Kenji Arai
/
TYBLE16_mbedlized_os5_several_examples_1st
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: nRF51_Vdd TextLCD BME280
Embed:
(wiki syntax)
Show/hide line numbers
poly1305.c
Go to the documentation of this file.
00001 /** 00002 * \file poly1305.c 00003 * 00004 * \brief Poly1305 authentication algorithm. 00005 * 00006 * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved 00007 * SPDX-License-Identifier: Apache-2.0 00008 * 00009 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00010 * not use this file except in compliance with the License. 00011 * You may obtain a copy of the License at 00012 * 00013 * http://www.apache.org/licenses/LICENSE-2.0 00014 * 00015 * Unless required by applicable law or agreed to in writing, software 00016 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00017 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00018 * See the License for the specific language governing permissions and 00019 * limitations under the License. 00020 * 00021 * This file is part of mbed TLS (https://tls.mbed.org) 00022 */ 00023 #if !defined(MBEDTLS_CONFIG_FILE) 00024 #include "mbedtls/config.h" 00025 #else 00026 #include MBEDTLS_CONFIG_FILE 00027 #endif 00028 00029 #if defined(MBEDTLS_POLY1305_C) 00030 00031 #include "mbedtls/poly1305.h" 00032 #include "mbedtls/platform_util.h" 00033 00034 #include <string.h> 00035 00036 #if defined(MBEDTLS_SELF_TEST) 00037 #if defined(MBEDTLS_PLATFORM_C) 00038 #include "mbedtls/platform.h" 00039 #else 00040 #include <stdio.h> 00041 #define mbedtls_printf printf 00042 #endif /* MBEDTLS_PLATFORM_C */ 00043 #endif /* MBEDTLS_SELF_TEST */ 00044 00045 #if !defined(MBEDTLS_POLY1305_ALT) 00046 00047 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00048 !defined(inline) && !defined(__cplusplus) 00049 #define inline __inline 00050 #endif 00051 00052 #define POLY1305_BLOCK_SIZE_BYTES ( 16U ) 00053 00054 #define BYTES_TO_U32_LE( data, offset ) \ 00055 ( (uint32_t) data[offset] \ 00056 | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \ 00057 | (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \ 00058 | (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \ 00059 ) 00060 00061 /* 00062 * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. 00063 * However we provided an alternative for platforms without such a multiplier. 00064 */ 00065 #if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) 00066 static uint64_t mul64( uint32_t a, uint32_t b ) 00067 { 00068 /* a = al + 2**16 ah, b = bl + 2**16 bh */ 00069 const uint16_t al = (uint16_t) a; 00070 const uint16_t bl = (uint16_t) b; 00071 const uint16_t ah = a >> 16; 00072 const uint16_t bh = b >> 16; 00073 00074 /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ 00075 const uint32_t lo = (uint32_t) al * bl; 00076 const uint64_t me = (uint64_t)( (uint32_t) ah * bl ) + (uint32_t) al * bh; 00077 const uint32_t hi = (uint32_t) ah * bh; 00078 00079 return( lo + ( me << 16 ) + ( (uint64_t) hi << 32 ) ); 00080 } 00081 #else 00082 static inline uint64_t mul64( uint32_t a, uint32_t b ) 00083 { 00084 return( (uint64_t) a * b ); 00085 } 00086 #endif 00087 00088 00089 /** 00090 * \brief Process blocks with Poly1305. 00091 * 00092 * \param ctx The Poly1305 context. 00093 * \param nblocks Number of blocks to process. Note that this 00094 * function only processes full blocks. 00095 * \param input Buffer containing the input block(s). 00096 * \param needs_padding Set to 0 if the padding bit has already been 00097 * applied to the input data before calling this 00098 * function. Otherwise, set this parameter to 1. 00099 */ 00100 static void poly1305_process( mbedtls_poly1305_context *ctx, 00101 size_t nblocks, 00102 const unsigned char *input, 00103 uint32_t needs_padding ) 00104 { 00105 uint64_t d0, d1, d2, d3; 00106 uint32_t acc0, acc1, acc2, acc3, acc4; 00107 uint32_t r0, r1, r2, r3; 00108 uint32_t rs1, rs2, rs3; 00109 size_t offset = 0U; 00110 size_t i; 00111 00112 r0 = ctx->r[0]; 00113 r1 = ctx->r[1]; 00114 r2 = ctx->r[2]; 00115 r3 = ctx->r[3]; 00116 00117 rs1 = r1 + ( r1 >> 2U ); 00118 rs2 = r2 + ( r2 >> 2U ); 00119 rs3 = r3 + ( r3 >> 2U ); 00120 00121 acc0 = ctx->acc[0]; 00122 acc1 = ctx->acc[1]; 00123 acc2 = ctx->acc[2]; 00124 acc3 = ctx->acc[3]; 00125 acc4 = ctx->acc[4]; 00126 00127 /* Process full blocks */ 00128 for( i = 0U; i < nblocks; i++ ) 00129 { 00130 /* The input block is treated as a 128-bit little-endian integer */ 00131 d0 = BYTES_TO_U32_LE( input, offset + 0 ); 00132 d1 = BYTES_TO_U32_LE( input, offset + 4 ); 00133 d2 = BYTES_TO_U32_LE( input, offset + 8 ); 00134 d3 = BYTES_TO_U32_LE( input, offset + 12 ); 00135 00136 /* Compute: acc += (padded) block as a 130-bit integer */ 00137 d0 += (uint64_t) acc0; 00138 d1 += (uint64_t) acc1 + ( d0 >> 32U ); 00139 d2 += (uint64_t) acc2 + ( d1 >> 32U ); 00140 d3 += (uint64_t) acc3 + ( d2 >> 32U ); 00141 acc0 = (uint32_t) d0; 00142 acc1 = (uint32_t) d1; 00143 acc2 = (uint32_t) d2; 00144 acc3 = (uint32_t) d3; 00145 acc4 += (uint32_t) ( d3 >> 32U ) + needs_padding; 00146 00147 /* Compute: acc *= r */ 00148 d0 = mul64( acc0, r0 ) + 00149 mul64( acc1, rs3 ) + 00150 mul64( acc2, rs2 ) + 00151 mul64( acc3, rs1 ); 00152 d1 = mul64( acc0, r1 ) + 00153 mul64( acc1, r0 ) + 00154 mul64( acc2, rs3 ) + 00155 mul64( acc3, rs2 ) + 00156 mul64( acc4, rs1 ); 00157 d2 = mul64( acc0, r2 ) + 00158 mul64( acc1, r1 ) + 00159 mul64( acc2, r0 ) + 00160 mul64( acc3, rs3 ) + 00161 mul64( acc4, rs2 ); 00162 d3 = mul64( acc0, r3 ) + 00163 mul64( acc1, r2 ) + 00164 mul64( acc2, r1 ) + 00165 mul64( acc3, r0 ) + 00166 mul64( acc4, rs3 ); 00167 acc4 *= r0; 00168 00169 /* Compute: acc %= (2^130 - 5) (partial remainder) */ 00170 d1 += ( d0 >> 32 ); 00171 d2 += ( d1 >> 32 ); 00172 d3 += ( d2 >> 32 ); 00173 acc0 = (uint32_t) d0; 00174 acc1 = (uint32_t) d1; 00175 acc2 = (uint32_t) d2; 00176 acc3 = (uint32_t) d3; 00177 acc4 = (uint32_t) ( d3 >> 32 ) + acc4; 00178 00179 d0 = (uint64_t) acc0 + ( acc4 >> 2 ) + ( acc4 & 0xFFFFFFFCU ); 00180 acc4 &= 3U; 00181 acc0 = (uint32_t) d0; 00182 d0 = (uint64_t) acc1 + ( d0 >> 32U ); 00183 acc1 = (uint32_t) d0; 00184 d0 = (uint64_t) acc2 + ( d0 >> 32U ); 00185 acc2 = (uint32_t) d0; 00186 d0 = (uint64_t) acc3 + ( d0 >> 32U ); 00187 acc3 = (uint32_t) d0; 00188 d0 = (uint64_t) acc4 + ( d0 >> 32U ); 00189 acc4 = (uint32_t) d0; 00190 00191 offset += POLY1305_BLOCK_SIZE_BYTES; 00192 } 00193 00194 ctx->acc[0] = acc0; 00195 ctx->acc[1] = acc1; 00196 ctx->acc[2] = acc2; 00197 ctx->acc[3] = acc3; 00198 ctx->acc[4] = acc4; 00199 } 00200 00201 /** 00202 * \brief Compute the Poly1305 MAC 00203 * 00204 * \param ctx The Poly1305 context. 00205 * \param mac The buffer to where the MAC is written. Must be 00206 * big enough to contain the 16-byte MAC. 00207 */ 00208 static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, 00209 unsigned char mac[16] ) 00210 { 00211 uint64_t d; 00212 uint32_t g0, g1, g2, g3, g4; 00213 uint32_t acc0, acc1, acc2, acc3, acc4; 00214 uint32_t mask; 00215 uint32_t mask_inv; 00216 00217 acc0 = ctx->acc[0]; 00218 acc1 = ctx->acc[1]; 00219 acc2 = ctx->acc[2]; 00220 acc3 = ctx->acc[3]; 00221 acc4 = ctx->acc[4]; 00222 00223 /* Before adding 's' we ensure that the accumulator is mod 2^130 - 5. 00224 * We do this by calculating acc - (2^130 - 5), then checking if 00225 * the 131st bit is set. If it is, then reduce: acc -= (2^130 - 5) 00226 */ 00227 00228 /* Calculate acc + -(2^130 - 5) */ 00229 d = ( (uint64_t) acc0 + 5U ); 00230 g0 = (uint32_t) d; 00231 d = ( (uint64_t) acc1 + ( d >> 32 ) ); 00232 g1 = (uint32_t) d; 00233 d = ( (uint64_t) acc2 + ( d >> 32 ) ); 00234 g2 = (uint32_t) d; 00235 d = ( (uint64_t) acc3 + ( d >> 32 ) ); 00236 g3 = (uint32_t) d; 00237 g4 = acc4 + (uint32_t) ( d >> 32U ); 00238 00239 /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */ 00240 mask = (uint32_t) 0U - ( g4 >> 2U ); 00241 mask_inv = ~mask; 00242 00243 /* If 131st bit is set then acc=g, otherwise, acc is unmodified */ 00244 acc0 = ( acc0 & mask_inv ) | ( g0 & mask ); 00245 acc1 = ( acc1 & mask_inv ) | ( g1 & mask ); 00246 acc2 = ( acc2 & mask_inv ) | ( g2 & mask ); 00247 acc3 = ( acc3 & mask_inv ) | ( g3 & mask ); 00248 00249 /* Add 's' */ 00250 d = (uint64_t) acc0 + ctx->s[0]; 00251 acc0 = (uint32_t) d; 00252 d = (uint64_t) acc1 + ctx->s[1] + ( d >> 32U ); 00253 acc1 = (uint32_t) d; 00254 d = (uint64_t) acc2 + ctx->s[2] + ( d >> 32U ); 00255 acc2 = (uint32_t) d; 00256 acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); 00257 00258 /* Compute MAC (128 least significant bits of the accumulator) */ 00259 mac[ 0] = (unsigned char)( acc0 ); 00260 mac[ 1] = (unsigned char)( acc0 >> 8 ); 00261 mac[ 2] = (unsigned char)( acc0 >> 16 ); 00262 mac[ 3] = (unsigned char)( acc0 >> 24 ); 00263 mac[ 4] = (unsigned char)( acc1 ); 00264 mac[ 5] = (unsigned char)( acc1 >> 8 ); 00265 mac[ 6] = (unsigned char)( acc1 >> 16 ); 00266 mac[ 7] = (unsigned char)( acc1 >> 24 ); 00267 mac[ 8] = (unsigned char)( acc2 ); 00268 mac[ 9] = (unsigned char)( acc2 >> 8 ); 00269 mac[10] = (unsigned char)( acc2 >> 16 ); 00270 mac[11] = (unsigned char)( acc2 >> 24 ); 00271 mac[12] = (unsigned char)( acc3 ); 00272 mac[13] = (unsigned char)( acc3 >> 8 ); 00273 mac[14] = (unsigned char)( acc3 >> 16 ); 00274 mac[15] = (unsigned char)( acc3 >> 24 ); 00275 } 00276 00277 void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) 00278 { 00279 if( ctx != NULL ) 00280 { 00281 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); 00282 } 00283 } 00284 00285 void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ) 00286 { 00287 if( ctx != NULL ) 00288 { 00289 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); 00290 } 00291 } 00292 00293 int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, 00294 const unsigned char key[32] ) 00295 { 00296 if( ctx == NULL || key == NULL ) 00297 { 00298 return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); 00299 } 00300 00301 /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ 00302 ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; 00303 ctx->r[1] = BYTES_TO_U32_LE( key, 4 ) & 0x0FFFFFFCU; 00304 ctx->r[2] = BYTES_TO_U32_LE( key, 8 ) & 0x0FFFFFFCU; 00305 ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU; 00306 00307 ctx->s[0] = BYTES_TO_U32_LE( key, 16 ); 00308 ctx->s[1] = BYTES_TO_U32_LE( key, 20 ); 00309 ctx->s[2] = BYTES_TO_U32_LE( key, 24 ); 00310 ctx->s[3] = BYTES_TO_U32_LE( key, 28 ); 00311 00312 /* Initial accumulator state */ 00313 ctx->acc[0] = 0U; 00314 ctx->acc[1] = 0U; 00315 ctx->acc[2] = 0U; 00316 ctx->acc[3] = 0U; 00317 ctx->acc[4] = 0U; 00318 00319 /* Queue initially empty */ 00320 mbedtls_platform_zeroize( ctx->queue, sizeof( ctx->queue ) ); 00321 ctx->queue_len = 0U; 00322 00323 return( 0 ); 00324 } 00325 00326 int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, 00327 const unsigned char *input, 00328 size_t ilen ) 00329 { 00330 size_t offset = 0U; 00331 size_t remaining = ilen; 00332 size_t queue_free_len; 00333 size_t nblocks; 00334 00335 if( ctx == NULL ) 00336 { 00337 return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); 00338 } 00339 else if( ( ilen > 0U ) && ( input == NULL ) ) 00340 { 00341 /* input pointer is allowed to be NULL only if ilen == 0 */ 00342 return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); 00343 } 00344 00345 if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) ) 00346 { 00347 queue_free_len = ( POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); 00348 00349 if( ilen < queue_free_len ) 00350 { 00351 /* Not enough data to complete the block. 00352 * Store this data with the other leftovers. 00353 */ 00354 memcpy( &ctx->queue[ctx->queue_len], 00355 input, 00356 ilen ); 00357 00358 ctx->queue_len += ilen; 00359 00360 remaining = 0U; 00361 } 00362 else 00363 { 00364 /* Enough data to produce a complete block */ 00365 memcpy( &ctx->queue[ctx->queue_len], 00366 input, 00367 queue_free_len ); 00368 00369 ctx->queue_len = 0U; 00370 00371 poly1305_process( ctx, 1U, ctx->queue, 1U ); /* add padding bit */ 00372 00373 offset += queue_free_len; 00374 remaining -= queue_free_len; 00375 } 00376 } 00377 00378 if( remaining >= POLY1305_BLOCK_SIZE_BYTES ) 00379 { 00380 nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES; 00381 00382 poly1305_process( ctx, nblocks, &input[offset], 1U ); 00383 00384 offset += nblocks * POLY1305_BLOCK_SIZE_BYTES; 00385 remaining %= POLY1305_BLOCK_SIZE_BYTES; 00386 } 00387 00388 if( remaining > 0U ) 00389 { 00390 /* Store partial block */ 00391 ctx->queue_len = remaining; 00392 memcpy( ctx->queue, &input[offset], remaining ); 00393 } 00394 00395 return( 0 ); 00396 } 00397 00398 int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, 00399 unsigned char mac[16] ) 00400 { 00401 if( ( ctx == NULL ) || ( mac == NULL ) ) 00402 { 00403 return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); 00404 } 00405 00406 /* Process any leftover data */ 00407 if( ctx->queue_len > 0U ) 00408 { 00409 /* Add padding bit */ 00410 ctx->queue[ctx->queue_len] = 1U; 00411 ctx->queue_len++; 00412 00413 /* Pad with zeroes */ 00414 memset( &ctx->queue[ctx->queue_len], 00415 0, 00416 POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); 00417 00418 poly1305_process( ctx, 1U, /* Process 1 block */ 00419 ctx->queue, 0U ); /* Already padded above */ 00420 } 00421 00422 poly1305_compute_mac( ctx, mac ); 00423 00424 return( 0 ); 00425 } 00426 00427 int mbedtls_poly1305_mac( const unsigned char key[32], 00428 const unsigned char *input, 00429 size_t ilen, 00430 unsigned char mac[16] ) 00431 { 00432 mbedtls_poly1305_context ctx; 00433 int ret; 00434 00435 mbedtls_poly1305_init( &ctx ); 00436 00437 ret = mbedtls_poly1305_starts( &ctx, key ); 00438 if( ret != 0 ) 00439 goto cleanup; 00440 00441 ret = mbedtls_poly1305_update( &ctx, input, ilen ); 00442 if( ret != 0 ) 00443 goto cleanup; 00444 00445 ret = mbedtls_poly1305_finish( &ctx, mac ); 00446 00447 cleanup: 00448 mbedtls_poly1305_free( &ctx ); 00449 return( ret ); 00450 } 00451 00452 #endif /* MBEDTLS_POLY1305_ALT */ 00453 00454 #if defined(MBEDTLS_SELF_TEST) 00455 00456 static const unsigned char test_keys[2][32] = 00457 { 00458 { 00459 0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33, 00460 0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8, 00461 0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd, 00462 0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b 00463 }, 00464 { 00465 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, 00466 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, 00467 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, 00468 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0 00469 } 00470 }; 00471 00472 static const unsigned char test_data[2][127] = 00473 { 00474 { 00475 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x67, 0x72, 00476 0x61, 0x70, 0x68, 0x69, 0x63, 0x20, 0x46, 0x6f, 00477 0x72, 0x75, 0x6d, 0x20, 0x52, 0x65, 0x73, 0x65, 00478 0x61, 0x72, 0x63, 0x68, 0x20, 0x47, 0x72, 0x6f, 00479 0x75, 0x70 00480 }, 00481 { 00482 0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72, 00483 0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61, 00484 0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 00485 0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f, 00486 0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20, 00487 0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64, 00488 0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20, 00489 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77, 00490 0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c, 00491 0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77, 00492 0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20, 00493 0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65, 00494 0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74, 00495 0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20, 00496 0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75, 00497 0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e 00498 } 00499 }; 00500 00501 static const size_t test_data_len[2] = 00502 { 00503 34U, 00504 127U 00505 }; 00506 00507 static const unsigned char test_mac[2][16] = 00508 { 00509 { 00510 0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6, 00511 0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9 00512 }, 00513 { 00514 0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61, 00515 0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62 00516 } 00517 }; 00518 00519 #define ASSERT( cond, args ) \ 00520 do \ 00521 { \ 00522 if( ! ( cond ) ) \ 00523 { \ 00524 if( verbose != 0 ) \ 00525 mbedtls_printf args; \ 00526 \ 00527 return( -1 ); \ 00528 } \ 00529 } \ 00530 while( 0 ) 00531 00532 int mbedtls_poly1305_self_test( int verbose ) 00533 { 00534 unsigned char mac[16]; 00535 unsigned i; 00536 int ret; 00537 00538 for( i = 0U; i < 2U; i++ ) 00539 { 00540 if( verbose != 0 ) 00541 mbedtls_printf( " Poly1305 test %u ", i ); 00542 00543 ret = mbedtls_poly1305_mac( test_keys[i], 00544 test_data[i], 00545 test_data_len[i], 00546 mac ); 00547 ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); 00548 00549 ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ( "failed (mac)\n" ) ); 00550 00551 if( verbose != 0 ) 00552 mbedtls_printf( "passed\n" ); 00553 } 00554 00555 if( verbose != 0 ) 00556 mbedtls_printf( "\n" ); 00557 00558 return( 0 ); 00559 } 00560 00561 #endif /* MBEDTLS_SELF_TEST */ 00562 00563 #endif /* MBEDTLS_POLY1305_C */
Generated on Tue Jul 12 2022 15:15:56 by
1.7.2