| /optee_os/lib/libmbedtls/mbedtls/library/ |
| H A D | rsa_alt_helpers.c | 62 mbedtls_mpi K; /* Temporary holding the current candidate */ in mbedtls_rsa_deduce_primes() local
91 mbedtls_mpi_init(&K); in mbedtls_rsa_deduce_primes()
117 MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&K, primes[attempt])); in mbedtls_rsa_deduce_primes()
120 MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); in mbedtls_rsa_deduce_primes()
127 MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &K, &T, N, in mbedtls_rsa_deduce_primes()
134 if (mbedtls_mpi_cmp_int(&K, 1) == 0) { in mbedtls_rsa_deduce_primes()
138 MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&K, &K, 1)); in mbedtls_rsa_deduce_primes()
139 MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); in mbedtls_rsa_deduce_primes()
152 MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); in mbedtls_rsa_deduce_primes()
153 MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &K)); in mbedtls_rsa_deduce_primes()
[all …]
|
| H A D | sha256.c | 299 static const uint32_t K[] = variable
361 tmp = vaddq_u32(sched0, vld1q_u32(&K[0])); in mbedtls_internal_sha256_process_many_a64_crypto()
367 tmp = vaddq_u32(sched1, vld1q_u32(&K[4])); in mbedtls_internal_sha256_process_many_a64_crypto()
373 tmp = vaddq_u32(sched2, vld1q_u32(&K[8])); in mbedtls_internal_sha256_process_many_a64_crypto()
379 tmp = vaddq_u32(sched3, vld1q_u32(&K[12])); in mbedtls_internal_sha256_process_many_a64_crypto()
387 tmp = vaddq_u32(sched0, vld1q_u32(&K[t])); in mbedtls_internal_sha256_process_many_a64_crypto()
394 tmp = vaddq_u32(sched1, vld1q_u32(&K[t + 4])); in mbedtls_internal_sha256_process_many_a64_crypto()
401 tmp = vaddq_u32(sched2, vld1q_u32(&K[t + 8])); in mbedtls_internal_sha256_process_many_a64_crypto()
408 tmp = vaddq_u32(sched3, vld1q_u32(&K[t + 12])); in mbedtls_internal_sha256_process_many_a64_crypto()
477 #define P(a, b, c, d, e, f, g, h, x, K) \ argument
[all …]
|
| H A D | sha512.c | 299 static const uint64_t K[80] = variable
424 initial_sum = vaddq_u64(s0, vld1q_u64(&K[0])); in mbedtls_internal_sha512_process_many_a64_crypto()
431 initial_sum = vaddq_u64(s1, vld1q_u64(&K[2])); in mbedtls_internal_sha512_process_many_a64_crypto()
438 initial_sum = vaddq_u64(s2, vld1q_u64(&K[4])); in mbedtls_internal_sha512_process_many_a64_crypto()
445 initial_sum = vaddq_u64(s3, vld1q_u64(&K[6])); in mbedtls_internal_sha512_process_many_a64_crypto()
452 initial_sum = vaddq_u64(s4, vld1q_u64(&K[8])); in mbedtls_internal_sha512_process_many_a64_crypto()
459 initial_sum = vaddq_u64(s5, vld1q_u64(&K[10])); in mbedtls_internal_sha512_process_many_a64_crypto()
466 initial_sum = vaddq_u64(s6, vld1q_u64(&K[12])); in mbedtls_internal_sha512_process_many_a64_crypto()
473 initial_sum = vaddq_u64(s7, vld1q_u64(&K[14])); in mbedtls_internal_sha512_process_many_a64_crypto()
482 initial_sum = vaddq_u64(s0, vld1q_u64(&K[t])); in mbedtls_internal_sha512_process_many_a64_crypto()
[all …]
|
| H A D | psa_crypto_ffdh.c | 269 mbedtls_mpi P, G, X, GY, K; in mbedtls_psa_ffdh_key_agreement() local
283 mbedtls_mpi_init(&K); in mbedtls_psa_ffdh_key_agreement()
299 MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &GY, &X, &P, NULL)); in mbedtls_psa_ffdh_key_agreement()
301 MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&K, shared_secret, in mbedtls_psa_ffdh_key_agreement()
311 mbedtls_mpi_free(&K); in mbedtls_psa_ffdh_key_agreement()
|
| H A D | dhm.c | 135 src = &ctx->K; in mbedtls_dhm_get_value()
433 MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->K, &GYb, &ctx->X, in mbedtls_dhm_calc_secret()
437 MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf)); in mbedtls_dhm_calc_secret()
438 MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P)); in mbedtls_dhm_calc_secret()
442 *olen = mbedtls_mpi_size(&ctx->K); in mbedtls_dhm_calc_secret()
443 MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->K, output, *olen)); in mbedtls_dhm_calc_secret()
468 mbedtls_mpi_free(&ctx->K); in mbedtls_dhm_free()
|
| /optee_os/core/lib/libtomcrypt/src/ciphers/safer/ |
| H A D | saferp.c | 41 b[0] = (safer_ebox[(b[0] ^ skey->saferp.K[i][0]) & 255] + skey->saferp.K[i+1][0]) & 255; \
42 b[1] = safer_lbox[(b[1] + skey->saferp.K[i][1]) & 255] ^ skey->saferp.K[i+1][1]; \
43 b[2] = safer_lbox[(b[2] + skey->saferp.K[i][2]) & 255] ^ skey->saferp.K[i+1][2]; \
44 b[3] = (safer_ebox[(b[3] ^ skey->saferp.K[i][3]) & 255] + skey->saferp.K[i+1][3]) & 255; \
45 b[4] = (safer_ebox[(b[4] ^ skey->saferp.K[i][4]) & 255] + skey->saferp.K[i+1][4]) & 255; \
46 b[5] = safer_lbox[(b[5] + skey->saferp.K[i][5]) & 255] ^ skey->saferp.K[i+1][5]; \
47 b[6] = safer_lbox[(b[6] + skey->saferp.K[i][6]) & 255] ^ skey->saferp.K[i+1][6]; \
48 b[7] = (safer_ebox[(b[7] ^ skey->saferp.K[i][7]) & 255] + skey->saferp.K[i+1][7]) & 255; \
49 b[8] = (safer_ebox[(b[8] ^ skey->saferp.K[i][8]) & 255] + skey->saferp.K[i+1][8]) & 255; \
50 b[9] = safer_lbox[(b[9] + skey->saferp.K[i][9]) & 255] ^ skey->saferp.K[i+1][9]; \
[all …]
|
| /optee_os/core/lib/libtomcrypt/src/ciphers/ |
| H A D | cast5.c | 439 …skey->cast5.K[i++] = S5[GB(z, 0x8)] ^ S6[GB(z, 0x9)] ^ S7[GB(z, 0x7)] ^ S8[GB(z, 0x6)] ^ S5[GB(z, … in s_cast5_setup()
440 …skey->cast5.K[i++] = S5[GB(z, 0xA)] ^ S6[GB(z, 0xB)] ^ S7[GB(z, 0x5)] ^ S8[GB(z, 0x4)] ^ S6[GB(z, … in s_cast5_setup()
441 …skey->cast5.K[i++] = S5[GB(z, 0xC)] ^ S6[GB(z, 0xd)] ^ S7[GB(z, 0x3)] ^ S8[GB(z, 0x2)] ^ S7[GB(z, … in s_cast5_setup()
442 …skey->cast5.K[i++] = S5[GB(z, 0xE)] ^ S6[GB(z, 0xF)] ^ S7[GB(z, 0x1)] ^ S8[GB(z, 0x0)] ^ S8[GB(z, … in s_cast5_setup()
448 …skey->cast5.K[i++] = S5[GB(x, 0x3)] ^ S6[GB(x, 0x2)] ^ S7[GB(x, 0xc)] ^ S8[GB(x, 0xd)] ^ S5[GB(x, … in s_cast5_setup()
449 …skey->cast5.K[i++] = S5[GB(x, 0x1)] ^ S6[GB(x, 0x0)] ^ S7[GB(x, 0xe)] ^ S8[GB(x, 0xf)] ^ S6[GB(x, … in s_cast5_setup()
450 …skey->cast5.K[i++] = S5[GB(x, 0x7)] ^ S6[GB(x, 0x6)] ^ S7[GB(x, 0x8)] ^ S8[GB(x, 0x9)] ^ S7[GB(x, … in s_cast5_setup()
451 …skey->cast5.K[i++] = S5[GB(x, 0x5)] ^ S6[GB(x, 0x4)] ^ S7[GB(x, 0xa)] ^ S8[GB(x, 0xb)] ^ S8[GB(x, … in s_cast5_setup()
458 …skey->cast5.K[i++] = S5[GB(z, 0x3)] ^ S6[GB(z, 0x2)] ^ S7[GB(z, 0xc)] ^ S8[GB(z, 0xd)] ^ S5[GB(z, … in s_cast5_setup()
459 …skey->cast5.K[i++] = S5[GB(z, 0x1)] ^ S6[GB(z, 0x0)] ^ S7[GB(z, 0xe)] ^ S8[GB(z, 0xf)] ^ S6[GB(z, … in s_cast5_setup()
[all …]
|
| H A D | rc5.c | 71 S = skey->rc5.K; in s_rc5_setup()
127 const ulong32 *K; in s_rc5_ecb_encrypt() local
139 A += skey->rc5.K[0]; in s_rc5_ecb_encrypt()
140 B += skey->rc5.K[1]; in s_rc5_ecb_encrypt()
141 K = skey->rc5.K + 2; in s_rc5_ecb_encrypt()
145 A = ROL(A ^ B, B) + K[0]; in s_rc5_ecb_encrypt()
146 B = ROL(B ^ A, A) + K[1]; in s_rc5_ecb_encrypt()
147 A = ROL(A ^ B, B) + K[2]; in s_rc5_ecb_encrypt()
148 B = ROL(B ^ A, A) + K[3]; in s_rc5_ecb_encrypt()
149 K += 4; in s_rc5_ecb_encrypt()
[all …]
|
| H A D | rc6.c | 93 skey->rc6.K[i] = S[i]; in s_rc6_setup()
121 const ulong32 *K; in s_rc6_ecb_encrypt() local
129 b += skey->rc6.K[0]; in s_rc6_ecb_encrypt()
130 d += skey->rc6.K[1]; in s_rc6_ecb_encrypt()
135 a = ROL(a^t,u) + K[0]; \ in s_rc6_ecb_encrypt()
136 c = ROL(c^u,t) + K[1]; K += 2; in s_rc6_ecb_encrypt()
138 K = skey->rc6.K + 2; in s_rc6_ecb_encrypt()
148 a += skey->rc6.K[42]; in s_rc6_ecb_encrypt()
149 c += skey->rc6.K[43]; in s_rc6_ecb_encrypt()
176 const ulong32 *K; in s_rc6_ecb_decrypt() local
[all …]
|
| H A D | kseed.c | 214 skey->kseed.K[2*i+0] = G(k1 + k3 - KCi[i]); in kseed_setup()
215 skey->kseed.K[2*i+1] = G(k2 - k4 + KCi[i]); in kseed_setup()
226 skey->kseed.dK[2*(15-i)+0] = skey->kseed.K[2*i+0]; in kseed_setup()
227 skey->kseed.dK[2*(15-i)+1] = skey->kseed.K[2*i+1]; in kseed_setup()
233 static void rounds(ulong32 *P, const ulong32 *K) in rounds() argument
238 F(P[0], P[1], P[2], P[3], K[0], K[1]); in rounds()
239 F(P[2], P[3], P[0], P[1], K[2], K[3]); in rounds()
240 K += 4; in rounds()
258 rounds(P, skey->kseed.K); in kseed_ecb_encrypt()
|
| H A D | blowfish.c | 317 l ^= skey->blowfish.K[rounds++]; r ^= F(l); in s_blowfish_encipher()
318 r ^= skey->blowfish.K[rounds++]; l ^= F(r); in s_blowfish_encipher()
319 l ^= skey->blowfish.K[rounds++]; r ^= F(l); in s_blowfish_encipher()
320 r ^= skey->blowfish.K[rounds++]; l ^= F(r); in s_blowfish_encipher()
324 l ^= skey->blowfish.K[16]; in s_blowfish_encipher()
325 r ^= skey->blowfish.K[17]; in s_blowfish_encipher()
383 skey->blowfish.K[x] ^= A; in blowfish_expand()
398 skey->blowfish.K[x] = B[0]; in blowfish_expand()
399 skey->blowfish.K[x+1] = B[1]; in blowfish_expand()
462 XMEMCPY(skey->blowfish.K, ORIG_P, sizeof(ORIG_P)); in blowfish_setup_with_data()
[all …]
|
| H A D | xtea.c | 28 ulong32 x, sum, K[4]; in xtea_setup() local
43 LOAD32H(K[0], key+0); in xtea_setup()
44 LOAD32H(K[1], key+4); in xtea_setup()
45 LOAD32H(K[2], key+8); in xtea_setup()
46 LOAD32H(K[3], key+12); in xtea_setup()
49 skey->xtea.A[x] = (sum + K[sum&3]) & 0xFFFFFFFFUL; in xtea_setup()
51 skey->xtea.B[x] = (sum + K[(sum>>11)&3]) & 0xFFFFFFFFUL; in xtea_setup()
55 zeromem(&K, sizeof(K)); in xtea_setup()
|
| /optee_os/core/lib/libtomcrypt/src/hashes/whirl/ |
| H A D | whirl.c | 55 ulong64 K[2][8], T[3][8]; in ss_whirlpool_compress() local
60 K[0][x] = md->whirlpool.state[x]; in ss_whirlpool_compress()
64 T[0][x] ^= K[0][x]; in ss_whirlpool_compress()
72 K[1][y] = theta_pi_gamma(K[0], y); in ss_whirlpool_compress()
75 K[1][0] ^= cont[x]; in ss_whirlpool_compress()
79 T[1][y] = theta_pi_gamma(T[0], y) ^ K[1][y]; in ss_whirlpool_compress()
85 K[0][y] = theta_pi_gamma(K[1], y); in ss_whirlpool_compress()
88 K[0][0] ^= cont[x+1]; in ss_whirlpool_compress()
92 T[0][y] = theta_pi_gamma(T[1], y) ^ K[0][y]; in ss_whirlpool_compress()
|
| /optee_os/core/lib/libtomcrypt/src/mac/xcbc/ |
| H A D | xcbc_init.c | 50 XMEMCPY(xcbc->K[0], key, k1); in xcbc_init()
51 XMEMCPY(xcbc->K[1], key+k1, cipher_descriptor[cipher]->block_length); in xcbc_init()
52 …XMEMCPY(xcbc->K[2], key+k1 + cipher_descriptor[cipher]->block_length, cipher_descriptor[cipher]->b… in xcbc_init()
70 xcbc->K[y][x] = y + 1; in xcbc_init()
72 cipher_descriptor[cipher]->ecb_encrypt(xcbc->K[y], xcbc->K[y], skey); in xcbc_init()
77 err = cipher_descriptor[cipher]->setup(xcbc->K[0], k1, 0, &xcbc->key); in xcbc_init()
|
| H A D | xcbc_test.c | 22 unsigned char K[16], M[34], T[16]; in xcbc_test()
103 …if ((err = xcbc_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK)… in xcbc_test()
|
| /optee_os/core/lib/libtomcrypt/src/encauth/ocb3/ |
| H A D | ocb3_test.c | 177 const unsigned char K[] = { 0x0F,0x0E,0x0D,0x0C,0x0B,0x0A,0x09,0x08, in ocb3_test()
248 K, sizeof(K), in ocb3_test()
262 K, sizeof(K), in ocb3_test()
278 if ((err = ocb3_init(&ocb, idx, K, sizeof(K), N, sizeof(N), 12)) != CRYPT_OK) return err; in ocb3_test()
286 if ((err = ocb3_init(&ocb, idx, K, sizeof(K), N, sizeof(N), 12)) != CRYPT_OK) return err; in ocb3_test()
|
| /optee_os/core/lib/libtomcrypt/src/encauth/ccm/ |
| H A D | ccm_done.c | 31 …if ((err = cipher_descriptor[ccm->cipher]->ecb_encrypt(ccm->PAD, ccm->PAD, &ccm->K)) != CRYPT_OK) { in ccm_done()
40 …if ((err = cipher_descriptor[ccm->cipher]->ecb_encrypt(ccm->ctr, ccm->CTRPAD, &ccm->K)) != CRYPT_O… in ccm_done()
44 cipher_descriptor[ccm->cipher]->done(&ccm->K); in ccm_done()
|
| H A D | ccm_add_aad.c | 32 …if ((err = cipher_descriptor[ccm->cipher]->ecb_encrypt(ccm->PAD, ccm->PAD, &ccm->K)) != CRYPT_OK) { in ccm_add_aad()
43 …if ((err = cipher_descriptor[ccm->cipher]->ecb_encrypt(ccm->PAD, ccm->PAD, &ccm->K)) != CRYPT_OK) { in ccm_add_aad()
|
| /optee_os/core/lib/libtomcrypt/src/ciphers/twofish/ |
| H A D | twofish.c | 399 skey->twofish.K[x+x] = (A + B) & 0xFFFFFFFFUL; in s_twofish_setup()
402 skey->twofish.K[x+x+1] = ROLc(B + B + A, 9); in s_twofish_setup()
490 a ^= skey->twofish.K[0]; in s_twofish_ecb_encrypt()
491 b ^= skey->twofish.K[1]; in s_twofish_ecb_encrypt()
492 c ^= skey->twofish.K[2]; in s_twofish_ecb_encrypt()
493 d ^= skey->twofish.K[3]; in s_twofish_ecb_encrypt()
495 k = skey->twofish.K + 8; in s_twofish_ecb_encrypt()
510 ta = c ^ skey->twofish.K[4]; in s_twofish_ecb_encrypt()
511 tb = d ^ skey->twofish.K[5]; in s_twofish_ecb_encrypt()
512 tc = a ^ skey->twofish.K[6]; in s_twofish_ecb_encrypt()
[all …]
|
| /optee_os/core/lib/libtomcrypt/src/prngs/ |
| H A D | fortuna.c | 128 if ((err = sha256_process(&md, prng->u.fortuna.K, 32)) != CRYPT_OK) { in s_fortuna_reseed()
158 if ((err = sha256_done(&md, prng->u.fortuna.K)) != CRYPT_OK) { in s_fortuna_reseed()
161 if ((err = AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) { in s_fortuna_reseed()
201 if ((err = sha256_process(&md, prng->u.fortuna.K, 32)) != CRYPT_OK) { in fortuna_update_seed()
210 if ((err = sha256_done(&md, prng->u.fortuna.K)) != CRYPT_OK) { in fortuna_update_seed()
250 zeromem(prng->u.fortuna.K, 32); in fortuna_start()
251 if ((err = AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) { in fortuna_start()
424 AES_ENC(prng->u.fortuna.IV, prng->u.fortuna.K , &prng->u.fortuna.skey); in fortuna_read()
427 AES_ENC(prng->u.fortuna.IV, prng->u.fortuna.K+16, &prng->u.fortuna.skey); in fortuna_read()
430 if (AES_SETUP(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey) != CRYPT_OK) { in fortuna_read()
|
| /optee_os/core/lib/libtomcrypt/src/encauth/gcm/ |
| H A D | gcm_test.c | 22 unsigned char K[32]; in gcm_test()
335 if ((err = gcm_init(&gcm, idx, tests[0].K, tests[0].keylen)) != CRYPT_OK) return err; in gcm_test()
343 if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen, in gcm_test()
361 if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen, in gcm_test()
|
| H A D | gcm_process.c | 67 … if ((err = cipher_descriptor[gcm->cipher]->ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) { in gcm_process()
96 … if ((err = cipher_descriptor[gcm->cipher]->ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) { in gcm_process()
114 … if ((err = cipher_descriptor[gcm->cipher]->ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) { in gcm_process()
132 … if ((err = cipher_descriptor[gcm->cipher]->ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) { in gcm_process()
|
| /optee_os/core/lib/libtomcrypt/src/mac/f9/ |
| H A D | f9_test.c | 22 unsigned char K[16], M[128], T[4]; in f9_test()
53 … if ((err = f9_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) { in f9_test()
|
| /optee_os/core/lib/libtomcrypt/src/mac/pelican/ |
| H A D | pelican.c | 37 if ((err = aes_setup(key, keylen, 0, &pelmac->K)) != CRYPT_OK) { in pelican_init()
42 aes_ecb_encrypt(pelmac->state, pelmac->state, &pelmac->K); in pelican_init()
149 aes_ecb_encrypt(pelmac->state, out, &pelmac->K); in pelican_done()
150 aes_done(&pelmac->K); in pelican_done()
|
| H A D | pelican_test.c | 18 unsigned char K[32], MSG[64], T[16]; in pelican_test()
84 if ((err = pelican_init(&pel, tests[x].K, tests[x].keylen)) != CRYPT_OK) { in pelican_test()
|