Mercurial > dropbear
annotate libtomcrypt/src/encauth/ccm/ccm_memory.c @ 1505:55120acb9994
Add Spectre v2 mitigations for GCC (#54)
author | Loganaden Velvindron <logan@hackers.mu> |
---|---|
date | Fri, 16 Feb 2018 19:35:32 +0400 |
parents | 6dba84798cd5 |
children | e9dba7abd939 |
rev | line source |
---|---|
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * LibTomCrypt is a library that provides various cryptographic |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * algorithms in a highly modular and flexible manner. |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * The library is free for all purposes without any express |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * guarantee it works. |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 #include "tomcrypt.h" |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 /** |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 @file ccm_memory.c |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 CCM support, process a block of memory, Tom St Denis |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 |
1435
f849a5ca2efc
update to libtomcrypt 1.17 (with Dropbear changes)
Matt Johnston <matt@ucc.asn.au>
parents:
382
diff
changeset
|
16 #ifdef LTC_CCM_MODE |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 /** |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 CCM encrypt/decrypt and produce an authentication tag |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
20 |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
21 *1 'pt', 'ct' and 'tag' can both be 'in' or 'out', depending on 'direction' |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
22 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 @param cipher The index of the cipher desired |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 @param key The secret key to use |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 @param keylen The length of the secret key (octets) |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
26 @param uskey A previously scheduled key [optional can be NULL] |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 @param nonce The session nonce [use once] |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 @param noncelen The length of the nonce |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 @param header The header for the session |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 @param headerlen The length of the header (octets) |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
31 @param pt [*1] The plaintext |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 @param ptlen The length of the plaintext (octets) |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
33 @param ct [*1] The ciphertext |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
34 @param tag [*1] The destination tag |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
35 @param taglen The max size and resulting size of the authentication tag |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 @param direction Encrypt or Decrypt direction (0 or 1) |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 @return CRYPT_OK if successful |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 int ccm_memory(int cipher, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 const unsigned char *key, unsigned long keylen, |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
41 symmetric_key *uskey, |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 const unsigned char *nonce, unsigned long noncelen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 const unsigned char *header, unsigned long headerlen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 unsigned char *pt, unsigned long ptlen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 unsigned char *ct, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 unsigned char *tag, unsigned long *taglen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 int direction) |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 { |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
49 unsigned char PAD[16], ctr[16], CTRPAD[16], ptTag[16], b, *pt_real; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
50 unsigned char *pt_work = NULL; |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 symmetric_key *skey; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 int err; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 unsigned long len, L, x, y, z, CTRlen; |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
54 #ifdef LTC_FAST |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
55 LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all zeroes */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
56 #endif |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
57 unsigned char mask = 0xff; /* initialize mask at all zeroes */ |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
59 if (uskey == NULL) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
60 LTC_ARGCHK(key != NULL); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
61 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 LTC_ARGCHK(nonce != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 if (headerlen > 0) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 LTC_ARGCHK(header != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 LTC_ARGCHK(pt != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 LTC_ARGCHK(ct != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 LTC_ARGCHK(tag != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 LTC_ARGCHK(taglen != NULL); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
71 pt_real = pt; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
72 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 #ifdef LTC_FAST |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 if (16 % sizeof(LTC_FAST_TYPE)) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 return CRYPT_INVALID_ARG; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 #endif |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 /* check cipher input */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 return err; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
83 if (cipher_descriptor[cipher].block_length != 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
84 return CRYPT_INVALID_CIPHER; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
86 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
87 /* make sure the taglen is even and <= 16 */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
88 *taglen &= ~1; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
89 if (*taglen > 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 *taglen = 16; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
91 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
93 /* can't use < 4 */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 if (*taglen < 4) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
95 return CRYPT_INVALID_ARG; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 /* is there an accelerator? */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 if (cipher_descriptor[cipher].accel_ccm_memory != NULL) { |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
100 return cipher_descriptor[cipher].accel_ccm_memory( |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 key, keylen, |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
102 uskey, |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 nonce, noncelen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 header, headerlen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 pt, ptlen, |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
106 ct, |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
107 tag, taglen, |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 direction); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
109 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
110 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 /* let's get the L value */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 len = ptlen; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
113 L = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 while (len) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 ++L; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 len >>= 8; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 if (L <= 1) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
119 L = 2; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
120 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
121 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 /* increase L to match the nonce len */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 noncelen = (noncelen > 13) ? 13 : noncelen; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 if ((15 - noncelen) > L) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 L = 15 - noncelen; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
126 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
128 /* allocate mem for the symmetric key */ |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
129 if (uskey == NULL) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
130 skey = XMALLOC(sizeof(*skey)); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
131 if (skey == NULL) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
132 return CRYPT_MEM; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
133 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
134 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
135 /* initialize the cipher */ |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
136 if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
137 XFREE(skey); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
138 return err; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
139 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
140 } else { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
141 skey = uskey; |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
142 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
144 /* initialize buffer for pt */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
145 if (direction == CCM_DECRYPT && ptlen > 0) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
146 pt_work = XMALLOC(ptlen); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
147 if (pt_work == NULL) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
148 goto error; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
149 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
150 pt = pt_work; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
151 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
152 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
153 /* form B_0 == flags | Nonce N | l(m) */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
154 x = 0; |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
155 PAD[x++] = (unsigned char)(((headerlen > 0) ? (1<<6) : 0) | |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 (((*taglen - 2)>>1)<<3) | |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
157 (L-1)); |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
158 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 /* nonce */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
160 for (y = 0; y < (16 - (L + 1)); y++) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
161 PAD[x++] = nonce[y]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
162 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
163 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
164 /* store len */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
165 len = ptlen; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
166 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
167 /* shift len so the upper bytes of len are the contents of the length */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
168 for (y = L; y < 4; y++) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
169 len <<= 8; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
170 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
171 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 /* store l(m) (only store 32-bits) */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
173 for (y = 0; L > 4 && (L-y)>4; y++) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 PAD[x++] = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
175 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
176 for (; y < L; y++) { |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
177 PAD[x++] = (unsigned char)((len >> 24) & 255); |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
178 len <<= 8; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
179 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
181 /* encrypt PAD */ |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
182 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
183 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
184 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
185 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
186 /* handle header */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 if (headerlen > 0) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
188 x = 0; |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
189 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 /* store length */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
191 if (headerlen < ((1UL<<16) - (1UL<<8))) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
192 PAD[x++] ^= (headerlen>>8) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
193 PAD[x++] ^= headerlen & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 } else { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 PAD[x++] ^= 0xFF; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 PAD[x++] ^= 0xFE; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
197 PAD[x++] ^= (headerlen>>24) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 PAD[x++] ^= (headerlen>>16) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 PAD[x++] ^= (headerlen>>8) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
200 PAD[x++] ^= headerlen & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
202 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
203 /* now add the data */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 for (y = 0; y < headerlen; y++) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 if (x == 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 /* full block so let's encrypt it */ |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
207 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
208 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
209 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
210 x = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
212 PAD[x++] ^= header[y]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
213 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
214 |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
215 /* remainder */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
216 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
217 goto error; |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
218 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
221 /* setup the ctr counter */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
222 x = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
223 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 /* flags */ |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
225 ctr[x++] = (unsigned char)L-1; |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
226 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 /* nonce */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
228 for (y = 0; y < (16 - (L+1)); ++y) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
229 ctr[x++] = nonce[y]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
230 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
231 /* offset */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 while (x < 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 ctr[x++] = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 x = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 CTRlen = 16; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
239 /* now handle the PT */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 if (ptlen > 0) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 y = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 #ifdef LTC_FAST |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 if (ptlen & ~15) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
244 if (direction == CCM_ENCRYPT) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
245 for (; y < (ptlen & ~15); y += 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
246 /* increment the ctr? */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 for (z = 15; z > 15-L; z--) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
248 ctr[z] = (ctr[z] + 1) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 if (ctr[z]) break; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
250 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
251 if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
252 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
253 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
254 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
255 /* xor the PT against the pad first */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
256 for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
257 *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
258 *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
259 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
260 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
261 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
262 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
263 } |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
264 } else { /* direction == CCM_DECRYPT */ |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
265 for (; y < (ptlen & ~15); y += 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
266 /* increment the ctr? */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
267 for (z = 15; z > 15-L; z--) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
268 ctr[z] = (ctr[z] + 1) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
269 if (ctr[z]) break; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
271 if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
272 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
273 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
274 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
275 /* xor the PT against the pad last */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
276 for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
277 *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[y+z])) ^ *(LTC_FAST_TYPE_PTR_CAST(&CTRPAD[z])); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
278 *(LTC_FAST_TYPE_PTR_CAST(&PAD[z])) ^= *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])); |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
279 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
280 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
281 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
282 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
283 } |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
284 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
285 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
286 #endif |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
287 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
288 for (; y < ptlen; y++) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
289 /* increment the ctr? */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
290 if (CTRlen == 16) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
291 for (z = 15; z > 15-L; z--) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
292 ctr[z] = (ctr[z] + 1) & 255; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
293 if (ctr[z]) break; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
294 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
295 if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
296 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
297 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
298 CTRlen = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
299 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
300 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
301 /* if we encrypt we add the bytes to the MAC first */ |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
302 if (direction == CCM_ENCRYPT) { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
303 b = pt[y]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
304 ct[y] = b ^ CTRPAD[CTRlen++]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
305 } else { |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
306 b = ct[y] ^ CTRPAD[CTRlen++]; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
307 pt[y] = b; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
308 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
309 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
310 if (x == 16) { |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
311 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
312 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
313 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
314 x = 0; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
315 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
316 PAD[x++] ^= b; |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
317 } |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
318 |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
319 if (x != 0) { |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
320 if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
321 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
322 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
323 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
324 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
325 |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
326 /* setup CTR for the TAG (zero the count) */ |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
327 for (y = 15; y > 15 - L; y--) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
328 ctr[y] = 0x00; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
329 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
330 if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
331 goto error; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
332 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
333 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
334 if (skey != uskey) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
335 cipher_descriptor[cipher].done(skey); |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
336 #ifdef LTC_CLEAN_STACK |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
337 zeromem(skey, sizeof(*skey)); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
338 #endif |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
339 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
340 |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
341 if (direction == CCM_ENCRYPT) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
342 /* store the TAG */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
343 for (x = 0; x < 16 && x < *taglen; x++) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
344 tag[x] = PAD[x] ^ CTRPAD[x]; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
345 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
346 *taglen = x; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
347 } else { /* direction == CCM_DECRYPT */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
348 /* decrypt the tag */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
349 for (x = 0; x < 16 && x < *taglen; x++) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
350 ptTag[x] = tag[x] ^ CTRPAD[x]; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
351 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
352 *taglen = x; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
353 |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
354 /* check validity of the decrypted tag against the computed PAD (in constant time) */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
355 /* HACK: the boolean value of XMEM_NEQ becomes either 0 (CRYPT_OK) or 1 (CRYPT_ERR). |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
356 * there should be a better way of setting the correct error code in constant |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
357 * time. |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
358 */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
359 err = XMEM_NEQ(ptTag, PAD, *taglen); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
360 |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
361 /* Zero the plaintext if the tag was invalid (in constant time) */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
362 if (ptlen > 0) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
363 y = 0; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
364 mask *= 1 - err; /* mask = ( err ? 0 : 0xff ) */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
365 #ifdef LTC_FAST |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
366 fastMask *= 1 - err; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
367 if (ptlen & ~15) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
368 for (; y < (ptlen & ~15); y += 16) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
369 for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
370 *(LTC_FAST_TYPE_PTR_CAST(&pt_real[y+z])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[y+z])) & fastMask; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
371 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
372 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
373 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
374 #endif |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
375 for (; y < ptlen; y++) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
376 pt_real[y] = pt[y] & mask; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
377 } |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
378 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
379 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
380 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
381 #ifdef LTC_CLEAN_STACK |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
382 #ifdef LTC_FAST |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
383 fastMask = 0; |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
384 #endif |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
385 mask = 0; |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
386 zeromem(PAD, sizeof(PAD)); |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
387 zeromem(CTRPAD, sizeof(CTRPAD)); |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
388 if (pt_work != NULL) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
389 zeromem(pt_work, ptlen); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
390 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
391 #endif |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
392 error: |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
393 if (pt_work) { |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
394 XFREE(pt_work); |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
395 } |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
396 if (skey != uskey) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
397 XFREE(skey); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
398 } |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
399 |
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
285
diff
changeset
|
400 return err; |
285
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
401 } |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
402 |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
403 #endif |
1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
404 |
1471
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
405 /* ref: $Format:%D$ */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
406 /* git commit: $Format:%H$ */ |
6dba84798cd5
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Matt Johnston <matt@ucc.asn.au>
parents:
1435
diff
changeset
|
407 /* commit time: $Format:%ai$ */ |