Botan  1.11.10
Namespaces | Classes | Typedefs | Enumerations | Functions | Variables
Botan Namespace Reference

Namespaces

 ASN1
 
 BER
 
 Camellia_F
 
 Cert_Extension
 
 Charset
 
 CryptoBox
 
 CVC_EAC
 
 DE_EAC
 
 FPE
 
 Global_State_Management
 
 HAS_160_F
 
 HTTP
 
 KeyPair
 
 OCSP
 
 OIDS
 
 PEM_Code
 
 PK_Ops
 
 PKCS8
 
 RIPEMD_128_F
 
 SHA1_F
 
 SHA1_SSE2_F
 
 SHA2_32
 
 SHA2_64
 
 TLS
 
 X509
 

Classes

class  Adler32
 
class  AEAD_Filter
 
class  AEAD_Mode
 
class  AES_128
 
class  AES_128_NI
 
class  AES_128_SSSE3
 
class  AES_192
 
class  AES_192_NI
 
class  AES_192_SSSE3
 
class  AES_256
 
class  AES_256_NI
 
class  AES_256_SSSE3
 
class  AES_ISA_Engine
 
class  Algorithm_Cache
 
class  Algorithm_Factory
 
struct  Algorithm_Not_Found
 
class  AlgorithmIdentifier
 
class  AlternativeName
 
class  ANSI_X919_MAC
 
class  ANSI_X923_Padding
 
class  ANSI_X931_RNG
 
class  ASN1_Car
 
class  ASN1_Ced
 
class  ASN1_Cex
 
class  ASN1_Chr
 
class  ASN1_EAC_String
 
class  ASN1_Object
 
class  ASN1_String
 
class  Assembler_Engine
 
class  Attribute
 
class  AutoSeeded_RNG
 
class  Base64_Decoder
 
class  Base64_Encoder
 
class  BeOS_EntropySource
 
struct  BER_Bad_Tag
 
class  BER_Decoder
 
struct  BER_Decoding_Error
 
class  BER_Object
 
class  BigInt
 
struct  BitBucket
 
class  Blinder
 
class  Block_Cipher_Fixed_Params
 
class  BlockCipher
 
class  BlockCipherModePaddingMethod
 
class  Blowfish
 
class  Buffered_Computation
 
class  Buffered_Filter
 
class  Bzip_Compression
 
class  Bzip_Decompression
 
struct  calendar_point
 
class  Camellia_128
 
class  Camellia_192
 
class  Camellia_256
 
class  Cascade_Cipher
 
class  CAST_128
 
class  CAST_256
 
class  CBC_Decryption
 
class  CBC_Encryption
 
class  CBC_MAC
 
class  CBC_Mode
 
class  CCM_Decryption
 
class  CCM_Encryption
 
class  CCM_Mode
 
class  Certificate_Extension
 
class  Certificate_Store
 
class  Certificate_Store_In_Memory
 
class  Certificate_Store_Overlay
 
class  CFB_Decryption
 
class  CFB_Encryption
 
class  CFB_Mode
 
class  ChaCha
 
class  Chain
 
class  Cipher_Mode
 
class  CMAC
 
class  Comb4P
 
class  Core_Engine
 
class  CPUID
 
class  CRC24
 
class  CRC32
 
class  Credentials_Manager
 
class  CRL_Entry
 
class  CTR_BE
 
class  CTS_Decryption
 
class  CTS_Encryption
 
class  CurveGFp
 
class  CurveGFp_Repr
 
class  Data_Store
 
class  DataSink
 
class  DataSink_Stream
 
class  DataSource
 
class  DataSource_Memory
 
class  DataSource_Stream
 
struct  Decoding_Error
 
class  DER_Encoder
 
class  DES
 
class  DESX
 
class  Device_EntropySource
 
class  DH_KA_Operation
 
class  DH_PrivateKey
 
class  DH_PublicKey
 
class  DL_Group
 
class  DL_Scheme_PrivateKey
 
class  DL_Scheme_PublicKey
 
class  DLIES_Decryptor
 
class  DLIES_Encryptor
 
class  DSA_PrivateKey
 
class  DSA_PublicKey
 
class  DSA_Signature_Operation
 
class  DSA_Verification_Operation
 
class  Dynamically_Loaded_Engine
 
class  Dynamically_Loaded_Library
 
class  EAC1_1_ADO
 
class  EAC1_1_CVC
 
class  EAC1_1_CVC_Options
 
class  EAC1_1_gen_CVC
 
class  EAC1_1_obj
 
class  EAC1_1_Req
 
class  EAC_Signed_Object
 
class  EAC_Time
 
class  EAX_Decryption
 
class  EAX_Encryption
 
class  EAX_Mode
 
class  EC_Group
 
class  EC_PrivateKey
 
class  EC_PublicKey
 
class  ECB_Decryption
 
class  ECB_Encryption
 
class  ECB_Mode
 
class  ECDH_KA_Operation
 
class  ECDH_PrivateKey
 
class  ECDH_PublicKey
 
class  ECDSA_PrivateKey
 
class  ECDSA_PublicKey
 
class  ECDSA_Signature
 
class  ECDSA_Signature_Operation
 
class  ECDSA_Verification_Operation
 
class  EGD_EntropySource
 
class  ElGamal_Decryption_Operation
 
class  ElGamal_Encryption_Operation
 
class  ElGamal_PrivateKey
 
class  ElGamal_PublicKey
 
class  EME
 
class  EME_PKCS1v15
 
class  EMSA
 
class  EMSA1
 
class  EMSA1_BSI
 
class  EMSA_PKCS1v15
 
class  EMSA_PKCS1v15_Raw
 
class  EMSA_Raw
 
class  EMSA_X931
 
struct  Encoding_Error
 
class  Engine
 
class  Entropy_Accumulator
 
class  EntropySource
 
class  Extensions
 
class  Fanout_Filter
 
class  File_Descriptor_Source
 
class  Filter
 
class  Fixed_Base_Power_Mod
 
class  Fixed_Exponent_Power_Mod
 
class  Fixed_Window_Exponentiator
 
class  Fork
 
class  GCM_Decryption
 
class  GCM_Encryption
 
class  GCM_Mode
 
class  GHASH
 
class  GMP_Engine
 
class  GMP_MPZ
 
class  GOST_28147_89
 
class  GOST_28147_89_Params
 
class  GOST_3410_PrivateKey
 
class  GOST_3410_PublicKey
 
class  GOST_3410_Signature_Operation
 
class  GOST_3410_Verification_Operation
 
class  GOST_34_11
 
class  HAS_160
 
class  Hash_Filter
 
class  HashFunction
 
class  Hex_Decoder
 
class  Hex_Encoder
 
class  High_Resolution_Timestamp
 
class  HKDF
 
class  HMAC
 
class  HMAC_DRBG
 
class  HMAC_RNG
 
class  IDEA
 
class  IDEA_SSE2
 
class  IF_Scheme_PrivateKey
 
class  IF_Scheme_PublicKey
 
struct  Illegal_Point
 
struct  Illegal_Transformation
 
struct  Integrity_Failure
 
class  Intel_Rdrand
 
struct  Internal_Error
 
struct  Invalid_Algorithm_Name
 
struct  Invalid_IV_Length
 
struct  Invalid_Key_Length
 
struct  Invalid_OID
 
struct  Invalid_State
 
class  KASUMI
 
class  KDF
 
class  KDF1
 
class  KDF2
 
class  Keccak_1600
 
class  Key_Length_Specification
 
class  Keyed_Filter
 
class  Keyed_Transform
 
class  Library_State
 
class  LibraryInitializer
 
class  Lion
 
struct  Lookup_Error
 
class  Lzma_Compression
 
class  Lzma_Decompression
 
class  MAC_Filter
 
class  MARS
 
class  MD2
 
class  MD4
 
class  MD4_X86_32
 
class  MD5
 
class  MD5_X86_32
 
class  MDx_HashFunction
 
struct  Memory_Exhaustion
 
class  MessageAuthenticationCode
 
class  MISTY1
 
class  mlock_allocator
 
class  Modular_Exponentiator
 
class  Modular_Reducer
 
class  Montgomery_Exponentiator
 
class  Noekeon
 
class  Noekeon_SIMD
 
class  NR_PrivateKey
 
class  NR_PublicKey
 
class  NR_Signature_Operation
 
class  NR_Verification_Operation
 
class  Null_Padding
 
class  Null_RNG
 
class  OAEP
 
class  OCB_Decryption
 
class  OCB_Encryption
 
class  OCB_Mode
 
class  OctetString
 
class  OFB
 
class  OID
 
class  OneAndZeros_Padding
 
class  OpenSSL_Engine
 
class  OSSL_BN
 
class  OSSL_BN_CTX
 
class  Output_Buffers
 
class  Parallel
 
class  Path_Validation_Restrictions
 
class  Path_Validation_Result
 
class  PBE
 
class  PBE_PKCS5v20
 
class  PBKDF
 
class  Pipe
 
class  PK_Decryptor
 
class  PK_Decryptor_EME
 
class  PK_Decryptor_Filter
 
class  PK_Encryptor
 
class  PK_Encryptor_EME
 
class  PK_Encryptor_Filter
 
class  PK_Key_Agreement
 
class  PK_Key_Agreement_Key
 
class  PK_Signer
 
class  PK_Signer_Filter
 
class  PK_Verifier
 
class  PK_Verifier_Filter
 
class  PKCS10_Request
 
class  PKCS5_PBKDF1
 
class  PKCS5_PBKDF2
 
class  PKCS7_Padding
 
struct  PKCS8_Exception
 
class  PointGFp
 
struct  Policy_Violation
 
class  Power_Mod
 
class  Private_Key
 
struct  PRNG_Unseeded
 
class  ProcWalking_EntropySource
 
class  PSSR
 
class  Public_Key
 
class  RandomNumberGenerator
 
class  RC2
 
class  RC4
 
class  RC5
 
class  RC6
 
class  RIPEMD_128
 
class  RIPEMD_160
 
class  RSA_Private_Operation
 
class  RSA_PrivateKey
 
class  RSA_Public_Operation
 
class  RSA_PublicKey
 
class  RTSS_Share
 
class  RW_PrivateKey
 
class  RW_PublicKey
 
class  RW_Signature_Operation
 
class  RW_Verification_Operation
 
class  SAFER_SK
 
class  Salsa20
 
class  SCAN_Name
 
class  secure_allocator
 
class  SecureQueue
 
class  SEED
 
struct  Self_Test_Failure
 
class  Semaphore
 
class  Serialized_RNG
 
class  Serpent
 
class  Serpent_SIMD
 
class  Serpent_X86_32
 
class  SHA_160
 
class  SHA_160_SSE2
 
class  SHA_160_X86_32
 
class  SHA_160_X86_64
 
class  SHA_224
 
class  SHA_256
 
class  SHA_384
 
class  SHA_512
 
class  SIMD_Engine
 
class  SIMD_Scalar
 
class  SIV_Decryption
 
class  SIV_Encryption
 
class  SIV_Mode
 
class  Skein_512
 
class  sqlite3_database
 
class  sqlite3_statement
 
class  SRP6_Authenticator_File
 
class  SRP6_Server_Session
 
class  SSL3_MAC
 
class  SSL3_PRF
 
struct  Stream_IO_Error
 
class  StreamCipher
 
class  StreamCipher_Filter
 
class  SymmetricAlgorithm
 
class  TEA
 
class  Threaded_Fork
 
class  Threefish_512
 
class  Threefish_512_AVX2
 
class  Tiger
 
class  TLS_12_PRF
 
class  TLS_PRF
 
class  Transformation
 
class  Transformation_Filter
 
class  TripleDES
 
class  Twofish
 
class  Unix_EntropySource
 
class  UnixProcessInfo_EntropySource
 
class  Whirlpool
 
class  Win32_CAPI_EntropySource
 
class  Win32_EntropySource
 
class  X509_CA
 
class  X509_Cert_Options
 
class  X509_Certificate
 
class  X509_CRL
 
class  X509_DN
 
class  X509_Object
 
class  X509_Time
 
class  X942_PRF
 
class  XTEA
 
class  XTEA_SIMD
 
class  XTS_Decryption
 
class  XTS_Encryption
 
class  XTS_Mode
 
class  Zlib_Compression
 
class  Zlib_Decompression
 

Typedefs

typedef uint8_t byte
 
typedef EC_Group EC_Domain_Params
 
typedef std::runtime_error Exception
 
typedef OctetString InitializationVector
 
typedef std::invalid_argument Invalid_Argument
 
typedef PK_Key_Agreement_Key PK_KA_Key
 
typedef Private_Key PKCS8_PrivateKey
 
typedef int32_t s32bit
 
template<typename T >
using secure_deque = std::vector< T, secure_allocator< T >>
 
template<typename T >
using secure_vector = std::vector< T, secure_allocator< T >>
 
typedef OctetString SymmetricKey
 
typedef uint16_t u16bit
 
typedef uint32_t u32bit
 
typedef uint64_t u64bit
 
typedef Public_Key X509_PublicKey
 

Enumerations

enum  ASN1_Tag {
  UNIVERSAL = 0x00, APPLICATION = 0x40, CONTEXT_SPECIFIC = 0x80, CONSTRUCTED = 0x20,
  PRIVATE = CONSTRUCTED | CONTEXT_SPECIFIC, EOC = 0x00, BOOLEAN = 0x01, INTEGER = 0x02,
  BIT_STRING = 0x03, OCTET_STRING = 0x04, NULL_TAG = 0x05, OBJECT_ID = 0x06,
  ENUMERATED = 0x0A, SEQUENCE = 0x10, SET = 0x11, UTF8_STRING = 0x0C,
  NUMERIC_STRING = 0x12, PRINTABLE_STRING = 0x13, T61_STRING = 0x14, IA5_STRING = 0x16,
  VISIBLE_STRING = 0x1A, BMP_STRING = 0x1E, UTC_TIME = 0x17, GENERALIZED_TIME = 0x18,
  NO_OBJECT = 0xFF00, DIRECTORY_STRING = 0xFF01
}
 
enum  Certificate_Status_Code {
  Certificate_Status_Code::VERIFIED = 0x00000000, Certificate_Status_Code::OCSP_RESPONSE_GOOD, Certificate_Status_Code::NO_REVOCATION_DATA, Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK = 1000,
  Certificate_Status_Code::UNTRUSTED_HASH, Certificate_Status_Code::CERT_NOT_YET_VALID = 2000, Certificate_Status_Code::CERT_HAS_EXPIRED, Certificate_Status_Code::OCSP_NOT_YET_VALID,
  Certificate_Status_Code::OCSP_HAS_EXPIRED, Certificate_Status_Code::CRL_NOT_YET_VALID, Certificate_Status_Code::CRL_HAS_EXPIRED, Certificate_Status_Code::CERT_ISSUER_NOT_FOUND = 3000,
  Certificate_Status_Code::CANNOT_ESTABLISH_TRUST, Certificate_Status_Code::POLICY_ERROR = 4000, Certificate_Status_Code::INVALID_USAGE, Certificate_Status_Code::CERT_CHAIN_TOO_LONG,
  Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER, Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER, Certificate_Status_Code::OCSP_CERT_NOT_LISTED, Certificate_Status_Code::OCSP_BAD_STATUS,
  Certificate_Status_Code::CERT_IS_REVOKED = 5000, Certificate_Status_Code::CRL_BAD_SIGNATURE, Certificate_Status_Code::SIGNATURE_ERROR
}
 
enum  Character_Set { LOCAL_CHARSET, UCS2_CHARSET, UTF8_CHARSET, LATIN1_CHARSET }
 
enum  Cipher_Dir { ENCRYPTION, DECRYPTION }
 
enum  CRL_Code {
  UNSPECIFIED = 0, KEY_COMPROMISE = 1, CA_COMPROMISE = 2, AFFILIATION_CHANGED = 3,
  SUPERSEDED = 4, CESSATION_OF_OPERATION = 5, CERTIFICATE_HOLD = 6, REMOVE_FROM_CRL = 8,
  PRIVLEDGE_WITHDRAWN = 9, AA_COMPROMISE = 10, DELETE_CRL_ENTRY = 0xFF00, OCSP_GOOD = 0xFF01,
  OCSP_UNKNOWN = 0xFF02
}
 
enum  Decoder_Checking { NONE, IGNORE_WS, FULL_CHECK }
 
enum  EC_Group_Encoding { EC_DOMPAR_ENC_EXPLICIT = 0, EC_DOMPAR_ENC_IMPLICITCA = 1, EC_DOMPAR_ENC_OID = 2 }
 
enum  Fault_Protection { ENABLE_FAULT_PROTECTION, DISABLE_FAULT_PROTECTION }
 
enum  Key_Constraints {
  NO_CONSTRAINTS = 0, DIGITAL_SIGNATURE = 32768, NON_REPUDIATION = 16384, KEY_ENCIPHERMENT = 8192,
  DATA_ENCIPHERMENT = 4096, KEY_AGREEMENT = 2048, KEY_CERT_SIGN = 1024, CRL_SIGN = 512,
  ENCIPHER_ONLY = 256, DECIPHER_ONLY = 128
}
 
enum  Signature_Format { IEEE_1363, DER_SEQUENCE }
 
enum  X509_Encoding { RAW_BER, PEM }
 

Functions

BigInt abs (const BigInt &n)
 
std::map< std::string, double > algorithm_benchmark (const std::string &name, Algorithm_Factory &af, RandomNumberGenerator &rng, std::chrono::milliseconds milliseconds, size_t buf_size)
 
std::map< std::string, bool > algorithm_kat (const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
 
std::map< std::string,
std::string > 
algorithm_kat_detailed (const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
 
void aont_package (RandomNumberGenerator &rng, BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
void aont_unpackage (BlockCipher *cipher, const byte input[], size_t input_len, byte output[])
 
void assertion_failure (const char *expr_str, const char *assertion_made, const char *func, const char *file, int line)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool final_inputs, bool ignore_ws)
 
size_t base64_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t base64_decode (byte output[], const std::string &input, bool ignore_ws)
 
secure_vector< bytebase64_decode (const char input[], size_t input_length, bool ignore_ws)
 
secure_vector< bytebase64_decode (const std::string &input, bool ignore_ws)
 
size_t base64_encode (char out[], const byte in[], size_t input_length, size_t &input_consumed, bool final_inputs)
 
template<typename Alloc >
std::string base64_encode (const std::vector< byte, Alloc > &input)
 
std::string base64_encode (const byte input[], size_t input_length)
 
void bigint_add2 (word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add2_nc (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_add3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
word bigint_add3_nc (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
s32bit bigint_cmp (const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_comba_mul16 (word z[32], const word x[16], const word y[16])
 
void bigint_comba_mul4 (word z[8], const word x[4], const word y[4])
 
void bigint_comba_mul6 (word z[12], const word x[6], const word y[6])
 
void bigint_comba_mul8 (word z[16], const word x[8], const word y[8])
 
void bigint_comba_sqr16 (word z[32], const word x[16])
 
void bigint_comba_sqr4 (word z[8], const word x[4])
 
void bigint_comba_sqr6 (word z[12], const word x[6])
 
void bigint_comba_sqr8 (word z[16], const word x[8])
 
word bigint_divop (word n1, word n0, word d)
 
void bigint_linmul2 (word x[], size_t x_size, word y)
 
void bigint_linmul3 (word z[], const word x[], size_t x_size, word y)
 
word bigint_modop (word n1, word n0, word d)
 
void bigint_monty_mul (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_redc (word z[], const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_monty_sqr (word z[], size_t z_size, const word x[], size_t x_size, size_t x_sw, const word p[], size_t p_size, word p_dash, word workspace[])
 
void bigint_mul (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
 
void bigint_shl1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shl2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr1 (word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_shr2 (word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift)
 
void bigint_simple_mul (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_simple_sqr (word z[], const word x[], size_t x_size)
 
void bigint_sqr (word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
 
word bigint_sub2 (word x[], size_t x_size, const word y[], size_t y_size)
 
void bigint_sub2_rev (word x[], const word y[], size_t y_size)
 
word bigint_sub3 (word z[], const word x[], size_t x_size, const word y[], size_t y_size)
 
size_t block_size_of (const std::string &name)
 
void botan_md4_x86_32_compress (u32bit digest[4], const byte input[64], u32bit M[16])
 
void botan_serpent_x86_32_decrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_encrypt (const byte in[16], byte out[16], const u32bit ks[132])
 
void botan_serpent_x86_32_key_schedule (u32bit ks[140])
 
template<typename T >
void bswap_4 (T x[4])
 
template<typename T , typename Alloc >
size_t buffer_insert (std::vector< T, Alloc > &buf, size_t buf_offset, const T input[], size_t input_length)
 
template<typename T , typename Alloc , typename Alloc2 >
size_t buffer_insert (std::vector< T, Alloc > &buf, size_t buf_offset, const std::vector< T, Alloc2 > &input)
 
calendar_point calendar_value (const std::chrono::system_clock::time_point &time_point)
 
bool check_bcrypt (const std::string &pass, const std::string &hash)
 
bool check_passhash9 (const std::string &pass, const std::string &hash)
 
bool check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
PK_Signerchoose_sig_format (const Private_Key &key, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
 
size_t clamp (size_t n, size_t lower_bound, size_t upper_bound)
 
template<typename T >
void clear_mem (T *ptr, size_t n)
 
void confirm_startup_self_tests (Algorithm_Factory &af)
 
template<typename T >
void copy_mem (T *out, const T *in, size_t n)
 
AlternativeName create_alt_name (const Data_Store &info)
 
X509_DN create_dn (const Data_Store &info)
 
template<typename T >
size_t ctz (T n)
 
ECDSA_Signature decode_concatenation (const std::vector< byte > &concat)
 
ECDSA_PublicKeydecode_eac1_1_key (const std::vector< byte > &, AlgorithmIdentifier &)
 
void divide (const BigInt &x, const BigInt &y_arg, BigInt &q, BigInt &r)
 
size_t dl_work_factor (size_t bits)
 
secure_vector< byteEC2OSP (const PointGFp &point, byte format)
 
std::string erase_chars (const std::string &str, const std::set< char > &chars)
 
Key_Constraints find_constraints (const Public_Key &pub_key, Key_Constraints limits)
 
BigInt gcd (const BigInt &a, const BigInt &b)
 
void gcm_multiply_clmul (byte x[16], const byte H[16])
 
std::string generate_bcrypt (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor)
 
bool generate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits, const std::vector< byte > &seed_c)
 
std::vector< bytegenerate_dsa_primes (RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits)
 
std::string generate_passhash9 (const std::string &pass, RandomNumberGenerator &rng, u16bit work_factor, byte alg_id)
 
BigInt generate_rfc6979_nonce (const BigInt &x, const BigInt &q, const BigInt &h, const std::string &hash)
 
BigInt generate_srp6_verifier (const std::string &identifier, const std::string &password, const std::vector< byte > &salt, const std::string &group_id, const std::string &hash_id)
 
AEAD_Modeget_aead (const std::string &algo_spec, Cipher_Dir direction)
 
BlockCipherget_block_cipher (const std::string &algo_spec)
 
template<typename T >
byte get_byte (size_t byte_num, T input)
 
Keyed_Filterget_cipher (const std::string &algo_spec, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, const InitializationVector &iv, Cipher_Dir direction)
 
Keyed_Filterget_cipher (const std::string &algo_spec, const SymmetricKey &key, Cipher_Dir direction)
 
Keyed_Filterget_cipher_mode (const BlockCipher *block_cipher, Cipher_Dir direction, const std::string &mode, const std::string &padding)
 
BOTAN_DLL EMEget_eme (const std::string &algo_spec)
 
BOTAN_DLL EMSAget_emsa (const std::string &algo_spec)
 
HashFunctionget_hash (const std::string &algo_spec)
 
KDFget_kdf (const std::string &algo_spec)
 
MessageAuthenticationCodeget_mac (const std::string &algo_spec)
 
PBEget_pbe (const std::string &algo_spec, const std::string &passphrase, std::chrono::milliseconds msec, RandomNumberGenerator &rng)
 
PBEget_pbe (const OID &pbe_oid, const std::vector< byte > &params, const std::string &passphrase)
 
PBKDFget_pbkdf (const std::string &algo_spec)
 
PBKDFget_s2k (const std::string &algo_spec)
 
StreamCipherget_stream_cipher (const std::string &algo_spec)
 
template<typename T >
size_t hamming_weight (T n)
 
bool have_algorithm (const std::string &name)
 
bool have_block_cipher (const std::string &algo_spec)
 
bool have_hash (const std::string &algo_spec)
 
bool have_mac (const std::string &algo_spec)
 
bool have_stream_cipher (const std::string &algo_spec)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, size_t &input_consumed, bool ignore_ws)
 
size_t hex_decode (byte output[], const char input[], size_t input_length, bool ignore_ws)
 
size_t hex_decode (byte output[], const std::string &input, bool ignore_ws)
 
std::vector< bytehex_decode (const char input[], size_t input_length, bool ignore_ws)
 
std::vector< bytehex_decode (const std::string &input, bool ignore_ws)
 
secure_vector< bytehex_decode_locked (const char input[], size_t input_length, bool ignore_ws)
 
secure_vector< bytehex_decode_locked (const std::string &input, bool ignore_ws)
 
void hex_encode (char output[], const byte input[], size_t input_length, bool uppercase)
 
std::string hex_encode (const byte input[], size_t input_length, bool uppercase)
 
template<typename Alloc >
std::string hex_encode (const std::vector< byte, Alloc > &input, bool uppercase=true)
 
template<typename T >
size_t high_bit (T n)
 
byte ieee1363_hash_id (const std::string &name)
 
BigInt inverse_mod (const BigInt &n, const BigInt &mod)
 
std::string ipv4_to_string (u32bit ip)
 
template<typename T >
bool is_power_of_2 (T arg)
 
bool is_prime (const BigInt &n, RandomNumberGenerator &rng, size_t prob, bool is_random)
 
s32bit jacobi (const BigInt &a, const BigInt &n)
 
BigInt lcm (const BigInt &a, const BigInt &b)
 
void BOTAN_DLL lex_cfg (std::istream &is, std::function< void(std::string)> cb)
 
void BOTAN_DLL lex_cfg_w_headers (std::istream &is, std::function< void(std::string)> cb, std::function< void(std::string)> header_cb)
 
template<typename T >
load_be (const byte in[], size_t off)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_be (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_be (T out[], const byte in[], size_t count)
 
template<>
u16bit load_be< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_be< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_be< u64bit > (const byte in[], size_t off)
 
template<typename T >
load_le (const byte in[], size_t off)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3)
 
template<typename T >
void load_le (const byte in[], T &x0, T &x1, T &x2, T &x3, T &x4, T &x5, T &x6, T &x7)
 
template<typename T >
void load_le (T out[], const byte in[], size_t count)
 
template<>
u16bit load_le< u16bit > (const byte in[], size_t off)
 
template<>
u32bit load_le< u32bit > (const byte in[], size_t off)
 
template<>
u64bit load_le< u64bit > (const byte in[], size_t off)
 
template<typename T >
size_t low_bit (T n)
 
size_t low_zero_bits (const BigInt &n)
 
EAC1_1_CVC make_cvc_cert (PK_Signer &signer, const std::vector< byte > &public_key, ASN1_Car const &car, ASN1_Chr const &chr, byte holder_auth_templ, ASN1_Ced ced, ASN1_Cex cex, RandomNumberGenerator &rng)
 
Private_Keymake_private_key (const AlgorithmIdentifier &alg_id, const secure_vector< byte > &key_bits, RandomNumberGenerator &rng)
 
Public_Keymake_public_key (const AlgorithmIdentifier &alg_id, const secure_vector< byte > &key_bits)
 
u16bit make_u16bit (byte i0, byte i1)
 
u32bit make_u32bit (byte i0, byte i1, byte i2, byte i3)
 
u64bit make_u64bit (byte i0, byte i1, byte i2, byte i3, byte i4, byte i5, byte i6, byte i7)
 
template<typename T , typename Pred >
void map_remove_if (Pred pred, T &assoc)
 
void mgf1_mask (HashFunction &hash, const byte in[], size_t in_len, byte out[], size_t out_len)
 
word monty_inverse (word input)
 
void mul64x64_128 (u64bit a, u64bit b, u64bit *lo, u64bit *hi)
 
BigInt mul_add (const BigInt &a, const BigInt &b, const BigInt &c)
 
PointGFp multi_exponentiate (const PointGFp &p1, const BigInt &z1, const PointGFp &p2, const BigInt &z2)
 
template<typename K , typename V >
void multimap_insert (std::multimap< K, V > &multimap, const K &key, const V &value)
 
bool operator!= (EAC1_1_Req const &lhs, EAC1_1_Req const &rhs)
 
bool operator!= (const ECDSA_Signature &lhs, const ECDSA_Signature &rhs)
 
bool operator!= (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator!= (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
bool operator!= (EAC1_1_CVC const &lhs, EAC1_1_CVC const &rhs)
 
template<typename T >
bool operator!= (const secure_allocator< T > &, const secure_allocator< T > &)
 
bool operator!= (EAC1_1_ADO const &lhs, EAC1_1_ADO const &rhs)
 
bool operator!= (const OID &a, const OID &b)
 
bool operator!= (const OctetString &s1, const OctetString &s2)
 
bool operator!= (const EC_Group &lhs, const EC_Group &rhs)
 
bool operator!= (const CurveGFp &lhs, const CurveGFp &rhs)
 
bool operator!= (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator!= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator!= (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator!= (const PointGFp &lhs, const PointGFp &rhs)
 
bool operator!= (const X509_Time &t1, const X509_Time &t2)
 
bool operator!= (const X509_Certificate &cert1, const X509_Certificate &cert2)
 
bool operator!= (const BigInt &a, const BigInt &b)
 
BigInt operator% (const BigInt &n, const BigInt &mod)
 
word operator% (const BigInt &n, word mod)
 
BigInt operator* (const BigInt &x, const BigInt &y)
 
PointGFp operator* (const BigInt &scalar, const PointGFp &point)
 
PointGFp operator* (const PointGFp &point, const BigInt &scalar)
 
BigInt operator+ (const BigInt &x, const BigInt &y)
 
OID operator+ (const OID &oid, u32bit component)
 
OctetString operator+ (const OctetString &k1, const OctetString &k2)
 
PointGFp operator+ (const PointGFp &lhs, const PointGFp &rhs)
 
template<typename T , typename Alloc , typename Alloc2 >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::vector< T, Alloc2 > &in)
 
template<typename T , typename Alloc >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, T in)
 
template<typename T , typename Alloc , typename L >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::pair< const T *, L > &in)
 
template<typename T , typename Alloc , typename L >
std::vector< T, Alloc > & operator+= (std::vector< T, Alloc > &out, const std::pair< T *, L > &in)
 
BigInt operator- (const BigInt &x, const BigInt &y)
 
PointGFp operator- (const PointGFp &lhs)
 
PointGFp operator- (const PointGFp &lhs, const PointGFp &rhs)
 
BigInt operator/ (const BigInt &x, const BigInt &y)
 
bool operator< (const OID &a, const OID &b)
 
bool operator< (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator< (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator< (const X509_Time &t1, const X509_Time &t2)
 
bool operator< (const BigInt &a, const BigInt &b)
 
std::ostream & operator<< (std::ostream &stream, const BigInt &n)
 
int operator<< (int fd, Pipe &pipe)
 
BigInt operator<< (const BigInt &x, size_t shift)
 
std::ostream & operator<< (std::ostream &out, const X509_DN &dn)
 
BOTAN_DLL std::ostream & operator<< (std::ostream &out, Pipe &pipe)
 
bool operator<= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator<= (const X509_Time &t1, const X509_Time &t2)
 
bool operator<= (const BigInt &a, const BigInt &b)
 
bool operator== (const CRL_Entry &a1, const CRL_Entry &a2)
 
bool operator== (const AlgorithmIdentifier &a1, const AlgorithmIdentifier &a2)
 
template<typename T >
bool operator== (const secure_allocator< T > &, const secure_allocator< T > &)
 
bool operator== (const OctetString &s1, const OctetString &s2)
 
bool operator== (const ASN1_EAC_String &lhs, const ASN1_EAC_String &rhs)
 
bool operator== (const X509_DN &dn1, const X509_DN &dn2)
 
bool operator== (const CurveGFp &lhs, const CurveGFp &rhs)
 
bool operator== (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator== (const X509_Time &t1, const X509_Time &t2)
 
bool operator== (const BigInt &a, const BigInt &b)
 
bool operator> (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator> (const X509_Time &t1, const X509_Time &t2)
 
bool operator> (const BigInt &a, const BigInt &b)
 
bool operator>= (const EAC_Time &t1, const EAC_Time &t2)
 
bool operator>= (const X509_Time &t1, const X509_Time &t2)
 
bool operator>= (const BigInt &a, const BigInt &b)
 
int operator>> (int fd, Pipe &pipe)
 
std::istream & operator>> (std::istream &stream, BigInt &n)
 
BigInt operator>> (const BigInt &x, size_t shift)
 
BOTAN_DLL std::istream & operator>> (std::istream &in, Pipe &pipe)
 
OctetString operator^ (const OctetString &k1, const OctetString &k2)
 
template<typename T , typename Alloc , typename Alloc2 >
std::vector< T, Alloc > & operator^= (std::vector< T, Alloc > &out, const std::vector< T, Alloc2 > &in)
 
template<typename Alloc >
PointGFp OS2ECP (const std::vector< byte, Alloc > &data, const CurveGFp &curve)
 
PointGFp OS2ECP (const byte data[], size_t data_len, const CurveGFp &curve)
 
size_t output_length_of (const std::string &name)
 
std::vector< std::string > parse_algorithm_name (const std::string &namex)
 
std::vector< u32bitparse_asn1_oid (const std::string &oid)
 
std::map< std::string,
std::map< std::string,
std::string > > BOTAN_DLL 
parse_cfg (std::istream &is)
 
bool passes_self_tests (Algorithm_Factory &af)
 
secure_vector< bytePGP_decode (DataSource &source, std::string &label, std::map< std::string, std::string > &headers)
 
secure_vector< bytePGP_decode (DataSource &source, std::string &label)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &label, const std::map< std::string, std::string > &headers)
 
std::string PGP_encode (const byte input[], size_t length, const std::string &type)
 
std::vector< bytepkcs_hash_id (const std::string &name)
 
BigInt power_mod (const BigInt &base, const BigInt &exp, const BigInt &mod)
 
template<typename T >
void prefetch_readonly (const T *addr, size_t length)
 
template<typename T >
void prefetch_readwrite (const T *addr, size_t length)
 
bool quick_check_prime (const BigInt &n, RandomNumberGenerator &rng)
 
BigInt random_prime (RandomNumberGenerator &rng, size_t bits, const BigInt &coprime, size_t equiv, size_t modulo)
 
BigInt random_safe_prime (RandomNumberGenerator &rng, size_t bits)
 
std::string replace_char (const std::string &str, char from_char, char to_char)
 
std::string replace_chars (const std::string &str, const std::set< char > &chars, char to_char)
 
BigInt BOTAN_DLL ressol (const BigInt &x, const BigInt &p)
 
const BlockCipherretrieve_block_cipher (const std::string &algo_spec)
 
const HashFunctionretrieve_hash (const std::string &algo_spec)
 
const MessageAuthenticationCoderetrieve_mac (const std::string &algo_spec)
 
const StreamCipherretrieve_stream_cipher (const std::string &algo_spec)
 
u16bit reverse_bytes (u16bit val)
 
u32bit reverse_bytes (u32bit val)
 
u64bit reverse_bytes (u64bit val)
 
secure_vector< byterfc3394_keyunwrap (const secure_vector< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
secure_vector< byterfc3394_keywrap (const secure_vector< byte > &key, const SymmetricKey &kek, Algorithm_Factory &af)
 
template<typename T >
rotate_left (T input, size_t rot)
 
template<typename T >
rotate_right (T input, size_t rot)
 
template<typename T >
round_down (T n, T align_to)
 
template<typename T >
round_up (T n, T align_to)
 
template<typename T >
bool same_mem (const T *p1, const T *p2, size_t n)
 
template<typename K , typename V >
search_map (const std::map< K, V > &mapping, const K &key, const V &null_result=V())
 
template<typename K , typename V , typename R >
search_map (const std::map< K, V > &mapping, const K &key, const R &null_result, const R &found_result)
 
template<typename T >
void set_mem (T *ptr, size_t n, byte val)
 
template<typename T >
size_t significant_bytes (T n)
 
std::vector< std::string > split_on (const std::string &str, char delim)
 
std::vector< std::string > split_on_pred (const std::string &str, std::function< bool(char)> pred)
 
BigInt square (const BigInt &x)
 
std::pair< BigInt, SymmetricKeysrp6_client_agree (const std::string &identifier, const std::string &password, const std::string &group_id, const std::string &hash_id, const std::vector< byte > &salt, const BigInt &B, RandomNumberGenerator &rng)
 
std::string srp6_group_identifier (const BigInt &N, const BigInt &g)
 
size_t static_provider_weight (const std::string &prov_name)
 
void store_be (u16bit in, byte out[2])
 
void store_be (u32bit in, byte out[4])
 
void store_be (u64bit in, byte out[8])
 
template<typename T >
void store_be (byte out[], T x0, T x1)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_be (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
void store_le (u16bit in, byte out[2])
 
void store_le (u32bit in, byte out[4])
 
void store_le (u64bit in, byte out[8])
 
template<typename T >
void store_le (byte out[], T x0, T x1)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3)
 
template<typename T >
void store_le (byte out[], T x0, T x1, T x2, T x3, T x4, T x5, T x6, T x7)
 
std::string string_join (const std::vector< std::string > &strs, char delim)
 
u32bit string_to_ipv4 (const std::string &str)
 
BigInt sub_mul (const BigInt &a, const BigInt &b, const BigInt &c)
 
std::map< std::string, double > time_algorithm_ops (const std::string &name, Algorithm_Factory &af, const std::string &provider, RandomNumberGenerator &rng, std::chrono::nanoseconds runtime, size_t buf_size)
 
double time_op (std::chrono::nanoseconds runtime, std::function< void()> op)
 
u32bit timespec_to_u32bit (const std::string &timespec)
 
std::vector< byteto_byte_vector (const std::string &s)
 
u32bit to_u32bit (const std::string &str)
 
template<typename T >
std::vector< T > unlock (const secure_vector< T > &in)
 
template<typename T >
bool value_exists (const std::vector< T > &vec, const T &val)
 
bool verify_prime (const BigInt &n, RandomNumberGenerator &rng)
 
u32bit version_datestamp ()
 
u32bit version_major ()
 
u32bit version_minor ()
 
u32bit version_patch ()
 
std::string version_string ()
 
void word3_muladd (word *w2, word *w1, word *w0, word a, word b)
 
void word3_muladd_2 (word *w2, word *w1, word *w0, word a, word b)
 
word word8_add2 (word x[8], const word y[8], word carry)
 
word word8_add3 (word z[8], const word x[8], const word y[8], word carry)
 
word word8_linmul2 (word x[8], word y, word carry)
 
word word8_linmul3 (word z[8], const word x[8], word y, word carry)
 
word word8_linmul3 (word z[4], const word x[4], word y, word carry)
 
word word8_madd3 (word z[8], const word x[8], word y, word carry)
 
word word8_muladd (word z[8], const word x[8], word y, word carry)
 
word word8_sub2 (word x[8], const word y[8], word carry)
 
word word8_sub2_rev (word x[8], const word y[8], word carry)
 
word word8_sub3 (word z[8], const word x[8], const word y[8], word carry)
 
word word_add (word x, word y, word *carry)
 
word word_madd2 (word a, word b, word *c)
 
word word_madd3 (word a, word b, word c, word *d)
 
word word_sub (word x, word y, word *carry)
 
bool x500_name_cmp (const std::string &name1, const std::string &name2)
 
Path_Validation_Result x509_path_validate (const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &certstores)
 
Path_Validation_Result x509_path_validate (const X509_Certificate &end_cert, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &certstores)
 
Path_Validation_Result x509_path_validate (const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const Certificate_Store &store)
 
Path_Validation_Result x509_path_validate (const X509_Certificate &end_cert, const Path_Validation_Restrictions &restrictions, const Certificate_Store &store)
 
template<typename T >
void xor_buf (T out[], const T in[], size_t length)
 
template<typename T >
void xor_buf (T out[], const T in[], const T in2[], size_t length)
 
template<typename Alloc , typename Alloc2 >
void xor_buf (std::vector< byte, Alloc > &out, const std::vector< byte, Alloc2 > &in, size_t n)
 
template<typename Alloc >
void xor_buf (std::vector< byte, Alloc > &out, const byte *in, size_t n)
 
template<typename Alloc , typename Alloc2 >
void xor_buf (std::vector< byte, Alloc > &out, const byte *in, const std::vector< byte, Alloc2 > &in2, size_t n)
 
template<typename T , typename Alloc >
void zap (std::vector< T, Alloc > &vec)
 
BOTAN_DLL void zero_mem (void *ptr, size_t n)
 
template<typename T , typename Alloc >
void zeroise (std::vector< T, Alloc > &vec)
 

Variables

const u64bit Camellia_SBOX1 [256]
 
const u64bit Camellia_SBOX2 [256]
 
const u64bit Camellia_SBOX3 [256]
 
const u64bit Camellia_SBOX4 [256]
 
const u64bit Camellia_SBOX5 [256]
 
const u64bit Camellia_SBOX6 [256]
 
const u64bit Camellia_SBOX7 [256]
 
const u64bit Camellia_SBOX8 [256]
 
const u32bit CAST_SBOX1 [256]
 
const u32bit CAST_SBOX2 [256]
 
const u32bit CAST_SBOX3 [256]
 
const u32bit CAST_SBOX4 [256]
 
const u64bit DES_FPTAB1 [256]
 
const u64bit DES_FPTAB2 [256]
 
const u64bit DES_IPTAB1 [256]
 
const u64bit DES_IPTAB2 [256]
 
const u32bit DES_SPBOX1 [256]
 
const u32bit DES_SPBOX2 [256]
 
const u32bit DES_SPBOX3 [256]
 
const u32bit DES_SPBOX4 [256]
 
const u32bit DES_SPBOX5 [256]
 
const u32bit DES_SPBOX6 [256]
 
const u32bit DES_SPBOX7 [256]
 
const u32bit DES_SPBOX8 [256]
 
const size_t HEX_CODEC_BUFFER_SIZE = 256
 
const size_t MP_WORD_BITS = BOTAN_MP_WORD_BITS
 
const word MP_WORD_MASK = ~static_cast<word>(0)
 
const word MP_WORD_MAX = MP_WORD_MASK
 
const word MP_WORD_TOP_BIT = static_cast<word>(1) << (8*sizeof(word) - 1)
 
const size_t PRIME_TABLE_SIZE = 6541
 
const u16bit BOTAN_DLL PRIMES []
 

Detailed Description

Dynamically Loaded Engine (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

Dynamically Loaded Object (C) 2010 Jack Lloyd

Distributed under the terms of the Botan license

The primary namespace for the botan library

Typedef Documentation

typedef uint8_t Botan::byte

Definition at line 30 of file types.h.

Definition at line 144 of file ec_group.h.

typedef std::runtime_error Botan::Exception

Definition at line 19 of file exceptn.h.

Alternate name for octet string showing intent to use as an IV

Definition at line 139 of file symkey.h.

typedef std::invalid_argument Botan::Invalid_Argument

Definition at line 20 of file exceptn.h.

Definition at line 143 of file pk_keys.h.

Definition at line 145 of file pk_keys.h.

typedef int32_t Botan::s32bit

Definition at line 35 of file types.h.

template<typename T >
using Botan::secure_deque = typedef std::vector<T, secure_allocator<T>>

Definition at line 17 of file tls_blocking.h.

template<typename T >
using Botan::secure_vector = typedef std::vector<T, secure_allocator<T>>

Definition at line 92 of file secmem.h.

Alternate name for octet string showing intent to use as a key

Definition at line 134 of file symkey.h.

typedef uint16_t Botan::u16bit

Definition at line 31 of file types.h.

typedef uint32_t Botan::u32bit

Definition at line 32 of file types.h.

typedef uint64_t Botan::u64bit

Definition at line 33 of file types.h.

Definition at line 144 of file pk_keys.h.

Enumeration Type Documentation

ASN.1 Type and Class Tags

Enumerator
UNIVERSAL 
APPLICATION 
CONTEXT_SPECIFIC 
CONSTRUCTED 
PRIVATE 
EOC 
BOOLEAN 
INTEGER 
BIT_STRING 
OCTET_STRING 
NULL_TAG 
OBJECT_ID 
ENUMERATED 
SEQUENCE 
SET 
UTF8_STRING 
NUMERIC_STRING 
PRINTABLE_STRING 
T61_STRING 
IA5_STRING 
VISIBLE_STRING 
BMP_STRING 
UTC_TIME 
GENERALIZED_TIME 
NO_OBJECT 
DIRECTORY_STRING 

Definition at line 19 of file asn1_obj.h.

19  {
20  UNIVERSAL = 0x00,
21  APPLICATION = 0x40,
22  CONTEXT_SPECIFIC = 0x80,
23 
24  CONSTRUCTED = 0x20,
25 
27 
28  EOC = 0x00,
29  BOOLEAN = 0x01,
30  INTEGER = 0x02,
31  BIT_STRING = 0x03,
32  OCTET_STRING = 0x04,
33  NULL_TAG = 0x05,
34  OBJECT_ID = 0x06,
35  ENUMERATED = 0x0A,
36  SEQUENCE = 0x10,
37  SET = 0x11,
38 
39  UTF8_STRING = 0x0C,
40  NUMERIC_STRING = 0x12,
41  PRINTABLE_STRING = 0x13,
42  T61_STRING = 0x14,
43  IA5_STRING = 0x16,
44  VISIBLE_STRING = 0x1A,
45  BMP_STRING = 0x1E,
46 
47  UTC_TIME = 0x17,
48  GENERALIZED_TIME = 0x18,
49 
50  NO_OBJECT = 0xFF00,
51  DIRECTORY_STRING = 0xFF01
52 };
Enumerator
VERIFIED 
OCSP_RESPONSE_GOOD 
NO_REVOCATION_DATA 
SIGNATURE_METHOD_TOO_WEAK 
UNTRUSTED_HASH 
CERT_NOT_YET_VALID 
CERT_HAS_EXPIRED 
OCSP_NOT_YET_VALID 
OCSP_HAS_EXPIRED 
CRL_NOT_YET_VALID 
CRL_HAS_EXPIRED 
CERT_ISSUER_NOT_FOUND 
CANNOT_ESTABLISH_TRUST 
POLICY_ERROR 
INVALID_USAGE 
CERT_CHAIN_TOO_LONG 
CA_CERT_NOT_FOR_CERT_ISSUER 
CA_CERT_NOT_FOR_CRL_ISSUER 
OCSP_CERT_NOT_LISTED 
OCSP_BAD_STATUS 
CERT_IS_REVOKED 
CRL_BAD_SIGNATURE 
SIGNATURE_ERROR 

Definition at line 13 of file cert_status.h.

13  {
14  VERIFIED = 0x00000000,
17 
18  // Local policy failures
21 
22  // Time problems
23  CERT_NOT_YET_VALID = 2000,
29 
30  // Chain generation problems
31  CERT_ISSUER_NOT_FOUND = 3000,
33 
34  // Validation errors
35  POLICY_ERROR = 4000,
39 
40  // Revocation errors
44 
45  // Hard failures
46  CERT_IS_REVOKED = 5000,
49 };

The different charsets (nominally) supported by Botan.

Enumerator
LOCAL_CHARSET 
UCS2_CHARSET 
UTF8_CHARSET 
LATIN1_CHARSET 

Definition at line 19 of file charset.h.

The two possible directions for cipher filters, determining whether they actually perform encryption or decryption.

Enumerator
ENCRYPTION 
DECRYPTION 

Definition at line 46 of file types.h.

X.509v2 CRL Reason Code.

Enumerator
UNSPECIFIED 
KEY_COMPROMISE 
CA_COMPROMISE 
AFFILIATION_CHANGED 
SUPERSEDED 
CESSATION_OF_OPERATION 
CERTIFICATE_HOLD 
REMOVE_FROM_CRL 
PRIVLEDGE_WITHDRAWN 
AA_COMPROMISE 
DELETE_CRL_ENTRY 
OCSP_GOOD 
OCSP_UNKNOWN 

Definition at line 19 of file crl_ent.h.

The type of checking to be performed by decoders: NONE - no checks, IGNORE_WS - perform checks, but ignore whitespaces, FULL_CHECK - perform checks, also complain about white spaces.

Enumerator
NONE 
IGNORE_WS 
FULL_CHECK 

Definition at line 179 of file filter.h.

This class represents elliptic curce domain parameters

Enumerator
EC_DOMPAR_ENC_EXPLICIT 
EC_DOMPAR_ENC_IMPLICITCA 
EC_DOMPAR_ENC_OID 

Definition at line 22 of file ec_group.h.

Enum marking if protection against fault attacks should be used

Enumerator
ENABLE_FAULT_PROTECTION 
DISABLE_FAULT_PROTECTION 

Definition at line 29 of file pubkey.h.

X.509v3 Key Constraints.

Enumerator
NO_CONSTRAINTS 
DIGITAL_SIGNATURE 
NON_REPUDIATION 
KEY_ENCIPHERMENT 
DATA_ENCIPHERMENT 
KEY_AGREEMENT 
KEY_CERT_SIGN 
CRL_SIGN 
ENCIPHER_ONLY 
DECIPHER_ONLY 

Definition at line 18 of file key_constraint.h.

The two types of signature format supported by Botan.

Enumerator
IEEE_1363 
DER_SEQUENCE 

Definition at line 24 of file pubkey.h.

The two types of X509 encoding supported by Botan.

Enumerator
RAW_BER 
PEM 

Definition at line 21 of file x509_key.h.

Function Documentation

BigInt Botan::abs ( const BigInt &  n)
inline

Return the absolute value

Parameters
nan integer
Returns
absolute value of n

Definition at line 44 of file numthry.h.

References Botan::BigInt::abs().

44 { return n.abs(); }
std::map< std::string, double > BOTAN_DLL Botan::algorithm_benchmark ( const std::string &  name,
Algorithm_Factory &  af,
RandomNumberGenerator &  rng,
std::chrono::milliseconds  milliseconds,
size_t  buf_size 
)

Algorithm benchmark

Parameters
namethe name of the algorithm to test (cipher, hash, or MAC)
afthe algorithm factory used to create objects
rngthe rng to use to generate random inputs
millisecondstotal time for the benchmark to run
buf_sizesize of buffer to benchmark against, in KiB
Returns
results a map from provider to speed in mebibytes per second

Definition at line 136 of file benchmark.cpp.

References Botan::Algorithm_Factory::providers_of(), and time_algorithm_ops().

141  {
142  const std::vector<std::string> providers = af.providers_of(name);
143 
144  std::map<std::string, double> all_results; // provider -> ops/sec
145 
146  if(!providers.empty())
147  {
148  const std::chrono::nanoseconds ns_per_provider = milliseconds / providers.size();
149 
150  for(auto provider : providers)
151  {
152  auto results = time_algorithm_ops(name, af, provider, rng, ns_per_provider, buf_size);
153  all_results[provider] = find_first_in(results, { "", "update", "encrypt" });
154  }
155  }
156 
157  return all_results;
158  }
std::map< std::string, double > time_algorithm_ops(const std::string &name, Algorithm_Factory &af, const std::string &provider, RandomNumberGenerator &rng, std::chrono::nanoseconds runtime, size_t buf_size)
Definition: benchmark.cpp:42
BOTAN_DLL std::map< std::string, bool > Botan::algorithm_kat ( const SCAN_Name &  algo_name,
const std::map< std::string, std::string > &  vars,
Algorithm_Factory &  af 
)

Run a set of algorithm KATs (known answer tests)

Parameters
algo_namethe algorithm we are testing
varsa set of input variables for this test, all hex encoded. Keys used: "input", "output", "key", and "iv"
afan algorithm factory
Returns
map from provider name to test result for that provider

Definition at line 149 of file selftest.cpp.

References algorithm_kat_detailed().

152  {
153  const auto result = algorithm_kat_detailed(algo_name, vars, af);
154 
155  std::map<std::string, bool> pass_or_fail;
156 
157  for(auto i : result)
158  pass_or_fail[i.first] = (i.second == "passed");
159 
160  return pass_or_fail;
161  }
std::map< std::string, std::string > algorithm_kat_detailed(const SCAN_Name &algo_name, const std::map< std::string, std::string > &vars, Algorithm_Factory &af)
Definition: selftest.cpp:52
std::string algo_name
Definition: ossl_md.cpp:41
BOTAN_DLL std::map< std::string, std::string > Botan::algorithm_kat_detailed ( const SCAN_Name &  algo_name,
const std::map< std::string, std::string > &  vars,
Algorithm_Factory &  af 
)

Run a set of algorithm KATs (known answer tests)

Parameters
algo_namethe algorithm we are testing
varsa set of input variables for this test, all hex encoded. Keys used: "input", "output", "key", and "iv"
afan algorithm factory
Returns
map from provider name to test result for that provider

Definition at line 52 of file selftest.cpp.

References Botan::SCAN_Name::algo_name_and_args(), Botan::SCAN_Name::cipher_mode(), Botan::SCAN_Name::cipher_mode_pad(), DECRYPTION, ENCRYPTION, get_cipher_mode(), hex_decode(), Botan::OctetString::length(), Botan::Algorithm_Factory::prototype_block_cipher(), Botan::Algorithm_Factory::prototype_hash_function(), Botan::Algorithm_Factory::prototype_mac(), Botan::Algorithm_Factory::prototype_stream_cipher(), Botan::Algorithm_Factory::providers_of(), search_map(), Botan::Keyed_Filter::set_iv(), Botan::Keyed_Filter::set_key(), and Botan::Keyed_Filter::valid_iv_length().

Referenced by algorithm_kat().

55  {
56  const std::string& algo = algo_name.algo_name_and_args();
57 
58  std::vector<std::string> providers = af.providers_of(algo);
59  std::map<std::string, std::string> all_results;
60 
61  if(providers.empty()) // no providers, nothing to do
62  return all_results;
63 
64  const std::string input = search_map(vars, std::string("input"));
65  const std::string output = search_map(vars, std::string("output"));
66 
67  SymmetricKey key(search_map(vars, std::string("key")));
68  InitializationVector iv(search_map(vars, std::string("iv")));
69 
70  for(size_t i = 0; i != providers.size(); ++i)
71  {
72  const std::string provider = providers[i];
73 
74  if(const HashFunction* proto =
75  af.prototype_hash_function(algo, provider))
76  {
77  Filter* filt = new Hash_Filter(proto->clone());
78  all_results[provider] = test_filter_kat(filt, input, output);
79  }
80  else if(const MessageAuthenticationCode* proto =
81  af.prototype_mac(algo, provider))
82  {
83  Keyed_Filter* filt = new MAC_Filter(proto->clone(), key);
84  all_results[provider] = test_filter_kat(filt, input, output);
85  }
86  else if(const StreamCipher* proto =
87  af.prototype_stream_cipher(algo, provider))
88  {
89  Keyed_Filter* filt = new StreamCipher_Filter(proto->clone());
90  filt->set_key(key);
91  filt->set_iv(iv);
92 
93  all_results[provider] = test_filter_kat(filt, input, output);
94  }
95  else if(const BlockCipher* proto =
96  af.prototype_block_cipher(algo, provider))
97  {
98  Keyed_Filter* enc = get_cipher_mode(proto, ENCRYPTION,
99  algo_name.cipher_mode(),
100  algo_name.cipher_mode_pad());
101 
102  Keyed_Filter* dec = get_cipher_mode(proto, DECRYPTION,
103  algo_name.cipher_mode(),
104  algo_name.cipher_mode_pad());
105 
106  if(!enc || !dec)
107  {
108  delete enc;
109  delete dec;
110  continue;
111  }
112 
113  enc->set_key(key);
114 
115  if(enc->valid_iv_length(iv.length()))
116  enc->set_iv(iv);
117  else if(!enc->valid_iv_length(0))
118  throw Invalid_IV_Length(algo, iv.length());
119 
120  dec->set_key(key);
121 
122  if(dec->valid_iv_length(iv.length()))
123  dec->set_iv(iv);
124  else if(!dec->valid_iv_length(0))
125  throw Invalid_IV_Length(algo, iv.length());
126 
127  const std::vector<byte> ad = hex_decode(search_map(vars, std::string("ad")));
128 
129  if(!ad.empty())
130  {
131  if(AEAD_Filter* enc_aead = dynamic_cast<AEAD_Filter*>(enc))
132  {
133  enc_aead->set_associated_data(&ad[0], ad.size());
134 
135  if(AEAD_Filter* dec_aead = dynamic_cast<AEAD_Filter*>(dec))
136  dec_aead->set_associated_data(&ad[0], ad.size());
137  }
138  }
139 
140  all_results[provider + " (encrypt)"] = test_filter_kat(enc, input, output);
141  all_results[provider + " (decrypt)"] = test_filter_kat(dec, output, input);
142  }
143  }
144 
145  return all_results;
146  }
V search_map(const std::map< K, V > &mapping, const K &key, const V &null_result=V())
Definition: stl_util.h:31
size_t hex_decode(byte output[], const char input[], size_t input_length, size_t &input_consumed, bool ignore_ws)
Definition: hex.cpp:49
virtual void set_key(const SymmetricKey &key)=0
OctetString SymmetricKey
Definition: symkey.h:134
std::string algo_name
Definition: ossl_md.cpp:41
Keyed_Filter * get_cipher_mode(const BlockCipher *block_cipher, Cipher_Dir direction, const std::string &mode, const std::string &padding)
Definition: core_modes.cpp:91
OctetString InitializationVector
Definition: symkey.h:139
void BOTAN_DLL Botan::aont_package ( RandomNumberGenerator &  rng,
BlockCipher *  cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform

Parameters
rngthe random number generator to use
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len + cipher->BLOCK_SIZE bytes long)

Definition at line 17 of file package.cpp.

References Botan::OctetString::begin(), Botan::BlockCipher::block_size(), clear_mem(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

21  {
22  const size_t BLOCK_SIZE = cipher->block_size();
23 
24  if(!cipher->valid_keylength(BLOCK_SIZE))
25  throw Invalid_Argument("AONT::package: Invalid cipher");
26 
27  // The all-zero string which is used both as the CTR IV and as K0
28  const std::string all_zeros(BLOCK_SIZE*2, '0');
29 
30  SymmetricKey package_key(rng, BLOCK_SIZE);
31 
32  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
33 
34  pipe.process_msg(input, input_len);
35  pipe.read(output, pipe.remaining());
36 
37  // Set K0 (the all zero key)
38  cipher->set_key(SymmetricKey(all_zeros));
39 
40  secure_vector<byte> buf(BLOCK_SIZE);
41 
42  const size_t blocks =
43  (input_len + BLOCK_SIZE - 1) / BLOCK_SIZE;
44 
45  byte* final_block = output + input_len;
46  clear_mem(final_block, BLOCK_SIZE);
47 
48  // XOR the hash blocks into the final block
49  for(size_t i = 0; i != blocks; ++i)
50  {
51  const size_t left = std::min<size_t>(BLOCK_SIZE,
52  input_len - BLOCK_SIZE * i);
53 
54  zeroise(buf);
55  copy_mem(&buf[0], output + (BLOCK_SIZE * i), left);
56 
57  for(size_t j = 0; j != sizeof(i); ++j)
58  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
59 
60  cipher->encrypt(&buf[0]);
61 
62  xor_buf(&final_block[0], &buf[0], BLOCK_SIZE);
63  }
64 
65  // XOR the random package key into the final block
66  xor_buf(&final_block[0], package_key.begin(), BLOCK_SIZE);
67  }
void xor_buf(T out[], const T in[], size_t length)
Definition: xor_buf.h:23
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
OctetString SymmetricKey
Definition: symkey.h:134
uint8_t byte
Definition: types.h:30
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:166
void BOTAN_DLL Botan::aont_unpackage ( BlockCipher *  cipher,
const byte  input[],
size_t  input_len,
byte  output[] 
)

Rivest's Package Tranform (Inversion)

Parameters
cipherthe block cipher to use
inputthe input data buffer
input_lenthe length of the input data in bytes
outputthe output data buffer (must be at least input_len - cipher->BLOCK_SIZE bytes long)

Definition at line 69 of file package.cpp.

References Botan::BlockCipher::block_size(), copy_mem(), Botan::BlockCipher::encrypt(), get_byte(), Botan::Pipe::process_msg(), Botan::Pipe::read(), Botan::Pipe::remaining(), Botan::SymmetricAlgorithm::set_key(), Botan::SymmetricAlgorithm::valid_keylength(), xor_buf(), and zeroise().

72  {
73  const size_t BLOCK_SIZE = cipher->block_size();
74 
75  if(!cipher->valid_keylength(BLOCK_SIZE))
76  throw Invalid_Argument("AONT::unpackage: Invalid cipher");
77 
78  if(input_len < BLOCK_SIZE)
79  throw Invalid_Argument("AONT::unpackage: Input too short");
80 
81  // The all-zero string which is used both as the CTR IV and as K0
82  const std::string all_zeros(BLOCK_SIZE*2, '0');
83 
84  cipher->set_key(SymmetricKey(all_zeros));
85 
86  secure_vector<byte> package_key(BLOCK_SIZE);
87  secure_vector<byte> buf(BLOCK_SIZE);
88 
89  // Copy the package key (masked with the block hashes)
90  copy_mem(&package_key[0],
91  input + (input_len - BLOCK_SIZE),
92  BLOCK_SIZE);
93 
94  const size_t blocks = ((input_len - 1) / BLOCK_SIZE);
95 
96  // XOR the blocks into the package key bits
97  for(size_t i = 0; i != blocks; ++i)
98  {
99  const size_t left = std::min<size_t>(BLOCK_SIZE,
100  input_len - BLOCK_SIZE * (i+1));
101 
102  zeroise(buf);
103  copy_mem(&buf[0], input + (BLOCK_SIZE * i), left);
104 
105  for(size_t j = 0; j != sizeof(i); ++j)
106  buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
107 
108  cipher->encrypt(&buf[0]);
109 
110  xor_buf(&package_key[0], &buf[0], BLOCK_SIZE);
111  }
112 
113  Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
114 
115  pipe.process_msg(input, input_len - BLOCK_SIZE);
116 
117  pipe.read(output, pipe.remaining());
118  }
void xor_buf(T out[], const T in[], size_t length)
Definition: xor_buf.h:23
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
OctetString SymmetricKey
Definition: symkey.h:134
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:166
void BOTAN_DLL Botan::assertion_failure ( const char *  expr_str,
const char *  assertion_made,
const char *  func,
const char *  file,
int  line 
)

Called when an assertion fails

Definition at line 13 of file assert.cpp.

18  {
19  std::ostringstream format;
20 
21  format << "False assertion ";
22 
23  if(assertion_made && assertion_made[0] != 0)
24  format << "'" << assertion_made << "' (expression " << expr_str << ") ";
25  else
26  format << expr_str << " ";
27 
28  if(func)
29  format << "in " << func << " ";
30 
31  format << "@" << file << ":" << line;
32 
33  throw std::runtime_error(format.str());
34  }
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding is allowed
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 94 of file base64.cpp.

References clear_mem().

Referenced by base64_decode(), Botan::Base64_Decoder::end_msg(), Botan::SRP6_Authenticator_File::SRP6_Authenticator_File(), and Botan::Base64_Decoder::write().

100  {
101  /*
102  * Base64 Decoder Lookup Table
103  * Warning: assumes ASCII encodings
104  */
105  static const byte BASE64_TO_BIN[256] = {
106  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80,
107  0x80, 0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
108  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
109  0xFF, 0xFF, 0x80, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
110  0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35,
111  0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
112  0xFF, 0x81, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
113  0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
114  0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
115  0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
116  0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
117  0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
118  0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
119  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
120  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
121  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
122  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
123  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
124  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
125  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
126  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
127  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
128  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
129  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
130  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
131  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
132 
133  byte* out_ptr = output;
134  byte decode_buf[4];
135  size_t decode_buf_pos = 0;
136  size_t final_truncate = 0;
137 
138  clear_mem(output, input_length * 3 / 4);
139 
140  for(size_t i = 0; i != input_length; ++i)
141  {
142  const byte bin = BASE64_TO_BIN[static_cast<byte>(input[i])];
143 
144  if(bin <= 0x3F)
145  {
146  decode_buf[decode_buf_pos] = bin;
147  decode_buf_pos += 1;
148  }
149  else if(!(bin == 0x81 || (bin == 0x80 && ignore_ws)))
150  {
151  std::string bad_char(1, input[i]);
152  if(bad_char == "\t")
153  bad_char = "\\t";
154  else if(bad_char == "\n")
155  bad_char = "\\n";
156  else if(bad_char == "\r")
157  bad_char = "\\r";
158 
159  throw std::invalid_argument(
160  std::string("base64_decode: invalid base64 character '") +
161  bad_char + "'");
162  }
163 
164  /*
165  * If we're at the end of the input, pad with 0s and truncate
166  */
167  if(final_inputs && (i == input_length - 1))
168  {
169  if(decode_buf_pos)
170  {
171  for(size_t i = decode_buf_pos; i != 4; ++i)
172  decode_buf[i] = 0;
173  final_truncate = (4 - decode_buf_pos);
174  decode_buf_pos = 4;
175  }
176  }
177 
178  if(decode_buf_pos == 4)
179  {
180  out_ptr[0] = (decode_buf[0] << 2) | (decode_buf[1] >> 4);
181  out_ptr[1] = (decode_buf[1] << 4) | (decode_buf[2] >> 2);
182  out_ptr[2] = (decode_buf[2] << 6) | decode_buf[3];
183 
184  out_ptr += 3;
185  decode_buf_pos = 0;
186  input_consumed = i+1;
187  }
188  }
189 
190  while(input_consumed < input_length &&
191  BASE64_TO_BIN[static_cast<byte>(input[input_consumed])] == 0x80)
192  {
193  ++input_consumed;
194  }
195 
196  size_t written = (out_ptr - output) - final_truncate;
197 
198  return written;
199  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
uint8_t byte
Definition: types.h:30
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length*3/4 bytes
inputsome base64 input
input_lengthlength of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 201 of file base64.cpp.

References base64_decode().

205  {
206  size_t consumed = 0;
207  size_t written = base64_decode(output, input, input_length,
208  consumed, true, ignore_ws);
209 
210  if(consumed != input_length)
211  throw std::invalid_argument("base64_decode: input did not have full bytes");
212 
213  return written;
214  }
secure_vector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:238
size_t BOTAN_DLL Botan::base64_decode ( byte  output[],
const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
outputan array of at least input_length/3*4 bytes
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
number of bytes written to output

Definition at line 216 of file base64.cpp.

References base64_decode().

219  {
220  return base64_decode(output, &input[0], input.length(), ignore_ws);
221  }
secure_vector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:238
secure_vector< byte > BOTAN_DLL Botan::base64_decode ( const char  input[],
size_t  input_length,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
input_lengththe length of input in bytes
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 223 of file base64.cpp.

References base64_decode().

226  {
227  secure_vector<byte> bin((round_up<size_t>(input_length, 4) * 3) / 4);
228 
229  size_t written = base64_decode(&bin[0],
230  input,
231  input_length,
232  ignore_ws);
233 
234  bin.resize(written);
235  return bin;
236  }
secure_vector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:238
secure_vector< byte > BOTAN_DLL Botan::base64_decode ( const std::string &  input,
bool  ignore_ws = true 
)

Perform base64 decoding

Parameters
inputsome base64 input
ignore_wsignore whitespace on input; if false, throw an exception if whitespace is encountered
Returns
decoded base64 output

Definition at line 238 of file base64.cpp.

References base64_decode().

240  {
241  return base64_decode(&input[0], input.size(), ignore_ws);
242  }
secure_vector< byte > base64_decode(const std::string &input, bool ignore_ws)
Definition: base64.cpp:238
size_t BOTAN_DLL Botan::base64_encode ( char  output[],
const byte  input[],
size_t  input_length,
size_t &  input_consumed,
bool  final_inputs 
)

Perform base64 encoding

Parameters
outputan array of at least input_length*4/3 bytes
inputis some binary data
input_lengthlength of input in bytes
input_consumedis an output parameter which says how many bytes of input were actually consumed. If less than input_length, then the range input[consumed:length] should be passed in later along with more input.
final_inputstrue iff this is the last input, in which case padding chars will be applied if needed
Returns
number of bytes written to output

Definition at line 35 of file base64.cpp.

Referenced by Botan::OCSP::Request::base64_encode(), and base64_encode().

40  {
41  input_consumed = 0;
42 
43  size_t input_remaining = input_length;
44  size_t output_produced = 0;
45 
46  while(input_remaining >= 3)
47  {
48  do_base64_encode(out + output_produced, in + input_consumed);
49 
50  input_consumed += 3;
51  output_produced += 4;
52  input_remaining -= 3;
53  }
54 
55  if(final_inputs && input_remaining)
56  {
57  byte remainder[3] = { 0 };
58  for(size_t i = 0; i != input_remaining; ++i)
59  remainder[i] = in[input_consumed + i];
60 
61  do_base64_encode(out + output_produced, remainder);
62 
63  size_t empty_bits = 8 * (3 - input_remaining);
64  size_t index = output_produced + 4 - 1;
65  while(empty_bits >= 8)
66  {
67  out[index--] = '=';
68  empty_bits -= 6;
69  }
70 
71  input_consumed += input_remaining;
72  output_produced += 4;
73  }
74 
75  return output_produced;
76  }
uint8_t byte
Definition: types.h:30
template<typename Alloc >
std::string Botan::base64_encode ( const std::vector< byte, Alloc > &  input)

Perform base64 encoding

Parameters
inputsome input
Returns
base64adecimal representation of input

Definition at line 50 of file base64.h.

References base64_encode().

51  {
52  return base64_encode(&input[0], input.size());
53  }
std::string base64_encode(const std::vector< byte, Alloc > &input)
Definition: base64.h:50
std::string BOTAN_DLL Botan::base64_encode ( const byte  input[],
size_t  input_length 
)

Perform base64 encoding

Parameters
inputsome input
input_lengthlength of input in bytes
Returns
base64adecimal representation of input

Definition at line 78 of file base64.cpp.

References base64_encode(), and BOTAN_ASSERT_EQUAL.

80  {
81  std::string output((round_up<size_t>(input_length, 3) / 3) * 4, 0);
82 
83  size_t consumed = 0;
84  size_t produced = base64_encode(&output[0],
85  input, input_length,
86  consumed, true);
87 
88  BOTAN_ASSERT_EQUAL(consumed, input_length, "Consumed the entire input");
89  BOTAN_ASSERT_EQUAL(produced, output.size(), "Produced expected size");
90 
91  return output;
92  }
std::string base64_encode(const byte input[], size_t input_length)
Definition: base64.cpp:78
#define BOTAN_ASSERT_EQUAL(expr1, expr2, assertion_made)
Definition: assert.h:40
void Botan::bigint_add2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand addition

Parameters
xthe first operand (and output)
x_sizesize of x
ythe second operand
y_sizesize of y (must be >= x_size)

Definition at line 70 of file mp_asm.cpp.

References bigint_add2_nc().

Referenced by mul_add(), Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

71  {
72  if(bigint_add2_nc(x, x_size, y, y_size))
73  x[x_size] += 1;
74  }
word bigint_add2_nc(word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:22
word Botan::bigint_add2_nc ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand addition with carry out

Definition at line 22 of file mp_asm.cpp.

References BOTAN_ASSERT, word8_add2(), and word_add().

Referenced by bigint_add2().

23  {
24  word carry = 0;
25 
26  BOTAN_ASSERT(x_size >= y_size, "Expected sizes");
27 
28  const size_t blocks = y_size - (y_size % 8);
29 
30  for(size_t i = 0; i != blocks; i += 8)
31  carry = word8_add2(x + i, y + i, carry);
32 
33  for(size_t i = blocks; i != y_size; ++i)
34  x[i] = word_add(x[i], y[i], &carry);
35 
36  for(size_t i = y_size; i != x_size; ++i)
37  x[i] = word_add(x[i], 0, &carry);
38 
39  return carry;
40  }
word word8_add2(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:33
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
void Botan::bigint_add3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand addition

Definition at line 79 of file mp_asm.cpp.

References bigint_add3_nc().

Referenced by operator+(), and operator-().

81  {
82  z[(x_size > y_size ? x_size : y_size)] +=
83  bigint_add3_nc(z, x, x_size, y, y_size);
84  }
word bigint_add3_nc(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:45
word Botan::bigint_add3_nc ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand addition with carry out

Definition at line 45 of file mp_asm.cpp.

References word8_add3(), and word_add().

Referenced by bigint_add3().

47  {
48  if(x_size < y_size)
49  { return bigint_add3_nc(z, y, y_size, x, x_size); }
50 
51  word carry = 0;
52 
53  const size_t blocks = y_size - (y_size % 8);
54 
55  for(size_t i = 0; i != blocks; i += 8)
56  carry = word8_add3(z + i, x + i, y + i, carry);
57 
58  for(size_t i = blocks; i != y_size; ++i)
59  z[i] = word_add(x[i], y[i], &carry);
60 
61  for(size_t i = y_size; i != x_size; ++i)
62  z[i] = word_add(x[i], 0, &carry);
63 
64  return carry;
65  }
word bigint_add3_nc(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_asm.cpp:45
word word8_add3(word z[8], const word x[8], const word y[8], word carry)
Definition: mp_asmi.h:49
word word_add(word x, word y, word *carry)
Definition: mp_asmi.h:21
s32bit Botan::bigint_cmp ( const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Compare x and y

Definition at line 18 of file mp_misc.cpp.

Referenced by Botan::BigInt::cmp(), operator+(), Botan::BigInt::operator+=(), operator-(), and Botan::BigInt::operator-=().

20  {
21  if(x_size < y_size) { return (-bigint_cmp(y, y_size, x, x_size)); }
22 
23  while(x_size > y_size)
24  {
25  if(x[x_size-1])
26  return 1;
27  x_size--;
28  }
29 
30  for(size_t i = x_size; i > 0; --i)
31  {
32  if(x[i-1] > y[i-1])
33  return 1;
34  if(x[i-1] < y[i-1])
35  return -1;
36  }
37 
38  return 0;
39  }
s32bit bigint_cmp(const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_misc.cpp:18
void Botan::bigint_comba_mul16 ( word  z[32],
const word  x[16],
const word  y[16] 
)

Definition at line 594 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

595  {
596  word w2 = 0, w1 = 0, w0 = 0;
597 
598  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
599  z[ 0] = w0; w0 = 0;
600 
601  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
602  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
603  z[ 1] = w1; w1 = 0;
604 
605  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
606  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
607  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
608  z[ 2] = w2; w2 = 0;
609 
610  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
611  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
612  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
613  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
614  z[ 3] = w0; w0 = 0;
615 
616  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
617  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
618  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
619  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
620  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
621  z[ 4] = w1; w1 = 0;
622 
623  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
624  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
625  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
626  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
627  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
628  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
629  z[ 5] = w2; w2 = 0;
630 
631  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
632  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
633  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
634  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
635  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
636  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
637  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
638  z[ 6] = w0; w0 = 0;
639 
640  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
641  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
642  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
643  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
644  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
645  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
646  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
647  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
648  z[ 7] = w1; w1 = 0;
649 
650  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 8]);
651  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
652  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
653  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
654  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
655  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
656  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
657  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
658  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 0]);
659  z[ 8] = w2; w2 = 0;
660 
661  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 9]);
662  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 8]);
663  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
664  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
665  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
666  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
667  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
668  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
669  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 1]);
670  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 0]);
671  z[ 9] = w0; w0 = 0;
672 
673  word3_muladd(&w0, &w2, &w1, x[ 0], y[10]);
674  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 9]);
675  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 8]);
676  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
677  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
678  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
679  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
680  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
681  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 2]);
682  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 1]);
683  word3_muladd(&w0, &w2, &w1, x[10], y[ 0]);
684  z[10] = w1; w1 = 0;
685 
686  word3_muladd(&w1, &w0, &w2, x[ 0], y[11]);
687  word3_muladd(&w1, &w0, &w2, x[ 1], y[10]);
688  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 9]);
689  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 8]);
690  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
691  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
692  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
693  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
694  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 3]);
695  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 2]);
696  word3_muladd(&w1, &w0, &w2, x[10], y[ 1]);
697  word3_muladd(&w1, &w0, &w2, x[11], y[ 0]);
698  z[11] = w2; w2 = 0;
699 
700  word3_muladd(&w2, &w1, &w0, x[ 0], y[12]);
701  word3_muladd(&w2, &w1, &w0, x[ 1], y[11]);
702  word3_muladd(&w2, &w1, &w0, x[ 2], y[10]);
703  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 9]);
704  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 8]);
705  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
706  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
707  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
708  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 4]);
709  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 3]);
710  word3_muladd(&w2, &w1, &w0, x[10], y[ 2]);
711  word3_muladd(&w2, &w1, &w0, x[11], y[ 1]);
712  word3_muladd(&w2, &w1, &w0, x[12], y[ 0]);
713  z[12] = w0; w0 = 0;
714 
715  word3_muladd(&w0, &w2, &w1, x[ 0], y[13]);
716  word3_muladd(&w0, &w2, &w1, x[ 1], y[12]);
717  word3_muladd(&w0, &w2, &w1, x[ 2], y[11]);
718  word3_muladd(&w0, &w2, &w1, x[ 3], y[10]);
719  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 9]);
720  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 8]);
721  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
722  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
723  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 5]);
724  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 4]);
725  word3_muladd(&w0, &w2, &w1, x[10], y[ 3]);
726  word3_muladd(&w0, &w2, &w1, x[11], y[ 2]);
727  word3_muladd(&w0, &w2, &w1, x[12], y[ 1]);
728  word3_muladd(&w0, &w2, &w1, x[13], y[ 0]);
729  z[13] = w1; w1 = 0;
730 
731  word3_muladd(&w1, &w0, &w2, x[ 0], y[14]);
732  word3_muladd(&w1, &w0, &w2, x[ 1], y[13]);
733  word3_muladd(&w1, &w0, &w2, x[ 2], y[12]);
734  word3_muladd(&w1, &w0, &w2, x[ 3], y[11]);
735  word3_muladd(&w1, &w0, &w2, x[ 4], y[10]);
736  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 9]);
737  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 8]);
738  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
739  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 6]);
740  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 5]);
741  word3_muladd(&w1, &w0, &w2, x[10], y[ 4]);
742  word3_muladd(&w1, &w0, &w2, x[11], y[ 3]);
743  word3_muladd(&w1, &w0, &w2, x[12], y[ 2]);
744  word3_muladd(&w1, &w0, &w2, x[13], y[ 1]);
745  word3_muladd(&w1, &w0, &w2, x[14], y[ 0]);
746  z[14] = w2; w2 = 0;
747 
748  word3_muladd(&w2, &w1, &w0, x[ 0], y[15]);
749  word3_muladd(&w2, &w1, &w0, x[ 1], y[14]);
750  word3_muladd(&w2, &w1, &w0, x[ 2], y[13]);
751  word3_muladd(&w2, &w1, &w0, x[ 3], y[12]);
752  word3_muladd(&w2, &w1, &w0, x[ 4], y[11]);
753  word3_muladd(&w2, &w1, &w0, x[ 5], y[10]);
754  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 9]);
755  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 8]);
756  word3_muladd(&w2, &w1, &w0, x[ 8], y[ 7]);
757  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 6]);
758  word3_muladd(&w2, &w1, &w0, x[10], y[ 5]);
759  word3_muladd(&w2, &w1, &w0, x[11], y[ 4]);
760  word3_muladd(&w2, &w1, &w0, x[12], y[ 3]);
761  word3_muladd(&w2, &w1, &w0, x[13], y[ 2]);
762  word3_muladd(&w2, &w1, &w0, x[14], y[ 1]);
763  word3_muladd(&w2, &w1, &w0, x[15], y[ 0]);
764  z[15] = w0; w0 = 0;
765 
766  word3_muladd(&w0, &w2, &w1, x[ 1], y[15]);
767  word3_muladd(&w0, &w2, &w1, x[ 2], y[14]);
768  word3_muladd(&w0, &w2, &w1, x[ 3], y[13]);
769  word3_muladd(&w0, &w2, &w1, x[ 4], y[12]);
770  word3_muladd(&w0, &w2, &w1, x[ 5], y[11]);
771  word3_muladd(&w0, &w2, &w1, x[ 6], y[10]);
772  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 9]);
773  word3_muladd(&w0, &w2, &w1, x[ 8], y[ 8]);
774  word3_muladd(&w0, &w2, &w1, x[ 9], y[ 7]);
775  word3_muladd(&w0, &w2, &w1, x[10], y[ 6]);
776  word3_muladd(&w0, &w2, &w1, x[11], y[ 5]);
777  word3_muladd(&w0, &w2, &w1, x[12], y[ 4]);
778  word3_muladd(&w0, &w2, &w1, x[13], y[ 3]);
779  word3_muladd(&w0, &w2, &w1, x[14], y[ 2]);
780  word3_muladd(&w0, &w2, &w1, x[15], y[ 1]);
781  z[16] = w1; w1 = 0;
782 
783  word3_muladd(&w1, &w0, &w2, x[ 2], y[15]);
784  word3_muladd(&w1, &w0, &w2, x[ 3], y[14]);
785  word3_muladd(&w1, &w0, &w2, x[ 4], y[13]);
786  word3_muladd(&w1, &w0, &w2, x[ 5], y[12]);
787  word3_muladd(&w1, &w0, &w2, x[ 6], y[11]);
788  word3_muladd(&w1, &w0, &w2, x[ 7], y[10]);
789  word3_muladd(&w1, &w0, &w2, x[ 8], y[ 9]);
790  word3_muladd(&w1, &w0, &w2, x[ 9], y[ 8]);
791  word3_muladd(&w1, &w0, &w2, x[10], y[ 7]);
792  word3_muladd(&w1, &w0, &w2, x[11], y[ 6]);
793  word3_muladd(&w1, &w0, &w2, x[12], y[ 5]);
794  word3_muladd(&w1, &w0, &w2, x[13], y[ 4]);
795  word3_muladd(&w1, &w0, &w2, x[14], y[ 3]);
796  word3_muladd(&w1, &w0, &w2, x[15], y[ 2]);
797  z[17] = w2; w2 = 0;
798 
799  word3_muladd(&w2, &w1, &w0, x[ 3], y[15]);
800  word3_muladd(&w2, &w1, &w0, x[ 4], y[14]);
801  word3_muladd(&w2, &w1, &w0, x[ 5], y[13]);
802  word3_muladd(&w2, &w1, &w0, x[ 6], y[12]);
803  word3_muladd(&w2, &w1, &w0, x[ 7], y[11]);
804  word3_muladd(&w2, &w1, &w0, x[ 8], y[10]);
805  word3_muladd(&w2, &w1, &w0, x[ 9], y[ 9]);
806  word3_muladd(&w2, &w1, &w0, x[10], y[ 8]);
807  word3_muladd(&w2, &w1, &w0, x[11], y[ 7]);
808  word3_muladd(&w2, &w1, &w0, x[12], y[ 6]);
809  word3_muladd(&w2, &w1, &w0, x[13], y[ 5]);
810  word3_muladd(&w2, &w1, &w0, x[14], y[ 4]);
811  word3_muladd(&w2, &w1, &w0, x[15], y[ 3]);
812  z[18] = w0; w0 = 0;
813 
814  word3_muladd(&w0, &w2, &w1, x[ 4], y[15]);
815  word3_muladd(&w0, &w2, &w1, x[ 5], y[14]);
816  word3_muladd(&w0, &w2, &w1, x[ 6], y[13]);
817  word3_muladd(&w0, &w2, &w1, x[ 7], y[12]);
818  word3_muladd(&w0, &w2, &w1, x[ 8], y[11]);
819  word3_muladd(&w0, &w2, &w1, x[ 9], y[10]);
820  word3_muladd(&w0, &w2, &w1, x[10], y[ 9]);
821  word3_muladd(&w0, &w2, &w1, x[11], y[ 8]);
822  word3_muladd(&w0, &w2, &w1, x[12], y[ 7]);
823  word3_muladd(&w0, &w2, &w1, x[13], y[ 6]);
824  word3_muladd(&w0, &w2, &w1, x[14], y[ 5]);
825  word3_muladd(&w0, &w2, &w1, x[15], y[ 4]);
826  z[19] = w1; w1 = 0;
827 
828  word3_muladd(&w1, &w0, &w2, x[ 5], y[15]);
829  word3_muladd(&w1, &w0, &w2, x[ 6], y[14]);
830  word3_muladd(&w1, &w0, &w2, x[ 7], y[13]);
831  word3_muladd(&w1, &w0, &w2, x[ 8], y[12]);
832  word3_muladd(&w1, &w0, &w2, x[ 9], y[11]);
833  word3_muladd(&w1, &w0, &w2, x[10], y[10]);
834  word3_muladd(&w1, &w0, &w2, x[11], y[ 9]);
835  word3_muladd(&w1, &w0, &w2, x[12], y[ 8]);
836  word3_muladd(&w1, &w0, &w2, x[13], y[ 7]);
837  word3_muladd(&w1, &w0, &w2, x[14], y[ 6]);
838  word3_muladd(&w1, &w0, &w2, x[15], y[ 5]);
839  z[20] = w2; w2 = 0;
840 
841  word3_muladd(&w2, &w1, &w0, x[ 6], y[15]);
842  word3_muladd(&w2, &w1, &w0, x[ 7], y[14]);
843  word3_muladd(&w2, &w1, &w0, x[ 8], y[13]);
844  word3_muladd(&w2, &w1, &w0, x[ 9], y[12]);
845  word3_muladd(&w2, &w1, &w0, x[10], y[11]);
846  word3_muladd(&w2, &w1, &w0, x[11], y[10]);
847  word3_muladd(&w2, &w1, &w0, x[12], y[ 9]);
848  word3_muladd(&w2, &w1, &w0, x[13], y[ 8]);
849  word3_muladd(&w2, &w1, &w0, x[14], y[ 7]);
850  word3_muladd(&w2, &w1, &w0, x[15], y[ 6]);
851  z[21] = w0; w0 = 0;
852 
853  word3_muladd(&w0, &w2, &w1, x[ 7], y[15]);
854  word3_muladd(&w0, &w2, &w1, x[ 8], y[14]);
855  word3_muladd(&w0, &w2, &w1, x[ 9], y[13]);
856  word3_muladd(&w0, &w2, &w1, x[10], y[12]);
857  word3_muladd(&w0, &w2, &w1, x[11], y[11]);
858  word3_muladd(&w0, &w2, &w1, x[12], y[10]);
859  word3_muladd(&w0, &w2, &w1, x[13], y[ 9]);
860  word3_muladd(&w0, &w2, &w1, x[14], y[ 8]);
861  word3_muladd(&w0, &w2, &w1, x[15], y[ 7]);
862  z[22] = w1; w1 = 0;
863 
864  word3_muladd(&w1, &w0, &w2, x[ 8], y[15]);
865  word3_muladd(&w1, &w0, &w2, x[ 9], y[14]);
866  word3_muladd(&w1, &w0, &w2, x[10], y[13]);
867  word3_muladd(&w1, &w0, &w2, x[11], y[12]);
868  word3_muladd(&w1, &w0, &w2, x[12], y[11]);
869  word3_muladd(&w1, &w0, &w2, x[13], y[10]);
870  word3_muladd(&w1, &w0, &w2, x[14], y[ 9]);
871  word3_muladd(&w1, &w0, &w2, x[15], y[ 8]);
872  z[23] = w2; w2 = 0;
873 
874  word3_muladd(&w2, &w1, &w0, x[ 9], y[15]);
875  word3_muladd(&w2, &w1, &w0, x[10], y[14]);
876  word3_muladd(&w2, &w1, &w0, x[11], y[13]);
877  word3_muladd(&w2, &w1, &w0, x[12], y[12]);
878  word3_muladd(&w2, &w1, &w0, x[13], y[11]);
879  word3_muladd(&w2, &w1, &w0, x[14], y[10]);
880  word3_muladd(&w2, &w1, &w0, x[15], y[ 9]);
881  z[24] = w0; w0 = 0;
882 
883  word3_muladd(&w0, &w2, &w1, x[10], y[15]);
884  word3_muladd(&w0, &w2, &w1, x[11], y[14]);
885  word3_muladd(&w0, &w2, &w1, x[12], y[13]);
886  word3_muladd(&w0, &w2, &w1, x[13], y[12]);
887  word3_muladd(&w0, &w2, &w1, x[14], y[11]);
888  word3_muladd(&w0, &w2, &w1, x[15], y[10]);
889  z[25] = w1; w1 = 0;
890 
891  word3_muladd(&w1, &w0, &w2, x[11], y[15]);
892  word3_muladd(&w1, &w0, &w2, x[12], y[14]);
893  word3_muladd(&w1, &w0, &w2, x[13], y[13]);
894  word3_muladd(&w1, &w0, &w2, x[14], y[12]);
895  word3_muladd(&w1, &w0, &w2, x[15], y[11]);
896  z[26] = w2; w2 = 0;
897 
898  word3_muladd(&w2, &w1, &w0, x[12], y[15]);
899  word3_muladd(&w2, &w1, &w0, x[13], y[14]);
900  word3_muladd(&w2, &w1, &w0, x[14], y[13]);
901  word3_muladd(&w2, &w1, &w0, x[15], y[12]);
902  z[27] = w0; w0 = 0;
903 
904  word3_muladd(&w0, &w2, &w1, x[13], y[15]);
905  word3_muladd(&w0, &w2, &w1, x[14], y[14]);
906  word3_muladd(&w0, &w2, &w1, x[15], y[13]);
907  z[28] = w1; w1 = 0;
908 
909  word3_muladd(&w1, &w0, &w2, x[14], y[15]);
910  word3_muladd(&w1, &w0, &w2, x[15], y[14]);
911  z[29] = w2; w2 = 0;
912 
913  word3_muladd(&w2, &w1, &w0, x[15], y[15]);
914  z[30] = w0;
915  z[31] = w1;
916  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul4 ( word  z[8],
const word  x[4],
const word  y[4] 
)

Definition at line 51 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

52  {
53  word w2 = 0, w1 = 0, w0 = 0;
54 
55  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
56  z[ 0] = w0; w0 = 0;
57 
58  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
59  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
60  z[ 1] = w1; w1 = 0;
61 
62  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
63  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
64  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
65  z[ 2] = w2; w2 = 0;
66 
67  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
68  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
69  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
70  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
71  z[ 3] = w0; w0 = 0;
72 
73  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
74  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
75  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
76  z[ 4] = w1; w1 = 0;
77 
78  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
79  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
80  z[ 5] = w2; w2 = 0;
81 
82  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
83  z[ 6] = w0;
84  z[ 7] = w1;
85  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul6 ( word  z[12],
const word  x[6],
const word  y[6] 
)

Definition at line 142 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

143  {
144  word w2 = 0, w1 = 0, w0 = 0;
145 
146  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
147  z[ 0] = w0; w0 = 0;
148 
149  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
150  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
151  z[ 1] = w1; w1 = 0;
152 
153  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
154  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
155  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
156  z[ 2] = w2; w2 = 0;
157 
158  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
159  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
160  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
161  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
162  z[ 3] = w0; w0 = 0;
163 
164  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
165  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
166  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
167  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
168  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
169  z[ 4] = w1; w1 = 0;
170 
171  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
172  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
173  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
174  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
175  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
176  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
177  z[ 5] = w2; w2 = 0;
178 
179  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
180  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
181  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
182  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
183  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
184  z[ 6] = w0; w0 = 0;
185 
186  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
187  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
188  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
189  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
190  z[ 7] = w1; w1 = 0;
191 
192  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
193  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
194  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
195  z[ 8] = w2; w2 = 0;
196 
197  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
198  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
199  z[ 9] = w0; w0 = 0;
200 
201  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
202  z[10] = w1;
203  z[11] = w2;
204  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_mul8 ( word  z[16],
const word  x[8],
const word  y[8] 
)

Definition at line 284 of file mp_comba.cpp.

References word3_muladd().

Referenced by bigint_mul().

285  {
286  word w2 = 0, w1 = 0, w0 = 0;
287 
288  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 0]);
289  z[ 0] = w0; w0 = 0;
290 
291  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 1]);
292  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 0]);
293  z[ 1] = w1; w1 = 0;
294 
295  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 2]);
296  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 1]);
297  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 0]);
298  z[ 2] = w2; w2 = 0;
299 
300  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 3]);
301  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 2]);
302  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 1]);
303  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 0]);
304  z[ 3] = w0; w0 = 0;
305 
306  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 4]);
307  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 3]);
308  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 2]);
309  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 1]);
310  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 0]);
311  z[ 4] = w1; w1 = 0;
312 
313  word3_muladd(&w1, &w0, &w2, x[ 0], y[ 5]);
314  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 4]);
315  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 3]);
316  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 2]);
317  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 1]);
318  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 0]);
319  z[ 5] = w2; w2 = 0;
320 
321  word3_muladd(&w2, &w1, &w0, x[ 0], y[ 6]);
322  word3_muladd(&w2, &w1, &w0, x[ 1], y[ 5]);
323  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 4]);
324  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 3]);
325  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 2]);
326  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 1]);
327  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 0]);
328  z[ 6] = w0; w0 = 0;
329 
330  word3_muladd(&w0, &w2, &w1, x[ 0], y[ 7]);
331  word3_muladd(&w0, &w2, &w1, x[ 1], y[ 6]);
332  word3_muladd(&w0, &w2, &w1, x[ 2], y[ 5]);
333  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 4]);
334  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 3]);
335  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 2]);
336  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 1]);
337  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 0]);
338  z[ 7] = w1; w1 = 0;
339 
340  word3_muladd(&w1, &w0, &w2, x[ 1], y[ 7]);
341  word3_muladd(&w1, &w0, &w2, x[ 2], y[ 6]);
342  word3_muladd(&w1, &w0, &w2, x[ 3], y[ 5]);
343  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 4]);
344  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 3]);
345  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 2]);
346  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 1]);
347  z[ 8] = w2; w2 = 0;
348 
349  word3_muladd(&w2, &w1, &w0, x[ 2], y[ 7]);
350  word3_muladd(&w2, &w1, &w0, x[ 3], y[ 6]);
351  word3_muladd(&w2, &w1, &w0, x[ 4], y[ 5]);
352  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 4]);
353  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 3]);
354  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 2]);
355  z[ 9] = w0; w0 = 0;
356 
357  word3_muladd(&w0, &w2, &w1, x[ 3], y[ 7]);
358  word3_muladd(&w0, &w2, &w1, x[ 4], y[ 6]);
359  word3_muladd(&w0, &w2, &w1, x[ 5], y[ 5]);
360  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 4]);
361  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 3]);
362  z[10] = w1; w1 = 0;
363 
364  word3_muladd(&w1, &w0, &w2, x[ 4], y[ 7]);
365  word3_muladd(&w1, &w0, &w2, x[ 5], y[ 6]);
366  word3_muladd(&w1, &w0, &w2, x[ 6], y[ 5]);
367  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 4]);
368  z[11] = w2; w2 = 0;
369 
370  word3_muladd(&w2, &w1, &w0, x[ 5], y[ 7]);
371  word3_muladd(&w2, &w1, &w0, x[ 6], y[ 6]);
372  word3_muladd(&w2, &w1, &w0, x[ 7], y[ 5]);
373  z[12] = w0; w0 = 0;
374 
375  word3_muladd(&w0, &w2, &w1, x[ 6], y[ 7]);
376  word3_muladd(&w0, &w2, &w1, x[ 7], y[ 6]);
377  z[13] = w1; w1 = 0;
378 
379  word3_muladd(&w1, &w0, &w2, x[ 7], y[ 7]);
380  z[14] = w2;
381  z[15] = w0;
382  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void Botan::bigint_comba_sqr16 ( word  z[32],
const word  x[16] 
)

Definition at line 387 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

388  {
389  word w2 = 0, w1 = 0, w0 = 0;
390 
391  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
392  z[ 0] = w0; w0 = 0;
393 
394  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
395  z[ 1] = w1; w1 = 0;
396 
397  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
398  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
399  z[ 2] = w2; w2 = 0;
400 
401  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
402  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
403  z[ 3] = w0; w0 = 0;
404 
405  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
406  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
407  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
408  z[ 4] = w1; w1 = 0;
409 
410  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
411  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
412  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
413  z[ 5] = w2; w2 = 0;
414 
415  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
416  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
417  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
418  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
419  z[ 6] = w0; w0 = 0;
420 
421  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
422  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
423  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
424  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
425  z[ 7] = w1; w1 = 0;
426 
427  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 8]);
428  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
429  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
430  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
431  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
432  z[ 8] = w2; w2 = 0;
433 
434  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 9]);
435  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 8]);
436  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
437  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
438  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
439  z[ 9] = w0; w0 = 0;
440 
441  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[10]);
442  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 9]);
443  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 8]);
444  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
445  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
446  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
447  z[10] = w1; w1 = 0;
448 
449  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[11]);
450  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[10]);
451  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 9]);
452  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 8]);
453  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
454  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
455  z[11] = w2; w2 = 0;
456 
457  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[12]);
458  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[11]);
459  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[10]);
460  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 9]);
461  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 8]);
462  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
463  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
464  z[12] = w0; w0 = 0;
465 
466  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[13]);
467  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[12]);
468  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[11]);
469  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[10]);
470  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 9]);
471  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[ 8]);
472  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
473  z[13] = w1; w1 = 0;
474 
475  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[14]);
476  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[13]);
477  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[12]);
478  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[11]);
479  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[10]);
480  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 9]);
481  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[ 8]);
482  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
483  z[14] = w2; w2 = 0;
484 
485  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[15]);
486  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[14]);
487  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[13]);
488  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[12]);
489  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[11]);
490  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[10]);
491  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[ 9]);
492  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[ 8]);
493  z[15] = w0; w0 = 0;
494 
495  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[15]);
496  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[14]);
497  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[13]);
498  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[12]);
499  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[11]);
500  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[10]);
501  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[ 9]);
502  word3_muladd(&w0, &w2, &w1, x[ 8], x[ 8]);
503  z[16] = w1; w1 = 0;
504 
505  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[15]);
506  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[14]);
507  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[13]);
508  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[12]);
509  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[11]);
510  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[10]);
511  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[ 9]);
512  z[17] = w2; w2 = 0;
513 
514  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[15]);
515  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[14]);
516  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[13]);
517  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[12]);
518  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[11]);
519  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[10]);
520  word3_muladd(&w2, &w1, &w0, x[ 9], x[ 9]);
521  z[18] = w0; w0 = 0;
522 
523  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[15]);
524  word3_muladd_2(&w0, &w2, &w1, x[ 5], x[14]);
525  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[13]);
526  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[12]);
527  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[11]);
528  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[10]);
529  z[19] = w1; w1 = 0;
530 
531  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[15]);
532  word3_muladd_2(&w1, &w0, &w2, x[ 6], x[14]);
533  word3_muladd_2(&w1, &w0, &w2, x[ 7], x[13]);
534  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[12]);
535  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[11]);
536  word3_muladd(&w1, &w0, &w2, x[10], x[10]);
537  z[20] = w2; w2 = 0;
538 
539  word3_muladd_2(&w2, &w1, &w0, x[ 6], x[15]);
540  word3_muladd_2(&w2, &w1, &w0, x[ 7], x[14]);
541  word3_muladd_2(&w2, &w1, &w0, x[ 8], x[13]);
542  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[12]);
543  word3_muladd_2(&w2, &w1, &w0, x[10], x[11]);
544  z[21] = w0; w0 = 0;
545 
546  word3_muladd_2(&w0, &w2, &w1, x[ 7], x[15]);
547  word3_muladd_2(&w0, &w2, &w1, x[ 8], x[14]);
548  word3_muladd_2(&w0, &w2, &w1, x[ 9], x[13]);
549  word3_muladd_2(&w0, &w2, &w1, x[10], x[12]);
550  word3_muladd(&w0, &w2, &w1, x[11], x[11]);
551  z[22] = w1; w1 = 0;
552 
553  word3_muladd_2(&w1, &w0, &w2, x[ 8], x[15]);
554  word3_muladd_2(&w1, &w0, &w2, x[ 9], x[14]);
555  word3_muladd_2(&w1, &w0, &w2, x[10], x[13]);
556  word3_muladd_2(&w1, &w0, &w2, x[11], x[12]);
557  z[23] = w2; w2 = 0;
558 
559  word3_muladd_2(&w2, &w1, &w0, x[ 9], x[15]);
560  word3_muladd_2(&w2, &w1, &w0, x[10], x[14]);
561  word3_muladd_2(&w2, &w1, &w0, x[11], x[13]);
562  word3_muladd(&w2, &w1, &w0, x[12], x[12]);
563  z[24] = w0; w0 = 0;
564 
565  word3_muladd_2(&w0, &w2, &w1, x[10], x[15]);
566  word3_muladd_2(&w0, &w2, &w1, x[11], x[14]);
567  word3_muladd_2(&w0, &w2, &w1, x[12], x[13]);
568  z[25] = w1; w1 = 0;
569 
570  word3_muladd_2(&w1, &w0, &w2, x[11], x[15]);
571  word3_muladd_2(&w1, &w0, &w2, x[12], x[14]);
572  word3_muladd(&w1, &w0, &w2, x[13], x[13]);
573  z[26] = w2; w2 = 0;
574 
575  word3_muladd_2(&w2, &w1, &w0, x[12], x[15]);
576  word3_muladd_2(&w2, &w1, &w0, x[13], x[14]);
577  z[27] = w0; w0 = 0;
578 
579  word3_muladd_2(&w0, &w2, &w1, x[13], x[15]);
580  word3_muladd(&w0, &w2, &w1, x[14], x[14]);
581  z[28] = w1; w1 = 0;
582 
583  word3_muladd_2(&w1, &w0, &w2, x[14], x[15]);
584  z[29] = w2; w2 = 0;
585 
586  word3_muladd(&w2, &w1, &w0, x[15], x[15]);
587  z[30] = w0;
588  z[31] = w1;
589  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr4 ( word  z[8],
const word  x[4] 
)

Definition at line 18 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

19  {
20  word w2 = 0, w1 = 0, w0 = 0;
21 
22  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
23  z[ 0] = w0; w0 = 0;
24 
25  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
26  z[ 1] = w1; w1 = 0;
27 
28  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
29  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
30  z[ 2] = w2; w2 = 0;
31 
32  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
33  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
34  z[ 3] = w0; w0 = 0;
35 
36  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
37  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
38  z[ 4] = w1; w1 = 0;
39 
40  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
41  z[ 5] = w2; w2 = 0;
42 
43  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
44  z[ 6] = w0;
45  z[ 7] = w1;
46  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr6 ( word  z[12],
const word  x[6] 
)

Definition at line 90 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

91  {
92  word w2 = 0, w1 = 0, w0 = 0;
93 
94  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
95  z[ 0] = w0; w0 = 0;
96 
97  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
98  z[ 1] = w1; w1 = 0;
99 
100  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
101  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
102  z[ 2] = w2; w2 = 0;
103 
104  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
105  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
106  z[ 3] = w0; w0 = 0;
107 
108  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
109  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
110  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
111  z[ 4] = w1; w1 = 0;
112 
113  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
114  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
115  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
116  z[ 5] = w2; w2 = 0;
117 
118  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
119  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
120  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
121  z[ 6] = w0; w0 = 0;
122 
123  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
124  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
125  z[ 7] = w1; w1 = 0;
126 
127  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
128  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
129  z[ 8] = w2; w2 = 0;
130 
131  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
132  z[ 9] = w0; w0 = 0;
133 
134  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
135  z[10] = w1;
136  z[11] = w2;
137  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
void Botan::bigint_comba_sqr8 ( word  z[16],
const word  x[8] 
)

Definition at line 209 of file mp_comba.cpp.

References word3_muladd(), and word3_muladd_2().

Referenced by bigint_sqr().

210  {
211  word w2 = 0, w1 = 0, w0 = 0;
212 
213  word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
214  z[ 0] = w0; w0 = 0;
215 
216  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
217  z[ 1] = w1; w1 = 0;
218 
219  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
220  word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
221  z[ 2] = w2; w2 = 0;
222 
223  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
224  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 2]);
225  z[ 3] = w0; w0 = 0;
226 
227  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
228  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
229  word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
230  z[ 4] = w1; w1 = 0;
231 
232  word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
233  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 4]);
234  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
235  z[ 5] = w2; w2 = 0;
236 
237  word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
238  word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
239  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
240  word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
241  z[ 6] = w0; w0 = 0;
242 
243  word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
244  word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 6]);
245  word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
246  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 4]);
247  z[ 7] = w1; w1 = 0;
248 
249  word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
250  word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
251  word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
252  word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
253  z[ 8] = w2; w2 = 0;
254 
255  word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
256  word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 6]);
257  word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
258  z[ 9] = w0; w0 = 0;
259 
260  word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
261  word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
262  word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
263  z[10] = w1; w1 = 0;
264 
265  word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
266  word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 6]);
267  z[11] = w2; w2 = 0;
268 
269  word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
270  word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
271  z[12] = w0; w0 = 0;
272 
273  word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
274  z[13] = w1; w1 = 0;
275 
276  word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
277  z[14] = w2;
278  z[15] = w0;
279  }
void word3_muladd(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:175
void word3_muladd_2(word *w2, word *w1, word *w0, word a, word b)
Definition: mp_asmi.h:186
word Botan::bigint_divop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) / d

Definition at line 44 of file mp_misc.cpp.

References MP_WORD_BITS, and MP_WORD_TOP_BIT.

Referenced by bigint_modop(), divide(), and monty_inverse().

45  {
46  word high = n1 % d, quotient = 0;
47 
48  for(size_t i = 0; i != MP_WORD_BITS; ++i)
49  {
50  word high_top_bit = (high & MP_WORD_TOP_BIT);
51 
52  high <<= 1;
53  high |= (n0 >> (MP_WORD_BITS-1-i)) & 1;
54  quotient <<= 1;
55 
56  if(high_top_bit || high >= d)
57  {
58  high -= d;
59  quotient |= 1;
60  }
61  }
62 
63  return quotient;
64  }
const word MP_WORD_TOP_BIT
Definition: mp_types.h:41
const size_t MP_WORD_BITS
Definition: mp_core.h:19
void Botan::bigint_linmul2 ( word  x[],
size_t  x_size,
word  y 
)

Definition at line 154 of file mp_asm.cpp.

References word8_linmul2(), and word_madd2().

Referenced by Botan::BigInt::operator*=().

155  {
156  const size_t blocks = x_size - (x_size % 8);
157 
158  word carry = 0;
159 
160  for(size_t i = 0; i != blocks; i += 8)
161  carry = word8_linmul2(x + i, y, carry);
162 
163  for(size_t i = blocks; i != x_size; ++i)
164  x[i] = word_madd2(x[i], y, &carry);
165 
166  x[x_size] = carry;
167  }
word word_madd2(word a, word b, word *c)
Definition: mp_madd.h:21
word word8_linmul2(word x[8], word y, word carry)
Definition: mp_asmi.h:127
void Botan::bigint_linmul3 ( word  z[],
const word  x[],
size_t  x_size,
word  y 
)

Definition at line 172 of file mp_asm.cpp.

References word8_linmul3(), and word_madd2().

Referenced by bigint_mul(), bigint_sqr(), operator*(), and Botan::BigInt::operator*=().

173  {
174  const size_t blocks = x_size - (x_size % 8);
175 
176  word carry = 0;
177 
178  for(size_t i = 0; i != blocks; i += 8)
179  carry = word8_linmul3(z + i, x + i, y, carry);
180 
181  for(size_t i = blocks; i != x_size; ++i)
182  z[i] = word_madd2(x[i], y, &carry);
183 
184  z[x_size] = carry;
185  }
word word8_linmul3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:143
word word_madd2(word a, word b, word *c)
Definition: mp_madd.h:21
word Botan::bigint_modop ( word  n1,
word  n0,
word  d 
)

Compute ((n1<<bits) + n0) % d

Definition at line 69 of file mp_misc.cpp.

References bigint_divop(), and word_madd2().

Referenced by operator%(), and Botan::BigInt::operator%=().

70  {
71  word z = bigint_divop(n1, n0, d);
72  word dummy = 0;
73  z = word_madd2(z, d, &dummy);
74  return (n0-z);
75  }
word bigint_divop(word n1, word n0, word d)
Definition: mp_misc.cpp:44
word word_madd2(word a, word b, word *c)
Definition: mp_madd.h:21
void Botan::bigint_monty_mul ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 71 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_mul().

Referenced by Botan::Montgomery_Exponentiator::execute(), and Botan::Montgomery_Exponentiator::set_base().

76  {
77  bigint_mul(&z[0], z_size, &ws[0],
78  &x[0], x_size, x_sw,
79  &y[0], y_size, y_sw);
80 
81  bigint_monty_redc(&z[0],
82  &p[0], p_size, p_dash,
83  &ws[0]);
84  }
void bigint_mul(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw, const word y[], size_t y_size, size_t y_sw)
Definition: mp_karat.cpp:213
void bigint_monty_redc(word z[], const word p[], size_t p_size, word p_dash, word workspace[])
Definition: mp_monty.cpp:21
void Botan::bigint_monty_redc ( word  z[],
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Montgomery Reduction

Parameters
zinteger to reduce, of size exactly 2*(p_size+1). Output is in the first p_size+1 words, higher words are set to zero.
pmodulus
p_sizesize of p
p_dashMontgomery value
workspacearray of at least 2*(p_size+1) words

Definition at line 21 of file mp_monty.cpp.

References clear_mem(), copy_mem(), word8_madd3(), word_madd3(), and word_sub().

Referenced by bigint_monty_mul(), bigint_monty_sqr(), and Botan::Montgomery_Exponentiator::execute().

24  {
25  const size_t z_size = 2*(p_size+1);
26 
27  const size_t blocks_of_8 = p_size - (p_size % 8);
28 
29  for(size_t i = 0; i != p_size; ++i)
30  {
31  word* z_i = z + i;
32 
33  const word y = z_i[0] * p_dash;
34 
35  /*
36  bigint_linmul3(ws, p, p_size, y);
37  bigint_add2(z_i, z_size - i, ws, p_size+1);
38  */
39 
40  word carry = 0;
41 
42  for(size_t j = 0; j != blocks_of_8; j += 8)
43  carry = word8_madd3(z_i + j, p + j, y, carry);
44 
45  for(size_t j = blocks_of_8; j != p_size; ++j)
46  z_i[j] = word_madd3(p[j], y, z_i[j], &carry);
47 
48  word z_sum = z_i[p_size] + carry;
49  carry = (z_sum < z_i[p_size]);
50  z_i[p_size] = z_sum;
51 
52  for(size_t j = p_size + 1; carry && j != z_size - i; ++j)
53  {
54  ++z_i[j];
55  carry = !z_i[j];
56  }
57  }
58 
59  word borrow = 0;
60  for(size_t i = 0; i != p_size; ++i)
61  ws[i] = word_sub(z[p_size + i], p[i], &borrow);
62 
63  ws[p_size] = word_sub(z[p_size+p_size], 0, &borrow);
64 
65  copy_mem(ws + p_size + 1, z + p_size, p_size + 1);
66 
67  copy_mem(z, ws + borrow*(p_size+1), p_size + 1);
68  clear_mem(z + p_size + 1, z_size - p_size - 1);
69  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
word word_madd3(word a, word b, word c, word *d)
Definition: mp_madd.h:45
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
void Botan::bigint_monty_sqr ( word  z[],
size_t  z_size,
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  p[],
size_t  p_size,
word  p_dash,
word  workspace[] 
)

Definition at line 86 of file mp_monty.cpp.

References bigint_monty_redc(), and bigint_sqr().

Referenced by Botan::Montgomery_Exponentiator::execute().

90  {
91  bigint_sqr(&z[0], z_size, &ws[0],
92  &x[0], x_size, x_sw);
93 
94  bigint_monty_redc(&z[0],
95  &p[0], p_size, p_dash,
96  &ws[0]);
97  }
void bigint_sqr(word z[], size_t z_size, word workspace[], const word x[], size_t x_size, size_t x_sw)
Definition: mp_karat.cpp:265
void bigint_monty_redc(word z[], const word p[], size_t p_size, word p_dash, word workspace[])
Definition: mp_monty.cpp:21
void Botan::bigint_mul ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw,
const word  y[],
size_t  y_size,
size_t  y_sw 
)

Definition at line 213 of file mp_karat.cpp.

References bigint_comba_mul16(), bigint_comba_mul4(), bigint_comba_mul6(), bigint_comba_mul8(), bigint_linmul3(), and bigint_simple_mul().

Referenced by bigint_monty_mul(), mul_add(), operator*(), and Botan::BigInt::operator*=().

216  {
217  if(x_sw == 1)
218  {
219  bigint_linmul3(z, y, y_sw, x[0]);
220  }
221  else if(y_sw == 1)
222  {
223  bigint_linmul3(z, x, x_sw, y[0]);
224  }
225  else if(x_sw <= 4 && x_size >= 4 &&
226  y_sw <= 4 && y_size >= 4 && z_size >= 8)
227  {
228  bigint_comba_mul4(z, x, y);
229  }
230  else if(x_sw <= 6 && x_size >= 6 &&
231  y_sw <= 6 && y_size >= 6 && z_size >= 12)
232  {
233  bigint_comba_mul6(z, x, y);
234  }
235  else if(x_sw <= 8 && x_size >= 8 &&
236  y_sw <= 8 && y_size >= 8 && z_size >= 16)
237  {
238  bigint_comba_mul8(z, x, y);
239  }
240  else if(x_sw <= 16 && x_size >= 16 &&
241  y_sw <= 16 && y_size >= 16 && z_size >= 32)
242  {
243  bigint_comba_mul16(z, x, y);
244  }
245  else if(x_sw < KARATSUBA_MULTIPLY_THRESHOLD ||
246  y_sw < KARATSUBA_MULTIPLY_THRESHOLD ||
247  !workspace)
248  {
249  bigint_simple_mul(z, x, x_sw, y, y_sw);
250  }
251  else
252  {
253  const size_t N = karatsuba_size(z_size, x_size, x_sw, y_size, y_sw);
254 
255  if(N)
256  karatsuba_mul(z, x, y, N, workspace);
257  else
258  bigint_simple_mul(z, x, x_sw, y, y_sw);
259  }
260  }
void bigint_simple_mul(word z[], const word x[], size_t x_size, const word y[], size_t y_size)
Definition: mp_mulop.cpp:20
void bigint_comba_mul4(word z[8], const word x[4], const word y[4])
Definition: mp_comba.cpp:51
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_asm.cpp:172
void bigint_comba_mul8(word z[16], const word x[8], const word y[8])
Definition: mp_comba.cpp:284
void bigint_comba_mul16(word z[32], const word x[16], const word y[16])
Definition: mp_comba.cpp:594
void bigint_comba_mul6(word z[12], const word x[6], const word y[6])
Definition: mp_comba.cpp:142
void Botan::bigint_shl1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 18 of file mp_shift.cpp.

References clear_mem(), copy_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator-=(), and Botan::BigInt::operator<<=().

19  {
20  if(word_shift)
21  {
22  copy_mem(x + word_shift, x, x_size);
23  clear_mem(x, word_shift);
24  }
25 
26  if(bit_shift)
27  {
28  word carry = 0;
29  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
30  {
31  word temp = x[j];
32  x[j] = (temp << bit_shift) | carry;
33  carry = (temp >> (MP_WORD_BITS - bit_shift));
34  }
35  }
36  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
const size_t MP_WORD_BITS
Definition: mp_core.h:19
void Botan::bigint_shl2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 96 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator-(), and operator<<().

98  {
99  for(size_t j = 0; j != x_size; ++j)
100  y[j + word_shift] = x[j];
101  if(bit_shift)
102  {
103  word carry = 0;
104  for(size_t j = word_shift; j != x_size + word_shift + 1; ++j)
105  {
106  word w = y[j];
107  y[j] = (w << bit_shift) | carry;
108  carry = (w >> (MP_WORD_BITS - bit_shift));
109  }
110  }
111  }
const size_t MP_WORD_BITS
Definition: mp_core.h:19
void Botan::bigint_shr1 ( word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 41 of file mp_shift.cpp.

References clear_mem(), copy_mem(), and MP_WORD_BITS.

Referenced by Botan::BigInt::operator>>=().

42  {
43  if(x_size < word_shift)
44  {
45  clear_mem(x, x_size);
46  return;
47  }
48 
49  if(word_shift)
50  {
51  copy_mem(x, x + word_shift, x_size - word_shift);
52  clear_mem(x + x_size - word_shift, word_shift);
53  }
54 
55  if(bit_shift)
56  {
57  word carry = 0;
58 
59  size_t top = x_size - word_shift;
60 
61  while(top >= 4)
62  {
63  word w = x[top-1];
64  x[top-1] = (w >> bit_shift) | carry;
65  carry = (w << (MP_WORD_BITS - bit_shift));
66 
67  w = x[top-2];
68  x[top-2] = (w >> bit_shift) | carry;
69  carry = (w << (MP_WORD_BITS - bit_shift));
70 
71  w = x[top-3];
72  x[top-3] = (w >> bit_shift) | carry;
73  carry = (w << (MP_WORD_BITS - bit_shift));
74 
75  w = x[top-4];
76  x[top-4] = (w >> bit_shift) | carry;
77  carry = (w << (MP_WORD_BITS - bit_shift));
78 
79  top -= 4;
80  }
81 
82  while(top)
83  {
84  word w = x[top-1];
85  x[top-1] = (w >> bit_shift) | carry;
86  carry = (w << (MP_WORD_BITS - bit_shift));
87 
88  top--;
89  }
90  }
91  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
const size_t MP_WORD_BITS
Definition: mp_core.h:19
void Botan::bigint_shr2 ( word  y[],
const word  x[],
size_t  x_size,
size_t  word_shift,
size_t  bit_shift 
)

Definition at line 116 of file mp_shift.cpp.

References MP_WORD_BITS.

Referenced by operator>>().

118  {
119  if(x_size < word_shift) return;
120 
121  for(size_t j = 0; j != x_size - word_shift; ++j)
122  y[j] = x[j + word_shift];
123  if(bit_shift)
124  {
125  word carry = 0;
126  for(size_t j = x_size - word_shift; j > 0; --j)
127  {
128  word w = y[j-1];
129  y[j-1] = (w >> bit_shift) | carry;
130  carry = (w << (MP_WORD_BITS - bit_shift));
131  }
132  }
133  }
const size_t MP_WORD_BITS
Definition: mp_core.h:19
void Botan::bigint_simple_mul ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Definition at line 20 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_mul().

22  {
23  const size_t x_size_8 = x_size - (x_size % 8);
24 
25  clear_mem(z, x_size + y_size);
26 
27  for(size_t i = 0; i != y_size; ++i)
28  {
29  const word y_i = y[i];
30 
31  word carry = 0;
32 
33  for(size_t j = 0; j != x_size_8; j += 8)
34  carry = word8_madd3(z + i + j, x + j, y_i, carry);
35 
36  for(size_t j = x_size_8; j != x_size; ++j)
37  z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry);
38 
39  z[x_size+i] = carry;
40  }
41  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
word word_madd3(word a, word b, word c, word *d)
Definition: mp_madd.h:45
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void Botan::bigint_simple_sqr ( word  z[],
const word  x[],
size_t  x_size 
)

Definition at line 54 of file mp_mulop.cpp.

References clear_mem(), word8_madd3(), and word_madd3().

Referenced by bigint_sqr().

55  {
56  const size_t x_size_8 = x_size - (x_size % 8);
57 
58  clear_mem(z, 2*x_size);
59 
60  for(size_t i = 0; i != x_size; ++i)
61  {
62  const word x_i = x[i];
63  word carry = 0;
64 
65  for(size_t j = 0; j != x_size_8; j += 8)
66  carry = word8_madd3(z + i + j, x + j, x_i, carry);
67 
68  for(size_t j = x_size_8; j != x_size; ++j)
69  z[i+j] = word_madd3(x[j], x_i, z[i+j], &carry);
70 
71  z[x_size+i] = carry;
72  }
73  }
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:28
word word_madd3(word a, word b, word c, word *d)
Definition: mp_madd.h:45
word word8_madd3(word z[8], const word x[8], word y, word carry)
Definition: mp_asmi.h:159
void Botan::bigint_sqr ( word  z[],
size_t  z_size,
word  workspace[],
const word  x[],
size_t  x_size,
size_t  x_sw 
)

Definition at line 265 of file mp_karat.cpp.

References bigint_comba_sqr16(), bigint_comba_sqr4(), bigint_comba_sqr6(), bigint_comba_sqr8(), bigint_linmul3(), and bigint_simple_sqr().

Referenced by bigint_monty_sqr(), and square().

267  {
268  if(x_sw == 1)
269  {
270  bigint_linmul3(z, x, x_sw, x[0]);
271  }
272  else if(x_sw <= 4 && x_size >= 4 && z_size >= 8)
273  {
274  bigint_comba_sqr4(z, x);
275  }
276  else if(x_sw <= 6 && x_size >= 6 && z_size >= 12)
277  {
278  bigint_comba_sqr6(z, x);
279  }
280  else if(x_sw <= 8 && x_size >= 8 && z_size >= 16)
281  {
282  bigint_comba_sqr8(z, x);
283  }
284  else if(x_sw <= 16 && x_size >= 16 && z_size >= 32)
285  {
286  bigint_comba_sqr16(z, x);
287  }
288  else if(x_size < KARATSUBA_SQUARE_THRESHOLD || !workspace)
289  {
290  bigint_simple_sqr(z, x, x_sw);
291  }
292  else
293  {
294  const size_t N = karatsuba_size(z_size, x_size, x_sw);
295 
296  if(N)
297  karatsuba_sqr(z, x, N, workspace);
298  else
299  bigint_simple_sqr(z, x, x_sw);
300  }
301  }
void bigint_linmul3(word z[], const word x[], size_t x_size, word y)
Definition: mp_asm.cpp:172
void bigint_comba_sqr16(word z[32], const word x[16])
Definition: mp_comba.cpp:387
void bigint_comba_sqr8(word z[16], const word x[8])
Definition: mp_comba.cpp:209
void bigint_simple_sqr(word z[], const word x[], size_t x_size)
Definition: mp_mulop.cpp:54
void bigint_comba_sqr4(word z[8], const word x[4])
Definition: mp_comba.cpp:18
void bigint_comba_sqr6(word z[12], const word x[6])
Definition: mp_comba.cpp:90
word Botan::bigint_sub2 ( word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Two operand subtraction

Definition at line 89 of file mp_asm.cpp.

References BOTAN_ASSERT, word8_sub2(), and word_sub().

Referenced by Botan::BigInt::operator+=(), and Botan::BigInt::operator-=().

90  {
91  word borrow = 0;
92 
93  BOTAN_ASSERT(x_size >= y_size, "Expected sizes");
94 
95  const size_t blocks = y_size - (y_size % 8);
96 
97  for(size_t i = 0; i != blocks; i += 8)
98  borrow = word8_sub2(x + i, y + i, borrow);
99 
100  for(size_t i = blocks; i != y_size; ++i)
101  x[i] = word_sub(x[i], y[i], &borrow);
102 
103  for(size_t i = y_size; i != x_size; ++i)
104  x[i] = word_sub(x[i], 0, &borrow);
105 
106  return borrow;
107  }
word word8_sub2(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:78
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
void Botan::bigint_sub2_rev ( word  x[],
const word  y[],
size_t  y_size 
)

Two operand subtraction, x = y - x; assumes y >= x

Definition at line 112 of file mp_asm.cpp.

References BOTAN_ASSERT, word8_sub2_rev(), and word_sub().

Referenced by Botan::BigInt::operator-=().

113  {
114  word borrow = 0;
115 
116  const size_t blocks = y_size - (y_size % 8);
117 
118  for(size_t i = 0; i != blocks; i += 8)
119  borrow = word8_sub2_rev(x + i, y + i, borrow);
120 
121  for(size_t i = blocks; i != y_size; ++i)
122  x[i] = word_sub(y[i], x[i], &borrow);
123 
124  BOTAN_ASSERT(!borrow, "y must be greater than x");
125  }
word word8_sub2_rev(word x[8], const word y[8], word carry)
Definition: mp_asmi.h:94
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word Botan::bigint_sub3 ( word  z[],
const word  x[],
size_t  x_size,
const word  y[],
size_t  y_size 
)

Three operand subtraction

Definition at line 130 of file mp_asm.cpp.

References BOTAN_ASSERT, word8_sub3(), and word_sub().

Referenced by operator+(), Botan::BigInt::operator+=(), and operator-().

132  {
133  word borrow = 0;
134 
135  BOTAN_ASSERT(x_size >= y_size, "Expected sizes");
136 
137  const size_t blocks = y_size - (y_size % 8);
138 
139  for(size_t i = 0; i != blocks; i += 8)
140  borrow = word8_sub3(z + i, x + i, y + i, borrow);
141 
142  for(size_t i = blocks; i != y_size; ++i)
143  z[i] = word_sub(x[i], y[i], &borrow);
144 
145  for(size_t i = y_size; i != x_size; ++i)
146  z[i] = word_sub(x[i], 0, &borrow);
147 
148  return borrow;
149  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
word word_sub(word x, word y, word *carry)
Definition: mp_asmi.h:66
word word8_sub3(word z[8], const word x[8], const word y[8], word carry)
Definition: mp_asmi.h:110
BOTAN_DLL size_t Botan::block_size_of ( const std::string &  algo_spec)

Find out the block size of a certain symmetric algorithm.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the algorithm
Returns
block size of the specified algorithm

Definition at line 48 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), Botan::Algorithm_Factory::prototype_block_cipher(), and Botan::Algorithm_Factory::prototype_hash_function().

49  {
50  Algorithm_Factory& af = global_state().algorithm_factory();
51 
52  if(const BlockCipher* cipher = af.prototype_block_cipher(name))
53  return cipher->block_size();
54 
55  if(const HashFunction* hash = af.prototype_hash_function(name))
56  return hash->hash_block_size();
57 
58  throw Algorithm_Not_Found(name);
59  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:46
Library_State & global_state()
void Botan::botan_md4_x86_32_compress ( u32bit  digest[4],
const byte  input[64],
u32bit  M[16] 
)

MD4 compression function in x86-32 asm

Parameters
digestthe current digest
inputthe input block
Mthe message buffer
void Botan::botan_serpent_x86_32_decrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent decryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::decrypt_n().

void Botan::botan_serpent_x86_32_encrypt ( const byte  in[16],
byte  out[16],
const u32bit  ks[132] 
)

Entry point for Serpent encryption in x86 asm

Parameters
inthe input block
outthe output block
ksthe key schedule

Referenced by Botan::Serpent_X86_32::encrypt_n().

void Botan::botan_serpent_x86_32_key_schedule ( u32bit  ks[140])

Entry point for Serpent key schedule in x86 asm

Parameters
ksholds the initial working key (padded), and is set to the final key schedule
template<typename T >
void Botan::bswap_4 ( x[4])
inline

Swap 4 Ts in an array

Definition at line 112 of file bswap.h.

References reverse_bytes().

Referenced by load_be(), and load_le().

113  {
114  x[0] = reverse_bytes(x[0]);
115  x[1] = reverse_bytes(x[1]);
116  x[2] = reverse_bytes(x[2]);
117  x[3] = reverse_bytes(x[3]);
118  }
u64bit reverse_bytes(u64bit val)
Definition: bswap.h:80
template<typename T , typename Alloc >
size_t Botan::buffer_insert ( std::vector< T, Alloc > &  buf,
size_t  buf_offset,
const T  input[],
size_t  input_length 
)

Definition at line 103 of file secmem.h.

References copy_mem().

Referenced by Botan::MDx_HashFunction::add_data(), Botan::OFB::set_iv(), Botan::CTR_BE::set_iv(), Botan::Base64_Encoder::write(), and Botan::Hex_Encoder::write().

107  {
108  const size_t to_copy = std::min(input_length, buf.size() - buf_offset);
109  copy_mem(&buf[buf_offset], input, to_copy);
110  return to_copy;
111  }
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
template<typename T , typename Alloc , typename Alloc2 >
size_t Botan::buffer_insert ( std::vector< T, Alloc > &  buf,
size_t  buf_offset,
const std::vector< T, Alloc2 > &  input 
)

Definition at line 114 of file secmem.h.

References copy_mem().

117  {
118  const size_t to_copy = std::min(input.size(), buf.size() - buf_offset);
119  copy_mem(&buf[buf_offset], &input[0], to_copy);
120  return to_copy;
121  }
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:39
BOTAN_DLL calendar_point Botan::calendar_value ( const std::chrono::system_clock::time_point &  time_point)

Definition at line 39 of file calendar.cpp.

Referenced by Botan::EAC_Time::EAC_Time(), and Botan::X509_Time::X509_Time().

41  {
42  std::tm tm = do_gmtime(std::chrono::system_clock::to_time_t(time_point));
43 
44  return calendar_point(tm.tm_year + 1900,
45  tm.tm_mon + 1,
46  tm.tm_mday,
47  tm.tm_hour,
48  tm.tm_min,
49  tm.tm_sec);
50  }
bool BOTAN_DLL Botan::check_bcrypt ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 132 of file bcrypt.cpp.

References to_u32bit().

133  {
134  if(hash.size() != 60 ||
135  hash[0] != '$' || hash[1] != '2' || hash[2] != 'a' ||
136  hash[3] != '$' || hash[6] != '$')
137  {
138  return false;
139  }
140 
141  const u16bit workfactor = to_u32bit(hash.substr(4, 2));
142 
143  std::vector<byte> salt = bcrypt_base64_decode(hash.substr(7, 22));
144 
145  const std::string compare = make_bcrypt(pass, salt, workfactor);
146 
147  return (hash == compare);
148  }
uint16_t u16bit
Definition: types.h:31
u32bit to_u32bit(const std::string &str)
Definition: parsing.cpp:16
bool BOTAN_DLL Botan::check_passhash9 ( const std::string &  password,
const std::string &  hash 
)

Check a previously created password hash

Parameters
passwordthe password to check against
hashthe stored hash to check against

Definition at line 89 of file passhash9.cpp.

References Botan::OctetString::bits_of(), Botan::PBKDF::derive_key(), Botan::Pipe::end_msg(), load_be< u16bit >(), Botan::Pipe::read_all(), same_mem(), Botan::Pipe::start_msg(), Botan::ASN1::to_string(), and Botan::Pipe::write().

90  {
91  const size_t BINARY_LENGTH =
92  ALGID_BYTES +
93  WORKFACTOR_BYTES +
94  PASSHASH9_PBKDF_OUTPUT_LEN +
95  SALT_BYTES;
96 
97  const size_t BASE64_LENGTH =
98  MAGIC_PREFIX.size() + (BINARY_LENGTH * 8) / 6;
99 
100  if(hash.size() != BASE64_LENGTH)
101  return false;
102 
103  for(size_t i = 0; i != MAGIC_PREFIX.size(); ++i)
104  if(hash[i] != MAGIC_PREFIX[i])
105  return false;
106 
107  Pipe pipe(new Base64_Decoder);
108  pipe.start_msg();
109  pipe.write(hash.c_str() + MAGIC_PREFIX.size());
110  pipe.end_msg();
111 
112  secure_vector<byte> bin = pipe.read_all();
113 
114  if(bin.size() != BINARY_LENGTH)
115  return false;
116 
117  byte alg_id = bin[0];
118 
119  const size_t work_factor = load_be<u16bit>(&bin[ALGID_BYTES], 0);
120 
121  // Bug in the format, bad states shouldn't be representable, but are...
122  if(work_factor == 0)
123  return false;
124 
125  if(work_factor > 512)
126  throw std::invalid_argument("Requested Bcrypt work factor " +
127  std::to_string(work_factor) + " too large");
128 
129  const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
130 
131  MessageAuthenticationCode* pbkdf_prf = get_pbkdf_prf(alg_id);
132 
133  if(!pbkdf_prf)
134  return false; // unknown algorithm, reject
135 
136  PKCS5_PBKDF2 kdf(pbkdf_prf); // takes ownership of pointer
137 
138  secure_vector<byte> cmp = kdf.derive_key(
139  PASSHASH9_PBKDF_OUTPUT_LEN,
140  pass,
141  &bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES,
142  kdf_iterations).bits_of();
143 
144  return same_mem(&cmp[0],
145  &bin[ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES],
146  PASSHASH9_PBKDF_OUTPUT_LEN);
147  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:63
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:46
u16bit load_be< u16bit >(const byte in[], size_t off)
Definition: loadstor.h:132
uint8_t byte
Definition: types.h:30
bool Botan::check_prime ( const BigInt &  n,
RandomNumberGenerator &  rng 
)
inline

Definition at line 141 of file numthry.h.

References is_prime().

142  { return is_prime(n, rng, 56); }
bool is_prime(const BigInt &n, RandomNumberGenerator &rng, size_t prob, bool is_random)
Definition: numthry.cpp:287
BOTAN_DLL PK_Signer * Botan::choose_sig_format ( const Private_Key &  key,
const std::string &  hash_fn,
AlgorithmIdentifier &  alg_id 
)

Choose the default signature format for a certain public key signature scheme.

Parameters
keywill be the key to choose a padding scheme for
hash_fnis the desired hash function
alg_idwill be set to the chosen scheme
Returns
A PK_Signer object for generating signatures

Definition at line 218 of file x509_ca.cpp.

References Botan::Public_Key::algo_name(), algo_name, Botan::Public_Key::algorithm_identifier(), DER_SEQUENCE, IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::max_input_bits(), Botan::Public_Key::message_parts(), Botan::HashFunction::name(), Botan::AlgorithmIdentifier::oid, Botan::Buffered_Computation::output_length(), Botan::AlgorithmIdentifier::parameters, and retrieve_hash().

Referenced by Botan::X509::create_cert_req(), Botan::X509::create_self_signed_cert(), and Botan::X509_CA::X509_CA().

221  {
222  std::string padding;
223 
224  const std::string algo_name = key.algo_name();
225 
226  const HashFunction* proto_hash = retrieve_hash(hash_fn);
227  if(!proto_hash)
228  throw Algorithm_Not_Found(hash_fn);
229 
230  if(key.max_input_bits() < proto_hash->output_length()*8)
231  throw Invalid_Argument("Key is too small for chosen hash function");
232 
233  if(algo_name == "RSA")
234  padding = "EMSA3";
235  else if(algo_name == "DSA")
236  padding = "EMSA1";
237  else if(algo_name == "ECDSA")
238  padding = "EMSA1_BSI";
239  else
240  throw Invalid_Argument("Unknown X.509 signing key type: " + algo_name);
241 
242  Signature_Format format =
243  (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363;
244 
245  padding = padding + '(' + proto_hash->name() + ')';
246 
247  sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
248  sig_algo.parameters = key.algorithm_identifier().parameters;
249 
250  return new PK_Signer(key, padding, format);
251  }
Signature_Format
Definition: pubkey.h:24
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string algo_name
Definition: ossl_md.cpp:41
std::string lookup(const OID &oid)
Definition: oids.cpp:111
const HashFunction * retrieve_hash(const std::string &algo_spec)
Definition: lookup.h:55
size_t Botan::clamp ( size_t  n,
size_t  lower_bound,
size_t  upper_bound 
)
inline

Clamp

Definition at line 50 of file rounding.h.

51  {
52  if(n < lower_bound)
53  return lower_bound;
54  if(n > upper_bound)
55  return upper_bound;
56  return n;
57  }
template<typename T >
void Botan::clear_mem ( T *  ptr,
size_t  n 
)
inline

Zeroize memory

Parameters
ptra pointer to an array
nthe number of Ts pointed to by ptr

Definition at line 28 of file mem_ops.h.

Referenced by Botan::mlock_allocator::allocate(), Botan::secure_allocator< T >::allocate(), aont_package(), base64_decode(), bigint_monty_redc(), bigint_shl1(), bigint_shr1(), bigint_simple_mul(), bigint_simple_sqr(), hex_decode(), Botan::CPUID::initialize(), Botan::BigInt::mask_bits(), and zeroise().

29  {
30  std::memset(ptr, 0, sizeof(T)*n);
31  }
BOTAN_DLL void Botan::confirm_startup_self_tests ( Algorithm_Factory &  af)

Run a set of self tests on some basic algorithms like AES and SHA-1

Parameters
afan algorithm factory
Exceptions
Self_Test_Errorif a failure occured

Definition at line 265 of file selftest.cpp.

Referenced by Botan::Library_State::initialize(), and passes_self_tests().

266  {
267  cipher_kat(af, "DES",
268  "0123456789ABCDEF", "1234567890ABCDEF",
269  "4E6F77206973207468652074696D6520666F7220616C6C20",
270  "3FA40E8A984D48156A271787AB8883F9893D51EC4B563B53",
271  "E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6",
272  "F3096249C7F46E51A69E839B1A92F78403467133898EA622",
273  "F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3",
274  "F3096249C7F46E51163A8CA0FFC94C27FA2F80F480B86F75");
275 
276  cipher_kat(af, "TripleDES",
277  "385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E",
278  "C141B5FCCD28DC8A",
279  "6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68",
280  "64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4",
281  "6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9",
282  "E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B",
283  "E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62",
284  "E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371");
285 
286  cipher_kat(af, "AES-128",
287  "2B7E151628AED2A6ABF7158809CF4F3C",
288  "000102030405060708090A0B0C0D0E0F",
289  "6BC1BEE22E409F96E93D7E117393172A"
290  "AE2D8A571E03AC9C9EB76FAC45AF8E51",
291  "3AD77BB40D7A3660A89ECAF32466EF97"
292  "F5D3D58503B9699DE785895A96FDBAAF",
293  "7649ABAC8119B246CEE98E9B12E9197D"
294  "5086CB9B507219EE95DB113A917678B2",
295  "3B3FD92EB72DAD20333449F8E83CFB4A"
296  "C8A64537A0B3A93FCDE3CDAD9F1CE58B",
297  "3B3FD92EB72DAD20333449F8E83CFB4A"
298  "7789508D16918F03F53C52DAC54ED825",
299  "3B3FD92EB72DAD20333449F8E83CFB4A"
300  "010C041999E03F36448624483E582D0E");
301 
302  hash_test(af, "SHA-1",
303  "", "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709");
304 
305  hash_test(af, "SHA-1",
306  "616263", "A9993E364706816ABA3E25717850C26C9CD0D89D");
307 
308  hash_test(af, "SHA-1",
309  "6162636462636465636465666465666765666768666768696768696A"
310  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
311  "84983E441C3BD26EBAAE4AA1F95129E5E54670F1");
312 
313  mac_test(af, "HMAC(SHA-1)",
314  "4869205468657265",
315  "B617318655057264E28BC0B6FB378C8EF146BE00",
316  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
317 
318  hash_test(af, "SHA-256",
319  "",
320  "E3B0C44298FC1C149AFBF4C8996FB924"
321  "27AE41E4649B934CA495991B7852B855");
322 
323  hash_test(af, "SHA-256",
324  "616263",
325  "BA7816BF8F01CFEA414140DE5DAE2223"
326  "B00361A396177A9CB410FF61F20015AD");
327 
328  hash_test(af, "SHA-256",
329  "6162636462636465636465666465666765666768666768696768696A"
330  "68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F7071",
331  "248D6A61D20638B8E5C026930C3E6039"
332  "A33CE45964FF2167F6ECEDD419DB06C1");
333 
334  mac_test(af, "HMAC(SHA-256)",
335  "4869205468657265",
336  "198A607EB44BFBC69903A0F1CF2BBDC5"
337  "BA0AA3F3D9AE3C1C7A3B1696A0B68CF7",
338  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B"
339  "0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B");
340  }
template<typename T >
void Botan::copy_mem ( T *  out,
const T *  in,
size_t  n 
)
inline
BOTAN_DLL AlternativeName Botan::create_alt_name ( const Data_Store &  info)

Definition at line 567 of file x509cert.cpp.

References Botan::AlternativeName::add_attribute(), and Botan::Data_Store::search_for().

Referenced by Botan::PKCS10_Request::subject_alt_name().

568  {
569  auto names = info.search_for(
570  [](const std::string& key, const std::string&)
571  {
572  return (key == "RFC822" ||
573  key == "DNS" ||
574  key == "URI" ||
575  key == "IP");
576  });
577 
578  AlternativeName alt_name;
579 
580  for(auto i = names.begin(); i != names.end(); ++i)
581  alt_name.add_attribute(i->first, i->second);
582 
583  return alt_name;
584  }
BOTAN_DLL X509_DN Botan::create_dn ( const Data_Store &  info)

Definition at line 548 of file x509cert.cpp.

References Botan::X509_DN::add_attribute(), and Botan::Data_Store::search_for().

Referenced by Botan::X509_Certificate::issuer_dn(), Botan::X509_CRL::issuer_dn(), Botan::PKCS10_Request::subject_dn(), and Botan::X509_Certificate::subject_dn().

549  {
550  auto names = info.search_for(
551  [](const std::string& key, const std::string&)
552  {
553  return (key.find("X520.") != std::string::npos);
554  });
555 
556  X509_DN dn;
557 
558  for(auto i = names.begin(); i != names.end(); ++i)
559  dn.add_attribute(i->first, i->second);
560 
561  return dn;
562  }
template<typename T >
size_t Botan::ctz ( n)
inline

Count the trailing zero bits in n

Parameters
nan integer value
Returns
maximum x st 2^x divides n

Definition at line 93 of file bit_ops.h.

Referenced by low_zero_bits().

94  {
95  for(size_t i = 0; i != 8*sizeof(T); ++i)
96  if((n >> i) & 0x01)
97  return i;
98  return 8*sizeof(T);
99  }
ECDSA_Signature Botan::decode_concatenation ( const std::vector< byte > &  concat)

Definition at line 46 of file ecdsa_sig.cpp.

References Botan::BigInt::decode().

Referenced by Botan::EAC1_1_gen_CVC< Derived >::decode_info().

47  {
48  if(concat.size() % 2 != 0)
49  throw Invalid_Argument("Erroneous length of signature");
50 
51  const size_t rs_len = concat.size() / 2;
52 
53  BigInt r = BigInt::decode(&concat[0], rs_len);
54  BigInt s = BigInt::decode(&concat[rs_len], rs_len);
55 
56  return ECDSA_Signature(r, s);
57  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
void decode(BER_Decoder &source, Key_Constraints &key_usage)
BOTAN_DLL ECDSA_PublicKey * Botan::decode_eac1_1_key ( const std::vector< byte > &  enc_key,
AlgorithmIdentifier &  sig_algo 
)

Decode an EAC encoding ECDSA key

Definition at line 91 of file cvc_cert.cpp.

93  {
94  throw Internal_Error("decode_eac1_1_key: Unimplemented");
95  return 0;
96  }
void BOTAN_DLL Botan::divide ( const BigInt &  x,
const BigInt &  y,
BigInt &  q,
BigInt &  r 
)

BigInt Division

Parameters
xan integer
ya non-zero integer
qwill be set to x / y
rwill be set to x % y

Definition at line 58 of file divide.cpp.

References bigint_divop(), Botan::BigInt::cmp(), Botan::BigInt::grow_to(), Botan::BigInt::is_negative(), Botan::BigInt::is_zero(), MP_WORD_BITS, MP_WORD_MAX, MP_WORD_TOP_BIT, Botan::BigInt::mutable_data(), Botan::BigInt::Positive, Botan::BigInt::set_sign(), Botan::BigInt::sig_words(), and Botan::BigInt::word_at().

Referenced by Botan::BigInt::encode(), operator%(), and operator/().

59  {
60  if(y_arg.is_zero())
61  throw BigInt::DivideByZero();
62 
63  BigInt y = y_arg;
64  const size_t y_words = y.sig_words();
65 
66  r = x;
67  q = 0;
68 
69  r.set_sign(BigInt::Positive);
70  y.set_sign(BigInt::Positive);
71 
72  s32bit compare = r.cmp(y);
73 
74  if(compare == 0)
75  {
76  q = 1;
77  r = 0;
78  }
79  else if(compare > 0)
80  {
81  size_t shifts = 0;
82  word y_top = y.word_at(y.sig_words()-1);
83  while(y_top < MP_WORD_TOP_BIT) { y_top <<= 1; ++shifts; }
84  y <<= shifts;
85  r <<= shifts;
86 
87  const size_t n = r.sig_words() - 1, t = y_words - 1;
88 
89  if(n < t)
90  throw Internal_Error("BigInt division word sizes");
91 
92  q.grow_to(n - t + 1);
93 
94  word* q_words = q.mutable_data();
95 
96  if(n <= t)
97  {
98  while(r > y) { r -= y; ++q; }
99  r >>= shifts;
100  sign_fixup(x, y_arg, q, r);
101  return;
102  }
103 
104  BigInt temp = y << (MP_WORD_BITS * (n-t));
105 
106  while(r >= temp) { r -= temp; q_words[n-t] += 1; }
107 
108  for(size_t j = n; j != t; --j)
109  {
110  const word x_j0 = r.word_at(j);
111  const word x_j1 = r.word_at(j-1);
112  const word y_t = y.word_at(t);
113 
114  if(x_j0 == y_t)
115  q_words[j-t-1] = MP_WORD_MAX;
116  else
117  q_words[j-t-1] = bigint_divop(x_j0, x_j1, y_t);
118 
119  while(division_check(q_words[j-t-1],
120  y_t, y.word_at(t-1),
121  x_j0, x_j1, r.word_at(j-2)))
122  {
123  q_words[j-t-1] -= 1;
124  }
125 
126  r -= (q_words[j-t-1] * y) << (MP_WORD_BITS * (j-t-1));
127 
128  if(r.is_negative())
129  {
130  r += y << (MP_WORD_BITS * (j-t-1));
131  q_words[j-t-1] -= 1;
132  }
133  }
134  r >>= shifts;
135  }
136 
137  sign_fixup(x, y_arg, q, r);
138  }
word bigint_divop(word n1, word n0, word d)
Definition: mp_misc.cpp:44
const word MP_WORD_MAX
Definition: mp_types.h:42
const word MP_WORD_TOP_BIT
Definition: mp_types.h:41
int32_t s32bit
Definition: types.h:35
const size_t MP_WORD_BITS
Definition: mp_core.h:19
size_t Botan::dl_work_factor ( size_t  prime_group_size)

Estimate work factor for discrete logarithm

Parameters
prime_group_sizesize of the group in bits
Returns
estimated security level for this group

Definition at line 14 of file workfactor.cpp.

Referenced by Botan::DH_PrivateKey::DH_PrivateKey(), Botan::DL_Group::DL_Group(), Botan::ElGamal_PrivateKey::ElGamal_PrivateKey(), Botan::ElGamal_Encryption_Operation::encrypt(), Botan::IF_Scheme_PublicKey::estimated_strength(), and Botan::DL_Scheme_PublicKey::estimated_strength().

15  {
16  /*
17  Based on GNFS work factors. Constant is 1.43 times the asymptotic
18  value; I'm not sure but I believe that came from a paper on 'real
19  world' runtimes, but I don't remember where now.
20 
21  Sample return values:
22  |512| -> 64
23  |1024| -> 86
24  |1536| -> 102
25  |2048| -> 116
26  |3072| -> 138
27  |4096| -> 155
28  |8192| -> 206
29 
30  For DL algos, we use an exponent of twice the size of the result;
31  the assumption is that an arbitrary discrete log on a group of size
32  bits would take about 2^n effort, and thus using an exponent of
33  size 2^(2*n) implies that all available attacks are about as easy
34  (as e.g Pollard's kangaroo algorithm can compute the DL in sqrt(x)
35  operations) while minimizing the exponent size for performance
36  reasons.
37  */
38 
39  const size_t MIN_WORKFACTOR = 64;
40 
41  // approximates natural logarithm of p
42  const double log_p = bits / 1.4426;
43 
44  const double strength =
45  2.76 * std::pow(log_p, 1.0/3.0) * std::pow(std::log(log_p), 2.0/3.0);
46 
47  return std::max(static_cast<size_t>(strength), MIN_WORKFACTOR);
48  }
secure_vector< byte > BOTAN_DLL Botan::EC2OSP ( const PointGFp &  point,
byte  format 
)

Definition at line 428 of file point_gfp.cpp.

References Botan::BigInt::bytes(), Botan::PointGFp::COMPRESSED, Botan::BigInt::encode_1363(), Botan::PointGFp::get_affine_x(), Botan::PointGFp::get_affine_y(), Botan::BigInt::get_bit(), Botan::PointGFp::get_curve(), Botan::CurveGFp::get_p(), Botan::PointGFp::HYBRID, Botan::PointGFp::is_zero(), and Botan::PointGFp::UNCOMPRESSED.

Referenced by Botan::EC_Group::DER_encode(), Botan::ECDH_PublicKey::public_value(), and Botan::EC_PublicKey::x509_subject_public_key().

429  {
430  if(point.is_zero())
431  return secure_vector<byte>(1); // single 0 byte
432 
433  const size_t p_bytes = point.get_curve().get_p().bytes();
434 
435  BigInt x = point.get_affine_x();
436  BigInt y = point.get_affine_y();
437 
438  secure_vector<byte> bX = BigInt::encode_1363(x, p_bytes);
439  secure_vector<byte> bY = BigInt::encode_1363(y, p_bytes);
440 
441  if(format == PointGFp::UNCOMPRESSED)
442  {
443  secure_vector<byte> result;
444  result.push_back(0x04);
445 
446  result += bX;
447  result += bY;
448 
449  return result;
450  }
451  else if(format == PointGFp::COMPRESSED)
452  {
453  secure_vector<byte> result;
454  result.push_back(0x02 | static_cast<byte>(y.get_bit(0)));
455 
456  result += bX;
457 
458  return result;
459  }
460  else if(format == PointGFp::HYBRID)
461  {
462  secure_vector<byte> result;
463  result.push_back(0x06 | static_cast<byte>(y.get_bit(0)));
464 
465  result += bX;
466  result += bY;
467 
468  return result;
469  }
470  else
471  throw Invalid_Argument("EC2OSP illegal point encoding");
472  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
BOTAN_DLL std::string Botan::erase_chars ( const std::string &  str,
const std::set< char > &  chars 
)

Erase characters from a string

Definition at line 270 of file parsing.cpp.

Referenced by Botan::TLS::Ciphersuite::to_string().

271  {
272  std::string out;
273 
274  for(auto c: str)
275  if(chars.count(c) == 0)
276  out += c;
277 
278  return out;
279  }
BOTAN_DLL Key_Constraints Botan::find_constraints ( const Public_Key &  pub_key,
Key_Constraints  limits 
)

Create the key constraints for a specific public key.

Parameters
pub_keythe public key from which the basic set of constraints to be placed in the return value is derived
limitsadditional limits that will be incorporated into the return value
Returns
combination of key type specific constraints and additional limits

Definition at line 46 of file key_constraint.cpp.

References Botan::Public_Key::algo_name(), DATA_ENCIPHERMENT, DIGITAL_SIGNATURE, KEY_AGREEMENT, KEY_ENCIPHERMENT, and NON_REPUDIATION.

Referenced by Botan::X509::create_cert_req(), Botan::X509::create_self_signed_cert(), and Botan::X509_CA::sign_request().

48  {
49  const std::string name = pub_key.algo_name();
50 
51  size_t constraints = 0;
52 
53  if(name == "DH" || name == "ECDH")
54  constraints |= KEY_AGREEMENT;
55 
56  if(name == "RSA" || name == "ElGamal")
57  constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
58 
59  if(name == "RSA" || name == "RW" || name == "NR" ||
60  name == "DSA" || name == "ECDSA")
61  constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
62 
63  if(limits)
64  constraints &= limits;
65 
66  return Key_Constraints(constraints);
67  }
BigInt BOTAN_DLL Botan::gcd ( const BigInt &  x,
const BigInt &  y 
)

Compute the greatest common divisor

Parameters
xa positive integer
ya positive integer
Returns
gcd(x,y)

Definition at line 45 of file numthry.cpp.

References Botan::BigInt::is_nonzero(), Botan::BigInt::is_zero(), low_zero_bits(), Botan::BigInt::Positive, and Botan::BigInt::set_sign().

Referenced by lcm(), and random_prime().

46  {
47  if(a.is_zero() || b.is_zero()) return 0;
48  if(a == 1 || b == 1) return 1;
49 
50  BigInt x = a, y = b;
51  x.set_sign(BigInt::Positive);
52  y.set_sign(BigInt::Positive);
53  size_t shift = std::min(low_zero_bits(x), low_zero_bits(y));
54 
55  x >>= shift;
56  y >>= shift;
57 
58  while(x.is_nonzero())
59  {
60  x >>= low_zero_bits(x);
61  y >>= low_zero_bits(y);
62  if(x >= y) { x -= y; x >>= 1; }
63  else { y -= x; y >>= 1; }
64  }
65 
66  return (y << shift);
67  }
size_t low_zero_bits(const BigInt &n)
Definition: numthry.cpp:19
void Botan::gcm_multiply_clmul ( byte  x[16],
const byte  H[16] 
)

Definition at line 14 of file clmul.cpp.

15  {
16  /*
17  * Algorithms 1 and 5 from Intel's CLMUL guide
18  */
19  const __m128i BSWAP_MASK = _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15);
20 
21  __m128i a = _mm_loadu_si128(reinterpret_cast<const __m128i*>(&x[0]));
22  __m128i b = _mm_loadu_si128(reinterpret_cast<const __m128i*>(&H[0]));
23 
24  a = _mm_shuffle_epi8(a, BSWAP_MASK);
25  b = _mm_shuffle_epi8(b, BSWAP_MASK);
26 
27  __m128i T0, T1, T2, T3, T4, T5;
28 
29  T0 = _mm_clmulepi64_si128(a, b, 0x00);
30  T1 = _mm_clmulepi64_si128(a, b, 0x01);
31  T2 = _mm_clmulepi64_si128(a, b, 0x10);
32  T3 = _mm_clmulepi64_si128(a, b, 0x11);
33 
34  T1 = _mm_xor_si128(T1, T2);
35  T2 = _mm_slli_si128(T1, 8);
36  T1 = _mm_srli_si128(T1, 8);
37  T0 = _mm_xor_si128(T0, T2);
38  T3 = _mm_xor_si128(T3, T1);
39 
40  T4 = _mm_srli_epi32(T0, 31);
41  T0 = _mm_slli_epi32(T0, 1);
42 
43  T5 = _mm_srli_epi32(T3, 31);
44  T3 = _mm_slli_epi32(T3, 1);
45 
46  T2 = _mm_srli_si128(T4, 12);
47  T5 = _mm_slli_si128(T5, 4);
48  T4 = _mm_slli_si128(T4, 4);
49  T0 = _mm_or_si128(T0, T4);
50  T3 = _mm_or_si128(T3, T5);
51  T3 = _mm_or_si128(T3, T2);
52 
53  T4 = _mm_slli_epi32(T0, 31);
54  T5 = _mm_slli_epi32(T0, 30);
55  T2 = _mm_slli_epi32(T0, 25);
56 
57  T4 = _mm_xor_si128(T4, T5);
58  T4 = _mm_xor_si128(T4, T2);
59  T5 = _mm_srli_si128(T4, 4);
60  T3 = _mm_xor_si128(T3, T5);
61  T4 = _mm_slli_si128(T4, 12);
62  T0 = _mm_xor_si128(T0, T4);
63  T3 = _mm_xor_si128(T3, T0);
64 
65  T4 = _mm_srli_epi32(T0, 1);
66  T1 = _mm_srli_epi32(T0, 2);
67  T2 = _mm_srli_epi32(T0, 7);
68  T3 = _mm_xor_si128(T3, T1);
69  T3 = _mm_xor_si128(T3, T2);
70  T3 = _mm_xor_si128(T3, T4);
71 
72  T3 = _mm_shuffle_epi8(T3, BSWAP_MASK);
73 
74  _mm_storeu_si128(reinterpret_cast<__m128i*>(&x[0]), T3);
75  }
std::string BOTAN_DLL Botan::generate_bcrypt ( const std::string &  password,
RandomNumberGenerator &  rng,
u16bit  work_factor = 10 
)

Create a password hash using Bcrypt

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
See also
http://www.usenix.org/events/usenix99/provos/provos_html/

Definition at line 125 of file bcrypt.cpp.

References Botan::RandomNumberGenerator::random_vec(), and unlock().

128  {
129  return make_bcrypt(pass, unlock(rng.random_vec(16)), work_factor);
130  }
std::vector< T > unlock(const secure_vector< T > &in)
Definition: secmem.h:95
bool BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator &  rng,
Algorithm_Factory &  af,
BigInt &  p_out,
BigInt &  q_out,
size_t  pbits,
size_t  qbits,
const std::vector< byte > &  seed 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
seedthe seed used to generate the parameters
Returns
true if seed generated a valid DSA parameter set, otherwise false. p_out and q_out are only valid if true was returned.

Definition at line 40 of file dsa_gen.cpp.

References Botan::BigInt::binary_decode(), Botan::BigInt::bits(), is_prime(), Botan::Algorithm_Factory::make_hash_function(), Botan::BigInt::set_bit(), and Botan::ASN1::to_string().

Referenced by Botan::DL_Group::DL_Group(), and generate_dsa_primes().

45  {
46  if(!fips186_3_valid_size(pbits, qbits))
47  throw Invalid_Argument(
48  "FIPS 186-3 does not allow DSA domain parameters of " +
49  std::to_string(pbits) + "/" + std::to_string(qbits) + " bits long");
50 
51  if(seed_c.size() * 8 < qbits)
52  throw Invalid_Argument(
53  "Generating a DSA parameter set with a " + std::to_string(qbits) +
54  "long q requires a seed at least as many bits long");
55 
56  std::unique_ptr<HashFunction> hash(
57  af.make_hash_function("SHA-" + std::to_string(qbits)));
58 
59  const size_t HASH_SIZE = hash->output_length();
60 
61  class Seed
62  {
63  public:
64  Seed(const std::vector<byte>& s) : seed(s) {}
65 
66  operator std::vector<byte>& () { return seed; }
67 
68  Seed& operator++()
69  {
70  for(size_t j = seed.size(); j > 0; --j)
71  if(++seed[j-1])
72  break;
73  return (*this);
74  }
75  private:
76  std::vector<byte> seed;
77  };
78 
79  Seed seed(seed_c);
80 
81  q.binary_decode(hash->process(seed));
82  q.set_bit(qbits-1);
83  q.set_bit(0);
84 
85  if(!is_prime(q, rng))
86  return false;
87 
88  const size_t n = (pbits-1) / (HASH_SIZE * 8),
89  b = (pbits-1) % (HASH_SIZE * 8);
90 
91  BigInt X;
92  std::vector<byte> V(HASH_SIZE * (n+1));
93 
94  for(size_t j = 0; j != 4096; ++j)
95  {
96  for(size_t k = 0; k <= n; ++k)
97  {
98  ++seed;
99  hash->update(seed);
100  hash->final(&V[HASH_SIZE * (n-k)]);
101  }
102 
103  X.binary_decode(&V[HASH_SIZE - 1 - b/8],
104  V.size() - (HASH_SIZE - 1 - b/8));
105  X.set_bit(pbits-1);
106 
107  p = X - (X % (2*q) - 1);
108 
109  if(p.bits() == pbits && is_prime(p, rng))
110  return true;
111  }
112  return false;
113  }
bool is_prime(const BigInt &n, RandomNumberGenerator &rng, size_t prob, bool is_random)
Definition: numthry.cpp:287
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:46
std::vector< byte > BOTAN_DLL Botan::generate_dsa_primes ( RandomNumberGenerator &  rng,
Algorithm_Factory &  af,
BigInt &  p_out,
BigInt &  q_out,
size_t  pbits,
size_t  qbits 
)

Generate DSA parameters using the FIPS 186 kosherizer

Parameters
rnga random number generator
afan algorithm factory
p_outwhere the prime p will be stored
q_outwhere the prime q will be stored
pbitshow long p will be in bits
qbitshow long q will be in bits
Returns
random seed used to generate this parameter set

Definition at line 118 of file dsa_gen.cpp.

References generate_dsa_primes(), and Botan::RandomNumberGenerator::randomize().

122  {
123  while(true)
124  {
125  std::vector<byte> seed(qbits / 8);
126  rng.randomize(&seed[0], seed.size());
127 
128  if(generate_dsa_primes(rng, af, p, q, pbits, qbits, seed))
129  return seed;
130  }
131  }
std::vector< byte > generate_dsa_primes(RandomNumberGenerator &rng, Algorithm_Factory &af, BigInt &p, BigInt &q, size_t pbits, size_t qbits)
Definition: dsa_gen.cpp:118
std::string BOTAN_DLL Botan::generate_passhash9 ( const std::string &  password,
RandomNumberGenerator &  rng,
u16bit  work_factor = 10,
byte  alg_id = 1 
)

Create a password hash using PBKDF2

Parameters
passwordthe password
rnga random number generator
work_factorhow much work to do to slow down guessing attacks
alg_idspecifies which PRF to use with PBKDF2 0 is HMAC(SHA-1) 1 is HMAC(SHA-256) 2 is CMAC(Blowfish) 3 is HMAC(SHA-384) 4 is HMAC(SHA-512) all other values are currently undefined

Definition at line 52 of file passhash9.cpp.

References Botan::PBKDF::derive_key(), Botan::Pipe::end_msg(), get_byte(), Botan::RandomNumberGenerator::randomize(), Botan::Pipe::read_all_as_string(), Botan::Pipe::start_msg(), Botan::ASN1::to_string(), and Botan::Pipe::write().

56  {
57  MessageAuthenticationCode* prf = get_pbkdf_prf(alg_id);
58 
59  if(!prf)
60  throw Invalid_Argument("Passhash9: Algorithm id " +
61  std::to_string(alg_id) +
62  " is not defined");
63 
64  PKCS5_PBKDF2 kdf(prf); // takes ownership of pointer
65 
66  secure_vector<byte> salt(SALT_BYTES);
67  rng.randomize(&salt[0], salt.size());
68 
69  const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
70 
71  secure_vector<byte> pbkdf2_output =
72  kdf.derive_key(PASSHASH9_PBKDF_OUTPUT_LEN,
73  pass,
74  &salt[0], salt.size(),
75  kdf_iterations).bits_of();
76 
77  Pipe pipe(new Base64_Encoder);
78  pipe.start_msg();
79  pipe.write(alg_id);
80  pipe.write(get_byte(0, work_factor));
81  pipe.write(get_byte(1, work_factor));
82  pipe.write(salt);
83  pipe.write(pbkdf2_output);
84  pipe.end_msg();
85 
86  return MAGIC_PREFIX + pipe.read_all_as_string();
87  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:46
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
BigInt BOTAN_DLL Botan::generate_rfc6979_nonce ( const BigInt &  x,
const BigInt &  q,
const BigInt &  h,
const std::string &  hash 
)
Parameters
xthe secret (EC)DSA key
qthe group order
hthe message hash already reduced mod q
hashthe hash function used to generate h

Definition at line 14 of file rfc6979.cpp.

References Botan::Library_State::algorithm_factory(), Botan::BigInt::bits(), Botan::BigInt::decode(), Botan::BigInt::encode_1363(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_mac().

18  {
19  Algorithm_Factory& af = global_state().algorithm_factory();
20 
21  HMAC_DRBG rng(af.make_mac("HMAC(" + hash + ")"), nullptr);
22 
23  const size_t qlen = q.bits();
24  const size_t rlen = qlen / 8 + (qlen % 8 ? 1 : 0);
25 
26  secure_vector<byte> input = BigInt::encode_1363(x, rlen);
27 
28  input += BigInt::encode_1363(h, rlen);
29 
30  rng.add_entropy(&input[0], input.size());
31 
32  BigInt k;
33 
34  secure_vector<byte> kbits(rlen);
35 
36  while(k == 0 || k >= q)
37  {
38  rng.randomize(&kbits[0], kbits.size());
39  k = BigInt::decode(kbits) >> (8*rlen - qlen);
40  }
41 
42  return k;
43  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:46
void decode(BER_Decoder &source, Key_Constraints &key_usage)
Library_State & global_state()
BigInt BOTAN_DLL Botan::generate_srp6_verifier ( const std::string &  identifier,
const std::string &  password,
const std::vector< byte > &  salt,
const std::string &  group_id,
const std::string &  hash_id 
)

Generate a new SRP-6 verifier

Parameters
identifiera username or other client identifier
passwordthe secret used to authenticate user
salta randomly chosen value, at least 128 bits long
group_idspecifies the shared SRP group
hash_idspecifies a secure hash function

Definition at line 113 of file srp6.cpp.

References Botan::DL_Group::get_g(), Botan::DL_Group::get_p(), and power_mod().

118  {
119  const BigInt x = compute_x(hash_id, identifier, password, salt);
120 
121  DL_Group group(group_id);
122  return power_mod(group.get_g(), x, group.get_p());
123  }
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
Definition: numthry.cpp:219
BOTAN_DLL AEAD_Mode * Botan::get_aead ( const std::string &  name,
Cipher_Dir  direction 
)

Get an AEAD mode by name (eg "AES-128/GCM" or "Serpent/EAX")

Definition at line 34 of file aead.cpp.

References Botan::Library_State::algorithm_factory(), Botan::BlockCipher::block_size(), BOTAN_ASSERT, cipher_name, Botan::BlockCipher::clone(), ENCRYPTION, Botan::Global_State_Management::global_state(), parse_algorithm_name(), Botan::Algorithm_Factory::prototype_block_cipher(), split_on(), and to_u32bit().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and time_algorithm_ops().

35  {
36  Algorithm_Factory& af = global_state().algorithm_factory();
37 
38  const std::vector<std::string> algo_parts = split_on(algo_spec, '/');
39  if(algo_parts.empty())
40  throw Invalid_Algorithm_Name(algo_spec);
41 
42  if(algo_parts.size() < 2)
43  return nullptr;
44 
45  const std::string cipher_name = algo_parts[0];
46  const BlockCipher* cipher = af.prototype_block_cipher(cipher_name);
47  if(!cipher)
48  return nullptr;
49 
50  const std::vector<std::string> mode_info = parse_algorithm_name(algo_parts[1]);
51 
52  if(mode_info.empty())
53  return nullptr;
54 
55  const std::string mode_name = mode_info[0];
56 
57  const size_t tag_size = (mode_info.size() > 1) ? to_u32bit(mode_info[1]) : cipher->block_size();
58 
59 #if defined(BOTAN_HAS_AEAD_CCM)
60  if(mode_name == "CCM-8")
61  {
62  if(direction == ENCRYPTION)
63  return new CCM_Encryption(cipher->clone(), 8, 3);
64  else
65  return new CCM_Decryption(cipher->clone(), 8, 3);
66  }
67 
68  if(mode_name == "CCM" || mode_name == "CCM-8")
69  {
70  const size_t L = (mode_info.size() > 2) ? to_u32bit(mode_info[2]) : 3;
71 
72  if(direction == ENCRYPTION)
73  return new CCM_Encryption(cipher->clone(), tag_size, L);
74  else
75  return new CCM_Decryption(cipher->clone(), tag_size, L);
76  }
77 #endif
78 
79 #if defined(BOTAN_HAS_AEAD_EAX)
80  if(mode_name == "EAX")
81  {
82  if(direction == ENCRYPTION)
83  return new EAX_Encryption(cipher->clone(), tag_size);
84  else
85  return new EAX_Decryption(cipher->clone(), tag_size);
86  }
87 #endif
88 
89 #if defined(BOTAN_HAS_AEAD_SIV)
90  if(mode_name == "SIV")
91  {
92  BOTAN_ASSERT(tag_size == 16, "Valid tag size for SIV");
93  if(direction == ENCRYPTION)
94  return new SIV_Encryption(cipher->clone());
95  else
96  return new SIV_Decryption(cipher->clone());
97  }
98 #endif
99 
100 #if defined(BOTAN_HAS_AEAD_GCM)
101  if(mode_name == "GCM")
102  {
103  if(direction == ENCRYPTION)
104  return new GCM_Encryption(cipher->clone(), tag_size);
105  else
106  return new GCM_Decryption(cipher->clone(), tag_size);
107  }
108 #endif
109 
110 #if defined(BOTAN_HAS_AEAD_OCB)
111  if(mode_name == "OCB")
112  {
113  if(direction == ENCRYPTION)
114  return new OCB_Encryption(cipher->clone(), tag_size);
115  else
116  return new OCB_Decryption(cipher->clone(), tag_size);
117  }
118 #endif
119 
120  return nullptr;
121  }
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:55
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:108
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:46
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
Library_State & global_state()
std::string cipher_name
Definition: ossl_bc.cpp:42
u32bit to_u32bit(const std::string &str)
Definition: parsing.cpp:16
BlockCipher* Botan::get_block_cipher ( const std::string &  algo_spec)
inline

Block cipher factory method.

Deprecated:
Call algorithm_factory() directly
Parameters
algo_specthe name of the desired block cipher
Returns
pointer to the block cipher object

Definition at line 87 of file lookup.h.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::make_block_cipher().

88  {
89  Algorithm_Factory& af = global_state().algorithm_factory();
90  return af.make_block_cipher(algo_spec);
91  }
BlockCipher * make_block_cipher(const std::string &algo_spec, const std::string &provider="")
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:46
Library_State & global_state()
template<typename T >
byte Botan::get_byte ( size_t  byte_num,
input 
)
inline
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
Cipher_Dir  direction 
)

Factory method for general symmetric cipher filters. No key will be set in the filter.

Parameters
algo_specthe name of the desired cipher
directiondetermines whether the filter will be an encrypting or decrypting filter
Returns
pointer to the encryption or decryption filter

Definition at line 80 of file lookup.cpp.

References Botan::Library_State::algorithm_factory(), Botan::Global_State_Management::global_state(), and Botan::Algorithm_Factory::Engine_Iterator::next().

Referenced by Botan::CryptoBox::decrypt(), Botan::CryptoBox::encrypt(), get_cipher(), and Botan::PBE_PKCS5v20::start_msg().

82  {
83  Algorithm_Factory& af = global_state().algorithm_factory();
84 
85  Algorithm_Factory::Engine_Iterator i(af);
86 
87  while(Engine* engine = i.next())
88  {
89  if(Keyed_Filter* algo = engine->get_cipher(algo_spec, direction, af))
90  return algo;
91  }
92 
93  throw Algorithm_Not_Found(algo_spec);
94  }
Algorithm_Factory & algorithm_factory() const
Definition: libstate.cpp:46
Library_State & global_state()
BOTAN_DLL Keyed_Filter * Botan::get_cipher ( const std::string &  algo_spec,
const SymmetricKey &  key,
const InitializationVector &  iv,