00001
00030 #include "polarssl/config.h"
00031
00032 #if defined(POLARSSL_CIPHER_C)
00033
00034 #include "polarssl/cipher.h"
00035 #include "polarssl/cipher_wrap.h"
00036
00037 #if defined(POLARSSL_GCM_C)
00038 #include "polarssl/gcm.h"
00039 #endif
00040
00041 #include <stdlib.h>
00042
00043 #if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
00044 #define POLARSSL_CIPHER_MODE_STREAM
00045 #endif
00046
00047 #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
00048 !defined(EFI32)
00049 #define strcasecmp _stricmp
00050 #endif
00051
00052 static int supported_init = 0;
00053
00054 const int *cipher_list( void )
00055 {
00056 const cipher_definition_t *def;
00057 int *type;
00058
00059 if( ! supported_init )
00060 {
00061 def = cipher_definitions;
00062 type = supported_ciphers;
00063
00064 while( def->type != 0 )
00065 *type++ = (*def++).type;
00066
00067 *type = 0;
00068
00069 supported_init = 1;
00070 }
00071
00072 return supported_ciphers;
00073 }
00074
00075 const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
00076 {
00077 const cipher_definition_t *def;
00078
00079 for( def = cipher_definitions; def->info != NULL; def++ )
00080 if( def->type == cipher_type )
00081 return( def->info );
00082
00083 return NULL;
00084 }
00085
00086 const cipher_info_t *cipher_info_from_string( const char *cipher_name )
00087 {
00088 const cipher_definition_t *def;
00089
00090 if( NULL == cipher_name )
00091 return NULL;
00092
00093 for( def = cipher_definitions; def->info != NULL; def++ )
00094 if( ! strcasecmp( def->info->name, cipher_name ) )
00095 return( def->info );
00096
00097 return NULL;
00098 }
00099
00100 const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
00101 int key_length,
00102 const cipher_mode_t mode )
00103 {
00104 const cipher_definition_t *def;
00105
00106 for( def = cipher_definitions; def->info != NULL; def++ )
00107 if( def->info->base->cipher == cipher_id &&
00108 def->info->key_length == (unsigned) key_length &&
00109 def->info->mode == mode )
00110 return( def->info );
00111
00112 return NULL;
00113 }
00114
00115 int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
00116 {
00117 if( NULL == cipher_info || NULL == ctx )
00118 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00119
00120 memset( ctx, 0, sizeof( cipher_context_t ) );
00121
00122 if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
00123 return POLARSSL_ERR_CIPHER_ALLOC_FAILED;
00124
00125 ctx->cipher_info = cipher_info;
00126
00127 #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
00128
00129
00130
00131 #if defined(POLARSSL_CIPHER_PADDING_PKCS7)
00132 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 );
00133 #else
00134 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE );
00135 #endif
00136 #endif
00137
00138 return 0;
00139 }
00140
00141 int cipher_free_ctx( cipher_context_t *ctx )
00142 {
00143 if( ctx == NULL || ctx->cipher_info == NULL )
00144 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00145
00146 ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
00147
00148 return 0;
00149 }
00150
00151 int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
00152 int key_length, const operation_t operation )
00153 {
00154 if( NULL == ctx || NULL == ctx->cipher_info )
00155 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00156
00157 if( (int) ctx->cipher_info->key_length != key_length )
00158 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00159
00160 ctx->key_length = key_length;
00161 ctx->operation = operation;
00162
00163
00164
00165
00166 if( POLARSSL_ENCRYPT == operation ||
00167 POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
00168 POLARSSL_MODE_CTR == ctx->cipher_info->mode )
00169 {
00170 return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
00171 ctx->key_length );
00172 }
00173
00174 if( POLARSSL_DECRYPT == operation )
00175 return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
00176 ctx->key_length );
00177
00178 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00179 }
00180
00181 int cipher_set_iv( cipher_context_t *ctx,
00182 const unsigned char *iv, size_t iv_len )
00183 {
00184 size_t actual_iv_size;
00185
00186 if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
00187 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00188
00189
00190 if( iv_len > POLARSSL_MAX_IV_LENGTH )
00191 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
00192
00193 if( ctx->cipher_info->accepts_variable_iv_size )
00194 actual_iv_size = iv_len;
00195 else
00196 {
00197 actual_iv_size = ctx->cipher_info->iv_size;
00198
00199
00200 if( actual_iv_size > iv_len )
00201 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00202 }
00203
00204 memcpy( ctx->iv, iv, actual_iv_size );
00205 ctx->iv_size = actual_iv_size;
00206
00207 return 0;
00208 }
00209
00210 int cipher_reset( cipher_context_t *ctx )
00211 {
00212 if( NULL == ctx || NULL == ctx->cipher_info )
00213 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00214
00215 ctx->unprocessed_len = 0;
00216
00217 return 0;
00218 }
00219
00220 #if defined(POLARSSL_CIPHER_MODE_AEAD)
00221 int cipher_update_ad( cipher_context_t *ctx,
00222 const unsigned char *ad, size_t ad_len )
00223 {
00224 if( NULL == ctx || NULL == ctx->cipher_info )
00225 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00226
00227 #if defined(POLARSSL_GCM_C)
00228 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
00229 {
00230 return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
00231 ctx->iv, ctx->iv_size, ad, ad_len );
00232 }
00233 #endif
00234
00235 return 0;
00236 }
00237 #endif
00238
00239 int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
00240 unsigned char *output, size_t *olen )
00241 {
00242 int ret;
00243
00244 *olen = 0;
00245
00246 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
00247 {
00248 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00249 }
00250
00251 if( ctx->cipher_info->mode == POLARSSL_MODE_ECB )
00252 {
00253 if( ilen != cipher_get_block_size( ctx ) )
00254 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
00255
00256 *olen = ilen;
00257
00258 if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
00259 ctx->operation, input, output ) ) )
00260 {
00261 return ret;
00262 }
00263
00264 return 0;
00265 }
00266
00267 #if defined(POLARSSL_GCM_C)
00268 if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
00269 {
00270 *olen = ilen;
00271 return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input,
00272 output );
00273 }
00274 #endif
00275
00276 if( input == output &&
00277 ( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) )
00278 {
00279 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00280 }
00281
00282 #if defined(POLARSSL_CIPHER_MODE_CBC)
00283 if( ctx->cipher_info->mode == POLARSSL_MODE_CBC )
00284 {
00285 size_t copy_len = 0;
00286
00287
00288
00289
00290 if( ( ctx->operation == POLARSSL_DECRYPT &&
00291 ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
00292 ( ctx->operation == POLARSSL_ENCRYPT &&
00293 ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
00294 {
00295 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
00296 ilen );
00297
00298 ctx->unprocessed_len += ilen;
00299 return 0;
00300 }
00301
00302
00303
00304
00305 if( ctx->unprocessed_len != 0 )
00306 {
00307 copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len;
00308
00309 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
00310 copy_len );
00311
00312 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
00313 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
00314 ctx->unprocessed_data, output ) ) )
00315 {
00316 return ret;
00317 }
00318
00319 *olen += cipher_get_block_size( ctx );
00320 output += cipher_get_block_size( ctx );
00321 ctx->unprocessed_len = 0;
00322
00323 input += copy_len;
00324 ilen -= copy_len;
00325 }
00326
00327
00328
00329
00330 if( 0 != ilen )
00331 {
00332 copy_len = ilen % cipher_get_block_size( ctx );
00333 if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT )
00334 copy_len = cipher_get_block_size(ctx);
00335
00336 memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
00337 copy_len );
00338
00339 ctx->unprocessed_len += copy_len;
00340 ilen -= copy_len;
00341 }
00342
00343
00344
00345
00346 if( ilen )
00347 {
00348 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
00349 ctx->operation, ilen, ctx->iv, input, output ) ) )
00350 {
00351 return ret;
00352 }
00353
00354 *olen += ilen;
00355 }
00356
00357 return 0;
00358 }
00359 #endif
00360
00361 #if defined(POLARSSL_CIPHER_MODE_CFB)
00362 if( ctx->cipher_info->mode == POLARSSL_MODE_CFB )
00363 {
00364 if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
00365 ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
00366 input, output ) ) )
00367 {
00368 return ret;
00369 }
00370
00371 *olen = ilen;
00372
00373 return 0;
00374 }
00375 #endif
00376
00377 #if defined(POLARSSL_CIPHER_MODE_CTR)
00378 if( ctx->cipher_info->mode == POLARSSL_MODE_CTR )
00379 {
00380 if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
00381 ilen, &ctx->unprocessed_len, ctx->iv,
00382 ctx->unprocessed_data, input, output ) ) )
00383 {
00384 return ret;
00385 }
00386
00387 *olen = ilen;
00388
00389 return 0;
00390 }
00391 #endif
00392
00393 #if defined(POLARSSL_CIPHER_MODE_STREAM)
00394 if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM )
00395 {
00396 if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
00397 ilen, input, output ) ) )
00398 {
00399 return ret;
00400 }
00401
00402 *olen = ilen;
00403
00404 return 0;
00405 }
00406 #endif
00407
00408 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
00409 }
00410
00411 #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
00412 #if defined(POLARSSL_CIPHER_PADDING_PKCS7)
00413
00414
00415
00416 static void add_pkcs_padding( unsigned char *output, size_t output_len,
00417 size_t data_len )
00418 {
00419 size_t padding_len = output_len - data_len;
00420 unsigned char i;
00421
00422 for( i = 0; i < padding_len; i++ )
00423 output[data_len + i] = (unsigned char) padding_len;
00424 }
00425
00426 static int get_pkcs_padding( unsigned char *input, size_t input_len,
00427 size_t *data_len )
00428 {
00429 size_t i, pad_idx;
00430 unsigned char padding_len, bad = 0;
00431
00432 if( NULL == input || NULL == data_len )
00433 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00434
00435 padding_len = input[input_len - 1];
00436 *data_len = input_len - padding_len;
00437
00438
00439 bad |= padding_len > input_len;
00440 bad |= padding_len == 0;
00441
00442
00443
00444 pad_idx = input_len - padding_len;
00445 for( i = 0; i < input_len; i++ )
00446 bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
00447
00448 return POLARSSL_ERR_CIPHER_INVALID_PADDING * (bad != 0);
00449 }
00450 #endif
00451
00452 #if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
00453
00454
00455
00456 static void add_one_and_zeros_padding( unsigned char *output,
00457 size_t output_len, size_t data_len )
00458 {
00459 size_t padding_len = output_len - data_len;
00460 unsigned char i = 0;
00461
00462 output[data_len] = 0x80;
00463 for( i = 1; i < padding_len; i++ )
00464 output[data_len + i] = 0x00;
00465 }
00466
00467 static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
00468 size_t *data_len )
00469 {
00470 size_t i;
00471 unsigned char done = 0, prev_done, bad;
00472
00473 if( NULL == input || NULL == data_len )
00474 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00475
00476 bad = 0xFF;
00477 *data_len = 0;
00478 for( i = input_len; i > 0; i-- )
00479 {
00480 prev_done = done;
00481 done |= ( input[i-1] != 0 );
00482 *data_len |= ( i - 1 ) * ( done != prev_done );
00483 bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
00484 }
00485
00486 return POLARSSL_ERR_CIPHER_INVALID_PADDING * (bad != 0);
00487
00488 }
00489 #endif
00490
00491 #if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
00492
00493
00494
00495 static void add_zeros_and_len_padding( unsigned char *output,
00496 size_t output_len, size_t data_len )
00497 {
00498 size_t padding_len = output_len - data_len;
00499 unsigned char i = 0;
00500
00501 for( i = 1; i < padding_len; i++ )
00502 output[data_len + i - 1] = 0x00;
00503 output[output_len - 1] = (unsigned char) padding_len;
00504 }
00505
00506 static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
00507 size_t *data_len )
00508 {
00509 size_t i, pad_idx;
00510 unsigned char padding_len, bad = 0;
00511
00512 if( NULL == input || NULL == data_len )
00513 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00514
00515 padding_len = input[input_len - 1];
00516 *data_len = input_len - padding_len;
00517
00518
00519 bad |= padding_len > input_len;
00520 bad |= padding_len == 0;
00521
00522
00523 pad_idx = input_len - padding_len;
00524 for( i = 0; i < input_len - 1; i++ )
00525 bad |= input[i] * ( i >= pad_idx );
00526
00527 return POLARSSL_ERR_CIPHER_INVALID_PADDING * (bad != 0);
00528 }
00529 #endif
00530
00531 #if defined(POLARSSL_CIPHER_PADDING_ZEROS)
00532
00533
00534
00535 static void add_zeros_padding( unsigned char *output,
00536 size_t output_len, size_t data_len )
00537 {
00538 size_t i;
00539
00540 for( i = data_len; i < output_len; i++ )
00541 output[i] = 0x00;
00542 }
00543
00544 static int get_zeros_padding( unsigned char *input, size_t input_len,
00545 size_t *data_len )
00546 {
00547 size_t i;
00548 unsigned char done = 0, prev_done;
00549
00550 if( NULL == input || NULL == data_len )
00551 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00552
00553 *data_len = 0;
00554 for( i = input_len; i > 0; i-- )
00555 {
00556 prev_done = done;
00557 done |= ( input[i-1] != 0 );
00558 *data_len |= i * ( done != prev_done );
00559 }
00560
00561 return 0;
00562 }
00563 #endif
00564
00565
00566
00567
00568
00569
00570
00571 static int get_no_padding( unsigned char *input, size_t input_len,
00572 size_t *data_len )
00573 {
00574 if( NULL == input || NULL == data_len )
00575 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00576
00577 *data_len = input_len;
00578
00579 return 0;
00580 }
00581 #endif
00582
00583 int cipher_finish( cipher_context_t *ctx,
00584 unsigned char *output, size_t *olen )
00585 {
00586 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
00587 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00588
00589 *olen = 0;
00590
00591 if( POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
00592 POLARSSL_MODE_CTR == ctx->cipher_info->mode ||
00593 POLARSSL_MODE_GCM == ctx->cipher_info->mode ||
00594 POLARSSL_MODE_STREAM == ctx->cipher_info->mode )
00595 {
00596 return 0;
00597 }
00598
00599 if( POLARSSL_MODE_ECB == ctx->cipher_info->mode )
00600 {
00601 if( ctx->unprocessed_len != 0 )
00602 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
00603
00604 return 0;
00605 }
00606
00607 #if defined(POLARSSL_CIPHER_MODE_CBC)
00608 if( POLARSSL_MODE_CBC == ctx->cipher_info->mode )
00609 {
00610 int ret = 0;
00611
00612 if( POLARSSL_ENCRYPT == ctx->operation )
00613 {
00614
00615 if( NULL == ctx->add_padding )
00616 {
00617 if( 0 != ctx->unprocessed_len )
00618 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
00619
00620 return 0;
00621 }
00622
00623 ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ),
00624 ctx->unprocessed_len );
00625 }
00626 else if ( cipher_get_block_size( ctx ) != ctx->unprocessed_len )
00627 {
00628
00629
00630
00631
00632 if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
00633 return 0;
00634
00635 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
00636 }
00637
00638
00639 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
00640 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
00641 ctx->unprocessed_data, output ) ) )
00642 {
00643 return ret;
00644 }
00645
00646
00647 if( POLARSSL_DECRYPT == ctx->operation )
00648 return ctx->get_padding( output, cipher_get_block_size( ctx ),
00649 olen );
00650
00651
00652 *olen = cipher_get_block_size( ctx );
00653 return 0;
00654 }
00655 #else
00656 ((void) output);
00657 #endif
00658
00659 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
00660 }
00661
00662 #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
00663 int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
00664 {
00665 if( NULL == ctx ||
00666 POLARSSL_MODE_CBC != ctx->cipher_info->mode )
00667 {
00668 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00669 }
00670
00671 switch( mode )
00672 {
00673 #if defined(POLARSSL_CIPHER_PADDING_PKCS7)
00674 case POLARSSL_PADDING_PKCS7:
00675 ctx->add_padding = add_pkcs_padding;
00676 ctx->get_padding = get_pkcs_padding;
00677 break;
00678 #endif
00679 #if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
00680 case POLARSSL_PADDING_ONE_AND_ZEROS:
00681 ctx->add_padding = add_one_and_zeros_padding;
00682 ctx->get_padding = get_one_and_zeros_padding;
00683 break;
00684 #endif
00685 #if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
00686 case POLARSSL_PADDING_ZEROS_AND_LEN:
00687 ctx->add_padding = add_zeros_and_len_padding;
00688 ctx->get_padding = get_zeros_and_len_padding;
00689 break;
00690 #endif
00691 #if defined(POLARSSL_CIPHER_PADDING_ZEROS)
00692 case POLARSSL_PADDING_ZEROS:
00693 ctx->add_padding = add_zeros_padding;
00694 ctx->get_padding = get_zeros_padding;
00695 break;
00696 #endif
00697 case POLARSSL_PADDING_NONE:
00698 ctx->add_padding = NULL;
00699 ctx->get_padding = get_no_padding;
00700 break;
00701
00702 default:
00703 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
00704 }
00705
00706 return 0;
00707 }
00708 #endif
00709
00710 #if defined(POLARSSL_CIPHER_MODE_AEAD)
00711 int cipher_write_tag( cipher_context_t *ctx,
00712 unsigned char *tag, size_t tag_len )
00713 {
00714 if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
00715 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00716
00717 if( POLARSSL_ENCRYPT != ctx->operation )
00718 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00719
00720 #if defined(POLARSSL_GCM_C)
00721 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
00722 return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
00723 #endif
00724
00725 return 0;
00726 }
00727
00728 int cipher_check_tag( cipher_context_t *ctx,
00729 const unsigned char *tag, size_t tag_len )
00730 {
00731 int ret;
00732
00733 if( NULL == ctx || NULL == ctx->cipher_info ||
00734 POLARSSL_DECRYPT != ctx->operation )
00735 {
00736 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00737 }
00738
00739 #if defined(POLARSSL_GCM_C)
00740 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
00741 {
00742 unsigned char check_tag[16];
00743 size_t i;
00744 int diff;
00745
00746 if( tag_len > sizeof( check_tag ) )
00747 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
00748
00749 if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx,
00750 check_tag, tag_len ) ) )
00751 {
00752 return( ret );
00753 }
00754
00755
00756 for( diff = 0, i = 0; i < tag_len; i++ )
00757 diff |= tag[i] ^ check_tag[i];
00758
00759 if( diff != 0 )
00760 return( POLARSSL_ERR_CIPHER_AUTH_FAILED );
00761
00762 return( 0 );
00763 }
00764 #endif
00765
00766 return( 0 );
00767 }
00768 #endif
00769
00770 #if defined(POLARSSL_SELF_TEST)
00771
00772 #include <stdio.h>
00773
00774 #define ASSERT(x) if (!(x)) { \
00775 printf( "failed with %i at %s\n", value, (#x) ); \
00776 return( 1 ); \
00777 }
00778
00779
00780
00781
00782 int cipher_self_test( int verbose )
00783 {
00784 ((void) verbose);
00785
00786 return( 0 );
00787 }
00788
00789 #endif
00790
00791 #endif