X-Git-Url: https://git.cryptolib.org/?a=blobdiff_plain;f=bcal-eax.c;fp=bcal-eax.c;h=72d68bd2ed354145c6c45a5f0257934390180394;hb=3f2f2071c47e2e424af71cc85697f3eb26c24277;hp=0000000000000000000000000000000000000000;hpb=33a28395461ecd0c1c7820f59e180f8f2ca9216f;p=arm-crypto-lib.git
diff --git a/bcal-eax.c b/bcal-eax.c
new file mode 100644
index 0000000..72d68bd
--- /dev/null
+++ b/bcal-eax.c
@@ -0,0 +1,119 @@
+/* bca-eax.c */
+/*
+ This file is part of the ARM-Crypto-Lib.
+ Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+
+
+#include
+#include "bcal-basic.h"
+#include "blockcipher_descriptor.h"
+#include "bcal-cmac.h"
+#include "bcal-ctr.h"
+#include "bcal-eax.h"
+#include "memxor.h"
+
+uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx){
+ uint8_t r;
+ ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
+ ctx->nonce = malloc(ctx->blocksize_B);
+ if(ctx->nonce==NULL){
+ return 0x81;
+ }
+ r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ctag));
+ if(r){
+ return r;
+ }
+ r = bcal_cmac_init(desc, key, keysize_b, &(ctx->htag));
+ if(r){
+ return (r|0x10);
+ }
+ r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ntag));
+ if(r){
+ return (r|0x20);
+ }
+ r = bcal_ctr_init(desc, key, keysize_b, NULL, &(ctx->cipher));
+ if(r){
+ return (r|0x30);
+ }
+ ctx->header_set=0;
+ uint8_t tmp[ctx->blocksize_B];
+ memset(tmp, 0, ctx->blocksize_B);
+ bcal_cmac_nextBlock(&(ctx->ntag), tmp);
+ tmp[ctx->blocksize_B-1]=1;
+ bcal_cmac_nextBlock(&(ctx->htag), tmp);
+ tmp[ctx->blocksize_B-1]=2;
+ bcal_cmac_nextBlock(&(ctx->ctag), tmp);
+ return 0;
+}
+
+void bcal_eax_free(bcal_eax_ctx_t* ctx){
+ bcal_ctr_free(&(ctx->cipher));
+ bcal_cmac_free(&(ctx->ctag));
+ bcal_cmac_free(&(ctx->htag));
+ bcal_cmac_free(&(ctx->ntag));
+ free(ctx->nonce);
+}
+
+void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx){
+ bcal_cmac_lastBlock(&(ctx->ntag), nonce, length_b);
+ bcal_cmac_ctx2mac(ctx->nonce, ctx->blocksize_B*8, &(ctx->ntag));
+ bcal_ctr_loadIV(ctx->nonce, &(ctx->cipher));
+}
+
+void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx){
+ bcal_cmac_nextBlock(&(ctx->htag), header);
+}
+
+void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx){
+ bcal_cmac_lastBlock(&(ctx->htag), header, length_b);
+ ctx->header_set = 1;
+}
+
+void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx){
+ bcal_ctr_encNext(block, &(ctx->cipher));
+ bcal_cmac_nextBlock(&(ctx->ctag), block);
+}
+
+void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
+ bcal_ctr_encMsg(NULL, block, length_b, &(ctx->cipher));
+ bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
+}
+
+void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx){
+ bcal_cmac_nextBlock(&(ctx->ctag), block);
+ bcal_ctr_decNext(block, &(ctx->cipher));
+}
+
+void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
+ bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
+ bcal_ctr_decMsg(NULL, block, length_b, &(ctx->cipher));
+}
+
+void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx){
+ uint8_t tmp[ctx->blocksize_B];
+ if(ctx->header_set==0){
+ bcal_cmac_lastBlock(&(ctx->htag), NULL, 0);
+ }
+
+ bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->htag));
+ memxor(ctx->nonce, tmp, ctx->blocksize_B);
+
+ bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->ctag));
+ memxor(ctx->nonce, tmp, ctx->blocksize_B);
+ memcpy(dest, ctx->nonce, (length_b+7)/8);
+}
+