diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 10:40:37 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 10:41:04 +0200 |
| commit | 115f165b6e3bb74f45e13a65c5f4f82f28664a2c (patch) | |
| tree | ec55b63c736b5bef6061202c8bd31b08796fa2dc /libtomcrypt | |
| parent | 58a20b797e5a987fc8f7c5bea3be24d754908bf5 (diff) | |
| download | cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.tar.gz cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.tar.xz cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.zip | |
Added a modified libtomcrypt with DSA and RSA algorithms.
Diffstat (limited to 'libtomcrypt')
63 files changed, 547 insertions, 6029 deletions
diff --git a/libtomcrypt/hashes/hash_get_oid.c b/libtomcrypt/hashes/hash_get_oid.c new file mode 100644 index 0000000..0a761b1 --- /dev/null +++ b/libtomcrypt/hashes/hash_get_oid.c @@ -0,0 +1,78 @@ +/* LibTomCrypt, modular cryptographic library + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + */ +#include "tomcrypt.h" +#include <ncr_int.h> + +/* + Returns the OID of the hash. + @param idx The hash identifier of the hash to search for + @return CRYPT_OK if valid +*/ + +const oid_st sha1_oid = { + .OIDlen = 6, + .OID = { 1, 3, 14, 3, 2, 26 }, +}; + +const oid_st md5_oid = { + .OIDlen = 6, + .OID = { 1, 2, 840, 113549, 2, 5, }, +}; + +const oid_st sha224_oid = { + .OIDlen = 9, + .OID = { 2, 16, 840, 1, 101, 3, 4, 2, 4, }, +}; + +const oid_st sha256_oid = { + .OIDlen = 9, + .OID = { 2, 16, 840, 1, 101, 3, 4, 2, 1, }, +}; + +const oid_st sha384_oid = { + .OIDlen = 9, + .OID = { 2, 16, 840, 1, 101, 3, 4, 2, 2, }, +}; + +const oid_st sha512_oid = { + .OIDlen = 9, + .OID = { 2, 16, 840, 1, 101, 3, 4, 2, 3, }, +}; + +int hash_get_oid(int hash, oid_st *st) +{ + switch (hash) { + case NCR_ALG_SHA1: + memcpy(st, &sha1_oid, sizeof(*st)); + break; + case NCR_ALG_MD5: + memcpy(st, &md5_oid, sizeof(*st)); + break; + case NCR_ALG_SHA2_224: + memcpy(st, &sha224_oid, sizeof(*st)); + break; + case NCR_ALG_SHA2_256: + memcpy(st, &sha256_oid, sizeof(*st)); + break; + case NCR_ALG_SHA2_384: + memcpy(st, &sha384_oid, sizeof(*st)); + break; + case NCR_ALG_SHA2_512: + memcpy(st, &sha512_oid, sizeof(*st)); + break; + default: + return CRYPT_INVALID_ARG; + } + return CRYPT_OK; +} + +/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c,v $ */ +/* $Revision: 1.6 $ */ +/* $Date: 2006/12/28 01:27:24 $ */ diff --git a/libtomcrypt/hashes/hash_memory.c b/libtomcrypt/hashes/hash_memory.c index 8775355..274c208 100644 --- a/libtomcrypt/hashes/hash_memory.c +++ b/libtomcrypt/hashes/hash_memory.c @@ -29,7 +29,6 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { int err; - const char* str; struct hash_data hdata; int digest_size; @@ -47,7 +46,7 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned return CRYPT_BUFFER_OVERFLOW; } - err = cryptodev_hash_init( &data, _ncr_algo_to_str(hash), 0, NULL, 0); + err = cryptodev_hash_init( &hdata, _ncr_algo_to_str(hash), 0, NULL, 0); if (err < 0) { err = CRYPT_INVALID_HASH; goto LBL_ERR; @@ -63,9 +62,6 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned *outlen = digest_size; LBL_ERR: cryptodev_hash_deinit(&hdata); -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif return err; } diff --git a/libtomcrypt/hashes/hash_memory_multi.c b/libtomcrypt/hashes/hash_memory_multi.c index c9fafc7..6a85f65 100644 --- a/libtomcrypt/hashes/hash_memory_multi.c +++ b/libtomcrypt/hashes/hash_memory_multi.c @@ -10,6 +10,9 @@ */ #include "tomcrypt.h" #include <stdarg.h> +#include <ncr_int.h> +#include <cryptodev_int.h> + /** @file hash_memory_multi.c Hash (multiple buffers) memory helper, Tom St Denis @@ -49,7 +52,7 @@ int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen, return CRYPT_BUFFER_OVERFLOW; } - err = cryptodev_hash_init( &data, _ncr_algo_to_str(hash), 0, NULL, 0); + err = cryptodev_hash_init( &hdata, _ncr_algo_to_str(hash), 0, NULL, 0); if (err < 0) { err = CRYPT_INVALID_HASH; goto LBL_ERR; @@ -76,9 +79,6 @@ int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen, *outlen = digest_size; LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(hash_state)); -#endif cryptodev_hash_deinit(&hdata); va_end(args); return err; diff --git a/libtomcrypt/headers/tomcrypt.h b/libtomcrypt/headers/tomcrypt.h index f3eb925..51fe804 100644 --- a/libtomcrypt/headers/tomcrypt.h +++ b/libtomcrypt/headers/tomcrypt.h @@ -63,6 +63,7 @@ enum { #include <tomcrypt_cfg.h> #include <tomcrypt_macros.h> +#include <tomcrypt_math.h> #include <tomcrypt_pk.h> #include <tomcrypt_hash.h> #include <tomcrypt_misc.h> diff --git a/libtomcrypt/headers/tomcrypt_cfg.h b/libtomcrypt/headers/tomcrypt_cfg.h index 7feae6e..b750c8b 100644 --- a/libtomcrypt/headers/tomcrypt_cfg.h +++ b/libtomcrypt/headers/tomcrypt_cfg.h @@ -19,6 +19,8 @@ #define LTC_EXPORT #endif +LTC_EXPORT void LTC_CALL XQSORT(void *base, size_t nmemb, size_t size, int(*compar)(const void *, const void *)); + /* certain platforms use macros for these, making the prototypes broken */ #ifndef LTC_NO_PROTOTYPES @@ -28,9 +30,6 @@ LTC_EXPORT void * LTC_CALL XREALLOC(void *p, size_t n); LTC_EXPORT void * LTC_CALL XCALLOC(size_t n, size_t s); LTC_EXPORT void LTC_CALL XFREE(void *p); -LTC_EXPORT void LTC_CALL XQSORT(void *base, size_t nmemb, size_t size, int(*compar)(const void *, const void *)); - - /* change the clock function too */ LTC_EXPORT clock_t LTC_CALL XCLOCK(void); diff --git a/libtomcrypt/headers/tomcrypt_hash.h b/libtomcrypt/headers/tomcrypt_hash.h index 9c7af13..5eaa97c 100644 --- a/libtomcrypt/headers/tomcrypt_hash.h +++ b/libtomcrypt/headers/tomcrypt_hash.h @@ -8,6 +8,11 @@ int hash_memory(int hash, int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen, const unsigned char *in, unsigned long inlen, ...); -/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_hash.h,v $ */ -/* $Revision: 1.22 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ +typedef struct Oid { + unsigned long OID[16]; + /** Length of DER encoding */ + unsigned long OIDlen; +} oid_st; + +int hash_get_oid(int hash, oid_st* st); + diff --git a/libtomcrypt/headers/tomcrypt_math.h b/libtomcrypt/headers/tomcrypt_math.h index a05d7ff..3ee9523 100644 --- a/libtomcrypt/headers/tomcrypt_math.h +++ b/libtomcrypt/headers/tomcrypt_math.h @@ -15,486 +15,7 @@ typedef void rsa_key; #endif -/** math descriptor */ -typedef struct { - /** Name of the math provider */ - char *name; +#include <tommath.h> - /** Bits per digit, amount of bits must fit in an unsigned long */ - int bits_per_digit; +typedef mp_int* mp_int_t; -/* ---- init/deinit functions ---- */ - - /** initialize a bignum - @param a The number to initialize - @return CRYPT_OK on success - */ - int (*init)(void **a); - - /** init copy - @param dst The number to initialize and write to - @param src The number to copy from - @return CRYPT_OK on success - */ - int (*init_copy)(void **dst, void *src); - - /** deinit - @param a The number to free - @return CRYPT_OK on success - */ - void (*deinit)(void *a); - -/* ---- data movement ---- */ - - /** negate - @param src The number to negate - @param dst The destination - @return CRYPT_OK on success - */ - int (*neg)(void *src, void *dst); - - /** copy - @param src The number to copy from - @param dst The number to write to - @return CRYPT_OK on success - */ - int (*copy)(void *src, void *dst); - -/* ---- trivial low level functions ---- */ - - /** set small constant - @param a Number to write to - @param n Source upto bits_per_digit (actually meant for very small constants) - @return CRYPT_OK on succcess - */ - int (*set_int)(void *a, unsigned long n); - - /** get small constant - @param a Number to read, only fetches upto bits_per_digit from the number - @return The lower bits_per_digit of the integer (unsigned) - */ - unsigned long (*get_int)(void *a); - - /** get digit n - @param a The number to read from - @param n The number of the digit to fetch - @return The bits_per_digit sized n'th digit of a - */ - unsigned long (*get_digit)(void *a, int n); - - /** Get the number of digits that represent the number - @param a The number to count - @return The number of digits used to represent the number - */ - int (*get_digit_count)(void *a); - - /** compare two integers - @param a The left side integer - @param b The right side integer - @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise. (signed comparison) - */ - int (*compare)(void *a, void *b); - - /** compare against int - @param a The left side integer - @param b The right side integer (upto bits_per_digit) - @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise. (signed comparison) - */ - int (*compare_d)(void *a, unsigned long n); - - /** Count the number of bits used to represent the integer - @param a The integer to count - @return The number of bits required to represent the integer - */ - int (*count_bits)(void * a); - - /** Count the number of LSB bits which are zero - @param a The integer to count - @return The number of contiguous zero LSB bits - */ - int (*count_lsb_bits)(void *a); - - /** Compute a power of two - @param a The integer to store the power in - @param n The power of two you want to store (a = 2^n) - @return CRYPT_OK on success - */ - int (*twoexpt)(void *a , int n); - -/* ---- radix conversions ---- */ - - /** read ascii string - @param a The integer to store into - @param str The string to read - @param radix The radix the integer has been represented in (2-64) - @return CRYPT_OK on success - */ - int (*read_radix)(void *a, const char *str, int radix); - - /** write number to string - @param a The integer to store - @param str The destination for the string - @param radix The radix the integer is to be represented in (2-64) - @return CRYPT_OK on success - */ - int (*write_radix)(void *a, char *str, int radix); - - /** get size as unsigned char string - @param a The integer to get the size (when stored in array of octets) - @return The length of the integer - */ - unsigned long (*unsigned_size)(void *a); - - /** store an integer as an array of octets - @param src The integer to store - @param dst The buffer to store the integer in - @return CRYPT_OK on success - */ - int (*unsigned_write)(void *src, unsigned char *dst); - - /** read an array of octets and store as integer - @param dst The integer to load - @param src The array of octets - @param len The number of octets - @return CRYPT_OK on success - */ - int (*unsigned_read)(void *dst, unsigned char *src, unsigned long len); - -/* ---- basic math ---- */ - - /** add two integers - @param a The first source integer - @param b The second source integer - @param c The destination of "a + b" - @return CRYPT_OK on success - */ - int (*add)(void *a, void *b, void *c); - - - /** add two integers - @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) - @param c The destination of "a + b" - @return CRYPT_OK on success - */ - int (*addi)(void *a, unsigned long b, void *c); - - /** subtract two integers - @param a The first source integer - @param b The second source integer - @param c The destination of "a - b" - @return CRYPT_OK on success - */ - int (*sub)(void *a, void *b, void *c); - - /** subtract two integers - @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) - @param c The destination of "a - b" - @return CRYPT_OK on success - */ - int (*subi)(void *a, unsigned long b, void *c); - - /** multiply two integers - @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) - @param c The destination of "a * b" - @return CRYPT_OK on success - */ - int (*mul)(void *a, void *b, void *c); - - /** multiply two integers - @param a The first source integer - @param b The second source integer (single digit of upto bits_per_digit in length) - @param c The destination of "a * b" - @return CRYPT_OK on success - */ - int (*muli)(void *a, unsigned long b, void *c); - - /** Square an integer - @param a The integer to square - @param b The destination - @return CRYPT_OK on success - */ - int (*sqr)(void *a, void *b); - - /** Divide an integer - @param a The dividend - @param b The divisor - @param c The quotient (can be NULL to signify don't care) - @param d The remainder (can be NULL to signify don't care) - @return CRYPT_OK on success - */ - int (*mpdiv)(void *a, void *b, void *c, void *d); - - /** divide by two - @param a The integer to divide (shift right) - @param b The destination - @return CRYPT_OK on success - */ - int (*div_2)(void *a, void *b); - - /** Get remainder (small value) - @param a The integer to reduce - @param b The modulus (upto bits_per_digit in length) - @param c The destination for the residue - @return CRYPT_OK on success - */ - int (*modi)(void *a, unsigned long b, unsigned long *c); - - /** gcd - @param a The first integer - @param b The second integer - @param c The destination for (a, b) - @return CRYPT_OK on success - */ - int (*gcd)(void *a, void *b, void *c); - - /** lcm - @param a The first integer - @param b The second integer - @param c The destination for [a, b] - @return CRYPT_OK on success - */ - int (*lcm)(void *a, void *b, void *c); - - /** Modular multiplication - @param a The first source - @param b The second source - @param c The modulus - @param d The destination (a*b mod c) - @return CRYPT_OK on success - */ - int (*mulmod)(void *a, void *b, void *c, void *d); - - /** Modular squaring - @param a The first source - @param b The modulus - @param c The destination (a*a mod b) - @return CRYPT_OK on success - */ - int (*sqrmod)(void *a, void *b, void *c); - - /** Modular inversion - @param a The value to invert - @param b The modulus - @param c The destination (1/a mod b) - @return CRYPT_OK on success - */ - int (*invmod)(void *, void *, void *); - -/* ---- reduction ---- */ - - /** setup montgomery - @param a The modulus - @param b The destination for the reduction digit - @return CRYPT_OK on success - */ - int (*montgomery_setup)(void *a, void **b); - - /** get normalization value - @param a The destination for the normalization value - @param b The modulus - @return CRYPT_OK on success - */ - int (*montgomery_normalization)(void *a, void *b); - - /** reduce a number - @param a The number [and dest] to reduce - @param b The modulus - @param c The value "b" from montgomery_setup() - @return CRYPT_OK on success - */ - int (*montgomery_reduce)(void *a, void *b, void *c); - - /** clean up (frees memory) - @param a The value "b" from montgomery_setup() - @return CRYPT_OK on success - */ - void (*montgomery_deinit)(void *a); - -/* ---- exponentiation ---- */ - - /** Modular exponentiation - @param a The base integer - @param b The power (can be negative) integer - @param c The modulus integer - @param d The destination - @return CRYPT_OK on success - */ - int (*exptmod)(void *a, void *b, void *c, void *d); - - /** Primality testing - @param a The integer to test - @param b The destination of the result (FP_YES if prime) - @return CRYPT_OK on success - */ - int (*isprime)(void *a, int *b); - -/* ---- (optional) ecc point math ---- */ - - /** ECC GF(p) point multiplication (from the NIST curves) - @param k The integer to multiply the point by - @param G The point to multiply - @param R The destination for kG - @param modulus The modulus for the field - @param map Boolean indicated whether to map back to affine or not (can be ignored if you work in affine only) - @return CRYPT_OK on success - */ - int (*ecc_ptmul)(void *k, ecc_point *G, ecc_point *R, void *modulus, int map); - - /** ECC GF(p) point addition - @param P The first point - @param Q The second point - @param R The destination of P + Q - @param modulus The modulus - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success - */ - int (*ecc_ptadd)(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp); - - /** ECC GF(p) point double - @param P The first point - @param R The destination of 2P - @param modulus The modulus - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success - */ - int (*ecc_ptdbl)(ecc_point *P, ecc_point *R, void *modulus, void *mp); - - /** ECC mapping from projective to affine, currently uses (x,y,z) => (x/z^2, y/z^3, 1) - @param P The point to map - @param modulus The modulus - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success - @remark The mapping can be different but keep in mind a ecc_point only has three - integers (x,y,z) so if you use a different mapping you have to make it fit. - */ - int (*ecc_map)(ecc_point *P, void *modulus, void *mp); - - /** Computes kA*A + kB*B = C using Shamir's Trick - @param A First point to multiply - @param kA What to multiple A by - @param B Second point to multiply - @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B - @param modulus Modulus for curve - @return CRYPT_OK on success - */ - int (*ecc_mul2add)(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *modulus); - -/* ---- (optional) rsa optimized math (for internal CRT) ---- */ - - /** RSA Key Generation - @param prng An active PRNG state - @param wprng The index of the PRNG desired - @param size The size of the modulus (key size) desired (octets) - @param e The "e" value (public key). e==65537 is a good choice - @param key [out] Destination of a newly created private key pair - @return CRYPT_OK if successful, upon error all allocated ram is freed - */ - int (*rsa_keygen)(prng_state *prng, int wprng, int size, long e, rsa_key *key); - - - /** RSA exponentiation - @param in The octet array representing the base - @param inlen The length of the input - @param out The destination (to be stored in an octet array format) - @param outlen The length of the output buffer and the resulting size (zero padded to the size of the modulus) - @param which PK_PUBLIC for public RSA and PK_PRIVATE for private RSA - @param key The RSA key to use - @return CRYPT_OK on success - */ - int (*rsa_me)(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, int which, - rsa_key *key); -} ltc_math_descriptor; - -extern ltc_math_descriptor ltc_mp; - -int ltc_init_multi(void **a, ...); -void ltc_deinit_multi(void *a, ...); - -#ifdef LTM_DESC -extern const ltc_math_descriptor ltm_desc; -#endif - -#ifdef TFM_DESC -extern const ltc_math_descriptor tfm_desc; -#endif - -#ifdef GMP_DESC -extern const ltc_math_descriptor gmp_desc; -#endif - -#if !defined(DESC_DEF_ONLY) && defined(LTC_SOURCE) - -#define MP_DIGIT_BIT ltc_mp.bits_per_digit - -/* some handy macros */ -#define mp_init(a) ltc_mp.init(a) -#define mp_init_multi ltc_init_multi -#define mp_clear(a) ltc_mp.deinit(a) -#define mp_clear_multi ltc_deinit_multi -#define mp_init_copy(a, b) ltc_mp.init_copy(a, b) - -#define mp_neg(a, b) ltc_mp.neg(a, b) -#define mp_copy(a, b) ltc_mp.copy(a, b) - -#define mp_set(a, b) ltc_mp.set_int(a, b) -#define mp_set_int(a, b) ltc_mp.set_int(a, b) -#define mp_get_int(a) ltc_mp.get_int(a) -#define mp_get_digit(a, n) ltc_mp.get_digit(a, n) -#define mp_get_digit_count(a) ltc_mp.get_digit_count(a) -#define mp_cmp(a, b) ltc_mp.compare(a, b) -#define mp_cmp_d(a, b) ltc_mp.compare_d(a, b) -#define mp_count_bits(a) ltc_mp.count_bits(a) -#define mp_cnt_lsb(a) ltc_mp.count_lsb_bits(a) -#define mp_2expt(a, b) ltc_mp.twoexpt(a, b) - -#define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c) -#define mp_toradix(a, b, c) ltc_mp.write_radix(a, b, c) -#define mp_unsigned_bin_size(a) ltc_mp.unsigned_size(a) -#define mp_to_unsigned_bin(a, b) ltc_mp.unsigned_write(a, b) -#define mp_read_unsigned_bin(a, b, c) ltc_mp.unsigned_read(a, b, c) - -#define mp_add(a, b, c) ltc_mp.add(a, b, c) -#define mp_add_d(a, b, c) ltc_mp.addi(a, b, c) -#define mp_sub(a, b, c) ltc_mp.sub(a, b, c) -#define mp_sub_d(a, b, c) ltc_mp.subi(a, b, c) -#define mp_mul(a, b, c) ltc_mp.mul(a, b, c) -#define mp_mul_d(a, b, c) ltc_mp.muli(a, b, c) -#define mp_sqr(a, b) ltc_mp.sqr(a, b) -#define mp_div(a, b, c, d) ltc_mp.mpdiv(a, b, c, d) -#define mp_div_2(a, b) ltc_mp.div_2(a, b) -#define mp_mod(a, b, c) ltc_mp.mpdiv(a, b, NULL, c) -#define mp_mod_d(a, b, c) ltc_mp.modi(a, b, c) -#define mp_gcd(a, b, c) ltc_mp.gcd(a, b, c) -#define mp_lcm(a, b, c) ltc_mp.lcm(a, b, c) - -#define mp_mulmod(a, b, c, d) ltc_mp.mulmod(a, b, c, d) -#define mp_sqrmod(a, b, c) ltc_mp.sqrmod(a, b, c) -#define mp_invmod(a, b, c) ltc_mp.invmod(a, b, c) - -#define mp_montgomery_setup(a, b) ltc_mp.montgomery_setup(a, b) -#define mp_montgomery_normalization(a, b) ltc_mp.montgomery_normalization(a, b) -#define mp_montgomery_reduce(a, b, c) ltc_mp.montgomery_reduce(a, b, c) -#define mp_montgomery_free(a) ltc_mp.montgomery_deinit(a) - -#define mp_exptmod(a,b,c,d) ltc_mp.exptmod(a,b,c,d) -#define mp_prime_is_prime(a, b, c) ltc_mp.isprime(a, c) - -#define mp_iszero(a) (mp_cmp_d(a, 0) == LTC_MP_EQ ? LTC_MP_YES : LTC_MP_NO) -#define mp_isodd(a) (mp_get_digit_count(a) > 0 ? (mp_get_digit(a, 0) & 1 ? LTC_MP_YES : LTC_MP_NO) : LTC_MP_NO) -#define mp_exch(a, b) do { void *ABC__tmp = a; a = b; b = ABC__tmp; } while(0); - -#define mp_tohex(a, b) mp_toradix(a, b, 16) - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_math.h,v $ */ -/* $Revision: 1.44 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/headers/tomcrypt_pk.h b/libtomcrypt/headers/tomcrypt_pk.h index 4cd1d48..6d6f32f 100644 --- a/libtomcrypt/headers/tomcrypt_pk.h +++ b/libtomcrypt/headers/tomcrypt_pk.h @@ -19,21 +19,21 @@ typedef struct Rsa_key { /** Type of key, PK_PRIVATE or PK_PUBLIC */ int type; /** The public exponent */ - void *e; + mp_int e; /** The private exponent */ - void *d; + mp_int d; /** The modulus */ - void *N; + mp_int N; /** The p factor of N */ - void *p; + mp_int p; /** The q factor of N */ - void *q; + mp_int q; /** The 1/q mod p CRT param */ - void *qP; + mp_int qP; /** The d mod (p - 1) CRT param */ - void *dP; + mp_int dP; /** The d mod (q - 1) CRT param */ - void *dQ; + mp_int dQ; } rsa_key; int rsa_make_key(int size, long e, rsa_key *key); @@ -87,159 +87,6 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); #endif -/* ---- ECC Routines ---- */ -#ifdef LTC_MECC - -/* size of our temp buffers for exported keys */ -#define ECC_BUF_SIZE 256 - -/* max private key size */ -#define ECC_MAXSIZE 66 - -/** Structure defines a NIST GF(p) curve */ -typedef struct { - /** The size of the curve in octets */ - int size; - - /** name of curve */ - char *name; - - /** The prime that defines the field the curve is in (encoded in hex) */ - char *prime; - - /** The fields B param (hex) */ - char *B; - - /** The order of the curve (hex) */ - char *order; - - /** The x co-ordinate of the base point on the curve (hex) */ - char *Gx; - - /** The y co-ordinate of the base point on the curve (hex) */ - char *Gy; -} ltc_ecc_set_type; - -/** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */ -typedef struct { - /** The x co-ordinate */ - void *x; - - /** The y co-ordinate */ - void *y; - - /** The z co-ordinate */ - void *z; -} ecc_point; - -/** An ECC key */ -typedef struct { - /** Type of key, PK_PRIVATE or PK_PUBLIC */ - int type; - - /** Index into the ltc_ecc_sets[] for the parameters of this curve; if -1, then this key is using user supplied curve in dp */ - int idx; - - /** pointer to domain parameters; either points to NIST curves (identified by idx >= 0) or user supplied curve */ - const ltc_ecc_set_type *dp; - - /** The public key */ - ecc_point pubkey; - - /** The private key */ - void *k; -} ecc_key; - -/** the ECC params provided */ -extern const ltc_ecc_set_type ltc_ecc_sets[]; - -int ecc_test(void); -void ecc_sizes(int *low, int *high); -int ecc_get_size(ecc_key *key); - -int ecc_make_key(int keysize, ecc_key *key); -int ecc_make_key_ex(ecc_key *key, const ltc_ecc_set_type *dp); -void ecc_free(ecc_key *key); - -int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); -int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); - -int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen); -int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp); - -int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, - unsigned char *out, unsigned long *outlen); - -int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - int hash, ecc_key *key); - -int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key); - -int ecc_sign_hash(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key); - -int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key); - -/* low level functions */ -ecc_point *ltc_ecc_new_point(void); -void ltc_ecc_del_point(ecc_point *p); -int ltc_ecc_is_valid_idx(int n); - -/* point ops (mp == montgomery digit) */ -#if !defined(LTC_MECC_ACCEL) || defined(LTM_LTC_DESC) || defined(GMP_LTC_DESC) -/* R = 2P */ -int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp); - -/* R = P + Q */ -int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp); -#endif - -#if defined(LTC_MECC_FP) -/* optimized point multiplication using fixed point cache (HAC algorithm 14.117) */ -int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map); - -/* functions for saving/loading/freeing/adding to fixed point cache */ -int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen); -int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen); -void ltc_ecc_fp_free(void); -int ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock); - -/* lock/unlock all points currently in fixed point cache */ -void ltc_ecc_fp_tablelock(int lock); -#endif - -/* R = kG */ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map); - -#ifdef LTC_ECC_SHAMIR -/* kA*A + kB*B = C */ -int ltc_ecc_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *modulus); - -#ifdef LTC_MECC_FP -/* Shamir's trick with optimized point multiplication using fixed point cache */ -int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, void *modulus); -#endif - -#endif - - -/* map P to affine from projective */ -int ltc_ecc_map(ecc_point *P, void *modulus, void *mp); - -#endif #ifdef LTC_MDSA @@ -258,33 +105,33 @@ typedef struct { int qord; /** The generator */ - void *g; + mp_int g; /** The prime used to generate the sub-group */ - void *q; + mp_int q; /** The large prime that generats the field the contains the sub-group */ - void *p; + mp_int p; /** The private key */ - void *x; + mp_int x; /** The public key */ - void *y; + mp_int y; } dsa_key; int dsa_make_key(int group_size, int modulus_size, dsa_key *key); void dsa_free(dsa_key *key); int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, - void *r, void *s, + mp_int_t r, mp_int_t s, dsa_key *key); int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, dsa_key *key); -int dsa_verify_hash_raw( void *r, void *s, +int dsa_verify_hash_raw( mp_int_t r, mp_int_t s, const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key); @@ -304,7 +151,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); int dsa_verify_key(dsa_key *key, int *stat); -int dsa_shared_secret(void *private_key, void *base, +int dsa_shared_secret(void *private_key, mp_int_t base, dsa_key *public_key, unsigned char *out, unsigned long *outlen); #endif @@ -394,9 +241,9 @@ int der_encode_boolean(int in, int der_decode_boolean(const unsigned char *in, unsigned long inlen, int *out); /* INTEGER */ -int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen); -int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num); -int der_length_integer(void *num, unsigned long *len); +int der_encode_integer(mp_int_t num, unsigned char *out, unsigned long *outlen); +int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int_t num); +int der_length_integer(mp_int_t num, unsigned long *len); /* INTEGER -- handy for 0..2^32-1 values */ int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num); diff --git a/libtomcrypt/headers/tomcrypt_pkcs.h b/libtomcrypt/headers/tomcrypt_pkcs.h index 841583f..8e43942 100644 --- a/libtomcrypt/headers/tomcrypt_pkcs.h +++ b/libtomcrypt/headers/tomcrypt_pkcs.h @@ -28,8 +28,6 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, unsigned long msglen, int block_type, unsigned long modulus_bitlen, - prng_state *prng, - int prng_idx, unsigned char *out, unsigned long *outlen); @@ -44,8 +42,7 @@ int pkcs_1_v1_5_decode(const unsigned char *msg, /* *** v2.1 padding */ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, const unsigned char *lparam, unsigned long lparamlen, - unsigned long modulus_bitlen, prng_state *prng, - int prng_idx, int hash_idx, + unsigned long modulus_bitlen, int hash_idx, unsigned char *out, unsigned long *outlen); int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, @@ -55,8 +52,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, int *res); int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, - unsigned long saltlen, prng_state *prng, - int prng_idx, int hash_idx, + unsigned long saltlen, int hash_idx, unsigned long modulus_bitlen, unsigned char *out, unsigned long *outlen); diff --git a/libtomcrypt/math/fp/ltc_ecc_fp_mulmod.c b/libtomcrypt/math/fp/ltc_ecc_fp_mulmod.c deleted file mode 100644 index 98462ed..0000000 --- a/libtomcrypt/math/fp/ltc_ecc_fp_mulmod.c +++ /dev/null @@ -1,1587 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_fp_mulmod.c - ECC Crypto, Tom St Denis -*/ - -#if defined(LTC_MECC) && defined(LTC_MECC_FP) -#include <limits.h> - -/* number of entries in the cache */ -#ifndef FP_ENTRIES -#define FP_ENTRIES 16 -#endif - -/* number of bits in LUT */ -#ifndef FP_LUT -#define FP_LUT 8U -#endif - -#if (FP_LUT > 12) || (FP_LUT < 2) - #error FP_LUT must be between 2 and 12 inclusively -#endif - -/** Our FP cache */ -static struct { - ecc_point *g, /* cached COPY of base point */ - *LUT[1U<<FP_LUT]; /* fixed point lookup */ - void *mu; /* copy of the montgomery constant */ - int lru_count; /* amount of times this entry has been used */ - int lock; /* flag to indicate cache eviction permitted (0) or not (1) */ -} fp_cache[FP_ENTRIES]; - -LTC_MUTEX_GLOBAL(ltc_ecc_fp_lock) - -/* simple table to help direct the generation of the LUT */ -static const struct { - int ham, terma, termb; -} lut_orders[] = { - { 0, 0, 0 }, { 1, 0, 0 }, { 1, 0, 0 }, { 2, 1, 2 }, { 1, 0, 0 }, { 2, 1, 4 }, { 2, 2, 4 }, { 3, 3, 4 }, - { 1, 0, 0 }, { 2, 1, 8 }, { 2, 2, 8 }, { 3, 3, 8 }, { 2, 4, 8 }, { 3, 5, 8 }, { 3, 6, 8 }, { 4, 7, 8 }, - { 1, 0, 0 }, { 2, 1, 16 }, { 2, 2, 16 }, { 3, 3, 16 }, { 2, 4, 16 }, { 3, 5, 16 }, { 3, 6, 16 }, { 4, 7, 16 }, - { 2, 8, 16 }, { 3, 9, 16 }, { 3, 10, 16 }, { 4, 11, 16 }, { 3, 12, 16 }, { 4, 13, 16 }, { 4, 14, 16 }, { 5, 15, 16 }, - { 1, 0, 0 }, { 2, 1, 32 }, { 2, 2, 32 }, { 3, 3, 32 }, { 2, 4, 32 }, { 3, 5, 32 }, { 3, 6, 32 }, { 4, 7, 32 }, - { 2, 8, 32 }, { 3, 9, 32 }, { 3, 10, 32 }, { 4, 11, 32 }, { 3, 12, 32 }, { 4, 13, 32 }, { 4, 14, 32 }, { 5, 15, 32 }, - { 2, 16, 32 }, { 3, 17, 32 }, { 3, 18, 32 }, { 4, 19, 32 }, { 3, 20, 32 }, { 4, 21, 32 }, { 4, 22, 32 }, { 5, 23, 32 }, - { 3, 24, 32 }, { 4, 25, 32 }, { 4, 26, 32 }, { 5, 27, 32 }, { 4, 28, 32 }, { 5, 29, 32 }, { 5, 30, 32 }, { 6, 31, 32 }, -#if FP_LUT > 6 - { 1, 0, 0 }, { 2, 1, 64 }, { 2, 2, 64 }, { 3, 3, 64 }, { 2, 4, 64 }, { 3, 5, 64 }, { 3, 6, 64 }, { 4, 7, 64 }, - { 2, 8, 64 }, { 3, 9, 64 }, { 3, 10, 64 }, { 4, 11, 64 }, { 3, 12, 64 }, { 4, 13, 64 }, { 4, 14, 64 }, { 5, 15, 64 }, - { 2, 16, 64 }, { 3, 17, 64 }, { 3, 18, 64 }, { 4, 19, 64 }, { 3, 20, 64 }, { 4, 21, 64 }, { 4, 22, 64 }, { 5, 23, 64 }, - { 3, 24, 64 }, { 4, 25, 64 }, { 4, 26, 64 }, { 5, 27, 64 }, { 4, 28, 64 }, { 5, 29, 64 }, { 5, 30, 64 }, { 6, 31, 64 }, - { 2, 32, 64 }, { 3, 33, 64 }, { 3, 34, 64 }, { 4, 35, 64 }, { 3, 36, 64 }, { 4, 37, 64 }, { 4, 38, 64 }, { 5, 39, 64 }, - { 3, 40, 64 }, { 4, 41, 64 }, { 4, 42, 64 }, { 5, 43, 64 }, { 4, 44, 64 }, { 5, 45, 64 }, { 5, 46, 64 }, { 6, 47, 64 }, - { 3, 48, 64 }, { 4, 49, 64 }, { 4, 50, 64 }, { 5, 51, 64 }, { 4, 52, 64 }, { 5, 53, 64 }, { 5, 54, 64 }, { 6, 55, 64 }, - { 4, 56, 64 }, { 5, 57, 64 }, { 5, 58, 64 }, { 6, 59, 64 }, { 5, 60, 64 }, { 6, 61, 64 }, { 6, 62, 64 }, { 7, 63, 64 }, -#if FP_LUT > 7 - { 1, 0, 0 }, { 2, 1, 128 }, { 2, 2, 128 }, { 3, 3, 128 }, { 2, 4, 128 }, { 3, 5, 128 }, { 3, 6, 128 }, { 4, 7, 128 }, - { 2, 8, 128 }, { 3, 9, 128 }, { 3, 10, 128 }, { 4, 11, 128 }, { 3, 12, 128 }, { 4, 13, 128 }, { 4, 14, 128 }, { 5, 15, 128 }, - { 2, 16, 128 }, { 3, 17, 128 }, { 3, 18, 128 }, { 4, 19, 128 }, { 3, 20, 128 }, { 4, 21, 128 }, { 4, 22, 128 }, { 5, 23, 128 }, - { 3, 24, 128 }, { 4, 25, 128 }, { 4, 26, 128 }, { 5, 27, 128 }, { 4, 28, 128 }, { 5, 29, 128 }, { 5, 30, 128 }, { 6, 31, 128 }, - { 2, 32, 128 }, { 3, 33, 128 }, { 3, 34, 128 }, { 4, 35, 128 }, { 3, 36, 128 }, { 4, 37, 128 }, { 4, 38, 128 }, { 5, 39, 128 }, - { 3, 40, 128 }, { 4, 41, 128 }, { 4, 42, 128 }, { 5, 43, 128 }, { 4, 44, 128 }, { 5, 45, 128 }, { 5, 46, 128 }, { 6, 47, 128 }, - { 3, 48, 128 }, { 4, 49, 128 }, { 4, 50, 128 }, { 5, 51, 128 }, { 4, 52, 128 }, { 5, 53, 128 }, { 5, 54, 128 }, { 6, 55, 128 }, - { 4, 56, 128 }, { 5, 57, 128 }, { 5, 58, 128 }, { 6, 59, 128 }, { 5, 60, 128 }, { 6, 61, 128 }, { 6, 62, 128 }, { 7, 63, 128 }, - { 2, 64, 128 }, { 3, 65, 128 }, { 3, 66, 128 }, { 4, 67, 128 }, { 3, 68, 128 }, { 4, 69, 128 }, { 4, 70, 128 }, { 5, 71, 128 }, - { 3, 72, 128 }, { 4, 73, 128 }, { 4, 74, 128 }, { 5, 75, 128 }, { 4, 76, 128 }, { 5, 77, 128 }, { 5, 78, 128 }, { 6, 79, 128 }, - { 3, 80, 128 }, { 4, 81, 128 }, { 4, 82, 128 }, { 5, 83, 128 }, { 4, 84, 128 }, { 5, 85, 128 }, { 5, 86, 128 }, { 6, 87, 128 }, - { 4, 88, 128 }, { 5, 89, 128 }, { 5, 90, 128 }, { 6, 91, 128 }, { 5, 92, 128 }, { 6, 93, 128 }, { 6, 94, 128 }, { 7, 95, 128 }, - { 3, 96, 128 }, { 4, 97, 128 }, { 4, 98, 128 }, { 5, 99, 128 }, { 4, 100, 128 }, { 5, 101, 128 }, { 5, 102, 128 }, { 6, 103, 128 }, - { 4, 104, 128 }, { 5, 105, 128 }, { 5, 106, 128 }, { 6, 107, 128 }, { 5, 108, 128 }, { 6, 109, 128 }, { 6, 110, 128 }, { 7, 111, 128 }, - { 4, 112, 128 }, { 5, 113, 128 }, { 5, 114, 128 }, { 6, 115, 128 }, { 5, 116, 128 }, { 6, 117, 128 }, { 6, 118, 128 }, { 7, 119, 128 }, - { 5, 120, 128 }, { 6, 121, 128 }, { 6, 122, 128 }, { 7, 123, 128 }, { 6, 124, 128 }, { 7, 125, 128 }, { 7, 126, 128 }, { 8, 127, 128 }, -#if FP_LUT > 8 - { 1, 0, 0 }, { 2, 1, 256 }, { 2, 2, 256 }, { 3, 3, 256 }, { 2, 4, 256 }, { 3, 5, 256 }, { 3, 6, 256 }, { 4, 7, 256 }, - { 2, 8, 256 }, { 3, 9, 256 }, { 3, 10, 256 }, { 4, 11, 256 }, { 3, 12, 256 }, { 4, 13, 256 }, { 4, 14, 256 }, { 5, 15, 256 }, - { 2, 16, 256 }, { 3, 17, 256 }, { 3, 18, 256 }, { 4, 19, 256 }, { 3, 20, 256 }, { 4, 21, 256 }, { 4, 22, 256 }, { 5, 23, 256 }, - { 3, 24, 256 }, { 4, 25, 256 }, { 4, 26, 256 }, { 5, 27, 256 }, { 4, 28, 256 }, { 5, 29, 256 }, { 5, 30, 256 }, { 6, 31, 256 }, - { 2, 32, 256 }, { 3, 33, 256 }, { 3, 34, 256 }, { 4, 35, 256 }, { 3, 36, 256 }, { 4, 37, 256 }, { 4, 38, 256 }, { 5, 39, 256 }, - { 3, 40, 256 }, { 4, 41, 256 }, { 4, 42, 256 }, { 5, 43, 256 }, { 4, 44, 256 }, { 5, 45, 256 }, { 5, 46, 256 }, { 6, 47, 256 }, - { 3, 48, 256 }, { 4, 49, 256 }, { 4, 50, 256 }, { 5, 51, 256 }, { 4, 52, 256 }, { 5, 53, 256 }, { 5, 54, 256 }, { 6, 55, 256 }, - { 4, 56, 256 }, { 5, 57, 256 }, { 5, 58, 256 }, { 6, 59, 256 }, { 5, 60, 256 }, { 6, 61, 256 }, { 6, 62, 256 }, { 7, 63, 256 }, - { 2, 64, 256 }, { 3, 65, 256 }, { 3, 66, 256 }, { 4, 67, 256 }, { 3, 68, 256 }, { 4, 69, 256 }, { 4, 70, 256 }, { 5, 71, 256 }, - { 3, 72, 256 }, { 4, 73, 256 }, { 4, 74, 256 }, { 5, 75, 256 }, { 4, 76, 256 }, { 5, 77, 256 }, { 5, 78, 256 }, { 6, 79, 256 }, - { 3, 80, 256 }, { 4, 81, 256 }, { 4, 82, 256 }, { 5, 83, 256 }, { 4, 84, 256 }, { 5, 85, 256 }, { 5, 86, 256 }, { 6, 87, 256 }, - { 4, 88, 256 }, { 5, 89, 256 }, { 5, 90, 256 }, { 6, 91, 256 }, { 5, 92, 256 }, { 6, 93, 256 }, { 6, 94, 256 }, { 7, 95, 256 }, - { 3, 96, 256 }, { 4, 97, 256 }, { 4, 98, 256 }, { 5, 99, 256 }, { 4, 100, 256 }, { 5, 101, 256 }, { 5, 102, 256 }, { 6, 103, 256 }, - { 4, 104, 256 }, { 5, 105, 256 }, { 5, 106, 256 }, { 6, 107, 256 }, { 5, 108, 256 }, { 6, 109, 256 }, { 6, 110, 256 }, { 7, 111, 256 }, - { 4, 112, 256 }, { 5, 113, 256 }, { 5, 114, 256 }, { 6, 115, 256 }, { 5, 116, 256 }, { 6, 117, 256 }, { 6, 118, 256 }, { 7, 119, 256 }, - { 5, 120, 256 }, { 6, 121, 256 }, { 6, 122, 256 }, { 7, 123, 256 }, { 6, 124, 256 }, { 7, 125, 256 }, { 7, 126, 256 }, { 8, 127, 256 }, - { 2, 128, 256 }, { 3, 129, 256 }, { 3, 130, 256 }, { 4, 131, 256 }, { 3, 132, 256 }, { 4, 133, 256 }, { 4, 134, 256 }, { 5, 135, 256 }, - { 3, 136, 256 }, { 4, 137, 256 }, { 4, 138, 256 }, { 5, 139, 256 }, { 4, 140, 256 }, { 5, 141, 256 }, { 5, 142, 256 }, { 6, 143, 256 }, - { 3, 144, 256 }, { 4, 145, 256 }, { 4, 146, 256 }, { 5, 147, 256 }, { 4, 148, 256 }, { 5, 149, 256 }, { 5, 150, 256 }, { 6, 151, 256 }, - { 4, 152, 256 }, { 5, 153, 256 }, { 5, 154, 256 }, { 6, 155, 256 }, { 5, 156, 256 }, { 6, 157, 256 }, { 6, 158, 256 }, { 7, 159, 256 }, - { 3, 160, 256 }, { 4, 161, 256 }, { 4, 162, 256 }, { 5, 163, 256 }, { 4, 164, 256 }, { 5, 165, 256 }, { 5, 166, 256 }, { 6, 167, 256 }, - { 4, 168, 256 }, { 5, 169, 256 }, { 5, 170, 256 }, { 6, 171, 256 }, { 5, 172, 256 }, { 6, 173, 256 }, { 6, 174, 256 }, { 7, 175, 256 }, - { 4, 176, 256 }, { 5, 177, 256 }, { 5, 178, 256 }, { 6, 179, 256 }, { 5, 180, 256 }, { 6, 181, 256 }, { 6, 182, 256 }, { 7, 183, 256 }, - { 5, 184, 256 }, { 6, 185, 256 }, { 6, 186, 256 }, { 7, 187, 256 }, { 6, 188, 256 }, { 7, 189, 256 }, { 7, 190, 256 }, { 8, 191, 256 }, - { 3, 192, 256 }, { 4, 193, 256 }, { 4, 194, 256 }, { 5, 195, 256 }, { 4, 196, 256 }, { 5, 197, 256 }, { 5, 198, 256 }, { 6, 199, 256 }, - { 4, 200, 256 }, { 5, 201, 256 }, { 5, 202, 256 }, { 6, 203, 256 }, { 5, 204, 256 }, { 6, 205, 256 }, { 6, 206, 256 }, { 7, 207, 256 }, - { 4, 208, 256 }, { 5, 209, 256 }, { 5, 210, 256 }, { 6, 211, 256 }, { 5, 212, 256 }, { 6, 213, 256 }, { 6, 214, 256 }, { 7, 215, 256 }, - { 5, 216, 256 }, { 6, 217, 256 }, { 6, 218, 256 }, { 7, 219, 256 }, { 6, 220, 256 }, { 7, 221, 256 }, { 7, 222, 256 }, { 8, 223, 256 }, - { 4, 224, 256 }, { 5, 225, 256 }, { 5, 226, 256 }, { 6, 227, 256 }, { 5, 228, 256 }, { 6, 229, 256 }, { 6, 230, 256 }, { 7, 231, 256 }, - { 5, 232, 256 }, { 6, 233, 256 }, { 6, 234, 256 }, { 7, 235, 256 }, { 6, 236, 256 }, { 7, 237, 256 }, { 7, 238, 256 }, { 8, 239, 256 }, - { 5, 240, 256 }, { 6, 241, 256 }, { 6, 242, 256 }, { 7, 243, 256 }, { 6, 244, 256 }, { 7, 245, 256 }, { 7, 246, 256 }, { 8, 247, 256 }, - { 6, 248, 256 }, { 7, 249, 256 }, { 7, 250, 256 }, { 8, 251, 256 }, { 7, 252, 256 }, { 8, 253, 256 }, { 8, 254, 256 }, { 9, 255, 256 }, -#if FP_LUT > 9 - { 1, 0, 0 }, { 2, 1, 512 }, { 2, 2, 512 }, { 3, 3, 512 }, { 2, 4, 512 }, { 3, 5, 512 }, { 3, 6, 512 }, { 4, 7, 512 }, - { 2, 8, 512 }, { 3, 9, 512 }, { 3, 10, 512 }, { 4, 11, 512 }, { 3, 12, 512 }, { 4, 13, 512 }, { 4, 14, 512 }, { 5, 15, 512 }, - { 2, 16, 512 }, { 3, 17, 512 }, { 3, 18, 512 }, { 4, 19, 512 }, { 3, 20, 512 }, { 4, 21, 512 }, { 4, 22, 512 }, { 5, 23, 512 }, - { 3, 24, 512 }, { 4, 25, 512 }, { 4, 26, 512 }, { 5, 27, 512 }, { 4, 28, 512 }, { 5, 29, 512 }, { 5, 30, 512 }, { 6, 31, 512 }, - { 2, 32, 512 }, { 3, 33, 512 }, { 3, 34, 512 }, { 4, 35, 512 }, { 3, 36, 512 }, { 4, 37, 512 }, { 4, 38, 512 }, { 5, 39, 512 }, - { 3, 40, 512 }, { 4, 41, 512 }, { 4, 42, 512 }, { 5, 43, 512 }, { 4, 44, 512 }, { 5, 45, 512 }, { 5, 46, 512 }, { 6, 47, 512 }, - { 3, 48, 512 }, { 4, 49, 512 }, { 4, 50, 512 }, { 5, 51, 512 }, { 4, 52, 512 }, { 5, 53, 512 }, { 5, 54, 512 }, { 6, 55, 512 }, - { 4, 56, 512 }, { 5, 57, 512 }, { 5, 58, 512 }, { 6, 59, 512 }, { 5, 60, 512 }, { 6, 61, 512 }, { 6, 62, 512 }, { 7, 63, 512 }, - { 2, 64, 512 }, { 3, 65, 512 }, { 3, 66, 512 }, { 4, 67, 512 }, { 3, 68, 512 }, { 4, 69, 512 }, { 4, 70, 512 }, { 5, 71, 512 }, - { 3, 72, 512 }, { 4, 73, 512 }, { 4, 74, 512 }, { 5, 75, 512 }, { 4, 76, 512 }, { 5, 77, 512 }, { 5, 78, 512 }, { 6, 79, 512 }, - { 3, 80, 512 }, { 4, 81, 512 }, { 4, 82, 512 }, { 5, 83, 512 }, { 4, 84, 512 }, { 5, 85, 512 }, { 5, 86, 512 }, { 6, 87, 512 }, - { 4, 88, 512 }, { 5, 89, 512 }, { 5, 90, 512 }, { 6, 91, 512 }, { 5, 92, 512 }, { 6, 93, 512 }, { 6, 94, 512 }, { 7, 95, 512 }, - { 3, 96, 512 }, { 4, 97, 512 }, { 4, 98, 512 }, { 5, 99, 512 }, { 4, 100, 512 }, { 5, 101, 512 }, { 5, 102, 512 }, { 6, 103, 512 }, - { 4, 104, 512 }, { 5, 105, 512 }, { 5, 106, 512 }, { 6, 107, 512 }, { 5, 108, 512 }, { 6, 109, 512 }, { 6, 110, 512 }, { 7, 111, 512 }, - { 4, 112, 512 }, { 5, 113, 512 }, { 5, 114, 512 }, { 6, 115, 512 }, { 5, 116, 512 }, { 6, 117, 512 }, { 6, 118, 512 }, { 7, 119, 512 }, - { 5, 120, 512 }, { 6, 121, 512 }, { 6, 122, 512 }, { 7, 123, 512 }, { 6, 124, 512 }, { 7, 125, 512 }, { 7, 126, 512 }, { 8, 127, 512 }, - { 2, 128, 512 }, { 3, 129, 512 }, { 3, 130, 512 }, { 4, 131, 512 }, { 3, 132, 512 }, { 4, 133, 512 }, { 4, 134, 512 }, { 5, 135, 512 }, - { 3, 136, 512 }, { 4, 137, 512 }, { 4, 138, 512 }, { 5, 139, 512 }, { 4, 140, 512 }, { 5, 141, 512 }, { 5, 142, 512 }, { 6, 143, 512 }, - { 3, 144, 512 }, { 4, 145, 512 }, { 4, 146, 512 }, { 5, 147, 512 }, { 4, 148, 512 }, { 5, 149, 512 }, { 5, 150, 512 }, { 6, 151, 512 }, - { 4, 152, 512 }, { 5, 153, 512 }, { 5, 154, 512 }, { 6, 155, 512 }, { 5, 156, 512 }, { 6, 157, 512 }, { 6, 158, 512 }, { 7, 159, 512 }, - { 3, 160, 512 }, { 4, 161, 512 }, { 4, 162, 512 }, { 5, 163, 512 }, { 4, 164, 512 }, { 5, 165, 512 }, { 5, 166, 512 }, { 6, 167, 512 }, - { 4, 168, 512 }, { 5, 169, 512 }, { 5, 170, 512 }, { 6, 171, 512 }, { 5, 172, 512 }, { 6, 173, 512 }, { 6, 174, 512 }, { 7, 175, 512 }, - { 4, 176, 512 }, { 5, 177, 512 }, { 5, 178, 512 }, { 6, 179, 512 }, { 5, 180, 512 }, { 6, 181, 512 }, { 6, 182, 512 }, { 7, 183, 512 }, - { 5, 184, 512 }, { 6, 185, 512 }, { 6, 186, 512 }, { 7, 187, 512 }, { 6, 188, 512 }, { 7, 189, 512 }, { 7, 190, 512 }, { 8, 191, 512 }, - { 3, 192, 512 }, { 4, 193, 512 }, { 4, 194, 512 }, { 5, 195, 512 }, { 4, 196, 512 }, { 5, 197, 512 }, { 5, 198, 512 }, { 6, 199, 512 }, - { 4, 200, 512 }, { 5, 201, 512 }, { 5, 202, 512 }, { 6, 203, 512 }, { 5, 204, 512 }, { 6, 205, 512 }, { 6, 206, 512 }, { 7, 207, 512 }, - { 4, 208, 512 }, { 5, 209, 512 }, { 5, 210, 512 }, { 6, 211, 512 }, { 5, 212, 512 }, { 6, 213, 512 }, { 6, 214, 512 }, { 7, 215, 512 }, - { 5, 216, 512 }, { 6, 217, 512 }, { 6, 218, 512 }, { 7, 219, 512 }, { 6, 220, 512 }, { 7, 221, 512 }, { 7, 222, 512 }, { 8, 223, 512 }, - { 4, 224, 512 }, { 5, 225, 512 }, { 5, 226, 512 }, { 6, 227, 512 }, { 5, 228, 512 }, { 6, 229, 512 }, { 6, 230, 512 }, { 7, 231, 512 }, - { 5, 232, 512 }, { 6, 233, 512 }, { 6, 234, 512 }, { 7, 235, 512 }, { 6, 236, 512 }, { 7, 237, 512 }, { 7, 238, 512 }, { 8, 239, 512 }, - { 5, 240, 512 }, { 6, 241, 512 }, { 6, 242, 512 }, { 7, 243, 512 }, { 6, 244, 512 }, { 7, 245, 512 }, { 7, 246, 512 }, { 8, 247, 512 }, - { 6, 248, 512 }, { 7, 249, 512 }, { 7, 250, 512 }, { 8, 251, 512 }, { 7, 252, 512 }, { 8, 253, 512 }, { 8, 254, 512 }, { 9, 255, 512 }, - { 2, 256, 512 }, { 3, 257, 512 }, { 3, 258, 512 }, { 4, 259, 512 }, { 3, 260, 512 }, { 4, 261, 512 }, { 4, 262, 512 }, { 5, 263, 512 }, - { 3, 264, 512 }, { 4, 265, 512 }, { 4, 266, 512 }, { 5, 267, 512 }, { 4, 268, 512 }, { 5, 269, 512 }, { 5, 270, 512 }, { 6, 271, 512 }, - { 3, 272, 512 }, { 4, 273, 512 }, { 4, 274, 512 }, { 5, 275, 512 }, { 4, 276, 512 }, { 5, 277, 512 }, { 5, 278, 512 }, { 6, 279, 512 }, - { 4, 280, 512 }, { 5, 281, 512 }, { 5, 282, 512 }, { 6, 283, 512 }, { 5, 284, 512 }, { 6, 285, 512 }, { 6, 286, 512 }, { 7, 287, 512 }, - { 3, 288, 512 }, { 4, 289, 512 }, { 4, 290, 512 }, { 5, 291, 512 }, { 4, 292, 512 }, { 5, 293, 512 }, { 5, 294, 512 }, { 6, 295, 512 }, - { 4, 296, 512 }, { 5, 297, 512 }, { 5, 298, 512 }, { 6, 299, 512 }, { 5, 300, 512 }, { 6, 301, 512 }, { 6, 302, 512 }, { 7, 303, 512 }, - { 4, 304, 512 }, { 5, 305, 512 }, { 5, 306, 512 }, { 6, 307, 512 }, { 5, 308, 512 }, { 6, 309, 512 }, { 6, 310, 512 }, { 7, 311, 512 }, - { 5, 312, 512 }, { 6, 313, 512 }, { 6, 314, 512 }, { 7, 315, 512 }, { 6, 316, 512 }, { 7, 317, 512 }, { 7, 318, 512 }, { 8, 319, 512 }, - { 3, 320, 512 }, { 4, 321, 512 }, { 4, 322, 512 }, { 5, 323, 512 }, { 4, 324, 512 }, { 5, 325, 512 }, { 5, 326, 512 }, { 6, 327, 512 }, - { 4, 328, 512 }, { 5, 329, 512 }, { 5, 330, 512 }, { 6, 331, 512 }, { 5, 332, 512 }, { 6, 333, 512 }, { 6, 334, 512 }, { 7, 335, 512 }, - { 4, 336, 512 }, { 5, 337, 512 }, { 5, 338, 512 }, { 6, 339, 512 }, { 5, 340, 512 }, { 6, 341, 512 }, { 6, 342, 512 }, { 7, 343, 512 }, - { 5, 344, 512 }, { 6, 345, 512 }, { 6, 346, 512 }, { 7, 347, 512 }, { 6, 348, 512 }, { 7, 349, 512 }, { 7, 350, 512 }, { 8, 351, 512 }, - { 4, 352, 512 }, { 5, 353, 512 }, { 5, 354, 512 }, { 6, 355, 512 }, { 5, 356, 512 }, { 6, 357, 512 }, { 6, 358, 512 }, { 7, 359, 512 }, - { 5, 360, 512 }, { 6, 361, 512 }, { 6, 362, 512 }, { 7, 363, 512 }, { 6, 364, 512 }, { 7, 365, 512 }, { 7, 366, 512 }, { 8, 367, 512 }, - { 5, 368, 512 }, { 6, 369, 512 }, { 6, 370, 512 }, { 7, 371, 512 }, { 6, 372, 512 }, { 7, 373, 512 }, { 7, 374, 512 }, { 8, 375, 512 }, - { 6, 376, 512 }, { 7, 377, 512 }, { 7, 378, 512 }, { 8, 379, 512 }, { 7, 380, 512 }, { 8, 381, 512 }, { 8, 382, 512 }, { 9, 383, 512 }, - { 3, 384, 512 }, { 4, 385, 512 }, { 4, 386, 512 }, { 5, 387, 512 }, { 4, 388, 512 }, { 5, 389, 512 }, { 5, 390, 512 }, { 6, 391, 512 }, - { 4, 392, 512 }, { 5, 393, 512 }, { 5, 394, 512 }, { 6, 395, 512 }, { 5, 396, 512 }, { 6, 397, 512 }, { 6, 398, 512 }, { 7, 399, 512 }, - { 4, 400, 512 }, { 5, 401, 512 }, { 5, 402, 512 }, { 6, 403, 512 }, { 5, 404, 512 }, { 6, 405, 512 }, { 6, 406, 512 }, { 7, 407, 512 }, - { 5, 408, 512 }, { 6, 409, 512 }, { 6, 410, 512 }, { 7, 411, 512 }, { 6, 412, 512 }, { 7, 413, 512 }, { 7, 414, 512 }, { 8, 415, 512 }, - { 4, 416, 512 }, { 5, 417, 512 }, { 5, 418, 512 }, { 6, 419, 512 }, { 5, 420, 512 }, { 6, 421, 512 }, { 6, 422, 512 }, { 7, 423, 512 }, - { 5, 424, 512 }, { 6, 425, 512 }, { 6, 426, 512 }, { 7, 427, 512 }, { 6, 428, 512 }, { 7, 429, 512 }, { 7, 430, 512 }, { 8, 431, 512 }, - { 5, 432, 512 }, { 6, 433, 512 }, { 6, 434, 512 }, { 7, 435, 512 }, { 6, 436, 512 }, { 7, 437, 512 }, { 7, 438, 512 }, { 8, 439, 512 }, - { 6, 440, 512 }, { 7, 441, 512 }, { 7, 442, 512 }, { 8, 443, 512 }, { 7, 444, 512 }, { 8, 445, 512 }, { 8, 446, 512 }, { 9, 447, 512 }, - { 4, 448, 512 }, { 5, 449, 512 }, { 5, 450, 512 }, { 6, 451, 512 }, { 5, 452, 512 }, { 6, 453, 512 }, { 6, 454, 512 }, { 7, 455, 512 }, - { 5, 456, 512 }, { 6, 457, 512 }, { 6, 458, 512 }, { 7, 459, 512 }, { 6, 460, 512 }, { 7, 461, 512 }, { 7, 462, 512 }, { 8, 463, 512 }, - { 5, 464, 512 }, { 6, 465, 512 }, { 6, 466, 512 }, { 7, 467, 512 }, { 6, 468, 512 }, { 7, 469, 512 }, { 7, 470, 512 }, { 8, 471, 512 }, - { 6, 472, 512 }, { 7, 473, 512 }, { 7, 474, 512 }, { 8, 475, 512 }, { 7, 476, 512 }, { 8, 477, 512 }, { 8, 478, 512 }, { 9, 479, 512 }, - { 5, 480, 512 }, { 6, 481, 512 }, { 6, 482, 512 }, { 7, 483, 512 }, { 6, 484, 512 }, { 7, 485, 512 }, { 7, 486, 512 }, { 8, 487, 512 }, - { 6, 488, 512 }, { 7, 489, 512 }, { 7, 490, 512 }, { 8, 491, 512 }, { 7, 492, 512 }, { 8, 493, 512 }, { 8, 494, 512 }, { 9, 495, 512 }, - { 6, 496, 512 }, { 7, 497, 512 }, { 7, 498, 512 }, { 8, 499, 512 }, { 7, 500, 512 }, { 8, 501, 512 }, { 8, 502, 512 }, { 9, 503, 512 }, - { 7, 504, 512 }, { 8, 505, 512 }, { 8, 506, 512 }, { 9, 507, 512 }, { 8, 508, 512 }, { 9, 509, 512 }, { 9, 510, 512 }, { 10, 511, 512 }, -#if FP_LUT > 10 - { 1, 0, 0 }, { 2, 1, 1024 }, { 2, 2, 1024 }, { 3, 3, 1024 }, { 2, 4, 1024 }, { 3, 5, 1024 }, { 3, 6, 1024 }, { 4, 7, 1024 }, - { 2, 8, 1024 }, { 3, 9, 1024 }, { 3, 10, 1024 }, { 4, 11, 1024 }, { 3, 12, 1024 }, { 4, 13, 1024 }, { 4, 14, 1024 }, { 5, 15, 1024 }, - { 2, 16, 1024 }, { 3, 17, 1024 }, { 3, 18, 1024 }, { 4, 19, 1024 }, { 3, 20, 1024 }, { 4, 21, 1024 }, { 4, 22, 1024 }, { 5, 23, 1024 }, - { 3, 24, 1024 }, { 4, 25, 1024 }, { 4, 26, 1024 }, { 5, 27, 1024 }, { 4, 28, 1024 }, { 5, 29, 1024 }, { 5, 30, 1024 }, { 6, 31, 1024 }, - { 2, 32, 1024 }, { 3, 33, 1024 }, { 3, 34, 1024 }, { 4, 35, 1024 }, { 3, 36, 1024 }, { 4, 37, 1024 }, { 4, 38, 1024 }, { 5, 39, 1024 }, - { 3, 40, 1024 }, { 4, 41, 1024 }, { 4, 42, 1024 }, { 5, 43, 1024 }, { 4, 44, 1024 }, { 5, 45, 1024 }, { 5, 46, 1024 }, { 6, 47, 1024 }, - { 3, 48, 1024 }, { 4, 49, 1024 }, { 4, 50, 1024 }, { 5, 51, 1024 }, { 4, 52, 1024 }, { 5, 53, 1024 }, { 5, 54, 1024 }, { 6, 55, 1024 }, - { 4, 56, 1024 }, { 5, 57, 1024 }, { 5, 58, 1024 }, { 6, 59, 1024 }, { 5, 60, 1024 }, { 6, 61, 1024 }, { 6, 62, 1024 }, { 7, 63, 1024 }, - { 2, 64, 1024 }, { 3, 65, 1024 }, { 3, 66, 1024 }, { 4, 67, 1024 }, { 3, 68, 1024 }, { 4, 69, 1024 }, { 4, 70, 1024 }, { 5, 71, 1024 }, - { 3, 72, 1024 }, { 4, 73, 1024 }, { 4, 74, 1024 }, { 5, 75, 1024 }, { 4, 76, 1024 }, { 5, 77, 1024 }, { 5, 78, 1024 }, { 6, 79, 1024 }, - { 3, 80, 1024 }, { 4, 81, 1024 }, { 4, 82, 1024 }, { 5, 83, 1024 }, { 4, 84, 1024 }, { 5, 85, 1024 }, { 5, 86, 1024 }, { 6, 87, 1024 }, - { 4, 88, 1024 }, { 5, 89, 1024 }, { 5, 90, 1024 }, { 6, 91, 1024 }, { 5, 92, 1024 }, { 6, 93, 1024 }, { 6, 94, 1024 }, { 7, 95, 1024 }, - { 3, 96, 1024 }, { 4, 97, 1024 }, { 4, 98, 1024 }, { 5, 99, 1024 }, { 4, 100, 1024 }, { 5, 101, 1024 }, { 5, 102, 1024 }, { 6, 103, 1024 }, - { 4, 104, 1024 }, { 5, 105, 1024 }, { 5, 106, 1024 }, { 6, 107, 1024 }, { 5, 108, 1024 }, { 6, 109, 1024 }, { 6, 110, 1024 }, { 7, 111, 1024 }, - { 4, 112, 1024 }, { 5, 113, 1024 }, { 5, 114, 1024 }, { 6, 115, 1024 }, { 5, 116, 1024 }, { 6, 117, 1024 }, { 6, 118, 1024 }, { 7, 119, 1024 }, - { 5, 120, 1024 }, { 6, 121, 1024 }, { 6, 122, 1024 }, { 7, 123, 1024 }, { 6, 124, 1024 }, { 7, 125, 1024 }, { 7, 126, 1024 }, { 8, 127, 1024 }, - { 2, 128, 1024 }, { 3, 129, 1024 }, { 3, 130, 1024 }, { 4, 131, 1024 }, { 3, 132, 1024 }, { 4, 133, 1024 }, { 4, 134, 1024 }, { 5, 135, 1024 }, - { 3, 136, 1024 }, { 4, 137, 1024 }, { 4, 138, 1024 }, { 5, 139, 1024 }, { 4, 140, 1024 }, { 5, 141, 1024 }, { 5, 142, 1024 }, { 6, 143, 1024 }, - { 3, 144, 1024 }, { 4, 145, 1024 }, { 4, 146, 1024 }, { 5, 147, 1024 }, { 4, 148, 1024 }, { 5, 149, 1024 }, { 5, 150, 1024 }, { 6, 151, 1024 }, - { 4, 152, 1024 }, { 5, 153, 1024 }, { 5, 154, 1024 }, { 6, 155, 1024 }, { 5, 156, 1024 }, { 6, 157, 1024 }, { 6, 158, 1024 }, { 7, 159, 1024 }, - { 3, 160, 1024 }, { 4, 161, 1024 }, { 4, 162, 1024 }, { 5, 163, 1024 }, { 4, 164, 1024 }, { 5, 165, 1024 }, { 5, 166, 1024 }, { 6, 167, 1024 }, - { 4, 168, 1024 }, { 5, 169, 1024 }, { 5, 170, 1024 }, { 6, 171, 1024 }, { 5, 172, 1024 }, { 6, 173, 1024 }, { 6, 174, 1024 }, { 7, 175, 1024 }, - { 4, 176, 1024 }, { 5, 177, 1024 }, { 5, 178, 1024 }, { 6, 179, 1024 }, { 5, 180, 1024 }, { 6, 181, 1024 }, { 6, 182, 1024 }, { 7, 183, 1024 }, - { 5, 184, 1024 }, { 6, 185, 1024 }, { 6, 186, 1024 }, { 7, 187, 1024 }, { 6, 188, 1024 }, { 7, 189, 1024 }, { 7, 190, 1024 }, { 8, 191, 1024 }, - { 3, 192, 1024 }, { 4, 193, 1024 }, { 4, 194, 1024 }, { 5, 195, 1024 }, { 4, 196, 1024 }, { 5, 197, 1024 }, { 5, 198, 1024 }, { 6, 199, 1024 }, - { 4, 200, 1024 }, { 5, 201, 1024 }, { 5, 202, 1024 }, { 6, 203, 1024 }, { 5, 204, 1024 }, { 6, 205, 1024 }, { 6, 206, 1024 }, { 7, 207, 1024 }, - { 4, 208, 1024 }, { 5, 209, 1024 }, { 5, 210, 1024 }, { 6, 211, 1024 }, { 5, 212, 1024 }, { 6, 213, 1024 }, { 6, 214, 1024 }, { 7, 215, 1024 }, - { 5, 216, 1024 }, { 6, 217, 1024 }, { 6, 218, 1024 }, { 7, 219, 1024 }, { 6, 220, 1024 }, { 7, 221, 1024 }, { 7, 222, 1024 }, { 8, 223, 1024 }, - { 4, 224, 1024 }, { 5, 225, 1024 }, { 5, 226, 1024 }, { 6, 227, 1024 }, { 5, 228, 1024 }, { 6, 229, 1024 }, { 6, 230, 1024 }, { 7, 231, 1024 }, - { 5, 232, 1024 }, { 6, 233, 1024 }, { 6, 234, 1024 }, { 7, 235, 1024 }, { 6, 236, 1024 }, { 7, 237, 1024 }, { 7, 238, 1024 }, { 8, 239, 1024 }, - { 5, 240, 1024 }, { 6, 241, 1024 }, { 6, 242, 1024 }, { 7, 243, 1024 }, { 6, 244, 1024 }, { 7, 245, 1024 }, { 7, 246, 1024 }, { 8, 247, 1024 }, - { 6, 248, 1024 }, { 7, 249, 1024 }, { 7, 250, 1024 }, { 8, 251, 1024 }, { 7, 252, 1024 }, { 8, 253, 1024 }, { 8, 254, 1024 }, { 9, 255, 1024 }, - { 2, 256, 1024 }, { 3, 257, 1024 }, { 3, 258, 1024 }, { 4, 259, 1024 }, { 3, 260, 1024 }, { 4, 261, 1024 }, { 4, 262, 1024 }, { 5, 263, 1024 }, - { 3, 264, 1024 }, { 4, 265, 1024 }, { 4, 266, 1024 }, { 5, 267, 1024 }, { 4, 268, 1024 }, { 5, 269, 1024 }, { 5, 270, 1024 }, { 6, 271, 1024 }, - { 3, 272, 1024 }, { 4, 273, 1024 }, { 4, 274, 1024 }, { 5, 275, 1024 }, { 4, 276, 1024 }, { 5, 277, 1024 }, { 5, 278, 1024 }, { 6, 279, 1024 }, - { 4, 280, 1024 }, { 5, 281, 1024 }, { 5, 282, 1024 }, { 6, 283, 1024 }, { 5, 284, 1024 }, { 6, 285, 1024 }, { 6, 286, 1024 }, { 7, 287, 1024 }, - { 3, 288, 1024 }, { 4, 289, 1024 }, { 4, 290, 1024 }, { 5, 291, 1024 }, { 4, 292, 1024 }, { 5, 293, 1024 }, { 5, 294, 1024 }, { 6, 295, 1024 }, - { 4, 296, 1024 }, { 5, 297, 1024 }, { 5, 298, 1024 }, { 6, 299, 1024 }, { 5, 300, 1024 }, { 6, 301, 1024 }, { 6, 302, 1024 }, { 7, 303, 1024 }, - { 4, 304, 1024 }, { 5, 305, 1024 }, { 5, 306, 1024 }, { 6, 307, 1024 }, { 5, 308, 1024 }, { 6, 309, 1024 }, { 6, 310, 1024 }, { 7, 311, 1024 }, - { 5, 312, 1024 }, { 6, 313, 1024 }, { 6, 314, 1024 }, { 7, 315, 1024 }, { 6, 316, 1024 }, { 7, 317, 1024 }, { 7, 318, 1024 }, { 8, 319, 1024 }, - { 3, 320, 1024 }, { 4, 321, 1024 }, { 4, 322, 1024 }, { 5, 323, 1024 }, { 4, 324, 1024 }, { 5, 325, 1024 }, { 5, 326, 1024 }, { 6, 327, 1024 }, - { 4, 328, 1024 }, { 5, 329, 1024 }, { 5, 330, 1024 }, { 6, 331, 1024 }, { 5, 332, 1024 }, { 6, 333, 1024 }, { 6, 334, 1024 }, { 7, 335, 1024 }, - { 4, 336, 1024 }, { 5, 337, 1024 }, { 5, 338, 1024 }, { 6, 339, 1024 }, { 5, 340, 1024 }, { 6, 341, 1024 }, { 6, 342, 1024 }, { 7, 343, 1024 }, - { 5, 344, 1024 }, { 6, 345, 1024 }, { 6, 346, 1024 }, { 7, 347, 1024 }, { 6, 348, 1024 }, { 7, 349, 1024 }, { 7, 350, 1024 }, { 8, 351, 1024 }, - { 4, 352, 1024 }, { 5, 353, 1024 }, { 5, 354, 1024 }, { 6, 355, 1024 }, { 5, 356, 1024 }, { 6, 357, 1024 }, { 6, 358, 1024 }, { 7, 359, 1024 }, - { 5, 360, 1024 }, { 6, 361, 1024 }, { 6, 362, 1024 }, { 7, 363, 1024 }, { 6, 364, 1024 }, { 7, 365, 1024 }, { 7, 366, 1024 }, { 8, 367, 1024 }, - { 5, 368, 1024 }, { 6, 369, 1024 }, { 6, 370, 1024 }, { 7, 371, 1024 }, { 6, 372, 1024 }, { 7, 373, 1024 }, { 7, 374, 1024 }, { 8, 375, 1024 }, - { 6, 376, 1024 }, { 7, 377, 1024 }, { 7, 378, 1024 }, { 8, 379, 1024 }, { 7, 380, 1024 }, { 8, 381, 1024 }, { 8, 382, 1024 }, { 9, 383, 1024 }, - { 3, 384, 1024 }, { 4, 385, 1024 }, { 4, 386, 1024 }, { 5, 387, 1024 }, { 4, 388, 1024 }, { 5, 389, 1024 }, { 5, 390, 1024 }, { 6, 391, 1024 }, - { 4, 392, 1024 }, { 5, 393, 1024 }, { 5, 394, 1024 }, { 6, 395, 1024 }, { 5, 396, 1024 }, { 6, 397, 1024 }, { 6, 398, 1024 }, { 7, 399, 1024 }, - { 4, 400, 1024 }, { 5, 401, 1024 }, { 5, 402, 1024 }, { 6, 403, 1024 }, { 5, 404, 1024 }, { 6, 405, 1024 }, { 6, 406, 1024 }, { 7, 407, 1024 }, - { 5, 408, 1024 }, { 6, 409, 1024 }, { 6, 410, 1024 }, { 7, 411, 1024 }, { 6, 412, 1024 }, { 7, 413, 1024 }, { 7, 414, 1024 }, { 8, 415, 1024 }, - { 4, 416, 1024 }, { 5, 417, 1024 }, { 5, 418, 1024 }, { 6, 419, 1024 }, { 5, 420, 1024 }, { 6, 421, 1024 }, { 6, 422, 1024 }, { 7, 423, 1024 }, - { 5, 424, 1024 }, { 6, 425, 1024 }, { 6, 426, 1024 }, { 7, 427, 1024 }, { 6, 428, 1024 }, { 7, 429, 1024 }, { 7, 430, 1024 }, { 8, 431, 1024 }, - { 5, 432, 1024 }, { 6, 433, 1024 }, { 6, 434, 1024 }, { 7, 435, 1024 }, { 6, 436, 1024 }, { 7, 437, 1024 }, { 7, 438, 1024 }, { 8, 439, 1024 }, - { 6, 440, 1024 }, { 7, 441, 1024 }, { 7, 442, 1024 }, { 8, 443, 1024 }, { 7, 444, 1024 }, { 8, 445, 1024 }, { 8, 446, 1024 }, { 9, 447, 1024 }, - { 4, 448, 1024 }, { 5, 449, 1024 }, { 5, 450, 1024 }, { 6, 451, 1024 }, { 5, 452, 1024 }, { 6, 453, 1024 }, { 6, 454, 1024 }, { 7, 455, 1024 }, - { 5, 456, 1024 }, { 6, 457, 1024 }, { 6, 458, 1024 }, { 7, 459, 1024 }, { 6, 460, 1024 }, { 7, 461, 1024 }, { 7, 462, 1024 }, { 8, 463, 1024 }, - { 5, 464, 1024 }, { 6, 465, 1024 }, { 6, 466, 1024 }, { 7, 467, 1024 }, { 6, 468, 1024 }, { 7, 469, 1024 }, { 7, 470, 1024 }, { 8, 471, 1024 }, - { 6, 472, 1024 }, { 7, 473, 1024 }, { 7, 474, 1024 }, { 8, 475, 1024 }, { 7, 476, 1024 }, { 8, 477, 1024 }, { 8, 478, 1024 }, { 9, 479, 1024 }, - { 5, 480, 1024 }, { 6, 481, 1024 }, { 6, 482, 1024 }, { 7, 483, 1024 }, { 6, 484, 1024 }, { 7, 485, 1024 }, { 7, 486, 1024 }, { 8, 487, 1024 }, - { 6, 488, 1024 }, { 7, 489, 1024 }, { 7, 490, 1024 }, { 8, 491, 1024 }, { 7, 492, 1024 }, { 8, 493, 1024 }, { 8, 494, 1024 }, { 9, 495, 1024 }, - { 6, 496, 1024 }, { 7, 497, 1024 }, { 7, 498, 1024 }, { 8, 499, 1024 }, { 7, 500, 1024 }, { 8, 501, 1024 }, { 8, 502, 1024 }, { 9, 503, 1024 }, - { 7, 504, 1024 }, { 8, 505, 1024 }, { 8, 506, 1024 }, { 9, 507, 1024 }, { 8, 508, 1024 }, { 9, 509, 1024 }, { 9, 510, 1024 }, { 10, 511, 1024 }, - { 2, 512, 1024 }, { 3, 513, 1024 }, { 3, 514, 1024 }, { 4, 515, 1024 }, { 3, 516, 1024 }, { 4, 517, 1024 }, { 4, 518, 1024 }, { 5, 519, 1024 }, - { 3, 520, 1024 }, { 4, 521, 1024 }, { 4, 522, 1024 }, { 5, 523, 1024 }, { 4, 524, 1024 }, { 5, 525, 1024 }, { 5, 526, 1024 }, { 6, 527, 1024 }, - { 3, 528, 1024 }, { 4, 529, 1024 }, { 4, 530, 1024 }, { 5, 531, 1024 }, { 4, 532, 1024 }, { 5, 533, 1024 }, { 5, 534, 1024 }, { 6, 535, 1024 }, - { 4, 536, 1024 }, { 5, 537, 1024 }, { 5, 538, 1024 }, { 6, 539, 1024 }, { 5, 540, 1024 }, { 6, 541, 1024 }, { 6, 542, 1024 }, { 7, 543, 1024 }, - { 3, 544, 1024 }, { 4, 545, 1024 }, { 4, 546, 1024 }, { 5, 547, 1024 }, { 4, 548, 1024 }, { 5, 549, 1024 }, { 5, 550, 1024 }, { 6, 551, 1024 }, - { 4, 552, 1024 }, { 5, 553, 1024 }, { 5, 554, 1024 }, { 6, 555, 1024 }, { 5, 556, 1024 }, { 6, 557, 1024 }, { 6, 558, 1024 }, { 7, 559, 1024 }, - { 4, 560, 1024 }, { 5, 561, 1024 }, { 5, 562, 1024 }, { 6, 563, 1024 }, { 5, 564, 1024 }, { 6, 565, 1024 }, { 6, 566, 1024 }, { 7, 567, 1024 }, - { 5, 568, 1024 }, { 6, 569, 1024 }, { 6, 570, 1024 }, { 7, 571, 1024 }, { 6, 572, 1024 }, { 7, 573, 1024 }, { 7, 574, 1024 }, { 8, 575, 1024 }, - { 3, 576, 1024 }, { 4, 577, 1024 }, { 4, 578, 1024 }, { 5, 579, 1024 }, { 4, 580, 1024 }, { 5, 581, 1024 }, { 5, 582, 1024 }, { 6, 583, 1024 }, - { 4, 584, 1024 }, { 5, 585, 1024 }, { 5, 586, 1024 }, { 6, 587, 1024 }, { 5, 588, 1024 }, { 6, 589, 1024 }, { 6, 590, 1024 }, { 7, 591, 1024 }, - { 4, 592, 1024 }, { 5, 593, 1024 }, { 5, 594, 1024 }, { 6, 595, 1024 }, { 5, 596, 1024 }, { 6, 597, 1024 }, { 6, 598, 1024 }, { 7, 599, 1024 }, - { 5, 600, 1024 }, { 6, 601, 1024 }, { 6, 602, 1024 }, { 7, 603, 1024 }, { 6, 604, 1024 }, { 7, 605, 1024 }, { 7, 606, 1024 }, { 8, 607, 1024 }, - { 4, 608, 1024 }, { 5, 609, 1024 }, { 5, 610, 1024 }, { 6, 611, 1024 }, { 5, 612, 1024 }, { 6, 613, 1024 }, { 6, 614, 1024 }, { 7, 615, 1024 }, - { 5, 616, 1024 }, { 6, 617, 1024 }, { 6, 618, 1024 }, { 7, 619, 1024 }, { 6, 620, 1024 }, { 7, 621, 1024 }, { 7, 622, 1024 }, { 8, 623, 1024 }, - { 5, 624, 1024 }, { 6, 625, 1024 }, { 6, 626, 1024 }, { 7, 627, 1024 }, { 6, 628, 1024 }, { 7, 629, 1024 }, { 7, 630, 1024 }, { 8, 631, 1024 }, - { 6, 632, 1024 }, { 7, 633, 1024 }, { 7, 634, 1024 }, { 8, 635, 1024 }, { 7, 636, 1024 }, { 8, 637, 1024 }, { 8, 638, 1024 }, { 9, 639, 1024 }, - { 3, 640, 1024 }, { 4, 641, 1024 }, { 4, 642, 1024 }, { 5, 643, 1024 }, { 4, 644, 1024 }, { 5, 645, 1024 }, { 5, 646, 1024 }, { 6, 647, 1024 }, - { 4, 648, 1024 }, { 5, 649, 1024 }, { 5, 650, 1024 }, { 6, 651, 1024 }, { 5, 652, 1024 }, { 6, 653, 1024 }, { 6, 654, 1024 }, { 7, 655, 1024 }, - { 4, 656, 1024 }, { 5, 657, 1024 }, { 5, 658, 1024 }, { 6, 659, 1024 }, { 5, 660, 1024 }, { 6, 661, 1024 }, { 6, 662, 1024 }, { 7, 663, 1024 }, - { 5, 664, 1024 }, { 6, 665, 1024 }, { 6, 666, 1024 }, { 7, 667, 1024 }, { 6, 668, 1024 }, { 7, 669, 1024 }, { 7, 670, 1024 }, { 8, 671, 1024 }, - { 4, 672, 1024 }, { 5, 673, 1024 }, { 5, 674, 1024 }, { 6, 675, 1024 }, { 5, 676, 1024 }, { 6, 677, 1024 }, { 6, 678, 1024 }, { 7, 679, 1024 }, - { 5, 680, 1024 }, { 6, 681, 1024 }, { 6, 682, 1024 }, { 7, 683, 1024 }, { 6, 684, 1024 }, { 7, 685, 1024 }, { 7, 686, 1024 }, { 8, 687, 1024 }, - { 5, 688, 1024 }, { 6, 689, 1024 }, { 6, 690, 1024 }, { 7, 691, 1024 }, { 6, 692, 1024 }, { 7, 693, 1024 }, { 7, 694, 1024 }, { 8, 695, 1024 }, - { 6, 696, 1024 }, { 7, 697, 1024 }, { 7, 698, 1024 }, { 8, 699, 1024 }, { 7, 700, 1024 }, { 8, 701, 1024 }, { 8, 702, 1024 }, { 9, 703, 1024 }, - { 4, 704, 1024 }, { 5, 705, 1024 }, { 5, 706, 1024 }, { 6, 707, 1024 }, { 5, 708, 1024 }, { 6, 709, 1024 }, { 6, 710, 1024 }, { 7, 711, 1024 }, - { 5, 712, 1024 }, { 6, 713, 1024 }, { 6, 714, 1024 }, { 7, 715, 1024 }, { 6, 716, 1024 }, { 7, 717, 1024 }, { 7, 718, 1024 }, { 8, 719, 1024 }, - { 5, 720, 1024 }, { 6, 721, 1024 }, { 6, 722, 1024 }, { 7, 723, 1024 }, { 6, 724, 1024 }, { 7, 725, 1024 }, { 7, 726, 1024 }, { 8, 727, 1024 }, - { 6, 728, 1024 }, { 7, 729, 1024 }, { 7, 730, 1024 }, { 8, 731, 1024 }, { 7, 732, 1024 }, { 8, 733, 1024 }, { 8, 734, 1024 }, { 9, 735, 1024 }, - { 5, 736, 1024 }, { 6, 737, 1024 }, { 6, 738, 1024 }, { 7, 739, 1024 }, { 6, 740, 1024 }, { 7, 741, 1024 }, { 7, 742, 1024 }, { 8, 743, 1024 }, - { 6, 744, 1024 }, { 7, 745, 1024 }, { 7, 746, 1024 }, { 8, 747, 1024 }, { 7, 748, 1024 }, { 8, 749, 1024 }, { 8, 750, 1024 }, { 9, 751, 1024 }, - { 6, 752, 1024 }, { 7, 753, 1024 }, { 7, 754, 1024 }, { 8, 755, 1024 }, { 7, 756, 1024 }, { 8, 757, 1024 }, { 8, 758, 1024 }, { 9, 759, 1024 }, - { 7, 760, 1024 }, { 8, 761, 1024 }, { 8, 762, 1024 }, { 9, 763, 1024 }, { 8, 764, 1024 }, { 9, 765, 1024 }, { 9, 766, 1024 }, { 10, 767, 1024 }, - { 3, 768, 1024 }, { 4, 769, 1024 }, { 4, 770, 1024 }, { 5, 771, 1024 }, { 4, 772, 1024 }, { 5, 773, 1024 }, { 5, 774, 1024 }, { 6, 775, 1024 }, - { 4, 776, 1024 }, { 5, 777, 1024 }, { 5, 778, 1024 }, { 6, 779, 1024 }, { 5, 780, 1024 }, { 6, 781, 1024 }, { 6, 782, 1024 }, { 7, 783, 1024 }, - { 4, 784, 1024 }, { 5, 785, 1024 }, { 5, 786, 1024 }, { 6, 787, 1024 }, { 5, 788, 1024 }, { 6, 789, 1024 }, { 6, 790, 1024 }, { 7, 791, 1024 }, - { 5, 792, 1024 }, { 6, 793, 1024 }, { 6, 794, 1024 }, { 7, 795, 1024 }, { 6, 796, 1024 }, { 7, 797, 1024 }, { 7, 798, 1024 }, { 8, 799, 1024 }, - { 4, 800, 1024 }, { 5, 801, 1024 }, { 5, 802, 1024 }, { 6, 803, 1024 }, { 5, 804, 1024 }, { 6, 805, 1024 }, { 6, 806, 1024 }, { 7, 807, 1024 }, - { 5, 808, 1024 }, { 6, 809, 1024 }, { 6, 810, 1024 }, { 7, 811, 1024 }, { 6, 812, 1024 }, { 7, 813, 1024 }, { 7, 814, 1024 }, { 8, 815, 1024 }, - { 5, 816, 1024 }, { 6, 817, 1024 }, { 6, 818, 1024 }, { 7, 819, 1024 }, { 6, 820, 1024 }, { 7, 821, 1024 }, { 7, 822, 1024 }, { 8, 823, 1024 }, - { 6, 824, 1024 }, { 7, 825, 1024 }, { 7, 826, 1024 }, { 8, 827, 1024 }, { 7, 828, 1024 }, { 8, 829, 1024 }, { 8, 830, 1024 }, { 9, 831, 1024 }, - { 4, 832, 1024 }, { 5, 833, 1024 }, { 5, 834, 1024 }, { 6, 835, 1024 }, { 5, 836, 1024 }, { 6, 837, 1024 }, { 6, 838, 1024 }, { 7, 839, 1024 }, - { 5, 840, 1024 }, { 6, 841, 1024 }, { 6, 842, 1024 }, { 7, 843, 1024 }, { 6, 844, 1024 }, { 7, 845, 1024 }, { 7, 846, 1024 }, { 8, 847, 1024 }, - { 5, 848, 1024 }, { 6, 849, 1024 }, { 6, 850, 1024 }, { 7, 851, 1024 }, { 6, 852, 1024 }, { 7, 853, 1024 }, { 7, 854, 1024 }, { 8, 855, 1024 }, - { 6, 856, 1024 }, { 7, 857, 1024 }, { 7, 858, 1024 }, { 8, 859, 1024 }, { 7, 860, 1024 }, { 8, 861, 1024 }, { 8, 862, 1024 }, { 9, 863, 1024 }, - { 5, 864, 1024 }, { 6, 865, 1024 }, { 6, 866, 1024 }, { 7, 867, 1024 }, { 6, 868, 1024 }, { 7, 869, 1024 }, { 7, 870, 1024 }, { 8, 871, 1024 }, - { 6, 872, 1024 }, { 7, 873, 1024 }, { 7, 874, 1024 }, { 8, 875, 1024 }, { 7, 876, 1024 }, { 8, 877, 1024 }, { 8, 878, 1024 }, { 9, 879, 1024 }, - { 6, 880, 1024 }, { 7, 881, 1024 }, { 7, 882, 1024 }, { 8, 883, 1024 }, { 7, 884, 1024 }, { 8, 885, 1024 }, { 8, 886, 1024 }, { 9, 887, 1024 }, - { 7, 888, 1024 }, { 8, 889, 1024 }, { 8, 890, 1024 }, { 9, 891, 1024 }, { 8, 892, 1024 }, { 9, 893, 1024 }, { 9, 894, 1024 }, { 10, 895, 1024 }, - { 4, 896, 1024 }, { 5, 897, 1024 }, { 5, 898, 1024 }, { 6, 899, 1024 }, { 5, 900, 1024 }, { 6, 901, 1024 }, { 6, 902, 1024 }, { 7, 903, 1024 }, - { 5, 904, 1024 }, { 6, 905, 1024 }, { 6, 906, 1024 }, { 7, 907, 1024 }, { 6, 908, 1024 }, { 7, 909, 1024 }, { 7, 910, 1024 }, { 8, 911, 1024 }, - { 5, 912, 1024 }, { 6, 913, 1024 }, { 6, 914, 1024 }, { 7, 915, 1024 }, { 6, 916, 1024 }, { 7, 917, 1024 }, { 7, 918, 1024 }, { 8, 919, 1024 }, - { 6, 920, 1024 }, { 7, 921, 1024 }, { 7, 922, 1024 }, { 8, 923, 1024 }, { 7, 924, 1024 }, { 8, 925, 1024 }, { 8, 926, 1024 }, { 9, 927, 1024 }, - { 5, 928, 1024 }, { 6, 929, 1024 }, { 6, 930, 1024 }, { 7, 931, 1024 }, { 6, 932, 1024 }, { 7, 933, 1024 }, { 7, 934, 1024 }, { 8, 935, 1024 }, - { 6, 936, 1024 }, { 7, 937, 1024 }, { 7, 938, 1024 }, { 8, 939, 1024 }, { 7, 940, 1024 }, { 8, 941, 1024 }, { 8, 942, 1024 }, { 9, 943, 1024 }, - { 6, 944, 1024 }, { 7, 945, 1024 }, { 7, 946, 1024 }, { 8, 947, 1024 }, { 7, 948, 1024 }, { 8, 949, 1024 }, { 8, 950, 1024 }, { 9, 951, 1024 }, - { 7, 952, 1024 }, { 8, 953, 1024 }, { 8, 954, 1024 }, { 9, 955, 1024 }, { 8, 956, 1024 }, { 9, 957, 1024 }, { 9, 958, 1024 }, { 10, 959, 1024 }, - { 5, 960, 1024 }, { 6, 961, 1024 }, { 6, 962, 1024 }, { 7, 963, 1024 }, { 6, 964, 1024 }, { 7, 965, 1024 }, { 7, 966, 1024 }, { 8, 967, 1024 }, - { 6, 968, 1024 }, { 7, 969, 1024 }, { 7, 970, 1024 }, { 8, 971, 1024 }, { 7, 972, 1024 }, { 8, 973, 1024 }, { 8, 974, 1024 }, { 9, 975, 1024 }, - { 6, 976, 1024 }, { 7, 977, 1024 }, { 7, 978, 1024 }, { 8, 979, 1024 }, { 7, 980, 1024 }, { 8, 981, 1024 }, { 8, 982, 1024 }, { 9, 983, 1024 }, - { 7, 984, 1024 }, { 8, 985, 1024 }, { 8, 986, 1024 }, { 9, 987, 1024 }, { 8, 988, 1024 }, { 9, 989, 1024 }, { 9, 990, 1024 }, { 10, 991, 1024 }, - { 6, 992, 1024 }, { 7, 993, 1024 }, { 7, 994, 1024 }, { 8, 995, 1024 }, { 7, 996, 1024 }, { 8, 997, 1024 }, { 8, 998, 1024 }, { 9, 999, 1024 }, - { 7, 1000, 1024 }, { 8, 1001, 1024 }, { 8, 1002, 1024 }, { 9, 1003, 1024 }, { 8, 1004, 1024 }, { 9, 1005, 1024 }, { 9, 1006, 1024 }, { 10, 1007, 1024 }, - { 7, 1008, 1024 }, { 8, 1009, 1024 }, { 8, 1010, 1024 }, { 9, 1011, 1024 }, { 8, 1012, 1024 }, { 9, 1013, 1024 }, { 9, 1014, 1024 }, { 10, 1015, 1024 }, - { 8, 1016, 1024 }, { 9, 1017, 1024 }, { 9, 1018, 1024 }, { 10, 1019, 1024 }, { 9, 1020, 1024 }, { 10, 1021, 1024 }, { 10, 1022, 1024 }, { 11, 1023, 1024 }, -#if FP_LUT > 11 - { 1, 0, 0 }, { 2, 1, 2048 }, { 2, 2, 2048 }, { 3, 3, 2048 }, { 2, 4, 2048 }, { 3, 5, 2048 }, { 3, 6, 2048 }, { 4, 7, 2048 }, - { 2, 8, 2048 }, { 3, 9, 2048 }, { 3, 10, 2048 }, { 4, 11, 2048 }, { 3, 12, 2048 }, { 4, 13, 2048 }, { 4, 14, 2048 }, { 5, 15, 2048 }, - { 2, 16, 2048 }, { 3, 17, 2048 }, { 3, 18, 2048 }, { 4, 19, 2048 }, { 3, 20, 2048 }, { 4, 21, 2048 }, { 4, 22, 2048 }, { 5, 23, 2048 }, - { 3, 24, 2048 }, { 4, 25, 2048 }, { 4, 26, 2048 }, { 5, 27, 2048 }, { 4, 28, 2048 }, { 5, 29, 2048 }, { 5, 30, 2048 }, { 6, 31, 2048 }, - { 2, 32, 2048 }, { 3, 33, 2048 }, { 3, 34, 2048 }, { 4, 35, 2048 }, { 3, 36, 2048 }, { 4, 37, 2048 }, { 4, 38, 2048 }, { 5, 39, 2048 }, - { 3, 40, 2048 }, { 4, 41, 2048 }, { 4, 42, 2048 }, { 5, 43, 2048 }, { 4, 44, 2048 }, { 5, 45, 2048 }, { 5, 46, 2048 }, { 6, 47, 2048 }, - { 3, 48, 2048 }, { 4, 49, 2048 }, { 4, 50, 2048 }, { 5, 51, 2048 }, { 4, 52, 2048 }, { 5, 53, 2048 }, { 5, 54, 2048 }, { 6, 55, 2048 }, - { 4, 56, 2048 }, { 5, 57, 2048 }, { 5, 58, 2048 }, { 6, 59, 2048 }, { 5, 60, 2048 }, { 6, 61, 2048 }, { 6, 62, 2048 }, { 7, 63, 2048 }, - { 2, 64, 2048 }, { 3, 65, 2048 }, { 3, 66, 2048 }, { 4, 67, 2048 }, { 3, 68, 2048 }, { 4, 69, 2048 }, { 4, 70, 2048 }, { 5, 71, 2048 }, - { 3, 72, 2048 }, { 4, 73, 2048 }, { 4, 74, 2048 }, { 5, 75, 2048 }, { 4, 76, 2048 }, { 5, 77, 2048 }, { 5, 78, 2048 }, { 6, 79, 2048 }, - { 3, 80, 2048 }, { 4, 81, 2048 }, { 4, 82, 2048 }, { 5, 83, 2048 }, { 4, 84, 2048 }, { 5, 85, 2048 }, { 5, 86, 2048 }, { 6, 87, 2048 }, - { 4, 88, 2048 }, { 5, 89, 2048 }, { 5, 90, 2048 }, { 6, 91, 2048 }, { 5, 92, 2048 }, { 6, 93, 2048 }, { 6, 94, 2048 }, { 7, 95, 2048 }, - { 3, 96, 2048 }, { 4, 97, 2048 }, { 4, 98, 2048 }, { 5, 99, 2048 }, { 4, 100, 2048 }, { 5, 101, 2048 }, { 5, 102, 2048 }, { 6, 103, 2048 }, - { 4, 104, 2048 }, { 5, 105, 2048 }, { 5, 106, 2048 }, { 6, 107, 2048 }, { 5, 108, 2048 }, { 6, 109, 2048 }, { 6, 110, 2048 }, { 7, 111, 2048 }, - { 4, 112, 2048 }, { 5, 113, 2048 }, { 5, 114, 2048 }, { 6, 115, 2048 }, { 5, 116, 2048 }, { 6, 117, 2048 }, { 6, 118, 2048 }, { 7, 119, 2048 }, - { 5, 120, 2048 }, { 6, 121, 2048 }, { 6, 122, 2048 }, { 7, 123, 2048 }, { 6, 124, 2048 }, { 7, 125, 2048 }, { 7, 126, 2048 }, { 8, 127, 2048 }, - { 2, 128, 2048 }, { 3, 129, 2048 }, { 3, 130, 2048 }, { 4, 131, 2048 }, { 3, 132, 2048 }, { 4, 133, 2048 }, { 4, 134, 2048 }, { 5, 135, 2048 }, - { 3, 136, 2048 }, { 4, 137, 2048 }, { 4, 138, 2048 }, { 5, 139, 2048 }, { 4, 140, 2048 }, { 5, 141, 2048 }, { 5, 142, 2048 }, { 6, 143, 2048 }, - { 3, 144, 2048 }, { 4, 145, 2048 }, { 4, 146, 2048 }, { 5, 147, 2048 }, { 4, 148, 2048 }, { 5, 149, 2048 }, { 5, 150, 2048 }, { 6, 151, 2048 }, - { 4, 152, 2048 }, { 5, 153, 2048 }, { 5, 154, 2048 }, { 6, 155, 2048 }, { 5, 156, 2048 }, { 6, 157, 2048 }, { 6, 158, 2048 }, { 7, 159, 2048 }, - { 3, 160, 2048 }, { 4, 161, 2048 }, { 4, 162, 2048 }, { 5, 163, 2048 }, { 4, 164, 2048 }, { 5, 165, 2048 }, { 5, 166, 2048 }, { 6, 167, 2048 }, - { 4, 168, 2048 }, { 5, 169, 2048 }, { 5, 170, 2048 }, { 6, 171, 2048 }, { 5, 172, 2048 }, { 6, 173, 2048 }, { 6, 174, 2048 }, { 7, 175, 2048 }, - { 4, 176, 2048 }, { 5, 177, 2048 }, { 5, 178, 2048 }, { 6, 179, 2048 }, { 5, 180, 2048 }, { 6, 181, 2048 }, { 6, 182, 2048 }, { 7, 183, 2048 }, - { 5, 184, 2048 }, { 6, 185, 2048 }, { 6, 186, 2048 }, { 7, 187, 2048 }, { 6, 188, 2048 }, { 7, 189, 2048 }, { 7, 190, 2048 }, { 8, 191, 2048 }, - { 3, 192, 2048 }, { 4, 193, 2048 }, { 4, 194, 2048 }, { 5, 195, 2048 }, { 4, 196, 2048 }, { 5, 197, 2048 }, { 5, 198, 2048 }, { 6, 199, 2048 }, - { 4, 200, 2048 }, { 5, 201, 2048 }, { 5, 202, 2048 }, { 6, 203, 2048 }, { 5, 204, 2048 }, { 6, 205, 2048 }, { 6, 206, 2048 }, { 7, 207, 2048 }, - { 4, 208, 2048 }, { 5, 209, 2048 }, { 5, 210, 2048 }, { 6, 211, 2048 }, { 5, 212, 2048 }, { 6, 213, 2048 }, { 6, 214, 2048 }, { 7, 215, 2048 }, - { 5, 216, 2048 }, { 6, 217, 2048 }, { 6, 218, 2048 }, { 7, 219, 2048 }, { 6, 220, 2048 }, { 7, 221, 2048 }, { 7, 222, 2048 }, { 8, 223, 2048 }, - { 4, 224, 2048 }, { 5, 225, 2048 }, { 5, 226, 2048 }, { 6, 227, 2048 }, { 5, 228, 2048 }, { 6, 229, 2048 }, { 6, 230, 2048 }, { 7, 231, 2048 }, - { 5, 232, 2048 }, { 6, 233, 2048 }, { 6, 234, 2048 }, { 7, 235, 2048 }, { 6, 236, 2048 }, { 7, 237, 2048 }, { 7, 238, 2048 }, { 8, 239, 2048 }, - { 5, 240, 2048 }, { 6, 241, 2048 }, { 6, 242, 2048 }, { 7, 243, 2048 }, { 6, 244, 2048 }, { 7, 245, 2048 }, { 7, 246, 2048 }, { 8, 247, 2048 }, - { 6, 248, 2048 }, { 7, 249, 2048 }, { 7, 250, 2048 }, { 8, 251, 2048 }, { 7, 252, 2048 }, { 8, 253, 2048 }, { 8, 254, 2048 }, { 9, 255, 2048 }, - { 2, 256, 2048 }, { 3, 257, 2048 }, { 3, 258, 2048 }, { 4, 259, 2048 }, { 3, 260, 2048 }, { 4, 261, 2048 }, { 4, 262, 2048 }, { 5, 263, 2048 }, - { 3, 264, 2048 }, { 4, 265, 2048 }, { 4, 266, 2048 }, { 5, 267, 2048 }, { 4, 268, 2048 }, { 5, 269, 2048 }, { 5, 270, 2048 }, { 6, 271, 2048 }, - { 3, 272, 2048 }, { 4, 273, 2048 }, { 4, 274, 2048 }, { 5, 275, 2048 }, { 4, 276, 2048 }, { 5, 277, 2048 }, { 5, 278, 2048 }, { 6, 279, 2048 }, - { 4, 280, 2048 }, { 5, 281, 2048 }, { 5, 282, 2048 }, { 6, 283, 2048 }, { 5, 284, 2048 }, { 6, 285, 2048 }, { 6, 286, 2048 }, { 7, 287, 2048 }, - { 3, 288, 2048 }, { 4, 289, 2048 }, { 4, 290, 2048 }, { 5, 291, 2048 }, { 4, 292, 2048 }, { 5, 293, 2048 }, { 5, 294, 2048 }, { 6, 295, 2048 }, - { 4, 296, 2048 }, { 5, 297, 2048 }, { 5, 298, 2048 }, { 6, 299, 2048 }, { 5, 300, 2048 }, { 6, 301, 2048 }, { 6, 302, 2048 }, { 7, 303, 2048 }, - { 4, 304, 2048 }, { 5, 305, 2048 }, { 5, 306, 2048 }, { 6, 307, 2048 }, { 5, 308, 2048 }, { 6, 309, 2048 }, { 6, 310, 2048 }, { 7, 311, 2048 }, - { 5, 312, 2048 }, { 6, 313, 2048 }, { 6, 314, 2048 }, { 7, 315, 2048 }, { 6, 316, 2048 }, { 7, 317, 2048 }, { 7, 318, 2048 }, { 8, 319, 2048 }, - { 3, 320, 2048 }, { 4, 321, 2048 }, { 4, 322, 2048 }, { 5, 323, 2048 }, { 4, 324, 2048 }, { 5, 325, 2048 }, { 5, 326, 2048 }, { 6, 327, 2048 }, - { 4, 328, 2048 }, { 5, 329, 2048 }, { 5, 330, 2048 }, { 6, 331, 2048 }, { 5, 332, 2048 }, { 6, 333, 2048 }, { 6, 334, 2048 }, { 7, 335, 2048 }, - { 4, 336, 2048 }, { 5, 337, 2048 }, { 5, 338, 2048 }, { 6, 339, 2048 }, { 5, 340, 2048 }, { 6, 341, 2048 }, { 6, 342, 2048 }, { 7, 343, 2048 }, - { 5, 344, 2048 }, { 6, 345, 2048 }, { 6, 346, 2048 }, { 7, 347, 2048 }, { 6, 348, 2048 }, { 7, 349, 2048 }, { 7, 350, 2048 }, { 8, 351, 2048 }, - { 4, 352, 2048 }, { 5, 353, 2048 }, { 5, 354, 2048 }, { 6, 355, 2048 }, { 5, 356, 2048 }, { 6, 357, 2048 }, { 6, 358, 2048 }, { 7, 359, 2048 }, - { 5, 360, 2048 }, { 6, 361, 2048 }, { 6, 362, 2048 }, { 7, 363, 2048 }, { 6, 364, 2048 }, { 7, 365, 2048 }, { 7, 366, 2048 }, { 8, 367, 2048 }, - { 5, 368, 2048 }, { 6, 369, 2048 }, { 6, 370, 2048 }, { 7, 371, 2048 }, { 6, 372, 2048 }, { 7, 373, 2048 }, { 7, 374, 2048 }, { 8, 375, 2048 }, - { 6, 376, 2048 }, { 7, 377, 2048 }, { 7, 378, 2048 }, { 8, 379, 2048 }, { 7, 380, 2048 }, { 8, 381, 2048 }, { 8, 382, 2048 }, { 9, 383, 2048 }, - { 3, 384, 2048 }, { 4, 385, 2048 }, { 4, 386, 2048 }, { 5, 387, 2048 }, { 4, 388, 2048 }, { 5, 389, 2048 }, { 5, 390, 2048 }, { 6, 391, 2048 }, - { 4, 392, 2048 }, { 5, 393, 2048 }, { 5, 394, 2048 }, { 6, 395, 2048 }, { 5, 396, 2048 }, { 6, 397, 2048 }, { 6, 398, 2048 }, { 7, 399, 2048 }, - { 4, 400, 2048 }, { 5, 401, 2048 }, { 5, 402, 2048 }, { 6, 403, 2048 }, { 5, 404, 2048 }, { 6, 405, 2048 }, { 6, 406, 2048 }, { 7, 407, 2048 }, - { 5, 408, 2048 }, { 6, 409, 2048 }, { 6, 410, 2048 }, { 7, 411, 2048 }, { 6, 412, 2048 }, { 7, 413, 2048 }, { 7, 414, 2048 }, { 8, 415, 2048 }, - { 4, 416, 2048 }, { 5, 417, 2048 }, { 5, 418, 2048 }, { 6, 419, 2048 }, { 5, 420, 2048 }, { 6, 421, 2048 }, { 6, 422, 2048 }, { 7, 423, 2048 }, - { 5, 424, 2048 }, { 6, 425, 2048 }, { 6, 426, 2048 }, { 7, 427, 2048 }, { 6, 428, 2048 }, { 7, 429, 2048 }, { 7, 430, 2048 }, { 8, 431, 2048 }, - { 5, 432, 2048 }, { 6, 433, 2048 }, { 6, 434, 2048 }, { 7, 435, 2048 }, { 6, 436, 2048 }, { 7, 437, 2048 }, { 7, 438, 2048 }, { 8, 439, 2048 }, - { 6, 440, 2048 }, { 7, 441, 2048 }, { 7, 442, 2048 }, { 8, 443, 2048 }, { 7, 444, 2048 }, { 8, 445, 2048 }, { 8, 446, 2048 }, { 9, 447, 2048 }, - { 4, 448, 2048 }, { 5, 449, 2048 }, { 5, 450, 2048 }, { 6, 451, 2048 }, { 5, 452, 2048 }, { 6, 453, 2048 }, { 6, 454, 2048 }, { 7, 455, 2048 }, - { 5, 456, 2048 }, { 6, 457, 2048 }, { 6, 458, 2048 }, { 7, 459, 2048 }, { 6, 460, 2048 }, { 7, 461, 2048 }, { 7, 462, 2048 }, { 8, 463, 2048 }, - { 5, 464, 2048 }, { 6, 465, 2048 }, { 6, 466, 2048 }, { 7, 467, 2048 }, { 6, 468, 2048 }, { 7, 469, 2048 }, { 7, 470, 2048 }, { 8, 471, 2048 }, - { 6, 472, 2048 }, { 7, 473, 2048 }, { 7, 474, 2048 }, { 8, 475, 2048 }, { 7, 476, 2048 }, { 8, 477, 2048 }, { 8, 478, 2048 }, { 9, 479, 2048 }, - { 5, 480, 2048 }, { 6, 481, 2048 }, { 6, 482, 2048 }, { 7, 483, 2048 }, { 6, 484, 2048 }, { 7, 485, 2048 }, { 7, 486, 2048 }, { 8, 487, 2048 }, - { 6, 488, 2048 }, { 7, 489, 2048 }, { 7, 490, 2048 }, { 8, 491, 2048 }, { 7, 492, 2048 }, { 8, 493, 2048 }, { 8, 494, 2048 }, { 9, 495, 2048 }, - { 6, 496, 2048 }, { 7, 497, 2048 }, { 7, 498, 2048 }, { 8, 499, 2048 }, { 7, 500, 2048 }, { 8, 501, 2048 }, { 8, 502, 2048 }, { 9, 503, 2048 }, - { 7, 504, 2048 }, { 8, 505, 2048 }, { 8, 506, 2048 }, { 9, 507, 2048 }, { 8, 508, 2048 }, { 9, 509, 2048 }, { 9, 510, 2048 }, { 10, 511, 2048 }, - { 2, 512, 2048 }, { 3, 513, 2048 }, { 3, 514, 2048 }, { 4, 515, 2048 }, { 3, 516, 2048 }, { 4, 517, 2048 }, { 4, 518, 2048 }, { 5, 519, 2048 }, - { 3, 520, 2048 }, { 4, 521, 2048 }, { 4, 522, 2048 }, { 5, 523, 2048 }, { 4, 524, 2048 }, { 5, 525, 2048 }, { 5, 526, 2048 }, { 6, 527, 2048 }, - { 3, 528, 2048 }, { 4, 529, 2048 }, { 4, 530, 2048 }, { 5, 531, 2048 }, { 4, 532, 2048 }, { 5, 533, 2048 }, { 5, 534, 2048 }, { 6, 535, 2048 }, - { 4, 536, 2048 }, { 5, 537, 2048 }, { 5, 538, 2048 }, { 6, 539, 2048 }, { 5, 540, 2048 }, { 6, 541, 2048 }, { 6, 542, 2048 }, { 7, 543, 2048 }, - { 3, 544, 2048 }, { 4, 545, 2048 }, { 4, 546, 2048 }, { 5, 547, 2048 }, { 4, 548, 2048 }, { 5, 549, 2048 }, { 5, 550, 2048 }, { 6, 551, 2048 }, - { 4, 552, 2048 }, { 5, 553, 2048 }, { 5, 554, 2048 }, { 6, 555, 2048 }, { 5, 556, 2048 }, { 6, 557, 2048 }, { 6, 558, 2048 }, { 7, 559, 2048 }, - { 4, 560, 2048 }, { 5, 561, 2048 }, { 5, 562, 2048 }, { 6, 563, 2048 }, { 5, 564, 2048 }, { 6, 565, 2048 }, { 6, 566, 2048 }, { 7, 567, 2048 }, - { 5, 568, 2048 }, { 6, 569, 2048 }, { 6, 570, 2048 }, { 7, 571, 2048 }, { 6, 572, 2048 }, { 7, 573, 2048 }, { 7, 574, 2048 }, { 8, 575, 2048 }, - { 3, 576, 2048 }, { 4, 577, 2048 }, { 4, 578, 2048 }, { 5, 579, 2048 }, { 4, 580, 2048 }, { 5, 581, 2048 }, { 5, 582, 2048 }, { 6, 583, 2048 }, - { 4, 584, 2048 }, { 5, 585, 2048 }, { 5, 586, 2048 }, { 6, 587, 2048 }, { 5, 588, 2048 }, { 6, 589, 2048 }, { 6, 590, 2048 }, { 7, 591, 2048 }, - { 4, 592, 2048 }, { 5, 593, 2048 }, { 5, 594, 2048 }, { 6, 595, 2048 }, { 5, 596, 2048 }, { 6, 597, 2048 }, { 6, 598, 2048 }, { 7, 599, 2048 }, - { 5, 600, 2048 }, { 6, 601, 2048 }, { 6, 602, 2048 }, { 7, 603, 2048 }, { 6, 604, 2048 }, { 7, 605, 2048 }, { 7, 606, 2048 }, { 8, 607, 2048 }, - { 4, 608, 2048 }, { 5, 609, 2048 }, { 5, 610, 2048 }, { 6, 611, 2048 }, { 5, 612, 2048 }, { 6, 613, 2048 }, { 6, 614, 2048 }, { 7, 615, 2048 }, - { 5, 616, 2048 }, { 6, 617, 2048 }, { 6, 618, 2048 }, { 7, 619, 2048 }, { 6, 620, 2048 }, { 7, 621, 2048 }, { 7, 622, 2048 }, { 8, 623, 2048 }, - { 5, 624, 2048 }, { 6, 625, 2048 }, { 6, 626, 2048 }, { 7, 627, 2048 }, { 6, 628, 2048 }, { 7, 629, 2048 }, { 7, 630, 2048 }, { 8, 631, 2048 }, - { 6, 632, 2048 }, { 7, 633, 2048 }, { 7, 634, 2048 }, { 8, 635, 2048 }, { 7, 636, 2048 }, { 8, 637, 2048 }, { 8, 638, 2048 }, { 9, 639, 2048 }, - { 3, 640, 2048 }, { 4, 641, 2048 }, { 4, 642, 2048 }, { 5, 643, 2048 }, { 4, 644, 2048 }, { 5, 645, 2048 }, { 5, 646, 2048 }, { 6, 647, 2048 }, - { 4, 648, 2048 }, { 5, 649, 2048 }, { 5, 650, 2048 }, { 6, 651, 2048 }, { 5, 652, 2048 }, { 6, 653, 2048 }, { 6, 654, 2048 }, { 7, 655, 2048 }, - { 4, 656, 2048 }, { 5, 657, 2048 }, { 5, 658, 2048 }, { 6, 659, 2048 }, { 5, 660, 2048 }, { 6, 661, 2048 }, { 6, 662, 2048 }, { 7, 663, 2048 }, - { 5, 664, 2048 }, { 6, 665, 2048 }, { 6, 666, 2048 }, { 7, 667, 2048 }, { 6, 668, 2048 }, { 7, 669, 2048 }, { 7, 670, 2048 }, { 8, 671, 2048 }, - { 4, 672, 2048 }, { 5, 673, 2048 }, { 5, 674, 2048 }, { 6, 675, 2048 }, { 5, 676, 2048 }, { 6, 677, 2048 }, { 6, 678, 2048 }, { 7, 679, 2048 }, - { 5, 680, 2048 }, { 6, 681, 2048 }, { 6, 682, 2048 }, { 7, 683, 2048 }, { 6, 684, 2048 }, { 7, 685, 2048 }, { 7, 686, 2048 }, { 8, 687, 2048 }, - { 5, 688, 2048 }, { 6, 689, 2048 }, { 6, 690, 2048 }, { 7, 691, 2048 }, { 6, 692, 2048 }, { 7, 693, 2048 }, { 7, 694, 2048 }, { 8, 695, 2048 }, - { 6, 696, 2048 }, { 7, 697, 2048 }, { 7, 698, 2048 }, { 8, 699, 2048 }, { 7, 700, 2048 }, { 8, 701, 2048 }, { 8, 702, 2048 }, { 9, 703, 2048 }, - { 4, 704, 2048 }, { 5, 705, 2048 }, { 5, 706, 2048 }, { 6, 707, 2048 }, { 5, 708, 2048 }, { 6, 709, 2048 }, { 6, 710, 2048 }, { 7, 711, 2048 }, - { 5, 712, 2048 }, { 6, 713, 2048 }, { 6, 714, 2048 }, { 7, 715, 2048 }, { 6, 716, 2048 }, { 7, 717, 2048 }, { 7, 718, 2048 }, { 8, 719, 2048 }, - { 5, 720, 2048 }, { 6, 721, 2048 }, { 6, 722, 2048 }, { 7, 723, 2048 }, { 6, 724, 2048 }, { 7, 725, 2048 }, { 7, 726, 2048 }, { 8, 727, 2048 }, - { 6, 728, 2048 }, { 7, 729, 2048 }, { 7, 730, 2048 }, { 8, 731, 2048 }, { 7, 732, 2048 }, { 8, 733, 2048 }, { 8, 734, 2048 }, { 9, 735, 2048 }, - { 5, 736, 2048 }, { 6, 737, 2048 }, { 6, 738, 2048 }, { 7, 739, 2048 }, { 6, 740, 2048 }, { 7, 741, 2048 }, { 7, 742, 2048 }, { 8, 743, 2048 }, - { 6, 744, 2048 }, { 7, 745, 2048 }, { 7, 746, 2048 }, { 8, 747, 2048 }, { 7, 748, 2048 }, { 8, 749, 2048 }, { 8, 750, 2048 }, { 9, 751, 2048 }, - { 6, 752, 2048 }, { 7, 753, 2048 }, { 7, 754, 2048 }, { 8, 755, 2048 }, { 7, 756, 2048 }, { 8, 757, 2048 }, { 8, 758, 2048 }, { 9, 759, 2048 }, - { 7, 760, 2048 }, { 8, 761, 2048 }, { 8, 762, 2048 }, { 9, 763, 2048 }, { 8, 764, 2048 }, { 9, 765, 2048 }, { 9, 766, 2048 }, { 10, 767, 2048 }, - { 3, 768, 2048 }, { 4, 769, 2048 }, { 4, 770, 2048 }, { 5, 771, 2048 }, { 4, 772, 2048 }, { 5, 773, 2048 }, { 5, 774, 2048 }, { 6, 775, 2048 }, - { 4, 776, 2048 }, { 5, 777, 2048 }, { 5, 778, 2048 }, { 6, 779, 2048 }, { 5, 780, 2048 }, { 6, 781, 2048 }, { 6, 782, 2048 }, { 7, 783, 2048 }, - { 4, 784, 2048 }, { 5, 785, 2048 }, { 5, 786, 2048 }, { 6, 787, 2048 }, { 5, 788, 2048 }, { 6, 789, 2048 }, { 6, 790, 2048 }, { 7, 791, 2048 }, - { 5, 792, 2048 }, { 6, 793, 2048 }, { 6, 794, 2048 }, { 7, 795, 2048 }, { 6, 796, 2048 }, { 7, 797, 2048 }, { 7, 798, 2048 }, { 8, 799, 2048 }, - { 4, 800, 2048 }, { 5, 801, 2048 }, { 5, 802, 2048 }, { 6, 803, 2048 }, { 5, 804, 2048 }, { 6, 805, 2048 }, { 6, 806, 2048 }, { 7, 807, 2048 }, - { 5, 808, 2048 }, { 6, 809, 2048 }, { 6, 810, 2048 }, { 7, 811, 2048 }, { 6, 812, 2048 }, { 7, 813, 2048 }, { 7, 814, 2048 }, { 8, 815, 2048 }, - { 5, 816, 2048 }, { 6, 817, 2048 }, { 6, 818, 2048 }, { 7, 819, 2048 }, { 6, 820, 2048 }, { 7, 821, 2048 }, { 7, 822, 2048 }, { 8, 823, 2048 }, - { 6, 824, 2048 }, { 7, 825, 2048 }, { 7, 826, 2048 }, { 8, 827, 2048 }, { 7, 828, 2048 }, { 8, 829, 2048 }, { 8, 830, 2048 }, { 9, 831, 2048 }, - { 4, 832, 2048 }, { 5, 833, 2048 }, { 5, 834, 2048 }, { 6, 835, 2048 }, { 5, 836, 2048 }, { 6, 837, 2048 }, { 6, 838, 2048 }, { 7, 839, 2048 }, - { 5, 840, 2048 }, { 6, 841, 2048 }, { 6, 842, 2048 }, { 7, 843, 2048 }, { 6, 844, 2048 }, { 7, 845, 2048 }, { 7, 846, 2048 }, { 8, 847, 2048 }, - { 5, 848, 2048 }, { 6, 849, 2048 }, { 6, 850, 2048 }, { 7, 851, 2048 }, { 6, 852, 2048 }, { 7, 853, 2048 }, { 7, 854, 2048 }, { 8, 855, 2048 }, - { 6, 856, 2048 }, { 7, 857, 2048 }, { 7, 858, 2048 }, { 8, 859, 2048 }, { 7, 860, 2048 }, { 8, 861, 2048 }, { 8, 862, 2048 }, { 9, 863, 2048 }, - { 5, 864, 2048 }, { 6, 865, 2048 }, { 6, 866, 2048 }, { 7, 867, 2048 }, { 6, 868, 2048 }, { 7, 869, 2048 }, { 7, 870, 2048 }, { 8, 871, 2048 }, - { 6, 872, 2048 }, { 7, 873, 2048 }, { 7, 874, 2048 }, { 8, 875, 2048 }, { 7, 876, 2048 }, { 8, 877, 2048 }, { 8, 878, 2048 }, { 9, 879, 2048 }, - { 6, 880, 2048 }, { 7, 881, 2048 }, { 7, 882, 2048 }, { 8, 883, 2048 }, { 7, 884, 2048 }, { 8, 885, 2048 }, { 8, 886, 2048 }, { 9, 887, 2048 }, - { 7, 888, 2048 }, { 8, 889, 2048 }, { 8, 890, 2048 }, { 9, 891, 2048 }, { 8, 892, 2048 }, { 9, 893, 2048 }, { 9, 894, 2048 }, { 10, 895, 2048 }, - { 4, 896, 2048 }, { 5, 897, 2048 }, { 5, 898, 2048 }, { 6, 899, 2048 }, { 5, 900, 2048 }, { 6, 901, 2048 }, { 6, 902, 2048 }, { 7, 903, 2048 }, - { 5, 904, 2048 }, { 6, 905, 2048 }, { 6, 906, 2048 }, { 7, 907, 2048 }, { 6, 908, 2048 }, { 7, 909, 2048 }, { 7, 910, 2048 }, { 8, 911, 2048 }, - { 5, 912, 2048 }, { 6, 913, 2048 }, { 6, 914, 2048 }, { 7, 915, 2048 }, { 6, 916, 2048 }, { 7, 917, 2048 }, { 7, 918, 2048 }, { 8, 919, 2048 }, - { 6, 920, 2048 }, { 7, 921, 2048 }, { 7, 922, 2048 }, { 8, 923, 2048 }, { 7, 924, 2048 }, { 8, 925, 2048 }, { 8, 926, 2048 }, { 9, 927, 2048 }, - { 5, 928, 2048 }, { 6, 929, 2048 }, { 6, 930, 2048 }, { 7, 931, 2048 }, { 6, 932, 2048 }, { 7, 933, 2048 }, { 7, 934, 2048 }, { 8, 935, 2048 }, - { 6, 936, 2048 }, { 7, 937, 2048 }, { 7, 938, 2048 }, { 8, 939, 2048 }, { 7, 940, 2048 }, { 8, 941, 2048 }, { 8, 942, 2048 }, { 9, 943, 2048 }, - { 6, 944, 2048 }, { 7, 945, 2048 }, { 7, 946, 2048 }, { 8, 947, 2048 }, { 7, 948, 2048 }, { 8, 949, 2048 }, { 8, 950, 2048 }, { 9, 951, 2048 }, - { 7, 952, 2048 }, { 8, 953, 2048 }, { 8, 954, 2048 }, { 9, 955, 2048 }, { 8, 956, 2048 }, { 9, 957, 2048 }, { 9, 958, 2048 }, { 10, 959, 2048 }, - { 5, 960, 2048 }, { 6, 961, 2048 }, { 6, 962, 2048 }, { 7, 963, 2048 }, { 6, 964, 2048 }, { 7, 965, 2048 }, { 7, 966, 2048 }, { 8, 967, 2048 }, - { 6, 968, 2048 }, { 7, 969, 2048 }, { 7, 970, 2048 }, { 8, 971, 2048 }, { 7, 972, 2048 }, { 8, 973, 2048 }, { 8, 974, 2048 }, { 9, 975, 2048 }, - { 6, 976, 2048 }, { 7, 977, 2048 }, { 7, 978, 2048 }, { 8, 979, 2048 }, { 7, 980, 2048 }, { 8, 981, 2048 }, { 8, 982, 2048 }, { 9, 983, 2048 }, - { 7, 984, 2048 }, { 8, 985, 2048 }, { 8, 986, 2048 }, { 9, 987, 2048 }, { 8, 988, 2048 }, { 9, 989, 2048 }, { 9, 990, 2048 }, { 10, 991, 2048 }, - { 6, 992, 2048 }, { 7, 993, 2048 }, { 7, 994, 2048 }, { 8, 995, 2048 }, { 7, 996, 2048 }, { 8, 997, 2048 }, { 8, 998, 2048 }, { 9, 999, 2048 }, - { 7, 1000, 2048 }, { 8, 1001, 2048 }, { 8, 1002, 2048 }, { 9, 1003, 2048 }, { 8, 1004, 2048 }, { 9, 1005, 2048 }, { 9, 1006, 2048 }, { 10, 1007, 2048 }, - { 7, 1008, 2048 }, { 8, 1009, 2048 }, { 8, 1010, 2048 }, { 9, 1011, 2048 }, { 8, 1012, 2048 }, { 9, 1013, 2048 }, { 9, 1014, 2048 }, { 10, 1015, 2048 }, - { 8, 1016, 2048 }, { 9, 1017, 2048 }, { 9, 1018, 2048 }, { 10, 1019, 2048 }, { 9, 1020, 2048 }, { 10, 1021, 2048 }, { 10, 1022, 2048 }, { 11, 1023, 2048 }, - { 2, 1024, 2048 }, { 3, 1025, 2048 }, { 3, 1026, 2048 }, { 4, 1027, 2048 }, { 3, 1028, 2048 }, { 4, 1029, 2048 }, { 4, 1030, 2048 }, { 5, 1031, 2048 }, - { 3, 1032, 2048 }, { 4, 1033, 2048 }, { 4, 1034, 2048 }, { 5, 1035, 2048 }, { 4, 1036, 2048 }, { 5, 1037, 2048 }, { 5, 1038, 2048 }, { 6, 1039, 2048 }, - { 3, 1040, 2048 }, { 4, 1041, 2048 }, { 4, 1042, 2048 }, { 5, 1043, 2048 }, { 4, 1044, 2048 }, { 5, 1045, 2048 }, { 5, 1046, 2048 }, { 6, 1047, 2048 }, - { 4, 1048, 2048 }, { 5, 1049, 2048 }, { 5, 1050, 2048 }, { 6, 1051, 2048 }, { 5, 1052, 2048 }, { 6, 1053, 2048 }, { 6, 1054, 2048 }, { 7, 1055, 2048 }, - { 3, 1056, 2048 }, { 4, 1057, 2048 }, { 4, 1058, 2048 }, { 5, 1059, 2048 }, { 4, 1060, 2048 }, { 5, 1061, 2048 }, { 5, 1062, 2048 }, { 6, 1063, 2048 }, - { 4, 1064, 2048 }, { 5, 1065, 2048 }, { 5, 1066, 2048 }, { 6, 1067, 2048 }, { 5, 1068, 2048 }, { 6, 1069, 2048 }, { 6, 1070, 2048 }, { 7, 1071, 2048 }, - { 4, 1072, 2048 }, { 5, 1073, 2048 }, { 5, 1074, 2048 }, { 6, 1075, 2048 }, { 5, 1076, 2048 }, { 6, 1077, 2048 }, { 6, 1078, 2048 }, { 7, 1079, 2048 }, - { 5, 1080, 2048 }, { 6, 1081, 2048 }, { 6, 1082, 2048 }, { 7, 1083, 2048 }, { 6, 1084, 2048 }, { 7, 1085, 2048 }, { 7, 1086, 2048 }, { 8, 1087, 2048 }, - { 3, 1088, 2048 }, { 4, 1089, 2048 }, { 4, 1090, 2048 }, { 5, 1091, 2048 }, { 4, 1092, 2048 }, { 5, 1093, 2048 }, { 5, 1094, 2048 }, { 6, 1095, 2048 }, - { 4, 1096, 2048 }, { 5, 1097, 2048 }, { 5, 1098, 2048 }, { 6, 1099, 2048 }, { 5, 1100, 2048 }, { 6, 1101, 2048 }, { 6, 1102, 2048 }, { 7, 1103, 2048 }, - { 4, 1104, 2048 }, { 5, 1105, 2048 }, { 5, 1106, 2048 }, { 6, 1107, 2048 }, { 5, 1108, 2048 }, { 6, 1109, 2048 }, { 6, 1110, 2048 }, { 7, 1111, 2048 }, - { 5, 1112, 2048 }, { 6, 1113, 2048 }, { 6, 1114, 2048 }, { 7, 1115, 2048 }, { 6, 1116, 2048 }, { 7, 1117, 2048 }, { 7, 1118, 2048 }, { 8, 1119, 2048 }, - { 4, 1120, 2048 }, { 5, 1121, 2048 }, { 5, 1122, 2048 }, { 6, 1123, 2048 }, { 5, 1124, 2048 }, { 6, 1125, 2048 }, { 6, 1126, 2048 }, { 7, 1127, 2048 }, - { 5, 1128, 2048 }, { 6, 1129, 2048 }, { 6, 1130, 2048 }, { 7, 1131, 2048 }, { 6, 1132, 2048 }, { 7, 1133, 2048 }, { 7, 1134, 2048 }, { 8, 1135, 2048 }, - { 5, 1136, 2048 }, { 6, 1137, 2048 }, { 6, 1138, 2048 }, { 7, 1139, 2048 }, { 6, 1140, 2048 }, { 7, 1141, 2048 }, { 7, 1142, 2048 }, { 8, 1143, 2048 }, - { 6, 1144, 2048 }, { 7, 1145, 2048 }, { 7, 1146, 2048 }, { 8, 1147, 2048 }, { 7, 1148, 2048 }, { 8, 1149, 2048 }, { 8, 1150, 2048 }, { 9, 1151, 2048 }, - { 3, 1152, 2048 }, { 4, 1153, 2048 }, { 4, 1154, 2048 }, { 5, 1155, 2048 }, { 4, 1156, 2048 }, { 5, 1157, 2048 }, { 5, 1158, 2048 }, { 6, 1159, 2048 }, - { 4, 1160, 2048 }, { 5, 1161, 2048 }, { 5, 1162, 2048 }, { 6, 1163, 2048 }, { 5, 1164, 2048 }, { 6, 1165, 2048 }, { 6, 1166, 2048 }, { 7, 1167, 2048 }, - { 4, 1168, 2048 }, { 5, 1169, 2048 }, { 5, 1170, 2048 }, { 6, 1171, 2048 }, { 5, 1172, 2048 }, { 6, 1173, 2048 }, { 6, 1174, 2048 }, { 7, 1175, 2048 }, - { 5, 1176, 2048 }, { 6, 1177, 2048 }, { 6, 1178, 2048 }, { 7, 1179, 2048 }, { 6, 1180, 2048 }, { 7, 1181, 2048 }, { 7, 1182, 2048 }, { 8, 1183, 2048 }, - { 4, 1184, 2048 }, { 5, 1185, 2048 }, { 5, 1186, 2048 }, { 6, 1187, 2048 }, { 5, 1188, 2048 }, { 6, 1189, 2048 }, { 6, 1190, 2048 }, { 7, 1191, 2048 }, - { 5, 1192, 2048 }, { 6, 1193, 2048 }, { 6, 1194, 2048 }, { 7, 1195, 2048 }, { 6, 1196, 2048 }, { 7, 1197, 2048 }, { 7, 1198, 2048 }, { 8, 1199, 2048 }, - { 5, 1200, 2048 }, { 6, 1201, 2048 }, { 6, 1202, 2048 }, { 7, 1203, 2048 }, { 6, 1204, 2048 }, { 7, 1205, 2048 }, { 7, 1206, 2048 }, { 8, 1207, 2048 }, - { 6, 1208, 2048 }, { 7, 1209, 2048 }, { 7, 1210, 2048 }, { 8, 1211, 2048 }, { 7, 1212, 2048 }, { 8, 1213, 2048 }, { 8, 1214, 2048 }, { 9, 1215, 2048 }, - { 4, 1216, 2048 }, { 5, 1217, 2048 }, { 5, 1218, 2048 }, { 6, 1219, 2048 }, { 5, 1220, 2048 }, { 6, 1221, 2048 }, { 6, 1222, 2048 }, { 7, 1223, 2048 }, - { 5, 1224, 2048 }, { 6, 1225, 2048 }, { 6, 1226, 2048 }, { 7, 1227, 2048 }, { 6, 1228, 2048 }, { 7, 1229, 2048 }, { 7, 1230, 2048 }, { 8, 1231, 2048 }, - { 5, 1232, 2048 }, { 6, 1233, 2048 }, { 6, 1234, 2048 }, { 7, 1235, 2048 }, { 6, 1236, 2048 }, { 7, 1237, 2048 }, { 7, 1238, 2048 }, { 8, 1239, 2048 }, - { 6, 1240, 2048 }, { 7, 1241, 2048 }, { 7, 1242, 2048 }, { 8, 1243, 2048 }, { 7, 1244, 2048 }, { 8, 1245, 2048 }, { 8, 1246, 2048 }, { 9, 1247, 2048 }, - { 5, 1248, 2048 }, { 6, 1249, 2048 }, { 6, 1250, 2048 }, { 7, 1251, 2048 }, { 6, 1252, 2048 }, { 7, 1253, 2048 }, { 7, 1254, 2048 }, { 8, 1255, 2048 }, - { 6, 1256, 2048 }, { 7, 1257, 2048 }, { 7, 1258, 2048 }, { 8, 1259, 2048 }, { 7, 1260, 2048 }, { 8, 1261, 2048 }, { 8, 1262, 2048 }, { 9, 1263, 2048 }, - { 6, 1264, 2048 }, { 7, 1265, 2048 }, { 7, 1266, 2048 }, { 8, 1267, 2048 }, { 7, 1268, 2048 }, { 8, 1269, 2048 }, { 8, 1270, 2048 }, { 9, 1271, 2048 }, - { 7, 1272, 2048 }, { 8, 1273, 2048 }, { 8, 1274, 2048 }, { 9, 1275, 2048 }, { 8, 1276, 2048 }, { 9, 1277, 2048 }, { 9, 1278, 2048 }, { 10, 1279, 2048 }, - { 3, 1280, 2048 }, { 4, 1281, 2048 }, { 4, 1282, 2048 }, { 5, 1283, 2048 }, { 4, 1284, 2048 }, { 5, 1285, 2048 }, { 5, 1286, 2048 }, { 6, 1287, 2048 }, - { 4, 1288, 2048 }, { 5, 1289, 2048 }, { 5, 1290, 2048 }, { 6, 1291, 2048 }, { 5, 1292, 2048 }, { 6, 1293, 2048 }, { 6, 1294, 2048 }, { 7, 1295, 2048 }, - { 4, 1296, 2048 }, { 5, 1297, 2048 }, { 5, 1298, 2048 }, { 6, 1299, 2048 }, { 5, 1300, 2048 }, { 6, 1301, 2048 }, { 6, 1302, 2048 }, { 7, 1303, 2048 }, - { 5, 1304, 2048 }, { 6, 1305, 2048 }, { 6, 1306, 2048 }, { 7, 1307, 2048 }, { 6, 1308, 2048 }, { 7, 1309, 2048 }, { 7, 1310, 2048 }, { 8, 1311, 2048 }, - { 4, 1312, 2048 }, { 5, 1313, 2048 }, { 5, 1314, 2048 }, { 6, 1315, 2048 }, { 5, 1316, 2048 }, { 6, 1317, 2048 }, { 6, 1318, 2048 }, { 7, 1319, 2048 }, - { 5, 1320, 2048 }, { 6, 1321, 2048 }, { 6, 1322, 2048 }, { 7, 1323, 2048 }, { 6, 1324, 2048 }, { 7, 1325, 2048 }, { 7, 1326, 2048 }, { 8, 1327, 2048 }, - { 5, 1328, 2048 }, { 6, 1329, 2048 }, { 6, 1330, 2048 }, { 7, 1331, 2048 }, { 6, 1332, 2048 }, { 7, 1333, 2048 }, { 7, 1334, 2048 }, { 8, 1335, 2048 }, - { 6, 1336, 2048 }, { 7, 1337, 2048 }, { 7, 1338, 2048 }, { 8, 1339, 2048 }, { 7, 1340, 2048 }, { 8, 1341, 2048 }, { 8, 1342, 2048 }, { 9, 1343, 2048 }, - { 4, 1344, 2048 }, { 5, 1345, 2048 }, { 5, 1346, 2048 }, { 6, 1347, 2048 }, { 5, 1348, 2048 }, { 6, 1349, 2048 }, { 6, 1350, 2048 }, { 7, 1351, 2048 }, - { 5, 1352, 2048 }, { 6, 1353, 2048 }, { 6, 1354, 2048 }, { 7, 1355, 2048 }, { 6, 1356, 2048 }, { 7, 1357, 2048 }, { 7, 1358, 2048 }, { 8, 1359, 2048 }, - { 5, 1360, 2048 }, { 6, 1361, 2048 }, { 6, 1362, 2048 }, { 7, 1363, 2048 }, { 6, 1364, 2048 }, { 7, 1365, 2048 }, { 7, 1366, 2048 }, { 8, 1367, 2048 }, - { 6, 1368, 2048 }, { 7, 1369, 2048 }, { 7, 1370, 2048 }, { 8, 1371, 2048 }, { 7, 1372, 2048 }, { 8, 1373, 2048 }, { 8, 1374, 2048 }, { 9, 1375, 2048 }, - { 5, 1376, 2048 }, { 6, 1377, 2048 }, { 6, 1378, 2048 }, { 7, 1379, 2048 }, { 6, 1380, 2048 }, { 7, 1381, 2048 }, { 7, 1382, 2048 }, { 8, 1383, 2048 }, - { 6, 1384, 2048 }, { 7, 1385, 2048 }, { 7, 1386, 2048 }, { 8, 1387, 2048 }, { 7, 1388, 2048 }, { 8, 1389, 2048 }, { 8, 1390, 2048 }, { 9, 1391, 2048 }, - { 6, 1392, 2048 }, { 7, 1393, 2048 }, { 7, 1394, 2048 }, { 8, 1395, 2048 }, { 7, 1396, 2048 }, { 8, 1397, 2048 }, { 8, 1398, 2048 }, { 9, 1399, 2048 }, - { 7, 1400, 2048 }, { 8, 1401, 2048 }, { 8, 1402, 2048 }, { 9, 1403, 2048 }, { 8, 1404, 2048 }, { 9, 1405, 2048 }, { 9, 1406, 2048 }, { 10, 1407, 2048 }, - { 4, 1408, 2048 }, { 5, 1409, 2048 }, { 5, 1410, 2048 }, { 6, 1411, 2048 }, { 5, 1412, 2048 }, { 6, 1413, 2048 }, { 6, 1414, 2048 }, { 7, 1415, 2048 }, - { 5, 1416, 2048 }, { 6, 1417, 2048 }, { 6, 1418, 2048 }, { 7, 1419, 2048 }, { 6, 1420, 2048 }, { 7, 1421, 2048 }, { 7, 1422, 2048 }, { 8, 1423, 2048 }, - { 5, 1424, 2048 }, { 6, 1425, 2048 }, { 6, 1426, 2048 }, { 7, 1427, 2048 }, { 6, 1428, 2048 }, { 7, 1429, 2048 }, { 7, 1430, 2048 }, { 8, 1431, 2048 }, - { 6, 1432, 2048 }, { 7, 1433, 2048 }, { 7, 1434, 2048 }, { 8, 1435, 2048 }, { 7, 1436, 2048 }, { 8, 1437, 2048 }, { 8, 1438, 2048 }, { 9, 1439, 2048 }, - { 5, 1440, 2048 }, { 6, 1441, 2048 }, { 6, 1442, 2048 }, { 7, 1443, 2048 }, { 6, 1444, 2048 }, { 7, 1445, 2048 }, { 7, 1446, 2048 }, { 8, 1447, 2048 }, - { 6, 1448, 2048 }, { 7, 1449, 2048 }, { 7, 1450, 2048 }, { 8, 1451, 2048 }, { 7, 1452, 2048 }, { 8, 1453, 2048 }, { 8, 1454, 2048 }, { 9, 1455, 2048 }, - { 6, 1456, 2048 }, { 7, 1457, 2048 }, { 7, 1458, 2048 }, { 8, 1459, 2048 }, { 7, 1460, 2048 }, { 8, 1461, 2048 }, { 8, 1462, 2048 }, { 9, 1463, 2048 }, - { 7, 1464, 2048 }, { 8, 1465, 2048 }, { 8, 1466, 2048 }, { 9, 1467, 2048 }, { 8, 1468, 2048 }, { 9, 1469, 2048 }, { 9, 1470, 2048 }, { 10, 1471, 2048 }, - { 5, 1472, 2048 }, { 6, 1473, 2048 }, { 6, 1474, 2048 }, { 7, 1475, 2048 }, { 6, 1476, 2048 }, { 7, 1477, 2048 }, { 7, 1478, 2048 }, { 8, 1479, 2048 }, - { 6, 1480, 2048 }, { 7, 1481, 2048 }, { 7, 1482, 2048 }, { 8, 1483, 2048 }, { 7, 1484, 2048 }, { 8, 1485, 2048 }, { 8, 1486, 2048 }, { 9, 1487, 2048 }, - { 6, 1488, 2048 }, { 7, 1489, 2048 }, { 7, 1490, 2048 }, { 8, 1491, 2048 }, { 7, 1492, 2048 }, { 8, 1493, 2048 }, { 8, 1494, 2048 }, { 9, 1495, 2048 }, - { 7, 1496, 2048 }, { 8, 1497, 2048 }, { 8, 1498, 2048 }, { 9, 1499, 2048 }, { 8, 1500, 2048 }, { 9, 1501, 2048 }, { 9, 1502, 2048 }, { 10, 1503, 2048 }, - { 6, 1504, 2048 }, { 7, 1505, 2048 }, { 7, 1506, 2048 }, { 8, 1507, 2048 }, { 7, 1508, 2048 }, { 8, 1509, 2048 }, { 8, 1510, 2048 }, { 9, 1511, 2048 }, - { 7, 1512, 2048 }, { 8, 1513, 2048 }, { 8, 1514, 2048 }, { 9, 1515, 2048 }, { 8, 1516, 2048 }, { 9, 1517, 2048 }, { 9, 1518, 2048 }, { 10, 1519, 2048 }, - { 7, 1520, 2048 }, { 8, 1521, 2048 }, { 8, 1522, 2048 }, { 9, 1523, 2048 }, { 8, 1524, 2048 }, { 9, 1525, 2048 }, { 9, 1526, 2048 }, { 10, 1527, 2048 }, - { 8, 1528, 2048 }, { 9, 1529, 2048 }, { 9, 1530, 2048 }, { 10, 1531, 2048 }, { 9, 1532, 2048 }, { 10, 1533, 2048 }, { 10, 1534, 2048 }, { 11, 1535, 2048 }, - { 3, 1536, 2048 }, { 4, 1537, 2048 }, { 4, 1538, 2048 }, { 5, 1539, 2048 }, { 4, 1540, 2048 }, { 5, 1541, 2048 }, { 5, 1542, 2048 }, { 6, 1543, 2048 }, - { 4, 1544, 2048 }, { 5, 1545, 2048 }, { 5, 1546, 2048 }, { 6, 1547, 2048 }, { 5, 1548, 2048 }, { 6, 1549, 2048 }, { 6, 1550, 2048 }, { 7, 1551, 2048 }, - { 4, 1552, 2048 }, { 5, 1553, 2048 }, { 5, 1554, 2048 }, { 6, 1555, 2048 }, { 5, 1556, 2048 }, { 6, 1557, 2048 }, { 6, 1558, 2048 }, { 7, 1559, 2048 }, - { 5, 1560, 2048 }, { 6, 1561, 2048 }, { 6, 1562, 2048 }, { 7, 1563, 2048 }, { 6, 1564, 2048 }, { 7, 1565, 2048 }, { 7, 1566, 2048 }, { 8, 1567, 2048 }, - { 4, 1568, 2048 }, { 5, 1569, 2048 }, { 5, 1570, 2048 }, { 6, 1571, 2048 }, { 5, 1572, 2048 }, { 6, 1573, 2048 }, { 6, 1574, 2048 }, { 7, 1575, 2048 }, - { 5, 1576, 2048 }, { 6, 1577, 2048 }, { 6, 1578, 2048 }, { 7, 1579, 2048 }, { 6, 1580, 2048 }, { 7, 1581, 2048 }, { 7, 1582, 2048 }, { 8, 1583, 2048 }, - { 5, 1584, 2048 }, { 6, 1585, 2048 }, { 6, 1586, 2048 }, { 7, 1587, 2048 }, { 6, 1588, 2048 }, { 7, 1589, 2048 }, { 7, 1590, 2048 }, { 8, 1591, 2048 }, - { 6, 1592, 2048 }, { 7, 1593, 2048 }, { 7, 1594, 2048 }, { 8, 1595, 2048 }, { 7, 1596, 2048 }, { 8, 1597, 2048 }, { 8, 1598, 2048 }, { 9, 1599, 2048 }, - { 4, 1600, 2048 }, { 5, 1601, 2048 }, { 5, 1602, 2048 }, { 6, 1603, 2048 }, { 5, 1604, 2048 }, { 6, 1605, 2048 }, { 6, 1606, 2048 }, { 7, 1607, 2048 }, - { 5, 1608, 2048 }, { 6, 1609, 2048 }, { 6, 1610, 2048 }, { 7, 1611, 2048 }, { 6, 1612, 2048 }, { 7, 1613, 2048 }, { 7, 1614, 2048 }, { 8, 1615, 2048 }, - { 5, 1616, 2048 }, { 6, 1617, 2048 }, { 6, 1618, 2048 }, { 7, 1619, 2048 }, { 6, 1620, 2048 }, { 7, 1621, 2048 }, { 7, 1622, 2048 }, { 8, 1623, 2048 }, - { 6, 1624, 2048 }, { 7, 1625, 2048 }, { 7, 1626, 2048 }, { 8, 1627, 2048 }, { 7, 1628, 2048 }, { 8, 1629, 2048 }, { 8, 1630, 2048 }, { 9, 1631, 2048 }, - { 5, 1632, 2048 }, { 6, 1633, 2048 }, { 6, 1634, 2048 }, { 7, 1635, 2048 }, { 6, 1636, 2048 }, { 7, 1637, 2048 }, { 7, 1638, 2048 }, { 8, 1639, 2048 }, - { 6, 1640, 2048 }, { 7, 1641, 2048 }, { 7, 1642, 2048 }, { 8, 1643, 2048 }, { 7, 1644, 2048 }, { 8, 1645, 2048 }, { 8, 1646, 2048 }, { 9, 1647, 2048 }, - { 6, 1648, 2048 }, { 7, 1649, 2048 }, { 7, 1650, 2048 }, { 8, 1651, 2048 }, { 7, 1652, 2048 }, { 8, 1653, 2048 }, { 8, 1654, 2048 }, { 9, 1655, 2048 }, - { 7, 1656, 2048 }, { 8, 1657, 2048 }, { 8, 1658, 2048 }, { 9, 1659, 2048 }, { 8, 1660, 2048 }, { 9, 1661, 2048 }, { 9, 1662, 2048 }, { 10, 1663, 2048 }, - { 4, 1664, 2048 }, { 5, 1665, 2048 }, { 5, 1666, 2048 }, { 6, 1667, 2048 }, { 5, 1668, 2048 }, { 6, 1669, 2048 }, { 6, 1670, 2048 }, { 7, 1671, 2048 }, - { 5, 1672, 2048 }, { 6, 1673, 2048 }, { 6, 1674, 2048 }, { 7, 1675, 2048 }, { 6, 1676, 2048 }, { 7, 1677, 2048 }, { 7, 1678, 2048 }, { 8, 1679, 2048 }, - { 5, 1680, 2048 }, { 6, 1681, 2048 }, { 6, 1682, 2048 }, { 7, 1683, 2048 }, { 6, 1684, 2048 }, { 7, 1685, 2048 }, { 7, 1686, 2048 }, { 8, 1687, 2048 }, - { 6, 1688, 2048 }, { 7, 1689, 2048 }, { 7, 1690, 2048 }, { 8, 1691, 2048 }, { 7, 1692, 2048 }, { 8, 1693, 2048 }, { 8, 1694, 2048 }, { 9, 1695, 2048 }, - { 5, 1696, 2048 }, { 6, 1697, 2048 }, { 6, 1698, 2048 }, { 7, 1699, 2048 }, { 6, 1700, 2048 }, { 7, 1701, 2048 }, { 7, 1702, 2048 }, { 8, 1703, 2048 }, - { 6, 1704, 2048 }, { 7, 1705, 2048 }, { 7, 1706, 2048 }, { 8, 1707, 2048 }, { 7, 1708, 2048 }, { 8, 1709, 2048 }, { 8, 1710, 2048 }, { 9, 1711, 2048 }, - { 6, 1712, 2048 }, { 7, 1713, 2048 }, { 7, 1714, 2048 }, { 8, 1715, 2048 }, { 7, 1716, 2048 }, { 8, 1717, 2048 }, { 8, 1718, 2048 }, { 9, 1719, 2048 }, - { 7, 1720, 2048 }, { 8, 1721, 2048 }, { 8, 1722, 2048 }, { 9, 1723, 2048 }, { 8, 1724, 2048 }, { 9, 1725, 2048 }, { 9, 1726, 2048 }, { 10, 1727, 2048 }, - { 5, 1728, 2048 }, { 6, 1729, 2048 }, { 6, 1730, 2048 }, { 7, 1731, 2048 }, { 6, 1732, 2048 }, { 7, 1733, 2048 }, { 7, 1734, 2048 }, { 8, 1735, 2048 }, - { 6, 1736, 2048 }, { 7, 1737, 2048 }, { 7, 1738, 2048 }, { 8, 1739, 2048 }, { 7, 1740, 2048 }, { 8, 1741, 2048 }, { 8, 1742, 2048 }, { 9, 1743, 2048 }, - { 6, 1744, 2048 }, { 7, 1745, 2048 }, { 7, 1746, 2048 }, { 8, 1747, 2048 }, { 7, 1748, 2048 }, { 8, 1749, 2048 }, { 8, 1750, 2048 }, { 9, 1751, 2048 }, - { 7, 1752, 2048 }, { 8, 1753, 2048 }, { 8, 1754, 2048 }, { 9, 1755, 2048 }, { 8, 1756, 2048 }, { 9, 1757, 2048 }, { 9, 1758, 2048 }, { 10, 1759, 2048 }, - { 6, 1760, 2048 }, { 7, 1761, 2048 }, { 7, 1762, 2048 }, { 8, 1763, 2048 }, { 7, 1764, 2048 }, { 8, 1765, 2048 }, { 8, 1766, 2048 }, { 9, 1767, 2048 }, - { 7, 1768, 2048 }, { 8, 1769, 2048 }, { 8, 1770, 2048 }, { 9, 1771, 2048 }, { 8, 1772, 2048 }, { 9, 1773, 2048 }, { 9, 1774, 2048 }, { 10, 1775, 2048 }, - { 7, 1776, 2048 }, { 8, 1777, 2048 }, { 8, 1778, 2048 }, { 9, 1779, 2048 }, { 8, 1780, 2048 }, { 9, 1781, 2048 }, { 9, 1782, 2048 }, { 10, 1783, 2048 }, - { 8, 1784, 2048 }, { 9, 1785, 2048 }, { 9, 1786, 2048 }, { 10, 1787, 2048 }, { 9, 1788, 2048 }, { 10, 1789, 2048 }, { 10, 1790, 2048 }, { 11, 1791, 2048 }, - { 4, 1792, 2048 }, { 5, 1793, 2048 }, { 5, 1794, 2048 }, { 6, 1795, 2048 }, { 5, 1796, 2048 }, { 6, 1797, 2048 }, { 6, 1798, 2048 }, { 7, 1799, 2048 }, - { 5, 1800, 2048 }, { 6, 1801, 2048 }, { 6, 1802, 2048 }, { 7, 1803, 2048 }, { 6, 1804, 2048 }, { 7, 1805, 2048 }, { 7, 1806, 2048 }, { 8, 1807, 2048 }, - { 5, 1808, 2048 }, { 6, 1809, 2048 }, { 6, 1810, 2048 }, { 7, 1811, 2048 }, { 6, 1812, 2048 }, { 7, 1813, 2048 }, { 7, 1814, 2048 }, { 8, 1815, 2048 }, - { 6, 1816, 2048 }, { 7, 1817, 2048 }, { 7, 1818, 2048 }, { 8, 1819, 2048 }, { 7, 1820, 2048 }, { 8, 1821, 2048 }, { 8, 1822, 2048 }, { 9, 1823, 2048 }, - { 5, 1824, 2048 }, { 6, 1825, 2048 }, { 6, 1826, 2048 }, { 7, 1827, 2048 }, { 6, 1828, 2048 }, { 7, 1829, 2048 }, { 7, 1830, 2048 }, { 8, 1831, 2048 }, - { 6, 1832, 2048 }, { 7, 1833, 2048 }, { 7, 1834, 2048 }, { 8, 1835, 2048 }, { 7, 1836, 2048 }, { 8, 1837, 2048 }, { 8, 1838, 2048 }, { 9, 1839, 2048 }, - { 6, 1840, 2048 }, { 7, 1841, 2048 }, { 7, 1842, 2048 }, { 8, 1843, 2048 }, { 7, 1844, 2048 }, { 8, 1845, 2048 }, { 8, 1846, 2048 }, { 9, 1847, 2048 }, - { 7, 1848, 2048 }, { 8, 1849, 2048 }, { 8, 1850, 2048 }, { 9, 1851, 2048 }, { 8, 1852, 2048 }, { 9, 1853, 2048 }, { 9, 1854, 2048 }, { 10, 1855, 2048 }, - { 5, 1856, 2048 }, { 6, 1857, 2048 }, { 6, 1858, 2048 }, { 7, 1859, 2048 }, { 6, 1860, 2048 }, { 7, 1861, 2048 }, { 7, 1862, 2048 }, { 8, 1863, 2048 }, - { 6, 1864, 2048 }, { 7, 1865, 2048 }, { 7, 1866, 2048 }, { 8, 1867, 2048 }, { 7, 1868, 2048 }, { 8, 1869, 2048 }, { 8, 1870, 2048 }, { 9, 1871, 2048 }, - { 6, 1872, 2048 }, { 7, 1873, 2048 }, { 7, 1874, 2048 }, { 8, 1875, 2048 }, { 7, 1876, 2048 }, { 8, 1877, 2048 }, { 8, 1878, 2048 }, { 9, 1879, 2048 }, - { 7, 1880, 2048 }, { 8, 1881, 2048 }, { 8, 1882, 2048 }, { 9, 1883, 2048 }, { 8, 1884, 2048 }, { 9, 1885, 2048 }, { 9, 1886, 2048 }, { 10, 1887, 2048 }, - { 6, 1888, 2048 }, { 7, 1889, 2048 }, { 7, 1890, 2048 }, { 8, 1891, 2048 }, { 7, 1892, 2048 }, { 8, 1893, 2048 }, { 8, 1894, 2048 }, { 9, 1895, 2048 }, - { 7, 1896, 2048 }, { 8, 1897, 2048 }, { 8, 1898, 2048 }, { 9, 1899, 2048 }, { 8, 1900, 2048 }, { 9, 1901, 2048 }, { 9, 1902, 2048 }, { 10, 1903, 2048 }, - { 7, 1904, 2048 }, { 8, 1905, 2048 }, { 8, 1906, 2048 }, { 9, 1907, 2048 }, { 8, 1908, 2048 }, { 9, 1909, 2048 }, { 9, 1910, 2048 }, { 10, 1911, 2048 }, - { 8, 1912, 2048 }, { 9, 1913, 2048 }, { 9, 1914, 2048 }, { 10, 1915, 2048 }, { 9, 1916, 2048 }, { 10, 1917, 2048 }, { 10, 1918, 2048 }, { 11, 1919, 2048 }, - { 5, 1920, 2048 }, { 6, 1921, 2048 }, { 6, 1922, 2048 }, { 7, 1923, 2048 }, { 6, 1924, 2048 }, { 7, 1925, 2048 }, { 7, 1926, 2048 }, { 8, 1927, 2048 }, - { 6, 1928, 2048 }, { 7, 1929, 2048 }, { 7, 1930, 2048 }, { 8, 1931, 2048 }, { 7, 1932, 2048 }, { 8, 1933, 2048 }, { 8, 1934, 2048 }, { 9, 1935, 2048 }, - { 6, 1936, 2048 }, { 7, 1937, 2048 }, { 7, 1938, 2048 }, { 8, 1939, 2048 }, { 7, 1940, 2048 }, { 8, 1941, 2048 }, { 8, 1942, 2048 }, { 9, 1943, 2048 }, - { 7, 1944, 2048 }, { 8, 1945, 2048 }, { 8, 1946, 2048 }, { 9, 1947, 2048 }, { 8, 1948, 2048 }, { 9, 1949, 2048 }, { 9, 1950, 2048 }, { 10, 1951, 2048 }, - { 6, 1952, 2048 }, { 7, 1953, 2048 }, { 7, 1954, 2048 }, { 8, 1955, 2048 }, { 7, 1956, 2048 }, { 8, 1957, 2048 }, { 8, 1958, 2048 }, { 9, 1959, 2048 }, - { 7, 1960, 2048 }, { 8, 1961, 2048 }, { 8, 1962, 2048 }, { 9, 1963, 2048 }, { 8, 1964, 2048 }, { 9, 1965, 2048 }, { 9, 1966, 2048 }, { 10, 1967, 2048 }, - { 7, 1968, 2048 }, { 8, 1969, 2048 }, { 8, 1970, 2048 }, { 9, 1971, 2048 }, { 8, 1972, 2048 }, { 9, 1973, 2048 }, { 9, 1974, 2048 }, { 10, 1975, 2048 }, - { 8, 1976, 2048 }, { 9, 1977, 2048 }, { 9, 1978, 2048 }, { 10, 1979, 2048 }, { 9, 1980, 2048 }, { 10, 1981, 2048 }, { 10, 1982, 2048 }, { 11, 1983, 2048 }, - { 6, 1984, 2048 }, { 7, 1985, 2048 }, { 7, 1986, 2048 }, { 8, 1987, 2048 }, { 7, 1988, 2048 }, { 8, 1989, 2048 }, { 8, 1990, 2048 }, { 9, 1991, 2048 }, - { 7, 1992, 2048 }, { 8, 1993, 2048 }, { 8, 1994, 2048 }, { 9, 1995, 2048 }, { 8, 1996, 2048 }, { 9, 1997, 2048 }, { 9, 1998, 2048 }, { 10, 1999, 2048 }, - { 7, 2000, 2048 }, { 8, 2001, 2048 }, { 8, 2002, 2048 }, { 9, 2003, 2048 }, { 8, 2004, 2048 }, { 9, 2005, 2048 }, { 9, 2006, 2048 }, { 10, 2007, 2048 }, - { 8, 2008, 2048 }, { 9, 2009, 2048 }, { 9, 2010, 2048 }, { 10, 2011, 2048 }, { 9, 2012, 2048 }, { 10, 2013, 2048 }, { 10, 2014, 2048 }, { 11, 2015, 2048 }, - { 7, 2016, 2048 }, { 8, 2017, 2048 }, { 8, 2018, 2048 }, { 9, 2019, 2048 }, { 8, 2020, 2048 }, { 9, 2021, 2048 }, { 9, 2022, 2048 }, { 10, 2023, 2048 }, - { 8, 2024, 2048 }, { 9, 2025, 2048 }, { 9, 2026, 2048 }, { 10, 2027, 2048 }, { 9, 2028, 2048 }, { 10, 2029, 2048 }, { 10, 2030, 2048 }, { 11, 2031, 2048 }, - { 8, 2032, 2048 }, { 9, 2033, 2048 }, { 9, 2034, 2048 }, { 10, 2035, 2048 }, { 9, 2036, 2048 }, { 10, 2037, 2048 }, { 10, 2038, 2048 }, { 11, 2039, 2048 }, - { 9, 2040, 2048 }, { 10, 2041, 2048 }, { 10, 2042, 2048 }, { 11, 2043, 2048 }, { 10, 2044, 2048 }, { 11, 2045, 2048 }, { 11, 2046, 2048 }, { 12, 2047, 2048 }, -#endif -#endif -#endif -#endif -#endif -#endif -}; - -/* find a hole and free as required, return -1 if no hole found */ -static int find_hole(void) -{ - unsigned x; - int y, z; - for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) { - if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) { - z = x; - y = fp_cache[x].lru_count; - } - } - - /* decrease all */ - for (x = 0; x < FP_ENTRIES; x++) { - if (fp_cache[x].lru_count > 3) { - --(fp_cache[x].lru_count); - } - } - - /* free entry z */ - if (z >= 0 && fp_cache[z].g) { - if (fp_cache[z].mu != NULL) { - mp_clear(fp_cache[z].mu); - fp_cache[z].mu = NULL; - } - ltc_ecc_del_point(fp_cache[z].g); - fp_cache[z].g = NULL; - for (x = 0; x < (1U<<FP_LUT); x++) { - ltc_ecc_del_point(fp_cache[z].LUT[x]); - fp_cache[z].LUT[x] = NULL; - } - fp_cache[z].lru_count = 0; - } - return z; -} - -/* determine if a base is already in the cache and if so, where */ -static int find_base(ecc_point *g) -{ - int x; - for (x = 0; x < FP_ENTRIES; x++) { - if (fp_cache[x].g != NULL && - mp_cmp(fp_cache[x].g->x, g->x) == LTC_MP_EQ && - mp_cmp(fp_cache[x].g->y, g->y) == LTC_MP_EQ && - mp_cmp(fp_cache[x].g->z, g->z) == LTC_MP_EQ) { - break; - } - } - if (x == FP_ENTRIES) { - x = -1; - } - return x; -} - -/* add a new base to the cache */ -static int add_entry(int idx, ecc_point *g) -{ - unsigned x, y; - - /* allocate base and LUT */ - fp_cache[idx].g = ltc_ecc_new_point(); - if (fp_cache[idx].g == NULL) { - return CRYPT_MEM; - } - - /* copy x and y */ - if ((mp_copy(g->x, fp_cache[idx].g->x) != CRYPT_OK) || - (mp_copy(g->y, fp_cache[idx].g->y) != CRYPT_OK) || - (mp_copy(g->z, fp_cache[idx].g->z) != CRYPT_OK)) { - ltc_ecc_del_point(fp_cache[idx].g); - fp_cache[idx].g = NULL; - return CRYPT_MEM; - } - - for (x = 0; x < (1U<<FP_LUT); x++) { - fp_cache[idx].LUT[x] = ltc_ecc_new_point(); - if (fp_cache[idx].LUT[x] == NULL) { - for (y = 0; y < x; y++) { - ltc_ecc_del_point(fp_cache[idx].LUT[y]); - fp_cache[idx].LUT[y] = NULL; - } - ltc_ecc_del_point(fp_cache[idx].g); - fp_cache[idx].g = NULL; - fp_cache[idx].lru_count = 0; - return CRYPT_MEM; - } - } - - fp_cache[idx].lru_count = 0; - return CRYPT_OK; -} - -/* build the LUT by spacing the bits of the input by #modulus/FP_LUT bits apart - * - * The algorithm builds patterns in increasing bit order by first making all - * single bit input patterns, then all two bit input patterns and so on - */ -static int build_lut(int idx, void *modulus, void *mp, void *mu) -{ - unsigned x, y, err, bitlen, lut_gap; - void *tmp; - - tmp = NULL; - - /* sanity check to make sure lut_order table is of correct size, should compile out to a NOP if true */ - if ((sizeof(lut_orders) / sizeof(lut_orders[0])) < (1U<<FP_LUT)) { - err = CRYPT_INVALID_ARG; - goto DONE; - } - - /* get bitlen and round up to next multiple of FP_LUT */ - bitlen = mp_unsigned_bin_size(modulus) << 3; - x = bitlen % FP_LUT; - if (x) { - bitlen += FP_LUT - x; - } - lut_gap = bitlen / FP_LUT; - - /* init the mu */ - if ((err = mp_init_copy(&fp_cache[idx].mu, mu)) != CRYPT_OK) { - goto ERR; - } - - /* copy base */ - if ((mp_mulmod(fp_cache[idx].g->x, mu, modulus, fp_cache[idx].LUT[1]->x) != CRYPT_OK) || - (mp_mulmod(fp_cache[idx].g->y, mu, modulus, fp_cache[idx].LUT[1]->y) != CRYPT_OK) || - (mp_mulmod(fp_cache[idx].g->z, mu, modulus, fp_cache[idx].LUT[1]->z) != CRYPT_OK)) { goto ERR; } - - /* make all single bit entries */ - for (x = 1; x < FP_LUT; x++) { - if ((mp_copy(fp_cache[idx].LUT[1<<(x-1)]->x, fp_cache[idx].LUT[1<<x]->x) != CRYPT_OK) || - (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->y, fp_cache[idx].LUT[1<<x]->y) != CRYPT_OK) || - (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->z, fp_cache[idx].LUT[1<<x]->z) != CRYPT_OK)) { goto ERR; } - - /* now double it bitlen/FP_LUT times */ - for (y = 0; y < lut_gap; y++) { - if ((err = ltc_mp.ecc_ptdbl(fp_cache[idx].LUT[1<<x], fp_cache[idx].LUT[1<<x], modulus, mp)) != CRYPT_OK) { - goto ERR; - } - } - } - - /* now make all entries in increase order of hamming weight */ - for (x = 2; x <= FP_LUT; x++) { - for (y = 0; y < (1UL<<FP_LUT); y++) { - if (lut_orders[y].ham != (int)x) continue; - - /* perform the add */ - if ((err = ltc_mp.ecc_ptadd(fp_cache[idx].LUT[lut_orders[y].terma], fp_cache[idx].LUT[lut_orders[y].termb], - fp_cache[idx].LUT[y], modulus, mp)) != CRYPT_OK) { - goto ERR; - } - } - } - - /* now map all entries back to affine space to make point addition faster */ - if ((err = mp_init(&tmp)) != CRYPT_OK) { goto ERR; } - for (x = 1; x < (1UL<<FP_LUT); x++) { - /* convert z to normal from montgomery */ - if ((err = mp_montgomery_reduce(fp_cache[idx].LUT[x]->z, modulus, mp)) != CRYPT_OK) { goto ERR; } - - /* invert it */ - if ((err = mp_invmod(fp_cache[idx].LUT[x]->z, modulus, fp_cache[idx].LUT[x]->z)) != CRYPT_OK) { goto ERR; } - - /* now square it */ - if ((err = mp_sqrmod(fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK) { goto ERR; } - - /* fix x */ - if ((err = mp_mulmod(fp_cache[idx].LUT[x]->x, tmp, modulus, fp_cache[idx].LUT[x]->x)) != CRYPT_OK) { goto ERR; } - - /* get 1/z^3 */ - if ((err = mp_mulmod(tmp, fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK) { goto ERR; } - - /* fix y */ - if ((err = mp_mulmod(fp_cache[idx].LUT[x]->y, tmp, modulus, fp_cache[idx].LUT[x]->y)) != CRYPT_OK) { goto ERR; } - - /* free z */ - mp_clear(fp_cache[idx].LUT[x]->z); - fp_cache[idx].LUT[x]->z = NULL; - } - mp_clear(tmp); - - return CRYPT_OK; -ERR: - err = CRYPT_MEM; -DONE: - for (y = 0; y < (1U<<FP_LUT); y++) { - ltc_ecc_del_point(fp_cache[idx].LUT[y]); - fp_cache[idx].LUT[y] = NULL; - } - ltc_ecc_del_point(fp_cache[idx].g); - fp_cache[idx].g = NULL; - fp_cache[idx].lru_count = 0; - if (fp_cache[idx].mu != NULL) { - mp_clear(fp_cache[idx].mu); - fp_cache[idx].mu = NULL; - } - if (tmp != NULL) { - mp_clear(tmp); - } - return err; -} - -/* perform a fixed point ECC mulmod */ -static int accel_fp_mul(int idx, void *k, ecc_point *R, void *modulus, void *mp, int map) -{ - unsigned char kb[128]; - int x; - unsigned y, z, err, bitlen, bitpos, lut_gap, first; - void *tk, *order; - - /* if it's smaller than modulus we fine */ - if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) { - /* find order */ - y = mp_unsigned_bin_size(modulus); - for (x = 0; ltc_ecc_sets[x].size; x++) { - if (y <= (unsigned)ltc_ecc_sets[x].size) break; - } - - /* back off if we are on the 521 bit curve */ - if (y == 66) --x; - - if ((err = mp_init(&order)) != CRYPT_OK) { - return err; - } - if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) { - mp_clear(&order); - return err; - } - - /* k must be less than modulus */ - if (mp_cmp(k, order) != LTC_MP_LT) { - if ((err = mp_init(&tk)) != CRYPT_OK) { - mp_clear(order); - return err; - } - if ((err = mp_mod(k, order, tk)) != CRYPT_OK) { - mp_clear(tk); - mp_clear(order); - return err; - } - } else { - tk = k; - } - mp_clear(order); - } else { - tk = k; - } - - /* get bitlen and round up to next multiple of FP_LUT */ - bitlen = mp_unsigned_bin_size(modulus) << 3; - x = bitlen % FP_LUT; - if (x) { - bitlen += FP_LUT - x; - } - lut_gap = bitlen / FP_LUT; - - /* get the k value */ - if (mp_unsigned_bin_size(tk) > (sizeof(kb) - 2)) { - if (tk != k) { - mp_clear(tk); - } - return CRYPT_BUFFER_OVERFLOW; - } - - /* store k */ - zeromem(kb, sizeof(kb)); - if ((err = mp_to_unsigned_bin(tk, kb)) != CRYPT_OK) { - if (tk != k) { - mp_clear(tk); - } - return err; - } - - /* let's reverse kb so it's little endian */ - x = 0; - y = mp_unsigned_bin_size(tk) - 1; - if (tk != k) { - mp_clear(tk); - } - while ((unsigned)x < y) { - z = kb[x]; kb[x] = kb[y]; kb[y] = z; - ++x; --y; - } - - /* at this point we can start, yipee */ - first = 1; - for (x = lut_gap-1; x >= 0; x--) { - /* extract FP_LUT bits from kb spread out by lut_gap bits and offset by x bits from the start */ - bitpos = x; - for (y = z = 0; y < FP_LUT; y++) { - z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y; - bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid the mult in each loop */ - } - - /* double if not first */ - if (!first) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { - return err; - } - } - - /* add if not first, otherwise copy */ - if (!first && z) { - if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx].LUT[z], R, modulus, mp)) != CRYPT_OK) { - return err; - } - } else if (z) { - if ((mp_copy(fp_cache[idx].LUT[z]->x, R->x) != CRYPT_OK) || - (mp_copy(fp_cache[idx].LUT[z]->y, R->y) != CRYPT_OK) || - (mp_copy(fp_cache[idx].mu, R->z) != CRYPT_OK)) { return CRYPT_MEM; } - first = 0; - } - } - z = 0; - zeromem(kb, sizeof(kb)); - /* map R back from projective space */ - if (map) { - err = ltc_ecc_map(R, modulus, mp); - } else { - err = CRYPT_OK; - } - return err; -} - -#ifdef LTC_ECC_SHAMIR -/* perform a fixed point ECC mulmod */ -static int accel_fp_mul2add(int idx1, int idx2, - void *kA, void *kB, - ecc_point *R, void *modulus, void *mp) -{ - unsigned char kb[2][128]; - int x; - unsigned y, z, err, bitlen, bitpos, lut_gap, first, zA, zB; - void *tka, *tkb, *order; - - /* if it's smaller than modulus we fine */ - if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) { - /* find order */ - y = mp_unsigned_bin_size(modulus); - for (x = 0; ltc_ecc_sets[x].size; x++) { - if (y <= (unsigned)ltc_ecc_sets[x].size) break; - } - - /* back off if we are on the 521 bit curve */ - if (y == 66) --x; - - if ((err = mp_init(&order)) != CRYPT_OK) { - return err; - } - if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) { - mp_clear(&order); - return err; - } - - /* kA must be less than modulus */ - if (mp_cmp(kA, order) != LTC_MP_LT) { - if ((err = mp_init(&tka)) != CRYPT_OK) { - mp_clear(order); - return err; - } - if ((err = mp_mod(kA, order, tka)) != CRYPT_OK) { - mp_clear(tka); - mp_clear(order); - return err; - } - } else { - tka = kA; - } - mp_clear(order); - } else { - tka = kA; - } - - /* if it's smaller than modulus we fine */ - if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) { - /* find order */ - y = mp_unsigned_bin_size(modulus); - for (x = 0; ltc_ecc_sets[x].size; x++) { - if (y <= (unsigned)ltc_ecc_sets[x].size) break; - } - - /* back off if we are on the 521 bit curve */ - if (y == 66) --x; - - if ((err = mp_init(&order)) != CRYPT_OK) { - return err; - } - if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) { - mp_clear(&order); - return err; - } - - /* kB must be less than modulus */ - if (mp_cmp(kB, order) != LTC_MP_LT) { - if ((err = mp_init(&tkb)) != CRYPT_OK) { - mp_clear(order); - return err; - } - if ((err = mp_mod(kB, order, tkb)) != CRYPT_OK) { - mp_clear(tkb); - mp_clear(order); - return err; - } - } else { - tkb = kB; - } - mp_clear(order); - } else { - tkb = kB; - } - - /* get bitlen and round up to next multiple of FP_LUT */ - bitlen = mp_unsigned_bin_size(modulus) << 3; - x = bitlen % FP_LUT; - if (x) { - bitlen += FP_LUT - x; - } - lut_gap = bitlen / FP_LUT; - - /* get the k value */ - if ((mp_unsigned_bin_size(tka) > (sizeof(kb[0]) - 2)) || (mp_unsigned_bin_size(tkb) > (sizeof(kb[0]) - 2)) ) { - if (tka != kA) { - mp_clear(tka); - } - if (tkb != kB) { - mp_clear(tkb); - } - return CRYPT_BUFFER_OVERFLOW; - } - - /* store k */ - zeromem(kb, sizeof(kb)); - if ((err = mp_to_unsigned_bin(tka, kb[0])) != CRYPT_OK) { - if (tka != kA) { - mp_clear(tka); - } - if (tkb != kB) { - mp_clear(tkb); - } - return err; - } - - /* let's reverse kb so it's little endian */ - x = 0; - y = mp_unsigned_bin_size(tka) - 1; - if (tka != kA) { - mp_clear(tka); - } - while ((unsigned)x < y) { - z = kb[0][x]; kb[0][x] = kb[0][y]; kb[0][y] = z; - ++x; --y; - } - - /* store b */ - if ((err = mp_to_unsigned_bin(tkb, kb[1])) != CRYPT_OK) { - if (tkb != kB) { - mp_clear(tkb); - } - return err; - } - - x = 0; - y = mp_unsigned_bin_size(tkb) - 1; - if (tkb != kB) { - mp_clear(tkb); - } - while ((unsigned)x < y) { - z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z; - ++x; --y; - } - - /* at this point we can start, yipee */ - first = 1; - for (x = lut_gap-1; x >= 0; x--) { - /* extract FP_LUT bits from kb spread out by lut_gap bits and offset by x bits from the start */ - bitpos = x; - for (y = zA = zB = 0; y < FP_LUT; y++) { - zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y; - zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y; - bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid the mult in each loop */ - } - - /* double if not first */ - if (!first) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { - return err; - } - } - - /* add if not first, otherwise copy */ - if (!first) { - if (zA) { - if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx1].LUT[zA], R, modulus, mp)) != CRYPT_OK) { - return err; - } - } - if (zB) { - if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx2].LUT[zB], R, modulus, mp)) != CRYPT_OK) { - return err; - } - } - } else { - if (zA) { - if ((mp_copy(fp_cache[idx1].LUT[zA]->x, R->x) != CRYPT_OK) || - (mp_copy(fp_cache[idx1].LUT[zA]->y, R->y) != CRYPT_OK) || - (mp_copy(fp_cache[idx1].mu, R->z) != CRYPT_OK)) { return CRYPT_MEM; } - first = 0; - } - if (zB && first == 0) { - if (zB) { - if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx2].LUT[zB], R, modulus, mp)) != CRYPT_OK) { - return err; - } - } - } else if (zB && first == 1) { - if ((mp_copy(fp_cache[idx2].LUT[zB]->x, R->x) != CRYPT_OK) || - (mp_copy(fp_cache[idx2].LUT[zB]->y, R->y) != CRYPT_OK) || - (mp_copy(fp_cache[idx2].mu, R->z) != CRYPT_OK)) { return CRYPT_MEM; } - first = 0; - } - } - } - zeromem(kb, sizeof(kb)); - return ltc_ecc_map(R, modulus, mp); -} - -/** ECC Fixed Point mulmod global - Computes kA*A + kB*B = C using Shamir's Trick - @param A First point to multiply - @param kA What to multiple A by - @param B Second point to multiply - @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B) - @param modulus Modulus for curve - @return CRYPT_OK on success -*/ -int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, void *modulus) -{ - int idx1, idx2, err; - void *mp, *mu; - - mp = NULL; - mu = NULL; - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - /* find point */ - idx1 = find_base(A); - - /* no entry? */ - if (idx1 == -1) { - /* find hole and add it */ - if ((idx1 = find_hole()) >= 0) { - if ((err = add_entry(idx1, A)) != CRYPT_OK) { - goto LBL_ERR; - } - } - } - if (idx1 != -1) { - /* increment LRU */ - ++(fp_cache[idx1].lru_count); - } - - /* find point */ - idx2 = find_base(B); - - /* no entry? */ - if (idx2 == -1) { - /* find hole and add it */ - if ((idx2 = find_hole()) >= 0) { - if ((err = add_entry(idx2, B)) != CRYPT_OK) { - goto LBL_ERR; - } - } - } - if (idx2 != -1) { - /* increment LRU */ - ++(fp_cache[idx2].lru_count); - } - - /* if it's 2 build the LUT, if it's higher just use the LUT */ - if (idx1 >= 0 && fp_cache[idx1].lru_count == 2) { - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } - - /* compute mu */ - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* build the LUT */ - if ((err = build_lut(idx1, modulus, mp, mu)) != CRYPT_OK) { - goto LBL_ERR;; - } - } - - /* if it's 2 build the LUT, if it's higher just use the LUT */ - if (idx2 >= 0 && fp_cache[idx2].lru_count == 2) { - if (mp == NULL) { - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } - - /* compute mu */ - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto LBL_ERR; - } - } - - /* build the LUT */ - if ((err = build_lut(idx2, modulus, mp, mu)) != CRYPT_OK) { - goto LBL_ERR;; - } - } - - - if (idx1 >=0 && idx2 >= 0 && fp_cache[idx1].lru_count >= 2 && fp_cache[idx2].lru_count >= 2) { - if (mp == NULL) { - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } - } - err = accel_fp_mul2add(idx1, idx2, kA, kB, C, modulus, mp); - } else { - err = ltc_ecc_mul2add(A, kA, B, kB, C, modulus); - } -LBL_ERR: - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - if (mp != NULL) { - mp_montgomery_free(mp); - } - if (mu != NULL) { - mp_clear(mu); - } - return err; -} -#endif - -/** ECC Fixed Point mulmod global - @param k The multiplicand - @param G Base point to multiply - @param R [out] Destination of product - @param modulus The modulus for the curve - @param map [boolean] If non-zero maps the point back to affine co-ordinates, otherwise it's left in jacobian-montgomery form - @return CRYPT_OK if successful -*/ -int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) -{ - int idx, err; - void *mp, *mu; - - mp = NULL; - mu = NULL; - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - /* find point */ - idx = find_base(G); - - /* no entry? */ - if (idx == -1) { - /* find hole and add it */ - idx = find_hole(); - - if (idx >= 0) { - if ((err = add_entry(idx, G)) != CRYPT_OK) { - goto LBL_ERR; - } - } - } - if (idx != -1) { - /* increment LRU */ - ++(fp_cache[idx].lru_count); - } - - - /* if it's 2 build the LUT, if it's higher just use the LUT */ - if (idx >= 0 && fp_cache[idx].lru_count == 2) { - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } - - /* compute mu */ - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* build the LUT */ - if ((err = build_lut(idx, modulus, mp, mu)) != CRYPT_OK) { - goto LBL_ERR;; - } - } - - if (idx >= 0 && fp_cache[idx].lru_count >= 2) { - if (mp == NULL) { - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; } - } - err = accel_fp_mul(idx, k, R, modulus, mp, map); - } else { - err = ltc_ecc_mulmod(k, G, R, modulus, map); - } -LBL_ERR: - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - if (mp != NULL) { - mp_montgomery_free(mp); - } - if (mu != NULL) { - mp_clear(mu); - } - return err; -} - -/* helper function for freeing the cache ... must be called with the cache mutex locked */ -static void ltc_ecc_fp_free_cache(void) -{ - unsigned x, y; - for (x = 0; x < FP_ENTRIES; x++) { - if (fp_cache[x].g != NULL) { - for (y = 0; y < (1U<<FP_LUT); y++) { - ltc_ecc_del_point(fp_cache[x].LUT[y]); - fp_cache[x].LUT[y] = NULL; - } - ltc_ecc_del_point(fp_cache[x].g); - fp_cache[x].g = NULL; - if (fp_cache[x].mu != NULL) { - mp_clear(fp_cache[x].mu); - fp_cache[x].mu = NULL; - } - fp_cache[x].lru_count = 0; - fp_cache[x].lock = 0; - } - } -} - -/** Free the Fixed Point cache */ -void ltc_ecc_fp_free(void) -{ - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - ltc_ecc_fp_free_cache(); - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); -} - -/** Add a point to the cache and initialize the LUT - @param g The point to add - @param modulus Modulus for curve - @param lock Flag to indicate if this entry should be locked into the cache or not - @return CRYPT_OK on success -*/ -int -ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock) -{ - int idx; - int err; - void *mp = NULL; - void *mu = NULL; - - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - if ((idx = find_base(g)) >= 0) { - /* it is already in the cache ... just check that the LUT is initialized */ - if(fp_cache[idx].lru_count >= 2) { - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - return CRYPT_OK; - } - } - - if(idx == -1 && (idx = find_hole()) == -1) { - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - if ((err = add_entry(idx, g)) != CRYPT_OK) { - goto LBL_ERR; - } - /* compute mp */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* compute mu */ - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* build the LUT */ - if ((err = build_lut(idx, modulus, mp, mu)) != CRYPT_OK) { - goto LBL_ERR; - } - fp_cache[idx].lru_count = 2; - fp_cache[idx].lock = lock; -LBL_ERR: - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - if (mp != NULL) { - mp_montgomery_free(mp); - } - if (mu != NULL) { - mp_clear(mu); - } - return err; -} - -/** Prevent/permit the FP cache from being updated - @param flag If flag is 0, remove cache lock (unlock), otherwise lock it -*/ -void ltc_ecc_fp_tablelock(int lock) -{ - int i; - - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - for (i = 0; i < FP_ENTRIES; i++) { - fp_cache[i].lock = lock; - } - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); -} - -/** Export the current cache as a binary packet - @param out [out] pointer to malloc'ed space containing the packet - @param outlen [out] size of exported packet - @return CRYPT_OK if successful -*/ -int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen) -{ - ltc_asn1_list *cache_entry; - unsigned int i, j, k; - unsigned long fp_entries, fp_lut, num_entries; - int err; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - fp_entries = FP_ENTRIES; - fp_lut = FP_LUT; - num_entries = 0; - - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - /* - * build the list; - Cache DEFINITIONS ::= - BEGIN - CacheDump ::= SEQUENCE { - numEntries SHORTINTEGER, - maxEntries SHORTINTEGER, - numLUT SHORTINTEGER, - cache SEQUENCE OF INTEGER - } - END - * - */ - /* - * The cache itself is a point (3 INTEGERS), - * the LUT as pairs of INTEGERS (2 * 1<<FP_LUT), - * and the mu INTEGER - */ - cache_entry = XCALLOC(FP_ENTRIES*(2*(1U<<FP_LUT)+4)+3, sizeof(ltc_asn1_list)); - if (cache_entry == NULL) - return CRYPT_MEM; - j = 1; /* handle the zero'th element later */ - - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_SHORT_INTEGER, &fp_entries, 1); - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_SHORT_INTEGER, &fp_lut, 1); - - for (i = 0; i < FP_ENTRIES; i++) { - /* - * do not save empty entries, or entries that have not yet had the lut built - */ - if (fp_cache[i].g == NULL || fp_cache[i].lru_count < 2) { - continue; - } - num_entries++; - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].g->x, 1); - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].g->y, 1); - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].g->z, 1); - for (k = 0; k < (1U<<FP_LUT); k++) { - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].LUT[k]->x, 1); - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].LUT[k]->y, 1); - } - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_INTEGER, fp_cache[i].mu, 1); - } - LTC_SET_ASN1(cache_entry, j++, LTC_ASN1_EOL, 0, 0); - - LTC_SET_ASN1(cache_entry, 0, LTC_ASN1_SHORT_INTEGER, &num_entries, 1); - - if ((err = der_length_sequence(cache_entry, j, outlen)) != CRYPT_OK) { - goto save_err; - } - if ((*out = XMALLOC(*outlen)) == NULL) { - err = CRYPT_MEM; - goto save_err; - } - err = der_encode_sequence(cache_entry, j, *out, outlen); -save_err: - XFREE(cache_entry); - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - return err; -} - -/** Import a binary packet into the current cache - @param in [in] pointer to packet - @param inlen [in] size of packet (bytes) - @return CRYPT_OK if successful -*/ -int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen) -{ - int err; - ltc_asn1_list *asn1_list; - unsigned long num_entries, fp_entries, fp_lut; - unsigned long i, j; - unsigned int x; - - LTC_ARGCHK(in != NULL); - if (inlen == 0) { - return CRYPT_INVALID_ARG; - } - - /* zero indecies */ - i = 0; - j = 0; - asn1_list = NULL; - - LTC_MUTEX_LOCK(<c_ecc_fp_lock); - /* - * start with an empty cache - */ - ltc_ecc_fp_free_cache(); - - /* - * decode the input packet: It consists of a sequence with a few - * integers (including the FP_ENTRIES and FP_LUT sizes), followed by a - * SEQUENCE which is the cache itself. - * - * use standard decoding for the first part, then flexible for the second - */ - if((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_SHORT_INTEGER, 1, &num_entries, - LTC_ASN1_SHORT_INTEGER, 1, &fp_entries, - LTC_ASN1_SHORT_INTEGER, 1, &fp_lut, - LTC_ASN1_EOL, 0, 0)) != CRYPT_OK) { - goto ERR_OUT; - } - if (fp_entries != FP_ENTRIES || fp_lut != FP_LUT || num_entries > fp_entries) { - err = CRYPT_INVALID_PACKET; - goto ERR_OUT; - } - if ((asn1_list = XCALLOC(3+num_entries*(4+2*(1<<FP_LUT))+1, sizeof(ltc_asn1_list))) == NULL) { - err = CRYPT_MEM; - goto ERR_OUT; - } - j = 0; - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_SHORT_INTEGER, &num_entries, 1); - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_SHORT_INTEGER, &fp_entries, 1); - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_SHORT_INTEGER, &fp_lut, 1); - for (i = 0; i < num_entries; i++) { - if((fp_cache[i].g = ltc_ecc_new_point()) == NULL) { - err = CRYPT_MEM; - goto ERR_OUT; - } - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, fp_cache[i].g->x, 1); - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, fp_cache[i].g->y, 1); - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, fp_cache[i].g->z, 1); - for (x = 0; x < (1U<<FP_LUT); x++) { - /* since we don't store z in the cache, don't use ltc_ecc_new_point() - * (which allocates space for z, only to have to free it later) */ - ecc_point *p = XCALLOC(1, sizeof(*p)); - - if (p == NULL) { - err = CRYPT_MEM; - goto ERR_OUT; - } - fp_cache[i].LUT[x] = p; - if ((err = mp_init_multi(&p->x, &p->y, NULL)) != CRYPT_OK) { - goto ERR_OUT; - } - p->z = NULL; - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, p->x, 1); - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, p->y, 1); - } - if((err = mp_init(&fp_cache[i].mu)) != CRYPT_OK) { - goto ERR_OUT; - } - LTC_SET_ASN1(asn1_list, j++, LTC_ASN1_INTEGER, fp_cache[i].mu, 1); - fp_cache[i].lru_count = 3; - fp_cache[i].lock = 1; - } - - if ((err = der_decode_sequence(in, inlen, asn1_list, j)) != CRYPT_OK) { - goto ERR_OUT; - } - XFREE(asn1_list); - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - return CRYPT_OK; -ERR_OUT: - if(asn1_list) - XFREE(asn1_list); - ltc_ecc_fp_free_cache(); - LTC_MUTEX_UNLOCK(<c_ecc_fp_lock); - return err; -} - -#endif - - -/* $Source: /cvs/libtom/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c,v $ */ -/* $Revision: 1.33 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/math/ltm_desc.c b/libtomcrypt/math/ltm_desc.c deleted file mode 100644 index 5d39309..0000000 --- a/libtomcrypt/math/ltm_desc.c +++ /dev/null @@ -1,483 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -#define DESC_DEF_ONLY -#include "tomcrypt.h" - -#ifdef LTM_DESC - -#include <tommath.h> - -static const struct { - int mpi_code, ltc_code; -} mpi_to_ltc_codes[] = { - { MP_OKAY , CRYPT_OK}, - { MP_MEM , CRYPT_MEM}, - { MP_VAL , CRYPT_INVALID_ARG}, -}; - -/** - Convert a MPI error to a LTC error (Possibly the most powerful function ever! Oh wait... no) - @param err The error to convert - @return The equivalent LTC error code or CRYPT_ERROR if none found -*/ -static int mpi_to_ltc_error(int err) -{ - int x; - - for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) { - if (err == mpi_to_ltc_codes[x].mpi_code) { - return mpi_to_ltc_codes[x].ltc_code; - } - } - return CRYPT_ERROR; -} - -static int init(void **a) -{ - int err; - - LTC_ARGCHK(a != NULL); - - *a = XCALLOC(1, sizeof(mp_int)); - if (*a == NULL) { - return CRYPT_MEM; - } - - if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) { - XFREE(*a); - } - return err; -} - -static void deinit(void *a) -{ - LTC_ARGCHKVD(a != NULL); - mp_clear(a); - XFREE(a); -} - -static int neg(void *a, void *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_neg(a, b)); -} - -static int copy(void *a, void *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_copy(a, b)); -} - -static int init_copy(void **a, void *b) -{ - if (init(a) != CRYPT_OK) { - return CRYPT_MEM; - } - return copy(b, *a); -} - -/* ---- trivial ---- */ -static int set_int(void *a, unsigned long b) -{ - LTC_ARGCHK(a != NULL); - return mpi_to_ltc_error(mp_set_int(a, b)); -} - -static unsigned long get_int(void *a) -{ - LTC_ARGCHK(a != NULL); - return mp_get_int(a); -} - -static unsigned long get_digit(void *a, int n) -{ - mp_int *A; - LTC_ARGCHK(a != NULL); - A = a; - return (n >= A->used || n < 0) ? 0 : A->dp[n]; -} - -static int get_digit_count(void *a) -{ - mp_int *A; - LTC_ARGCHK(a != NULL); - A = a; - return A->used; -} - -static int compare(void *a, void *b) -{ - int ret; - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - ret = mp_cmp(a, b); - switch (ret) { - case MP_LT: return LTC_MP_LT; - case MP_EQ: return LTC_MP_EQ; - case MP_GT: return LTC_MP_GT; - } - return 0; -} - -static int compare_d(void *a, unsigned long b) -{ - int ret; - LTC_ARGCHK(a != NULL); - ret = mp_cmp_d(a, b); - switch (ret) { - case MP_LT: return LTC_MP_LT; - case MP_EQ: return LTC_MP_EQ; - case MP_GT: return LTC_MP_GT; - } - return 0; -} - -static int count_bits(void *a) -{ - LTC_ARGCHK(a != NULL); - return mp_count_bits(a); -} - -static int count_lsb_bits(void *a) -{ - LTC_ARGCHK(a != NULL); - return mp_cnt_lsb(a); -} - - -static int twoexpt(void *a, int n) -{ - LTC_ARGCHK(a != NULL); - return mpi_to_ltc_error(mp_2expt(a, n)); -} - -/* ---- conversions ---- */ - -/* read ascii string */ -static int read_radix(void *a, const char *b, int radix) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_read_radix(a, b, radix)); -} - -/* write one */ -static int write_radix(void *a, char *b, int radix) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_toradix(a, b, radix)); -} - -/* get size as unsigned char string */ -static unsigned long unsigned_size(void *a) -{ - LTC_ARGCHK(a != NULL); - return mp_unsigned_bin_size(a); -} - -/* store */ -static int unsigned_write(void *a, unsigned char *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_to_unsigned_bin(a, b)); -} - -/* read */ -static int unsigned_read(void *a, unsigned char *b, unsigned long len) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len)); -} - -/* add */ -static int add(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_add(a, b, c)); -} - -static int addi(void *a, unsigned long b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_add_d(a, b, c)); -} - -/* sub */ -static int sub(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_sub(a, b, c)); -} - -static int subi(void *a, unsigned long b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_sub_d(a, b, c)); -} - -/* mul */ -static int mul(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_mul(a, b, c)); -} - -static int muli(void *a, unsigned long b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_mul_d(a, b, c)); -} - -/* sqr */ -static int sqr(void *a, void *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_sqr(a, b)); -} - -/* div */ -static int divide(void *a, void *b, void *c, void *d) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_div(a, b, c, d)); -} - -static int div_2(void *a, void *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_div_2(a, b)); -} - -/* modi */ -static int modi(void *a, unsigned long b, unsigned long *c) -{ - mp_digit tmp; - int err; - - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(c != NULL); - - if ((err = mpi_to_ltc_error(mp_mod_d(a, b, &tmp))) != CRYPT_OK) { - return err; - } - *c = tmp; - return CRYPT_OK; -} - -/* gcd */ -static int gcd(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_gcd(a, b, c)); -} - -/* lcm */ -static int lcm(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_lcm(a, b, c)); -} - -static int mulmod(void *a, void *b, void *c, void *d) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - LTC_ARGCHK(d != NULL); - return mpi_to_ltc_error(mp_mulmod(a,b,c,d)); -} - -static int sqrmod(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_sqrmod(a,b,c)); -} - -/* invmod */ -static int invmod(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_invmod(a, b, c)); -} - -/* setup */ -static int montgomery_setup(void *a, void **b) -{ - int err; - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - *b = XCALLOC(1, sizeof(mp_digit)); - if (*b == NULL) { - return CRYPT_MEM; - } - if ((err = mpi_to_ltc_error(mp_montgomery_setup(a, (mp_digit *)*b))) != CRYPT_OK) { - XFREE(*b); - } - return err; -} - -/* get normalization value */ -static int montgomery_normalization(void *a, void *b) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - return mpi_to_ltc_error(mp_montgomery_calc_normalization(a, b)); -} - -/* reduce */ -static int montgomery_reduce(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - return mpi_to_ltc_error(mp_montgomery_reduce(a, b, *((mp_digit *)c))); -} - -/* clean up */ -static void montgomery_deinit(void *a) -{ - XFREE(a); -} - -static int exptmod(void *a, void *b, void *c, void *d) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - LTC_ARGCHK(d != NULL); - return mpi_to_ltc_error(mp_exptmod(a,b,c,d)); -} - -static int isprime(void *a, int *b) -{ - int err; - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - err = mpi_to_ltc_error(mp_prime_is_prime(a, 8, b)); - *b = (*b == MP_YES) ? LTC_MP_YES : LTC_MP_NO; - return err; -} - -const ltc_math_descriptor ltm_desc = { - - "LibTomMath", - (int)DIGIT_BIT, - - &init, - &init_copy, - &deinit, - - &neg, - ©, - - &set_int, - &get_int, - &get_digit, - &get_digit_count, - &compare, - &compare_d, - &count_bits, - &count_lsb_bits, - &twoexpt, - - &read_radix, - &write_radix, - &unsigned_size, - &unsigned_write, - &unsigned_read, - - &add, - &addi, - &sub, - &subi, - &mul, - &muli, - &sqr, - ÷, - &div_2, - &modi, - &gcd, - &lcm, - - &mulmod, - &sqrmod, - &invmod, - - &montgomery_setup, - &montgomery_normalization, - &montgomery_reduce, - &montgomery_deinit, - - &exptmod, - &isprime, - -#ifdef LTC_MECC -#ifdef LTC_MECC_FP - <c_ecc_fp_mulmod, -#else - <c_ecc_mulmod, -#endif - <c_ecc_projective_add_point, - <c_ecc_projective_dbl_point, - <c_ecc_map, -#ifdef LTC_ECC_SHAMIR -#ifdef LTC_MECC_FP - <c_ecc_fp_mul2add, -#else - <c_ecc_mul2add, -#endif /* LTC_MECC_FP */ -#else - NULL, -#endif /* LTC_ECC_SHAMIR */ -#else - NULL, NULL, NULL, NULL, NULL, -#endif /* LTC_MECC */ - -#ifdef LTC_MRSA - &rsa_make_key, - &rsa_exptmod, -#else - NULL, NULL -#endif -}; - - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/math/ltm_desc.c,v $ */ -/* $Revision: 1.31 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/math/multi.c b/libtomcrypt/math/multi.c deleted file mode 100644 index 29e810d..0000000 --- a/libtomcrypt/math/multi.c +++ /dev/null @@ -1,61 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -#ifdef MPI -#include <stdarg.h> - -int ltc_init_multi(void **a, ...) -{ - void **cur = a; - int np = 0; - va_list args; - - va_start(args, a); - while (cur != NULL) { - if (mp_init(cur) != CRYPT_OK) { - /* failed */ - va_list clean_list; - - va_start(clean_list, a); - cur = a; - while (np--) { - mp_clear(*cur); - cur = va_arg(clean_list, void**); - } - va_end(clean_list); - return CRYPT_MEM; - } - ++np; - cur = va_arg(args, void**); - } - va_end(args); - return CRYPT_OK; -} - -void ltc_deinit_multi(void *a, ...) -{ - void *cur = a; - va_list args; - - va_start(args, a); - while (cur != NULL) { - mp_clear(cur); - cur = va_arg(args, void *); - } - va_end(args); -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/math/multi.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2006/12/28 01:27:23 $ */ diff --git a/libtomcrypt/misc/qsort.c b/libtomcrypt/misc/qsort.c new file mode 100644 index 0000000..72f5108 --- /dev/null +++ b/libtomcrypt/misc/qsort.c @@ -0,0 +1,247 @@ +/* Copyright (C) 1991,1992,1996,1997,1999,2004 Free Software Foundation, Inc. + This file is part of the GNU C Library. + Written by Douglas C. Schmidt (schmidt@ics.uci.edu). + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +/* If you consider tuning this algorithm, you should consult first: + Engineering a sort function; Jon Bentley and M. Douglas McIlroy; + Software - Practice and Experience; Vol. 23 (11), 1249-1265, 1993. */ + +#include <tomcrypt.h> + +/* Byte-wise swap two items of size SIZE. */ +#define SWAP(a, b, size) \ + do \ + { \ + register size_t __size = (size); \ + register char *__a = (a), *__b = (b); \ + do \ + { \ + char __tmp = *__a; \ + *__a++ = *__b; \ + *__b++ = __tmp; \ + } while (--__size > 0); \ + } while (0) + +/* Discontinue quicksort algorithm when partition gets below this size. + This particular magic number was chosen to work best on a Sun 4/260. */ +#define MAX_THRESH 4 + +/* Stack node declarations used to store unfulfilled partition obligations. */ +typedef struct + { + char *lo; + char *hi; + } stack_node; + +/* The next 4 #defines implement a very fast in-line stack abstraction. */ +/* The stack needs log (total_elements) entries (we could even subtract + log(MAX_THRESH)). Since total_elements has type size_t, we get as + upper bound for log (total_elements): + bits per byte (CHAR_BIT) * sizeof(size_t). */ +#define STACK_SIZE (CHAR_BIT * sizeof(size_t)) +#define PUSH(low, high) ((void) ((top->lo = (low)), (top->hi = (high)), ++top)) +#define POP(low, high) ((void) (--top, (low = top->lo), (high = top->hi))) +#define STACK_NOT_EMPTY (stack < top) + + +/* Order size using quicksort. This implementation incorporates + four optimizations discussed in Sedgewick: + + 1. Non-recursive, using an explicit stack of pointer that store the + next array partition to sort. To save time, this maximum amount + of space required to store an array of SIZE_MAX is allocated on the + stack. Assuming a 32-bit (64 bit) integer for size_t, this needs + only 32 * sizeof(stack_node) == 256 bytes (for 64 bit: 1024 bytes). + Pretty cheap, actually. + + 2. Chose the pivot element using a median-of-three decision tree. + This reduces the probability of selecting a bad pivot value and + eliminates certain extraneous comparisons. + + 3. Only quicksorts TOTAL_ELEMS / MAX_THRESH partitions, leaving + insertion sort to order the MAX_THRESH items within each partition. + This is a big win, since insertion sort is faster for small, mostly + sorted array segments. + + 4. The larger of the two sub-partitions is always pushed onto the + stack first, with the algorithm then concentrating on the + smaller partition. This *guarantees* no more than log (total_elems) + stack size is needed (actually O(1) in this case)! */ + +typedef int(*__compar_fn_t)(const void *, const void *); + +void +qsort (void *const pbase, size_t total_elems, size_t size, + __compar_fn_t cmp) +{ + register char *base_ptr = (char *) pbase; + + const size_t max_thresh = MAX_THRESH * size; + + if (total_elems == 0) + /* Avoid lossage with unsigned arithmetic below. */ + return; + + if (total_elems > MAX_THRESH) + { + char *lo = base_ptr; + char *hi = &lo[size * (total_elems - 1)]; + stack_node stack[STACK_SIZE]; + stack_node *top = stack; + + PUSH (NULL, NULL); + + while (STACK_NOT_EMPTY) + { + char *left_ptr; + char *right_ptr; + + /* Select median value from among LO, MID, and HI. Rearrange + LO and HI so the three values are sorted. This lowers the + probability of picking a pathological pivot value and + skips a comparison for both the LEFT_PTR and RIGHT_PTR in + the while loops. */ + + char *mid = lo + size * ((hi - lo) / size >> 1); + + if ((*cmp) ((void *) mid, (void *) lo) < 0) + SWAP (mid, lo, size); + if ((*cmp) ((void *) hi, (void *) mid) < 0) + SWAP (mid, hi, size); + else + goto jump_over; + if ((*cmp) ((void *) mid, (void *) lo) < 0) + SWAP (mid, lo, size); + jump_over:; + + left_ptr = lo + size; + right_ptr = hi - size; + + /* Here's the famous ``collapse the walls'' section of quicksort. + Gotta like those tight inner loops! They are the main reason + that this algorithm runs much faster than others. */ + do + { + while ((*cmp) ((void *) left_ptr, (void *) mid) < 0) + left_ptr += size; + + while ((*cmp) ((void *) mid, (void *) right_ptr) < 0) + right_ptr -= size; + + if (left_ptr < right_ptr) + { + SWAP (left_ptr, right_ptr, size); + if (mid == left_ptr) + mid = right_ptr; + else if (mid == right_ptr) + mid = left_ptr; + left_ptr += size; + right_ptr -= size; + } + else if (left_ptr == right_ptr) + { + left_ptr += size; + right_ptr -= size; + break; + } + } + while (left_ptr <= right_ptr); + + /* Set up pointers for next iteration. First determine whether + left and right partitions are below the threshold size. If so, + ignore one or both. Otherwise, push the larger partition's + bounds on the stack and continue sorting the smaller one. */ + + if ((size_t) (right_ptr - lo) <= max_thresh) + { + if ((size_t) (hi - left_ptr) <= max_thresh) + /* Ignore both small partitions. */ + POP (lo, hi); + else + /* Ignore small left partition. */ + lo = left_ptr; + } + else if ((size_t) (hi - left_ptr) <= max_thresh) + /* Ignore small right partition. */ + hi = right_ptr; + else if ((right_ptr - lo) > (hi - left_ptr)) + { + /* Push larger left partition indices. */ + PUSH (lo, right_ptr); + lo = left_ptr; + } + else + { + /* Push larger right partition indices. */ + PUSH (left_ptr, hi); + hi = right_ptr; + } + } + } + + /* Once the BASE_PTR array is partially sorted by quicksort the rest + is completely sorted using insertion sort, since this is efficient + for partitions below MAX_THRESH size. BASE_PTR points to the beginning + of the array to sort, and END_PTR points at the very last element in + the array (*not* one beyond it!). */ + + { + char *const end_ptr = &base_ptr[size * (total_elems - 1)]; + char *tmp_ptr = base_ptr; + char *thresh = min(end_ptr, base_ptr + max_thresh); + register char *run_ptr; + + /* Find smallest element in first threshold and place it at the + array's beginning. This is the smallest array element, + and the operation speeds up insertion sort's inner loop. */ + + for (run_ptr = tmp_ptr + size; run_ptr <= thresh; run_ptr += size) + if ((*cmp) ((void *) run_ptr, (void *) tmp_ptr) < 0) + tmp_ptr = run_ptr; + + if (tmp_ptr != base_ptr) + SWAP (tmp_ptr, base_ptr, size); + + /* Insertion sort, running from left-hand-side up to right-hand-side. */ + + run_ptr = base_ptr + size; + while ((run_ptr += size) <= end_ptr) + { + tmp_ptr = run_ptr - size; + while ((*cmp) ((void *) run_ptr, (void *) tmp_ptr) < 0) + tmp_ptr -= size; + + tmp_ptr += size; + if (tmp_ptr != run_ptr) + { + char *trav; + + trav = run_ptr + size; + while (--trav >= run_ptr) + { + char c = *trav; + char *hi, *lo; + + for (hi = lo = trav; (lo -= size) >= tmp_ptr; hi = lo) + *hi = *lo; + *hi = c; + } + } + } + } +} diff --git a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c b/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c index 328280d..d7b13cf 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c @@ -25,7 +25,7 @@ @param num The first mp_int to decode @return CRYPT_OK if successful */ -int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) +int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int_t num) { unsigned long x, y, z; int err; @@ -87,16 +87,16 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) /* see if it's negative */ if (in[x] & 0x80) { - void *tmp; + mp_int tmp; if (mp_init(&tmp) != CRYPT_OK) { return CRYPT_MEM; } - if (mp_2expt(tmp, mp_count_bits(num)) != CRYPT_OK || mp_sub(num, tmp, num) != CRYPT_OK) { - mp_clear(tmp); + if (mp_2expt(&tmp, mp_count_bits(num)) != CRYPT_OK || mp_sub(num, &tmp, num) != CRYPT_OK) { + mp_clear(&tmp); return CRYPT_MEM; } - mp_clear(tmp); + mp_clear(&tmp); } return CRYPT_OK; diff --git a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c b/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c index c1d0612..830446a 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c @@ -26,7 +26,7 @@ @param outlen [in/out] The max size and resulting size of the DER encoded integers @return CRYPT_OK if successful */ -int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) +int der_encode_integer(mp_int_t num, unsigned char *out, unsigned long *outlen) { unsigned long tmplen, y; int err, leading_zero; @@ -96,7 +96,7 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) return err; } } else if (mp_iszero(num) != LTC_MP_YES) { - void *tmp; + mp_int tmp; /* negative */ if (mp_init(&tmp) != CRYPT_OK) { @@ -107,15 +107,15 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) y = mp_count_bits(num); y = y + (8 - (y & 7)); if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) y -= 8; - if (mp_2expt(tmp, y) != CRYPT_OK || mp_add(tmp, num, tmp) != CRYPT_OK) { - mp_clear(tmp); + if (mp_2expt(&tmp, y) != CRYPT_OK || mp_add(&tmp, num, &tmp) != CRYPT_OK) { + mp_clear(&tmp); return CRYPT_MEM; } - if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) { - mp_clear(tmp); + if ((err = mp_to_unsigned_bin(&tmp, out)) != CRYPT_OK) { + mp_clear(&tmp); return err; } - mp_clear(tmp); + mp_clear(&tmp); } /* we good */ diff --git a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c b/libtomcrypt/pk/asn1/der/integer/der_length_integer.c index 9320b03..40addd5 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_length_integer.c @@ -23,7 +23,7 @@ @param outlen [out] The length of the DER encoding for the given integer @return CRYPT_OK if successful */ -int der_length_integer(void *num, unsigned long *outlen) +int der_length_integer(mp_int_t num, unsigned long *outlen) { unsigned long z, len; int leading_zero; diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 607d5eb..2e72dbd 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -122,17 +122,24 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc /* init field */ l->type = LTC_ASN1_INTEGER; l->size = 1; - if ((err = mp_init(&l->data)) != CRYPT_OK) { + + l->data = XMALLOC(sizeof(mp_int)); + if (l->data == NULL) { + err = CRYPT_MEM; + goto error; + } + + if ((err = mp_init((mp_int_t)l->data)) != CRYPT_OK) { goto error; } /* decode field */ - if ((err = der_decode_integer(in, *inlen, l->data)) != CRYPT_OK) { + if ((err = der_decode_integer(in, *inlen, (mp_int_t)l->data)) != CRYPT_OK) { goto error; } /* calc length of object */ - if ((err = der_length_integer(l->data, &len)) != CRYPT_OK) { + if ((err = der_length_integer((mp_int_t)l->data, &len)) != CRYPT_OK) { goto error; } break; diff --git a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c b/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c index a6769b3..a0e0d2d 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c +++ b/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c @@ -47,13 +47,13 @@ void der_sequence_free(ltc_asn1_list *in) case LTC_ASN1_SET: case LTC_ASN1_SETOF: case LTC_ASN1_SEQUENCE: break; - case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); } break; + case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); XFREE(in->data); } break; default : if (in->data != NULL) { XFREE(in->data); } } /* move to next and free current */ l = in->next; - free(in); + XFREE(in); in = l; } } diff --git a/libtomcrypt/pk/dsa/dsa_decrypt_key.c b/libtomcrypt/pk/dsa/dsa_decrypt_key.c deleted file mode 100644 index 0e193a6..0000000 --- a/libtomcrypt/pk/dsa/dsa_decrypt_key.c +++ /dev/null @@ -1,139 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_decrypt_key.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Decrypt an DSA encrypted key - @param in The ciphertext - @param inlen The length of the ciphertext (octets) - @param out [out] The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext - @param key The corresponding private DSA key - @return CRYPT_OK if successful -*/ -int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - dsa_key *key) -{ - unsigned char *skey, *expt; - void *g_pub; - unsigned long x, y, hashOID[32]; - int hash, err; - ltc_asn1_list decode[3]; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* right key type? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { - return err; - } - - hash = find_hash_oid(hashOID, decode[0].size); - if (hash_is_valid(hash) != CRYPT_OK) { - return CRYPT_INVALID_PACKET; - } - - /* we now have the hash! */ - - if ((err = mp_init(&g_pub)) != CRYPT_OK) { - return err; - } - - /* allocate memory */ - expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); - skey = XMALLOC(MAXBLOCKSIZE); - if (expt == NULL || skey == NULL) { - if (expt != NULL) { - XFREE(expt); - } - if (skey != NULL) { - XFREE(skey); - } - mp_clear(g_pub); - return CRYPT_MEM; - } - - LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL); - LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); - - /* read the structure in now */ - if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make shared key */ - x = mp_unsigned_bin_size(key->p) + 1; - if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - - y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE); - if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* ensure the hash of the shared secret is at least as big as the encrypt itself */ - if (decode[2].size > y) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* avoid buffer overflow */ - if (*outlen < decode[2].size) { - *outlen = decode[2].size; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* Decrypt the key */ - for (x = 0; x < decode[2].size; x++) { - out[x] = expt[x] ^ skey[x]; - } - *outlen = x; - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(expt, mp_unsigned_bin_size(key->p) + 1); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(expt); - XFREE(skey); - - mp_clear(g_pub); - - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_encrypt_key.c b/libtomcrypt/pk/dsa/dsa_encrypt_key.c deleted file mode 100644 index e369f62..0000000 --- a/libtomcrypt/pk/dsa/dsa_encrypt_key.c +++ /dev/null @@ -1,125 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_encrypt_key.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Encrypt a symmetric key with DSA - @param in The symmetric key you want to encrypt - @param inlen The length of the key to encrypt (octets) - @param out [out] The destination for the ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param hash The index of the hash you want to use - @param key The DSA key you want to encrypt to - @return CRYPT_OK if successful -*/ -int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - int hash, - dsa_key *key) -{ - unsigned char *expt, *skey; - void *g_pub, *g_priv; - unsigned long x, y; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - if (inlen > hash_descriptor[hash].hashsize) { - return CRYPT_INVALID_HASH; - } - - /* make a random key and export the public copy */ - if ((err = mp_init_multi(&g_pub, &g_priv, NULL)) != CRYPT_OK) { - return err; - } - - expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); - skey = XMALLOC(MAXBLOCKSIZE); - if (expt == NULL || skey == NULL) { - if (expt != NULL) { - XFREE(expt); - } - if (skey != NULL) { - XFREE(skey); - } - mp_clear_multi(g_pub, g_priv, NULL); - return CRYPT_MEM; - } - - /* make a random x, g^x pair */ - x = mp_unsigned_bin_size(key->q); - get_random_bytes( expt, x); - - /* load x */ - if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* compute y */ - if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make random key */ - x = mp_unsigned_bin_size(key->p) + 1; - if ((err = dsa_shared_secret(g_priv, key->y, key, expt, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - - y = MAXBLOCKSIZE; - if ((err = hash_memory(hash, expt, x, skey, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* Encrypt key */ - for (x = 0; x < inlen; x++) { - skey[x] ^= in[x]; - } - - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID, - LTC_ASN1_INTEGER, 1UL, g_pub, - LTC_ASN1_OCTET_STRING, inlen, skey, - LTC_ASN1_EOL, 0UL, NULL); - -LBL_ERR: -#ifdef LTC_CLEAN_STACK - /* clean up */ - zeromem(expt, mp_unsigned_bin_size(key->p) + 1); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(skey); - XFREE(expt); - - mp_clear_multi(g_pub, g_priv, NULL); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c,v $ */ -/* $Revision: 1.9 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_free.c b/libtomcrypt/pk/dsa/dsa_free.c index a589d16..37a330d 100644 --- a/libtomcrypt/pk/dsa/dsa_free.c +++ b/libtomcrypt/pk/dsa/dsa_free.c @@ -24,7 +24,7 @@ void dsa_free(dsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); + mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); } #endif diff --git a/libtomcrypt/pk/dsa/dsa_import.c b/libtomcrypt/pk/dsa/dsa_import.c index 6f6db8c..f6c07f1 100644 --- a/libtomcrypt/pk/dsa/dsa_import.c +++ b/libtomcrypt/pk/dsa/dsa_import.c @@ -31,7 +31,6 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) { @@ -69,17 +68,17 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } key->type = PK_PUBLIC; } - key->qord = mp_unsigned_bin_size(key->q); + key->qord = mp_unsigned_bin_size(&key->q); if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || - (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) { + (unsigned long)key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= LTC_MDSA_DELTA) { err = CRYPT_INVALID_PACKET; goto error; } return CRYPT_OK; error: - mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); + mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_make_key.c b/libtomcrypt/pk/dsa/dsa_make_key.c index ee33be0..7a6b516 100644 --- a/libtomcrypt/pk/dsa/dsa_make_key.c +++ b/libtomcrypt/pk/dsa/dsa_make_key.c @@ -26,12 +26,11 @@ */ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) { - void *tmp, *tmp2; + mp_int tmp, tmp2; int err, res; unsigned char *buf; LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* check size */ if (group_size >= LTC_MDSA_MAX_GROUP || group_size <= 15 || @@ -52,10 +51,10 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) } /* make our prime q */ - if ((err = rand_prime(key->q, group_size)) != CRYPT_OK) { goto error; } + if ((err = rand_prime(&key->q, group_size)) != CRYPT_OK) { goto error; } /* double q */ - if ((err = mp_add(key->q, key->q, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&key->q, &key->q, &tmp)) != CRYPT_OK) { goto error; } /* now make a random string and multply it against q */ get_random_bytes(buf+1, modulus_size - group_size); @@ -66,30 +65,30 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) /* force even */ buf[modulus_size - group_size - 1] &= ~1; - if ((err = mp_read_unsigned_bin(tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->q, tmp2, key->p)) != CRYPT_OK) { goto error; } - if ((err = mp_add_d(key->p, 1, key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&key->q, &tmp2, &key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(&key->p, 1, &key->p)) != CRYPT_OK) { goto error; } /* now loop until p is prime */ for (;;) { - if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { goto error; } + if ((err = mp_prime_is_prime(&key->p, 8, &res)) != CRYPT_OK) { goto error; } if (res == LTC_MP_YES) break; /* add 2q to p and 2 to tmp2 */ - if ((err = mp_add(tmp, key->p, key->p)) != CRYPT_OK) { goto error; } - if ((err = mp_add_d(tmp2, 2, tmp2)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&tmp, &key->p, &key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(&tmp2, 2, &tmp2)) != CRYPT_OK) { goto error; } } /* now p = (q * tmp2) + 1 is prime, find a value g for which g^tmp2 != 1 */ - mp_set(key->g, 1); + mp_set(&key->g, 1); do { - if ((err = mp_add_d(key->g, 1, key->g)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->g, tmp2, key->p, tmp)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(tmp, 1) == LTC_MP_EQ); + if ((err = mp_add_d(&key->g, 1, &key->g)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &tmp2, &key->p, &tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&tmp, 1) == LTC_MP_EQ); /* at this point tmp generates a group of order q mod p */ - mp_exch(tmp, key->g); + mp_exch(&tmp, &key->g); /* so now we have our DH structure, generator g, order q, modulus p Now we need a random exponent [mod q] and it's power g^x mod p @@ -97,9 +96,9 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) do { get_random_bytes(buf, group_size); - if ((err = mp_read_unsigned_bin(key->x, buf, group_size)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(key->x, 1) != LTC_MP_GT); - if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&key->x, 1) != LTC_MP_GT); + if ((err = mp_exptmod(&key->g, &key->x, &key->p, &key->y)) != CRYPT_OK) { goto error; } key->type = PK_PRIVATE; key->qord = group_size; @@ -111,9 +110,9 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) err = CRYPT_OK; goto done; error: - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); + mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); done: - mp_clear_multi(tmp, tmp2, NULL); + mp_clear_multi(&tmp, &tmp2, NULL); XFREE(buf); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_shared_secret.c b/libtomcrypt/pk/dsa/dsa_shared_secret.c deleted file mode 100644 index ba7170f..0000000 --- a/libtomcrypt/pk/dsa/dsa_shared_secret.c +++ /dev/null @@ -1,72 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_shared_secret.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Create a DSA shared secret between two keys - @param private_key The private DSA key (the exponent) - @param base The base of the exponentiation (allows this to be used for both encrypt and decrypt) - @param public_key The public key - @param out [out] Destination of the shared secret - @param outlen [in/out] The max size and resulting size of the shared secret - @return CRYPT_OK if successful -*/ -int dsa_shared_secret(void *private_key, void *base, - dsa_key *public_key, - unsigned char *out, unsigned long *outlen) -{ - unsigned long x; - void *res; - int err; - - LTC_ARGCHK(private_key != NULL); - LTC_ARGCHK(public_key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* make new point */ - if ((err = mp_init(&res)) != CRYPT_OK) { - return err; - } - - if ((err = mp_exptmod(base, private_key, public_key->p, res)) != CRYPT_OK) { - mp_clear(res); - return err; - } - - x = (unsigned long)mp_unsigned_bin_size(res); - if (*outlen < x) { - *outlen = x; - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - zeromem(out, x); - if ((err = mp_to_unsigned_bin(res, out + (x - mp_unsigned_bin_size(res)))) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; - *outlen = x; -done: - mp_clear(res); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_shared_secret.c,v $ */ -/* $Revision: 1.9 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_sign_hash.c b/libtomcrypt/pk/dsa/dsa_sign_hash.c index d24bdab..0b542a4 100644 --- a/libtomcrypt/pk/dsa/dsa_sign_hash.c +++ b/libtomcrypt/pk/dsa/dsa_sign_hash.c @@ -27,10 +27,10 @@ @return CRYPT_OK if successful */ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, - void *r, void *s, + mp_int_t r, mp_int_t s, dsa_key *key) { - void *k, *kinv, *tmp; + mp_int k, kinv, tmp; unsigned char *buf; int err; @@ -63,35 +63,35 @@ retry: get_random_bytes(buf, key->qord); /* read k */ - if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != CRYPT_OK) { goto error; } /* k > 1 ? */ - if (mp_cmp_d(k, 1) != LTC_MP_GT) { goto retry; } + if (mp_cmp_d(&k, 1) != LTC_MP_GT) { goto retry; } /* test gcd */ - if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ); + if ((err = mp_gcd(&k, &key->q, &tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&tmp, 1) != LTC_MP_EQ); /* now find 1/k mod q */ - if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK) { goto error; } + if ((err = mp_invmod(&k, &key->q, &kinv)) != CRYPT_OK) { goto error; } /* now find r = g^k mod p mod q */ - if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(r, key->q, r)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(r, &key->q, r)) != CRYPT_OK) { goto error; } if (mp_iszero(r) == LTC_MP_YES) { goto retry; } /* now find s = (in + xr)/k mod q */ - if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; } - if ((err = mp_add(s, tmp, s)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&key->x, r, s)) != CRYPT_OK) { goto error; } + if ((err = mp_add(s, &tmp, s)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(s, &kinv, &key->q, s)) != CRYPT_OK) { goto error; } if (mp_iszero(s) == LTC_MP_YES) { goto retry; } err = CRYPT_OK; error: - mp_clear_multi(k, kinv, tmp, NULL); + mp_clear_multi(&k, &kinv, &tmp, NULL); ERRBUF: #ifdef LTC_CLEAN_STACK zeromem(buf, LTC_MDSA_MAX_GROUP); @@ -113,7 +113,7 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, dsa_key *key) { - void *r, *s; + mp_int r, s; int err; LTC_ARGCHK(in != NULL); @@ -125,17 +125,17 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, return CRYPT_MEM; } - if ((err = dsa_sign_hash_raw(in, inlen, r, s, key)) != CRYPT_OK) { + if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, key)) != CRYPT_OK) { goto error; } err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, &r, + LTC_ASN1_INTEGER, 1UL, &s, LTC_ASN1_EOL, 0UL, NULL); error: - mp_clear_multi(r, s, NULL); + mp_clear_multi(&r, &s, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_verify_hash.c b/libtomcrypt/pk/dsa/dsa_verify_hash.c index 9014823..3a82d1b 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_hash.c +++ b/libtomcrypt/pk/dsa/dsa_verify_hash.c @@ -28,11 +28,11 @@ @param key The corresponding public DH key @return CRYPT_OK if successful (even if the signature is invalid) */ -int dsa_verify_hash_raw( void *r, void *s, +int dsa_verify_hash_raw( mp_int_t r, mp_int_t s, const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { - void *w, *v, *u1, *u2; + mp_int w, v, u1, u2; int err; LTC_ARGCHK(r != NULL); @@ -49,35 +49,35 @@ int dsa_verify_hash_raw( void *r, void *s, } /* neither r or s can be null or >q*/ - if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { + if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, &key->q) != LTC_MP_LT || mp_cmp(s, &key->q) != LTC_MP_LT) { err = CRYPT_INVALID_PACKET; goto error; } /* w = 1/s mod q */ - if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } + if ((err = mp_invmod(s, &key->q, &w)) != CRYPT_OK) { goto error; } /* u1 = m * w mod q */ - if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != CRYPT_OK) { goto error; } /* u2 = r*w mod q */ - if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(r, &w, &key->q, &u2)) != CRYPT_OK) { goto error; } /* v = g^u1 * y^u2 mod p mod q */ - if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(&v, &key->q, &v)) != CRYPT_OK) { goto error; } /* if r = v then we're set */ - if (mp_cmp(r, v) == LTC_MP_EQ) { + if (mp_cmp(r, &v) == LTC_MP_EQ) { *stat = 1; } err = CRYPT_OK; error: - mp_clear_multi(w, v, u1, u2, NULL); + mp_clear_multi(&w, &v, &u1, &u2, NULL); return err; } @@ -96,7 +96,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, int *stat, dsa_key *key) { int err; - void *r, *s; + mp_int r, s; if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { return CRYPT_MEM; @@ -104,17 +104,17 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, &r, + LTC_ASN1_INTEGER, 1UL, &s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } /* do the op */ - err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key); + err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); LBL_ERR: - mp_clear_multi(r, s, NULL); + mp_clear_multi(&r, &s, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_verify_key.c b/libtomcrypt/pk/dsa/dsa_verify_key.c index e80ced5..71635d2 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_key.c +++ b/libtomcrypt/pk/dsa/dsa_verify_key.c @@ -25,7 +25,7 @@ */ int dsa_verify_key(dsa_key *key, int *stat) { - void *tmp, *tmp2; + mp_int tmp, tmp2; int res, err; LTC_ARGCHK(key != NULL); @@ -35,14 +35,14 @@ int dsa_verify_key(dsa_key *key, int *stat) *stat = 0; /* first make sure key->q and key->p are prime */ - if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(&key->q, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { return CRYPT_OK; } - if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(&key->p, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { @@ -50,38 +50,38 @@ int dsa_verify_key(dsa_key *key, int *stat) } /* now make sure that g is not -1, 0 or 1 and <p */ - if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) { + if (mp_cmp_d(&key->g, 0) == LTC_MP_EQ || mp_cmp_d(&key->g, 1) == LTC_MP_EQ) { return CRYPT_OK; } if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) { + if ((err = mp_sub_d(&key->p, 1, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp(&tmp, &key->g) == LTC_MP_EQ || mp_cmp(&key->g, &key->p) != LTC_MP_LT) { err = CRYPT_OK; goto error; } /* 1 < y < p-1 */ - if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) { + if (!(mp_cmp_d(&key->y, 1) == LTC_MP_GT && mp_cmp(&key->y, &tmp) == LTC_MP_LT)) { err = CRYPT_OK; goto error; } /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ - if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; } - if (mp_iszero(tmp2) != LTC_MP_YES) { + if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != CRYPT_OK) { goto error; } + if (mp_iszero(&tmp2) != LTC_MP_YES) { err = CRYPT_OK; goto error; } - if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(&tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; goto error; } /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ - if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(&tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; goto error; } @@ -90,7 +90,7 @@ int dsa_verify_key(dsa_key *key, int *stat) err = CRYPT_OK; *stat = 1; error: - mp_clear_multi(tmp, tmp2, NULL); + mp_clear_multi(&tmp, &tmp2, NULL); return err; } #endif diff --git a/libtomcrypt/pk/ecc/ecc.c b/libtomcrypt/pk/ecc/ecc.c deleted file mode 100644 index 60fef9a..0000000 --- a/libtomcrypt/pk/ecc/ecc.c +++ /dev/null @@ -1,127 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ -const ltc_ecc_set_type ltc_ecc_sets[] = { -#ifdef ECC112 -{ - 14, - "SECP112R1", - "DB7C2ABF62E35E668076BEAD208B", - "659EF8BA043916EEDE8911702B22", - "DB7C2ABF62E35E7628DFAC6561C5", - "09487239995A5EE76B55F9C2F098", - "A89CE5AF8724C0A23E0E0FF77500" -}, -#endif -#ifdef ECC128 -{ - 16, - "SECP128R1", - "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - "E87579C11079F43DD824993C2CEE5ED3", - "FFFFFFFE0000000075A30D1B9038A115", - "161FF7528B899B2D0C28607CA52C5B86", - "CF5AC8395BAFEB13C02DA292DDED7A83", -}, -#endif -#ifdef ECC160 -{ - 20, - "SECP160R1", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", - "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", - "0100000000000000000001F4C8F927AED3CA752257", - "4A96B5688EF573284664698968C38BB913CBFC82", - "23A628553168947D59DCC912042351377AC5FB32", -}, -#endif -#ifdef ECC192 -{ - 24, - "ECC-192", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", - "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", - "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", - "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811", -}, -#endif -#ifdef ECC224 -{ - 28, - "ECC-224", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", - "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", - "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", - "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", -}, -#endif -#ifdef ECC256 -{ - 32, - "ECC-256", - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", - "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", - "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", - "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", - "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", -}, -#endif -#ifdef ECC384 -{ - 48, - "ECC-384", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", - "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", - "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", - "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", -}, -#endif -#ifdef ECC521 -{ - 66, - "ECC-521", - "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", - "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", - "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", - "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", - "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", -}, -#endif -{ - 0, - NULL, NULL, NULL, NULL, NULL, NULL -} -}; - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc.c,v $ */ -/* $Revision: 1.40 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c b/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c deleted file mode 100644 index e0ef8fa..0000000 --- a/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c +++ /dev/null @@ -1,72 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_ansi_x963_export.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** ECC X9.63 (Sec. 4.3.6) uncompressed export - @param key Key to export - @param out [out] destination of export - @param outlen [in/out] Length of destination and final output size - Return CRYPT_OK on success -*/ -int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen) -{ - unsigned char buf[ECC_BUF_SIZE]; - unsigned long numlen; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - numlen = key->dp->size; - - if (*outlen < (1 + 2*numlen)) { - *outlen = 1 + 2*numlen; - return CRYPT_BUFFER_OVERFLOW; - } - - /* store byte 0x04 */ - out[0] = 0x04; - - /* pad and store x */ - zeromem(buf, sizeof(buf)); - mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(key->pubkey.x))); - XMEMCPY(out+1, buf, numlen); - - /* pad and store y */ - zeromem(buf, sizeof(buf)); - mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(key->pubkey.y))); - XMEMCPY(out+1+numlen, buf, numlen); - - *outlen = 1 + 2*numlen; - return CRYPT_OK; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c b/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c deleted file mode 100644 index bfe4fa1..0000000 --- a/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c +++ /dev/null @@ -1,104 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_ansi_x963_import.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** Import an ANSI X9.63 format public key - @param in The input data to read - @param inlen The length of the input data - @param key [out] destination to store imported key \ -*/ -int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key) -{ - return ecc_ansi_x963_import_ex(in, inlen, key, NULL); -} - -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp) -{ - int x, err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - - /* must be odd */ - if ((inlen & 1) == 0) { - return CRYPT_INVALID_ARG; - } - - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* check for 4, 6 or 7 */ - if (in[0] != 4 && in[0] != 6 && in[0] != 7) { - err = CRYPT_INVALID_PACKET; - goto error; - } - - /* read data */ - if ((err = mp_read_unsigned_bin(key->pubkey.x, (unsigned char *)in+1, (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - - if ((err = mp_read_unsigned_bin(key->pubkey.y, (unsigned char *)in+1+((inlen-1)>>1), (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; } - - if (dp == NULL) { - /* determine the idx */ - for (x = 0; ltc_ecc_sets[x].size != 0; x++) { - if ((unsigned)ltc_ecc_sets[x].size >= ((inlen-1)>>1)) { - break; - } - } - if (ltc_ecc_sets[x].size == 0) { - err = CRYPT_INVALID_PACKET; - goto error; - } - /* set the idx */ - key->idx = x; - key->dp = <c_ecc_sets[x]; - } else { - if (((inlen-1)>>1) != (unsigned long) dp->size) { - err = CRYPT_INVALID_PACKET; - goto error; - } - key->idx = -1; - key->dp = dp; - } - key->type = PK_PUBLIC; - - /* we're done */ - return CRYPT_OK; -error: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ecc_decrypt_key.c b/libtomcrypt/pk/ecc/ecc_decrypt_key.c deleted file mode 100644 index 76c74e6..0000000 --- a/libtomcrypt/pk/ecc/ecc_decrypt_key.c +++ /dev/null @@ -1,150 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_decrypt_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Decrypt an ECC encrypted key - @param in The ciphertext - @param inlen The length of the ciphertext (octets) - @param out [out] The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext - @param key The corresponding private ECC key - @return CRYPT_OK if successful -*/ -int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key) -{ - unsigned char *ecc_shared, *skey, *pub_expt; - unsigned long x, y, hashOID[32]; - int hash, err; - ecc_key pubkey; - ltc_asn1_list decode[3]; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* right key type? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { - return err; - } - - hash = find_hash_oid(hashOID, decode[0].size); - if (hash_is_valid(hash) != CRYPT_OK) { - return CRYPT_INVALID_PACKET; - } - - /* we now have the hash! */ - - /* allocate memory */ - pub_expt = XMALLOC(ECC_BUF_SIZE); - ecc_shared = XMALLOC(ECC_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) { - if (pub_expt != NULL) { - XFREE(pub_expt); - } - if (ecc_shared != NULL) { - XFREE(ecc_shared); - } - if (skey != NULL) { - XFREE(skey); - } - return CRYPT_MEM; - } - LTC_SET_ASN1(decode, 1, LTC_ASN1_OCTET_STRING, pub_expt, ECC_BUF_SIZE); - LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); - - /* read the structure in now */ - if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* import ECC key from packet */ - if ((err = ecc_import(decode[1].data, decode[1].size, &pubkey)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make shared key */ - x = ECC_BUF_SIZE; - if ((err = ecc_shared_secret(key, &pubkey, ecc_shared, &x)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - ecc_free(&pubkey); - - y = MIN(ECC_BUF_SIZE, MAXBLOCKSIZE); - if ((err = hash_memory(hash, ecc_shared, x, ecc_shared, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* ensure the hash of the shared secret is at least as big as the encrypt itself */ - if (decode[2].size > y) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* avoid buffer overflow */ - if (*outlen < decode[2].size) { - *outlen = decode[2].size; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* Decrypt the key */ - for (x = 0; x < decode[2].size; x++) { - out[x] = skey[x] ^ ecc_shared[x]; - } - *outlen = x; - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(pub_expt, ECC_BUF_SIZE); - zeromem(ecc_shared, ECC_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(pub_expt); - XFREE(ecc_shared); - XFREE(skey); - - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_encrypt_key.c b/libtomcrypt/pk/ecc/ecc_encrypt_key.c deleted file mode 100644 index c55794c..0000000 --- a/libtomcrypt/pk/ecc/ecc_encrypt_key.c +++ /dev/null @@ -1,128 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_encrypt_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Encrypt a symmetric key with ECC - @param in The symmetric key you want to encrypt - @param inlen The length of the key to encrypt (octets) - @param out [out] The destination for the ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param hash The index of the hash you want to use - @param key The ECC key you want to encrypt to - @return CRYPT_OK if successful -*/ -int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - int hash, ecc_key *key) -{ - unsigned char *pub_expt, *ecc_shared, *skey; - ecc_key pubkey; - unsigned long x, y, pubkeysize; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - if (inlen > hash_descriptor[hash].hashsize) { - return CRYPT_INVALID_HASH; - } - - /* make a random key and export the public copy */ - if ((err = ecc_make_key_ex(&pubkey, key->dp)) != CRYPT_OK) { - return err; - } - - pub_expt = XMALLOC(ECC_BUF_SIZE); - ecc_shared = XMALLOC(ECC_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) { - if (pub_expt != NULL) { - XFREE(pub_expt); - } - if (ecc_shared != NULL) { - XFREE(ecc_shared); - } - if (skey != NULL) { - XFREE(skey); - } - ecc_free(&pubkey); - return CRYPT_MEM; - } - - pubkeysize = ECC_BUF_SIZE; - if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - - /* make random key */ - x = ECC_BUF_SIZE; - if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - ecc_free(&pubkey); - y = MAXBLOCKSIZE; - if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* Encrypt key */ - for (x = 0; x < inlen; x++) { - skey[x] ^= in[x]; - } - - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID, - LTC_ASN1_OCTET_STRING, pubkeysize, pub_expt, - LTC_ASN1_OCTET_STRING, inlen, skey, - LTC_ASN1_EOL, 0UL, NULL); - -LBL_ERR: -#ifdef LTC_CLEAN_STACK - /* clean up */ - zeromem(pub_expt, ECC_BUF_SIZE); - zeromem(ecc_shared, ECC_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(skey); - XFREE(ecc_shared); - XFREE(pub_expt); - - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_export.c b/libtomcrypt/pk/ecc/ecc_export.c deleted file mode 100644 index 7d0fd24..0000000 --- a/libtomcrypt/pk/ecc/ecc_export.c +++ /dev/null @@ -1,82 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_export.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Export an ECC key as a binary packet - @param out [out] Destination for the key - @param outlen [in/out] Max size and resulting size of the exported key - @param type The type of key you want to export (PK_PRIVATE or PK_PUBLIC) - @param key The key to export - @return CRYPT_OK if successful -*/ -int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) -{ - int err; - unsigned char flags[1]; - unsigned long key_size; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* type valid? */ - if (key->type != PK_PRIVATE && type == PK_PRIVATE) { - return CRYPT_PK_TYPE_MISMATCH; - } - - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - - /* we store the NIST byte size */ - key_size = key->dp->size; - - if (type == PK_PRIVATE) { - flags[0] = 1; - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_INTEGER, 1UL, key->k, - LTC_ASN1_EOL, 0UL, NULL); - } else { - flags[0] = 0; - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_EOL, 0UL, NULL); - } - - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_export.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_free.c b/libtomcrypt/pk/ecc/ecc_free.c deleted file mode 100644 index bfd233d..0000000 --- a/libtomcrypt/pk/ecc/ecc_free.c +++ /dev/null @@ -1,40 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_free.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Free an ECC key from memory - @param key The key you wish to free -*/ -void ecc_free(ecc_key *key) -{ - LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_free.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_get_size.c b/libtomcrypt/pk/ecc/ecc_get_size.c deleted file mode 100644 index db2779a..0000000 --- a/libtomcrypt/pk/ecc/ecc_get_size.c +++ /dev/null @@ -1,44 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_get_size.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Get the size of an ECC key - @param key The key to get the size of - @return The size (octets) of the key or INT_MAX on error -*/ -int ecc_get_size(ecc_key *key) -{ - LTC_ARGCHK(key != NULL); - if (ltc_ecc_is_valid_idx(key->idx)) - return key->dp->size; - else - return INT_MAX; /* large value known to cause it to fail when passed to ecc_make_key() */ -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_get_size.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_import.c b/libtomcrypt/pk/ecc/ecc_import.c deleted file mode 100644 index e843a33..0000000 --- a/libtomcrypt/pk/ecc/ecc_import.c +++ /dev/null @@ -1,172 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_import.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -static int is_point(ecc_key *key) -{ - void *prime, *b, *t1, *t2; - int err; - - if ((err = mp_init_multi(&prime, &b, &t1, &t2, NULL)) != CRYPT_OK) { - return err; - } - - /* load prime and b */ - if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) { goto error; } - - /* compute y^2 */ - if ((err = mp_sqr(key->pubkey.y, t1)) != CRYPT_OK) { goto error; } - - /* compute x^3 */ - if ((err = mp_sqr(key->pubkey.x, t2)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->pubkey.x, t2, t2)) != CRYPT_OK) { goto error; } - - /* compute y^2 - x^3 */ - if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) { goto error; } - - /* compute y^2 - x^3 + 3x */ - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(t1, prime, t1)) != CRYPT_OK) { goto error; } - while (mp_cmp_d(t1, 0) == LTC_MP_LT) { - if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) { goto error; } - } - while (mp_cmp(t1, prime) != LTC_MP_LT) { - if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) { goto error; } - } - - /* compare to b */ - if (mp_cmp(t1, b) != LTC_MP_EQ) { - err = CRYPT_INVALID_PACKET; - } else { - err = CRYPT_OK; - } - -error: - mp_clear_multi(prime, b, t1, t2, NULL); - return err; -} - -/** - Import an ECC key from a binary packet - @param in The packet to import - @param inlen The length of the packet - @param key [out] The destination of the import - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key) -{ - return ecc_import_ex(in, inlen, key, NULL); -} - -/** - Import an ECC key from a binary packet, using user supplied domain params rather than one of the NIST ones - @param in The packet to import - @param inlen The length of the packet - @param key [out] The destination of the import - @param dp pointer to user supplied params; must be the same as the params used when exporting - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) -{ - unsigned long key_size; - unsigned char flags[1]; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* find out what type of key it is */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, &flags, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - - - if (flags[0] == 1) { - /* private key */ - key->type = PK_PRIVATE; - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_INTEGER, 1UL, key->k, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - } else { - /* public key */ - key->type = PK_PUBLIC; - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - } - - if (dp == NULL) { - /* find the idx */ - for (key->idx = 0; ltc_ecc_sets[key->idx].size && (unsigned long)ltc_ecc_sets[key->idx].size != key_size; ++key->idx); - if (ltc_ecc_sets[key->idx].size == 0) { - err = CRYPT_INVALID_PACKET; - goto done; - } - key->dp = <c_ecc_sets[key->idx]; - } else { - key->idx = -1; - key->dp = dp; - } - /* set z */ - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; } - - /* is it a point on the curve? */ - if ((err = is_point(key)) != CRYPT_OK) { - goto done; - } - - /* we're good */ - return CRYPT_OK; -done: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); - return err; -} -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_import.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_make_key.c b/libtomcrypt/pk/ecc/ecc_make_key.c deleted file mode 100644 index 06bb457..0000000 --- a/libtomcrypt/pk/ecc/ecc_make_key.c +++ /dev/null @@ -1,120 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_make_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Make a new ECC key - @param keysize The keysize for the new key (in octets from 20 to 65 bytes) - @param key [out] Destination of the newly created key - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_make_key(int keysize, ecc_key *key) -{ - int x, err; - - /* find key size */ - for (x = 0; (keysize > ltc_ecc_sets[x].size) && (ltc_ecc_sets[x].size != 0); x++); - keysize = ltc_ecc_sets[x].size; - - if (keysize > ECC_MAXSIZE || ltc_ecc_sets[x].size == 0) { - return CRYPT_INVALID_KEYSIZE; - } - err = ecc_make_key_ex(key, <c_ecc_sets[x]); - key->idx = x; - return err; -} - -int ecc_make_key_ex(ecc_key *key, const ltc_ecc_set_type *dp) -{ - int err; - ecc_point *base; - void *prime, *order; - unsigned char *buf; - int keysize; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - LTC_ARGCHK(dp != NULL); - - key->idx = -1; - key->dp = dp; - keysize = dp->size; - - /* allocate ram */ - base = NULL; - buf = XMALLOC(ECC_MAXSIZE); - if (buf == NULL) { - return CRYPT_MEM; - } - - /* make up random string */ - get_random_bytes(buf, (unsigned long)keysize); - - /* setup the key variables */ - if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, &order, NULL)) != CRYPT_OK) { - goto ERR_BUF; - } - base = ltc_ecc_new_point(); - if (base == NULL) { - err = CRYPT_MEM; - goto errkey; - } - - /* read in the specs for this key */ - if ((err = mp_read_radix(prime, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(order, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_set(base->z, 1)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)buf, keysize)) != CRYPT_OK) { goto errkey; } - - /* the key should be smaller than the order of base point */ - if (mp_cmp(key->k, order) != LTC_MP_LT) { - if((err = mp_mod(key->k, order, key->k)) != CRYPT_OK) { goto errkey; } - } - /* make the public key */ - if ((err = ltc_mp.ecc_ptmul(key->k, base, &key->pubkey, prime, 1)) != CRYPT_OK) { goto errkey; } - key->type = PK_PRIVATE; - - /* free up ram */ - err = CRYPT_OK; - goto cleanup; -errkey: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); -cleanup: - ltc_ecc_del_point(base); - mp_clear_multi(prime, order, NULL); -ERR_BUF: -#ifdef LTC_CLEAN_STACK - zeromem(buf, ECC_MAXSIZE); -#endif - XFREE(buf); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_make_key.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_shared_secret.c b/libtomcrypt/pk/ecc/ecc_shared_secret.c deleted file mode 100644 index 9ac6ca2..0000000 --- a/libtomcrypt/pk/ecc/ecc_shared_secret.c +++ /dev/null @@ -1,95 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_shared_secret.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Create an ECC shared secret between two keys - @param private_key The private ECC key - @param public_key The public key - @param out [out] Destination of the shared secret (Conforms to EC-DH from ANSI X9.63) - @param outlen [in/out] The max size and resulting size of the shared secret - @return CRYPT_OK if successful -*/ -int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, - unsigned char *out, unsigned long *outlen) -{ - unsigned long x; - ecc_point *result; - void *prime; - int err; - - LTC_ARGCHK(private_key != NULL); - LTC_ARGCHK(public_key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* type valid? */ - if (private_key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - - if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) { - return CRYPT_PK_TYPE_MISMATCH; - } - - /* make new point */ - result = ltc_ecc_new_point(); - if (result == NULL) { - return CRYPT_MEM; - } - - if ((err = mp_init(&prime)) != CRYPT_OK) { - ltc_ecc_del_point(result); - return err; - } - - if ((err = mp_read_radix(prime, (char *)private_key->dp->prime, 16)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1)) != CRYPT_OK) { goto done; } - - x = (unsigned long)mp_unsigned_bin_size(prime); - if (*outlen < x) { - *outlen = x; - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - zeromem(out, x); - if ((err = mp_to_unsigned_bin(result->x, out + (x - mp_unsigned_bin_size(result->x)))) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; - *outlen = x; -done: - mp_clear(prime); - ltc_ecc_del_point(result); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_shared_secret.c,v $ */ -/* $Revision: 1.10 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_sign_hash.c b/libtomcrypt/pk/ecc/ecc_sign_hash.c deleted file mode 100644 index 90fa743..0000000 --- a/libtomcrypt/pk/ecc/ecc_sign_hash.c +++ /dev/null @@ -1,108 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_sign_hash.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Sign a message digest - @param in The message digest to sign - @param inlen The length of the digest - @param out [out] The destination for the signature - @param outlen [in/out] The max size and resulting size of the signature - @param key A private ECC key - @return CRYPT_OK if successful -*/ -int ecc_sign_hash(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key) -{ - ecc_key pubkey; - void *r, *s, *e, *p; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* is this a private key? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - - /* get the hash and load it as a bignum into 'e' */ - /* init the bignums */ - if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) { - return err; - } - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; } - if ((err = mp_read_unsigned_bin(e, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto errnokey; } - - /* make up a key and export the public copy */ - for (;;) { - if ((err = ecc_make_key_ex(&pubkey, key->dp)) != CRYPT_OK) { - goto errnokey; - } - - /* find r = x1 mod n */ - if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; } - - if (mp_iszero(r) == LTC_MP_YES) { - ecc_free(&pubkey); - } else { - /* find s = (e + xr)/k */ - if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */ - if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */ - if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mod(s, p, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK) { goto error; } /* s = (e + xr)/k */ - ecc_free(&pubkey); - if (mp_iszero(s) == LTC_MP_NO) { - break; - } - } - } - - /* store as SEQUENCE { r, s -- integer } */ - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, - LTC_ASN1_EOL, 0UL, NULL); - goto errnokey; -error: - ecc_free(&pubkey); -errnokey: - mp_clear_multi(r, s, p, e, NULL); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sign_hash.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_sizes.c b/libtomcrypt/pk/ecc/ecc_sizes.c deleted file mode 100644 index 19eca52..0000000 --- a/libtomcrypt/pk/ecc/ecc_sizes.c +++ /dev/null @@ -1,48 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_sizes.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -void ecc_sizes(int *low, int *high) -{ - int i; - LTC_ARGCHKVD(low != NULL); - LTC_ARGCHKVD(high != NULL); - - *low = INT_MAX; - *high = 0; - for (i = 0; ltc_ecc_sets[i].size != 0; i++) { - if (ltc_ecc_sets[i].size < *low) { - *low = ltc_ecc_sets[i].size; - } - if (ltc_ecc_sets[i].size > *high) { - *high = ltc_ecc_sets[i].size; - } - } -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sizes.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_test.c b/libtomcrypt/pk/ecc/ecc_test.c deleted file mode 100644 index aa685e8..0000000 --- a/libtomcrypt/pk/ecc/ecc_test.c +++ /dev/null @@ -1,95 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_test.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Perform on the ECC system - @return CRYPT_OK if successful -*/ -int ecc_test(void) -{ - void *modulus, *order; - ecc_point *G, *GG; - int i, err, primality; - - if ((err = mp_init_multi(&modulus, &order, NULL)) != CRYPT_OK) { - return err; - } - - G = ltc_ecc_new_point(); - GG = ltc_ecc_new_point(); - if (G == NULL || GG == NULL) { - mp_clear_multi(modulus, order, NULL); - ltc_ecc_del_point(G); - ltc_ecc_del_point(GG); - return CRYPT_MEM; - } - - for (i = 0; ltc_ecc_sets[i].size; i++) { - #if 0 - printf("Testing %d\n", ltc_ecc_sets[i].size); - #endif - if ((err = mp_read_radix(modulus, (char *)ltc_ecc_sets[i].prime, 16)) != CRYPT_OK) { goto done; } - if ((err = mp_read_radix(order, (char *)ltc_ecc_sets[i].order, 16)) != CRYPT_OK) { goto done; } - - /* is prime actually prime? */ - if ((err = mp_prime_is_prime(modulus, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality == 0) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - /* is order prime ? */ - if ((err = mp_prime_is_prime(order, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality == 0) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - if ((err = mp_read_radix(G->x, (char *)ltc_ecc_sets[i].Gx, 16)) != CRYPT_OK) { goto done; } - if ((err = mp_read_radix(G->y, (char *)ltc_ecc_sets[i].Gy, 16)) != CRYPT_OK) { goto done; } - mp_set(G->z, 1); - - /* then we should have G == (order + 1)G */ - if ((err = mp_add_d(order, 1, order)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptmul(order, G, GG, modulus, 1)) != CRYPT_OK) { goto done; } - if (mp_cmp(G->x, GG->x) != LTC_MP_EQ || mp_cmp(G->y, GG->y) != LTC_MP_EQ) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - } - err = CRYPT_OK; -done: - ltc_ecc_del_point(GG); - ltc_ecc_del_point(G); - mp_clear_multi(order, modulus, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_test.c,v $ */ -/* $Revision: 1.12 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_verify_hash.c b/libtomcrypt/pk/ecc/ecc_verify_hash.c deleted file mode 100644 index a5780b3..0000000 --- a/libtomcrypt/pk/ecc/ecc_verify_hash.c +++ /dev/null @@ -1,165 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_verify_hash.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/* verify - * - * w = s^-1 mod n - * u1 = xw - * u2 = rw - * X = u1*G + u2*Q - * v = X_x1 mod n - * accept if v == r - */ - -/** - Verify an ECC signature - @param sig The signature to verify - @param siglen The length of the signature (octets) - @param hash The hash (message digest) that was signed - @param hashlen The length of the hash (octets) - @param stat Result of signature, 1==valid, 0==invalid - @param key The corresponding public ECC key - @return CRYPT_OK if successful (even if the signature is not valid) -*/ -int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key) -{ - ecc_point *mG, *mQ; - void *r, *s, *v, *w, *u1, *u2, *e, *p, *m; - void *mp; - int err; - - LTC_ARGCHK(sig != NULL); - LTC_ARGCHK(hash != NULL); - LTC_ARGCHK(stat != NULL); - LTC_ARGCHK(key != NULL); - - /* default to invalid signature */ - *stat = 0; - mp = NULL; - - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - - /* allocate ints */ - if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL)) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* allocate points */ - mG = ltc_ecc_new_point(); - mQ = ltc_ecc_new_point(); - if (mQ == NULL || mG == NULL) { - err = CRYPT_MEM; - goto error; - } - - /* parse header */ - if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; - } - - /* get the order */ - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto error; } - - /* get the modulus */ - if ((err = mp_read_radix(m, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto error; } - - /* check for zero */ - if (mp_iszero(r) || mp_iszero(s) || mp_cmp(r, p) != LTC_MP_LT || mp_cmp(s, p) != LTC_MP_LT) { - err = CRYPT_INVALID_PACKET; - goto error; - } - - /* read hash */ - if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, (int)hashlen)) != CRYPT_OK) { goto error; } - - /* w = s^-1 mod n */ - if ((err = mp_invmod(s, p, w)) != CRYPT_OK) { goto error; } - - /* u1 = ew */ - if ((err = mp_mulmod(e, w, p, u1)) != CRYPT_OK) { goto error; } - - /* u2 = rw */ - if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK) { goto error; } - - /* find mG and mQ */ - if ((err = mp_read_radix(mG->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(mG->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_set(mG->z, 1)) != CRYPT_OK) { goto error; } - - if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK) { goto error; } - - /* compute u1*mG + u2*mQ = mG */ - if (ltc_mp.ecc_mul2add == NULL) { - if ((err = ltc_mp.ecc_ptmul(u1, mG, mG, m, 0)) != CRYPT_OK) { goto error; } - if ((err = ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0)) != CRYPT_OK) { goto error; } - - /* find the montgomery mp */ - if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } - - /* add them */ - if ((err = ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp)) != CRYPT_OK) { goto error; } - - /* reduce */ - if ((err = ltc_mp.ecc_map(mG, m, mp)) != CRYPT_OK) { goto error; } - } else { - /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */ - if ((err = ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m)) != CRYPT_OK) { goto error; } - } - - /* v = X_x1 mod n */ - if ((err = mp_mod(mG->x, p, v)) != CRYPT_OK) { goto error; } - - /* does v == r */ - if (mp_cmp(v, r) == LTC_MP_EQ) { - *stat = 1; - } - - /* clear up and return */ - err = CRYPT_OK; -error: - ltc_ecc_del_point(mG); - ltc_ecc_del_point(mQ); - mp_clear_multi(r, s, v, w, u1, u2, p, e, m, NULL); - if (mp != NULL) { - mp_montgomery_free(mp); - } - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_verify_hash.c,v $ */ -/* $Revision: 1.14 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c b/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c deleted file mode 100644 index acda0de..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c +++ /dev/null @@ -1,46 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_is_valid_idx.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** Returns whether an ECC idx is valid or not - @param n The idx number to check - @return 1 if valid, 0 if not -*/ -int ltc_ecc_is_valid_idx(int n) -{ - int x; - - for (x = 0; ltc_ecc_sets[x].size != 0; x++); - /* -1 is a valid index --- indicating that the domain params were supplied by the user */ - if ((n >= -1) && (n < x)) { - return 1; - } - return 0; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_map.c b/libtomcrypt/pk/ecc/ltc_ecc_map.c deleted file mode 100644 index aa25fc9..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_map.c +++ /dev/null @@ -1,76 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_map.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Map a projective jacbobian point back to affine space - @param P [in/out] The point to map - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_map(ecc_point *P, void *modulus, void *mp) -{ - void *t1, *t2; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* first map z back to normal */ - if ((err = mp_montgomery_reduce(P->z, modulus, mp)) != CRYPT_OK) { goto done; } - - /* get 1/z */ - if ((err = mp_invmod(P->z, modulus, t1)) != CRYPT_OK) { goto done; } - - /* get 1/z^2 and 1/z^3 */ - if ((err = mp_sqr(t1, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_mod(t2, modulus, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_mul(t1, t2, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_mod(t1, modulus, t1)) != CRYPT_OK) { goto done; } - - /* multiply against x/y */ - if ((err = mp_mul(P->x, t2, P->x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(P->x, modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = mp_mul(P->y, t1, P->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(P->y, modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = mp_set(P->z, 1)) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_map.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c b/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c deleted file mode 100644 index 3c58f5d..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c +++ /dev/null @@ -1,207 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mul2add.c - ECC Crypto, Shamir's Trick, Tom St Denis -*/ - -#ifdef LTC_MECC - -#ifdef LTC_ECC_SHAMIR - -/** Computes kA*A + kB*B = C using Shamir's Trick - @param A First point to multiply - @param kA What to multiple A by - @param B Second point to multiply - @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B - @param modulus Modulus for curve - @return CRYPT_OK on success -*/ -int ltc_ecc_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *modulus) -{ - ecc_point *precomp[16]; - unsigned bitbufA, bitbufB, lenA, lenB, len, x, y, nA, nB, nibble; - unsigned char *tA, *tB; - int err, first; - void *mp, *mu; - - /* argchks */ - LTC_ARGCHK(A != NULL); - LTC_ARGCHK(B != NULL); - LTC_ARGCHK(C != NULL); - LTC_ARGCHK(kA != NULL); - LTC_ARGCHK(kB != NULL); - LTC_ARGCHK(modulus != NULL); - - /* allocate memory */ - tA = XCALLOC(1, ECC_BUF_SIZE); - if (tA == NULL) { - return CRYPT_MEM; - } - tB = XCALLOC(1, ECC_BUF_SIZE); - if (tB == NULL) { - XFREE(tA); - return CRYPT_MEM; - } - - /* get sizes */ - lenA = mp_unsigned_bin_size(kA); - lenB = mp_unsigned_bin_size(kB); - len = MAX(lenA, lenB); - - /* sanity check */ - if ((lenA > ECC_BUF_SIZE) || (lenB > ECC_BUF_SIZE)) { - err = CRYPT_INVALID_ARG; - goto ERR_T; - } - - /* extract and justify kA */ - mp_to_unsigned_bin(kA, (len - lenA) + tA); - - /* extract and justify kB */ - mp_to_unsigned_bin(kB, (len - lenB) + tB); - - /* allocate the table */ - for (x = 0; x < 16; x++) { - precomp[x] = ltc_ecc_new_point(); - if (precomp[x] == NULL) { - for (y = 0; y < x; ++y) { - ltc_ecc_del_point(precomp[y]); - } - err = CRYPT_MEM; - goto ERR_T; - } - } - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - goto ERR_P; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto ERR_MP; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto ERR_MU; - } - - /* copy ones ... */ - if ((err = mp_mulmod(A->x, mu, modulus, precomp[1]->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(A->y, mu, modulus, precomp[1]->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(A->z, mu, modulus, precomp[1]->z)) != CRYPT_OK) { goto ERR_MU; } - - if ((err = mp_mulmod(B->x, mu, modulus, precomp[1<<2]->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(B->y, mu, modulus, precomp[1<<2]->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(B->z, mu, modulus, precomp[1<<2]->z)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [i,0](A + B) table */ - if ((err = ltc_mp.ecc_ptdbl(precomp[1], precomp[2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptadd(precomp[1], precomp[2], precomp[3], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [0,i](A + B) table */ - if ((err = ltc_mp.ecc_ptdbl(precomp[1<<2], precomp[2<<2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptadd(precomp[1<<2], precomp[2<<2], precomp[3<<2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [i,j](A + B) table (i != 0, j != 0) */ - for (x = 1; x < 4; x++) { - for (y = 1; y < 4; y++) { - if ((err = ltc_mp.ecc_ptadd(precomp[x], precomp[(y<<2)], precomp[x+(y<<2)], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - } - - nibble = 3; - first = 1; - bitbufA = tA[0]; - bitbufB = tB[0]; - - /* for every byte of the multiplicands */ - for (x = -1;; ) { - /* grab a nibble */ - if (++nibble == 4) { - ++x; if (x == len) break; - bitbufA = tA[x]; - bitbufB = tB[x]; - nibble = 0; - } - - /* extract two bits from both, shift/update */ - nA = (bitbufA >> 6) & 0x03; - nB = (bitbufB >> 6) & 0x03; - bitbufA = (bitbufA << 2) & 0xFF; - bitbufB = (bitbufB << 2) & 0xFF; - - /* if both zero, if first, continue */ - if ((nA == 0) && (nB == 0) && (first == 1)) { - continue; - } - - /* double twice, only if this isn't the first */ - if (first == 0) { - /* double twice */ - if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - - /* if not both zero */ - if ((nA != 0) || (nB != 0)) { - if (first == 1) { - /* if first, copy from table */ - first = 0; - if ((err = mp_copy(precomp[nA + (nB<<2)]->x, C->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->y, C->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->z, C->z)) != CRYPT_OK) { goto ERR_MU; } - } else { - /* if not first, add from table */ - if ((err = ltc_mp.ecc_ptadd(C, precomp[nA + (nB<<2)], C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - } - } - - /* reduce to affine */ - err = ltc_ecc_map(C, modulus, mp); - - /* clean up */ -ERR_MU: - mp_clear(mu); -ERR_MP: - mp_montgomery_free(mp); -ERR_P: - for (x = 0; x < 16; x++) { - ltc_ecc_del_point(precomp[x]); - } -ERR_T: -#ifdef LTC_CLEAN_STACK - zeromem(tA, ECC_BUF_SIZE); - zeromem(tB, ECC_BUF_SIZE); -#endif - XFREE(tA); - XFREE(tB); - - return err; -} - -#endif -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c,v $ */ -/* $Revision: 1.8 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c b/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c deleted file mode 100644 index 4d16fb4..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c +++ /dev/null @@ -1,222 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mulmod.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC -#ifndef LTC_ECC_TIMING_RESISTANT - -/* size of sliding window, don't change this! */ -#define WINSIZE 4 - -/** - Perform a point multiplication - @param k The scalar to multiply by - @param G The base point - @param R [out] Destination for kG - @param modulus The modulus of the field the ECC curve is in - @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) - @return CRYPT_OK on success -*/ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) -{ - ecc_point *tG, *M[8]; - int i, j, err; - void *mu, *mp; - unsigned long buf; - int first, bitbuf, bitcpy, bitcnt, mode, digidx; - - LTC_ARGCHK(k != NULL); - LTC_ARGCHK(G != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_montgomery_free(mp); - mp_clear(mu); - return err; - } - - /* alloc ram for window temps */ - for (i = 0; i < 8; i++) { - M[i] = ltc_ecc_new_point(); - if (M[i] == NULL) { - for (j = 0; j < i; j++) { - ltc_ecc_del_point(M[j]); - } - mp_montgomery_free(mp); - mp_clear(mu); - return CRYPT_MEM; - } - } - - /* make a copy of G incase R==G */ - tG = ltc_ecc_new_point(); - if (tG == NULL) { err = CRYPT_MEM; goto done; } - - /* tG = G and convert to montgomery */ - if (mp_cmp_d(mu, 1) == LTC_MP_EQ) { - if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; } - } else { - if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; } - } - mp_clear(mu); - mu = NULL; - - /* calc the M tab, which holds kG for k==8..15 */ - /* M[0] == 8G */ - if ((err = ltc_mp.ecc_ptdbl(tG, M[0], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } - - /* now find (8+k)G for k=1..7 */ - for (j = 9; j < 16; j++) { - if ((err = ltc_mp.ecc_ptadd(M[j-9], tG, M[j-8], modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* setup sliding window */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = mp_get_digit_count(k) - 1; - bitcpy = bitbuf = 0; - first = 1; - - /* perform ops */ - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - if (digidx == -1) { - break; - } - buf = mp_get_digit(k, digidx); - bitcnt = (int) ltc_mp.bits_per_digit; - --digidx; - } - - /* grab the next msb from the ltiplicand */ - i = (buf >> (ltc_mp.bits_per_digit - 1)) & 1; - buf <<= 1; - - /* skip leading zero bits */ - if (mode == 0 && i == 0) { - continue; - } - - /* if the bit is zero and mode == 1 then we double */ - if (mode == 1 && i == 0) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - /* else we add it to the window */ - bitbuf |= (i << (WINSIZE - ++bitcpy)); - mode = 2; - - if (bitcpy == WINSIZE) { - /* if this is the first window we do a simple copy */ - if (first == 1) { - /* R = kG [k = first window] */ - if ((err = mp_copy(M[bitbuf-8]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->z, R->z)) != CRYPT_OK) { goto done; } - first = 0; - } else { - /* normal window */ - /* ok window is filled so double as required and add */ - /* double first */ - for (j = 0; j < WINSIZE; j++) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranteed */ - if ((err = ltc_mp.ecc_ptadd(R, M[bitbuf-8], R, modulus, mp)) != CRYPT_OK) { goto done; } - } - /* empty window and reset */ - bitcpy = bitbuf = 0; - mode = 1; - } - } - - /* if bits remain then double/add */ - if (mode == 2 && bitcpy > 0) { - /* double then add */ - for (j = 0; j < bitcpy; j++) { - /* only double if we have had at least one add first */ - if (first == 0) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - - bitbuf <<= 1; - if ((bitbuf & (1 << WINSIZE)) != 0) { - if (first == 1){ - /* first add, so copy */ - if ((err = mp_copy(tG->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, R->z)) != CRYPT_OK) { goto done; } - first = 0; - } else { - /* then add */ - if ((err = ltc_mp.ecc_ptadd(R, tG, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - } - } - } - - /* map R back from projective space */ - if (map) { - err = ltc_ecc_map(R, modulus, mp); - } else { - err = CRYPT_OK; - } -done: - if (mu != NULL) { - mp_clear(mu); - } - mp_montgomery_free(mp); - ltc_ecc_del_point(tG); - for (i = 0; i < 8; i++) { - ltc_ecc_del_point(M[i]); - } - return err; -} - -#endif - -#undef WINSIZE - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c,v $ */ -/* $Revision: 1.26 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c b/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c deleted file mode 100644 index aa0e233..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c +++ /dev/null @@ -1,167 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mulmod_timing.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -#ifdef LTC_ECC_TIMING_RESISTANT - -/** - Perform a point multiplication (timing resistant) - @param k The scalar to multiply by - @param G The base point - @param R [out] Destination for kG - @param modulus The modulus of the field the ECC curve is in - @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) - @return CRYPT_OK on success -*/ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) -{ - ecc_point *tG, *M[3]; - int i, j, err; - void *mu, *mp; - unsigned long buf; - int first, bitbuf, bitcpy, bitcnt, mode, digidx; - - LTC_ARGCHK(k != NULL); - LTC_ARGCHK(G != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_clear(mu); - mp_montgomery_free(mp); - return err; - } - - /* alloc ram for window temps */ - for (i = 0; i < 3; i++) { - M[i] = ltc_ecc_new_point(); - if (M[i] == NULL) { - for (j = 0; j < i; j++) { - ltc_ecc_del_point(M[j]); - } - mp_clear(mu); - mp_montgomery_free(mp); - return CRYPT_MEM; - } - } - - /* make a copy of G incase R==G */ - tG = ltc_ecc_new_point(); - if (tG == NULL) { err = CRYPT_MEM; goto done; } - - /* tG = G and convert to montgomery */ - if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; } - mp_clear(mu); - mu = NULL; - - /* calc the M tab */ - /* M[0] == G */ - if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, M[0]->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, M[0]->z)) != CRYPT_OK) { goto done; } - /* M[1] == 2G */ - if ((err = ltc_mp.ecc_ptdbl(tG, M[1], modulus, mp)) != CRYPT_OK) { goto done; } - - /* setup sliding window */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = mp_get_digit_count(k) - 1; - bitcpy = bitbuf = 0; - first = 1; - - /* perform ops */ - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - if (digidx == -1) { - break; - } - buf = mp_get_digit(k, digidx); - bitcnt = (int) MP_DIGIT_BIT; - --digidx; - } - - /* grab the next msb from the ltiplicand */ - i = (buf >> (MP_DIGIT_BIT - 1)) & 1; - buf <<= 1; - - if (mode == 0 && i == 0) { - /* dummy operations */ - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - if (mode == 0 && i == 1) { - mode = 1; - /* dummy operations */ - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[i^1], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[i], M[i], modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* copy result out */ - if ((err = mp_copy(M[0]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->z, R->z)) != CRYPT_OK) { goto done; } - - /* map R back from projective space */ - if (map) { - err = ltc_ecc_map(R, modulus, mp); - } else { - err = CRYPT_OK; - } -done: - if (mu != NULL) { - mp_clear(mu); - } - mp_montgomery_free(mp); - ltc_ecc_del_point(tG); - for (i = 0; i < 3; i++) { - ltc_ecc_del_point(M[i]); - } - return err; -} - -#endif -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_points.c b/libtomcrypt/pk/ecc/ltc_ecc_points.c deleted file mode 100644 index f29508a..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_points.c +++ /dev/null @@ -1,60 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_points.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Allocate a new ECC point - @return A newly allocated point or NULL on error -*/ -ecc_point *ltc_ecc_new_point(void) -{ - ecc_point *p; - p = XCALLOC(1, sizeof(*p)); - if (p == NULL) { - return NULL; - } - if (mp_init_multi(&p->x, &p->y, &p->z, NULL) != CRYPT_OK) { - XFREE(p); - return NULL; - } - return p; -} - -/** Free an ECC point from memory - @param p The point to free -*/ -void ltc_ecc_del_point(ecc_point *p) -{ - /* prevents free'ing null arguments */ - if (p != NULL) { - mp_clear_multi(p->x, p->y, p->z, NULL); /* note: p->z may be NULL but that's ok with this function anyways */ - XFREE(p); - } -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_points.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c b/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c deleted file mode 100644 index 7df54aa..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c +++ /dev/null @@ -1,196 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_projective_add_point.c - ECC Crypto, Tom St Denis -*/ - -#if defined(LTC_MECC) && (!defined(LTC_MECC_ACCEL) || defined(LTM_LTC_DESC)) - -/** - Add two ECC points - @param P The point to add - @param Q The point to add - @param R [out] The destination of the double - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp) -{ - void *t1, *t2, *x, *y, *z; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(Q != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != CRYPT_OK) { - return err; - } - - /* should we dbl instead? */ - if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK) { goto done; } - - if ( (mp_cmp(P->x, Q->x) == LTC_MP_EQ) && - (Q->z != NULL && mp_cmp(P->z, Q->z) == LTC_MP_EQ) && - (mp_cmp(P->y, Q->y) == LTC_MP_EQ || mp_cmp(P->y, t1) == LTC_MP_EQ)) { - mp_clear_multi(t1, t2, x, y, z, NULL); - return ltc_ecc_projective_dbl_point(P, R, modulus, mp); - } - - if ((err = mp_copy(P->x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->y, y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->z, z)) != CRYPT_OK) { goto done; } - - /* if Z is one then these are no-operations */ - if (Q->z != NULL) { - /* T1 = Z' * Z' */ - if ((err = mp_sqr(Q->z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X * T1 */ - if ((err = mp_mul(t1, x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Z' * T1 */ - if ((err = mp_mul(Q->z, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = Y * T1 */ - if ((err = mp_mul(t1, y, y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(y, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* T1 = Z*Z */ - if ((err = mp_sqr(z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = X' * T1 */ - if ((err = mp_mul(Q->x, t1, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Z * T1 */ - if ((err = mp_mul(z, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Y' * T1 */ - if ((err = mp_mul(Q->y, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - - /* Y = Y - T1 */ - if ((err = mp_sub(y, t1, y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(y, 0) == LTC_MP_LT) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - /* T1 = 2T1 */ - if ((err = mp_add(t1, t1, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T1 = Y + T1 */ - if ((err = mp_add(t1, y, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* X = X - T2 */ - if ((err = mp_sub(x, t2, x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(x, 0) == LTC_MP_LT) { - if ((err = mp_add(x, modulus, x)) != CRYPT_OK) { goto done; } - } - /* T2 = 2T2 */ - if ((err = mp_add(t2, t2, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp(t2, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = X + T2 */ - if ((err = mp_add(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp(t2, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - - /* if Z' != 1 */ - if (Q->z != NULL) { - /* Z = Z * Z' */ - if ((err = mp_mul(z, Q->z, z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* Z = Z * X */ - if ((err = mp_mul(z, x, z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } - - /* T1 = T1 * X */ - if ((err = mp_mul(t1, x, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X * X */ - if ((err = mp_sqr(x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = T2 * x */ - if ((err = mp_mul(t2, x, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = T1 * X */ - if ((err = mp_mul(t1, x, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - - /* X = Y*Y */ - if ((err = mp_sqr(y, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X - T2 */ - if ((err = mp_sub(x, t2, x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(x, 0) == LTC_MP_LT) { - if ((err = mp_add(x, modulus, x)) != CRYPT_OK) { goto done; } - } - - /* T2 = T2 - X */ - if ((err = mp_sub(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = T2 - X */ - if ((err = mp_sub(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = T2 * Y */ - if ((err = mp_mul(t2, y, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = T2 - T1 */ - if ((err = mp_sub(t2, t1, y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(y, 0) == LTC_MP_LT) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - /* Y = Y/2 */ - if (mp_isodd(y)) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - if ((err = mp_div_2(y, y)) != CRYPT_OK) { goto done; } - - if ((err = mp_copy(x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(z, R->z)) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, x, y, z, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c,v $ */ -/* $Revision: 1.16 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c b/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c deleted file mode 100644 index 531ce13..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c +++ /dev/null @@ -1,147 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_projective_dbl_point.c - ECC Crypto, Tom St Denis -*/ - -#if defined(LTC_MECC) && (!defined(LTC_MECC_ACCEL) || defined(LTM_LTC_DESC)) - -/** - Double an ECC point - @param P The point to double - @param R [out] The destination of the double - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp) -{ - void *t1, *t2; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { - return err; - } - - if (P != R) { - if ((err = mp_copy(P->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->z, R->z)) != CRYPT_OK) { goto done; } - } - - /* t1 = Z * Z */ - if ((err = mp_sqr(R->z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* Z = Y * Z */ - if ((err = mp_mul(R->z, R->y, R->z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->z, modulus, mp)) != CRYPT_OK) { goto done; } - /* Z = 2Z */ - if ((err = mp_add(R->z, R->z, R->z)) != CRYPT_OK) { goto done; } - if (mp_cmp(R->z, modulus) != LTC_MP_LT) { - if ((err = mp_sub(R->z, modulus, R->z)) != CRYPT_OK) { goto done; } - } - - /* T2 = X - T1 */ - if ((err = mp_sub(R->x, t1, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T1 = X + T1 */ - if ((err = mp_add(t1, R->x, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T2 = T1 * T2 */ - if ((err = mp_mul(t1, t2, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = 2T2 */ - if ((err = mp_add(t2, t2, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T1 = T1 + T2 */ - if ((err = mp_add(t1, t2, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - - /* Y = 2Y */ - if ((err = mp_add(R->y, R->y, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp(R->y, modulus) != LTC_MP_LT) { - if ((err = mp_sub(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - /* Y = Y * Y */ - if ((err = mp_sqr(R->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = Y * Y */ - if ((err = mp_sqr(R->y, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = T2/2 */ - if (mp_isodd(t2)) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - if ((err = mp_div_2(t2, t2)) != CRYPT_OK) { goto done; } - /* Y = Y * X */ - if ((err = mp_mul(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - - /* X = T1 * T1 */ - if ((err = mp_sqr(t1, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->x, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X - Y */ - if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { - if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } - } - /* X = X - Y */ - if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { - if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } - } - - /* Y = Y - X */ - if ((err = mp_sub(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { - if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - /* Y = Y * T1 */ - if ((err = mp_mul(R->y, t1, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = Y - T2 */ - if ((err = mp_sub(R->y, t2, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { - if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, NULL); - return err; -} -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c index 1ae57bb..01fe231 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_mgf1.c @@ -33,7 +34,6 @@ int pkcs_1_mgf1(int hash_idx, unsigned long hLen, x; ulong32 counter; int err; - hash_state *md; unsigned char *buf; LTC_ARGCHK(seed != NULL); @@ -45,18 +45,11 @@ int pkcs_1_mgf1(int hash_idx, } /* get hash output size */ - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); /* allocate memory */ - md = XMALLOC(sizeof(hash_state)); buf = XMALLOC(hLen); - if (md == NULL || buf == NULL) { - if (md != NULL) { - XFREE(md); - } - if (buf != NULL) { - XFREE(buf); - } + if (buf == NULL) { return CRYPT_MEM; } @@ -68,17 +61,8 @@ int pkcs_1_mgf1(int hash_idx, STORE32H(counter, buf); ++counter; - /* get hash of seed || counter */ - if ((err = hash_descriptor[hash_idx].init(md)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(md, seed, seedlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(md, buf, 4)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(md, buf)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, buf, &hLen, seed, seedlen, buf, (unsigned long) 4, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } @@ -92,11 +76,9 @@ int pkcs_1_mgf1(int hash_idx, LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(buf, hLen); - zeromem(md, sizeof(hash_state)); #endif XFREE(buf); - XFREE(md); return err; } diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c index cbed794..4114c56 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_oaep_decode.c @@ -52,7 +53,8 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; } - hLen = hash_descriptor[hash_idx].hashsize; + + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); /* test hash/message size */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c index 795a71f..ccee5cf 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_oaep_encode.c @@ -47,7 +48,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); /* test message size */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c index 7ca284c..5a26654 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_pss_decode.c @@ -37,7 +38,6 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, unsigned char *DB, *mask, *salt, *hash; unsigned long x, y, hLen, modulus_len; int err; - hash_state md; LTC_ARGCHK(msghash != NULL); LTC_ARGCHK(res != NULL); @@ -50,7 +50,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); /* check sizes */ @@ -131,20 +131,8 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, } /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ - if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { - goto LBL_ERR; - } - zeromem(mask, 8); - if ((err = hash_descriptor[hash_idx].process(&md, mask, 8)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, DB+x, saltlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(&md, mask)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, mask, &hLen, mask, 8, msghash, (unsigned long)msghashlen, DB+x, (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c index 7eaa307..382820d 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_pss_encode.c @@ -36,7 +37,6 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, unsigned char *DB, *mask, *salt, *hash; unsigned long x, y, hLen, modulus_len; int err; - hash_state md; LTC_ARGCHK(msghash != NULL); LTC_ARGCHK(out != NULL); @@ -47,7 +47,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); /* check sizes */ @@ -83,20 +83,8 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, } /* M = (eight) 0x00 || msghash || salt, hash = H(M) */ - if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { - goto LBL_ERR; - } - zeromem(DB, 8); - if ((err = hash_descriptor[hash_idx].process(&md, DB, 8)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, salt, saltlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(&md, hash)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, hash, &hLen, DB, 8, msghash, (unsigned long)msghashlen, salt, (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } diff --git a/libtomcrypt/pk/rsa/rsa_decrypt_key.c b/libtomcrypt/pk/rsa/rsa_decrypt_key.c index f3b8c48..52885e8 100644 --- a/libtomcrypt/pk/rsa/rsa_decrypt_key.c +++ b/libtomcrypt/pk/rsa/rsa_decrypt_key.c @@ -64,10 +64,10 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen != inlen) { return CRYPT_INVALID_PACKET; } @@ -80,7 +80,7 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, /* rsa decode the packet */ x = inlen; - if ((err = ltc_mp.rsa_me(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { + if ((err = rsa_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { XFREE(tmp); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_encrypt_key.c b/libtomcrypt/pk/rsa/rsa_encrypt_key.c index daa328a..d59699c 100644 --- a/libtomcrypt/pk/rsa/rsa_encrypt_key.c +++ b/libtomcrypt/pk/rsa/rsa_encrypt_key.c @@ -57,10 +57,10 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen > *outlen) { *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; @@ -85,7 +85,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* rsa exptmod the OAEP or LTC_PKCS #1 v1.5 pad */ - return ltc_mp.rsa_me(out, x, out, outlen, PK_PUBLIC, key); + return rsa_exptmod(out, x, out, outlen, PK_PUBLIC, key); } #endif /* LTC_MRSA */ diff --git a/libtomcrypt/pk/rsa/rsa_exptmod.c b/libtomcrypt/pk/rsa/rsa_exptmod.c index 7237790..3c55e30 100644 --- a/libtomcrypt/pk/rsa/rsa_exptmod.c +++ b/libtomcrypt/pk/rsa/rsa_exptmod.c @@ -31,7 +31,7 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, rsa_key *key) { - void *tmp, *tmpa, *tmpb; + mp_int tmp, tmpa, tmpb; unsigned long x; int err; @@ -52,10 +52,10 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* init and copy into tmp */ if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; } /* sanity check on the input */ - if (mp_cmp(key->N, tmp) == LTC_MP_LT) { + if (mp_cmp(&key->N, &tmp) == LTC_MP_LT) { err = CRYPT_PK_INVALID_SIZE; goto error; } @@ -63,25 +63,25 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* are we using the private exponent and is the key optimized? */ if (which == PK_PRIVATE) { /* tmpa = tmp^dP mod p */ - if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->dP, &key->p, &tmpa)) != CRYPT_OK) { goto error; } /* tmpb = tmp^dQ mod q */ - if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb)) != CRYPT_OK) { goto error; } /* tmp = (tmpa - tmpb) * qInv (mod p) */ - if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != CRYPT_OK) { goto error; } /* tmp = tmpb + q * tmp */ - if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&tmp, &key->q, &tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&tmp, &tmpb, &tmp)) != CRYPT_OK) { goto error; } } else { /* exptmod it */ - if ((err = mp_exptmod(tmp, key->e, key->N, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != CRYPT_OK) { goto error; } } /* read it back */ - x = (unsigned long)mp_unsigned_bin_size(key->N); + x = (unsigned long)mp_unsigned_bin_size(&key->N); if (x > *outlen) { *outlen = x; err = CRYPT_BUFFER_OVERFLOW; @@ -89,7 +89,7 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, } /* this should never happen ... */ - if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) { + if (mp_unsigned_bin_size(&tmp) > mp_unsigned_bin_size(&key->N)) { err = CRYPT_ERROR; goto error; } @@ -97,12 +97,12 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* convert it */ zeromem(out, x); - if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK) { goto error; } + if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != CRYPT_OK) { goto error; } /* clean up and return */ err = CRYPT_OK; error: - mp_clear_multi(tmp, tmpa, tmpb, NULL); + mp_clear_multi(&tmp, &tmpa, &tmpb, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_free.c b/libtomcrypt/pk/rsa/rsa_free.c index 31ae29f..d38b266 100644 --- a/libtomcrypt/pk/rsa/rsa_free.c +++ b/libtomcrypt/pk/rsa/rsa_free.c @@ -24,7 +24,7 @@ void rsa_free(rsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->e, key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); } #endif diff --git a/libtomcrypt/pk/rsa/rsa_import.c b/libtomcrypt/pk/rsa/rsa_import.c index 110dd28..2f6d40e 100644 --- a/libtomcrypt/pk/rsa/rsa_import.c +++ b/libtomcrypt/pk/rsa/rsa_import.c @@ -27,7 +27,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) { int err; - void *zero; + mp_int zero; unsigned char *tmpbuf; unsigned long t, x, y, z, tmpoid[16]; ltc_asn1_list ssl_pubkey_hashoid[2]; @@ -35,7 +35,6 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -94,7 +93,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) goto LBL_ERR; } - if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) { + if (mp_cmp_d(&key->N, 0) == LTC_MP_EQ) { if ((err = mp_init(&zero)) != CRYPT_OK) { goto LBL_ERR; } @@ -110,12 +109,12 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) LTC_ASN1_INTEGER, 1UL, key->dQ, LTC_ASN1_INTEGER, 1UL, key->qP, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - mp_clear(zero); + mp_clear(&zero); goto LBL_ERR; } - mp_clear(zero); + mp_clear(&zero); key->type = PK_PRIVATE; - } else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) { + } else if (mp_cmp_d(&key->N, 1) == LTC_MP_EQ) { /* we don't support multi-prime RSA */ err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; @@ -131,7 +130,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } return CRYPT_OK; LBL_ERR: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_make_key.c b/libtomcrypt/pk/rsa/rsa_make_key.c index bed3e4d..915c832 100644 --- a/libtomcrypt/pk/rsa/rsa_make_key.c +++ b/libtomcrypt/pk/rsa/rsa_make_key.c @@ -26,10 +26,9 @@ */ int rsa_make_key(int size, long e, rsa_key *key) { - void *p, *q, *tmp1, *tmp2, *tmp3; + mp_int p, q, tmp1, tmp2, tmp3; int err; - LTC_ARGCHK(ltc_mp.name != NULL); LTC_ARGCHK(key != NULL); if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) { @@ -45,46 +44,46 @@ int rsa_make_key(int size, long e, rsa_key *key) } /* make primes p and q (optimization provided by Wayne Scott) */ - if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) { goto errkey; } /* tmp3 = e */ + if ((err = mp_set_int(&tmp3, e)) != CRYPT_OK) { goto errkey; } /* tmp3 = e */ /* make prime "p" */ do { - if ((err = rand_prime( p, size/2)) != CRYPT_OK) { goto errkey; } - if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ - if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(p-1, e) */ - } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */ + if ((err = rand_prime( &p, size/2)) != CRYPT_OK) { goto errkey; } + if ((err = mp_sub_d( &p, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ + if ((err = mp_gcd( &tmp1, &tmp3, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(p-1, e) */ + } while (mp_cmp_d( &tmp2, 1) != 0); /* while e divides p-1 */ /* make prime "q" */ do { - if ((err = rand_prime( q, size/2)) != CRYPT_OK) { goto errkey; } - if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ - if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(q-1, e) */ - } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */ + if ((err = rand_prime( &q, size/2)) != CRYPT_OK) { goto errkey; } + if ((err = mp_sub_d( &q, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ + if ((err = mp_gcd( &tmp1, &tmp3, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(q-1, e) */ + } while (mp_cmp_d( &tmp2, 1) != 0); /* while e divides q-1 */ /* tmp1 = lcm(p-1, q-1) */ - if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ + if ((err = mp_sub_d( &p, 1, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ /* tmp1 = q-1 (previous do/while loop) */ - if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = lcm(p-1, q-1) */ + if ((err = mp_lcm( &tmp1, &tmp2, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = lcm(p-1, q-1) */ /* make key */ if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { goto errkey; } - if ((err = mp_set_int( key->e, e)) != CRYPT_OK) { goto errkey; } /* key->e = e */ - if ((err = mp_invmod( key->e, tmp1, key->d)) != CRYPT_OK) { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */ - if ((err = mp_mul( p, q, key->N)) != CRYPT_OK) { goto errkey; } /* key->N = pq */ + if ((err = mp_set_int( &key->e, e)) != CRYPT_OK) { goto errkey; } /* key->e = e */ + if ((err = mp_invmod( &key->e, &tmp1, &key->d)) != CRYPT_OK) { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */ + if ((err = mp_mul( &p, &q, &key->N)) != CRYPT_OK) { goto errkey; } /* key->N = pq */ /* optimize for CRT now */ /* find d mod q-1 and d mod p-1 */ - if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ - if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ - if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ - if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ - if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ + if ((err = mp_sub_d( &p, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ + if ((err = mp_sub_d( &q, 1, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ + if ((err = mp_mod( &key->d, &tmp1, &key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ + if ((err = mp_mod( &key->d, &tmp2, &key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ + if ((err = mp_invmod( &q, &p, &key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ - if ((err = mp_copy( p, key->p)) != CRYPT_OK) { goto errkey; } - if ((err = mp_copy( q, key->q)) != CRYPT_OK) { goto errkey; } + if ((err = mp_copy( &p, &key->p)) != CRYPT_OK) { goto errkey; } + if ((err = mp_copy( &q, &key->q)) != CRYPT_OK) { goto errkey; } /* set key type (in this case it's CRT optimized) */ key->type = PK_PRIVATE; @@ -93,9 +92,9 @@ int rsa_make_key(int size, long e, rsa_key *key) err = CRYPT_OK; goto cleanup; errkey: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); cleanup: - mp_clear_multi(tmp3, tmp2, tmp1, p, q, NULL); + mp_clear_multi(&tmp3, &tmp2, &tmp1, &p, &q, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_sign_hash.c b/libtomcrypt/pk/rsa/rsa_sign_hash.c index 180da01..1298d46 100644 --- a/libtomcrypt/pk/rsa/rsa_sign_hash.c +++ b/libtomcrypt/pk/rsa/rsa_sign_hash.c @@ -55,10 +55,10 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits((key->N)); + modulus_bitlen = mp_count_bits((&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size((key->N)); + modulus_bytelen = mp_unsigned_bin_size((&key->N)); if (modulus_bytelen > *outlen) { *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; @@ -75,9 +75,10 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, /* LTC_PKCS #1 v1.5 pad the hash */ unsigned char *tmpin; ltc_asn1_list digestinfo[2], siginfo[2]; + oid_st st; /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { + if (hash_get_oid(hash_idx, &st) != CRYPT_OK) { return CRYPT_INVALID_ARG; } @@ -89,13 +90,13 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, hash OCTET STRING } */ - LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen); + LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, st.OID, st.OIDlen); LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, in, inlen); /* allocate memory for the encoding */ - y = mp_unsigned_bin_size(key->N); + y = mp_unsigned_bin_size(&key->N); tmpin = XMALLOC(y); if (tmpin == NULL) { return CRYPT_MEM; @@ -108,7 +109,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, x = *outlen; if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_LTC_PKCS_1_EMSA, - modulus_bitlen, NULL, 0, + modulus_bitlen, out, &x)) != CRYPT_OK) { XFREE(tmpin); return err; @@ -117,7 +118,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } /* RSA encode it */ - return ltc_mp.rsa_me(out, x, out, outlen, PK_PRIVATE, key); + return rsa_exptmod(out, x, out, outlen, PK_PRIVATE, key); } #endif /* LTC_MRSA */ diff --git a/libtomcrypt/pk/rsa/rsa_verify_hash.c b/libtomcrypt/pk/rsa/rsa_verify_hash.c index d453819..773ea7d 100644 --- a/libtomcrypt/pk/rsa/rsa_verify_hash.c +++ b/libtomcrypt/pk/rsa/rsa_verify_hash.c @@ -63,10 +63,10 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen != siglen) { return CRYPT_INVALID_PACKET; } @@ -79,7 +79,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, /* RSA decode it */ x = siglen; - if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) { + if ((err = rsa_exptmod(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) { XFREE(tmpbuf); return err; } @@ -99,9 +99,10 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, unsigned long outlen, loid[16]; int decoded; ltc_asn1_list digestinfo[2], siginfo[2]; + oid_st st; /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { + if (hash_get_oid(hash_idx, &st) != CRYPT_OK) { err = CRYPT_INVALID_ARG; goto bail_2; } @@ -139,8 +140,8 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } /* test OID */ - if ((digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && - (XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) && + if ((digestinfo[0].size == st.OIDlen) && + (XMEMCMP(digestinfo[0].data, st.OID, sizeof(unsigned long) * st.OIDlen) == 0) && (siginfo[1].size == hashlen) && (XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) { *stat = 1; |