Botan  1.11.4
Namespaces | Classes | Typedefs | Enumerations | Functions | Variables
Botan Namespace Reference

Namespaces

namespace  ASN1
 
namespace  BER
 
namespace  Camellia_F
 
namespace  Cert_Extension
 
namespace  Charset
 
namespace  CryptoBox
 
namespace  CVC_EAC
 
namespace  DE_EAC
 
namespace  FPE
 
namespace  Global_State_Management
 
namespace  HAS_160_F
 
namespace  KeyPair
 
namespace  OCSP
 
namespace  OIDS
 
namespace  PEM_Code
 
namespace  PK_Ops
 
namespace  PKCS8
 
namespace  RIPEMD_128_F
 
namespace  SHA1_F
 
namespace  SHA1_SSE2_F
 
namespace  SHA2_32
 
namespace  SHA2_64
 
namespace  TLS
 
namespace  X509
 

Classes

class  Adler32
 
class  AEAD_Filter
 
class  AEAD_Mode
 
class  AES_128
 
class  AES_128_NI
 
class  AES_128_SSSE3
 
class  AES_192
 
class  AES_192_NI
 
class  AES_192_SSSE3
 
class  AES_256
 
class  AES_256_NI
 
class  AES_256_SSSE3
 
class  AES_ISA_Engine
 
class  Algorithm
 
class  Algorithm_Cache
 
class  Algorithm_Factory
 
struct  Algorithm_Not_Found
 
class  AlgorithmIdentifier
 
class  AlternativeName
 
class  ANSI_X919_MAC
 
class  ANSI_X923_Padding
 
class  ANSI_X931_RNG
 
class  ASN1_Car
 
class  ASN1_Ced
 
class  ASN1_Cex
 
class  ASN1_Chr
 
class  ASN1_EAC_String
 
class  ASN1_Object
 
class  ASN1_String
 
class  Assembler_Engine
 
class  Attribute
 
class  AutoSeeded_RNG
 
class  Base64_Decoder
 
class  Base64_Encoder
 
class  BeOS_EntropySource
 
struct  BER_Bad_Tag
 
class  BER_Decoder
 
struct  BER_Decoding_Error
 
class  BER_Object
 
class  BigInt
 
struct  BitBucket
 
class  Blinder
 
class  Block_Cipher_Fixed_Params
 
class  BlockCipher
 
class  BlockCipherModePaddingMethod
 
class  Blowfish
 
class  BMW_512
 
class  Buffered_Computation
 
class  Buffered_Filter
 
class  Bzip_Compression
 
class  Bzip_Decompression
 
struct  calendar_point
 
class  Camellia_128
 
class  Camellia_192
 
class  Camellia_256
 
class  Cascade_Cipher
 
class  CAST_128
 
class  CAST_256
 
class  CBC_Decryption
 
class  CBC_Encryption
 
class  CBC_MAC
 
class  Certificate_Extension
 
class  Certificate_Store
 
class  Certificate_Store_In_Memory
 
class  CFB_Decryption
 
class  CFB_Encryption
 
class  Chain
 
class  CMAC
 
class  Comb4P
 
class  Core_Engine
 
class  CPUID
 
class  CRC24
 
class  CRC32
 
class  Credentials_Manager
 
class  CRL_Entry
 
class  CTR_BE
 
class  CTS_Decryption
 
class  CTS_Encryption
 
class  CurveGFp
 
class  Data_Store
 
class  DataSink
 
class  DataSink_Stream
 
class  DataSource
 
class  DataSource_Command
 
class  DataSource_Memory
 
class  DataSource_Stream
 
struct  Decoding_Error
 
class  DER_Encoder
 
class  DES
 
class  DESX
 
class  Device_EntropySource
 
class  DH_KA_Operation
 
class  DH_PrivateKey
 
class  DH_PublicKey
 
class  DL_Group
 
class  DL_Scheme_PrivateKey
 
class  DL_Scheme_PublicKey
 
class  DLIES_Decryptor
 
class  DLIES_Encryptor
 
class  DSA_PrivateKey
 
class  DSA_PublicKey
 
class  DSA_Signature_Operation
 
class  DSA_Verification_Operation
 
class  Dynamically_Loaded_Engine
 
class  Dynamically_Loaded_Library
 
class  EAC1_1_ADO
 
class  EAC1_1_CVC
 
class  EAC1_1_CVC_Options
 
class  EAC1_1_gen_CVC
 
class  EAC1_1_obj
 
class  EAC1_1_Req
 
class  EAC_Signed_Object
 
class  EAC_Time
 
class  EAX_Decryption
 
class  EAX_Encryption
 
class  EAX_Mode
 
class  EC_Group
 
class  EC_PrivateKey
 
class  EC_PublicKey
 
class  ECB_Decryption
 
class  ECB_Encryption
 
class  ECDH_KA_Operation
 
class  ECDH_PrivateKey
 
class  ECDH_PublicKey
 
class  ECDSA_PrivateKey
 
class  ECDSA_PublicKey
 
class  ECDSA_Signature
 
class  ECDSA_Signature_Operation
 
class  ECDSA_Verification_Operation
 
class  EGD_EntropySource
 
class  ElGamal_Decryption_Operation
 
class  ElGamal_Encryption_Operation
 
class  ElGamal_PrivateKey
 
class  ElGamal_PublicKey
 
class  EME
 
class  EME1
 
class  EME_PKCS1v15
 
class  EMSA
 
class  EMSA1
 
class  EMSA1_BSI
 
class  EMSA2
 
class  EMSA3
 
class  EMSA3_Raw
 
class  EMSA4
 
class  EMSA_Raw
 
struct  Encoding_Error
 
class  Engine
 
class  Entropy_Accumulator
 
class  Entropy_Accumulator_BufferedComputation
 
class  EntropySource
 
class  Extensions
 
class  Fanout_Filter
 
class  Filter
 
class  Fixed_Base_Power_Mod
 
class  Fixed_Exponent_Power_Mod
 
class  Fixed_Window_Exponentiator
 
class  Fork
 
class  FTW_EntropySource
 
class  GCM_Decryption
 
class  GCM_Encryption
 
class  GCM_Mode
 
class  GMP_Engine
 
class  GMP_MPZ
 
class  GOST_28147_89
 
class  GOST_28147_89_Params
 
class  GOST_3410_PrivateKey
 
class  GOST_3410_PublicKey
 
class  GOST_3410_Signature_Operation
 
class  GOST_3410_Verification_Operation
 
class  GOST_34_11
 
class  HAS_160
 
class  Hash_Filter
 
class  HashFunction
 
class  Hex_Decoder
 
class  Hex_Encoder
 
class  High_Resolution_Timestamp
 
class  HMAC
 
class  HMAC_RNG
 
class  IDEA
 
class  IDEA_SSE2
 
class  IF_Scheme_PrivateKey
 
class  IF_Scheme_PublicKey
 
struct  Illegal_Point
 
struct  Illegal_Transformation
 
struct  Integrity_Failure
 
class  Intel_Rdrand
 
struct  Internal_Error
 
struct  Invalid_Algorithm_Name
 
struct  Invalid_Block_Size
 
struct  Invalid_IV_Length
 
struct  Invalid_Key_Length
 
struct  Invalid_OID
 
struct  Invalid_State
 
class  KASUMI
 
class  KDF
 
class  KDF1
 
class  KDF2
 
class  Keccak_1600
 
class  Key_Length_Specification
 
class  Keyed_Filter
 
class  Library_State
 
class  LibraryInitializer
 
class  Lion
 
struct  Lookup_Error
 
class  LubyRackoff
 
class  Lzma_Compression
 
class  Lzma_Decompression
 
class  MAC_Filter
 
class  MARS
 
class  MD2
 
class  MD4
 
class  MD4_X86_32
 
class  MD5
 
class  MD5_X86_32
 
class  MDx_HashFunction
 
struct  Memory_Exhaustion
 
class  MessageAuthenticationCode
 
class  MGF
 
class  MGF1
 
class  MISTY1
 
class  mlock_allocator
 
class  Modular_Exponentiator
 
class  Modular_Reducer
 
class  Montgomery_Exponentiator
 
class  Noekeon
 
class  Noekeon_SIMD
 
class  NR_PrivateKey
 
class  NR_PublicKey
 
class  NR_Signature_Operation
 
class  NR_Verification_Operation
 
class  Null_Padding
 
class  Null_RNG
 
class  OCB_Decryption
 
class  OCB_Encryption
 
class  OCB_Mode
 
class  OctetString
 
class  OFB
 
class  OID
 
class  OneAndZeros_Padding
 
class  OpenSSL_Engine
 
class  OSSL_BN
 
class  OSSL_BN_CTX
 
class  Output_Buffers
 
class  Parallel
 
class  Path_Validation_Restrictions
 
class  Path_Validation_Result
 
class  PBE
 
class  PBE_PKCS5v15
 
class  PBE_PKCS5v20
 
class  PBKDF
 
class  Pipe
 
class  PK_Decryptor
 
class  PK_Decryptor_EME
 
class  PK_Decryptor_Filter
 
class  PK_Encryptor
 
class  PK_Encryptor_EME
 
class  PK_Encryptor_Filter
 
class  PK_Key_Agreement
 
class  PK_Key_Agreement_Key
 
class  PK_Signer
 
class  PK_Signer_Filter
 
class  PK_Verifier
 
class  PK_Verifier_Filter
 
class  PKCS10_Request
 
class  PKCS5_PBKDF1
 
class  PKCS5_PBKDF2
 
class  PKCS7_Padding
 
struct  PKCS8_Exception
 
class  PointGFp
 
struct  Policy_Violation
 
class  Power_Mod
 
class  Private_Key
 
struct  PRNG_Unseeded
 
class  Public_Key
 
class  RandomNumberGenerator
 
class  Randpool
 
class  RC2
 
class  RC4
 
class  RC5
 
class  RC6
 
class  RIPEMD_128
 
class  RIPEMD_160
 
class  RSA_Private_Operation
 
class  RSA_PrivateKey
 
class  RSA_Public_Operation
 
class  RSA_PublicKey
 
class  RTSS_Share
 
class  RW_PrivateKey
 
class  RW_PublicKey
 
class  RW_Signature_Operation
 
class  RW_Verification_Operation
 
class  SAFER_SK
 
class  Salsa20
 
class  SCAN_Name
 
class  secure_allocator
 
class  SecureQueue
 
class  SEED
 
struct  Self_Test_Failure
 
class  Semaphore
 
class  Serpent
 
class  Serpent_SIMD
 
class  Serpent_X86_32
 
class  SHA_160
 
class  SHA_160_SSE2
 
class  SHA_160_X86_32
 
class  SHA_160_X86_64
 
class  SHA_224
 
class  SHA_256
 
class  SHA_384
 
class  SHA_512
 
class  SIMD_Engine
 
class  SIMD_Scalar
 
class  Skein_512
 
class  Skipjack
 
class  sqlite3_database
 
class  sqlite3_statement
 
class  Square
 
class  SRP6_Authenticator_File
 
class  SRP6_Server_Session
 
class  SSL3_MAC
 
class  SSL3_PRF
 
struct  Stream_IO_Error
 
class  StreamCipher
 
class  StreamCipher_Filter
 
class  SymmetricAlgorithm
 
class  TEA
 
class  Threaded_Fork
 
class  Tiger
 
class  TLS_12_PRF
 
class  TLS_PRF
 
class  TripleDES
 
class  Twofish
 
class  Unix_EntropySource
 
struct  Unix_Program
 
class  Whirlpool
 
class  Win32_CAPI_EntropySource
 
class  Win32_EntropySource
 
class  X509_CA
 
class  X509_Cert_Options
 
class  X509_Certificate
 
class  X509_CRL
 
class  X509_DN
 
class  X509_Object
 
class  X509_Time
 
class  X942_PRF
 
class  XTEA
 
class  XTEA_SIMD
 
class  XTS_Decryption
 
class  XTS_Encryption
 
class  Zlib_Compression
 
class  Zlib_Decompression
 

Typedefs

typedef unsigned char byte
 
typedef EC_Group EC_Domain_Params
 
typedef std::runtime_error Exception
 
typedef OctetString InitializationVector
 
typedef std::invalid_argument Invalid_Argument
 
typedef PK_Decryptor_EME PK_Decryptor_MR_with_EME
 
typedef PK_Encryptor_EME PK_Encryptor_MR_with_EME
 
typedef PK_Key_Agreement_Key PK_KA_Key
 
typedef Private_Key PKCS8_PrivateKey
 
typedef PBKDF S2K
 
typedef signed int s32bit
 
template<typename T >
using secure_deque = std::vector< T, secure_allocator< T >>
 
template<typename T >
using secure_vector = std::vector< T, secure_allocator< T >>
 
typedef OctetString SymmetricKey
 
typedef unsigned short u16bit
 
typedef unsigned int u32bit
 
typedef unsigned long long u64bit
 
typedef Public_Key X509_PublicKey
 

Enumerations

enum  ASN1_Tag {
  UNIVERSAL = 0x00, APPLICATION = 0x40, CONTEXT_SPECIFIC = 0x80, CONSTRUCTED = 0x20,
  PRIVATE = CONSTRUCTED | CONTEXT_SPECIFIC, EOC = 0x00, BOOLEAN = 0x01, INTEGER = 0x02,
  BIT_STRING = 0x03, OCTET_STRING = 0x04, NULL_TAG = 0x05, OBJECT_ID = 0x06,
  ENUMERATED = 0x0A, SEQUENCE = 0x10, SET = 0x11, UTF8_STRING = 0x0C,
  NUMERIC_STRING = 0x12, PRINTABLE_STRING = 0x13, T61_STRING = 0x14, IA5_STRING = 0x16,
  VISIBLE_STRING = 0x1A, BMP_STRING = 0x1E, UTC_TIME = 0x17, GENERALIZED_TIME = 0x18,
  NO_OBJECT = 0xFF00, DIRECTORY_STRING = 0xFF01
}
 
enum  Character_Set { LOCAL_CHARSET, UCS2_CHARSET, UTF8_CHARSET, LATIN1_CHARSET }
 
enum  Cipher_Dir { ENCRYPTION, DECRYPTION }
 
enum  CRL_Code {
  UNSPECIFIED = 0, KEY_COMPROMISE = 1, CA_COMPROMISE = 2, AFFILIATION_CHANGED = 3,
  SUPERSEDED = 4, CESSATION_OF_OPERATION = 5, CERTIFICATE_HOLD = 6, REMOVE_FROM_CRL = 8,
  PRIVLEDGE_WITHDRAWN = 9, AA_COMPROMISE = 10, DELETE_CRL_ENTRY = 0xFF00, OCSP_GOOD = 0xFF01,
  OCSP_UNKNOWN = 0xFF02
}
 
enum  Decoder_Checking { NONE, IGNORE_WS, FULL_CHECK }
 
enum  EC_Group_Encoding { EC_DOMPAR_ENC_EXPLICIT = 0, EC_DOMPAR_ENC_IMPLICITCA = 1, EC_DOMPAR_ENC_OID = 2 }
 
enum  Fault_Protection { ENABLE_FAULT_PROTECTION, DISABLE_FAULT_PROTECTION }
 
enum  Key_Constraints {
  NO_CONSTRAINTS = 0, DIGITAL_SIGNATURE = 32768, NON_REPUDIATION = 16384, KEY_ENCIPHERMENT = 8192,
  DATA_ENCIPHERMENT = 4096, KEY_AGREEMENT = 2048, KEY_CERT_SIGN = 1024, CRL_SIGN = 512,
  ENCIPHER_ONLY = 256, DECIPHER_ONLY = 128
}
 
enum  Signature_Format { IEEE_1363, DER_SEQUENCE }
 
enum  X509_Encoding { RAW_BER, PEM }
 

Functions

BigInt abs (const BigInt &n)
 
std::map< std::string, double > algorithm_benchmark (const std::string &name, Algorithm_Factory &af, RandomNumberGenerator &rng, std::chrono::milliseconds milliseconds, size_t buf_size)
 
std::map< std::string, bool > algorithm_kat (const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
 
std::map< std::string,
std::string > 		algorithm_kat_detailed (const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
 
void aont_package (RandomNumberGenerator &rng, BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
void aont_unpackage (BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
void assertion_failure (const char *expr_str, const char *assertion_made, const char *func, const char *file, int line)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool final_inputs, bool ignore_ws)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t base64_decode (byte output[], const std::string &input, bool ignore_ws)
 
secure_vector< bytebase64_decode (const char input[], size_t input_length, bool ignore_ws)
 
secure_vector< bytebase64_decode (const std::string &input, bool ignore_ws)
 
size_t base64_encode (char out[], const byte in[], size_t input_length, size_t &input_consumed, bool final_inputs)
 
template<typename Alloc >
std::string base64_encode (const std::vector< byte, Alloc > &input)
 
std::string base64_encode (const byte input[], size_t input_length)
 
void bigint_2word_mul (word a, word b, word *z1, word *z0)
 
void bigint_add2 (word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add2_nc (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_add3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add3_nc (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
s32bit bigint_cmp (const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_comba_mul16 (word z[32], const word x[16], const word y[16])
 
void bigint_comba_mul4 (word z[8], const word x[4], const word y[4])
 
void bigint_comba_mul6 (word z[12], const word x[6], const word y[6])
 
void bigint_comba_mul8 (word z[16], const word x[8], const word y[8])
 
void bigint_comba_sqr16 (word z[32], const word x[16])
 
void bigint_comba_sqr4 (word z[8], const word x[4])
 
void bigint_comba_sqr6 (word z[12], const word x[6])
 
void bigint_comba_sqr8 (word z[16], const word x[8])
 
word bigint_divop (word n1, word n0, word d)
 
void bigint_linmul2 (word x[], size_t x_size, word y)
 
void bigint_linmul3 (word z[], const word x[], size_t x_size, word y)
 
word bigint_modop (word n1, word n0, word d)
 
void bigint_monty_mul (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_redc (word z[], const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_sqr (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_mul (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
 
void bigint_shl1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shl2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_simple_mul (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_simple_sqr (word z[], const word x[], size_t x_size)
 
void bigint_sqr (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
 
word bigint_sub2 (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_sub2_rev (word x[], const word y[], size_t y_size)
 
word bigint_sub3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
size_t block_size_of (const std::string &name)
 
void botan_md4_x86_32_compress (u32bit digest[4], const byte input[64], u32bit M[16])
 
void botan_serpent_x86_32_decrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_encrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_key_schedule (u32bit ks[140])
 
template<typename T >
void bswap_4 (T x[4])
 
template<typename T , typename Alloc >
size_t buffer_insert (std::vector< T, Alloc > &buf, size_t buf_offset, const T input[], size_t input_length)
 
template<typename T , typename Alloc , typename Alloc2 >
size_t buffer_insert (std::vector< T, Alloc > &buf, size_t buf_offset, const std::vector< T, Alloc2 > &input)
 
calendar_point calendar_value (const std::chrono::system_clock::time_point &time_point)
 
bool check_bcrypt (const std::string &pass, const std::string &hash)
 
bool check_passhash9 (const std::string &pass, const std::string &hash)
 
bool check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
PK_Signerchoose_sig_format (const Private_Key &key, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
 
size_t clamp (size_t n, size_t lower_bound, size_t upper_bound)
 
template<typename T >
void clear_mem (T *ptr, size_t n)
 
void confirm_startup_self_tests (Algorithm_Factory &af)
 
template<typename T >
void copy_mem (T *out, const T *in, size_t n)
 
AlternativeName create_alt_name (const Data_Store &info)
 
X509_DN create_dn (const Data_Store &info)
 
template<typename T >
size_t ctz (T n)
 
ECDSA_Signature decode_concatenation (const std::vector< byte > &concat)
 
ECDSA_PublicKeydecode_eac1_1_key (const std::vector< byte > &, AlgorithmIdentifier &)
 
void divide (const BigInt &x, const BigInt &y_arg, BigInt &q, BigInt &r)
 
size_t dl_work_factor (size_t bits)
 
secure_vector< byteEC2OSP (const PointGFp &point, byte format)
 
std::string erase_chars (const std::string &str, const std::set< char > &chars)
 
Key_Constraints find_constraints (const Public_Key &pub_key, Key_Constraints limits)
 
BigInt gcd (const BigInt &a, const BigInt &b)
 
std::string generate_bcrypt (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor)
 
bool generate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits, const std::vector< byte > &seed_c)
 
std::vector< bytegenerate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits)
 
std::string generate_passhash9 (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor, byte alg_id)
 
BigInt generate_srp6_verifier (const std::string &identifier, const std::string &password, const std::vector< byte > &salt, const std::string &group_id, const std::string &hash_id)
 
AEAD_Modeget_aead (const std::string &algo_spec, Cipher_Dir direction)
 
BlockCipherget_block_cipher (const std::string &algo_spec)
 
template<typename T >
byte get_byte (size_t byte_num, T input)
 
Keyed_Filterget_cipher (const std::string &algo_spec, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, const InitializationVector &iv, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, Cipher_Dir direction)
 
Keyed_Filterget_cipher_mode (const BlockCipher *block_cipher, Cipher_Dir direction, const std::string &mode, const std::string &padding)
 
EMEget_eme (const std::string &algo_spec)
 
EMSAget_emsa (const std::string &algo_spec)
 
HashFunctionget_hash (const std::string &algo_spec)
 
KDFget_kdf (const std::string &algo_spec)
 
MessageAuthenticationCodeget_mac (const std::string &algo_spec)
 
PBEget_pbe (const std::string &algo_spec, const std::string &passphrase, std::chrono::milliseconds msec, RandomNumberGenerator &rng)
 
PBEget_pbe (const OID &pbe_oid, const std::vector< byte > &params, const std::string &passphrase)
 
PBKDFget_pbkdf (const std::string &algo_spec)
 
PBKDFget_s2k (const std::string &algo_spec)
 
StreamCipherget_stream_cipher (const std::string &algo_spec)
 
template<typename T >
size_t hamming_weight (T n)
 
bool have_algorithm (const std::string &name)
 
bool have_block_cipher (const std::string &algo_spec)
 
bool have_hash (const std::string &algo_spec)
 
bool have_mac (const std::string &algo_spec)
 
bool have_stream_cipher (const std::string &algo_spec)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool ignore_ws)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t hex_decode (byte output[], const std::string &input, bool ignore_ws)
 
std::vector< bytehex_decode (const char input[], size_t input_length, bool ignore_ws)
 
std::vector< bytehex_decode (const std::string &input, bool ignore_ws)
 
secure_vector< bytehex_decode_locked (const char input[], size_t input_length, bool ignore_ws)
 
secure_vector< bytehex_decode_locked (const std::string &input, bool ignore_ws)
 
void hex_encode (char output[], const byte input[], size_t input_length, bool uppercase)
 
std::string hex_encode (const byte input[], size_t input_length, bool uppercase)
 
template<typename Alloc >
std::string hex_encode (const std::vector< byte, Alloc > &input, bool uppercase=true)
 
template<typename T >
size_t high_bit (T n)
 
byte ieee1363_hash_id (const std::string &name)
 
BigInt inverse_mod (const BigInt &n, const BigInt &mod)
 
std::string ipv4_to_string (u32bit ip)
 
template<typename T >
bool is_power_of_2 (T arg)
 
s32bit jacobi (const BigInt &a, const BigInt &n)
 
BigInt lcm (const BigInt &a, const BigInt &b)
 
template<typename T >
load_be (const byte in[], size_t off)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_be (T out[], const byte in[], size_t count)
 
template<>
u16bit load_be< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_be< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_be< u64bit > (const byte in[], size_t off)
 
template<typename T >
load_le (const byte in[], size_t off)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_le (T out[], const byte in[], size_t count)
 
template<>
u16bit load_le< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_le< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_le< u64bit > (const byte in[], size_t off)
 
template<typename T >
size_t low_bit (T n)
 
size_t low_zero_bits (const BigInt &n)
 
EAC1_1_CVC make_cvc_cert (PK_Signer &signer, const std::vector< byte > &public_key, ASN1_Car const &car, ASN1_Chr const &chr, byte holder_auth_templ, ASN1_Ced ced, ASN1_Cex cex, RandomNumberGenerator &rng)
 
Private_Keymake_private_key (const AlgorithmIdentifier &alg_id, const secure_vector< byte > &key_bits, RandomNumberGenerator &rng)
 
Public_Keymake_public_key (const AlgorithmIdentifier &alg_id, const secure_vector< byte > &key_bits)
 
u16bit make_u16bit (byte i0, byte i1)
 
u32bit make_u32bit (byte i0, byte i1, byte i2, byte i3)
 
u64bit make_u64bit (byte i0, byte i1, byte i2, byte i3, byte i4, byte i5, byte i6, byte i7)
 
template<typename T , typename Pred >
void map_remove_if (Pred pred, T &assoc)
 
word monty_inverse (word input)
 
BigInt mul_add (const BigInt &a, const BigInt &b, const BigInt &c)
 
PointGFp multi_exponentiate (const PointGFp &p1, const BigInt &z1, const PointGFp &p2, const BigInt &z2)
 
template<typename K , typename V >
void multimap_insert (std::multimap< K, V > &multimap, const K &key, const V &value)
 
bool operator!= (EAC1_1_Req const &lhs, EAC1_1_Req const &rhs)
 
bool operator!= (const ECDSA_Signature &lhs, const ECDSA_Signature &rhs)
 
bool operator!= (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator!= (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
bool operator!= (EAC1_1_CVC const &lhs, EAC1_1_CVC const &rhs)
 
bool operator!= (EAC1_1_ADO const &lhs, EAC1_1_ADO const &rhs)
 
template<typename T >
bool operator!= (const secure_allocator< T > &, const secure_allocator< T > &)
 
bool operator!= (const OID &a, const OID &b)
 
bool operator!= (const OctetString &s1, const OctetString &s2)
 
bool operator!= (const EC_Group &lhs, const EC_Group &rhs)
 
bool operator!= (const CurveGFp &lhs, const CurveGFp &rhs)
 
bool operator!= (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator!= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator!= (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator!= (const PointGFp &lhs, const PointGFp &rhs)
 
bool operator!= (const X509_Time &t1, const X509_Time &t2)
 
bool operator!= (const X509_Certificate &cert1, const X509_Certificate &cert2)
 
bool operator!= (const BigInt &a, const BigInt &b)
 
BigInt operator% (const BigInt &n, const BigInt &mod)
 
word operator% (const BigInt &n, word mod)
 
BigInt operator* (const BigInt &x, const BigInt &y)
 
PointGFp operator* (const PointGFp &point, const BigInt &scalar)
 
PointGFp operator* (const BigInt &scalar, const PointGFp &point)
 
BigInt operator+ (const BigInt &x, const BigInt &y)
 
OID operator+ (const OID &oid, u32bit component)
 
OctetString operator+ (const OctetString &k1, const OctetString &k2)
 
PointGFp operator+ (const PointGFp &lhs, const PointGFp &rhs)
 
template<typename T , typename Alloc , typename Alloc2 >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::vector< T, Alloc2 > &in)
 
template<typename T , typename Alloc >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, T in)
 
template<typename T , typename Alloc , typename L >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::pair< const T *, L > &in)
 
template<typename T , typename Alloc , typename L >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::pair< T *, L > &in)
 
BigInt operator- (const BigInt &x, const BigInt &y)
 
PointGFp operator- (const PointGFp &lhs)
 
PointGFp operator- (const PointGFp &lhs, const PointGFp &rhs)
 
BigInt operator/ (const BigInt &x, const BigInt &y)
 
bool operator< (const OID &a, const OID &b)
 
bool operator< (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator< (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator< (const X509_Time &t1, const X509_Time &t2)
 
bool operator< (const BigInt &a, const BigInt &b)
 
std::ostream & operator<< (std::ostream &stream, const BigInt &n)
 
int operator<< (int fd, Pipe &pipe)
 
BigInt operator<< (const BigInt &x, size_t shift)
 
std::ostream & operator<< (std::ostream &out, const X509_DN &dn)
 
BOTAN_DLL std::ostream & operator<< (std::ostream &out, Pipe &pipe)
 
bool operator<= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator<= (const X509_Time &t1, const X509_Time &t2)
 
bool operator<= (const BigInt &a, const BigInt &b)
 
bool operator== (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator== (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
template<typename T >
bool operator== (const secure_allocator< T > &, const secure_allocator< T > &)
 
bool operator== (const OctetString &s1, const OctetString &s2)
 
bool operator== (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator== (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator== (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator== (const X509_Time &t1, const X509_Time &t2)
 
bool operator== (const BigInt &a, const BigInt &b)
 
bool operator> (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator> (const X509_Time &t1, const X509_Time &t2)
 
bool operator> (const BigInt &a, const BigInt &b)
 
bool operator>= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator>= (const X509_Time &t1, const X509_Time &t2)
 
bool operator>= (const BigInt &a, const BigInt &b)
 
int operator>> (int fd, Pipe &pipe)
 
std::istream & operator>> (std::istream &stream, BigInt &n)
 
BigInt operator>> (const BigInt &x, size_t shift)
 
BOTAN_DLL std::istream & operator>> (std::istream &in, Pipe &pipe)
 
OctetString operator^ (const OctetString &k1, const OctetString &k2)
 
template<typename T , typename Alloc , typename Alloc2 >
std::vector< T, Alloc > & operator^= (std::vector< T, Alloc > &out, const std::vector< T, Alloc2 > &in)
 
template<typename Alloc >
PointGFp OS2ECP (const std::vector< byte, Alloc > &data, const CurveGFp &curve)
 
PointGFp OS2ECP (const byte data[], size_t data_len, const CurveGFp &curve)
 
size_t output_length_of (const std::string &name)
 
std::vector< std::string > parse_algorithm_name (const std::string &namex)
 
std::vector< u32bitparse_asn1_oid (const std::string &oid)
 
bool passes_self_tests (Algorithm_Factory &af)
 
secure_vector< bytePGP_decode (DataSource &source, std::string &label, std::map< std::string, std::string > &headers)
 
secure_vector< bytePGP_decode (DataSource &source, std::string &label)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &label, const std::map< std::string, std::string > &headers)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &type)
 
std::vector< bytepkcs_hash_id (const std::string &name)
 
BigInt power_mod (const BigInt &base, const BigInt &exp, const BigInt &mod)
 
template<typename T >
void prefetch_readonly (const T *addr, size_t length)
 
template<typename T >
void prefetch_readwrite (const T *addr, size_t length)
 
bool primality_test (const BigInt &n, RandomNumberGenerator &rng, size_t level)
 
bool quick_check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
BigInt random_prime (RandomNumberGenerator &rng, size_t bits, const BigInt &coprime, size_t equiv, size_t modulo)
 
BigInt random_safe_prime (RandomNumberGenerator &rng, size_t bits)
 
std::string replace_char (const std::string &str, char from_char, char to_char)
 
std::string replace_chars (const std::string &str, const std::set< char > &chars, char to_char)
 
BigInt BOTAN_DLL ressol (const BigInt &x, const BigInt &p)
 
const BlockCipherretrieve_block_cipher (const std::string &algo_spec)
 
const HashFunctionretrieve_hash (const std::string &algo_spec)
 
const MessageAuthenticationCoderetrieve_mac (const std::string &algo_spec)
 
const StreamCipherretrieve_stream_cipher (const std::string &algo_spec)
 
u16bit reverse_bytes (u16bit val)
 
u32bit reverse_bytes (u32bit val)
 
u64bit reverse_bytes (u64bit val)
 
secure_vector< byterfc3394_keyunwrap (const secure_vector< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
secure_vector< byterfc3394_keywrap (const secure_vector< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
template<typename T >
rotate_left (T input, size_t rot)
 
template<typename T >
rotate_right (T input, size_t rot)
 
template<typename T >
round_down (T n, T align_to)
 
template<typename T >
round_up (T n, T align_to)
 
template<typename T >
bool same_mem (const T *p1, const T *p2, size_t n)
 
template<typename K , typename V >
search_map (const std::map< K, V > &mapping, const K &key, const V &null_result=V())
 
template<typename K , typename V , typename R >
search_map (const std::map< K, V > &mapping, const K &key, const R &null_result, const R &found_result)
 
template<typename T >
void set_mem (T *ptr, size_t n, byte val)
 
template<typename T >
size_t significant_bytes (T n)
 
std::vector< std::string > split_on (const std::string &str, char delim)
 
BigInt square (const BigInt &x)
 
std::pair< BigInt, SymmetricKeysrp6_client_agree (const std::string &identifier, const std::string &password, const std::string &group_id, const std::string &hash_id, const std::vector< byte > &salt, const BigInt &B, RandomNumberGenerator &rng)
 
std::string srp6_group_identifier (const BigInt &N, const BigInt &g)
 
size_t static_provider_weight (const std::string &prov_name)
 
void store_be (u16bit in, byte out[2])
 
void store_be (u32bit in, byte out[4])
 
void store_be (u64bit in, byte out[8])
 
template<typename T >
void store_be (byte out[], T x0, T x1)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
void store_le (u16bit in, byte out[2])
 
void store_le (u32bit in, byte out[4])
 
void store_le (u64bit in, byte out[8])
 
template<typename T >
void store_le (byte out[], T x0, T x1)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
std::string string_join (const std::vector< std::string > &strs, char delim)
 
u32bit string_to_ipv4 (const std::string &str)
 
BigInt sub_mul (const BigInt &a, const BigInt &b, const BigInt &c)
 
std::map< std::string, double > time_algorithm_ops (const std::string &name, Algorithm_Factory &af, const std::string &provider, RandomNumberGenerator &rng, std::chrono::nanoseconds runtime, size_t buf_size)
 
u32bit timespec_to_u32bit (const std::string &timespec)
 
std::vector< byteto_byte_vector (const std::string &s)
 
u32bit to_u32bit (const std::string &str)
 
template<typename T >
std::vector< T > unlock (const secure_vector< T > &in)
 
template<typename T >
bool value_exists (const std::vector< T > &vec, const T &val)
 
bool verify_prime (const BigInt &n, RandomNumberGenerator &rng)
 
u32bit version_datestamp ()
 
u32bit version_major ()
 
u32bit version_minor ()
 
u32bit version_patch ()
 
std::string version_string ()
 
void word3_muladd (word *w2, word *w1, word *w0, word a, word b)
 
void word3_muladd_2 (word *w2, word *w1, word *w0, word a, word b)
 
word word8_add2 (word x[8], const word y[8], word carry)
 
word word8_add3 (word z[8], const word x[8], const word y[8], word carry)
 
word word8_linmul2 (word x[8], word y, word carry)
 
word word8_linmul3 (word z[8], const word x[8], word y, word carry)
 
word word8_linmul3 (word z[4], const word x[4], word y, word carry)
 
word word8_madd3 (word z[8], const word x[8], word y, word carry)
 
word word8_muladd (word z[8], const word x[8], word y, word carry)
 
word word8_sub2 (word x[8], const word y[8], word carry)
 
word word8_sub2_rev (word x[8], const word y[8], word carry)
 
word word8_sub3 (word z[8], const word x[8], const word y[8], word carry)
 
word word_add (word x, word y, word *carry)
 
word word_madd2 (word a, word b, word *c)
 
word word_madd3 (word a, word b, word c, word *d)
 
word word_sub (word x, word y, word *carry)
 
bool x500_name_cmp (const std::string &name1, const std::string &name2)
 
Path_Validation_Result x509_path_validate (const X509_Certificate &end_cert, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &certstores)
 
Path_Validation_Result x509_path_validate (const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const Certificate_Store &store)
 
Path_Validation_Result x509_path_validate (const X509_Certificate &end_cert, const Path_Validation_Restrictions &restrictions, const Certificate_Store &store)
 
Path_Validation_Result x509_path_validate (const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &certstores)
 
void xor_buf (byte out[], const byte in[], size_t length)
 
void xor_buf (byte out[], const byte in[], const byte in2[], size_t length)
 
template<typename Alloc , typename Alloc2 >
void xor_buf (std::vector< byte, Alloc > &out, const std::vector< byte, Alloc2 > &in, size_t n)
 
template<typename Alloc >
void xor_buf (std::vector< byte, Alloc > &out, const byte *in, size_t n)
 
template<typename Alloc , typename Alloc2 >
void xor_buf (std::vector< byte, Alloc > &out, const byte *in, const std::vector< byte, Alloc2 > &in2, size_t n)
 
template<typename T , typename Alloc >
void zap (std::vector< T, Alloc > &vec)
 
BOTAN_DLL void zero_mem (void *ptr, size_t n)
 
template<typename T , typename Alloc >
void zeroise (std::vector< T, Alloc > &vec)
 

Variables

const u64bit Camellia_SBOX1 [256]
 
const u64bit Camellia_SBOX2 [256]
 
const u64bit Camellia_SBOX3 [256]
 
const u64bit Camellia_SBOX4 [256]
 
const u64bit Camellia_SBOX5 [256]
 
const u64bit Camellia_SBOX6 [256]
 
const u64bit Camellia_SBOX7 [256]
 
const u64bit Camellia_SBOX8 [256]
 
const u32bit CAST_SBOX1 [256]
 
const u32bit CAST_SBOX2 [256]
 
const u32bit CAST_SBOX3 [256]
 
const u32bit CAST_SBOX4 [256]
 
const u64bit DES_FPTAB1 [256]
 
const u64bit DES_FPTAB2 [256]
 
const u64bit DES_IPTAB1 [256]
 
const u64bit DES_IPTAB2 [256]
 
const u32bit DES_SPBOX1 [256]
 
const u32bit DES_SPBOX2 [256]
 
const u32bit DES_SPBOX3 [256]
 
const u32bit DES_SPBOX4 [256]
 
const u32bit DES_SPBOX5 [256]
 
const u32bit DES_SPBOX6 [256]
 
const u32bit DES_SPBOX7 [256]
 
const u32bit DES_SPBOX8 [256]
 
const size_t HEX_CODEC_BUFFER_SIZE = 256
 
const size_t MP_WORD_BITS = BOTAN_MP_WORD_BITS
 
const word MP_WORD_MASK = ~static_cast<word>(0)
 
const word MP_WORD_MAX = MP_WORD_MASK
 
const word MP_WORD_TOP_BIT = static_cast<word>(1) << (8*sizeof(word) - 1)
 
const size_t PRIME_TABLE_SIZE = 6541
 
const u16bit BOTAN_DLL PRIMES []
 

Detailed Description

Dynamically Loaded Engine (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

Dynamically Loaded Object (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

The primary namespace for the botan library

Typedef Documentation

typedef unsigned char Botan::byte

Typedef representing an unsigned 8-bit quantity

Definition at line 23 of file types.h.

typedef EC_Group Botan::EC_Domain_Params

Definition at line 139 of file ec_group.h.

typedef std::runtime_error Botan::Exception

Definition at line 19 of file exceptn.h.

typedef OctetString Botan::InitializationVector

Alternate name for octet string showing intent to use as an IV

Definition at line 139 of file symkey.h.

typedef std::invalid_argument Botan::Invalid_Argument

Definition at line 20 of file exceptn.h.

typedef PK_Decryptor_EME Botan::PK_Decryptor_MR_with_EME

Definition at line 457 of file pubkey.h.

typedef PK_Encryptor_EME Botan::PK_Encryptor_MR_with_EME

Definition at line 456 of file pubkey.h.

typedef PK_Key_Agreement_Key Botan::PK_KA_Key

Definition at line 143 of file pk_keys.h.

typedef Private_Key Botan::PKCS8_PrivateKey

Definition at line 145 of file pk_keys.h.

typedef PBKDF Botan::S2K

For compatability with 1.8

Definition at line 86 of file pbkdf.h.

typedef signed int Botan::s32bit

Typedef representing a signed 32-bit quantity

Definition at line 38 of file types.h.

template<typename T >
using Botan::secure_deque = typedef std::vector<T, secure_allocator<T>>

Definition at line 17 of file tls_blocking.h.

template<typename T >
using Botan::secure_vector = typedef std::vector<T, secure_allocator<T>>

Definition at line 92 of file secmem.h.

typedef OctetString Botan::SymmetricKey

Alternate name for octet string showing intent to use as a key

Definition at line 134 of file symkey.h.

typedef unsigned short Botan::u16bit

Typedef representing an unsigned 16-bit quantity

Definition at line 28 of file types.h.

typedef unsigned int Botan::u32bit

Typedef representing an unsigned 32-bit quantity

Definition at line 33 of file types.h.

typedef unsigned long long Botan::u64bit

Typedef representing an unsigned 64-bit quantity

Definition at line 43 of file types.h.

typedef Public_Key Botan::X509_PublicKey

Definition at line 144 of file pk_keys.h.

Enumeration Type Documentation

enum Botan::ASN1_Tag

ASN.1 Type and Class Tags

Enumerator
UNIVERSAL 
APPLICATION 
CONTEXT_SPECIFIC 
CONSTRUCTED 
PRIVATE 
EOC 
BOOLEAN 
INTEGER 
BIT_STRING 
OCTET_STRING 
NULL_TAG 
OBJECT_ID 
ENUMERATED 
SEQUENCE 
SET 
UTF8_STRING 
NUMERIC_STRING 
PRINTABLE_STRING 
T61_STRING 
IA5_STRING 
VISIBLE_STRING 
BMP_STRING 
UTC_TIME 
GENERALIZED_TIME 
NO_OBJECT 
DIRECTORY_STRING 

Definition at line 19 of file asn1_obj.h.

19  {
20  UNIVERSAL = 0x00,
21  APPLICATION = 0x40,
22  CONTEXT_SPECIFIC = 0x80,
23 
24  CONSTRUCTED = 0x20,
25 
26  PRIVATE = CONSTRUCTED | CONTEXT_SPECIFIC,
27 
28  EOC = 0x00,
29  BOOLEAN = 0x01,
30  INTEGER = 0x02,
31  BIT_STRING = 0x03,
32  OCTET_STRING = 0x04,
33  NULL_TAG = 0x05,
34  OBJECT_ID = 0x06,
35  ENUMERATED = 0x0A,
36  SEQUENCE = 0x10,
37  SET = 0x11,
38 
39  UTF8_STRING = 0x0C,
40  NUMERIC_STRING = 0x12,
41  PRINTABLE_STRING = 0x13,
42  T61_STRING = 0x14,
43  IA5_STRING = 0x16,
44  VISIBLE_STRING = 0x1A,
45  BMP_STRING = 0x1E,
46 
47  UTC_TIME = 0x17,
48  GENERALIZED_TIME = 0x18,
49 
50  NO_OBJECT = 0xFF00,
51  DIRECTORY_STRING = 0xFF01
52 };
enum Botan::Character_Set

The different charsets (nominally) supported by Botan.

Enumerator
LOCAL_CHARSET 
UCS2_CHARSET 
UTF8_CHARSET 
LATIN1_CHARSET 

Definition at line 19 of file charset.h.

19  {
20  LOCAL_CHARSET,
21  UCS2_CHARSET,
22  UTF8_CHARSET,
23  LATIN1_CHARSET
24 };
enum Botan::Cipher_Dir

The two possible directions for cipher filters, determining whether they actually perform encryption or decryption.

Enumerator
ENCRYPTION 
DECRYPTION 

Definition at line 87 of file sym_algo.h.

87 { ENCRYPTION, DECRYPTION };
enum Botan::CRL_Code

X.509v2 CRL Reason Code.

Enumerator
UNSPECIFIED 
KEY_COMPROMISE 
CA_COMPROMISE 
AFFILIATION_CHANGED 
SUPERSEDED 
CESSATION_OF_OPERATION 
CERTIFICATE_HOLD 
REMOVE_FROM_CRL 
PRIVLEDGE_WITHDRAWN 
AA_COMPROMISE 
DELETE_CRL_ENTRY 
OCSP_GOOD 
OCSP_UNKNOWN 

Definition at line 19 of file crl_ent.h.

19  {
20  UNSPECIFIED = 0,
21  KEY_COMPROMISE = 1,
22  CA_COMPROMISE = 2,
23  AFFILIATION_CHANGED = 3,
24  SUPERSEDED = 4,
25  CESSATION_OF_OPERATION = 5,
26  CERTIFICATE_HOLD = 6,
27  REMOVE_FROM_CRL = 8,
28  PRIVLEDGE_WITHDRAWN = 9,
29  AA_COMPROMISE = 10,
30 
31  DELETE_CRL_ENTRY = 0xFF00,
32  OCSP_GOOD = 0xFF01,
33  OCSP_UNKNOWN = 0xFF02
34 };
enum Botan::Decoder_Checking

The type of checking to be performed by decoders: NONE - no checks, IGNORE_WS - perform checks, but ignore whitespaces, FULL_CHECK - perform checks, also complain about white spaces.

Enumerator
NONE 
IGNORE_WS 
FULL_CHECK 

Definition at line 179 of file filter.h.

179 { NONE, IGNORE_WS, FULL_CHECK };
enum Botan::EC_Group_Encoding

This class represents elliptic curce domain parameters

Enumerator
EC_DOMPAR_ENC_EXPLICIT 
EC_DOMPAR_ENC_IMPLICITCA 
EC_DOMPAR_ENC_OID 

Definition at line 22 of file ec_group.h.

22  {
23  EC_DOMPAR_ENC_EXPLICIT = 0,
24  EC_DOMPAR_ENC_IMPLICITCA = 1,
25  EC_DOMPAR_ENC_OID = 2
26 };
enum Botan::Fault_Protection

Enum marking if protection against fault attacks should be used

Enumerator
ENABLE_FAULT_PROTECTION 
DISABLE_FAULT_PROTECTION 

Definition at line 29 of file pubkey.h.

29  {
30  ENABLE_FAULT_PROTECTION,
31  DISABLE_FAULT_PROTECTION
32 };
enum Botan::Key_Constraints

X.509v3 Key Constraints.

Enumerator
NO_CONSTRAINTS 
DIGITAL_SIGNATURE 
NON_REPUDIATION 
KEY_ENCIPHERMENT 
DATA_ENCIPHERMENT 
KEY_AGREEMENT 
KEY_CERT_SIGN 
CRL_SIGN 
ENCIPHER_ONLY 
DECIPHER_ONLY 

Definition at line 18 of file key_constraint.h.

18  {
19  NO_CONSTRAINTS = 0,
20  DIGITAL_SIGNATURE = 32768,
21  NON_REPUDIATION = 16384,
22  KEY_ENCIPHERMENT = 8192,
23  DATA_ENCIPHERMENT = 4096,
24  KEY_AGREEMENT = 2048,
25  KEY_CERT_SIGN = 1024,
26  CRL_SIGN = 512,
27  ENCIPHER_ONLY = 256,
28  DECIPHER_ONLY = 128
29 };
enum Botan::Signature_Format

The two types of signature format supported by Botan.

Enumerator
IEEE_1363 
DER_SEQUENCE 

Definition at line 24 of file pubkey.h.

24 { IEEE_1363, DER_SEQUENCE };
enum Botan::X509_Encoding

The two types of X509 encoding supported by Botan.

Enumerator
RAW_BER 
PEM 

Definition at line 21 of file x509_key.h.

21 { RAW_BER, PEM };

Function Documentation

BigInt Botan::abs ( const BigInt &  n)
inline

Return the absolute value

Parameters
nan integer
Returns
absolute value of n

Definition at line 44 of file numthry.h.

References Botan::BigInt::abs().

44 { return n.abs(); }
std::map< std::string, double > BOTAN_DLL Botan::algorithm_benchmark ( const std::string &  name,
Algorithm_Factory &  af,
RandomNumberGenerator &  rng,
std::chrono::milliseconds  milliseconds,
size_t  buf_size 
)

Algorithm benchmark

Parameters
namethe name of the algorithm to test (cipher, hash, or MAC)
afthe algorithm factory used to create objects
rngthe rng to use to generate random inputs
millisecondstotal time for the benchmark to run
buf_sizesize of buffer to benchmark against, in KiB
Returns
results a map from provider to speed in mebibytes per second

Definition at line 141 of file benchmark.cpp.

References Botan::Algorithm_Factory::providers_of(), and time_algorithm_ops().

146  {
147  const std::vector<std::string> providers = af.providers_of(name);
148  const std::chrono::nanoseconds ns_per_provider = milliseconds / providers.size();
149 
150  std::map<std::string, double> all_results; // provider -> ops/sec
151 
152  for(auto provider : providers)
153  {
154  auto results = time_algorithm_ops(name, af, provider, rng, ns_per_provider, buf_size);
155  all_results[provider] = find_first_in(results, { "", "update", "encrypt" });
156  }
157 
158  return all_results;
159  }
BOTAN_DLL std::map< std::string, bool > Botan::algorithm_kat ( const SCAN_Name &  algo_name,
const std::map< std::string, std::string > &  vars,
Algorithm_Factory &  af 
)

Run a set of algorithm KATs (known answer tests)

Parameters
algo_namethe algorithm we are testing
varsa set of input variables for this test, all hex encoded. Keys used: "input", "output", "key", and "iv"
afan algorithm factory
Returns
map from provider name to test result for that provider

Definition at line 149 of file selftest.cpp.

References algorithm_kat_detailed().

152  {
153  const auto result = algorithm_kat_detailed(algo_name, vars, af);
154 
155  std::map<std::string, bool> pass_or_fail;
156 
157  for(auto i : result)
158  {
159  //std::cout << i.first << " " << i.second << "\n";
160  pass_or_fail[i.first] = (i.second == "passed");
161  }
162 
163  return pass_or_fail;
164  }
BOTAN_DLL std::map< std::string, std::string > Botan::algorithm_kat_detailed ( const SCAN_Name &  algo_name,
const std::map< std::string, std::string > &  vars,
Algorithm_Factory &  af 
)

Run a set of algorithm KATs (known answer tests)

Parameters
algo_namethe algorithm we are testing
varsa set of input variables for this test, all hex encoded. Keys used: "input", "output", "key", and "iv"
afan algorithm factory
Returns
map from provider name to test result for that provider

Definition at line 52 of file selftest.cpp.

References Botan::SCAN_Name::algo_name_and_args(), Botan::SCAN_Name::cipher_mode(), Botan::SCAN_Name::cipher_mode_pad(), DECRYPTION, ENCRYPTION, get_cipher_mode(), hex_decode(), Botan::OctetString::length(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), Botan::Algorithm_Factory::prototype_stream_cipher(), Botan::Algorithm_Factory::providers_of(), search_map(), Botan::Keyed_Filter::set_iv(), Botan::Keyed_Filter::set_key(), and Botan::Keyed_Filter::valid_iv_length().

Referenced by algorithm_kat().

55  {
56  const std::string& algo = algo_name.algo_name_and_args();
57 
58  std::vector<std::string> providers = af.providers_of(algo);
59  std::map<std::string, std::string> all_results;
60 
61  if(providers.empty()) // no providers, nothing to do
62  return all_results;
63 
64  const std::string input = search_map(vars, std::string("input"));
65  const std::string output = search_map(vars, std::string("output"));
66 
67  SymmetricKey key(search_map(vars, std::string("key")));
68  InitializationVector iv(search_map(vars, std::string("iv")));
69 
70  for(size_t i = 0; i != providers.size(); ++i)
71  {
72  const std::string provider = providers[i];
73 
74  if(const HashFunction* proto =
75  af.prototype_hash_function(algo, provider))
76  {
77  Filter* filt = new Hash_Filter(proto->clone());
78  all_results[provider] = test_filter_kat(filt, input, output);
79  }
80  else if(const MessageAuthenticationCode* proto =
81  af.prototype_mac(algo, provider))
82  {
83  Keyed_Filter* filt = new MAC_Filter(proto->clone(), key);
84  all_results[provider] = test_filter_kat(filt, input, output);
85  }
86  else if(const StreamCipher* proto =
87  af.prototype_stream_cipher(algo, provider))
88  {
89  Keyed_Filter* filt = new StreamCipher_Filter(proto->clone());
90  filt->set_key(key);
91  filt->set_iv(iv);
92 
93  all_results[provider] = test_filter_kat(filt, input, output);
94  }
95  else if(const BlockCipher* proto =
96  af.prototype_block_cipher(algo, provider))
97  {
98  Keyed_Filter* enc = get_cipher_mode(proto, ENCRYPTION,
99  algo_name.cipher_mode(),
100  algo_name.cipher_mode_pad());
101 
102  Keyed_Filter* dec = get_cipher_mode(proto, DECRYPTION,
103  algo_name.cipher_mode(),
104  algo_name.cipher_mode_pad());
105 
106  if(!enc || !dec)
107  {
108  delete enc;
109  delete dec;
110  continue;
111  }
112 
113  enc->set_key(key);
114 
115  if(enc->valid_iv_length(iv.length()))
116  enc->set_iv(iv);
117  else if(!enc->valid_iv_length(0))
118  throw Invalid_IV_Length(algo, iv.length());
119 
120  dec->set_key(key);
121 
122  if(dec->valid_iv_length(iv.length()))
123  dec->set_iv(iv);
124  else if(!dec->valid_iv_length(0))
125  throw Invalid_IV_Length(algo, iv.length());
126 
127  const std::vector<byte> ad = hex_decode(search_map(vars, std::string("ad")));
128 
129  if(!ad.empty())
130  {
131  if(AEAD_Filter* enc_aead = dynamic_cast<AEAD_Filter*>(enc))
132  {
133  enc_aead->set_associated_data(&ad[0], ad.size());
134 
135  if(AEAD_Filter* dec_aead = dynamic_cast<AEAD_Filter*>(dec))
136  dec_aead->set_associated_data(&ad[0], ad.size());
137  }
138  }
139 
140  all_results[provider + " (encrypt)"] = test_filter_kat(enc, input, output);
141  all_results[provider + " (decrypt)"] = test_filter_kat(dec, output, input);
142  }
143  }
144 
145  return all_results;
146  }
void BOTAN_DLL Botan::aont_package ( RandomNumberGenerator &  rng,
BlockCipher *  cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform

Parameters
rngthe random number generator to use
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len + cipher->BLOCK_SIZE bytes long)

Definition at line 17 of file package.cpp.

References Botan::OctetString::begin(), Botan::BlockCipher::block_size(), clear_mem(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

21  {
22  const size_t BLOCK_SIZE = cipher->block_size();
23 
24  if(!cipher->valid_keylength(BLOCK_SIZE))
25  throw Invalid_Argument("AONT::package: Invalid cipher");
26 
27  // The all-zero string which is used both as the CTR IV and as K0
28  const std::string all_zeros(BLOCK_SIZE*2, '0');
29 
30  SymmetricKey package_key(rng, BLOCK_SIZE);
31 
32  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
33 
34  pipe.process_msg(input, input_len);
35  pipe.read(output, pipe.remaining());
36 
37  // Set K0 (the all zero key)
38  cipher->set_key(SymmetricKey(all_zeros));
39 
40  secure_vector<byte> buf(BLOCK_SIZE);
41 
42  const size_t blocks =
43  (input_len + BLOCK_SIZE - 1) / BLOCK_SIZE;
44 
45  byte* final_block = output + input_len;
46  clear_mem(final_block, BLOCK_SIZE);
47 
48  // XOR the hash blocks into the final block
49  for(size_t i = 0; i != blocks; ++i)
50  {
51  const size_t left = std::min<size_t>(BLOCK_SIZE,
52  input_len - BLOCK_SIZE * i);
53 
54  zeroise(buf);
55  copy_mem(&buf[0], output + (BLOCK_SIZE * i), left);
56 
57  for(size_t j = 0; j != sizeof(i); ++j)
58  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
59 
60  cipher->encrypt(&buf[0]);
61 
62  xor_buf(&final_block[0], &buf[0], BLOCK_SIZE);
63  }
64 
65  // XOR the random package key into the final block
66  xor_buf(&final_block[0], package_key.begin(), BLOCK_SIZE);
67  }
void BOTAN_DLL Botan::aont_unpackage ( BlockCipher *  cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform (Inversion)

Parameters
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len - cipher->BLOCK_SIZE bytes long)

Definition at line 69 of file package.cpp.

References Botan::BlockCipher::block_size(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

72  {
73  const size_t BLOCK_SIZE = cipher->block_size();
74 
75  if(!cipher->valid_keylength(BLOCK_SIZE))
76  throw Invalid_Argument("AONT::unpackage: Invalid cipher");
77 
78  if(input_len < BLOCK_SIZE)
79  throw Invalid_Argument("AONT::unpackage: Input too short");
80 
81  // The all-zero string which is used both as the CTR IV and as K0
82  const std::string all_zeros(BLOCK_SIZE*2, '0');
83 
84  cipher->set_key(SymmetricKey(all_zeros));
85 
86  secure_vector<byte> package_key(BLOCK_SIZE);
87  secure_vector<byte> buf(BLOCK_SIZE);
88 
89  // Copy the package key (masked with the block hashes)
90  copy_mem(&package_key[0],
91  input + (input_len - BLOCK_SIZE),
92  BLOCK_SIZE);
93 
94  const size_t blocks = ((input_len - 1) / BLOCK_SIZE);
95 
96  // XOR the blocks into the package key bits
97  for(size_t i = 0; i != blocks; ++i)
98  {
99  const size_t left = std::min<size_t>(BLOCK_SIZE,
100  input_len - BLOCK_SIZE * (i+1));
101 
102  zeroise(buf);
103  copy_mem(&buf[0], input + (BLOCK_SIZE * i), left);
104 
105  for(size_t j = 0; j != sizeof(i); ++j)
106  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
107 
108  cipher->encrypt(&buf[0]);
109 
110  xor_buf(&package_key[0], &buf[0], BLOCK_SIZE);
111  }
112 
113  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
114 
115  pipe.process_msg(input, input_len - BLOCK_SIZE);
116 
117  pipe.read(output, pipe.remaining());
118  }
void BOTAN_DLL Botan::assertion_failure ( const char *  expr_str,
const char *  assertion_made,
const char *  func,
const char *  file,
int  line 
)

Called when an assertion fails

Definition at line 13 of file assert.cpp.

18  {
19  std::ostringstream format;
20 
21  format << "False assertion ";
22 
23  if(assertion_made && assertion_made[0] != 0)
24  format << "'" << assertion_made << "' (expression " << expr_str << ") ";
25  else
26  format << expr_str << " ";
27 
28  if(func)
29  format << "in " << func << " ";
30 
31  format << "@" << file << ":" << line;
32 
33  throw Internal_Error(format.str());
34  }
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding is allowed
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 94 of file base64.cpp.

References clear_mem().

Referenced by base64_decode(), Botan::Base64_Decoder::end_msg(), Botan::SRP6_Authenticator_File::SRP6_Authenticator_File(), and Botan::Base64_Decoder::write().

100  {
101  /*
102  * Base64 Decoder Lookup Table
103  * Warning: assumes ASCII encodings
104  */
105  static const byte BASE64_TO_BIN[256] = {
106  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
107  0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
108  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
109  0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
110  0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35,
111  0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
112  0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
113  0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
114  0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
115  0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
116  0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
117  0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
118  0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
119  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
120  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
121  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
122  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
123  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
124  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
125  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
126  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
127  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
128  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
129  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
130  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
131  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
132 
133  byte* out_ptr = output;
134  byte decode_buf[4];
135  size_t decode_buf_pos = 0;
136  size_t final_truncate = 0;
137 
138  clear_mem(output, input_length * 3 / 4);
139 
140  for(size_t i = 0; i != input_length; ++i)
141  {
142  const byte bin = BASE64_TO_BIN[static_cast<byte>(input[i])];
143 
144  if(bin <= 0x3F)
145  {
146  decode_buf[decode_buf_pos] = bin;
147  decode_buf_pos += 1;
148  }
149  else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
150  {
151  std::string bad_char(1, input[i]);
152  if(bad_char == "\t")
153  bad_char = "\\t";
154  else if(bad_char == "\n")
155  bad_char = "\\n";
156  else if(bad_char == "\r")
157  bad_char = "\\r";
158 
159  throw std::invalid_argument(
160  std::string("base64_decode: invalid base64 character '") +
161  bad_char + "'");
162  }
163 
164  /*
165  * If we're at the end of the input, pad with 0s and truncate
166  */
167  if(final_inputs && (i == input_length - 1))
168  {
169  if(decode_buf_pos)
170  {
171  for(size_t i = decode_buf_pos; i != 4; ++i)
172  decode_buf[i] = 0;
173  final_truncate = (4 - decode_buf_pos);
174  decode_buf_pos = 4;
175  }
176  }
177 
178  if(decode_buf_pos == 4)
179  {
180  out_ptr[0] = (decode_buf[0] << 2) | (decode_buf[1] >> 4);
181  out_ptr[1] = (decode_buf[1] << 4) | (decode_buf[2] >> 2);
182  out_ptr[2] = (decode_buf[2] << 6) | decode_buf[3];
183 
184  out_ptr += 3;
185  decode_buf_pos = 0;
186  input_consumed = i+1;
187  }
188  }
189 
190  while(input_consumed < input_length &&
191  BASE64_TO_BIN[static_cast<byte>(input[input_consumed])] == 0x80)
192  {
193  ++input_consumed;
194  }
195 
196  size_t written = (out_ptr - output) - final_truncate;
197 
198  return written;
199  }
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 201 of file base64.cpp.

References base64_decode().

205  {
206  size_t consumed = 0;
207  size_t written = base64_decode(output, input, input_length,
208  consumed, true, ignore_ws);
209 
210  if(consumed != input_length)
211  throw std::invalid_argument("base64_decode: input did not have full bytes");
212 
213  return written;
214  }
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length/3*4 bytes
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 216 of file base64.cpp.

References base64_decode().

219  {
220  return base64_decode(output, &input[0], input.length(), ignore_ws);
221  }
secure_vector< byte > BOTAN_DLL Botan::base64_decode ( const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
input_lengththe length of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 223 of file base64.cpp.

References base64_decode().

226  {
227  secure_vector<byte> bin((round_up<size_t>(input_length, 4) * 3) / 4);
228 
229  size_t written = base64_decode(&bin[0],
230  input,
231  input_length,
232  ignore_ws);
233 
234  bin.resize(written);
235  return bin;
236  }
secure_vector< byte > BOTAN_DLL Botan::base64_decode ( const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 238 of file base64.cpp.

References base64_decode().

240  {
241  return base64_decode(&input[0], input.size(), ignore_ws);
242  }
size_t BOTAN_DLL Botan::base64_encode ( char  output[],
const byte  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs 
)

Perform base64 encoding

Parameters
outputan array of at least input_length*4/3 bytes
inputis some binary data
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding chars will be applied if needed
Returns
number of bytes written to output

Definition at line 35 of file base64.cpp.

Referenced by Botan::OCSP::Request::base64_encode(), and base64_encode().

40  {
41  input_consumed = 0;
42 
43  size_t input_remaining = input_length;
44  size_t output_produced = 0;
45 
46  while(input_remaining >= 3)
47  {
48  do_base64_encode(out + output_produced, in + input_consumed);
49 
50  input_consumed += 3;
51  output_produced += 4;
52  input_remaining -= 3;
53  }
54 
55  if(final_inputs && input_remaining)
56  {
57  byte remainder[3] = { 0 };
58  for(size_t i = 0; i != input_remaining; ++i)
59  remainder[i] = in[input_consumed + i];
60 
61  do_base64_encode(out + output_produced, remainder);
62 
63  size_t empty_bits = 8 * (3 - input_remaining);
64  size_t index = output_produced + 4 - 1;
65  while(empty_bits >= 8)
66  {
67  out[index--] = '=';
68  empty_bits -= 6;
69  }
70 
71  input_consumed += input_remaining;
72  output_produced += 4;
73  }
74 
75  return output_produced;
76  }
template<typename Alloc >
std::string Botan::base64_encode ( const std::vector< byte, Alloc > &  input)

Perform base64 encoding

Parameters
inputsome input
Returns
base64adecimal representation of input

Definition at line 50 of file base64.h.

References base64_encode().

51  {
52  return base64_encode(&input[0], input.size());
53  }
std::string BOTAN_DLL Botan::base64_encode ( const byte  input[],
size_t  input_length 
)

Perform base64 encoding

Parameters
inputsome input
input_lengthlength of input in bytes
Returns
base64adecimal representation of input

Definition at line 78 of file base64.cpp.

References base64_encode(), and BOTAN_ASSERT_EQUAL.

80  {
81  std::string output((round_up<size_t>(input_length, 3) / 3) * 4, 0);
82 
83  size_t consumed = 0;
84  size_t produced = base64_encode(&output[0],
85  input, input_length,
86  consumed, true);
87 
88  BOTAN_ASSERT_EQUAL(consumed, input_length, "Consumed the entire input");
89  BOTAN_ASSERT_EQUAL(produced, output.size(), "Produced expected size");
90 
91  return output;
92  }
void Botan::bigint_2word_mul ( word  a,
word  b,
word *  z1,
word *  z0 
)
inline

Definition at line 54 of file mp_asm.h.

55  {
56  const size_t MP_HWORD_BITS = BOTAN_MP_WORD_BITS / 2;
57  const word MP_HWORD_MASK = ((word)1 << MP_HWORD_BITS) - 1;
58 
59  const word a_hi = (a >> MP_HWORD_BITS);
60  const word a_lo = (a & MP_HWORD_MASK);
61  const word b_hi = (b >> MP_HWORD_BITS);
62  const word b_lo = (b & MP_HWORD_MASK);
63 
64  word x0 = a_hi * b_hi;
65  word x1 = a_lo * b_hi;
66  word x2 = a_hi * b_lo;
67  word x3 = a_lo * b_lo;
68 
69  x2 += x3 >> (MP_HWORD_BITS);
70  x2 += x1;
71 
72  if(x2 < x1) // timing channel
73  x0 += ((word)1 << MP_HWORD_BITS);
74 
75  *z0 = x0 + (x2 >> MP_HWORD_BITS);
76  *z1 = ((x2 & MP_HWORD_MASK) << MP_HWORD_BITS) + (x3 & MP_HWORD_MASK);
77  }
void Botan::bigint_add2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand addition

Parameters
xthe first operand (and output)
x_sizesize of x
ythe second operand
y_sizesize of y (must be >= x_size)

Definition at line 68 of file mp_asm.cpp.

References bigint_add2_nc().

Referenced by mul_add(), Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

69  {
70  if(bigint_add2_nc(x, x_size, y, y_size))
71  x[x_size] += 1;
72  }
word Botan::bigint_add2_nc ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand addition with carry out

Definition at line 22 of file mp_asm.cpp.

References word8_add2(), and word_add().

Referenced by bigint_add2().

23  {
24  word carry = 0;
25 
26  const size_t blocks = y_size - (y_size % 8);
27 
28  for(size_t i = 0; i != blocks; i += 8)
29  carry = word8_add2(x + i, y + i, carry);
30 
31  for(size_t i = blocks; i != y_size; ++i)
32  x[i] = word_add(x[i], y[i], &carry);
33 
34  for(size_t i = y_size; i != x_size; ++i)
35  x[i] = word_add(x[i], 0, &carry);
36 
37  return carry;
38  }
void Botan::bigint_add3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand addition

Definition at line 77 of file mp_asm.cpp.

References bigint_add3_nc().

Referenced by operator+(), and operator-().

79  {
80  z[(x_size > y_size ? x_size : y_size)] +=
81  bigint_add3_nc(z, x, x_size, y, y_size);
82  }
word Botan::bigint_add3_nc ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand addition with carry out

Definition at line 43 of file mp_asm.cpp.

References word8_add3(), and word_add().

Referenced by bigint_add3().

45  {
46  if(x_size < y_size)
47  { return bigint_add3_nc(z, y, y_size, x, x_size); }
48 
49  word carry = 0;
50 
51  const size_t blocks = y_size - (y_size % 8);
52 
53  for(size_t i = 0; i != blocks; i += 8)
54  carry = word8_add3(z + i, x + i, y + i, carry);
55 
56  for(size_t i = blocks; i != y_size; ++i)
57  z[i] = word_add(x[i], y[i], &carry);
58 
59  for(size_t i = y_size; i != x_size; ++i)
60  z[i] = word_add(x[i], 0, &carry);
61 
62  return carry;
63  }
s32bit Botan::bigint_cmp ( const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Compare x and y

Definition at line 18 of file mp_misc.cpp.

Referenced by Botan::BigInt::cmp(), operator+(), Botan::BigInt::operator+=(), operator-(), and Botan::BigInt::operator-=().

20  {
21  if(x_size < y_size) { return (-bigint_cmp(y, y_size, x, x_size)); }
22 
23  while(x_size > y_size)
24  {
25  if(x[x_size-1])
26  return 1;
27  x_size--;
28  }
29 
30  for(size_t i = x_size; i > 0; --i)
31  {
32  if(x[i-1] > y[i-1])
33  return 1;
34  if(x[i-1] < y[i-1])
35  return -1;
36  }
37 
38  return 0;
39  }
void Botan::bigint_comba_mul16 ( word  z[32],
const word  x[16],
const word  y[16] 
)

Definition at line 594 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

595  {
596  word w2 = 0, w1 = 0, w0 = 0;
597 
598  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
599  z[ 0] = w0; w0 = 0;
600 
601  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
602  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
603  z[ 1] = w1; w1 = 0;
604 
605  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
606  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
607  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
608  z[ 2] = w2; w2 = 0;
609 
610  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
611  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
612  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
613  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
614  z[ 3] = w0; w0 = 0;
615 
616  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
617  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
618  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
619  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
620  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
621  z[ 4] = w1; w1 = 0;
622 
623  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
624  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
625  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
626  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
627  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
628  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
629  z[ 5] = w2; w2 = 0;
630 
631  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
632  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
633  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
634  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
635  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
636  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
637  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
638  z[ 6] = w0; w0 = 0;
639 
640  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
641  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
642  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
643  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
644  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
645  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
646  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
647  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
648  z[ 7] = w1; w1 = 0;
649 
650  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 8]);
651  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
652  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
653  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
654  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
655  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
656  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
657  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
658  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 0]);
659  z[ 8] = w2; w2 = 0;
660 
661  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 9]);
662  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 8]);
663  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
664  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
665  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
666  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
667  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
668  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
669  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 1]);
670  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 0]);
671  z[ 9] = w0; w0 = 0;
672 
673  word3_muladd(&w0, &w2, &w1, x[ 0], y[10]);
674  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 9]);
675  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 8]);
676  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
677  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
678  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
679  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
680  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
681  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 2]);
682  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 1]);
683  word3_muladd(&w0, &w2, &w1, x[10], y[ 0]);
684  z[10] = w1; w1 = 0;
685 
686  word3_muladd(&w1, &w0, &w2, x[ 0], y[11]);
687  word3_muladd(&w1, &w0, &w2, x[ 1], y[10]);
688  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 9]);
689  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 8]);
690  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
691  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
692  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
693  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
694  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 3]);
695  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 2]);
696  word3_muladd(&w1, &w0, &w2, x[10], y[ 1]);
697  word3_muladd(&w1, &w0, &w2, x[11], y[ 0]);
698  z[11] = w2; w2 = 0;
699 
700  word3_muladd(&w2, &w1, &w0, x[ 0], y[12]);
701  word3_muladd(&w2, &w1, &w0, x[ 1], y[11]);
702  word3_muladd(&w2, &w1, &w0, x[ 2], y[10]);
703  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 9]);
704  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 8]);
705  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
706  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
707  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
708  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 4]);
709  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 3]);
710  word3_muladd(&w2, &w1, &w0, x[10], y[ 2]);
711  word3_muladd(&w2, &w1, &w0, x[11], y[ 1]);
712  word3_muladd(&w2, &w1, &w0, x[12], y[ 0]);
713  z[12] = w0; w0 = 0;
714 
715  word3_muladd(&w0, &w2, &w1, x[ 0], y[13]);
716  word3_muladd(&w0, &w2, &w1, x[ 1], y[12]);
717  word3_muladd(&w0, &w2, &w1, x[ 2], y[11]);
718  word3_muladd(&w0, &w2, &w1, x[ 3], y[10]);
719  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 9]);
720  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 8]);
721  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
722  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
723  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 5]);
724  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 4]);
725  word3_muladd(&w0, &w2, &w1, x[10], y[ 3]);
726  word3_muladd(&w0, &w2, &w1, x[11], y[ 2]);
727  word3_muladd(&w0, &w2, &w1, x[12], y[ 1]);
728  word3_muladd(&w0, &w2, &w1, x[13], y[ 0]);
729  z[13] = w1; w1 = 0;
730 
731  word3_muladd(&w1, &w0, &w2, x[ 0], y[14]);
732  word3_muladd(&w1, &w0, &w2, x[ 1], y[13]);
733  word3_muladd(&w1, &w0, &w2, x[ 2], y[12]);
734  word3_muladd(&w1, &w0, &w2, x[ 3], y[11]);
735  word3_muladd(&w1, &w0, &w2, x[ 4], y[10]);
736  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 9]);
737  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 8]);
738  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
739  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 6]);
740  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 5]);
741  word3_muladd(&w1, &w0, &w2, x[10], y[ 4]);
742  word3_muladd(&w1, &w0, &w2, x[11], y[ 3]);
743  word3_muladd(&w1, &w0, &w2, x[12], y[ 2]);
744  word3_muladd(&w1, &w0, &w2, x[13], y[ 1]);
745  word3_muladd(&w1, &w0, &w2, x[14], y[ 0]);
746  z[14] = w2; w2 = 0;
747 
748  word3_muladd(&w2, &w1, &w0, x[ 0], y[15]);
749  word3_muladd(&w2, &w1, &w0, x[ 1], y[14]);
750  word3_muladd(&w2, &w1, &w0, x[ 2], y[13]);
751  word3_muladd(&w2, &w1, &w0, x[ 3], y[12]);
752  word3_muladd(&w2, &w1, &w0, x[ 4], y[11]);
753  word3_muladd(&w2, &w1, &w0, x[ 5], y[10]);
754  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 9]);
755  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 8]);
756  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 7]);
757  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 6]);
758  word3_muladd(&w2, &w1, &w0, x[10], y[ 5]);
759  word3_muladd(&w2, &w1, &w0, x[11], y[ 4]);
760  word3_muladd(&w2, &w1, &w0, x[12], y[ 3]);
761  word3_muladd(&w2, &w1, &w0, x[13], y[ 2]);
762  word3_muladd(&w2, &w1, &w0, x[14], y[ 1]);
763  word3_muladd(&w2, &w1, &w0, x[15], y[ 0]);
764  z[15] = w0; w0 = 0;
765 
766  word3_muladd(&w0, &w2, &w1, x[ 1], y[15]);
767  word3_muladd(&w0, &w2, &w1, x[ 2], y[14]);
768  word3_muladd(&w0, &w2, &w1, x[ 3], y[13]);
769  word3_muladd(&w0, &w2, &w1, x[ 4], y[12]);
770  word3_muladd(&w0, &w2, &w1, x[ 5], y[11]);
771  word3_muladd(&w0, &w2, &w1, x[ 6], y[10]);
772  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 9]);
773  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 8]);
774  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 7]);
775  word3_muladd(&w0, &w2, &w1, x[10], y[ 6]);
776  word3_muladd(&w0, &w2, &w1, x[11], y[ 5]);
777  word3_muladd(&w0, &w2, &w1, x[12], y[ 4]);
778  word3_muladd(&w0, &w2, &w1, x[13], y[ 3]);
779  word3_muladd(&w0, &w2, &w1, x[14], y[ 2]);
780  word3_muladd(&w0, &w2, &w1, x[15], y[ 1]);
781  z[16] = w1; w1 = 0;
782 
783  word3_muladd(&w1, &w0, &w2, x[ 2], y[15]);
784  word3_muladd(&w1, &w0, &w2, x[ 3], y[14]);
785  word3_muladd(&w1, &w0, &w2, x[ 4], y[13]);
786  word3_muladd(&w1, &w0, &w2, x[ 5], y[12]);
787  word3_muladd(&w1, &w0, &w2, x[ 6], y[11]);
788  word3_muladd(&w1, &w0, &w2, x[ 7], y[10]);
789  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 9]);
790  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 8]);
791  word3_muladd(&w1, &w0, &w2, x[10], y[ 7]);
792  word3_muladd(&w1, &w0, &w2, x[11], y[ 6]);
793  word3_muladd(&w1, &w0, &w2, x[12], y[ 5]);
794  word3_muladd(&w1, &w0, &w2, x[13], y[ 4]);
795  word3_muladd(&w1, &w0, &w2, x[14], y[ 3]);
796  word3_muladd(&w1, &w0, &w2, x[15], y[ 2]);
797  z[17] = w2; w2 = 0;
798 
799  word3_muladd(&w2, &w1, &w0, x[ 3], y[15]);
800  word3_muladd(&w2, &w1, &w0, x[ 4], y[14]);
801  word3_muladd(&w2, &w1, &w0, x[ 5], y[13]);
802  word3_muladd(&w2, &w1, &w0, x[ 6], y[12]);
803  word3_muladd(&w2, &w1, &w0, x[ 7], y[11]);
804  word3_muladd(&w2, &w1, &w0, x[ 8], y[10]);
805  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 9]);
806  word3_muladd(&w2, &w1, &w0, x[10], y[ 8]);
807  word3_muladd(&w2, &w1, &w0, x[11], y[ 7]);
808  word3_muladd(&w2, &w1, &w0, x[12], y[ 6]);
809  word3_muladd(&w2, &w1, &w0, x[13], y[ 5]);
810  word3_muladd(&w2, &w1, &w0, x[14], y[ 4]);
811  word3_muladd(&w2, &w1, &w0, x[15], y[ 3]);
812  z[18] = w0; w0 = 0;
813 
814  word3_muladd(&w0, &w2, &w1, x[ 4], y[15]);
815  word3_muladd(&w0, &w2, &w1, x[ 5], y[14]);
816  word3_muladd(&w0, &w2, &w1, x[ 6], y[13]);
817  word3_muladd(&w0, &w2, &w1, x[ 7], y[12]);
818  word3_muladd(&w0, &w2, &w1, x[ 8], y[11]);
819  word3_muladd(&w0, &w2, &w1, x[ 9], y[10]);
820  word3_muladd(&w0, &w2, &w1, x[10], y[ 9]);
821  word3_muladd(&w0, &w2, &w1, x[11], y[ 8]);
822  word3_muladd(&w0, &w2, &w1, x[12], y[ 7]);
823  word3_muladd(&w0, &w2, &w1, x[13], y[ 6]);
824  word3_muladd(&w0, &w2, &w1, x[14], y[ 5]);
825  word3_muladd(&w0, &w2, &w1, x[15], y[ 4]);
826  z[19] = w1; w1 = 0;
827 
828  word3_muladd(&w1, &w0, &w2, x[ 5], y[15]);
829  word3_muladd(&w1, &w0, &w2, x[ 6], y[14]);
830  word3_muladd(&w1, &w0, &w2, x[ 7], y[13]);
831  word3_muladd(&w1, &w0, &w2, x[ 8], y[12]);
832  word3_muladd(&w1, &w0, &w2, x[ 9], y[11]);
833  word3_muladd(&w1, &w0, &w2, x[10], y[10]);
834  word3_muladd(&w1, &w0, &w2, x[11], y[ 9]);
835  word3_muladd(&w1, &w0, &w2, x[12], y[ 8]);
836  word3_muladd(&w1, &w0, &w2, x[13], y[ 7]);
837  word3_muladd(&w1, &w0, &w2, x[14], y[ 6]);
838  word3_muladd(&w1, &w0, &w2, x[15], y[ 5]);
839  z[20] = w2; w2 = 0;
840 
841  word3_muladd(&w2, &w1, &w0, x[ 6], y[15]);
842  word3_muladd(&w2, &w1, &w0, x[ 7], y[14]);
843  word3_muladd(&w2, &w1, &w0, x[ 8], y[13]);
844  word3_muladd(&w2, &w1, &w0, x[ 9], y[12]);
845  word3_muladd(&w2, &w1, &w0, x[10], y[11]);
846  word3_muladd(&w2, &w1, &w0, x[11], y[10]);
847  word3_muladd(&w2, &w1, &w0, x[12], y[ 9]);
848  word3_muladd(&w2, &w1, &w0, x[13], y[ 8]);
849  word3_muladd(&w2, &w1, &w0, x[14], y[ 7]);
850  word3_muladd(&w2, &w1, &w0, x[15], y[ 6]);
851  z[21] = w0; w0 = 0;
852 
853  word3_muladd(&w0, &w2, &w1, x[ 7], y[15]);
854  word3_muladd(&w0, &w2, &w1, x[ 8], y[14]);
855  word3_muladd(&w0, &w2, &w1, x[ 9], y[13]);
856  word3_muladd(&w0, &w2, &w1, x[10], y[12]);
857  word3_muladd(&w0, &w2, &w1, x[11], y[11]);
858  word3_muladd(&w0, &w2, &w1, x[12], y[10]);
859  word3_muladd(&w0, &w2, &w1, x[13], y[ 9]);
860  word3_muladd(&w0, &w2, &w1, x[14], y[ 8]);
861  word3_muladd(&w0, &w2, &w1, x[15], y[ 7]);
862  z[22] = w1; w1 = 0;
863 
864  word3_muladd(&w1, &w0, &w2, x[ 8], y[15]);
865  word3_muladd(&w1, &w0, &w2, x[ 9], y[14]);
866  word3_muladd(&w1, &w0, &w2, x[10], y[13]);
867  word3_muladd(&w1, &w0, &w2, x[11], y[12]);
868  word3_muladd(&w1, &w0, &w2, x[12], y[11]);
869  word3_muladd(&w1, &w0, &w2, x[13], y[10]);
870  word3_muladd(&w1, &w0, &w2, x[14], y[ 9]);
871  word3_muladd(&w1, &w0, &w2, x[15], y[ 8]);
872  z[23] = w2; w2 = 0;
873 
874  word3_muladd(&w2, &w1, &w0, x[ 9], y[15]);
875  word3_muladd(&w2, &w1, &w0, x[10], y[14]);
876  word3_muladd(&w2, &w1, &w0, x[11], y[13]);
877  word3_muladd(&w2, &w1, &w0, x[12], y[12]);
878  word3_muladd(&w2, &w1, &w0, x[13], y[11]);
879  word3_muladd(&w2, &w1, &w0, x[14], y[10]);
880  word3_muladd(&w2, &w1, &w0, x[15], y[ 9]);
881  z[24] = w0; w0 = 0;
882 
883  word3_muladd(&w0, &w2, &w1, x[10], y[15]);
884  word3_muladd(&w0, &w2, &w1, x[11], y[14]);
885  word3_muladd(&w0, &w2, &w1, x[12], y[13]);
886  word3_muladd(&w0, &w2, &w1, x[13], y[12]);
887  word3_muladd(&w0, &w2, &w1, x[14], y[11]);
888  word3_muladd(&w0, &w2, &w1, x[15], y[10]);
889  z[25] = w1; w1 = 0;
890 
891  word3_muladd(&w1, &w0, &w2, x[11], y[15]);
892  word3_muladd(&w1, &w0, &w2, x[12], y[14]);
893  word3_muladd(&w1, &w0, &w2, x[13], y[13]);
894  word3_muladd(&w1, &w0, &w2, x[14], y[12]);
895  word3_muladd(&w1, &w0, &w2, x[15], y[11]);
896  z[26] = w2; w2 = 0;
897 
898  word3_muladd(&w2, &w1, &w0, x[12], y[15]);
899  word3_muladd(&w2, &w1, &w0, x[13], y[14]);
900  word3_muladd(&w2, &w1, &w0, x[14], y[13]);
901  word3_muladd(&w2, &w1, &w0, x[15], y[12]);
902  z[27] = w0; w0 = 0;
903 
904  word3_muladd(&w0, &w2, &w1, x[13], y[15]);
905  word3_muladd(&w0, &w2, &w1, x[14], y[14]);
906  word3_muladd(&w0, &w2, &w1, x[15], y[13]);
907  z[28] = w1; w1 = 0;
908 
909  word3_muladd(&w1, &w0, &w2, x[14], y[15]);
910  word3_muladd(&w1, &w0, &w2, x[15], y[14]);
911  z[29] = w2; w2 = 0;
912 
913  word3_muladd(&w2, &w1, &w0, x[15], y[15]);
914  z[30] = w0;
915  z[31] = w1;
916  }
void Botan::bigint_comba_mul4 ( word  z[8],
const word  x[4],
const word  y[4] 
)

Definition at line 51 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

52  {
53  word w2 = 0, w1 = 0, w0 = 0;
54 
55  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
56  z[ 0] = w0; w0 = 0;
57 
58  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
59  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
60  z[ 1] = w1; w1 = 0;
61 
62  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
63  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
64  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
65  z[ 2] = w2; w2 = 0;
66 
67  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
68  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
69  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
70  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
71  z[ 3] = w0; w0 = 0;
72 
73  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
74  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
75  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
76  z[ 4] = w1; w1 = 0;
77 
78  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
79  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
80  z[ 5] = w2; w2 = 0;
81 
82  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
83  z[ 6] = w0;
84  z[ 7] = w1;
85  }
void Botan::bigint_comba_mul6 ( word  z[12],
const word  x[6],
const word  y[6] 
)

Definition at line 142 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

143  {
144  word w2 = 0, w1 = 0, w0 = 0;
145 
146  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
147  z[ 0] = w0; w0 = 0;
148 
149  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
150  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
151  z[ 1] = w1; w1 = 0;
152 
153  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
154  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
155  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
156  z[ 2] = w2; w2 = 0;
157 
158  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
159  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
160  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
161  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
162  z[ 3] = w0; w0 = 0;
163 
164  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
165  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
166  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
167  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
168  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
169  z[ 4] = w1; w1 = 0;
170 
171  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
172  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
173  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
174  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
175  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
176  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
177  z[ 5] = w2; w2 = 0;
178 
179  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
180  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
181  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
182  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
183  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
184  z[ 6] = w0; w0 = 0;
185 
186  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
187  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
188  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
189  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
190  z[ 7] = w1; w1 = 0;
191 
192  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
193  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
194  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
195  z[ 8] = w2; w2 = 0;
196 
197  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
198  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
199  z[ 9] = w0; w0 = 0;
200 
201  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
202  z[10] = w1;
203  z[11] = w2;
204  }
void Botan::bigint_comba_mul8 ( word  z[16],
const word  x[8],
const word  y[8] 
)

Definition at line 284 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

285  {
286  word w2 = 0, w1 = 0, w0 = 0;
287 
288  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
289  z[ 0] = w0; w0 = 0;
290 
291  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
292  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
293  z[ 1] = w1; w1 = 0;
294 
295  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
296  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
297  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
298  z[ 2] = w2; w2 = 0;
299 
300  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
301  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
302  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
303  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
304  z[ 3] = w0; w0 = 0;
305 
306  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
307  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
308  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
309  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
310  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
311  z[ 4] = w1; w1 = 0;
312 
313  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
314  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
315  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
316  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
317  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
318  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
319  z[ 5] = w2; w2 = 0;
320 
321  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
322  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
323  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
324  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
325  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
326  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
327  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
328  z[ 6] = w0; w0 = 0;
329 
330  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
331  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
332  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
333  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
334  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
335  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
336  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
337  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
338  z[ 7] = w1; w1 = 0;
339 
340  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
341  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
342  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
343  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
344  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
345  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
346  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
347  z[ 8] = w2; w2 = 0;
348 
349  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
350  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
351  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
352  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
353  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
354  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
355  z[ 9] = w0; w0 = 0;
356 
357  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
358  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
359  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
360  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
361  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
362  z[10] = w1; w1 = 0;
363 
364  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
365  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
366  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
367  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
368  z[11] = w2; w2 = 0;
369 
370  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
371  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
372  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
373  z[12] = w0; w0 = 0;
374 
375  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
376  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
377  z[13] = w1; w1 = 0;
378 
379  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
380  z[14] = w2;
381  z[15] = w0;
382  }
void Botan::bigint_comba_sqr16 ( word  z[32],
const word  x[16] 
)

Definition at line 387 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

388  {
389  word w2 = 0, w1 = 0, w0 = 0;
390 
391  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
392  z[ 0] = w0; w0 = 0;
393 
394  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
395  z[ 1] = w1; w1 = 0;
396 
397  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
398  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
399  z[ 2] = w2; w2 = 0;
400 
401  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
402  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
403  z[ 3] = w0; w0 = 0;
404 
405  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
406  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
407  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
408  z[ 4] = w1; w1 = 0;
409 
410  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
411  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
412  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
413  z[ 5] = w2; w2 = 0;
414 
415  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
416  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
417  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
418  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
419  z[ 6] = w0; w0 = 0;
420 
421  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
422  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
423  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
424  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
425  z[ 7] = w1; w1 = 0;
426 
427  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 8]);
428  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
429  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
430  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
431  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
432  z[ 8] = w2; w2 = 0;
433 
434  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 9]);
435  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 8]);
436  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
437  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
438  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
439  z[ 9] = w0; w0 = 0;
440 
441  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[10]);
442  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 9]);
443  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 8]);
444  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
445  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
446  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
447  z[10] = w1; w1 = 0;
448 
449  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[11]);
450  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[10]);
451  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 9]);
452  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 8]);
453  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
454  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
455  z[11] = w2; w2 = 0;
456 
457  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[12]);
458  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[11]);
459  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[10]);
460  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 9]);
461  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 8]);
462  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
463  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
464  z[12] = w0; w0 = 0;
465 
466  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[13]);
467  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[12]);
468  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[11]);
469  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[10]);
470  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 9]);
471  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[ 8]);
472  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
473  z[13] = w1; w1 = 0;
474 
475  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[14]);
476  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[13]);
477  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[12]);
478  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[11]);
479  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[10]);
480  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 9]);
481  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[ 8]);
482  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
483  z[14] = w2; w2 = 0;
484 
485  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[15]);
486  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[14]);
487  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[13]);
488  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[12]);
489  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[11]);
490  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[10]);
491  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[ 9]);
492  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[ 8]);
493  z[15] = w0; w0 = 0;
494 
495  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[15]);
496  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[14]);
497  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[13]);
498  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[12]);
499  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[11]);
500  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[10]);
501  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[ 9]);
502  word3_muladd(&w0, &w2, &w1, x[ 8], x[ 8]);
503  z[16] = w1; w1 = 0;
504 
505  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[15]);
506  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[14]);
507  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[13]);
508  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[12]);
509  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[11]);
510  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[10]);
511  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[ 9]);
512  z[17] = w2; w2 = 0;
513 
514  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[15]);
515  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[14]);
516  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[13]);
517  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[12]);
518  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[11]);
519  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[10]);
520  word3_muladd(&w2, &w1, &w0, x[ 9], x[ 9]);
521  z[18] = w0; w0 = 0;
522 
523  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[15]);
524  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[14]);
525  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[13]);
526  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[12]);
527  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[11]);
528  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[10]);
529  z[19] = w1; w1 = 0;
530 
531  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[15]);
532  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[14]);
533  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[13]);
534  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[12]);
535  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[11]);
536  word3_muladd(&w1, &w0, &w2, x[10], x[10]);
537  z[20] = w2; w2 = 0;
538 
539  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[15]);
540  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[14]);
541  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[13]);
542  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[12]);
543  word3_muladd_2(&w2, &w1, &w0, x[10], x[11]);
544  z[21] = w0; w0 = 0;
545 
546  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[15]);
547  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[14]);
548  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[13]);
549  word3_muladd_2(&w0, &w2, &w1, x[10], x[12]);
550  word3_muladd(&w0, &w2, &w1, x[11], x[11]);
551  z[22] = w1; w1 = 0;
552 
553  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[15]);
554  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[14]);
555  word3_muladd_2(&w1, &w0, &w2, x[10], x[13]);
556  word3_muladd_2(&w1, &w0, &w2, x[11], x[12]);
557  z[23] = w2; w2 = 0;
558 
559  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[15]);
560  word3_muladd_2(&w2, &w1, &w0, x[10], x[14]);
561  word3_muladd_2(&w2, &w1, &w0, x[11], x[13]);
562  word3_muladd(&w2, &w1, &w0, x[12], x[12]);
563  z[24] = w0; w0 = 0;
564 
565  word3_muladd_2(&w0, &w2, &w1, x[10], x[15]);
566  word3_muladd_2(&w0, &w2, &w1, x[11], x[14]);
567  word3_muladd_2(&w0, &w2, &w1, x[12], x[13]);
568  z[25] = w1; w1 = 0;
569 
570  word3_muladd_2(&w1, &w0, &w2, x[11], x[15]);
571  word3_muladd_2(&w1, &w0, &w2, x[12], x[14]);
572  word3_muladd(&w1, &w0, &w2, x[13], x[13]);
573  z[26] = w2; w2 = 0;
574 
575  word3_muladd_2(&w2, &w1, &w0, x[12], x[15]);
576  word3_muladd_2(&w2, &w1, &w0, x[13], x[14]);
577  z[27] = w0; w0 = 0;
578 
579  word3_muladd_2(&w0, &w2, &w1, x[13], x[15]);
580  word3_muladd(&w0, &w2, &w1, x[14], x[14]);
581  z[28] = w1; w1 = 0;
582 
583  word3_muladd_2(&w1, &w0, &w2, x[14], x[15]);
584  z[29] = w2; w2 = 0;
585 
586  word3_muladd(&w2, &w1, &w0, x[15], x[15]);
587  z[30] = w0;
588  z[31] = w1;
589  }
void Botan::bigint_comba_sqr4 ( word  z[8],
const word  x[4] 
)

Definition at line 18 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

19  {
20  word w2 = 0, w1 = 0, w0 = 0;
21 
22  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
23  z[ 0] = w0; w0 = 0;
24 
25  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
26  z[ 1] = w1; w1 = 0;
27 
28  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
29  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
30  z[ 2] = w2; w2 = 0;
31 
32  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
33  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
34  z[ 3] = w0; w0 = 0;
35 
36  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
37  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
38  z[ 4] = w1; w1 = 0;
39 
40  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
41  z[ 5] = w2; w2 = 0;
42 
43  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
44  z[ 6] = w0;
45  z[ 7] = w1;
46  }
void Botan::bigint_comba_sqr6 ( word  z[12],
const word  x[6] 
)

Definition at line 90 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

91  {
92  word w2 = 0, w1 = 0, w0 = 0;
93 
94  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
95  z[ 0] = w0; w0 = 0;
96 
97  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
98  z[ 1] = w1; w1 = 0;
99 
100  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
101  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
102  z[ 2] = w2; w2 = 0;
103 
104  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
105  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
106  z[ 3] = w0; w0 = 0;
107 
108  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
109  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
110  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
111  z[ 4] = w1; w1 = 0;
112 
113  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
114  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
115  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
116  z[ 5] = w2; w2 = 0;
117 
118  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
119  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
120  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
121  z[ 6] = w0; w0 = 0;
122 
123  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
124  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
125  z[ 7] = w1; w1 = 0;
126 
127  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
128  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
129  z[ 8] = w2; w2 = 0;
130 
131  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
132  z[ 9] = w0; w0 = 0;
133 
134  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
135  z[10] = w1;
136  z[11] = w2;
137  }
void Botan::bigint_comba_sqr8 ( word  z[16],
const word  x[8] 
)

Definition at line 209 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

210  {
211  word w2 = 0, w1 = 0, w0 = 0;
212 
213  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
214  z[ 0] = w0; w0 = 0;
215 
216  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
217  z[ 1] = w1; w1 = 0;
218 
219  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
220  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
221  z[ 2] = w2; w2 = 0;
222 
223  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
224  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
225  z[ 3] = w0; w0 = 0;
226 
227  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
228  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
229  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
230  z[ 4] = w1; w1 = 0;
231 
232  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
233  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
234  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
235  z[ 5] = w2; w2 = 0;
236 
237  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
238  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
239  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
240  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
241  z[ 6] = w0; w0 = 0;
242 
243  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
244  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
245  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
246  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
247  z[ 7] = w1; w1 = 0;
248 
249  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
250  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
251  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
252  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
253  z[ 8] = w2; w2 = 0;
254 
255  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
256  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
257  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
258  z[ 9] = w0; w0 = 0;
259 
260  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
261  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
262  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
263  z[10] = w1; w1 = 0;
264 
265  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
266  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
267  z[11] = w2; w2 = 0;
268 
269  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
270  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
271  z[12] = w0; w0 = 0;
272 
273  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
274  z[13] = w1; w1 = 0;
275 
276  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
277  z[14] = w2;
278  z[15] = w0;
279  }
word Botan::bigint_divop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) / d

Definition at line 44 of file mp_misc.cpp.

References MP_WORD_BITS, and MP_WORD_TOP_BIT.

Referenced by bigint_modop(), divide(), and monty_inverse().

45  {
46  word high = n1 % d, quotient = 0;
47 
48  for(size_t i = 0; i != MP_WORD_BITS; ++i)
49  {
50  word high_top_bit = (high & MP_WORD_TOP_BIT);
51 
52  high <<= 1;
53  high |= (n0 >> (MP_WORD_BITS-1-i)) & 1;
54  quotient <<= 1;
55 
56  if(high_top_bit || high >= d)
57  {
58  high -= d;
59  quotient |= 1;
60  }
61  }
62 
63  return quotient;
64  }
void Botan::bigint_linmul2 ( word  x[],
size_t  x_size,
word  y 
)

Definition at line 149 of file mp_asm.cpp.

References word8_linmul2(), and word_madd2().

Referenced by Botan::BigInt::operator*=().

150  {
151  const size_t blocks = x_size - (x_size % 8);
152 
153  word carry = 0;
154 
155  for(size_t i = 0; i != blocks; i += 8)
156  carry = word8_linmul2(x + i, y, carry);
157 
158  for(size_t i = blocks; i != x_size; ++i)
159  x[i] = word_madd2(x[i], y, &carry);
160 
161  x[x_size] = carry;
162  }
void Botan::bigint_linmul3 ( word  z[],
const word  x[],
size_t  x_size,
word  y 
)

Definition at line 167 of file mp_asm.cpp.

References word8_linmul3(), and word_madd2().

Referenced by bigint_mul(), bigint_sqr(), operator*(), and Botan::BigInt::operator*=().

168  {
169  const size_t blocks = x_size - (x_size % 8);
170 
171  word carry = 0;
172 
173  for(size_t i = 0; i != blocks; i += 8)
174  carry = word8_linmul3(z + i, x + i, y, carry);
175 
176  for(size_t i = blocks; i != x_size; ++i)
177  z[i] = word_madd2(x[i], y, &carry);
178 
179  z[x_size] = carry;
180  }
word Botan::bigint_modop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) % d

Definition at line 69 of file mp_misc.cpp.

References bigint_divop(), and word_madd2().

Referenced by operator%(), and Botan::BigInt::operator%=().

70  {
71  word z = bigint_divop(n1, n0, d);
72  word dummy = 0;
73  z = word_madd2(z, d, &dummy);
74  return (n0-z);
75  }
void Botan::bigint_monty_mul ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 71 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_mul().

Referenced by Botan::Montgomery_Exponentiator::execute(), and Botan::Montgomery_Exponentiator::set_base().

76  {
77  bigint_mul(&z[0], z_size, &ws[0],
78  &x[0], x_size, x_sw,
79  &y[0], y_size, y_sw);
80 
81  bigint_monty_redc(&z[0],
82  &p[0], p_size, p_dash,
83  &ws[0]);
84  }
void Botan::bigint_monty_redc ( word  z[],
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Montgomery Reduction

Parameters
zinteger to reduce, of size exactly 2*(p_size+1). Output is in the first p_size+1 words, higher words are set to zero.
pmodulus
p_sizesize of p
p_dashMontgomery value
workspacearray of at least 2*(p_size+1) words

Definition at line 21 of file mp_monty.cpp.

References clear_mem(), copy_mem(), word8_madd3(), word_madd3(), and word_sub().

Referenced by bigint_monty_mul(), bigint_monty_sqr(), and Botan::Montgomery_Exponentiator::execute().

24  {
25  const size_t z_size = 2*(p_size+1);
26 
27  const size_t blocks_of_8 = p_size - (p_size % 8);
28 
29  for(size_t i = 0; i != p_size; ++i)
30  {
31  word* z_i = z + i;
32 
33  const word y = z_i[0] * p_dash;
34 
35  /*
36  bigint_linmul3(ws, p, p_size, y);
37  bigint_add2(z_i, z_size - i, ws, p_size+1);
38  */
39 
40  word carry = 0;
41 
42  for(size_t j = 0; j != blocks_of_8; j += 8)
43  carry = word8_madd3(z_i + j, p + j, y, carry);
44 
45  for(size_t j = blocks_of_8; j != p_size; ++j)
46  z_i[j] = word_madd3(p[j], y, z_i[j], &carry);
47 
48  word z_sum = z_i[p_size] + carry;
49  carry = (z_sum < z_i[p_size]);
50  z_i[p_size] = z_sum;
51 
52  for(size_t j = p_size + 1; carry && j != z_size - i; ++j)
53  {
54  ++z_i[j];
55  carry = !z_i[j];
56  }
57  }
58 
59  word borrow = 0;
60  for(size_t i = 0; i != p_size; ++i)
61  ws[i] = word_sub(z[p_size + i], p[i], &borrow);
62 
63  ws[p_size] = word_sub(z[p_size+p_size], 0, &borrow);
64 
65  copy_mem(ws + p_size + 1, z + p_size, p_size + 1);
66 
67  copy_mem(z, ws + borrow*(p_size+1), p_size + 1);
68  clear_mem(z + p_size + 1, z_size - p_size - 1);
69  }
void Botan::bigint_monty_sqr ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 86 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_sqr().

Referenced by Botan::Montgomery_Exponentiator::execute().

90  {
91  bigint_sqr(&z[0], z_size, &ws[0],
92  &x[0], x_size, x_sw);
93 
94  bigint_monty_redc(&z[0],
95  &p[0], p_size, p_dash,
96  &ws[0]);
97  }
void Botan::bigint_mul ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw 
)

Definition at line 213 of file mp_karat.cpp.

References bigint_comba_mul16(), bigint_comba_mul4(), bigint_comba_mul6(), bigint_comba_mul8(), bigint_linmul3(), and bigint_simple_mul().

Referenced by bigint_monty_mul(), mul_add(), operator*(), and Botan::BigInt::operator*=().

216  {
217  if(x_sw == 1)
218  {
219  bigint_linmul3(z, y, y_sw, x[0]);
220  }
221  else if(y_sw == 1)
222  {
223  bigint_linmul3(z, x, x_sw, y[0]);
224  }
225  else if(x_sw <= 4 && x_size >= 4 &&
226  y_sw <= 4 && y_size >= 4 && z_size >= 8)
227  {
228  bigint_comba_mul4(z, x, y);
229  }
230  else if(x_sw <= 6 && x_size >= 6 &&
231  y_sw <= 6 && y_size >= 6 && z_size >= 12)
232  {
233  bigint_comba_mul6(z, x, y);
234  }
235  else if(x_sw <= 8 && x_size >= 8 &&
236  y_sw <= 8 && y_size >= 8 && z_size >= 16)
237  {
238  bigint_comba_mul8(z, x, y);
239  }
240  else if(x_sw <= 16 && x_size >= 16 &&
241  y_sw <= 16 && y_size >= 16 && z_size >= 32)
242  {
243  bigint_comba_mul16(z, x, y);
244  }
245  else if(x_sw < KARATSUBA_MULTIPLY_THRESHOLD ||
246  y_sw < KARATSUBA_MULTIPLY_THRESHOLD ||
247  !workspace)
248  {
249  bigint_simple_mul(z, x, x_sw, y, y_sw);
250  }
251  else
252  {
253  const size_t N = karatsuba_size(z_size, x_size, x_sw, y_size, y_sw);
254 
255  if(N)
256  karatsuba_mul(z, x, y, N, workspace);
257  else
258  bigint_simple_mul(z, x, x_sw, y, y_sw);
259  }
260  }
void Botan::bigint_shl1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 18 of file mp_shift.cpp.

References clear_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator-=(), and Botan::BigInt::operator<<=().

19  {
20  if(word_shift)
21  {
22  for(size_t j = 1; j != x_size + 1; ++j)
23  x[(x_size - j) + word_shift] = x[x_size - j];
24  clear_mem(x, word_shift);
25  }
26 
27  if(bit_shift)
28  {
29  word carry = 0;
30  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
31  {
32  word temp = x[j];
33  x[j] = (temp << bit_shift) | carry;
34  carry = (temp >> (MP_WORD_BITS - bit_shift));
35  }
36  }
37  }
void Botan::bigint_shl2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 97 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator-(), and operator<<().

99  {
100  for(size_t j = 0; j != x_size; ++j)
101  y[j + word_shift] = x[j];
102  if(bit_shift)
103  {
104  word carry = 0;
105  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
106  {
107  word w = y[j];
108  y[j] = (w << bit_shift) | carry;
109  carry = (w >> (MP_WORD_BITS - bit_shift));
110  }
111  }
112  }
void Botan::bigint_shr1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 42 of file mp_shift.cpp.

References clear_mem(), copy_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator>>=().

43  {
44  if(x_size < word_shift)
45  {
46  clear_mem(x, x_size);
47  return;
48  }
49 
50  if(word_shift)
51  {
52  copy_mem(x, x + word_shift, x_size - word_shift);
53  clear_mem(x + x_size - word_shift, word_shift);
54  }
55 
56  if(bit_shift)
57  {
58  word carry = 0;
59 
60  size_t top = x_size - word_shift;
61 
62  while(top >= 4)
63  {
64  word w = x[top-1];
65  x[top-1] = (w >> bit_shift) | carry;
66  carry = (w << (MP_WORD_BITS - bit_shift));
67 
68  w = x[top-2];
69  x[top-2] = (w >> bit_shift) | carry;
70  carry = (w << (MP_WORD_BITS - bit_shift));
71 
72  w = x[top-3];
73  x[top-3] = (w >> bit_shift) | carry;
74  carry = (w << (MP_WORD_BITS - bit_shift));
75 
76  w = x[top-4];
77  x[top-4] = (w >> bit_shift) | carry;
78  carry = (w << (MP_WORD_BITS - bit_shift));
79 
80  top -= 4;
81  }
82 
83  while(top)
84  {
85  word w = x[top-1];
86  x[top-1] = (w >> bit_shift) | carry;
87  carry = (w << (MP_WORD_BITS - bit_shift));
88 
89  top--;
90  }
91  }
92  }
void Botan::bigint_shr2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 117 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator>>().

119  {
120  if(x_size < word_shift) return;
121 
122  for(size_t j = 0; j != x_size - word_shift; ++j)
123  y[j] = x[j + word_shift];
124  if(bit_shift)
125  {
126  word carry = 0;
127  for(size_t j = x_size - word_shift; j > 0; --j)
128  {
129  word w = y[j-1];
130  y[j-1] = (w >> bit_shift) | carry;
131  carry = (w << (MP_WORD_BITS - bit_shift));
132  }
133  }
134  }
void Botan::bigint_simple_mul ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 20 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_mul().

22  {
23  const size_t x_size_8 = x_size - (x_size % 8);
24 
25  clear_mem(z, x_size + y_size);
26 
27  for(size_t i = 0; i != y_size; ++i)
28  {
29  const word y_i = y[i];
30 
31  word carry = 0;
32 
33  for(size_t j = 0; j != x_size_8; j += 8)
34  carry = word8_madd3(z + i + j, x + j, y_i, carry);
35 
36  for(size_t j = x_size_8; j != x_size; ++j)
37  z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry);
38 
39  z[x_size+i] = carry;
40  }
41  }
void Botan::bigint_simple_sqr ( word  z[],
const word  x[],
size_t  x_size 
)

Definition at line 54 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_sqr().

55  {
56  const size_t x_size_8 = x_size - (x_size % 8);
57 
58  clear_mem(z, 2*x_size);
59 
60  for(size_t i = 0; i != x_size; ++i)
61  {
62  const word x_i = x[i];
63  word carry = 0;
64 
65  for(size_t j = 0; j != x_size_8; j += 8)
66  carry = word8_madd3(z + i + j, x + j, x_i, carry);
67 
68  for(size_t j = x_size_8; j != x_size; ++j)
69  z[i+j] = word_madd3(x[j], x_i, z[i+j], &carry);
70 
71  z[x_size+i] = carry;
72  }
73  }
void Botan::bigint_sqr ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw 
)

Definition at line 265 of file mp_karat.cpp.

References bigint_comba_sqr16(), bigint_comba_sqr4(), bigint_comba_sqr6(), bigint_comba_sqr8(), bigint_linmul3(), and bigint_simple_sqr().

Referenced by bigint_monty_sqr(), and square().

267  {
268  if(x_sw == 1)
269  {
270  bigint_linmul3(z, x, x_sw, x[0]);
271  }
272  else if(x_sw <= 4 && x_size >= 4 && z_size >= 8)
273  {
274  bigint_comba_sqr4(z, x);
275  }
276  else if(x_sw <= 6 && x_size >= 6 && z_size >= 12)
277  {
278  bigint_comba_sqr6(z, x);
279  }
280  else if(x_sw <= 8 && x_size >= 8 && z_size >= 16)
281  {
282  bigint_comba_sqr8(z, x);
283  }
284  else if(x_sw <= 16 && x_size >= 16 && z_size >= 32)
285  {
286  bigint_comba_sqr16(z, x);
287  }
288  else if(x_size < KARATSUBA_SQUARE_THRESHOLD || !workspace)
289  {
290  bigint_simple_sqr(z, x, x_sw);
291  }
292  else
293  {
294  const size_t N = karatsuba_size(z_size, x_size, x_sw);
295 
296  if(N)
297  karatsuba_sqr(z, x, N, workspace);
298  else
299  bigint_simple_sqr(z, x, x_sw);
300  }
301  }
word Botan::bigint_sub2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand subtraction

Definition at line 87 of file mp_asm.cpp.

References word8_sub2(), and word_sub().

Referenced by Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

88  {
89  word borrow = 0;
90 
91  const size_t blocks = y_size - (y_size % 8);
92 
93  for(size_t i = 0; i != blocks; i += 8)
94  borrow = word8_sub2(x + i, y + i, borrow);
95 
96  for(size_t i = blocks; i != y_size; ++i)
97  x[i] = word_sub(x[i], y[i], &borrow);
98 
99  for(size_t i = y_size; i != x_size; ++i)
100  x[i] = word_sub(x[i], 0, &borrow);
101 
102  return borrow;
103  }
void Botan::bigint_sub2_rev ( word  x[],
const word  y[],
size_t  y_size 
)

Two operand subtraction, x = y - x; assumes y >= x

Definition at line 108 of file mp_asm.cpp.

References word8_sub2_rev(), and word_sub().

Referenced by Botan::BigInt::operator-=().

109  {
110  word borrow = 0;
111 
112  const size_t blocks = y_size - (y_size % 8);
113 
114  for(size_t i = 0; i != blocks; i += 8)
115  borrow = word8_sub2_rev(x + i, y + i, borrow);
116 
117  for(size_t i = blocks; i != y_size; ++i)
118  x[i] = word_sub(y[i], x[i], &borrow);
119 
120  if(borrow)
121  throw Internal_Error("bigint_sub2_rev: x >= y");
122  }
word Botan::bigint_sub3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand subtraction

Definition at line 127 of file mp_asm.cpp.

References word8_sub3(), and word_sub().

Referenced by operator+(), Botan::BigInt::operator+=(), and operator-().

129  {
130  word borrow = 0;
131 
132  const size_t blocks = y_size - (y_size % 8);
133 
134  for(size_t i = 0; i != blocks; i += 8)
135  borrow = word8_sub3(z + i, x + i, y + i, borrow);
136 
137  for(size_t i = blocks; i != y_size; ++i)
138  z[i] = word_sub(x[i], y[i], &borrow);
139 
140  for(size_t i = y_size; i != x_size; ++i)
141  z[i] = word_sub(x[i], 0, &borrow);
142 
143  return borrow;
144  }
BOTAN_DLL size_t Botan::block_size_of ( const std::string &  algo_spec)

Find out the block size of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
block size of the specified algorithm

Definition at line 35 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), and Botan::Algorithm_Factory::prototype_hash_function().

36  {
37  Algorithm_Factory& af = global_state().algorithm_factory();
38 
39  if(const BlockCipher* cipher = af.prototype_block_cipher(name))
40  return cipher->block_size();
41 
42  if(const HashFunction* hash = af.prototype_hash_function(name))
43  return hash->hash_block_size();
44 
45  throw Algorithm_Not_Found(name);
46  }
void Botan::botan_md4_x86_32_compress ( u32bit  digest[4],
const byte  input[64],
u32bit  M[16] 
)

MD4 compression function in x86-32 asm

Parameters
digestthe current digest
inputthe input block
Mthe message buffer
void Botan::botan_serpent_x86_32_decrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent decryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::decrypt_n().

void Botan::botan_serpent_x86_32_encrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent encryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::encrypt_n().

void Botan::botan_serpent_x86_32_key_schedule ( u32bit  ks[140])

Entry point for Serpent key schedule in x86 asm

Parameters
ksholds the initial working key (padded), and is set to the final key schedule
template<typename T >
void Botan::bswap_4 ( x[4])
inline

Swap 4 Ts in an array

Definition at line 112 of file bswap.h.

References reverse_bytes().

Referenced by load_be(), and load_le().

113  {
114  x[0] = reverse_bytes(x[0]);
115  x[1] = reverse_bytes(x[1]);
116  x[2] = reverse_bytes(x[2]);
117  x[3] = reverse_bytes(x[3]);
118  }
template<typename T , typename Alloc >
size_t Botan::buffer_insert ( std::vector< T, Alloc > &  buf,
size_t  buf_offset,
const T  input[],
size_t  input_length 
)

Definition at line 103 of file secmem.h.

References copy_mem().

Referenced by Botan::MDx_HashFunction::add_data(), Botan::OFB::set_iv(), Botan::CTR_BE::set_iv(), Botan::XTS_Encryption::set_iv(), Botan::XTS_Decryption::set_iv(), Botan::Base64_Encoder::write(), and Botan::Hex_Encoder::write().

107  {
108  const size_t to_copy = std::min(input_length, buf.size() - buf_offset);
109  copy_mem(&buf[buf_offset], input, to_copy);
110  return to_copy;
111  }
template<typename T , typename Alloc , typename Alloc2 >
size_t Botan::buffer_insert ( std::vector< T, Alloc > &  buf,
size_t  buf_offset,
const std::vector< T, Alloc2 > &  input 
)

Definition at line 114 of file secmem.h.

References copy_mem().

117  {
118  const size_t to_copy = std::min(input.size(), buf.size() - buf_offset);
119  copy_mem(&buf[buf_offset], &input[0], to_copy);
120  return to_copy;
121  }
BOTAN_DLL calendar_point Botan::calendar_value ( const std::chrono::system_clock::time_point &  time_point)

Definition at line 39 of file calendar.cpp.

Referenced by Botan::EAC_Time::EAC_Time(), and Botan::X509_Time::X509_Time().

41  {
42  std::tm tm = do_gmtime(std::chrono::system_clock::to_time_t(time_point));
43 
44  return calendar_point(tm.tm_year + 1900,
45  tm.tm_mon + 1,
46  tm.tm_mday,
47  tm.tm_hour,
48  tm.tm_min,
49  tm.tm_sec);
50  }
bool BOTAN_DLL Botan::check_bcrypt ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 133 of file bcrypt.cpp.

References to_u32bit().

134  {
135  if(hash.size() != 60 ||
136  hash[0] != '$' || hash[1] != '2' || hash[2] != 'a' ||
137  hash[3] != '$' || hash[6] != '$')
138  {
139  return false;
140  }
141 
142  const u16bit workfactor = to_u32bit(hash.substr(4, 2));
143 
144  std::vector<byte> salt = bcrypt_base64_decode(hash.substr(7, 22));
145 
146  const std::string compare = make_bcrypt(pass, salt, workfactor);
147 
148  return (hash == compare);
149  }
bool BOTAN_DLL Botan::check_passhash9 ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 89 of file passhash9.cpp.

References Botan::OctetString::bits_of(), Botan::PBKDF::derive_key(), Botan::Pipe::end_msg(), load_be< u16bit >(), Botan::Pipe::read_all(), same_mem(), Botan::Pipe::start_msg(), Botan::ASN1::to_string(), and Botan::Pipe::write().

90  {
91  const size_t BINARY_LENGTH =
92  ALGID_BYTES +
93  WORKFACTOR_BYTES +
94  PASSHASH9_PBKDF_OUTPUT_LEN +
95  SALT_BYTES;
96 
97  const size_t BASE64_LENGTH =
98  MAGIC_PREFIX.size() + (BINARY_LENGTH * 8) / 6;
99 
100  if(hash.size() != BASE64_LENGTH)
101  return false;
102 
103  for(size_t i = 0; i != MAGIC_PREFIX.size(); ++i)
104  if(hash[i] != MAGIC_PREFIX[i])
105  return false;
106 
107  Pipe pipe(new Base64_Decoder);
108  pipe.start_msg();
109  pipe.write(hash.c_str() + MAGIC_PREFIX.size());
110  pipe.end_msg();
111 
112  secure_vector<byte> bin = pipe.read_all();
113 
114  if(bin.size() != BINARY_LENGTH)
115  return false;
116 
117  byte alg_id = bin[0];
118 
119  const size_t work_factor = load_be<u16bit>(&bin[ALGID_BYTES], 0);
120 
121  // Bug in the format, bad states shouldn't be representable, but are...
122  if(work_factor == 0)
123  return false;
124 
125  if(work_factor > 512)
126  throw std::invalid_argument("Requested Bcrypt work factor " +
127  std::to_string(work_factor) + " too large");
128 
129  const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
130 
131  MessageAuthenticationCode* pbkdf_prf = get_pbkdf_prf(alg_id);
132 
133  if(!pbkdf_prf)
134  return false; // unknown algorithm, reject
135 
136  PKCS5_PBKDF2 kdf(pbkdf_prf); // takes ownership of pointer
137 
138  secure_vector<byte> cmp = kdf.derive_key(
139  PASSHASH9_PBKDF_OUTPUT_LEN,
140  pass,
141  &bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES,
142  kdf_iterations).bits_of();
143 
144  return same_mem(&cmp[0],
145  &bin[ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES],
146  PASSHASH9_PBKDF_OUTPUT_LEN);
147  }
bool Botan::check_prime ( const BigInt &  n,
RandomNumberGenerator &  rng 
)
inline

Check for primality

Parameters
na positive integer to test for primality
rnga random number generator
Returns
true if all primality tests passed, otherwise false

Definition at line 151 of file numthry.h.

References primality_test().

Referenced by Botan::IF_Scheme_PrivateKey::check_key(), Botan::DL_Group::DL_Group(), generate_dsa_primes(), random_prime(), random_safe_prime(), and Botan::DL_Group::verify_group().

152  { return primality_test(n, rng, 1); }
BOTAN_DLL PK_Signer * Botan::choose_sig_format ( const Private_Key &  key,
const std::string &  hash_fn,
AlgorithmIdentifier &  alg_id 
)

Choose the default signature format for a certain public key signature scheme.

Parameters
keywill be the key to choose a padding scheme for
hash_fnis the desired hash function
alg_idwill be set to the chosen scheme
Returns
A PK_Signer object for generating signatures

Definition at line 219 of file x509_ca.cpp.

References Botan::Public_Key::algo_name(), algo_name, Botan::Public_Key::algorithm_identifier(), DER_SEQUENCE, IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::max_input_bits(), Botan::Public_Key::message_parts(), Botan::Algorithm::name(), Botan::AlgorithmIdentifier::oid, Botan::Buffered_Computation::output_length(), Botan::AlgorithmIdentifier::parameters, and retrieve_hash().

Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::X509_CA().

222  {
223  std::string padding;
224 
225  const std::string algo_name = key.algo_name();
226 
227  const HashFunction* proto_hash = retrieve_hash(hash_fn);
228  if(!proto_hash)
229  throw Algorithm_Not_Found(hash_fn);
230 
231  if(key.max_input_bits() < proto_hash->output_length()*8)
232  throw Invalid_Argument("Key is too small for chosen hash function");
233 
234  if(algo_name == "RSA")
235  padding = "EMSA3";
236  else if(algo_name == "DSA")
237  padding = "EMSA1";
238  else if(algo_name == "ECDSA")
239  padding = "EMSA1_BSI";
240  else
241  throw Invalid_Argument("Unknown X.509 signing key type: " + algo_name);
242 
243  Signature_Format format =
244  (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363;
245 
246  padding = padding + '(' + proto_hash->name() + ')';
247 
248  sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
249  sig_algo.parameters = key.algorithm_identifier().parameters;
250 
251  return new PK_Signer(key, padding, format);
252  }
size_t Botan::clamp ( size_t  n,
size_t  lower_bound,
size_t  upper_bound 
)
inline

Clamp

Definition at line 50 of file rounding.h.

References n.

51  {
52  if(n < lower_bound)
53  return lower_bound;
54  if(n > upper_bound)
55  return upper_bound;
56  return n;
57  }
template<typename T >
void Botan::clear_mem ( T *  ptr,
size_t  n 
)
inline

Zeroize memory

Parameters
ptra pointer to an array
nthe number of Ts pointed to by ptr

Definition at line 28 of file mem_ops.h.

References zero_mem().

Referenced by Botan::mlock_allocator::allocate(), Botan::secure_allocator< T >::allocate(), aont_package(), base64_decode(), bigint_monty_redc(), bigint_shl1(), bigint_shr1(), bigint_simple_mul(), bigint_simple_sqr(), Botan::secure_allocator< T >::deallocate(), hex_decode(), Botan::BigInt::mask_bits(), Botan::Unix_EntropySource::poll(), and zeroise().

29  {
30  zero_mem(ptr, sizeof(T)*n);
31  }
BOTAN_DLL void Botan::confirm_startup_self_tests ( Algorithm_Factory &  af)

Run a set of self tests on some basic algorithms like AES and SHA-1

Parameters
afan algorithm factory
Exceptions
Self_Test_Errorif a failure occured

Definition at line 268 of file selftest.cpp.

Referenced by Botan::Library_State::initialize(), and passes_self_tests().

269  {
270  cipher_kat(af, "DES",
271  "0123456789ABCDEF", "1234567890ABCDEF",
272  "4E6F77206973207468652074696D6520666F7220616C6C20",
273  "3FA40E8A984D48156A271787AB8883F9893D51EC4B563B53",
274  "E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6",
275  "F3096249C7F46E51A69E839B1A92F78403467133898EA622",
276  "F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3",
277  "F3096249C7F46E51163A8CA0FFC94C27FA2F80F480B86F75");
278 
279  cipher_kat(af, "TripleDES",
280  "385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E",
281  "C141B5FCCD28DC8A",
282  "6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68",
283  "64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4",
284  "6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9",
285  "E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B",
286  "E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62",
287  "E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371");
288 
289  cipher_kat(af, "AES-128",
290  "2B7E151628AED2A6ABF7158809CF4F3C",
291  "000102030405060708090A0B0C0D0E0F",
292  "6BC1BEE22E409F96E93D7E117393172A"
293  "AE2D8A571E03AC9C9EB76FAC45AF8E51",
294  "3AD77BB40D7A3660A89ECAF32466EF97"
295  "F5D3D58503B9699DE785895A96FDBAAF",
296  "7649ABAC8119B246CEE98E9B12E9197D"
297  "5086CB9B507219EE95DB113A917678B2",
298  "3B3FD92EB72DAD20333449F8E83CFB4A"
299  "C8A64537A0B3A93FCDE3CDAD9F1CE58B",
300  "3B3FD92EB72DAD20333449F8E83CFB4A"
301  "7789508D16918F03F53C52DAC54ED825",
302  "3B3FD92EB72DAD20333449F8E83CFB4A"
303  "010C041999E03F36448624483E582D0E");
304 
305  hash_test(af, "SHA-1",
306  "", "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709");
307 
308  hash_test(af, "SHA-1",
309  "616263", "A9993E364706816ABA3E25717850C26C9CD0D89D");
310 
311  hash_test(af, "SHA-1",
312  "6162636462636465636465666465666765666768666768696768696A"
313  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
314  "84983E441C3BD26EBAAE4AA1F95129E5E54670F1");
315 
316  mac_test(af, "HMAC(SHA-1)",
317  "4869205468657265",
318  "B617318655057264E28BC0B6FB378C8EF146BE00",
319  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
320 
321  hash_test(af, "SHA-256",
322  "",
323  "E3B0C44298FC1C149AFBF4C8996FB924"
324  "27AE41E4649B934CA495991B7852B855");
325 
326  hash_test(af, "SHA-256",
327  "616263",
328  "BA7816BF8F01CFEA414140DE5DAE2223"
329  "B00361A396177A9CB410FF61F20015AD");
330 
331  hash_test(af, "SHA-256",
332  "6162636462636465636465666465666765666768666768696768696A"
333  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
334  "248D6A61D20638B8E5C026930C3E6039"
335  "A33CE45964FF2167F6ECEDD419DB06C1");
336 
337  mac_test(af, "HMAC(SHA-256)",
338  "4869205468657265",
339  "198A607EB44BFBC69903A0F1CF2BBDC5"
340  "BA0AA3F3D9AE3C1C7A3B1696A0B68CF7",
341  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B"
342  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
343  }
template<typename T >
void Botan::copy_mem ( T *  out,
const T *  in,
size_t  n 
)
inline

Copy memory

Parameters
outthe destination array
inthe source array
nthe number of elements of in/out

Definition at line 39 of file mem_ops.h.

Referenced by Botan::TLS::Connection_Cipher_State::aead_nonce(), aont_package(), aont_unpackage(), bigint_monty_redc(), bigint_shr1(), buffer_insert(), Botan::TLS::Heartbeat_Message::contents(), Botan::BER_Decoder::decode(), Botan::CryptoBox::encrypt(), Botan::TLS::Stream_Handshake_IO::format(), operator+=(), operator^(), Botan::DataSource_Memory::peek(), Botan::ANSI_X931_RNG::randomize(), Botan::Randpool::randomize(), Botan::HMAC_RNG::randomize(), Botan::DataSource_Memory::read(), Botan::TLS::read_record(), rfc3394_keyunwrap(), rfc3394_keywrap(), Botan::GCM_Mode::start(), unlock(), Botan::Base64_Encoder::write(), Botan::Buffered_Filter::write(), Botan::Hex_Encoder::write(), Botan::Hex_Decoder::write(), and Botan::Base64_Decoder::write().

40  {
41  std::memmove(out, in, sizeof(T)*n);
42  }
BOTAN_DLL AlternativeName Botan::create_alt_name ( const Data_Store &  info)

Definition at line 563 of file x509cert.cpp.

References Botan::AlternativeName::add_attribute(), and Botan::Data_Store::search_for().

Referenced by Botan::PKCS10_Request::subject_alt_name().

564  {
565  auto names = info.search_for(
566  [](const std::string& key, const std::string&)
567  {
568  return (key == "RFC822" ||
569  key == "DNS" ||
570  key == "URI" ||
571  key == "IP");
572  });
573 
574  AlternativeName alt_name;
575 
576  for(auto i = names.begin(); i != names.end(); ++i)
577  alt_name.add_attribute(i->first, i->second);
578 
579  return alt_name;
580  }
BOTAN_DLL X509_DN Botan::create_dn ( const Data_Store &  info)

Definition at line 544 of file x509cert.cpp.

References Botan::X509_DN::add_attribute(), and Botan::Data_Store::search_for().

Referenced by Botan::X509_Certificate::issuer_dn(), Botan::X509_CRL::issuer_dn(), Botan::PKCS10_Request::subject_dn(), and Botan::X509_Certificate::subject_dn().

545  {
546  auto names = info.search_for(
547  [](const std::string& key, const std::string&)
548  {
549  return (key.find("X520.") != std::string::npos);
550  });
551 
552  X509_DN dn;
553 
554  for(auto i = names.begin(); i != names.end(); ++i)
555  dn.add_attribute(i->first, i->second);
556 
557  return dn;
558  }
template<typename T >
size_t Botan::ctz ( n)
inline

Count the trailing zero bits in n

Parameters
nan integer value
Returns
maximum x st 2^x divides n

Definition at line 93 of file bit_ops.h.

Referenced by low_zero_bits().

94  {
95  for(size_t i = 0; i != 8*sizeof(T); ++i)
96  if((n >> i) & 0x01)
97  return i;
98  return 8*sizeof(T);
99  }
ECDSA_Signature Botan::decode_concatenation ( const std::vector< byte > &  concat)

Definition at line 46 of file ecdsa_sig.cpp.

References Botan::BigInt::decode(), r, and s.

Referenced by Botan::EAC1_1_gen_CVC< Derived >::decode_info().

47  {
48  if(concat.size() % 2 != 0)
49  throw Invalid_Argument("Erroneous length of signature");
50 
51  const size_t rs_len = concat.size() / 2;
52 
53  BigInt r = BigInt::decode(&concat[0], rs_len);
54  BigInt s = BigInt::decode(&concat[rs_len], rs_len);
55 
56  return ECDSA_Signature(r, s);
57  }
BOTAN_DLL ECDSA_PublicKey * Botan::decode_eac1_1_key ( const std::vector< byte > &  enc_key,
AlgorithmIdentifier &  sig_algo 
)

Decode an EAC encoding ECDSA key

Definition at line 91 of file cvc_cert.cpp.

93  {
94  throw Internal_Error("decode_eac1_1_key: Unimplemented");
95  return 0;
96  }
void BOTAN_DLL Botan::divide ( const BigInt &  x,
const BigInt &  y,
BigInt &  q,
BigInt &  r 
)

BigInt Division

Parameters
xan integer
ya non-zero integer
qwill be set to x / y
rwill be set to x % y

Definition at line 58 of file divide.cpp.

References bigint_divop(), Botan::BigInt::cmp(), Botan::BigInt::grow_to(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), MP_WORD_BITS, MP_WORD_MAX, MP_WORD_TOP_BIT, Botan::BigInt::mutable_data(), n, Botan::BigInt::Positive, Botan::BigInt::set_sign(), Botan::BigInt::sig_words(), and Botan::BigInt::word_at().

Referenced by Botan::BigInt::encode(), operator%(), and operator/().

59  {
60  if(y_arg.is_zero())
61  throw BigInt::DivideByZero();
62 
63  BigInt y = y_arg;
64  const size_t y_words = y.sig_words();
65 
66  r = x;
67  q = 0;
68 
69  r.set_sign(BigInt::Positive);
70  y.set_sign(BigInt::Positive);
71 
72  s32bit compare = r.cmp(y);
73 
74  if(compare == 0)
75  {
76  q = 1;
77  r = 0;
78  }
79  else if(compare > 0)
80  {
81  size_t shifts = 0;
82  word y_top = y.word_at(y.sig_words()-1);
83  while(y_top < MP_WORD_TOP_BIT) { y_top <<= 1; ++shifts; }
84  y <<= shifts;
85  r <<= shifts;
86 
87  const size_t n = r.sig_words() - 1, t = y_words - 1;
88 
89  if(n < t)
90  throw Internal_Error("BigInt division word sizes");
91 
92  q.grow_to(n - t + 1);
93 
94  word* q_words = q.mutable_data();
95 
96  if(n <= t)
97  {
98  while(r > y) { r -= y; ++q; }
99  r >>= shifts;
100  sign_fixup(x, y_arg, q, r);
101  return;
102  }
103 
104  BigInt temp = y << (MP_WORD_BITS * (n-t));
105 
106  while(r >= temp) { r -= temp; q_words[n-t] += 1; }
107 
108  for(size_t j = n; j != t; --j)
109  {
110  const word x_j0 = r.word_at(j);
111  const word x_j1 = r.word_at(j-1);
112  const word y_t = y.word_at(t);
113 
114  if(x_j0 == y_t)
115  q_words[j-t-1] = MP_WORD_MAX;
116  else
117  q_words[j-t-1] = bigint_divop(x_j0, x_j1, y_t);
118 
119  while(division_check(q_words[j-t-1],
120  y_t, y.word_at(t-1),
121  x_j0, x_j1, r.word_at(j-2)))
122  {
123  q_words[j-t-1] -= 1;
124  }
125 
126  r -= (q_words[j-t-1] * y) << (MP_WORD_BITS * (j-t-1));
127 
128  if(r.is_negative())
129  {
130  r += y << (MP_WORD_BITS * (j-t-1));
131  q_words[j-t-1] -= 1;
132  }
133  }
134  r >>= shifts;
135  }
136 
137  sign_fixup(x, y_arg, q, r);
138  }
size_t Botan::dl_work_factor ( size_t  prime_group_size)

Estimate work factor for discrete logarithm

Parameters
prime_group_sizesize of the group in bits
Returns
estimated security level for this group

Definition at line 14 of file workfactor.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DL_Group::DL_Group(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), Botan::ElGamal_Encryption_Operation::encrypt(), Botan::IF_Scheme_PublicKey::estimated_strength(), and Botan::DL_Scheme_PublicKey::estimated_strength().

15  {
16  /*
17  Based on GNFS work factors. Constant is 1.43 times the asymptotic
18  value; I'm not sure but I believe that came from a paper on 'real
19  world' runtimes, but I don't remember where now.
20 
21  Sample return values:
22  |512| -> 64
23  |1024| -> 86
24  |1536| -> 102
25  |2048| -> 116
26  |3072| -> 138
27  |4096| -> 155
28  |8192| -> 206
29 
30  For DL algos, we use an exponent of twice the size of the result;
31  the assumption is that an arbitrary discrete log on a group of size
32  bits would take about 2^n effort, and thus using an exponent of
33  size 2^(2*n) implies that all available attacks are about as easy
34  (as e.g Pollard's kangaroo algorithm can compute the DL in sqrt(x)
35  operations) while minimizing the exponent size for performance
36  reasons.
37  */
38 
39  const size_t MIN_WORKFACTOR = 64;
40 
41  // approximates natural logarithm of p
42  const double log_p = bits / 1.4426;
43 
44  const double strength =
45  2.76 * std::pow(log_p, 1.0/3.0) * std::pow(std::log(log_p), 2.0/3.0);
46 
47  return std::max(static_cast<size_t>(strength), MIN_WORKFACTOR);
48  }
secure_vector< byte > BOTAN_DLL Botan::EC2OSP ( const PointGFp &  point,
byte  format 
)

Definition at line 484 of file point_gfp.cpp.

References Botan::BigInt::bytes(), Botan::PointGFp::COMPRESSED, Botan::BigInt::encode_1363(), Botan::PointGFp::get_affine_x(), Botan::PointGFp::get_affine_y(), Botan::BigInt::get_bit(), Botan::PointGFp::get_curve(), Botan::CurveGFp::get_p(), Botan::PointGFp::HYBRID, Botan::PointGFp::is_zero(), and Botan::PointGFp::UNCOMPRESSED.

Referenced by Botan::EC_Group::DER_encode(), Botan::ECDH_PublicKey::public_value(), and Botan::EC_PublicKey::x509_subject_public_key().

485  {
486  if(point.is_zero())
487  return secure_vector<byte>(1); // single 0 byte
488 
489  const size_t p_bytes = point.get_curve().get_p().bytes();
490 
491  BigInt x = point.get_affine_x();
492  BigInt y = point.get_affine_y();
493 
494  secure_vector<byte> bX = BigInt::encode_1363(x, p_bytes);
495  secure_vector<byte> bY = BigInt::encode_1363(y, p_bytes);
496 
497  if(format == PointGFp::UNCOMPRESSED)
498  {
499  secure_vector<byte> result;
500  result.push_back(0x04);
501 
502  result += bX;
503  result += bY;
504 
505  return result;
506  }
507  else if(format == PointGFp::COMPRESSED)
508  {
509  secure_vector<byte> result;
510  result.push_back(0x02 | static_cast<byte>(y.get_bit(0)));
511 
512  result += bX;
513 
514  return result;
515  }
516  else if(format == PointGFp::HYBRID)
517  {
518  secure_vector<byte> result;
519  result.push_back(0x06 | static_cast<byte>(y.get_bit(0)));
520 
521  result += bX;
522  result += bY;
523 
524  return result;
525  }
526  else
527  throw Invalid_Argument("illegal point encoding format specification");
528  }
BOTAN_DLL std::string Botan::erase_chars ( const std::string &  str,
const std::set< char > &  chars 
)

Erase characters from a string

Definition at line 267 of file parsing.cpp.

Referenced by Botan::TLS::Ciphersuite::to_string().

268  {
269  std::string out;
270 
271  for(auto c: str)
272  if(chars.count(c) == 0)
273  out += c;
274 
275  return out;
276  }
BOTAN_DLL Key_Constraints Botan::find_constraints ( const Public_Key &  pub_key,
Key_Constraints  limits 
)

Create the key constraints for a specific public key.

Parameters
pub_keythe public key from which the basic set of constraints to be placed in the return value is derived
limitsadditional limits that will be incorporated into the return value
Returns
combination of key type specific constraints and additional limits

Definition at line 46 of file key_constraint.cpp.

References Botan::Public_Key::algo_name(), DATA_ENCIPHERMENT, DIGITAL_SIGNATURE, KEY_AGREEMENT, KEY_ENCIPHERMENT, and NON_REPUDIATION.

Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::sign_request().

48  {
49  const std::string name = pub_key.algo_name();
50 
51  size_t constraints = 0;
52 
53  if(name == "DH" || name == "ECDH")
54  constraints |= KEY_AGREEMENT;
55 
56  if(name == "RSA" || name == "ElGamal")
57  constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
58 
59  if(name == "RSA" || name == "RW" || name == "NR" ||
60  name == "DSA" || name == "ECDSA")
61  constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
62 
63  if(limits)
64  constraints &= limits;
65 
66  return Key_Constraints(constraints);
67  }
BigInt BOTAN_DLL Botan::gcd ( const BigInt &  x,
const BigInt &  y 
)

Compute the greatest common divisor

Parameters
xa positive integer
ya positive integer
Returns
gcd(x,y)

Definition at line 170 of file numthry.cpp.

References Botan::BigInt::is_nonzero(), Botan::BigInt::is_zero(), low_zero_bits(), Botan::BigInt::Positive, and Botan::BigInt::set_sign().

Referenced by lcm(), and random_prime().

171  {
172  if(a.is_zero() || b.is_zero()) return 0;
173  if(a == 1 || b == 1) return 1;
174 
175  BigInt x = a, y = b;
176  x.set_sign(BigInt::Positive);
177  y.set_sign(BigInt::Positive);
178  size_t shift = std::min(low_zero_bits(x), low_zero_bits(y));
179 
180  x >>= shift;
181  y >>= shift;
182 
183  while(x.is_nonzero())
184  {
185  x >>= low_zero_bits(x);
186  y >>= low_zero_bits(y);
187  if(x >= y) { x -= y; x >>= 1; }
188  else { y -= x; y >>= 1; }
189  }
190 
191  return (y << shift);
192  }
std::string BOTAN_DLL Botan::generate_bcrypt ( const std::string &  password,
RandomNumberGenerator &  rng,
u16bit  work_factor = 10 
)

Create a password hash using Bcrypt

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
See Also
http://www.usenix.org/events/usenix99/provos/provos_html/

Definition at line 126 of file bcrypt.cpp.

References Botan::RandomNumberGenerator::random_vec(), and unlock().

129  {
130  return make_bcrypt(pass, unlock(rng.random_vec(16)), work_factor);
131  }
bool BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator &  rng,
Algorithm_Factory &  af,
BigInt &  p_out,
BigInt &  q_out,
size_t  pbits,
size_t  qbits,
const std::vector< byte > &  seed 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
seedthe seed used to generate the parameters
Returns
true if seed generated a valid DSA parameter set, otherwise false. p_out and q_out are only valid if true was returned.

Definition at line 41 of file dsa_gen.cpp.

References Botan::BigInt::binary_decode(), Botan::BigInt::bits(), check_prime(), Botan::Algorithm_Factory::make_hash_function(), n, s, Botan::BigInt::set_bit(), and Botan::ASN1::to_string().

Referenced by Botan::DL_Group::DL_Group(), and generate_dsa_primes().

46  {
47  if(!fips186_3_valid_size(pbits, qbits))
48  throw Invalid_Argument(
49  "FIPS 186-3 does not allow DSA domain parameters of " +
50  std::to_string(pbits) + "/" + std::to_string(qbits) + " bits long");
51 
52  if(seed_c.size() * 8 < qbits)
53  throw Invalid_Argument(
54  "Generating a DSA parameter set with a " + std::to_string(qbits) +
55  "long q requires a seed at least as many bits long");
56 
57  std::unique_ptr<HashFunction> hash(
58  af.make_hash_function("SHA-" + std::to_string(qbits)));
59 
60  const size_t HASH_SIZE = hash->output_length();
61 
62  class Seed
63  {
64  public:
65  Seed(const std::vector<byte>& s) : seed(s) {}
66 
67  operator std::vector<byte>& () { return seed; }
68 
69  Seed& operator++()
70  {
71  for(size_t j = seed.size(); j > 0; --j)
72  if(++seed[j-1])
73  break;
74  return (*this);
75  }
76  private:
77  std::vector<byte> seed;
78  };
79 
80  Seed seed(seed_c);
81 
82  q.binary_decode(hash->process(seed));
83  q.set_bit(qbits-1);
84  q.set_bit(0);
85 
86  if(!check_prime(q, rng))
87  return false;
88 
89  const size_t n = (pbits-1) / (HASH_SIZE * 8),
90  b = (pbits-1) % (HASH_SIZE * 8);
91 
92  BigInt X;
93  std::vector<byte> V(HASH_SIZE * (n+1));
94 
95  for(size_t j = 0; j != 4096; ++j)
96  {
97  for(size_t k = 0; k <= n; ++k)
98  {
99  ++seed;
100  hash->update(seed);
101  hash->final(&V[HASH_SIZE * (n-k)]);
102  }
103 
104  X.binary_decode(&V[HASH_SIZE - 1 - b/8],
105  V.size() - (HASH_SIZE - 1 - b/8));
106  X.set_bit(pbits-1);
107 
108  p = X - (X % (2*q) - 1);
109 
110  if(p.bits() == pbits && check_prime(p, rng))
111  return true;
112  }
113  return false;
114  }
std::vector< byte > BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator &  rng,
Algorithm_Factory &  af,
BigInt &  p_out,
BigInt &  q_out,
size_t  pbits,
size_t  qbits 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
Returns
random seed used to generate this parameter set

Definition at line 119 of file dsa_gen.cpp.

References generate_dsa_primes(), and Botan::RandomNumberGenerator::randomize().

123  {
124  while(true)
125  {
126  std::vector<byte> seed(qbits / 8);
127  rng.randomize(&seed[0], seed.size());
128 
129  if(generate_dsa_primes(rng, af, p, q, pbits, qbits, seed))
130  return seed;
131  }
132  }
std::string BOTAN_DLL Botan::generate_passhash9 ( const std::string &  password,
RandomNumberGenerator &  rng,
u16bit  work_factor = 10,
byte  alg_id = 1 
)

Create a password hash using PBKDF2

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
alg_idspecifies which PRF to use with PBKDF2 0 is HMAC(SHA-1) 1 is HMAC(SHA-256) 2 is CMAC(Blowfish) 3 is HMAC(SHA-384) 4 is HMAC(SHA-512) all other values are currently undefined

Definition at line 52 of file passhash9.cpp.

References Botan::PBKDF::derive_key(), Botan::Pipe::end_msg(), get_byte(), Botan::RandomNumberGenerator::randomize(), Botan::Pipe::read_all_as_string(), Botan::Pipe::start_msg(), Botan::ASN1::to_string(), and Botan::Pipe::write().

56  {
57  MessageAuthenticationCode* prf = get_pbkdf_prf(alg_id);
58 
59  if(!prf)
60  throw Invalid_Argument("Passhash9: Algorithm id " +
61  std::to_string(alg_id) +
62  " is not defined");
63 
64  PKCS5_PBKDF2 kdf(prf); // takes ownership of pointer
65 
66  secure_vector<byte> salt(SALT_BYTES);
67  rng.randomize(&salt[0], salt.size());
68 
69  const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
70 
71  secure_vector<byte> pbkdf2_output =
72  kdf.derive_key(PASSHASH9_PBKDF_OUTPUT_LEN,
73  pass,
74  &salt[0], salt.size(),
75  kdf_iterations).bits_of();
76 
77  Pipe pipe(new Base64_Encoder);
78  pipe.start_msg();
79  pipe.write(alg_id);
80  pipe.write(get_byte(0, work_factor));
81  pipe.write(get_byte(1, work_factor));
82  pipe.write(salt);
83  pipe.write(pbkdf2_output);
84  pipe.end_msg();
85 
86  return MAGIC_PREFIX + pipe.read_all_as_string();
87  }
BigInt BOTAN_DLL Botan::generate_srp6_verifier ( const std::string &  identifier,
const std::string &  password,
const std::vector< byte > &  salt,
const std::string &  group_id,
const std::string &  hash_id 
)

Generate a new SRP-6 verifier

Parameters
identifiera username or other client identifier
passwordthe secret used to authenticate user
salta randomly chosen value, at least 128 bits long
group_idspecifies the shared SRP group
hash_idspecifies a secure hash function

Definition at line 114 of file srp6.cpp.

References Botan::DL_Group::get_g(), Botan::DL_Group::get_p(), and power_mod().

119  {
120  const BigInt x = compute_x(hash_id, identifier, password, salt);
121 
122  DL_Group group(group_id);
123  return power_mod(group.get_g(), x, group.get_p());
124  }
BOTAN_DLL AEAD_Mode * Botan::get_aead ( const std::string &  name,
Cipher_Dir  direction 
)

Get an AEAD mode by name (eg "AES-128/GCM" or "Serpent/EAX")

Definition at line 25 of file aead.cpp.

References Botan::Library_State::algorithm_factory(), cipher_name, Botan::BlockCipher::clone(), ENCRYPTION, Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), and split_on().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and time_algorithm_ops().

26  {
27  Algorithm_Factory& af = global_state().algorithm_factory();
28 
29  const std::vector<std::string> algo_parts = split_on(algo_spec, '/');
30  if(algo_parts.empty())
31  throw Invalid_Algorithm_Name(algo_spec);
32 
33  if(algo_parts.size() < 2)
34  return nullptr;
35 
36  const std::string cipher_name = algo_parts[0];
37  const std::string mode_name = algo_parts[1];
38 
39  const size_t tag_size = 16; // default for all current AEAD
40 
41  const BlockCipher* cipher = af.prototype_block_cipher(cipher_name);
42  if(!cipher)
43  return nullptr;
44 
45 #if defined(BOTAN_HAS_AEAD_EAX)
46  if(mode_name == "EAX")
47  {
48  if(direction == ENCRYPTION)
49  return new EAX_Encryption(cipher->clone(), tag_size);
50  else
51  return new EAX_Decryption(cipher->clone(), tag_size);
52  }
53 #endif
54 
55 #if defined(BOTAN_HAS_AEAD_GCM)
56  if(mode_name == "GCM")
57  {
58  if(direction == ENCRYPTION)
59  return new GCM_Encryption(cipher->clone(), tag_size);
60  else
61  return new GCM_Decryption(cipher->clone(), tag_size);
62  }
63 #endif
64 
65 #if defined(BOTAN_HAS_AEAD_OCB)
66  if(mode_name == "OCB")
67  {
68  if(direction == ENCRYPTION)
69  return new OCB_Encryption(cipher->clone(), tag_size);
70  else
71  return new OCB_Decryption(cipher->clone(), tag_size);
72  }
73 #endif
74 
75  return nullptr;
76  }
BlockCipher* Botan::get_block_cipher ( const std::string &  algo_spec)
inline

Block cipher factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired block cipher
Returns
pointer to the block cipher object

Definition at line 87 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_block_cipher().

88  {
89  Algorithm_Factory& af = global_state().algorithm_factory();
90  return af.make_block_cipher(algo_spec);
91  }
template<typename T >
byte Botan::get_byte ( size_t  byte_num,
input 
)
inline

Byte extraction

Parameters
byte_numwhich byte to extract, 0 == highest byte
inputthe value to extract from
Returns
byte byte_num of input

Definition at line 21 of file get_byte.h.

Referenced by aont_package(), aont_unpackage(), Botan::TLS::append_tls_length_value(), Botan::BigInt::byte_at(), Botan::CryptoBox::decrypt(), Botan::DES::decrypt_n(), Botan::Square::decrypt_n(), Botan::Twofish::decrypt_n(), Botan::Blowfish::decrypt_n(), Botan::TripleDES::decrypt_n(), Botan::CryptoBox::encrypt(), Botan::Square::encrypt_n(), Botan::Twofish::encrypt_n(), Botan::DES::encrypt_n(), Botan::Blowfish::encrypt_n(), Botan::TripleDES::encrypt_n(), Botan::TLS::Connection_Cipher_State::format_ad(), generate_passhash9(), ipv4_to_string(), Botan::TLS::Protocol_Version::major_version(), Botan::TLS::Protocol_Version::minor_version(), Botan::TLS::Supported_Elliptic_Curves::serialize(), Botan::TLS::Extensions::serialize(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), significant_bytes(), Botan::RTSS_Share::split(), store_be(), store_le(), Botan::Buffered_Computation::update_be(), and Botan::TLS::write_record().

22  {
23  return static_cast<byte>(
24  input >> ((sizeof(T)-1-(byte_num&(sizeof(T)-1))) << 3)
25  );
26  }
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters. No key will be set in the filter.

Parameters
algo_specthe name of the desired cipher
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to the encryption or decryption filter

Definition at line 67 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::Engine_Iterator::next().

Referenced by Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), and get_cipher().

69  {
70  Algorithm_Factory& af = global_state().algorithm_factory();
71 
72  Algorithm_Factory::Engine_Iterator i(af);
73 
74  while(Engine* engine = i.next())
75  {
76  if(Keyed_Filter* algo = engine->get_cipher(algo_spec, direction, af))
77  return algo;
78  }
79 
80  throw Algorithm_Not_Found(algo_spec);
81  }
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
const SymmetricKey &  key,
const InitializationVector &  iv,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters.

Parameters
algo_specthe name of the desired cipher
keythe key to be used for encryption/decryption performed by the filter
ivthe initialization vector to be used
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to newly allocated encryption or decryption filter

Definition at line 86 of file lookup.cpp.

References get_cipher(), Botan::OctetString::length(), Botan::Keyed_Filter::set_iv(), and Botan::Keyed_Filter::set_key().

90  {
91  Keyed_Filter* cipher = get_cipher(algo_spec, direction);
92  cipher->set_key(key);
93 
94  if(iv.length())
95  cipher->set_iv(iv);
96 
97  return cipher;
98  }
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
const SymmetricKey &  key,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters.

Parameters
algo_specthe name of the desired cipher
keythe key to be used for encryption/decryption performed by the filter
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to the encryption or decryption filter

Definition at line 103 of file lookup.cpp.

References get_cipher().

106  {
107  return get_cipher(algo_spec,
108  key, InitializationVector(), direction);
109  }
Keyed_Filter * Botan::get_cipher_mode ( const BlockCipher *  block_cipher,
Cipher_Dir  direction,
const std::string &  mode,
const std::string &  padding 
)

Create a cipher mode filter object

Parameters
block_ciphera block cipher object
directionare we encrypting or decrypting?
modethe name of the cipher mode to use
paddingthe mode padding to use (only used for ECB, CBC)

Definition at line 91 of file core_modes.cpp.

References Botan::BlockCipher::block_size(), Botan::BlockCipher::clone(), ENCRYPTION, parse_algorithm_name(), and to_u32bit().

Referenced by algorithm_kat_detailed(), and Botan::Core_Engine::get_cipher().

95  {
96 #if defined(BOTAN_HAS_OFB)
97  if(mode == "OFB")
98  return new StreamCipher_Filter(new OFB(block_cipher->clone()));
99 #endif
100 
101 #if defined(BOTAN_HAS_CTR_BE)
102  if(mode == "CTR-BE")
103  return new StreamCipher_Filter(new CTR_BE(block_cipher->clone()));
104 #endif
105 
106 #if defined(BOTAN_HAS_ECB)
107  if(mode == "ECB" || mode == "")
108  {
109  if(direction == ENCRYPTION)
110  return new ECB_Encryption(block_cipher->clone(),
111  get_bc_pad(padding, "NoPadding"));
112  else
113  return new ECB_Decryption(block_cipher->clone(),
114  get_bc_pad(padding, "NoPadding"));
115  }
116 #endif
117 
118  if(mode == "CBC")
119  {
120  if(padding == "CTS")
121  {
122 #if defined(BOTAN_HAS_CTS)
123  if(direction == ENCRYPTION)
124  return new CTS_Encryption(block_cipher->clone());
125  else
126  return new CTS_Decryption(block_cipher->clone());
127 #else
128  return nullptr;
129 #endif
130  }
131 
132 #if defined(BOTAN_HAS_CBC)
133  if(direction == ENCRYPTION)
134  return new CBC_Encryption(block_cipher->clone(),
135  get_bc_pad(padding, "PKCS7"));
136  else
137  return new CBC_Decryption(block_cipher->clone(),
138  get_bc_pad(padding, "PKCS7"));
139 #else
140  return nullptr;
141 #endif
142  }
143 
144 #if defined(BOTAN_HAS_XTS)
145  if(mode == "XTS")
146  {
147  if(direction == ENCRYPTION)
148  return new XTS_Encryption(block_cipher->clone());
149  else
150  return new XTS_Decryption(block_cipher->clone());
151  }
152 #endif
153 
154  if(mode.find("CFB") != std::string::npos ||
155  mode.find("EAX") != std::string::npos ||
156  mode.find("GCM") != std::string::npos ||
157  mode.find("OCB") != std::string::npos)
158  {
159  std::vector<std::string> algo_info = parse_algorithm_name(mode);
160  const std::string mode_name = algo_info[0];
161 
162  size_t bits = 0;
163  if(algo_info.size() == 1)
164  bits = 8 * block_cipher->block_size();
165  else if(algo_info.size() == 2)
166  bits = to_u32bit(algo_info[1]);
167  else
168  return nullptr;
169 
170 #if defined(BOTAN_HAS_AEAD_FILTER)
171 
172  if(bits % 8 != 0)
173  throw std::invalid_argument("AEAD interface does not support non-octet length tags");
174 
175  const size_t tag_size = bits / 8;
176 
177 #if defined(BOTAN_HAS_AEAD_EAX)
178  if(mode_name == "EAX")
179  {
180  if(direction == ENCRYPTION)
181  return new AEAD_Filter(new EAX_Encryption(block_cipher->clone(), tag_size));
182  else
183  return new AEAD_Filter(new EAX_Decryption(block_cipher->clone(), tag_size));
184  }
185 #endif
186 
187 #if defined(BOTAN_HAS_AEAD_OCB)
188  if(mode == "OCB")
189  {
190  if(direction == ENCRYPTION)
191  return new AEAD_Filter(new OCB_Encryption(block_cipher->clone(), tag_size));
192  else
193  return new AEAD_Filter(new OCB_Decryption(block_cipher->clone(), tag_size));
194  }
195 #endif
196 
197 #if defined(BOTAN_HAS_AEAD_GCM)
198  if(mode == "GCM")
199  {
200  if(direction == ENCRYPTION)
201  return new AEAD_Filter(new GCM_Encryption(block_cipher->clone(), tag_size));
202  else
203  return new AEAD_Filter(new GCM_Decryption(block_cipher->clone(), tag_size));
204  }
205 #endif
206 
207 #endif
208 
209 #if defined(BOTAN_HAS_CFB)
210  if(mode_name == "CFB")
211  {
212  if(direction == ENCRYPTION)
213  return new CFB_Encryption(block_cipher->clone(), bits);
214  else
215  return new CFB_Decryption(block_cipher->clone(), bits);
216  }
217 #endif
218 
219  }
220 
221  return nullptr;
222  }
BOTAN_DLL EME * Botan::get_eme ( const std::string &  algo_spec)

Factory method for EME (message-encoding methods for encryption) objects

Parameters
algo_specthe name of the EME to create
Returns
pointer to newly allocated object of that type

Definition at line 147 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::PK_Decryptor_EME::PK_Decryptor_EME(), and Botan::PK_Encryptor_EME::PK_Encryptor_EME().

148  {
149  SCAN_Name request(algo_spec);
150 
151  Algorithm_Factory& af = global_state().algorithm_factory();
152 
153  if(request.algo_name() == "Raw")
154  return nullptr; // No padding
155 
156 #if defined(BOTAN_HAS_EME_PKCS1v15)
157  if(request.algo_name() == "PKCS1v15" && request.arg_count() == 0)
158  return new EME_PKCS1v15;
159 #endif
160 
161 #if defined(BOTAN_HAS_EME1)
162  if(request.algo_name() == "EME1" && request.arg_count_between(1, 2))
163  {
164  if(request.arg_count() == 1 ||
165  (request.arg_count() == 2 && request.arg(1) == "MGF1"))
166  {
167  return new EME1(af.make_hash_function(request.arg(0)));
168  }
169  }
170 #endif
171 
172  throw Algorithm_Not_Found(algo_spec);
173  }
BOTAN_DLL EMSA * Botan::get_emsa ( const std::string &  algo_spec)

Factory method for EMSA (message-encoding methods for signatures with appendix) objects

Parameters
algo_specthe name of the EME to create
Returns
pointer to newly allocated object of that type

Definition at line 86 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

87  {
88  SCAN_Name request(algo_spec);
89 
90  Algorithm_Factory& af = global_state().algorithm_factory();
91 
92 #if defined(BOTAN_HAS_EMSA_RAW)
93  if(request.algo_name() == "Raw" && request.arg_count() == 0)
94  return new EMSA_Raw;
95 #endif
96 
97 #if defined(BOTAN_HAS_EMSA1)
98  if(request.algo_name() == "EMSA1" && request.arg_count() == 1)
99  {
100  if(request.arg(0) == "Raw")
101  return new EMSA_Raw;
102  return new EMSA1(af.make_hash_function(request.arg(0)));
103  }
104 #endif
105 
106 #if defined(BOTAN_HAS_EMSA1_BSI)
107  if(request.algo_name() == "EMSA1_BSI" && request.arg_count() == 1)
108  return new EMSA1_BSI(af.make_hash_function(request.arg(0)));
109 #endif
110 
111 #if defined(BOTAN_HAS_EMSA2)
112  if(request.algo_name() == "EMSA2" && request.arg_count() == 1)
113  return new EMSA2(af.make_hash_function(request.arg(0)));
114 #endif
115 
116 #if defined(BOTAN_HAS_EMSA3)
117  if(request.algo_name() == "EMSA3" && request.arg_count() == 1)
118  {
119  if(request.arg(0) == "Raw")
120  return new EMSA3_Raw;
121  return new EMSA3(af.make_hash_function(request.arg(0)));
122  }
123 #endif
124 
125 #if defined(BOTAN_HAS_EMSA4)
126  if(request.algo_name() == "EMSA4" && request.arg_count_between(1, 3))
127  {
128  // 3 args: Hash, MGF, salt size (MGF is hardcoded MGF1 in Botan)
129  if(request.arg_count() == 1)
130  return new EMSA4(af.make_hash_function(request.arg(0)));
131 
132  if(request.arg_count() == 2 && request.arg(1) != "MGF1")
133  return new EMSA4(af.make_hash_function(request.arg(0)));
134 
135  if(request.arg_count() == 3)
136  return new EMSA4(af.make_hash_function(request.arg(0)),
137  request.arg_as_integer(2, 0));
138  }
139 #endif
140 
141  throw Algorithm_Not_Found(algo_spec);
142  }
HashFunction* Botan::get_hash ( const std::string &  algo_spec)
inline

Hash function factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired hash function
Returns
pointer to the hash function object

Definition at line 113 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_hash_function().

Referenced by Botan::OCSP::CertID::CertID(), Botan::X509_Certificate::fingerprint(), and Botan::OCSP::CertID::is_id_for().

114  {
115  Algorithm_Factory& af = global_state().algorithm_factory();
116  return af.make_hash_function(algo_spec);
117  }
BOTAN_DLL KDF * Botan::get_kdf ( const std::string &  algo_spec)

Factory method for KDF (key derivation function)

Parameters
algo_specthe name of the KDF to create
Returns
pointer to newly allocated object of that type

Definition at line 178 of file get_enc.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::make_hash_function(), and Botan::Algorithm_Factory::make_mac().

Referenced by Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), Botan::PK_Key_Agreement::PK_Key_Agreement(), and Botan::TLS::Handshake_State::protocol_specific_prf().

179  {
180  SCAN_Name request(algo_spec);
181 
182  Algorithm_Factory& af = global_state().algorithm_factory();
183 
184  if(request.algo_name() == "Raw")
185  return nullptr; // No KDF
186 
187 #if defined(BOTAN_HAS_KDF1)
188  if(request.algo_name() == "KDF1" && request.arg_count() == 1)
189  return new KDF1(af.make_hash_function(request.arg(0)));
190 #endif
191 
192 #if defined(BOTAN_HAS_KDF2)
193  if(request.algo_name() == "KDF2" && request.arg_count() == 1)
194  return new KDF2(af.make_hash_function(request.arg(0)));
195 #endif
196 
197 #if defined(BOTAN_HAS_X942_PRF)
198  if(request.algo_name() == "X9.42-PRF" && request.arg_count() == 1)
199  return new X942_PRF(request.arg(0)); // OID
200 #endif
201 
202 #if defined(BOTAN_HAS_SSL_V3_PRF)
203  if(request.algo_name() == "SSL3-PRF" && request.arg_count() == 0)
204  return new SSL3_PRF;
205 #endif
206 
207 #if defined(BOTAN_HAS_TLS_V10_PRF)
208  if(request.algo_name() == "TLS-PRF" && request.arg_count() == 0)
209  return new TLS_PRF;
210 #endif
211 
212 #if defined(BOTAN_HAS_TLS_V10_PRF)
213  if(request.algo_name() == "TLS-PRF" && request.arg_count() == 0)
214  return new TLS_PRF;
215 #endif
216 
217 #if defined(BOTAN_HAS_TLS_V12_PRF)
218  if(request.algo_name() == "TLS-12-PRF" && request.arg_count() == 1)
219  return new TLS_12_PRF(af.make_mac("HMAC(" + request.arg(0) + ")"));
220 #endif
221 
222  throw Algorithm_Not_Found(algo_spec);
223  }
MessageAuthenticationCode* Botan::get_mac ( const std::string &  algo_spec)
inline

MAC factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired MAC
Returns
pointer to the MAC object

Definition at line 126 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_mac().

Referenced by Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), and Botan::TLS::Hello_Verify_Request::Hello_Verify_Request().

127  {
128  Algorithm_Factory& af = global_state().algorithm_factory();
129  return af.make_mac(algo_spec);
130  }
BOTAN_DLL PBE * Botan::get_pbe ( const std::string &  algo_spec,
const std::string &  passphrase,
std::chrono::milliseconds  msec,
RandomNumberGenerator &  rng 
)

Factory function for PBEs.

Parameters
algo_specthe name of the PBE algorithm to retrieve
passphrasethe passphrase to use for encryption
msechow many milliseconds to run the PBKDF
rnga random number generator
Returns
pointer to a PBE with randomly created parameters

Definition at line 28 of file get_pbe.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::HashFunction::clone(), Botan::BlockCipher::clone(), Botan::Library_State::deref_alias(), Botan::Global_State_Management::global_state(), passphrase, Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), rng, and split_on().

Referenced by Botan::PKCS8::BER_encode().

32  {
33  SCAN_Name request(algo_spec);
34 
35  const std::string pbe = request.algo_name();
36  std::string digest_name = request.arg(0);
37  const std::string cipher = request.arg(1);
38 
39  std::vector<std::string> cipher_spec = split_on(cipher, '/');
40  if(cipher_spec.size() != 2)
41  throw Invalid_Argument("PBE: Invalid cipher spec " + cipher);
42 
43  const std::string cipher_algo = global_state().deref_alias(cipher_spec[0]);
44  const std::string cipher_mode = cipher_spec[1];
45 
46  if(cipher_mode != "CBC")
47  throw Invalid_Argument("PBE: Invalid cipher mode " + cipher);
48 
49  Algorithm_Factory& af = global_state().algorithm_factory();
50 
51  const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo);
52  if(!block_cipher)
53  throw Algorithm_Not_Found(cipher_algo);
54 
55  const HashFunction* hash_function = af.prototype_hash_function(digest_name);
56  if(!hash_function)
57  throw Algorithm_Not_Found(digest_name);
58 
59  if(request.arg_count() != 2)
60  throw Invalid_Algorithm_Name(algo_spec);
61 
62 #if defined(BOTAN_HAS_PBE_PKCS_V15)
63  if(pbe == "PBE-PKCS5v15")
64  return new PBE_PKCS5v15(block_cipher->clone(),
65  hash_function->clone(),
66  passphrase,
67  msec,
68  rng);
69 #endif
70 
71 #if defined(BOTAN_HAS_PBE_PKCS_V20)
72  if(pbe == "PBE-PKCS5v20")
73  return new PBE_PKCS5v20(block_cipher->clone(),
74  new HMAC(hash_function->clone()),
75  passphrase,
76  msec,
77  rng);
78 #endif
79 
80  throw Algorithm_Not_Found(algo_spec);
81  }
BOTAN_DLL PBE * Botan::get_pbe ( const OID &  pbe_oid,
const std::vector< byte > &  params,
const std::string &  passphrase 
)

Factory function for PBEs.

Parameters
pbe_oidthe oid of the desired PBE
paramsa DataSource providing the DER encoded parameters to use
passphrasethe passphrase to use for decryption
Returns
pointer to the PBE with the specified parameters

Definition at line 86 of file get_pbe.cpp.

References Botan::SCAN_Name::algo_name(), Botan::Library_State::algorithm_factory(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::as_string(), Botan::OID::as_string(), Botan::HashFunction::clone(), Botan::BlockCipher::clone(), Botan::Library_State::deref_alias(), Botan::Global_State_Management::global_state(), Botan::OIDS::lookup(), passphrase, Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), and split_on().

89  {
90  SCAN_Name request(OIDS::lookup(pbe_oid));
91 
92  const std::string pbe = request.algo_name();
93 
94 #if defined(BOTAN_HAS_PBE_PKCS_V15)
95  if(pbe == "PBE-PKCS5v15")
96  {
97  if(request.arg_count() != 2)
98  throw Invalid_Algorithm_Name(request.as_string());
99 
100  std::string digest_name = request.arg(0);
101  const std::string cipher = request.arg(1);
102 
103  std::vector<std::string> cipher_spec = split_on(cipher, '/');
104  if(cipher_spec.size() != 2)
105  throw Invalid_Argument("PBE: Invalid cipher spec " + cipher);
106 
107  const std::string cipher_algo = global_state().deref_alias(cipher_spec[0]);
108  const std::string cipher_mode = cipher_spec[1];
109 
110  if(cipher_mode != "CBC")
111  throw Invalid_Argument("PBE: Invalid cipher mode " + cipher);
112 
113  Algorithm_Factory& af = global_state().algorithm_factory();
114 
115  const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo);
116  if(!block_cipher)
117  throw Algorithm_Not_Found(cipher_algo);
118 
119  const HashFunction* hash_function =
120  af.prototype_hash_function(digest_name);
121 
122  if(!hash_function)
123  throw Algorithm_Not_Found(digest_name);
124 
125  return new PBE_PKCS5v15(block_cipher->clone(),
126  hash_function->clone(),
127  params,
128  passphrase);
129  }
130 #endif
131 
132 #if defined(BOTAN_HAS_PBE_PKCS_V20)
133  if(pbe == "PBE-PKCS5v20")
134  return new PBE_PKCS5v20(params, passphrase);
135 #endif
136 
137  throw Algorithm_Not_Found(pbe_oid.as_string());
138  }
BOTAN_DLL PBKDF * Botan::get_pbkdf ( const std::string &  algo_spec)

Password based key derivation function factory method

Parameters
algo_specthe name of the desired PBKDF algorithm
Returns
pointer to newly allocated object of that type

Definition at line 73 of file get_enc.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_pbkdf().

Referenced by Botan::TLS::derive_key(), and get_s2k().

74  {
75  Algorithm_Factory& af = global_state().algorithm_factory();
76 
77  if(PBKDF* pbkdf = af.make_pbkdf(algo_spec))
78  return pbkdf;
79 
80  throw Algorithm_Not_Found(algo_spec);
81  }
PBKDF* Botan::get_s2k ( const std::string &  algo_spec)
inline
Deprecated:
Use get_pbkdf
Parameters
algo_specthe name of the desired algorithm
Returns
pointer to newly allocated object of that type

Definition at line 144 of file lookup.h.

References get_pbkdf().

145  {
146  return get_pbkdf(algo_spec);
147  }
StreamCipher* Botan::get_stream_cipher ( const std::string &  algo_spec)
inline

Stream cipher factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired stream cipher
Returns
pointer to the stream cipher object

Definition at line 100 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_stream_cipher().

101  {
102  Algorithm_Factory& af = global_state().algorithm_factory();
103  return af.make_stream_cipher(algo_spec);
104  }
template<typename T >
size_t Botan::hamming_weight ( n)
inline

Compute Hamming weights

Parameters
nan integer value
Returns
number of bits in n set to 1

Definition at line 76 of file bit_ops.h.

77  {
78  const byte NIBBLE_WEIGHTS[] = {
79  0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4 };
80 
81  size_t weight = 0;
82  for(size_t i = 0; i != 2*sizeof(T); ++i)
83  weight += NIBBLE_WEIGHTS[(n >> (4*i)) & 0x0F];
84  return weight;
85  }
BOTAN_DLL bool Botan::have_algorithm ( const std::string &  algo_spec)

Check if an algorithm exists.

Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 17 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), and Botan::Algorithm_Factory::prototype_stream_cipher().

18  {
19  Algorithm_Factory& af = global_state().algorithm_factory();
20 
21  if(af.prototype_block_cipher(name))
22  return true;
23  if(af.prototype_stream_cipher(name))
24  return true;
25  if(af.prototype_hash_function(name))
26  return true;
27  if(af.prototype_mac(name))
28  return true;
29  return false;
30  }
bool Botan::have_block_cipher ( const std::string &  algo_spec)
inline

Check if a block cipher algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 235 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_block_cipher().

236  {
237  Algorithm_Factory& af = global_state().algorithm_factory();
238  return (af.prototype_block_cipher(algo_spec) != nullptr);
239  }
bool Botan::have_hash ( const std::string &  algo_spec)
inline

Check if a hash algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 261 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_hash_function().

262  {
263  Algorithm_Factory& af = global_state().algorithm_factory();
264  return (af.prototype_hash_function(algo_spec) != nullptr);
265  }
bool Botan::have_mac ( const std::string &  algo_spec)
inline

Check if a MAC algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 274 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_mac().

275  {
276  Algorithm_Factory& af = global_state().algorithm_factory();
277  return (af.prototype_mac(algo_spec) != nullptr);
278  }
bool Botan::have_stream_cipher ( const std::string &  algo_spec)
inline

Check if a stream cipher algorithm exists.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm to check for
Returns
true if the algorithm exists, false otherwise

Definition at line 248 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::prototype_stream_cipher().

249  {
250  Algorithm_Factory& af = global_state().algorithm_factory();
251  return (af.prototype_stream_cipher(algo_spec) != nullptr);
252  }
size_t BOTAN_DLL Botan::hex_decode ( byte  output[],
const char  input[],
size_t  input_length,
size_t &  input_consumed,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
outputan array of at least input_length/2 bytes
inputsome hex input
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 49 of file hex.cpp.

References clear_mem().

Referenced by algorithm_kat_detailed(), Botan::Hex_Decoder::end_msg(), Botan::Data_Store::get1_memvec(), hex_decode(), hex_decode_locked(), Botan::OctetString::OctetString(), Botan::X509_Certificate::subject_public_key_bits(), and Botan::Hex_Decoder::write().

54  {
55  /*
56  * Mapping of hex characters to either their binary equivalent
57  * or to an error code.
58  * If valid hex (0-9 A-F a-f), the value.
59  * If whitespace, then 0x80
60  * Otherwise 0xFF
61  * Warning: this table assumes ASCII character encodings
62  */
63 
64  static const byte HEX_TO_BIN[256] = {
65  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
66  0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
67  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
68  0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
69  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01,
70  0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF,
71  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
72  0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
73  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
74  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C,
75  0x0D, 0x0E, 0x0F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
76  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
77  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
78  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
79  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
80  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
81  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
82  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
83  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
84  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
85  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
86  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
87  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
88  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
89  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
90  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
91 
92  byte* out_ptr = output;
93  bool top_nibble = true;
94 
95  clear_mem(output, input_length / 2);
96 
97  for(size_t i = 0; i != input_length; ++i)
98  {
99  const byte bin = HEX_TO_BIN[static_cast<byte>(input[i])];
100 
101  if(bin >= 0x10)
102  {
103  if(bin == 0x80 && ignore_ws)
104  continue;
105 
106  std::string bad_char(1, input[i]);
107  if(bad_char == "\t")
108  bad_char = "\\t";
109  else if(bad_char == "\n")
110  bad_char = "\\n";
111 
112  throw std::invalid_argument(
113  std::string("hex_decode: invalid hex character '") +
114  bad_char + "'");
115  }
116 
117  *out_ptr |= bin << (top_nibble*4);
118 
119  top_nibble = !top_nibble;
120  if(top_nibble)
121  ++out_ptr;
122  }
123 
124  input_consumed = input_length;
125  size_t written = (out_ptr - output);
126 
127  /*
128  * We only got half of a byte at the end; zap the half-written
129  * output and mark it as unread
130  */
131  if(!top_nibble)
132  {
133  *out_ptr = 0;
134  input_consumed -= 1;
135  }
136 
137  return written;
138  }
size_t BOTAN_DLL Botan::hex_decode ( byte  output[],
const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform hex decoding

Parameters
outputan array of at least input_length/2 bytes
inputsome hex input
input_lengthlength of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 140 of file hex.cpp.

References hex_decode().

144  {
145  size_t consumed = 0;
146  size_t written = hex_decode(output, input, input_length,
147  consumed, ignore_ws);
148 
149  if(consumed != input_length)
150  throw std::invalid_argument("hex_decode: input did not have full bytes");
151 
152  return written;
153  }
size_t BOTAN_DLL Botan::hex_decode ( byte