1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis */
2 /* SPDX-License-Identifier: Unlicense */
3
4 /**
5 @file ocb3_add_aad.c
6 OCB implementation, add AAD data, by Karel Miko
7 */
8 #include "tomcrypt_private.h"
9
10 #ifdef LTC_OCB3_MODE
11
12 /**
13 Add one block of AAD data (internal function)
14 @param ocb The OCB state
15 @param aad_block [in] AAD data (block_len size)
16 @return CRYPT_OK if successful
17 */
s_ocb3_int_aad_add_block(ocb3_state * ocb,const unsigned char * aad_block)18 static int s_ocb3_int_aad_add_block(ocb3_state *ocb, const unsigned char *aad_block)
19 {
20 unsigned char tmp[MAXBLOCKSIZE];
21 int err;
22
23 /* Offset_i = Offset_{i-1} xor L_{ntz(i)} */
24 ocb3_int_xor_blocks(ocb->aOffset_current, ocb->aOffset_current, ocb->L_[ocb3_int_ntz(ocb->ablock_index)], ocb->block_len);
25
26 /* Sum_i = Sum_{i-1} xor ENCIPHER(K, A_i xor Offset_i) */
27 ocb3_int_xor_blocks(tmp, aad_block, ocb->aOffset_current, ocb->block_len);
28 if ((err = cipher_descriptor[ocb->cipher]->ecb_encrypt(tmp, tmp, &ocb->key)) != CRYPT_OK) {
29 return err;
30 }
31 ocb3_int_xor_blocks(ocb->aSum_current, ocb->aSum_current, tmp, ocb->block_len);
32
33 ocb->ablock_index++;
34
35 return CRYPT_OK;
36 }
37
38 /**
39 Add AAD - additional associated data
40 @param ocb The OCB state
41 @param aad The AAD data
42 @param aadlen The size of AAD data (octets)
43 @return CRYPT_OK if successful
44 */
ocb3_add_aad(ocb3_state * ocb,const unsigned char * aad,unsigned long aadlen)45 int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen)
46 {
47 int err, x, full_blocks, full_blocks_len, last_block_len;
48 unsigned char *data;
49 unsigned long datalen, l;
50
51 LTC_ARGCHK(ocb != NULL);
52 if (aadlen == 0) return CRYPT_OK;
53 LTC_ARGCHK(aad != NULL);
54
55 if (ocb->adata_buffer_bytes > 0) {
56 l = ocb->block_len - ocb->adata_buffer_bytes;
57 if (l > aadlen) l = aadlen;
58 XMEMCPY(ocb->adata_buffer+ocb->adata_buffer_bytes, aad, l);
59 ocb->adata_buffer_bytes += l;
60
61 if (ocb->adata_buffer_bytes == ocb->block_len) {
62 if ((err = s_ocb3_int_aad_add_block(ocb, ocb->adata_buffer)) != CRYPT_OK) {
63 return err;
64 }
65 ocb->adata_buffer_bytes = 0;
66 }
67
68 data = (unsigned char *)aad + l;
69 datalen = aadlen - l;
70 }
71 else {
72 data = (unsigned char *)aad;
73 datalen = aadlen;
74 }
75
76 if (datalen == 0) return CRYPT_OK;
77
78 full_blocks = datalen/ocb->block_len;
79 full_blocks_len = full_blocks * ocb->block_len;
80 last_block_len = datalen - full_blocks_len;
81
82 for (x=0; x<full_blocks; x++) {
83 if ((err = s_ocb3_int_aad_add_block(ocb, data+x*ocb->block_len)) != CRYPT_OK) {
84 return err;
85 }
86 }
87
88 if (last_block_len>0) {
89 XMEMCPY(ocb->adata_buffer, data+full_blocks_len, last_block_len);
90 ocb->adata_buffer_bytes = last_block_len;
91 }
92
93 return CRYPT_OK;
94 }
95
96 #endif
97