Mercurial > dropbear
comparison eax_init.c @ 3:7faae8f46238 libtomcrypt-orig
Branch renaming
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 31 May 2004 18:25:41 +0000 |
parents | |
children | 5d99163f7e32 |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 3:7faae8f46238 |
---|---|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
2 * | |
3 * LibTomCrypt is a library that provides various cryptographic | |
4 * algorithms in a highly modular and flexible manner. | |
5 * | |
6 * The library is free for all purposes without any express | |
7 * guarantee it works. | |
8 * | |
9 * Tom St Denis, [email protected], http://libtomcrypt.org | |
10 */ | |
11 | |
12 /* EAX Implementation by Tom St Denis */ | |
13 #include "mycrypt.h" | |
14 | |
15 #ifdef EAX_MODE | |
16 | |
17 int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long keylen, | |
18 const unsigned char *nonce, unsigned long noncelen, | |
19 const unsigned char *header, unsigned long headerlen) | |
20 { | |
21 unsigned char buf[MAXBLOCKSIZE]; | |
22 int err, blklen; | |
23 omac_state omac; | |
24 unsigned long len; | |
25 | |
26 | |
27 _ARGCHK(eax != NULL); | |
28 _ARGCHK(key != NULL); | |
29 _ARGCHK(nonce != NULL); | |
30 if (headerlen > 0) { | |
31 _ARGCHK(header != NULL); | |
32 } | |
33 | |
34 if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { | |
35 return err; | |
36 } | |
37 blklen = cipher_descriptor[cipher].block_length; | |
38 | |
39 /* N = OMAC_0K(nonce) */ | |
40 zeromem(buf, sizeof(buf)); | |
41 if ((err = omac_init(&omac, cipher, key, keylen)) != CRYPT_OK) { | |
42 return err; | |
43 } | |
44 | |
45 /* omac the [0]_n */ | |
46 if ((err = omac_process(&omac, buf, blklen)) != CRYPT_OK) { | |
47 return err; | |
48 } | |
49 /* omac the nonce */ | |
50 if ((err = omac_process(&omac, nonce, noncelen)) != CRYPT_OK) { | |
51 return err; | |
52 } | |
53 /* store result */ | |
54 len = sizeof(eax->N); | |
55 if ((err = omac_done(&omac, eax->N, &len)) != CRYPT_OK) { | |
56 return err; | |
57 } | |
58 | |
59 /* H = OMAC_1K(header) */ | |
60 zeromem(buf, sizeof(buf)); | |
61 buf[blklen - 1] = 1; | |
62 | |
63 if ((err = omac_init(&eax->headeromac, cipher, key, keylen)) != CRYPT_OK) { | |
64 return err; | |
65 } | |
66 | |
67 /* omac the [1]_n */ | |
68 if ((err = omac_process(&eax->headeromac, buf, blklen)) != CRYPT_OK) { | |
69 return err; | |
70 } | |
71 /* omac the header */ | |
72 if (headerlen != 0) { | |
73 if ((err = omac_process(&eax->headeromac, header, headerlen)) != CRYPT_OK) { | |
74 return err; | |
75 } | |
76 } | |
77 | |
78 /* note we don't finish the headeromac, this allows us to add more header later */ | |
79 | |
80 /* setup the CTR mode */ | |
81 if ((err = ctr_start(cipher, eax->N, key, keylen, 0, &eax->ctr)) != CRYPT_OK) { | |
82 return err; | |
83 } | |
84 /* use big-endian counter */ | |
85 eax->ctr.mode = 1; | |
86 | |
87 /* setup the OMAC for the ciphertext */ | |
88 if ((err = omac_init(&eax->ctomac, cipher, key, keylen)) != CRYPT_OK) { | |
89 return err; | |
90 } | |
91 | |
92 /* omac [2]_n */ | |
93 zeromem(buf, sizeof(buf)); | |
94 buf[blklen-1] = 2; | |
95 if ((err = omac_process(&eax->ctomac, buf, blklen)) != CRYPT_OK) { | |
96 return err; | |
97 } | |
98 | |
99 #ifdef CLEAN_STACK | |
100 zeromem(buf, sizeof(buf)); | |
101 zeromem(&omac, sizeof(omac)); | |
102 #endif | |
103 return CRYPT_OK; | |
104 } | |
105 | |
106 #endif |