Lines Matching refs:Then
341 /* if rsa_export() was successful then x will have
548 example, if you have $\mbox{Pr}\left[X = 1\right] = {1 \over 2} \pm \gamma$ where $\vert \gamma \vert > 0$ then the
843 The more sane way to deal with partial blocks is to pad them with zeroes, and then use CBC normally.
884 If \textbf{CTR\_COUNTER\_ LITTLE\_ENDIAN} was specified then the counter will be treated as a little endian value. Otherwise, if
886 increment then encrypt is also supported. By OR'ing \textbf{LTC\_CTR\_RFC3686} with the CTR \textit{mode} value, ctr\_start() will increment
1145 able to seek within a current session only. If you want to change the session IV you will have to call f8\_done() and then start a new state with
1169 The mode can then process plaintext producing ciphertext as well as compute a partial checksum. The actual checksum
1236 then stores how many bytes of the tag were written out back in to \textit{taglen}.
1328 the tag it computed while decrypting the message. If the tags match then it stores a $1$ in \textit{res}, otherwise it stores a $0$.
1387 an input message equal to the length of the block size then you pass the data here (not to ocb\_encrypt()) only.
1402 tag of the message (internally) and then compare it against the \textit{taglen} bytes of \textit{tag} provided. By default
1403 \textit{res} is set to zero. If all \textit{taglen} bytes of \textit{tag} can be verified then \textit{res} is set to one (authenticated
1462 \textit{uskey} is not \textbf{NULL}, then \textit{key} may be \textbf{NULL} (and vice-versa).
1465 encrypted, it is stored in \textit{header} of length \textit{headerlen} octets. The header can be zero octets long (if $headerlen = 0$ then
1625 This will reset the GCM state \textit{gcm} to the state that gcm\_init() left it. The user would then call gcm\_add\_iv(), gcm\_add\_aad(), etc.
1644 This will initialize the GCM state with the given key, IV and AAD value then proceed to encrypt or decrypt the message text and store the final
2079 to allow an owner of a private symmetric key to produce an HMAC on a message then later verify if it is correct. Any impostor or
2113 the HMAC code) then the HMAC code is truncated as per FIPS-198 specifications (e.g. take the first \textit{outlen} bytes).
2728 a state, emit (say) 8 bytes and then import the previously exported state the next 8 bytes will not
3130 tag that can be applied to the encoding. This is useful to identify which system encoded the message. If no variance is desired then
3139 If $h$ is the length of the hash and $m$ the length of the modulus (both in octets) then the maximum payload for \textit{msg} is
3196 of the modulus $h$ the length of the hash output (in octets) then there can be $m - h - 2$ bytes of salt.
3299 Normally RSA is used to encrypt short symmetric keys which are then used in block ciphers to encrypt a message.
3360 This function will RSA decrypt \textit{in} of length \textit{inlen} then OAEP de-pad the resulting data and store it in
3364 If the RSA decrypted data is not a valid OAEP packet then \textit{stat} is set to $0$. Otherwise, it is set to $1$.
3606 192-bit key) then the work factor is $2^{96}$ in order to find the secret key.
3642 pre--computation phase, and then the fixed point algorithm can be used. For example, if you use a NIST base point twice in a row, the 2$^{nd}$ and
4416 The routine will first encode the SET OF in an unordered fashion (in a temporary buffer) then sort using the XQSORT macro and copy back to the output buffer. This
4689 have to convert the list by first storing all of the siblings in an array then storing all the children as sub-lists of a sequence using the \textit{.data}
4900 the multi-prime RSA. Suppose $q = rs$ for two primes $r$ and $s$ then $\phi(pq) = (p - 1)(r - 1)(s - 1)$ which clearly is
5021 thread has its own state variables then they will not affect each other, and are fully thread safe. This is fairly simple with symmetric ciphers
5037 The build process now consists of installing a math library first, and then building and installing LibTomCrypt with a math library
5200 stderr then return execution to the caller. This could lead to a segmentation fault (e.g. when a pointer is \textbf{NULL}) but is useful
5230 During the build if LTC\_NO\_FILE is defined then any function in the library that uses file I/O will not call the file I/O
5259 call ctr\_encrypt() with an odd amount of plaintext then call it again the CTR pad (the IV) will be partially used. This will
5260 cause the ctr routine to first use up the remaining pad bytes. Then if there are enough plaintext bytes left it will use
5318 Generally the rule of thumb is to setup the tables once at startup and then leave them be. This added build flag simply makes updating
5668 pointer to an integer which represents the desired size. The function then
5669 example, if the input is $25$ and $24$ is valid then it stores $24$ back in the pointed to integer. It must not round up and must return an error if the keysize
5856 to be able to process multiple blocks per MAC then you will have to simply provide a process() callback and use hmac\_memory() as provided in LibTomCrypt.
6392 Most of the functions are fairly straightforward and do not need documentation. We'll cover the basic conventions of the API and then explain the accelerated functions.
6397 the init calls a \textit{void **} will be passed where you allocate your structure and set the pointer then initialize the number to zero. During the deinit calls you must
6405 then partition your digits. Normally this does not matter as \textit{unsigned long} will be the same size as your register size. Note that if your digit is smaller
6475 The call reads the \textit{in} buffer as an unsigned char array in big endian format. Then it performs the exponentiation and stores the output in big endian format
