📄 vmac_8cpp-source.html
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"><title>Crypto++: vmac.cpp Source File</title><link href="doxygen.css" rel="stylesheet" type="text/css"><link href="tabs.css" rel="stylesheet" type="text/css"></head><body><!-- Generated by Doxygen 1.5.2 --><div class="tabs"> <ul> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="classes.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul></div><div class="tabs"> <ul> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>File Members</span></a></li> </ul></div><h1>vmac.cpp</h1><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">// vmac.cpp - written and placed in the public domain by Wei Dai</span><a name="l00002"></a>00002 <span class="comment">// based on Ted Krovetz's public domain vmac.c and draft-krovetz-vmac-01.txt</span><a name="l00003"></a>00003 <a name="l00004"></a>00004 <span class="preprocessor">#include "pch.h"</span><a name="l00005"></a>00005 <span class="preprocessor">#include "vmac.h"</span><a name="l00006"></a>00006 <span class="preprocessor">#include "argnames.h"</span><a name="l00007"></a>00007 <span class="preprocessor">#include "cpu.h"</span><a name="l00008"></a>00008 <a name="l00009"></a>00009 NAMESPACE_BEGIN(CryptoPP)<a name="l00010"></a>00010 <a name="l00011"></a>00011 <span class="preprocessor">#if defined(_MSC_VER) && !defined(CRYPTOPP_SLOW_WORD64)</span><a name="l00012"></a>00012 <span class="preprocessor"></span><span class="preprocessor">#include <intrin.h></span><a name="l00013"></a>00013 <span class="preprocessor">#endif</span><a name="l00014"></a>00014 <span class="preprocessor"></span><a name="l00015"></a>00015 <span class="preprocessor">#define VMAC_BOOL_WORD128 (defined(CRYPTOPP_WORD128_AVAILABLE) && !defined(CRYPTOPP_X64_ASM_AVAILABLE))</span><a name="l00016"></a>00016 <span class="preprocessor"></span><span class="preprocessor">#ifdef __BORLANDC__</span><a name="l00017"></a>00017 <span class="preprocessor"></span><span class="preprocessor">#define const // Turbo C++ 2006 workaround</span><a name="l00018"></a>00018 <span class="preprocessor"></span><span class="preprocessor">#endif</span><a name="l00019"></a>00019 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keyword">const</span> word64 p64 = W64LIT(0xfffffffffffffeff); <span class="comment">/* 2^64 - 257 prime */</span><a name="l00020"></a>00020 <span class="keyword">static</span> <span class="keyword">const</span> word64 m62 = W64LIT(0x3fffffffffffffff); <span class="comment">/* 62-bit mask */</span><a name="l00021"></a>00021 <span class="keyword">static</span> <span class="keyword">const</span> word64 m63 = W64LIT(0x7fffffffffffffff); <span class="comment">/* 63-bit mask */</span><a name="l00022"></a>00022 <span class="keyword">static</span> <span class="keyword">const</span> word64 m64 = W64LIT(0xffffffffffffffff); <span class="comment">/* 64-bit mask */</span><a name="l00023"></a>00023 <span class="keyword">static</span> <span class="keyword">const</span> word64 mpoly = W64LIT(0x1fffffff1fffffff); <span class="comment">/* Poly key mask */</span><a name="l00024"></a>00024 <span class="preprocessor">#ifdef __BORLANDC__</span><a name="l00025"></a>00025 <span class="preprocessor"></span><span class="preprocessor">#undef const</span><a name="l00026"></a>00026 <span class="preprocessor"></span><span class="preprocessor">#endif</span><a name="l00027"></a>00027 <span class="preprocessor"></span><span class="preprocessor">#if VMAC_BOOL_WORD128</span><a name="l00028"></a>00028 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keyword">const</span> word128 m126 = (word128(m62)<<64)|m64; <span class="comment">/* 126-bit mask */</span><a name="l00029"></a>00029 <span class="preprocessor">#endif</span><a name="l00030"></a>00030 <span class="preprocessor"></span><a name="l00031"></a><a class="code" href="class_v_m_a_c___base.html#af0954326492fcc6059ac4f1903f5f09">00031</a> <span class="keywordtype">void</span> <a class="code" href="class_v_m_a_c___base.html#af0954326492fcc6059ac4f1903f5f09">VMAC_Base::UncheckedSetKey</a>(<span class="keyword">const</span> byte *userKey, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> keylength, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html" title="interface for retrieving values given their names">NameValuePairs</a> &params)<a name="l00032"></a>00032 {<a name="l00033"></a>00033 <span class="keywordtype">int</span> digestLength = params.<a class="code" href="class_name_value_pairs.html#7ddb654b7afcd1a04422a7b4b01366d9" title="get a named value with type int, with default">GetIntValueWithDefault</a>(<a class="code" href="namespace_name.html#e065e5d1d16c399ad5404659e649bfec" title="int, in bytes">Name::DigestSize</a>(), DefaultDigestSize());<a name="l00034"></a>00034 <span class="keywordflow">if</span> (digestLength != 8 && digestLength != 16)<a name="l00035"></a>00035 <span class="keywordflow">throw</span> <a class="code" href="class_invalid_argument.html" title="exception thrown when an invalid argument is detected">InvalidArgument</a>(<span class="stringliteral">"VMAC: DigestSize must be 8 or 16"</span>);<a name="l00036"></a>00036 <a class="code" href="class_v_m_a_c___base.html#1da3fa5eb3c7e7346a4d2f4ff16c881b">m_is128</a> = digestLength == 16;<a name="l00037"></a>00037 <a name="l00038"></a>00038 <a class="code" href="class_v_m_a_c___base.html#59b7e6dadc750dd324db269c8a5f59b9">m_L1KeyLength</a> = params.<a class="code" href="class_name_value_pairs.html#7ddb654b7afcd1a04422a7b4b01366d9" title="get a named value with type int, with default">GetIntValueWithDefault</a>(<a class="code" href="namespace_name.html#17f8fb4169b41028ed2892ce1c5c9fb3" title="int, in bytes">Name::L1KeyLength</a>(), 128);<a name="l00039"></a>00039 <span class="keywordflow">if</span> (<a class="code" href="class_v_m_a_c___base.html#59b7e6dadc750dd324db269c8a5f59b9">m_L1KeyLength</a> <= 0 || <a class="code" href="class_v_m_a_c___base.html#59b7e6dadc750dd324db269c8a5f59b9">m_L1KeyLength</a> % 128 != 0)<a name="l00040"></a>00040 <span class="keywordflow">throw</span> <a class="code" href="class_invalid_argument.html" title="exception thrown when an invalid argument is detected">InvalidArgument</a>(<span class="stringliteral">"VMAC: L1KeyLength must be a positive multiple of 128"</span>);<a name="l00041"></a>00041 <a name="l00042"></a>00042 <a class="code" href="class_v_m_a_c___base.html#c68ec57bd4aa673bda236234af909390">AllocateBlocks</a>();<a name="l00043"></a>00043 <a name="l00044"></a>00044 <a class="code" href="class_block_cipher.html" title="interface for one direction (encryption or decryption) of a block cipher">BlockCipher</a> &cipher = AccessCipher();<a name="l00045"></a>00045 cipher.<a class="code" href="class_simple_keying_interface.html#df3c29b3ef3af74788a58c7c49887fd7" title="set or reset the key of this object">SetKey</a>(userKey, keylength, params);<a name="l00046"></a>00046 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> blockSize = cipher.<a class="code" href="class_block_transformation.html#4936bef4368804cf5cadab9eb6eb37e4" title="block size of the cipher in bytes">BlockSize</a>();<a name="l00047"></a>00047 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> blockSizeInWords = blockSize / <span class="keyword">sizeof</span>(word64);<a name="l00048"></a>00048 <a class="code" href="class_sec_block.html" title="a block of memory allocated using A">SecBlock<word64></a> out(blockSizeInWords);<a name="l00049"></a>00049 <a class="code" href="class_sec_block.html" title="a block of memory allocated using A">SecByteBlock</a> in;<a name="l00050"></a>00050 in.<a class="code" href="class_sec_block.html#2d78e75002fd02e5b89bd72a9e65e769" title="change size and set contents to 0">CleanNew</a>(blockSize);<a name="l00051"></a>00051 <span class="keywordtype">size_t</span> i;<a name="l00052"></a>00052 <a name="l00053"></a>00053 <span class="comment">/* Fill nh key */</span><a name="l00054"></a>00054 in[0] = 0x80; <a name="l00055"></a>00055 <span class="keywordflow">for</span> (i = 0; i < <a class="code" href="class_v_m_a_c___base.html#2732ee11b3331ca98884d8c90c7caf9a">m_nhKeySize</a>()*<span class="keyword">sizeof</span>(word64); i += blockSize)<a name="l00056"></a>00056 {<a name="l00057"></a>00057 cipher.<a class="code" href="class_block_transformation.html#2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(in, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>());<a name="l00058"></a>00058 ConditionalByteReverse(<a class="code" href="cryptlib_8h.html#aeb92d42f5a6e27b8ba19f18d69d142bf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, <a class="code" href="class_v_m_a_c___base.html#fd452fbdfcf6b297b27249e6788ecbec">m_nhKey</a>()+i/<span class="keyword">sizeof</span>(word64), out.<a class="code" href="class_sec_block.html#11a05906688172579cd3520816799446">begin</a>(), blockSize);<a name="l00059"></a>00059 in[15]++;<a name="l00060"></a>00060 }<a name="l00061"></a>00061 <a name="l00062"></a>00062 <span class="comment">/* Fill poly key */</span><a name="l00063"></a>00063 in[0] = 0xC0;<a name="l00064"></a>00064 in[15] = 0;<a name="l00065"></a>00065 <span class="keywordflow">for</span> (i = 0; i <= (size_t)<a class="code" href="class_v_m_a_c___base.html#1da3fa5eb3c7e7346a4d2f4ff16c881b">m_is128</a>; i++)<a name="l00066"></a>00066 {<a name="l00067"></a>00067 cipher.<a class="code" href="class_block_transformation.html#2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(in, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>());<a name="l00068"></a>00068 <a class="code" href="class_v_m_a_c___base.html#674767bdfe5ba30deaf057b0750f11a5">m_polyState</a>()[i*4+2] = GetWord<word64>(<span class="keyword">true</span>, <a class="code" href="cryptlib_8h.html#aeb92d42f5a6e27b8ba19f18d69d142bf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>()) & mpoly;<a name="l00069"></a>00069 <a class="code" href="class_v_m_a_c___base.html#674767bdfe5ba30deaf057b0750f11a5">m_polyState</a>()[i*4+3] = GetWord<word64>(<span class="keyword">true</span>, BIG_ENDIAN_ORDER, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>()+8) & mpoly;<a name="l00070"></a>00070 in[15]++;<a name="l00071"></a>00071 }<a name="l00072"></a>00072 <a name="l00073"></a>00073 <span class="comment">/* Fill ip key */</span><a name="l00074"></a>00074 in[0] = 0xE0;<a name="l00075"></a>00075 in[15] = 0;<a name="l00076"></a>00076 word64 *l3Key = <a class="code" href="class_v_m_a_c___base.html#22feef7bca0a7ddce65d05f47afedae3">m_l3Key</a>();<a name="l00077"></a>00077 <span class="keywordflow">for</span> (i = 0; i <= (size_t)<a class="code" href="class_v_m_a_c___base.html#1da3fa5eb3c7e7346a4d2f4ff16c881b">m_is128</a>; i++)<a name="l00078"></a>00078 <span class="keywordflow">do</span><a name="l00079"></a>00079 {<a name="l00080"></a>00080 cipher.<a class="code" href="class_block_transformation.html#2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(in, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>());<a name="l00081"></a>00081 l3Key[i*2+0] = GetWord<word64>(<span class="keyword">true</span>, <a class="code" href="cryptlib_8h.html#aeb92d42f5a6e27b8ba19f18d69d142bf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>());<a name="l00082"></a>00082 l3Key[i*2+1] = GetWord<word64>(<span class="keyword">true</span>, BIG_ENDIAN_ORDER, out.<a class="code" href="class_sec_block.html#5565f51350846fb7224720c403674216">BytePtr</a>()+8);<a name="l00083"></a>00083 in[15]++;<a name="l00084"></a>00084 } <span class="keywordflow">while</span> ((l3Key[i*2+0] >= p64) || (l3Key[i*2+1] >= p64));<a name="l00085"></a>00085 <a name="l00086"></a>00086 <a class="code" href="class_v_m_a_c___base.html#02596234f2eb210428573f3062244a0d">m_padCached</a> = <span class="keyword">false</span>;<a name="l00087"></a>00087 <a class="code" href="class_v_m_a_c___base.html#8ed277053f73f827953325aab5247cc7" title="resynchronize with an IV">Resynchronize</a>(<a class="code" href="class_simple_keying_interface.html#8d63825e000442603429b6f433b798f5">GetIVAndThrowIfInvalid</a>(params));<a name="l00088"></a>00088 }<a name="l00089"></a>00089 <a name="l00090"></a><a class="code" href="class_v_m_a_c___base.html#bd5685ab3eaf6ec272f7e062c3194c6c">00090</a> <span class="keywordtype">void</span> <a class="code" href="class_v_m_a_c___base.html#bd5685ab3eaf6ec272f7e062c3194c6c" title="get a secure IV for the next message">VMAC_Base::GetNextIV</a>(<a class="code" href="class_random_number_generator.html" title="interface for random number generators">RandomNumberGenerator</a> &rng, byte *IV)<a name="l00091"></a>00091 {<a name="l00092"></a>00092 <a class="code" href="class_simple_keying_interface.html#917224bb6df7431d6469e7a10feac5fa" title="get a secure IV for the next message">SimpleKeyingInterface::GetNextIV</a>(rng, IV);<a name="l00093"></a>00093 IV[0] &= 0x7f;<a name="l00094"></a>00094 }<a name="l00095"></a>00095 <a name="l00096"></a><a class="code" href="class_v_m_a_c___base.html#8ed277053f73f827953325aab5247cc7">00096</a> <span class="keywordtype">void</span> <a class="code" href="class_v_m_a_c___base.html#8ed277053f73f827953325aab5247cc7" title="resynchronize with an IV">VMAC_Base::Resynchronize</a>(<span class="keyword">const</span> byte *IV)<a name="l00097"></a>00097 {<a name="l00098"></a>00098 <span class="keywordtype">int</span> s = <a class="code" href="class_v_m_a_c___base.html#866c80e36ce0279f10329f261221249b" title="returns size of IVs used by this object">IVSize</a>();<a name="l00099"></a>00099 <span class="keywordflow">if</span> (<a class="code" href="class_v_m_a_c___base.html#1da3fa5eb3c7e7346a4d2f4ff16c881b">m_is128</a>)<a name="l00100"></a>00100 {<a name="l00101"></a>00101 memcpy(<a class="code" href="class_v_m_a_c___base.html#e35d611e167eb767e073bc84484798e7">m_nonce</a>(), IV, s);<a name="l00102"></a>00102 AccessCipher().<a class="code" href="class_block_transformation.html#2fefb3f4c6c6297c0c91fcbba9e4f4f3" title="encrypt or decrypt one block">ProcessBlock</a>(<a class="code" href="class_v_m_a_c___base.html#e35d611e167eb767e073bc84484798e7">m_nonce</a>(), <a class="code" href="class_v_m_a_c___base.html#06d8287263e19935d1d8089876e6dc85">m_pad</a>());<a name="l00103"></a>00103 }<a name="l00104"></a>00104 <span class="keywordflow">else</span><a name="l00105"></a>00105 {<a name="l00106"></a>00106 <a class="code" href="class_v_m_a_c___base.html#02596234f2eb210428573f3062244a0d">m_padCached</a> = <a class="code" href="class_v_m_a_c___base.html#02596234f2eb210428573f3062244a0d">m_padCached</a> && (<a class="code" href="class_v_m_a_c___base.html#e35d611e167eb767e073bc84484798e7">m_nonce</a>()[s-1] | 1) == (IV[s-1] | 1) && memcmp(<a class="code" href="class_v_m_a_c___base.html#e35d611e167eb767e073bc84484798e7">m_nonce</a>(), IV, s-1) == 0;<a name="l00107"></a>00107 <span class="keywordflow">if</span> (!<a class="code" href="class_v_m_a_c___base.html#02596234f2eb210428573f3062244a0d">m_padCached</a>)<a name="l00108"></a>00108 {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -