/*
 * hashes.c
 * --------
 * HAL interface to Cryptech hash cores.
 *
 * Authors: Joachim Strömbergson, Paul Selkirk, Rob Austein
 * Copyright (c) 2014-2015, NORDUnet A/S
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * - Redistributions of source code must retain the above copyright notice,
 *   this list of conditions and the following disclaimer.
 *
 * - Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in the
 *   documentation and/or other materials provided with the distribution.
 *
 * - Neither the name of the NORDUnet nor the names of its contributors may
 *   be used to endorse or promote products derived from this software
 *   without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <assert.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>

#include "hal.h"
#include "verilog_constants.h"

/*
 * HMAC magic numbers.
 */

#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c

/*
 * Driver.  This encapsulates whatever per-algorithm voodoo we need
 * this week.  At the moment, this is mostly Cryptech core addresses,
 * but this is subject to change without notice.
 */

struct hal_hash_driver {
  size_t length_length;                 /* Length of the length field */
  hal_addr_t block_addr;  		/* Where to write hash blocks */
  hal_addr_t digest_addr;               /* Where to read digest */
  uint8_t ctrl_mode;                    /* Digest mode, for cores that have modes */
};

/*
 * Hash state.  For now we assume that the only core state we need to
 * save and restore is the current digest value.
 */

struct hal_hash_state {
  const hal_core_t *core;
  const hal_hash_descriptor_t *descriptor;
  const hal_hash_driver_t *driver;
  uint64_t msg_length_high;                     /* Total data hashed in this message */
  uint64_t msg_length_low;                      /* (128 bits in SHA-512 cases) */
  uint8_t block[HAL_MAX_HASH_BLOCK_LENGTH],     /* Block we're accumulating */
    core_state[HAL_MAX_HASH_DIGEST_LENGTH];     /* Saved core state */
  size_t block_used;                            /* How much of the block we've used */
  unsigned block_count;                         /* Blocks sent */
  unsigned flags;
};

#define STATE_FLAG_STATE_ALLOCATED 0x1          /* State buffer dynamically allocated */

/*
 * HMAC state.  Right now this just holds the key block and a hash
 * context; if and when we figure out how PCLSR the hash cores, we
 * might want to save a lot more than that, and may also want to
 * reorder certain operations during HMAC initialization to get a
 * performance boost for things like PBKDF2.
 */

struct hal_hmac_state {
  hal_hash_state_t hash_state;               /* Hash state */
  uint8_t keybuf[HAL_MAX_HASH_BLOCK_LENGTH]; /* HMAC key */
};

/*
 * Drivers for known digest algorithms.
 */

static const hal_hash_driver_t sha1_driver = {
  SHA1_LENGTH_LEN, SHA1_ADDR_BLOCK, SHA1_ADDR_DIGEST, 0
};

static const hal_hash_driver_t sha256_driver = {
  SHA256_LENGTH_LEN, SHA256_ADDR_BLOCK, SHA256_ADDR_DIGEST, 0
};

static const hal_hash_driver_t sha512_224_driver = {
  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512_224
};

static const hal_hash_driver_t sha512_256_driver = {
  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512_256
};

static const hal_hash_driver_t sha384_driver = {
  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_384
};

static const hal_hash_driver_t sha512_driver = {
  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512
};

/*
 * Digest algorithm identifiers: DER encoded full TLV of an
 * DigestAlgorithmIdentifier SEQUENCE including OID for the algorithm in
 * question and a NULL parameters value.
 *
 * See RFC 2313 and the NIST algorithm registry:
 * http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
 *
 * The DER encoding is too complex to generate in the C preprocessor,
 * and we want these as compile-time constants, so we just supply the
 * raw hex encoding here.  If this gets seriously out of control we'll
 * write a script to generate a header file we can include.
 */

static const uint8_t
  dalgid_sha1[]       = { 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00 },
  dalgid_sha256[]     = { 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00 },
  dalgid_sha384[]     = { 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00 },
  dalgid_sha512[]     = { 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00 },
  dalgid_sha512_224[] = { 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x05, 0x05, 0x00 },
  dalgid_sha512_256[] = { 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x06, 0x05, 0x00 };

/*
 * Descriptors.  Yes, the {hash,hmac}_state_length fields are a bit
 * repetitive given that they (currently) have the same value
 * regardless of algorithm, but we don't want to wire in that
 * assumption, so it's simplest to be explicit.
 */

const hal_hash_descriptor_t hal_hash_sha1[1] = {{
  hal_digest_algorithm_sha1,
  SHA1_BLOCK_LEN, SHA1_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha1, sizeof(dalgid_sha1),
  &sha1_driver, SHA1_NAME, 0
}};

const hal_hash_descriptor_t hal_hash_sha256[1] = {{
  hal_digest_algorithm_sha256,
  SHA256_BLOCK_LEN, SHA256_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha256, sizeof(dalgid_sha256),
  &sha256_driver, SHA256_NAME, 1
}};

const hal_hash_descriptor_t hal_hash_sha512_224[1] = {{
  hal_digest_algorithm_sha512_224,
  SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha512_224, sizeof(dalgid_sha512_224),
  &sha512_224_driver, SHA512_NAME, 0
}};

const hal_hash_descriptor_t hal_hash_sha512_256[1] = {{
  hal_digest_algorithm_sha512_256,
  SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha512_256, sizeof(dalgid_sha512_256),
  &sha512_256_driver, SHA512_NAME, 0
}};

const hal_hash_descriptor_t hal_hash_sha384[1] = {{
  hal_digest_algorithm_sha384,
  SHA512_BLOCK_LEN, SHA384_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha384, sizeof(dalgid_sha384),
  &sha384_driver, SHA512_NAME, 0
}};

const hal_hash_descriptor_t hal_hash_sha512[1] = {{
  hal_digest_algorithm_sha512,
  SHA512_BLOCK_LEN, SHA512_DIGEST_LEN,
  sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
  dalgid_sha512, sizeof(dalgid_sha512),
  &sha512_driver, SHA512_NAME, 0
}};

/*
 * Static state blocks.  This library is intended for a style of
 * embedded programming in which one avoids heap-based allocation
 * functions such as malloc() wherever possible and instead uses
 * static variables when just allocating on the stack won't do.
 *
 * The number of each kind of state block to be allocated this way
 * must be configured at compile-time.  Sorry, that's life in the
 * deeply embedded universe.
 */

#ifndef	HAL_STATIC_HASH_STATE_BLOCKS
#define	HAL_STATIC_HASH_STATE_BLOCKS 0
#endif

#ifndef	HAL_STATIC_HMAC_STATE_BLOCKS
#define	HAL_STATIC_HMAC_STATE_BLOCKS 0
#endif

#if HAL_STATIC_HASH_STATE_BLOCKS > 0
static hal_hash_state_t static_hash_state[HAL_STATIC_HASH_STATE_BLOCKS];
#endif

#if HAL_STATIC_HMAC_STATE_BLOCKS > 0
static hal_hmac_state_t static_hmac_state[HAL_STATIC_HMAC_STATE_BLOCKS];
#endif

/*
 * Debugging control.
 */

static int debug = 0;

void hal_hash_set_debug(int onoff)
{
  debug = onoff;
}

/*
 * Internal utilities to allocate static state blocks.
 */

static inline hal_hash_state_t *alloc_static_hash_state(void)
{

#if HAL_STATIC_HASH_STATE_BLOCKS > 0

  for (int i = 0; i < sizeof(static_hash_state)/sizeof(*static_hash_state); i++)
    if ((static_hash_state[i].flags & STATE_FLAG_STATE_ALLOCATED) == 0)
      return &static_hash_state[i];

#endif  

  return NULL;
}

static inline hal_hmac_state_t *alloc_static_hmac_state(void)
{

#if HAL_STATIC_HMAC_STATE_BLOCKS > 0

  for (int i = 0; i < sizeof(static_hmac_state)/sizeof(*static_hmac_state); i++)
    if ((static_hmac_state[i].hash_state.flags & STATE_FLAG_STATE_ALLOCATED) == 0)
      return &static_hmac_state[i];

#endif  

  return NULL;
}

/*
 * Internal utility to do whatever checking we need of a descriptor,
 * then extract the driver pointer in a way that works nicely with
 * initialization of an automatic const pointer.
 *
 * Returns the driver pointer on success, NULL on failure.
 */

static inline const hal_hash_driver_t *check_driver(const hal_hash_descriptor_t * const descriptor)
{
  return descriptor == NULL ? NULL : descriptor->driver;
}

/*
 * Internal utility to check core against descriptor, including
 * attempting to locate an appropriate core if we weren't given one.
 */

static inline hal_error_t check_core(const hal_core_t **core,
                                     const hal_hash_descriptor_t * const descriptor)
{
  assert(descriptor != NULL && descriptor->driver != NULL);
  return hal_core_check_name(core, descriptor->core_name);
}

/*
 * Initialize hash state.
 */

hal_error_t hal_hash_initialize(const hal_core_t *core,
                                const hal_hash_descriptor_t * const descriptor,
                                hal_hash_state_t **state_,
                                void *state_buffer, const size_t state_length)
{
  const hal_hash_driver_t * const driver = check_driver(descriptor);
  hal_hash_state_t *state = state_buffer;
  hal_error_t err;

  if (driver == NULL || state_ == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  if (state_buffer != NULL && state_length < descriptor->hash_state_length)
    return HAL_ERROR_BAD_ARGUMENTS;

  if ((err = check_core(&core, descriptor)) != HAL_OK)
    return err;

  if (state_buffer == NULL && (state = alloc_static_hash_state()) == NULL)
      return HAL_ERROR_ALLOCATION_FAILURE;

  memset(state, 0, sizeof(*state));
  state->descriptor = descriptor;
  state->driver = driver;
  state->core = core;
    
  if (state_buffer == NULL)
    state->flags |= STATE_FLAG_STATE_ALLOCATED;

  *state_ = state;

  return HAL_OK;
}

/*
 * Clean up hash state.  No-op unless memory was dynamically allocated.
 */

void hal_hash_cleanup(hal_hash_state_t **state_)
{
  if (state_ == NULL)
    return;

  hal_hash_state_t *state = *state_;

  if (state == NULL || (state->flags & STATE_FLAG_STATE_ALLOCATED) == 0)
    return;

  memset(state, 0, state->descriptor->hash_state_length);
  *state_ = NULL;
}

/*
 * Read hash result from core.  At least for now, this also serves to
 * read current hash state from core.
 */

static hal_error_t hash_read_digest(const hal_core_t *core,
                                    const hal_hash_driver_t * const driver,
                                    uint8_t *digest,
                                    const size_t digest_length)
{
  hal_error_t err;

  assert(digest != NULL && digest_length % 4 == 0);

  if ((err = hal_io_wait_valid(core)) != HAL_OK)
    return err;

  return hal_io_read(core, driver->digest_addr, digest, digest_length);
}

/*
 * Write hash state back to core.
 */

static hal_error_t hash_write_digest(const hal_core_t *core,
                                     const hal_hash_driver_t * const driver,
                                     const uint8_t * const digest,
                                     const size_t digest_length)
{
  hal_error_t err;

  assert(digest != NULL && digest_length % 4 == 0);

  if ((err = hal_io_wait_ready(core)) != HAL_OK)
    return err;

  return hal_io_write(core, driver->digest_addr, digest, digest_length);
}

/*
 * Send one block to a core.
 */

static hal_error_t hash_write_block(hal_hash_state_t * const state)
{
  uint8_t ctrl_cmd[4];
  hal_error_t err;

  assert(state != NULL && state->descriptor != NULL && state->driver != NULL);
  assert(state->descriptor->block_length % 4 == 0);

  assert(state->descriptor->digest_length <= sizeof(state->core_state) ||
         !state->descriptor->can_restore_state);

  if (debug)
    fprintf(stderr, "[ %s ]\n", state->block_count == 0 ? "init" : "next");

  if ((err = hal_io_wait_ready(state->core)) != HAL_OK)
    return err;

  if (state->descriptor->can_restore_state &&
      state->block_count != 0 &&
      (err = hash_write_digest(state->core, state->driver, state->core_state,
                               state->descriptor->digest_length)) != HAL_OK)
    return err;

  if ((err = hal_io_write(state->core, state->driver->block_addr, state->block,
                          state->descriptor->block_length)) != HAL_OK)
    return err;

  ctrl_cmd[0] = ctrl_cmd[1] = ctrl_cmd[2] = 0;
  ctrl_cmd[3] = state->block_count == 0 ? CTRL_INIT : CTRL_NEXT;
  ctrl_cmd[3] |= state->driver->ctrl_mode;

  if ((err = hal_io_write(state->core, ADDR_CTRL, ctrl_cmd, sizeof(ctrl_cmd))) != HAL_OK)
    return err;

  if (state->descriptor->can_restore_state &&
      (err = hash_read_digest(state->core, state->driver, state->core_state,
                              state->descriptor->digest_length)) != HAL_OK)
    return err;

  return hal_io_wait_valid(state->core);
}

/*
 * Add data to hash.
 */

hal_error_t hal_hash_update(hal_hash_state_t *state,            /* Opaque state block */
                            const uint8_t * const data_buffer,  /* Data to be hashed */
                            size_t data_buffer_length)          /* Length of data_buffer */
{
  const uint8_t *p = data_buffer;
  hal_error_t err;
  size_t n;

  if (state == NULL || data_buffer == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  if (data_buffer_length == 0)
    return HAL_OK;

  assert(state->descriptor != NULL && state->driver != NULL);
  assert(state->descriptor->block_length <= sizeof(state->block));

  while ((n = state->descriptor->block_length - state->block_used) <= data_buffer_length) {
    /*
     * We have enough data for another complete block.
     */
    if (debug)
      fprintf(stderr, "[ Full block, data_buffer_length %lu, used %lu, n %lu, msg_length %llu ]\n",
              (unsigned long) data_buffer_length, (unsigned long) state->block_used, (unsigned long) n, state->msg_length_low);
    memcpy(state->block + state->block_used, p, n);
    if ((state->msg_length_low += n) < n)
      state->msg_length_high++;
    state->block_used = 0;
    data_buffer_length -= n;
    p += n;
    if ((err = hash_write_block(state)) != HAL_OK)
      return err;
    state->block_count++;
  }

  if (data_buffer_length > 0) {
    /*
     * Data left over, but not enough for a full block, stash it.
     */
    if (debug)
      fprintf(stderr, "[ Partial block, data_buffer_length %lu, used %lu, n %lu, msg_length %llu ]\n",
              (unsigned long) data_buffer_length, (unsigned long) state->block_used, (unsigned long) n, state->msg_length_low);
    assert(data_buffer_length < n);
    memcpy(state->block + state->block_used, p, data_buffer_length);
    if ((state->msg_length_low += data_buffer_length) < data_buffer_length)
      state->msg_length_high++;
    state->block_used += data_buffer_length;
  }

  return HAL_OK;
}

/*
 * Finish hash and return digest.
 */

hal_error_t hal_hash_finalize(hal_hash_state_t *state,            	/* Opaque state block */
                              uint8_t *digest_buffer,                   /* Returned digest */
                              const size_t digest_buffer_length)        /* Length of digest_buffer */
{
  uint64_t bit_length_high, bit_length_low;
  hal_error_t err;
  uint8_t *p;
  size_t n;
  int i;

  if (state == NULL || digest_buffer == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  assert(state->descriptor != NULL && state->driver != NULL);

  if (digest_buffer_length < state->descriptor->digest_length)
    return HAL_ERROR_BAD_ARGUMENTS;

  assert(state->descriptor->block_length <= sizeof(state->block));

  /*
   * Add padding, then pull result from the core
   */

  bit_length_low  = (state->msg_length_low  << 3);
  bit_length_high = (state->msg_length_high << 3) | (state->msg_length_low >> 61);

  /* Initial pad byte */
  assert(state->block_used < state->descriptor->block_length);
  state->block[state->block_used++] = 0x80;

  /* If not enough room for bit count, zero and push current block */
  if ((n = state->descriptor->block_length - state->block_used) < state->driver->length_length) {
    if (debug)
      fprintf(stderr, "[ Overflow block, used %lu, n %lu, msg_length %llu ]\n",
              (unsigned long) state->block_used, (unsigned long) n, state->msg_length_low);
    if (n > 0)
      memset(state->block + state->block_used, 0, n);
    if ((err = hash_write_block(state)) != HAL_OK)
      return err;
    state->block_count++;
    state->block_used = 0;
  }

  /* Pad final block */
  n = state->descriptor->block_length - state->block_used;
  assert(n >= state->driver->length_length);
  if (n > 0)
    memset(state->block + state->block_used, 0, n);
  if (debug)
    fprintf(stderr, "[ Final block, used %lu, n %lu, msg_length %llu ]\n",
            (unsigned long) state->block_used, (unsigned long) n, state->msg_length_low);
  p = state->block + state->descriptor->block_length;
  for (i = 0; (bit_length_low || bit_length_high) && i < state->driver->length_length; i++) {
    *--p = (uint8_t) (bit_length_low & 0xFF);
    bit_length_low >>= 8;
    if (bit_length_high) {
      bit_length_low |= ((bit_length_high & 0xFF) << 56);
      bit_length_high >>= 8;
    }
  }

  /* Push final block */
  if ((err = hash_write_block(state)) != HAL_OK)
    return err;
  state->block_count++;

  /* All data pushed to core, now we just need to read back the result */
  if ((err = hash_read_digest(state->core, state->driver, digest_buffer, state->descriptor->digest_length)) != HAL_OK)
    return err;

  return HAL_OK;
}

/*
 * Initialize HMAC state.
 */

hal_error_t hal_hmac_initialize(const hal_core_t *core,
                                const hal_hash_descriptor_t * const descriptor,
                                hal_hmac_state_t **state_,
                                void *state_buffer, const size_t state_length,
                                const uint8_t * const key, const size_t key_length)
{
  const hal_hash_driver_t * const driver = check_driver(descriptor);
  hal_hmac_state_t *state = state_buffer;
  hal_error_t err;
  int i;

  if (descriptor == NULL || driver == NULL || state_ == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  if (state_buffer != NULL && state_length < descriptor->hmac_state_length)
    return HAL_ERROR_BAD_ARGUMENTS;

  if ((err = check_core(&core, descriptor)) != HAL_OK)
    return err;

  if (state_buffer == NULL && (state = alloc_static_hmac_state()) == NULL)
    return HAL_ERROR_ALLOCATION_FAILURE;

  hal_hash_state_t *h = &state->hash_state;

  assert(descriptor->block_length <= sizeof(state->keybuf));

#if 0
  /*
   * RFC 2104 frowns upon keys shorter than the digest length.
   * ... but most of the test vectors fail this test!
   */

  if (key_length < descriptor->digest_length)
    return HAL_ERROR_UNSUPPORTED_KEY;
#endif

  if ((err = hal_hash_initialize(core, descriptor, &h, &state->hash_state,
                                 sizeof(state->hash_state))) != HAL_OK)
    goto fail;

  if (state_buffer == NULL)
    h->flags |= STATE_FLAG_STATE_ALLOCATED;

  /*
   * If the supplied HMAC key is longer than the hash block length, we
   * need to hash the supplied HMAC key to get the real HMAC key.
   * Otherwise, we just use the supplied HMAC key directly.
   */

  memset(state->keybuf, 0, sizeof(state->keybuf));

  if (key_length <= descriptor->block_length)
    memcpy(state->keybuf, key, key_length);

  else if ((err = hal_hash_update(h, key, key_length))                         != HAL_OK ||
           (err = hal_hash_finalize(h, state->keybuf, sizeof(state->keybuf)))  != HAL_OK ||
           (err = hal_hash_initialize(core, descriptor, &h, &state->hash_state,
                                      sizeof(state->hash_state)))              != HAL_OK)
    goto fail;

  /*
   * XOR the key with the IPAD value, then start the inner hash.
   */

  for (i = 0; i < descriptor->block_length; i++)
    state->keybuf[i] ^= HMAC_IPAD;

  if ((err = hal_hash_update(h, state->keybuf, descriptor->block_length)) != HAL_OK)
    goto fail;

  /*
   * Prepare the key for the final hash.  Since we just XORed key with
   * IPAD, we need to XOR with both IPAD and OPAD to get key XOR OPAD.
   */

  for (i = 0; i < descriptor->block_length; i++)
    state->keybuf[i] ^= HMAC_IPAD ^ HMAC_OPAD;

  /*
   * If we had some good way of saving all of our state (including
   * state internal to the hash core), this would be a good place to
   * do it, since it might speed up algorithms like PBKDF2 which do
   * repeated HMAC operations using the same key.  Revisit this if and
   * when the hash cores support such a thing.
   */

  *state_ = state;

  return HAL_OK;

 fail:
  if (state_buffer == NULL)
    free(state);
  return err;
}

/*
 * Clean up HMAC state.  No-op unless memory was dynamically allocated.
 */

void hal_hmac_cleanup(hal_hmac_state_t **state_)
{
  if (state_ == NULL)
    return;

  hal_hmac_state_t *state = *state_;

  if (state == NULL)
    return;

  hal_hash_state_t *h = &state->hash_state;

  if ((h->flags & STATE_FLAG_STATE_ALLOCATED) == 0)
    return;

  memset(state, 0, h->descriptor->hmac_state_length);
  *state_ = NULL;
}

/*
 * Add data to HMAC.
 */

hal_error_t hal_hmac_update(hal_hmac_state_t *state,
                            const uint8_t * data, const size_t length)
{
  if (state == NULL || data == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  return hal_hash_update(&state->hash_state, data, length);
}

/*
 * Finish and return HMAC.
 */

hal_error_t hal_hmac_finalize(hal_hmac_state_t *state,
                              uint8_t *hmac, const size_t length)
{
  if (state == NULL || hmac == NULL)
    return HAL_ERROR_BAD_ARGUMENTS;

  hal_hash_state_t *h = &state->hash_state;
  const hal_hash_descriptor_t *descriptor = h->descriptor;
  uint8_t d[HAL_MAX_HASH_DIGEST_LENGTH];
  hal_error_t err;

  assert(descriptor != NULL && descriptor->digest_length <= sizeof(d));

  /*
   * Finish up inner hash and extract digest, then perform outer hash
   * to get HMAC.  Key was prepared for this in hal_hmac_initialize().
   */

  if ((err = hal_hash_finalize(h, d, sizeof(d)))                           != HAL_OK ||
      (err = hal_hash_initialize(h->core, descriptor, &h, &state->hash_state,
                                 sizeof(state->hash_state)))               != HAL_OK ||
      (err = hal_hash_update(h, state->keybuf, descriptor->block_length))  != HAL_OK ||
      (err = hal_hash_update(h, d, descriptor->digest_length))             != HAL_OK ||
      (err = hal_hash_finalize(h, hmac, length))                           != HAL_OK)
    return err;

  return HAL_OK;
}

/*
 * Pull descriptor pointer from state block.
 */

const hal_hash_descriptor_t *hal_hash_get_descriptor(const hal_hash_state_t * const state)
{
  return state == NULL ? NULL : state->descriptor;
}

const hal_hash_descriptor_t *hal_hmac_get_descriptor(const hal_hmac_state_t * const state)
{
  return state == NULL ? NULL : state->hash_state.descriptor;
}

/*
 * "Any programmer who fails to comply with the standard naming, formatting,
 *  or commenting conventions should be shot.  If it so happens that it is
 *  inconvenient to shoot him, then he is to be politely requested to recode
 *  his program in adherence to the above standard."
 *                      -- Michael Spier, Digital Equipment Corporation
 *
 * Local variables:
 * indent-tabs-mode: nil
 * End:
 */
7 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400

Add round-trip test for DER I/O code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=3e679aac06a271858a8d82c89db5f1b1e79dda34'>3e679aa</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-02 18:35:36 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-02 18:35:36 -0400

Clean up excessively complicated handling of opaque types in hash and' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=12ed3abeb24bbd5d59b760640a35ead0874fd3fe'>12ed3ab</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 18:44:40 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 18:44:40 -0400

Supply public exponent as bigendian byte string rather than unsigned' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=a615b134c498f8d88e0dab047f40c7096a2f9e03'>a615b13</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400

Add round-trip test for DER I/O code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=3e679aac06a271858a8d82c89db5f1b1e79dda34'>3e679aa</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400

Add round-trip test for DER I/O code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=3e679aac06a271858a8d82c89db5f1b1e79dda34'>3e679aa</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>



</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500

First round of fixes for new ASN.1 and test code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8c427a7b537a35d6685fb8a95e9b64732d6b4c49'>8c427a7</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>




</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500

First round of fixes for new ASN.1 and test code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8c427a7b537a35d6685fb8a95e9b64732d6b4c49'>8c427a7</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>





</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500

First round of fixes for new ASN.1 and test code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8c427a7b537a35d6685fb8a95e9b64732d6b4c49'>8c427a7</a></span>








</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>

















</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-23 01:59:40 -0500

First round of fixes for new ASN.1 and test code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8c427a7b537a35d6685fb8a95e9b64732d6b4c49'>8c427a7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-22 21:44:27 -0500

Test code for ASN.1 public key functions.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=bbb6e1e88b171a1f29d16e1721d8443dbb91db10'>bbb6e1e</a></span>











</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-18 16:35:15 -0400

Add round-trip test for DER I/O code.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=3e679aac06a271858a8d82c89db5f1b1e79dda34'>3e679aa</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-26 22:51:44 -0400

Verify signature in key generation test.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=66c47cc25dbc0c122f6929d855feba3494459a08'>66c47cc</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>

















</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400

ModExp now working!' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=407905016d0404507ef08c71eec89158aa95cb35'>4079050</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400

ModExp now working!' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=407905016d0404507ef08c71eec89158aa95cb35'>4079050</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 10:53:26 -0400

First cut at RSA decryption/signature using the Chinese Remainder' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=5f152f558e7bc8fc8d93ae250bdc61cd60ab5acd'>5f152f5</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-17 15:13:27 -0400

RSA key generation and DER support.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=ab5a8760becf4711afa68221a5610e5572686f1f'>ab5a876</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-03 11:00:13 -0400

ModExp now working!' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=407905016d0404507ef08c71eec89158aa95cb35'>4079050</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Paul Selkirk &lt;paul@psgd.org&gt;  2016-06-14 17:25:29 -0400
committer  Paul Selkirk &lt;paul@psgd.org&gt;  2016-06-14 17:25:29 -0400

Add support for ModExpA7' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=97c3a85d32893ec5f17ecd807a45bac935e42dd5'>97c3a85</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-28 09:45:45 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-28 09:45:45 +0200

More fun with RSA test cases, still not working.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=f210238062d990ac2b3e21810686108ce89965ea'>f210238</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-10 18:34:18 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-10 18:34:18 -0400

Add hal_modexp(), since the protocol is a bit complex.  Rewrite' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=9cca19087b29d5678dc39fd446bd8f6a6036b097'>9cca190</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-11 18:21:50 -0400

Debug modexp_fp() buffer handling.  Add basic timing report.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=8934e10e139d45e5bc9b6874b3c630461d55607c'>8934e10</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-05-27 15:56:59 +0200

First pass at RSA tests.' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=2c81ecf429e266039a66d83742e22ea0eccfa327'>2c81ecf</a></span>



</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-04 16:55:28 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-06-04 16:55:28 -0400

Disable HMAC-SHA-384 tests as neither my implementation nor PyCrypto' href='/sw/libhal/commit/tests/test-rsa.c?h=auto_zeroise&amp;id=cf865e9d768ab2dad37f82f071f0050b20f18506'>cf865e9</a></span>





</pre></div></td>
<td class='linenumbers'><div class='alt'><pre><a id='n1' href='#n1'>1</a>
</pre></div><div class='alt'><pre><a id='n2' href='#n2'>2</a>
<a id='n3' href='#n3'>3</a>
</pre></div><div class='alt'><pre><a id='n4' href='#n4'>4</a>
</pre></div><div class='alt'><pre><a id='n5' href='#n5'>5</a>
<a id='n6' href='#n6'>6</a>
</pre></div><div class='alt'><pre><a id='n7' href='#n7'>7</a>
<a id='n8' href='#n8'>8</a>
</pre></div><div class='alt'><pre><a id='n9' href='#n9'>9</a>
</pre></div><div class='alt'><pre><a id='n10' href='#n10'>10</a>
<a id='n11' href='#n11'>11</a>
<a id='n12' href='#n12'>12</a>
<a id='n13' href='#n13'>13</a>
<a id='n14' href='#n14'>14</a>
</pre></div><div class='alt'><pre><a id='n15' href='#n15'>15</a>
</pre></div><div class='alt'><pre><a id='n16' href='#n16'>16</a>
<a id='n17' href='#n17'>17</a>
<a id='n18' href='#n18'>18</a>
</pre></div><div class='alt'><pre><a id='n19' href='#n19'>19</a>
</pre></div><div class='alt'><pre><a id='n20' href='#n20'>20</a>
<a id='n21' href='#n21'>21</a>
<a id='n22' href='#n22'>22</a>
</pre></div><div class='alt'><pre><a id='n23' href='#n23'>23</a>
</pre></div><div class='alt'><pre><a id='n24' href='#n24'>24</a>
<a id='n25' href='#n25'>25</a>
<a id='n26' href='#n26'>26</a>
<a id='n27' href='#n27'>27</a>
<a id='n28' href='#n28'>28</a>
<a id='n29' href='#n29'>29</a>
<a id='n30' href='#n30'>30</a>
<a id='n31' href='#n31'>31</a>
<a id='n32' href='#n32'>32</a>
<a id='n33' href='#n33'>33</a>
<a id='n34' href='#n34'>34</a>
</pre></div><div class='alt'><pre><a id='n35' href='#n35'>35</a>
<a id='n36' href='#n36'>36</a>
<a id='n37' href='#n37'>37</a>
<a id='n38' href='#n38'>38</a>
</pre></div><div class='alt'><pre><a id='n39' href='#n39'>39</a>
</pre></div><div class='alt'><pre><a id='n40' href='#n40'>40</a>
</pre></div><div class='alt'><pre><a id='n41' href='#n41'>41</a>
</pre></div><div class='alt'><pre><a id='n42' href='#n42'>42</a>
<a id='n43' href='#n43'>43</a>
</pre></div><div class='alt'><pre><a id='n44' href='#n44'>44</a>
<a id='n45' href='#n45'>45</a>
</pre></div><div class='alt'><pre><a id='n46' href='#n46'>46</a>
<a id='n47' href='#n47'>47</a>
<a id='n48' href='#n48'>48</a>
</pre></div><div class='alt'><pre><a id='n49' href='#n49'>49</a>
</pre></div><div class='alt'><pre><a id='n50' href='#n50'>50</a>
<a id='n51' href='#n51'>51</a>
</pre></div><div class='alt'><pre><a id='n52' href='#n52'>52</a>
<a id='n53' href='#n53'>53</a>
</pre></div><div class='alt'><pre><a id='n54' href='#n54'>54</a>
<a id='n55' href='#n55'>55</a>
<a id='n56' href='#n56'>56</a>
<a id='n57' href='#n57'>57</a>
</pre></div><div class='alt'><pre><a id='n58' href='#n58'>58</a>
</pre></div><div class='alt'><pre><a id='n59' href='#n59'>59</a>
</pre></div><div class='alt'><pre><a id='n60' href='#n60'>60</a>
</pre></div><div class='alt'><pre><a id='n61' href='#n61'>61</a>
</pre></div><div class='alt'><pre><a id='n62' href='#n62'>62</a>
</pre></div><div class='alt'><pre><a id='n63' href='#n63'>63</a>
</pre></div><div class='alt'><pre><a id='n64' href='#n64'>64</a>
<a id='n65' href='#n65'>65</a>
</pre></div><div class='alt'><pre><a id='n66' href='#n66'>66</a>
</pre></div><div class='alt'><pre><a id='n67' href='#n67'>67</a>
<a id='n68' href='#n68'>68</a>
</pre></div><div class='alt'><pre><a id='n69' href='#n69'>69</a>
</pre></div><div class='alt'><pre><a id='n70' href='#n70'>70</a>
</pre></div><div class='alt'><pre><a id='n71' href='#n71'>71</a>
<a id='n72' href='#n72'>72</a>
</pre></div><div class='alt'><pre><a id='n73' href='#n73'>73</a>
</pre></div><div class='alt'><pre><a id='n74' href='#n74'>74</a>
<a id='n75' href='#n75'>75</a>
<a id='n76' href='#n76'>76</a>
</pre></div><div class='alt'><pre><a id='n77' href='#n77'>77</a>
<a id='n78' href='#n78'>78</a>
<a id='n79' href='#n79'>79</a>
</pre></div><div class='alt'><pre><a id='n80' href='#n80'>80</a>
</pre></div><div class='alt'><pre><a id='n81' href='#n81'>81</a>
<a id='n82' href='#n82'>82</a>
</pre></div><div class='alt'><pre><a id='n83' href='#n83'>83</a>
</pre></div><div class='alt'><pre><a id='n84' href='#n84'>84</a>
</pre></div><div class='alt'><pre><a id='n85' href='#n85'>85</a>
</pre></div><div class='alt'><pre><a id='n86' href='#n86'>86</a>
</pre></div><div class='alt'><pre><a id='n87' href='#n87'>87</a>
<a id='n88' href='#n88'>88</a>
<a id='n89' href='#n89'>89</a>
<a id='n90' href='#n90'>90</a>
<a id='n91' href='#n91'>91</a>
<a id='n92' href='#n92'>92</a>
<a id='n93' href='#n93'>93</a>
<a id='n94' href='#n94'>94</a>
<a id='n95' href='#n95'>95</a>
</pre></div><div class='alt'><pre><a id='n96' href='#n96'>96</a>
<a id='n97' href='#n97'>97</a>
</pre></div><div class='alt'><pre><a id='n98' href='#n98'>98</a>
</pre></div><div class='alt'><pre><a id='n99' href='#n99'>99</a>
</pre></div><div class='alt'><pre><a id='n100' href='#n100'>100</a>
</pre></div><div class='alt'><pre><a id='n101' href='#n101'>101</a>
</pre></div><div class='alt'><pre><a id='n102' href='#n102'>102</a>
<a id='n103' href='#n103'>103</a>
<a id='n104' href='#n104'>104</a>
<a id='n105' href='#n105'>105</a>
<a id='n106' href='#n106'>106</a>
</pre></div><div class='alt'><pre><a id='n107' href='#n107'>107</a>
</pre></div><div class='alt'><pre><a id='n108' href='#n108'>108</a>
<a id='n109' href='#n109'>109</a>
<a id='n110' href='#n110'>110</a>
<a id='n111' href='#n111'>111</a>
</pre></div><div class='alt'><pre><a id='n112' href='#n112'>112</a>
<a id='n113' href='#n113'>113</a>
</pre></div><div class='alt'><pre><a id='n114' href='#n114'>114</a>
</pre></div><div class='alt'><pre><a id='n115' href='#n115'>115</a>
<a id='n116' href='#n116'>116</a>
<a id='n117' href='#n117'>117</a>
</pre></div><div class='alt'><pre><a id='n118' href='#n118'>118</a>
<a id='n119' href='#n119'>119</a>
<a id='n120' href='#n120'>120</a>
</pre></div><div class='alt'><pre><a id='n121' href='#n121'>121</a>
<a id='n122' href='#n122'>122</a>
<a id='n123' href='#n123'>123</a>
</pre></div><div class='alt'><pre><a id='n124' href='#n124'>124</a>
</pre></div><div class='alt'><pre><a id='n125' href='#n125'>125</a>
</pre></div><div class='alt'><pre><a id='n126' href='#n126'>126</a>
</pre></div><div class='alt'><pre><a id='n127' href='#n127'>127</a>
</pre></div><div class='alt'><pre><a id='n128' href='#n128'>128</a>
<a id='n129' href='#n129'>129</a>
</pre></div><div class='alt'><pre><a id='n130' href='#n130'>130</a>
<a id='n131' href='#n131'>131</a>
</pre></div><div class='alt'><pre><a id='n132' href='#n132'>132</a>
<a id='n133' href='#n133'>133</a>
</pre></div><div class='alt'><pre><a id='n134' href='#n134'>134</a>
<a id='n135' href='#n135'>135</a>
<a id='n136' href='#n136'>136</a>
</pre></div><div class='alt'><pre><a id='n137' href='#n137'>137</a>
<a id='n138' href='#n138'>138</a>
</pre></div><div class='alt'><pre><a id='n139' href='#n139'>139</a>
</pre></div><div class='alt'><pre><a id='n140' href='#n140'>140</a>
<a id='n141' href='#n141'>141</a>
</pre></div><div class='alt'><pre><a id='n142' href='#n142'>142</a>
</pre></div><div class='alt'><pre><a id='n143' href='#n143'>143</a>
</pre></div><div class='alt'><pre><a id='n144' href='#n144'>144</a>
<a id='n145' href='#n145'>145</a>
</pre></div><div class='alt'><pre><a id='n146' href='#n146'>146</a>
</pre></div><div class='alt'><pre><a id='n147' href='#n147'>147</a>
<a id='n148' href='#n148'>148</a>
</pre></div><div class='alt'><pre><a id='n149' href='#n149'>149</a>
</pre></div><div class='alt'><pre><a id='n150' href='#n150'>150</a>
<a id='n151' href='#n151'>151</a>
</pre></div><div class='alt'><pre><a id='n152' href='#n152'>152</a>
</pre></div><div class='alt'><pre><a id='n153' href='#n153'>153</a>
<a id='n154' href='#n154'>154</a>
</pre></div><div class='alt'><pre><a id='n155' href='#n155'>155</a>
</pre></div><div class='alt'><pre><a id='n156' href='#n156'>156</a>
<a id='n157' href='#n157'>157</a>
<a id='n158' href='#n158'>158</a>
</pre></div><div class='alt'><pre><a id='n159' href='#n159'>159</a>
</pre></div><div class='alt'><pre><a id='n160' href='#n160'>160</a>
<a id='n161' href='#n161'>161</a>
<a id='n162' href='#n162'>162</a>
<a id='n163' href='#n163'>163</a>
</pre></div><div class='alt'><pre><a id='n164' href='#n164'>164</a>
</pre></div><div class='alt'><pre><a id='n165' href='#n165'>165</a>
<a id='n166' href='#n166'>166</a>
<a id='n167' href='#n167'>167</a>
</pre></div><div class='alt'><pre><a id='n168' href='#n168'>168</a>
</pre></div><div class='alt'><pre><a id='n169' href='#n169'>169</a>
<a id='n170' href='#n170'>170</a>
<a id='n171' href='#n171'>171</a>
<a id='n172' href='#n172'>172</a>
<a id='n173' href='#n173'>173</a>
</pre></div><div class='alt'><pre><a id='n174' href='#n174'>174</a>
<a id='n175' href='#n175'>175</a>
</pre></div><div class='alt'><pre><a id='n176' href='#n176'>176</a>
</pre></div><div class='alt'><pre><a id='n177' href='#n177'>177</a>
</pre></div><div class='alt'><pre><a id='n178' href='#n178'>178</a>
</pre></div><div class='alt'><pre><a id='n179' href='#n179'>179</a>
</pre></div><div class='alt'><pre><a id='n180' href='#n180'>180</a>
<a id='n181' href='#n181'>181</a>
</pre></div><div class='alt'><pre><a id='n182' href='#n182'>182</a>
</pre></div><div class='alt'><pre><a id='n183' href='#n183'>183</a>
<a id='n184' href='#n184'>184</a>
<a id='n185' href='#n185'>185</a>
</pre></div><div class='alt'><pre><a id='n186' href='#n186'>186</a>
</pre></div><div class='alt'><pre><a id='n187' href='#n187'>187</a>
</pre></div><div class='alt'><pre><a id='n188' href='#n188'>188</a>
</pre></div><div class='alt'><pre><a id='n189' href='#n189'>189</a>
</pre></div><div class='alt'><pre><a id='n190' href='#n190'>190</a>
</pre></div><div class='alt'><pre><a id='n191' href='#n191'>191</a>
<a id='n192' href='#n192'>192</a>
<a id='n193' href='#n193'>193</a>
<a id='n194' href='#n194'>194</a>
<a id='n195' href='#n195'>195</a>
<a id='n196' href='#n196'>196</a>
</pre></div><div class='alt'><pre><a id='n197' href='#n197'>197</a>
<a id='n198' href='#n198'>198</a>
<a id='n199' href='#n199'>199</a>
<a id='n200' href='#n200'>200</a>
<a id='n201' href='#n201'>201</a>
<a id='n202' href='#n202'>202</a>
<a id='n203' href='#n203'>203</a>
<a id='n204' href='#n204'>204</a>
<a id='n205' href='#n205'>205</a>
</pre></div><div class='alt'><pre><a id='n206' href='#n206'>206</a>
<a id='n207' href='#n207'>207</a>
<a id='n208' href='#n208'>208</a>
<a id='n209' href='#n209'>209</a>
<a id='n210' href='#n210'>210</a>
<a id='n211' href='#n211'>211</a>
<a id='n212' href='#n212'>212</a>
<a id='n213' href='#n213'>213</a>
<a id='n214' href='#n214'>214</a>
<a id='n215' href='#n215'>215</a>
<a id='n216' href='#n216'>216</a>
<a id='n217' href='#n217'>217</a>
<a id='n218' href='#n218'>218</a>
<a id='n219' href='#n219'>219</a>
<a id='n220' href='#n220'>220</a>
<a id='n221' href='#n221'>221</a>
<a id='n222' href='#n222'>222</a>
<a id='n223' href='#n223'>223</a>
</pre></div><div class='alt'><pre><a id='n224' href='#n224'>224</a>
<a id='n225' href='#n225'>225</a>
</pre></div><div class='alt'><pre><a id='n226' href='#n226'>226</a>
<a id='n227' href='#n227'>227</a>
<a id='n228' href='#n228'>228</a>
<a id='n229' href='#n229'>229</a>
<a id='n230' href='#n230'>230</a>
<a id='n231' href='#n231'>231</a>
<a id='n232' href='#n232'>232</a>
<a id='n233' href='#n233'>233</a>
<a id='n234' href='#n234'>234</a>
<a id='n235' href='#n235'>235</a>
<a id='n236' href='#n236'>236</a>
<a id='n237' href='#n237'>237</a>
</pre></div><div class='alt'><pre><a id='n238' href='#n238'>238</a>
</pre></div><div class='alt'><pre><a id='n239' href='#n239'>239</a>
<a id='n240' href='#n240'>240</a>
</pre></div><div class='alt'><pre><a id='n241' href='#n241'>241</a>
</pre></div><div class='alt'><pre><a id='n242' href='#n242'>242</a>
</pre></div><div class='alt'><pre><a id='n243' href='#n243'>243</a>
<a id='n244' href='#n244'>244</a>
<a id='n245' href='#n245'>245</a>
</pre></div><div class='alt'><pre><a id='n246' href='#n246'>246</a>
<a id='n247' href='#n247'>247</a>
<a id='n248' href='#n248'>248</a>
<a id='n249' href='#n249'>249</a>
<a id='n250' href='#n250'>250</a>
<a id='n251' href='#n251'>251</a>
<a id='n252' href='#n252'>252</a>
<a id='n253' href='#n253'>253</a>
<a id='n254' href='#n254'>254</a>
<a id='n255' href='#n255'>255</a>
<a id='n256' href='#n256'>256</a>
<a id='n257' href='#n257'>257</a>
<a id='n258' href='#n258'>258</a>
<a id='n259' href='#n259'>259</a>
<a id='n260' href='#n260'>260</a>
<a id='n261' href='#n261'>261</a>
<a id='n262' href='#n262'>262</a>
<a id='n263' href='#n263'>263</a>
</pre></div><div class='alt'><pre><a id='n264' href='#n264'>264</a>
<a id='n265' href='#n265'>265</a>
<a id='n266' href='#n266'>266</a>
</pre></div><div class='alt'><pre><a id='n267' href='#n267'>267</a>
<a id='n268' href='#n268'>268</a>
</pre></div><div class='alt'><pre><a id='n269' href='#n269'>269</a>
</pre></div><div class='alt'><pre><a id='n270' href='#n270'>270</a>
<a id='n271' href='#n271'>271</a>
</pre></div><div class='alt'><pre><a id='n272' href='#n272'>272</a>
<a id='n273' href='#n273'>273</a>
<a id='n274' href='#n274'>274</a>
</pre></div><div class='alt'><pre><a id='n275' href='#n275'>275</a>
<a id='n276' href='#n276'>276</a>
<a id='n277' href='#n277'>277</a>
</pre></div><div class='alt'><pre><a id='n278' href='#n278'>278</a>
<a id='n279' href='#n279'>279</a>
</pre></div><div class='alt'><pre><a id='n280' href='#n280'>280</a>
</pre></div><div class='alt'><pre><a id='n281' href='#n281'>281</a>
</pre></div><div class='alt'><pre><a id='n282' href='#n282'>282</a>
<a id='n283' href='#n283'>283</a>
</pre></div><div class='alt'><pre><a id='n284' href='#n284'>284</a>
</pre></div><div class='alt'><pre><a id='n285' href='#n285'>285</a>
</pre></div><div class='alt'><pre><a id='n286' href='#n286'>286</a>
<a id='n287' href='#n287'>287</a>
</pre></div><div class='alt'><pre><a id='n288' href='#n288'>288</a>
</pre></div><div class='alt'><pre><a id='n289' href='#n289'>289</a>
<a id='n290' href='#n290'>290</a>
</pre></div><div class='alt'><pre><a id='n291' href='#n291'>291</a>
</pre></div><div class='alt'><pre><a id='n292' href='#n292'>292</a>
</pre></div><div class='alt'><pre><a id='n293' href='#n293'>293</a>
</pre></div><div class='alt'><pre><a id='n294' href='#n294'>294</a>
</pre></div><div class='alt'><pre><a id='n295' href='#n295'>295</a>
</pre></div><div class='alt'><pre><a id='n296' href='#n296'>296</a>
</pre></div><div class='alt'><pre><a id='n297' href='#n297'>297</a>
</pre></div><div class='alt'><pre><a id='n298' href='#n298'>298</a>
<a id='n299' href='#n299'>299</a>
<a id='n300' href='#n300'>300</a>
</pre></div><div class='alt'><pre><a id='n301' href='#n301'>301</a>
</pre></div><div class='alt'><pre><a id='n302' href='#n302'>302</a>
<a id='n303' href='#n303'>303</a>
</pre></div><div class='alt'><pre><a id='n304' href='#n304'>304</a>
</pre></div><div class='alt'><pre><a id='n305' href='#n305'>305</a>
</pre></div><div class='alt'><pre><a id='n306' href='#n306'>306</a>
<a id='n307' href='#n307'>307</a>
</pre></div><div class='alt'><pre><a id='n308' href='#n308'>308</a>
</pre></div><div class='alt'><pre><a id='n309' href='#n309'>309</a>
</pre></div><div class='alt'><pre><a id='n310' href='#n310'>310</a>
</pre></div><div class='alt'><pre><a id='n311' href='#n311'>311</a>
<a id='n312' href='#n312'>312</a>
</pre></div><div class='alt'><pre><a id='n313' href='#n313'>313</a>
<a id='n314' href='#n314'>314</a>
</pre></div><div class='alt'><pre><a id='n315' href='#n315'>315</a>
<a id='n316' href='#n316'>316</a>
</pre></div><div class='alt'><pre><a id='n317' href='#n317'>317</a>
<a id='n318' href='#n318'>318</a>
</pre></div><div class='alt'><pre><a id='n319' href='#n319'>319</a>
<a id='n320' href='#n320'>320</a>
<a id='n321' href='#n321'>321</a>
<a id='n322' href='#n322'>322</a>
</pre></div><div class='alt'><pre><a id='n323' href='#n323'>323</a>
<a id='n324' href='#n324'>324</a>
<a id='n325' href='#n325'>325</a>
<a id='n326' href='#n326'>326</a>
<a id='n327' href='#n327'>327</a>
<a id='n328' href='#n328'>328</a>
</pre></div></td>
<td class='lines'><div><div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>

             </pre></div><div class='alt'><pre>
                                                   </pre></div><div class='alt'><pre>

                       </pre></div><div class='alt'><pre>

                                   </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>




                                                                           </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                         </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>










                                                                           </pre></div><div class='alt'><pre>



                   </pre></div><div class='alt'><pre>
                   </pre></div><div class='alt'><pre>
                  </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                     </pre></div><div class='alt'><pre>

                </pre></div><div class='alt'><pre>


                     </pre></div><div class='alt'><pre>
                       </pre></div><div class='alt'><pre>

   </pre></div><div class='alt'><pre>

                                               </pre></div><div class='alt'><pre>



                                                                           </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                          </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                              </pre></div><div class='alt'><pre>

                                                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
           </pre></div><div class='alt'><pre>

 </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                        </pre></div><div class='alt'><pre>


                                                  </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                          </pre></div><div class='alt'><pre>
                                     </pre></div><div class='alt'><pre>
                            </pre></div><div class='alt'><pre>
                           </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>








                                                             </pre></div><div class='alt'><pre>

                                                                             </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                                 </pre></div><div class='alt'><pre>




                                                                                    </pre></div><div class='alt'><pre>
                         </pre></div><div class='alt'><pre>



                                    </pre></div><div class='alt'><pre>

 </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                         </pre></div><div class='alt'><pre>


                                              </pre></div><div class='alt'><pre>


                                                                          </pre></div><div class='alt'><pre>
                                                     </pre></div><div class='alt'><pre>
                                                                   </pre></div><div class='alt'><pre>
                                           </pre></div><div class='alt'><pre>
                           </pre></div><div class='alt'><pre>

          </pre></div><div class='alt'><pre>

                                            </pre></div><div class='alt'><pre>

                                                                                                                      </pre></div><div class='alt'><pre>


                     </pre></div><div class='alt'><pre>

                                                                                          </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                       </pre></div><div class='alt'><pre>
                                                                     </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                                       </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                    </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                     </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                                                              </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>



                                                                                                        </pre></div><div class='alt'><pre>
                                                                                         </pre></div><div class='alt'><pre>


                            </pre></div><div class='alt'><pre>
                                                                                                  </pre></div><div class='alt'><pre>




                                                                               </pre></div><div class='alt'><pre>

                                                                    </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                </pre></div><div class='alt'><pre>
                                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                     </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                                                    </pre></div><div class='alt'><pre>
                                                                                                    </pre></div><div class='alt'><pre>
                                                                            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                   </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>





                                                                 </pre></div><div class='alt'><pre>








                                                                     </pre></div><div class='alt'><pre>

















                                                                                             </pre></div><div class='alt'><pre>

                                                                                                    </pre></div><div class='alt'><pre>











                                                                                                    </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                          </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                    </pre></div><div class='alt'><pre>


  </pre></div><div class='alt'><pre>

















                                                              </pre></div><div class='alt'><pre>


                                                 </pre></div><div class='alt'><pre>

                                                 </pre></div><div class='alt'><pre>
                                                 </pre></div><div class='alt'><pre>

                                                 </pre></div><div class='alt'><pre>


             </pre></div><div class='alt'><pre>


                                                                   </pre></div><div class='alt'><pre>

   </pre></div><div class='alt'><pre>
                                                                      </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

             </pre></div><div class='alt'><pre>
                      </pre></div><div class='alt'><pre>
                                                                            </pre></div><div class='alt'><pre>

                                  </pre></div><div class='alt'><pre>
                                                                                  </pre></div><div class='alt'><pre>

                                </pre></div><div class='alt'><pre>
                                                        </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                </pre></div><div class='alt'><pre>
                                                       </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                </pre></div><div class='alt'><pre>
                                                              </pre></div><div class='alt'><pre>

                                                </pre></div><div class='alt'><pre>
                                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                                                            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
    </pre></div><div class='alt'><pre>
                        </pre></div><div class='alt'><pre>

     </pre></div><div class='alt'><pre>

                          </pre></div><div class='alt'><pre>

                   </pre></div><div class='alt'><pre>

                                                            </pre></div><div class='alt'><pre>



               </pre></div><div class='alt'><pre>





                        </pre></div></div><pre><code><style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/*</span>
<span class="cm"> * test-rsa.c</span>
<span class="cm"> * ----------</span>
<span class="cm"> * Test harness for RSA using Cryptech ModExp core.</span>
<span class="cm"> *</span>
<span class="cm"> * Authors: Rob Austein</span>
<span class="cm"> * Copyright (c) 2015, NORDUnet A/S</span>
<span class="cm"> * All rights reserved.</span>
<span class="cm"> *</span>
<span class="cm"> * Redistribution and use in source and binary forms, with or without</span>
<span class="cm"> * modification, are permitted provided that the following conditions are</span>
<span class="cm"> * met:</span>
<span class="cm"> * - Redistributions of source code must retain the above copyright notice,</span>
<span class="cm"> *   this list of conditions and the following disclaimer.</span>
<span class="cm"> *</span>
<span class="cm"> * - Redistributions in binary form must reproduce the above copyright</span>
<span class="cm"> *   notice, this list of conditions and the following disclaimer in the</span>
<span class="cm"> *   documentation and/or other materials provided with the distribution.</span>
<span class="cm"> *</span>
<span class="cm"> * - Neither the name of the NORDUnet nor the names of its contributors may</span>
<span class="cm"> *   be used to endorse or promote products derived from this software</span>
<span class="cm"> *   without specific prior written permission.</span>
<span class="cm"> *</span>
<span class="cm"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS &quot;AS</span>
<span class="cm"> * IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A</span>
<span class="cm"> * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="cm"> * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="cm"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR</span>
<span class="cm"> * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF</span>
<span class="cm"> * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING</span>
<span class="cm"> * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS</span>
<span class="cm"> * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="cm"> */</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdio.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdint.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;string.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;errno.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;sys/time.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;hal.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&quot;test-rsa.h&quot;</span>

<span class="cm">/*</span>
<span class="cm"> * Run one modexp test.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_modexp</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="p">,</span>
<span class="w">                       </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span>
<span class="w">                       </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">tc</span><span class="p">,</span>
<span class="w">                       </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_bn_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">msg</span><span class="p">,</span><span class="w"> </span><span class="cm">/* Input message */</span>
<span class="w">                       </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_bn_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">exp</span><span class="p">,</span><span class="w"> </span><span class="cm">/* Exponent */</span>
<span class="w">                       </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_bn_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">val</span><span class="p">)</span><span class="w"> </span><span class="cm">/* Expected result */</span>
<span class="p">{</span>
<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">result</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">len</span><span class="p">];</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;%s test for %lu-bit RSA key</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">hal_modexp</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="n">msg</span><span class="o">-&gt;</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">msg</span><span class="o">-&gt;</span><span class="n">len</span><span class="p">,</span><span class="w"> </span><span class="n">exp</span><span class="o">-&gt;</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">exp</span><span class="o">-&gt;</span><span class="n">len</span><span class="p">,</span>
<span class="w">                 </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">len</span><span class="p">,</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;ModExp failed</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="n">val</span><span class="o">-&gt;</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">val</span><span class="o">-&gt;</span><span class="n">len</span><span class="p">))</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;MISMATCH</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Run one RSA CRT test.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_decrypt</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="p">,</span>
<span class="w">                        </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span>
<span class="w">                        </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">tc</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;%s test for %lu-bit RSA key</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">keybuf</span><span class="p">[</span><span class="n">hal_rsa_key_t_size</span><span class="p">];</span>
<span class="w">  </span><span class="n">hal_rsa_key_t</span><span class="w"> </span><span class="o">*</span><span class="n">key</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_key_load_private</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">keybuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf</span><span class="p">),</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">e</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">e</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">p</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">p</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">q</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">q</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">u</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w">  </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">u</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">dP</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">dP</span><span class="p">.</span><span class="n">len</span><span class="p">,</span>
<span class="w">                                      </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">dQ</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">dQ</span><span class="p">.</span><span class="n">len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;RSA CRT key load failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">result</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">len</span><span class="p">];</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_decrypt</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="n">key</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">len</span><span class="p">,</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;RSA CRT failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">));</span>

<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">mismatch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">s</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">s</span><span class="p">.</span><span class="n">len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">mismatch</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;MISMATCH</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="n">hal_rsa_key_clear</span><span class="p">(</span><span class="n">key</span><span class="p">);</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="o">!</span><span class="n">mismatch</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Run one RSA key generation + CRT test.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_gen</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="p">,</span>
<span class="w">                    </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span>
<span class="w">                    </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">tc</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;%s test for %lu-bit RSA key</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">kind</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>

<span class="w">  </span><span class="kt">char</span><span class="w"> </span><span class="n">fn</span><span class="p">[</span><span class="k">sizeof</span><span class="p">(</span><span class="s">&quot;test-rsa-private-key-xxxxxx.der&quot;</span><span class="p">)];</span>
<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">keybuf1</span><span class="p">[</span><span class="n">hal_rsa_key_t_size</span><span class="p">],</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">[</span><span class="n">hal_rsa_key_t_size</span><span class="p">];</span>
<span class="w">  </span><span class="n">hal_rsa_key_t</span><span class="w"> </span><span class="o">*</span><span class="n">key1</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="o">*</span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="w">  </span><span class="kt">FILE</span><span class="w"> </span><span class="o">*</span><span class="n">f</span><span class="p">;</span>

<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">f4</span><span class="p">[]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="mh">0x01</span><span class="p">,</span><span class="w"> </span><span class="mh">0x00</span><span class="p">,</span><span class="w"> </span><span class="mh">0x01</span><span class="w"> </span><span class="p">};</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_key_gen</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf1</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf1</span><span class="p">),</span><span class="w"> </span><span class="n">bitsToBytes</span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">),</span><span class="w"> </span><span class="n">f4</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">f4</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;RSA key generation failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">size_t</span><span class="w"> </span><span class="n">der_len</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_private_key_to_der</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="mi">0</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Getting DER length of RSA key failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">der</span><span class="p">[</span><span class="n">der_len</span><span class="p">];</span>

<span class="w">  </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_private_key_to_der</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">der</span><span class="p">));</span>

<span class="w">  </span><span class="n">snprintf</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="s">&quot;test-rsa-private-key-%04lu.der&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;wb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fwrite</span><span class="p">(</span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/* Deferred error from hal_rsa_private_key_to_der() */</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Converting RSA private key to DER failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_private_key_from_der</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">der</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Converting RSA key back from DER failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">keybuf1</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="n">hal_rsa_key_t_size</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;RSA private key mismatch after conversion to and back from DER</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">result</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">n</span><span class="p">.</span><span class="n">len</span><span class="p">];</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_decrypt</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">len</span><span class="p">,</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;RSA CRT failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">));</span>

<span class="w">  </span><span class="n">snprintf</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="s">&quot;test-rsa-sig-%04lu.der&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;wb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fwrite</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">),</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span><span class="w">            </span><span class="cm">/* Deferred failure from hal_rsa_decrypt(), above */</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_encrypt</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">),</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;First RSA signature check failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">));</span>

<span class="w">  </span><span class="kt">int</span><span class="w"> </span><span class="n">mismatch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="n">mismatch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;MISMATCH</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">1</span><span class="p">);</span>

<span class="w">  </span><span class="n">hal_rsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>
<span class="w">  </span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;rb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fread</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">),</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch reading %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_public_key_to_der</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">der</span><span class="p">));</span>

<span class="w">  </span><span class="n">snprintf</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="s">&quot;test-rsa-public-key-%04lu.der&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">size</span><span class="p">);</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;wb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fwrite</span><span class="p">(</span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/* Deferred error from hal_rsa_public_key_to_der() */</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Converting RSA public key to DER failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_public_key_from_der</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Converting RSA public key back from DER failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Can&#39;t directly compare private key with public key.  We could</span>
<span class="cm">   * extract and compare the public key components, not much point if</span>
<span class="cm">   * the public key passes the signature verification test below.</span>
<span class="cm">   */</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_rsa_encrypt</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">),</span><span class="w"> </span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">result</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Second RSA signature check failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">result</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">val</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">.</span><span class="n">len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="n">mismatch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">(</span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;MISMATCH</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">1</span><span class="p">);</span>

<span class="w">  </span><span class="n">hal_rsa_key_clear</span><span class="p">(</span><span class="n">key1</span><span class="p">);</span>
<span class="w">  </span><span class="n">hal_rsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="o">!</span><span class="n">mismatch</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Time a test.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">_time_check</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="k">struct</span><span class="w"> </span><span class="nc">timeval</span><span class="w"> </span><span class="n">t0</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">ok</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">struct</span><span class="w"> </span><span class="nc">timeval</span><span class="w"> </span><span class="n">t</span><span class="p">;</span>
<span class="w">  </span><span class="n">gettimeofday</span><span class="p">(</span><span class="o">&amp;</span><span class="n">t</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="w"> </span><span class="o">-=</span><span class="w"> </span><span class="n">t0</span><span class="p">.</span><span class="n">tv_sec</span><span class="p">;</span>
<span class="w">  </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">t0</span><span class="p">.</span><span class="n">tv_usec</span><span class="p">;</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w">    </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">+=</span><span class="w"> </span><span class="mi">1000000</span><span class="p">;</span>
<span class="w">    </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="w">  </span><span class="o">-=</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>
<span class="w">  </span><span class="p">}</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Elapsed time %lu.%06lu seconds, %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span>
<span class="w">         </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="p">,</span>
<span class="w">         </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="p">,</span>
<span class="w">         </span><span class="n">ok</span><span class="w"> </span><span class="o">?</span><span class="w"> </span><span class="s">&quot;OK&quot;</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="s">&quot;FAILED&quot;</span><span class="p">);</span>
<span class="p">}</span>

<span class="cp">#define time_check(_expr_)                      \</span>
<span class="cp">  do {                                          \</span>
<span class="cp">    struct timeval _t;                          \</span>
<span class="cp">    gettimeofday(&amp;_t, NULL);                    \</span>
<span class="cp">    int _ok = (_expr_);                         \</span>
<span class="cp">    _time_check(_t, _ok);                       \</span>
<span class="cp">    ok &amp;= _ok;                                  \</span>
<span class="cp">  } while (0)</span>

<span class="cm">/*</span>
<span class="cm"> * Test signature and exponentiation for one RSA keypair using</span>
<span class="cm"> * precompiled test vectors, then generate a key of the same length</span>
<span class="cm"> * and try generating a signature with that.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_rsa</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">rsa_tc_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">tc</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="kt">int</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/* RSA encryption */</span>
<span class="w">  </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_modexp</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;Verification&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">s</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">e</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">));</span>

<span class="w">  </span><span class="cm">/* Brute force RSA decryption */</span>
<span class="w">  </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_modexp</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;Signature (ModExp)&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">m</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">s</span><span class="p">));</span>

<span class="w">  </span><span class="cm">/* RSA decyrption using CRT */</span>
<span class="w">  </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_decrypt</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;Signature (CRT)&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="p">));</span>

<span class="w">  </span><span class="cm">/* Key generation and CRT -- not test vector, so writes key and sig to file */</span>
<span class="w">  </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_gen</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;Generation and CRT&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="p">));</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">ok</span><span class="p">;</span>
<span class="p">}</span>

<span class="kt">int</span><span class="w"> </span><span class="nf">main</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">argc</span><span class="p">,</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">argv</span><span class="p">[])</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_find</span><span class="p">(</span><span class="n">MODEXPS6_NAME</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">core</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">      </span><span class="n">core</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_find</span><span class="p">(</span><span class="n">MODEXPA7_NAME</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_info_t</span><span class="w"> </span><span class="o">*</span><span class="n">core_info</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_info</span><span class="p">(</span><span class="n">core</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">core_info</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;</span><span class="se">\&quot;</span><span class="s">%8.8s</span><span class="se">\&quot;</span><span class="s">  </span><span class="se">\&quot;</span><span class="s">%4.4s</span><span class="se">\&quot;\n\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">core_info</span><span class="o">-&gt;</span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="n">core_info</span><span class="o">-&gt;</span><span class="n">version</span><span class="p">);</span>

<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Run the test cases.</span>
<span class="cm">   */</span>

<span class="w">  </span><span class="n">hal_modexp_set_debug</span><span class="p">(</span><span class="mi">1</span><span class="p">);</span>

<span class="w">  </span><span class="cm">/* Normal test */</span>

<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="n">rsa_tc</span><span class="p">)</span><span class="o">/</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">rsa_tc</span><span class="p">));</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="o">!</span><span class="n">test_rsa</span><span class="p">(</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">rsa_tc</span><span class="p">[</span><span class="n">i</span><span class="p">]))</span>
<span class="w">      </span><span class="k">return</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Local variables:</span>
<span class="cm"> * indent-tabs-mode: nil</span>
<span class="cm"> * End:</span>
<span class="cm"> */</span>
</pre></div>
</code></pre></div></td>
</tr>
</table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2024-07-05 19:04:56 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>