Lines Matching refs:ctx
47 void mbedtls_ccm_init(mbedtls_ccm_context *ctx) in mbedtls_ccm_init() argument
49 memset(ctx, 0, sizeof(mbedtls_ccm_context)); in mbedtls_ccm_init()
52 int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, in mbedtls_ccm_setkey() argument
60 mbedtls_block_cipher_free(&ctx->block_cipher_ctx); in mbedtls_ccm_setkey()
62 if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { in mbedtls_ccm_setkey()
66 if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { in mbedtls_ccm_setkey()
82 mbedtls_cipher_free(&ctx->cipher_ctx); in mbedtls_ccm_setkey()
84 if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { in mbedtls_ccm_setkey()
88 if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, in mbedtls_ccm_setkey()
100 void mbedtls_ccm_free(mbedtls_ccm_context *ctx) in mbedtls_ccm_free() argument
102 if (ctx == NULL) { in mbedtls_ccm_free()
106 mbedtls_block_cipher_free(&ctx->block_cipher_ctx); in mbedtls_ccm_free()
108 mbedtls_cipher_free(&ctx->cipher_ctx); in mbedtls_ccm_free()
110 mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); in mbedtls_ccm_free()
123 static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, in mbedtls_ccm_crypt() argument
132 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); in mbedtls_ccm_crypt()
135 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen); in mbedtls_ccm_crypt()
138 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_crypt()
149 static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) in mbedtls_ccm_clear_state() argument
151 ctx->state = CCM_STATE__CLEAR; in mbedtls_ccm_clear_state()
152 memset(ctx->y, 0, 16); in mbedtls_ccm_clear_state()
153 memset(ctx->ctr, 0, 16); in mbedtls_ccm_clear_state()
156 static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) in ccm_calculate_first_block_if_ready() argument
168 if (!(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET)) { in ccm_calculate_first_block_if_ready()
175 if (ctx->tag_len == 0) { in ccm_calculate_first_block_if_ready()
176 if (ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) { in ccm_calculate_first_block_if_ready()
177 ctx->plaintext_len = 0; in ccm_calculate_first_block_if_ready()
195 ctx->y[0] |= (ctx->add_len > 0) << 6; in ccm_calculate_first_block_if_ready()
196 ctx->y[0] |= ((ctx->tag_len - 2) / 2) << 3; in ccm_calculate_first_block_if_ready()
197 ctx->y[0] |= ctx->q - 1; in ccm_calculate_first_block_if_ready()
199 for (i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8) { in ccm_calculate_first_block_if_ready()
200 ctx->y[15-i] = MBEDTLS_BYTE_0(len_left); in ccm_calculate_first_block_if_ready()
204 ctx->state |= CCM_STATE__ERROR; in ccm_calculate_first_block_if_ready()
210 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in ccm_calculate_first_block_if_ready()
212 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in ccm_calculate_first_block_if_ready()
215 ctx->state |= CCM_STATE__ERROR; in ccm_calculate_first_block_if_ready()
222 int mbedtls_ccm_starts(mbedtls_ccm_context *ctx, in mbedtls_ccm_starts() argument
232 ctx->mode = mode; in mbedtls_ccm_starts()
233 ctx->q = 16 - 1 - (unsigned char) iv_len; in mbedtls_ccm_starts()
245 memset(ctx->ctr, 0, 16); in mbedtls_ccm_starts()
246 ctx->ctr[0] = ctx->q - 1; in mbedtls_ccm_starts()
247 memcpy(ctx->ctr + 1, iv, iv_len); in mbedtls_ccm_starts()
248 memset(ctx->ctr + 1 + iv_len, 0, ctx->q); in mbedtls_ccm_starts()
249 ctx->ctr[15] = 1; in mbedtls_ccm_starts()
254 memcpy(ctx->y + 1, iv, iv_len); in mbedtls_ccm_starts()
256 ctx->state |= CCM_STATE__STARTED; in mbedtls_ccm_starts()
257 return ccm_calculate_first_block_if_ready(ctx); in mbedtls_ccm_starts()
260 int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx, in mbedtls_ccm_set_lengths() argument
280 ctx->plaintext_len = plaintext_len; in mbedtls_ccm_set_lengths()
281 ctx->add_len = total_ad_len; in mbedtls_ccm_set_lengths()
282 ctx->tag_len = tag_len; in mbedtls_ccm_set_lengths()
283 ctx->processed = 0; in mbedtls_ccm_set_lengths()
285 ctx->state |= CCM_STATE__LENGTHS_SET; in mbedtls_ccm_set_lengths()
286 return ccm_calculate_first_block_if_ready(ctx); in mbedtls_ccm_set_lengths()
289 int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, in mbedtls_ccm_update_ad() argument
299 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_update_ad()
304 if (ctx->state & CCM_STATE__AUTH_DATA_FINISHED) { in mbedtls_ccm_update_ad()
308 if (!(ctx->state & CCM_STATE__AUTH_DATA_STARTED)) { in mbedtls_ccm_update_ad()
309 if (add_len > ctx->add_len) { in mbedtls_ccm_update_ad()
313 ctx->y[0] ^= (unsigned char) ((ctx->add_len >> 8) & 0xFF); in mbedtls_ccm_update_ad()
314 ctx->y[1] ^= (unsigned char) ((ctx->add_len) & 0xFF); in mbedtls_ccm_update_ad()
316 ctx->state |= CCM_STATE__AUTH_DATA_STARTED; in mbedtls_ccm_update_ad()
317 } else if (ctx->processed + add_len > ctx->add_len) { in mbedtls_ccm_update_ad()
322 offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1] in mbedtls_ccm_update_ad()
330 mbedtls_xor(ctx->y + offset, ctx->y + offset, add, use_len); in mbedtls_ccm_update_ad()
332 ctx->processed += use_len; in mbedtls_ccm_update_ad()
336 if (use_len + offset == 16 || ctx->processed == ctx->add_len) { in mbedtls_ccm_update_ad()
338 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update_ad()
340 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update_ad()
343 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update_ad()
349 if (ctx->processed == ctx->add_len) { in mbedtls_ccm_update_ad()
350 ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; in mbedtls_ccm_update_ad()
351 ctx->processed = 0; // prepare for mbedtls_ccm_update() in mbedtls_ccm_update_ad()
358 int mbedtls_ccm_update(mbedtls_ccm_context *ctx, in mbedtls_ccm_update() argument
372 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_update()
379 if (ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len) { in mbedtls_ccm_update()
391 offset = ctx->processed % 16; in mbedtls_ccm_update()
399 ctx->processed += use_len; in mbedtls_ccm_update()
401 if (ctx->mode == MBEDTLS_CCM_ENCRYPT || \ in mbedtls_ccm_update()
402 ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT) { in mbedtls_ccm_update()
403 mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len); in mbedtls_ccm_update()
405 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
407 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update()
409 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update()
412 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update()
417 ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, output); in mbedtls_ccm_update()
423 if (ctx->mode == MBEDTLS_CCM_DECRYPT || \ in mbedtls_ccm_update()
424 ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) { in mbedtls_ccm_update()
431 ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, local_output); in mbedtls_ccm_update()
436 mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len); in mbedtls_ccm_update()
440 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
442 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update()
444 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update()
447 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update()
453 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
454 for (i = 0; i < ctx->q; i++) { in mbedtls_ccm_update()
455 if (++(ctx->ctr)[15-i] != 0) { in mbedtls_ccm_update()
472 int mbedtls_ccm_finish(mbedtls_ccm_context *ctx, in mbedtls_ccm_finish() argument
478 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_finish()
482 if (ctx->add_len > 0 && !(ctx->state & CCM_STATE__AUTH_DATA_FINISHED)) { in mbedtls_ccm_finish()
486 if (ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len) { in mbedtls_ccm_finish()
493 for (i = 0; i < ctx->q; i++) { in mbedtls_ccm_finish()
494 ctx->ctr[15-i] = 0; in mbedtls_ccm_finish()
497 ret = mbedtls_ccm_crypt(ctx, 0, 16, ctx->y, ctx->y); in mbedtls_ccm_finish()
502 memcpy(tag, ctx->y, tag_len); in mbedtls_ccm_finish()
504 mbedtls_ccm_clear_state(ctx); in mbedtls_ccm_finish()
512 static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length, in ccm_auth_crypt() argument
521 if ((ret = mbedtls_ccm_starts(ctx, mode, iv, iv_len)) != 0) { in ccm_auth_crypt()
525 if ((ret = mbedtls_ccm_set_lengths(ctx, add_len, length, tag_len)) != 0) { in ccm_auth_crypt()
529 if ((ret = mbedtls_ccm_update_ad(ctx, add, add_len)) != 0) { in ccm_auth_crypt()
533 if ((ret = mbedtls_ccm_update(ctx, input, length, in ccm_auth_crypt()
538 if ((ret = mbedtls_ccm_finish(ctx, tag, tag_len)) != 0) { in ccm_auth_crypt()
548 int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_star_encrypt_and_tag() argument
554 return ccm_auth_crypt(ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len, in mbedtls_ccm_star_encrypt_and_tag()
558 int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_encrypt_and_tag() argument
564 return ccm_auth_crypt(ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len, in mbedtls_ccm_encrypt_and_tag()
585 static int ccm_auth_decrypt(mbedtls_ccm_context *ctx, int mode, size_t length, in ccm_auth_decrypt() argument
594 if ((ret = ccm_auth_crypt(ctx, mode, length, in ccm_auth_decrypt()
608 int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_star_auth_decrypt() argument
614 return ccm_auth_decrypt(ctx, MBEDTLS_CCM_STAR_DECRYPT, length, in mbedtls_ccm_star_auth_decrypt()
619 int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_auth_decrypt() argument
625 return ccm_auth_decrypt(ctx, MBEDTLS_CCM_DECRYPT, length, in mbedtls_ccm_auth_decrypt()
682 mbedtls_ccm_context ctx; in mbedtls_ccm_self_test() local
693 mbedtls_ccm_init(&ctx); in mbedtls_ccm_self_test()
695 if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, in mbedtls_ccm_self_test()
713 ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i], in mbedtls_ccm_self_test()
731 ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i], in mbedtls_ccm_self_test()
752 mbedtls_ccm_free(&ctx); in mbedtls_ccm_self_test()