Lines Matching refs:ctx
47 void mbedtls_ccm_init(mbedtls_ccm_context *ctx) in mbedtls_ccm_init() argument
49 memset(ctx, 0, sizeof(mbedtls_ccm_context)); in mbedtls_ccm_init()
52 int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, in mbedtls_ccm_setkey() argument
60 mbedtls_block_cipher_free(&ctx->block_cipher_ctx); in mbedtls_ccm_setkey()
62 if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { in mbedtls_ccm_setkey()
66 if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { in mbedtls_ccm_setkey()
82 mbedtls_cipher_free(&ctx->cipher_ctx); in mbedtls_ccm_setkey()
84 if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { in mbedtls_ccm_setkey()
88 if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, in mbedtls_ccm_setkey()
100 void mbedtls_ccm_free(mbedtls_ccm_context *ctx) in mbedtls_ccm_free() argument
102 if (ctx == NULL) { in mbedtls_ccm_free()
106 mbedtls_block_cipher_free(&ctx->block_cipher_ctx); in mbedtls_ccm_free()
108 mbedtls_cipher_free(&ctx->cipher_ctx); in mbedtls_ccm_free()
110 mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); in mbedtls_ccm_free()
123 static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, in mbedtls_ccm_crypt() argument
132 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); in mbedtls_ccm_crypt()
135 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen); in mbedtls_ccm_crypt()
138 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_crypt()
149 static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) in mbedtls_ccm_clear_state() argument
151 ctx->state = CCM_STATE__CLEAR; in mbedtls_ccm_clear_state()
152 memset(ctx->y, 0, 16); in mbedtls_ccm_clear_state()
153 memset(ctx->ctr, 0, 16); in mbedtls_ccm_clear_state()
156 static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) in ccm_calculate_first_block_if_ready() argument
168 if (!(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET)) { in ccm_calculate_first_block_if_ready()
175 if (ctx->tag_len == 0) { in ccm_calculate_first_block_if_ready()
176 if (ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) { in ccm_calculate_first_block_if_ready()
177 ctx->plaintext_len = 0; in ccm_calculate_first_block_if_ready()
196 ctx->y[0] |= (ctx->add_len > 0) << 6; in ccm_calculate_first_block_if_ready()
197 ctx->y[0] |= ((ctx->tag_len - 2) / 2) << 3; in ccm_calculate_first_block_if_ready()
198 ctx->y[0] |= ctx->q - 1; in ccm_calculate_first_block_if_ready()
200 for (i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8) { in ccm_calculate_first_block_if_ready()
201 ctx->y[15-i] = MBEDTLS_BYTE_0(len_left); in ccm_calculate_first_block_if_ready()
205 ctx->state |= CCM_STATE__ERROR; in ccm_calculate_first_block_if_ready()
211 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in ccm_calculate_first_block_if_ready()
213 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in ccm_calculate_first_block_if_ready()
216 ctx->state |= CCM_STATE__ERROR; in ccm_calculate_first_block_if_ready()
223 int mbedtls_ccm_starts(mbedtls_ccm_context *ctx, in mbedtls_ccm_starts() argument
233 ctx->mode = mode; in mbedtls_ccm_starts()
234 ctx->q = 16 - 1 - (unsigned char) iv_len; in mbedtls_ccm_starts()
246 memset(ctx->ctr, 0, 16); in mbedtls_ccm_starts()
247 ctx->ctr[0] = ctx->q - 1; in mbedtls_ccm_starts()
248 memcpy(ctx->ctr + 1, iv, iv_len); in mbedtls_ccm_starts()
249 memset(ctx->ctr + 1 + iv_len, 0, ctx->q); in mbedtls_ccm_starts()
250 ctx->ctr[15] = 1; in mbedtls_ccm_starts()
255 memcpy(ctx->y + 1, iv, iv_len); in mbedtls_ccm_starts()
257 ctx->state |= CCM_STATE__STARTED; in mbedtls_ccm_starts()
258 return ccm_calculate_first_block_if_ready(ctx); in mbedtls_ccm_starts()
261 int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx, in mbedtls_ccm_set_lengths() argument
281 ctx->plaintext_len = plaintext_len; in mbedtls_ccm_set_lengths()
282 ctx->add_len = total_ad_len; in mbedtls_ccm_set_lengths()
283 ctx->tag_len = tag_len; in mbedtls_ccm_set_lengths()
284 ctx->processed = 0; in mbedtls_ccm_set_lengths()
286 ctx->state |= CCM_STATE__LENGTHS_SET; in mbedtls_ccm_set_lengths()
287 return ccm_calculate_first_block_if_ready(ctx); in mbedtls_ccm_set_lengths()
290 int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, in mbedtls_ccm_update_ad() argument
300 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_update_ad()
305 if (ctx->state & CCM_STATE__AUTH_DATA_FINISHED) { in mbedtls_ccm_update_ad()
309 if (!(ctx->state & CCM_STATE__AUTH_DATA_STARTED)) { in mbedtls_ccm_update_ad()
310 if (add_len > ctx->add_len) { in mbedtls_ccm_update_ad()
314 ctx->y[0] ^= (unsigned char) ((ctx->add_len >> 8) & 0xFF); in mbedtls_ccm_update_ad()
315 ctx->y[1] ^= (unsigned char) ((ctx->add_len) & 0xFF); in mbedtls_ccm_update_ad()
317 ctx->state |= CCM_STATE__AUTH_DATA_STARTED; in mbedtls_ccm_update_ad()
318 } else if (ctx->processed + add_len > ctx->add_len) { in mbedtls_ccm_update_ad()
323 offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1] in mbedtls_ccm_update_ad()
331 mbedtls_xor(ctx->y + offset, ctx->y + offset, add, use_len); in mbedtls_ccm_update_ad()
333 ctx->processed += use_len; in mbedtls_ccm_update_ad()
337 if (use_len + offset == 16 || ctx->processed == ctx->add_len) { in mbedtls_ccm_update_ad()
339 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update_ad()
341 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update_ad()
344 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update_ad()
350 if (ctx->processed == ctx->add_len) { in mbedtls_ccm_update_ad()
351 ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; in mbedtls_ccm_update_ad()
352 ctx->processed = 0; // prepare for mbedtls_ccm_update() in mbedtls_ccm_update_ad()
359 int mbedtls_ccm_update(mbedtls_ccm_context *ctx, in mbedtls_ccm_update() argument
373 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_update()
380 if (ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len) { in mbedtls_ccm_update()
392 offset = ctx->processed % 16; in mbedtls_ccm_update()
400 ctx->processed += use_len; in mbedtls_ccm_update()
402 if (ctx->mode == MBEDTLS_CCM_ENCRYPT || \ in mbedtls_ccm_update()
403 ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT) { in mbedtls_ccm_update()
404 mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len); in mbedtls_ccm_update()
406 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
408 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update()
410 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update()
413 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update()
418 ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, output); in mbedtls_ccm_update()
424 if (ctx->mode == MBEDTLS_CCM_DECRYPT || \ in mbedtls_ccm_update()
425 ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) { in mbedtls_ccm_update()
432 ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, local_output); in mbedtls_ccm_update()
437 mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len); in mbedtls_ccm_update()
441 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
443 ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); in mbedtls_ccm_update()
445 ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); in mbedtls_ccm_update()
448 ctx->state |= CCM_STATE__ERROR; in mbedtls_ccm_update()
454 if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { in mbedtls_ccm_update()
455 for (i = 0; i < ctx->q; i++) { in mbedtls_ccm_update()
456 if (++(ctx->ctr)[15-i] != 0) { in mbedtls_ccm_update()
473 int mbedtls_ccm_finish(mbedtls_ccm_context *ctx, in mbedtls_ccm_finish() argument
479 if (ctx->state & CCM_STATE__ERROR) { in mbedtls_ccm_finish()
483 if (ctx->add_len > 0 && !(ctx->state & CCM_STATE__AUTH_DATA_FINISHED)) { in mbedtls_ccm_finish()
487 if (ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len) { in mbedtls_ccm_finish()
494 for (i = 0; i < ctx->q; i++) { in mbedtls_ccm_finish()
495 ctx->ctr[15-i] = 0; in mbedtls_ccm_finish()
498 ret = mbedtls_ccm_crypt(ctx, 0, 16, ctx->y, ctx->y); in mbedtls_ccm_finish()
503 memcpy(tag, ctx->y, tag_len); in mbedtls_ccm_finish()
505 mbedtls_ccm_clear_state(ctx); in mbedtls_ccm_finish()
513 static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length, in ccm_auth_crypt() argument
522 if ((ret = mbedtls_ccm_starts(ctx, mode, iv, iv_len)) != 0) { in ccm_auth_crypt()
526 if ((ret = mbedtls_ccm_set_lengths(ctx, add_len, length, tag_len)) != 0) { in ccm_auth_crypt()
530 if ((ret = mbedtls_ccm_update_ad(ctx, add, add_len)) != 0) { in ccm_auth_crypt()
534 if ((ret = mbedtls_ccm_update(ctx, input, length, in ccm_auth_crypt()
539 if ((ret = mbedtls_ccm_finish(ctx, tag, tag_len)) != 0) { in ccm_auth_crypt()
549 int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_star_encrypt_and_tag() argument
555 return ccm_auth_crypt(ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len, in mbedtls_ccm_star_encrypt_and_tag()
559 int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_encrypt_and_tag() argument
565 return ccm_auth_crypt(ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len, in mbedtls_ccm_encrypt_and_tag()
586 static int ccm_auth_decrypt(mbedtls_ccm_context *ctx, int mode, size_t length, in ccm_auth_decrypt() argument
595 if ((ret = ccm_auth_crypt(ctx, mode, length, in ccm_auth_decrypt()
609 int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_star_auth_decrypt() argument
615 return ccm_auth_decrypt(ctx, MBEDTLS_CCM_STAR_DECRYPT, length, in mbedtls_ccm_star_auth_decrypt()
620 int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, in mbedtls_ccm_auth_decrypt() argument
626 return ccm_auth_decrypt(ctx, MBEDTLS_CCM_DECRYPT, length, in mbedtls_ccm_auth_decrypt()
683 mbedtls_ccm_context ctx; in mbedtls_ccm_self_test() local
694 mbedtls_ccm_init(&ctx); in mbedtls_ccm_self_test()
696 if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, in mbedtls_ccm_self_test()
714 ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i], in mbedtls_ccm_self_test()
732 ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i], in mbedtls_ccm_self_test()
753 mbedtls_ccm_free(&ctx); in mbedtls_ccm_self_test()