Botan  1.10.9
Namespaces | Classes | Typedefs | Enumerations | Functions | Variables
Botan Namespace Reference

Namespaces

 ASN1
 
 BER
 
 Camellia_F
 
 Cert_Extension
 
 Charset
 
 CryptoBox
 
 CVC_EAC
 
 DE_EAC
 
 FPE
 
 Global_State_Management
 
 HAS_160_F
 
 KeyPair
 
 OIDS
 
 PEM_Code
 
 PK_Ops
 
 PKCS8
 
 RIPEMD_128_F
 
 SHA1_F
 
 SHA1_SSE2_F
 
 SHA2_32
 
 SHA2_64
 
 X509
 

Classes

class  Adler32
 
class  AES_128
 
class  AES_128_NI
 
class  AES_128_SSSE3
 
class  AES_192
 
class  AES_192_NI
 
class  AES_192_SSSE3
 
class  AES_256
 
class  AES_256_NI
 
class  AES_256_SSSE3
 
class  AES_ISA_Engine
 
class  Alert
 
class  Algorithm
 
class  Algorithm_Cache
 
class  Algorithm_Factory
 
struct  Algorithm_Not_Found
 
class  AlgorithmIdentifier
 
class  Allocator
 
class  AlternativeName
 
class  ANSI_X919_MAC
 
class  ANSI_X923_Padding
 
class  ANSI_X931_RNG
 
class  ARC4
 
class  ASN1_Car
 
class  ASN1_Ced
 
class  ASN1_Cex
 
class  ASN1_Chr
 
class  ASN1_EAC_String
 
class  ASN1_Object
 
class  ASN1_String
 
class  Assembler_Engine
 
class  Attribute
 
class  AutoSeeded_RNG
 
class  Base64_Decoder
 
class  Base64_Encoder
 
class  BeOS_EntropySource
 
struct  BER_Bad_Tag
 
class  BER_Decoder
 
struct  BER_Decoding_Error
 
class  BER_Object
 
class  BigInt
 
struct  BitBucket
 
class  Blinder
 
class  Block_Cipher_Fixed_Params
 
class  BlockCipher
 
class  BlockCipherModePaddingMethod
 
class  Blowfish
 
class  BMW_512
 
class  Buffered_Computation
 
class  Buffered_Filter
 
class  Bzip_Compression
 
class  Bzip_Decompression
 
struct  calendar_point
 
class  Camellia_128
 
class  Camellia_192
 
class  Camellia_256
 
class  Cascade_Cipher
 
class  CAST_128
 
class  CAST_256
 
class  CBC_Decryption
 
class  CBC_Encryption
 
class  CBC_MAC
 
class  Certificate
 
class  Certificate_Extension
 
class  Certificate_Req
 
class  Certificate_Store
 
class  Certificate_Store_Memory
 
class  Certificate_Verify
 
class  CFB_Decryption
 
class  CFB_Encryption
 
class  Chain
 
class  CipherSuite
 
class  Client_Hello
 
class  Client_Key_Exchange
 
class  CMAC
 
class  CMS_Decoder
 
class  CMS_Encoder
 
class  Comb4P
 
class  Core_Engine
 
class  CPUID
 
class  CRC24
 
class  CRC32
 
class  CRL_Entry
 
class  CTR_BE
 
class  CTS_Decryption
 
class  CTS_Encryption
 
class  CurveGFp
 
class  Data_Store
 
class  DataSink
 
class  DataSink_Stream
 
class  DataSource
 
class  DataSource_Command
 
class  DataSource_Memory
 
class  DataSource_Stream
 
struct  Decoding_Error
 
class  del_fun
 
class  DER_Encoder
 
class  DES
 
class  DESX
 
class  Device_EntropySource
 
class  DH_KA_Operation
 
class  DH_PrivateKey
 
class  DH_PublicKey
 
class  DL_Group
 
class  DL_Scheme_PrivateKey
 
class  DL_Scheme_PublicKey
 
class  DLIES_Decryptor
 
class  DLIES_Encryptor
 
class  DSA_PrivateKey
 
class  DSA_PublicKey
 
class  DSA_Signature_Operation
 
class  DSA_Verification_Operation
 
class  Dynamically_Loaded_Engine
 
class  Dynamically_Loaded_Library
 
class  EAC1_1_ADO
 
class  EAC1_1_CVC
 
class  EAC1_1_CVC_Options
 
class  EAC1_1_gen_CVC
 
class  EAC1_1_obj
 
class  EAC1_1_Req
 
class  EAC_Signed_Object
 
class  EAC_Time
 
class  EAX_Base
 
class  EAX_Decryption
 
class  EAX_Encryption
 
class  EC_Group
 
class  EC_PrivateKey
 
class  EC_PublicKey
 
class  ECB_Decryption
 
class  ECB_Encryption
 
class  ECDH_KA_Operation
 
class  ECDH_PrivateKey
 
class  ECDH_PublicKey
 
class  ECDSA_PrivateKey
 
class  ECDSA_PublicKey
 
class  ECDSA_Signature
 
class  ECDSA_Signature_Operation
 
class  ECDSA_Verification_Operation
 
class  EGD_EntropySource
 
class  ElGamal_Decryption_Operation
 
class  ElGamal_Encryption_Operation
 
class  ElGamal_PrivateKey
 
class  ElGamal_PublicKey
 
class  EME
 
class  EME1
 
class  EME_PKCS1v15
 
class  EMSA
 
class  EMSA1
 
class  EMSA1_BSI
 
class  EMSA2
 
class  EMSA3
 
class  EMSA3_Raw
 
class  EMSA4
 
class  EMSA_Raw
 
struct  Encoding_Error
 
class  Engine
 
class  Entropy_Accumulator
 
class  Entropy_Accumulator_BufferedComputation
 
class  EntropySource
 
class  Extensions
 
class  Fanout_Filter
 
class  Filter
 
class  Finished
 
class  Fixed_Base_Power_Mod
 
class  Fixed_Exponent_Power_Mod
 
class  Fixed_Window_Exponentiator
 
class  Fork
 
class  FTW_EntropySource
 
class  GMP_Engine
 
class  GMP_MPZ
 
class  GOST_28147_89
 
class  GOST_28147_89_Params
 
class  GOST_3410_PrivateKey
 
class  GOST_3410_PublicKey
 
class  GOST_3410_Signature_Operation
 
class  GOST_3410_Verification_Operation
 
class  GOST_34_11
 
class  Handshake_State
 
class  HandshakeHash
 
class  HandshakeMessage
 
class  HAS_160
 
class  Hash_Filter
 
class  HashFunction
 
class  Hello_Request
 
class  Hex_Decoder
 
class  Hex_Encoder
 
class  High_Resolution_Timestamp
 
class  HMAC
 
class  HMAC_RNG
 
class  IDEA
 
class  IDEA_SSE2
 
class  IF_Scheme_PrivateKey
 
class  IF_Scheme_PublicKey
 
struct  Illegal_Point
 
struct  Illegal_Transformation
 
struct  Integrity_Failure
 
class  Intel_Rdrand
 
struct  Internal_Error
 
struct  Invalid_Algorithm_Name
 
struct  Invalid_Block_Size
 
struct  Invalid_IV_Length
 
struct  Invalid_Key_Length
 
struct  Invalid_OID
 
struct  Invalid_State
 
class  KASUMI
 
class  KDF
 
class  KDF1
 
class  KDF2
 
class  Keccak_1600
 
class  Key_Length_Specification
 
class  Keyed_Filter
 
class  Library_State
 
class  LibraryInitializer
 
class  Lion
 
class  Locking_Allocator
 
struct  Lookup_Error
 
class  LubyRackoff
 
class  MAC_Filter
 
class  Malloc_Allocator
 
class  MARS
 
class  MD2
 
class  MD4
 
class  MD4_X86_32
 
class  MD5
 
class  MD5_X86_32
 
class  MDx_HashFunction
 
struct  Memory_Exhaustion
 
class  MemoryMapping_Allocator
 
class  MemoryRegion
 
class  MemoryVector
 
class  MessageAuthenticationCode
 
class  MGF
 
class  MGF1
 
class  MISTY1
 
class  Modular_Exponentiator
 
class  Modular_Reducer
 
class  Montgomery_Exponentiator
 
class  Mutex
 
class  Mutex_Factory
 
class  Mutex_Holder
 
class  Noekeon
 
class  Noekeon_SIMD
 
class  Noop_Mutex_Factory
 
class  NR_PrivateKey
 
class  NR_PublicKey
 
class  NR_Signature_Operation
 
class  NR_Verification_Operation
 
class  Null_Padding
 
class  Null_RNG
 
class  OctetString
 
class  OFB
 
class  OID
 
class  OneAndZeros_Padding
 
class  OpenPGP_S2K
 
class  OpenSSL_Engine
 
class  OSSL_BN
 
class  OSSL_BN_CTX
 
class  Output_Buffers
 
class  Parallel
 
class  PBE
 
class  PBE_PKCS5v15
 
class  PBE_PKCS5v20
 
class  PBKDF
 
class  Pipe
 
class  PK_Decryptor
 
class  PK_Decryptor_EME
 
class  PK_Decryptor_Filter
 
class  PK_Encryptor
 
class  PK_Encryptor_EME
 
class  PK_Encryptor_Filter
 
class  PK_Key_Agreement
 
class  PK_Key_Agreement_Key
 
class  PK_Signer
 
class  PK_Signer_Filter
 
class  PK_Verifier
 
class  PK_Verifier_Filter
 
class  PKCS10_Request
 
class  PKCS5_PBKDF1
 
class  PKCS5_PBKDF2
 
class  PKCS7_Padding
 
struct  PKCS8_Exception
 
class  PointGFp
 
struct  Policy_Violation
 
class  Pooling_Allocator
 
class  Power_Mod
 
class  Private_Key
 
struct  PRNG_Unseeded
 
class  Pthread_Mutex_Factory
 
class  Public_Key
 
class  RandomNumberGenerator
 
class  Randpool
 
class  RC2
 
class  RC5
 
class  RC6
 
class  Record_Reader
 
class  Record_Writer
 
class  RIPEMD_128
 
class  RIPEMD_160
 
class  RSA_Private_Operation
 
class  RSA_PrivateKey
 
class  RSA_Public_Operation
 
class  RSA_PublicKey
 
class  RTSS_Share
 
class  RW_PrivateKey
 
class  RW_PublicKey
 
class  RW_Signature_Operation
 
class  RW_Verification_Operation
 
class  SAFER_SK
 
class  Salsa20
 
class  SCAN_Name
 
class  SecureQueue
 
class  SecureVector
 
class  SEED
 
struct  Self_Test_Failure
 
class  Serpent
 
class  Serpent_SIMD
 
class  Serpent_X86_32
 
class  Server_Hello
 
class  Server_Hello_Done
 
class  Server_Key_Exchange
 
class  SessionKeys
 
class  SHA_160
 
class  SHA_160_SSE2
 
class  SHA_160_X86_32
 
class  SHA_160_X86_64
 
class  SHA_224
 
class  SHA_256
 
class  SHA_384
 
class  SHA_512
 
class  SIMD_Engine
 
class  SIMD_Scalar
 
class  Skein_512
 
class  Skipjack
 
class  Square
 
class  SRP6_Server_Session
 
class  SSL3_MAC
 
class  SSL3_PRF
 
struct  Stream_IO_Error
 
class  StreamCipher
 
class  StreamCipher_Filter
 
class  SymmetricAlgorithm
 
class  TEA
 
class  Tiger
 
class  TLS_12_PRF
 
class  TLS_Client
 
class  TLS_Connection
 
class  TLS_Data_Reader
 
class  TLS_Exception
 
class  TLS_Policy
 
class  TLS_PRF
 
class  TLS_Server
 
class  TripleDES
 
class  Turing
 
class  Twofish
 
struct  Unexpected_Message
 
class  Unix_EntropySource
 
struct  Unix_Program
 
class  User_Interface
 
class  Whirlpool
 
class  WiderWake_41_BE
 
class  Win32_CAPI_EntropySource
 
class  Win32_EntropySource
 
class  Win32_Mutex_Factory
 
class  X509_CA
 
class  X509_Cert_Options
 
class  X509_Certificate
 
class  X509_CRL
 
class  X509_DN
 
class  X509_Object
 
class  X509_Store
 
class  X509_Time
 
class  X942_PRF
 
class  XTEA
 
class  XTEA_SIMD
 
class  XTS_Decryption
 
class  XTS_Encryption
 
class  Zlib_Compression
 
class  Zlib_Decompression
 

Typedefs

typedef unsigned char byte
 
typedef EC_Group EC_Domain_Params
 
typedef std::runtime_error Exception
 
typedef OctetString InitializationVector
 
typedef std::invalid_argument Invalid_Argument
 
typedef PK_Decryptor_EME PK_Decryptor_MR_with_EME
 
typedef PK_Encryptor_EME PK_Encryptor_MR_with_EME
 
typedef PK_Key_Agreement_Key PK_KA_Key
 
typedef Private_Key PKCS8_PrivateKey
 
typedef PBKDF S2K
 
typedef signed int s32bit
 
typedef OctetString SymmetricKey
 
typedef unsigned short u16bit
 
typedef unsigned int u32bit
 
typedef unsigned long long u64bit
 
typedef Public_Key X509_PublicKey
 

Enumerations

enum  Alert_Level { WARNING = 1, FATAL = 2 }
 
enum  Alert_Type {
  CLOSE_NOTIFY = 0, UNEXPECTED_MESSAGE = 10, BAD_RECORD_MAC = 20, DECRYPTION_FAILED = 21,
  RECORD_OVERFLOW = 22, DECOMPRESSION_FAILURE = 30, HANDSHAKE_FAILURE = 40, BAD_CERTIFICATE = 42,
  UNSUPPORTED_CERTIFICATE = 43, CERTIFICATE_REVOKED = 44, CERTIFICATE_EXPIRED = 45, CERTIFICATE_UNKNOWN = 46,
  ILLEGAL_PARAMETER = 47, UNKNOWN_CA = 48, ACCESS_DENIED = 49, DECODE_ERROR = 50,
  DECRYPT_ERROR = 51, EXPORT_RESTRICTION = 60, PROTOCOL_VERSION = 70, INSUFFICIENT_SECURITY = 71,
  INTERNAL_ERROR = 80, USER_CANCELED = 90, NO_RENEGOTIATION = 100, UNKNOWN_PSK_IDENTITY = 115,
  NO_ALERT_TYPE = 0xFFFF
}
 
enum  ASN1_Tag {
  UNIVERSAL = 0x00, APPLICATION = 0x40, CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0,
  CONSTRUCTED = 0x20, EOC = 0x00, BOOLEAN = 0x01, INTEGER = 0x02,
  BIT_STRING = 0x03, OCTET_STRING = 0x04, NULL_TAG = 0x05, OBJECT_ID = 0x06,
  ENUMERATED = 0x0A, SEQUENCE = 0x10, SET = 0x11, UTF8_STRING = 0x0C,
  NUMERIC_STRING = 0x12, PRINTABLE_STRING = 0x13, T61_STRING = 0x14, IA5_STRING = 0x16,
  VISIBLE_STRING = 0x1A, BMP_STRING = 0x1E, UTC_TIME = 0x17, GENERALIZED_TIME = 0x18,
  NO_OBJECT = 0xFF00, DIRECTORY_STRING = 0xFF01
}
 
enum  Certificate_Type { RSA_CERT = 1, DSS_CERT = 2, DH_RSA_CERT = 3, DH_DSS_CERT = 4 }
 
enum  Character_Set { LOCAL_CHARSET, UCS2_CHARSET, UTF8_CHARSET, LATIN1_CHARSET }
 
enum  Cipher_Dir { ENCRYPTION, DECRYPTION }
 
enum  Ciphersuite_Code {
  TLS_RSA_WITH_RC4_128_MD5 = 0x0004, TLS_RSA_WITH_RC4_128_SHA = 0x0005, TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
  TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
  TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
  TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
  TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
  TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
  TLS_NO_RENEGOTIATION_SCSV = 0x00FF
}
 
enum  Compression_Algo { NO_COMPRESSION = 0x00 }
 
enum  Connection_Side { CLIENT, SERVER }
 
enum  CRL_Code {
  UNSPECIFIED = 0, KEY_COMPROMISE = 1, CA_COMPROMISE = 2, AFFILIATION_CHANGED = 3,
  SUPERSEDED = 4, CESSATION_OF_OPERATION = 5, CERTIFICATE_HOLD = 6, REMOVE_FROM_CRL = 8,
  PRIVLEDGE_WITHDRAWN = 9, AA_COMPROMISE = 10, DELETE_CRL_ENTRY = 0xFF00, OCSP_GOOD = 0xFF01,
  OCSP_UNKNOWN = 0xFF02
}
 
enum  Decoder_Checking { NONE, IGNORE_WS, FULL_CHECK }
 
enum  EC_Group_Encoding { EC_DOMPAR_ENC_EXPLICIT = 0, EC_DOMPAR_ENC_IMPLICITCA = 1, EC_DOMPAR_ENC_OID = 2 }
 
enum  Fault_Protection { ENABLE_FAULT_PROTECTION, DISABLE_FAULT_PROTECTION }
 
enum  Handshake_Type {
  HELLO_REQUEST = 0, CLIENT_HELLO = 1, CLIENT_HELLO_SSLV2 = 255, SERVER_HELLO = 2,
  CERTIFICATE = 11, SERVER_KEX = 12, CERTIFICATE_REQUEST = 13, SERVER_HELLO_DONE = 14,
  CERTIFICATE_VERIFY = 15, CLIENT_KEX = 16, FINISHED = 20, HANDSHAKE_CCS = 100,
  HANDSHAKE_NONE = 101
}
 
enum  Key_Constraints {
  NO_CONSTRAINTS = 0, DIGITAL_SIGNATURE = 32768, NON_REPUDIATION = 16384, KEY_ENCIPHERMENT = 8192,
  DATA_ENCIPHERMENT = 4096, KEY_AGREEMENT = 2048, KEY_CERT_SIGN = 1024, CRL_SIGN = 512,
  ENCIPHER_ONLY = 256, DECIPHER_ONLY = 128
}
 
enum  Record_Type {
  CONNECTION_CLOSED = 0, CHANGE_CIPHER_SPEC = 20, ALERT = 21, HANDSHAKE = 22,
  APPLICATION_DATA = 23
}
 
enum  Signature_Format { IEEE_1363, DER_SEQUENCE }
 
enum  Size_Limits { MAX_PLAINTEXT_SIZE = 16*1024, MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024, MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024 }
 
enum  TLS_Ciphersuite_Algos {
  TLS_ALGO_SIGNER_MASK = 0xFF000000, TLS_ALGO_SIGNER_ANON = 0x01000000, TLS_ALGO_SIGNER_RSA = 0x02000000, TLS_ALGO_SIGNER_DSA = 0x03000000,
  TLS_ALGO_SIGNER_ECDSA = 0x04000000, TLS_ALGO_KEYEXCH_MASK = 0x00FF0000, TLS_ALGO_KEYEXCH_NOKEX = 0x00010000, TLS_ALGO_KEYEXCH_RSA = 0x00020000,
  TLS_ALGO_KEYEXCH_DH = 0x00030000, TLS_ALGO_KEYEXCH_ECDH = 0x00040000, TLS_ALGO_MAC_MASK = 0x0000FF00, TLS_ALGO_MAC_MD5 = 0x00000100,
  TLS_ALGO_MAC_SHA1 = 0x00000200, TLS_ALGO_MAC_SHA256 = 0x00000300, TLS_ALGO_MAC_SHA384 = 0x00000400, TLS_ALGO_CIPHER_MASK = 0x000000FF,
  TLS_ALGO_CIPHER_RC4_128 = 0x00000001, TLS_ALGO_CIPHER_3DES_CBC = 0x00000002, TLS_ALGO_CIPHER_AES128_CBC = 0x00000003, TLS_ALGO_CIPHER_AES256_CBC = 0x00000004,
  TLS_ALGO_CIPHER_SEED_CBC = 0x00000005
}
 
enum  TLS_Handshake_Extension_Type {
  TLSEXT_SERVER_NAME_INDICATION = 0, TLSEXT_MAX_FRAGMENT_LENGTH = 1, TLSEXT_CLIENT_CERT_URL = 2, TLSEXT_TRUSTED_CA_KEYS = 3,
  TLSEXT_TRUNCATED_HMAC = 4, TLSEXT_USABLE_ELLIPTIC_CURVES = 10, TLSEXT_EC_POINT_FORMATS = 11, TLSEXT_SRP_IDENTIFIER = 12,
  TLSEXT_CERTIFICATE_TYPES = 9, TLSEXT_SESSION_TICKET = 35
}
 
enum  Version_Code { NO_VERSION_SET = 0x0000, SSL_V3 = 0x0300, TLS_V10 = 0x0301, TLS_V11 = 0x0302 }
 
enum  X509_Code {
  VERIFIED, UNKNOWN_X509_ERROR, CANNOT_ESTABLISH_TRUST, CERT_CHAIN_TOO_LONG,
  SIGNATURE_ERROR, POLICY_ERROR, INVALID_USAGE, CERT_FORMAT_ERROR,
  CERT_ISSUER_NOT_FOUND, CERT_NOT_YET_VALID, CERT_HAS_EXPIRED, CERT_IS_REVOKED,
  CRL_FORMAT_ERROR, CRL_ISSUER_NOT_FOUND, CRL_NOT_YET_VALID, CRL_HAS_EXPIRED,
  CA_CERT_CANNOT_SIGN, CA_CERT_NOT_FOR_CERT_ISSUER, CA_CERT_NOT_FOR_CRL_ISSUER
}
 
enum  X509_Encoding { RAW_BER, PEM }
 

Functions

BigInt abs (const BigInt &n)
 
std::map< std::string, double > algorithm_benchmark (const std::string &name, Algorithm_Factory &af, RandomNumberGenerator &rng, u32bit milliseconds, size_t buf_size)
 
std::map< std::string, bool > algorithm_kat (const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
 
void aont_package (RandomNumberGenerator &rng, BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
void aont_unpackage (BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
template<typename T >
void append_tls_length_value (MemoryRegion< byte > &buf, const T *vals, size_t vals_size, size_t tag_size)
 
template<typename T >
void append_tls_length_value (MemoryRegion< byte > &buf, const MemoryRegion< T > &vals, size_t tag_size)
 
template<typename T >
void append_tls_length_value (MemoryRegion< byte > &buf, const std::vector< T > &vals, size_t tag_size)
 
void assertion_failure (const char *expr_str, const char *msg, const char *func, const char *file, int line)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool final_inputs, bool ignore_ws)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t base64_decode (byte output[], const std::string &input, bool ignore_ws)
 
SecureVector< bytebase64_decode (const char input[], size_t input_length, bool ignore_ws)
 
SecureVector< bytebase64_decode (const std::string &input, bool ignore_ws)
 
size_t base64_encode (char out[], const byte in[], size_t input_length, size_t &input_consumed, bool final_inputs)
 
std::string base64_encode (const byte input[], size_t input_length)
 
std::string base64_encode (const MemoryRegion< byte > &input)
 
void bigint_2word_mul (word a, word b, word *z1, word *z0)
 
void bigint_add2 (word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add2_nc (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_add3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add3_nc (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
s32bit bigint_cmp (const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_comba_mul16 (word z[32], const word x[16], const word y[16])
 
void bigint_comba_mul4 (word z[8], const word x[4], const word y[4])
 
void bigint_comba_mul6 (word z[12], const word x[6], const word y[6])
 
void bigint_comba_mul8 (word z[16], const word x[8], const word y[8])
 
void bigint_comba_sqr16 (word z[32], const word x[16])
 
void bigint_comba_sqr4 (word z[8], const word x[4])
 
void bigint_comba_sqr6 (word z[12], const word x[6])
 
void bigint_comba_sqr8 (word z[16], const word x[8])
 
size_t bigint_divcore (word q, word y2, word y1, word x3, word x2, word x1)
 
word bigint_divop (word n1, word n0, word d)
 
void bigint_linmul2 (word x[], size_t x_size, word y)
 
void bigint_linmul3 (word z[], const word x[], size_t x_size, word y)
 
word bigint_modop (word n1, word n0, word d)
 
void bigint_monty_mul (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_redc (word z[], size_t z_size, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_sqr (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_mul (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
 
void bigint_shl1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shl2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_simple_mul (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_simple_sqr (word z[], const word x[], size_t x_size)
 
void bigint_sqr (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
 
word bigint_sub2 (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_sub2_rev (word x[], const word y[], size_t y_size)
 
word bigint_sub3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
size_t block_size_of (const std::string &name)
 
void botan_md4_x86_32_compress (u32bit digest[4], const byte input[64], u32bit M[16])
 
void botan_serpent_x86_32_decrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_encrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_key_schedule (u32bit ks[140])
 
template<typename T >
void bswap_4 (T x[4])
 
calendar_point calendar_value (u64bit a_time_t)
 
bool check_bcrypt (const std::string &pass, const std::string &hash)
 
bool check_passhash9 (const std::string &pass, const std::string &hash)
 
bool check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
PK_Signerchoose_sig_format (const Private_Key &key, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
 
template<typename T >
void clear_mem (T *ptr, size_t n)
 
void confirm_startup_self_tests (Algorithm_Factory &af)
 
template<typename InputIterator , typename OutputIterator , typename Predicate >
OutputIterator copy_if (InputIterator current, InputIterator end, OutputIterator dest, Predicate copy_p)
 
template<typename T >
void copy_mem (T *out, const T *in, size_t n)
 
AlternativeName create_alt_name (const Data_Store &info)
 
X509_DN create_dn (const Data_Store &info)
 
template<typename T >
size_t ctz (T n)
 
ECDSA_Signature decode_concatenation (const MemoryRegion< byte > &concat)
 
ECDSA_PublicKeydecode_eac1_1_key (const MemoryRegion< byte > &, AlgorithmIdentifier &)
 
template<typename Pair >
void delete2nd (Pair &pair)
 
void divide (const BigInt &x, const BigInt &y_arg, BigInt &q, BigInt &r)
 
size_t dl_work_factor (size_t bits)
 
SecureVector< byteEC2OSP (const PointGFp &point, byte format)
 
BigInt gcd (const BigInt &a, const BigInt &b)
 
std::string generate_bcrypt (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor)
 
bool generate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits, const MemoryRegion< byte > &seed_c)
 
SecureVector< bytegenerate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits)
 
std::string generate_passhash9 (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor, byte alg_id)
 
BigInt generate_srp6_verifier (const std::string &identifier, const std::string &password, const MemoryRegion< byte > &salt, const std::string &group_id, const std::string &hash_id)
 
BlockCipherget_block_cipher (const std::string &algo_spec)
 
template<typename T >
byte get_byte (size_t byte_num, T input)
 
Keyed_Filterget_cipher (const std::string &algo_spec, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, const InitializationVector &iv, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, Cipher_Dir direction)
 
Keyed_Filterget_cipher_mode (const BlockCipher *block_cipher, Cipher_Dir direction, const std::string &mode, const std::string &padding)
 
EMEget_eme (const std::string &algo_spec)
 
EMSAget_emsa (const std::string &algo_spec)
 
HashFunctionget_hash (const std::string &algo_spec)
 
KDFget_kdf (const std::string &algo_spec)
 
MessageAuthenticationCodeget_mac (const std::string &algo_spec)
 
u64bit get_nanoseconds_clock ()
 
PBEget_pbe (const std::string &algo_spec)
 
PBEget_pbe (const OID &pbe_oid, DataSource &params)
 
PBKDFget_pbkdf (const std::string &algo_spec)
 
PK_Decryptorget_pk_decryptor (const Private_Key &key, const std::string &eme)
 
PK_Encryptorget_pk_encryptor (const Public_Key &key, const std::string &eme)
 
PK_Key_Agreementget_pk_kas (const PK_Key_Agreement_Key &key, const std::string &kdf)
 
PK_Signerget_pk_signer (const Private_Key &key, const std::string &emsa, Signature_Format sig_format=IEEE_1363)
 
PK_Verifierget_pk_verifier (const Public_Key &key, const std::string &emsa, Signature_Format sig_format=IEEE_1363)
 
PBKDFget_s2k (const std::string &algo_spec)
 
StreamCipherget_stream_cipher (const std::string &algo_spec)
 
template<typename T >
size_t hamming_weight (T n)
 
bool has_mlock ()
 
bool have_algorithm (const std::string &name)
 
bool have_block_cipher (const std::string &algo_spec)
 
bool have_hash (const std::string &algo_spec)
 
bool have_mac (const std::string &algo_spec)
 
bool have_stream_cipher (const std::string &algo_spec)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool ignore_ws)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t hex_decode (byte output[], const std::string &input, bool ignore_ws)
 
SecureVector< bytehex_decode (const char input[], size_t input_length, bool ignore_ws)
 
SecureVector< bytehex_decode (const std::string &input, bool ignore_ws)
 
void hex_encode (char output[], const byte input[], size_t input_length, bool uppercase)
 
std::string hex_encode (const MemoryRegion< byte > &input, bool uppercase)
 
std::string hex_encode (const byte input[], size_t input_length, bool uppercase)
 
template<typename T >
size_t high_bit (T n)
 
byte ieee1363_hash_id (const std::string &name)
 
BigInt inverse_mod (const BigInt &n, const BigInt &mod)
 
std::string ipv4_to_string (u32bit ip)
 
s32bit jacobi (const BigInt &a, const BigInt &n)
 
size_t keylength_multiple_of (const std::string &name)
 
BigInt lcm (const BigInt &a, const BigInt &b)
 
template<typename T >
load_be (const byte in[], size_t off)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_be (T out[], const byte in[], size_t count)
 
template<>
u16bit load_be< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_be< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_be< u64bit > (const byte in[], size_t off)
 
template<typename T >
load_le (const byte in[], size_t off)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_le (T out[], const byte in[], size_t count)
 
template<>
u16bit load_le< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_le< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_le< u64bit > (const byte in[], size_t off)
 
bool lock_mem (void *ptr, size_t bytes)
 
template<typename T >
size_t low_bit (T n)
 
size_t low_zero_bits (const BigInt &n)
 
EAC1_1_CVC make_cvc_cert (PK_Signer &signer, MemoryRegion< byte > const &public_key, ASN1_Car const &car, ASN1_Chr const &chr, byte holder_auth_templ, ASN1_Ced ced, ASN1_Cex cex, RandomNumberGenerator &rng)
 
Private_Keymake_private_key (const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &key_bits, RandomNumberGenerator &rng)
 
Public_Keymake_public_key (const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &key_bits)
 
u16bit make_u16bit (byte i0, byte i1)
 
u32bit make_u32bit (byte i0, byte i1, byte i2, byte i3)
 
u64bit make_u64bit (byte i0, byte i1, byte i2, byte i3, byte i4, byte i5, byte i6, byte i7)
 
size_t max_keylength_of (const std::string &name)
 
size_t min_keylength_of (const std::string &name)
 
BigInt mul_add (const BigInt &a, const BigInt &b, const BigInt &c)
 
PointGFp multi_exponentiate (const PointGFp &p1, const BigInt &z1, const PointGFp &p2, const BigInt &z2)
 
template<typename K , typename V >
void multimap_insert (std::multimap< K, V > &multimap, const K &key, const V &value)
 
bool operator!= (EAC1_1_Req const &lhs, EAC1_1_Req const &rhs)
 
bool operator!= (const ECDSA_Signature &lhs, const ECDSA_Signature &rhs)
 
bool operator!= (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator!= (EAC1_1_CVC const &lhs, EAC1_1_CVC const &rhs)
 
bool operator!= (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
bool operator!= (EAC1_1_ADO const &lhs, EAC1_1_ADO const &rhs)
 
bool BOTAN_DLL operator!= (const X509_Time &, const X509_Time &)
 
bool operator!= (const OID &a, const OID &b)
 
bool operator!= (const OctetString &s1, const OctetString &s2)
 
bool operator!= (const EC_Group &lhs, const EC_Group &rhs)
 
bool operator!= (const CurveGFp &lhs, const CurveGFp &rhs)
 
bool operator!= (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator!= (const PointGFp &lhs, const PointGFp &rhs)
 
bool operator!= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator!= (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator!= (const X509_Certificate &cert1, const X509_Certificate &cert2)
 
bool operator!= (const BigInt &a, const BigInt &b)
 
BigInt operator% (const BigInt &n, const BigInt &mod)
 
word operator% (const BigInt &n, word mod)
 
BigInt operator* (const BigInt &x, const BigInt &y)
 
PointGFp operator* (const PointGFp &point, const BigInt &scalar)
 
PointGFp operator* (const BigInt &scalar, const PointGFp &point)
 
BigInt operator+ (const BigInt &x, const BigInt &y)
 
OID operator+ (const OID &oid, u32bit component)
 
OctetString operator+ (const OctetString &k1, const OctetString &k2)
 
PointGFp operator+ (const PointGFp &lhs, const PointGFp &rhs)
 
template<typename T >
MemoryRegion< T > & operator+= (MemoryRegion< T > &out, const MemoryRegion< T > &in)
 
template<typename T >
MemoryRegion< T > & operator+= (MemoryRegion< T > &out, T in)
 
template<typename T , typename L >
MemoryRegion< T > & operator+= (MemoryRegion< T > &out, const std::pair< const T *, L > &in)
 
template<typename T , typename L >
MemoryRegion< T > & operator+= (MemoryRegion< T > &out, const std::pair< T *, L > &in)
 
BigInt operator- (const BigInt &x, const BigInt &y)
 
PointGFp operator- (const PointGFp &lhs)
 
PointGFp operator- (const PointGFp &lhs, const PointGFp &rhs)
 
BigInt operator/ (const BigInt &x, const BigInt &y)
 
bool BOTAN_DLL operator< (const X509_Time &, const X509_Time &)
 
bool operator< (const OID &a, const OID &b)
 
bool operator< (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator< (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator< (const BigInt &a, const BigInt &b)
 
std::ostream & operator<< (std::ostream &stream, const BigInt &n)
 
int operator<< (int fd, Pipe &pipe)
 
BigInt operator<< (const BigInt &x, size_t shift)
 
BOTAN_DLL std::ostream & operator<< (std::ostream &out, Pipe &pipe)
 
bool BOTAN_DLL operator<= (const X509_Time &, const X509_Time &)
 
bool operator<= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator<= (const BigInt &a, const BigInt &b)
 
bool operator== (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator== (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
bool BOTAN_DLL operator== (const X509_Time &, const X509_Time &)
 
bool operator== (const OctetString &s1, const OctetString &s2)
 
bool operator== (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator== (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator== (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator== (const BigInt &a, const BigInt &b)
 
bool BOTAN_DLL operator> (const X509_Time &, const X509_Time &)
 
bool operator> (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator> (const BigInt &a, const BigInt &b)
 
bool BOTAN_DLL operator>= (const X509_Time &, const X509_Time &)
 
bool operator>= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator>= (const BigInt &a, const BigInt &b)
 
int operator>> (int fd, Pipe &pipe)
 
std::istream & operator>> (std::istream &stream, BigInt &n)
 
BigInt operator>> (const BigInt &x, size_t shift)
 
BOTAN_DLL std::istream & operator>> (std::istream &in, Pipe &pipe)
 
OctetString operator^ (const OctetString &k1, const OctetString &k2)
 
PointGFp OS2ECP (const MemoryRegion< byte > &data, const CurveGFp &curve)
 
PointGFp OS2ECP (const byte data[], size_t data_len, const CurveGFp &curve)
 
size_t output_length_of (const std::string &name)
 
std::vector< std::string > parse_algorithm_name (const std::string &namex)
 
std::vector< u32bitparse_asn1_oid (const std::string &oid)
 
bool passes_self_tests (Algorithm_Factory &af)
 
SecureVector< bytePGP_decode (DataSource &source, std::string &label, std::map< std::string, std::string > &headers)
 
SecureVector< bytePGP_decode (DataSource &source, std::string &label)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &label, const std::map< std::string, std::string > &headers)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &type)
 
MemoryVector< bytepkcs_hash_id (const std::string &name)
 
BigInt power_mod (const BigInt &base, const BigInt &exp, const BigInt &mod)
 
template<typename T >
bool power_of_2 (T arg)
 
template<typename T >
void prefetch_readonly (const T *addr, size_t length)
 
template<typename T >
void prefetch_readwrite (const T *addr, size_t length)
 
bool primality_test (const BigInt &n, RandomNumberGenerator &rng, size_t level)
 
bool quick_check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
BigInt random_prime (RandomNumberGenerator &rng, size_t bits, const BigInt &coprime, size_t equiv, size_t modulo)
 
BigInt random_safe_prime (RandomNumberGenerator &rng, size_t bits)
 
BigInt BOTAN_DLL ressol (const BigInt &x, const BigInt &p)
 
const BlockCipherretrieve_block_cipher (const std::string &algo_spec)
 
const HashFunctionretrieve_hash (const std::string &algo_spec)
 
const MessageAuthenticationCoderetrieve_mac (const std::string &algo_spec)
 
const StreamCipherretrieve_stream_cipher (const std::string &algo_spec)
 
u16bit reverse_bytes (u16bit val)
 
u32bit reverse_bytes (u32bit val)
 
u64bit reverse_bytes (u64bit val)
 
SecureVector< byterfc3394_keyunwrap (const MemoryRegion< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
SecureVector< byterfc3394_keywrap (const MemoryRegion< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
template<typename T >
rotate_left (T input, size_t rot)
 
template<typename T >
rotate_right (T input, size_t rot)
 
template<typename T >
round_down (T n, T align_to)
 
template<typename T >
round_up (T n, T align_to)
 
template<typename T >
bool same_mem (const T *p1, const T *p2, size_t n)
 
template<typename K , typename V >
search_map (const std::map< K, V > &mapping, const K &key, const V &null_result=V())
 
template<typename T >
void set_mem (T *ptr, size_t n, byte val)
 
template<typename T >
size_t significant_bytes (T n)
 
std::vector< std::string > split_on (const std::string &str, char delim)
 
BigInt square (const BigInt &x)
 
std::pair< BigInt, SymmetricKeysrp6_client_agree (const std::string &identifier, const std::string &password, const std::string &group_id, const std::string &hash_id, const MemoryRegion< byte > &salt, const BigInt &B, RandomNumberGenerator &rng)
 
std::string srp6_group_identifier (const BigInt &N, const BigInt &g)
 
size_t static_provider_weight (const std::string &prov_name)
 
void store_be (u16bit in, byte out[2])
 
void store_be (u32bit in, byte out[4])
 
void store_be (u64bit in, byte out[8])
 
template<typename T >
void store_be (byte out[], T x0, T x1)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
void store_le (u16bit in, byte out[2])
 
void store_le (u32bit in, byte out[4])
 
void store_le (u64bit in, byte out[8])
 
template<typename T >
void store_le (byte out[], T x0, T x1)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
u32bit string_to_ipv4 (const std::string &str)
 
BigInt sub_mul (const BigInt &a, const BigInt &b, const BigInt &c)
 
u64bit system_time ()
 
u32bit timespec_to_u32bit (const std::string &timespec)
 
std::string to_string (u64bit n, size_t min_len)
 
u32bit to_u32bit (const std::string &number)
 
void unlock_mem (void *ptr, size_t bytes)
 
bool verify_prime (const BigInt &n, RandomNumberGenerator &rng)
 
u32bit version_datestamp ()
 
u32bit version_major ()
 
u32bit version_minor ()
 
u32bit version_patch ()
 
std::string version_string ()
 
void word3_muladd (word *w2, word *w1, word *w0, word a, word b)
 
void word3_muladd_2 (word *w2, word *w1, word *w0, word a, word b)
 
word word8_add2 (word x[8], const word y[8], word carry)
 
word word8_add3 (word z[8], const word x[8], const word y[8], word carry)
 
word word8_linmul2 (word x[8], word y, word carry)
 
word word8_linmul3 (word z[8], const word x[8], word y, word carry)
 
word word8_linmul3 (word z[4], const word x[4], word y, word carry)
 
word word8_madd3 (word z[8], const word x[8], word y, word carry)
 
word word8_muladd (word z[8], const word x[8], word y, word carry)
 
word word8_sub2 (word x[8], const word y[8], word carry)
 
word word8_sub2_rev (word x[8], const word y[8], word carry)
 
word word8_sub3 (word z[8], const word x[8], const word y[8], word carry)
 
word word_add (word x, word y, word *carry)
 
word word_madd2 (word a, word b, word *c)
 
word word_madd3 (word a, word b, word c, word *d)
 
word word_sub (word x, word y, word *carry)
 
bool x500_name_cmp (const std::string &name1, const std::string &name2)
 
void xor_buf (byte out[], const byte in[], size_t length)
 
void xor_buf (byte out[], const byte in[], const byte in2[], size_t length)
 
template<typename T >
void zeroise (MemoryRegion< T > &vec)
 

Variables

const u64bit Camellia_SBOX1 [256]
 
const u64bit Camellia_SBOX2 [256]
 
const u64bit Camellia_SBOX3 [256]
 
const u64bit Camellia_SBOX4 [256]
 
const u64bit Camellia_SBOX5 [256]
 
const u64bit Camellia_SBOX6 [256]
 
const u64bit Camellia_SBOX7 [256]
 
const u64bit Camellia_SBOX8 [256]
 
const u32bit CAST_SBOX1 [256]
 
const u32bit CAST_SBOX2 [256]
 
const u32bit CAST_SBOX3 [256]
 
const u32bit CAST_SBOX4 [256]
 
const u64bit DES_FPTAB1 [256]
 
const u64bit DES_FPTAB2 [256]
 
const u64bit DES_IPTAB1 [256]
 
const u64bit DES_IPTAB2 [256]
 
const u32bit DES_SPBOX1 [256]
 
const u32bit DES_SPBOX2 [256]
 
const u32bit DES_SPBOX3 [256]
 
const u32bit DES_SPBOX4 [256]
 
const u32bit DES_SPBOX5 [256]
 
const u32bit DES_SPBOX6 [256]
 
const u32bit DES_SPBOX7 [256]
 
const u32bit DES_SPBOX8 [256]
 
const size_t HEX_CODEC_BUFFER_SIZE = 256
 
const size_t MP_WORD_BITS = BOTAN_MP_WORD_BITS
 
const word MP_WORD_MASK = ~static_cast<word>(0)
 
const word MP_WORD_MAX = MP_WORD_MASK
 
const word MP_WORD_TOP_BIT = static_cast<word>(1) << (8*sizeof(word) - 1)
 
const size_t PRIME_TABLE_SIZE = 6541
 
const u16bit BOTAN_DLL PRIMES []
 

Detailed Description

Dynamically Loaded Engine (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

Dynamically Loaded Object (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

The primary namespace for the botan library

Typedef Documentation

typedef unsigned char Botan::byte

Typedef representing an unsigned 8-bit quantity

Definition at line 22 of file types.h.

Definition at line 139 of file ec_group.h.

typedef std::runtime_error Botan::Exception

Definition at line 19 of file exceptn.h.

Alternate name for octet string showing intent to use as an IV

Definition at line 152 of file symkey.h.

typedef std::invalid_argument Botan::Invalid_Argument

Definition at line 20 of file exceptn.h.

Definition at line 446 of file pubkey.h.

Definition at line 445 of file pubkey.h.

Definition at line 132 of file pk_keys.h.

Definition at line 134 of file pk_keys.h.

typedef PBKDF Botan::S2K

For compatability with 1.8

Definition at line 49 of file pbkdf.h.

typedef signed int Botan::s32bit

Typedef representing a signed 32-bit quantity

Definition at line 37 of file types.h.

Alternate name for octet string showing intent to use as a key

Definition at line 147 of file symkey.h.

typedef unsigned short Botan::u16bit

Typedef representing an unsigned 16-bit quantity

Definition at line 27 of file types.h.

typedef unsigned int Botan::u32bit

Typedef representing an unsigned 32-bit quantity

Definition at line 32 of file types.h.

typedef unsigned long long Botan::u64bit

Typedef representing an unsigned 64-bit quantity

Definition at line 49 of file types.h.

Definition at line 133 of file pk_keys.h.

Enumeration Type Documentation

Enumerator
WARNING 
FATAL 

Definition at line 57 of file tls_magic.h.

57  {
58  WARNING = 1,
59  FATAL = 2
60 };
Enumerator
CLOSE_NOTIFY 
UNEXPECTED_MESSAGE 
BAD_RECORD_MAC 
DECRYPTION_FAILED 
RECORD_OVERFLOW 
DECOMPRESSION_FAILURE 
HANDSHAKE_FAILURE 
BAD_CERTIFICATE 
UNSUPPORTED_CERTIFICATE 
CERTIFICATE_REVOKED 
CERTIFICATE_EXPIRED 
CERTIFICATE_UNKNOWN 
ILLEGAL_PARAMETER 
UNKNOWN_CA 
ACCESS_DENIED 
DECODE_ERROR 
DECRYPT_ERROR 
EXPORT_RESTRICTION 
PROTOCOL_VERSION 
INSUFFICIENT_SECURITY 
INTERNAL_ERROR 
USER_CANCELED 
NO_RENEGOTIATION 
UNKNOWN_PSK_IDENTITY 
NO_ALERT_TYPE 

Definition at line 62 of file tls_magic.h.

62  {
63  CLOSE_NOTIFY = 0,
64  UNEXPECTED_MESSAGE = 10,
65  BAD_RECORD_MAC = 20,
66  DECRYPTION_FAILED = 21,
67  RECORD_OVERFLOW = 22,
69  HANDSHAKE_FAILURE = 40,
70  BAD_CERTIFICATE = 42,
75  ILLEGAL_PARAMETER = 47,
76  UNKNOWN_CA = 48,
77  ACCESS_DENIED = 49,
78  DECODE_ERROR = 50,
79  DECRYPT_ERROR = 51,
80  EXPORT_RESTRICTION = 60,
81  PROTOCOL_VERSION = 70,
83  INTERNAL_ERROR = 80,
84  USER_CANCELED = 90,
85  NO_RENEGOTIATION = 100,
86 
88 
89  NO_ALERT_TYPE = 0xFFFF
90 };

ASN.1 Type and Class Tags

Enumerator
UNIVERSAL 
APPLICATION 
CONTEXT_SPECIFIC 
PRIVATE 
CONSTRUCTED 
EOC 
BOOLEAN 
INTEGER 
BIT_STRING 
OCTET_STRING 
NULL_TAG 
OBJECT_ID 
ENUMERATED 
SEQUENCE 
SET 
UTF8_STRING 
NUMERIC_STRING 
PRINTABLE_STRING 
T61_STRING 
IA5_STRING 
VISIBLE_STRING 
BMP_STRING 
UTC_TIME 
GENERALIZED_TIME 
NO_OBJECT 
DIRECTORY_STRING 

Definition at line 19 of file asn1_int.h.

19  {
20  UNIVERSAL = 0x00,
21  APPLICATION = 0x40,
22  CONTEXT_SPECIFIC = 0x80,
23  PRIVATE = 0xC0,
24 
25  CONSTRUCTED = 0x20,
26 
27  EOC = 0x00,
28  BOOLEAN = 0x01,
29  INTEGER = 0x02,
30  BIT_STRING = 0x03,
31  OCTET_STRING = 0x04,
32  NULL_TAG = 0x05,
33  OBJECT_ID = 0x06,
34  ENUMERATED = 0x0A,
35  SEQUENCE = 0x10,
36  SET = 0x11,
37 
38  UTF8_STRING = 0x0C,
39  NUMERIC_STRING = 0x12,
40  PRINTABLE_STRING = 0x13,
41  T61_STRING = 0x14,
42  IA5_STRING = 0x16,
43  VISIBLE_STRING = 0x1A,
44  BMP_STRING = 0x1E,
45 
46  UTC_TIME = 0x17,
47  GENERALIZED_TIME = 0x18,
48 
49  NO_OBJECT = 0xFF00,
50  DIRECTORY_STRING = 0xFF01
51 };
Enumerator
RSA_CERT 
DSS_CERT 
DH_RSA_CERT 
DH_DSS_CERT 

Definition at line 92 of file tls_magic.h.

92  {
93  RSA_CERT = 1,
94  DSS_CERT = 2,
95  DH_RSA_CERT = 3,
96  DH_DSS_CERT = 4
97 };

The different charsets (nominally) supported by Botan.

Enumerator
LOCAL_CHARSET 
UCS2_CHARSET 
UTF8_CHARSET 
LATIN1_CHARSET 

Definition at line 19 of file charset.h.

The two possible directions for cipher filters, determining whether they actually perform encryption or decryption.

Enumerator
ENCRYPTION 
DECRYPTION 

Definition at line 87 of file sym_algo.h.

Enumerator
TLS_RSA_WITH_RC4_128_MD5 
TLS_RSA_WITH_RC4_128_SHA 
TLS_RSA_WITH_3DES_EDE_CBC_SHA 
TLS_RSA_WITH_AES_128_CBC_SHA 
TLS_RSA_WITH_AES_256_CBC_SHA 
TLS_RSA_WITH_AES_128_CBC_SHA256 
TLS_RSA_WITH_AES_256_CBC_SHA256 
TLS_RSA_WITH_SEED_CBC_SHA 
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 
TLS_DHE_DSS_WITH_AES_128_CBC_SHA 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
TLS_DHE_DSS_WITH_SEED_CBC_SHA 
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 
TLS_DHE_RSA_WITH_AES_128_CBC_SHA 
TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
TLS_DHE_RSA_WITH_SEED_CBC_SHA 
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
TLS_ECDHE_RSA_WITH_RC4_128_SHA 
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
TLS_NO_RENEGOTIATION_SCSV 

Definition at line 99 of file tls_magic.h.

99  {
100  TLS_RSA_WITH_RC4_128_MD5 = 0x0004,
101  TLS_RSA_WITH_RC4_128_SHA = 0x0005,
102 
108  TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
109 
116 
123 
130 
137 
138  TLS_NO_RENEGOTIATION_SCSV = 0x00FF,
139 };
Enumerator
NO_COMPRESSION 

Definition at line 172 of file tls_magic.h.

172  {
173  NO_COMPRESSION = 0x00
174 };
Enumerator
CLIENT 
SERVER 

Definition at line 29 of file tls_magic.h.

X.509v2 CRL Reason Code.

Enumerator
UNSPECIFIED 
KEY_COMPROMISE 
CA_COMPROMISE 
AFFILIATION_CHANGED 
SUPERSEDED 
CESSATION_OF_OPERATION 
CERTIFICATE_HOLD 
REMOVE_FROM_CRL 
PRIVLEDGE_WITHDRAWN 
AA_COMPROMISE 
DELETE_CRL_ENTRY 
OCSP_GOOD 
OCSP_UNKNOWN 

Definition at line 43 of file pubkey_enums.h.

The type of checking to be performed by decoders: NONE - no checks, IGNORE_WS - perform checks, but ignore whitespaces, FULL_CHECK - perform checks, also complain about white spaces.

Enumerator
NONE 
IGNORE_WS 
FULL_CHECK 

Definition at line 155 of file filter.h.

This class represents elliptic curce domain parameters

Enumerator
EC_DOMPAR_ENC_EXPLICIT 
EC_DOMPAR_ENC_IMPLICITCA 
EC_DOMPAR_ENC_OID 

Definition at line 22 of file ec_group.h.

Enum marking if protection against fault attacks should be used

Enumerator
ENABLE_FAULT_PROTECTION 
DISABLE_FAULT_PROTECTION 

Definition at line 29 of file pubkey.h.

Enumerator
HELLO_REQUEST 
CLIENT_HELLO 
CLIENT_HELLO_SSLV2 
SERVER_HELLO 
CERTIFICATE 
SERVER_KEX 
CERTIFICATE_REQUEST 
SERVER_HELLO_DONE 
CERTIFICATE_VERIFY 
CLIENT_KEX 
FINISHED 
HANDSHAKE_CCS 
HANDSHAKE_NONE 

Definition at line 40 of file tls_magic.h.

X.509v3 Key Constraints.

Enumerator
NO_CONSTRAINTS 
DIGITAL_SIGNATURE 
NON_REPUDIATION 
KEY_ENCIPHERMENT 
DATA_ENCIPHERMENT 
KEY_AGREEMENT 
KEY_CERT_SIGN 
CRL_SIGN 
ENCIPHER_ONLY 
DECIPHER_ONLY 

Definition at line 18 of file pubkey_enums.h.

Enumerator
CONNECTION_CLOSED 
CHANGE_CIPHER_SPEC 
ALERT 
HANDSHAKE 
APPLICATION_DATA 

Definition at line 31 of file tls_magic.h.

The two types of signature format supported by Botan.

Enumerator
IEEE_1363 
DER_SEQUENCE 

Definition at line 24 of file pubkey.h.

Protocol Constants for SSL/TLS

Enumerator
MAX_PLAINTEXT_SIZE 
MAX_COMPRESSED_SIZE 
MAX_CIPHERTEXT_SIZE 

Definition at line 16 of file tls_magic.h.

Enumerator
TLS_ALGO_SIGNER_MASK 
TLS_ALGO_SIGNER_ANON 
TLS_ALGO_SIGNER_RSA 
TLS_ALGO_SIGNER_DSA 
TLS_ALGO_SIGNER_ECDSA 
TLS_ALGO_KEYEXCH_MASK 
TLS_ALGO_KEYEXCH_NOKEX 
TLS_ALGO_KEYEXCH_RSA 
TLS_ALGO_KEYEXCH_DH 
TLS_ALGO_KEYEXCH_ECDH 
TLS_ALGO_MAC_MASK 
TLS_ALGO_MAC_MD5 
TLS_ALGO_MAC_SHA1 
TLS_ALGO_MAC_SHA256 
TLS_ALGO_MAC_SHA384 
TLS_ALGO_CIPHER_MASK 
TLS_ALGO_CIPHER_RC4_128 
TLS_ALGO_CIPHER_3DES_CBC 
TLS_ALGO_CIPHER_AES128_CBC 
TLS_ALGO_CIPHER_AES256_CBC 
TLS_ALGO_CIPHER_SEED_CBC 

Definition at line 145 of file tls_magic.h.

145  {
146  TLS_ALGO_SIGNER_MASK = 0xFF000000,
147  TLS_ALGO_SIGNER_ANON = 0x01000000,
148  TLS_ALGO_SIGNER_RSA = 0x02000000,
149  TLS_ALGO_SIGNER_DSA = 0x03000000,
150  TLS_ALGO_SIGNER_ECDSA = 0x04000000,
151 
152  TLS_ALGO_KEYEXCH_MASK = 0x00FF0000,
153  TLS_ALGO_KEYEXCH_NOKEX = 0x00010000,
154  TLS_ALGO_KEYEXCH_RSA = 0x00020000,
155  TLS_ALGO_KEYEXCH_DH = 0x00030000,
156  TLS_ALGO_KEYEXCH_ECDH = 0x00040000,
157 
158  TLS_ALGO_MAC_MASK = 0x0000FF00,
159  TLS_ALGO_MAC_MD5 = 0x00000100,
160  TLS_ALGO_MAC_SHA1 = 0x00000200,
161  TLS_ALGO_MAC_SHA256 = 0x00000300,
162  TLS_ALGO_MAC_SHA384 = 0x00000400,
163 
164  TLS_ALGO_CIPHER_MASK = 0x000000FF,
165  TLS_ALGO_CIPHER_RC4_128 = 0x00000001,
166  TLS_ALGO_CIPHER_3DES_CBC = 0x00000002,
167  TLS_ALGO_CIPHER_AES128_CBC = 0x00000003,
168  TLS_ALGO_CIPHER_AES256_CBC = 0x00000004,
169  TLS_ALGO_CIPHER_SEED_CBC = 0x00000005
170 };
Enumerator
TLSEXT_SERVER_NAME_INDICATION 
TLSEXT_MAX_FRAGMENT_LENGTH 
TLSEXT_CLIENT_CERT_URL 
TLSEXT_TRUSTED_CA_KEYS 
TLSEXT_TRUNCATED_HMAC 
TLSEXT_USABLE_ELLIPTIC_CURVES 
TLSEXT_EC_POINT_FORMATS 
TLSEXT_SRP_IDENTIFIER 
TLSEXT_CERTIFICATE_TYPES 
TLSEXT_SESSION_TICKET 

Definition at line 176 of file tls_magic.h.

Enumerator
NO_VERSION_SET 
SSL_V3 
TLS_V10 
TLS_V11 

Definition at line 22 of file tls_magic.h.

22  {
23  NO_VERSION_SET = 0x0000,
24  SSL_V3 = 0x0300,
25  TLS_V10 = 0x0301,
26  TLS_V11 = 0x0302
27 };

X.509 Certificate Validation Result

Enumerator
VERIFIED 
UNKNOWN_X509_ERROR 
CANNOT_ESTABLISH_TRUST 
CERT_CHAIN_TOO_LONG 
SIGNATURE_ERROR 
POLICY_ERROR 
INVALID_USAGE 
CERT_FORMAT_ERROR 
CERT_ISSUER_NOT_FOUND 
CERT_NOT_YET_VALID 
CERT_HAS_EXPIRED 
CERT_IS_REVOKED 
CRL_FORMAT_ERROR 
CRL_ISSUER_NOT_FOUND 
CRL_NOT_YET_VALID 
CRL_HAS_EXPIRED 
CA_CERT_CANNOT_SIGN 
CA_CERT_NOT_FOR_CERT_ISSUER 
CA_CERT_NOT_FOR_CRL_ISSUER 

Definition at line 20 of file x509stor.h.

The two types of X509 encoding supported by Botan.

Enumerator
RAW_BER 
PEM 

Definition at line 67 of file pubkey_enums.h.

Function Documentation

BigInt Botan::abs ( const BigInt n)
inline

Return the absolute value

Parameters
nan integer
Returns
absolute value of n

Definition at line 44 of file numthry.h.

References Botan::BigInt::abs().

44 { return n.abs(); }
BigInt n
Definition: numthry.cpp:26
std::map< std::string, double > BOTAN_DLL Botan::algorithm_benchmark ( const std::string &  name,
Algorithm_Factory af,
RandomNumberGenerator rng,
u32bit  milliseconds,
size_t  buf_size 
)

Algorithm benchmark

Parameters
namethe name of the algorithm to test (cipher, hash, or MAC)
afthe algorithm factory used to create objects
rngthe rng to use to generate random inputs
millisecondstotal time for the benchmark to run
buf_sizesize of buffer to benchmark against, in KiB
Returns
results a map from provider to speed in mebibytes per second

Definition at line 122 of file benchmark.cpp.

References mac, Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), Botan::Algorithm_Factory::prototype_stream_cipher(), Botan::Algorithm_Factory::providers_of(), and Botan::RandomNumberGenerator::randomize().

127  {
128  std::vector<std::string> providers = af.providers_of(name);
129  std::map<std::string, double> all_results;
130 
131  if(providers.empty()) // no providers, nothing to do
132  return all_results;
133 
134  const u64bit ns_per_provider =
135  (static_cast<u64bit>(milliseconds) * 1000 * 1000) / providers.size();
136 
137  std::vector<byte> buf(buf_size * 1024);
138  rng.randomize(&buf[0], buf.size());
139 
140  for(size_t i = 0; i != providers.size(); ++i)
141  {
142  const std::string provider = providers[i];
143 
144  std::pair<u64bit, u64bit> results(0, 0);
145 
146  if(const BlockCipher* proto =
147  af.prototype_block_cipher(name, provider))
148  {
149  std::auto_ptr<BlockCipher> block_cipher(proto->clone());
150  results = bench_block_cipher(block_cipher.get(),
151  ns_per_provider,
152  &buf[0], buf.size());
153  }
154  else if(const StreamCipher* proto =
155  af.prototype_stream_cipher(name, provider))
156  {
157  std::auto_ptr<StreamCipher> stream_cipher(proto->clone());
158  results = bench_stream_cipher(stream_cipher.get(),
159  ns_per_provider,
160  &buf[0], buf.size());
161  }
162  else if(const HashFunction* proto =
163  af.prototype_hash_function(name, provider))
164  {
165  std::auto_ptr<HashFunction> hash(proto->clone());
166  results = bench_hash(hash.get(), ns_per_provider,
167  &buf[0], buf.size());
168  }
169  else if(const MessageAuthenticationCode* proto =
170  af.prototype_mac(name, provider))
171  {
172  std::auto_ptr<MessageAuthenticationCode> mac(proto->clone());
173  results = bench_mac(mac.get(), ns_per_provider,
174  &buf[0], buf.size());
175  }
176 
177  if(results.first && results.second)
178  {
179  /* 953.67 == 1000 * 1000 * 1000 / 1024 / 1024 - the conversion
180  factor from bytes per nanosecond to mebibytes per second.
181  */
182  double speed = (953.67 * results.first) / results.second;
183  all_results[provider] = speed;
184  }
185  }
186 
187  return all_results;
188  }
unsigned long long u64bit
Definition: types.h:49
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
MessageAuthenticationCode * mac
Definition: fpe_fe1.cpp:94
BOTAN_DLL std::map< std::string, bool > Botan::algorithm_kat ( const SCAN_Name algo_name,
const std::map< std::string, std::string > &  vars,
Algorithm_Factory af 
)

Run a set of algorithm KATs (known answer tests)

Parameters
algo_namethe algorithm we are testing
varsa set of input variables for this test, all hex encoded. Keys used: "input", "output", "key", and "iv"
afan algorithm factory
Returns
map from provider name to test result for that provider

Definition at line 38 of file selftest.cpp.

References Botan::SCAN_Name::algo_name_and_args(), Botan::SCAN_Name::cipher_mode(), Botan::SCAN_Name::cipher_mode_pad(), DECRYPTION, ENCRYPTION, get_cipher_mode(), Botan::OctetString::length(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), Botan::Algorithm_Factory::prototype_stream_cipher(), Botan::Algorithm_Factory::providers_of(), search_map(), Botan::Keyed_Filter::set_iv(), Botan::Keyed_Filter::set_key(), and Botan::Keyed_Filter::valid_iv_length().

41  {
42  const std::string& algo = algo_name.algo_name_and_args();
43 
44  std::vector<std::string> providers = af.providers_of(algo);
45  std::map<std::string, bool> all_results;
46 
47  if(providers.empty()) // no providers, nothing to do
48  return all_results;
49 
50  const std::string input = search_map(vars, std::string("input"));
51  const std::string output = search_map(vars, std::string("output"));
52 
53  SymmetricKey key(search_map(vars, std::string("key")));
54  InitializationVector iv(search_map(vars, std::string("iv")));
55 
56  for(size_t i = 0; i != providers.size(); ++i)
57  {
58  const std::string provider = providers[i];
59 
60  if(const HashFunction* proto =
61  af.prototype_hash_function(algo, provider))
62  {
63  Filter* filt = new Hash_Filter(proto->clone());
64  all_results[provider] = test_filter_kat(filt, input, output);
65  }
66  else if(const MessageAuthenticationCode* proto =
67  af.prototype_mac(algo, provider))
68  {
69  Keyed_Filter* filt = new MAC_Filter(proto->clone(), key);
70  all_results[provider] = test_filter_kat(filt, input, output);
71  }
72  else if(const StreamCipher* proto =
73  af.prototype_stream_cipher(algo, provider))
74  {
75  Keyed_Filter* filt = new StreamCipher_Filter(proto->clone());
76  filt->set_key(key);
77  filt->set_iv(iv);
78 
79  all_results[provider] = test_filter_kat(filt, input, output);
80  }
81  else if(const BlockCipher* proto =
82  af.prototype_block_cipher(algo, provider))
83  {
84  Keyed_Filter* enc = get_cipher_mode(proto, ENCRYPTION,
85  algo_name.cipher_mode(),
86  algo_name.cipher_mode_pad());
87 
88  Keyed_Filter* dec = get_cipher_mode(proto, DECRYPTION,
89  algo_name.cipher_mode(),
90  algo_name.cipher_mode_pad());
91 
92  if(!enc || !dec)
93  {
94  delete enc;
95  delete dec;
96  continue;
97  }
98 
99  enc->set_key(key);
100 
101  if(enc->valid_iv_length(iv.length()))
102  enc->set_iv(iv);
103  else if(!enc->valid_iv_length(0))
104  throw Invalid_IV_Length(algo, iv.length());
105 
106  dec->set_key(key);
107 
108  if(dec->valid_iv_length(iv.length()))
109  dec->set_iv(iv);
110  else if(!dec->valid_iv_length(0))
111  throw Invalid_IV_Length(algo, iv.length());
112 
113  bool enc_ok = test_filter_kat(enc, input, output);
114  bool dec_ok = test_filter_kat(dec, output, input);
115 
116  all_results[provider] = enc_ok && dec_ok;
117  }
118  }
119 
120  return all_results;
121  }
V search_map(const std::map< K, V > &mapping, const K &key, const V &null_result=V())
Definition: stl_util.h:43
virtual void set_key(const SymmetricKey &key)=0
OctetString SymmetricKey
Definition: symkey.h:147
std::string algo_name
Definition: ossl_md.cpp:42
Keyed_Filter * get_cipher_mode(const BlockCipher *block_cipher, Cipher_Dir direction, const std::string &mode, const std::string &padding)
Definition: core_modes.cpp:77
OctetString InitializationVector
Definition: symkey.h:152
void BOTAN_DLL Botan::aont_package ( RandomNumberGenerator rng,
BlockCipher cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform

Parameters
rngthe random number generator to use
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len + cipher->BLOCK_SIZE bytes long)

Definition at line 17 of file package.cpp.

References Botan::OctetString::begin(), Botan::BlockCipher::block_size(), clear_mem(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

21  {
22  const size_t BLOCK_SIZE = cipher->block_size();
23 
24  if(!cipher->valid_keylength(BLOCK_SIZE))
25  throw Invalid_Argument("AONT::package: Invalid cipher");
26 
27  // The all-zero string which is used both as the CTR IV and as K0
28  const std::string all_zeros(BLOCK_SIZE*2, '0');
29 
30  SymmetricKey package_key(rng, BLOCK_SIZE);
31 
32  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
33 
34  pipe.process_msg(input, input_len);
35  pipe.read(output, pipe.remaining());
36 
37  // Set K0 (the all zero key)
38  cipher->set_key(SymmetricKey(all_zeros));
39 
40  SecureVector<byte> buf(BLOCK_SIZE);
41 
42  const size_t blocks =
43  (input_len + BLOCK_SIZE - 1) / BLOCK_SIZE;
44 
45  byte* final_block = output + input_len;
46  clear_mem(final_block, BLOCK_SIZE);
47 
48  // XOR the hash blocks into the final block
49  for(size_t i = 0; i != blocks; ++i)
50  {
51  const size_t left = std::min<size_t>(BLOCK_SIZE,
52  input_len - BLOCK_SIZE * i);
53 
54  zeroise(buf);
55  copy_mem(&buf[0], output + (BLOCK_SIZE * i), left);
56 
57  for(size_t j = 0; j != sizeof(i); ++j)
58  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
59 
60  cipher->encrypt(buf);
61 
62  xor_buf(final_block, buf, BLOCK_SIZE);
63  }
64 
65  // XOR the random package key into the final block
66  xor_buf(final_block, package_key.begin(), BLOCK_SIZE);
67  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned char byte
Definition: types.h:22
OctetString SymmetricKey
Definition: symkey.h:147
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
void zeroise(MemoryRegion< T > &vec)
Definition: secmem.h:415
void BOTAN_DLL Botan::aont_unpackage ( BlockCipher cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform (Inversion)

Parameters
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len - cipher->BLOCK_SIZE bytes long)

Definition at line 69 of file package.cpp.

References Botan::BlockCipher::block_size(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

72  {
73  const size_t BLOCK_SIZE = cipher->block_size();
74 
75  if(!cipher->valid_keylength(BLOCK_SIZE))
76  throw Invalid_Argument("AONT::unpackage: Invalid cipher");
77 
78  if(input_len < BLOCK_SIZE)
79  throw Invalid_Argument("AONT::unpackage: Input too short");
80 
81  // The all-zero string which is used both as the CTR IV and as K0
82  const std::string all_zeros(BLOCK_SIZE*2, '0');
83 
84  cipher->set_key(SymmetricKey(all_zeros));
85 
86  SecureVector<byte> package_key(BLOCK_SIZE);
87  SecureVector<byte> buf(BLOCK_SIZE);
88 
89  // Copy the package key (masked with the block hashes)
90  copy_mem(&package_key[0],
91  input + (input_len - BLOCK_SIZE),
92  BLOCK_SIZE);
93 
94  const size_t blocks = ((input_len - 1) / BLOCK_SIZE);
95 
96  // XOR the blocks into the package key bits
97  for(size_t i = 0; i != blocks; ++i)
98  {
99  const size_t left = std::min<size_t>(BLOCK_SIZE,
100  input_len - BLOCK_SIZE * (i+1));
101 
102  zeroise(buf);
103  copy_mem(&buf[0], input + (BLOCK_SIZE * i), left);
104 
105  for(size_t j = 0; j != sizeof(i); ++j)
106  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
107 
108  cipher->encrypt(buf);
109 
110  xor_buf(&package_key[0], buf, BLOCK_SIZE);
111  }
112 
113  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
114 
115  pipe.process_msg(input, input_len - BLOCK_SIZE);
116 
117  pipe.read(output, pipe.remaining());
118  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
OctetString SymmetricKey
Definition: symkey.h:147
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
void zeroise(MemoryRegion< T > &vec)
Definition: secmem.h:415
template<typename T >
void Botan::append_tls_length_value ( MemoryRegion< byte > &  buf,
const T *  vals,
size_t  vals_size,
size_t  tag_size 
)

Helper function for encoding length-tagged vectors

Definition at line 145 of file tls_reader.h.

References get_byte(), and Botan::MemoryRegion< T >::push_back().

Referenced by append_tls_length_value().

149  {
150  const size_t T_size = sizeof(T);
151  const size_t val_bytes = T_size * vals_size;
152 
153  if(tag_size != 1 && tag_size != 2)
154  throw std::invalid_argument("append_tls_length_value: invalid tag size");
155 
156  if((tag_size == 1 && val_bytes > 255) ||
157  (tag_size == 2 && val_bytes > 65535))
158  throw std::invalid_argument("append_tls_length_value: value too large");
159 
160  for(size_t i = 0; i != tag_size; ++i)
161  buf.push_back(get_byte(sizeof(val_bytes)-tag_size+i, val_bytes));
162 
163  for(size_t i = 0; i != vals_size; ++i)
164  for(size_t j = 0; j != T_size; ++j)
165  buf.push_back(get_byte(j, vals[i]));
166  }
void push_back(T x)
Definition: secmem.h:143
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
template<typename T >
void Botan::append_tls_length_value ( MemoryRegion< byte > &  buf,
const MemoryRegion< T > &  vals,
size_t  tag_size 
)

Definition at line 169 of file tls_reader.h.

References append_tls_length_value(), and Botan::MemoryRegion< T >::size().

172  {
173  append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
174  }
size_t size() const
Definition: secmem.h:29
void append_tls_length_value(MemoryRegion< byte > &buf, const std::vector< T > &vals, size_t tag_size)
Definition: tls_reader.h:177
template<typename T >
void Botan::append_tls_length_value ( MemoryRegion< byte > &  buf,
const std::vector< T > &  vals,
size_t  tag_size 
)

Definition at line 177 of file tls_reader.h.

References append_tls_length_value(), and Botan::MemoryRegion< T >::size().

180  {
181  append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
182  }
size_t size() const
Definition: secmem.h:29
void append_tls_length_value(MemoryRegion< byte > &buf, const std::vector< T > &vals, size_t tag_size)
Definition: tls_reader.h:177
void Botan::assertion_failure ( const char *  expr_str,
const char *  msg,
const char *  func,
const char *  file,
int  line 
)

Definition at line 14 of file assert.cpp.

19  {
20  std::ostringstream format;
21 
22  format << "Assertion " << expr_str << " failed ";
23 
24  if(msg)
25  format << "(" << msg << ") ";
26 
27  if(func)
28  format << "in " << func << " ";
29 
30  format << "@" << file << ":" << line;
31 
32  throw Internal_Error(format.str());
33  }
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding is allowed
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 100 of file base64.cpp.

References clear_mem().

Referenced by base64_decode(), Botan::Base64_Decoder::end_msg(), and Botan::Base64_Decoder::write().

106  {
107  /*
108  * Base64 Decoder Lookup Table
109  * Warning: assumes ASCII encodings
110  */
111  static const byte BASE64_TO_BIN[256] = {
112  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
113  0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
114  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
115  0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
116  0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35,
117  0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
118  0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
119  0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
120  0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
121  0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
122  0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
123  0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
124  0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
125  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
126  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
127  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
128  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
129  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
130  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
131  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
132  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
133  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
134  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
135  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
136  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
137  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
138 
139  byte* out_ptr = output;
140  byte decode_buf[4];
141  size_t decode_buf_pos = 0;
142  size_t final_truncate = 0;
143 
144  clear_mem(output, input_length * 3 / 4);
145 
146  for(size_t i = 0; i != input_length; ++i)
147  {
148  const byte bin = BASE64_TO_BIN[static_cast<byte>(input[i])];
149 
150  if(bin <= 0x3F)
151  {
152  decode_buf[decode_buf_pos] = bin;
153  decode_buf_pos += 1;
154  }
155  else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
156  {
157  std::string bad_char(1, input[i]);
158  if(bad_char == "\t")
159  bad_char = "\\t";
160  else if(bad_char == "\n")
161  bad_char = "\\n";
162  else if(bad_char == "\r")
163  bad_char = "\\r";
164 
165  throw std::invalid_argument(
166  std::string("base64_decode: invalid base64 character '") +
167  bad_char + "'");
168  }
169 
170  /*
171  * If we're at the end of the input, pad with 0s and truncate
172  */
173  if(final_inputs && (i == input_length - 1))
174  {
175  if(decode_buf_pos)
176  {
177  for(size_t i = decode_buf_pos; i != 4; ++i)
178  decode_buf[i] = 0;
179  final_truncate = (4 - decode_buf_pos);
180  decode_buf_pos = 4;
181  }
182  }
183 
184  if(decode_buf_pos == 4)
185  {
186  out_ptr[0] = (decode_buf[0] << 2) | (decode_buf[1] >> 4);
187  out_ptr[1] = (decode_buf[1] << 4) | (decode_buf[2] >> 2);
188  out_ptr[2] = (decode_buf[2] << 6) | decode_buf[3];
189 
190  out_ptr += 3;
191  decode_buf_pos = 0;
192  input_consumed = i+1;
193  }
194  }
195 
196  while(input_consumed < input_length &&
197  BASE64_TO_BIN[static_cast<byte>(input[input_consumed])] == 0x80)
198  {
199  ++input_consumed;
200  }
201 
202  size_t written = (out_ptr - output) - final_truncate;
203 
204  return written;
205  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
unsigned char byte
Definition: types.h:22
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 207 of file base64.cpp.

References base64_decode().

211  {
212  size_t consumed = 0;
213  size_t written = base64_decode(output, input, input_length,
214  consumed, true, ignore_ws);
215 
216  if(consumed != input_length)
217  throw std::invalid_argument("base64_decode: input did not have full bytes");
218 
219  return written;
220  }
SecureVector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:244
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length/3*4 bytes
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 222 of file base64.cpp.

References base64_decode().

225  {
226  return base64_decode(output, &input[0], input.length(), ignore_ws);
227  }
SecureVector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:244
SecureVector< byte > BOTAN_DLL Botan::base64_decode ( const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
input_lengththe length of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 229 of file base64.cpp.

References base64_decode(), and Botan::MemoryRegion< T >::resize().

232  {
233  SecureVector<byte> bin((round_up<size_t>(input_length, 4) * 3) / 4);
234 
235  size_t written = base64_decode(&bin[0],
236  input,
237  input_length,
238  ignore_ws);
239 
240  bin.resize(written);
241  return bin;
242  }
SecureVector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:244
SecureVector< byte > BOTAN_DLL Botan::base64_decode ( const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 244 of file base64.cpp.

References base64_decode().

246  {
247  return base64_decode(&input[0], input.size(), ignore_ws);
248  }
SecureVector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:244
size_t BOTAN_DLL Botan::base64_encode ( char  output[],
const byte  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs 
)

Perform base64 encoding

Parameters
outputan array of at least input_length*4/3 bytes
inputis some binary data
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding chars will be applied if needed
Returns
number of bytes written to output

Definition at line 36 of file base64.cpp.

Referenced by base64_encode().

41  {
42  input_consumed = 0;
43 
44  size_t input_remaining = input_length;
45  size_t output_produced = 0;
46 
47  while(input_remaining >= 3)
48  {
49  do_base64_encode(out + output_produced, in + input_consumed);
50 
51  input_consumed += 3;
52  output_produced += 4;
53  input_remaining -= 3;
54  }
55 
56  if(final_inputs && input_remaining)
57  {
58  byte remainder[3] = { 0 };
59  for(size_t i = 0; i != input_remaining; ++i)
60  remainder[i] = in[input_consumed + i];
61 
62  do_base64_encode(out + output_produced, remainder);
63 
64  size_t empty_bits = 8 * (3 - input_remaining);
65  size_t index = output_produced + 4 - 1;
66  while(empty_bits >= 8)
67  {
68  out[index--] = '=';
69  empty_bits -= 6;
70  }
71 
72  input_consumed += input_remaining;
73  output_produced += 4;
74  }
75 
76  return output_produced;
77  }
unsigned char byte
Definition: types.h:22
std::string BOTAN_DLL Botan::base64_encode ( const byte  input[],
size_t  input_length 
)

Perform base64 encoding

Parameters
inputsome input
input_lengthlength of input in bytes
Returns
base64adecimal representation of input

Definition at line 79 of file base64.cpp.

References base64_encode(), and BOTAN_ASSERT_EQUAL.

81  {
82  std::string output((round_up<size_t>(input_length, 3) / 3) * 4, 0);
83 
84  size_t consumed = 0;
85  size_t produced = base64_encode(&output[0],
86  input, input_length,
87  consumed, true);
88 
89  BOTAN_ASSERT_EQUAL(consumed, input_length, "Did not consume all input");
90  BOTAN_ASSERT_EQUAL(produced, output.size(), "Did not produce right amount");
91 
92  return output;
93  }
std::string base64_encode(const MemoryRegion< byte > &input)
Definition: base64.cpp:95
#define BOTAN_ASSERT_EQUAL(value1, value2, msg)
Definition: assert.h:29
std::string BOTAN_DLL Botan::base64_encode ( const MemoryRegion< byte > &  input)

Perform base64 encoding

Parameters
inputsome input
Returns
base64adecimal representation of input

Definition at line 95 of file base64.cpp.

References base64_encode(), and Botan::MemoryRegion< T >::size().

96  {
97  return base64_encode(&input[0], input.size());
98  }
std::string base64_encode(const MemoryRegion< byte > &input)
Definition: base64.cpp:95
size_t size() const
Definition: secmem.h:29
void Botan::bigint_2word_mul ( word  a,
word  b,
word *  z1,
word *  z0 
)
inline

Definition at line 54 of file mp_asm.h.

55  {
56  const size_t MP_HWORD_BITS = BOTAN_MP_WORD_BITS / 2;
57  const word MP_HWORD_MASK = ((word)1 << MP_HWORD_BITS) - 1;
58 
59  const word a_hi = (a >> MP_HWORD_BITS);
60  const word a_lo = (a & MP_HWORD_MASK);
61  const word b_hi = (b >> MP_HWORD_BITS);
62  const word b_lo = (b & MP_HWORD_MASK);
63 
64  word x0 = a_hi * b_hi;
65  word x1 = a_lo * b_hi;
66  word x2 = a_hi * b_lo;
67  word x3 = a_lo * b_lo;
68 
69  x2 += x3 >> (MP_HWORD_BITS);
70  x2 += x1;
71 
72  if(x2 < x1) // timing channel
73  x0 += ((word)1 << MP_HWORD_BITS);
74 
75  *z0 = x0 + (x2 >> MP_HWORD_BITS);
76  *z1 = ((x2 & MP_HWORD_MASK) << MP_HWORD_BITS) + (x3 & MP_HWORD_MASK);
77  }
void Botan::bigint_add2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 68 of file mp_asm.cpp.

References bigint_add2_nc().

Referenced by mul_add(), Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

69  {
70  if(bigint_add2_nc(x, x_size, y, y_size))
71  x[x_size] += 1;
72  }
word bigint_add2_nc(word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:22
word Botan::bigint_add2_nc ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 22 of file mp_asm.cpp.

References word8_add2(), and word_add().

Referenced by bigint_add2().

23  {
24  word carry = 0;
25 
26  const size_t blocks = y_size - (y_size % 8);
27 
28  for(size_t i = 0; i != blocks; i += 8)
29  carry = word8_add2(x + i, y + i, carry);
30 
31  for(size_t i = blocks; i != y_size; ++i)
32  x[i] = word_add(x[i], y[i], &carry);
33 
34  for(size_t i = y_size; i != x_size; ++i)
35  x[i] = word_add(x[i], 0, &carry);
36 
37  return carry;
38  }
word word8_add2(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:33
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
void Botan::bigint_add3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 77 of file mp_asm.cpp.

References bigint_add3_nc().

Referenced by operator+(), and operator-().

79  {
80  z[(x_size > y_size ? x_size : y_size)] +=
81  bigint_add3_nc(z, x, x_size, y, y_size);
82  }
word bigint_add3_nc(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:43
word Botan::bigint_add3_nc ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 43 of file mp_asm.cpp.

References word8_add3(), and word_add().

Referenced by bigint_add3().

45  {
46  if(x_size < y_size)
47  { return bigint_add3_nc(z, y, y_size, x, x_size); }
48 
49  word carry = 0;
50 
51  const size_t blocks = y_size - (y_size % 8);
52 
53  for(size_t i = 0; i != blocks; i += 8)
54  carry = word8_add3(z + i, x + i, y + i, carry);
55 
56  for(size_t i = blocks; i != y_size; ++i)
57  z[i] = word_add(x[i], y[i], &carry);
58 
59  for(size_t i = y_size; i != x_size; ++i)
60  z[i] = word_add(x[i], 0, &carry);
61 
62  return carry;
63  }
word bigint_add3_nc(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:43
word word8_add3(word z[8], const word x[8], const word y[8], word carry)
Definition: mp_asmi.h:49
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
s32bit Botan::bigint_cmp ( const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Compare x and y

Definition at line 41 of file mp_misc.cpp.

Referenced by Botan::BigInt::cmp(), operator+(), Botan::BigInt::operator+=(), operator-(), and Botan::BigInt::operator-=().

43  {
44  if(x_size < y_size) { return (-bigint_cmp(y, y_size, x, x_size)); }
45 
46  while(x_size > y_size)
47  {
48  if(x[x_size-1])
49  return 1;
50  x_size--;
51  }
52 
53  for(size_t j = x_size; j > 0; --j)
54  {
55  if(x[j-1] > y[j-1])
56  return 1;
57  if(x[j-1] < y[j-1])
58  return -1;
59  }
60 
61  return 0;
62  }
s32bit bigint_cmp(const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_misc.cpp:41
void Botan::bigint_comba_mul16 ( word  z[32],
const word  x[16],
const word  y[16] 
)

Definition at line 594 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

595  {
596  word w2 = 0, w1 = 0, w0 = 0;
597 
598  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
599  z[ 0] = w0; w0 = 0;
600 
601  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
602  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
603  z[ 1] = w1; w1 = 0;
604 
605  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
606  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
607  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
608  z[ 2] = w2; w2 = 0;
609 
610  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
611  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
612  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
613  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
614  z[ 3] = w0; w0 = 0;
615 
616  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
617  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
618  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
619  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
620  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
621  z[ 4] = w1; w1 = 0;
622 
623  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
624  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
625  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
626  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
627  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
628  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
629  z[ 5] = w2; w2 = 0;
630 
631  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
632  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
633  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
634  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
635  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
636  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
637  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
638  z[ 6] = w0; w0 = 0;
639 
640  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
641  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
642  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
643  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
644  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
645  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
646  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
647  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
648  z[ 7] = w1; w1 = 0;
649 
650  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 8]);
651  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
652  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
653  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
654  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
655  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
656  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
657  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
658  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 0]);
659  z[ 8] = w2; w2 = 0;
660 
661  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 9]);
662  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 8]);
663  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
664  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
665  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
666  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
667  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
668  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
669  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 1]);
670  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 0]);
671  z[ 9] = w0; w0 = 0;
672 
673  word3_muladd(&w0, &w2, &w1, x[ 0], y[10]);
674  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 9]);
675  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 8]);
676  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
677  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
678  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
679  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
680  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
681  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 2]);
682  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 1]);
683  word3_muladd(&w0, &w2, &w1, x[10], y[ 0]);
684  z[10] = w1; w1 = 0;
685 
686  word3_muladd(&w1, &w0, &w2, x[ 0], y[11]);
687  word3_muladd(&w1, &w0, &w2, x[ 1], y[10]);
688  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 9]);
689  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 8]);
690  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
691  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
692  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
693  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
694  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 3]);
695  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 2]);
696  word3_muladd(&w1, &w0, &w2, x[10], y[ 1]);
697  word3_muladd(&w1, &w0, &w2, x[11], y[ 0]);
698  z[11] = w2; w2 = 0;
699 
700  word3_muladd(&w2, &w1, &w0, x[ 0], y[12]);
701  word3_muladd(&w2, &w1, &w0, x[ 1], y[11]);
702  word3_muladd(&w2, &w1, &w0, x[ 2], y[10]);
703  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 9]);
704  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 8]);
705  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
706  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
707  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
708  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 4]);
709  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 3]);
710  word3_muladd(&w2, &w1, &w0, x[10], y[ 2]);
711  word3_muladd(&w2, &w1, &w0, x[11], y[ 1]);
712  word3_muladd(&w2, &w1, &w0, x[12], y[ 0]);
713  z[12] = w0; w0 = 0;
714 
715  word3_muladd(&w0, &w2, &w1, x[ 0], y[13]);
716  word3_muladd(&w0, &w2, &w1, x[ 1], y[12]);
717  word3_muladd(&w0, &w2, &w1, x[ 2], y[11]);
718  word3_muladd(&w0, &w2, &w1, x[ 3], y[10]);
719  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 9]);
720  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 8]);
721  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
722  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
723  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 5]);
724  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 4]);
725  word3_muladd(&w0, &w2, &w1, x[10], y[ 3]);
726  word3_muladd(&w0, &w2, &w1, x[11], y[ 2]);
727  word3_muladd(&w0, &w2, &w1, x[12], y[ 1]);
728  word3_muladd(&w0, &w2, &w1, x[13], y[ 0]);
729  z[13] = w1; w1 = 0;
730 
731  word3_muladd(&w1, &w0, &w2, x[ 0], y[14]);
732  word3_muladd(&w1, &w0, &w2, x[ 1], y[13]);
733  word3_muladd(&w1, &w0, &w2, x[ 2], y[12]);
734  word3_muladd(&w1, &w0, &w2, x[ 3], y[11]);
735  word3_muladd(&w1, &w0, &w2, x[ 4], y[10]);
736  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 9]);
737  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 8]);
738  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
739  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 6]);
740  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 5]);
741  word3_muladd(&w1, &w0, &w2, x[10], y[ 4]);
742  word3_muladd(&w1, &w0, &w2, x[11], y[ 3]);
743  word3_muladd(&w1, &w0, &w2, x[12], y[ 2]);
744  word3_muladd(&w1, &w0, &w2, x[13], y[ 1]);
745  word3_muladd(&w1, &w0, &w2, x[14], y[ 0]);
746  z[14] = w2; w2 = 0;
747 
748  word3_muladd(&w2, &w1, &w0, x[ 0], y[15]);
749  word3_muladd(&w2, &w1, &w0, x[ 1], y[14]);
750  word3_muladd(&w2, &w1, &w0, x[ 2], y[13]);
751  word3_muladd(&w2, &w1, &w0, x[ 3], y[12]);
752  word3_muladd(&w2, &w1, &w0, x[ 4], y[11]);
753  word3_muladd(&w2, &w1, &w0, x[ 5], y[10]);
754  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 9]);
755  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 8]);
756  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 7]);
757  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 6]);
758  word3_muladd(&w2, &w1, &w0, x[10], y[ 5]);
759  word3_muladd(&w2, &w1, &w0, x[11], y[ 4]);
760  word3_muladd(&w2, &w1, &w0, x[12], y[ 3]);
761  word3_muladd(&w2, &w1, &w0, x[13], y[ 2]);
762  word3_muladd(&w2, &w1, &w0, x[14], y[ 1]);
763  word3_muladd(&w2, &w1, &w0, x[15], y[ 0]);
764  z[15] = w0; w0 = 0;
765 
766  word3_muladd(&w0, &w2, &w1, x[ 1], y[15]);
767  word3_muladd(&w0, &w2, &w1, x[ 2], y[14]);
768  word3_muladd(&w0, &w2, &w1, x[ 3], y[13]);
769  word3_muladd(&w0, &w2, &w1, x[ 4], y[12]);
770  word3_muladd(&w0, &w2, &w1, x[ 5], y[11]);
771  word3_muladd(&w0, &w2, &w1, x[ 6], y[10]);
772  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 9]);
773  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 8]);
774  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 7]);
775  word3_muladd(&w0, &w2, &w1, x[10], y[ 6]);
776  word3_muladd(&w0, &w2, &w1, x[11], y[ 5]);
777  word3_muladd(&w0, &w2, &w1, x[12], y[ 4]);
778  word3_muladd(&w0, &w2, &w1, x[13], y[ 3]);
779  word3_muladd(&w0, &w2, &w1, x[14], y[ 2]);
780  word3_muladd(&w0, &w2, &w1, x[15], y[ 1]);
781  z[16] = w1; w1 = 0;
782 
783  word3_muladd(&w1, &w0, &w2, x[ 2], y[15]);
784  word3_muladd(&w1, &w0, &w2, x[ 3], y[14]);
785  word3_muladd(&w1, &w0, &w2, x[ 4], y[13]);
786  word3_muladd(&w1, &w0, &w2, x[ 5], y[12]);
787  word3_muladd(&w1, &w0, &w2, x[ 6], y[11]);
788  word3_muladd(&w1, &w0, &w2, x[ 7], y[10]);
789  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 9]);
790  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 8]);
791  word3_muladd(&w1, &w0, &w2, x[10], y[ 7]);
792  word3_muladd(&w1, &w0, &w2, x[11], y[ 6]);
793  word3_muladd(&w1, &w0, &w2, x[12], y[ 5]);
794  word3_muladd(&w1, &w0, &w2, x[13], y[ 4]);
795  word3_muladd(&w1, &w0, &w2, x[14], y[ 3]);
796  word3_muladd(&w1, &w0, &w2, x[15], y[ 2]);
797  z[17] = w2; w2 = 0;
798 
799  word3_muladd(&w2, &w1, &w0, x[ 3], y[15]);
800  word3_muladd(&w2, &w1, &w0, x[ 4], y[14]);
801  word3_muladd(&w2, &w1, &w0, x[ 5], y[13]);
802  word3_muladd(&w2, &w1, &w0, x[ 6], y[12]);
803  word3_muladd(&w2, &w1, &w0, x[ 7], y[11]);
804  word3_muladd(&w2, &w1, &w0, x[ 8], y[10]);
805  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 9]);
806  word3_muladd(&w2, &w1, &w0, x[10], y[ 8]);
807  word3_muladd(&w2, &w1, &w0, x[11], y[ 7]);
808  word3_muladd(&w2, &w1, &w0, x[12], y[ 6]);
809  word3_muladd(&w2, &w1, &w0, x[13], y[ 5]);
810  word3_muladd(&w2, &w1, &w0, x[14], y[ 4]);
811  word3_muladd(&w2, &w1, &w0, x[15], y[ 3]);
812  z[18] = w0; w0 = 0;
813 
814  word3_muladd(&w0, &w2, &w1, x[ 4], y[15]);
815  word3_muladd(&w0, &w2, &w1, x[ 5], y[14]);
816  word3_muladd(&w0, &w2, &w1, x[ 6], y[13]);
817  word3_muladd(&w0, &w2, &w1, x[ 7], y[12]);
818  word3_muladd(&w0, &w2, &w1, x[ 8], y[11]);
819  word3_muladd(&w0, &w2, &w1, x[ 9], y[10]);
820  word3_muladd(&w0, &w2, &w1, x[10], y[ 9]);
821  word3_muladd(&w0, &w2, &w1, x[11], y[ 8]);
822  word3_muladd(&w0, &w2, &w1, x[12], y[ 7]);
823  word3_muladd(&w0, &w2, &w1, x[13], y[ 6]);
824  word3_muladd(&w0, &w2, &w1, x[14], y[ 5]);
825  word3_muladd(&w0, &w2, &w1, x[15], y[ 4]);
826  z[19] = w1; w1 = 0;
827 
828  word3_muladd(&w1, &w0, &w2, x[ 5], y[15]);
829  word3_muladd(&w1, &w0, &w2, x[ 6], y[14]);
830  word3_muladd(&w1, &w0, &w2, x[ 7], y[13]);
831  word3_muladd(&w1, &w0, &w2, x[ 8], y[12]);
832  word3_muladd(&w1, &w0, &w2, x[ 9], y[11]);
833  word3_muladd(&w1, &w0, &w2, x[10], y[10]);
834  word3_muladd(&w1, &w0, &w2, x[11], y[ 9]);
835  word3_muladd(&w1, &w0, &w2, x[12], y[ 8]);
836  word3_muladd(&w1, &w0, &w2, x[13], y[ 7]);
837  word3_muladd(&w1, &w0, &w2, x[14], y[ 6]);
838  word3_muladd(&w1, &w0, &w2, x[15], y[ 5]);
839  z[20] = w2; w2 = 0;
840 
841  word3_muladd(&w2, &w1, &w0, x[ 6], y[15]);
842  word3_muladd(&w2, &w1, &w0, x[ 7], y[14]);
843  word3_muladd(&w2, &w1, &w0, x[ 8], y[13]);
844  word3_muladd(&w2, &w1, &w0, x[ 9], y[12]);
845  word3_muladd(&w2, &w1, &w0, x[10], y[11]);
846  word3_muladd(&w2, &w1, &w0, x[11], y[10]);
847  word3_muladd(&w2, &w1, &w0, x[12], y[ 9]);
848  word3_muladd(&w2, &w1, &w0, x[13], y[ 8]);
849  word3_muladd(&w2, &w1, &w0, x[14], y[ 7]);
850  word3_muladd(&w2, &w1, &w0, x[15], y[ 6]);
851  z[21] = w0; w0 = 0;
852 
853  word3_muladd(&w0, &w2, &w1, x[ 7], y[15]);
854  word3_muladd(&w0, &w2, &w1, x[ 8], y[14]);
855  word3_muladd(&w0, &w2, &w1, x[ 9], y[13]);
856  word3_muladd(&w0, &w2, &w1, x[10], y[12]);
857  word3_muladd(&w0, &w2, &w1, x[11], y[11]);
858  word3_muladd(&w0, &w2, &w1, x[12], y[10]);
859  word3_muladd(&w0, &w2, &w1, x[13], y[ 9]);
860  word3_muladd(&w0, &w2, &w1, x[14], y[ 8]);
861  word3_muladd(&w0, &w2, &w1, x[15], y[ 7]);
862  z[22] = w1; w1 = 0;
863 
864  word3_muladd(&w1, &w0, &w2, x[ 8], y[15]);
865  word3_muladd(&w1, &w0, &w2, x[ 9], y[14]);
866  word3_muladd(&w1, &w0, &w2, x[10], y[13]);
867  word3_muladd(&w1, &w0, &w2, x[11], y[12]);
868  word3_muladd(&w1, &w0, &w2, x[12], y[11]);
869  word3_muladd(&w1, &w0, &w2, x[13], y[10]);
870  word3_muladd(&w1, &w0, &w2, x[14], y[ 9]);
871  word3_muladd(&w1, &w0, &w2, x[15], y[ 8]);
872  z[23] = w2; w2 = 0;
873 
874  word3_muladd(&w2, &w1, &w0, x[ 9], y[15]);
875  word3_muladd(&w2, &w1, &w0, x[10], y[14]);
876  word3_muladd(&w2, &w1, &w0, x[11], y[13]);
877  word3_muladd(&w2, &w1, &w0, x[12], y[12]);
878  word3_muladd(&w2, &w1, &w0, x[13], y[11]);
879  word3_muladd(&w2, &w1, &w0, x[14], y[10]);
880  word3_muladd(&w2, &w1, &w0, x[15], y[ 9]);
881  z[24] = w0; w0 = 0;
882 
883  word3_muladd(&w0, &w2, &w1, x[10], y[15]);
884  word3_muladd(&w0, &w2, &w1, x[11], y[14]);
885  word3_muladd(&w0, &w2, &w1, x[12], y[13]);
886  word3_muladd(&w0, &w2, &w1, x[13], y[12]);
887  word3_muladd(&w0, &w2, &w1, x[14], y[11]);
888  word3_muladd(&w0, &w2, &w1, x[15], y[10]);
889  z[25] = w1; w1 = 0;
890 
891  word3_muladd(&w1, &w0, &w2, x[11], y[15]);
892  word3_muladd(&w1, &w0, &w2, x[12], y[14]);
893  word3_muladd(&w1, &w0, &w2, x[13], y[13]);
894  word3_muladd(&w1, &w0, &w2, x[14], y[12]);
895  word3_muladd(&w1, &w0, &w2, x[15], y[11]);
896  z[26] = w2; w2 = 0;
897 
898  word3_muladd(&w2, &w1, &w0, x[12], y[15]);
899  word3_muladd(&w2, &w1, &w0, x[13], y[14]);
900  word3_muladd(&w2, &w1, &w0, x[14], y[13]);
901  word3_muladd(&w2, &w1, &w0, x[15], y[12]);
902  z[27] = w0; w0 = 0;
903 
904  word3_muladd(&w0, &w2, &w1, x[13], y[15]);
905  word3_muladd(&w0, &w2, &w1, x[14], y[14]);
906  word3_muladd(&w0, &w2, &w1, x[15], y[13]);
907  z[28] = w1; w1 = 0;
908 
909  word3_muladd(&w1, &w0, &w2, x[14], y[15]);
910  word3_muladd(&w1, &w0, &w2, x[15], y[14]);
911  z[29] = w2; w2 = 0;
912 
913  word3_muladd(&w2, &w1, &w0, x[15], y[15]);
914  z[30] = w0;
915  z[31] = w1;
916  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul4 ( word  z[8],
const word  x[4],
const word  y[4] 
)

Definition at line 51 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

52  {
53  word w2 = 0, w1 = 0, w0 = 0;
54 
55  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
56  z[ 0] = w0; w0 = 0;
57 
58  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
59  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
60  z[ 1] = w1; w1 = 0;
61 
62  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
63  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
64  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
65  z[ 2] = w2; w2 = 0;
66 
67  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
68  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
69  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
70  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
71  z[ 3] = w0; w0 = 0;
72 
73  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
74  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
75  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
76  z[ 4] = w1; w1 = 0;
77 
78  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
79  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
80  z[ 5] = w2; w2 = 0;
81 
82  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
83  z[ 6] = w0;
84  z[ 7] = w1;
85  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul6 ( word  z[12],
const word  x[6],
const word  y[6] 
)

Definition at line 142 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

143  {
144  word w2 = 0, w1 = 0, w0 = 0;
145 
146  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
147  z[ 0] = w0; w0 = 0;
148 
149  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
150  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
151  z[ 1] = w1; w1 = 0;
152 
153  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
154  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
155  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
156  z[ 2] = w2; w2 = 0;
157 
158  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
159  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
160  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
161  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
162  z[ 3] = w0; w0 = 0;
163 
164  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
165  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
166  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
167  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
168  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
169  z[ 4] = w1; w1 = 0;
170 
171  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
172  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
173  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
174  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
175  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
176  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
177  z[ 5] = w2; w2 = 0;
178 
179  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
180  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
181  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
182  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
183  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
184  z[ 6] = w0; w0 = 0;
185 
186  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
187  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
188  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
189  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
190  z[ 7] = w1; w1 = 0;
191 
192  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
193  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
194  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
195  z[ 8] = w2; w2 = 0;
196 
197  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
198  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
199  z[ 9] = w0; w0 = 0;
200 
201  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
202  z[10] = w1;
203  z[11] = w2;
204  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul8 ( word  z[16],
const word  x[8],
const word  y[8] 
)

Definition at line 284 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

285  {
286  word w2 = 0, w1 = 0, w0 = 0;
287 
288  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
289  z[ 0] = w0; w0 = 0;
290 
291  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
292  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
293  z[ 1] = w1; w1 = 0;
294 
295  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
296  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
297  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
298  z[ 2] = w2; w2 = 0;
299 
300  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
301  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
302  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
303  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
304  z[ 3] = w0; w0 = 0;
305 
306  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
307  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
308  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
309  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
310  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
311  z[ 4] = w1; w1 = 0;
312 
313  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
314  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
315  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
316  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
317  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
318  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
319  z[ 5] = w2; w2 = 0;
320 
321  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
322  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
323  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
324  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
325  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
326  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
327  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
328  z[ 6] = w0; w0 = 0;
329 
330  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
331  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
332  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
333  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
334  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
335  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
336  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
337  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
338  z[ 7] = w1; w1 = 0;
339 
340  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
341  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
342  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
343  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
344  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
345  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
346  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
347  z[ 8] = w2; w2 = 0;
348 
349  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
350  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
351  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
352  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
353  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
354  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
355  z[ 9] = w0; w0 = 0;
356 
357  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
358  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
359  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
360  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
361  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
362  z[10] = w1; w1 = 0;
363 
364  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
365  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
366  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
367  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
368  z[11] = w2; w2 = 0;
369 
370  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
371  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
372  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
373  z[12] = w0; w0 = 0;
374 
375  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
376  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
377  z[13] = w1; w1 = 0;
378 
379  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
380  z[14] = w2;
381  z[15] = w0;
382  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_sqr16 ( word  z[32],
const word  x[16] 
)

Definition at line 387 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

388  {
389  word w2 = 0, w1 = 0, w0 = 0;
390 
391  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
392  z[ 0] = w0; w0 = 0;
393 
394  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
395  z[ 1] = w1; w1 = 0;
396 
397  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
398  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
399  z[ 2] = w2; w2 = 0;
400 
401  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
402  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
403  z[ 3] = w0; w0 = 0;
404 
405  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
406  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
407  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
408  z[ 4] = w1; w1 = 0;
409 
410  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
411  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
412  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
413  z[ 5] = w2; w2 = 0;
414 
415  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
416  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
417  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
418  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
419  z[ 6] = w0; w0 = 0;
420 
421  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
422  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
423  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
424  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
425  z[ 7] = w1; w1 = 0;
426 
427  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 8]);
428  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
429  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
430  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
431  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
432  z[ 8] = w2; w2 = 0;
433 
434  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 9]);
435  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 8]);
436  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
437  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
438  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
439  z[ 9] = w0; w0 = 0;
440 
441  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[10]);
442  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 9]);
443  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 8]);
444  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
445  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
446  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
447  z[10] = w1; w1 = 0;
448 
449  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[11]);
450  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[10]);
451  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 9]);
452  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 8]);
453  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
454  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
455  z[11] = w2; w2 = 0;
456 
457  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[12]);
458  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[11]);
459  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[10]);
460  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 9]);
461  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 8]);
462  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
463  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
464  z[12] = w0; w0 = 0;
465 
466  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[13]);
467  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[12]);
468  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[11]);
469  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[10]);
470  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 9]);
471  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[ 8]);
472  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
473  z[13] = w1; w1 = 0;
474 
475  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[14]);
476  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[13]);
477  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[12]);
478  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[11]);
479  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[10]);
480  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 9]);
481  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[ 8]);
482  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
483  z[14] = w2; w2 = 0;
484 
485  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[15]);
486  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[14]);
487  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[13]);
488  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[12]);
489  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[11]);
490  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[10]);
491  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[ 9]);
492  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[ 8]);
493  z[15] = w0; w0 = 0;
494 
495  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[15]);
496  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[14]);
497  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[13]);
498  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[12]);
499  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[11]);
500  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[10]);
501  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[ 9]);
502  word3_muladd(&w0, &w2, &w1, x[ 8], x[ 8]);
503  z[16] = w1; w1 = 0;
504 
505  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[15]);
506  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[14]);
507  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[13]);
508  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[12]);
509  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[11]);
510  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[10]);
511  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[ 9]);
512  z[17] = w2; w2 = 0;
513 
514  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[15]);
515  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[14]);
516  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[13]);
517  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[12]);
518  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[11]);
519  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[10]);
520  word3_muladd(&w2, &w1, &w0, x[ 9], x[ 9]);
521  z[18] = w0; w0 = 0;
522 
523  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[15]);
524  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[14]);
525  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[13]);
526  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[12]);
527  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[11]);
528  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[10]);
529  z[19] = w1; w1 = 0;
530 
531  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[15]);
532  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[14]);
533  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[13]);
534  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[12]);
535  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[11]);
536  word3_muladd(&w1, &w0, &w2, x[10], x[10]);
537  z[20] = w2; w2 = 0;
538 
539  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[15]);
540  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[14]);
541  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[13]);
542  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[12]);
543  word3_muladd_2(&w2, &w1, &w0, x[10], x[11]);
544  z[21] = w0; w0 = 0;
545 
546  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[15]);
547  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[14]);
548  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[13]);
549  word3_muladd_2(&w0, &w2, &w1, x[10], x[12]);
550  word3_muladd(&w0, &w2, &w1, x[11], x[11]);
551  z[22] = w1; w1 = 0;
552 
553  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[15]);
554  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[14]);
555  word3_muladd_2(&w1, &w0, &w2, x[10], x[13]);
556  word3_muladd_2(&w1, &w0, &w2, x[11], x[12]);
557  z[23] = w2; w2 = 0;
558 
559  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[15]);
560  word3_muladd_2(&w2, &w1, &w0, x[10], x[14]);
561  word3_muladd_2(&w2, &w1, &w0, x[11], x[13]);
562  word3_muladd(&w2, &w1, &w0, x[12], x[12]);
563  z[24] = w0; w0 = 0;
564 
565  word3_muladd_2(&w0, &w2, &w1, x[10], x[15]);
566  word3_muladd_2(&w0, &w2, &w1, x[11], x[14]);
567  word3_muladd_2(&w0, &w2, &w1, x[12], x[13]);
568  z[25] = w1; w1 = 0;
569 
570  word3_muladd_2(&w1, &w0, &w2, x[11], x[15]);
571  word3_muladd_2(&w1, &w0, &w2, x[12], x[14]);
572  word3_muladd(&w1, &w0, &w2, x[13], x[13]);
573  z[26] = w2; w2 = 0;
574 
575  word3_muladd_2(&w2, &w1, &w0, x[12], x[15]);
576  word3_muladd_2(&w2, &w1, &w0, x[13], x[14]);
577  z[27] = w0; w0 = 0;
578 
579  word3_muladd_2(&w0, &w2, &w1, x[13], x[15]);
580  word3_muladd(&w0, &w2, &w1, x[14], x[14]);
581  z[28] = w1; w1 = 0;
582 
583  word3_muladd_2(&w1, &w0, &w2, x[14], x[15]);
584  z[29] = w2; w2 = 0;
585 
586  word3_muladd(&w2, &w1, &w0, x[15], x[15]);
587  z[30] = w0;
588  z[31] = w1;
589  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr4 ( word  z[8],
const word  x[4] 
)

Definition at line 18 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

19  {
20  word w2 = 0, w1 = 0, w0 = 0;
21 
22  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
23  z[ 0] = w0; w0 = 0;
24 
25  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
26  z[ 1] = w1; w1 = 0;
27 
28  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
29  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
30  z[ 2] = w2; w2 = 0;
31 
32  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
33  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
34  z[ 3] = w0; w0 = 0;
35 
36  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
37  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
38  z[ 4] = w1; w1 = 0;
39 
40  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
41  z[ 5] = w2; w2 = 0;
42 
43  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
44  z[ 6] = w0;
45  z[ 7] = w1;
46  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr6 ( word  z[12],
const word  x[6] 
)

Definition at line 90 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

91  {
92  word w2 = 0, w1 = 0, w0 = 0;
93 
94  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
95  z[ 0] = w0; w0 = 0;
96 
97  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
98  z[ 1] = w1; w1 = 0;
99 
100  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
101  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
102  z[ 2] = w2; w2 = 0;
103 
104  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
105  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
106  z[ 3] = w0; w0 = 0;
107 
108  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
109  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
110  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
111  z[ 4] = w1; w1 = 0;
112 
113  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
114  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
115  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
116  z[ 5] = w2; w2 = 0;
117 
118  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
119  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
120  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
121  z[ 6] = w0; w0 = 0;
122 
123  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
124  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
125  z[ 7] = w1; w1 = 0;
126 
127  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
128  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
129  z[ 8] = w2; w2 = 0;
130 
131  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
132  z[ 9] = w0; w0 = 0;
133 
134  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
135  z[10] = w1;
136  z[11] = w2;
137  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr8 ( word  z[16],
const word  x[8] 
)

Definition at line 209 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

210  {
211  word w2 = 0, w1 = 0, w0 = 0;
212 
213  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
214  z[ 0] = w0; w0 = 0;
215 
216  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
217  z[ 1] = w1; w1 = 0;
218 
219  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
220  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
221  z[ 2] = w2; w2 = 0;
222 
223  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
224  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
225  z[ 3] = w0; w0 = 0;
226 
227  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
228  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
229  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
230  z[ 4] = w1; w1 = 0;
231 
232  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
233  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
234  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
235  z[ 5] = w2; w2 = 0;
236 
237  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
238  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
239  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
240  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
241  z[ 6] = w0; w0 = 0;
242 
243  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
244  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
245  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
246  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
247  z[ 7] = w1; w1 = 0;
248 
249  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
250  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
251  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
252  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
253  z[ 8] = w2; w2 = 0;
254 
255  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
256  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
257  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
258  z[ 9] = w0; w0 = 0;
259 
260  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
261  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
262  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
263  z[10] = w1; w1 = 0;
264 
265  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
266  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
267  z[11] = w2; w2 = 0;
268 
269  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
270  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
271  z[12] = w0; w0 = 0;
272 
273  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
274  z[13] = w1; w1 = 0;
275 
276  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
277  z[14] = w2;
278  z[15] = w0;
279  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
size_t Botan::bigint_divcore ( word  q,
word  y2,
word  y1,
word  x3,
word  x2,
word  x1 
)

Definition at line 18 of file mp_misc.cpp.

References word_madd2().

Referenced by divide().

20  {
21  // Compute (y2,y1) * q
22 
23  word y3 = 0;
24  y1 = word_madd2(q, y1, &y3);
25  y2 = word_madd2(q, y2, &y3);
26 
27  // Return (y3,y2,y1) >? (x3,x2,x1)
28 
29  if(y3 > x3) return 1;
30  if(y3 < x3) return 0;
31  if(y2 > x2) return 1;
32  if(y2 < x2) return 0;
33  if(y1 > x1) return 1;
34  if(y1 < x1) return 0;
35  return 0;
36  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word Botan::bigint_divop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) / d

Definition at line 67 of file mp_misc.cpp.

References MP_WORD_BITS, and MP_WORD_TOP_BIT.

Referenced by bigint_modop(), and divide().

68  {
69  word high = n1 % d, quotient = 0;
70 
71  for(size_t j = 0; j != MP_WORD_BITS; ++j)
72  {
73  word high_top_bit = (high & MP_WORD_TOP_BIT);
74 
75  high <<= 1;
76  high |= (n0 >> (MP_WORD_BITS-1-j)) & 1;
77  quotient <<= 1;
78 
79  if(high_top_bit || high >= d)
80  {
81  high -= d;
82  quotient |= 1;
83  }
84  }
85 
86  return quotient;
87  }
const word MP_WORD_TOP_BIT
Definition: mp_types.h:28
const size_t MP_WORD_BITS
Definition: mp_core.h:18
void Botan::bigint_linmul2 ( word  x[],
size_t  x_size,
word  y 
)

Definition at line 149 of file mp_asm.cpp.

References word8_linmul2(), and word_madd2().

Referenced by Botan::BigInt::operator*=().

150  {
151  const size_t blocks = x_size - (x_size % 8);
152 
153  word carry = 0;
154 
155  for(size_t i = 0; i != blocks; i += 8)
156  carry = word8_linmul2(x + i, y, carry);
157 
158  for(size_t i = blocks; i != x_size; ++i)
159  x[i] = word_madd2(x[i], y, &carry);
160 
161  x[x_size] = carry;
162  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word word8_linmul2(word x[8], word y, word carry)
Definition: mp_asmi.h:127
void Botan::bigint_linmul3 ( word  z[],
const word  x[],
size_t  x_size,
word  y 
)

Definition at line 167 of file mp_asm.cpp.

References word8_linmul3(), and word_madd2().

Referenced by bigint_mul(), bigint_sqr(), operator*(), and Botan::BigInt::operator*=().

168  {
169  const size_t blocks = x_size - (x_size % 8);
170 
171  word carry = 0;
172 
173  for(size_t i = 0; i != blocks; i += 8)
174  carry = word8_linmul3(z + i, x + i, y, carry);
175 
176  for(size_t i = blocks; i != x_size; ++i)
177  z[i] = word_madd2(x[i], y, &carry);
178 
179  z[x_size] = carry;
180  }
word word8_linmul3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:143
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word Botan::bigint_modop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) % d

Definition at line 92 of file mp_misc.cpp.

References bigint_divop(), and word_madd2().

Referenced by operator%(), and Botan::BigInt::operator%=().

93  {
94  word z = bigint_divop(n1, n0, d);
95  word dummy = 0;
96  z = word_madd2(z, d, &dummy);
97  return (n0-z);
98  }
word bigint_divop(word n1, word n0, word d)
Definition: mp_misc.cpp:67
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
void Botan::bigint_monty_mul ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 69 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_mul().

Referenced by Botan::Montgomery_Exponentiator::execute(), and Botan::Montgomery_Exponentiator::set_base().

74  {
75  bigint_mul(&z[0], z_size, &ws[0],
76  &x[0], x_size, x_sw,
77  &y[0], y_size, y_sw);
78 
79  bigint_monty_redc(&z[0], z_size,
80  &p[0], p_size, p_dash,
81  &ws[0]);
82  }
void bigint_monty_redc(word z[], size_t z_size, const word p[], size_t p_size, word p_dash, word workspace[])
Definition: mp_monty.cpp:21
void bigint_mul(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
Definition: mp_karat.cpp:248
void Botan::bigint_monty_redc ( word  z[],
size_t  z_size,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Montgomery Reduction

Parameters
zinteger to reduce (also output in first p_size+1 words)
z_sizesize of z (should be >= 2*p_size+1)
pmodulus
p_sizesize of p
p_dashMontgomery value
workspacearray of at least 2*(p_size+1) words

Definition at line 21 of file mp_monty.cpp.

References clear_mem(), copy_mem(), word8_madd3(), word_madd3(), and word_sub().

Referenced by bigint_monty_mul(), bigint_monty_sqr(), and Botan::Montgomery_Exponentiator::execute().

24  {
25  const size_t blocks_of_8 = p_size - (p_size % 8);
26 
27  for(size_t i = 0; i != p_size; ++i)
28  {
29  word* z_i = z + i;
30 
31  const word y = z_i[0] * p_dash;
32 
33  /*
34  bigint_linmul3(ws, p, p_size, y);
35  bigint_add2(z_i, z_size - i, ws, p_size+1);
36  */
37 
38  word carry = 0;
39 
40  for(size_t j = 0; j != blocks_of_8; j += 8)
41  carry = word8_madd3(z_i + j, p + j, y, carry);
42 
43  for(size_t j = blocks_of_8; j != p_size; ++j)
44  z_i[j] = word_madd3(p[j], y, z_i[j], &carry);
45 
46  word z_sum = z_i[p_size] + carry;
47  carry = (z_sum < z_i[p_size]);
48  z_i[p_size] = z_sum;
49 
50  for(size_t j = p_size + 1; carry && j != z_size - i; ++j)
51  {
52  ++z_i[j];
53  carry = !z_i[j];
54  }
55  }
56 
57  word borrow = 0;
58  for(size_t i = 0; i != p_size; ++i)
59  ws[i] = word_sub(z[p_size + i], p[i], &borrow);
60 
61  ws[p_size] = word_sub(z[p_size+p_size], 0, &borrow);
62 
63  copy_mem(ws + p_size + 1, z + p_size, p_size + 1);
64 
65  copy_mem(z, ws + borrow*(p_size+1), p_size + 1);
66  clear_mem(z + p_size + 1, z_size - p_size - 1);
67  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
word word_madd3(word a, word b, word c, word *d)
Definition: mp_asm.h:102
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
void Botan::bigint_monty_sqr ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 84 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_sqr().

Referenced by Botan::Montgomery_Exponentiator::execute().

88  {
89  bigint_sqr(&z[0], z_size, &ws[0],
90  &x[0], x_size, x_sw);
91 
92  bigint_monty_redc(&z[0], z_size,
93  &p[0], p_size, p_dash,
94  &ws[0]);
95  }
void bigint_monty_redc(word z[], size_t z_size, const word p[], size_t p_size, word p_dash, word workspace[])
Definition: mp_monty.cpp:21
void bigint_sqr(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
Definition: mp_karat.cpp:303
void Botan::bigint_mul ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw 
)

Definition at line 248 of file mp_karat.cpp.

References bigint_comba_mul16(), bigint_comba_mul4(), bigint_comba_mul6(), bigint_comba_mul8(), bigint_linmul3(), bigint_simple_mul(), and clear_mem().

Referenced by bigint_monty_mul(), mul_add(), operator*(), and Botan::BigInt::operator*=().

251  {
252  if(x_sw == 1)
253  {
254  bigint_linmul3(z, y, y_sw, x[0]);
255  }
256  else if(y_sw == 1)
257  {
258  bigint_linmul3(z, x, x_sw, y[0]);
259  }
260  else if(x_sw <= 4 && x_size >= 4 &&
261  y_sw <= 4 && y_size >= 4 && z_size >= 8)
262  {
263  bigint_comba_mul4(z, x, y);
264  }
265  else if(x_sw <= 6 && x_size >= 6 &&
266  y_sw <= 6 && y_size >= 6 && z_size >= 12)
267  {
268  bigint_comba_mul6(z, x, y);
269  }
270  else if(x_sw <= 8 && x_size >= 8 &&
271  y_sw <= 8 && y_size >= 8 && z_size >= 16)
272  {
273  bigint_comba_mul8(z, x, y);
274  }
275  else if(x_sw <= 16 && x_size >= 16 &&
276  y_sw <= 16 && y_size >= 16 && z_size >= 32)
277  {
278  bigint_comba_mul16(z, x, y);
279  }
280  else if(x_sw < BOTAN_KARAT_MUL_THRESHOLD ||
281  y_sw < BOTAN_KARAT_MUL_THRESHOLD ||
282  !workspace)
283  {
284  bigint_simple_mul(z, x, x_sw, y, y_sw);
285  }
286  else
287  {
288  const size_t N = karatsuba_size(z_size, x_size, x_sw, y_size, y_sw);
289 
290  if(N)
291  {
292  clear_mem(workspace, 2*N);
293  karatsuba_mul(z, x, y, N, workspace);
294  }
295  else
296  bigint_simple_mul(z, x, x_sw, y, y_sw);
297  }
298  }
void bigint_simple_mul(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_mulop.cpp:20
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
void bigint_comba_mul4(word z[8], const word x[4], const word y[4])
Definition: mp_comba.cpp:51
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_asm.cpp:167
void bigint_comba_mul8(word z[16], const word x[8], const word y[8])
Definition: mp_comba.cpp:284
void bigint_comba_mul16(word z[32], const word x[16], const word y[16])
Definition: mp_comba.cpp:594
void bigint_comba_mul6(word z[12], const word x[6], const word y[6])
Definition: mp_comba.cpp:142
void Botan::bigint_shl1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 18 of file mp_shift.cpp.

References clear_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator-=(), and Botan::BigInt::operator<<=().

19  {
20  if(word_shift)
21  {
22  for(size_t j = 1; j != x_size + 1; ++j)
23  x[(x_size - j) + word_shift] = x[x_size - j];
24  clear_mem(x, word_shift);
25  }
26 
27  if(bit_shift)
28  {
29  word carry = 0;
30  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
31  {
32  word temp = x[j];
33  x[j] = (temp << bit_shift) | carry;
34  carry = (temp >> (MP_WORD_BITS - bit_shift));
35  }
36  }
37  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
const size_t MP_WORD_BITS
Definition: mp_core.h:18
void Botan::bigint_shl2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 97 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator-(), and operator<<().

99  {
100  for(size_t j = 0; j != x_size; ++j)
101  y[j + word_shift] = x[j];
102  if(bit_shift)
103  {
104  word carry = 0;
105  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
106  {
107  word w = y[j];
108  y[j] = (w << bit_shift) | carry;
109  carry = (w >> (MP_WORD_BITS - bit_shift));
110  }
111  }
112  }
const size_t MP_WORD_BITS
Definition: mp_core.h:18
void Botan::bigint_shr1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 42 of file mp_shift.cpp.

References clear_mem(), copy_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator>>=().

43  {
44  if(x_size < word_shift)
45  {
46  clear_mem(x, x_size);
47  return;
48  }
49 
50  if(word_shift)
51  {
52  copy_mem(x, x + word_shift, x_size - word_shift);
53  clear_mem(x + x_size - word_shift, word_shift);
54  }
55 
56  if(bit_shift)
57  {
58  word carry = 0;
59 
60  size_t top = x_size - word_shift;
61 
62  while(top >= 4)
63  {
64  word w = x[top-1];
65  x[top-1] = (w >> bit_shift) | carry;
66  carry = (w << (MP_WORD_BITS - bit_shift));
67 
68  w = x[top-2];
69  x[top-2] = (w >> bit_shift) | carry;
70  carry = (w << (MP_WORD_BITS - bit_shift));
71 
72  w = x[top-3];
73  x[top-3] = (w >> bit_shift) | carry;
74  carry = (w << (MP_WORD_BITS - bit_shift));
75 
76  w = x[top-4];
77  x[top-4] = (w >> bit_shift) | carry;
78  carry = (w << (MP_WORD_BITS - bit_shift));
79 
80  top -= 4;
81  }
82 
83  while(top)
84  {
85  word w = x[top-1];
86  x[top-1] = (w >> bit_shift) | carry;
87  carry = (w << (MP_WORD_BITS - bit_shift));
88 
89  top--;
90  }
91  }
92  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
const size_t MP_WORD_BITS
Definition: mp_core.h:18
void Botan::bigint_shr2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 117 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator>>().

119  {
120  if(x_size < word_shift) return;
121 
122  for(size_t j = 0; j != x_size - word_shift; ++j)
123  y[j] = x[j + word_shift];
124  if(bit_shift)
125  {
126  word carry = 0;
127  for(size_t j = x_size - word_shift; j > 0; --j)
128  {
129  word w = y[j-1];
130  y[j-1] = (w >> bit_shift) | carry;
131  carry = (w << (MP_WORD_BITS - bit_shift));
132  }
133  }
134  }
const size_t MP_WORD_BITS
Definition: mp_core.h:18
void Botan::bigint_simple_mul ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 20 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_mul().

22  {
23  const size_t x_size_8 = x_size - (x_size % 8);
24 
25  clear_mem(z, x_size + y_size);
26 
27  for(size_t i = 0; i != y_size; ++i)
28  {
29  const word y_i = y[i];
30 
31  word carry = 0;
32 
33  for(size_t j = 0; j != x_size_8; j += 8)
34  carry = word8_madd3(z + i + j, x + j, y_i, carry);
35 
36  for(size_t j = x_size_8; j != x_size; ++j)
37  z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry);
38 
39  z[x_size+i] = carry;
40  }
41  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
word word_madd3(word a, word b, word c, word *d)
Definition: mp_asm.h:102
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void Botan::bigint_simple_sqr ( word  z[],
const word  x[],
size_t  x_size 
)

Definition at line 54 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_sqr().

55  {
56  const size_t x_size_8 = x_size - (x_size % 8);
57 
58  clear_mem(z, 2*x_size);
59 
60  for(size_t i = 0; i != x_size; ++i)
61  {
62  const word x_i = x[i];
63  word carry = 0;
64 
65  for(size_t j = 0; j != x_size_8; j += 8)
66  carry = word8_madd3(z + i + j, x + j, x_i, carry);
67 
68  for(size_t j = x_size_8; j != x_size; ++j)
69  z[i+j] = word_madd3(x[j], x_i, z[i+j], &carry);
70 
71  z[x_size+i] = carry;
72  }
73  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
word word_madd3(word a, word b, word c, word *d)
Definition: mp_asm.h:102
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void Botan::bigint_sqr ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw 
)

Definition at line 303 of file mp_karat.cpp.

References bigint_comba_sqr16(), bigint_comba_sqr4(), bigint_comba_sqr6(), bigint_comba_sqr8(), bigint_linmul3(), bigint_simple_sqr(), and clear_mem().

Referenced by bigint_monty_sqr(), and square().

305  {
306  if(x_sw == 1)
307  {
308  bigint_linmul3(z, x, x_sw, x[0]);
309  }
310  else if(x_sw <= 4 && x_size >= 4 && z_size >= 8)
311  {
312  bigint_comba_sqr4(z, x);
313  }
314  else if(x_sw <= 6 && x_size >= 6 && z_size >= 12)
315  {
316  bigint_comba_sqr6(z, x);
317  }
318  else if(x_sw <= 8 && x_size >= 8 && z_size >= 16)
319  {
320  bigint_comba_sqr8(z, x);
321  }
322  else if(x_sw <= 16 && x_size >= 16 && z_size >= 32)
323  {
324  bigint_comba_sqr16(z, x);
325  }
326  else if(x_size < BOTAN_KARAT_SQR_THRESHOLD || !workspace)
327  {
328  bigint_simple_sqr(z, x, x_sw);
329  }
330  else
331  {
332  const size_t N = karatsuba_size(z_size, x_size, x_sw);
333 
334  if(N)
335  {
336  clear_mem(workspace, 2*N);
337  karatsuba_sqr(z, x, N, workspace);
338  }
339  else
340  bigint_simple_sqr(z, x, x_sw);
341  }
342  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_asm.cpp:167
void bigint_comba_sqr16(word z[32], const word x[16])
Definition: mp_comba.cpp:387
void bigint_comba_sqr8(word z[16], const word x[8])
Definition: mp_comba.cpp:209
void bigint_simple_sqr(word z[], const word x[], size_t x_size)
Definition: mp_mulop.cpp:54
void bigint_comba_sqr4(word z[8], const word x[4])
Definition: mp_comba.cpp:18
void bigint_comba_sqr6(word z[12], const word x[6])
Definition: mp_comba.cpp:90
word Botan::bigint_sub2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 87 of file mp_asm.cpp.

References word8_sub2(), and word_sub().

Referenced by Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

88  {
89  word borrow = 0;
90 
91  const size_t blocks = y_size - (y_size % 8);
92 
93  for(size_t i = 0; i != blocks; i += 8)
94  borrow = word8_sub2(x + i, y + i, borrow);
95 
96  for(size_t i = blocks; i != y_size; ++i)
97  x[i] = word_sub(x[i], y[i], &borrow);
98 
99  for(size_t i = y_size; i != x_size; ++i)
100  x[i] = word_sub(x[i], 0, &borrow);
101 
102  return borrow;
103  }
word word8_sub2(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:78
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
void Botan::bigint_sub2_rev ( word  x[],
const word  y[],
size_t  y_size 
)

x = y - x; assumes y >= x

Definition at line 108 of file mp_asm.cpp.

References word8_sub2_rev(), and word_sub().

Referenced by Botan::BigInt::operator-=().

109  {
110  word borrow = 0;
111 
112  const size_t blocks = y_size - (y_size % 8);
113 
114  for(size_t i = 0; i != blocks; i += 8)
115  borrow = word8_sub2_rev(x + i, y + i, borrow);
116 
117  for(size_t i = blocks; i != y_size; ++i)
118  x[i] = word_sub(y[i], x[i], &borrow);
119 
120  if(borrow)
121  throw Internal_Error("bigint_sub2_rev: x >= y");
122  }
word word8_sub2_rev(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:94
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word Botan::bigint_sub3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 127 of file mp_asm.cpp.

References word8_sub3(), and word_sub().

Referenced by operator+(), Botan::BigInt::operator+=(), and operator-().

129  {
130  word borrow = 0;
131 
132  const size_t blocks = y_size - (y_size % 8);
133 
134  for(size_t i = 0; i != blocks; i += 8)
135  borrow = word8_sub3(z + i, x + i, y + i, borrow);
136 
137  for(size_t i = blocks; i != y_size; ++i)
138  z[i] = word_sub(x[i], y[i], &borrow);
139 
140  for(size_t i = y_size; i != x_size; ++i)
141  z[i] = word_sub(x[i], 0, &borrow);
142 
143  return borrow;
144  }
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word word8_sub3(word z[8], const word x[8], const word y[8], word carry)
Definition: mp_asmi.h:110
BOTAN_DLL size_t Botan::block_size_of ( const std::string &  algo_spec)

Find out the block size of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
block size of the specified algorithm

Definition at line 35 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), and Botan::Algorithm_Factory::prototype_hash_function().

Referenced by Botan::SessionKeys::SessionKeys(), Botan::Record_Writer::set_keys(), and Botan::Record_Reader::set_keys().

36  {
37  Algorithm_Factory& af = global_state().algorithm_factory();
38 
39  if(const BlockCipher* cipher = af.prototype_block_cipher(name))
40  return cipher->block_size();
41 
42  if(const HashFunction* hash = af.prototype_hash_function(name))
43  return hash->hash_block_size();
44 
45  throw Algorithm_Not_Found(name);
46  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
void Botan::botan_md4_x86_32_compress ( u32bit  digest[4],
const byte  input[64],
u32bit  M[16] 
)

MD4 compression function in x86-32 asm

Parameters
digestthe current digest
inputthe input block
Mthe message buffer
void Botan::botan_serpent_x86_32_decrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent decryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::decrypt_n().

void Botan::botan_serpent_x86_32_encrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent encryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::encrypt_n().

void Botan::botan_serpent_x86_32_key_schedule ( u32bit  ks[140])

Entry point for Serpent key schedule in x86 asm

Parameters
ksholds the initial working key (padded), and is set to the final key schedule
template<typename T >
void Botan::bswap_4 ( x[4])
inline

Swap 4 Ts in an array

Definition at line 112 of file bswap.h.

References reverse_bytes().

Referenced by load_be(), and load_le().

113  {
114  x[0] = reverse_bytes(x[0]);
115  x[1] = reverse_bytes(x[1]);
116  x[2] = reverse_bytes(x[2]);
117  x[3] = reverse_bytes(x[3]);
118  }
u64bit reverse_bytes(u64bit val)
Definition: bswap.h:80
BOTAN_DLL calendar_point Botan::calendar_value ( u64bit  time_point)
Parameters
time_pointa time point from the system clock
Returns
calendar_point object representing this time point

Definition at line 81 of file time.cpp.

Referenced by Botan::EAC_Time::EAC_Time(), and Botan::X509_Time::X509_Time().

82  {
83  std::tm tm = do_gmtime(static_cast<std::time_t>(a_time_t));
84 
85  return calendar_point(tm.tm_year + 1900,
86  tm.tm_mon + 1,
87  tm.tm_mday,
88  tm.tm_hour,
89  tm.tm_min,
90  tm.tm_sec);
91  }
bool BOTAN_DLL Botan::check_bcrypt ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 128 of file bcrypt.cpp.

References to_u32bit().

129  {
130  if(hash.size() != 60 ||
131  hash[0] != '$' || hash[1] != '2' || hash[2] != 'a' ||
132  hash[3] != '$' || hash[6] != '$')
133  {
134  return false;
135  }
136 
137  const u16bit workfactor = to_u32bit(hash.substr(4, 2));
138 
139  MemoryVector<byte> salt = bcrypt_base64_decode(hash.substr(7, 22));
140 
141  const std::string compare = make_bcrypt(pass, salt, workfactor);
142 
143  return (hash == compare);
144  }
unsigned short u16bit
Definition: types.h:27
u32bit to_u32bit(const std::string &number)
Definition: parsing.cpp:18
bool BOTAN_DLL Botan::check_passhash9 ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 84 of file passhash9.cpp.

References Botan::OctetString::bits_of(), Botan::PKCS5_PBKDF2::derive_key(), Botan::Pipe::end_msg(), load_be< u16bit >(), Botan::Pipe::read_all(), same_mem(), Botan::MemoryRegion< T >::size(), Botan::Pipe::start_msg(), and Botan::Pipe::write().

85  {
86  const size_t BINARY_LENGTH =
87  ALGID_BYTES +
88  WORKFACTOR_BYTES +
89  PASSHASH9_PBKDF_OUTPUT_LEN +
90  SALT_BYTES;
91 
92  const size_t BASE64_LENGTH =
93  MAGIC_PREFIX.size() + (BINARY_LENGTH * 8) / 6;
94 
95  if(hash.size() != BASE64_LENGTH)
96  return false;
97 
98  for(size_t i = 0; i != MAGIC_PREFIX.size(); ++i)
99  if(hash[i] != MAGIC_PREFIX[i])
100  return false;
101 
102  Pipe pipe(new Base64_Decoder);
103  pipe.start_msg();
104  pipe.write(hash.c_str() + MAGIC_PREFIX.size());
105  pipe.end_msg();
106 
107  SecureVector<byte> bin = pipe.read_all();
108 
109  if(bin.size() != BINARY_LENGTH)
110  return false;
111 
112  byte alg_id = bin[0];
113 
114  const size_t kdf_iterations =
115  WORK_FACTOR_SCALE * load_be<u16bit>(&bin[ALGID_BYTES], 0);
116 
117  if(kdf_iterations == 0)
118  return false;
119 
120  MessageAuthenticationCode* pbkdf_prf = get_pbkdf_prf(alg_id);
121 
122  if(pbkdf_prf == 0)
123  return false; // unknown algorithm, reject
124 
125  PKCS5_PBKDF2 kdf(pbkdf_prf); // takes ownership of pointer
126 
127  SecureVector<byte> cmp = kdf.derive_key(
128  PASSHASH9_PBKDF_OUTPUT_LEN,
129  pass,
130  &bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES,
131  kdf_iterations).bits_of();
132 
133  return same_mem(&cmp[0],
134  &bin[ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES],
135  PASSHASH9_PBKDF_OUTPUT_LEN);
136  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:57
unsigned char byte
Definition: types.h:22
u16bit load_be< u16bit >(const byte in[], size_t off)
Definition: loadstor.h:132
bool Botan::check_prime ( const BigInt n,
RandomNumberGenerator rng 
)
inline

Check for primality

Parameters
na positive integer to test for primality
rnga random number generator
Returns
true if all primality tests passed, otherwise false

Definition at line 143 of file numthry.h.

References primality_test().

Referenced by Botan::IF_Scheme_PrivateKey::check_key(), Botan::DL_Group::DL_Group(), generate_dsa_primes(), random_prime(), random_safe_prime(), and Botan::DL_Group::verify_group().

144  { return primality_test(n, rng, 1); }
BigInt n
Definition: numthry.cpp:26
bool primality_test(const BigInt &n, RandomNumberGenerator &rng, size_t level)
Definition: numthry.cpp:262
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BOTAN_DLL PK_Signer * Botan::choose_sig_format ( const Private_Key key,
const std::string &  hash_fn,
AlgorithmIdentifier alg_id 
)

Choose the default signature format for a certain public key signature scheme.

Parameters
keywill be the key to choose a padding scheme for
hash_fnis the desired hash function
alg_idwill be set to the chosen scheme
Returns
A PK_Signer object for generating signatures

Definition at line 218 of file x509_ca.cpp.

References Botan::Public_Key::algo_name(), algo_name, Botan::Public_Key::algorithm_identifier(), DER_SEQUENCE, IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::max_input_bits(), Botan::Public_Key::message_parts(), Botan::Algorithm::name(), Botan::AlgorithmIdentifier::oid, Botan::Buffered_Computation::output_length(), Botan::AlgorithmIdentifier::parameters, and retrieve_hash().

Referenced by Botan::X509::create_cert_req(), Botan::X509::create_self_signed_cert(), and Botan::X509_CA::X509_CA().

221  {
222  std::string padding;
223 
224  const std::string algo_name = key.algo_name();
225 
226  const HashFunction* proto_hash = retrieve_hash(hash_fn);
227  if(!proto_hash)
228  throw Algorithm_Not_Found(hash_fn);
229 
230  if(key.max_input_bits() < proto_hash->output_length()*8)
231  throw Invalid_Argument("Key is too small for chosen hash function");
232 
233  if(algo_name == "RSA")
234  padding = "EMSA3";
235  else if(algo_name == "DSA")
236  padding = "EMSA1";
237  else if(algo_name == "ECDSA")
238  padding = "EMSA1_BSI";
239  else
240  throw Invalid_Argument("Unknown X.509 signing key type: " + algo_name);
241 
242  Signature_Format format =
243  (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363;
244 
245  padding = padding + '(' + proto_hash->name() + ')';
246 
247  sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
248  sig_algo.parameters = key.algorithm_identifier().parameters;
249 
250  return new PK_Signer(key, padding, format);
251  }
Signature_Format
Definition: pubkey.h:24
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string algo_name
Definition: ossl_md.cpp:42
std::string lookup(const OID &oid)
Definition: oids.cpp:31
const HashFunction * retrieve_hash(const std::string &algo_spec)
Definition: lookup.h:55
template<typename T >
void Botan::clear_mem ( T *  ptr,
size_t  n 
)
inline

Zeroize memory

Parameters
ptra pointer to an array
nthe number of Ts pointed to by ptr

Definition at line 32 of file mem_ops.h.

Referenced by aont_package(), base64_decode(), bigint_monty_redc(), bigint_mul(), bigint_shl1(), bigint_shr1(), bigint_simple_mul(), bigint_simple_sqr(), bigint_sqr(), hex_decode(), Botan::Unix_EntropySource::poll(), Botan::MemoryRegion< T >::resize(), and zeroise().

33  {
34  if(n) // avoid glibc warning if n == 0
35  std::memset(ptr, 0, sizeof(T)*n);
36  }
BigInt n
Definition: numthry.cpp:26
BOTAN_DLL void Botan::confirm_startup_self_tests ( Algorithm_Factory af)

Run a set of self tests on some basic algorithms like AES and SHA-1

Parameters
afan algorithm factory
Exceptions
Self_Test_Errorif a failure occured

Definition at line 226 of file selftest.cpp.

Referenced by Botan::Library_State::initialize(), and passes_self_tests().

227  {
228  cipher_kat(af, "DES",
229  "0123456789ABCDEF", "1234567890ABCDEF",
230  "4E6F77206973207468652074696D6520666F7220616C6C20",
231  "3FA40E8A984D48156A271787AB8883F9893D51EC4B563B53",
232  "E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6",
233  "F3096249C7F46E51A69E839B1A92F78403467133898EA622",
234  "F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3",
235  "F3096249C7F46E51163A8CA0FFC94C27FA2F80F480B86F75");
236 
237  cipher_kat(af, "TripleDES",
238  "385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E",
239  "C141B5FCCD28DC8A",
240  "6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68",
241  "64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4",
242  "6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9",
243  "E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B",
244  "E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62",
245  "E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371");
246 
247  cipher_kat(af, "AES-128",
248  "2B7E151628AED2A6ABF7158809CF4F3C",
249  "000102030405060708090A0B0C0D0E0F",
250  "6BC1BEE22E409F96E93D7E117393172A"
251  "AE2D8A571E03AC9C9EB76FAC45AF8E51",
252  "3AD77BB40D7A3660A89ECAF32466EF97"
253  "F5D3D58503B9699DE785895A96FDBAAF",
254  "7649ABAC8119B246CEE98E9B12E9197D"
255  "5086CB9B507219EE95DB113A917678B2",
256  "3B3FD92EB72DAD20333449F8E83CFB4A"
257  "C8A64537A0B3A93FCDE3CDAD9F1CE58B",
258  "3B3FD92EB72DAD20333449F8E83CFB4A"
259  "7789508D16918F03F53C52DAC54ED825",
260  "3B3FD92EB72DAD20333449F8E83CFB4A"
261  "010C041999E03F36448624483E582D0E");
262 
263  hash_test(af, "SHA-1",
264  "", "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709");
265 
266  hash_test(af, "SHA-1",
267  "616263", "A9993E364706816ABA3E25717850C26C9CD0D89D");
268 
269  hash_test(af, "SHA-1",
270  "6162636462636465636465666465666765666768666768696768696A"
271  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
272  "84983E441C3BD26EBAAE4AA1F95129E5E54670F1");
273 
274  mac_test(af, "HMAC(SHA-1)",
275  "4869205468657265",
276  "B617318655057264E28BC0B6FB378C8EF146BE00",
277  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
278 
279  hash_test(af, "SHA-256",
280  "",
281  "E3B0C44298FC1C149AFBF4C8996FB924"
282  "27AE41E4649B934CA495991B7852B855");
283 
284  hash_test(af, "SHA-256",
285  "616263",
286  "BA7816BF8F01CFEA414140DE5DAE2223"
287  "B00361A396177A9CB410FF61F20015AD");
288 
289  hash_test(af, "SHA-256",
290  "6162636462636465636465666465666765666768666768696768696A"
291  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
292  "248D6A61D20638B8E5C026930C3E6039"
293  "A33CE45964FF2167F6ECEDD419DB06C1");
294 
295  mac_test(af, "HMAC(SHA-256)",
296  "4869205468657265",
297  "198A607EB44BFBC69903A0F1CF2BBDC5"
298  "BA0AA3F3D9AE3C1C7A3B1696A0B68CF7",
299  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B"
300  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
301  }
template<typename InputIterator , typename OutputIterator , typename Predicate >
OutputIterator Botan::copy_if ( InputIterator  current,
InputIterator  end,
OutputIterator  dest,
Predicate  copy_p 
)

Copy-on-Predicate Algorithm

Parameters
currentthe first iterator value
endthe final iterator value
destan output iterator
copy_pthe predicate

Definition at line 23 of file stl_util.h.

25  {
26  while(current != end)
27  {
28  if(copy_p(*current))
29  *dest++ = *current;
30  ++current;
31  }
32  return dest;
33  }
template<typename T >
void Botan::copy_mem ( T *  out,
const T *  in,
size_t  n 
)
inline
BOTAN_DLL AlternativeName Botan::create_alt_name ( const Data_Store info)

Definition at line 442 of file x509cert.cpp.

References Botan::AlternativeName::add_attribute(), Botan::PEM_Code::matches(), Botan::Data_Store::search_with(), and split_on().

Referenced by Botan::PKCS10_Request::subject_alt_name().

443  {
444  class AltName_Matcher : public Data_Store::Matcher
445  {
446  public:
447  bool operator()(const std::string& key, const std::string&) const
448  {
449  for(size_t i = 0; i != matches.size(); ++i)
450  if(key.compare(matches[i]) == 0)
451  return true;
452  return false;
453  }
454 
455  AltName_Matcher(const std::string& match_any_of)
456  {
457  matches = split_on(match_any_of, '/');
458  }
459  private:
460  std::vector<std::string> matches;
461  };
462 
463  std::multimap<std::string, std::string> names =
464  info.search_with(AltName_Matcher("RFC822/DNS/URI/IP"));
465 
466  AlternativeName alt_name;
467 
468  std::multimap<std::string, std::string>::iterator i;
469  for(i = names.begin(); i != names.end(); ++i)
470  alt_name.add_attribute(i->first, i->second);
471 
472  return alt_name;
473  }
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
bool matches(DataSource &source, const std::string &extra, size_t search_range)
Definition: pem.cpp:116
BOTAN_DLL X509_DN Botan::create_dn ( const Data_Store info)

Definition at line 414 of file x509cert.cpp.

References Botan::X509_DN::add_attribute(), and Botan::Data_Store::search_with().

Referenced by Botan::X509_Certificate::issuer_dn(), Botan::X509_CRL::issuer_dn(), Botan::PKCS10_Request::subject_dn(), and Botan::X509_Certificate::subject_dn().

415  {
416  class DN_Matcher : public Data_Store::Matcher
417  {
418  public:
419  bool operator()(const std::string& key, const std::string&) const
420  {
421  if(key.find("X520.") != std::string::npos)
422  return true;
423  return false;
424  }
425  };
426 
427  std::multimap<std::string, std::string> names =
428  info.search_with(DN_Matcher());
429 
430  X509_DN dn;
431 
432  std::multimap<std::string, std::string>::iterator i;
433  for(i = names.begin(); i != names.end(); ++i)
434  dn.add_attribute(i->first, i->second);
435 
436  return dn;
437  }
template<typename T >
size_t Botan::ctz ( n)
inline

Count the trailing zero bits in n

Parameters
nan integer value
Returns
maximum x st 2^x divides n

Definition at line 93 of file bit_ops.h.

Referenced by low_zero_bits().

94  {
95  for(size_t i = 0; i != 8*sizeof(T); ++i)
96  if((n >> i) & 0x01)
97  return i;
98  return 8*sizeof(T);
99  }
BigInt n
Definition: numthry.cpp:26
ECDSA_Signature Botan::decode_concatenation ( const MemoryRegion< byte > &  concat)

Definition at line 46 of file ecdsa_sig.cpp.

References Botan::BigInt::decode(), r, s, and Botan::MemoryRegion< T >::size().

Referenced by Botan::EAC1_1_gen_CVC< Derived >::decode_info().

47  {
48  if(concat.size() % 2 != 0)
49  throw Invalid_Argument("Erroneous length of signature");
50 
51  const size_t rs_len = concat.size() / 2;
52 
53  BigInt r = BigInt::decode(&concat[0], rs_len);
54  BigInt s = BigInt::decode(&concat[rs_len], rs_len);
55 
56  return ECDSA_Signature(r, s);
57  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
SecureVector< byte > decode(DataSource &source, std::string &label)
Definition: pem.cpp:56
size_t size() const
Definition: secmem.h:29
BigInt r
Definition: numthry.cpp:26
size_t s
Definition: numthry.cpp:27
BOTAN_DLL ECDSA_PublicKey * Botan::decode_eac1_1_key ( const MemoryRegion< byte > &  enc_key,
AlgorithmIdentifier sig_algo 
)

Decode an EAC encoding ECDSA key

Definition at line 91 of file cvc_cert.cpp.

93  {
94  throw Internal_Error("decode_eac1_1_key: Unimplemented");
95  return 0;
96  }
template<typename Pair >
void Botan::delete2nd ( Pair &  pair)

Delete the second half of a pair of objects

Definition at line 67 of file stl_util.h.

68  {
69  delete pair.second;
70  }
void BOTAN_DLL Botan::divide ( const BigInt x,
const BigInt y,
BigInt q,
BigInt r 
)

BigInt Division

Parameters
xan integer
ya non-zero integer
qwill be set to x / y
rwill be set to x % y

Definition at line 34 of file divide.cpp.

References bigint_divcore(), bigint_divop(), Botan::BigInt::cmp(), Botan::BigInt::get_reg(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), MP_WORD_BITS, MP_WORD_MAX, MP_WORD_TOP_BIT, n, Botan::BigInt::Positive, Botan::MemoryRegion< T >::resize(), Botan::BigInt::set_sign(), Botan::BigInt::sig_words(), and Botan::BigInt::word_at().

Referenced by Botan::BigInt::encode(), operator%(), and operator/().

35  {
36  if(y_arg.is_zero())
37  throw BigInt::DivideByZero();
38 
39  BigInt y = y_arg;
40  const size_t y_words = y.sig_words();
41 
42  r = x;
43  q = 0;
44 
45  r.set_sign(BigInt::Positive);
46  y.set_sign(BigInt::Positive);
47 
48  s32bit compare = r.cmp(y);
49 
50  if(compare == 0)
51  {
52  q = 1;
53  r = 0;
54  }
55  else if(compare > 0)
56  {
57  size_t shifts = 0;
58  word y_top = y[y.sig_words()-1];
59  while(y_top < MP_WORD_TOP_BIT) { y_top <<= 1; ++shifts; }
60  y <<= shifts;
61  r <<= shifts;
62 
63  const size_t n = r.sig_words() - 1, t = y_words - 1;
64 
65  if(n < t)
66  throw Internal_Error("BigInt division word sizes");
67 
68  q.get_reg().resize(n - t + 1);
69  if(n <= t)
70  {
71  while(r > y) { r -= y; ++q; }
72  r >>= shifts;
73  sign_fixup(x, y_arg, q, r);
74  return;
75  }
76 
77  BigInt temp = y << (MP_WORD_BITS * (n-t));
78 
79  while(r >= temp) { r -= temp; ++q[n-t]; }
80 
81  for(size_t j = n; j != t; --j)
82  {
83  const word x_j0 = r.word_at(j);
84  const word x_j1 = r.word_at(j-1);
85  const word y_t = y.word_at(t);
86 
87  if(x_j0 == y_t)
88  q[j-t-1] = MP_WORD_MAX;
89  else
90  q[j-t-1] = bigint_divop(x_j0, x_j1, y_t);
91 
92  while(bigint_divcore(q[j-t-1], y_t, y.word_at(t-1),
93  x_j0, x_j1, r.word_at(j-2)))
94  --q[j-t-1];
95 
96  r -= (q[j-t-1] * y) << (MP_WORD_BITS * (j-t-1));
97  if(r.is_negative())
98  {
99  r += y << (MP_WORD_BITS * (j-t-1));
100  --q[j-t-1];
101  }
102  }
103  r >>= shifts;
104  }
105 
106  sign_fixup(x, y_arg, q, r);
107  }
BigInt n
Definition: numthry.cpp:26
word bigint_divop(word n1, word n0, word d)
Definition: mp_misc.cpp:67
signed int s32bit
Definition: types.h:37
const word MP_WORD_MAX
Definition: mp_types.h:29
size_t bigint_divcore(word q, word y2, word y1, word x3, word x2, word x1)
Definition: mp_misc.cpp:18
BigInt r
Definition: numthry.cpp:26
const word MP_WORD_TOP_BIT
Definition: mp_types.h:28
const size_t MP_WORD_BITS
Definition: mp_core.h:18
size_t Botan::dl_work_factor ( size_t  prime_group_size)

Estimate work factor for discrete logarithm

Parameters
prime_group_sizesize of the group in bits
Returns
estimated security level for this group

Definition at line 14 of file workfactor.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DL_Group::DL_Group(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), and Botan::ElGamal_Encryption_Operation::encrypt().

15  {
16  /*
17  Based on GNFS work factors. Constant is 1.43 times the asymptotic
18  value; I'm not sure but I believe that came from a paper on 'real
19  world' runtimes, but I don't remember where now.
20 
21  Sample return values:
22  |512| -> 64
23  |1024| -> 86
24  |1536| -> 102
25  |2048| -> 116
26  |3072| -> 138
27  |4096| -> 155
28  |8192| -> 206
29 
30  For DL algos, we use an exponent of twice the size of the result;
31  the assumption is that an arbitrary discrete log on a group of size
32  bits would take about 2^n effort, and thus using an exponent of
33  size 2^(2*n) implies that all available attacks are about as easy
34  (as e.g Pollard's kangaroo algorithm can compute the DL in sqrt(x)
35  operations) while minimizing the exponent size for performance
36  reasons.
37  */
38 
39  const size_t MIN_WORKFACTOR = 64;
40 
41  // approximates natural logarithm of p
42  const double log_p = bits / 1.4426;
43 
44  const double strength =
45  2.76 * std::pow(log_p, 1.0/3.0) * std::pow(std::log(log_p), 2.0/3.0);
46 
47  return std::max(static_cast<size_t>(strength), MIN_WORKFACTOR);
48  }
SecureVector< byte > BOTAN_DLL Botan::EC2OSP ( const PointGFp point,
byte  format 
)

Definition at line 482 of file point_gfp.cpp.

References Botan::BigInt::bytes(), Botan::PointGFp::COMPRESSED, Botan::BigInt::encode_1363(), Botan::PointGFp::get_affine_x(), Botan::PointGFp::get_affine_y(), Botan::BigInt::get_bit(), Botan::PointGFp::get_curve(), Botan::CurveGFp::get_p(), Botan::PointGFp::HYBRID, Botan::PointGFp::is_zero(), Botan::MemoryRegion< T >::push_back(), and Botan::PointGFp::UNCOMPRESSED.

Referenced by Botan::EC_Group::DER_encode(), Botan::ECDH_PublicKey::public_value(), and Botan::EC_PublicKey::x509_subject_public_key().

483  {
484  if(point.is_zero())
485  return SecureVector<byte>(1); // single 0 byte
486 
487  const size_t p_bytes = point.get_curve().get_p().bytes();
488 
489  BigInt x = point.get_affine_x();
490  BigInt y = point.get_affine_y();
491 
492  SecureVector<byte> bX = BigInt::encode_1363(x, p_bytes);
493  SecureVector<byte> bY = BigInt::encode_1363(y, p_bytes);
494 
495  if(format == PointGFp::UNCOMPRESSED)
496  {
497  SecureVector<byte> result;
498  result.push_back(0x04);
499 
500  result += bX;
501  result += bY;
502 
503  return result;
504  }
505  else if(format == PointGFp::COMPRESSED)
506  {
507  SecureVector<byte> result;
508  result.push_back(0x02 | static_cast<byte>(y.get_bit(0)));
509 
510  result += bX;
511 
512  return result;
513  }
514  else if(format == PointGFp::HYBRID)
515  {
516  SecureVector<byte> result;
517  result.push_back(0x06 | static_cast<byte>(y.get_bit(0)));
518 
519  result += bX;
520  result += bY;
521 
522  return result;
523  }
524  else
525  throw Invalid_Argument("illegal point encoding format specification");
526  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
BigInt BOTAN_DLL Botan::gcd ( const BigInt x,
const BigInt y 
)

Compute the greatest common divisor

Parameters
xa positive integer
ya positive integer
Returns
gcd(x,y)

Definition at line 167 of file numthry.cpp.

References Botan::BigInt::is_nonzero(), Botan::BigInt::is_zero(), low_zero_bits(), Botan::BigInt::Positive, and Botan::BigInt::set_sign().

Referenced by lcm(), and random_prime().

168  {
169  if(a.is_zero() || b.is_zero()) return 0;
170  if(a == 1 || b == 1) return 1;
171 
172  BigInt x = a, y = b;
173  x.set_sign(BigInt::Positive);
174  y.set_sign(BigInt::Positive);
175  size_t shift = std::min(low_zero_bits(x), low_zero_bits(y));
176 
177  x >>= shift;
178  y >>= shift;
179 
180  while(x.is_nonzero())
181  {
182  x >>= low_zero_bits(x);
183  y >>= low_zero_bits(y);
184  if(x >= y) { x -= y; x >>= 1; }
185  else { y -= x; y >>= 1; }
186  }
187 
188  return (y << shift);
189  }
size_t low_zero_bits(const BigInt &n)
Definition: numthry.cpp:141
std::string BOTAN_DLL Botan::generate_bcrypt ( const std::string &  password,
RandomNumberGenerator rng,
u16bit  work_factor = 10 
)

Create a password hash using Bcrypt

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
See also
http://www.usenix.org/events/usenix99/provos/provos_html/

Definition at line 121 of file bcrypt.cpp.

References Botan::RandomNumberGenerator::random_vec().

124  {
125  return make_bcrypt(pass, rng.random_vec(16), work_factor);
126  }
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
bool BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator rng,
Algorithm_Factory af,
BigInt p_out,
BigInt q_out,
size_t  pbits,
size_t  qbits,
const MemoryRegion< byte > &  seed 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
seedthe seed used to generate the parameters
Returns
true if seed generated a valid DSA parameter set, otherwise false. p_out and q_out are only valid if true was returned.

Definition at line 41 of file dsa_gen.cpp.

References Botan::BigInt::binary_decode(), Botan::BigInt::bits(), check_prime(), Botan::Algorithm_Factory::make_hash_function(), n, s, Botan::BigInt::set_bit(), Botan::MemoryRegion< T >::size(), and to_string().

Referenced by Botan::DL_Group::DL_Group(), and generate_dsa_primes().

46  {
47  if(!fips186_3_valid_size(pbits, qbits))
48  throw Invalid_Argument(
49  "FIPS 186-3 does not allow DSA domain parameters of " +
50  to_string(pbits) + "/" + to_string(qbits) + " bits long");
51 
52  if(seed_c.size() * 8 < qbits)
53  throw Invalid_Argument(
54  "Generating a DSA parameter set with a " + to_string(qbits) +
55  "long q requires a seed at least as many bits long");
56 
57  std::auto_ptr<HashFunction> hash(
58  af.make_hash_function("SHA-" + to_string(qbits)));
59 
60  const size_t HASH_SIZE = hash->output_length();
61 
62  class Seed
63  {
64  public:
65  Seed(const MemoryRegion<byte>& s) : seed(s) {}
66 
67  operator MemoryRegion<byte>& () { return seed; }
68 
69  Seed& operator++()
70  {
71  for(size_t j = seed.size(); j > 0; --j)
72  if(++seed[j-1])
73  break;
74  return (*this);
75  }
76  private:
77  SecureVector<byte> seed;
78  };
79 
80  Seed seed(seed_c);
81 
82  q.binary_decode(hash->process(seed));
83  q.set_bit(qbits-1);
84  q.set_bit(0);
85 
86  if(!check_prime(q, rng))
87  return false;
88 
89  const size_t n = (pbits-1) / (HASH_SIZE * 8),
90  b = (pbits-1) % (HASH_SIZE * 8);
91 
92  BigInt X;
93  SecureVector<byte> V(HASH_SIZE * (n+1));
94 
95  for(size_t j = 0; j != 4096; ++j)
96  {
97  for(size_t k = 0; k <= n; ++k)
98  {
99  ++seed;
100  hash->update(seed);
101  hash->final(&V[HASH_SIZE * (n-k)]);
102  }
103 
104  X.binary_decode(&V[HASH_SIZE - 1 - b/8],
105  V.size() - (HASH_SIZE - 1 - b/8));
106  X.set_bit(pbits-1);
107 
108  p = X - (X % (2*q) - 1);
109 
110  if(p.bits() == pbits && check_prime(p, rng))
111  return true;
112  }
113  return false;
114  }
BigInt n
Definition: numthry.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_int.cpp:46
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
size_t size() const
Definition: secmem.h:29
size_t s
Definition: numthry.cpp:27
bool check_prime(const BigInt &n, RandomNumberGenerator &rng)
Definition: numthry.h:143
SecureVector< byte > BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator rng,
Algorithm_Factory af,
BigInt p_out,
BigInt q_out,
size_t  pbits,
size_t  qbits 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
Returns
random seed used to generate this parameter set

Definition at line 119 of file dsa_gen.cpp.

References generate_dsa_primes(), and Botan::RandomNumberGenerator::random_vec().

123  {
124  while(true)
125  {
126  SecureVector<byte> seed = rng.random_vec(qbits / 8);
127 
128  if(generate_dsa_primes(rng, af, p, q, pbits, qbits, seed))
129  return seed;
130  }
131  }
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
SecureVector< byte > generate_dsa_primes(RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits)
Definition: dsa_gen.cpp:119
std::string BOTAN_DLL Botan::generate_passhash9 ( const std::string &  password,
RandomNumberGenerator rng,
u16bit  work_factor = 10,
byte  alg_id = 0 
)

Create a password hash using PBKDF2

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
alg_idspecifies which PRF to use with PBKDF2 0 is HMAC(SHA-1) 1 is HMAC(SHA-256) 2 is CMAC(Blowfish) all other values are currently undefined

Definition at line 48 of file passhash9.cpp.

References Botan::PKCS5_PBKDF2::derive_key(), Botan::Pipe::end_msg(), get_byte(), Botan::RandomNumberGenerator::randomize(), Botan::Pipe::read_all_as_string(), Botan::MemoryRegion< T >::size(), Botan::Pipe::start_msg(), to_string(), and Botan::Pipe::write().

52  {
53  MessageAuthenticationCode* prf = get_pbkdf_prf(alg_id);
54 
55  if(!prf)
56  throw Invalid_Argument("Passhash9: Algorithm id " + to_string(alg_id) +
57  " is not defined");
58 
59  PKCS5_PBKDF2 kdf(prf); // takes ownership of pointer
60 
61  SecureVector<byte> salt(SALT_BYTES);
62  rng.randomize(&salt[0], salt.size());
63 
64  const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
65 
66  SecureVector<byte> pbkdf2_output =
67  kdf.derive_key(PASSHASH9_PBKDF_OUTPUT_LEN,
68  pass,
69  &salt[0], salt.size(),
70  kdf_iterations).bits_of();
71 
72  Pipe pipe(new Base64_Encoder);
73  pipe.start_msg();
74  pipe.write(alg_id);
75  pipe.write(get_byte(0, work_factor));
76  pipe.write(get_byte(1, work_factor));
77  pipe.write(salt);
78  pipe.write(pbkdf2_output);
79  pipe.end_msg();
80 
81  return MAGIC_PREFIX + pipe.read_all_as_string();
82  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_int.cpp:46
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BigInt BOTAN_DLL Botan::generate_srp6_verifier ( const std::string &  identifier,
const std::string &  password,
const MemoryRegion< byte > &  salt,
const std::string &  group_id,
const std::string &  hash_id 
)

Generate a new SRP-6 verifier

Parameters
identifiera username or other client identifier
passwordthe secret used to authenticate user
salta randomly chosen value, at least 128 bits long

Definition at line 130 of file srp6.cpp.

References Botan::DL_Group::get_g(), Botan::DL_Group::get_p(), and power_mod().

135  {
136  const BigInt x = compute_x(hash_id, identifier, password, salt);
137 
138  DL_Group group(group_id);
139  return power_mod(group.get_g(), x, group.get_p());
140  }
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
Definition: numthry.cpp:251
BlockCipher* Botan::get_block_cipher ( const std::string &  algo_spec)
inline

Block cipher factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired block cipher
Returns
pointer to the block cipher object

Definition at line 87 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_block_cipher().

88  {
89  Algorithm_Factory& af = global_state().algorithm_factory();
90  return af.make_block_cipher(algo_spec);
91  }
BlockCipher * make_block_cipher(const std::string &algo_spec, const std::string &provider="")
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
template<typename T >
byte Botan::get_byte ( size_t  byte_num,
input 
)
inline
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters. No key will be set in the filter.

Parameters
algo_specthe name of the desired cipher
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to the encryption or decryption filter

Definition at line 124 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::Engine_Iterator::next().

Referenced by Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), get_cipher(), Botan::Record_Writer::set_keys(), and Botan::Record_Reader::set_keys().

126  {
127  Algorithm_Factory& af = global_state().algorithm_factory();
128 
129  Algorithm_Factory::Engine_Iterator i(af);
130 
131  while(Engine* engine = i.next())
132  {
133  if(Keyed_Filter* algo = engine->get_cipher(algo_spec, direction, af))
134  return algo;
135  }
136 
137  throw Algorithm_Not_Found(algo_spec);
138  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
const SymmetricKey key,
const InitializationVector iv,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters.

Parameters
algo_specthe name of the desired cipher
keythe key to be used for encryption/decryption performed by the filter
ivthe initialization vector to be used
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to newly allocated encryption or decryption filter

Definition at line 143 of file lookup.cpp.

References get_cipher(), Botan::OctetString::length(), Botan::Keyed_Filter::set_iv(), and Botan::Keyed_Filter::set_key().

147  {
148  Keyed_Filter* cipher = get_cipher(algo_spec, direction);
149  cipher->set_key(key);
150 
151  if(iv.length())
152  cipher->set_iv(iv);
153 
154  return cipher;
155  }
Keyed_Filter * get_cipher(const std::string &algo_spec, const SymmetricKey &key, Cipher_Dir direction)
Definition: lookup.cpp:160
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
const SymmetricKey key,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters.

Parameters
algo_specthe name of the desired cipher
keythe key to be used for encryption/decryption performed by the filter
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to the encryption or decryption filter

Definition at line 160 of file lookup.cpp.

References get_cipher().

163  {
164  return get_cipher(algo_spec,
165  key, InitializationVector(), direction);
166  }
Keyed_Filter * get_cipher(const std::string &algo_spec, const SymmetricKey &key, Cipher_Dir direction)
Definition: lookup.cpp:160
OctetString InitializationVector
Definition: symkey.h:152
Keyed_Filter * Botan::get_cipher_mode ( const BlockCipher block_cipher,
Cipher_Dir  direction,
const std::string &  mode,
const std::string &  padding 
)

Create a cipher mode filter object

Parameters
block_ciphera block cipher object
directionare we encrypting or decrypting?
modethe name of the cipher mode to use
paddingthe mode padding to use (only used for ECB, CBC)

Definition at line 77 of file core_modes.cpp.

References Botan::BlockCipher::block_size(), Botan::BlockCipher::clone(), ENCRYPTION, parse_algorithm_name(), and to_u32bit().

Referenced by algorithm_kat(), and Botan::Core_Engine::get_cipher().

81  {
82 #if defined(BOTAN_HAS_OFB)
83  if(mode == "OFB")
84  return new StreamCipher_Filter(new OFB(block_cipher->clone()));
85 #endif
86 
87 #if defined(BOTAN_HAS_CTR_BE)
88  if(mode == "CTR-BE")
89  return new StreamCipher_Filter(new CTR_BE(block_cipher->clone()));
90 #endif
91 
92 #if defined(BOTAN_HAS_ECB)
93  if(mode == "ECB" || mode == "")
94  {
95  if(direction == ENCRYPTION)
96  return new ECB_Encryption(block_cipher->clone(),
97  get_bc_pad(padding, "NoPadding"));
98  else
99  return new ECB_Decryption(block_cipher->clone(),
100  get_bc_pad(padding, "NoPadding"));
101  }
102 #endif
103 
104  if(mode == "CBC")
105  {
106  if(padding == "CTS")
107  {
108 #if defined(BOTAN_HAS_CTS)
109  if(direction == ENCRYPTION)
110  return new CTS_Encryption(block_cipher->clone());
111  else
112  return new CTS_Decryption(block_cipher->clone());
113 #else
114  return 0;
115 #endif
116  }
117 
118 #if defined(BOTAN_HAS_CBC)
119  if(direction == ENCRYPTION)
120  return new CBC_Encryption(block_cipher->clone(),
121  get_bc_pad(padding, "PKCS7"));
122  else
123  return new CBC_Decryption(block_cipher->clone(),
124  get_bc_pad(padding, "PKCS7"));
125 #else
126  return 0;
127 #endif
128  }
129 
130 #if defined(BOTAN_HAS_XTS)
131  if(mode == "XTS")
132  {
133  if(direction == ENCRYPTION)
134  return new XTS_Encryption(block_cipher->clone());
135  else
136  return new XTS_Decryption(block_cipher->clone());
137  }
138 #endif
139 
140  if(mode.find("CFB") != std::string::npos ||
141  mode.find("EAX") != std::string::npos)
142  {
143  size_t bits = 0;
144 
145  std::vector<std::string> algo_info = parse_algorithm_name(mode);
146  std::string mode_name = algo_info[0];
147  if(algo_info.size() == 1)
148  bits = 8 * block_cipher->block_size();
149  else if(algo_info.size() == 2)
150  bits = to_u32bit(algo_info[1]);
151  else
152  return 0;
153 
154 #if defined(BOTAN_HAS_CFB)
155  if(mode_name == "CFB")
156  {
157  if(direction == ENCRYPTION)
158  return new CFB_Encryption(block_cipher->clone(), bits);
159  else
160  return new CFB_Decryption(block_cipher->clone(), bits);
161  }
162 #endif
163 
164 #if defined(BOTAN_HAS_EAX)
165  if(mode_name == "EAX")
166  {
167  if(direction == ENCRYPTION)
168  return new EAX_Encryption(block_cipher->clone(), bits);
169  else
170  return new EAX_Decryption(block_cipher->clone(), bits);
171  }
172 #endif
173  }
174 
175  return 0;
176  }
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:96
u32bit to_u32bit(const std::string &number)
Definition: parsing.cpp:18
BOTAN_DLL EME * Botan::get_eme ( const std::string &  algo_spec)

Factory method for EME (message-encoding methods for encryption) objects

Parameters
algo_specthe name of the EME to create
Returns
pointer to newly allocated object of that type

Definition at line 143 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::PK_Decryptor_EME::PK_Decryptor_EME(), and Botan::PK_Encryptor_EME::PK_Encryptor_EME().

144  {
145  SCAN_Name request(algo_spec);
146 
147  Algorithm_Factory& af = global_state().algorithm_factory();
148 
149  if(request.algo_name() == "Raw")
150  return 0; // No padding
151 
152 #if defined(BOTAN_HAS_EME_PKCS1v15)
153  if(request.algo_name() == "PKCS1v15" && request.arg_count() == 0)
154  return new EME_PKCS1v15;
155 #endif
156 
157 #if defined(BOTAN_HAS_EME1)
158  if(request.algo_name() == "EME1" && request.arg_count_between(1, 2))
159  {
160  if(request.arg_count() == 1 ||
161  (request.arg_count() == 2 && request.arg(1) == "MGF1"))
162  {
163  return new EME1(af.make_hash_function(request.arg(0)));
164  }
165  }
166 #endif
167 
168  throw Algorithm_Not_Found(algo_spec);
169  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
BOTAN_DLL EMSA * Botan::get_emsa ( const std::string &  algo_spec)

Factory method for EMSA (message-encoding methods for signatures with appendix) objects

Parameters
algo_specthe name of the EME to create
Returns
pointer to newly allocated object of that type

Definition at line 86 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

87  {
88  SCAN_Name request(algo_spec);
89 
90  Algorithm_Factory& af = global_state().algorithm_factory();
91 
92 #if defined(BOTAN_HAS_EMSA_RAW)
93  if(request.algo_name() == "Raw" && request.arg_count() == 0)
94  return new EMSA_Raw;
95 #endif
96 
97 #if defined(BOTAN_HAS_EMSA1)
98  if(request.algo_name() == "EMSA1" && request.arg_count() == 1)
99  return new EMSA1(af.make_hash_function(request.arg(0)));
100 #endif
101 
102 #if defined(BOTAN_HAS_EMSA1_BSI)
103  if(request.algo_name() == "EMSA1_BSI" && request.arg_count() == 1)
104  return new EMSA1_BSI(af.make_hash_function(request.arg(0)));
105 #endif
106 
107 #if defined(BOTAN_HAS_EMSA2)
108  if(request.algo_name() == "EMSA2" && request.arg_count() == 1)
109  return new EMSA2(af.make_hash_function(request.arg(0)));
110 #endif
111 
112 #if defined(BOTAN_HAS_EMSA3)
113  if(request.algo_name() == "EMSA3" && request.arg_count() == 1)
114  {
115  if(request.arg(0) == "Raw")
116  return new EMSA3_Raw;
117  return new EMSA3(af.make_hash_function(request.arg(0)));
118  }
119 #endif
120 
121 #if defined(BOTAN_HAS_EMSA4)
122  if(request.algo_name() == "EMSA4" && request.arg_count_between(1, 3))
123  {
124  // 3 args: Hash, MGF, salt size (MGF is hardcoded MGF1 in Botan)
125  if(request.arg_count() == 1)
126  return new EMSA4(af.make_hash_function(request.arg(0)));
127 
128  if(request.arg_count() == 2 && request.arg(1) != "MGF1")
129  return new EMSA4(af.make_hash_function(request.arg(0)));
130 
131  if(request.arg_count() == 3)
132  return new EMSA4(af.make_hash_function(request.arg(0)),
133  request.arg_as_integer(2, 0));
134  }
135 #endif
136 
137  throw Algorithm_Not_Found(algo_spec);
138  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
HashFunction* Botan::get_hash ( const std::string &  algo_spec)
inline

Hash function factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired hash function
Returns
pointer to the hash function object

Definition at line 113 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

114  {
115  Algorithm_Factory& af = global_state().algorithm_factory();
116  return af.make_hash_function(algo_spec);
117  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
HashFunction * make_hash_function(const std::string &algo_spec, const std::string &provider="")
BOTAN_DLL KDF * Botan::get_kdf ( const std::string &  algo_spec)

Factory method for KDF (key derivation function)

Parameters
algo_specthe name of the KDF to create
Returns
pointer to newly allocated object of that type

Definition at line 174 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

175  {
176  SCAN_Name request(algo_spec);
177 
178  Algorithm_Factory& af = global_state().algorithm_factory();
179 
180  if(request.algo_name() == "Raw")
181  return 0; // No KDF
182 
183 #if defined(BOTAN_HAS_KDF1)
184  if(request.algo_name() == "KDF1" && request.arg_count() == 1)
185  return new KDF1(af.make_hash_function(request.arg(0)));
186 #endif
187 
188 #if defined(BOTAN_HAS_KDF2)
189  if(request.algo_name() == "KDF2" && request.arg_count() == 1)
190  return new KDF2(af.make_hash_function(request.arg(0)));
191 #endif
192 
193 #if defined(BOTAN_HAS_X942_PRF)
194  if(request.algo_name() == "X9.42-PRF" && request.arg_count() == 1)
195  return new X942_PRF(request.arg(0)); // OID
196 #endif
197 
198 #if defined(BOTAN_HAS_TLS_V10_PRF)
199  if(request.algo_name() == "TLS-PRF" && request.arg_count() == 0)
200  return new TLS_PRF;
201 #endif
202 
203 #if defined(BOTAN_HAS_SSL_V3_PRF)
204  if(request.algo_name() == "SSL3-PRF" && request.arg_count() == 0)
205  return new SSL3_PRF;
206 #endif
207 
208  throw Algorithm_Not_Found(algo_spec);
209  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
MessageAuthenticationCode* Botan::get_mac ( const std::string &  algo_spec)
inline

MAC factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired MAC
Returns
pointer to the MAC object

Definition at line 126 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_mac().

127  {
128  Algorithm_Factory& af = global_state().algorithm_factory();
129  return af.make_mac(algo_spec);
130  }
MessageAuthenticationCode * make_mac(const std::string &algo_spec, const std::string &provider="")
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
BOTAN_DLL u64bit Botan::get_nanoseconds_clock ( )
Returns
nanoseconds resolution timestamp, unknown epoch

Definition at line 93 of file time.cpp.

94  {
95 #if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
96 
97  struct ::timespec tv;
98  ::clock_gettime(CLOCK_REALTIME, &tv);
99  return combine_timers(tv.tv_sec, tv.tv_nsec, 1000000000);
100 
101 #elif defined(BOTAN_TARGET_OS_HAS_GETTIMEOFDAY)
102 
103  struct ::timeval tv;
104  ::gettimeofday(&tv, 0);
105  return combine_timers(tv.tv_sec, tv.tv_usec, 1000000);
106 
107 #elif defined(BOTAN_TARGET_OS_HAS_WIN32_GET_SYSTEMTIME)
108 
109  // Returns time since January 1, 1601 in 100-ns increments
110  ::FILETIME tv;
111  ::GetSystemTimeAsFileTime(&tv);
112  u64bit tstamp = (static_cast<u64bit>(tv.dwHighDateTime) << 32) |
113  tv.dwLowDateTime;
114 
115  return (tstamp * 100); // Scale to 1 nanosecond units
116 
117 #else
118 
119  return combine_timers(static_cast<u32bit>(std::time(0)),
120  std::clock(), CLOCKS_PER_SEC);
121 
122 #endif
123  }
unsigned long long u64bit
Definition: types.h:49
BOTAN_DLL PBE * Botan::get_pbe ( const std::string &  algo_spec)

Factory function for PBEs.

Parameters
algo_specthe name of the PBE algorithm to retrieve
Returns
pointer to a PBE with randomly created parameters

Definition at line 27 of file get_pbe.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::HashFunction::clone(), Botan::BlockCipher::clone(), Botan::Library_State::deref_alias(), ENCRYPTION, Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), and split_on().

Referenced by Botan::PKCS8::BER_encode().

28  {
29  SCAN_Name request(algo_spec);
30 
31  const std::string pbe = request.algo_name();
32  std::string digest_name = request.arg(0);
33  const std::string cipher = request.arg(1);
34 
35  std::vector<std::string> cipher_spec = split_on(cipher, '/');
36  if(cipher_spec.size() != 2)
37  throw Invalid_Argument("PBE: Invalid cipher spec " + cipher);
38 
39  const std::string cipher_algo = global_state().deref_alias(cipher_spec[0]);
40  const std::string cipher_mode = cipher_spec[1];
41 
42  if(cipher_mode != "CBC")
43  throw Invalid_Argument("PBE: Invalid cipher mode " + cipher);
44 
45  Algorithm_Factory& af = global_state().algorithm_factory();
46 
47  const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo);
48  if(!block_cipher)
49  throw Algorithm_Not_Found(cipher_algo);
50 
51  const HashFunction* hash_function = af.prototype_hash_function(digest_name);
52  if(!hash_function)
53  throw Algorithm_Not_Found(digest_name);
54 
55  if(request.arg_count() != 2)
56  throw Invalid_Algorithm_Name(algo_spec);
57 
58 #if defined(BOTAN_HAS_PBE_PKCS_V15)
59  if(pbe == "PBE-PKCS5v15")
60  return new PBE_PKCS5v15(block_cipher->clone(),
61  hash_function->clone(),
62  ENCRYPTION);
63 #endif
64 
65 #if defined(BOTAN_HAS_PBE_PKCS_V20)
66  if(pbe == "PBE-PKCS5v20")
67  return new PBE_PKCS5v20(block_cipher->clone(),
68  hash_function->clone());
69 #endif
70 
71  throw Algorithm_Not_Found(algo_spec);
72  }
const BlockCipher * prototype_block_cipher(const std::string &algo_spec, const std::string &provider="")
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
std::string deref_alias(const std::string &alias) const
Definition: libstate.cpp:162
BOTAN_DLL PBE * Botan::get_pbe ( const OID pbe_oid,
DataSource params 
)

Factory function for PBEs.

Parameters
pbe_oidthe oid of the desired PBE
paramsa DataSource providing the DER encoded parameters to use
Returns
pointer to the PBE with the specified parameters

Definition at line 77 of file get_pbe.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::as_string(), Botan::OID::as_string(), Botan::HashFunction::clone(), Botan::BlockCipher::clone(), Botan::PBE::decode_params(), DECRYPTION, Botan::Library_State::deref_alias(), Botan::Global_State_Management::global_state(), Botan::OIDS::lookup(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), and split_on().

78  {
79  SCAN_Name request(OIDS::lookup(pbe_oid));
80 
81  const std::string pbe = request.algo_name();
82 
83 #if defined(BOTAN_HAS_PBE_PKCS_V15)
84  if(pbe == "PBE-PKCS5v15")
85  {
86  if(request.arg_count() != 2)
87  throw Invalid_Algorithm_Name(request.as_string());
88 
89  std::string digest_name = request.arg(0);
90  const std::string cipher = request.arg(1);
91 
92  std::vector<std::string> cipher_spec = split_on(cipher, '/');
93  if(cipher_spec.size() != 2)
94  throw Invalid_Argument("PBE: Invalid cipher spec " + cipher);
95 
96  const std::string cipher_algo = global_state().deref_alias(cipher_spec[0]);
97  const std::string cipher_mode = cipher_spec[1];
98 
99  if(cipher_mode != "CBC")
100  throw Invalid_Argument("PBE: Invalid cipher mode " + cipher);
101 
102  Algorithm_Factory& af = global_state().algorithm_factory();
103 
104  const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo);
105  if(!block_cipher)
106  throw Algorithm_Not_Found(cipher_algo);
107 
108  const HashFunction* hash_function =
109  af.prototype_hash_function(digest_name);
110 
111  if(!hash_function)
112  throw Algorithm_Not_Found(digest_name);
113 
114  PBE* pbe = new PBE_PKCS5v15(block_cipher->clone(),
115  hash_function->clone(),
116  DECRYPTION);
117  pbe->decode_params(params);
118  return pbe;
119  }
120 #endif
121 
122 #if defined(BOTAN_HAS_PBE_PKCS_V20)
123  if(pbe == "PBE-PKCS5v20")
124  return new PBE_PKCS5v20(params);
125 #endif
126 
127  throw Algorithm_Not_Found(pbe_oid.as_string());
128  }
const BlockCipher * prototype_block_cipher(const std::string &algo_spec, const std::string &provider="")
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
std::string lookup(const OID &oid)
Definition: oids.cpp:31
std::string deref_alias(const std::string &alias) const
Definition: libstate.cpp:162
BOTAN_DLL PBKDF * Botan::get_pbkdf ( const std::string &  algo_spec)

Password based key derivation function factory method

Parameters
algo_specthe name of the desired PBKDF algorithm
Returns
pointer to newly allocated object of that type

Definition at line 73 of file get_enc.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_pbkdf().

Referenced by get_s2k().

74  {
75  Algorithm_Factory& af = global_state().algorithm_factory();
76 
77  if(PBKDF* pbkdf = af.make_pbkdf(algo_spec))
78  return pbkdf;
79 
80  throw Algorithm_Not_Found(algo_spec);
81  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
PK_Decryptor* Botan::get_pk_decryptor ( const Private_Key key,
const std::string &  eme 
)
inline

Public key decryptor factory method.

Deprecated:
Instantiate object from pubkey.h directly
Parameters
keythe key that will work inside the decryptor
emedetermines the algorithm and encoding
Returns
public key decryptor object

Definition at line 40 of file look_pk.h.

42  {
43  return new PK_Decryptor_EME(key, eme);
44  }
PK_Encryptor* Botan::get_pk_encryptor ( const Public_Key key,
const std::string &  eme 
)
inline

Public key encryptor factory method.

Deprecated:
Instantiate object from pubkey.h directly
Parameters
keythe key that will work inside the encryptor
emedetermines the algorithm and encoding
Returns
public key encryptor object

Definition at line 25 of file look_pk.h.

27  {
28  return new PK_Encryptor_EME(key, eme);
29  }
PK_Key_Agreement* Botan::get_pk_kas ( const PK_Key_Agreement_Key key,
const std::string &  kdf 
)
inline

Public key key agreement factory method.

Deprecated:
Instantiate object from pubkey.h directly
Parameters
keythe key that will work inside the key agreement
kdfthe kdf algorithm to use
Returns
key agreement algorithm

Definition at line 89 of file look_pk.h.

91  {
92  return new PK_Key_Agreement(key, kdf);
93  }
PK_Signer* Botan::get_pk_signer ( const Private_Key key,
const std::string &  emsa,
Signature_Format  sig_format = IEEE_1363 
)
inline

Public key signer factory method.

Deprecated:
Instantiate object from pubkey.h directly
Parameters
keythe key that will work inside the signer
emsadetermines the algorithm, encoding and hash algorithm
sig_formatthe signature format to be used
Returns
public key signer object

Definition at line 56 of file look_pk.h.

59  {
60  return new PK_Signer(key, emsa, sig_format);
61  }
PK_Verifier* Botan::get_pk_verifier ( const Public_Key key,
const std::string &  emsa,
Signature_Format  sig_format = IEEE_1363 
)
inline

Public key verifier factory method.

Deprecated:
Instantiate object from pubkey.h directly
Parameters
keythe key that will work inside the verifier
emsadetermines the algorithm, encoding and hash algorithm
sig_formatthe signature format to be used
Returns
public key verifier object

Definition at line 73 of file look_pk.h.

76  {
77  return new PK_Verifier(key, emsa, sig_format);
78  }
PBKDF* Botan::get_s2k ( const std::string &  algo_spec)
inline
Deprecated:
Use get_pbkdf
Parameters
algo_specthe name of the desired algorithm
Returns
pointer to newly allocated object of that type

Definition at line 144 of file lookup.h.

References get_pbkdf().

145  {
146  return get_pbkdf(algo_spec);
147  }
PBKDF * get_pbkdf(const std::string &algo_spec)
Definition: get_enc.cpp:73
StreamCipher* Botan::get_stream_cipher ( const std::string &  algo_spec)
inline

Stream cipher factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired stream cipher
Returns
pointer to the stream cipher object

Definition at line 100 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_stream_cipher().

101  {
102  Algorithm_Factory& af = global_state().algorithm_factory();
103  return af.make_stream_cipher(algo_spec);
104  }
StreamCipher * make_stream_cipher(const std::string &algo_spec, const std::string &provider="")
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
template<typename T >
size_t Botan::hamming_weight ( n)
inline

Compute Hamming weights

Parameters
nan integer value
Returns
number of bits in n set to 1

Definition at line 76 of file bit_ops.h.

77  {
78  const byte NIBBLE_WEIGHTS[] = {
79  0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 };
80 
81  size_t weight = 0;
82  for(size_t i = 0; i != 2*sizeof(T); ++i)
83  weight += NIBBLE_WEIGHTS[(n >> (4*i)) & 0x0F];
84  return weight;
85  }
BigInt n
Definition: numthry.cpp:26
unsigned char byte
Definition: types.h:22
bool Botan::has_mlock ( )

Check if we can at least potentially lock memory

Definition at line 19 of file mlock.cpp.

References lock_mem(), and unlock_mem().

Referenced by Botan::Library_State::initialize().

20  {
21  byte buf[4096];
22  if(!lock_mem(&buf, sizeof(buf)))
23  return false;
24  unlock_mem(&buf, sizeof(buf));
25  return true;
26  }
unsigned char byte
Definition: types.h:22
void unlock_mem(void *ptr, size_t bytes)
Definition: mlock.cpp:45
bool lock_mem(void *ptr, size_t bytes)
Definition: mlock.cpp:31
BOTAN_DLL bool Botan::have_algorithm ( const std::string &  algo_spec)

Check if an algorithm exists.

Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 17 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), and Botan::Algorithm_Factory::prototype_stream_cipher().

18  {
19  Algorithm_Factory& af = global_state().algorithm_factory();
20 
21  if(af.prototype_block_cipher(name))
22  return true;
23  if(af.prototype_stream_cipher(name))
24  return true;
25  if(af.prototype_hash_function(name))
26  return true;
27  if(af.prototype_mac(name))
28  return true;
29  return false;
30  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
bool Botan::have_block_cipher ( const std::string &  algo_spec)
inline

Check if a block cipher algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 235 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_block_cipher().

Referenced by Botan::SessionKeys::SessionKeys(), Botan::Record_Writer::set_keys(), and Botan::Record_Reader::set_keys().

236  {
237  Algorithm_Factory& af = global_state().algorithm_factory();
238  return (af.prototype_block_cipher(algo_spec) != 0);
239  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
bool Botan::have_hash ( const std::string &  algo_spec)
inline

Check if a hash algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 261 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_hash_function().

Referenced by Botan::Record_Writer::set_keys(), and Botan::Record_Reader::set_keys().

262  {
263  Algorithm_Factory& af = global_state().algorithm_factory();
264  return (af.prototype_hash_function(algo_spec) != 0);
265  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
bool Botan::have_mac ( const std::string &  algo_spec)
inline

Check if a MAC algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 274 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_mac().

275  {
276  Algorithm_Factory& af = global_state().algorithm_factory();
277  return (af.prototype_mac(algo_spec) != 0);
278  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
bool Botan::have_stream_cipher ( const std::string &  algo_spec)
inline

Check if a stream cipher algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 248 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_stream_cipher().

Referenced by Botan::Record_Writer::set_keys(), and Botan::Record_Reader::set_keys().

249  {
250  Algorithm_Factory& af = global_state().algorithm_factory();
251  return (af.prototype_stream_cipher(algo_spec) != 0);
252  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
size_t BOTAN_DLL Botan::hex_decode ( byte  output[],
const char  input[],
size_t  input_length,
size_t &  input_consumed,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
outputan array of at least input_length/2 bytes
inputsome hex input
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 55 of file hex.cpp.

References clear_mem().

Referenced by Botan::OctetString::change(), Botan::BigInt::decode(), Botan::Hex_Decoder::end_msg(), Botan::Data_Store::get1_memvec(), hex_decode(), Botan::RTSS_Share::RTSS_Share(), and Botan::Hex_Decoder::write().

60  {
61  /*
62  * Mapping of hex characters to either their binary equivalent
63  * or to an error code.
64  * If valid hex (0-9 A-F a-f), the value.
65  * If whitespace, then 0x80
66  * Otherwise 0xFF
67  * Warning: this table assumes ASCII character encodings
68  */
69 
70  static const byte HEX_TO_BIN[256] = {
71  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
72  0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
73  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
74  0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
75  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01,
76  0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF,
77  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
78  0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
79  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
80  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C,
81  0x0D, 0x0E, 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
82  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
83  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
84  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
85  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
86  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
87  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
88  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
89  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
90  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
91  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
92  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
93  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
94  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
95  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
96  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
97 
98  byte* out_ptr = output;
99  bool top_nibble = true;
100 
101  clear_mem(output, input_length / 2);
102 
103  for(size_t i = 0; i != input_length; ++i)
104  {
105  const byte bin = HEX_TO_BIN[static_cast<byte>(input[i])];
106 
107  if(bin >= 0x10)
108  {
109  if(bin == 0x80 && ignore_ws)
110  continue;
111 
112  std::string bad_char(1, input[i]);
113  if(bad_char == "\t")
114  bad_char = "\\t";
115  else if(bad_char == "\n")
116  bad_char = "\\n";
117 
118  throw std::invalid_argument(
119  std::string("hex_decode: invalid hex character '") +
120  bad_char + "'");
121  }
122 
123  *out_ptr |= bin << (top_nibble*4);
124 
125  top_nibble = !top_nibble;
126  if(top_nibble)
127  ++out_ptr;
128  }
129 
130  input_consumed = input_length;
131  size_t written = (out_ptr - output);
132 
133  /*
134  * We only got half of a byte at the end; zap the half-written
135  * output and mark it as unread
136  */
137  if(!top_nibble)
138  {
139  *out_ptr = 0;
140  input_consumed -= 1;
141  }
142 
143  return written;
144  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32
unsigned char byte
Definition: types.h:22
size_t BOTAN_DLL Botan::hex_decode ( byte  output[],
const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
outputan array of at least input_length/2 bytes
inputsome hex input
input_lengthlength of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 146 of file hex.cpp.

References hex_decode().

150  {
151  size_t consumed = 0;
152  size_t written = hex_decode(output, input, input_length,
153  consumed, ignore_ws);
154 
155  if(consumed != input_length)
156  throw std::invalid_argument("hex_decode: input did not have full bytes");
157 
158  return written;
159  }
SecureVector< byte > hex_decode(const std::string &input, bool ignore_ws)
Definition: hex.cpp:183
size_t BOTAN_DLL Botan::hex_decode ( byte  output[],
const std::string &  input,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
outputan array of at least input_length/2 bytes
inputsome hex input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 161 of file hex.cpp.

References hex_decode().

164  {
165  return hex_decode(output, &input[0], input.length(), ignore_ws);
166  }
SecureVector< byte > hex_decode(const std::string &input, bool ignore_ws)
Definition: hex.cpp:183
SecureVector< byte > BOTAN_DLL Botan::hex_decode ( const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
inputsome hex input
input_lengththe length of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded hex output

Definition at line 168 of file hex.cpp.

References hex_decode(), and Botan::MemoryRegion< T >::resize().

171  {
172  SecureVector<byte> bin(1 + input_length / 2);
173 
174  size_t written = hex_decode(&bin[0],
175  input,
176  input_length,
177  ignore_ws);
178 
179  bin.resize(written);
180  return bin;
181  }
SecureVector< byte > hex_decode(const std::string &input, bool ignore_ws)
Definition: hex.cpp:183
SecureVector< byte > BOTAN_DLL Botan::hex_decode ( const std::string &  input,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
inputsome hex input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded hex output

Definition at line 183 of file hex.cpp.

References hex_decode().

185  {
186  return hex_decode(&input[0], input.size(), ignore_ws);
187  }
SecureVector< byte > hex_decode(const std::string &input, bool ignore_ws)
Definition: hex.cpp:183
void BOTAN_DLL Botan::hex_encode ( char  output[],
const byte  input[],
size_t  input_length,
bool  uppercase = true 
)

Perform hex encoding

Parameters
outputan array of at least input_length*2 bytes
inputis some binary data
input_lengthlength of input in bytes
uppercaseshould output be upper or lower case?

Definition at line 14 of file hex.cpp.

Referenced by Botan::Data_Store::add(), Botan::OctetString::as_string(), Botan::BigInt::encode(), hex_encode(), Botan::RTSS_Share::to_string(), and Botan::X509_Certificate::to_string().

18  {
19  static const byte BIN_TO_HEX_UPPER[16] = {
20  '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
21  'A', 'B', 'C', 'D', 'E', 'F' };
22 
23  static const byte BIN_TO_HEX_LOWER[16] = {
24  '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
25  'a', 'b', 'c', 'd', 'e', 'f' };
26 
27  const byte* tbl = uppercase ? BIN_TO_HEX_UPPER : BIN_TO_HEX_LOWER;
28 
29  for(size_t i = 0; i != input_length; ++i)
30  {
31  byte x = input[i];
32  output[2*i ] = tbl[(x >> 4) & 0x0F];
33  output[2*i+1] = tbl[(x ) & 0x0F];
34  }
35  }
unsigned char byte
Definition: types.h:22
std::string BOTAN_DLL Botan::hex_encode ( const MemoryRegion< byte > &  input,
bool  uppercase = true 
)

Perform hex encoding

Parameters
inputsome input
uppercaseshould output be upper or lower case?
Returns
hexadecimal representation of input

Definition at line 37 of file hex.cpp.

References hex_encode(), and Botan::MemoryRegion< T >::size().

39  {
40  return hex_encode(&input[0], input.size(), uppercase);
41  }
std::string hex_encode(const byte input[], size_t input_length, bool uppercase)
Definition: hex.cpp:43
size_t size() const
Definition: secmem.h:29
std::string BOTAN_DLL Botan::hex_encode ( const byte  input[],
size_t  input_length,
bool  uppercase = true 
)

Perform hex encoding

Parameters
inputsome input
input_lengthlength of input in bytes
uppercaseshould output be upper or lower case?
Returns
hexadecimal representation of input

Definition at line 43 of file hex.cpp.

References hex_encode().

46  {
47  std::string output(2 * input_length, 0);
48 
49  if(input_length)
50  hex_encode(&output[0], input, input_length, uppercase);
51 
52  return output;
53  }
std::string hex_encode(const byte input[], size_t input_length, bool uppercase)
Definition: hex.cpp:43
template<typename T >
size_t Botan::high_bit ( n)
inline

Return the index of the highest set bit T is an unsigned integer type

Parameters
nan integer value
Returns
index of the highest set bit in n

Definition at line 33 of file bit_ops.h.

Referenced by Botan::OID::encode_into().

34  {
35  for(size_t i = 8*sizeof(T); i > 0; --i)
36  if((n >> (i - 1)) & 0x01)
37  return i;
38  return 0;
39  }
BigInt n
Definition: numthry.cpp:26
BOTAN_DLL byte Botan::ieee1363_hash_id ( const std::string &  hash_name)

Return the IEEE 1363 hash identifier

Parameters
hash_namethe name of the hash function
Returns
byte code identifying the hash, or 0 if not known

Definition at line 93 of file hash_id.cpp.

Referenced by Botan::EMSA2::EMSA2().

94  {
95  if(name == "SHA-160") return 0x33;
96 
97  if(name == "SHA-224") return 0x38;
98  if(name == "SHA-256") return 0x34;
99  if(name == "SHA-384") return 0x36;
100  if(name == "SHA-512") return 0x35;
101 
102  if(name == "RIPEMD-160") return 0x31;
103  if(name == "RIPEMD-128") return 0x32;
104 
105  if(name == "Whirlpool") return 0x37;
106 
107  return 0;
108  }
BigInt BOTAN_DLL Botan::inverse_mod ( const BigInt x,
const BigInt modulus 
)

Modular inversion

Parameters
xa positive integer
modulusa positive integer
Returns
y st (x*y) % modulus == 1

Definition at line 202 of file numthry.cpp.

References Botan::BigInt::is_even(), Botan::BigInt::is_negative(), Botan::BigInt::is_odd(), Botan::BigInt::is_zero(), low_zero_bits(), mod, and n.

Referenced by Botan::IF_Scheme_PrivateKey::check_key(), Botan::CurveGFp::CurveGFp(), Botan::ElGamal_Decryption_Operation::decrypt(), Botan::DH_KA_Operation::DH_KA_Operation(), Botan::ECDH_KA_Operation::ECDH_KA_Operation(), Botan::PointGFp::get_affine_x(), Botan::PointGFp::get_affine_y(), Botan::IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(), Botan::Montgomery_Exponentiator::Montgomery_Exponentiator(), Botan::RSA_Private_Operation::RSA_Private_Operation(), Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RW_PrivateKey::RW_PrivateKey(), Botan::RW_Signature_Operation::sign(), Botan::DSA_Signature_Operation::sign(), Botan::ECDSA_Signature_Operation::sign(), Botan::DSA_Verification_Operation::verify(), Botan::ECDSA_Verification_Operation::verify(), and Botan::GOST_3410_Verification_Operation::verify().

203  {
204  if(mod.is_zero())
205  throw BigInt::DivideByZero();
206  if(mod.is_negative() || n.is_negative())
207  throw Invalid_Argument("inverse_mod: arguments must be non-negative");
208 
209  if(n.is_zero() || (n.is_even() && mod.is_even()))
210  return 0;
211 
212  BigInt x = mod, y = n, u = mod, v = n;
213  BigInt A = 1, B = 0, C = 0, D = 1;
214 
215  while(u.is_nonzero())
216  {
217  size_t zero_bits = low_zero_bits(u);
218  u >>= zero_bits;
219  for(size_t i = 0; i != zero_bits; ++i)
220  {
221  if(A.is_odd() || B.is_odd())
222  { A += y; B -= x; }
223  A >>= 1; B >>= 1;
224  }
225 
226  zero_bits = low_zero_bits(v);
227  v >>= zero_bits;
228  for(size_t i = 0; i != zero_bits; ++i)
229  {
230  if(C.is_odd() || D.is_odd())
231  { C += y; D -= x; }
232  C >>= 1; D >>= 1;
233  }
234 
235  if(u >= v) { u -= v; A -= C; B -= D; }
236  else { v -= u; C -= A; D -= B; }
237  }
238 
239  if(v != 1)
240  return 0;
241 
242  while(D.is_negative()) D += mod;
243  while(D >= mod) D -= mod;
244 
245  return D;
246  }
BigInt n
Definition: numthry.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
GMP_MPZ mod
Definition: gmp_powm.cpp:29
size_t low_zero_bits(const BigInt &n)
Definition: numthry.cpp:141
BOTAN_DLL std::string Botan::ipv4_to_string ( u32bit  ip_addr)

Convert an IPv4 address to a string

Parameters
ip_addrthe IPv4 address to convert
Returns
string representation of the IPv4 address

Definition at line 277 of file parsing.cpp.

References get_byte(), and to_string().

Referenced by Botan::AlternativeName::decode_from().

278  {
279  std::string str;
280 
281  for(size_t i = 0; i != sizeof(ip); ++i)
282  {
283  if(i)
284  str += ".";
285  str += to_string(get_byte(i, ip));
286  }
287 
288  return str;
289  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
std::string to_string(u64bit n, size_t min_len)
Definition: parsing.cpp:42
s32bit BOTAN_DLL Botan::jacobi ( const BigInt a,
const BigInt n 
)

Compute the Jacobi symbol. If n is prime, this is equivalent to the Legendre symbol.

See also
http://mathworld.wolfram.com/JacobiSymbol.html
Parameters
ais a non-negative integer
nis an odd integer > 1
Returns
(n / m)

Definition at line 15 of file jacobi.cpp.

References Botan::BigInt::is_even(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), low_zero_bits(), n, and std::swap().

Referenced by ressol(), and Botan::RW_Signature_Operation::sign().

16  {
17  if(a.is_negative())
18  throw Invalid_Argument("jacobi: first argument must be non-negative");
19  if(n.is_even() || n < 2)
20  throw Invalid_Argument("jacobi: second argument must be odd and > 1");
21 
22  BigInt x = a, y = n;
23  s32bit J = 1;
24 
25  while(y > 1)
26  {
27  x %= y;
28  if(x > y / 2)
29  {
30  x = y - x;
31  if(y % 4 == 3)
32  J = -J;
33  }
34  if(x.is_zero())
35  return 0;
36 
37  size_t shifts = low_zero_bits(x);
38  x >>= shifts;
39  if(shifts % 2)
40  {
41  word y_mod_8 = y % 8;
42  if(y_mod_8 == 3 || y_mod_8 == 5)
43  J = -J;
44  }
45 
46  if(x % 4 == 3 && y % 4 == 3)
47  J = -J;
48  std::swap(x, y);
49  }
50  return J;
51  }
BigInt n
Definition: numthry.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
signed int s32bit
Definition: types.h:37
size_t low_zero_bits(const BigInt &n)
Definition: numthry.cpp:141
void swap(Botan::MemoryRegion< T > &x, Botan::MemoryRegion< T > &y)
Definition: secmem.h:425
BOTAN_DLL size_t Botan::keylength_multiple_of ( const std::string &  algo_spec)

Find out the size any valid key is a multiple of for a certain algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
size any valid key is a multiple of

Definition at line 105 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::SymmetricAlgorithm::key_spec(), Botan::Key_Length_Specification::keylength_multiple(), mac, Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_mac(), and Botan::Algorithm_Factory::prototype_stream_cipher().

106  {
107  Algorithm_Factory& af = global_state().algorithm_factory();
108 
109  if(const BlockCipher* bc = af.prototype_block_cipher(name))
110  return bc->key_spec().keylength_multiple();
111 
112  if(const StreamCipher* sc = af.prototype_stream_cipher(name))
113  return sc->key_spec().keylength_multiple();
114 
115  if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
116  return mac->key_spec().keylength_multiple();
117 
118  throw Algorithm_Not_Found(name);
119  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
MessageAuthenticationCode * mac
Definition: fpe_fe1.cpp:94
Library_State & global_state()
BigInt BOTAN_DLL Botan::lcm ( const BigInt x,
const BigInt y 
)

Least common multiple

Parameters
xa positive integer
ya positive integer
Returns
z, smallest integer such that z % x == 0 and z % y == 0

Definition at line 194 of file numthry.cpp.

References gcd().

Referenced by Botan::RSA_PrivateKey::check_key(), Botan::RW_PrivateKey::check_key(), Botan::IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(), Botan::RSA_PrivateKey::RSA_PrivateKey(), and Botan::RW_PrivateKey::RW_PrivateKey().

195  {
196  return ((a * b) / gcd(a, b));
197  }
BigInt gcd(const BigInt &a, const BigInt &b)
Definition: numthry.cpp:167
template<typename T >
T Botan::load_be ( const byte  in[],
size_t  off 
)
inline

Load a big-endian word

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th T of in, as a big-endian value

Definition at line 100 of file loadstor.h.

Referenced by Botan::SHA_160::compress_n(), Botan::Noekeon_SIMD::decrypt_n(), and Botan::Noekeon_SIMD::encrypt_n().

101  {
102  in += off * sizeof(T);
103  T out = 0;
104  for(size_t i = 0; i != sizeof(T); ++i)
105  out = (out << 8) | in[i];
106  return out;
107  }
template<typename T >
void Botan::load_be ( const byte  in[],
T &  x0,
T &  x1 
)
inline

Load two big-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written

Definition at line 325 of file loadstor.h.

326  {
327  x0 = load_be<T>(in, 0);
328  x1 = load_be<T>(in, 1);
329  }
template<typename T >
void Botan::load_be ( const byte  in[],
T &  x0,
T &  x1,
T &  x2,
T &  x3 
)
inline

Load four big-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written
x2where the third word will be written
x3where the fourth word will be written

Definition at line 340 of file loadstor.h.

342  {
343  x0 = load_be<T>(in, 0);
344  x1 = load_be<T>(in, 1);
345  x2 = load_be<T>(in, 2);
346  x3 = load_be<T>(in, 3);
347  }
template<typename T >
void Botan::load_be ( const byte  in[],
T &  x0,
T &  x1,
T &  x2,
T &  x3,
T &  x4,
T &  x5,
T &  x6,
T &  x7 
)
inline

Load eight big-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written
x2where the third word will be written
x3where the fourth word will be written
x4where the fifth word will be written
x5where the sixth word will be written
x6where the seventh word will be written
x7where the eighth word will be written

Definition at line 362 of file loadstor.h.

365  {
366  x0 = load_be<T>(in, 0);
367  x1 = load_be<T>(in, 1);
368  x2 = load_be<T>(in, 2);
369  x3 = load_be<T>(in, 3);
370  x4 = load_be<T>(in, 4);
371  x5 = load_be<T>(in, 5);
372  x6 = load_be<T>(in, 6);
373  x7 = load_be<T>(in, 7);
374  }
template<typename T >
void Botan::load_be ( out[],
const byte  in[],
size_t  count 
)
inline

Load a variable number of big-endian words

Parameters
outthe output array of words
inthe input array of bytes
counthow many words are in in

Definition at line 383 of file loadstor.h.

References bswap_4(), and reverse_bytes().

386  {
387 #if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
388  std::memcpy(out, in, sizeof(T)*count);
389 
390 #if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN)
391  const size_t blocks = count - (count % 4);
392  const size_t left = count - blocks;
393 
394  for(size_t i = 0; i != blocks; i += 4)
395  bswap_4(out + i);
396 
397  for(size_t i = 0; i != left; ++i)
398  out[blocks+i] = reverse_bytes(out[blocks+i]);
399 #endif
400 
401 #else
402  for(size_t i = 0; i != count; ++i)
403  out[i] = load_be<T>(in, i);
404 #endif
405  }
void bswap_4(T x[4])
Definition: bswap.h:112
u16bit reverse_bytes(u16bit val)
Definition: bswap.h:24
template<>
u16bit Botan::load_be< u16bit > ( const byte  in[],
size_t  off 
)
inline

Load a big-endian u16bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u16bit of in, as a big-endian value

Definition at line 132 of file loadstor.h.

References make_u16bit().

Referenced by check_passhash9(), Botan::MISTY1::decrypt_n(), Botan::KASUMI::decrypt_n(), Botan::MISTY1::encrypt_n(), and Botan::KASUMI::encrypt_n().

133  {
134 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
135  return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u16bit*>(in) + off));
136 #else
137  in += off * sizeof(u16bit);
138  return make_u16bit(in[0], in[1]);
139 #endif
140  }
unsigned short u16bit
Definition: types.h:27
u16bit make_u16bit(byte i0, byte i1)
Definition: loadstor.h:47
template<>
u32bit Botan::load_be< u32bit > ( const byte  in[],
size_t  off 
)
inline

Load a big-endian u32bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u32bit of in, as a big-endian value

Definition at line 166 of file loadstor.h.

References make_u32bit().

Referenced by Botan::AlternativeName::decode_from(), Botan::CAST_128::decrypt_n(), Botan::Noekeon::decrypt_n(), Botan::XTEA::decrypt_n(), Botan::SEED::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::TEA::decrypt_n(), Botan::CAST_256::decrypt_n(), Botan::XTEA::encrypt_n(), Botan::Noekeon::encrypt_n(), Botan::CAST_128::encrypt_n(), Botan::TEA::encrypt_n(), Botan::CAST_256::encrypt_n(), Botan::SEED::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::SIMD_Scalar::load_be(), and Botan::WiderWake_41_BE::set_iv().

167  {
168 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
169  return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u32bit*>(in) + off));
170 #else
171  in += off * sizeof(u32bit);
172  return make_u32bit(in[0], in[1], in[2], in[3]);
173 #endif
174  }
u32bit make_u32bit(byte i0, byte i1, byte i2, byte i3)
Definition: loadstor.h:60
unsigned int u32bit
Definition: types.h:32
template<>
u64bit Botan::load_be< u64bit > ( const byte  in[],
size_t  off 
)
inline

Load a big-endian u64bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u64bit of in, as a big-endian value

Definition at line 200 of file loadstor.h.

References make_u64bit().

Referenced by rfc3394_keyunwrap().

201  {
202 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
203  return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u64bit*>(in) + off));
204 #else
205  in += off * sizeof(u64bit);
206  return make_u64bit(in[0], in[1], in[2], in[3],
207  in[4], in[5], in[6], in[7]);
208 #endif
209  }
unsigned long long u64bit
Definition: types.h:49
u64bit make_u64bit(byte i0, byte i1, byte i2, byte i3, byte i4, byte i5, byte i6, byte i7)
Definition: loadstor.h:80
template<typename T >
T Botan::load_le ( const byte  in[],
size_t  off 
)
inline

Load a little-endian word

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th T of in, as a litte-endian value

Definition at line 116 of file loadstor.h.

Referenced by Botan::MD4::compress_n(), and Botan::MD5::compress_n().

117  {
118  in += off * sizeof(T);
119  T out = 0;
120  for(size_t i = 0; i != sizeof(T); ++i)
121  out = (out << 8) | in[sizeof(T)-1-i];
122  return out;
123  }
template<typename T >
void Botan::load_le ( const byte  in[],
T &  x0,
T &  x1 
)
inline

Load two little-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written

Definition at line 236 of file loadstor.h.

237  {
238  x0 = load_le<T>(in, 0);
239  x1 = load_le<T>(in, 1);
240  }
template<typename T >
void Botan::load_le ( const byte  in[],
T &  x0,
T &  x1,
T &  x2,
T &  x3 
)
inline

Load four little-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written
x2where the third word will be written
x3where the fourth word will be written

Definition at line 251 of file loadstor.h.

253  {
254  x0 = load_le<T>(in, 0);
255  x1 = load_le<T>(in, 1);
256  x2 = load_le<T>(in, 2);
257  x3 = load_le<T>(in, 3);
258  }
template<typename T >
void Botan::load_le ( const byte  in[],
T &  x0,
T &  x1,
T &  x2,
T &  x3,
T &  x4,
T &  x5,
T &  x6,
T &  x7 
)
inline

Load eight little-endian words

Parameters
ina pointer to some bytes
x0where the first word will be written
x1where the second word will be written
x2where the third word will be written
x3where the fourth word will be written
x4where the fifth word will be written
x5where the sixth word will be written
x6where the seventh word will be written
x7where the eighth word will be written

Definition at line 273 of file loadstor.h.

276  {
277  x0 = load_le<T>(in, 0);
278  x1 = load_le<T>(in, 1);
279  x2 = load_le<T>(in, 2);
280  x3 = load_le<T>(in, 3);
281  x4 = load_le<T>(in, 4);
282  x5 = load_le<T>(in, 5);
283  x6 = load_le<T>(in, 6);
284  x7 = load_le<T>(in, 7);
285  }
template<typename T >
void Botan::load_le ( out[],
const byte  in[],
size_t  count 
)
inline

Load a variable number of little-endian words

Parameters
outthe output array of words
inthe input array of bytes
counthow many words are in in

Definition at line 294 of file loadstor.h.

References bswap_4(), and reverse_bytes().

297  {
298 #if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
299  std::memcpy(out, in, sizeof(T)*count);
300 
301 #if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
302  const size_t blocks = count - (count % 4);
303  const size_t left = count - blocks;
304 
305  for(size_t i = 0; i != blocks; i += 4)
306  bswap_4(out + i);
307 
308  for(size_t i = 0; i != left; ++i)
309  out[blocks+i] = reverse_bytes(out[blocks+i]);
310 #endif
311 
312 #else
313  for(size_t i = 0; i != count; ++i)
314  out[i] = load_le<T>(in, i);
315 #endif
316  }
void bswap_4(T x[4])
Definition: bswap.h:112
u16bit reverse_bytes(u16bit val)
Definition: bswap.h:24
template<>
u16bit Botan::load_le< u16bit > ( const byte  in[],
size_t  off 
)
inline

Load a little-endian u16bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u16bit of in, as a little-endian value

Definition at line 149 of file loadstor.h.

References make_u16bit().

Referenced by Botan::RC2::decrypt_n(), Botan::Skipjack::decrypt_n(), Botan::Skipjack::encrypt_n(), and Botan::RC2::encrypt_n().

150  {
151 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
152  return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u16bit*>(in) + off));
153 #else
154  in += off * sizeof(u16bit);
155  return make_u16bit(in[1], in[0]);
156 #endif
157  }
unsigned short u16bit
Definition: types.h:27
u16bit make_u16bit(byte i0, byte i1)
Definition: loadstor.h:47
template<>
u32bit Botan::load_le< u32bit > ( const byte  in[],
size_t  off 
)
inline

Load a little-endian u32bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u32bit of in, as a little-endian value

Definition at line 183 of file loadstor.h.

References make_u32bit().

Referenced by Botan::MARS::decrypt_n(), Botan::RC6::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::RC5::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::Serpent::encrypt_n(), Botan::RC5::encrypt_n(), Botan::RC6::encrypt_n(), Botan::MARS::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::SIMD_Scalar::load_le(), and Botan::Salsa20::set_iv().

184  {
185 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
186  return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u32bit*>(in) + off));
187 #else
188  in += off * sizeof(u32bit);
189  return make_u32bit(in[3], in[2], in[1], in[0]);
190 #endif
191  }
u32bit make_u32bit(byte i0, byte i1, byte i2, byte i3)
Definition: loadstor.h:60
unsigned int u32bit
Definition: types.h:32
template<>
u64bit Botan::load_le< u64bit > ( const byte  in[],
size_t  off 
)
inline

Load a little-endian u64bit

Parameters
ina pointer to some bytes
offan offset into the array
Returns
off'th u64bit of in, as a little-endian value

Definition at line 218 of file loadstor.h.

References make_u64bit().

219  {
220 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
221  return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u64bit*>(in) + off));
222 #else
223  in += off * sizeof(u64bit);
224  return make_u64bit(in[7], in[6], in[5], in[4],
225  in[3], in[2], in[1], in[0]);
226 #endif
227  }
unsigned long long u64bit
Definition: types.h:49
u64bit make_u64bit(byte i0, byte i1, byte i2, byte i3, byte i4, byte i5, byte i6, byte i7)
Definition: loadstor.h:80
bool Botan::lock_mem ( void *  addr,
size_t  length 
)

Lock memory into RAM if possible

Parameters
addrthe start of the memory block
lengththe length of the memory block in bytes
Returns
true if successful, false otherwise

Definition at line 31 of file mlock.cpp.

Referenced by has_mlock().

32  {
33 #if defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
34  return (::mlock(static_cast<char*>(ptr), bytes) == 0);
35 #elif defined(BOTAN_TARGET_OS_HAS_WIN32_VIRTUAL_LOCK)
36  return (::VirtualLock(ptr, bytes) != 0);
37 #else
38  return false;
39 #endif
40  }
template<typename T >
size_t Botan::low_bit ( n)
inline

Return the index of the lowest set bit T is an unsigned integer type

Parameters
nan integer value
Returns
index of the lowest set bit in n

Definition at line 48 of file bit_ops.h.

49  {
50  for(size_t i = 0; i != 8*sizeof(T); ++i)
51  if((n >> i) & 0x01)
52  return (i + 1);
53  return 0;
54  }
BigInt n
Definition: numthry.cpp:26
size_t BOTAN_DLL Botan::low_zero_bits ( const BigInt x)
Parameters
xan integer
Returns
count of the zero bits in x, or, equivalently, the largest value of n such that 2^n divides x evently

Definition at line 141 of file numthry.cpp.

References ctz(), Botan::BigInt::is_nonzero(), Botan::BigInt::is_positive(), and Botan::BigInt::size().

Referenced by gcd(), inverse_mod(), jacobi(), and ressol().

142  {
143  size_t low_zero = 0;
144 
145  if(n.is_positive() && n.is_nonzero())
146  {
147  for(size_t i = 0; i != n.size(); ++i)
148  {
149  word x = n[i];
150 
151  if(x)
152  {
153  low_zero += ctz(x);
154  break;
155  }
156  else
157  low_zero += BOTAN_MP_WORD_BITS;
158  }
159  }
160 
161  return low_zero;
162  }
size_t ctz(T n)
Definition: bit_ops.h:93
BigInt n
Definition: numthry.cpp:26
EAC1_1_CVC BOTAN_DLL Botan::make_cvc_cert ( PK_Signer signer,
const MemoryRegion< byte > &  public_key,
ASN1_Car const &  car,
ASN1_Chr const &  chr,
byte  holder_auth_templ,
ASN1_Ced  ced,
ASN1_Cex  cex,
RandomNumberGenerator rng 
)

Create an arbitrary EAC 1.1 CVC. The desired key encoding must be set within the key (if applicable).

Parameters
signerthe signer used to sign the certificate
public_keythe DER encoded public key to appear in the certificate
carthe CAR of the certificate
chrthe CHR of the certificate
holder_auth_templthe holder authorization value byte to appear in the CHAT of the certificate
cedthe CED to appear in the certificate
cexthe CEX to appear in the certificate
rnga random number generator

Definition at line 98 of file cvc_cert.cpp.

References APPLICATION, Botan::EAC1_1_gen_CVC< EAC1_1_CVC >::build_cert_body(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OIDS::lookup(), Botan::EAC1_1_gen_CVC< EAC1_1_CVC >::make_signed(), OCTET_STRING, Botan::MemoryRegion< T >::push_back(), Botan::DER_Encoder::raw_bytes(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::CVC_EAC::create_self_signed_cert(), Botan::DE_EAC::link_cvca(), and Botan::DE_EAC::sign_request().

106  {
107  OID chat_oid(OIDS::lookup("CertificateHolderAuthorizationTemplate"));
108  MemoryVector<byte> enc_chat_val;
109  enc_chat_val.push_back(holder_auth_templ);
110 
111  MemoryVector<byte> enc_cpi;
112  enc_cpi.push_back(0x00);
113  MemoryVector<byte> tbs = DER_Encoder()
114  .encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION) // cpi
115  .encode(car)
116  .raw_bytes(public_key)
117  .encode(chr)
118  .start_cons(ASN1_Tag(76), APPLICATION)
119  .encode(chat_oid)
120  .encode(enc_chat_val, OCTET_STRING, ASN1_Tag(19), APPLICATION)
121  .end_cons()
122  .encode(ced)
123  .encode(cex)
124  .get_contents();
125 
126  MemoryVector<byte> signed_cert =
127  EAC1_1_CVC::make_signed(signer,
128  EAC1_1_CVC::build_cert_body(tbs),
129  rng);
130 
131  DataSource_Memory source(signed_cert);
132  return EAC1_1_CVC(source);
133  }
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
std::string lookup(const OID &oid)
Definition: oids.cpp:31
ASN1_Tag
Definition: asn1_int.h:19
Private_Key * Botan::make_private_key ( const AlgorithmIdentifier alg_id,
const MemoryRegion< byte > &  key_bits,
RandomNumberGenerator rng 
)

Definition at line 104 of file pk_algs.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), and Botan::AlgorithmIdentifier::oid.

Referenced by Botan::PKCS8::load_key().

107  {
108  const std::string alg_name = OIDS::lookup(alg_id.oid);
109  if(alg_name == "")
110  throw Decoding_Error("Unknown algorithm OID: " + alg_id.oid.as_string());
111 
112 #if defined(BOTAN_HAS_RSA)
113  if(alg_name == "RSA")
114  return new RSA_PrivateKey(alg_id, key_bits, rng);
115 #endif
116 
117 #if defined(BOTAN_HAS_RW)
118  if(alg_name == "RW")
119  return new RW_PrivateKey(alg_id, key_bits, rng);
120 #endif
121 
122 #if defined(BOTAN_HAS_DSA)
123  if(alg_name == "DSA")
124  return new DSA_PrivateKey(alg_id, key_bits, rng);
125 #endif
126 
127 #if defined(BOTAN_HAS_DIFFIE_HELLMAN)
128  if(alg_name == "DH")
129  return new DH_PrivateKey(alg_id, key_bits, rng);
130 #endif
131 
132 #if defined(BOTAN_HAS_NYBERG_RUEPPEL)
133  if(alg_name == "NR")
134  return new NR_PrivateKey(alg_id, key_bits, rng);
135 #endif
136 
137 #if defined(BOTAN_HAS_ELGAMAL)
138  if(alg_name == "ElGamal")
139  return new ElGamal_PrivateKey(alg_id, key_bits, rng);
140 #endif
141 
142 #if defined(BOTAN_HAS_ECDSA)
143  if(alg_name == "ECDSA")
144  return new ECDSA_PrivateKey(alg_id, key_bits);
145 #endif
146 
147 #if defined(BOTAN_HAS_GOST_34_10_2001)
148  if(alg_name == "GOST-34.10")
149  return new GOST_3410_PrivateKey(alg_id, key_bits);
150 #endif
151 
152 #if defined(BOTAN_HAS_ECDH)
153  if(alg_name == "ECDH")
154  return new ECDH_PrivateKey(alg_id, key_bits);
155 #endif
156 
157  return 0;
158  }
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
std::string lookup(const OID &oid)
Definition: oids.cpp:31
Public_Key * Botan::make_public_key ( const AlgorithmIdentifier alg_id,
const MemoryRegion< byte > &  key_bits 
)

Definition at line 49 of file pk_algs.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), and Botan::AlgorithmIdentifier::oid.

Referenced by Botan::X509::load_key().

51  {
52  const std::string alg_name = OIDS::lookup(alg_id.oid);
53  if(alg_name == "")
54  throw Decoding_Error("Unknown algorithm OID: " + alg_id.oid.as_string());
55 
56 #if defined(BOTAN_HAS_RSA)
57  if(alg_name == "RSA")
58  return new RSA_PublicKey(alg_id, key_bits);
59 #endif
60 
61 #if defined(BOTAN_HAS_RW)
62  if(alg_name == "RW")
63  return new RW_PublicKey(alg_id, key_bits);
64 #endif
65 
66 #if defined(BOTAN_HAS_DSA)
67  if(alg_name == "DSA")
68  return new DSA_PublicKey(alg_id, key_bits);
69 #endif
70 
71 #if defined(BOTAN_HAS_DIFFIE_HELLMAN)
72  if(alg_name == "DH")
73  return new DH_PublicKey(alg_id, key_bits);
74 #endif
75 
76 #if defined(BOTAN_HAS_NYBERG_RUEPPEL)
77  if(alg_name == "NR")
78  return new NR_PublicKey(alg_id, key_bits);
79 #endif
80 
81 #if defined(BOTAN_HAS_ELGAMAL)
82  if(alg_name == "ElGamal")
83  return new ElGamal_PublicKey(alg_id, key_bits);
84 #endif
85 
86 #if defined(BOTAN_HAS_ECDSA)
87  if(alg_name == "ECDSA")
88  return new ECDSA_PublicKey(alg_id, key_bits);
89 #endif
90 
91 #if defined(BOTAN_HAS_GOST_34_10_2001)
92  if(alg_name == "GOST-34.10")
93  return new GOST_3410_PublicKey(alg_id, key_bits);
94 #endif
95 
96 #if defined(BOTAN_HAS_ECDH)
97  if(alg_name == "ECDH")
98  return new ECDH_PublicKey(alg_id, key_bits);
99 #endif
100 
101  return 0;
102  }
std::string lookup(const OID &oid)
Definition: oids.cpp:31
u16bit Botan::make_u16bit ( byte  i0,
byte  i1 
)
inline

Make a u16bit from two bytes

Parameters
i0the first byte
i1the second byte
Returns
i0 || i1

Definition at line 47 of file loadstor.h.

Referenced by Botan::Record_Reader::get_record(), Botan::TLS_Data_Reader::get_u16bit(), load_be< u16bit >(), load_le< u16bit >(), Botan::Client_Key_Exchange::pre_master_secret(), and Botan::RTSS_Share::reconstruct().

48  {
49  return ((static_cast<u16bit>(i0) << 8) | i1);
50  }
u32bit Botan::make_u32bit ( byte  i0,
byte  i1,
byte  i2,
byte  i3 
)
inline

Make a u32bit from four bytes

Parameters
i0the first byte
i1the second byte
i2the third byte
i3the fourth byte
Returns
i0 || i1 || i2 || i3

Definition at line 60 of file loadstor.h.

Referenced by load_be< u32bit >(), and load_le< u32bit >().

61  {
62  return ((static_cast<u32bit>(i0) << 24) |
63  (static_cast<u32bit>(i1) << 16) |
64  (static_cast<u32bit>(i2) << 8) |
65  (static_cast<u32bit>(i3)));
66  }
u64bit Botan::make_u64bit ( byte  i0,
byte  i1,
byte  i2,
byte  i3,
byte  i4,
byte  i5,
byte  i6,
byte  i7 
)
inline

Make a u32bit from eight bytes

Parameters
i0the first byte
i1the second byte
i2the third byte
i3the fourth byte
i4the fifth byte
i5the sixth byte
i6the seventh byte
i7the eighth byte
Returns
i0 || i1 || i2 || i3 || i4 || i5 || i6 || i7

Definition at line 80 of file loadstor.h.

Referenced by load_be< u64bit >(), and load_le< u64bit >().

82  {
83  return ((static_cast<u64bit>(i0) << 56) |
84  (static_cast<u64bit>(i1) << 48) |
85  (static_cast<u64bit>(i2) << 40) |
86  (static_cast<u64bit>(i3) << 32) |
87  (static_cast<u64bit>(i4) << 24) |
88  (static_cast<u64bit>(i5) << 16) |
89  (static_cast<u64bit>(i6) << 8) |
90  (static_cast<u64bit>(i7)));
91  }
BOTAN_DLL size_t Botan::max_keylength_of ( const std::string &  algo_spec)

Find out the maximum key size of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
maximum key length of the specified algorithm

Definition at line 86 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::SymmetricAlgorithm::key_spec(), mac, Botan::Key_Length_Specification::maximum_keylength(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_mac(), and Botan::Algorithm_Factory::prototype_stream_cipher().

87  {
88  Algorithm_Factory& af = global_state().algorithm_factory();
89 
90  if(const BlockCipher* bc = af.prototype_block_cipher(name))
91  return bc->key_spec().maximum_keylength();
92 
93  if(const StreamCipher* sc = af.prototype_stream_cipher(name))
94  return sc->key_spec().maximum_keylength();
95 
96  if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
97  return mac->key_spec().maximum_keylength();
98 
99  throw Algorithm_Not_Found(name);
100  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
MessageAuthenticationCode * mac
Definition: fpe_fe1.cpp:94
Library_State & global_state()
BOTAN_DLL size_t Botan::min_keylength_of ( const std::string &  algo_spec)

Find out the minimum key size of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
minimum key length of the specified algorithm

Definition at line 67 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::SymmetricAlgorithm::key_spec(), mac, Botan::Key_Length_Specification::minimum_keylength(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_mac(), and Botan::Algorithm_Factory::prototype_stream_cipher().

68  {
69  Algorithm_Factory& af = global_state().algorithm_factory();
70 
71  if(const BlockCipher* bc = af.prototype_block_cipher(name))
72  return bc->key_spec().minimum_keylength();
73 
74  if(const StreamCipher* sc = af.prototype_stream_cipher(name))
75  return sc->key_spec().minimum_keylength();
76 
77  if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
78  return mac->key_spec().minimum_keylength();
79 
80  throw Algorithm_Not_Found(name);
81  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
MessageAuthenticationCode * mac
Definition: fpe_fe1.cpp:94
Library_State & global_state()
BigInt BOTAN_DLL Botan::mul_add ( const BigInt a,
const BigInt b,
const BigInt c 
)

Fused multiply-add

Parameters
aan integer
ban integer
can integer
Returns
(a*b)+c

Definition at line 33 of file mp_numth.cpp.

References bigint_add2(), bigint_mul(), Botan::BigInt::data(), Botan::BigInt::get_reg(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), Botan::BigInt::Negative, Botan::BigInt::Positive, r, Botan::BigInt::sig_words(), Botan::BigInt::sign(), and Botan::BigInt::size().

Referenced by Botan::DSA_Signature_Operation::sign(), Botan::RW_Signature_Operation::sign(), and Botan::ECDSA_Signature_Operation::sign().

34  {
35  if(c.is_negative() || c.is_zero())
36  throw Invalid_Argument("mul_add: Third argument must be > 0");
37 
38  BigInt::Sign sign = BigInt::Positive;
39  if(a.sign() != b.sign())
40  sign = BigInt::Negative;
41 
42  const size_t a_sw = a.sig_words();
43  const size_t b_sw = b.sig_words();
44  const size_t c_sw = c.sig_words();
45 
46  BigInt r(sign, std::max(a.size() + b.size(), c_sw) + 1);
47  SecureVector<word> workspace(r.size());
48 
49  bigint_mul(r.get_reg(), r.size(), workspace,
50  a.data(), a.size(), a_sw,
51  b.data(), b.size(), b_sw);
52  const size_t r_size = std::max(r.sig_words(), c_sw);
53  bigint_add2(r.get_reg(), r_size, c.data(), c_sw);
54  return r;
55  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
void bigint_mul(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
Definition: mp_karat.cpp:248
void bigint_add2(word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:68
BigInt r
Definition: numthry.cpp:26
PointGFp Botan::multi_exponentiate ( const PointGFp p1,
const BigInt z1,
const PointGFp p2,
const BigInt z2 
)

Multiexponentiation

Parameters
p1a point
z1a scalar
p2a point
z2a scalar
Returns
(p1 * z1 + p2 * z2)

Definition at line 257 of file point_gfp.cpp.

References Botan::BigInt::bits(), Botan::BigInt::get_bit(), Botan::BigInt::is_negative(), and Botan::PointGFp::negate().

Referenced by Botan::ECDSA_Verification_Operation::verify(), and Botan::GOST_3410_Verification_Operation::verify().

259  {
260  const PointGFp p3 = p1 + p2;
261 
262  PointGFp H(p1.curve); // create as zero
263  size_t bits_left = std::max(z1.bits(), z2.bits());
264 
265  std::vector<BigInt> ws(9);
266 
267  while(bits_left)
268  {
269  H.mult2(ws);
270 
271  const bool z1_b = z1.get_bit(bits_left - 1);
272  const bool z2_b = z2.get_bit(bits_left - 1);
273 
274  if(z1_b == true && z2_b == true)
275  H.add(p3, ws);
276  else if(z1_b)
277  H.add(p1, ws);
278  else if(z2_b)
279  H.add(p2, ws);
280 
281  --bits_left;
282  }
283 
284  if(z1.is_negative() != z2.is_negative())
285  H.negate();
286 
287  return H;
288  }
template<typename K , typename V >
void Botan::multimap_insert ( std::multimap< K, V > &  multimap,
const K &  key,
const V &  value 
)

Insert a key/value pair into a multimap

Definition at line 76 of file stl_util.h.

Referenced by Botan::Data_Store::add(), Botan::X509_DN::add_attribute(), Botan::AlternativeName::add_attribute(), Botan::AlternativeName::add_othername(), Botan::X509_DN::contents(), Botan::AlternativeName::contents(), Botan::X509_DN::get_attributes(), and Botan::Data_Store::search_with().

78  {
79 #if defined(BOTAN_BUILD_COMPILER_IS_SUN_STUDIO)
80  // Work around a strange bug in Sun Studio
81  multimap.insert(std::make_pair<const K, V>(key, value));
82 #else
83  multimap.insert(std::make_pair(key, value));
84 #endif
85  }
bool Botan::operator!= ( EAC1_1_Req const &  lhs,
EAC1_1_Req const &  rhs 
)
inline

Definition at line 52 of file cvc_req.h.

53  {
54  return !(lhs == rhs);
55  }
bool Botan::operator!= ( const ECDSA_Signature lhs,
const ECDSA_Signature rhs 
)
inline

Definition at line 52 of file ecdsa_sig.h.

53  {
54  return !(lhs == rhs);
55  }
BOTAN_DLL bool Botan::operator!= ( const CRL_Entry ,
const CRL_Entry  
)

Test two CRL entries for inequality in at least one field.

Definition at line 55 of file crl_ent.cpp.

56  {
57  return !(a1 == a2);
58  }
bool Botan::operator!= ( EAC1_1_CVC const &  lhs,
EAC1_1_CVC const &  rhs 
)
inline

Definition at line 79 of file cvc_cert.h.

80  {
81  return !(lhs == rhs);
82  }
bool BOTAN_DLL Botan::operator!= ( const AlgorithmIdentifier a1,
const AlgorithmIdentifier a2 
)

Definition at line 84 of file alg_id.cpp.

85  {
86  return !(a1 == a2);
87  }
bool Botan::operator!= ( EAC1_1_ADO const &  lhs,
EAC1_1_ADO const &  rhs 
)
inline

Definition at line 89 of file cvc_ado.h.

90  {
91  return (!(lhs == rhs));
92  }
bool Botan::operator!= ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 278 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

279  { return (t1.cmp(t2) != 0); }
bool Botan::operator!= ( const OID a,
const OID b 
)

Compare two OIDs.

Parameters
athe first OID
bthe second OID
Returns
true if a is not equal to b

Definition at line 97 of file asn1_oid.cpp.

98  {
99  return !(a == b);
100  }
BOTAN_DLL bool Botan::operator!= ( const OctetString x,
const OctetString y 
)

Compare two strings

Parameters
xan octet string
yan octet string
Returns
if x is not equal to y

Definition at line 106 of file symkey.cpp.

107  {
108  return !(s1 == s2);
109  }
bool Botan::operator!= ( const EC_Group lhs,
const EC_Group rhs 
)
inline

Definition at line 132 of file ec_group.h.

134  {
135  return !(lhs == rhs);
136  }
bool Botan::operator!= ( const CurveGFp lhs,
const CurveGFp rhs 
)
inline

Equality operator

Parameters
lhsa curve
rhsa curve
Returns
true iff lhs is not the same as rhs

Definition at line 142 of file curve_gfp.h.

143  {
144  return !(lhs == rhs);
145  }
bool BOTAN_DLL Botan::operator!= ( const X509_DN dn1,
const X509_DN dn2 
)

Definition at line 173 of file x509_dn.cpp.

174  {
175  return !(dn1 == dn2);
176  }
bool Botan::operator!= ( const PointGFp lhs,
const PointGFp rhs 
)
inline

Definition at line 227 of file point_gfp.h.

228  {
229  return !(rhs == lhs);
230  }
bool BOTAN_DLL Botan::operator!= ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 230 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

231  {
232  return (t1.cmp(t2) != 0);
233  }
bool Botan::operator!= ( const ASN1_EAC_String lhs,
const ASN1_EAC_String rhs 
)
inline

Definition at line 235 of file eac_asn_obj.h.

236  {
237  return !(lhs == rhs);
238  }
BOTAN_DLL bool Botan::operator!= ( const X509_Certificate ,
const X509_Certificate  
)

Check two certificates for inequality

Returns
true if the arguments represent different certificates, false if they are binary identical

Definition at line 302 of file x509cert.cpp.

303  {
304  return !(cert1 == cert2);
305  }
bool Botan::operator!= ( const BigInt a,
const BigInt b 
)
inline

Definition at line 525 of file bigint.h.

References Botan::BigInt::cmp().

526  { return (a.cmp(b) != 0); }
BigInt BOTAN_DLL Botan::operator% ( const BigInt n,
const BigInt mod 
)

Definition at line 119 of file big_ops3.cpp.

References divide(), Botan::BigInt::is_negative(), Botan::BigInt::is_positive(), Botan::BigInt::is_zero(), mod, and r.

120  {
121  if(mod.is_zero())
122  throw BigInt::DivideByZero();
123  if(mod.is_negative())
124  throw Invalid_Argument("BigInt::operator%: modulus must be > 0");
125  if(n.is_positive() && mod.is_positive() && n < mod)
126  return n;
127 
128  BigInt q, r;
129  divide(n, mod, q, r);
130  return r;
131  }
void divide(const BigInt &x, const BigInt &y_arg, BigInt &q, BigInt &r)
Definition: divide.cpp:34
BigInt n
Definition: numthry.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
GMP_MPZ mod
Definition: gmp_powm.cpp:29
BigInt r
Definition: numthry.cpp:26
word BOTAN_DLL Botan::operator% ( const BigInt n,
word  mod 
)

Definition at line 136 of file big_ops3.cpp.

References bigint_modop(), mod, Botan::BigInt::Negative, power_of_2(), Botan::BigInt::sig_words(), Botan::BigInt::sign(), and Botan::BigInt::word_at().

137  {
138  if(mod == 0)
139  throw BigInt::DivideByZero();
140  if(power_of_2(mod))
141  return (n.word_at(0) & (mod - 1));
142 
143  word remainder = 0;
144 
145  for(size_t j = n.sig_words(); j > 0; --j)
146  remainder = bigint_modop(remainder, n.word_at(j-1), mod);
147 
148  if(remainder && n.sign() == BigInt::Negative)
149  return mod - remainder;
150  return remainder;
151  }
BigInt n
Definition: numthry.cpp:26
GMP_MPZ mod
Definition: gmp_powm.cpp:29
bool power_of_2(T arg)
Definition: bit_ops.h:21
word bigint_modop(word n1, word n0, word d)
Definition: mp_misc.cpp:92
BigInt BOTAN_DLL Botan::operator* ( const BigInt x,
const BigInt y 
)

Definition at line 83 of file big_ops3.cpp.

References bigint_linmul3(), bigint_mul(), Botan::BigInt::data(), Botan::BigInt::Positive, Botan::BigInt::sig_words(), Botan::BigInt::sign(), Botan::BigInt::size(), and Botan::BigInt::word_at().

84  {
85  const size_t x_sw = x.sig_words(), y_sw = y.sig_words();
86 
87  BigInt z(BigInt::Positive, x.size() + y.size());
88 
89  if(x_sw == 1 && y_sw)
90  bigint_linmul3(z.get_reg(), y.data(), y_sw, x.word_at(0));
91  else if(y_sw == 1 && x_sw)
92  bigint_linmul3(z.get_reg(), x.data(), x_sw, y.word_at(0));
93  else if(x_sw && y_sw)
94  {
95  SecureVector<word> workspace(z.size());
96  bigint_mul(z.get_reg(), z.size(), workspace,
97  x.data(), x.size(), x_sw,
98  y.data(), y.size(), y_sw);
99  }
100 
101  if(x_sw && y_sw && x.sign() != y.sign())
102  z.flip_sign();
103  return z;
104  }
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_asm.cpp:167
void bigint_mul(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
Definition: mp_karat.cpp:248
PointGFp Botan::operator* ( const PointGFp point,
const BigInt scalar 
)
inline

Definition at line 250 of file point_gfp.h.

251  {
252  return scalar * point;
253  }
PointGFp Botan::operator* ( const BigInt scalar,
const PointGFp point 
)

Multiplication Operator

Parameters
scalarthe scalar value
pointthe point value
Returns
scalar*point on the curve

Definition at line 290 of file point_gfp.cpp.

References Botan::BigInt::abs(), Botan::BigInt::bits(), Botan::BigInt::byte_at(), Botan::BigInt::get_bit(), Botan::PointGFp::get_curve(), Botan::BigInt::get_substring(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), and Botan::PointGFp::negate().

291  {
292  const CurveGFp& curve = point.get_curve();
293 
294  if(scalar.is_zero())
295  return PointGFp(curve); // zero point
296 
297  std::vector<BigInt> ws(9);
298 
299  if(scalar.abs() <= 2) // special cases for small values
300  {
301  byte value = scalar.abs().byte_at(0);
302 
303  PointGFp result = point;
304 
305  if(value == 2)
306  result.mult2(ws);
307 
308  if(scalar.is_negative())
309  result.negate();
310 
311  return result;
312  }
313 
314  const size_t scalar_bits = scalar.bits();
315 
316 #if 0
317 
318  PointGFp x1 = PointGFp(curve);
319  PointGFp x2 = point;
320 
321  size_t bits_left = scalar_bits;
322 
323  // Montgomery Ladder
324  while(bits_left)
325  {
326  const bool bit_set = scalar.get_bit(bits_left - 1);
327 
328  if(bit_set)
329  {
330  x1.add(x2, ws);
331  x2.mult2(ws);
332  }
333  else
334  {
335  x2.add(x1, ws);
336  x1.mult2(ws);
337  }
338 
339  --bits_left;
340  }
341 
342  if(scalar.is_negative())
343  x1.negate();
344 
345  return x1;
346 
347 #else
348  const size_t window_size = 4;
349 
350  std::vector<PointGFp> Ps(1 << window_size);
351  Ps[0] = PointGFp(curve);
352  Ps[1] = point;
353 
354  for(size_t i = 2; i != Ps.size(); ++i)
355  {
356  Ps[i] = Ps[i-1];
357  Ps[i].add(point, ws);
358  }
359 
360  PointGFp H(curve); // create as zero
361  size_t bits_left = scalar_bits;
362 
363  while(bits_left >= window_size)
364  {
365  for(size_t i = 0; i != window_size; ++i)
366  H.mult2(ws);
367 
368  const u32bit nibble = scalar.get_substring(bits_left - window_size,
369  window_size);
370 
371  H.add(Ps[nibble], ws);
372 
373  bits_left -= window_size;
374  }
375 
376  while(bits_left)
377  {
378  H.mult2(ws);
379  if(scalar.get_bit(bits_left-1))
380  H.add(point, ws);
381 
382  --bits_left;
383  }
384 
385  if(scalar.is_negative())
386  H.negate();
387 
388  return H;
389 #endif
390  }
unsigned char byte
Definition: types.h:22
unsigned int u32bit
Definition: types.h:32
BigInt BOTAN_DLL Botan::operator+ ( const BigInt x,
const BigInt y 
)

Definition at line 19 of file big_ops3.cpp.

References bigint_add3(), bigint_cmp(), bigint_sub3(), Botan::BigInt::data(), Botan::BigInt::Positive, Botan::BigInt::sig_words(), and Botan::BigInt::sign().

20  {
21  const size_t x_sw = x.sig_words(), y_sw = y.sig_words();
22 
23  BigInt z(x.sign(), std::max(x_sw, y_sw) + 1);
24 
25  if((x.sign() == y.sign()))
26  bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
27  else
28  {
29  s32bit relative_size = bigint_cmp(x.data(), x_sw, y.data(), y_sw);
30 
31  if(relative_size < 0)
32  {
33  bigint_sub3(z.get_reg(), y.data(), y_sw, x.data(), x_sw);
34  z.set_sign(y.sign());
35  }
36  else if(relative_size == 0)
37  z.set_sign(BigInt::Positive);
38  else if(relative_size > 0)
39  bigint_sub3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
40  }
41 
42  return z;
43  }
word bigint_sub3(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:127
signed int s32bit
Definition: types.h:37
s32bit bigint_cmp(const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_misc.cpp:41
void bigint_add3(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:77
OID Botan::operator+ ( const OID oid,
u32bit  new_comp 
)

Append another component onto the OID.

Parameters
oidthe OID to add the new component to
new_compthe new component to add

Definition at line 87 of file asn1_oid.cpp.

88  {
89  OID new_oid(oid);
90  new_oid += component;
91  return new_oid;
92  }
OID oid
Definition: x509_ext.cpp:446
BOTAN_DLL OctetString Botan::operator+ ( const OctetString x,
const OctetString y 
)

Concatenate two strings

Parameters
xan octet string
yan octet string
Returns
x concatenated with y

Definition at line 114 of file symkey.cpp.

References Botan::OctetString::bits_of().

115  {
116  SecureVector<byte> out;
117  out += k1.bits_of();
118  out += k2.bits_of();
119  return OctetString(out);
120  }
PointGFp Botan::operator+ ( const PointGFp lhs,
const PointGFp rhs 
)
inline

Definition at line 238 of file point_gfp.h.

239  {
240  PointGFp tmp(lhs);
241  return tmp += rhs;
242  }
template<typename T >
MemoryRegion<T>& Botan::operator+= ( MemoryRegion< T > &  out,
const MemoryRegion< T > &  in 
)

Definition at line 373 of file secmem.h.

References copy_mem(), Botan::MemoryRegion< T >::resize(), and Botan::MemoryRegion< T >::size().

375  {
376  const size_t copy_offset = out.size();
377  out.resize(out.size() + in.size());
378  copy_mem(&out[copy_offset], &in[0], in.size());
379  return out;
380  }
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
template<typename T >
MemoryRegion<T>& Botan::operator+= ( MemoryRegion< T > &  out,
in 
)

Definition at line 383 of file secmem.h.

References Botan::MemoryRegion< T >::push_back().

385  {
386  out.push_back(in);
387  return out;
388  }
template<typename T , typename L >
MemoryRegion<T>& Botan::operator+= ( MemoryRegion< T > &  out,
const std::pair< const T *, L > &  in 
)

Definition at line 391 of file secmem.h.

References copy_mem(), Botan::MemoryRegion< T >::resize(), and Botan::MemoryRegion< T >::size().

393  {
394  const size_t copy_offset = out.size();
395  out.resize(out.size() + in.second);
396  copy_mem(&out[copy_offset], in.first, in.second);
397  return out;
398  }
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
template<typename T , typename L >
MemoryRegion<T>& Botan::operator+= ( MemoryRegion< T > &  out,
const std::pair< T *, L > &  in 
)

Definition at line 401 of file secmem.h.

References copy_mem(), Botan::MemoryRegion< T >::resize(), and Botan::MemoryRegion< T >::size().

403  {
404  const size_t copy_offset = out.size();
405  out.resize(out.size() + in.second);
406  copy_mem(&out[copy_offset], in.first, in.second);
407  return out;
408  }
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
BigInt BOTAN_DLL Botan::operator- ( const BigInt x,
const BigInt y 
)

Definition at line 48 of file big_ops3.cpp.

References bigint_add3(), bigint_cmp(), bigint_shl2(), bigint_sub3(), Botan::BigInt::data(), Botan::BigInt::Positive, Botan::BigInt::reverse_sign(), Botan::BigInt::sig_words(), and Botan::BigInt::sign().

49  {
50  const size_t x_sw = x.sig_words(), y_sw = y.sig_words();
51 
52  s32bit relative_size = bigint_cmp(x.data(), x_sw, y.data(), y_sw);
53 
54  BigInt z(BigInt::Positive, std::max(x_sw, y_sw) + 1);
55 
56  if(relative_size < 0)
57  {
58  if(x.sign() == y.sign())
59  bigint_sub3(z.get_reg(), y.data(), y_sw, x.data(), x_sw);
60  else
61  bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
62  z.set_sign(y.reverse_sign());
63  }
64  else if(relative_size == 0)
65  {
66  if(x.sign() != y.sign())
67  bigint_shl2(z.get_reg(), x.data(), x_sw, 0, 1);
68  }
69  else if(relative_size > 0)
70  {
71  if(x.sign() == y.sign())
72  bigint_sub3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
73  else
74  bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
75  z.set_sign(x.sign());
76  }
77  return z;
78  }
word bigint_sub3(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:127
signed int s32bit
Definition: types.h:37
void bigint_shl2(word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
Definition: mp_shift.cpp:97
s32bit bigint_cmp(const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_misc.cpp:41
void bigint_add3(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:77
PointGFp Botan::operator- ( const PointGFp lhs)
inline

Definition at line 233 of file point_gfp.h.

References Botan::PointGFp::negate().

234  {
235  return PointGFp(lhs).negate();
236  }
PointGFp Botan::operator- ( const PointGFp lhs,
const PointGFp rhs 
)
inline

Definition at line 244 of file point_gfp.h.

245  {
246  PointGFp tmp(lhs);
247  return tmp -= rhs;
248  }
BigInt BOTAN_DLL Botan::operator/ ( const BigInt x,
const BigInt y 
)

Definition at line 109 of file big_ops3.cpp.

References divide(), and r.

110  {
111  BigInt q, r;
112  divide(x, y, q, r);
113  return q;
114  }
void divide(const BigInt &x, const BigInt &y_arg, BigInt &q, BigInt &r)
Definition: divide.cpp:34
BigInt r
Definition: numthry.cpp:26
bool Botan::operator< ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 286 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

287  { return (t1.cmp(t2) < 0); }
bool Botan::operator< ( const OID a,
const OID b 
)

Compare two OIDs.

Parameters
athe first OID
bthe second OID
Returns
true if a is lexicographically smaller than b

Definition at line 105 of file asn1_oid.cpp.

References Botan::OID::get_id().

106  {
107  std::vector<u32bit> oid1 = a.get_id();
108  std::vector<u32bit> oid2 = b.get_id();
109 
110  if(oid1.size() < oid2.size())
111  return true;
112  if(oid1.size() > oid2.size())
113  return false;
114  for(size_t i = 0; i != oid1.size(); ++i)
115  {
116  if(oid1[i] < oid2[i])
117  return true;
118  if(oid1[i] > oid2[i])
119  return false;
120  }
121  return false;
122  }
bool BOTAN_DLL Botan::operator< ( const X509_DN dn1,
const X509_DN dn2 
)

Definition at line 181 of file x509_dn.cpp.

References Botan::X509_DN::get_attributes().

182  {
183  typedef std::multimap<OID, std::string>::const_iterator rdn_iter;
184 
185  std::multimap<OID, std::string> attr1 = dn1.get_attributes();
186  std::multimap<OID, std::string> attr2 = dn2.get_attributes();
187 
188  if(attr1.size() < attr2.size()) return true;
189  if(attr1.size() > attr2.size()) return false;
190 
191  for(rdn_iter p1 = attr1.begin(); p1 != attr1.end(); ++p1)
192  {
193  std::multimap<OID, std::string>::const_iterator p2;
194  p2 = attr2.find(p1->first);
195  if(p2 == attr2.end()) return false;
196  if(p1->second > p2->second) return false;
197  if(p1->second < p2->second) return true;
198  }
199  return false;
200  }
bool BOTAN_DLL Botan::operator< ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 250 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

251  {
252  return (t1.cmp(t2) < 0);
253  }
bool Botan::operator< ( const BigInt a,
const BigInt b 
)
inline

Definition at line 531 of file bigint.h.

References Botan::BigInt::cmp().

532  { return (a.cmp(b) < 0); }
BOTAN_DLL std::ostream & Botan::operator<< ( std::ostream &  stream,
const BigInt n 
)

Definition at line 16 of file big_io.cpp.

References base, Botan::BigInt::Decimal, Botan::BigInt::encode(), Botan::BigInt::Hexadecimal, Botan::BigInt::Octal, and Botan::MemoryRegion< T >::size().

17  {
18  BigInt::Base base = BigInt::Decimal;
19  if(stream.flags() & std::ios::hex)
20  base = BigInt::Hexadecimal;
21  else if(stream.flags() & std::ios::oct)
22  base = BigInt::Octal;
23 
24  if(n == 0)
25  stream.write("0", 1);
26  else
27  {
28  if(n < 0)
29  stream.write("-", 1);
30  SecureVector<byte> buffer = BigInt::encode(n, base);
31  size_t skip = 0;
32  while(buffer[skip] == '0' && skip < buffer.size())
33  ++skip;
34  stream.write(reinterpret_cast<const char*>(&buffer[0]) + skip,
35  buffer.size() - skip);
36  }
37  if(!stream.good())
38  throw Stream_IO_Error("BigInt output operator has failed");
39  return stream;
40  }
BigInt n
Definition: numthry.cpp:26
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:19
GMP_MPZ base
Definition: gmp_powm.cpp:29
int BOTAN_DLL Botan::operator<< ( int  out,
Pipe pipe 
)

Stream output operator; dumps the results from pipe's default message to the output stream.

Parameters
outfile descriptor for an open output stream
pipethe pipe

Definition at line 17 of file fd_unix.cpp.

References Botan::Pipe::read(), Botan::Pipe::remaining(), and Botan::MemoryRegion< T >::size().

18  {
19  SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
20  while(pipe.remaining())
21  {
22  size_t got = pipe.read(&buffer[0], buffer.size());
23  size_t position = 0;
24  while(got)
25  {
26  ssize_t ret = write(fd, &buffer[position], got);
27  if(ret == -1)
28  throw Stream_IO_Error("Pipe output operator (unixfd) has failed");
29  position += ret;
30  got -= ret;
31  }
32  }
33  return fd;
34  }
BigInt BOTAN_DLL Botan::operator<< ( const BigInt x,
size_t  shift 
)

Definition at line 156 of file big_ops3.cpp.

References bigint_shl2(), Botan::BigInt::data(), Botan::BigInt::get_reg(), MP_WORD_BITS, Botan::BigInt::sig_words(), and Botan::BigInt::sign().

157  {
158  if(shift == 0)
159  return x;
160 
161  const size_t shift_words = shift / MP_WORD_BITS,
162  shift_bits = shift % MP_WORD_BITS;
163 
164  const size_t x_sw = x.sig_words();
165 
166  BigInt y(x.sign(), x_sw + shift_words + (shift_bits ? 1 : 0));
167  bigint_shl2(y.get_reg(), x.data(), x_sw, shift_words, shift_bits);
168  return y;
169  }
void bigint_shl2(word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
Definition: mp_shift.cpp:97
const size_t MP_WORD_BITS
Definition: mp_core.h:18
std::ostream & Botan::operator<< ( std::ostream &  out,
Pipe pipe 
)

Stream output operator; dumps the results from pipe's default message to the output stream.

Parameters
outan output stream
pipethe pipe

Definition at line 16 of file pipe_io.cpp.

References Botan::Pipe::read(), Botan::Pipe::remaining(), and Botan::MemoryRegion< T >::size().

17  {
18  SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
19  while(stream.good() && pipe.remaining())
20  {
21  size_t got = pipe.read(&buffer[0], buffer.size());
22  stream.write(reinterpret_cast<const char*>(&buffer[0]), got);
23  }
24  if(!stream.good())
25  throw Stream_IO_Error("Pipe output operator (iostream) has failed");
26  return stream;
27  }
bool Botan::operator<= ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 281 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

282  { return (t1.cmp(t2) <= 0); }
bool BOTAN_DLL Botan::operator<= ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 235 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

236  {
237  return (t1.cmp(t2) <= 0);
238  }
bool Botan::operator<= ( const BigInt a,
const BigInt b 
)
inline

Definition at line 527 of file bigint.h.

References Botan::BigInt::cmp().

528  { return (a.cmp(b) <= 0); }
BOTAN_DLL bool Botan::operator== ( const CRL_Entry ,
const CRL_Entry  
)

Test two CRL entries for equality in all fields.

Definition at line 41 of file crl_ent.cpp.

References Botan::CRL_Entry::expire_time(), Botan::CRL_Entry::reason_code(), and Botan::CRL_Entry::serial_number().

42  {
43  if(a1.serial_number() != a2.serial_number())
44  return false;
45  if(a1.expire_time() != a2.expire_time())
46  return false;
47  if(a1.reason_code() != a2.reason_code())
48  return false;
49  return true;
50  }
bool BOTAN_DLL Botan::operator== ( const AlgorithmIdentifier a1,
const AlgorithmIdentifier a2 
)

Definition at line 72 of file alg_id.cpp.

References Botan::AlgorithmIdentifier::oid, and Botan::AlgorithmIdentifier::parameters.

73  {
74  if(a1.oid != a2.oid)
75  return false;
76  if(a1.parameters != a2.parameters)
77  return false;
78  return true;
79  }
bool Botan::operator== ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 276 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

277  { return (t1.cmp(t2) == 0); }
BOTAN_DLL bool Botan::operator== ( const OctetString x,
const OctetString y 
)

Compare two strings

Parameters
xan octet string
yan octet string
Returns
if x is equal to y

Definition at line 98 of file symkey.cpp.

References Botan::OctetString::bits_of().

99  {
100  return (s1.bits_of() == s2.bits_of());
101  }
bool BOTAN_DLL Botan::operator== ( const ASN1_EAC_String lhs,
const ASN1_EAC_String rhs 
)

Definition at line 114 of file asn1_eac_str.cpp.

References Botan::ASN1_EAC_String::iso_8859().

115  {
116  return (lhs.iso_8859() == rhs.iso_8859());
117  }
bool BOTAN_DLL Botan::operator== ( const X509_DN dn1,
const X509_DN dn2 
)

Definition at line 143 of file x509_dn.cpp.

References Botan::X509_DN::get_attributes(), and x500_name_cmp().

144  {
145  typedef std::multimap<OID, std::string>::const_iterator rdn_iter;
146 
147  std::multimap<OID, std::string> attr1 = dn1.get_attributes();
148  std::multimap<OID, std::string> attr2 = dn2.get_attributes();
149 
150  if(attr1.size() != attr2.size()) return false;
151 
152  rdn_iter p1 = attr1.begin();
153  rdn_iter p2 = attr2.begin();
154 
155  while(true)
156  {
157  if(p1 == attr1.end() && p2 == attr2.end())
158  break;
159  if(p1 == attr1.end()) return false;
160  if(p2 == attr2.end()) return false;
161  if(p1->first != p2->first) return false;
162  if(!x500_name_cmp(p1->second, p2->second))
163  return false;
164  ++p1;
165  ++p2;
166  }
167  return true;
168  }
bool x500_name_cmp(const std::string &name1, const std::string &name2)
Definition: parsing.cpp:213
bool BOTAN_DLL Botan::operator== ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 225 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

226  {
227  return (t1.cmp(t2) == 0);
228  }
bool Botan::operator== ( const BigInt a,
const BigInt b 
)
inline

Definition at line 523 of file bigint.h.

References Botan::BigInt::cmp().

524  { return (a.cmp(b) == 0); }
bool Botan::operator> ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 288 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

289  { return (t1.cmp(t2) > 0); }
bool BOTAN_DLL Botan::operator> ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 245 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

246  {
247  return (t1.cmp(t2) > 0);
248  }
bool Botan::operator> ( const BigInt a,
const BigInt b 
)
inline

Definition at line 533 of file bigint.h.

References Botan::BigInt::cmp().

534  { return (a.cmp(b) > 0); }
bool Botan::operator>= ( const X509_Time t1,
const X509_Time t2 
)

Definition at line 283 of file asn1_tm.cpp.

References Botan::X509_Time::cmp().

284  { return (t1.cmp(t2) >= 0); }
bool BOTAN_DLL Botan::operator>= ( const EAC_Time t1,
const EAC_Time t2 
)

Definition at line 240 of file asn1_eac_tm.cpp.

References Botan::EAC_Time::cmp().

241  {
242  return (t1.cmp(t2) >= 0);
243  }
bool Botan::operator>= ( const BigInt a,
const BigInt b 
)
inline

Definition at line 529 of file bigint.h.

References Botan::BigInt::cmp().

530  { return (a.cmp(b) >= 0); }
int BOTAN_DLL Botan::operator>> ( int  in,
Pipe pipe 
)

File descriptor input operator; dumps the remaining bytes of input to the (assumed open) pipe message.

Parameters
infile descriptor for an open input stream
pipethe pipe

Definition at line 39 of file fd_unix.cpp.

References Botan::MemoryRegion< T >::size(), and Botan::Pipe::write().

40  {
41  SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
42  while(true)
43  {
44  ssize_t ret = read(fd, &buffer[0], buffer.size());
45  if(ret == 0) break;
46  if(ret == -1)
47  throw Stream_IO_Error("Pipe input operator (unixfd) has failed");
48  pipe.write(&buffer[0], ret);
49  }
50  return fd;
51  }
BOTAN_DLL std::istream & Botan::operator>> ( std::istream &  stream,
BigInt n 
)

Definition at line 45 of file big_io.cpp.

46  {
47  std::string str;
48  std::getline(stream, str);
49  if(stream.bad() || (stream.fail() && !stream.eof()))
50  throw Stream_IO_Error("BigInt input operator has failed");
51  n = BigInt(str);
52  return stream;
53  }
BigInt n
Definition: numthry.cpp:26
BigInt BOTAN_DLL Botan::operator>> ( const BigInt x,
size_t  shift 
)

Definition at line 174 of file big_ops3.cpp.

References bigint_shr2(), Botan::BigInt::bits(), Botan::BigInt::data(), MP_WORD_BITS, Botan::BigInt::sig_words(), and Botan::BigInt::sign().

175  {
176  if(shift == 0)
177  return x;
178  if(x.bits() <= shift)
179  return 0;
180 
181  const size_t shift_words = shift / MP_WORD_BITS,
182  shift_bits = shift % MP_WORD_BITS,
183  x_sw = x.sig_words();
184 
185  BigInt y(x.sign(), x_sw - shift_words);
186  bigint_shr2(y.get_reg(), x.data(), x_sw, shift_words, shift_bits);
187  return y;
188  }
void bigint_shr2(word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
Definition: mp_shift.cpp:117
const size_t MP_WORD_BITS
Definition: mp_core.h:18
std::istream & Botan::operator>> ( std::istream &  in,
Pipe pipe 
)

Stream input operator; dumps the remaining bytes of input to the (assumed open) pipe message.

Parameters
inthe input stream
pipethe pipe

Definition at line 32 of file pipe_io.cpp.

References Botan::MemoryRegion< T >::size(), and Botan::Pipe::write().

33  {
34  SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
35  while(stream.good())
36  {
37  stream.read(reinterpret_cast<char*>(&buffer[0]), buffer.size());
38  pipe.write(&buffer[0], stream.gcount());
39  }
40  if(stream.bad() || (stream.fail() && !stream.eof()))
41  throw Stream_IO_Error("Pipe input operator (iostream) has failed");
42  return stream;
43  }
BOTAN_DLL OctetString Botan::operator^ ( const OctetString x,
const OctetString y 
)

XOR two strings

Parameters
xan octet string
yan octet string
Returns
x XORed with y

Definition at line 125 of file symkey.cpp.

References Botan::OctetString::begin(), Botan::MemoryRegion< T >::copy(), Botan::OctetString::length(), and xor_buf().

126  {
127  SecureVector<byte> ret(std::max(k1.length(), k2.length()));
128  ret.copy(k1.begin(), k1.length());
129  xor_buf(ret, k2.begin(), k2.length());
130  return OctetString(ret);
131  }
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
PointGFp Botan::OS2ECP ( const MemoryRegion< byte > &  data,
const CurveGFp curve 
)
inline

Definition at line 261 of file point_gfp.h.

References OS2ECP(), and Botan::MemoryRegion< T >::size().

262  { return OS2ECP(&data[0], data.size(), curve); }
PointGFp OS2ECP(const MemoryRegion< byte > &data, const CurveGFp &curve)
Definition: point_gfp.h:261
size_t size() const
Definition: secmem.h:29
PointGFp BOTAN_DLL Botan::OS2ECP ( const byte  data[],
size_t  data_len,
const CurveGFp curve 
)

Definition at line 554 of file point_gfp.cpp.

References Botan::BigInt::decode(), and Botan::PointGFp::on_the_curve().

Referenced by Botan::ECDH_KA_Operation::agree(), Botan::EC_Group::EC_Group(), Botan::EC_PublicKey::EC_PublicKey(), and OS2ECP().

556  {
557  if(data_len <= 1)
558  return PointGFp(curve); // return zero
559 
560  const byte pc = data[0];
561 
562  BigInt x, y;
563 
564  if(pc == 2 || pc == 3)
565  {
566  //compressed form
567  x = BigInt::decode(&data[1], data_len - 1);
568 
569  const bool y_mod_2 = ((pc & 0x01) == 1);
570  y = decompress_point(y_mod_2, x, curve);
571  }
572  else if(pc == 4)
573  {
574  const size_t l = (data_len - 1) / 2;
575 
576  // uncompressed form
577  x = BigInt::decode(&data[1], l);
578  y = BigInt::decode(&data[l+1], l);
579  }
580  else if(pc == 6 || pc == 7)
581  {
582  const size_t l = (data_len - 1) / 2;
583 
584  // hybrid form
585  x = BigInt::decode(&data[1], l);
586  y = BigInt::decode(&data[l+1], l);
587 
588  const bool y_mod_2 = ((pc & 0x01) == 1);
589 
590  if(decompress_point(y_mod_2, x, curve) != y)
591  throw Illegal_Point("OS2ECP: Decoding error in hybrid format");
592  }
593  else
594  throw Invalid_Argument("OS2ECP: Unknown format type");
595 
596  PointGFp result(curve, x, y);
597 
598  if(!result.on_the_curve())
599  throw Illegal_Point("OS2ECP: Decoded point was not on the curve");
600 
601  return result;
602  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
unsigned char byte
Definition: types.h:22
SecureVector< byte > decode(DataSource &source, std::string &label)
Definition: pem.cpp:56
BOTAN_DLL size_t Botan::output_length_of ( const std::string &  algo_spec)

Find out the output length of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
output length of the specified algorithm

Definition at line 51 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), mac, Botan::Buffered_Computation::output_length(), Botan::Algorithm_Factory::prototype_hash_function(), and Botan::Algorithm_Factory::prototype_mac().

Referenced by Botan::SessionKeys::SessionKeys().

52  {
53  Algorithm_Factory& af = global_state().algorithm_factory();
54 
55  if(const HashFunction* hash = af.prototype_hash_function(name))
56  return hash->output_length();
57 
58  if(const MessageAuthenticationCode* mac = af.prototype_mac(name))
59  return mac->output_length();
60 
61  throw Algorithm_Not_Found(name);
62  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
MessageAuthenticationCode * mac
Definition: fpe_fe1.cpp:94
Library_State & global_state()
BOTAN_DLL std::vector< std::string > Botan::parse_algorithm_name ( const std::string &  scan_name)

Parse a SCAN-style algorithm name

Parameters
scan_namethe name
Returns
the name components

Definition at line 96 of file parsing.cpp.

Referenced by get_cipher_mode(), and Botan::X509_Object::hash_used_for_signature().

97  {
98  if(namex.find('(') == std::string::npos &&
99  namex.find(')') == std::string::npos)
100  return std::vector<std::string>(1, namex);
101 
102  std::string name = namex, substring;
103  std::vector<std::string> elems;
104  size_t level = 0;
105 
106  elems.push_back(name.substr(0, name.find('(')));
107  name = name.substr(name.find('('));
108 
109  for(std::string::const_iterator i = name.begin(); i != name.end(); ++i)
110  {
111  char c = *i;
112 
113  if(c == '(')
114  ++level;
115  if(c == ')')
116  {
117  if(level == 1 && i == name.end() - 1)
118  {
119  if(elems.size() == 1)
120  elems.push_back(substring.substr(1));
121  else
122  elems.push_back(substring);
123  return elems;
124  }
125 
126  if(level == 0 || (level == 1 && i != name.end() - 1))
127  throw Invalid_Algorithm_Name(namex);
128  --level;
129  }
130 
131  if(c == ',' && level == 1)
132  {
133  if(elems.size() == 1)
134  elems.push_back(substring.substr(1));
135  else
136  elems.push_back(substring);
137  substring.clear();
138  }
139  else
140  substring += c;
141  }
142 
143  if(substring != "")
144  throw Invalid_Algorithm_Name(namex);
145 
146  return elems;
147  }
BOTAN_DLL std::vector< u32bit > Botan::parse_asn1_oid ( const std::string &  oid)

Parse an ASN.1 OID

Parameters
oidthe OID in string form
Returns
OID components

Definition at line 180 of file parsing.cpp.

References to_u32bit().

Referenced by Botan::OID::OID().

181  {
182  std::string substring;
183  std::vector<u32bit> oid_elems;
184 
185  for(std::string::const_iterator i = oid.begin(); i != oid.end(); ++i)
186  {
187  char c = *i;
188 
189  if(c == '.')
190  {
191  if(substring == "")
192  throw Invalid_OID(oid);
193  oid_elems.push_back(to_u32bit(substring));
194  substring.clear();
195  }
196  else
197  substring += c;
198  }
199 
200  if(substring == "")
201  throw Invalid_OID(oid);
202  oid_elems.push_back(to_u32bit(substring));
203 
204  if(oid_elems.size() < 2)
205  throw Invalid_OID(oid);
206 
207  return oid_elems;
208  }
u32bit to_u32bit(const std::string &number)
Definition: parsing.cpp:18
OID oid
Definition: x509_ext.cpp:446
BOTAN_DLL bool Botan::passes_self_tests ( Algorithm_Factory af)

Run a set of self tests on some basic algorithms like AES and SHA-1

Parameters
afan algorithm factory
Returns
false if a failure occured, otherwise true

Definition at line 209 of file selftest.cpp.

References confirm_startup_self_tests().

210  {
211  try
212  {
214  }
215  catch(Self_Test_Failure)
216  {
217  return false;
218  }
219 
220  return true;
221  }
void confirm_startup_self_tests(Algorithm_Factory &af)
Definition: selftest.cpp:226
BOTAN_DLL SecureVector< byte > Botan::PGP_decode ( DataSource source,
std::string &  label,
std::map< std::string, std::string > &  headers 
)
Parameters
sourcethe input source
labelis set to the human-readable label
headersis set to any headers
Returns
decoded output as raw binary

Definition at line 70 of file openpgp.cpp.

References Botan::Pipe::end_msg(), Botan::Charset::is_space(), Botan::Pipe::read_all(), Botan::Pipe::read_all_as_string(), Botan::DataSource::read_byte(), Botan::Pipe::start_msg(), and Botan::Pipe::write().

Referenced by PGP_decode().

73  {
74  const size_t RANDOM_CHAR_LIMIT = 5;
75 
76  const std::string PGP_HEADER1 = "-----BEGIN PGP ";
77  const std::string PGP_HEADER2 = "-----";
78  size_t position = 0;
79 
80  while(position != PGP_HEADER1.length())
81  {
82  byte b;
83  if(!source.read_byte(b))
84  throw Decoding_Error("PGP: No PGP header found");
85  if(b == PGP_HEADER1[position])
86  ++position;
87  else if(position >= RANDOM_CHAR_LIMIT)
88  throw Decoding_Error("PGP: Malformed PGP header");
89  else
90  position = 0;
91  }
92  position = 0;
93  while(position != PGP_HEADER2.length())
94  {
95  byte b;
96  if(!source.read_byte(b))
97  throw Decoding_Error("PGP: No PGP header found");
98  if(b == PGP_HEADER2[position])
99  ++position;
100  else if(position)
101  throw Decoding_Error("PGP: Malformed PGP header");
102 
103  if(position == 0)
104  label += static_cast<char>(b);
105  }
106 
107  headers.clear();
108  bool end_of_headers = false;
109  while(!end_of_headers)
110  {
111  std::string this_header;
112  byte b = 0;
113  while(b != '\n')
114  {
115  if(!source.read_byte(b))
116  throw Decoding_Error("PGP: Bad armor header");
117  if(b != '\n')
118  this_header += static_cast<char>(b);
119  }
120 
121  end_of_headers = true;
122  for(size_t j = 0; j != this_header.length(); ++j)
123  if(!Charset::is_space(this_header[j]))
124  end_of_headers = false;
125 
126  if(!end_of_headers)
127  {
128  std::string::size_type pos = this_header.find(": ");
129  if(pos == std::string::npos)
130  throw Decoding_Error("OpenPGP: Bad headers");
131 
132  std::string key = this_header.substr(0, pos);
133  std::string value = this_header.substr(pos + 2, std::string::npos);
134  headers[key] = value;
135  }
136  }
137 
138  Pipe base64(new Base64_Decoder,
139  new Fork(0,
140  new Chain(new Hash_Filter(new CRC24),
141  new Base64_Encoder)
142  )
143  );
144  base64.start_msg();
145 
146  const std::string PGP_TRAILER = "-----END PGP " + label + "-----";
147  position = 0;
148  bool newline_seen = 0;
149  std::string crc;
150  while(position != PGP_TRAILER.length())
151  {
152  byte b;
153  if(!source.read_byte(b))
154  throw Decoding_Error("PGP: No PGP trailer found");
155  if(b == PGP_TRAILER[position])
156  ++position;
157  else if(position)
158  throw Decoding_Error("PGP: Malformed PGP trailer");
159 
160  if(b == '=' && newline_seen)
161  {
162  while(b != '\n')
163  {
164  if(!source.read_byte(b))
165  throw Decoding_Error("PGP: Bad CRC tail");
166  if(b != '\n')
167  crc += static_cast<char>(b);
168  }
169  }
170  else if(b == '\n')
171  newline_seen = true;
172  else if(position == 0)
173  {
174  base64.write(b);
175  newline_seen = false;
176  }
177  }
178  base64.end_msg();
179 
180  if(crc != "" && crc != base64.read_all_as_string(1))
181  throw Decoding_Error("PGP: Corrupt CRC");
182 
183  return base64.read_all();
184  }
unsigned char byte
Definition: types.h:22
bool is_space(char c)
Definition: charset.cpp:139
BOTAN_DLL SecureVector< byte > Botan::PGP_decode ( DataSource source,
std::string &  label 
)
Parameters
sourcethe input source
labelis set to the human-readable label
Returns
decoded output as raw binary

Definition at line 189 of file openpgp.cpp.

References PGP_decode().

190  {
191  std::map<std::string, std::string> ignored;
192  return PGP_decode(source, label, ignored);
193  }
SecureVector< byte > PGP_decode(DataSource &source, std::string &label)
Definition: openpgp.cpp:189
BOTAN_DLL std::string Botan::PGP_encode ( const byte  input[],
size_t  length,
const std::string &  label,
const std::map< std::string, std::string > &  headers 
)
Parameters
inputthe input data
lengthlength of input in bytes
labelthe human-readable label
headersa set of key/value pairs included in the header

Definition at line 19 of file openpgp.cpp.

References Botan::Pipe::process_msg(), and Botan::Pipe::read_all_as_string().

Referenced by PGP_encode().

23  {
24  const std::string PGP_HEADER = "-----BEGIN PGP " + label + "-----\n";
25  const std::string PGP_TRAILER = "-----END PGP " + label + "-----\n";
26  const size_t PGP_WIDTH = 64;
27 
28  std::string pgp_encoded = PGP_HEADER;
29 
30  if(headers.find("Version") != headers.end())
31  pgp_encoded += "Version: " + headers.find("Version")->second + '\n';
32 
33  std::map<std::string, std::string>::const_iterator i = headers.begin();
34  while(i != headers.end())
35  {
36  if(i->first != "Version")
37  pgp_encoded += i->first + ": " + i->second + '\n';
38  ++i;
39  }
40  pgp_encoded += '\n';
41 
42  Pipe pipe(new Fork(
43  new Base64_Encoder(true, PGP_WIDTH),
44  new Chain(new Hash_Filter(new CRC24), new Base64_Encoder)
45  )
46  );
47 
48  pipe.process_msg(input, length);
49 
50  pgp_encoded += pipe.read_all_as_string(0);
51  pgp_encoded += '=' + pipe.read_all_as_string(1) + '\n';
52  pgp_encoded += PGP_TRAILER;
53 
54  return pgp_encoded;
55  }
BOTAN_DLL std::string Botan::PGP_encode ( const byte  input[],
size_t  length,
const std::string &  label 
)
Parameters
inputthe input data
lengthlength of input in bytes
labelthe human-readable label

Definition at line 60 of file openpgp.cpp.

References PGP_encode().

62  {
63  std::map<std::string, std::string> empty;
64  return PGP_encode(input, length, type, empty);
65  }
std::string PGP_encode(const byte input[], size_t length, const std::string &type)
Definition: openpgp.cpp:60
BOTAN_DLL MemoryVector< byte > Botan::pkcs_hash_id ( const std::string &  hash_name)

Return the PKCS #1 hash identifier

See also
RFC 3447 section 9.2
Parameters
hash_namethe name of the hash function
Returns
byte sequence identifying the hash
Exceptions
Invalid_Argumentif the hash has no known PKCS #1 hash id

Definition at line 60 of file hash_id.cpp.

Referenced by Botan::EMSA3::EMSA3().

61  {
62  // Special case for SSL/TLS RSA signatures
63  if(name == "Parallel(MD5,SHA-160)")
64  return MemoryVector<byte>();
65 
66  if(name == "MD2")
67  return MemoryVector<byte>(MD2_PKCS_ID, sizeof(MD2_PKCS_ID));
68  if(name == "MD5")
69  return MemoryVector<byte>(MD5_PKCS_ID, sizeof(MD5_PKCS_ID));
70  if(name == "RIPEMD-128")
71  return MemoryVector<byte>(RIPEMD_128_PKCS_ID, sizeof(RIPEMD_128_PKCS_ID));
72  if(name == "RIPEMD-160")
73  return MemoryVector<byte>(RIPEMD_160_PKCS_ID, sizeof(RIPEMD_160_PKCS_ID));
74  if(name == "SHA-160")
75  return MemoryVector<byte>(SHA_160_PKCS_ID, sizeof(SHA_160_PKCS_ID));
76  if(name == "SHA-224")
77  return MemoryVector<byte>(SHA_224_PKCS_ID, sizeof(SHA_224_PKCS_ID));
78  if(name == "SHA-256")
79  return MemoryVector<byte>(SHA_256_PKCS_ID, sizeof(SHA_256_PKCS_ID));
80  if(name == "SHA-384")
81  return MemoryVector<byte>(SHA_384_PKCS_ID, sizeof(SHA_384_PKCS_ID));
82  if(name == "SHA-512")
83  return MemoryVector<byte>(SHA_512_PKCS_ID, sizeof(SHA_512_PKCS_ID));
84  if(name == "Tiger(24,3)")
85  return MemoryVector<byte>(TIGER_PKCS_ID, sizeof(TIGER_PKCS_ID));
86 
87  throw Invalid_Argument("No PKCS #1 identifier for " + name);
88  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
BigInt BOTAN_DLL Botan::power_mod ( const BigInt b,
const BigInt x,
const BigInt m 
)

Modular exponentation

Parameters
ban integer base
xa positive exponent
ma positive modulus
Returns
(b^x) % m

Definition at line 251 of file numthry.cpp.

References Botan::Power_Mod::execute(), pow_mod, Botan::Power_Mod::set_base(), and Botan::Power_Mod::set_exponent().

Referenced by Botan::DL_Scheme_PrivateKey::check_key(), Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DSA_PrivateKey::DSA_PrivateKey(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), generate_srp6_verifier(), Botan::NR_PrivateKey::NR_PrivateKey(), ressol(), Botan::RW_Signature_Operation::sign(), srp6_client_agree(), Botan::SRP6_Server_Session::step1(), and Botan::SRP6_Server_Session::step2().

252  {
253  Power_Mod pow_mod(mod);
254  pow_mod.set_base(base);
255  pow_mod.set_exponent(exp);
256  return pow_mod.execute();
257  }
Fixed_Exponent_Power_Mod pow_mod
Definition: numthry.cpp:28
GMP_MPZ exp
Definition: gmp_powm.cpp:29
GMP_MPZ mod
Definition: gmp_powm.cpp:29
GMP_MPZ base
Definition: gmp_powm.cpp:29
template<typename T >
bool Botan::power_of_2 ( arg)
inline

Power of 2 test. T should be an unsigned integer type

Parameters
argan integer value
Returns
true iff arg is 2^n for some n > 0

Definition at line 21 of file bit_ops.h.

Referenced by operator%(), Botan::BigInt::operator%=(), and Botan::BigInt::operator/=().

22  {
23  return ((arg != 0 && arg != 1) && ((arg & (arg-1)) == 0));
24  }
template<typename T >
void Botan::prefetch_readonly ( const T *  addr,
size_t  length 
)
inline

Definition at line 16 of file prefetch.h.

References Botan::CPUID::cache_line_size().

17  {
18 #if defined(__GNUG__)
19  const size_t Ts_per_cache_line = CPUID::cache_line_size() / sizeof(T);
20 
21  for(size_t i = 0; i <= length; i += Ts_per_cache_line)
22  __builtin_prefetch(addr + i, 0);
23 #endif
24  }
template<typename T >
void Botan::prefetch_readwrite ( const T *  addr,
size_t  length 
)
inline

Definition at line 27 of file prefetch.h.

References Botan::CPUID::cache_line_size().

28  {
29 #if defined(__GNUG__)
30  const size_t Ts_per_cache_line = CPUID::cache_line_size() / sizeof(T);
31 
32  for(size_t i = 0; i <= length; i += Ts_per_cache_line)
33  __builtin_prefetch(addr + i, 1);
34 #endif
35  }
bool BOTAN_DLL Botan::primality_test ( const BigInt n,
RandomNumberGenerator rng,
size_t  level = 1 
)

Primality Testing

Parameters
na positive integer to test for primality
rnga random number generator
levelhow hard to test
Returns
true if all primality tests passed, otherwise false

Definition at line 262 of file numthry.cpp.

References Botan::BigInt::bits(), Botan::BigInt::is_even(), PRIME_TABLE_SIZE, PRIMES, Botan::BigInt::randomize(), and Botan::BigInt::word_at().

Referenced by check_prime(), quick_check_prime(), and verify_prime().

265  {
266  const size_t PREF_NONCE_BITS = 128;
267 
268  if(n == 2)
269  return true;
270  if(n <= 1 || n.is_even())
271  return false;
272 
273  // Fast path testing for small numbers (<= 65521)
274  if(n <= PRIMES[PRIME_TABLE_SIZE-1])
275  {
276  const word num = n.word_at(0);
277 
278  for(size_t i = 0; PRIMES[i]; ++i)
279  {
280  if(num == PRIMES[i])
281  return true;
282  if(num < PRIMES[i])
283  return false;
284  }
285 
286  return false;
287  }
288 
289  if(level > 2)
290  level = 2;
291 
292  const size_t NONCE_BITS = std::min(n.bits() - 2, PREF_NONCE_BITS);
293 
294  MillerRabin_Test mr(n);
295 
296  if(mr.is_witness(2))
297  return false;
298 
299  const size_t tests = miller_rabin_test_iterations(n.bits(), level);
300 
301  for(size_t i = 0; i != tests; ++i)
302  {
303  BigInt nonce;
304  while(nonce < 2 || nonce >= (n-1))
305  nonce.randomize(rng, NONCE_BITS);
306 
307  if(mr.is_witness(nonce))
308  return false;
309  }
310 
311  return true;
312  }
const size_t PRIME_TABLE_SIZE
Definition: numthry.h:220
BigInt n
Definition: numthry.cpp:26
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
const u16bit BOTAN_DLL PRIMES[]
Definition: primes.cpp:12
bool Botan::quick_check_prime ( const BigInt n,
RandomNumberGenerator rng 
)
inline

Quickly check for primality

Parameters
na positive integer to test for primality
rnga random number generator
Returns
true if all primality tests passed, otherwise false

Definition at line 134 of file numthry.h.

References primality_test().

135  { return primality_test(n, rng, 0); }
BigInt n
Definition: numthry.cpp:26
bool primality_test(const BigInt &n, RandomNumberGenerator &rng, size_t level)
Definition: numthry.cpp:262
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BigInt BOTAN_DLL Botan::random_prime ( RandomNumberGenerator rng,
size_t  bits,
const BigInt coprime = 1,
size_t  equiv = 1,
size_t  equiv_mod = 2 
)

Randomly generate a prime

Parameters
rnga random number generator
bitshow large the resulting prime should be in bits
coprimea positive integer the result should be coprime to
equiva non-negative number that the result should be equivalent to modulo equiv_mod
equiv_modthe modulus equiv should be checked against
Returns
random prime with the specified criteria

Definition at line 17 of file make_prm.cpp.

References Botan::BigInt::bits(), check_prime(), gcd(), Botan::RandomNumberGenerator::next_byte(), PRIME_TABLE_SIZE, PRIMES, Botan::BigInt::set_bit(), Botan::MemoryRegion< T >::size(), and to_string().

Referenced by Botan::DL_Group::DL_Group(), random_safe_prime(), Botan::RSA_PrivateKey::RSA_PrivateKey(), and Botan::RW_PrivateKey::RW_PrivateKey().

20  {
21  if(bits <= 1)
22  throw Invalid_Argument("random_prime: Can't make a prime of " +
23  to_string(bits) + " bits");
24  else if(bits == 2)
25  return ((rng.next_byte() % 2) ? 2 : 3);
26  else if(bits == 3)
27  return ((rng.next_byte() % 2) ? 5 : 7);
28  else if(bits == 4)
29  return ((rng.next_byte() % 2) ? 11 : 13);
30 
31  if(coprime <= 0)
32  throw Invalid_Argument("random_prime: coprime must be > 0");
33  if(modulo % 2 == 1 || modulo == 0)
34  throw Invalid_Argument("random_prime: Invalid modulo value");
35  if(equiv >= modulo || equiv % 2 == 0)
36  throw Invalid_Argument("random_prime: equiv must be < modulo, and odd");
37 
38  while(true)
39  {
40  BigInt p(rng, bits);
41 
42  // Force lowest and two top bits on
43  p.set_bit(bits - 1);
44  p.set_bit(bits - 2);
45  p.set_bit(0);
46 
47  if(p % modulo != equiv)
48  p += (modulo - p % modulo) + equiv;
49 
50  const size_t sieve_size = std::min(bits / 2, PRIME_TABLE_SIZE);
51  SecureVector<size_t> sieve(sieve_size);
52 
53  for(size_t j = 0; j != sieve.size(); ++j)
54  sieve[j] = p % PRIMES[j];
55 
56  size_t counter = 0;
57  while(true)
58  {
59  if(counter == 4096 || p.bits() > bits)
60  break;
61 
62  bool passes_sieve = true;
63  ++counter;
64  p += modulo;
65 
66  if(p.bits() > bits)
67  break;
68 
69  for(size_t j = 0; j != sieve.size(); ++j)
70  {
71  sieve[j] = (sieve[j] + modulo) % PRIMES[j];
72  if(sieve[j] == 0)
73  passes_sieve = false;
74  }
75 
76  if(!passes_sieve || gcd(p - 1, coprime) != 1)
77  continue;
78  if(check_prime(p, rng))
79  return p;
80  }
81  }
82  }
const size_t PRIME_TABLE_SIZE
Definition: numthry.h:220
BigInt gcd(const BigInt &a, const BigInt &b)
Definition: numthry.cpp:167
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_int.cpp:46
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
const u16bit BOTAN_DLL PRIMES[]
Definition: primes.cpp:12
bool check_prime(const BigInt &n, RandomNumberGenerator &rng)
Definition: numthry.h:143
BigInt BOTAN_DLL Botan::random_safe_prime ( RandomNumberGenerator rng,
size_t  bits 
)

Return a 'safe' prime, of the form p=2*q+1 with q prime

Parameters
rnga random number generator
bitsis how long the resulting prime should be
Returns
prime randomly chosen from safe primes of length bits

Definition at line 87 of file make_prm.cpp.

References check_prime(), random_prime(), and to_string().

Referenced by Botan::DL_Group::DL_Group().

88  {
89  if(bits <= 64)
90  throw Invalid_Argument("random_safe_prime: Can't make a prime of " +
91  to_string(bits) + " bits");
92 
93  BigInt p;
94  do
95  p = (random_prime(rng, bits - 1) << 1) + 1;
96  while(!check_prime(p, rng));
97  return p;
98  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_int.cpp:46
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BigInt random_prime(RandomNumberGenerator &rng, size_t bits, const BigInt &coprime, size_t equiv, size_t modulo)
Definition: make_prm.cpp:17
bool check_prime(const BigInt &n, RandomNumberGenerator &rng)
Definition: numthry.h:143
BigInt Botan::ressol ( const BigInt x,
const BigInt p 
)

Compute the square root of x modulo a prime using the Shanks-Tonnelli algorithm

Parameters
xthe input
pthe prime
Returns
y such that (y*y)p == x, or -1 if no such integer

Definition at line 17 of file ressol.cpp.

References jacobi(), low_zero_bits(), Botan::Modular_Reducer::multiply(), n, Botan::BigInt::Power2, power_mod(), r, s, and Botan::Modular_Reducer::square().

18  {
19  if(a < 0)
20  throw Invalid_Argument("ressol(): a to solve for must be positive");
21  if(p <= 1)
22  throw Invalid_Argument("ressol(): prime must be > 1");
23 
24  if(a == 0)
25  return 0;
26  if(p == 2)
27  return a;
28 
29  if(jacobi(a, p) != 1) // not a quadratic residue
30  return -BigInt(1);
31 
32  if(p % 4 == 3)
33  return power_mod(a, ((p+1) >> 2), p);
34 
35  size_t s = low_zero_bits(p - 1);
36  BigInt q = p >> s;
37 
38  q -= 1;
39  q >>= 1;
40 
41  Modular_Reducer mod_p(p);
42 
43  BigInt r = power_mod(a, q, p);
44  BigInt n = mod_p.multiply(a, mod_p.square(r));
45  r = mod_p.multiply(r, a);
46 
47  if(n == 1)
48  return r;
49 
50  // find random non quadratic residue z
51  BigInt z = 2;
52  while(jacobi(z, p) == 1) // while z quadratic residue
53  ++z;
54 
55  BigInt c = power_mod(z, (q << 1) + 1, p);
56 
57  while(n > 1)
58  {
59  q = n;
60 
61  size_t i = 0;
62  while(q != 1)
63  {
64  q = mod_p.square(q);
65  ++i;
66  }
67 
68  if(s <= i)
69  return -BigInt(1);
70 
71  c = power_mod(c, BigInt(BigInt::Power2, s-i-1), p);
72  r = mod_p.multiply(r, c);
73  c = mod_p.square(c);
74  n = mod_p.multiply(n, c);
75  s = i;
76  }
77 
78  return r;
79  }
BigInt n
Definition: numthry.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
s32bit jacobi(const BigInt &a, const BigInt &n)
Definition: jacobi.cpp:15
size_t low_zero_bits(const BigInt &n)
Definition: numthry.cpp:141
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
Definition: numthry.cpp:251
BigInt r
Definition: numthry.cpp:26
size_t s
Definition: numthry.cpp:27
const BlockCipher* Botan::retrieve_block_cipher ( const std::string &  algo_spec)
inline

Retrieve an object prototype from the global factory

Parameters
algo_specan algorithm name
Returns
constant prototype object (use clone to create usable object), library retains ownership

Definition at line 29 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_block_cipher().

30  {
31  Algorithm_Factory& af = global_state().algorithm_factory();
32  return af.prototype_block_cipher(algo_spec);
33  }
const BlockCipher * prototype_block_cipher(const std::string &algo_spec, const std::string &provider="")
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
const HashFunction* Botan::retrieve_hash ( const std::string &  algo_spec)
inline

Retrieve an object prototype from the global factory

Parameters
algo_specan algorithm name
Returns
constant prototype object (use clone to create usable object), library retains ownership

Definition at line 55 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_hash_function().

Referenced by choose_sig_format().

56  {
57  Algorithm_Factory& af = global_state().algorithm_factory();
58  return af.prototype_hash_function(algo_spec);
59  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
const HashFunction * prototype_hash_function(const std::string &algo_spec, const std::string &provider="")
Library_State & global_state()
const MessageAuthenticationCode* Botan::retrieve_mac ( const std::string &  algo_spec)
inline

Retrieve an object prototype from the global factory

Parameters
algo_specan algorithm name
Returns
constant prototype object (use clone to create usable object), library retains ownership

Definition at line 68 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_mac().

69  {
70  Algorithm_Factory& af = global_state().algorithm_factory();
71  return af.prototype_mac(algo_spec);
72  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
const MessageAuthenticationCode * prototype_mac(const std::string &algo_spec, const std::string &provider="")
const StreamCipher* Botan::retrieve_stream_cipher ( const std::string &  algo_spec)
inline

Retrieve an object prototype from the global factory

Parameters
algo_specan algorithm name
Returns
constant prototype object (use clone to create usable object), library retains ownership

Definition at line 42 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_stream_cipher().

43  {
44  Algorithm_Factory& af = global_state().algorithm_factory();
45  return af.prototype_stream_cipher(algo_spec);
46  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:173
Library_State & global_state()
const StreamCipher * prototype_stream_cipher(const std::string &algo_spec, const std::string &provider="")
u16bit Botan::reverse_bytes ( u16bit  val)
inline

Swap a 16 bit integer

Definition at line 24 of file bswap.h.

References rotate_left().

Referenced by Botan::SIMD_Scalar::bswap(), bswap_4(), load_be(), load_le(), and reverse_bytes().

25  {
26  return rotate_left(val, 8);
27  }
T rotate_left(T input, size_t rot)
Definition: rotate.h:21
u32bit Botan::reverse_bytes ( u32bit  val)
inline

Swap a 32 bit integer

Definition at line 32 of file bswap.h.

References rotate_left(), and rotate_right().

33  {
34 #if BOTAN_GCC_VERSION >= 430 && !defined(BOTAN_TARGET_CPU_IS_ARM_FAMILY)
35  /*
36  GCC intrinsic added in 4.3, works for a number of CPUs
37 
38  However avoid under ARM, as it branches to a function in libgcc
39  instead of generating inline asm, so slower even than the generic
40  rotate version below.
41  */
42  return __builtin_bswap32(val);
43 
44 #elif BOTAN_USE_GCC_INLINE_ASM && defined(BOTAN_TARGET_CPU_IS_X86_FAMILY)
45 
46  // GCC-style inline assembly for x86 or x86-64
47  asm("bswapl %0" : "=r" (val) : "0" (val));
48  return val;
49 
50 #elif BOTAN_USE_GCC_INLINE_ASM && defined(BOTAN_TARGET_CPU_IS_ARM_FAMILY)
51 
52  asm ("eor r3, %1, %1, ror #16\n\t"
53  "bic r3, r3, #0x00FF0000\n\t"
54  "mov %0, %1, ror #8\n\t"
55  "eor %0, %0, r3, lsr #8"
56  : "=r" (val)
57  : "0" (val)
58  : "r3", "cc");
59 
60  return val;
61 
62 #elif defined(_MSC_VER) && defined(BOTAN_TARGET_ARCH_IS_X86_32)
63 
64  // Visual C++ inline asm for 32-bit x86, by Yves Jerschow
65  __asm mov eax, val;
66  __asm bswap eax;
67 
68 #else
69 
70  // Generic implementation
71  return (rotate_right(val, 8) & 0xFF00FF00) |
72  (rotate_left (val, 8) & 0x00FF00FF);
73 
74 #endif
75  }
T rotate_left(T input, size_t rot)
Definition: rotate.h:21
T rotate_right(T input, size_t rot)
Definition: rotate.h:34
u64bit Botan::reverse_bytes ( u64bit  val)
inline

Swap a 64 bit integer

Definition at line 80 of file bswap.h.

References reverse_bytes().

81  {
82 #if BOTAN_GCC_VERSION >= 430
83 
84  // GCC intrinsic added in 4.3, works for a number of CPUs
85  return __builtin_bswap64(val);
86 
87 #elif BOTAN_USE_GCC_INLINE_ASM && defined(BOTAN_TARGET_ARCH_IS_X86_64)
88  // GCC-style inline assembly for x86-64
89  asm("bswapq %0" : "=r" (val) : "0" (val));
90  return val;
91 
92 #else
93  /* Generic implementation. Defined in terms of 32-bit bswap so any
94  * optimizations in that version can help here (particularly
95  * useful for 32-bit x86).
96  */
97 
98  u32bit hi = static_cast<u32bit>(val >> 32);
99  u32bit lo = static_cast<u32bit>(val);
100 
101  hi = reverse_bytes(hi);
102  lo = reverse_bytes(lo);
103 
104  return (static_cast<u64bit>(lo) << 32) | hi;
105 #endif
106  }
u64bit reverse_bytes(u64bit val)
Definition: bswap.h:80
unsigned int u32bit
Definition: types.h:32
SecureVector< byte > BOTAN_DLL Botan::rfc3394_keyunwrap ( const MemoryRegion< byte > &  key,
const SymmetricKey kek,
Algorithm_Factory af 
)

Decrypt a key under a key encryption key using the algorithm described in RFC 3394

Parameters
keythe encrypted key to decrypt
kekthe key encryption key
afan algorithm factory
Returns
key decrypted under kek

Definition at line 77 of file rfc3394.cpp.

References Botan::MemoryRegion< T >::begin(), copy_mem(), Botan::OctetString::length(), load_be< u64bit >(), n, Botan::MemoryRegion< T >::size(), store_be(), and xor_buf().

80  {
81  if(key.size() < 16 || key.size() % 8 != 0)
82  throw std::invalid_argument("Bad input key size for NIST key unwrap");
83 
84  std::auto_ptr<BlockCipher> aes(make_aes(kek.length(), af));
85  aes->set_key(kek);
86 
87  const size_t n = (key.size() - 8) / 8;
88 
89  SecureVector<byte> R(n * 8);
90  SecureVector<byte> A(16);
91 
92  for(size_t i = 0; i != 8; ++i)
93  A[i] = key[i];
94 
95  copy_mem(&R[0], key.begin() + 8, key.size() - 8);
96 
97  for(size_t j = 0; j <= 5; ++j)
98  {
99  for(size_t i = n; i != 0; --i)
100  {
101  const u32bit t = (5 - j) * n + i;
102 
103  byte t_buf[4] = { 0 };
104  store_be(t, t_buf);
105 
106  xor_buf(&A[4], &t_buf[0], 4);
107 
108  copy_mem(&A[8], &R[8*(i-1)], 8);
109 
110  aes->decrypt(&A[0]);
111 
112  copy_mem(&R[8*(i-1)], &A[8], 8);
113  }
114  }
115 
116  if(load_be<u64bit>(&A[0], 0) != 0xA6A6A6A6A6A6A6A6)
117  throw Integrity_Failure("NIST key unwrap failed");
118 
119  return R;
120  }
BigInt n
Definition: numthry.cpp:26
unsigned char byte
Definition: types.h:22
size_t size() const
Definition: secmem.h:29
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
u64bit load_be< u64bit >(const byte in[], size_t off)
Definition: loadstor.h:200
void store_be(u16bit in, byte out[2])
Definition: loadstor.h:412
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
unsigned int u32bit
Definition: types.h:32
SecureVector< byte > BOTAN_DLL Botan::rfc3394_keywrap ( const MemoryRegion< byte > &  key,
const SymmetricKey kek,
Algorithm_Factory af 
)

Encrypt a key under a key encryption key using the algorithm described in RFC 3394

Parameters
keythe plaintext key to encrypt
kekthe key encryption key
afan algorithm factory
Returns
key encrypted under kek

Definition at line 35 of file rfc3394.cpp.

References Botan::MemoryRegion< T >::begin(), copy_mem(), Botan::OctetString::length(), n, Botan::MemoryRegion< T >::size(), store_be(), and xor_buf().

38  {
39  if(key.size() % 8 != 0)
40  throw std::invalid_argument("Bad input key size for NIST key wrap");
41 
42  std::auto_ptr<BlockCipher> aes(make_aes(kek.length(), af));
43  aes->set_key(kek);
44 
45  const size_t n = key.size() / 8;
46 
47  SecureVector<byte> R((n + 1) * 8);
48  SecureVector<byte> A(16);
49 
50  for(size_t i = 0; i != 8; ++i)
51  A[i] = 0xA6;
52 
53  copy_mem(&R[8], key.begin(), key.size());
54 
55  for(size_t j = 0; j <= 5; ++j)
56  {
57  for(size_t i = 1; i <= n; ++i)
58  {
59  const u32bit t = (n * j) + i;
60 
61  copy_mem(&A[8], &R[8*i], 8);
62 
63  aes->encrypt(&A[0]);
64  copy_mem(&R[8*i], &A[8], 8);
65 
66  byte t_buf[4] = { 0 };
67  store_be(t, t_buf);
68  xor_buf(&A[4], &t_buf[0], 4);
69  }
70  }
71 
72  copy_mem(&R[0], &A[0], 8);
73 
74  return R;
75  }
BigInt n
Definition: numthry.cpp:26
unsigned char byte
Definition: types.h:22
size_t size() const
Definition: secmem.h:29
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
void store_be(u16bit in, byte out[2])
Definition: loadstor.h:412
void xor_buf(byte out[], const byte in[], size_t length)
Definition: xor_buf.h:21
unsigned int u32bit
Definition: types.h:32
template<typename T >
T Botan::rotate_left ( input,
size_t  rot 
)
inline
template<typename T >
T Botan::rotate_right ( input,
size_t  rot 
)
inline

Bit rotation right

Parameters
inputthe input word
rotthe number of bits to rotate
Returns
input rotated right by rot bits

Definition at line 34 of file rotate.h.

Referenced by Botan::Noekeon::decrypt_n(), Botan::RC5::decrypt_n(), Botan::RC6::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::RC2::decrypt_n(), Botan::Noekeon::encrypt_n(), Botan::Twofish::encrypt_n(), reverse_bytes(), and Botan::SIMD_Scalar::rotate_right().

35  {
36  if(rot == 0)
37  return input;
38  return static_cast<T>((input >> rot) | (input << (8*sizeof(T)-rot)));
39  }
template<typename T >
T Botan::round_down ( n,
align_to 
)
inline

Round down

Parameters
nan integer
align_tothe alignment boundary
Returns
n rounded down to a multiple of align_to

Definition at line 36 of file rounding.h.

Referenced by Botan::Buffered_Filter::write().

37  {
38  return (n - (n % align_to));
39  }
BigInt n
Definition: numthry.cpp:26
template<typename T >
T Botan::round_up ( n,
align_to 
)
inline

Round up

Parameters
nan integer
align_tothe alignment boundary
Returns
n rounded up to a multiple of align_to

Definition at line 22 of file rounding.h.

References n.

Referenced by Botan::Pooling_Allocator::allocate(), and Botan::Pooling_Allocator::deallocate().

23  {
24  if(n % align_to || n == 0)
25  n += align_to - (n % align_to);
26  return n;
27  }
BigInt n
Definition: numthry.cpp:26
template<typename T >
bool Botan::same_mem ( const T *  p1,
const T *  p2,
size_t  n 
)
inline

Memory comparison, input insensitive

Parameters
p1a pointer to an array
p2a pointer to another array
nthe number of Ts in p1 and p2
Returns
true iff p1[i] == p2[i] forall i in [0...n)

Definition at line 57 of file mem_ops.h.

References n.

Referenced by check_passhash9(), Botan::CryptoBox::decrypt(), Botan::MemoryRegion< word >::operator==(), Botan::RTSS_Share::reconstruct(), and Botan::MessageAuthenticationCode::verify_mac().

58  {
59  bool is_same = true;
60 
61  for(size_t i = 0; i != n; ++i)
62  is_same &= (p1[i] == p2[i]);
63 
64  return is_same;
65  }
BigInt n
Definition: numthry.cpp:26
template<typename K , typename V >
V Botan::search_map ( const std::map< K, V > &  mapping,
const K &  key,
const V &  null_result = V() 
)
inline

Searching through a std::map

Parameters
mappingthe map to search
keyis what to look for
null_resultis the value to return if key is not in mapping
Returns
mapping[key] or null_result

Definition at line 43 of file stl_util.h.

Referenced by algorithm_kat(), and Botan::Algorithm_Cache< T >::get().

46  {
47  typename std::map<K, V>::const_iterator i = mapping.find(key);
48  if(i == mapping.end())
49  return null_result;
50  return i->second;
51  }
template<typename T >
void Botan::set_mem ( T *  ptr,
size_t  n,
byte  val 
)
inline

Set memory to a fixed value

Parameters
ptra pointer to an array
nthe number of Ts pointed to by ptr
valthe value to set each byte to

Definition at line 45 of file mem_ops.h.

46  {
47  std::memset(ptr, val, sizeof(T)*n);
48  }
BigInt n
Definition: numthry.cpp:26
template<typename T >
size_t Botan::significant_bytes ( n)
inline

Return the number of significant bytes in n

Parameters
nan integer value
Returns
number of significant bytes in n

Definition at line 62 of file bit_ops.h.

References get_byte().

63  {
64  for(size_t i = 0; i != sizeof(T); ++i)
65  if(get_byte(i, n))
66  return sizeof(T)-i;
67  return 0;
68  }
BigInt n
Definition: numthry.cpp:26
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
BOTAN_DLL std::vector< std::string > Botan::split_on ( const std::string &  str,
char  delim 
)

Split a string

Parameters
strthe input string
delimthe delimitor
Returns
string split by delim

Definition at line 152 of file parsing.cpp.

Referenced by Botan::EAC_Signed_Object::check_signature(), Botan::X509_Object::check_signature(), create_alt_name(), Botan::DataSource_Command::DataSource_Command(), Botan::Core_Engine::get_cipher(), get_pbe(), Botan::X509_Object::hash_used_for_signature(), Botan::LibraryInitializer::initialize(), string_to_ipv4(), Botan::Win32_CAPI_EntropySource::Win32_CAPI_EntropySource(), and Botan::X509_Cert_Options::X509_Cert_Options().

153  {
154  std::vector<std::string> elems;
155  if(str == "") return elems;
156 
157  std::string substr;
158  for(std::string::const_iterator i = str.begin(); i != str.end(); ++i)
159  {
160  if(*i == delim)
161  {
162  if(substr != "")
163  elems.push_back(substr);
164  substr.clear();
165  }
166  else
167  substr += *i;
168  }
169 
170  if(substr == "")
171  throw Invalid_Argument("Unable to split string: " + str);
172  elems.push_back(substr);
173 
174  return elems;
175  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
BigInt BOTAN_DLL Botan::square ( const BigInt x)
Parameters
xan integer
Returns
(x*x)

Definition at line 18 of file mp_numth.cpp.

References bigint_sqr(), Botan::BigInt::data(), Botan::BigInt::get_reg(), Botan::BigInt::Positive, Botan::BigInt::sig_words(), and Botan::BigInt::size().

Referenced by Botan::Modular_Reducer::cube(), Botan::Modular_Reducer::Modular_Reducer(), and Botan::Modular_Reducer::square().

19  {
20  const size_t x_sw = x.sig_words();
21 
22  BigInt z(BigInt::Positive, round_up<size_t>(2*x_sw, 16));
23  SecureVector<word> workspace(z.size());
24 
25  bigint_sqr(z.get_reg(), z.size(), workspace,
26  x.data(), x.size(), x_sw);
27  return z;
28  }
void bigint_sqr(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
Definition: mp_karat.cpp:303
std::pair< BigInt, SymmetricKey > BOTAN_DLL Botan::srp6_client_agree ( const std::string &  username,
const std::string &  password,
const std::string &  group_id,
const std::string &  hash_id,
const MemoryRegion< byte > &  salt,
const BigInt B,
RandomNumberGenerator rng 
)

SRP6a Client side

Parameters
usernamethe username we are attempting login for
passwordthe password we are attempting to use
group_idspecifies the shared SRP group
hash_idspecifies a secure hash function
saltis the salt value sent by the server
Bis the server's public value
rngis a random number generator
Returns
(A,K) the client public key and the shared secret key

Definition at line 96 of file srp6.cpp.

References Botan::BigInt::bytes(), Botan::BigInt::encode_1363(), Botan::DL_Group::get_g(), Botan::DL_Group::get_p(), and power_mod().

103  {
104  DL_Group group(group_id);
105  const BigInt& g = group.get_g();
106  const BigInt& p = group.get_p();
107 
108  const size_t p_bytes = group.get_p().bytes();
109 
110  if(B <= 0 || B >= p)
111  throw std::runtime_error("Invalid SRP parameter from server");
112 
113  BigInt k = hash_seq(hash_id, p_bytes, p, g);
114 
115  BigInt a(rng, 256);
116 
117  BigInt A = power_mod(g, a, p);
118 
119  BigInt u = hash_seq(hash_id, p_bytes, A, B);
120 
121  const BigInt x = compute_x(hash_id, identifier, password, salt);
122 
123  BigInt S = power_mod((B - (k * power_mod(g, x, p))) % p, (a + (u * x)), p);
124 
125  SymmetricKey Sk(BigInt::encode_1363(S, p_bytes));
126 
127  return std::make_pair(A, Sk);
128  }
OctetString SymmetricKey
Definition: symkey.h:147
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
Definition: numthry.cpp:251
std::string BOTAN_DLL Botan::srp6_group_identifier ( const BigInt N,
const BigInt g 
)

Return the group id for this SRP param set, or else thrown an exception

Definition at line 72 of file srp6.cpp.

References Botan::BigInt::bits(), and to_string().

73  {
74  /*
75  This function assumes that only one 'standard' SRP parameter set has
76  been defined for a particular bitsize. As of this writing that is the case.
77  */
78  try
79  {
80  const std::string group_name = "modp/srp/" + to_string(N.bits());
81 
82  DL_Group group(group_name);
83 
84  if(group.get_p() == N && group.get_g() == g)
85  return group_name;
86 
87  throw std::runtime_error("Unknown SRP params");
88  }
89  catch(...)
90  {
91  throw Invalid_Argument("Bad SRP group parameters");
92  }
93  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_int.cpp:46
size_t Botan::static_provider_weight ( const std::string &  prov_name)
Parameters
prov_namea provider name
Returns
weight for this provider

Return a static provider weighing

Definition at line 15 of file prov_weight.cpp.

Referenced by Botan::Algorithm_Cache< T >::get().

16  {
17  /*
18  * Prefer asm over C++, but prefer anything over OpenSSL or GNU MP; to use
19  * them, set the provider explicitly for the algorithms you want
20  */
21 
22  if(prov_name == "aes_isa") return 9;
23  if(prov_name == "simd") return 8;
24  if(prov_name == "asm") return 7;
25 
26  if(prov_name == "core") return 5;
27 
28  if(prov_name == "openssl") return 2;
29  if(prov_name == "gmp") return 1;
30 
31  return 0; // other/unknown
32  }
void Botan::store_be ( u16bit  in,
byte  out[2] 
)
inline
void Botan::store_be ( u32bit  in,
byte  out[4] 
)
inline

Store a big-endian u32bit

Parameters
inthe input u32bit
outthe byte array to write to

Definition at line 442 of file loadstor.h.

References get_byte().

443  {
444 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
445  *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_B2N(in);
446 #else
447  out[0] = get_byte(0, in);
448  out[1] = get_byte(1, in);
449  out[2] = get_byte(2, in);
450  out[3] = get_byte(3, in);
451 #endif
452  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned int u32bit
Definition: types.h:32
void Botan::store_be ( u64bit  in,
byte  out[8] 
)
inline

Store a big-endian u64bit

Parameters
inthe input u64bit
outthe byte array to write to

Definition at line 476 of file loadstor.h.

References get_byte().

477  {
478 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
479  *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_B2N(in);
480 #else
481  out[0] = get_byte(0, in);
482  out[1] = get_byte(1, in);
483  out[2] = get_byte(2, in);
484  out[3] = get_byte(3, in);
485  out[4] = get_byte(4, in);
486  out[5] = get_byte(5, in);
487  out[6] = get_byte(6, in);
488  out[7] = get_byte(7, in);
489 #endif
490  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned long long u64bit
Definition: types.h:49
template<typename T >
void Botan::store_be ( byte  out[],
x0,
x1 
)
inline

Store two big-endian words

Parameters
outthe output byte array
x0the first word
x1the second word

Definition at line 533 of file loadstor.h.

References store_be().

534  {
535  store_be(x0, out + (0 * sizeof(T)));
536  store_be(x1, out + (1 * sizeof(T)));
537  }
void store_be(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:612
template<typename T >
void Botan::store_be ( byte  out[],
x0,
x1,
x2,
x3 
)
inline

Store four big-endian words

Parameters
outthe output byte array
x0the first word
x1the second word
x2the third word
x3the fourth word

Definition at line 565 of file loadstor.h.

References store_be().

566  {
567  store_be(x0, out + (0 * sizeof(T)));
568  store_be(x1, out + (1 * sizeof(T)));
569  store_be(x2, out + (2 * sizeof(T)));
570  store_be(x3, out + (3 * sizeof(T)));
571  }
void store_be(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:612
template<typename T >
void Botan::store_be ( byte  out[],
x0,
x1,
x2,
x3,
x4,
x5,
x6,
x7 
)
inline

Store eight big-endian words

Parameters
outthe output byte array
x0the first word
x1the second word
x2the third word
x3the fourth word
x4the fifth word
x5the sixth word
x6the seventh word
x7the eighth word

Definition at line 612 of file loadstor.h.

References store_be().

614  {
615  store_be(x0, out + (0 * sizeof(T)));
616  store_be(x1, out + (1 * sizeof(T)));
617  store_be(x2, out + (2 * sizeof(T)));
618  store_be(x3, out + (3 * sizeof(T)));
619  store_be(x4, out + (4 * sizeof(T)));
620  store_be(x5, out + (5 * sizeof(T)));
621  store_be(x6, out + (6 * sizeof(T)));
622  store_be(x7, out + (7 * sizeof(T)));
623  }
void store_be(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:612
void Botan::store_le ( u16bit  in,
byte  out[2] 
)
inline

Store a little-endian u16bit

Parameters
inthe input u16bit
outthe byte array to write to

Definition at line 427 of file loadstor.h.

References get_byte().

Referenced by Botan::MD4::copy_out(), Botan::MD5::copy_out(), Botan::MARS::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::RC5::decrypt_n(), Botan::RC6::decrypt_n(), Botan::RC2::decrypt_n(), Botan::Serpent::decrypt_n(), Botan::Skipjack::decrypt_n(), Botan::GOST_28147_89::decrypt_n(), Botan::Skipjack::encrypt_n(), Botan::Serpent::encrypt_n(), Botan::RC6::encrypt_n(), Botan::RC2::encrypt_n(), Botan::RC5::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::MARS::encrypt_n(), Botan::GOST_28147_89::encrypt_n(), Botan::SIMD_Scalar::store_le(), store_le(), and Botan::MDx_HashFunction::write_count().

428  {
429 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
430  *reinterpret_cast<u16bit*>(out) = BOTAN_ENDIAN_L2N(in);
431 #else
432  out[0] = get_byte(1, in);
433  out[1] = get_byte(0, in);
434 #endif
435  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned short u16bit
Definition: types.h:27
void Botan::store_le ( u32bit  in,
byte  out[4] 
)
inline

Store a little-endian u32bit

Parameters
inthe input u32bit
outthe byte array to write to

Definition at line 459 of file loadstor.h.

References get_byte().

460  {
461 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
462  *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_L2N(in);
463 #else
464  out[0] = get_byte(3, in);
465  out[1] = get_byte(2, in);
466  out[2] = get_byte(1, in);
467  out[3] = get_byte(0, in);
468 #endif
469  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned int u32bit
Definition: types.h:32
void Botan::store_le ( u64bit  in,
byte  out[8] 
)
inline

Store a little-endian u64bit

Parameters
inthe input u64bit
outthe byte array to write to

Definition at line 497 of file loadstor.h.

References get_byte().

498  {
499 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
500  *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_L2N(in);
501 #else
502  out[0] = get_byte(7, in);
503  out[1] = get_byte(6, in);
504  out[2] = get_byte(5, in);
505  out[3] = get_byte(4, in);
506  out[4] = get_byte(3, in);
507  out[5] = get_byte(2, in);
508  out[6] = get_byte(1, in);
509  out[7] = get_byte(0, in);
510 #endif
511  }
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
unsigned long long u64bit
Definition: types.h:49
template<typename T >
void Botan::store_le ( byte  out[],
x0,
x1 
)
inline

Store two little-endian words

Parameters
outthe output byte array
x0the first word
x1the second word

Definition at line 520 of file loadstor.h.

References store_le().

521  {
522  store_le(x0, out + (0 * sizeof(T)));
523  store_le(x1, out + (1 * sizeof(T)));
524  }
void store_le(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:586
template<typename T >
void Botan::store_le ( byte  out[],
x0,
x1,
x2,
x3 
)
inline

Store four little-endian words

Parameters
outthe output byte array
x0the first word
x1the second word
x2the third word
x3the fourth word

Definition at line 548 of file loadstor.h.

References store_le().

549  {
550  store_le(x0, out + (0 * sizeof(T)));
551  store_le(x1, out + (1 * sizeof(T)));
552  store_le(x2, out + (2 * sizeof(T)));
553  store_le(x3, out + (3 * sizeof(T)));
554  }
void store_le(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:586
template<typename T >
void Botan::store_le ( byte  out[],
x0,
x1,
x2,
x3,
x4,
x5,
x6,
x7 
)
inline

Store eight little-endian words

Parameters
outthe output byte array
x0the first word
x1the second word
x2the third word
x3the fourth word
x4the fifth word
x5the sixth word
x6the seventh word
x7the eighth word

Definition at line 586 of file loadstor.h.

References store_le().

588  {
589  store_le(x0, out + (0 * sizeof(T)));
590  store_le(x1, out + (1 * sizeof(T)));
591  store_le(x2, out + (2 * sizeof(T)));
592  store_le(x3, out + (3 * sizeof(T)));
593  store_le(x4, out + (4 * sizeof(T)));
594  store_le(x5, out + (5 * sizeof(T)));
595  store_le(x6, out + (6 * sizeof(T)));
596  store_le(x7, out + (7 * sizeof(T)));
597  }
void store_le(byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
Definition: loadstor.h:586
BOTAN_DLL u32bit Botan::string_to_ipv4 ( const std::string &  ip_str)

Convert a string representation of an IPv4 address to a number

Parameters
ip_strthe string representation
Returns
integer IPv4 address

Definition at line 252 of file parsing.cpp.

References split_on(), and to_u32bit().

253  {
254  std::vector<std::string> parts = split_on(str, '.');
255 
256  if(parts.size() != 4)
257  throw Decoding_Error("Invalid IP string " + str);
258 
259  u32bit ip = 0;
260 
261  for(size_t i = 0; i != parts.size(); ++i)
262  {
263  u32bit octet = to_u32bit(parts[i]);
264 
265  if(octet > 255)
266  throw Decoding_Error("Invalid IP string " + str);
267 
268  ip = (ip << 8) | (octet & 0xFF);
269  }
270 
271  return ip;
272  }
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
u32bit to_u32bit(const std::string &number)
Definition: parsing.cpp:18
unsigned int u32bit
Definition: types.h:32
BigInt BOTAN_DLL Botan::sub_mul ( const BigInt a,
const BigInt b,
const BigInt c 
)

Fused subtract-multiply

Parameters
aan integer
ban integer
can integer
Returns
(a-b)*c

Definition at line 60 of file mp_numth.cpp.

References Botan::BigInt::is_negative(), and r.

Referenced by Botan::RW_Signature_Operation::sign().

61  {
62  if(a.is_negative() || b.is_negative())
63  throw Invalid_Argument("sub_mul: First two arguments must be >= 0");
64 
65  BigInt r = a;
66  r -= b;
67  r *= c;
68  return r;
69  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
BigInt r
Definition: numthry.cpp:26
BOTAN_DLL u64bit Botan::system_time ( )
Returns
seconds resolution timestamp, unknown epoch

Definition at line 73 of file time.cpp.

Referenced by Botan::X509_Store::add_crl(), Botan::DE_EAC::create_cvca(), Botan::CRL_Entry::CRL_Entry(), Botan::DE_EAC::link_cvca(), Botan::DE_EAC::sign_request(), Botan::X509_Store::validate_cert(), and Botan::X509_Cert_Options::X509_Cert_Options().

74  {
75  return static_cast<u64bit>(std::time(0));
76  }
unsigned long long u64bit
Definition: types.h:49
BOTAN_DLL u32bit Botan::timespec_to_u32bit ( const std::string &  timespec)

Convert a time specification to a number

Parameters
timespecthe time specification
Returns
number of seconds represented by timespec

Definition at line 65 of file parsing.cpp.

References Botan::Charset::is_digit(), and to_u32bit().

66  {
67  if(timespec == "")
68  return 0;
69 
70  const char suffix = timespec[timespec.size()-1];
71  std::string value = timespec.substr(0, timespec.size()-1);
72 
73  u32bit scale = 1;
74 
75  if(Charset::is_digit(suffix))
76  value += suffix;
77  else if(suffix == 's')
78  scale = 1;
79  else if(suffix == 'm')
80  scale = 60;
81  else if(suffix == 'h')
82  scale = 60 * 60;
83  else if(suffix == 'd')
84  scale = 24 * 60 * 60;
85  else if(suffix == 'y')
86  scale = 365 * 24 * 60 * 60;
87  else
88  throw Decoding_Error("timespec_to_u32bit: Bad input " + timespec);
89 
90  return scale * to_u32bit(value);
91  }
bool is_digit(char c)
Definition: charset.cpp:128
u32bit to_u32bit(const std::string &number)
Definition: parsing.cpp:18
unsigned int u32bit
Definition: types.h:32
BOTAN_DLL std::string Botan::to_string ( u64bit  n,
size_t  min_len = 0 
)

Convert a number to a string

Parameters
nthe integer to convert to a string
min_lenthe min length of the output string
Returns
n convert to a string

Definition at line 42 of file parsing.cpp.

References Botan::Charset::digit2char().

Referenced by Botan::Data_Store::add(), Botan::EAC_Time::as_string(), Botan::OID::as_string(), Botan::X509_Time::as_string(), Botan::ASN1_String::ASN1_String(), Botan::DL_Group::BER_decode(), Botan::CFB_Decryption::CFB_Decryption(), Botan::CFB_Encryption::CFB_Encryption(), Botan::PK_Verifier::check_signature(), Botan::CipherSuite::CipherSuite(), Botan::DL_Group::DER_encode(), Botan::PKCS5_PBKDF2::derive_key(), Botan::DL_Group::DL_Group(), Botan::Dynamically_Loaded_Engine::Dynamically_Loaded_Engine(), Botan::EAX_Base::EAX_Base(), generate_dsa_primes(), generate_passhash9(), ipv4_to_string(), Botan::Keccak_1600::Keccak_1600(), Botan::MISTY1::MISTY1(), Botan::Tiger::name(), Botan::RC5::name(), Botan::ARC4::name(), Botan::SAFER_SK::name(), Botan::Keccak_1600::name(), Botan::Skein_512::name(), Botan::Lion::name(), Botan::DL_Group::PEM_encode(), random_prime(), random_safe_prime(), Botan::RC5::RC5(), Botan::EAC_Time::readable_string(), Botan::X509_Time::readable_string(), Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RW_PrivateKey::RW_PrivateKey(), Botan::X509_Time::set_to(), Botan::DE_EAC::sign_request(), Botan::PK_Signer::signature(), srp6_group_identifier(), Botan::Tiger::Tiger(), and Botan::Charset::transcode().

43  {
44  std::string lenstr;
45  if(n)
46  {
47  while(n > 0)
48  {
49  lenstr = Charset::digit2char(n % 10) + lenstr;
50  n /= 10;
51  }
52  }
53  else
54  lenstr = "0";
55 
56  while(lenstr.size() < min_len)
57  lenstr = "0" + lenstr;
58 
59  return lenstr;
60  }
BigInt n
Definition: numthry.cpp:26
char digit2char(byte b)
Definition: charset.cpp:171
BOTAN_DLL u32bit Botan::to_u32bit ( const std::string &  str)

Convert a string to a number

Parameters
strthe string to convert
Returns
number value of the string

Definition at line 18 of file parsing.cpp.

References Botan::Charset::char2digit(), and n.

Referenced by Botan::SCAN_Name::arg_as_integer(), check_bcrypt(), Botan::Data_Store::get1_u32bit(), get_cipher_mode(), parse_asn1_oid(), Botan::X509_Time::set_to(), Botan::EAC_Time::set_to(), string_to_ipv4(), and timespec_to_u32bit().

19  {
20  u32bit n = 0;
21 
22  for(std::string::const_iterator i = number.begin(); i != number.end(); ++i)
23  {
24  const u32bit OVERFLOW_MARK = 0xFFFFFFFF / 10;
25 
26  if(*i == ' ')
27  continue;
28 
29  byte digit = Charset::char2digit(*i);
30 
31  if((n > OVERFLOW_MARK) || (n == OVERFLOW_MARK && digit > 5))
32  throw Decoding_Error("to_u32bit: Integer overflow");
33  n *= 10;
34  n += digit;
35  }
36  return n;
37  }
BigInt n
Definition: numthry.cpp:26
unsigned char byte
Definition: types.h:22
byte char2digit(char c)
Definition: charset.cpp:149
unsigned int u32bit
Definition: types.h:32
void Botan::unlock_mem ( void *  addr,
size_t  length 
)

Unlock memory locked with lock_mem()

Parameters
addrthe start of the memory block
lengththe length of the memory block in bytes

Definition at line 45 of file mlock.cpp.

Referenced by has_mlock().

46  {
47 #if defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
48  ::munlock(static_cast<char*>(ptr), bytes);
49 #elif defined(BOTAN_TARGET_OS_HAS_WIN32_VIRTUAL_LOCK)
50  ::VirtualUnlock(ptr, bytes);
51 #endif
52  }
bool Botan::verify_prime ( const BigInt n,
RandomNumberGenerator rng 
)
inline

Verify primality - this function is slow but useful if you want to ensure that a possibly malicious entity did not provide you with something that 'looks like' a prime

Parameters
na positive integer to test for primality
rnga random number generator
Returns
true if all primality tests passed, otherwise false

Definition at line 154 of file numthry.h.

References primality_test().

155  { return primality_test(n, rng, 2); }
BigInt n
Definition: numthry.cpp:26
bool primality_test(const BigInt &n, RandomNumberGenerator &rng, size_t level)
Definition: numthry.cpp:262
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
BOTAN_DLL u32bit Botan::version_datestamp ( )

Return the date this version of botan was released, in an integer of the form YYYYMMDD. For instance a version released on May 21, 2013 would return the integer 20130521. If the currently running version is not an official release, this function will return 0 instead.

Returns
release date, or zero if unreleased

Definition at line 44 of file version.cpp.

44 { return BOTAN_VERSION_DATESTAMP; }
BOTAN_DLL u32bit Botan::version_major ( )

Get the major version number.

Returns
major version number

Definition at line 49 of file version.cpp.

49 { return BOTAN_VERSION_MAJOR; }
BOTAN_DLL u32bit Botan::version_minor ( )

Get the minor version number.

Returns
minor version number

Definition at line 50 of file version.cpp.

50 { return BOTAN_VERSION_MINOR; }
BOTAN_DLL u32bit Botan::version_patch ( )

Get the patch number.

Returns
patch number

Definition at line 51 of file version.cpp.

51 { return BOTAN_VERSION_PATCH; }
BOTAN_DLL std::string Botan::version_string ( )

Get a human-readable string identifying the version of Botan. No particular format should be assumed.

Returns
version string

Definition at line 23 of file version.cpp.

References STR.

24  {
25 #define QUOTE(name) #name
26 #define STR(macro) QUOTE(macro)
27 
28  return "Botan " STR(BOTAN_VERSION_MAJOR) "."
29  STR(BOTAN_VERSION_MINOR) "."
30  STR(BOTAN_VERSION_PATCH) " ("
31 
32 #if (BOTAN_VERSION_DATESTAMP == 0)
33  "unreleased version"
34 #else
35  "released " STR(BOTAN_VERSION_DATESTAMP)
36 #endif
37  ", revision " BOTAN_VERSION_VC_REVISION
38  ", distribution " BOTAN_DISTRIBUTION_INFO ")";
39 
40 #undef STR
41 #undef QUOTE
42  }
#define STR(macro)
void Botan::word3_muladd ( word *  w2,
word *  w1,
word *  w0,
word  a,
word  b 
)
inline

Definition at line 175 of file mp_asmi.h.

References word_madd2().

Referenced by bigint_comba_mul16(), bigint_comba_mul4(), bigint_comba_mul6(), bigint_comba_mul8(), bigint_comba_sqr16(), bigint_comba_sqr4(), bigint_comba_sqr6(), and bigint_comba_sqr8().

176  {
177  word carry = *w0;
178  *w0 = word_madd2(a, b, &carry);
179  *w1 += carry;
180  *w2 += (*w1 < carry) ? 1 : 0;
181  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
void Botan::word3_muladd_2 ( word *  w2,
word *  w1,
word *  w0,
word  a,
word  b 
)
inline

Definition at line 186 of file mp_asmi.h.

References word_add(), and word_madd2().

Referenced by bigint_comba_sqr16(), bigint_comba_sqr4(), bigint_comba_sqr6(), and bigint_comba_sqr8().

187  {
188  word carry = 0;
189  a = word_madd2(a, b, &carry);
190  b = carry;
191 
192  word top = (b >> (BOTAN_MP_WORD_BITS-1));
193  b <<= 1;
194  b |= (a >> (BOTAN_MP_WORD_BITS-1));
195  a <<= 1;
196 
197  carry = 0;
198  *w0 = word_add(*w0, a, &carry);
199  *w1 = word_add(*w1, b, &carry);
200  *w2 = word_add(*w2, top, &carry);
201  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
word Botan::word8_add2 ( word  x[8],
const word  y[8],
word  carry 
)
inline

Definition at line 33 of file mp_asmi.h.

References word_add().

Referenced by bigint_add2_nc().

34  {
35  x[0] = word_add(x[0], y[0], &carry);
36  x[1] = word_add(x[1], y[1], &carry);
37  x[2] = word_add(x[2], y[2], &carry);
38  x[3] = word_add(x[3], y[3], &carry);
39  x[4] = word_add(x[4], y[4], &carry);
40  x[5] = word_add(x[5], y[5], &carry);
41  x[6] = word_add(x[6], y[6], &carry);
42  x[7] = word_add(x[7], y[7], &carry);
43  return carry;
44  }
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
word Botan::word8_add3 ( word  z[8],
const word  x[8],
const word  y[8],
word  carry 
)
inline

Definition at line 49 of file mp_asmi.h.

References word_add().

Referenced by bigint_add3_nc().

51  {
52  z[0] = word_add(x[0], y[0], &carry);
53  z[1] = word_add(x[1], y[1], &carry);
54  z[2] = word_add(x[2], y[2], &carry);
55  z[3] = word_add(x[3], y[3], &carry);
56  z[4] = word_add(x[4], y[4], &carry);
57  z[5] = word_add(x[5], y[5], &carry);
58  z[6] = word_add(x[6], y[6], &carry);
59  z[7] = word_add(x[7], y[7], &carry);
60  return carry;
61  }
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
word Botan::word8_linmul2 ( word  x[8],
word  y,
word  carry 
)
inline

Definition at line 127 of file mp_asmi.h.

References word_madd2().

Referenced by bigint_linmul2().

128  {
129  x[0] = word_madd2(x[0], y, &carry);
130  x[1] = word_madd2(x[1], y, &carry);
131  x[2] = word_madd2(x[2], y, &carry);
132  x[3] = word_madd2(x[3], y, &carry);
133  x[4] = word_madd2(x[4], y, &carry);
134  x[5] = word_madd2(x[5], y, &carry);
135  x[6] = word_madd2(x[6], y, &carry);
136  x[7] = word_madd2(x[7], y, &carry);
137  return carry;
138  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word Botan::word8_linmul3 ( word  z[8],
const word  x[8],
word  y,
word  carry 
)
inline

Definition at line 143 of file mp_asmi.h.

References word_madd2().

Referenced by bigint_linmul3().

144  {
145  z[0] = word_madd2(x[0], y, &carry);
146  z[1] = word_madd2(x[1], y, &carry);
147  z[2] = word_madd2(x[2], y, &carry);
148  z[3] = word_madd2(x[3], y, &carry);
149  z[4] = word_madd2(x[4], y, &carry);
150  z[5] = word_madd2(x[5], y, &carry);
151  z[6] = word_madd2(x[6], y, &carry);
152  z[7] = word_madd2(x[7], y, &carry);
153  return carry;
154  }
word word_madd2(word a, word b, word *c)
Definition: mp_asm.h:86
word Botan::word8_linmul3 ( word  z[4],
const word  x[4],
word  y,
word  carry 
)
inline

Definition at line 368 of file mp_asmi.h.

369  {
370  __asm {
371 #if 0
372  //it's slower!!!
373  mov edx,[z]
374  mov eax,[x]
375  movd mm7,[y]
376 
377  movd mm0,[eax]
378  movd mm1,[eax+4]
379  movd mm2,[eax+8]
380  pmuludq mm0,mm7
381  pmuludq mm1,mm7
382  pmuludq mm2,mm7
383 
384  movd mm6,[carry]
385  paddq mm0,mm6
386  movd [edx],mm0
387 
388  psrlq mm0,32
389  paddq mm1,mm0
390  movd [edx+4],mm1
391 
392  movd mm3,[eax+12]
393  psrlq mm1,32
394  paddq mm2,mm1
395  movd [edx+8],mm2
396 
397  pmuludq mm3,mm7
398  movd mm4,[eax+16]
399  psrlq mm2,32
400  paddq mm3,mm2
401  movd [edx+12],mm3
402 
403  pmuludq mm4,mm7
404  movd mm5,[eax+20]
405  psrlq mm3,32
406  paddq mm4,mm3
407  movd [edx+16],mm4
408 
409  pmuludq mm5,mm7
410  movd mm0,[eax+24]
411  psrlq mm4,32
412  paddq mm5,mm4
413  movd [edx+20],mm5
414 
415  pmuludq mm0,mm7
416  movd mm1,[eax+28]
417  psrlq mm5,32
418  paddq mm0,mm5
419  movd [edx+24],mm0
420 
421  pmuludq mm1,mm7
422  psrlq mm0,32
423  paddq mm1,mm0
424  movd [edx+28],mm1
425  psrlq mm1,32
426 
427  movd eax,mm1
428  emms
429 #else
430  mov edi,[z]
431  mov esi,[x]
432  mov eax,[esi] //load a
433  mul [y] //edx(hi):eax(lo)=a*b
434  add eax,[carry] //sum lo carry
435  adc edx,0 //sum hi carry
436  mov ecx,edx //store carry
437  mov [edi],eax //load a
438 
439  mov eax,[esi+4] //load a
440  mul [y] //edx(hi):eax(lo)=a*b
441  add eax,ecx //sum lo carry
442  adc edx,0 //sum hi carry
443  mov ecx,edx //store carry
444  mov [edi+4],eax //load a
445 
446  mov eax,[esi+8] //load a
447  mul [y] //edx(hi):eax(lo)=a*b
448  add eax,ecx //sum lo carry
449  adc edx,0 //sum hi carry
450  mov ecx,edx //store carry
451  mov [edi+8],eax //load a
452 
453  mov eax,[esi+12] //load a
454  mul [y] //edx(hi):eax(lo)=a*b
455  add eax,ecx //sum lo carry
456  adc edx,0 //sum hi carry
457  mov ecx,edx //store carry
458  mov [edi+12],eax //load a
459 
460  mov eax,[esi+16] //load a
461  mul [y] //edx(hi):eax(lo)=a*b
462  add eax,ecx //sum lo carry
463  adc edx,0 //sum hi carry
464  mov ecx,edx //store carry
465  mov [edi+16],eax //load a
466 
467  mov eax,[esi+20] //load a
468  mul [y] //edx(hi):eax(lo)=a*b
469  add eax,ecx //sum lo carry
470  adc edx,0 //sum hi carry
471  mov ecx,edx //store carry
472  mov [edi+20],eax //load a
473 
474  mov eax,[esi+24] //load a
475  mul [y] //edx(hi):eax(lo)=a*b
476  add eax,ecx //sum lo carry
477  adc edx,0 //sum hi carry
478  mov ecx,edx //store carry
479  mov [edi+24],eax //load a
480 
481  mov eax,[esi+28] //load a
482  mul [y] //edx(hi):eax(lo)=a*b
483  add eax,ecx //sum lo carry
484  adc edx,0 //sum hi carry
485  mov [edi+28],eax //load a
486  mov eax,edx //store carry
487 #endif
488  }
489  }
word Botan::word8_madd3 ( word  z[8],
const word  x[8],
word  y,
word  carry 
)
inline

Definition at line 159 of file mp_asmi.h.

References word_madd3().

Referenced by bigint_monty_redc(), bigint_simple_mul(), and bigint_simple_sqr().

160  {
161  z[0] = word_madd3(x[0], y, z[0], &carry);
162  z[1] = word_madd3(x[1], y, z[1], &carry);
163  z[2] = word_madd3(x[2], y, z[2], &carry);
164  z[3] = word_madd3(x[3], y, z[3], &carry);
165  z[4] = word_madd3(x[4], y, z[4], &carry);
166  z[5] = word_madd3(x[5], y, z[5], &carry);
167  z[6] = word_madd3(x[6], y, z[6], &carry);
168  z[7] = word_madd3(x[7], y, z[7], &carry);
169  return carry;
170  }
word word_madd3(word a, word b, word c, word *d)
Definition: mp_asm.h:102
word Botan::word8_muladd ( word  z[8],
const word  x[8],
word  y,
word  carry 
)
inline

Definition at line 287 of file mp_asmi.h.

289  {
290  __asm {
291  mov esi,[x]
292  mov ebx,[y]
293  mov edi,[z]
294  mov eax,[esi] //load a
295  mul ebx //edx(hi):eax(lo)=a*b
296  add eax,[carry] //sum lo carry
297  adc edx,0 //sum hi carry
298  add eax,[edi] //sum lo z
299  adc edx,0 //sum hi z
300  mov ecx,edx //carry for next block = hi z
301  mov [edi],eax //save lo z
302 
303  mov eax,[esi+4]
304  mul ebx
305  add eax,ecx
306  adc edx,0
307  add eax,[edi+4]
308  adc edx,0
309  mov ecx,edx
310  mov [edi+4],eax
311 
312  mov eax,[esi+8]
313  mul ebx
314  add eax,ecx
315  adc edx,0
316  add eax,[edi+8]
317  adc edx,0
318  mov ecx,edx
319  mov [edi+8],eax
320 
321  mov eax,[esi+12]
322  mul ebx
323  add eax,ecx
324  adc edx,0
325  add eax,[edi+12]
326  adc edx,0
327  mov ecx,edx
328  mov [edi+12],eax
329 
330  mov eax,[esi+16]
331  mul ebx
332  add eax,ecx
333  adc edx,0
334  add eax,[edi+16]
335  adc edx,0
336  mov ecx,edx
337  mov [edi+16],eax
338 
339  mov eax,[esi+20]
340  mul ebx
341  add eax,ecx
342  adc edx,0
343  add eax,[edi+20]
344  adc edx,0
345  mov ecx,edx
346  mov [edi+20],eax
347 
348  mov eax,[esi+24]
349  mul ebx
350  add eax,ecx
351  adc edx,0
352  add eax,[edi+24]
353  adc edx,0
354  mov ecx,edx
355  mov [edi+24],eax
356 
357  mov eax,[esi+28]
358  mul ebx
359  add eax,ecx
360  adc edx,0
361  add eax,[edi+28]
362  adc edx,0
363  mov [edi+28],eax
364  mov eax,edx
365  }
366  }
word Botan::word8_sub2 ( word  x[8],
const word  y[8],
word  carry 
)
inline

Definition at line 78 of file mp_asmi.h.

References word_sub().

Referenced by bigint_sub2().

79  {
80  x[0] = word_sub(x[0], y[0], &carry);
81  x[1] = word_sub(x[1], y[1], &carry);
82  x[2] = word_sub(x[2], y[2], &carry);
83  x[3] = word_sub(x[3], y[3], &carry);
84  x[4] = word_sub(x[4], y[4], &carry);
85  x[5] = word_sub(x[5], y[5], &carry);
86  x[6] = word_sub(x[6], y[6], &carry);
87  x[7] = word_sub(x[7], y[7], &carry);
88  return carry;
89  }
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word Botan::word8_sub2_rev ( word  x[8],
const word  y[8],
word  carry 
)
inline

Definition at line 94 of file mp_asmi.h.

References word_sub().

Referenced by bigint_sub2_rev().

95  {
96  x[0] = word_sub(y[0], x[0], &carry);
97  x[1] = word_sub(y[1], x[1], &carry);
98  x[2] = word_sub(y[2], x[2], &carry);
99  x[3] = word_sub(y[3], x[3], &carry);
100  x[4] = word_sub(y[4], x[4], &carry);
101  x[5] = word_sub(y[5], x[5], &carry);
102  x[6] = word_sub(y[6], x[6], &carry);
103  x[7] = word_sub(y[7], x[7], &carry);
104  return carry;
105  }
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word Botan::word8_sub3 ( word  z[8],
const word  x[8],
const word  y[8],
word  carry 
)
inline

Definition at line 110 of file mp_asmi.h.

References word_sub().

Referenced by bigint_sub3().

112  {
113  z[0] = word_sub(x[0], y[0], &carry);
114  z[1] = word_sub(x[1], y[1], &carry);
115  z[2] = word_sub(x[2], y[2], &carry);
116  z[3] = word_sub(x[3], y[3], &carry);
117  z[4] = word_sub(x[4], y[4], &carry);
118  z[5] = word_sub(x[5], y[5], &carry);
119  z[6] = word_sub(x[6], y[6], &carry);
120  z[7] = word_sub(x[7], y[7], &carry);
121  return carry;
122  }
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word Botan::word_add ( word  x,
word  y,
word *  carry 
)
inline

Definition at line 21 of file mp_asmi.h.

Referenced by bigint_add2_nc(), bigint_add3_nc(), word3_muladd_2(), word8_add2(), and word8_add3().

22  {
23  word z = x + y;
24  word c1 = (z < x);
25  z += *carry;
26  *carry = c1 | (z < *carry);
27  return z;
28  }
word Botan::word_madd2 ( word  a,
word  b,
word *  c 
)
inline

Definition at line 86 of file mp_asm.h.

References BOTAN_WORD_MUL.

Referenced by bigint_divcore(), bigint_linmul2(), bigint_linmul3(), bigint_modop(), word3_muladd(), word3_muladd_2(), word8_linmul2(), and word8_linmul3().

87  {
88  word z0 = 0, z1 = 0;
89 
90  BOTAN_WORD_MUL(a, b, z1, z0);
91 
92  z1 += *c;
93  z0 += (z1 < *c);
94 
95  *c = z0;
96  return z1;
97  }
#define BOTAN_WORD_MUL(a, b, z1, z0)
Definition: mp_asm.h:79
word Botan::word_madd3 ( word  a,
word  b,
word  c,
word *  d 
)
inline

Definition at line 102 of file mp_asm.h.

References BOTAN_WORD_MUL.

Referenced by bigint_monty_redc(), bigint_simple_mul(), bigint_simple_sqr(), and word8_madd3().

103  {
104  word z0 = 0, z1 = 0;
105 
106  BOTAN_WORD_MUL(a, b, z1, z0);
107 
108  z1 += c;
109  z0 += (z1 < c);
110 
111  z1 += *d;
112  z0 += (z1 < *d);
113 
114  *d = z0;
115  return z1;
116  }
#define BOTAN_WORD_MUL(a, b, z1, z0)
Definition: mp_asm.h:79
word Botan::word_sub ( word  x,
word  y,
word *  carry 
)
inline

Definition at line 66 of file mp_asmi.h.

Referenced by bigint_monty_redc(), bigint_sub2(), bigint_sub2_rev(), bigint_sub3(), word8_sub2(), word8_sub2_rev(), and word8_sub3().

67  {
68  word t0 = x - y;
69  word c1 = (t0 > x);
70  word z = t0 - *carry;
71  *carry = c1 | (z > t0);
72  return z;
73  }
BOTAN_DLL bool Botan::x500_name_cmp ( const std::string &  name1,
const std::string &  name2 
)

Compare two names using the X.509 comparison algorithm

Parameters
name1the first name
name2the second name
Returns
true if name1 is the same as name2 by the X.509 comparison rules

Definition at line 213 of file parsing.cpp.

References Botan::Charset::caseless_cmp(), and Botan::Charset::is_space().

Referenced by operator==().

214  {
215  std::string::const_iterator p1 = name1.begin();
216  std::string::const_iterator p2 = name2.begin();
217 
218  while((p1 != name1.end()) && Charset::is_space(*p1)) ++p1;
219  while((p2 != name2.end()) && Charset::is_space(*p2)) ++p2;
220 
221  while(p1 != name1.end() && p2 != name2.end())
222  {
223  if(Charset::is_space(*p1))
224  {
225  if(!Charset::is_space(*p2))
226  return false;
227 
228  while((p1 != name1.end()) && Charset::is_space(*p1)) ++p1;
229  while((p2 != name2.end()) && Charset::is_space(*p2)) ++p2;
230 
231  if(p1 == name1.end() && p2 == name2.end())
232  return true;
233  }
234 
235  if(!Charset::caseless_cmp(*p1, *p2))
236  return false;
237  ++p1;
238  ++p2;
239  }
240 
241  while((p1 != name1.end()) && Charset::is_space(*p1)) ++p1;
242  while((p2 != name2.end()) && Charset::is_space(*p2)) ++p2;
243 
244  if((p1 != name1.end()) || (p2 != name2.end()))
245  return false;
246  return true;
247  }
bool caseless_cmp(char a, char b)
Definition: charset.cpp:193
bool is_space(char c)
Definition: charset.cpp:139
void Botan::xor_buf ( byte  out[],
const byte  in[],
size_t  length 
)
inline

XOR arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length

Parameters
outthe input/output buffer
inthe read-only input buffer
lengththe length of the buffers

Definition at line 21 of file xor_buf.h.

Referenced by Botan::Randpool::add_entropy(), aont_package(), aont_unpackage(), Botan::Salsa20::cipher(), Botan::Turing::cipher(), Botan::OFB::cipher(), Botan::ARC4::cipher(), Botan::CTR_BE::cipher(), Botan::WiderWake_41_BE::cipher(), Botan::DESX::decrypt_n(), Botan::LubyRackoff::decrypt_n(), Botan::Lion::decrypt_n(), Botan::PKCS5_PBKDF2::derive_key(), Botan::DESX::encrypt_n(), Botan::LubyRackoff::encrypt_n(), Botan::Lion::encrypt_n(), Botan::MGF1::mask(), operator^(), Botan::OctetString::operator^=(), Botan::Randpool::reseed(), rfc3394_keyunwrap(), and rfc3394_keywrap().

22  {
23  while(length >= 8)
24  {
25 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
26  *reinterpret_cast<u64bit*>(out) ^= *reinterpret_cast<const u64bit*>(in);
27 #else
28  out[0] ^= in[0]; out[1] ^= in[1];
29  out[2] ^= in[2]; out[3] ^= in[3];
30  out[4] ^= in[4]; out[5] ^= in[5];
31  out[6] ^= in[6]; out[7] ^= in[7];
32 #endif
33 
34  out += 8; in += 8; length -= 8;
35  }
36 
37  for(size_t i = 0; i != length; ++i)
38  out[i] ^= in[i];
39  }
unsigned long long u64bit
Definition: types.h:49
void Botan::xor_buf ( byte  out[],
const byte  in[],
const byte  in2[],
size_t  length 
)
inline

XOR arrays. Postcondition out[i] = in[i] ^ in2[i] forall i = 0...length

Parameters
outthe output buffer
inthe first input buffer
in2the second output buffer
lengththe length of the three buffers

Definition at line 48 of file xor_buf.h.

52  {
53  while(length >= 8)
54  {
55 #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
56  *reinterpret_cast<u64bit*>(out) =
57  *reinterpret_cast<const u64bit*>(in) ^
58  *reinterpret_cast<const u64bit*>(in2);
59 #else
60  out[0] = in[0] ^ in2[0]; out[1] = in[1] ^ in2[1];
61  out[2] = in[2] ^ in2[2]; out[3] = in[3] ^ in2[3];
62  out[4] = in[4] ^ in2[4]; out[5] = in[5] ^ in2[5];
63  out[6] = in[6] ^ in2[6]; out[7] = in[7] ^ in2[7];
64 #endif
65 
66  in += 8; in2 += 8; out += 8; length -= 8;
67  }
68 
69  for(size_t i = 0; i != length; ++i)
70  out[i] = in[i] ^ in2[i];
71  }
unsigned long long u64bit
Definition: types.h:49
template<typename T >
void Botan::zeroise ( MemoryRegion< T > &  vec)

Zeroise the values; length remains unchanged

Parameters
vecthe vector to zeroise

Definition at line 415 of file secmem.h.

References clear_mem(), and Botan::MemoryRegion< T >::size().

Referenced by aont_package(), aont_unpackage(), Botan::HMAC::clear(), Botan::ANSI_X919_MAC::clear(), Botan::AES_128_SSSE3::clear(), Botan::IDEA::clear(), Botan::Twofish::clear(), Botan::TEA::clear(), Botan::ANSI_X931_RNG::clear(), Botan::XTEA::clear(), Botan::ARC4::clear(), Botan::CAST_128::clear(), Botan::KASUMI::clear(), Botan::MARS::clear(), Botan::MISTY1::clear(), Botan::Noekeon::clear(), Botan::DES::clear(), Botan::RC5::clear(), Botan::RC6::clear(), Botan::SAFER_SK::clear(), Botan::DESX::clear(), Botan::SEED::clear(), Botan::Serpent::clear(), Botan::CAST_256::clear(), Botan::Skipjack::clear(), Botan::Square::clear(), Botan::BMW_512::clear(), Botan::MD4::clear(), Botan::MD5::clear(), Botan::RIPEMD_128::clear(), Botan::RIPEMD_160::clear(), Botan::SHA_160::clear(), Botan::Whirlpool::clear(), Botan::CBC_MAC::clear(), Botan::AES_128_NI::clear(), Botan::Randpool::clear(), Botan::AES_128::clear(), Botan::HAS_160::clear(), Botan::MD2::clear(), Botan::CMAC::clear(), Botan::SSL3_MAC::clear(), Botan::GOST_34_11::clear(), Botan::Tiger::clear(), Botan::RC2::clear(), Botan::HMAC_RNG::clear(), Botan::Turing::clear(), Botan::LubyRackoff::clear(), Botan::Salsa20::clear(), Botan::WiderWake_41_BE::clear(), Botan::Keccak_1600::clear(), Botan::Skein_512::clear(), Botan::Lion::clear(), Botan::CTR_BE::clear(), Botan::OFB::clear(), Botan::AES_192_SSSE3::clear(), Botan::MDx_HashFunction::clear(), Botan::TripleDES::clear(), Botan::AES_192_NI::clear(), Botan::AES_192::clear(), Botan::GOST_28147_89::clear(), Botan::AES_256_SSSE3::clear(), Botan::AES_256::clear(), Botan::AES_256_NI::clear(), Botan::BigInt::clear(), Botan::Montgomery_Exponentiator::execute(), Botan::MDx_HashFunction::final_result(), Botan::BigInt::operator+=(), Botan::OctetString::operator^=(), Botan::HMAC_RNG::reseed(), Botan::Record_Writer::reset(), Botan::Montgomery_Exponentiator::set_base(), Botan::OFB::set_iv(), Botan::CTS_Encryption::set_iv(), Botan::CTR_BE::set_iv(), Botan::CFB_Encryption::set_iv(), Botan::CFB_Decryption::set_iv(), and Botan::CTS_Decryption::set_iv().

416  {
417  clear_mem(&vec[0], vec.size());
418  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:32

Variable Documentation

const u64bit Botan::Camellia_SBOX1[256]

Definition at line 15 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX2[256]

Definition at line 81 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX3[256]

Definition at line 147 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX4[256]

Definition at line 213 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX5[256]

Definition at line 279 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX6[256]

Definition at line 345 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX7[256]

Definition at line 411 of file camellia_sbox.h.

const u64bit Botan::Camellia_SBOX8[256]

Definition at line 477 of file camellia_sbox.h.

const u32bit Botan::CAST_SBOX1

Definition at line 39 of file cast256.h.

const u32bit Botan::CAST_SBOX2

Definition at line 40 of file cast256.h.

const u32bit Botan::CAST_SBOX3

Definition at line 41 of file cast256.h.

const u32bit Botan::CAST_SBOX4

Definition at line 42 of file cast256.h.

const u64bit Botan::DES_FPTAB1
const u64bit Botan::DES_FPTAB2
const u64bit Botan::DES_IPTAB1
const u64bit Botan::DES_IPTAB2
const u32bit Botan::DES_SPBOX1

Definition at line 12 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX2

Definition at line 57 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX3

Definition at line 102 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX4

Definition at line 147 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX5

Definition at line 192 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX6

Definition at line 237 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX7

Definition at line 282 of file des_tab.cpp.

const u32bit Botan::DES_SPBOX8

Definition at line 327 of file des_tab.cpp.

const size_t Botan::HEX_CODEC_BUFFER_SIZE = 256

Size used for internal buffer in hex encoder/decoder

Definition at line 20 of file hex_filt.cpp.

const size_t Botan::MP_WORD_BITS = BOTAN_MP_WORD_BITS
const word Botan::MP_WORD_MASK = ~static_cast<word>(0)

Definition at line 27 of file mp_types.h.

Referenced by Botan::BigInt::BigInt().

const word Botan::MP_WORD_MAX = MP_WORD_MASK

Definition at line 29 of file mp_types.h.

Referenced by divide().

const word Botan::MP_WORD_TOP_BIT = static_cast<word>(1) << (8*sizeof(word) - 1)

Definition at line 28 of file mp_types.h.

Referenced by bigint_divop(), Botan::BigInt::bits(), and divide().

const size_t Botan::PRIME_TABLE_SIZE = 6541

The size of the PRIMES[] array

Definition at line 220 of file numthry.h.

Referenced by primality_test(), and random_prime().

const u16bit Botan::PRIMES

A const array of all primes less than 65535

Definition at line 12 of file primes.cpp.

Referenced by primality_test(), and random_prime().