diff options
Diffstat (limited to 'libtomcrypt/src/encauth/gcm/gcm_process.c')
| -rw-r--r-- | libtomcrypt/src/encauth/gcm/gcm_process.c | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/libtomcrypt/src/encauth/gcm/gcm_process.c b/libtomcrypt/src/encauth/gcm/gcm_process.c index af0444d..b1ec20c 100644 --- a/libtomcrypt/src/encauth/gcm/gcm_process.c +++ b/libtomcrypt/src/encauth/gcm/gcm_process.c @@ -5,8 +5,6 @@ * * The library is free for all purposes without any express * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ /** @@ -17,9 +15,9 @@ #ifdef LTC_GCM_MODE -/** +/** Process plaintext/ciphertext through GCM - @param gcm The GCM state + @param gcm The GCM state @param pt The plaintext @param ptlen The plaintext length (ciphertext length is the same) @param ct The ciphertext @@ -44,11 +42,21 @@ int gcm_process(gcm_state *gcm, if (gcm->buflen > 16 || gcm->buflen < 0) { return CRYPT_INVALID_ARG; } - + if ((err = cipher_is_valid(gcm->cipher)) != CRYPT_OK) { return err; } + /* 0xFFFFFFFE0 = ((2^39)-256)/8 */ + if (gcm->pttotlen / 8 + (ulong64)gcm->buflen + (ulong64)ptlen >= CONST64(0xFFFFFFFE0)) { + return CRYPT_INVALID_ARG; + } + + if (gcm->mode == LTC_GCM_MODE_IV) { + /* let's process the IV */ + if ((err = gcm_add_aad(gcm, NULL, 0)) != CRYPT_OK) return err; + } + /* in AAD mode? */ if (gcm->mode == LTC_GCM_MODE_AAD) { /* let's process the AAD */ @@ -77,12 +85,12 @@ int gcm_process(gcm_state *gcm, x = 0; #ifdef LTC_FAST if (gcm->buflen == 0) { - if (direction == GCM_ENCRYPT) { + if (direction == GCM_ENCRYPT) { for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *((LTC_FAST_TYPE*)(&ct[x + y])) = *((LTC_FAST_TYPE*)(&pt[x+y])) ^ *((LTC_FAST_TYPE*)(&gcm->buf[y])); - *((LTC_FAST_TYPE*)(&gcm->X[y])) ^= *((LTC_FAST_TYPE*)(&ct[x+y])); + *(LTC_FAST_TYPE_PTR_CAST(&ct[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&pt[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); + *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); } /* GMAC it */ gcm->pttotlen += 128; @@ -99,8 +107,8 @@ int gcm_process(gcm_state *gcm, for (x = 0; x < (ptlen & ~15); x += 16) { /* ctr encrypt */ for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) { - *((LTC_FAST_TYPE*)(&gcm->X[y])) ^= *((LTC_FAST_TYPE*)(&ct[x+y])); - *((LTC_FAST_TYPE*)(&pt[x + y])) = *((LTC_FAST_TYPE*)(&ct[x+y])) ^ *((LTC_FAST_TYPE*)(&gcm->buf[y])); + *(LTC_FAST_TYPE_PTR_CAST(&gcm->X[y])) ^= *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])); + *(LTC_FAST_TYPE_PTR_CAST(&pt[x + y])) = *(LTC_FAST_TYPE_PTR_CAST(&ct[x+y])) ^ *(LTC_FAST_TYPE_PTR_CAST(&gcm->buf[y])); } /* GMAC it */ gcm->pttotlen += 128; @@ -113,16 +121,16 @@ int gcm_process(gcm_state *gcm, return err; } } - } + } } -#endif +#endif /* process text */ for (; x < ptlen; x++) { if (gcm->buflen == 16) { gcm->pttotlen += 128; gcm_mult_h(gcm, gcm->X); - + /* increment counter */ for (y = 15; y >= 12; y--) { if (++gcm->Y[y] & 255) { break; } @@ -134,12 +142,12 @@ int gcm_process(gcm_state *gcm, } if (direction == GCM_ENCRYPT) { - b = ct[x] = pt[x] ^ gcm->buf[gcm->buflen]; + b = ct[x] = pt[x] ^ gcm->buf[gcm->buflen]; } else { b = ct[x]; pt[x] = ct[x] ^ gcm->buf[gcm->buflen]; } - gcm->X[gcm->buflen++] ^= b; + gcm->X[gcm->buflen++] ^= b; } return CRYPT_OK; @@ -147,6 +155,6 @@ int gcm_process(gcm_state *gcm, #endif -/* $Source$ */ -/* $Revision$ */ -/* $Date$ */ +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ |