comparison libtomcrypt/src/encauth/ocb3/ocb3_decrypt_verify_memory.c @ 1471:6dba84798cd5

Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 */
9
10 /**
11 @file ocb3_decrypt_verify_memory.c
12 OCB implementation, helper to decrypt block of memory, by Tom St Denis
13 */
14 #include "tomcrypt.h"
15
16 #ifdef LTC_OCB3_MODE
17
18 /**
19 Decrypt and compare the tag with OCB
20 @param cipher The index of the cipher desired
21 @param key The secret key
22 @param keylen The length of the secret key (octets)
23 @param nonce The session nonce (length of the block size of the block cipher)
24 @param noncelen The length of the nonce (octets)
25 @param adata The AAD - additional associated data
26 @param adatalen The length of AAD (octets)
27 @param ct The ciphertext
28 @param ctlen The length of the ciphertext (octets)
29 @param pt [out] The plaintext
30 @param tag The tag to compare against
31 @param taglen The length of the tag (octets)
32 @param stat [out] The result of the tag comparison (1==valid, 0==invalid)
33 @return CRYPT_OK if successful regardless of the tag comparison
34 */
35 int ocb3_decrypt_verify_memory(int cipher,
36 const unsigned char *key, unsigned long keylen,
37 const unsigned char *nonce, unsigned long noncelen,
38 const unsigned char *adata, unsigned long adatalen,
39 const unsigned char *ct, unsigned long ctlen,
40 unsigned char *pt,
41 const unsigned char *tag, unsigned long taglen,
42 int *stat)
43 {
44 int err;
45 ocb3_state *ocb;
46 unsigned char *buf;
47 unsigned long buflen;
48
49 LTC_ARGCHK(stat != NULL);
50
51 /* default to zero */
52 *stat = 0;
53
54 /* limit taglen */
55 taglen = MIN(taglen, MAXBLOCKSIZE);
56
57 /* allocate memory */
58 buf = XMALLOC(taglen);
59 ocb = XMALLOC(sizeof(ocb3_state));
60 if (ocb == NULL || buf == NULL) {
61 if (ocb != NULL) {
62 XFREE(ocb);
63 }
64 if (buf != NULL) {
65 XFREE(buf);
66 }
67 return CRYPT_MEM;
68 }
69
70 if ((err = ocb3_init(ocb, cipher, key, keylen, nonce, noncelen, taglen)) != CRYPT_OK) {
71 goto LBL_ERR;
72 }
73
74 if (adata != NULL || adatalen != 0) {
75 if ((err = ocb3_add_aad(ocb, adata, adatalen)) != CRYPT_OK) {
76 goto LBL_ERR;
77 }
78 }
79
80 if ((err = ocb3_decrypt_last(ocb, ct, ctlen, pt)) != CRYPT_OK) {
81 goto LBL_ERR;
82 }
83
84 buflen = taglen;
85 if ((err = ocb3_done(ocb, buf, &buflen)) != CRYPT_OK) {
86 goto LBL_ERR;
87 }
88
89 /* compare tags */
90 if (buflen >= taglen && XMEM_NEQ(buf, tag, taglen) == 0) {
91 *stat = 1;
92 }
93
94 err = CRYPT_OK;
95
96 LBL_ERR:
97 #ifdef LTC_CLEAN_STACK
98 zeromem(ocb, sizeof(ocb3_state));
99 #endif
100
101 XFREE(ocb);
102 XFREE(buf);
103 return err;
104 }
105
106 #endif
107
108 /* ref: $Format:%D$ */
109 /* git commit: $Format:%H$ */
110 /* commit time: $Format:%ai$ */