scalar - OpenBSD

lib/libcrypto/bn/s2n_bignum.h

1051

extern void p256_montjscalarmul(uint64_t res[S2N_BIGNUM_STATIC 12],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 12]);

lib/libcrypto/bn/s2n_bignum.h

1052

extern void p256_montjscalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 12],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 12]);

lib/libcrypto/bn/s2n_bignum.h

1056

extern void p256_scalarmul(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 8]);

lib/libcrypto/bn/s2n_bignum.h

1057

extern void p256_scalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 8]);

lib/libcrypto/bn/s2n_bignum.h

1061

extern void p256_scalarmulbase(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],uint64_t blocksize,const uint64_t *table);

lib/libcrypto/bn/s2n_bignum.h

1062

extern void p256_scalarmulbase_alt(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],uint64_t blocksize,const uint64_t *table);

lib/libcrypto/bn/s2n_bignum.h

1081

extern void p384_montjscalarmul(uint64_t res[S2N_BIGNUM_STATIC 18],const uint64_t scalar[S2N_BIGNUM_STATIC 6],const uint64_t point[S2N_BIGNUM_STATIC 18]);

lib/libcrypto/bn/s2n_bignum.h

1082

extern void p384_montjscalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 18],const uint64_t scalar[S2N_BIGNUM_STATIC 6],const uint64_t point[S2N_BIGNUM_STATIC 18]);

lib/libcrypto/bn/s2n_bignum.h

1101

extern void p521_jscalarmul(uint64_t res[S2N_BIGNUM_STATIC 27],const uint64_t scalar[S2N_BIGNUM_STATIC 9],const uint64_t point[S2N_BIGNUM_STATIC 27]);

lib/libcrypto/bn/s2n_bignum.h

1102

extern void p521_jscalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 27],const uint64_t scalar[S2N_BIGNUM_STATIC 9],const uint64_t point[S2N_BIGNUM_STATIC 27]);

lib/libcrypto/bn/s2n_bignum.h

1152

extern void sm2_montjscalarmul(uint64_t res[S2N_BIGNUM_STATIC 12],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 12]);

lib/libcrypto/bn/s2n_bignum.h

1153

extern void sm2_montjscalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 12],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 12]);

lib/libcrypto/bn/s2n_bignum.h

932

extern void curve25519_pxscalarmul(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

933

extern void curve25519_pxscalarmul_alt(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

937

extern void curve25519_x25519(uint64_t res[S2N_BIGNUM_STATIC 4],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

938

extern void curve25519_x25519_alt(uint64_t res[S2N_BIGNUM_STATIC 4],const uint64_t scalar[S2N_BIGNUM_STATIC 4],const uint64_t point[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

942

extern void curve25519_x25519_byte(uint8_t res[S2N_BIGNUM_STATIC 32],const uint8_t scalar[S2N_BIGNUM_STATIC 32],const uint8_t point[S2N_BIGNUM_STATIC 32]);

lib/libcrypto/bn/s2n_bignum.h

943

extern void curve25519_x25519_byte_alt(uint8_t res[S2N_BIGNUM_STATIC 32],const uint8_t scalar[S2N_BIGNUM_STATIC 32],const uint8_t point[S2N_BIGNUM_STATIC 32]);

lib/libcrypto/bn/s2n_bignum.h

947

extern void curve25519_x25519base(uint64_t res[S2N_BIGNUM_STATIC 4],const uint64_t scalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

948

extern void curve25519_x25519base_alt(uint64_t res[S2N_BIGNUM_STATIC 4],const uint64_t scalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

952

extern void curve25519_x25519base_byte(uint8_t res[S2N_BIGNUM_STATIC 32],const uint8_t scalar[S2N_BIGNUM_STATIC 32]);

lib/libcrypto/bn/s2n_bignum.h

953

extern void curve25519_x25519base_byte_alt(uint8_t res[S2N_BIGNUM_STATIC 32],const uint8_t scalar[S2N_BIGNUM_STATIC 32]);

lib/libcrypto/bn/s2n_bignum.h

986

extern void edwards25519_scalarmulbase(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

987

extern void edwards25519_scalarmulbase_alt(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

991

extern void edwards25519_scalarmuldouble(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4], const uint64_t point[S2N_BIGNUM_STATIC 8],const uint64_t bscalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/bn/s2n_bignum.h

992

extern void edwards25519_scalarmuldouble_alt(uint64_t res[S2N_BIGNUM_STATIC 8],const uint64_t scalar[S2N_BIGNUM_STATIC 4], const uint64_t point[S2N_BIGNUM_STATIC 8],const uint64_t bscalar[S2N_BIGNUM_STATIC 4]);

lib/libcrypto/curve25519/curve25519-generic.c

30

x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32],

lib/libcrypto/curve25519/curve25519-generic.c

33

x25519_scalar_mult_generic(out, scalar, point);

lib/libcrypto/curve25519/curve25519.c

3557

void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A) {

lib/libcrypto/curve25519/curve25519.c

3593

uint8_t index = scalar[31 - i/8];

lib/libcrypto/curve25519/curve25519.c

4833

x25519_scalar_mult_generic(uint8_t out[32], const uint8_t scalar[32],

lib/libcrypto/curve25519/curve25519.c

4838

memcpy(e, scalar, 32);

lib/libcrypto/curve25519/curve25519_internal.h

86

void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A);

lib/libcrypto/curve25519/curve25519_internal.h

92

void x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32],

lib/libcrypto/curve25519/curve25519_internal.h

94

void x25519_scalar_mult_generic(uint8_t out[32], const uint8_t scalar[32],

lib/libcrypto/ec/ec_local.h

114

const BIGNUM *scalar, const EC_POINT *point, BN_CTX *);

lib/libcrypto/ec/ec_mult.c

217

ec_wnaf_new(const EC_GROUP *group, const BIGNUM *scalar, const EC_POINT *point,

lib/libcrypto/ec/ec_mult.c

225

wnaf->num_digits = BN_num_bits(scalar) + 1;

lib/libcrypto/ec/ec_mult.c

230

if (!ec_compute_wnaf(scalar, wnaf->digits, wnaf->num_digits))

lib/libcrypto/ec/ec_mult.c

233

wnaf->num_multiples = 1ULL << (ec_window_bits(scalar) - 1);

lib/libcrypto/ec/ecp_hp_methods.c

790

ec_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, const EC_POINT *point,

lib/libcrypto/ec/ecp_hp_methods.c

819

if (!BN_bn2binpad(scalar, scalar_bytes, scalar_len))

lib/libcrypto/ec/ecp_hp_methods.c

908

ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,

lib/libcrypto/ec/ecp_hp_methods.c

911

return ec_mul(group, r, scalar, point, ctx);

lib/libcrypto/ec/ecp_methods.c

1065

ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,

lib/libcrypto/ec/ecp_methods.c

1103

if (!bn_copy(k, scalar))

lib/libcrypto/ec/ecp_methods.c

1244

ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,

lib/libcrypto/ec/ecp_methods.c

1247

return ec_mul_ct(group, r, scalar, point, ctx);

lib/libcrypto/mlkem/mlkem_internal.c

1003

scalar secret[MLKEM1024_RANK], error[MLKEM1024_RANK], u[MLKEM1024_RANK];

lib/libcrypto/mlkem/mlkem_internal.c

1004

scalar expanded_message, scalar_error;

lib/libcrypto/mlkem/mlkem_internal.c

1007

scalar v;

lib/libcrypto/mlkem/mlkem_internal.c

1070

scalar u[MLKEM1024_RANK];

lib/libcrypto/mlkem/mlkem_internal.c

1071

scalar mask, v;

lib/libcrypto/mlkem/mlkem_internal.c

117

static inline const scalar *

lib/libcrypto/mlkem/mlkem_internal.c

118

const_m2s(const scalar *v, size_t row, size_t col, uint16_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

120

return ((scalar *)v) + row * rank + col;

lib/libcrypto/mlkem/mlkem_internal.c

126

static inline scalar *

lib/libcrypto/mlkem/mlkem_internal.c

127

m2s(scalar *v, size_t row, size_t col, uint16_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

129

return ((scalar *)v) + row * rank + col;

lib/libcrypto/mlkem/mlkem_internal.c

231

scalar_zero(scalar *out)

lib/libcrypto/mlkem/mlkem_internal.c

237

vector_zero(scalar *out, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

251

scalar_ntt(scalar *s)

lib/libcrypto/mlkem/mlkem_internal.c

281

vector_ntt(scalar *v, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

298

scalar_inverse_ntt(scalar *s)

lib/libcrypto/mlkem/mlkem_internal.c

328

vector_inverse_ntt(scalar *v, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

338

scalar_add(scalar *lhs, const scalar *rhs)

lib/libcrypto/mlkem/mlkem_internal.c

348

scalar_sub(scalar *lhs, const scalar *rhs)

lib/libcrypto/mlkem/mlkem_internal.c

368

scalar_mult(scalar *out, const scalar *lhs, const scalar *rhs)

lib/libcrypto/mlkem/mlkem_internal.c

387

vector_add(scalar *lhs, const scalar *rhs, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

397

matrix_mult(scalar *out, const void *m, const scalar *a, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

404

scalar product;

lib/libcrypto/mlkem/mlkem_internal.c

413

matrix_mult_transpose(scalar *out, const void *m, const scalar *a, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

420

scalar product;

lib/libcrypto/mlkem/mlkem_internal.c

429

scalar_inner_product(scalar *out, const scalar *lhs,

lib/libcrypto/mlkem/mlkem_internal.c

430

const scalar *rhs, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

436

scalar product;

lib/libcrypto/mlkem/mlkem_internal.c

449

scalar_from_keccak_vartime(scalar *out, sha3_ctx *keccak_ctx)

lib/libcrypto/mlkem/mlkem_internal.c

480

scalar_centered_binomial_distribution_eta_2_with_prf(scalar *out,

lib/libcrypto/mlkem/mlkem_internal.c

521

vector_generate_secret_eta_2(scalar *out, uint8_t *counter,

lib/libcrypto/mlkem/mlkem_internal.c

562

scalar_encode(uint8_t *out, const scalar *s, int bits)

lib/libcrypto/mlkem/mlkem_internal.c

602

scalar_encode_1(uint8_t out[32], const scalar *s)

lib/libcrypto/mlkem/mlkem_internal.c

623

vector_encode(uint8_t *out, const scalar *a, int bits, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

634

vector_encode_cbb(CBB *cbb, const scalar *a, int bits, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

651

scalar_decode(scalar *out, const uint8_t *in, int bits)

lib/libcrypto/mlkem/mlkem_internal.c

694

scalar_decode_1(scalar *out, const uint8_t in[32])

lib/libcrypto/mlkem/mlkem_internal.c

714

vector_decode(scalar *out, const uint8_t *in, int bits, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

780

scalar_compress(scalar *s, int bits)

lib/libcrypto/mlkem/mlkem_internal.c

790

scalar_decompress(scalar *s, int bits)

lib/libcrypto/mlkem/mlkem_internal.c

800

vector_compress(scalar *v, int bits, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

810

vector_decompress(scalar *v, int bits, size_t rank)

lib/libcrypto/mlkem/mlkem_internal.c

820

scalar *t;

lib/libcrypto/mlkem/mlkem_internal.c

823

scalar *m;

lib/libcrypto/mlkem/mlkem_internal.c

830

size_t vector_size = external->rank * sizeof(scalar);

lib/libcrypto/mlkem/mlkem_internal.c

839

pub->t = (struct scalar *)bytes + offset;

lib/libcrypto/mlkem/mlkem_internal.c

851

scalar *s;

lib/libcrypto/mlkem/mlkem_internal.c

859

size_t vector_size = external->rank * sizeof(scalar);

lib/libcrypto/mlkem/mlkem_internal.c

868

priv->pub.t = (struct scalar *)(bytes + offset);

lib/libcrypto/mlkem/mlkem_internal.c

926

scalar error[MLKEM1024_RANK];

regress/lib/libcrypto/curve25519/x25519test.c

102

if (memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {

regress/lib/libcrypto/curve25519/x25519test.c

93

uint8_t scalar[32] = {9}, point[32] = {9}, out[32];

regress/lib/libcrypto/curve25519/x25519test.c

97

X25519(out, scalar, point);

regress/lib/libcrypto/curve25519/x25519test.c

98

memcpy(point, scalar, sizeof(point));

regress/lib/libcrypto/curve25519/x25519test.c

99

memcpy(scalar, out, sizeof(scalar));

regress/lib/libcrypto/ec/ec_arithmetic.c

126

BIGNUM *order = NULL, *scalar = NULL;

regress/lib/libcrypto/ec/ec_arithmetic.c

142

if ((scalar = BN_new()) == NULL)

regress/lib/libcrypto/ec/ec_arithmetic.c

144

if (!BN_rand_range(scalar, order))

regress/lib/libcrypto/ec/ec_arithmetic.c

146

if (!BN_set_bit(scalar, EC_GROUP_order_bits(group) - 1))

regress/lib/libcrypto/ec/ec_arithmetic.c

156

if (!EC_POINT_mul(group, a, scalar, NULL, NULL, ctx))

regress/lib/libcrypto/ec/ec_arithmetic.c

158

if (!EC_POINT_mul(group, b, scalar, NULL, NULL, ctx))

regress/lib/libcrypto/ec/ec_arithmetic.c

169

bm->func(group, result, scalar, a, b, ctx);

regress/lib/libcrypto/ec/ec_arithmetic.c

182

BN_free(scalar);

regress/lib/libcrypto/ec/ec_arithmetic.c

33

const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)

regress/lib/libcrypto/ec/ec_arithmetic.c

41

const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)

regress/lib/libcrypto/ec/ec_arithmetic.c

49

const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)

regress/lib/libcrypto/ec/ec_arithmetic.c

51

if (!EC_POINT_mul(group, result, scalar, NULL, NULL, ctx))

sys/crypto/curve25519.c

783

const uint8_t scalar[CURVE25519_KEY_SIZE],

sys/crypto/curve25519.c

792

memcpy(e, scalar, 32);

sys/crypto/curve25519.h

24

const uint8_t scalar[CURVE25519_KEY_SIZE],