Skip to content

lwc / candidates

Go to a project
Switch branch/tag
Find file
Normal viewHistoryPermalink
decrypt.c 1.03 KB
Newer Older
ascon
d43acb73
 
Martin Schläffer committed
1 2 
#include "api.h"
#include "ascon.h"
Finalists
c1af5db0
 
Enrico Pozzobon committed
3 
#include "crypto_aead.h"
ascon
d43acb73
 
Martin Schläffer committed
4 5 6 
#include "permutations.h"
#include "printstate.h"
Finalists
c1af5db0
 
Enrico Pozzobon committed
7 
void ascon_aead(state_t* s, uint8_t* out, const uint8_t* in, uint64_t tlen,
ascon
d43acb73
 
Martin Schläffer committed
8 9 10 
                const uint8_t* ad, uint64_t adlen, const uint8_t* npub,
                const uint8_t* k, uint8_t mode);
Finalists
c1af5db0
 
Enrico Pozzobon committed
11 12 13 14 15 
int crypto_aead_decrypt(unsigned char* m, unsigned long long* mlen,
                        unsigned char* nsec, const unsigned char* c,
                        unsigned long long clen, const unsigned char* ad,
                        unsigned long long adlen, const unsigned char* npub,
                        const unsigned char* k) {
ascon
d43acb73
 
Martin Schläffer committed
16 17 
  state_t s;
  (void)nsec;
Finalists
c1af5db0
 
Enrico Pozzobon committed
18 
  if (clen < CRYPTO_ABYTES) return -1;
ascon
d43acb73
 
Martin Schläffer committed
19 20 21 
  /* set plaintext size */
  *mlen = clen - CRYPTO_ABYTES;
  /* ascon decryption */
Finalists
c1af5db0
 
Enrico Pozzobon committed
22 
  ascon_aead(&s, m, c, *mlen, ad, adlen, npub, k, ASCON_DECRYPT);
ascon
d43acb73
 
Martin Schläffer committed
23 
  /* verify tag (should be constant time, check compiler output) */
ascon
20add87b
 
Martin Schläffer committed
24 25 
  s.x3 = XOR(s.x3, LOADBYTES(c + *mlen, 8));
  s.x4 = XOR(s.x4, LOADBYTES(c + *mlen + 8, 8));
Finalists
c1af5db0
 
Enrico Pozzobon committed
26 
  return NOTZERO(s.x3, s.x4);
ascon
d43acb73
 
Martin Schläffer committed
27 
}