Lines Matching refs:Which
166 pseudo--random number generators (PRNG), and bignum math routines are all used within the API through \textit{descriptor} tables which
412 functions which are (given that XXX is the name of the cipher) the following:
422 The number of rounds can be set to zero to use the default, which is generally a good idea.
443 These two functions will encrypt or decrypt (respectively) a single block of text\footnote{The size of which depends on
444 which cipher you are using.}, storing the result in the \textit{ct} buffer (\textit{pt} resp.). It is possible that the input and output buffer are
459 For each cipher there is a function which will help find a desired key size. It is specified as follows:
492 cipher descriptors may require to be called for resource management purposes. To be compliant, all functions which call a cipher
639 For AES, (also known as Rijndael) there are four descriptors which complicate issues a little. The descriptors
658 the file \textit{tomcrypt\_cfg.h}. The first option is \textit{TWOFISH\_SMALL} which when defined will force the Twofish code
660 key will require less ram but the resulting cipher will be slower. The second option is \textit{TWOFISH\_TABLES} which when
691 Which will search for a given name in the array. It returns $-1$ if the cipher is not found, otherwise it returns
729 Which accepts a pointer to a descriptor and returns the index into the global descriptor table. If an error occurs such
736 Which returns {\bf CRYPT\_OK} if it removes the cipher, otherwise it returns {\bf CRYPT\_ERROR}.
790 CTR or Counter Mode is a mode which only uses the encryption function of the cipher. Given a initial vector which is
819 buffer the output which will allow you to encrypt or decrypt partial blocks without delay.
824 \item No short cycles which is possible in the OFB and CFB modes.
839 Ciphertext stealing is a method of dealing with messages in CBC mode which are not a multiple of the block length. This is accomplished
883 In the case of CTR mode there is an additional parameter \textit{ctr\_mode} which specifies the mode that the counter is to be used in.
1033 LRW mode is a cipher mode which is meant for indexed encryption like used to handle storage media. It is meant to have efficient seeking and overcome the
1087 which is slower than sequential use. Avoid seeking excessively in performance constrained code.
1164 It is initialized with a random \textit{nonce} that can be shared publicly, a \textit{header} which can be fixed and public, and a random secret symmetric key.
1349 This mode has no \textit{Associated Data} like EAX mode does which means you cannot authenticate metadata along with the stream.
1457 This performs the \textit{CCM} operation on the data. The \textit{cipher} variable indicates which cipher in the descriptor table to use. It must have a
1764 Essentially all hash messages are virtually infinitely\footnote{Most hashes are limited to $2^{64}$ bits or 2,305,843,009,213,693,952 bytes.} long message which
1849 In addition, there is also find\_hash\_oid() which finds a hash by the ASN.1 OBJECT IDENTIFIER string.
1928 user owning the process performing the request. This function can be omitted by the \textbf{LTC\_NO\_FILE} define, which forces it to return \textbf{CRYPT\_NOP}
1940 will not rewind the file pointer when finished. This function can be omitted by the \textbf{LTC\_NO\_FILE} define, which forces it to return \textbf{CRYPT\_NOP}
2020 data. While it is in the hash system you still have to tell the CHC code which cipher to use. This is accomplished
2112 produced (depending on which hash was picked). If \textit{outlen} is less than the size of the message digest (and ultimately
2148 Which returns {\bf CRYPT\_OK} if the code passes otherwise it returns an error code. Some example code for using the
2200 OMAC\footnote{\url{http://crypt.cis.ibaraki.ac.jp/omac/omac.html}}, which stands for \textit{One-Key CBC MAC} is an
2201 algorithm which produces a Message Authentication Code (MAC) using only a block cipher such as AES. Note: OMAC has been standardized as
2246 Which will terminate the OMAC and output the \textit{tag} (MAC) to \textit{out}. Note that unlike the HMAC and other code
2277 Which will OMAC the entire contents of the file specified by \textit{filename} using the key \textit{key} of length \textit{keylen} bytes
2286 Which returns {\bf CRYPT\_OK} if the code passes otherwise it returns an error code. Some example code for using the
2350 Which initializes the \textit{pmac} state with the given \textit{cipher} and \textit{key} of length \textit{keylen} bytes. The chosen cipher
2411 Which will PMAC the entire contents of the file specified by \textit{filename} using the key \textit{key} of length \textit{keylen} bytes,
2420 Which returns {\bf CRYPT\_OK} if the code passes otherwise it returns an error code.
2500 by using a cipher in CBC mode. It also uses a single key which it expands into the requisite three keys for the MAC function. A XCBC--MAC state is
2561 Which will XCBC--MAC the entire contents of the file specified by \textit{filename} using the key \textit{key} of length \textit{keylen} bytes, and the cipher
2647 Which will F9--MAC the entire contents of the file specified by \textit{filename} using the key \textit{key} of length \textit{keylen} bytes, and the cipher
2679 Which returns {\bf CRYPT\_OK} if the entropy was accepted. Once you think you have enough entropy you call another
2686 Which returns {\bf CRYPT\_OK} if it is ready. Finally to actually read bytes call:
2694 Which returns the number of bytes read from the PRNG. When you are finished with a PRNG state you call
2871 to work with most cipher and hash combos based on which you have chosen to build into the library.} while
2915 simulations which need a high quality (and fast) stream of bytes.
2972 Which will try one of three methods of getting random data. The first is to open the popular \textit{/dev/random} device which
3057 RSA wrote the PKCS \#1 specifications which detail RSA Public Key Cryptography. In the specifications are
3084 longer than the modulus which helps allocate the correct output buffer size.
3129 This accepts \textit{msg} as input of length \textit{msglen} which will be OAEP padded. The \textit{lparam} variable is an additional system specific
3130 tag that can be applied to the encoding. This is useful to identify which system encoded the message. If no variance is desired then
3174 PSS encoding is the second half of the PKCS \#1 standard which is padding to be applied to messages that are signed.
3230 multiplicative sub-group formed modulo $N$ is given as $\phi(N) = (p - 1)(q - 1)$ which can be reduced to
3243 the plaintext to be encrypted than it is possible that $M^3 < N$ in which case finding the cube-root would be trivial.
3248 $M_1^dM_2^d = (M_1M_2)^d$ which can be used to forge a signature. Suppose $M_3 = M_1M_2$ is a message you want
3277 RSA key which includes the CRT parameters\footnote{As of v0.99 the PK\_PRIVATE\_OPTIMIZED type has been deprecated, and has been replaced by the
3278 PK\_PRIVATE type.} in the form of a RSAPrivateKey (PKCS \#1 compliant). The second type, is a public RSA key which only includes the modulus and public exponent.
3289 int which,
3293 in \textit{out} and the size of the result in \textit{outlen}. \textit{which} is set to {\bf PK\_PUBLIC} to use \textit{e}
3299 Normally RSA is used to encrypt short symmetric keys which are then used in block ciphers to encrypt a message.
3385 Similar to the extended encryption, the new parameter \textit{padding} indicates which version of the PKCS \#1 standard to use.
3411 The \textit{hash\_idx} parameter indicates which hash will be used to create the PSS encoding. It should be the same as the hash used to
3605 of the order of the base point in time. That means if you use a base point of order $2^{192}$ (which would represent a
3614 support smaller devices which do not need as large keys for security.
3636 which will build LTC using the TFM math library and enabling this new feature. The feature is not enabled by default as it is \textbf{NOT} thread
3641 cache (of FP\_ENTRIES entries) which it uses to hold recent bases passed to ltc\_ecc\_mulmod(). Any base detected to be used twice is sent through the
3647 value the faster the algorithm will be but the more memory it will take. The memory usage is $3 \cdot 2^{FP\_LUT}$ integers which by default
3658 to 4096 bits (512 bytes) which is way more than what is required by ECC. At most, you need 1152 bits to accommodate ECC--521. If you're only using (say)
3659 ECC--256 you will only need 576 bits, which would reduce the memory usage by 700\%.
3694 extended ECC functions which allow the user to specify their own curves.
3736 The \textit{keysize} is the size of the modulus in bytes desired. Currently directly supported values are 12, 16, 20, 24, 28, 32, 48, and 65 bytes which
3743 As of v1.16, the library supports an extended key generation routine which allows the user to specify their own curve. It is specified as follows:
3869 hash algorithm indexed by \textit{hash} to construct a shared secret which may be XOR'ed against the plaintext. The ciphertext is stored in
3952 The Digital Signature Algorithm (or DSA) is a variant of the ElGamal Signature scheme which has been modified to
3958 Since no useful public standard for DSA key storage was presented to me during the course of this development I made my own ASN.1 SEQUENCE which I document
3992 The leading BIT STRING has a single bit in it which is zero for public keys and one for private keys. This makes the structure uniquely decodable,
4054 which is required for the signatures to
4055 function. Tests three and four ensure that the generator $g$ is not set to a trivial value which would make signature
4086 Which will sign the data in \textit{in} of length \textit{inlen} bytes. The signature is stored in \textit{out} and the size
4102 Which will verify the data in \textit{hash} of length \textit{inlen} against the signature stored in \textit{sig} of length \textit{siglen}.
4153 This will export the DSA \textit{key} to the buffer \textit{out} and set the length in \textit{outlen} (which must have been previously
4176 On top of the basic data types are the SEQUENCE and SET data types which are collections of other ASN.1 types. They are provided
4254 The SEQUENCE data type is a collection of other ASN.1 data types encapsulated with a small header which is a useful way of sending multiple data types in one packet.
4271 verbatim to the dependent encoder. The list can contain other SEQUENCE or SET types which enables you to have nested SEQUENCE and SET definitions. In these cases
4596 These functions use the \textbf{wchar\_t} type which is not universally available. In those cases, the library will typedef it to \textbf{unsigned long}. If you
4643 The CHOICE ASN.1 type represents a union of ASN.1 types all of which are stored in a \textit{ltc\_asn1\_list}. There is no encoder for the CHOICE type, only a
4657 This will decode the input in the \textit{in} field of length \textit{inlen}. It uses the provided ASN.1 list specified in the \textit{list} field which has
4731 that of an IA5 STRING. The sibbling will now be the \textit{LoginToken} SEQUENCE. The sibbling has a child node which points to the \textit{passwdHash} OCTET STRING.
4767 is made up of two algorithms, Algorithm One and Algorithm Two. Algorithm One is the older fairly limited algorithm which has been implemented
4786 The \textit{salt} is a fixed size 8--byte array which should be random for each user and session. The \textit{iteration\_count} is the delay desired
4854 Those characters are supported in the 7-bit ASCII map, which means they can be used for transport over
4900 the multi-prime RSA. Suppose $q = rs$ for two primes $r$ and $s$ then $\phi(pq) = (p - 1)(r - 1)(s - 1)$ which clearly is
4919 \textit{len = -128} to the function. Upon success it will return {\bf CRYPT\_OK} and \textit{N} will contain an integer which
4936 which output variable length strings will require you to pass the length of the destination. If the size of your output
4944 before you try to use them. This includes any function which would use an algorithm indirectly through a descriptor table.
5025 The only sticky issue is a shared PRNG which can be alleviated with the careful use of mutex devices. Defining LTC\_PTHREAD for instance, enables
5045 settings can be overwritten from the command line which makes custom installation a breeze.
5066 When \textbf{IGNORE\_SPEED} has been defined the default optimization flags for CFLAGS will be disabled which allows the developer to specify new
5073 This will turn off optimizations and add \textit{-g3} to the CFLAGS which enables debugging.
5087 directory which defaults to \textit{/usr/lib}. \textbf{INCPATH} is the prefix for the header file directory which defaults to \textit{/usr/include}.
5088 \textbf{DATADIR} is the prefix for the data (documentation) directory which defaults to \textit{/usr/share/doc/libtomcrypt/pdf}.
5175 This will compile \textit{myprogram} and link it against the LibTomCrypt library as well as TomsFastMath (which must have been previously installed). Note that
5188 This will build and install the library and link the shared object against the TomsFastMath library (which must be installed as a shared object as well). The
5192 The file \textit{tomcrypt\_cfg.h} is what lets you control various high level macros which control the behaviour of the library. Build options are also
5193 stored in \textit{tomcrypt\_custom.h} which allow the enabling and disabling of various algorithms.
5208 which will work on all platforms.
5222 These macros are handy for working with platforms which do not have a standard C library. For instance, the OLPC\footnote{See http://dev.laptop.org/git?p=bios-crypto;a=summary}
5244 which can be auto-detected. This macro ensures that they are never enabled.
5267 If you do plan on using the \textit{LTC\_FAST} mode you have to also define a \textit{LTC\_FAST\_TYPE} macro which resolves to an optimal sized
5277 There are a plethora of macros for the ciphers, hashes, PRNGs and public key functions which are fairly
5279 dependency issues which are noted in the file. For instance, Yarrow requires CTR chaining mode, a block
5302 When defined GCM will use a 64KB table (per GCM state) which will greatly speed up the per--packet latency.
5323 algorithm which prevents leaking key bits of the private key (scalar). It is a slower algorithm but useful for situations
5332 to tell the program which library to use. Only one of the USE flags can be defined at once.
5355 At the heart of this flexibility is the \textit{descriptor} system. A descriptor is essentially just a C \textit{struct} which describes the algorithm and provides pointers
5356 to functions that do the required work. For a given class of operation (e.g. cipher, hash, prng, bignum) the functions of a descriptor have identical prototypes which makes
5655 Inside the \textit{symmetric\_key} union there is a \textit{void *data} which you can use to allocate data if you need a data structure that does not fit with the existing
5668 pointer to an integer which
5852 A compatible accelerator must allow processing data in any granularity which may require internal padding on the driver side.
5938 The name by which find\_prng() will find the PRNG.
6060 /** Count the number of LSB bits which are zero
6381 @param which PK_PUBLIC for public RSA and PK_PRIVATE for private RSA
6386 unsigned char *out, unsigned long *outlen, int which,
6425 All ECC functions must use this mapping system. The only exception is when you remap all ECC callbacks which will allow you to have more control
6427 could point to anything you want. The only further exception is the export functions which expects the values to be in affine format.