Lines Matching refs:ctx
58 static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) in chachapoly_pad_aad() argument
60 uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U ); in chachapoly_pad_aad()
68 return( mbedtls_poly1305_update( &ctx->poly1305_ctx, in chachapoly_pad_aad()
78 static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) in chachapoly_pad_ciphertext() argument
80 uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U ); in chachapoly_pad_ciphertext()
87 return( mbedtls_poly1305_update( &ctx->poly1305_ctx, in chachapoly_pad_ciphertext()
92 void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) in mbedtls_chachapoly_init() argument
94 CHACHAPOLY_VALIDATE( ctx != NULL ); in mbedtls_chachapoly_init()
96 mbedtls_chacha20_init( &ctx->chacha20_ctx ); in mbedtls_chachapoly_init()
97 mbedtls_poly1305_init( &ctx->poly1305_ctx ); in mbedtls_chachapoly_init()
98 ctx->aad_len = 0U; in mbedtls_chachapoly_init()
99 ctx->ciphertext_len = 0U; in mbedtls_chachapoly_init()
100 ctx->state = CHACHAPOLY_STATE_INIT; in mbedtls_chachapoly_init()
101 ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; in mbedtls_chachapoly_init()
104 void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) in mbedtls_chachapoly_free() argument
106 if( ctx == NULL ) in mbedtls_chachapoly_free()
109 mbedtls_chacha20_free( &ctx->chacha20_ctx ); in mbedtls_chachapoly_free()
110 mbedtls_poly1305_free( &ctx->poly1305_ctx ); in mbedtls_chachapoly_free()
111 ctx->aad_len = 0U; in mbedtls_chachapoly_free()
112 ctx->ciphertext_len = 0U; in mbedtls_chachapoly_free()
113 ctx->state = CHACHAPOLY_STATE_INIT; in mbedtls_chachapoly_free()
114 ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; in mbedtls_chachapoly_free()
117 int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_setkey() argument
121 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_setkey()
124 ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); in mbedtls_chachapoly_setkey()
129 int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_starts() argument
135 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_starts()
139 ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); in mbedtls_chachapoly_starts()
149 ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), in mbedtls_chachapoly_starts()
154 ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key ); in mbedtls_chachapoly_starts()
158 ctx->aad_len = 0U; in mbedtls_chachapoly_starts()
159 ctx->ciphertext_len = 0U; in mbedtls_chachapoly_starts()
160 ctx->state = CHACHAPOLY_STATE_AAD; in mbedtls_chachapoly_starts()
161 ctx->mode = mode; in mbedtls_chachapoly_starts()
169 int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_update_aad() argument
173 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_update_aad()
176 if( ctx->state != CHACHAPOLY_STATE_AAD ) in mbedtls_chachapoly_update_aad()
179 ctx->aad_len += aad_len; in mbedtls_chachapoly_update_aad()
181 return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) ); in mbedtls_chachapoly_update_aad()
184 int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_update() argument
190 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_update()
194 if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && in mbedtls_chachapoly_update()
195 ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) in mbedtls_chachapoly_update()
200 if( ctx->state == CHACHAPOLY_STATE_AAD ) in mbedtls_chachapoly_update()
202 ctx->state = CHACHAPOLY_STATE_CIPHERTEXT; in mbedtls_chachapoly_update()
204 ret = chachapoly_pad_aad( ctx ); in mbedtls_chachapoly_update()
209 ctx->ciphertext_len += len; in mbedtls_chachapoly_update()
211 if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT ) in mbedtls_chachapoly_update()
213 ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); in mbedtls_chachapoly_update()
217 ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len ); in mbedtls_chachapoly_update()
223 ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len ); in mbedtls_chachapoly_update()
227 ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); in mbedtls_chachapoly_update()
235 int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_finish() argument
240 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_finish()
243 if( ctx->state == CHACHAPOLY_STATE_INIT ) in mbedtls_chachapoly_finish()
248 if( ctx->state == CHACHAPOLY_STATE_AAD ) in mbedtls_chachapoly_finish()
250 ret = chachapoly_pad_aad( ctx ); in mbedtls_chachapoly_finish()
254 else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT ) in mbedtls_chachapoly_finish()
256 ret = chachapoly_pad_ciphertext( ctx ); in mbedtls_chachapoly_finish()
261 ctx->state = CHACHAPOLY_STATE_FINISHED; in mbedtls_chachapoly_finish()
266 len_block[ 0] = (unsigned char)( ctx->aad_len ); in mbedtls_chachapoly_finish()
267 len_block[ 1] = (unsigned char)( ctx->aad_len >> 8 ); in mbedtls_chachapoly_finish()
268 len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 ); in mbedtls_chachapoly_finish()
269 len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 ); in mbedtls_chachapoly_finish()
270 len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 ); in mbedtls_chachapoly_finish()
271 len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 ); in mbedtls_chachapoly_finish()
272 len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 ); in mbedtls_chachapoly_finish()
273 len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 ); in mbedtls_chachapoly_finish()
274 len_block[ 8] = (unsigned char)( ctx->ciphertext_len ); in mbedtls_chachapoly_finish()
275 len_block[ 9] = (unsigned char)( ctx->ciphertext_len >> 8 ); in mbedtls_chachapoly_finish()
276 len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 ); in mbedtls_chachapoly_finish()
277 len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 ); in mbedtls_chachapoly_finish()
278 len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 ); in mbedtls_chachapoly_finish()
279 len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 ); in mbedtls_chachapoly_finish()
280 len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 ); in mbedtls_chachapoly_finish()
281 len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 ); in mbedtls_chachapoly_finish()
283 ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); in mbedtls_chachapoly_finish()
287 ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac ); in mbedtls_chachapoly_finish()
292 static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, in chachapoly_crypt_and_tag() argument
304 ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); in chachapoly_crypt_and_tag()
308 ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len ); in chachapoly_crypt_and_tag()
312 ret = mbedtls_chachapoly_update( ctx, length, input, output ); in chachapoly_crypt_and_tag()
316 ret = mbedtls_chachapoly_finish( ctx, tag ); in chachapoly_crypt_and_tag()
322 int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_encrypt_and_tag() argument
331 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_encrypt_and_tag()
338 return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, in mbedtls_chachapoly_encrypt_and_tag()
343 int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, in mbedtls_chachapoly_auth_decrypt() argument
356 CHACHAPOLY_VALIDATE_RET( ctx != NULL ); in mbedtls_chachapoly_auth_decrypt()
363 if( ( ret = chachapoly_crypt_and_tag( ctx, in mbedtls_chachapoly_auth_decrypt()
491 mbedtls_chachapoly_context ctx; in mbedtls_chachapoly_self_test() local
502 mbedtls_chachapoly_init( &ctx ); in mbedtls_chachapoly_self_test()
504 ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] ); in mbedtls_chachapoly_self_test()
507 ret = mbedtls_chachapoly_encrypt_and_tag( &ctx, in mbedtls_chachapoly_self_test()
524 mbedtls_chachapoly_free( &ctx ); in mbedtls_chachapoly_self_test()