<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <title>Crypto++: cmac.cpp Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <link href="doxygen.css" rel="stylesheet" type="text/css"/> </head> <body> <!-- Generated by Doxygen 1.7.3 --> <div id="top"> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td style="padding-left: 0.5em;"> <div id="projectname">Crypto++</div> </td> </tr> </tbody> </table> </div> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="annotated.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div id="navrow2" class="tabs2"> <ul class="tablist"> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>File Members</span></a></li> </ul> </div> <div class="header"> <div class="headertitle"> <h1>cmac.cpp</h1> </div> </div> <div class="contents"> <div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">// cmac.cpp - written and placed in the public domain by Wei Dai</span> <a name="l00002"></a>00002 <a name="l00003"></a>00003 <span class="preprocessor">#include "pch.h"</span> <a name="l00004"></a>00004 <a name="l00005"></a>00005 <span class="preprocessor">#ifndef CRYPTOPP_IMPORTS</span> <a name="l00006"></a>00006 <span class="preprocessor"></span> <a name="l00007"></a>00007 <span class="preprocessor">#include "cmac.h"</span> <a name="l00008"></a>00008 <a name="l00009"></a>00009 NAMESPACE_BEGIN(CryptoPP) <a name="l00010"></a>00010 <a name="l00011"></a>00011 static <span class="keywordtype">void</span> MulU(byte *k, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> length) <a name="l00012"></a>00012 { <a name="l00013"></a>00013 byte carry = 0; <a name="l00014"></a>00014 <a name="l00015"></a>00015 <span class="keywordflow">for</span> (<span class="keywordtype">int</span> i=length-1; i>=1; i-=2) <a name="l00016"></a>00016 { <a name="l00017"></a>00017 byte carry2 = k[i] >> 7; <a name="l00018"></a>00018 k[i] += k[i] + carry; <a name="l00019"></a>00019 carry = k[i-1] >> 7; <a name="l00020"></a>00020 k[i-1] += k[i-1] + carry2; <a name="l00021"></a>00021 } <a name="l00022"></a>00022 <a name="l00023"></a>00023 <span class="keywordflow">if</span> (carry) <a name="l00024"></a>00024 { <a name="l00025"></a>00025 <span class="keywordflow">switch</span> (length) <a name="l00026"></a>00026 { <a name="l00027"></a>00027 <span class="keywordflow">case</span> 8: <a name="l00028"></a>00028 k[7] ^= 0x1b; <a name="l00029"></a>00029 <span class="keywordflow">break</span>; <a name="l00030"></a>00030 <span class="keywordflow">case</span> 16: <a name="l00031"></a>00031 k[15] ^= 0x87; <a name="l00032"></a>00032 <span class="keywordflow">break</span>; <a name="l00033"></a>00033 <span class="keywordflow">case</span> 32: <a name="l00034"></a>00034 k[30] ^= 4; <a name="l00035"></a>00035 k[31] ^= 0x23; <a name="l00036"></a>00036 <span class="keywordflow">break</span>; <a name="l00037"></a>00037 <span class="keywordflow">default</span>: <a name="l00038"></a>00038 <span class="keywordflow">throw</span> <a class="code" href="class_invalid_argument.html" title="exception thrown when an invalid argument is detected">InvalidArgument</a>(<span class="stringliteral">"CMAC: "</span> + IntToString(length) + <span class="stringliteral">" is not a supported cipher block size"</span>); <a name="l00039"></a>00039 } <a name="l00040"></a>00040 } <a name="l00041"></a>00041 } <a name="l00042"></a>00042 <a name="l00043"></a>00043 <span class="keywordtype">void</span> CMAC_Base::UncheckedSetKey(<span class="keyword">const</span> byte *key, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> length, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &params) <a name="l00044"></a>00044 { <a name="l00045"></a>00045 <a class="code" href="class_block_cipher.html" title="interface for one direction (encryption or decryption) of a block cipher">BlockCipher</a> &cipher = AccessCipher(); <a name="l00046"></a>00046 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> blockSize = cipher.<a class="code" href="class_block_transformation.html#adfdb78b033996020435c3dcffdca76ce" title="block size of the cipher in bytes">BlockSize</a>(); <a name="l00047"></a>00047 <a name="l00048"></a>00048 cipher.<a class="code" href="class_simple_keying_interface.html#adf3c29b3ef3af74788a58c7c49887fd7" title="set or reset the key of this object">SetKey</a>(key, length, params); <a name="l00049"></a>00049 m_reg.<a class="code" href="class_sec_block.html#a2d78e75002fd02e5b89bd72a9e65e769" title="change size and set contents to 0">CleanNew</a>(3*blockSize); <a name="l00050"></a>00050 m_counter = 0; <a name="l00051"></a>00051 <a name="l00052"></a>00052 cipher.<a class="code" href="class_block_transformation.html#a2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(m_reg, m_reg+blockSize); <a name="l00053"></a>00053 MulU(m_reg+blockSize, blockSize); <a name="l00054"></a>00054 memcpy(m_reg+2*blockSize, m_reg+blockSize, blockSize); <a name="l00055"></a>00055 MulU(m_reg+2*blockSize, blockSize); <a name="l00056"></a>00056 } <a name="l00057"></a>00057 <a name="l00058"></a><a class="code" href="class_c_m_a_c___base.html#a582cd6d32b41c65d10481ebcd2c1aed4">00058</a> <span class="keywordtype">void</span> <a class="code" href="class_c_m_a_c___base.html#a582cd6d32b41c65d10481ebcd2c1aed4" title="process more input">CMAC_Base::Update</a>(<span class="keyword">const</span> byte *input, <span class="keywordtype">size_t</span> length) <a name="l00059"></a>00059 { <a name="l00060"></a>00060 <span class="keywordflow">if</span> (!length) <a name="l00061"></a>00061 <span class="keywordflow">return</span>; <a name="l00062"></a>00062 <a name="l00063"></a>00063 <a class="code" href="class_block_cipher.html" title="interface for one direction (encryption or decryption) of a block cipher">BlockCipher</a> &cipher = AccessCipher(); <a name="l00064"></a>00064 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> blockSize = cipher.<a class="code" href="class_block_transformation.html#adfdb78b033996020435c3dcffdca76ce" title="block size of the cipher in bytes">BlockSize</a>(); <a name="l00065"></a>00065 <a name="l00066"></a>00066 <span class="keywordflow">if</span> (m_counter > 0) <a name="l00067"></a>00067 { <a name="l00068"></a>00068 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> len = UnsignedMin(blockSize - m_counter, length); <a name="l00069"></a>00069 xorbuf(m_reg+m_counter, input, len); <a name="l00070"></a>00070 length -= len; <a name="l00071"></a>00071 input += len; <a name="l00072"></a>00072 m_counter += len; <a name="l00073"></a>00073 <a name="l00074"></a>00074 <span class="keywordflow">if</span> (m_counter == blockSize && length > 0) <a name="l00075"></a>00075 { <a name="l00076"></a>00076 cipher.<a class="code" href="class_block_transformation.html#a2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(m_reg); <a name="l00077"></a>00077 m_counter = 0; <a name="l00078"></a>00078 } <a name="l00079"></a>00079 } <a name="l00080"></a>00080 <a name="l00081"></a>00081 <span class="keywordflow">if</span> (length > blockSize) <a name="l00082"></a>00082 { <a name="l00083"></a>00083 assert(m_counter == 0); <a name="l00084"></a>00084 <span class="keywordtype">size_t</span> leftOver = 1 + cipher.<a class="code" href="class_block_transformation.html#adcff119bb709c84bfaaab8d1871b018c" title="encrypt and xor blocks according to flags (see FlagsForAdvancedProcessBlocks)">AdvancedProcessBlocks</a>(m_reg, input, m_reg, length-1, BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput); <a name="l00085"></a>00085 input += (length - leftOver); <a name="l00086"></a>00086 length = leftOver; <a name="l00087"></a>00087 } <a name="l00088"></a>00088 <a name="l00089"></a>00089 <span class="keywordflow">if</span> (length > 0) <a name="l00090"></a>00090 { <a name="l00091"></a>00091 assert(m_counter + length <= blockSize); <a name="l00092"></a>00092 xorbuf(m_reg+m_counter, input, length); <a name="l00093"></a>00093 m_counter += (<span class="keywordtype">unsigned</span> int)length; <a name="l00094"></a>00094 } <a name="l00095"></a>00095 <a name="l00096"></a>00096 assert(m_counter > 0); <a name="l00097"></a>00097 } <a name="l00098"></a>00098 <a name="l00099"></a><a class="code" href="class_c_m_a_c___base.html#a636b8a77c098bb08955ec8b4e66448a7">00099</a> <span class="keywordtype">void</span> <a class="code" href="class_c_m_a_c___base.html#a636b8a77c098bb08955ec8b4e66448a7" title="truncated version of Final()">CMAC_Base::TruncatedFinal</a>(byte *mac, <span class="keywordtype">size_t</span> size) <a name="l00100"></a>00100 { <a name="l00101"></a>00101 ThrowIfInvalidTruncatedSize(size); <a name="l00102"></a>00102 <a name="l00103"></a>00103 <a class="code" href="class_block_cipher.html" title="interface for one direction (encryption or decryption) of a block cipher">BlockCipher</a> &cipher = AccessCipher(); <a name="l00104"></a>00104 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> blockSize = cipher.<a class="code" href="class_block_transformation.html#adfdb78b033996020435c3dcffdca76ce" title="block size of the cipher in bytes">BlockSize</a>(); <a name="l00105"></a>00105 <a name="l00106"></a>00106 <span class="keywordflow">if</span> (m_counter < blockSize) <a name="l00107"></a>00107 { <a name="l00108"></a>00108 m_reg[m_counter] ^= 0x80; <a name="l00109"></a>00109 cipher.<a class="code" href="class_block_transformation.html#adcff119bb709c84bfaaab8d1871b018c" title="encrypt and xor blocks according to flags (see FlagsForAdvancedProcessBlocks)">AdvancedProcessBlocks</a>(m_reg, m_reg+2*blockSize, m_reg, blockSize, BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput); <a name="l00110"></a>00110 } <a name="l00111"></a>00111 <span class="keywordflow">else</span> <a name="l00112"></a>00112 cipher.<a class="code" href="class_block_transformation.html#adcff119bb709c84bfaaab8d1871b018c" title="encrypt and xor blocks according to flags (see FlagsForAdvancedProcessBlocks)">AdvancedProcessBlocks</a>(m_reg, m_reg+blockSize, m_reg, blockSize, BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput); <a name="l00113"></a>00113 <a name="l00114"></a>00114 memcpy(mac, m_reg, size); <a name="l00115"></a>00115 <a name="l00116"></a>00116 m_counter = 0; <a name="l00117"></a>00117 memset(m_reg, 0, blockSize); <a name="l00118"></a>00118 } <a name="l00119"></a>00119 <a name="l00120"></a>00120 NAMESPACE_END <a name="l00121"></a>00121 <a name="l00122"></a>00122 <span class="preprocessor">#endif</span> </pre></div></div> </div> <hr class="footer"/><address class="footer"><small>Generated on Tue Feb 8 2011 for Crypto++ by  <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.3 </small></address> </body> </html>