static inline int
mac_init (digest_hd_st * td, gnutls_mac_algorithm_t mac, opaque * secret,
int secret_size, int ver)
{
int ret = 0;
if (mac == GNUTLS_MAC_NULL)
{
return GNUTLS_E_HASH_FAILED;
}
if (ver == GNUTLS_SSL3)
{ /* SSL 3.0 */
ret = _gnutls_mac_init_ssl3 (td, mac, secret, secret_size);
}
else
{ /* TLS 1.x */
ret = _gnutls_hmac_init (td, mac, secret, secret_size);
}
return ret;
}
/* Auth_cipher API
*/
int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle,
const cipher_entry_st * e,
const gnutls_datum_t * cipher_key,
const gnutls_datum_t * iv,
const mac_entry_st * me,
const gnutls_datum_t * mac_key,
unsigned etm,
unsigned ssl_hmac, int enc)
{
int ret;
if (unlikely(e == NULL))
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
FAIL_IF_LIB_ERROR;
memset(handle, 0, sizeof(*handle));
handle->etm = etm;
if (e->id != GNUTLS_CIPHER_NULL) {
handle->non_null = 1;
ret =
_gnutls_cipher_init(&handle->cipher, e, cipher_key, iv,
enc);
if (ret < 0)
return gnutls_assert_val(ret);
} else
handle->non_null = 0;
if (me->id != GNUTLS_MAC_AEAD) {
handle->is_mac = 1;
handle->ssl_hmac = ssl_hmac;
if (ssl_hmac)
ret =
_gnutls_mac_init_ssl3(&handle->mac.dig, me,
mac_key->data,
mac_key->size);
else
ret =
_gnutls_mac_init(&handle->mac.mac, me,
mac_key->data, mac_key->size);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
handle->tag_size = _gnutls_mac_get_algo_len(me);
} else if (_gnutls_cipher_algo_is_aead(e)) {
handle->tag_size = _gnutls_cipher_get_tag_size(e);
} else {
gnutls_assert();
ret = GNUTLS_E_INVALID_REQUEST;
goto cleanup;
}
return 0;
cleanup:
if (handle->non_null != 0)
_gnutls_cipher_deinit(&handle->cipher);
return ret;
}
