/* **************** * * PUBLIC FUNCTIONS * * **************** * */ int ocb3_aes_encrypt(ocb_aes_t *ctx, const char *in, int inl, const char *plain, int plainl, char *out, char *tag) { char checksum[AES_BLOCK_SIZE] = {0}; char keyvar[AES_BLOCK_SIZE] = {0}; char offset[AES_BLOCK_SIZE] = {0}; keyvar_init(ctx->key, keyvar); offset_init(ctx, offset); int log2 = ntz(0); int i; for (i = 0; i < inl / AES_BLOCK_SIZE; i++) { uchar *pout = out + (i * AES_BLOCK_SIZE); const uchar *pin = in + (i * AES_BLOCK_SIZE); // See if we need to bump the offset int log2_next = ntz(i); if (log2_next > log2) { char double_temp[AES_BLOCK_SIZE]; double_block(keyvar, double_temp); cpy_block(keyvar, double_temp); log2 = log2_next; } // Encrypt this block ocb3_encrypt_block(ctx, pin, keyvar, pout, offset, checksum); } ocb3_encrypt_block_final(ctx, i, inl - (i * AES_BLOCK_SIZE), in, out, offset, checksum, plain, plainl, tag); return 0; }
static void ocb3_hash_plaintext(ocb_aes_t *ctx, const char *plaintext, int plaintextl, char *sum) { char keyvar[AES_BLOCK_SIZE]; char offset[AES_BLOCK_SIZE] = {0}; keyvar_init(ctx->key, keyvar); memset(sum, 0, AES_BLOCK_SIZE); int i; int log2 = ntz(0); for (i = 0; i < (plaintextl - (plaintextl % AES_BLOCK_SIZE)); i += AES_BLOCK_SIZE) { int log2_next = ntz(i); if (ntz(i) > log2) { // double it char double_temp[AES_BLOCK_SIZE]; double_block(keyvar, double_temp); cpy_block(keyvar, double_temp); log2 = log2_next; } ocb3_hash_block(ctx, plaintext + i, sum, offset, keyvar); } if (i < plaintextl) { ocb3_hash_block_final(ctx, plaintext, plaintextl - i, sum, offset, keyvar); } }
static inline int pntz(size_t p[2]) { int r = ntz(p[0] - 1); if(r != 0 || (r = 8*sizeof(size_t) + ntz(p[1])) != 8*sizeof(size_t)) { return r; } return 0; }
/*static*/ int analyze(FILE * fp) { Elf32_Ehdr elf_header; int size_section_header_entry; ops(1, fread(&elf_header, sizeof(elf_header), 1, fp), "cannot read elf_header"); printf("section header table = %x\nnum entries = %d\nent size = %d\n", elf_header.e_shoff, elf_header.e_shnum, elf_header.e_shentsize); ntz(!sek(fp, elf_header.e_shoff), "cannot seek to section-header-table"); read_string_table(fp, &elf_header); ntz(!sek(fp, elf_header.e_shoff), "cannot seek to section-header-table"); show_section_header_table(fp, &elf_header); }
inline void CaseIterator::fast_next() { /* G4: * if (parity_n+1 == 0) set j <- ntz(k) * ntz() does the same as the ruler function p(k) in eq. 7.1-(00) */ //fprintf(stderr, "ntz(k=%016x) <= %d\n", k, ntz(k)); j = ntz(k) & (parity); /* G3: invert parity */ /* we need the inverted value of parity for the fast calculation * of j, so we swapped the two steps. Note that the following * precondition holds, after G4 and G3: * if (parity == 0) { j = ntz(k); } */ parity ^= (unsigned int) -1; /* G5 */ //fprintf(stderr, "p=%d, k = 0x%08x, j = %d\n", parity, k, j); /* G2: visit */ //fprintf(stderr, "inverting at index %d\n", changeable_characters[j]); //assert(j < changeable_characters.size()); word.toggle_case(changeable_characters[j]); --k; }
void add_ipv4_entry(struct route_table *rt, struct route_entry_v4 *e) { patricia_node_t *node; uint32_t ip = htonl(e->ip); int bitlen = 32 - ntz(e->netmask); prefix_t *pref = New_Prefix(AF_INET, &ip, bitlen); node = patricia_lookup (rt->ipv4_table, pref); Deref_Prefix (pref); node->data = (void*) e; }
static void read_string_table(FILE * fp, Elf32_Ehdr * elf_header) { Elf32_Shdr tblnames; int ofs = elf_header->e_shoff + elf_header->e_shentsize * elf_header->e_shstrndx; notz(!sek(fp, ofs), "ofs = %d\n", ofs); oops(1, fread(&tblnames, sizeof(tblnames), 1, fp), "ofs = %d; e_shoff = %d; e_shentsize = %d; shstrndx = %d\n", ofs, elf_header->e_shoff, elf_header->e_shentsize, elf_header->e_shstrndx); notz(string_table = (char*) malloc(tblnames.sh_size), "need memory %d\n", tblnames.sh_size); ntz(!sek(fp, tblnames.sh_offset), ""); ops(1, fread(string_table, tblnames.sh_size, 1, fp), ""); }
/* Under the 16-byte (128-bit) key at k and the 12-byte (96-bit) nonce at n, encrypt the plaintext at p and store it at c. The length of the plaintext is a multiple of 16 bytes given at len (e.g., len = 2 for a 32-byte p). The length of the ciphertext c is (len+1)*16 bytes. */ void aes128ocb(unsigned char *c, const unsigned char *k, const unsigned char *n, const unsigned char *p, const unsigned int len) { /* Array of zeros for use with aes128e */ unsigned char zeros[16]; int i; for (i = 0; i < 16; ++i) { zeros[i] = 0x00; } unsigned char l[16]; unsigned char l_dollar[16]; aes128e(l, zeros, k); /* Now l is l_star */ doubleB(l, 16); /* Now l is l_dollar */ /* We keep l_dollar for using it for calculate the tag */ for (i = 0; i < 16; ++i) { l_dollar[i] = l[i]; } doubleB(l, 16); /* Now l is l_0 */ /* m = bitlen(P)/128 */ unsigned int m = ((16*len)*8)/128; /* numL is the maximum value of trailing zeros for the given size m */ unsigned int numL = msb(m) + 1; /* ls is the array of all the l_i arrays */ unsigned char ls[numL][16]; int a; for (a = 0; a < numL; ++a) { for (i = 0; i < 16; ++i) { ls[a][i] = l[i]; } doubleB(l, 16); } /* Addition of 0x00000001 to the nonce */ unsigned char nonce[20]; nonce[0] = nonce[1] = nonce[2] = 0x00; nonce[3] = 0x01; a = 0; for (i = 4; i < 20; ++i) { nonce[i] = n[a]; ++a; } /* Bottom is the integer value of the last 6 bits of nonce */ unsigned int bottom = nonce[15]&0x3F; /* Temporal array for aes128e with last 6 bits of nonce to zero */ unsigned char top[16]; for (i = 0; i < 16; ++i) { top[i] = nonce[i]; } top[15] = nonce[15]&0xC0; /* Calculation of ktop using the block cipher */ unsigned char ktop[16]; aes128e(ktop, top, k); /* Stretch is ktop concatenated with the xor of the bits 1...64 and 9...72 of ktop */ unsigned char stretch[24]; for (i = 0; i < 16; ++i) { stretch[i] = ktop[i]; } a = 0; for (i = 16; i < 24; ++i) { stretch[i] = (ktop[a] ^ ktop[a + 1]); ++a; } /* Array of the m offset arrays */ unsigned char offset[m][16]; /* Array of the m checksum arrays */ unsigned char checksum[m][16]; /* Temporal array for get stretch[1 + bottom...128 + bottom] */ unsigned char tempS[24]; for (i = 0; i < 24; ++i) { tempS[i] = stretch[i]; } /* Shifting of stretch bottom times to the left */ for (i = 0; i < bottom; ++i) { shiftB(tempS, 24); } /* Copy of temp array to offset and inicialization of checksum */ for (i = 0; i < 16; ++i) { offset[0][i] = tempS[i]; checksum[0][i] = 0x00; } /* Temporal arrays for use them with aes128 as plaintext and ciphertext */ unsigned char temp1[16]; unsigned char temp2[16]; int ntzV; /* Counters */ int countP1 = 0; int countP2 = 0; int countC = 0; /* Loop over the m blocks */ for (i = 1; i <= m; ++i) { /* Number of trailing zeros in i */ ntzV = ntz(i); /* Calculation of the offset_i with xor betwen offset_{i-1} and l_{ntz(i)} */ for (a = 0; a < 16; ++a) { offset[i][a] = offset[i - 1][a] ^ ls[ntzV][a]; } /* Calculation of xor betwen p_i and offset_i for use it in aes128 */ for (a = 0; a < 16; ++a) { temp1[a] = (p[countP1] ^ offset[i][a]); ++countP1; } aes128e(temp2, temp1, k); /* Calculation of c_i with xor betwen offset_i and result of aes128 */ for (a = 0; a < 16; ++a) { c[countC] = offset[i][a] ^ temp2[a]; ++countC; } /* Calculation of checksum_i with the xor betwen checksum_{i-1} and p_i */ for (a = 0; a < 16; ++a) { checksum[i][a] = checksum[i - 1][a] ^ p[countP2]; ++countP2; } } unsigned char tag[16]; unsigned char tempTag[16]; /* Calculation of the xor betwen checksum_m, offset_m and l_dollar for use it in aes128 to calculate the tag */ int w; for (w = 0; w < 16; ++w) { tempTag[w] = ((l_dollar[w] ^ offset[m][w]) ^ checksum[m][w]); } aes128e(tag, tempTag, k); /* Concatenation of the tag at the end of the ciphertext. 16*m is the current lenght of the cipher lenght and 16*m +16 is the total lenght */ int countTag = 0; for (a = 16*m; a < (16*m + 16); ++a) { c[a] = tag[countTag]; ++countTag; } }