/src/botan/src/lib/mac/cmac/cmac.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * CMAC |
3 | | * (C) 1999-2007,2014 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/cmac.h> |
9 | | #include <botan/exceptn.h> |
10 | | #include <botan/internal/poly_dbl.h> |
11 | | |
12 | | namespace Botan { |
13 | | |
14 | | /* |
15 | | * Update an CMAC Calculation |
16 | | */ |
17 | | void CMAC::add_data(const uint8_t input[], size_t length) |
18 | 0 | { |
19 | 0 | const size_t bs = output_length(); |
20 | |
|
21 | 0 | buffer_insert(m_buffer, m_position, input, length); |
22 | 0 | if(m_position + length > bs) |
23 | 0 | { |
24 | 0 | xor_buf(m_state, m_buffer, bs); |
25 | 0 | m_cipher->encrypt(m_state); |
26 | 0 | input += (bs - m_position); |
27 | 0 | length -= (bs - m_position); |
28 | 0 | while(length > bs) |
29 | 0 | { |
30 | 0 | xor_buf(m_state, input, bs); |
31 | 0 | m_cipher->encrypt(m_state); |
32 | 0 | input += bs; |
33 | 0 | length -= bs; |
34 | 0 | } |
35 | 0 | copy_mem(m_buffer.data(), input, length); |
36 | 0 | m_position = 0; |
37 | 0 | } |
38 | 0 | m_position += length; |
39 | 0 | } |
40 | | |
41 | | /* |
42 | | * Finalize an CMAC Calculation |
43 | | */ |
44 | | void CMAC::final_result(uint8_t mac[]) |
45 | 0 | { |
46 | 0 | xor_buf(m_state, m_buffer, m_position); |
47 | |
|
48 | 0 | if(m_position == output_length()) |
49 | 0 | { |
50 | 0 | xor_buf(m_state, m_B, output_length()); |
51 | 0 | } |
52 | 0 | else |
53 | 0 | { |
54 | 0 | m_state[m_position] ^= 0x80; |
55 | 0 | xor_buf(m_state, m_P, output_length()); |
56 | 0 | } |
57 | |
|
58 | 0 | m_cipher->encrypt(m_state); |
59 | |
|
60 | 0 | copy_mem(mac, m_state.data(), output_length()); |
61 | |
|
62 | 0 | zeroise(m_state); |
63 | 0 | zeroise(m_buffer); |
64 | 0 | m_position = 0; |
65 | 0 | } |
66 | | |
67 | | /* |
68 | | * CMAC Key Schedule |
69 | | */ |
70 | | void CMAC::key_schedule(const uint8_t key[], size_t length) |
71 | 0 | { |
72 | 0 | clear(); |
73 | 0 | m_cipher->set_key(key, length); |
74 | 0 | m_cipher->encrypt(m_B); |
75 | 0 | poly_double_n(m_B.data(), m_B.size()); |
76 | 0 | poly_double_n(m_P.data(), m_B.data(), m_P.size()); |
77 | 0 | } |
78 | | |
79 | | /* |
80 | | * Clear memory of sensitive data |
81 | | */ |
82 | | void CMAC::clear() |
83 | 0 | { |
84 | 0 | m_cipher->clear(); |
85 | 0 | zeroise(m_state); |
86 | 0 | zeroise(m_buffer); |
87 | 0 | zeroise(m_B); |
88 | 0 | zeroise(m_P); |
89 | 0 | m_position = 0; |
90 | 0 | } |
91 | | |
92 | | /* |
93 | | * Return the name of this type |
94 | | */ |
95 | | std::string CMAC::name() const |
96 | 0 | { |
97 | 0 | return "CMAC(" + m_cipher->name() + ")"; |
98 | 0 | } |
99 | | |
100 | | /* |
101 | | * Return a clone of this object |
102 | | */ |
103 | | MessageAuthenticationCode* CMAC::clone() const |
104 | 0 | { |
105 | 0 | return new CMAC(m_cipher->clone()); |
106 | 0 | } |
107 | | |
108 | | /* |
109 | | * CMAC Constructor |
110 | | */ |
111 | | CMAC::CMAC(BlockCipher* cipher) : |
112 | | m_cipher(cipher), |
113 | | m_block_size(m_cipher->block_size()) |
114 | 0 | { |
115 | 0 | if(poly_double_supported_size(m_block_size) == false) |
116 | 0 | { |
117 | 0 | throw Invalid_Argument("CMAC cannot use the " + |
118 | 0 | std::to_string(m_block_size * 8) + |
119 | 0 | " bit cipher " + m_cipher->name()); |
120 | 0 | } |
121 | | |
122 | 0 | m_state.resize(output_length()); |
123 | 0 | m_buffer.resize(output_length()); |
124 | 0 | m_B.resize(output_length()); |
125 | 0 | m_P.resize(output_length()); |
126 | 0 | m_position = 0; |
127 | 0 | } |
128 | | |
129 | | } |