), mp_karatsuba_mul(), mp_karatsuba_sqr(), mp_reduce(), and rsa_exptmod().

◆ mp_sub_d()

int mp_sub_d ( mp_int a,
mp_digit  b,
mp_int c 
)

Definition at line 3808 of file mpi.c.

3809{
3810 mp_digit *tmpa, *tmpc, mu;
3811 int res, ix, oldused;
3812
3813 /* grow c as required */
3814 if (c->alloc < a->used + 1) {
3815 if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) {
3816 return res;
3817 }
3818 }
3819
3820 /* if a is negative just do an unsigned
3821 * addition [with fudged signs]
3822 */
3823 if (a->sign == MP_NEG) {
3824 a->sign = MP_ZPOS;
3825 res = mp_add_d(a, b, c);
3826 a->sign = c->sign = MP_NEG;
3827 return res;
3828 }
3829
3830 /* setup regs */
3831 oldused = c->used;
3832 tmpa = a->dp;
3833 tmpc = c->dp;
3834
3835 /* if a <= b simply fix the single digit */
3836 if ((a->used == 1 && a->dp[0] <= b) || a->used == 0) {
3837 if (a->used == 1) {
3838 *tmpc++ = b - *tmpa;
3839 } else {
3840 *tmpc++ = b;
3841 }
3842 ix = 1;
3843
3844 /* negative/1digit */
3845 c->sign = MP_NEG;
3846 c->used = 1;
3847 } else {
3848 /* positive/size */
3849 c->sign = MP_ZPOS;
3850 c->used = a->used;
3851
3852 /* subtract first digit */
3853 *tmpc = *tmpa++ - b;
3854 mu = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
3855 *tmpc++ &= MP_MASK;
3856
3857 /* handle rest of the digits */
3858 for (ix = 1; ix < a->used; ix++) {
3859 *tmpc = *tmpa++ - mu;
3860 mu = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
3861 *tmpc++ &= MP_MASK;
3862 }
3863 }
3864
3865 /* zero excess digits */
3866 while (ix++ < oldused) {
3867 *tmpc++ = 0;
3868 }
3869 mp_clamp(c);
3870 return MP_OKAY;
3871}
#define MP_MASK
Definition: tomcrypt.h:189
#define b
Definition: ke_i.h:79

Referenced by mp_add_d(), mp_prime_miller_rabin(), mp_prime_random_ex(), and rsa_make_key().

◆ mp_submod()

int mp_submod ( mp_int a,
mp_int b,
mp_int c,
mp_int d 
)

◆ mp_to_signed_bin()

int mp_to_signed_bin ( mp_int a,
unsigned char b 
)

◆ mp_to_unsigned_bin()

int mp_to_unsigned_bin ( const mp_int a,
unsigned char b 
)

Definition at line 3875 of file mpi.c.

3876{
3877 int x, res;
3878 mp_int t;
3879
3880 if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
3881 return res;
3882 }
3883
3884 x = 0;
3885 while (mp_iszero (&t) == 0) {
3886 b[x++] = (unsigned char) (t.dp[0] & 255);
3887 if ((res = mp_div_2d (&t, 8, &t, NULL)) != MP_OKAY) {
3888 mp_clear (&t);
3889 return res;
3890 }
3891 }
3892 bn_reverse (b, x);
3893 mp_clear (&t);
3894 return MP_OKAY;
3895}
static void bn_reverse(unsigned char *s, int len)
Definition: mpi.c:3907

Referenced by export_private_key_impl(), export_public_key_impl(), and rsa_exptmod().

◆ mp_toradix()

int mp_toradix ( mp_int a,
char str,
int  radix 
)

◆ mp_toradix_n()

int mp_toradix_n ( mp_int a,
char str,
int  radix,
int  maxlen 
)

◆ mp_unsigned_bin_size()

int mp_unsigned_bin_size ( const mp_int a)

Definition at line 3899 of file mpi.c.

3900{
3901 int size = mp_count_bits (a);
3902 return (size / 8 + ((size & 7) != 0 ? 1 : 0));
3903}
int mp_count_bits(const mp_int *a)
Definition: mpi.c:1203

Referenced by export_private_key_impl(), export_public_key_impl(), and rsa_exptmod().

◆ mp_xor()

int mp_xor ( mp_int a,
mp_int b,
mp_int c 
)

◆ rc2_ecb_decrypt()

void rc2_ecb_decrypt ( const unsigned char ct,
unsigned char pt,
rc2_key key 
)

Definition at line 159 of file rc2.c.

162{
163 unsigned x76, x54, x32, x10;
164 unsigned *xkey;
165 int i;
166
167 xkey = rc2->xkey;
168
169 x76 = ((unsigned)cipher[7] << 8) + (unsigned)cipher[6];
170 x54 = ((unsigned)cipher[5] << 8) + (unsigned)cipher[4];
171 x32 = ((unsigned)cipher[3] << 8) + (unsigned)cipher[2];
172 x10 = ((unsigned)cipher[1] << 8) + (unsigned)cipher[0];
173
174 for (i = 15; i >= 0; i--) {
175 if (i == 4 || i == 10) {
176 x76 = (x76 - xkey[x54 & 63]) & 0xFFFF;
177 x54 = (x54 - xkey[x32 & 63]) & 0xFFFF;
178 x32 = (x32 - xkey[x10 & 63]) & 0xFFFF;
179 x10 = (x10 - xkey[x76 & 63]) & 0xFFFF;
180 }
181
182 x76 = ((x76 << 11) | (x76 >> 5));
183 x76 = (x76 - ((x10 & ~x54) + (x32 & x54) + xkey[4*i+3])) & 0xFFFF;
184
185 x54 = ((x54 << 13) | (x54 >> 3));
186 x54 = (x54 - ((x76 & ~x32) + (x10 & x32) + xkey[4*i+2])) & 0xFFFF;
187
188 x32 = ((x32 << 14) | (x32 >> 2));
189 x32 = (x32 - ((x54 & ~x10) + (x76 & x10) + xkey[4*i+1])) & 0xFFFF;
190
191 x10 = ((x10 << 15) | (x10 >> 1));
192 x10 = (x10 - ((x32 & ~x76) + (x54 & x76) + xkey[4*i+0])) & 0xFFFF;
193 }
194
195 plain[0] = (unsigned char)x10;
196 plain[1] = (unsigned char)(x10 >> 8);
197 plain[2] = (unsigned char)x32;
198 plain[3] = (unsigned char)(x32 >> 8);
199 plain[4] = (unsigned char)x54;
200 plain[5] = (unsigned char)(x54 >> 8);
201 plain[6] = (unsigned char)x76;
202 plain[7] = (unsigned char)(x76 >> 8);
203}
static const WCHAR rc2[]
Definition: oid.c:1216
static DATA_BLOB cipher
Definition: protectdata.c:38
static unsigned(__cdecl *hash_bstr)(bstr_t s)

Referenced by encrypt_block_impl().

◆ rc2_ecb_encrypt()

void rc2_ecb_encrypt ( const unsigned char pt,
unsigned char ct,
rc2_key key 
)

Definition at line 111 of file rc2.c.

114{
115 unsigned *xkey;
116 unsigned x76, x54, x32, x10, i;
117
118 xkey = rc2->xkey;
119
120 x76 = ((unsigned)plain[7] << 8) + (unsigned)plain[6];
121 x54 = ((unsigned)plain[5] << 8) + (unsigned)plain[4];
122 x32 = ((unsigned)plain[3] << 8) + (unsigned)plain[2];
123 x10 = ((unsigned)plain[1] << 8) + (unsigned)plain[0];
124
125 for (i = 0; i < 16; i++) {
126 x10 = (x10 + (x32 & ~x76) + (x54 & x76) + xkey[4*i+0]) & 0xFFFF;
127 x10 = ((x10 << 1) | (x10 >> 15));
128
129 x32 = (x32 + (x54 & ~x10) + (x76 & x10) + xkey[4*i+1]) & 0xFFFF;
130 x32 = ((x32 << 2) | (x32 >> 14));
131
132 x54 = (x54 + (x76 & ~x32) + (x10 & x32) + xkey[4*i+2]) & 0xFFFF;
133 x54 = ((x54 << 3) | (x54 >> 13));
134
135 x76 = (x76 + (x10 & ~x54) + (x32 & x54) + xkey[4*i+3]) & 0xFFFF;
136 x76 = ((x76 << 5) | (x76 >> 11));
137
138 if (i == 4 || i == 10) {
139 x10 = (x10 + xkey[x76 & 63]) & 0xFFFF;
140 x32 = (x32 + xkey[x10 & 63]) & 0xFFFF;
141 x54 = (x54 + xkey[x32 & 63]) & 0xFFFF;
142 x76 = (x76 + xkey[x54 & 63]) & 0xFFFF;
143 }
144 }
145
146 cipher[0] = (unsigned char)x10;
147 cipher[1] = (unsigned char)(x10 >> 8);
148 cipher[2] = (unsigned char)x32;
149 cipher[3] = (unsigned char)(x32 >> 8);
150 cipher[4] = (unsigned char)x54;
151 cipher[5] = (unsigned char)(x54 >> 8);
152 cipher[6] = (unsigned char)x76;
153 cipher[7] = (unsigned char)(x76 >> 8);
154}

Referenced by encrypt_block_impl().

◆ rc2_setup()

int rc2_setup ( const unsigned char key,
int  keylen,
int  bits,
int  num_rounds,
rc2_key skey 
)

Definition at line 53 of file rc2.c.

54{
55 unsigned *xkey = rc2->xkey;
56 unsigned char tmp[128];
57 unsigned T8, TM;
58 int i;
59
60 if (keylen < 5 || keylen > 128) {
62 }
63
64 if (rounds != 0 && rounds != 16) {
66 }
67
68 /* Following comment is from Eric Young's rc2 code: */
69 /* It has come to my attention that there are 2 versions of the RC2
70 * key schedule. One which is normal, and anther which has a hook to
71 * use a reduced key length.
72 * BSAFE uses the 'retarded' version. What I previously shipped is
73 * the same as specifying 1024 for the 'bits' parameter. BSAFE uses
74 * a version where the bits parameter is the same as len*8 */
75 /* Seems like MS uses the 'retarded' version, too.
76 * Adjust effective keylen bits */
77 if (bits <= 0) bits = keylen << 3;
78 if (bits > 1024) bits = 1024;
79
80 for (i = 0; i < keylen; i++) {
81 tmp[i] = key[i] & 255;
82 }
83
84 /* Phase 1: Expand input key to 128 bytes */
85 if (keylen < 128) {
86 for (i = keylen; i < 128; i++) {
87 tmp[i] = permute[(tmp[i - 1] + tmp[i - keylen]) & 255];
88 }
89 }
90
91 /* Phase 2 - reduce effective key size to "bits" */
92 /*bits = keylen<<3; */
93 T8 = (unsigned)(bits+7)>>3;
94 TM = (255 >> (unsigned)(7 & -bits));
95 tmp[128 - T8] = permute[tmp[128 - T8] & TM];
96 for (i = 127 - T8; i >= 0; i--) {
97 tmp[i] = permute[tmp[i + 1] ^ tmp[i + T8]];
98 }
99
100 /* Phase 3 - copy to xkey in little-endian order */
101 for (i = 0; i < 64; i++) {
102 xkey[i] = (unsigned)tmp[2*i] + ((unsigned)tmp[2*i+1] << 8);
103 }
104
105 return CRYPT_OK;
106}
GLenum GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * bits
Definition: glext.h:10929
static const unsigned char permute[256]
Definition: rc2.c:34

Referenced by setup_key_impl().

◆ rc4_add_entropy()

int rc4_add_entropy ( const unsigned char buf,
unsigned long  len,
prng_state prng 
)

Definition at line 41 of file rc4.c.

42{
43 /* trim as required */
44 if (prng->rc4.x + len > 256) {
45 if (prng->rc4.x == 256) {
46 /* I can't possibly accept another byte, ok maybe a mint wafer... */
47 return CRYPT_OK;
48 } else {
49 /* only accept part of it */
50 len = 256 - prng->rc4.x;
51 }
52 }
53
54 while (len--) {
55 prng->rc4.buf[prng->rc4.x++] = *buf++;
56 }
57
58 return CRYPT_OK;
59}
struct rc4_prng rc4
Definition: tomcrypt.h:168

Referenced by setup_key_impl().

◆ rc4_read()

unsigned long rc4_read ( unsigned char buf,
unsigned long  len,
prng_state prng 
)

Definition at line 89 of file rc4.c.

90{
91 unsigned char x, y, *s, tmp;
92 unsigned long n;
93
94 n = len;
95 x = prng->rc4.x;
96 y = prng->rc4.y;
97 s = prng->rc4.buf;
98 while (len--) {
99 x = (x + 1) & 255;
100 y = (y + s[x]) & 255;
101 tmp = s[x]; s[x] = s[y]; s[y] = tmp;
102 tmp = (s[x] + s[y]) & 255;
103 *buf++ ^= s[tmp];
104 }
105 prng->rc4.x = x;
106 prng->rc4.y = y;
107 return n;
108}
GLdouble s
Definition: gl.h:2039

Referenced by encrypt_stream_impl().

◆ rc4_ready()

int rc4_ready ( prng_state prng)

Definition at line 61 of file rc4.c.

62{
63 unsigned char key[256], tmp, *s;
64 int keylen, x, y, j;
65
66 /* extract the key */
67 s = prng->rc4.buf;
68 memcpy(key, s, 256);
69 keylen = prng->rc4.x;
70
71 /* make RC4 perm and shuffle */
72 for (x = 0; x < 256; x++) {
73 s[x] = x;
74 }
75
76 for (j = x = y = 0; x < 256; x++) {
77 y = (y + prng->rc4.buf[x] + key[j++]) & 255;
78 if (j == keylen) {
79 j = 0;
80 }
81 tmp = s[x]; s[x] = s[y]; s[y] = tmp;
82 }
83 prng->rc4.x = 0;
84 prng->rc4.y = 0;
85
86 return CRYPT_OK;
87}

Referenced by setup_key_impl().

◆ rc4_start()

int rc4_start ( prng_state prng)

Definition at line 33 of file rc4.c.

34{
35 /* set keysize to zero */
36 prng->rc4.x = 0;
37
38 return CRYPT_OK;
39}

Referenced by setup_key_impl().

◆ rsa_exptmod()

int rsa_exptmod ( const unsigned char in,
unsigned long  inlen,
unsigned char out,
unsigned long outlen,
int  which,
rsa_key key 
)

Definition at line 180 of file rsa.c.

183{
184 mp_int tmp, tmpa, tmpb;
185 unsigned long x;
186 int err;
187
188 /* is the key of the right type for the operation? */
189 if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
191 }
192
193 /* must be a private or public operation */
194 if (which != PK_PRIVATE && which != PK_PUBLIC) {
196 }
197
198 /* init and copy into tmp */
199 if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY) { return mpi_to_ltc_error(err); }
200 if ((err = mp_read_unsigned_bin(&tmp, in, (int)inlen)) != MP_OKAY) { goto error; }
201
202 /* sanity check on the input */
203 if (mp_cmp(&key->N, &tmp) == MP_LT) {
205 goto done;
206 }
207
208 /* are we using the private exponent and is the key optimized? */
209 if (which == PK_PRIVATE) {
210 /* tmpa = tmp^dP mod p */
211 if ((err = mpi_to_ltc_error(mp_exptmod(&tmp, &key->dP, &key->p, &tmpa))) != MP_OKAY) { goto error; }
212
213 /* tmpb = tmp^dQ mod q */
214 if ((err = mpi_to_ltc_error(mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb))) != MP_OKAY) { goto error; }
215
216 /* tmp = (tmpa - tmpb) * qInv (mod p) */
217 if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY) { goto error; }
218 if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY) { goto error; }
219
220 /* tmp = tmpb + q * tmp */
221 if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY) { goto error; }
222 if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY) { goto error; }
223 } else {
224 /* exptmod it */
225 if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY) { goto error; }
226 }
227
228 /* read it back */
229 x = (unsigned long)mp_unsigned_bin_size(&key->N);
230 if (x > *outlen) {
232 goto done;
233 }
234 *outlen = x;
235
236 /* convert it */
237 memset(out, 0, x);
238 if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY) { goto error; }
239
240 /* clean up and return */
241 err = CRYPT_OK;
242 goto done;
243error:
245done:
246 mp_clear_multi(&tmp, &tmpa, &tmpb, NULL);
247 return err;
248}
#define PK_PUBLIC
Definition: tomcrypt.h:450
#define PK_PRIVATE
Definition: tomcrypt.h:449
GLuint in
Definition: glext.h:9616
int mp_to_unsigned_bin(const mp_int *a, unsigned char *b)
Definition: mpi.c:3875
int mp_unsigned_bin_size(const mp_int *a)
Definition: mpi.c:3899
int mp_sub(mp_int *a, mp_int *b, mp_int *c)
Definition: mpi.c:3771
int mp_cmp(const mp_int *a, const mp_int *b)
Definition: mpi.c:1046
int mp_mulmod(const mp_int *a, const mp_int *b, mp_int *c, mp_int *d)
Definition: mpi.c:3138
static FILE * out
Definition: regtests2xml.c:44
static GLenum which
Definition: wgl_font.c:159
static int mpi_to_ltc_error(int err)
Definition: rsa.c:42

Referenced by encrypt_block_impl().

◆ rsa_free()

void rsa_free ( rsa_key key)

Definition at line 173 of file rsa.c.

174{
175 mp_clear_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
176 &key->qP, &key->p, &key->q, NULL);
177}

◆ rsa_make_key()

int rsa_make_key ( int  size,
long  e,
rsa_key key 
)

Definition at line 87 of file rsa.c.

88{
89 mp_int p, q, tmp1, tmp2, tmp3;
90 int err;
91
92 if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) {
94 }
95
96 if ((e < 3) || ((e & 1) == 0)) {
97 return CRYPT_INVALID_ARG;
98 }
99
100 if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY) {
101 return mpi_to_ltc_error(err);
102 }
103
104 /* make primes p and q (optimization provided by Wayne Scott) */
105 if ((err = mp_set_int(&tmp3, e)) != MP_OKAY) { goto error; } /* tmp3 = e */
106
107 /* make prime "p" */
108 do {
109 if ((err = rand_prime(&p, size*4)) != CRYPT_OK) { goto done; }
110 if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = p-1 */
111 if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = gcd(p-1, e) */
112 } while (mp_cmp_d(&tmp2, 1) != 0); /* while e divides p-1 */
113
114 /* make prime "q" */
115 do {
116 if ((err = rand_prime(&q, size*4)) != CRYPT_OK) { goto done; }
117 if ((err = mp_sub_d(&q, 1, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = q-1 */
118 if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = gcd(q-1, e) */
119 } while (mp_cmp_d(&tmp2, 1) != 0); /* while e divides q-1 */
120
121 /* tmp1 = lcm(p-1, q-1) */
122 if ((err = mp_sub_d(&p, 1, &tmp2)) != MP_OKAY) { goto error; } /* tmp2 = p-1 */
123 /* tmp1 = q-1 (previous do/while loop) */
124 if ((err = mp_lcm(&tmp1, &tmp2, &tmp1)) != MP_OKAY) { goto error; } /* tmp1 = lcm(p-1, q-1) */
125
126 /* make key */
127 if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
128 &key->qP, &key->p, &key->q, NULL)) != MP_OKAY) {
129 goto error;
130 }
131
132 if ((err = mp_set_int(&key->e, e)) != MP_OKAY) { goto error2; } /* key->e = e */
133 if ((err = mp_invmod(&key->e, &tmp1, &key->d)) != MP_OKAY) { goto error2; } /* key->d = 1/e mod lcm(p-1,q-1) */
134 if ((err = mp_mul(&p, &q, &key->N)) != MP_OKAY) { goto error2; } /* key->N = pq */
135
136 /* optimize for CRT now */
137 /* find d mod q-1 and d mod p-1 */
138 if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error2; } /* tmp1 = q-1 */
139 if ((err = mp_sub_d(&q, 1, &tmp2)) != MP_OKAY) { goto error2; } /* tmp2 = p-1 */
140 if ((err = mp_mod(&key->d, &tmp1, &key->dP)) != MP_OKAY) { goto error2; } /* dP = d mod p-1 */
141 if ((err = mp_mod(&key->d, &tmp2, &key->dQ)) != MP_OKAY) { goto error2; } /* dQ = d mod q-1 */
142 if ((err = mp_invmod(&q, &p, &key->qP)) != MP_OKAY) { goto error2; } /* qP = 1/q mod p */
143
144 if ((err = mp_copy(&p, &key->p)) != MP_OKAY) { goto error2; }
145 if ((err = mp_copy(&q, &key->q)) != MP_OKAY) { goto error2; }
146
147 /* shrink ram required */
148 if ((err = mp_shrink(&key->e)) != MP_OKAY) { goto error2; }
149 if ((err = mp_shrink(&key->d)) != MP_OKAY) { goto error2; }
150 if ((err = mp_shrink(&key->N)) != MP_OKAY) { goto error2; }
151 if ((err = mp_shrink(&key->dQ)) != MP_OKAY) { goto error2; }
152 if ((err = mp_shrink(&key->dP)) != MP_OKAY) { goto error2; }
153 if ((err = mp_shrink(&key->qP)) != MP_OKAY) { goto error2; }
154 if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error2; }
155 if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error2; }
156
157 /* set key type (in this case it's CRT optimized) */
158 key->type = PK_PRIVATE;
159
160 /* return ok and free temps */
161 err = CRYPT_OK;
162 goto done;
163error2:
164 mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP,
165 &key->qP, &key->p, &key->q, NULL);
166error:
168done:
169 mp_clear_multi(&tmp3, &tmp2, &tmp1, &p, &q, NULL);
170 return err;
171}
#define MAX_RSA_SIZE
Definition: tomcrypt.h:454
#define MIN_RSA_SIZE
Definition: tomcrypt.h:453
GLfloat GLfloat p
Definition: glext.h:8902
#define e
Definition: ke_i.h:82
int mp_shrink(mp_int *a)
Definition: mpi.c:3714
int mp_lcm(const mp_int *a, const mp_int *b, mp_int *c)
Definition: mpi.c:2807
int mp_cmp_d(const mp_int *a, mp_digit b)
Definition: mpi.c:1067
int mp_set_int(mp_int *a, unsigned long b)
Definition: mpi.c:3687
#define error2(s, a, b)
Definition: debug.h:126
static int rand_prime(mp_int *N, long len)
Definition: rsa.c:61

Referenced by new_key_impl().

Variable Documentation

◆ mp_s_rmap

const char* mp_s_rmap
extern