<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <title>DTN Reference Implementation: gcm.cc Source File</title> <link href="doxygen.css" rel="stylesheet" type="text/css"> <link href="tabs.css" rel="stylesheet" type="text/css"> </head><body> <!-- Generated by Doxygen 1.5.6 --> <div class="navigation" id="top"> <div class="tabs"> <ul> <li><a href="main.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="annotated.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <h1>gcm.cc</h1><a href="gcm_8cc.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span> <a name="l00002"></a>00002 <span class="comment"> ---------------------------------------------------------------------------</span> <a name="l00003"></a>00003 <span class="comment"> Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.</span> <a name="l00004"></a>00004 <span class="comment"></span> <a name="l00005"></a>00005 <span class="comment"> LICENSE TERMS</span> <a name="l00006"></a>00006 <span class="comment"></span> <a name="l00007"></a>00007 <span class="comment"> The free distribution and use of this software in both source and binary</span> <a name="l00008"></a>00008 <span class="comment"> form is allowed (with or without changes) provided that:</span> <a name="l00009"></a>00009 <span class="comment"></span> <a name="l00010"></a>00010 <span class="comment"> 1. distributions of this source code include the above copyright</span> <a name="l00011"></a>00011 <span class="comment"> notice, this list of conditions and the following disclaimer;</span> <a name="l00012"></a>00012 <span class="comment"></span> <a name="l00013"></a>00013 <span class="comment"> 2. distributions in binary form include the above copyright</span> <a name="l00014"></a>00014 <span class="comment"> notice, this list of conditions and the following disclaimer</span> <a name="l00015"></a>00015 <span class="comment"> in the documentation and/or other associated materials;</span> <a name="l00016"></a>00016 <span class="comment"></span> <a name="l00017"></a>00017 <span class="comment"> 3. the copyright holder's name is not used to endorse products</span> <a name="l00018"></a>00018 <span class="comment"> built using this software without specific written permission.</span> <a name="l00019"></a>00019 <span class="comment"></span> <a name="l00020"></a>00020 <span class="comment"> ALTERNATIVELY, provided that this notice is retained in full, this product</span> <a name="l00021"></a>00021 <span class="comment"> may be distributed under the terms of the GNU General Public License (GPL),</span> <a name="l00022"></a>00022 <span class="comment"> in which case the provisions of the GPL apply INSTEAD OF those given above.</span> <a name="l00023"></a>00023 <span class="comment"></span> <a name="l00024"></a>00024 <span class="comment"> DISCLAIMER</span> <a name="l00025"></a>00025 <span class="comment"></span> <a name="l00026"></a>00026 <span class="comment"> This software is provided 'as is' with no explicit or implied warranties</span> <a name="l00027"></a>00027 <span class="comment"> in respect of its properties, including, but not limited to, correctness</span> <a name="l00028"></a>00028 <span class="comment"> and/or fitness for purpose.</span> <a name="l00029"></a>00029 <span class="comment"> ---------------------------------------------------------------------------</span> <a name="l00030"></a>00030 <span class="comment"> Issue Date: 13/06/2006</span> <a name="l00031"></a>00031 <span class="comment"></span> <a name="l00032"></a>00032 <span class="comment"> My thanks to John Viega and David McGrew for their support in developing</span> <a name="l00033"></a>00033 <span class="comment"> this code and to David for testing it on a big-endain system.</span> <a name="l00034"></a>00034 <span class="comment">*/</span> <a name="l00035"></a>00035 <a name="l00036"></a>00036 <span class="preprocessor">#ifdef HAVE_CONFIG_H</span> <a name="l00037"></a>00037 <span class="preprocessor"></span><span class="preprocessor"># include <<a class="code" href="dtn-config_8h.html">dtn-config.h</a>></span> <a name="l00038"></a>00038 <span class="preprocessor">#endif</span> <a name="l00039"></a>00039 <span class="preprocessor"></span> <a name="l00040"></a>00040 <span class="preprocessor">#ifdef BSP_ENABLED</span> <a name="l00041"></a>00041 <span class="preprocessor"></span> <a name="l00042"></a>00042 <span class="preprocessor">#include "<a class="code" href="gcm_8h.html">gcm.h</a>"</span> <a name="l00043"></a>00043 <span class="preprocessor">#include "<a class="code" href="mode__hdr_8h.html">mode_hdr.h</a>"</span> <a name="l00044"></a>00044 <a name="l00045"></a>00045 <span class="preprocessor">#if defined(__cplusplus)</span> <a name="l00046"></a>00046 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="stringliteral">"C"</span> <a name="l00047"></a>00047 { <a name="l00048"></a>00048 <span class="preprocessor">#endif</span> <a name="l00049"></a>00049 <span class="preprocessor"></span> <a name="l00050"></a>00050 <span class="preprocessor">#define BLOCK_SIZE GCM_BLOCK_SIZE </span><span class="comment">/* block length */</span> <a name="l00051"></a>00051 <span class="preprocessor">#define BLK_ADR_MASK (BLOCK_SIZE - 1) </span><span class="comment">/* mask for 'in block' address */</span> <a name="l00052"></a>00052 <span class="preprocessor">#define CTR_POS 12</span> <a name="l00053"></a>00053 <span class="preprocessor"></span> <a name="l00054"></a>00054 <span class="preprocessor">#define inc_ctr(x) \</span> <a name="l00055"></a>00055 <span class="preprocessor"> { int i = BLOCK_SIZE; while(i-- > CTR_POS && !++(ui8_ptr(x)[i])) ; }</span> <a name="l00056"></a>00056 <span class="preprocessor"></span> <a name="l00057"></a>00057 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#721f02566e2e0717ba131e470028ac3d">gcm_init_and_key</a>( <span class="comment">/* initialise mode and set key */</span> <a name="l00058"></a>00058 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> key[], <span class="comment">/* the key value */</span> <a name="l00059"></a>00059 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> key_len, <span class="comment">/* and its length in bytes */</span> <a name="l00060"></a>00060 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00061"></a>00061 { <a name="l00062"></a>00062 memset(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>, 0, <span class="keyword">sizeof</span>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>)); <a name="l00063"></a>00063 <a name="l00064"></a>00064 <span class="comment">/* set the AES key */</span> <a name="l00065"></a>00065 <a class="code" href="gcm__aes_8h.html#3950edc98e2068c4d3399a40bd3b1155">aes_encrypt_key</a>(key, key_len, ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00066"></a>00066 <a name="l00067"></a>00067 <span class="comment">/* compute E(0) (for the hash function) */</span> <a name="l00068"></a>00068 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00069"></a>00069 <a name="l00070"></a>00070 <span class="preprocessor">#if defined( TABLES_64K )</span> <a name="l00071"></a>00071 <span class="preprocessor"></span> <a class="code" href="gf128mul_8h.html#741bf0a5a9414cba0e449b60aa0de330">init_64k_table</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), ctx->gf_t64k); <a name="l00072"></a>00072 <span class="preprocessor">#elif defined( TABLES_8K )</span> <a name="l00073"></a>00073 <span class="preprocessor"></span> <a class="code" href="gf128mul_8h.html#ba357f33a03ac6ab2168767c793f2cff">init_8k_table</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), ctx-><a class="code" href="structgcm__ctx.html#8bb876afd63b8aebb68a46ce3e553f5b">gf_t8k</a>); <a name="l00074"></a>00074 <span class="preprocessor">#elif defined( TABLES_4K )</span> <a name="l00075"></a>00075 <span class="preprocessor"></span> <a class="code" href="gf128mul_8h.html#7e282fa94ff8923ddce24e345feb814c">init_4k_table</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), ctx->gf_t4k); <a name="l00076"></a>00076 <span class="preprocessor">#elif defined( TABLES_256 )</span> <a name="l00077"></a>00077 <span class="preprocessor"></span> <a class="code" href="gf128mul_8h.html#6e5c2dbe4a3432e5b667df324c7de42e">init_256_table</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>), ctx->gf_t256); <a name="l00078"></a>00078 <span class="preprocessor">#endif</span> <a name="l00079"></a>00079 <span class="preprocessor"></span> <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00080"></a>00080 } <a name="l00081"></a>00081 <a name="l00082"></a>00082 <span class="preprocessor">#if defined( TABLES_64K )</span> <a name="l00083"></a>00083 <span class="preprocessor"></span><span class="preprocessor">#define gf_mul_hh(a, ctx, scr) gf_mul_64k(a, ctx->gf_t64k, scr)</span> <a name="l00084"></a>00084 <span class="preprocessor"></span><span class="preprocessor">#elif defined( TABLES_8K )</span> <a name="l00085"></a>00085 <span class="preprocessor"></span><span class="preprocessor">#define gf_mul_hh(a, ctx, scr) gf_mul_8k(a, ctx->gf_t8k, scr)</span> <a name="l00086"></a>00086 <span class="preprocessor"></span><span class="preprocessor">#elif defined( TABLES_4K )</span> <a name="l00087"></a>00087 <span class="preprocessor"></span><span class="preprocessor">#define gf_mul_hh(a, ctx, scr) gf_mul_4k(a, ctx->gf_t4k, scr)</span> <a name="l00088"></a>00088 <span class="preprocessor"></span><span class="preprocessor">#elif defined( TABLES_256 )</span> <a name="l00089"></a>00089 <span class="preprocessor"></span><span class="preprocessor">#define gf_mul_hh(a, ctx, scr) gf_mul_256(a, ctx->gf_t256, scr)</span> <a name="l00090"></a>00090 <span class="preprocessor"></span><span class="preprocessor">#else</span> <a name="l00091"></a>00091 <span class="preprocessor"></span><span class="preprocessor">#define gf_mul_hh(a, ctx, scr) gf_mul(a, ui8_ptr(ctx->ghash_h))</span> <a name="l00092"></a>00092 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00093"></a>00093 <span class="preprocessor"></span> <a name="l00094"></a>00094 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>( <span class="comment">/* initialise a new message */</span> <a name="l00095"></a>00095 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00096"></a>00096 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00097"></a>00097 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00098"></a>00098 { uint_32t i, n_pos = 0, scratch[<a class="code" href="gf128mul_8h.html#71e85162c7a6927d581e972a49d0d496">GF_BYTE_LEN</a> >> 2]; <a name="l00099"></a>00099 uint_8t *p; <a name="l00100"></a>00100 <a name="l00101"></a>00101 memset(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>, 0, BLOCK_SIZE); <a name="l00102"></a>00102 <span class="keywordflow">if</span>(iv_len == CTR_POS) <a name="l00103"></a>00103 { <a name="l00104"></a>00104 memcpy(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>, iv, CTR_POS); <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>)[15] = 0x01; <a name="l00105"></a>00105 } <a name="l00106"></a>00106 <span class="keywordflow">else</span> <a name="l00107"></a>00107 { n_pos = iv_len; <a name="l00108"></a>00108 <span class="keywordflow">while</span>(n_pos >= BLOCK_SIZE) <a name="l00109"></a>00109 { <a name="l00110"></a>00110 <a class="code" href="mode__hdr_8h.html#27e5e634e05aa9fa2f09e8c1cabe8100">xor_block_aligned</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>, iv); <a name="l00111"></a>00111 n_pos -= BLOCK_SIZE; <a name="l00112"></a>00112 iv += BLOCK_SIZE; <a name="l00113"></a>00113 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), ctx, scratch); <a name="l00114"></a>00114 } <a name="l00115"></a>00115 <a name="l00116"></a>00116 <span class="keywordflow">if</span>(n_pos) <a name="l00117"></a>00117 { <a name="l00118"></a>00118 p = <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00119"></a>00119 <span class="keywordflow">while</span>(n_pos-- > 0) <a name="l00120"></a>00120 *p++ ^= *iv++; <a name="l00121"></a>00121 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), ctx, scratch); <a name="l00122"></a>00122 } <a name="l00123"></a>00123 n_pos = (iv_len << 3); <a name="l00124"></a>00124 <span class="keywordflow">for</span>(i = BLOCK_SIZE - 1; n_pos; --i, n_pos >>= 8) <a name="l00125"></a>00125 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>)[i] ^= (<span class="keywordtype">unsigned</span> char)n_pos; <a name="l00126"></a>00126 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), ctx, scratch); <a name="l00127"></a>00127 } <a name="l00128"></a>00128 <a name="l00129"></a>00129 ctx-><a class="code" href="structgcm__ctx.html#aaebffae6b9b8655beb6a1dcd8fd4434">y0_val</a> = *<a class="code" href="mode__hdr_8h.html#9cd97e38a347fe21f3c7833e7b7e8110">ui32_ptr</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>) + CTR_POS); <a name="l00130"></a>00130 inc_ctr(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00131"></a>00131 memset(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>, 0, BLOCK_SIZE); <a name="l00132"></a>00132 memset(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>, 0, BLOCK_SIZE); <a name="l00133"></a>00133 ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> = 0; <a name="l00134"></a>00134 ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> = ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> = 0; <a name="l00135"></a>00135 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00136"></a>00136 } <a name="l00137"></a>00137 <a name="l00138"></a>00138 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#95f68fdf95d3cf02bea89a68614a046f">gcm_auth_header</a>( <span class="comment">/* authenticate the header */</span> <a name="l00139"></a>00139 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00140"></a>00140 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00141"></a>00141 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00142"></a>00142 { uint_32t cnt = 0, b_pos = (uint_32t)ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> & BLK_ADR_MASK; <a name="l00143"></a>00143 uint_32t scratch[<a class="code" href="gf128mul_8h.html#71e85162c7a6927d581e972a49d0d496">GF_BYTE_LEN</a> >> 2]; <a name="l00144"></a>00144 <a name="l00145"></a>00145 <span class="keywordflow">if</span>(!hdr_len) <a name="l00146"></a>00146 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00147"></a>00147 <a name="l00148"></a>00148 <span class="keywordflow">if</span>(ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> && b_pos == 0) <a name="l00149"></a>00149 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00150"></a>00150 <a name="l00151"></a>00151 <span class="keywordflow">while</span>(cnt < hdr_len && (b_pos & <a class="code" href="mode__hdr_8h.html#4fdbeb9422623907bdda023306704152">BUF_ADRMASK</a>)) <a name="l00152"></a>00152 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)[b_pos++] ^= hdr[cnt++]; <a name="l00153"></a>00153 <a name="l00154"></a>00154 <span class="keywordflow">if</span>(!(b_pos & BUF_ADRMASK) && !((hdr + cnt - <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)) & BUF_ADRMASK)) <a name="l00155"></a>00155 { <a name="l00156"></a>00156 <span class="keywordflow">while</span>(cnt + <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a> <= hdr_len && b_pos <= BLOCK_SIZE - <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>) <a name="l00157"></a>00157 { <a name="l00158"></a>00158 *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>) + b_pos) ^= *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(hdr + cnt); <a name="l00159"></a>00159 cnt += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; b_pos += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; <a name="l00160"></a>00160 } <a name="l00161"></a>00161 <a name="l00162"></a>00162 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= hdr_len) <a name="l00163"></a>00163 { <a name="l00164"></a>00164 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00165"></a>00165 <a class="code" href="mode__hdr_8h.html#27e5e634e05aa9fa2f09e8c1cabe8100">xor_block_aligned</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>, hdr + cnt); <a name="l00166"></a>00166 cnt += BLOCK_SIZE; <a name="l00167"></a>00167 } <a name="l00168"></a>00168 } <a name="l00169"></a>00169 <span class="keywordflow">else</span> <a name="l00170"></a>00170 { <a name="l00171"></a>00171 <span class="keywordflow">while</span>(cnt < hdr_len && b_pos < BLOCK_SIZE) <a name="l00172"></a>00172 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)[b_pos++] ^= hdr[cnt++]; <a name="l00173"></a>00173 <a name="l00174"></a>00174 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= hdr_len) <a name="l00175"></a>00175 { <a name="l00176"></a>00176 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00177"></a>00177 <a class="code" href="mode__hdr_8h.html#521d91944c7e4547bc1c2779a0ede6d2">xor_block</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>, hdr + cnt); <a name="l00178"></a>00178 cnt += BLOCK_SIZE; <a name="l00179"></a>00179 } <a name="l00180"></a>00180 } <a name="l00181"></a>00181 <a name="l00182"></a>00182 <span class="keywordflow">while</span>(cnt < hdr_len) <a name="l00183"></a>00183 { <a name="l00184"></a>00184 <span class="keywordflow">if</span>(b_pos == BLOCK_SIZE) <a name="l00185"></a>00185 { <a name="l00186"></a>00186 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00187"></a>00187 b_pos = 0; <a name="l00188"></a>00188 } <a name="l00189"></a>00189 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)[b_pos++] ^= hdr[cnt++]; <a name="l00190"></a>00190 } <a name="l00191"></a>00191 <a name="l00192"></a>00192 ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> += cnt; <a name="l00193"></a>00193 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00194"></a>00194 } <a name="l00195"></a>00195 <a name="l00196"></a>00196 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#e0d5938e51cb31e58db485abbd400e39">gcm_auth_data</a>( <span class="comment">/* authenticate ciphertext data */</span> <a name="l00197"></a>00197 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00198"></a>00198 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00199"></a>00199 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00200"></a>00200 { uint_32t cnt = 0, b_pos = (uint_32t)(ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> & BLK_ADR_MASK); <a name="l00201"></a>00201 uint_32t scratch[<a class="code" href="gf128mul_8h.html#71e85162c7a6927d581e972a49d0d496">GF_BYTE_LEN</a> >> 2]; <a name="l00202"></a>00202 <a name="l00203"></a>00203 <span class="keywordflow">if</span>(!data_len) <a name="l00204"></a>00204 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00205"></a>00205 <a name="l00206"></a>00206 <span class="keywordflow">if</span>(ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> && b_pos == 0) <a name="l00207"></a>00207 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>), ctx, scratch); <a name="l00208"></a>00208 <a name="l00209"></a>00209 <span class="keywordflow">while</span>(cnt < data_len && (b_pos & BUF_ADRMASK)) <a name="l00210"></a>00210 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>)[b_pos++] ^= data[cnt++]; <a name="l00211"></a>00211 <a name="l00212"></a>00212 <span class="keywordflow">if</span>(!(b_pos & BUF_ADRMASK) && !((data + cnt - <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>)) & BUF_ADRMASK)) <a name="l00213"></a>00213 { <a name="l00214"></a>00214 <span class="keywordflow">while</span>(cnt + <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a> <= data_len && b_pos <= BLOCK_SIZE - <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>) <a name="l00215"></a>00215 { <a name="l00216"></a>00216 *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>) + b_pos) ^= *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(data + cnt); <a name="l00217"></a>00217 cnt += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; b_pos += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; <a name="l00218"></a>00218 } <a name="l00219"></a>00219 <a name="l00220"></a>00220 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= data_len) <a name="l00221"></a>00221 { <a name="l00222"></a>00222 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>), ctx, scratch); <a name="l00223"></a>00223 <a class="code" href="mode__hdr_8h.html#27e5e634e05aa9fa2f09e8c1cabe8100">xor_block_aligned</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>, data + cnt); <a name="l00224"></a>00224 cnt += BLOCK_SIZE; <a name="l00225"></a>00225 } <a name="l00226"></a>00226 } <a name="l00227"></a>00227 <span class="keywordflow">else</span> <a name="l00228"></a>00228 { <a name="l00229"></a>00229 <span class="keywordflow">while</span>(cnt < data_len && b_pos < BLOCK_SIZE) <a name="l00230"></a>00230 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>)[b_pos++] ^= data[cnt++]; <a name="l00231"></a>00231 <a name="l00232"></a>00232 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= data_len) <a name="l00233"></a>00233 { <a name="l00234"></a>00234 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>), ctx, scratch); <a name="l00235"></a>00235 <a class="code" href="mode__hdr_8h.html#521d91944c7e4547bc1c2779a0ede6d2">xor_block</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>, data + cnt); <a name="l00236"></a>00236 cnt += BLOCK_SIZE; <a name="l00237"></a>00237 } <a name="l00238"></a>00238 } <a name="l00239"></a>00239 <a name="l00240"></a>00240 <span class="keywordflow">while</span>(cnt < data_len) <a name="l00241"></a>00241 { <a name="l00242"></a>00242 <span class="keywordflow">if</span>(b_pos == BLOCK_SIZE) <a name="l00243"></a>00243 { <a name="l00244"></a>00244 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>), ctx, scratch); <a name="l00245"></a>00245 b_pos = 0; <a name="l00246"></a>00246 } <a name="l00247"></a>00247 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>)[b_pos++] ^= data[cnt++]; <a name="l00248"></a>00248 } <a name="l00249"></a>00249 <a name="l00250"></a>00250 ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> += cnt; <a name="l00251"></a>00251 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00252"></a>00252 } <a name="l00253"></a>00253 <a name="l00254"></a>00254 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#734d3157fb8a3da6f8af7a92855021b0">gcm_crypt_data</a>( <span class="comment">/* encrypt or decrypt data */</span> <a name="l00255"></a>00255 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00256"></a>00256 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00257"></a>00257 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00258"></a>00258 { uint_32t cnt = 0, b_pos = (uint_32t)(ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> & BLK_ADR_MASK); <a name="l00259"></a>00259 <a name="l00260"></a>00260 <span class="keywordflow">if</span>(!data_len) <a name="l00261"></a>00261 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00262"></a>00262 <a name="l00263"></a>00263 <span class="keywordflow">if</span>(b_pos == 0) <a name="l00264"></a>00264 { <a name="l00265"></a>00265 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00266"></a>00266 inc_ctr(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00267"></a>00267 } <a name="l00268"></a>00268 <a name="l00269"></a>00269 <span class="keywordflow">while</span>(cnt < data_len && (b_pos & BUF_ADRMASK)) <a name="l00270"></a>00270 data[cnt++] ^= <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>)[b_pos++]; <a name="l00271"></a>00271 <a name="l00272"></a>00272 <span class="keywordflow">if</span>(!(b_pos & BUF_ADRMASK) && !((data + cnt - <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>)) & BUF_ADRMASK)) <a name="l00273"></a>00273 { <a name="l00274"></a>00274 <span class="keywordflow">while</span>(cnt + <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a> <= data_len && b_pos <= BLOCK_SIZE - <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>) <a name="l00275"></a>00275 { <a name="l00276"></a>00276 *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(data + cnt) ^= *<a class="code" href="mode__hdr_8h.html#4fce21c7b83d04cc2f2ea0303aa53237">unit_ptr</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>) + b_pos); <a name="l00277"></a>00277 cnt += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; b_pos += <a class="code" href="mode__hdr_8h.html#8ede8cdcdb7daa3ed5431bb52f3808a6">BUF_INC</a>; <a name="l00278"></a>00278 } <a name="l00279"></a>00279 <a name="l00280"></a>00280 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= data_len) <a name="l00281"></a>00281 { <a name="l00282"></a>00282 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00283"></a>00283 inc_ctr(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00284"></a>00284 <a class="code" href="mode__hdr_8h.html#27e5e634e05aa9fa2f09e8c1cabe8100">xor_block_aligned</a>(data + cnt, ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>); <a name="l00285"></a>00285 cnt += BLOCK_SIZE; <a name="l00286"></a>00286 } <a name="l00287"></a>00287 } <a name="l00288"></a>00288 <span class="keywordflow">else</span> <a name="l00289"></a>00289 { <a name="l00290"></a>00290 <span class="keywordflow">while</span>(cnt < data_len && b_pos < BLOCK_SIZE) <a name="l00291"></a>00291 data[cnt++] ^= <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>)[b_pos++]; <a name="l00292"></a>00292 <a name="l00293"></a>00293 <span class="keywordflow">while</span>(cnt + BLOCK_SIZE <= data_len) <a name="l00294"></a>00294 { <a name="l00295"></a>00295 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00296"></a>00296 inc_ctr(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00297"></a>00297 <a class="code" href="mode__hdr_8h.html#521d91944c7e4547bc1c2779a0ede6d2">xor_block</a>(data + cnt, ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>); <a name="l00298"></a>00298 cnt += BLOCK_SIZE; <a name="l00299"></a>00299 } <a name="l00300"></a>00300 } <a name="l00301"></a>00301 <a name="l00302"></a>00302 <span class="keywordflow">while</span>(cnt < data_len) <a name="l00303"></a>00303 { <a name="l00304"></a>00304 <span class="keywordflow">if</span>(b_pos == BLOCK_SIZE) <a name="l00305"></a>00305 { <a name="l00306"></a>00306 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00307"></a>00307 inc_ctr(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>); <a name="l00308"></a>00308 b_pos = 0; <a name="l00309"></a>00309 } <a name="l00310"></a>00310 data[cnt++] ^= <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>)[b_pos++]; <a name="l00311"></a>00311 } <a name="l00312"></a>00312 <a name="l00313"></a>00313 ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> += cnt; <a name="l00314"></a>00314 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00315"></a>00315 } <a name="l00316"></a>00316 <a name="l00317"></a>00317 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>( <span class="comment">/* compute authentication tag */</span> <a name="l00318"></a>00318 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00319"></a>00319 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00320"></a>00320 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00321"></a>00321 { uint_32t i, ln, scratch[<a class="code" href="gf128mul_8h.html#71e85162c7a6927d581e972a49d0d496">GF_BYTE_LEN</a> >> 2]; <a name="l00322"></a>00322 uint_8t tbuf[BLOCK_SIZE]; <a name="l00323"></a>00323 <a name="l00324"></a>00324 <span class="keywordflow">if</span>(ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> != ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> && ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> > 0) <a name="l00325"></a>00325 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#9eec9e2a2ffc5f3c7a1bfbe1ba4a4c2b">RETURN_ERROR</a>; <a name="l00326"></a>00326 <a name="l00327"></a>00327 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00328"></a>00328 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>), ctx, scratch); <a name="l00329"></a>00329 <a name="l00330"></a>00330 <span class="preprocessor">#if 1 </span><span class="comment">/* alternative versions of the exponentiation operation */</span> <a name="l00331"></a>00331 <span class="keywordflow">if</span>(ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> && (ln = (uint_32t)((ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> + BLOCK_SIZE - 1) / BLOCK_SIZE))) <a name="l00332"></a>00332 { <a name="l00333"></a>00333 memcpy(tbuf, ctx-><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">ghash_h</a>, BLOCK_SIZE); <a name="l00334"></a>00334 <span class="keywordflow">for</span>( ; ; ) <a name="l00335"></a>00335 { <a name="l00336"></a>00336 <span class="keywordflow">if</span>(ln & 1) <a class="code" href="gf128mul_8h.html#4d596dd0da0ecc262a6ad482262f4c8c">gf_mul</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), tbuf); <a name="l00337"></a>00337 <span class="keywordflow">if</span>(!(ln >>= 1)) <span class="keywordflow">break</span>; <a name="l00338"></a>00338 <a class="code" href="gf128mul_8h.html#4d596dd0da0ecc262a6ad482262f4c8c">gf_mul</a>(tbuf, tbuf); <a name="l00339"></a>00339 } <a name="l00340"></a>00340 } <a name="l00341"></a>00341 <span class="preprocessor">#else </span><span class="comment">/* this one seems slower on x86 and x86_64 :-( */</span> <a name="l00342"></a>00342 <span class="keywordflow">if</span>(ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> && (ln = (uint_32t)((ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> + BLOCK_SIZE - 1) / BLOCK_SIZE))) <a name="l00343"></a>00343 { <a name="l00344"></a>00344 i = ln | ln >> 1; i |= i >> 2; i |= i >> 4; <a name="l00345"></a>00345 i |= i >> 8; i |= i >> 16; i = i & ~(i >> 1); <a name="l00346"></a>00346 memset(tbuf, 0, BLOCK_SIZE); <a name="l00347"></a>00347 tbuf[0] = 0x80; <a name="l00348"></a>00348 <span class="keywordflow">while</span>(i) <a name="l00349"></a>00349 { <a name="l00350"></a>00350 <a class="code" href="gf128mul_8h.html#4d596dd0da0ecc262a6ad482262f4c8c">gf_mul</a>(tbuf, tbuf); <a name="l00351"></a>00351 <span class="keywordflow">if</span>(i & ln) <a name="l00352"></a>00352 gf_mul_hh(tbuf, ctx, scratch); <a name="l00353"></a>00353 i >>= 1; <a name="l00354"></a>00354 } <a name="l00355"></a>00355 <a class="code" href="gf128mul_8h.html#4d596dd0da0ecc262a6ad482262f4c8c">gf_mul</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), tbuf); <a name="l00356"></a>00356 } <a name="l00357"></a>00357 <span class="preprocessor">#endif</span> <a name="l00358"></a>00358 <span class="preprocessor"></span> i = BLOCK_SIZE; ln = (uint_32t)(ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> << 3); <a name="l00359"></a>00359 <span class="keywordflow">while</span>(i-- > 0) <a name="l00360"></a>00360 { <a name="l00361"></a>00361 <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)[i] ^= <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">txt_ghv</a>)[i] ^ (<span class="keywordtype">unsigned</span> char)ln; <a name="l00362"></a>00362 ln = (i == 8 ? (uint_32t)(ctx-><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">hdr_cnt</a> << 3) : ln >> 8); <a name="l00363"></a>00363 } <a name="l00364"></a>00364 <a name="l00365"></a>00365 gf_mul_hh(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>), ctx, scratch); <a name="l00366"></a>00366 <a name="l00367"></a>00367 *<a class="code" href="mode__hdr_8h.html#9cd97e38a347fe21f3c7833e7b7e8110">ui32_ptr</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>) + CTR_POS) = ctx-><a class="code" href="structgcm__ctx.html#aaebffae6b9b8655beb6a1dcd8fd4434">y0_val</a>; <a name="l00368"></a>00368 <a class="code" href="gcm__aes_8h.html#13c30517f0dd832d7027e2d2a39d055b">aes_encrypt</a>(<a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">ctr_val</a>), <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>), ctx-><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">aes</a>); <a name="l00369"></a>00369 <span class="keywordflow">for</span>(i = 0; i < (<span class="keywordtype">unsigned</span> int)tag_len; ++i) <a name="l00370"></a>00370 tag[i] = <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">hdr_ghv</a>)[i] ^ <a class="code" href="mode__hdr_8h.html#204476677ab6821ec9a155729a843ace">ui8_ptr</a>(ctx-><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">enc_ctr</a>)[i]; <a name="l00371"></a>00371 <a name="l00372"></a>00372 <span class="keywordflow">return</span> (ctx-><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">txt_ccnt</a> == ctx-><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">txt_acnt</a> ? <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a> : <a class="code" href="gcm_8h.html#a529a3ade43a2979d477e450242004b0">RETURN_WARN</a>); <a name="l00373"></a>00373 } <a name="l00374"></a>00374 <a name="l00375"></a>00375 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#0e37bb8dc094c7ab3af2c1e4bafcc360">gcm_end</a>( <span class="comment">/* clean up and end operation */</span> <a name="l00376"></a>00376 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00377"></a>00377 { <a name="l00378"></a>00378 memset(ctx, 0, <span class="keyword">sizeof</span>(<a class="code" href="structgcm__ctx.html">gcm_ctx</a>)); <a name="l00379"></a>00379 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00380"></a>00380 } <a name="l00381"></a>00381 <a name="l00382"></a>00382 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#14c0cae74fab923c0290ccbc0baa4a44">gcm_encrypt</a>( <span class="comment">/* encrypt & authenticate data */</span> <a name="l00383"></a>00383 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00384"></a>00384 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00385"></a>00385 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00386"></a>00386 { <a name="l00387"></a>00387 <a name="l00388"></a>00388 <a class="code" href="gcm_8h.html#734d3157fb8a3da6f8af7a92855021b0">gcm_crypt_data</a>(data, data_len, ctx); <a name="l00389"></a>00389 <a class="code" href="gcm_8h.html#e0d5938e51cb31e58db485abbd400e39">gcm_auth_data</a>(data, data_len, ctx); <a name="l00390"></a>00390 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00391"></a>00391 } <a name="l00392"></a>00392 <a name="l00393"></a>00393 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#eda1ee70a25e5b06af8341018a95b11d">gcm_decrypt</a>( <span class="comment">/* authenticate & decrypt data */</span> <a name="l00394"></a>00394 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00395"></a>00395 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00396"></a>00396 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00397"></a>00397 { <a name="l00398"></a>00398 <a class="code" href="gcm_8h.html#e0d5938e51cb31e58db485abbd400e39">gcm_auth_data</a>(data, data_len, ctx); <a name="l00399"></a>00399 <a class="code" href="gcm_8h.html#734d3157fb8a3da6f8af7a92855021b0">gcm_crypt_data</a>(data, data_len, ctx); <a name="l00400"></a>00400 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00401"></a>00401 } <a name="l00402"></a>00402 <a name="l00403"></a>00403 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#1d46a1f6a2fc83e504eb48a55814b289">gcm_encrypt_message</a>( <span class="comment">/* encrypt an entire message */</span> <a name="l00404"></a>00404 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00405"></a>00405 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00406"></a>00406 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00407"></a>00407 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00408"></a>00408 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> msg[], <span class="comment">/* the message buffer */</span> <a name="l00409"></a>00409 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> msg_len, <span class="comment">/* and its length in bytes */</span> <a name="l00410"></a>00410 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00411"></a>00411 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00412"></a>00412 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00413"></a>00413 { <a name="l00414"></a>00414 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(iv, iv_len, ctx); <a name="l00415"></a>00415 <a class="code" href="gcm_8h.html#95f68fdf95d3cf02bea89a68614a046f">gcm_auth_header</a>(hdr, hdr_len, ctx); <a name="l00416"></a>00416 <a class="code" href="gcm_8h.html#14c0cae74fab923c0290ccbc0baa4a44">gcm_encrypt</a>(msg, msg_len, ctx); <a name="l00417"></a>00417 <span class="keywordflow">return</span> <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>(tag, tag_len, ctx) ? <a class="code" href="gcm_8h.html#9eec9e2a2ffc5f3c7a1bfbe1ba4a4c2b">RETURN_ERROR</a> : <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00418"></a>00418 } <a name="l00419"></a>00419 <a name="l00420"></a>00420 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> <a class="code" href="gcm_8h.html#83f849d6a9182d6a6675b4d423f4d8ee">gcm_decrypt_message</a>( <span class="comment">/* decrypt an entire message */</span> <a name="l00421"></a>00421 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00422"></a>00422 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00423"></a>00423 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00424"></a>00424 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00425"></a>00425 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> msg[], <span class="comment">/* the message buffer */</span> <a name="l00426"></a>00426 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> msg_len, <span class="comment">/* and its length in bytes */</span> <a name="l00427"></a>00427 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00428"></a>00428 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00429"></a>00429 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]) <span class="comment">/* the mode context */</span> <a name="l00430"></a>00430 { uint_8t local_tag[BLOCK_SIZE]; <a name="l00431"></a>00431 <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a> rr; <a name="l00432"></a>00432 <a name="l00433"></a>00433 <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>(iv, iv_len, ctx); <a name="l00434"></a>00434 <a class="code" href="gcm_8h.html#95f68fdf95d3cf02bea89a68614a046f">gcm_auth_header</a>(hdr, hdr_len, ctx); <a name="l00435"></a>00435 <a class="code" href="gcm_8h.html#eda1ee70a25e5b06af8341018a95b11d">gcm_decrypt</a>(msg, msg_len, ctx); <a name="l00436"></a>00436 rr = <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>(local_tag, tag_len, ctx); <a name="l00437"></a>00437 <span class="keywordflow">return</span> (rr != <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a> || memcmp(tag, local_tag, tag_len)) ? <a class="code" href="gcm_8h.html#9eec9e2a2ffc5f3c7a1bfbe1ba4a4c2b">RETURN_ERROR</a> : <a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">RETURN_OK</a>; <a name="l00438"></a>00438 } <a name="l00439"></a>00439 <a name="l00440"></a>00440 <span class="preprocessor">#if defined(__cplusplus)</span> <a name="l00441"></a>00441 <span class="preprocessor"></span>} <a name="l00442"></a>00442 <span class="preprocessor">#endif</span> <a name="l00443"></a>00443 <span class="preprocessor"></span> <a name="l00444"></a>00444 <span class="preprocessor">#endif </span><span class="comment">/* BSP_ENABLED */</span> </pre></div></div> <hr size="1"><address style="text-align: right;"><small>Generated on Mon Jul 21 14:09:45 2008 for DTN Reference Implementation by <a href="http://www.doxygen.org/index.html"> <img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6 </small></address> </body> </html>