--- /dev/null
+/* -*-c-*-
+ *
+ * Diffie--Hellman groups
+ *
+ * (c) 2017 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Trivial IP Encryption (TrIPE).
+ *
+ * TrIPE is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * TrIPE is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with TrIPE; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+/*----- Header files ------------------------------------------------------*/
+
+#include "tripe.h"
+
+/*----- Common utilities --------------------------------------------------*/
+
+/* --- @KLOAD@ --- *
+ *
+ * Arguments: @pre@ = prefix for defined functions
+ * @ty@, @TY@ = key type name (lower- and upper-case)
+ * @setgroup@ = code to initialize @kd->g@
+ * @setpriv@ = code to initialize @kd->kpriv@
+ * @setpub@ = code to initialize @kd->kpub@
+ *
+ * Use: Generates the body of one of the (rather tedious) key loading
+ * functions. See the description of @KEYTYPES@ below for the
+ * details.
+ */
+
+#define KLOAD_HALF(pre, ty, TY, which, WHICH, setgroup, setpriv, setpub) \
+static int pre##_ld##which(key_file *kf, key *k, key_data *d, \
+ kdata *kd, dstr *t, dstr *e) \
+{ \
+ key_packstruct kps[TY##_##WHICH##FETCHSZ]; \
+ key_packdef *kp; \
+ ty##_##which p; \
+ int rc; \
+ \
+ /* --- Initialize things we've not set up yet --- */ \
+ \
+ kd->grp = 0; kd->k = 0; kd->K = 0; \
+ \
+ /* --- Unpack the key --- */ \
+ \
+ kp = key_fetchinit(ty##_##which##fetch, kps, &p); \
+ if ((rc = key_unpack(kp, d, t)) != 0) { \
+ a_format(e, "unpack-failed", "%s", key_strerror(rc), A_END); \
+ goto fail; \
+ } \
+ \
+ /* --- Extract the pieces of the key --- */ \
+ \
+ setgroup; \
+ setpriv; \
+ setpub; \
+ \
+ /* --- We win --- */ \
+ \
+ rc = 0; \
+ goto done; \
+ \
+fail: \
+ if (kd->grp) { \
+ if (kd->K) pre##_freege(kd->grp, kd->K); \
+ if (kd->k) pre##_freesc(kd->grp, kd->k); \
+ pre##_freegrp(kd->grp); \
+ } \
+ rc = -1; \
+ \
+done: \
+ key_fetchdone(kp); \
+ return (rc); \
+}
+
+#define KLOAD(pre, ty, TY, setgroup, setpriv, setpub) \
+static void pre##_freegrp(dhgrp *); \
+static void pre##_freesc(const dhgrp *, dhsc *); \
+static void pre##_freege(const dhgrp *, dhge *); \
+ KLOAD_HALF(pre, ty, TY, priv, PRIV, setgroup, setpriv, setpub) \
+ KLOAD_HALF(pre, ty, TY, pub, PUB, setgroup, { kd->k = 0; }, setpub)
+
+#ifndef NTRACE
+static void setupstr(mptext_stringctx *sc)
+ { sc->buf = (char *)buf_u; sc->lim = sc->buf + sizeof(buf_u); }
+
+static const char *donestr(mptext_stringctx *sc)
+ { *sc->buf = 0; return ((const char *)buf_u); }
+
+static void addlitstr(const char *p, mptext_stringctx *sc)
+ { mptext_stringops.put(p, strlen(p), sc); }
+
+static void addmpstr(mp *x, int radix, mptext_stringctx *sc)
+{
+ char b[12];
+
+ if (radix == 16) addlitstr("0x", sc);
+ else if (radix == 8) addlitstr("0", sc);
+ else if (radix != 10) { sprintf(b, "%d#", radix); addlitstr(b, sc); }
+ mp_write(x, radix, &mptext_stringops, sc);
+}
+
+static const char *mpstr(mp *x, int radix)
+{
+ mptext_stringctx sc;
+
+ setupstr(&sc);
+ addmpstr(x, radix, &sc);
+ return (donestr(&sc));
+}
+#endif
+
+/*----- Schnorr groups ----------------------------------------------------*/
+
+typedef struct intdh_grp {
+ dhgrp _g;
+ mpmont mm;
+ mp *q, *G;
+ size_t gesz;
+} intdh_grp;
+
+typedef struct intdh_sc { mp *x; } intdh_sc;
+typedef struct intdh_ge { mp *X; } intdh_ge;
+
+static dhgrp *intdh_mkgroup(const dh_param *dp)
+{
+ intdh_grp *g = CREATE(intdh_grp);
+ g->_g.scsz = mp_octets(dp->q);
+ g->gesz = mp_octets(dp->p);
+ mpmont_create(&g->mm, dp->p);
+ g->q = MP_COPY(dp->q);
+ g->G = mpmont_mul(&g->mm, MP_NEW, dp->g, g->mm.r2);
+ return (&g->_g);
+}
+
+static dhsc *intdh_mptosc(const dhgrp *gg, mp *z)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ intdh_sc *x = CREATE(intdh_sc);
+ x->x = MP_NEW; mp_div(0, &x->x, z, g->q);
+ return ((dhsc *)x);
+}
+
+static dhge *intdh_mptoge(const dhgrp *gg, mp *z)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ intdh_ge *Y = CREATE(intdh_ge);
+ mp *t = MP_NEW; mp_div(0, &t, z, g->mm.m);
+ Y->X = mpmont_mul(&g->mm, t, t, g->mm.r2);
+ return ((dhge *)Y);
+}
+
+KLOAD(intdh, dh, DH,
+ { kd->grp = intdh_mkgroup(&p.dp); },
+ { kd->k = intdh_mptosc(kd->grp, p.x); },
+ { kd->K = intdh_mptoge(kd->grp, p.y); })
+
+static const char *intdh_checkgrp(const dhgrp *gg)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ mp *t = MP_NEW;
+
+ if (!pgen_primep(g->mm.m, &rand_global)) return ("p is not prime");
+ if (!pgen_primep(g->q, &rand_global)) return ("q is not prime");
+ mp_div(0, &t, g->mm.m, g->q);
+ if (!MP_EQ(t, MP_ONE)) return ("q is not a subgroup order");
+ t = mpmont_expr(&g->mm, t, g->G, g->q);
+ if (!MP_EQ(t, g->mm.r)) return ("g not in the subgroup");
+ return (0);
+}
+
+static void intdh_grpinfo(const dhgrp *gg, admin *adm)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ a_info(adm,
+ "kx-group=prime",
+ "kx-group-order-bits=%lu", (unsigned long)mp_bits(g->q),
+ "kx-group-elt-bits=%lu", (unsigned long)mp_bits(g->mm.m),
+ A_END);
+}
+
+#ifndef NTRACE
+static void intdh_tracegrp(const dhgrp *gg)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ mp *t = MP_NEW;
+ trace(T_CRYPTO, "crypto: group type `dh'");
+ trace(T_CRYPTO, "crypto: p = %s", mpstr(g->mm.m, 10));
+ trace(T_CRYPTO, "crypto: q = %s", mpstr(g->q, 10));
+ t = mpmont_reduce(&g->mm, t, g->G);
+ trace(T_CRYPTO, "crypto: g = %s", mpstr(t, 10));
+ MP_DROP(t);
+}
+#endif
+
+static int intdh_samegrpp(const dhgrp *gg, const dhgrp *hh)
+{
+ const intdh_grp *g = (const intdh_grp *)gg, *h = (const intdh_grp *)hh;
+ return (MP_EQ(g->mm.m, h->mm.m) && MP_EQ(g->q, h->q) && MP_EQ(g->G, h->G));
+}
+
+static void intdh_freegrp(dhgrp *gg)
+{
+ intdh_grp *g = (intdh_grp *)gg;
+ mpmont_destroy(&g->mm); MP_DROP(g->q); MP_DROP(g->G);
+ DESTROY(g);
+}
+
+static dhsc *intdh_ldsc(const dhgrp *gg, const void *p, size_t sz)
+{ const intdh_grp *g = (const intdh_grp *)gg;
+ intdh_sc *x = CREATE(intdh_sc);
+ mp *t = mp_loadb(MP_NEW, p, sz);
+ mp_div(0, &t, t, g->q); x->x = t;
+ return ((dhsc *)x);
+}
+
+static int intdh_stsc(const dhgrp *gg, void *p, size_t sz, const dhsc *xx)
+{
+ const intdh_sc *x = (const intdh_sc *)xx;
+ mp_storeb(x->x, p, sz);
+ return (0);
+}
+
+static dhsc *intdh_randsc(const dhgrp *gg)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ intdh_sc *x = CREATE(intdh_sc);
+ x->x = mprand_range(MP_NEW, g->q, &rand_global, 0);
+ return ((dhsc *)x);
+}
+
+#ifndef NTRACE
+static const char *intdh_scstr(const dhgrp *gg, const dhsc *xx)
+ { const intdh_sc *x = (const intdh_sc *)xx; return (mpstr(x->x, 10)); }
+#endif
+
+static void intdh_freesc(const dhgrp *gg, dhsc *xx)
+{
+ intdh_sc *x = (intdh_sc *)xx;
+ MP_DROP(x->x); DESTROY(x);
+}
+
+static dhge *intdh_ldge(const dhgrp *gg, buf *b, int fmt)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ intdh_ge *Y;
+ mp *t;
+ const octet *p;
+
+ switch (fmt) {
+ case DHFMT_VAR: case DHFMT_HASH:
+ if ((t = buf_getmp(b)) == 0) return (0);
+ break;
+ case DHFMT_STD:
+ if ((p = buf_get(b, g->gesz)) == 0) return (0);
+ t = mp_loadb(MP_NEW, p, g->gesz);
+ break;
+ default:
+ abort();
+ }
+ Y = CREATE(intdh_ge);
+ mp_div(0, &t, t, g->mm.m);
+ Y->X = mpmont_mul(&g->mm, t, t, g->mm.r2);
+ return ((dhge *)Y);
+}
+
+static int intdh_stge(const dhgrp *gg, buf *b, const dhge *YY, int fmt)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ const intdh_ge *Y = (const intdh_ge *)YY;
+ octet *p;
+ mp *t;
+ int rc;
+
+ t = mpmont_reduce(&g->mm, MP_NEW, Y->X);
+ switch (fmt) {
+ case DHFMT_VAR: case DHFMT_HASH:
+ rc = buf_putmp(b, t);
+ break;
+ case DHFMT_STD:
+ if ((p = buf_get(b, g->gesz)) == 0)
+ rc = -1;
+ else {
+ mp_storeb(t, p, g->gesz);
+ rc = 0;
+ }
+ break;
+ default:
+ abort();
+ }
+ MP_DROP(t);
+ return (rc);
+}
+
+static int intdh_checkge(const dhgrp *gg, const dhge *YY)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ const intdh_ge *Y = (const intdh_ge *)YY;
+ mp *T;
+ int rc = 0;
+
+ if (MP_EQ(Y->X, g->mm.r)) rc = -1;
+ T = mpmont_expr(&g->mm, MP_NEW, Y->X, g->q);
+ if (!MP_EQ(T, g->mm.r)) rc = -1;
+ MP_DROP(T);
+ return (rc);
+}
+
+static int intdh_eq(const dhgrp *gg, const dhge *YY, const dhge *ZZ)
+{
+ const intdh_ge *Y = (const intdh_ge *)YY, *Z = (const intdh_ge *)ZZ;
+ return (MP_EQ(Y->X, Z->X));
+}
+
+static dhge *intdh_mul(const dhgrp *gg, const dhsc *xx, const dhge *YY)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ const intdh_sc *x = (const intdh_sc *)xx;
+ const intdh_ge *Y = (const intdh_ge *)YY;
+ intdh_ge *Z = CREATE(intdh_ge);
+
+ Z->X = mpmont_expr(&g->mm, MP_NEW, Y ? Y->X : g->G, x->x);
+ return ((dhge *)Z);
+}
+
+#ifndef NTRACE
+static const char *intdh_gestr(const dhgrp *gg, const dhge *YY)
+{
+ const intdh_grp *g = (const intdh_grp *)gg;
+ const intdh_ge *Y = (const intdh_ge *)YY;
+ mp *t = mpmont_reduce(&g->mm, MP_NEW, Y->X);
+ const char *p = mpstr(t, 10);
+ MP_DROP(t);
+ return (p);
+}
+#endif
+
+static void intdh_freege(const dhgrp *gg, dhge *YY)
+ { intdh_ge *Y = (intdh_ge *)YY; MP_DROP(Y->X); DESTROY(Y); }
+
+/*----- Elliptic curve groups ---------------------------------------------*/
+
+typedef struct ecdh_grp {
+ dhgrp _g;
+ ec_info ei;
+ ec P;
+} ecdh_grp;
+
+typedef struct ecdh_sc { mp *x; } ecdh_sc;
+typedef struct ecdh_ge { ec Q; } ecdh_ge;
+
+static dhgrp *ecdh_mkgroup(const char *cstr, dstr *e)
+{
+ ecdh_grp *g;
+ ec_info ei;
+ const char *err;
+
+ if ((err = ec_getinfo(&ei, cstr)) != 0) {
+ a_format(e, "decode-failed", "%s", err, A_END);
+ return (0);
+ }
+ g = CREATE(ecdh_grp);
+ g->ei = ei;
+ EC_CREATE(&g->P); EC_IN(g->ei.c, &g->P, &g->ei.g);
+ g->_g.scsz = mp_octets(g->ei.r);
+ return (&g->_g);
+}
+
+static dhsc *ecdh_mptosc(const dhgrp *gg, mp *z)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ ecdh_sc *x = CREATE(ecdh_sc);
+ x->x = MP_NEW; mp_div(0, &x->x, z, g->ei.r);
+ return ((dhsc *)x);
+}
+
+static dhge *ecdh_ectoge(const dhgrp *gg, ec *Q)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ ecdh_ge *Y = CREATE(ecdh_ge); EC_CREATE(&Y->Q);
+ EC_IN(g->ei.c, &Y->Q, Q);
+ if (EC_CHECK(g->ei.c, &Y->Q))
+ { EC_DESTROY(&Y->Q); DESTROY(Y); return (0); }
+ return ((dhge *)Y);
+}
+
+KLOAD(ecdh, ec, EC,
+ { if ((kd->grp = ecdh_mkgroup(p.cstr, e)) == 0) goto fail; },
+ { kd->k = ecdh_mptosc(kd->grp, p.x); },
+ { if ((kd->K = ecdh_ectoge(kd->grp, &p.p)) == 0) {
+ a_format(e, "bad-public-vector", A_END);
+ goto fail;
+ }
+ })
+
+static const char *ecdh_checkgrp(const dhgrp *gg)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ return (ec_checkinfo(&g->ei, &rand_global));
+}
+
+static void ecdh_grpinfo(const dhgrp *gg, admin *adm)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ a_info(adm,
+ "kx-group=ec",
+ "kx-group-order-bits=%lu", (unsigned long)mp_bits(g->ei.r),
+ "kx-group-elt-bits=%lu", (unsigned long)2*g->ei.c->f->nbits,
+ A_END);
+}
+
+#ifndef NTRACE
+static void addfestr(field *f, mp *x, mptext_stringctx *sc)
+ { addmpstr(x, F_TYPE(f) == FTY_PRIME ? 10 : 16, sc); }
+
+static void addintfestr(field *f, mp *x, mptext_stringctx *sc)
+ { mp *t = F_OUT(f, MP_NEW, x); addfestr(f, x, sc); MP_DROP(t); }
+
+static const char *intfestr(field *f, mp *x)
+{
+ mptext_stringctx sc;
+ setupstr(&sc);
+ addintfestr(f, x, &sc);
+ return (donestr(&sc));
+}
+
+static void ecdh_tracegrp(const dhgrp *gg)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ec_curve *c = g->ei.c;
+ field *f = c->f;
+
+ trace(T_CRYPTO, "crypto: group type `ec'");
+ switch (F_TYPE(f)) {
+ case FTY_PRIME:
+ trace(T_CRYPTO, "crypto: prime field `%s'", F_NAME(f));
+ trace(T_CRYPTO, "crypto: p = %s", mpstr(f->q, 10));
+ break;
+ case FTY_BINARY:
+ trace(T_CRYPTO, "crypto: binary field `%s'", F_NAME(f));
+ trace(T_CRYPTO, "crypto: degree = %lu", f->nbits - 1);
+ break;
+ default:
+ trace(T_CRYPTO, "crypto: unknown field type! `%s'", F_NAME(f));
+ break;
+ }
+ trace(T_CRYPTO, "crypto: curve type `%s'", EC_NAME(c));
+ trace(T_CRYPTO, "crypto: curve a = %s", intfestr(f, c->a));
+ trace(T_CRYPTO, "crypto: curve b = %s", intfestr(f, c->b));
+ trace(T_CRYPTO, "crypto: n = %s", mpstr(g->ei.r, 10));
+ trace(T_CRYPTO, "crypto: h = %s", mpstr(g->ei.h, 10));
+}
+#endif
+
+static int ecdh_samegrpp(const dhgrp *gg, const dhgrp *hh)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg, *h = (const ecdh_grp *)hh;
+ return (ec_sameinfop(&g->ei, &h->ei));
+}
+
+static void ecdh_freegrp(dhgrp *gg)
+{
+ ecdh_grp *g = (ecdh_grp *)gg;
+ EC_DESTROY(&g->P); ec_freeinfo(&g->ei);
+ DESTROY(g);
+}
+
+static dhsc *ecdh_ldsc(const dhgrp *gg, const void *p, size_t sz)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ ecdh_sc *x = CREATE(ecdh_sc);
+ mp *t = mp_loadb(MP_NEW, p, sz);
+ mp_div(0, &t, t, g->ei.r); x->x = t;
+ return ((dhsc *)x);
+}
+
+static int ecdh_stsc(const dhgrp *gg, void *p, size_t sz, const dhsc *xx)
+{
+ const ecdh_sc *x = (const ecdh_sc *)xx;
+ mp_storeb(x->x, p, sz);
+ return (0);
+}
+
+static dhsc *ecdh_randsc(const dhgrp *gg)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ ecdh_sc *x = CREATE(ecdh_sc);
+ x->x = mprand_range(MP_NEW, g->ei.r, &rand_global, 0);
+ return ((dhsc *)x);
+}
+
+#ifndef NTRACE
+static const char *ecdh_scstr(const dhgrp *gg, const dhsc *xx)
+{
+ const ecdh_sc *x = (const ecdh_sc *)xx;
+ return (mpstr(x->x, 10));
+}
+#endif
+
+static void ecdh_freesc(const dhgrp *gg, dhsc *xx)
+ { ecdh_sc *x = (ecdh_sc *)xx; MP_DROP(x->x); DESTROY(x); }
+
+static dhge *ecdh_ldge(const dhgrp *gg, buf *b, int fmt)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ ecdh_ge *Y;
+ ec T = EC_INIT;
+
+ switch (fmt) {
+ case DHFMT_VAR: case DHFMT_HASH: if (buf_getec(b, &T)) return (0); break;
+ case DHFMT_STD: if (ec_getraw(g->ei.c, b, &T)) return (0); break;
+ default:
+ abort();
+ }
+ EC_IN(g->ei.c, &T, &T);
+ Y = CREATE(ecdh_ge); Y->Q = T;
+ return ((dhge *)Y);
+}
+
+static int ecdh_stge(const dhgrp *gg, buf *b, const dhge *YY, int fmt)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ecdh_ge *Y = (const ecdh_ge *)YY;
+ ec T = EC_INIT;
+ int rc;
+
+ EC_OUT(g->ei.c, &T, &Y->Q);
+ switch (fmt) {
+ case DHFMT_VAR: case DHFMT_HASH: rc = buf_putec(b, &T); break;
+ case DHFMT_STD: rc = ec_putraw(g->ei.c, b, &T); break;
+ default: abort();
+ }
+ EC_DESTROY(&T);
+ return (rc);
+}
+
+static int ecdh_checkge(const dhgrp *gg, const dhge *YY)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ecdh_ge *Y = (const ecdh_ge *)YY;
+ ec T = EC_INIT;
+ int rc = 0;
+
+ if (EC_ATINF(&Y->Q)) rc = -1;
+ ec_imul(g->ei.c, &T, &Y->Q, g->ei.r);
+ if (!EC_ATINF(&T)) rc = -1;
+ EC_DESTROY(&T);
+ return (rc);
+}
+
+static int ecdh_eq(const dhgrp *gg, const dhge *YY, const dhge *ZZ)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ecdh_ge *Y = (const ecdh_ge *)YY, *Z = (const ecdh_ge *)ZZ;
+ ec T = EC_INIT, U = EC_INIT; int rc;
+ EC_FIX(g->ei.c, &T, &Y->Q); EC_FIX(g->ei.c, &U, &Z->Q);
+ rc = EC_EQ(&T, &U);
+ EC_DESTROY(&T); EC_DESTROY(&U);
+ return (rc);
+}
+
+static dhge *ecdh_mul(const dhgrp *gg, const dhsc *xx, const dhge *YY)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ecdh_sc *x = (const ecdh_sc *)xx;
+ const ecdh_ge *Y = (const ecdh_ge *)YY;
+ ecdh_ge *Z = CREATE(ecdh_ge); EC_CREATE(&Z->Q);
+
+ ec_imul(g->ei.c, &Z->Q, Y ? &Y->Q : &g->P, x->x);
+ return ((dhge *)Z);
+}
+
+#ifndef NTRACE
+static const char *ecdh_gestr(const dhgrp *gg, const dhge *YY)
+{
+ const ecdh_grp *g = (const ecdh_grp *)gg;
+ const ecdh_ge *Y = (const ecdh_ge *)YY;
+ ec T = EC_INIT;
+ field *f = g->ei.c->f;
+ mptext_stringctx sc;
+
+ if (EC_ATINF(&Y->Q)) return ("inf");
+ setupstr(&sc);
+ EC_OUT(g->ei.c, &T, &Y->Q);
+ addfestr(f, T.x, &sc);
+ addlitstr(", ", &sc);
+ addfestr(f, T.y, &sc);
+ EC_DESTROY(&T);
+ return (donestr(&sc));
+}
+#endif
+
+static void ecdh_freege(const dhgrp *gg, dhge *YY)
+ { ecdh_ge *Y = (ecdh_ge *)YY; EC_DESTROY(&Y->Q); DESTROY(Y); }
+
+/*----- Diffie--Hellman group table ---------------------------------------*/
+
+const dhops dhtab[] = {
+
+#define COMMA ,
+
+#define DH(name, pre) \
+ { name, pre##_ldpriv, pre##_ldpub, pre##_checkgrp, \
+ pre##_grpinfo, T( pre##_tracegrp COMMA ) pre##_samegrpp, \
+ pre##_freegrp, \
+ pre##_ldsc, pre##_stsc, pre##_randsc, T( pre##_scstr COMMA ) \
+ pre##_freesc, \
+ pre##_ldge, pre##_stge, pre##_checkge, pre##_eq, pre##_mul, \
+ T( pre##_gestr COMMA ) pre##_freege }, \
+
+ DH("dh", intdh)
+ DH("ec", ecdh)
+
+#undef DH
+
+ { 0 }
+};
+
+/*----- That's all, folks -------------------------------------------------*/
~mdw / tripe / blobdiff