feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

implemented AES-GCM Decrypt

Browse Source
This commit is contained in:
John Safranek
2012-06-15 15:12:56 -07:00
parent bac34015cc
commit e39e27bb5b
3 changed files with 55 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
ctaocrypt/src/aes.c
View File

@@ -1590,7 +1590,55 @@ int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz) const byte* authIn, word32 authInSz)
{ {
word32 blocks = sz / AES_BLOCK_SIZE;
word32 partial = sz % AES_BLOCK_SIZE;
const byte* c = in;
byte* p = out;
byte h[AES_BLOCK_SIZE];
byte ctr[AES_BLOCK_SIZE];
CYASSL_ENTER("AesGcmDecrypt"); CYASSL_ENTER("AesGcmDecrypt");
/* Set up the H block by encrypting an array of zeroes with the key. */
XMEMSET(ctr, 0, AES_BLOCK_SIZE);
AesEncrypt(aes, ctr, h);
/* Initialize the counter with the MS 96 bits of IV, and the counter
* portion set to "1". */
XMEMCPY(ctr, aes->reg, AES_BLOCK_SIZE - 4);
InitGcmCounter(ctr);
/* Calculate the authTag again using the received auth data and the
* cipher text. */
{
byte Tprime[AES_BLOCK_SIZE];
byte EKY0[AES_BLOCK_SIZE];
GHASH(h, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
AesEncrypt(aes, ctr, EKY0);
xorbuf(Tprime, EKY0, sizeof(Tprime));
if (XMEMCMP(authTag, Tprime, authTagSz) != 0) {
return AES_GCM_AUTH_E;
}
}
while (blocks--) {
IncrementGcmCounter(ctr);
AesEncrypt(aes, ctr, p);
xorbuf(p, c, AES_BLOCK_SIZE);
p += AES_BLOCK_SIZE;
c += AES_BLOCK_SIZE;
}
if (partial != 0) {
byte pPartial[AES_BLOCK_SIZE];
IncrementGcmCounter(ctr);
AesEncrypt(aes, ctr, pPartial);
XMEMCPY(p, pPartial, partial);
xorbuf(p, c, partial);
}
return 0; return 0;
} }

4
ctaocrypt/src/asn.c
View File

@@ -2698,6 +2698,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "Alt Name problem, too big", max); XSTRNCPY(buffer, "Alt Name problem, too big", max);
break; break;
case AES_GCM_AUTH_E:
XSTRNCPY(buffer, "AES-GCM Authentication check fail", max);
break;
default: default:
XSTRNCPY(buffer, "unknown error number", max); XSTRNCPY(buffer, "unknown error number", max);

2
cyassl/ctaocrypt/error.h
View File

@@ -98,6 +98,8 @@ enum {
NO_PASSWORD = -176, /* no password provided by user */ NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */ ALT_NAME_E = -177, /* alt name size problem, too big */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
MIN_CODE_E = -200 /* errors -101 - -199 */ MIN_CODE_E = -200 /* errors -101 - -199 */
}; };