int CipherContext::checkTag(State & state, mbedtls_cipher_context_t * context){
Stack * stack = state.stack;
if (stack->is<LUA_TSTRING>(1)){
const std::string tag = stack->toLString(1);
stack->push<int>(mbedtls_cipher_check_tag(context, reinterpret_cast<const unsigned char*>(tag.c_str()), tag.length()));
return 1;
}
return 0;
}
int
cipher_ctx_final_check_tag(mbedtls_cipher_context_t *ctx, uint8_t *dst,
int *dst_len, uint8_t *tag, size_t tag_len)
{
#ifdef HAVE_AEAD_CIPHER_MODES
size_t olen = 0;
if (MBEDTLS_DECRYPT != ctx->operation)
{
return 0;
}
if (tag_len > SIZE_MAX)
{
return 0;
}
if (!mbed_ok(mbedtls_cipher_finish(ctx, dst, &olen)))
{
msg(D_CRYPT_ERRORS, "%s: cipher_ctx_final() failed", __func__);
return 0;
}
if (olen > INT_MAX)
{
return 0;
}
*dst_len = olen;
if (!mbed_ok(mbedtls_cipher_check_tag(ctx, (const unsigned char *) tag,
tag_len)))
{
return 0;
}
return 1;
#else /* ifdef HAVE_AEAD_CIPHER_MODES */
ASSERT(0);
#endif /* HAVE_AEAD_CIPHER_MODES */
}
