CoCalc -- ccm_add

GitHub Repository: wine-mirror/wine
Path: blob/master/libs/tomcrypt/src/encauth/ccm/ccm_add_nonce.c
⁵⁹⁷² views
1
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
2
 *
3
 * LibTomCrypt is a library that provides various cryptographic
4
 * algorithms in a highly modular and flexible manner.
5
 *
6
 * The library is free for all purposes without any express
7
 * guarantee it works.
8
 */
9
#include "tomcrypt.h"
10

11
#ifdef LTC_CCM_MODE
12

13
/**
14
  Add nonce data to the CCM state
15
  @param ccm       The CCM state
16
  @param nonce     The nonce data to add
17
  @param noncelen  The length of the nonce
18
  @return CRYPT_OK on success
19
 */
20
int ccm_add_nonce(ccm_state *ccm,
21
                  const unsigned char *nonce,     unsigned long noncelen)
22
{
23
   unsigned long x, y, len;
24
   int           err;
25

26
   LTC_ARGCHK(ccm   != NULL);
27
   LTC_ARGCHK(nonce != NULL);
28

29
   /* increase L to match the nonce len */
30
   ccm->noncelen = (noncelen > 13) ? 13 : noncelen;
31
   if ((15 - ccm->noncelen) > ccm->L) {
32
      ccm->L = 15 - ccm->noncelen;
33
   }
34

35
   /* decrease noncelen to match L */
36
   if ((ccm->noncelen + ccm->L) > 15) {
37
      ccm->noncelen = 15 - ccm->L;
38
   }
39

40
   /* form B_0 == flags | Nonce N | l(m) */
41
   x = 0;
42
   ccm->PAD[x++] = (unsigned char)(((ccm->aadlen > 0) ? (1<<6) : 0) |
43
                   (((ccm->taglen - 2)>>1)<<3)        |
44
                   (ccm->L-1));
45

46
   /* nonce */
47
   for (y = 0; y < (16 - (ccm->L + 1)); y++) {
48
      ccm->PAD[x++] = nonce[y];
49
   }
50

51
   /* store len */
52
   len = ccm->ptlen;
53

54
   /* shift len so the upper bytes of len are the contents of the length */
55
   for (y = ccm->L; y < 4; y++) {
56
      len <<= 8;
57
   }
58

59
   /* store l(m) (only store 32-bits) */
60
   for (y = 0; ccm->L > 4 && (ccm->L-y)>4; y++) {
61
      ccm->PAD[x++] = 0;
62
   }
63
   for (; y < ccm->L; y++) {
64
      ccm->PAD[x++] = (unsigned char)((len >> 24) & 255);
65
      len <<= 8;
66
   }
67

68
   /* encrypt PAD */
69
   if ((err = cipher_descriptor[ccm->cipher].ecb_encrypt(ccm->PAD, ccm->PAD, &ccm->K)) != CRYPT_OK) {
70
      return err;
71
   }
72

73
   /* handle header */
74
   ccm->x = 0;
75
   if (ccm->aadlen > 0) {
76
      /* store length */
77
      if (ccm->aadlen < ((1UL<<16) - (1UL<<8))) {
78
         ccm->PAD[ccm->x++] ^= (ccm->aadlen>>8) & 255;
79
         ccm->PAD[ccm->x++] ^= ccm->aadlen & 255;
80
      } else {
81
         ccm->PAD[ccm->x++] ^= 0xFF;
82
         ccm->PAD[ccm->x++] ^= 0xFE;
83
         ccm->PAD[ccm->x++] ^= (ccm->aadlen>>24) & 255;
84
         ccm->PAD[ccm->x++] ^= (ccm->aadlen>>16) & 255;
85
         ccm->PAD[ccm->x++] ^= (ccm->aadlen>>8) & 255;
86
         ccm->PAD[ccm->x++] ^= ccm->aadlen & 255;
87
      }
88
   }
89

90
   /* setup the ctr counter */
91
   x = 0;
92

93
   /* flags */
94
   ccm->ctr[x++] = (unsigned char)ccm->L-1;
95

96
   /* nonce */
97
   for (y = 0; y < (16 - (ccm->L+1)); ++y) {
98
      ccm->ctr[x++] = nonce[y];
99
   }
100
   /* offset */
101
   while (x < 16) {
102
      ccm->ctr[x++] = 0;
103
   }
104

105
   ccm->CTRlen = 16;
106
   return CRYPT_OK;
107
}
108

109
#endif
110

111
Product

Resources

Company
