comparison src/mac/pmac/pmac_init.c @ 192:9cc34777b479 libtomcrypt

propagate from branch 'au.asn.ucc.matt.ltc-orig' (head 9ba8f01f44320e9cb9f19881105ae84f84a43ea9) to branch 'au.asn.ucc.matt.dropbear.ltc' (head dbf51c569bc34956ad948e4cc87a0eeb2170b768)
author Matt Johnston <matt@ucc.asn.au>
date Sun, 08 May 2005 06:36:47 +0000
parents 1c15b283127b
children 39d5d58461d6
comparison
equal deleted inserted replaced
164:cd1143579f00 192:9cc34777b479
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org
10 */
11 #include "tomcrypt.h"
12
13 /**
14 @file pmac_init.c
15 PMAC implementation, initialize state, by Tom St Denis
16 */
17
18 #ifdef PMAC
19
20 static const struct {
21 int len;
22 unsigned char poly_div[MAXBLOCKSIZE],
23 poly_mul[MAXBLOCKSIZE];
24 } polys[] = {
25 {
26 8,
27 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0D },
28 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1B }
29 }, {
30 16,
31 { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
32 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43 },
33 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
34 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87 }
35 }
36 };
37
38 /**
39 Initialize a PMAC state
40 @param pmac The PMAC state to initialize
41 @param cipher The index of the desired cipher
42 @param key The secret key
43 @param keylen The length of the secret key (octets)
44 @return CRYPT_OK if successful
45 */
46 int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen)
47 {
48 int poly, x, y, m, err;
49 unsigned char *L;
50
51 LTC_ARGCHK(pmac != NULL);
52 LTC_ARGCHK(key != NULL);
53
54 /* valid cipher? */
55 if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
56 return err;
57 }
58
59 /* determine which polys to use */
60 pmac->block_len = cipher_descriptor[cipher].block_length;
61 for (poly = 0; poly < (int)(sizeof(polys)/sizeof(polys[0])); poly++) {
62 if (polys[poly].len == pmac->block_len) {
63 break;
64 }
65 }
66 if (polys[poly].len != pmac->block_len) {
67 return CRYPT_INVALID_ARG;
68 }
69
70 #ifdef LTC_FAST
71 if (pmac->block_len % sizeof(LTC_FAST_TYPE)) {
72 return CRYPT_INVALID_ARG;
73 }
74 #endif
75
76
77 /* schedule the key */
78 if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &pmac->key)) != CRYPT_OK) {
79 return err;
80 }
81
82 /* allocate L */
83 L = XMALLOC(pmac->block_len);
84 if (L == NULL) {
85 return CRYPT_MEM;
86 }
87
88 /* find L = E[0] */
89 zeromem(L, pmac->block_len);
90 cipher_descriptor[cipher].ecb_encrypt(L, L, &pmac->key);
91
92 /* find Ls[i] = L << i for i == 0..31 */
93 XMEMCPY(pmac->Ls[0], L, pmac->block_len);
94 for (x = 1; x < 32; x++) {
95 m = pmac->Ls[x-1][0] >> 7;
96 for (y = 0; y < pmac->block_len-1; y++) {
97 pmac->Ls[x][y] = ((pmac->Ls[x-1][y] << 1) | (pmac->Ls[x-1][y+1] >> 7)) & 255;
98 }
99 pmac->Ls[x][pmac->block_len-1] = (pmac->Ls[x-1][pmac->block_len-1] << 1) & 255;
100
101 if (m == 1) {
102 for (y = 0; y < pmac->block_len; y++) {
103 pmac->Ls[x][y] ^= polys[poly].poly_mul[y];
104 }
105 }
106 }
107
108 /* find Lr = L / x */
109 m = L[pmac->block_len-1] & 1;
110
111 /* shift right */
112 for (x = pmac->block_len - 1; x > 0; x--) {
113 pmac->Lr[x] = ((L[x] >> 1) | (L[x-1] << 7)) & 255;
114 }
115 pmac->Lr[0] = L[0] >> 1;
116
117 if (m == 1) {
118 for (x = 0; x < pmac->block_len; x++) {
119 pmac->Lr[x] ^= polys[poly].poly_div[x];
120 }
121 }
122
123 /* zero buffer, counters, etc... */
124 pmac->block_index = 1;
125 pmac->cipher_idx = cipher;
126 pmac->buflen = 0;
127 zeromem(pmac->block, sizeof(pmac->block));
128 zeromem(pmac->Li, sizeof(pmac->Li));
129 zeromem(pmac->checksum, sizeof(pmac->checksum));
130
131 #ifdef LTC_CLEAN_STACK
132 zeromem(L, pmac->block_len);
133 #endif
134
135 XFREE(L);
136
137 return CRYPT_OK;
138 }
139
140 #endif