Mercurial > dropbear

comparison libtomcrypt/src/encauth/gcm/gcm_add_aad.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 9
12 /** 10 /**
13 @file gcm_add_aad.c 11 @file gcm_add_aad.c
14 GCM implementation, Add AAD data to the stream, by Tom St Denis 12 GCM implementation, Add AAD data to the stream, by Tom St Denis
46 return err; 44 return err;
47 } 45 }
48 46
49 /* in IV mode? */ 47 /* in IV mode? */
50 if (gcm->mode == LTC_GCM_MODE_IV) { 48 if (gcm->mode == LTC_GCM_MODE_IV) {
49 /* IV length must be > 0 */
50 if (gcm->buflen == 0 && gcm->totlen == 0) return CRYPT_ERROR;
51 /* let's process the IV */ 51 /* let's process the IV */
52 if (gcm->ivmode || gcm->buflen != 12) { 52 if (gcm->ivmode || gcm->buflen != 12) {
53 for (x = 0; x < (unsigned long)gcm->buflen; x++) { 53 for (x = 0; x < (unsigned long)gcm->buflen; x++) {
54 gcm->X[x] ^= gcm->buf[x]; 54 gcm->X[x] ^= gcm->buf[x];
55 } 55 }
64 for (x = 0; x < 16; x++) { 64 for (x = 0; x < 16; x++) {
65 gcm->X[x] ^= gcm->buf[x]; 65 gcm->X[x] ^= gcm->buf[x];
66 } 66 }
67 gcm_mult_h(gcm, gcm->X); 67 gcm_mult_h(gcm, gcm->X);
68 68
69 /* copy counter out */ 69 /* copy counter out */
70 XMEMCPY(gcm->Y, gcm->X, 16); 70 XMEMCPY(gcm->Y, gcm->X, 16);
71 zeromem(gcm->X, 16); 71 zeromem(gcm->X, 16);
72 } else { 72 } else {
73 XMEMCPY(gcm->Y, gcm->buf, 12); 73 XMEMCPY(gcm->Y, gcm->buf, 12);
74 gcm->Y[12] = 0; 74 gcm->Y[12] = 0;
90 x = 0; 90 x = 0;
91 #ifdef LTC_FAST 91 #ifdef LTC_FAST
92 if (gcm->buflen == 0) { 92 if (gcm->buflen == 0) {
93 for (x = 0; x < (adatalen & ~15); x += 16) { 93 for (x = 0; x < (adatalen & ~15); x += 16) {
94 for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { 94 for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
95 *((LTC_FAST_TYPE*)(&gcm->X[y])) ^= *((LTC_FAST_TYPE*)(&adata[x + y])); 95 *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&adata[x + y]));
96 } 96 }
97 gcm_mult_h(gcm, gcm->X); 97 gcm_mult_h(gcm, gcm->X);
98 gcm->totlen += 128; 98 gcm->totlen += 128;
99 } 99 }
100 adata += x; 100 adata += x;
102 #endif 102 #endif
103 103
104 104
105 /* start adding AAD data to the state */ 105 /* start adding AAD data to the state */
106 for (; x < adatalen; x++) { 106 for (; x < adatalen; x++) {
107 gcm->X[gcm->buflen++] ^= *adata++; 107 gcm->X[gcm->buflen++] ^= *adata++;
108 108
109 if (gcm->buflen == 16) { 109 if (gcm->buflen == 16) {
110 /* GF mult it */ 110 /* GF mult it */
111 gcm_mult_h(gcm, gcm->X); 111 gcm_mult_h(gcm, gcm->X);
112 gcm->buflen = 0; 112 gcm->buflen = 0;
113 gcm->totlen += 128; 113 gcm->totlen += 128;
114 } 114 }
115 } 115 }
116 116
117 return CRYPT_OK; 117 return CRYPT_OK;
118 } 118 }
119 #endif 119 #endif
120
121 120
122 /* $Source$ */ 121
123 /* $Revision$ */ 122 /* ref: $Format:%D$ */
124 /* $Date$ */ 123 /* git commit: $Format:%H$ */
124 /* commit time: $Format:%ai$ */