nexpaq_dev - Preliminary main mbed library for nexpaq developm…

Users » nexpaq » Code » nexpaq_dev

Preliminary main mbed library for nexpaq development

features/mbedtls/src/cipher.c@1:d96dbedaebdb, 2016-11-04 (annotated)

Committer:: nexpaq
Date:: Fri Nov 04 20:54:50 2016 +0000
Revision:: 1:d96dbedaebdb
Parent:: 0:6c56fb4bc5f0

Removed extra directories for other platforms

Who changed what in which revision?

User	Revision	Line number	New contents of line
nexpaq	0:6c56fb4bc5f0	1	/**
nexpaq	0:6c56fb4bc5f0	2	* \file cipher.c
nexpaq	0:6c56fb4bc5f0	3	*
nexpaq	0:6c56fb4bc5f0	4	* \brief Generic cipher wrapper for mbed TLS
nexpaq	0:6c56fb4bc5f0	5	*
nexpaq	0:6c56fb4bc5f0	6	* \author Adriaan de Jong <dejong@fox-it.com>
nexpaq	0:6c56fb4bc5f0	7	*
nexpaq	0:6c56fb4bc5f0	8	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
nexpaq	0:6c56fb4bc5f0	9	* SPDX-License-Identifier: Apache-2.0
nexpaq	0:6c56fb4bc5f0	10	*
nexpaq	0:6c56fb4bc5f0	11	* Licensed under the Apache License, Version 2.0 (the "License"); you may
nexpaq	0:6c56fb4bc5f0	12	* not use this file except in compliance with the License.
nexpaq	0:6c56fb4bc5f0	13	* You may obtain a copy of the License at
nexpaq	0:6c56fb4bc5f0	14	*
nexpaq	0:6c56fb4bc5f0	15	* http://www.apache.org/licenses/LICENSE-2.0
nexpaq	0:6c56fb4bc5f0	16	*
nexpaq	0:6c56fb4bc5f0	17	* Unless required by applicable law or agreed to in writing, software
nexpaq	0:6c56fb4bc5f0	18	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
nexpaq	0:6c56fb4bc5f0	19	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
nexpaq	0:6c56fb4bc5f0	20	* See the License for the specific language governing permissions and
nexpaq	0:6c56fb4bc5f0	21	* limitations under the License.
nexpaq	0:6c56fb4bc5f0	22	*
nexpaq	0:6c56fb4bc5f0	23	* This file is part of mbed TLS (https://tls.mbed.org)
nexpaq	0:6c56fb4bc5f0	24	*/
nexpaq	0:6c56fb4bc5f0	25
nexpaq	0:6c56fb4bc5f0	26	#if !defined(MBEDTLS_CONFIG_FILE)
nexpaq	0:6c56fb4bc5f0	27	#include "mbedtls/config.h"
nexpaq	0:6c56fb4bc5f0	28	#else
nexpaq	0:6c56fb4bc5f0	29	#include MBEDTLS_CONFIG_FILE
nexpaq	0:6c56fb4bc5f0	30	#endif
nexpaq	0:6c56fb4bc5f0	31
nexpaq	0:6c56fb4bc5f0	32	#if defined(MBEDTLS_CIPHER_C)
nexpaq	0:6c56fb4bc5f0	33
nexpaq	0:6c56fb4bc5f0	34	#include "mbedtls/cipher.h"
nexpaq	0:6c56fb4bc5f0	35	#include "mbedtls/cipher_internal.h"
nexpaq	0:6c56fb4bc5f0	36
nexpaq	0:6c56fb4bc5f0	37	#include <stdlib.h>
nexpaq	0:6c56fb4bc5f0	38	#include <string.h>
nexpaq	0:6c56fb4bc5f0	39
nexpaq	0:6c56fb4bc5f0	40	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	41	#include "mbedtls/gcm.h"
nexpaq	0:6c56fb4bc5f0	42	#endif
nexpaq	0:6c56fb4bc5f0	43
nexpaq	0:6c56fb4bc5f0	44	#if defined(MBEDTLS_CCM_C)
nexpaq	0:6c56fb4bc5f0	45	#include "mbedtls/ccm.h"
nexpaq	0:6c56fb4bc5f0	46	#endif
nexpaq	0:6c56fb4bc5f0	47
nexpaq	0:6c56fb4bc5f0	48	#if defined(MBEDTLS_ARC4_C) \|\| defined(MBEDTLS_CIPHER_NULL_CIPHER)
nexpaq	0:6c56fb4bc5f0	49	#define MBEDTLS_CIPHER_MODE_STREAM
nexpaq	0:6c56fb4bc5f0	50	#endif
nexpaq	0:6c56fb4bc5f0	51
nexpaq	0:6c56fb4bc5f0	52	/* Implementation that should never be optimized out by the compiler */
nexpaq	0:6c56fb4bc5f0	53	static void mbedtls_zeroize( void *v, size_t n ) {
nexpaq	0:6c56fb4bc5f0	54	volatile unsigned char p = (unsigned char)v; while( n-- ) *p++ = 0;
nexpaq	0:6c56fb4bc5f0	55	}
nexpaq	0:6c56fb4bc5f0	56
nexpaq	0:6c56fb4bc5f0	57	static int supported_init = 0;
nexpaq	0:6c56fb4bc5f0	58
nexpaq	0:6c56fb4bc5f0	59	const int *mbedtls_cipher_list( void )
nexpaq	0:6c56fb4bc5f0	60	{
nexpaq	0:6c56fb4bc5f0	61	const mbedtls_cipher_definition_t *def;
nexpaq	0:6c56fb4bc5f0	62	int *type;
nexpaq	0:6c56fb4bc5f0	63
nexpaq	0:6c56fb4bc5f0	64	if( ! supported_init )
nexpaq	0:6c56fb4bc5f0	65	{
nexpaq	0:6c56fb4bc5f0	66	def = mbedtls_cipher_definitions;
nexpaq	0:6c56fb4bc5f0	67	type = mbedtls_cipher_supported;
nexpaq	0:6c56fb4bc5f0	68
nexpaq	0:6c56fb4bc5f0	69	while( def->type != 0 )
nexpaq	0:6c56fb4bc5f0	70	type++ = (def++).type;
nexpaq	0:6c56fb4bc5f0	71
nexpaq	0:6c56fb4bc5f0	72	*type = 0;
nexpaq	0:6c56fb4bc5f0	73
nexpaq	0:6c56fb4bc5f0	74	supported_init = 1;
nexpaq	0:6c56fb4bc5f0	75	}
nexpaq	0:6c56fb4bc5f0	76
nexpaq	0:6c56fb4bc5f0	77	return( mbedtls_cipher_supported );
nexpaq	0:6c56fb4bc5f0	78	}
nexpaq	0:6c56fb4bc5f0	79
nexpaq	0:6c56fb4bc5f0	80	const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
nexpaq	0:6c56fb4bc5f0	81	{
nexpaq	0:6c56fb4bc5f0	82	const mbedtls_cipher_definition_t *def;
nexpaq	0:6c56fb4bc5f0	83
nexpaq	0:6c56fb4bc5f0	84	for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
nexpaq	0:6c56fb4bc5f0	85	if( def->type == cipher_type )
nexpaq	0:6c56fb4bc5f0	86	return( def->info );
nexpaq	0:6c56fb4bc5f0	87
nexpaq	0:6c56fb4bc5f0	88	return( NULL );
nexpaq	0:6c56fb4bc5f0	89	}
nexpaq	0:6c56fb4bc5f0	90
nexpaq	0:6c56fb4bc5f0	91	const mbedtls_cipher_info_t mbedtls_cipher_info_from_string( const char cipher_name )
nexpaq	0:6c56fb4bc5f0	92	{
nexpaq	0:6c56fb4bc5f0	93	const mbedtls_cipher_definition_t *def;
nexpaq	0:6c56fb4bc5f0	94
nexpaq	0:6c56fb4bc5f0	95	if( NULL == cipher_name )
nexpaq	0:6c56fb4bc5f0	96	return( NULL );
nexpaq	0:6c56fb4bc5f0	97
nexpaq	0:6c56fb4bc5f0	98	for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
nexpaq	0:6c56fb4bc5f0	99	if( ! strcmp( def->info->name, cipher_name ) )
nexpaq	0:6c56fb4bc5f0	100	return( def->info );
nexpaq	0:6c56fb4bc5f0	101
nexpaq	0:6c56fb4bc5f0	102	return( NULL );
nexpaq	0:6c56fb4bc5f0	103	}
nexpaq	0:6c56fb4bc5f0	104
nexpaq	0:6c56fb4bc5f0	105	const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
nexpaq	0:6c56fb4bc5f0	106	int key_bitlen,
nexpaq	0:6c56fb4bc5f0	107	const mbedtls_cipher_mode_t mode )
nexpaq	0:6c56fb4bc5f0	108	{
nexpaq	0:6c56fb4bc5f0	109	const mbedtls_cipher_definition_t *def;
nexpaq	0:6c56fb4bc5f0	110
nexpaq	0:6c56fb4bc5f0	111	for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
nexpaq	0:6c56fb4bc5f0	112	if( def->info->base->cipher == cipher_id &&
nexpaq	0:6c56fb4bc5f0	113	def->info->key_bitlen == (unsigned) key_bitlen &&
nexpaq	0:6c56fb4bc5f0	114	def->info->mode == mode )
nexpaq	0:6c56fb4bc5f0	115	return( def->info );
nexpaq	0:6c56fb4bc5f0	116
nexpaq	0:6c56fb4bc5f0	117	return( NULL );
nexpaq	0:6c56fb4bc5f0	118	}
nexpaq	0:6c56fb4bc5f0	119
nexpaq	0:6c56fb4bc5f0	120	void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
nexpaq	0:6c56fb4bc5f0	121	{
nexpaq	0:6c56fb4bc5f0	122	memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
nexpaq	0:6c56fb4bc5f0	123	}
nexpaq	0:6c56fb4bc5f0	124
nexpaq	0:6c56fb4bc5f0	125	void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
nexpaq	0:6c56fb4bc5f0	126	{
nexpaq	0:6c56fb4bc5f0	127	if( ctx == NULL )
nexpaq	0:6c56fb4bc5f0	128	return;
nexpaq	0:6c56fb4bc5f0	129
nexpaq	0:6c56fb4bc5f0	130	if( ctx->cipher_ctx )
nexpaq	0:6c56fb4bc5f0	131	ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
nexpaq	0:6c56fb4bc5f0	132
nexpaq	0:6c56fb4bc5f0	133	mbedtls_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
nexpaq	0:6c56fb4bc5f0	134	}
nexpaq	0:6c56fb4bc5f0	135
nexpaq	0:6c56fb4bc5f0	136	int mbedtls_cipher_setup( mbedtls_cipher_context_t ctx, const mbedtls_cipher_info_t cipher_info )
nexpaq	0:6c56fb4bc5f0	137	{
nexpaq	0:6c56fb4bc5f0	138	if( NULL == cipher_info \|\| NULL == ctx )
nexpaq	0:6c56fb4bc5f0	139	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	140
nexpaq	0:6c56fb4bc5f0	141	memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
nexpaq	0:6c56fb4bc5f0	142
nexpaq	0:6c56fb4bc5f0	143	if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
nexpaq	0:6c56fb4bc5f0	144	return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
nexpaq	0:6c56fb4bc5f0	145
nexpaq	0:6c56fb4bc5f0	146	ctx->cipher_info = cipher_info;
nexpaq	0:6c56fb4bc5f0	147
nexpaq	0:6c56fb4bc5f0	148	#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
nexpaq	0:6c56fb4bc5f0	149	/*
nexpaq	0:6c56fb4bc5f0	150	* Ignore possible errors caused by a cipher mode that doesn't use padding
nexpaq	0:6c56fb4bc5f0	151	*/
nexpaq	0:6c56fb4bc5f0	152	#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
nexpaq	0:6c56fb4bc5f0	153	(void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 );
nexpaq	0:6c56fb4bc5f0	154	#else
nexpaq	0:6c56fb4bc5f0	155	(void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE );
nexpaq	0:6c56fb4bc5f0	156	#endif
nexpaq	0:6c56fb4bc5f0	157	#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
nexpaq	0:6c56fb4bc5f0	158
nexpaq	0:6c56fb4bc5f0	159	return( 0 );
nexpaq	0:6c56fb4bc5f0	160	}
nexpaq	0:6c56fb4bc5f0	161
nexpaq	0:6c56fb4bc5f0	162	int mbedtls_cipher_setkey( mbedtls_cipher_context_t ctx, const unsigned char key,
nexpaq	0:6c56fb4bc5f0	163	int key_bitlen, const mbedtls_operation_t operation )
nexpaq	0:6c56fb4bc5f0	164	{
nexpaq	0:6c56fb4bc5f0	165	if( NULL == ctx \|\| NULL == ctx->cipher_info )
nexpaq	0:6c56fb4bc5f0	166	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	167
nexpaq	0:6c56fb4bc5f0	168	if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
nexpaq	0:6c56fb4bc5f0	169	(int) ctx->cipher_info->key_bitlen != key_bitlen )
nexpaq	0:6c56fb4bc5f0	170	{
nexpaq	0:6c56fb4bc5f0	171	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	172	}
nexpaq	0:6c56fb4bc5f0	173
nexpaq	0:6c56fb4bc5f0	174	ctx->key_bitlen = key_bitlen;
nexpaq	0:6c56fb4bc5f0	175	ctx->operation = operation;
nexpaq	0:6c56fb4bc5f0	176
nexpaq	0:6c56fb4bc5f0	177	/*
nexpaq	0:6c56fb4bc5f0	178	* For CFB and CTR mode always use the encryption key schedule
nexpaq	0:6c56fb4bc5f0	179	*/
nexpaq	0:6c56fb4bc5f0	180	if( MBEDTLS_ENCRYPT == operation \|\|
nexpaq	0:6c56fb4bc5f0	181	MBEDTLS_MODE_CFB == ctx->cipher_info->mode \|\|
nexpaq	0:6c56fb4bc5f0	182	MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	183	{
nexpaq	0:6c56fb4bc5f0	184	return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
nexpaq	0:6c56fb4bc5f0	185	ctx->key_bitlen );
nexpaq	0:6c56fb4bc5f0	186	}
nexpaq	0:6c56fb4bc5f0	187
nexpaq	0:6c56fb4bc5f0	188	if( MBEDTLS_DECRYPT == operation )
nexpaq	0:6c56fb4bc5f0	189	return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
nexpaq	0:6c56fb4bc5f0	190	ctx->key_bitlen );
nexpaq	0:6c56fb4bc5f0	191
nexpaq	0:6c56fb4bc5f0	192	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	193	}
nexpaq	0:6c56fb4bc5f0	194
nexpaq	0:6c56fb4bc5f0	195	int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	196	const unsigned char *iv, size_t iv_len )
nexpaq	0:6c56fb4bc5f0	197	{
nexpaq	0:6c56fb4bc5f0	198	size_t actual_iv_size;
nexpaq	0:6c56fb4bc5f0	199
nexpaq	0:6c56fb4bc5f0	200	if( NULL == ctx \|\| NULL == ctx->cipher_info \|\| NULL == iv )
nexpaq	0:6c56fb4bc5f0	201	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	202
nexpaq	0:6c56fb4bc5f0	203	/* avoid buffer overflow in ctx->iv */
nexpaq	0:6c56fb4bc5f0	204	if( iv_len > MBEDTLS_MAX_IV_LENGTH )
nexpaq	0:6c56fb4bc5f0	205	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	206
nexpaq	0:6c56fb4bc5f0	207	if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
nexpaq	0:6c56fb4bc5f0	208	actual_iv_size = iv_len;
nexpaq	0:6c56fb4bc5f0	209	else
nexpaq	0:6c56fb4bc5f0	210	{
nexpaq	0:6c56fb4bc5f0	211	actual_iv_size = ctx->cipher_info->iv_size;
nexpaq	0:6c56fb4bc5f0	212
nexpaq	0:6c56fb4bc5f0	213	/* avoid reading past the end of input buffer */
nexpaq	0:6c56fb4bc5f0	214	if( actual_iv_size > iv_len )
nexpaq	0:6c56fb4bc5f0	215	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	216	}
nexpaq	0:6c56fb4bc5f0	217
nexpaq	0:6c56fb4bc5f0	218	memcpy( ctx->iv, iv, actual_iv_size );
nexpaq	0:6c56fb4bc5f0	219	ctx->iv_size = actual_iv_size;
nexpaq	0:6c56fb4bc5f0	220
nexpaq	0:6c56fb4bc5f0	221	return( 0 );
nexpaq	0:6c56fb4bc5f0	222	}
nexpaq	0:6c56fb4bc5f0	223
nexpaq	0:6c56fb4bc5f0	224	int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
nexpaq	0:6c56fb4bc5f0	225	{
nexpaq	0:6c56fb4bc5f0	226	if( NULL == ctx \|\| NULL == ctx->cipher_info )
nexpaq	0:6c56fb4bc5f0	227	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	228
nexpaq	0:6c56fb4bc5f0	229	ctx->unprocessed_len = 0;
nexpaq	0:6c56fb4bc5f0	230
nexpaq	0:6c56fb4bc5f0	231	return( 0 );
nexpaq	0:6c56fb4bc5f0	232	}
nexpaq	0:6c56fb4bc5f0	233
nexpaq	0:6c56fb4bc5f0	234	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	235	int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	236	const unsigned char *ad, size_t ad_len )
nexpaq	0:6c56fb4bc5f0	237	{
nexpaq	0:6c56fb4bc5f0	238	if( NULL == ctx \|\| NULL == ctx->cipher_info )
nexpaq	0:6c56fb4bc5f0	239	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	240
nexpaq	0:6c56fb4bc5f0	241	if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	242	{
nexpaq	0:6c56fb4bc5f0	243	return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
nexpaq	0:6c56fb4bc5f0	244	ctx->iv, ctx->iv_size, ad, ad_len );
nexpaq	0:6c56fb4bc5f0	245	}
nexpaq	0:6c56fb4bc5f0	246
nexpaq	0:6c56fb4bc5f0	247	return( 0 );
nexpaq	0:6c56fb4bc5f0	248	}
nexpaq	0:6c56fb4bc5f0	249	#endif /* MBEDTLS_GCM_C */
nexpaq	0:6c56fb4bc5f0	250
nexpaq	0:6c56fb4bc5f0	251	int mbedtls_cipher_update( mbedtls_cipher_context_t ctx, const unsigned char input,
nexpaq	0:6c56fb4bc5f0	252	size_t ilen, unsigned char output, size_t olen )
nexpaq	0:6c56fb4bc5f0	253	{
nexpaq	0:6c56fb4bc5f0	254	int ret;
nexpaq	0:6c56fb4bc5f0	255	size_t block_size = 0;
nexpaq	0:6c56fb4bc5f0	256
nexpaq	0:6c56fb4bc5f0	257	if( NULL == ctx \|\| NULL == ctx->cipher_info \|\| NULL == olen )
nexpaq	0:6c56fb4bc5f0	258	{
nexpaq	0:6c56fb4bc5f0	259	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	260	}
nexpaq	0:6c56fb4bc5f0	261
nexpaq	0:6c56fb4bc5f0	262	*olen = 0;
nexpaq	0:6c56fb4bc5f0	263	block_size = mbedtls_cipher_get_block_size( ctx );
nexpaq	0:6c56fb4bc5f0	264
nexpaq	0:6c56fb4bc5f0	265	if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
nexpaq	0:6c56fb4bc5f0	266	{
nexpaq	0:6c56fb4bc5f0	267	if( ilen != block_size )
nexpaq	0:6c56fb4bc5f0	268	return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
nexpaq	0:6c56fb4bc5f0	269
nexpaq	0:6c56fb4bc5f0	270	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	271
nexpaq	0:6c56fb4bc5f0	272	if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	273	ctx->operation, input, output ) ) )
nexpaq	0:6c56fb4bc5f0	274	{
nexpaq	0:6c56fb4bc5f0	275	return( ret );
nexpaq	0:6c56fb4bc5f0	276	}
nexpaq	0:6c56fb4bc5f0	277
nexpaq	0:6c56fb4bc5f0	278	return( 0 );
nexpaq	0:6c56fb4bc5f0	279	}
nexpaq	0:6c56fb4bc5f0	280
nexpaq	0:6c56fb4bc5f0	281	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	282	if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
nexpaq	0:6c56fb4bc5f0	283	{
nexpaq	0:6c56fb4bc5f0	284	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	285	return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
nexpaq	0:6c56fb4bc5f0	286	output );
nexpaq	0:6c56fb4bc5f0	287	}
nexpaq	0:6c56fb4bc5f0	288	#endif
nexpaq	0:6c56fb4bc5f0	289
nexpaq	0:6c56fb4bc5f0	290	if ( 0 == block_size )
nexpaq	0:6c56fb4bc5f0	291	{
nexpaq	0:6c56fb4bc5f0	292	return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
nexpaq	0:6c56fb4bc5f0	293	}
nexpaq	0:6c56fb4bc5f0	294
nexpaq	0:6c56fb4bc5f0	295	if( input == output &&
nexpaq	0:6c56fb4bc5f0	296	( ctx->unprocessed_len != 0 \|\| ilen % block_size ) )
nexpaq	0:6c56fb4bc5f0	297	{
nexpaq	0:6c56fb4bc5f0	298	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	299	}
nexpaq	0:6c56fb4bc5f0	300
nexpaq	0:6c56fb4bc5f0	301	#if defined(MBEDTLS_CIPHER_MODE_CBC)
nexpaq	0:6c56fb4bc5f0	302	if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
nexpaq	0:6c56fb4bc5f0	303	{
nexpaq	0:6c56fb4bc5f0	304	size_t copy_len = 0;
nexpaq	0:6c56fb4bc5f0	305
nexpaq	0:6c56fb4bc5f0	306	/*
nexpaq	0:6c56fb4bc5f0	307	* If there is not enough data for a full block, cache it.
nexpaq	0:6c56fb4bc5f0	308	*/
nexpaq	0:6c56fb4bc5f0	309	if( ( ctx->operation == MBEDTLS_DECRYPT &&
nexpaq	0:6c56fb4bc5f0	310	ilen + ctx->unprocessed_len <= block_size ) \|\|
nexpaq	0:6c56fb4bc5f0	311	( ctx->operation == MBEDTLS_ENCRYPT &&
nexpaq	0:6c56fb4bc5f0	312	ilen + ctx->unprocessed_len < block_size ) )
nexpaq	0:6c56fb4bc5f0	313	{
nexpaq	0:6c56fb4bc5f0	314	memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
nexpaq	0:6c56fb4bc5f0	315	ilen );
nexpaq	0:6c56fb4bc5f0	316
nexpaq	0:6c56fb4bc5f0	317	ctx->unprocessed_len += ilen;
nexpaq	0:6c56fb4bc5f0	318	return( 0 );
nexpaq	0:6c56fb4bc5f0	319	}
nexpaq	0:6c56fb4bc5f0	320
nexpaq	0:6c56fb4bc5f0	321	/*
nexpaq	0:6c56fb4bc5f0	322	* Process cached data first
nexpaq	0:6c56fb4bc5f0	323	*/
nexpaq	0:6c56fb4bc5f0	324	if( 0 != ctx->unprocessed_len )
nexpaq	0:6c56fb4bc5f0	325	{
nexpaq	0:6c56fb4bc5f0	326	copy_len = block_size - ctx->unprocessed_len;
nexpaq	0:6c56fb4bc5f0	327
nexpaq	0:6c56fb4bc5f0	328	memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
nexpaq	0:6c56fb4bc5f0	329	copy_len );
nexpaq	0:6c56fb4bc5f0	330
nexpaq	0:6c56fb4bc5f0	331	if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	332	ctx->operation, block_size, ctx->iv,
nexpaq	0:6c56fb4bc5f0	333	ctx->unprocessed_data, output ) ) )
nexpaq	0:6c56fb4bc5f0	334	{
nexpaq	0:6c56fb4bc5f0	335	return( ret );
nexpaq	0:6c56fb4bc5f0	336	}
nexpaq	0:6c56fb4bc5f0	337
nexpaq	0:6c56fb4bc5f0	338	*olen += block_size;
nexpaq	0:6c56fb4bc5f0	339	output += block_size;
nexpaq	0:6c56fb4bc5f0	340	ctx->unprocessed_len = 0;
nexpaq	0:6c56fb4bc5f0	341
nexpaq	0:6c56fb4bc5f0	342	input += copy_len;
nexpaq	0:6c56fb4bc5f0	343	ilen -= copy_len;
nexpaq	0:6c56fb4bc5f0	344	}
nexpaq	0:6c56fb4bc5f0	345
nexpaq	0:6c56fb4bc5f0	346	/*
nexpaq	0:6c56fb4bc5f0	347	* Cache final, incomplete block
nexpaq	0:6c56fb4bc5f0	348	*/
nexpaq	0:6c56fb4bc5f0	349	if( 0 != ilen )
nexpaq	0:6c56fb4bc5f0	350	{
nexpaq	0:6c56fb4bc5f0	351	if( 0 == block_size )
nexpaq	0:6c56fb4bc5f0	352	{
nexpaq	0:6c56fb4bc5f0	353	return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
nexpaq	0:6c56fb4bc5f0	354	}
nexpaq	0:6c56fb4bc5f0	355
nexpaq	0:6c56fb4bc5f0	356	copy_len = ilen % block_size;
nexpaq	0:6c56fb4bc5f0	357	if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
nexpaq	0:6c56fb4bc5f0	358	copy_len = block_size;
nexpaq	0:6c56fb4bc5f0	359
nexpaq	0:6c56fb4bc5f0	360	memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
nexpaq	0:6c56fb4bc5f0	361	copy_len );
nexpaq	0:6c56fb4bc5f0	362
nexpaq	0:6c56fb4bc5f0	363	ctx->unprocessed_len += copy_len;
nexpaq	0:6c56fb4bc5f0	364	ilen -= copy_len;
nexpaq	0:6c56fb4bc5f0	365	}
nexpaq	0:6c56fb4bc5f0	366
nexpaq	0:6c56fb4bc5f0	367	/*
nexpaq	0:6c56fb4bc5f0	368	* Process remaining full blocks
nexpaq	0:6c56fb4bc5f0	369	*/
nexpaq	0:6c56fb4bc5f0	370	if( ilen )
nexpaq	0:6c56fb4bc5f0	371	{
nexpaq	0:6c56fb4bc5f0	372	if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	373	ctx->operation, ilen, ctx->iv, input, output ) ) )
nexpaq	0:6c56fb4bc5f0	374	{
nexpaq	0:6c56fb4bc5f0	375	return( ret );
nexpaq	0:6c56fb4bc5f0	376	}
nexpaq	0:6c56fb4bc5f0	377
nexpaq	0:6c56fb4bc5f0	378	*olen += ilen;
nexpaq	0:6c56fb4bc5f0	379	}
nexpaq	0:6c56fb4bc5f0	380
nexpaq	0:6c56fb4bc5f0	381	return( 0 );
nexpaq	0:6c56fb4bc5f0	382	}
nexpaq	0:6c56fb4bc5f0	383	#endif /* MBEDTLS_CIPHER_MODE_CBC */
nexpaq	0:6c56fb4bc5f0	384
nexpaq	0:6c56fb4bc5f0	385	#if defined(MBEDTLS_CIPHER_MODE_CFB)
nexpaq	0:6c56fb4bc5f0	386	if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
nexpaq	0:6c56fb4bc5f0	387	{
nexpaq	0:6c56fb4bc5f0	388	if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	389	ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
nexpaq	0:6c56fb4bc5f0	390	input, output ) ) )
nexpaq	0:6c56fb4bc5f0	391	{
nexpaq	0:6c56fb4bc5f0	392	return( ret );
nexpaq	0:6c56fb4bc5f0	393	}
nexpaq	0:6c56fb4bc5f0	394
nexpaq	0:6c56fb4bc5f0	395	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	396
nexpaq	0:6c56fb4bc5f0	397	return( 0 );
nexpaq	0:6c56fb4bc5f0	398	}
nexpaq	0:6c56fb4bc5f0	399	#endif /* MBEDTLS_CIPHER_MODE_CFB */
nexpaq	0:6c56fb4bc5f0	400
nexpaq	0:6c56fb4bc5f0	401	#if defined(MBEDTLS_CIPHER_MODE_CTR)
nexpaq	0:6c56fb4bc5f0	402	if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
nexpaq	0:6c56fb4bc5f0	403	{
nexpaq	0:6c56fb4bc5f0	404	if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	405	ilen, &ctx->unprocessed_len, ctx->iv,
nexpaq	0:6c56fb4bc5f0	406	ctx->unprocessed_data, input, output ) ) )
nexpaq	0:6c56fb4bc5f0	407	{
nexpaq	0:6c56fb4bc5f0	408	return( ret );
nexpaq	0:6c56fb4bc5f0	409	}
nexpaq	0:6c56fb4bc5f0	410
nexpaq	0:6c56fb4bc5f0	411	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	412
nexpaq	0:6c56fb4bc5f0	413	return( 0 );
nexpaq	0:6c56fb4bc5f0	414	}
nexpaq	0:6c56fb4bc5f0	415	#endif /* MBEDTLS_CIPHER_MODE_CTR */
nexpaq	0:6c56fb4bc5f0	416
nexpaq	0:6c56fb4bc5f0	417	#if defined(MBEDTLS_CIPHER_MODE_STREAM)
nexpaq	0:6c56fb4bc5f0	418	if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
nexpaq	0:6c56fb4bc5f0	419	{
nexpaq	0:6c56fb4bc5f0	420	if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	421	ilen, input, output ) ) )
nexpaq	0:6c56fb4bc5f0	422	{
nexpaq	0:6c56fb4bc5f0	423	return( ret );
nexpaq	0:6c56fb4bc5f0	424	}
nexpaq	0:6c56fb4bc5f0	425
nexpaq	0:6c56fb4bc5f0	426	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	427
nexpaq	0:6c56fb4bc5f0	428	return( 0 );
nexpaq	0:6c56fb4bc5f0	429	}
nexpaq	0:6c56fb4bc5f0	430	#endif /* MBEDTLS_CIPHER_MODE_STREAM */
nexpaq	0:6c56fb4bc5f0	431
nexpaq	0:6c56fb4bc5f0	432	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	433	}
nexpaq	0:6c56fb4bc5f0	434
nexpaq	0:6c56fb4bc5f0	435	#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
nexpaq	0:6c56fb4bc5f0	436	#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
nexpaq	0:6c56fb4bc5f0	437	/*
nexpaq	0:6c56fb4bc5f0	438	* PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
nexpaq	0:6c56fb4bc5f0	439	*/
nexpaq	0:6c56fb4bc5f0	440	static void add_pkcs_padding( unsigned char *output, size_t output_len,
nexpaq	0:6c56fb4bc5f0	441	size_t data_len )
nexpaq	0:6c56fb4bc5f0	442	{
nexpaq	0:6c56fb4bc5f0	443	size_t padding_len = output_len - data_len;
nexpaq	0:6c56fb4bc5f0	444	unsigned char i;
nexpaq	0:6c56fb4bc5f0	445
nexpaq	0:6c56fb4bc5f0	446	for( i = 0; i < padding_len; i++ )
nexpaq	0:6c56fb4bc5f0	447	output[data_len + i] = (unsigned char) padding_len;
nexpaq	0:6c56fb4bc5f0	448	}
nexpaq	0:6c56fb4bc5f0	449
nexpaq	0:6c56fb4bc5f0	450	static int get_pkcs_padding( unsigned char *input, size_t input_len,
nexpaq	0:6c56fb4bc5f0	451	size_t *data_len )
nexpaq	0:6c56fb4bc5f0	452	{
nexpaq	0:6c56fb4bc5f0	453	size_t i, pad_idx;
nexpaq	0:6c56fb4bc5f0	454	unsigned char padding_len, bad = 0;
nexpaq	0:6c56fb4bc5f0	455
nexpaq	0:6c56fb4bc5f0	456	if( NULL == input \|\| NULL == data_len )
nexpaq	0:6c56fb4bc5f0	457	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	458
nexpaq	0:6c56fb4bc5f0	459	padding_len = input[input_len - 1];
nexpaq	0:6c56fb4bc5f0	460	*data_len = input_len - padding_len;
nexpaq	0:6c56fb4bc5f0	461
nexpaq	0:6c56fb4bc5f0	462	/* Avoid logical \|\| since it results in a branch */
nexpaq	0:6c56fb4bc5f0	463	bad \|= padding_len > input_len;
nexpaq	0:6c56fb4bc5f0	464	bad \|= padding_len == 0;
nexpaq	0:6c56fb4bc5f0	465
nexpaq	0:6c56fb4bc5f0	466	/* The number of bytes checked must be independent of padding_len,
nexpaq	0:6c56fb4bc5f0	467	* so pick input_len, which is usually 8 or 16 (one block) */
nexpaq	0:6c56fb4bc5f0	468	pad_idx = input_len - padding_len;
nexpaq	0:6c56fb4bc5f0	469	for( i = 0; i < input_len; i++ )
nexpaq	0:6c56fb4bc5f0	470	bad \|= ( input[i] ^ padding_len ) * ( i >= pad_idx );
nexpaq	0:6c56fb4bc5f0	471
nexpaq	0:6c56fb4bc5f0	472	return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
nexpaq	0:6c56fb4bc5f0	473	}
nexpaq	0:6c56fb4bc5f0	474	#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
nexpaq	0:6c56fb4bc5f0	475
nexpaq	0:6c56fb4bc5f0	476	#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
nexpaq	0:6c56fb4bc5f0	477	/*
nexpaq	0:6c56fb4bc5f0	478	* One and zeros padding: fill with 80 00 ... 00
nexpaq	0:6c56fb4bc5f0	479	*/
nexpaq	0:6c56fb4bc5f0	480	static void add_one_and_zeros_padding( unsigned char *output,
nexpaq	0:6c56fb4bc5f0	481	size_t output_len, size_t data_len )
nexpaq	0:6c56fb4bc5f0	482	{
nexpaq	0:6c56fb4bc5f0	483	size_t padding_len = output_len - data_len;
nexpaq	0:6c56fb4bc5f0	484	unsigned char i = 0;
nexpaq	0:6c56fb4bc5f0	485
nexpaq	0:6c56fb4bc5f0	486	output[data_len] = 0x80;
nexpaq	0:6c56fb4bc5f0	487	for( i = 1; i < padding_len; i++ )
nexpaq	0:6c56fb4bc5f0	488	output[data_len + i] = 0x00;
nexpaq	0:6c56fb4bc5f0	489	}
nexpaq	0:6c56fb4bc5f0	490
nexpaq	0:6c56fb4bc5f0	491	static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
nexpaq	0:6c56fb4bc5f0	492	size_t *data_len )
nexpaq	0:6c56fb4bc5f0	493	{
nexpaq	0:6c56fb4bc5f0	494	size_t i;
nexpaq	0:6c56fb4bc5f0	495	unsigned char done = 0, prev_done, bad;
nexpaq	0:6c56fb4bc5f0	496
nexpaq	0:6c56fb4bc5f0	497	if( NULL == input \|\| NULL == data_len )
nexpaq	0:6c56fb4bc5f0	498	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	499
nexpaq	0:6c56fb4bc5f0	500	bad = 0xFF;
nexpaq	0:6c56fb4bc5f0	501	*data_len = 0;
nexpaq	0:6c56fb4bc5f0	502	for( i = input_len; i > 0; i-- )
nexpaq	0:6c56fb4bc5f0	503	{
nexpaq	0:6c56fb4bc5f0	504	prev_done = done;
nexpaq	0:6c56fb4bc5f0	505	done \|= ( input[i-1] != 0 );
nexpaq	0:6c56fb4bc5f0	506	data_len \|= ( i - 1 ) ( done != prev_done );
nexpaq	0:6c56fb4bc5f0	507	bad &= ( input[i-1] ^ 0x80 ) \| ( done == prev_done );
nexpaq	0:6c56fb4bc5f0	508	}
nexpaq	0:6c56fb4bc5f0	509
nexpaq	0:6c56fb4bc5f0	510	return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
nexpaq	0:6c56fb4bc5f0	511
nexpaq	0:6c56fb4bc5f0	512	}
nexpaq	0:6c56fb4bc5f0	513	#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
nexpaq	0:6c56fb4bc5f0	514
nexpaq	0:6c56fb4bc5f0	515	#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
nexpaq	0:6c56fb4bc5f0	516	/*
nexpaq	0:6c56fb4bc5f0	517	* Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
nexpaq	0:6c56fb4bc5f0	518	*/
nexpaq	0:6c56fb4bc5f0	519	static void add_zeros_and_len_padding( unsigned char *output,
nexpaq	0:6c56fb4bc5f0	520	size_t output_len, size_t data_len )
nexpaq	0:6c56fb4bc5f0	521	{
nexpaq	0:6c56fb4bc5f0	522	size_t padding_len = output_len - data_len;
nexpaq	0:6c56fb4bc5f0	523	unsigned char i = 0;
nexpaq	0:6c56fb4bc5f0	524
nexpaq	0:6c56fb4bc5f0	525	for( i = 1; i < padding_len; i++ )
nexpaq	0:6c56fb4bc5f0	526	output[data_len + i - 1] = 0x00;
nexpaq	0:6c56fb4bc5f0	527	output[output_len - 1] = (unsigned char) padding_len;
nexpaq	0:6c56fb4bc5f0	528	}
nexpaq	0:6c56fb4bc5f0	529
nexpaq	0:6c56fb4bc5f0	530	static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
nexpaq	0:6c56fb4bc5f0	531	size_t *data_len )
nexpaq	0:6c56fb4bc5f0	532	{
nexpaq	0:6c56fb4bc5f0	533	size_t i, pad_idx;
nexpaq	0:6c56fb4bc5f0	534	unsigned char padding_len, bad = 0;
nexpaq	0:6c56fb4bc5f0	535
nexpaq	0:6c56fb4bc5f0	536	if( NULL == input \|\| NULL == data_len )
nexpaq	0:6c56fb4bc5f0	537	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	538
nexpaq	0:6c56fb4bc5f0	539	padding_len = input[input_len - 1];
nexpaq	0:6c56fb4bc5f0	540	*data_len = input_len - padding_len;
nexpaq	0:6c56fb4bc5f0	541
nexpaq	0:6c56fb4bc5f0	542	/* Avoid logical \|\| since it results in a branch */
nexpaq	0:6c56fb4bc5f0	543	bad \|= padding_len > input_len;
nexpaq	0:6c56fb4bc5f0	544	bad \|= padding_len == 0;
nexpaq	0:6c56fb4bc5f0	545
nexpaq	0:6c56fb4bc5f0	546	/* The number of bytes checked must be independent of padding_len */
nexpaq	0:6c56fb4bc5f0	547	pad_idx = input_len - padding_len;
nexpaq	0:6c56fb4bc5f0	548	for( i = 0; i < input_len - 1; i++ )
nexpaq	0:6c56fb4bc5f0	549	bad \|= input[i] * ( i >= pad_idx );
nexpaq	0:6c56fb4bc5f0	550
nexpaq	0:6c56fb4bc5f0	551	return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
nexpaq	0:6c56fb4bc5f0	552	}
nexpaq	0:6c56fb4bc5f0	553	#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
nexpaq	0:6c56fb4bc5f0	554
nexpaq	0:6c56fb4bc5f0	555	#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
nexpaq	0:6c56fb4bc5f0	556	/*
nexpaq	0:6c56fb4bc5f0	557	* Zero padding: fill with 00 ... 00
nexpaq	0:6c56fb4bc5f0	558	*/
nexpaq	0:6c56fb4bc5f0	559	static void add_zeros_padding( unsigned char *output,
nexpaq	0:6c56fb4bc5f0	560	size_t output_len, size_t data_len )
nexpaq	0:6c56fb4bc5f0	561	{
nexpaq	0:6c56fb4bc5f0	562	size_t i;
nexpaq	0:6c56fb4bc5f0	563
nexpaq	0:6c56fb4bc5f0	564	for( i = data_len; i < output_len; i++ )
nexpaq	0:6c56fb4bc5f0	565	output[i] = 0x00;
nexpaq	0:6c56fb4bc5f0	566	}
nexpaq	0:6c56fb4bc5f0	567
nexpaq	0:6c56fb4bc5f0	568	static int get_zeros_padding( unsigned char *input, size_t input_len,
nexpaq	0:6c56fb4bc5f0	569	size_t *data_len )
nexpaq	0:6c56fb4bc5f0	570	{
nexpaq	0:6c56fb4bc5f0	571	size_t i;
nexpaq	0:6c56fb4bc5f0	572	unsigned char done = 0, prev_done;
nexpaq	0:6c56fb4bc5f0	573
nexpaq	0:6c56fb4bc5f0	574	if( NULL == input \|\| NULL == data_len )
nexpaq	0:6c56fb4bc5f0	575	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	576
nexpaq	0:6c56fb4bc5f0	577	*data_len = 0;
nexpaq	0:6c56fb4bc5f0	578	for( i = input_len; i > 0; i-- )
nexpaq	0:6c56fb4bc5f0	579	{
nexpaq	0:6c56fb4bc5f0	580	prev_done = done;
nexpaq	0:6c56fb4bc5f0	581	done \|= ( input[i-1] != 0 );
nexpaq	0:6c56fb4bc5f0	582	data_len \|= i ( done != prev_done );
nexpaq	0:6c56fb4bc5f0	583	}
nexpaq	0:6c56fb4bc5f0	584
nexpaq	0:6c56fb4bc5f0	585	return( 0 );
nexpaq	0:6c56fb4bc5f0	586	}
nexpaq	0:6c56fb4bc5f0	587	#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
nexpaq	0:6c56fb4bc5f0	588
nexpaq	0:6c56fb4bc5f0	589	/*
nexpaq	0:6c56fb4bc5f0	590	* No padding: don't pad :)
nexpaq	0:6c56fb4bc5f0	591	*
nexpaq	0:6c56fb4bc5f0	592	* There is no add_padding function (check for NULL in mbedtls_cipher_finish)
nexpaq	0:6c56fb4bc5f0	593	* but a trivial get_padding function
nexpaq	0:6c56fb4bc5f0	594	*/
nexpaq	0:6c56fb4bc5f0	595	static int get_no_padding( unsigned char *input, size_t input_len,
nexpaq	0:6c56fb4bc5f0	596	size_t *data_len )
nexpaq	0:6c56fb4bc5f0	597	{
nexpaq	0:6c56fb4bc5f0	598	if( NULL == input \|\| NULL == data_len )
nexpaq	0:6c56fb4bc5f0	599	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	600
nexpaq	0:6c56fb4bc5f0	601	*data_len = input_len;
nexpaq	0:6c56fb4bc5f0	602
nexpaq	0:6c56fb4bc5f0	603	return( 0 );
nexpaq	0:6c56fb4bc5f0	604	}
nexpaq	0:6c56fb4bc5f0	605	#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
nexpaq	0:6c56fb4bc5f0	606
nexpaq	0:6c56fb4bc5f0	607	int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	608	unsigned char output, size_t olen )
nexpaq	0:6c56fb4bc5f0	609	{
nexpaq	0:6c56fb4bc5f0	610	if( NULL == ctx \|\| NULL == ctx->cipher_info \|\| NULL == olen )
nexpaq	0:6c56fb4bc5f0	611	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	612
nexpaq	0:6c56fb4bc5f0	613	*olen = 0;
nexpaq	0:6c56fb4bc5f0	614
nexpaq	0:6c56fb4bc5f0	615	if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode \|\|
nexpaq	0:6c56fb4bc5f0	616	MBEDTLS_MODE_CTR == ctx->cipher_info->mode \|\|
nexpaq	0:6c56fb4bc5f0	617	MBEDTLS_MODE_GCM == ctx->cipher_info->mode \|\|
nexpaq	0:6c56fb4bc5f0	618	MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	619	{
nexpaq	0:6c56fb4bc5f0	620	return( 0 );
nexpaq	0:6c56fb4bc5f0	621	}
nexpaq	0:6c56fb4bc5f0	622
nexpaq	0:6c56fb4bc5f0	623	if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	624	{
nexpaq	0:6c56fb4bc5f0	625	if( ctx->unprocessed_len != 0 )
nexpaq	0:6c56fb4bc5f0	626	return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
nexpaq	0:6c56fb4bc5f0	627
nexpaq	0:6c56fb4bc5f0	628	return( 0 );
nexpaq	0:6c56fb4bc5f0	629	}
nexpaq	0:6c56fb4bc5f0	630
nexpaq	0:6c56fb4bc5f0	631	#if defined(MBEDTLS_CIPHER_MODE_CBC)
nexpaq	0:6c56fb4bc5f0	632	if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	633	{
nexpaq	0:6c56fb4bc5f0	634	int ret = 0;
nexpaq	0:6c56fb4bc5f0	635
nexpaq	0:6c56fb4bc5f0	636	if( MBEDTLS_ENCRYPT == ctx->operation )
nexpaq	0:6c56fb4bc5f0	637	{
nexpaq	0:6c56fb4bc5f0	638	/* check for 'no padding' mode */
nexpaq	0:6c56fb4bc5f0	639	if( NULL == ctx->add_padding )
nexpaq	0:6c56fb4bc5f0	640	{
nexpaq	0:6c56fb4bc5f0	641	if( 0 != ctx->unprocessed_len )
nexpaq	0:6c56fb4bc5f0	642	return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
nexpaq	0:6c56fb4bc5f0	643
nexpaq	0:6c56fb4bc5f0	644	return( 0 );
nexpaq	0:6c56fb4bc5f0	645	}
nexpaq	0:6c56fb4bc5f0	646
nexpaq	0:6c56fb4bc5f0	647	ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
nexpaq	0:6c56fb4bc5f0	648	ctx->unprocessed_len );
nexpaq	0:6c56fb4bc5f0	649	}
nexpaq	0:6c56fb4bc5f0	650	else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
nexpaq	0:6c56fb4bc5f0	651	{
nexpaq	0:6c56fb4bc5f0	652	/*
nexpaq	0:6c56fb4bc5f0	653	* For decrypt operations, expect a full block,
nexpaq	0:6c56fb4bc5f0	654	* or an empty block if no padding
nexpaq	0:6c56fb4bc5f0	655	*/
nexpaq	0:6c56fb4bc5f0	656	if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
nexpaq	0:6c56fb4bc5f0	657	return( 0 );
nexpaq	0:6c56fb4bc5f0	658
nexpaq	0:6c56fb4bc5f0	659	return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
nexpaq	0:6c56fb4bc5f0	660	}
nexpaq	0:6c56fb4bc5f0	661
nexpaq	0:6c56fb4bc5f0	662	/* cipher block */
nexpaq	0:6c56fb4bc5f0	663	if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	664	ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
nexpaq	0:6c56fb4bc5f0	665	ctx->unprocessed_data, output ) ) )
nexpaq	0:6c56fb4bc5f0	666	{
nexpaq	0:6c56fb4bc5f0	667	return( ret );
nexpaq	0:6c56fb4bc5f0	668	}
nexpaq	0:6c56fb4bc5f0	669
nexpaq	0:6c56fb4bc5f0	670	/* Set output size for decryption */
nexpaq	0:6c56fb4bc5f0	671	if( MBEDTLS_DECRYPT == ctx->operation )
nexpaq	0:6c56fb4bc5f0	672	return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
nexpaq	0:6c56fb4bc5f0	673	olen );
nexpaq	0:6c56fb4bc5f0	674
nexpaq	0:6c56fb4bc5f0	675	/* Set output size for encryption */
nexpaq	0:6c56fb4bc5f0	676	*olen = mbedtls_cipher_get_block_size( ctx );
nexpaq	0:6c56fb4bc5f0	677	return( 0 );
nexpaq	0:6c56fb4bc5f0	678	}
nexpaq	0:6c56fb4bc5f0	679	#else
nexpaq	0:6c56fb4bc5f0	680	((void) output);
nexpaq	0:6c56fb4bc5f0	681	#endif /* MBEDTLS_CIPHER_MODE_CBC */
nexpaq	0:6c56fb4bc5f0	682
nexpaq	0:6c56fb4bc5f0	683	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	684	}
nexpaq	0:6c56fb4bc5f0	685
nexpaq	0:6c56fb4bc5f0	686	#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
nexpaq	0:6c56fb4bc5f0	687	int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode )
nexpaq	0:6c56fb4bc5f0	688	{
nexpaq	0:6c56fb4bc5f0	689	if( NULL == ctx \|\|
nexpaq	0:6c56fb4bc5f0	690	MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	691	{
nexpaq	0:6c56fb4bc5f0	692	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	693	}
nexpaq	0:6c56fb4bc5f0	694
nexpaq	0:6c56fb4bc5f0	695	switch( mode )
nexpaq	0:6c56fb4bc5f0	696	{
nexpaq	0:6c56fb4bc5f0	697	#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
nexpaq	0:6c56fb4bc5f0	698	case MBEDTLS_PADDING_PKCS7:
nexpaq	0:6c56fb4bc5f0	699	ctx->add_padding = add_pkcs_padding;
nexpaq	0:6c56fb4bc5f0	700	ctx->get_padding = get_pkcs_padding;
nexpaq	0:6c56fb4bc5f0	701	break;
nexpaq	0:6c56fb4bc5f0	702	#endif
nexpaq	0:6c56fb4bc5f0	703	#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
nexpaq	0:6c56fb4bc5f0	704	case MBEDTLS_PADDING_ONE_AND_ZEROS:
nexpaq	0:6c56fb4bc5f0	705	ctx->add_padding = add_one_and_zeros_padding;
nexpaq	0:6c56fb4bc5f0	706	ctx->get_padding = get_one_and_zeros_padding;
nexpaq	0:6c56fb4bc5f0	707	break;
nexpaq	0:6c56fb4bc5f0	708	#endif
nexpaq	0:6c56fb4bc5f0	709	#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
nexpaq	0:6c56fb4bc5f0	710	case MBEDTLS_PADDING_ZEROS_AND_LEN:
nexpaq	0:6c56fb4bc5f0	711	ctx->add_padding = add_zeros_and_len_padding;
nexpaq	0:6c56fb4bc5f0	712	ctx->get_padding = get_zeros_and_len_padding;
nexpaq	0:6c56fb4bc5f0	713	break;
nexpaq	0:6c56fb4bc5f0	714	#endif
nexpaq	0:6c56fb4bc5f0	715	#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
nexpaq	0:6c56fb4bc5f0	716	case MBEDTLS_PADDING_ZEROS:
nexpaq	0:6c56fb4bc5f0	717	ctx->add_padding = add_zeros_padding;
nexpaq	0:6c56fb4bc5f0	718	ctx->get_padding = get_zeros_padding;
nexpaq	0:6c56fb4bc5f0	719	break;
nexpaq	0:6c56fb4bc5f0	720	#endif
nexpaq	0:6c56fb4bc5f0	721	case MBEDTLS_PADDING_NONE:
nexpaq	0:6c56fb4bc5f0	722	ctx->add_padding = NULL;
nexpaq	0:6c56fb4bc5f0	723	ctx->get_padding = get_no_padding;
nexpaq	0:6c56fb4bc5f0	724	break;
nexpaq	0:6c56fb4bc5f0	725
nexpaq	0:6c56fb4bc5f0	726	default:
nexpaq	0:6c56fb4bc5f0	727	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	728	}
nexpaq	0:6c56fb4bc5f0	729
nexpaq	0:6c56fb4bc5f0	730	return( 0 );
nexpaq	0:6c56fb4bc5f0	731	}
nexpaq	0:6c56fb4bc5f0	732	#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
nexpaq	0:6c56fb4bc5f0	733
nexpaq	0:6c56fb4bc5f0	734	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	735	int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	736	unsigned char *tag, size_t tag_len )
nexpaq	0:6c56fb4bc5f0	737	{
nexpaq	0:6c56fb4bc5f0	738	if( NULL == ctx \|\| NULL == ctx->cipher_info \|\| NULL == tag )
nexpaq	0:6c56fb4bc5f0	739	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	740
nexpaq	0:6c56fb4bc5f0	741	if( MBEDTLS_ENCRYPT != ctx->operation )
nexpaq	0:6c56fb4bc5f0	742	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	743
nexpaq	0:6c56fb4bc5f0	744	if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	745	return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
nexpaq	0:6c56fb4bc5f0	746
nexpaq	0:6c56fb4bc5f0	747	return( 0 );
nexpaq	0:6c56fb4bc5f0	748	}
nexpaq	0:6c56fb4bc5f0	749
nexpaq	0:6c56fb4bc5f0	750	int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	751	const unsigned char *tag, size_t tag_len )
nexpaq	0:6c56fb4bc5f0	752	{
nexpaq	0:6c56fb4bc5f0	753	int ret;
nexpaq	0:6c56fb4bc5f0	754
nexpaq	0:6c56fb4bc5f0	755	if( NULL == ctx \|\| NULL == ctx->cipher_info \|\|
nexpaq	0:6c56fb4bc5f0	756	MBEDTLS_DECRYPT != ctx->operation )
nexpaq	0:6c56fb4bc5f0	757	{
nexpaq	0:6c56fb4bc5f0	758	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	759	}
nexpaq	0:6c56fb4bc5f0	760
nexpaq	0:6c56fb4bc5f0	761	if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	762	{
nexpaq	0:6c56fb4bc5f0	763	unsigned char check_tag[16];
nexpaq	0:6c56fb4bc5f0	764	size_t i;
nexpaq	0:6c56fb4bc5f0	765	int diff;
nexpaq	0:6c56fb4bc5f0	766
nexpaq	0:6c56fb4bc5f0	767	if( tag_len > sizeof( check_tag ) )
nexpaq	0:6c56fb4bc5f0	768	return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	769
nexpaq	0:6c56fb4bc5f0	770	if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
nexpaq	0:6c56fb4bc5f0	771	check_tag, tag_len ) ) )
nexpaq	0:6c56fb4bc5f0	772	{
nexpaq	0:6c56fb4bc5f0	773	return( ret );
nexpaq	0:6c56fb4bc5f0	774	}
nexpaq	0:6c56fb4bc5f0	775
nexpaq	0:6c56fb4bc5f0	776	/* Check the tag in "constant-time" */
nexpaq	0:6c56fb4bc5f0	777	for( diff = 0, i = 0; i < tag_len; i++ )
nexpaq	0:6c56fb4bc5f0	778	diff \|= tag[i] ^ check_tag[i];
nexpaq	0:6c56fb4bc5f0	779
nexpaq	0:6c56fb4bc5f0	780	if( diff != 0 )
nexpaq	0:6c56fb4bc5f0	781	return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
nexpaq	0:6c56fb4bc5f0	782
nexpaq	0:6c56fb4bc5f0	783	return( 0 );
nexpaq	0:6c56fb4bc5f0	784	}
nexpaq	0:6c56fb4bc5f0	785
nexpaq	0:6c56fb4bc5f0	786	return( 0 );
nexpaq	0:6c56fb4bc5f0	787	}
nexpaq	0:6c56fb4bc5f0	788	#endif /* MBEDTLS_GCM_C */
nexpaq	0:6c56fb4bc5f0	789
nexpaq	0:6c56fb4bc5f0	790	/*
nexpaq	0:6c56fb4bc5f0	791	* Packet-oriented wrapper for non-AEAD modes
nexpaq	0:6c56fb4bc5f0	792	*/
nexpaq	0:6c56fb4bc5f0	793	int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	794	const unsigned char *iv, size_t iv_len,
nexpaq	0:6c56fb4bc5f0	795	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	796	unsigned char output, size_t olen )
nexpaq	0:6c56fb4bc5f0	797	{
nexpaq	0:6c56fb4bc5f0	798	int ret;
nexpaq	0:6c56fb4bc5f0	799	size_t finish_olen;
nexpaq	0:6c56fb4bc5f0	800
nexpaq	0:6c56fb4bc5f0	801	if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	802	return( ret );
nexpaq	0:6c56fb4bc5f0	803
nexpaq	0:6c56fb4bc5f0	804	if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	805	return( ret );
nexpaq	0:6c56fb4bc5f0	806
nexpaq	0:6c56fb4bc5f0	807	if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	808	return( ret );
nexpaq	0:6c56fb4bc5f0	809
nexpaq	0:6c56fb4bc5f0	810	if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	811	return( ret );
nexpaq	0:6c56fb4bc5f0	812
nexpaq	0:6c56fb4bc5f0	813	*olen += finish_olen;
nexpaq	0:6c56fb4bc5f0	814
nexpaq	0:6c56fb4bc5f0	815	return( 0 );
nexpaq	0:6c56fb4bc5f0	816	}
nexpaq	0:6c56fb4bc5f0	817
nexpaq	0:6c56fb4bc5f0	818	#if defined(MBEDTLS_CIPHER_MODE_AEAD)
nexpaq	0:6c56fb4bc5f0	819	/*
nexpaq	0:6c56fb4bc5f0	820	* Packet-oriented encryption for AEAD modes
nexpaq	0:6c56fb4bc5f0	821	*/
nexpaq	0:6c56fb4bc5f0	822	int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	823	const unsigned char *iv, size_t iv_len,
nexpaq	0:6c56fb4bc5f0	824	const unsigned char *ad, size_t ad_len,
nexpaq	0:6c56fb4bc5f0	825	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	826	unsigned char output, size_t olen,
nexpaq	0:6c56fb4bc5f0	827	unsigned char *tag, size_t tag_len )
nexpaq	0:6c56fb4bc5f0	828	{
nexpaq	0:6c56fb4bc5f0	829	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	830	if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	831	{
nexpaq	0:6c56fb4bc5f0	832	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	833	return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
nexpaq	0:6c56fb4bc5f0	834	iv, iv_len, ad, ad_len, input, output,
nexpaq	0:6c56fb4bc5f0	835	tag_len, tag ) );
nexpaq	0:6c56fb4bc5f0	836	}
nexpaq	0:6c56fb4bc5f0	837	#endif /* MBEDTLS_GCM_C */
nexpaq	0:6c56fb4bc5f0	838	#if defined(MBEDTLS_CCM_C)
nexpaq	0:6c56fb4bc5f0	839	if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	840	{
nexpaq	0:6c56fb4bc5f0	841	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	842	return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
nexpaq	0:6c56fb4bc5f0	843	iv, iv_len, ad, ad_len, input, output,
nexpaq	0:6c56fb4bc5f0	844	tag, tag_len ) );
nexpaq	0:6c56fb4bc5f0	845	}
nexpaq	0:6c56fb4bc5f0	846	#endif /* MBEDTLS_CCM_C */
nexpaq	0:6c56fb4bc5f0	847
nexpaq	0:6c56fb4bc5f0	848	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	849	}
nexpaq	0:6c56fb4bc5f0	850
nexpaq	0:6c56fb4bc5f0	851	/*
nexpaq	0:6c56fb4bc5f0	852	* Packet-oriented decryption for AEAD modes
nexpaq	0:6c56fb4bc5f0	853	*/
nexpaq	0:6c56fb4bc5f0	854	int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
nexpaq	0:6c56fb4bc5f0	855	const unsigned char *iv, size_t iv_len,
nexpaq	0:6c56fb4bc5f0	856	const unsigned char *ad, size_t ad_len,
nexpaq	0:6c56fb4bc5f0	857	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	858	unsigned char output, size_t olen,
nexpaq	0:6c56fb4bc5f0	859	const unsigned char *tag, size_t tag_len )
nexpaq	0:6c56fb4bc5f0	860	{
nexpaq	0:6c56fb4bc5f0	861	#if defined(MBEDTLS_GCM_C)
nexpaq	0:6c56fb4bc5f0	862	if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	863	{
nexpaq	0:6c56fb4bc5f0	864	int ret;
nexpaq	0:6c56fb4bc5f0	865
nexpaq	0:6c56fb4bc5f0	866	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	867	ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
nexpaq	0:6c56fb4bc5f0	868	iv, iv_len, ad, ad_len,
nexpaq	0:6c56fb4bc5f0	869	tag, tag_len, input, output );
nexpaq	0:6c56fb4bc5f0	870
nexpaq	0:6c56fb4bc5f0	871	if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED )
nexpaq	0:6c56fb4bc5f0	872	ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
nexpaq	0:6c56fb4bc5f0	873
nexpaq	0:6c56fb4bc5f0	874	return( ret );
nexpaq	0:6c56fb4bc5f0	875	}
nexpaq	0:6c56fb4bc5f0	876	#endif /* MBEDTLS_GCM_C */
nexpaq	0:6c56fb4bc5f0	877	#if defined(MBEDTLS_CCM_C)
nexpaq	0:6c56fb4bc5f0	878	if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
nexpaq	0:6c56fb4bc5f0	879	{
nexpaq	0:6c56fb4bc5f0	880	int ret;
nexpaq	0:6c56fb4bc5f0	881
nexpaq	0:6c56fb4bc5f0	882	*olen = ilen;
nexpaq	0:6c56fb4bc5f0	883	ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
nexpaq	0:6c56fb4bc5f0	884	iv, iv_len, ad, ad_len,
nexpaq	0:6c56fb4bc5f0	885	input, output, tag, tag_len );
nexpaq	0:6c56fb4bc5f0	886
nexpaq	0:6c56fb4bc5f0	887	if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
nexpaq	0:6c56fb4bc5f0	888	ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
nexpaq	0:6c56fb4bc5f0	889
nexpaq	0:6c56fb4bc5f0	890	return( ret );
nexpaq	0:6c56fb4bc5f0	891	}
nexpaq	0:6c56fb4bc5f0	892	#endif /* MBEDTLS_CCM_C */
nexpaq	0:6c56fb4bc5f0	893
nexpaq	0:6c56fb4bc5f0	894	return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
nexpaq	0:6c56fb4bc5f0	895	}
nexpaq	0:6c56fb4bc5f0	896	#endif /* MBEDTLS_CIPHER_MODE_AEAD */
nexpaq	0:6c56fb4bc5f0	897
nexpaq	0:6c56fb4bc5f0	898	#endif /* MBEDTLS_CIPHER_C */

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	04 Nov 2016
Imports:	5
Forks:	0
Commits:	2
Dependents:	0
Dependencies:	0
Followers:	1

This repository is Public (Unlisted).

features/mbedtls/src/cipher.c@1:d96dbedaebdb, 2016-11-04 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning