diff src/encauth/eax/eax_done.c @ 192:9cc34777b479 libtomcrypt

propagate from branch 'au.asn.ucc.matt.ltc-orig' (head 9ba8f01f44320e9cb9f19881105ae84f84a43ea9) to branch 'au.asn.ucc.matt.dropbear.ltc' (head dbf51c569bc34956ad948e4cc87a0eeb2170b768)
author Matt Johnston <matt@ucc.asn.au>
date Sun, 08 May 2005 06:36:47 +0000
parents 1c15b283127b
children 39d5d58461d6
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/encauth/eax/eax_done.c	Sun May 08 06:36:47 2005 +0000
@@ -0,0 +1,90 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+
+/**
+   @file eax_done.c
+   EAX implementation, terminate session, by Tom St Denis
+*/
+#include "tomcrypt.h"
+
+#ifdef EAX_MODE
+
+/**
+   Terminate an EAX session and get the tag.
+   @param eax       The EAX state
+   @param tag       [out] The destination of the authentication tag
+   @param taglen    [in/out] The max length and resulting length of the authentication tag
+   @return CRYPT_OK if successful
+*/
+int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen)
+{
+   int           err;
+   unsigned char *headermac, *ctmac;
+   unsigned long x, len;
+
+   LTC_ARGCHK(eax    != NULL);
+   LTC_ARGCHK(tag    != NULL);
+   LTC_ARGCHK(taglen != NULL);
+
+   /* allocate ram */
+   headermac = XMALLOC(MAXBLOCKSIZE);
+   ctmac     = XMALLOC(MAXBLOCKSIZE);
+
+   if (headermac == NULL || ctmac == NULL) {
+      if (headermac != NULL) {
+         XFREE(headermac);
+      }
+      if (ctmac != NULL) {
+         XFREE(ctmac);
+      }
+      return CRYPT_MEM;
+   }
+
+   /* finish ctomac */
+   len = MAXBLOCKSIZE;
+   if ((err = omac_done(&eax->ctomac, ctmac, &len)) != CRYPT_OK) {
+      goto LBL_ERR; 
+   }
+
+   /* finish headeromac */
+
+   /* note we specifically don't reset len so the two lens are minimal */
+
+   if ((err = omac_done(&eax->headeromac, headermac, &len)) != CRYPT_OK) {
+      goto LBL_ERR; 
+   }
+
+   /* terminate the CTR chain */
+   if ((err = ctr_done(&eax->ctr)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* compute N xor H xor C */
+   for (x = 0; x < len && x < *taglen; x++) {
+       tag[x] = eax->N[x] ^ headermac[x] ^ ctmac[x];
+   }
+   *taglen = x;
+
+   err = CRYPT_OK;
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+   zeromem(ctmac,     MAXBLOCKSIZE);
+   zeromem(headermac, MAXBLOCKSIZE);
+   zeromem(eax,       sizeof(*eax));
+#endif
+
+   XFREE(ctmac);
+   XFREE(headermac);
+
+   return err;
+}
+
+#endif