1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
6 * The library is free for all purposes without any express
13 XCBC Support, start an XCBC state
18 /** Initialize XCBC-MAC state
19 @param xcbc [out] XCBC state to initialize
20 @param cipher Index of cipher to use
21 @param key [in] Secret key
22 @param keylen Length of secret key in octets
23 Return CRYPT_OK on success
25 int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen)
31 LTC_ARGCHK(xcbc != NULL);
32 LTC_ARGCHK(key != NULL);
34 /* schedule the key */
35 if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
40 if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
41 return CRYPT_INVALID_ARG;
47 /* are we in pure XCBC mode with three keys? */
48 if (keylen & LTC_XCBC_PURE) {
49 keylen &= ~LTC_XCBC_PURE;
51 if (keylen < 2UL*cipher_descriptor[cipher].block_length) {
52 return CRYPT_INVALID_ARG;
55 k1 = keylen - 2*cipher_descriptor[cipher].block_length;
56 XMEMCPY(xcbc->K[0], key, k1);
57 XMEMCPY(xcbc->K[1], key+k1, cipher_descriptor[cipher].block_length);
58 XMEMCPY(xcbc->K[2], key+k1 + cipher_descriptor[cipher].block_length, cipher_descriptor[cipher].block_length);
60 /* use the key expansion */
61 k1 = cipher_descriptor[cipher].block_length;
63 /* schedule the user key */
64 skey = XCALLOC(1, sizeof(*skey));
69 if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, skey)) != CRYPT_OK) {
73 /* make the three keys */
74 for (y = 0; y < 3; y++) {
75 for (x = 0; x < cipher_descriptor[cipher].block_length; x++) {
76 xcbc->K[y][x] = y + 1;
78 cipher_descriptor[cipher].ecb_encrypt(xcbc->K[y], xcbc->K[y], skey);
83 err = cipher_descriptor[cipher].setup(xcbc->K[0], k1, 0, &xcbc->key);
86 zeromem(xcbc->IV, cipher_descriptor[cipher].block_length);
87 xcbc->blocksize = cipher_descriptor[cipher].block_length;
88 xcbc->cipher = cipher;
91 cipher_descriptor[cipher].done(skey);
93 #ifdef LTC_CLEAN_STACK
94 zeromem(skey, sizeof(*skey));
103 /* ref: $Format:%D$ */
104 /* git commit: $Format:%H$ */
105 /* commit time: $Format:%ai$ */