Upgrade libtomcrypt
This commit is contained in:
@@ -29,7 +29,7 @@ static int s_ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_bl
|
||||
|
||||
/* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */
|
||||
ocb3_int_xor_blocks(tmp, aad_block, ocb->aOffset_current, ocb->block_len);
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
ocb3_int_xor_blocks(ocb->aSum_current, ocb->aSum_current, tmp, ocb->block_len);
|
||||
|
||||
@@ -32,14 +32,7 @@ int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen,
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
|
||||
if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
if (ocb->block_len != cipher_descriptor[ocb->cipher].block_length) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
if (ctlen % ocb->block_len) { /* ctlen has to bu multiple of block_len */
|
||||
if (ctlen % ocb->block_len) { /* ctlen has to be multiple of block_len */
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
@@ -55,7 +48,7 @@ int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen,
|
||||
ocb3_int_xor_blocks(tmp, ct_b, ocb->Offset_current, ocb->block_len);
|
||||
|
||||
/* decrypt */
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_decrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_decrypt_block(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
|
||||
@@ -34,10 +34,6 @@ int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ct
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
}
|
||||
|
||||
if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
full_blocks = ctlen/ocb->block_len;
|
||||
full_blocks_len = full_blocks * ocb->block_len;
|
||||
last_block_len = ctlen - full_blocks_len;
|
||||
@@ -54,7 +50,7 @@ int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ct
|
||||
ocb3_int_xor_blocks(iOffset_star, ocb->Offset_current, ocb->L_star, ocb->block_len);
|
||||
|
||||
/* Pad = ENCIPHER(K, Offset_*) */
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(iOffset_star, iPad, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(iOffset_star, iPad, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
@@ -76,7 +72,7 @@ int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ct
|
||||
for(x=0; x<ocb->block_len; x++) {
|
||||
ocb->tag_part[x] = (ocb->checksum[x] ^ iOffset_star[x]) ^ ocb->L_dollar[x];
|
||||
}
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
}
|
||||
@@ -86,7 +82,7 @@ int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ct
|
||||
for(x=0; x<ocb->block_len; x++) {
|
||||
ocb->tag_part[x] = (ocb->checksum[x] ^ ocb->Offset_current[x]) ^ ocb->L_dollar[x];
|
||||
}
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,9 +24,6 @@ int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen)
|
||||
LTC_ARGCHK(ocb != NULL);
|
||||
LTC_ARGCHK(tag != NULL);
|
||||
LTC_ARGCHK(taglen != NULL);
|
||||
if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
/* check taglen */
|
||||
if ((int)*taglen < ocb->tag_len) {
|
||||
@@ -52,7 +49,7 @@ int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen)
|
||||
}
|
||||
|
||||
/* Sum = Sum_m xor ENCIPHER(K, CipherInput) */
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
ocb3_int_xor_blocks(ocb->aSum_current, ocb->aSum_current, tmp, ocb->block_len);
|
||||
|
||||
@@ -32,14 +32,7 @@ int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen,
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
|
||||
if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
if (ocb->block_len != cipher_descriptor[ocb->cipher].block_length) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
if (ptlen % ocb->block_len) { /* ptlen has to bu multiple of block_len */
|
||||
if (ptlen % ocb->block_len) { /* ptlen has to be multiple of block_len */
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
@@ -55,7 +48,7 @@ int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen,
|
||||
ocb3_int_xor_blocks(tmp, pt_b, ocb->Offset_current, ocb->block_len);
|
||||
|
||||
/* encrypt */
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(tmp, tmp, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
|
||||
@@ -34,10 +34,6 @@ int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long pt
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
}
|
||||
|
||||
if ((err = cipher_is_valid(ocb->cipher)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
full_blocks = ptlen/ocb->block_len;
|
||||
full_blocks_len = full_blocks * ocb->block_len;
|
||||
last_block_len = ptlen - full_blocks_len;
|
||||
@@ -56,7 +52,7 @@ int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long pt
|
||||
ocb3_int_xor_blocks(iOffset_star, ocb->Offset_current, ocb->L_star, ocb->block_len);
|
||||
|
||||
/* Pad = ENCIPHER(K, Offset_*) */
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(iOffset_star, iPad, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(iOffset_star, iPad, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
@@ -78,7 +74,7 @@ int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long pt
|
||||
for(x=0; x<ocb->block_len; x++) {
|
||||
ocb->tag_part[x] = (ocb->checksum[x] ^ iOffset_star[x]) ^ ocb->L_dollar[x];
|
||||
}
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
} else {
|
||||
@@ -87,7 +83,7 @@ int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long pt
|
||||
for(x=0; x<ocb->block_len; x++) {
|
||||
ocb->tag_part[x] = (ocb->checksum[x] ^ ocb->Offset_current[x]) ^ ocb->L_dollar[x];
|
||||
}
|
||||
if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
|
||||
goto LBL_ERR;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ static void s_ocb3_int_calc_offset_zero(ocb3_state *ocb, const unsigned char *no
|
||||
|
||||
/* Ktop = ENCIPHER(K, Nonce[1..122] || zeros(6)) */
|
||||
iNonce[ocb->block_len-1] = iNonce[ocb->block_len-1] & 0xC0;
|
||||
if ((cipher_descriptor[ocb->cipher].ecb_encrypt(iNonce, iKtop, &ocb->key)) != CRYPT_OK) {
|
||||
if ((ecb_encrypt_block(iNonce, iKtop, &ocb->key)) != CRYPT_OK) {
|
||||
zeromem(ocb->Offset_current, ocb->block_len);
|
||||
return;
|
||||
}
|
||||
@@ -100,7 +100,6 @@ int ocb3_init(ocb3_state *ocb, int cipher,
|
||||
if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
ocb->cipher = cipher;
|
||||
|
||||
/* Valid Nonce?
|
||||
* As of RFC7253: "string of no more than 120 bits" */
|
||||
@@ -121,7 +120,7 @@ int ocb3_init(ocb3_state *ocb, int cipher,
|
||||
|
||||
/* determine which polys to use */
|
||||
ocb->block_len = cipher_descriptor[cipher].block_length;
|
||||
x = (int)(sizeof(polys)/sizeof(polys[0]));
|
||||
x = (int)LTC_ARRAY_SIZE(polys);
|
||||
for (poly = 0; poly < x; poly++) {
|
||||
if (polys[poly].len == ocb->block_len) {
|
||||
break;
|
||||
@@ -135,13 +134,13 @@ int ocb3_init(ocb3_state *ocb, int cipher,
|
||||
}
|
||||
|
||||
/* schedule the key */
|
||||
if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_start(cipher, key, keylen, 0, &ocb->key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
/* L_* = ENCIPHER(K, zeros(128)) */
|
||||
zeromem(ocb->L_star, ocb->block_len);
|
||||
if ((err = cipher_descriptor[cipher].ecb_encrypt(ocb->L_star, ocb->L_star, &ocb->key)) != CRYPT_OK) {
|
||||
if ((err = ecb_encrypt_block(ocb->L_star, ocb->L_star, &ocb->key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
@@ -16,6 +16,11 @@
|
||||
*/
|
||||
int ocb3_int_ntz(unsigned long x)
|
||||
{
|
||||
#if defined(LTC_HAVE_CTZL_BUILTIN)
|
||||
if (x == 0)
|
||||
return sizeof(unsigned long) * CHAR_BIT;
|
||||
return __builtin_ctzl(x);
|
||||
#else
|
||||
int c;
|
||||
x &= 0xFFFFFFFFUL;
|
||||
c = 0;
|
||||
@@ -24,6 +29,7 @@ int ocb3_int_ntz(unsigned long x)
|
||||
x >>= 1;
|
||||
}
|
||||
return c;
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
@@ -209,7 +209,7 @@ int ocb3_test(void)
|
||||
}
|
||||
}
|
||||
|
||||
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
|
||||
for (x = 0; x < (int)LTC_ARRAY_SIZE(tests); x++) {
|
||||
len = 16; /* must be the same as the required taglen */
|
||||
if ((err = ocb3_encrypt_authenticate_memory(idx,
|
||||
key, sizeof(key),
|
||||
|
||||
Reference in New Issue
Block a user