29 #define CCM_FLAGS(A,M,L) (((A > 0) << 6) | (((M - 2)/2) << 3) | (L - 1)) 31 #define MASK_L(_L) ((1 << 8 * _L) - 1) 33 #define SET_COUNTER(A,L,cnt,C) { \ 35 memset((A) + DTLS_CCM_BLOCKSIZE - (L), 0, (L)); \ 36 (C) = (cnt) & MASK_L(L); \ 37 for (i_ = DTLS_CCM_BLOCKSIZE - 1; (C) && (i_ > (L)); --i_, (C) >>= 8) \ 38 (A)[i_] |= (C) & 0xFF; \ 47 unsigned char *result) {
53 memcpy(result + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
55 for (i=0; i < L; i++) {
56 result[15-i] = lm & 0xff;
78 unsigned char X[DTLS_CCM_BLOCKSIZE]) {
81 rijndael_encrypt(ctx, B, X);
83 memset(B, 0, DTLS_CCM_BLOCKSIZE);
92 }
else if (la <= UINT32_MAX) {
114 i =
min(DTLS_CCM_BLOCKSIZE - j, la);
115 memcpy(B + j, msg, i);
119 memxor(B, X, DTLS_CCM_BLOCKSIZE);
121 rijndael_encrypt(ctx, B, X);
123 while (la > DTLS_CCM_BLOCKSIZE) {
125 B[i] = X[i] ^ *msg++;
128 rijndael_encrypt(ctx, B, X);
132 memset(B, 0, DTLS_CCM_BLOCKSIZE);
134 memxor(B, X, DTLS_CCM_BLOCKSIZE);
136 rijndael_encrypt(ctx, B, X);
141 encrypt(rijndael_ctx *ctx,
size_t L,
unsigned long counter,
142 unsigned char *msg,
size_t len,
144 unsigned char S[DTLS_CCM_BLOCKSIZE]) {
146 static unsigned long counter_tmp;
149 rijndael_encrypt(ctx, A, S);
155 unsigned char *msg,
size_t len,
157 unsigned char X[DTLS_CCM_BLOCKSIZE]) {
160 for (i = 0; i < len; ++i)
161 B[i] = X[i] ^ msg[i];
163 rijndael_encrypt(ctx, B, X);
170 unsigned char *msg,
size_t lm,
171 const unsigned char *aad,
size_t la) {
173 unsigned long counter_tmp;
174 unsigned long counter = 1;
183 block0(M, L, la, lm, nonce, B);
190 memcpy(A + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
192 while (lm >= DTLS_CCM_BLOCKSIZE) {
194 mac(ctx, msg, DTLS_CCM_BLOCKSIZE, B, X);
197 encrypt(ctx, L, counter, msg, DTLS_CCM_BLOCKSIZE, A, S);
211 memcpy(B + lm, X + lm, DTLS_CCM_BLOCKSIZE - lm);
212 mac(ctx, msg, lm, B, X);
215 encrypt(ctx, L, counter, msg, lm, A, S);
223 rijndael_encrypt(ctx, A, S);
225 for (i = 0; i < M; ++i)
226 *msg++ = X[i] ^ S[i];
234 unsigned char *msg,
size_t lm,
235 const unsigned char *aad,
size_t la) {
238 unsigned long counter_tmp;
239 unsigned long counter = 1;
253 block0(M, L, la, lm, nonce, B);
260 memcpy(A + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
262 while (lm >= DTLS_CCM_BLOCKSIZE) {
264 encrypt(ctx, L, counter, msg, DTLS_CCM_BLOCKSIZE, A, S);
267 mac(ctx, msg, DTLS_CCM_BLOCKSIZE, B, X);
277 encrypt(ctx, L, counter, msg, lm, A, S);
284 memcpy(B + lm, X + lm, DTLS_CCM_BLOCKSIZE - lm);
285 mac(ctx, msg, lm, B, X);
293 rijndael_encrypt(ctx, A, S);
static void block0(size_t M, size_t L, size_t la, size_t lm, unsigned char nonce[DTLS_CCM_BLOCKSIZE], unsigned char *result)
long int dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L, unsigned char nonce[DTLS_CCM_BLOCKSIZE], unsigned char *msg, size_t lm, const unsigned char *aad, size_t la)
static void memxor(unsigned char *x, const unsigned char *y, size_t n)
static void encrypt(rijndael_ctx *ctx, size_t L, unsigned long counter, unsigned char *msg, size_t len, unsigned char A[DTLS_CCM_BLOCKSIZE], unsigned char S[DTLS_CCM_BLOCKSIZE])
#define CCM_FLAGS(A, M, L)
long int dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L, unsigned char nonce[DTLS_CCM_BLOCKSIZE], unsigned char *msg, size_t lm, const unsigned char *aad, size_t la)
static int dtls_int_to_uint64(unsigned char *field, uint64_t value)
static int dtls_int_to_uint16(unsigned char *field, uint16_t value)
static void add_auth_data(rijndael_ctx *ctx, const unsigned char *msg, size_t la, unsigned char B[DTLS_CCM_BLOCKSIZE], unsigned char X[DTLS_CCM_BLOCKSIZE])
static int dtls_int_to_uint32(unsigned char *field, uint32_t value)
static void mac(rijndael_ctx *ctx, unsigned char *msg, size_t len, unsigned char B[DTLS_CCM_BLOCKSIZE], unsigned char X[DTLS_CCM_BLOCKSIZE])
#define DTLS_CCM_BLOCKSIZE
static int equals(unsigned char *a, unsigned char *b, size_t len)
#define SET_COUNTER(A, L, cnt, C)