| /freebsd/crypto/libecc/src/nn/ |
| H A D | nn_add.c | 23 * o out = in1 +/- in2 if cnd is not zero.
24 * o out = in1 if cnd is zero.
27 * constant time for that specific factor, nor on the values of in1 and in2.
28 * It still depends on the maximal length of in1 and in2.
35 * Conditionally adds 'in2' to 'in1' according to "cnd", storing the result
41 * commutative, i.e. "_nn_cnd_add(cnd, out, in1, in2)" is not equivalent
42 * to "_nn_cnd_add(cnd, out, in2, in1)". It is commutative though if "cnd"
43 * is not zero or 'in1' == 'in2'.
46 * that is if not aliased to 'in1' or 'in2'. The length of "out" is set to
47 * the maximal length of 'in1' and 'in2'. Note that both 'in1' and 'in2' will
[all …]
|
| H A D | nn_mul.c | 22 * Compute out = (in1 * in2) & (2^(WORD_BYTES * wlimits) - 1).
44 ATTRIBUTE_WARN_UNUSED_RET static int _nn_mul_low(nn_t out, nn_src_t in1, nn_src_t in2, in _nn_mul_low() argument
56 for (i = 0; i < in1->wlen; i++) { in _nn_mul_low()
77 in1->val[i], in2->val[j]); in _nn_mul_low()
106 ATTRIBUTE_WARN_UNUSED_RET static int _nn_mul_low_aliased(nn_t out, nn_src_t in1, nn_src_t in2, in _nn_mul_low_aliased() argument
113 ret = _nn_mul_low(&out_cpy, in1, in2, wlimit); EG(ret, err); in _nn_mul_low_aliased()
124 int nn_mul_low(nn_t out, nn_src_t in1, nn_src_t in2, u8 wlimit) in nn_mul_low() argument
128 ret = nn_check_initialized(in1); EG(ret, err); in nn_mul_low()
132 if ((out == in1) || (out == in2)) { in nn_mul_low()
133 ret = _nn_mul_low_aliased(out, in1, in2, wlimit); in nn_mul_low()
[all …]
|
| H A D | nn_mul_redc1.c | 124 ATTRIBUTE_WARN_UNUSED_RET static int _nn_mul_redc1(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p, in _nn_mul_redc1() argument
140 SHOULD_HAVE((!nn_cmp(in1, p, &cmp)) && (cmp < 0), ret, err); in _nn_mul_redc1()
145 /* Check which one of in1 or in2 is the biggest */ in _nn_mul_redc1()
146 a = (in1->wlen <= in2->wlen) ? in2 : in1; in _nn_mul_redc1()
147 b = (in1->wlen <= in2->wlen) ? in1 : in2; in _nn_mul_redc1()
225 ATTRIBUTE_WARN_UNUSED_RET static int _nn_mul_redc1_aliased(nn_t out, nn_src_t in1, nn_src_t in2, in _nn_mul_redc1_aliased() argument
232 ret = _nn_mul_redc1(&out_cpy, in1, in2, p, mpinv); EG(ret, err); in _nn_mul_redc1_aliased()
246 int nn_mul_redc1(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p, in nn_mul_redc1() argument
251 ret = nn_check_initialized(in1); EG(ret, err); in nn_mul_redc1()
256 if ((out == in1) || (out == in2) || (out == p)) { in nn_mul_redc1()
[all …]
|
| H A D | nn.c | 174 int nn_cnd_swap(int cnd, nn_t in1, nn_t in2) in nn_cnd_swap() argument
182 ret = nn_check_initialized(in1); EG(ret, err); in nn_cnd_swap()
185 MUST_HAVE((in1->wlen <= NN_MAX_WORD_LEN), ret, err); in nn_cnd_swap()
188 len = (in1->wlen >= in2->wlen) ? in1->wlen : in2->wlen; in nn_cnd_swap()
200 t = ((in1->val[i] ^ in2->val[i]) & mask) ^ r_mask; in nn_cnd_swap()
201 in1->val[i] ^= ((t & local_mask) ^ (r_mask & local_mask)); in nn_cnd_swap()
205 t = (word_t)(((in1->wlen ^ in2->wlen) & mask) ^ r_mask); in nn_cnd_swap()
206 in1->wlen ^= (u8)(t ^ r_mask); in nn_cnd_swap()
424 int nn_normalize(nn_t in1) in nn_normalize() argument
428 ret = nn_check_initialized(in1); EG(ret, err); in nn_normalize()
[all …]
|
| /freebsd/crypto/openssl/crypto/poly1305/asm/ |
| H A D | poly1305-mips.pl | 71 ($in0,$in1,$tmp0,$tmp1,$tmp2,$tmp3,$tmp4) = ($a4,$a5,$a6,$a7,$at,$t0,$t1);
103 ld $in1,8($inp)
106 ldl $in1,8+MSB($inp)
108 ldr $in1,8+LSB($inp)
113 dsbh $in1,$in1
115 dshd $in1,$in1
122 and $tmp3,$in1,$tmp0
124 dsrl $tmp4,$in1,24
133 and $tmp4,$in1,$tmp0
135 dsrl $in1,8
[all …]
|
| /freebsd/crypto/openssl/crypto/ec/asm/ |
| H A D | ecp_nistp521-ppc64.pl | 160 my @in1 = map("v$_",(45..53));
172 load_vrs($in1p, \@in1);
176 vmsumudm $out[0],$in1[0],$in2[0],$vzero
178 xxpermdi $t1,$in1[0],$in1[1],0b00
184 vmsumudm $out[2],$in1[2],$in2[0],$out[2]
188 xxpermdi $t3,$in1[2],$in1[3],0b00
196 vmsumudm $out[4],$in1[4],$in2[0],$out[4]
218 xxpermdi $t1,$in1[4],$in1[5],0b00
224 vmsumudm $out[6],$in1[6],$in2[0],$out[6]
228 xxpermdi $t3,$in1[6],$in1[7],0b00
[all …]
|
| /freebsd/crypto/libecc/src/fp/ |
| H A D | fp_montgomery.c | 22 /* Compute out = in1 + in2 mod p in the Montgomery form.
28 int fp_add_monty(fp_t out, fp_src_t in1, fp_src_t in2) in fp_add_monty() argument
30 return fp_add(out, in1, in2); in fp_add_monty()
33 /* Compute out = in1 - in2 mod p in the Montgomery form.
39 int fp_sub_monty(fp_t out, fp_src_t in1, fp_src_t in2) in fp_sub_monty() argument
41 return fp_sub(out, in1, in2); in fp_sub_monty()
44 /* Compute out = in1 * in2 mod p in the Montgomery form.
50 int fp_mul_monty(fp_t out, fp_src_t in1, fp_src_t in2) in fp_mul_monty() argument
52 return fp_mul_redc1(out, in1, in2); in fp_mul_monty()
67 * Compute out such that in1 = out * in2 mod p in the Montgomery form.
[all …]
|
| H A D | fp_add.c | 20 * Compute out = in1 + in2 mod p. 'out' parameter must have been initialized
25 int fp_add(fp_t out, fp_src_t in1, fp_src_t in2) in fp_add() argument
30 ret = fp_check_initialized(in1); EG(ret, err); in fp_add()
33 MUST_HAVE(((&(in1->ctx->p)) == (&(in2->ctx->p))), ret, err); in fp_add()
34 MUST_HAVE(((&(in1->ctx->p)) == (&(out->ctx->p))), ret, err); in fp_add()
36 SHOULD_HAVE(!nn_cmp(&in1->fp_val, &(in1->ctx->p), &cmp) && (cmp < 0), ret, err); in fp_add()
39 ret = nn_mod_add(&(out->fp_val), &(in1->fp_val), in fp_add()
40 &(in2->fp_val), &(in1->ctx->p)); in fp_add()
70 * Compute out = in1 - in2 mod p. 'out' parameter must have been initialized
75 int fp_sub(fp_t out, fp_src_t in1, fp_src_t in2) in fp_sub() argument
[all …]
|
| H A D | fp_mul_redc1.c | 25 ATTRIBUTE_WARN_UNUSED_RET static inline int _fp_mul_redc1(nn_t out, nn_src_t in1, nn_src_t in2, in _fp_mul_redc1() argument
28 return nn_mul_redc1(out, in1, in2, &(ctx->p), ctx->mpinv); in _fp_mul_redc1()
32 * Compute out = in1 * in2 mod (p) in redcified form.
39 int fp_mul_redc1(fp_t out, fp_src_t in1, fp_src_t in2) in fp_mul_redc1() argument
43 ret = fp_check_initialized(in1); EG(ret, err); in fp_mul_redc1()
47 MUST_HAVE((out->ctx == in1->ctx), ret, err); in fp_mul_redc1()
50 ret = _fp_mul_redc1(&(out->fp_val), &(in1->fp_val), &(in2->fp_val), in fp_mul_redc1()
|
| H A D | fp_mul.c | 25 * Compute out = in1 * in2 mod p. 'out' parameter must have been initialized
30 int fp_mul(fp_t out, fp_src_t in1, fp_src_t in2) in fp_mul() argument
34 ret = fp_check_initialized(in1); EG(ret, err); in fp_mul()
38 MUST_HAVE(out->ctx == in1->ctx, ret, err); in fp_mul()
41 ret = nn_mul(&(out->fp_val), &(in1->fp_val), &(in2->fp_val)); EG(ret, err); in fp_mul()
42 ret = nn_mod_unshifted(&(out->fp_val), &(out->fp_val), &(in1->ctx->p_normalized), in fp_mul()
43 in1->ctx->p_reciprocal, in1->ctx->p_shift); in fp_mul()
|
| H A D | fp.c | 288 * Compare given Fp elements. The function returns -1 if the value of in1 is
290 * more than that of in1. Obviously, both parameters must be initialized and
294 int fp_cmp(fp_src_t in1, fp_src_t in2, int *cmp) in fp_cmp() argument
298 ret = fp_check_initialized(in1); EG(ret, err); in fp_cmp()
301 MUST_HAVE((in1->ctx == in2->ctx), ret, err); in fp_cmp()
303 ret = nn_cmp(&(in1->fp_val), &(in2->fp_val), cmp); in fp_cmp()
405 * The function tests if in1 and in2 parameters are equal or opposite in
406 * Fp. In that case, 'eq_or_opp' out parameter is set to 1. When in1 and
413 int fp_eq_or_opp(fp_src_t in1, fp_src_t in2, int *eq_or_opp) in fp_eq_or_opp() argument
420 ret = fp_check_initialized(in1); EG(ret, err); in fp_eq_or_opp()
[all …]
|
| /freebsd/crypto/libecc/include/libecc/nn/ |
| H A D | nn_add.h | 20 ATTRIBUTE_WARN_UNUSED_RET int nn_cnd_add(int cnd, nn_t out, nn_src_t in1, nn_src_t in2);
21 ATTRIBUTE_WARN_UNUSED_RET int nn_cnd_sub(int cnd, nn_t out, nn_src_t in1, nn_src_t in2);
22 ATTRIBUTE_WARN_UNUSED_RET int nn_add(nn_t out, nn_src_t in1, nn_src_t in2);
23 ATTRIBUTE_WARN_UNUSED_RET int nn_inc(nn_t out, nn_src_t in1);
24 ATTRIBUTE_WARN_UNUSED_RET int nn_sub(nn_t out, nn_src_t in1, nn_src_t in2);
25 ATTRIBUTE_WARN_UNUSED_RET int nn_dec(nn_t out, nn_src_t in1);
26 ATTRIBUTE_WARN_UNUSED_RET int nn_mod_add(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p);
27 ATTRIBUTE_WARN_UNUSED_RET int nn_mod_inc(nn_t out, nn_src_t in1, nn_src_t p);
28 ATTRIBUTE_WARN_UNUSED_RET int nn_mod_sub(nn_t out, nn_src_t in1, nn_src_t in2, nn_src_t p);
29 ATTRIBUTE_WARN_UNUSED_RET int nn_mod_dec(nn_t out, nn_src_t in1, nn_src_t p);
|
| /freebsd/crypto/openssl/crypto/modes/asm/ |
| H A D | ghashp8-ppc.pl | 73 my ($Xl1,$Xm1,$Xh1,$IN1,$H2,$H2h,$H2l)=map("v$_",(13..19));
138 vxor $IN1,$Xl,$t1
140 vsldoi $H2,$IN1,$IN1,8
155 vpmsumd $Xl1,$IN1,$H2l # H^2.lo·H^2.lo
157 vpmsumd $Xm1,$IN1,$H2 # H^2.hi·H^2.lo+H^2.lo·H^2.hi
159 vpmsumd $Xh1,$IN1,$H2h # H^2.hi·H^2.hi
306 lvx_u $IN1,0,$inp
307 le?vperm $IN1,$IN1,$IN1,$lemask
311 vpmsumd $Xl1,$IN1,$Hl # H.lo·Xi+1.lo
314 vpmsumd $Xm1,$IN1,$H # H.hi·Xi+1.lo+H.lo·Xi+1.hi
[all …]
|
| /freebsd/crypto/libecc/src/curves/ |
| H A D | prj_pt.c | 299 * Compare projective points 'in1' and 'in2'. On success, 'cmp' is set to
300 * the result of the comparison (0 if in1 == in2, !0 if in1 != in2). The
303 int prj_pt_cmp(prj_pt_src_t in1, prj_pt_src_t in2, int *cmp) in prj_pt_cmp() argument
310 ret = prj_pt_check_initialized(in1); EG(ret, err); in prj_pt_cmp()
313 MUST_HAVE((in1->crv == in2->crv), ret, err); in prj_pt_cmp()
315 ret = fp_init(&X1, (in1->X).ctx); EG(ret, err); in prj_pt_cmp()
317 ret = fp_init(&Y1, (in1->Y).ctx); EG(ret, err); in prj_pt_cmp()
325 ret = fp_mul_monty(&X1, &(in1->X), &(in2->Z)); EG(ret, err); in prj_pt_cmp()
326 ret = fp_mul_monty(&X2, &(in2->X), &(in1->Z)); EG(ret, err); in prj_pt_cmp()
327 ret = fp_mul_monty(&Y1, &(in1->Y), &(in2->Z)); EG(ret, err); in prj_pt_cmp()
[all …]
|
| H A D | aff_pt.c | 214 * Compare affine points 'in1' and 'in2'. On success, 0 is returned and
218 int ec_shortw_aff_cmp(aff_pt_src_t in1, aff_pt_src_t in2, int *cmp) in ec_shortw_aff_cmp() argument
224 ret = aff_pt_check_initialized(in1); EG(ret, err); in ec_shortw_aff_cmp()
227 MUST_HAVE((in1->crv == in2->crv), ret, err); in ec_shortw_aff_cmp()
229 ret = fp_cmp(&(in1->x), &(in2->x), &cmp_x); EG(ret, err); in ec_shortw_aff_cmp()
230 ret = fp_cmp(&(in1->y), &(in2->y), &cmp_y); EG(ret, err); in ec_shortw_aff_cmp()
239 * Check if given affine points 'in1' and 'in2' on the same curve are equal
246 int ec_shortw_aff_eq_or_opp(aff_pt_src_t in1, aff_pt_src_t in2, in ec_shortw_aff_eq_or_opp() argument
251 ret = aff_pt_check_initialized(in1); EG(ret, err); in ec_shortw_aff_eq_or_opp()
253 MUST_HAVE((in1->crv == in2->crv), ret, err); in ec_shortw_aff_eq_or_opp()
[all …]
|
| /freebsd/contrib/wireguard-tools/ |
| H A D | curve25519-fiat32.h | 104 static __always_inline void fe_freeze(u32 out[10], const u32 in1[10]) in fe_freeze()
106 { const u32 x17 = in1[9]; in fe_freeze()
107 { const u32 x18 = in1[8]; in fe_freeze()
108 { const u32 x16 = in1[7]; in fe_freeze()
109 { const u32 x14 = in1[6]; in fe_freeze()
110 { const u32 x12 = in1[5]; in fe_freeze()
111 { const u32 x10 = in1[4]; in fe_freeze()
112 { const u32 x8 = in1[3]; in fe_freeze()
113 { const u32 x6 = in1[2]; in fe_freeze()
114 { const u32 x4 = in1[1]; in fe_freeze()
[all …]
|
| /freebsd/crypto/openssl/crypto/ec/ |
| H A D | ecp_nistp521.c | 481 * felem_mul sets |out| = |in1| * |in2|
483 * in1[i] < 2^64
486 * out[i] < 17 * max(in1[i]) * max(in2[i])
488 static void felem_mul_ref(largefelem out, const felem in1, const felem in2) in felem_mul_ref() argument
493 out[0] = ((uint128_t) in1[0]) * in2[0]; in felem_mul_ref()
495 out[1] = ((uint128_t) in1[0]) * in2[1] + in felem_mul_ref()
496 ((uint128_t) in1[1]) * in2[0]; in felem_mul_ref()
498 out[2] = ((uint128_t) in1[0]) * in2[2] + in felem_mul_ref()
499 ((uint128_t) in1[1]) * in2[1] + in felem_mul_ref()
500 ((uint128_t) in1[2]) * in2[0]; in felem_mul_ref()
[all …]
|
| /freebsd/contrib/netbsd-tests/usr.bin/netpgpverify/ |
| H A D | Testspec | 89 in1.gpg
90 in1.asc
105 …E_1="-s eq:0 -o file:expected36 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg in1.gpg"
106 …2="-s eq:0 -o file:expected37 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg < in1.gpg"
107 …E_3="-s eq:0 -o file:expected38 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg in1.asc"
108 …4="-s eq:0 -o file:expected39 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg < in1.asc"
109 … eq:0 -o file:expected40 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg -c cat in1.gpg"
110 …q:0 -o file:expected41 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg -c cat < in1.gpg"
111 … eq:0 -o file:expected42 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg -c cat in1.asc"
112 …q:0 -o file:expected43 -e empty env TZ=US/Pacific netpgpverify -k dsa-pubring.gpg -c cat < in1.asc"
|
| /freebsd/crypto/openssl/crypto/aes/asm/ |
| H A D | aesp8-ppc.pl | 88 my ($zero,$in0,$in1,$key,$rcon,$mask,$tmp)=map("v$_",(0..6));
147 lvx $in1,0,$inp
153 vperm $in0,$in0,$in1,$key # align [and byte swap in LE]
243 vperm $in1,$in1,$tmp,$key # align [and byte swap in LE]
249 vperm $key,$in1,$in1,$mask # roate-n-splat
259 vsldoi $stage,$zero,$in1,8
261 vxor $tmp,$tmp,$in1
262 vsldoi $in1,$zero,$in1,12 # >>32
264 vxor $in1,$in1,$tmp
266 vxor $in1,$in1,$key
[all …]
|
| H A D | aesfx-sparcv9.pl | 394 my ($iv0,$iv1,$r0hi,$r0lo,$rlhi,$rllo,$in0,$in1,$intail,$outhead,$fshift)
439 ldd [$inp - 8], $in1
446 fshiftorx $in0, $in1, $fshift, $in0
447 fshiftorx $in1, $intail, $fshift, $in1
452 fxor $in1, %f2, %f2
483 ldd [$inp - 8], $in1 ! load next input block
491 fshiftorx $in0, $in1, $fshift, $in0
492 fshiftorx $in1, $intail, $fshift, $in1
501 fxor $r0lo, $in1, $in1
549 fxor $in1, %f2, %f2
[all …]
|
| H A D | aesv8-armx.pl | 105 my ($zero,$rcon,$mask,$in0,$in1,$tmp,$key)=
208 vld1.8 {$in1},[$inp],#8
214 vtbl.8 $key,{$in1},$mask
217 vst1.32 {$in1},[$out],#16
220 vst1.32 {$in1},[$out],#8
232 veor $tmp,$tmp,$in1
234 vext.8 $in1,$zero,$in1,#12
236 veor $in1,$in1,$tmp
238 veor $in1,$in1,$key
248 vld1.8 {$in1},[$inp]
[all …]
|
| /freebsd/crypto/libecc/include/libecc/fp/ |
| H A D | fp_montgomery.h | 24 ATTRIBUTE_WARN_UNUSED_RET int fp_add_monty(fp_t out, fp_src_t in1, fp_src_t in2);
25 ATTRIBUTE_WARN_UNUSED_RET int fp_sub_monty(fp_t out, fp_src_t in1, fp_src_t in2);
26 ATTRIBUTE_WARN_UNUSED_RET int fp_mul_monty(fp_t out, fp_src_t in1, fp_src_t in2);
28 ATTRIBUTE_WARN_UNUSED_RET int fp_div_monty(fp_t out, fp_src_t in1, fp_src_t in2);
|
| /freebsd/crypto/openssl/crypto/des/asm/ |
| H A D | des_enc.m4 | 75 #define in1 %i1
123 ! parameter 7 1 for move in1 to in3
136 ifelse($7,1,{mov in1, in3},{nop})
1135 ! parameter 7 1 for move in1 to in3
1149 add in1, 120, in3 ! use last subkey for first round
1152 ! parameter 7 1 for move in1 to in3
1206 mov in1, in3 ! key address to in3
1234 sll out5, 29, in1
1238 add out5, in1, out5
1267 sll out5, 29, in1
[all …]
|
| /freebsd/crypto/openssl/providers/implementations/rands/ |
| H A D | drbg_hmac.c | 48 * in1, in2, in3 are optional inputs that can be NULL.
52 * hmac->K = HMAC(hmac->K, hmac->V || inbyte || [in1] || [in2] || [in3])
58 const unsigned char *in1, size_t in1len, in do_hmac() argument
65 /* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */ in do_hmac()
68 || !(in1 == NULL || in1len == 0 || EVP_MAC_update(ctx, in1, in1len)) in do_hmac()
85 * K,V = do_hmac(hmac, 0, in1, in2, in3)
87 * K,V = do_hmac(hmac, 1, in1, in2, in3)
89 * where in1, in2, in3 are optional input buffers that can be NULL.
95 const unsigned char *in1, size_ in drbg_hmac_update() argument
[all...] |
| /freebsd/crypto/openssl/ms/ |
| H A D | cmp.pl | 12 open(IN1,"<$ARGV[1]") || die "unable to open $ARGV[1]\n";
14 binmode IN1;
21 $n2=sysread(IN1,$b2,4096);
35 close(IN1);
|