5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 2003 - 2007 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
23 #include "silcpkcs1_i.h"
25 /************************** PKCS #1 message format ***************************/
27 /* Minimum padding in block */
28 #define SILC_PKCS1_MIN_PADDING 8
30 /* Encodes PKCS#1 data block from the `data' according to the block type
31 indicated by `bt'. When encoding signatures the `bt' must be
32 SILC_PKCS1_BT_PRV1 and when encoding encryption blocks the `bt' must
33 be SILC_PKCS1_BT_PUB. The encoded data is copied into the `dest_data'
34 buffer which is size of `dest_data_size'. If the `dest_data' is not
35 able to hold the encoded block this returns FALSE. The `rng' must be
36 set when `bt' is SILC_PKCS1_BT_PUB. This function returns TRUE on
39 SilcBool silc_pkcs1_encode(SilcPkcs1BlockType bt,
40 const unsigned char *data,
42 unsigned char *dest_data,
43 SilcUInt32 dest_data_size,
49 SILC_LOG_DEBUG(("PKCS#1 encoding, bt %d", bt));
51 if (!data || !dest_data ||
52 dest_data_size < SILC_PKCS1_MIN_PADDING + 3 ||
53 dest_data_size < data_len) {
54 SILC_LOG_DEBUG(("Data to be encoded is too long"));
60 dest_data[1] = (unsigned char)bt;
62 padlen = (SilcInt32)dest_data_size - (SilcInt32)data_len - 3;
63 if (padlen < SILC_PKCS1_MIN_PADDING) {
64 SILC_LOG_DEBUG(("Data to be encoded is too long"));
68 /* Encode according to block type */
70 case SILC_PKCS1_BT_PRV0:
71 case SILC_PKCS1_BT_PRV1:
73 memset(dest_data + 2, bt == SILC_PKCS1_BT_PRV1 ? 0xff : 0x00, padlen);
76 case SILC_PKCS1_BT_PUB:
79 SILC_LOG_ERROR(("Cannot encrypt: random number generator not provided"));
83 /* It is guaranteed this routine does not return zero byte. */
84 for (i = 2; i < padlen; i++)
85 dest_data[i] = silc_rng_get_byte_fast(rng);
91 dest_data[padlen + 2] = 0x00;
92 memcpy(dest_data + padlen + 3, data, data_len);
97 /* Decodes the PKCS#1 encoded block according to the block type `bt'.
98 When verifying signatures the `bt' must be SILC_PKCS1_BT_PRV1 and
99 when decrypting it must be SILC_PKCS1_BT_PUB. This copies the
100 decoded data into `dest_data' which is size of `dest_data_size'. If
101 the deocded block does not fit to `dest_data' this returns FALSE.
102 Returns TRUE on success. */
104 SilcBool silc_pkcs1_decode(SilcPkcs1BlockType bt,
105 const unsigned char *data,
107 unsigned char *dest_data,
108 SilcUInt32 dest_data_size,
109 SilcUInt32 *dest_len)
113 SILC_LOG_DEBUG(("PKCS#1 decoding, bt %d", bt));
116 if (!data || !dest_data || dest_data_size < 3 ||
117 data[0] != 0x00 || data[1] != (unsigned char)bt) {
118 SILC_LOG_DEBUG(("Malformed block"));
122 /* Decode according to block type */
124 case SILC_PKCS1_BT_PRV0:
128 case SILC_PKCS1_BT_PRV1:
130 for (i = 2; i < data_len; i++)
135 case SILC_PKCS1_BT_PUB:
137 for (i = 2; i < data_len; i++)
144 if (data[i++] != 0x00) {
145 SILC_LOG_DEBUG(("Malformed block"));
148 if (i - 1 < SILC_PKCS1_MIN_PADDING) {
149 SILC_LOG_DEBUG(("Malformed block"));
152 if (dest_data_size < data_len - i) {
153 SILC_LOG_DEBUG(("Destination buffer too small"));
158 memcpy(dest_data, data + i, data_len - i);
160 /* Return data length */
162 *dest_len = data_len - i;
168 /***************************** PKCS #1 PKCS API ******************************/
170 /* Generates RSA key pair. */
172 SilcBool silc_pkcs1_generate_key(const struct SilcPKCSAlgorithmStruct *pkcs,
175 void **ret_public_key,
176 void **ret_private_key)
178 SilcUInt32 prime_bits = keylen / 2;
180 SilcBool found = FALSE;
182 if (keylen < 768 || keylen > 16384)
190 silc_math_gen_prime(&p, prime_bits, FALSE, rng);
191 silc_math_gen_prime(&q, prime_bits, FALSE, rng);
192 if ((silc_mp_cmp(&p, &q)) != 0)
196 /* If p is smaller than q, switch them */
197 if ((silc_mp_cmp(&p, &q)) > 0) {
201 silc_mp_set(&hlp, &p);
203 silc_mp_set(&q, &hlp);
205 silc_mp_uninit(&hlp);
208 /* Generate the actual keys */
209 if (!silc_rsa_generate_keys(keylen, &p, &q, ret_public_key, ret_private_key))
218 /* Import PKCS #1 compliant public key */
220 int silc_pkcs1_import_public_key(const struct SilcPKCSAlgorithmStruct *pkcs,
223 void **ret_public_key)
225 SilcAsn1 asn1 = NULL;
226 SilcBufferStruct alg_key;
227 RsaPublicKey *pubkey;
232 asn1 = silc_asn1_alloc(NULL);
236 /* Allocate RSA public key */
237 *ret_public_key = pubkey = silc_calloc(1, sizeof(*pubkey));
241 /* Parse the PKCS #1 public key */
242 silc_buffer_set(&alg_key, key, key_len);
243 if (!silc_asn1_decode(asn1, &alg_key,
244 SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
246 SILC_ASN1_INT(&pubkey->n),
247 SILC_ASN1_INT(&pubkey->e),
248 SILC_ASN1_END, SILC_ASN1_END))
252 pubkey->bits = ((silc_mp_sizeinbase(&pubkey->n, 2) + 7) / 8) * 8;
254 silc_asn1_free(asn1);
260 silc_asn1_free(asn1);
264 /* Export PKCS #1 compliant public key */
267 silc_pkcs1_export_public_key(const struct SilcPKCSAlgorithmStruct *pkcs,
272 RsaPublicKey *key = public_key;
273 SilcAsn1 asn1 = NULL;
274 SilcBufferStruct alg_key;
277 asn1 = silc_asn1_alloc(stack);
281 /* Encode to PKCS #1 public key */
282 memset(&alg_key, 0, sizeof(alg_key));
283 if (!silc_asn1_encode(asn1, &alg_key,
284 SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
286 SILC_ASN1_INT(&key->n),
287 SILC_ASN1_INT(&key->e),
288 SILC_ASN1_END, SILC_ASN1_END))
291 ret = silc_buffer_steal(&alg_key, ret_len);
292 silc_asn1_free(asn1);
298 silc_asn1_free(asn1);
302 /* Returns key length */
305 silc_pkcs1_public_key_bitlen(const struct SilcPKCSAlgorithmStruct *pkcs,
308 RsaPublicKey *key = public_key;
312 /* Copy public key */
314 void *silc_pkcs1_public_key_copy(const struct SilcPKCSAlgorithmStruct *pkcs,
317 RsaPublicKey *key = public_key, *new_key;
319 new_key = silc_calloc(1, sizeof(*new_key));
323 silc_mp_init(&new_key->n);
324 silc_mp_init(&new_key->e);
325 silc_mp_set(&new_key->n, &key->n);
326 silc_mp_set(&new_key->e, &key->e);
327 new_key->bits = key->bits;
332 /* Compare public keys */
335 silc_pkcs1_public_key_compare(const struct SilcPKCSAlgorithmStruct *pkcs,
336 void *key1, void *key2)
338 RsaPublicKey *k1 = key1, *k2 = key2;
340 if (k1->bits != k2->bits)
342 if (silc_mp_cmp(&k1->e, &k2->e) != 0)
344 if (silc_mp_cmp(&k1->n, &k2->n) != 0)
350 /* Frees public key */
352 void silc_pkcs1_public_key_free(const struct SilcPKCSAlgorithmStruct *pkcs,
355 RsaPublicKey *key = public_key;
357 silc_mp_uninit(&key->n);
358 silc_mp_uninit(&key->e);
362 /* Import PKCS #1 compliant private key */
364 int silc_pkcs1_import_private_key(const struct SilcPKCSAlgorithmStruct *pkcs,
367 void **ret_private_key)
370 SilcBufferStruct alg_key;
371 RsaPrivateKey *privkey;
374 if (!ret_private_key)
377 asn1 = silc_asn1_alloc(NULL);
381 /* Allocate RSA private key */
382 *ret_private_key = privkey = silc_calloc(1, sizeof(*privkey));
386 /* Parse the PKCS #1 private key */
387 silc_buffer_set(&alg_key, key, key_len);
388 if (!silc_asn1_decode(asn1, &alg_key,
389 SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
391 SILC_ASN1_SHORT_INT(&ver),
392 SILC_ASN1_INT(&privkey->n),
393 SILC_ASN1_INT(&privkey->e),
394 SILC_ASN1_INT(&privkey->d),
395 SILC_ASN1_INT(&privkey->p),
396 SILC_ASN1_INT(&privkey->q),
397 SILC_ASN1_INT(&privkey->dP),
398 SILC_ASN1_INT(&privkey->dQ),
399 SILC_ASN1_INT(&privkey->qP),
400 SILC_ASN1_END, SILC_ASN1_END))
407 privkey->bits = ((silc_mp_sizeinbase(&privkey->n, 2) + 7) / 8) * 8;
409 silc_asn1_free(asn1);
415 silc_asn1_free(asn1);
419 /* Export PKCS #1 compliant private key */
422 silc_pkcs1_export_private_key(const struct SilcPKCSAlgorithmStruct *pkcs,
427 RsaPrivateKey *key = private_key;
429 SilcBufferStruct alg_key;
432 asn1 = silc_asn1_alloc(stack);
436 /* Encode to PKCS #1 private key */
437 memset(&alg_key, 0, sizeof(alg_key));
438 if (!silc_asn1_encode(asn1, &alg_key,
439 SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
441 SILC_ASN1_SHORT_INT(0),
442 SILC_ASN1_INT(&key->n),
443 SILC_ASN1_INT(&key->e),
444 SILC_ASN1_INT(&key->d),
445 SILC_ASN1_INT(&key->p),
446 SILC_ASN1_INT(&key->q),
447 SILC_ASN1_INT(&key->dP),
448 SILC_ASN1_INT(&key->dQ),
449 SILC_ASN1_INT(&key->qP),
450 SILC_ASN1_END, SILC_ASN1_END))
453 ret = silc_buffer_steal(&alg_key, ret_len);
454 silc_asn1_free(asn1);
459 silc_asn1_free(asn1);
463 /* Returns key length */
466 silc_pkcs1_private_key_bitlen(const struct SilcPKCSAlgorithmStruct *pkcs,
469 RsaPrivateKey *key = private_key;
473 /* Frees private key */
475 void silc_pkcs1_private_key_free(const struct SilcPKCSAlgorithmStruct *pkcs,
478 RsaPrivateKey *key = private_key;
480 silc_mp_uninit(&key->n);
481 silc_mp_uninit(&key->e);
482 silc_mp_uninit(&key->d);
483 silc_mp_uninit(&key->dP);
484 silc_mp_uninit(&key->dQ);
485 silc_mp_uninit(&key->qP);
486 silc_mp_uninit(&key->p);
487 silc_mp_uninit(&key->q);
491 /* PKCS #1 RSA routines */
494 silc_pkcs1_encrypt(const struct SilcPKCSAlgorithmStruct *pkcs,
499 SilcPKCSEncryptCb encrypt_cb,
502 RsaPublicKey *key = public_key;
505 unsigned char padded[2048 + 1];
506 SilcUInt32 len = (key->bits + 7) / 8;
509 if (sizeof(padded) < len) {
510 encrypt_cb(FALSE, NULL, 0, context);
515 if (!silc_pkcs1_encode(SILC_PKCS1_BT_PUB, src, src_len,
517 encrypt_cb(FALSE, NULL, 0, context);
521 stack = silc_stack_alloc(2048, silc_crypto_stack());
523 silc_mp_sinit(stack, &mp_tmp);
524 silc_mp_sinit(stack, &mp_dst);
527 silc_mp_bin2mp(padded, len, &mp_tmp);
530 silc_rsa_public_operation(key, &mp_tmp, &mp_dst);
533 silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
536 encrypt_cb(TRUE, padded, len, context);
538 memset(padded, 0, sizeof(padded));
539 silc_mp_suninit(stack, &mp_tmp);
540 silc_mp_suninit(stack, &mp_dst);
541 silc_stack_free(stack);
547 silc_pkcs1_decrypt(const struct SilcPKCSAlgorithmStruct *pkcs,
551 SilcPKCSDecryptCb decrypt_cb,
554 RsaPrivateKey *key = private_key;
557 unsigned char *padded, unpadded[2048 + 1];
558 SilcUInt32 padded_len, dst_len;
561 if (sizeof(unpadded) < (key->bits + 7) / 8) {
562 decrypt_cb(FALSE, NULL, 0, context);
566 stack = silc_stack_alloc(2048, silc_crypto_stack());
568 silc_mp_sinit(stack, &mp_tmp);
569 silc_mp_sinit(stack, &mp_dst);
572 silc_mp_bin2mp(src, src_len, &mp_tmp);
575 silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
578 padded = silc_mp_mp2bin(&mp_dst, (key->bits + 7) / 8, &padded_len);
581 if (!silc_pkcs1_decode(SILC_PKCS1_BT_PUB, padded, padded_len,
582 unpadded, sizeof(unpadded), &dst_len)) {
583 memset(padded, 0, padded_len);
585 silc_mp_suninit(stack, &mp_tmp);
586 silc_mp_suninit(stack, &mp_dst);
587 decrypt_cb(FALSE, NULL, 0, context);
592 decrypt_cb(TRUE, unpadded, dst_len, context);
594 memset(padded, 0, padded_len);
595 memset(unpadded, 0, sizeof(unpadded));
597 silc_mp_suninit(stack, &mp_tmp);
598 silc_mp_suninit(stack, &mp_dst);
599 silc_stack_free(stack);
604 /* PKCS #1 sign with appendix, hash OID included in the signature */
607 silc_pkcs1_sign(const struct SilcPKCSAlgorithmStruct *pkcs,
611 SilcBool compute_hash,
613 SilcPKCSSignCb sign_cb,
616 RsaPrivateKey *key = private_key;
617 unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
621 SilcUInt32 len = (key->bits + 7) / 8;
626 SILC_LOG_DEBUG(("Sign"));
628 if (sizeof(padded) < len) {
629 sign_cb(FALSE, NULL, 0, context);
633 oid = silc_hash_get_oid(hash);
635 sign_cb(FALSE, NULL, 0, context);
639 stack = silc_stack_alloc(2048, silc_crypto_stack());
641 asn1 = silc_asn1_alloc(stack);
643 silc_stack_free(stack);
644 sign_cb(FALSE, NULL, 0, context);
650 silc_hash_make(hash, src, src_len, hashr);
652 src_len = silc_hash_len(hash);
655 /* Encode digest info */
656 memset(&di, 0, sizeof(di));
657 if (!silc_asn1_encode(asn1, &di,
661 SILC_ASN1_NULL(TRUE),
663 SILC_ASN1_OCTET_STRING(src, src_len),
664 SILC_ASN1_END, SILC_ASN1_END)) {
665 silc_asn1_free(asn1);
666 silc_stack_free(stack);
667 sign_cb(FALSE, NULL, 0, context);
670 SILC_LOG_HEXDUMP(("DigestInfo"), silc_buffer_data(&di),
671 silc_buffer_len(&di));
674 if (!silc_pkcs1_encode(SILC_PKCS1_BT_PRV1, silc_buffer_data(&di),
675 silc_buffer_len(&di), padded, len, NULL)) {
676 silc_asn1_free(asn1);
677 silc_stack_free(stack);
678 sign_cb(FALSE, NULL, 0, context);
682 silc_mp_sinit(stack, &mp_tmp);
683 silc_mp_sinit(stack, &mp_dst);
686 silc_mp_bin2mp(padded, len, &mp_tmp);
689 silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
692 silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
695 sign_cb(TRUE, padded, len, context);
697 memset(padded, 0, sizeof(padded));
699 memset(hashr, 0, sizeof(hashr));
700 silc_mp_suninit(stack, &mp_tmp);
701 silc_mp_suninit(stack, &mp_dst);
702 silc_asn1_free(asn1);
703 silc_stack_free(stack);
708 /* PKCS #1 verification with appendix. */
711 silc_pkcs1_verify(const struct SilcPKCSAlgorithmStruct *pkcs,
713 unsigned char *signature,
714 SilcUInt32 signature_len,
718 SilcPKCSVerifyCb verify_cb,
721 RsaPublicKey *key = public_key;
722 SilcBool ret = FALSE;
725 unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
726 SilcUInt32 verify_len, len = (key->bits + 7) / 8;
727 SilcBufferStruct di, ldi;
728 SilcBool has_null = TRUE;
729 SilcHash ihash = NULL;
734 SILC_LOG_DEBUG(("Verify signature"));
736 stack = silc_stack_alloc(2048, silc_crypto_stack());
738 asn1 = silc_asn1_alloc(stack);
740 verify_cb(FALSE, context);
744 silc_mp_sinit(stack, &mp_tmp2);
745 silc_mp_sinit(stack, &mp_dst);
747 /* Format the signature into MP int */
748 silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
751 silc_rsa_public_operation(key, &mp_tmp2, &mp_dst);
754 verify = silc_mp_mp2bin(&mp_dst, len, &verify_len);
757 if (!silc_pkcs1_decode(SILC_PKCS1_BT_PRV1, verify, verify_len,
758 unpadded, sizeof(unpadded), &len))
760 silc_buffer_set(&di, unpadded, len);
762 /* If hash isn't given, allocate the one given in digest info */
766 /* Decode digest info */
767 if (!silc_asn1_decode(asn1, &di,
768 SILC_ASN1_OPTS(SILC_ASN1_ACCUMUL),
772 SILC_ASN1_NULL_T(SILC_ASN1_OPTIONAL,
773 SILC_ASN1_TAG_NULL, &has_null),
775 SILC_ASN1_END, SILC_ASN1_END))
778 if (!silc_hash_alloc_by_oid(oid, &ihash)) {
779 SILC_LOG_DEBUG(("Unknown OID %s", oid));
786 silc_hash_make(hash, data, data_len, hashr);
788 data_len = silc_hash_len(hash);
789 oid = (char *)silc_hash_get_oid(hash);
791 /* Encode digest info for comparison */
792 memset(&ldi, 0, sizeof(ldi));
793 if (!silc_asn1_encode(asn1, &ldi,
794 SILC_ASN1_OPTS(SILC_ASN1_ACCUMUL),
798 SILC_ASN1_NULL(has_null),
800 SILC_ASN1_OCTET_STRING(data, data_len),
801 SILC_ASN1_END, SILC_ASN1_END))
804 SILC_LOG_HEXDUMP(("DigestInfo remote"), silc_buffer_data(&di),
805 silc_buffer_len(&di));
806 SILC_LOG_HEXDUMP(("DigestInfo local"), silc_buffer_data(&ldi),
807 silc_buffer_len(&ldi));
810 if (silc_buffer_len(&di) == silc_buffer_len(&ldi) &&
811 !memcmp(silc_buffer_data(&di), silc_buffer_data(&ldi),
812 silc_buffer_len(&ldi)))
816 verify_cb(ret, context);
818 memset(verify, 0, verify_len);
819 memset(unpadded, 0, sizeof(unpadded));
821 silc_mp_suninit(stack, &mp_tmp2);
822 silc_mp_suninit(stack, &mp_dst);
824 memset(hashr, 0, sizeof(hashr));
826 silc_hash_free(ihash);
827 silc_asn1_free(asn1);
828 silc_stack_free(stack);
833 memset(verify, 0, verify_len);
835 silc_mp_suninit(stack, &mp_tmp2);
836 silc_mp_suninit(stack, &mp_dst);
838 silc_hash_free(ihash);
839 silc_asn1_free(asn1);
840 silc_stack_free(stack);
842 verify_cb(FALSE, context);
846 /* PKCS #1 sign without hash oid */
849 silc_pkcs1_sign_no_oid(const struct SilcPKCSAlgorithmStruct *pkcs,
853 SilcBool compute_hash,
855 SilcPKCSSignCb sign_cb,
858 RsaPrivateKey *key = private_key;
861 unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
862 SilcUInt32 len = (key->bits + 7) / 8;
865 SILC_LOG_DEBUG(("Sign"));
867 if (sizeof(padded) < len) {
868 sign_cb(FALSE, NULL, 0, context);
872 /* Compute hash if requested */
874 silc_hash_make(hash, src, src_len, hashr);
876 src_len = silc_hash_len(hash);
880 if (!silc_pkcs1_encode(SILC_PKCS1_BT_PRV1, src, src_len,
881 padded, len, NULL)) {
882 sign_cb(FALSE, NULL, 0, context);
886 stack = silc_stack_alloc(2048, silc_crypto_stack());
888 silc_mp_sinit(stack, &mp_tmp);
889 silc_mp_sinit(stack, &mp_dst);
892 silc_mp_bin2mp(padded, len, &mp_tmp);
895 silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
898 silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
901 sign_cb(TRUE, padded, len, context);
903 memset(padded, 0, sizeof(padded));
905 memset(hashr, 0, sizeof(hashr));
906 silc_mp_suninit(stack, &mp_tmp);
907 silc_mp_suninit(stack, &mp_dst);
908 silc_stack_free(stack);
913 /* PKCS #1 verify without hash oid */
916 silc_pkcs1_verify_no_oid(const struct SilcPKCSAlgorithmStruct *pkcs,
918 unsigned char *signature,
919 SilcUInt32 signature_len,
923 SilcPKCSVerifyCb verify_cb,
926 RsaPublicKey *key = public_key;
927 SilcBool ret = FALSE;
930 unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
931 SilcUInt32 verify_len, len = (key->bits + 7) / 8;
934 SILC_LOG_DEBUG(("Verify signature"));
936 stack = silc_stack_alloc(2048, silc_crypto_stack());
938 silc_mp_sinit(stack, &mp_tmp2);
939 silc_mp_sinit(stack, &mp_dst);
941 /* Format the signature into MP int */
942 silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
945 silc_rsa_public_operation(key, &mp_tmp2, &mp_dst);
948 verify = silc_mp_mp2bin(&mp_dst, len, &verify_len);
951 if (!silc_pkcs1_decode(SILC_PKCS1_BT_PRV1, verify, verify_len,
952 unpadded, sizeof(unpadded), &len)) {
953 memset(verify, 0, verify_len);
955 silc_mp_suninit(stack, &mp_tmp2);
956 silc_mp_suninit(stack, &mp_dst);
957 silc_stack_free(stack);
958 verify_cb(FALSE, context);
962 /* Hash data if requested */
964 silc_hash_make(hash, data, data_len, hashr);
966 data_len = silc_hash_len(hash);
970 if (len == data_len && !memcmp(data, unpadded, len))
974 verify_cb(ret, context);
976 memset(verify, 0, verify_len);
977 memset(unpadded, 0, sizeof(unpadded));
979 memset(hashr, 0, sizeof(hashr));
981 silc_mp_suninit(stack, &mp_tmp2);
982 silc_mp_suninit(stack, &mp_dst);
983 silc_stack_free(stack);