static inline int mac_init (digest_hd_st * td, gnutls_mac_algorithm_t mac, opaque * secret, int secret_size, int ver) { int ret = 0; if (mac == GNUTLS_MAC_NULL) { return GNUTLS_E_HASH_FAILED; } if (ver == GNUTLS_SSL3) { /* SSL 3.0 */ ret = _gnutls_mac_init_ssl3 (td, mac, secret, secret_size); } else { /* TLS 1.x */ ret = _gnutls_hmac_init (td, mac, secret, secret_size); } return ret; }
/* Auth_cipher API */ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, const cipher_entry_st * e, const gnutls_datum_t * cipher_key, const gnutls_datum_t * iv, const mac_entry_st * me, const gnutls_datum_t * mac_key, unsigned etm, unsigned ssl_hmac, int enc) { int ret; if (unlikely(e == NULL)) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); FAIL_IF_LIB_ERROR; memset(handle, 0, sizeof(*handle)); handle->etm = etm; if (e->id != GNUTLS_CIPHER_NULL) { handle->non_null = 1; ret = _gnutls_cipher_init(&handle->cipher, e, cipher_key, iv, enc); if (ret < 0) return gnutls_assert_val(ret); } else handle->non_null = 0; if (me->id != GNUTLS_MAC_AEAD) { handle->is_mac = 1; handle->ssl_hmac = ssl_hmac; if (ssl_hmac) ret = _gnutls_mac_init_ssl3(&handle->mac.dig, me, mac_key->data, mac_key->size); else ret = _gnutls_mac_init(&handle->mac.mac, me, mac_key->data, mac_key->size); if (ret < 0) { gnutls_assert(); goto cleanup; } handle->tag_size = _gnutls_mac_get_algo_len(me); } else if (_gnutls_cipher_algo_is_aead(e)) { handle->tag_size = _gnutls_cipher_get_tag_size(e); } else { gnutls_assert(); ret = GNUTLS_E_INVALID_REQUEST; goto cleanup; } return 0; cleanup: if (handle->non_null != 0) _gnutls_cipher_deinit(&handle->cipher); return ret; }