comparison libtomcrypt/src/mac/pmac/pmac_init.c @ 1471:6dba84798cd5

Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 #include "tomcrypt.h" 9 #include "tomcrypt.h"
12 10
13 /** 11 /**
14 @file pmac_init.c 12 @file pmac_init.c
15 PMAC implementation, initialize state, by Tom St Denis 13 PMAC implementation, initialize state, by Tom St Denis
16 */ 14 */
17 15
18 #ifdef LTC_PMAC 16 #ifdef LTC_PMAC
19 17
20 static const struct { 18 static const struct {
21 int len; 19 int len;
22 unsigned char poly_div[MAXBLOCKSIZE], 20 unsigned char poly_div[MAXBLOCKSIZE],
23 poly_mul[MAXBLOCKSIZE]; 21 poly_mul[MAXBLOCKSIZE];
24 } polys[] = { 22 } polys[] = {
25 { 23 {
26 8, 24 8,
27 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D }, 25 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D },
28 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1B } 26 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1B }
29 }, { 27 }, {
30 16, 28 16,
31 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 29 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
32 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43 }, 30 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43 },
33 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 31 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
34 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87 } 32 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87 }
35 } 33 }
37 35
38 /** 36 /**
39 Initialize a PMAC state 37 Initialize a PMAC state
40 @param pmac The PMAC state to initialize 38 @param pmac The PMAC state to initialize
41 @param cipher The index of the desired cipher 39 @param cipher The index of the desired cipher
42 @param key The secret key 40 @param key The secret key
43 @param keylen The length of the secret key (octets) 41 @param keylen The length of the secret key (octets)
44 @return CRYPT_OK if successful 42 @return CRYPT_OK if successful
45 */ 43 */
46 int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen) 44 int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen)
47 { 45 {
57 } 55 }
58 56
59 /* determine which polys to use */ 57 /* determine which polys to use */
60 pmac->block_len = cipher_descriptor[cipher].block_length; 58 pmac->block_len = cipher_descriptor[cipher].block_length;
61 for (poly = 0; poly < (int)(sizeof(polys)/sizeof(polys[0])); poly++) { 59 for (poly = 0; poly < (int)(sizeof(polys)/sizeof(polys[0])); poly++) {
62 if (polys[poly].len == pmac->block_len) { 60 if (polys[poly].len == pmac->block_len) {
63 break; 61 break;
64 } 62 }
65 } 63 }
64 if (poly >= (int)(sizeof(polys)/sizeof(polys[0]))) {
65 return CRYPT_INVALID_ARG;
66 }
66 if (polys[poly].len != pmac->block_len) { 67 if (polys[poly].len != pmac->block_len) {
67 return CRYPT_INVALID_ARG; 68 return CRYPT_INVALID_ARG;
68 } 69 }
69 70
70 #ifdef LTC_FAST 71 #ifdef LTC_FAST
76 77
77 /* schedule the key */ 78 /* schedule the key */
78 if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &pmac->key)) != CRYPT_OK) { 79 if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &pmac->key)) != CRYPT_OK) {
79 return err; 80 return err;
80 } 81 }
81 82
82 /* allocate L */ 83 /* allocate L */
83 L = XMALLOC(pmac->block_len); 84 L = XMALLOC(pmac->block_len);
84 if (L == NULL) { 85 if (L == NULL) {
85 return CRYPT_MEM; 86 return CRYPT_MEM;
86 } 87 }
105 pmac->Ls[x][y] ^= polys[poly].poly_mul[y]; 106 pmac->Ls[x][y] ^= polys[poly].poly_mul[y];
106 } 107 }
107 } 108 }
108 } 109 }
109 110
110 /* find Lr = L / x */ 111 /* find Lr = L / x */
111 m = L[pmac->block_len-1] & 1; 112 m = L[pmac->block_len-1] & 1;
112 113
113 /* shift right */ 114 /* shift right */
114 for (x = pmac->block_len - 1; x > 0; x--) { 115 for (x = pmac->block_len - 1; x > 0; x--) {
115 pmac->Lr[x] = ((L[x] >> 1) | (L[x-1] << 7)) & 255; 116 pmac->Lr[x] = ((L[x] >> 1) | (L[x-1] << 7)) & 255;
116 } 117 }
117 pmac->Lr[0] = L[0] >> 1; 118 pmac->Lr[0] = L[0] >> 1;
118 119
119 if (m == 1) { 120 if (m == 1) {
120 for (x = 0; x < pmac->block_len; x++) { 121 for (x = 0; x < pmac->block_len; x++) {
121 pmac->Lr[x] ^= polys[poly].poly_div[x]; 122 pmac->Lr[x] ^= polys[poly].poly_div[x];
122 } 123 }
123 } 124 }
124 125
125 /* zero buffer, counters, etc... */ 126 /* zero buffer, counters, etc... */
126 pmac->block_index = 1; 127 pmac->block_index = 1;
127 pmac->cipher_idx = cipher; 128 pmac->cipher_idx = cipher;
128 pmac->buflen = 0; 129 pmac->buflen = 0;
129 zeromem(pmac->block, sizeof(pmac->block)); 130 zeromem(pmac->block, sizeof(pmac->block));
130 zeromem(pmac->Li, sizeof(pmac->Li)); 131 zeromem(pmac->Li, sizeof(pmac->Li));
131 zeromem(pmac->checksum, sizeof(pmac->checksum)); 132 zeromem(pmac->checksum, sizeof(pmac->checksum));
132 err = CRYPT_OK; 133 err = CRYPT_OK;
133 error: 134 error:
134 #ifdef LTC_CLEAN_STACK 135 #ifdef LTC_CLEAN_STACK
135 zeromem(L, pmac->block_len); 136 zeromem(L, pmac->block_len);
136 #endif 137 #endif
137 138
138 XFREE(L); 139 XFREE(L);
139 140
140 return err; 141 return err;
141 } 142 }
142 143
143 #endif 144 #endif
144 145
145 /* $Source$ */ 146 /* ref: $Format:%D$ */
146 /* $Revision$ */ 147 /* git commit: $Format:%H$ */
147 /* $Date$ */ 148 /* commit time: $Format:%ai$ */