Fixed nonce caching for umac32 and umac64.

3 files changed, 13 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 8ecb0b93..155af0ed 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2013-04-16  Niels Möller  <nisse@lysator.liu.se>
 
+	* umac32.c (umac32_digest): Fix nonce caching.
+	* umac64.c (umac64_digest): Likewise.
+
 	* testsuite/umac-test.c (test_incr): New function.
 	(test_main): Test nonce increment.
 
diff --git a/umac32.c b/umac32.c
index 98f987e9..ce859c15 100644
--- a/umac32.c
+++ b/umac32.c
@@ -101,8 +101,11 @@ umac32_digest (struct umac32_ctx *ctx,
     }
   assert (ctx->count > 0);
   if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
-    aes_encrypt (&ctx->pdf_key, AES_BLOCK_SIZE,
-		 (uint8_t *) ctx->pad_cache, ctx->nonce);
+    {
+      aes_encrypt (&ctx->pdf_key, AES_BLOCK_SIZE,
+		   (uint8_t *) ctx->pad_cache, ctx->nonce);
+      ctx->nonce_low |= _UMAC_NONCE_CACHED;
+    }
 
   pad = ctx->pad_cache[ctx->nonce_low & 3];
 
diff --git a/umac64.c b/umac64.c
index b2a69709..e92b95cb 100644
--- a/umac64.c
+++ b/umac64.c
@@ -104,9 +104,11 @@ umac64_digest (struct umac64_ctx *ctx,
     }
   assert (ctx->count > 0);
   if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED))
-    aes_encrypt (&ctx->pdf_key, AES_BLOCK_SIZE,
-		 (uint8_t *) ctx->pad_cache, ctx->nonce);
-
+    {
+      aes_encrypt (&ctx->pdf_key, AES_BLOCK_SIZE,
+		   (uint8_t *) ctx->pad_cache, ctx->nonce);
+      ctx->nonce_low |= _UMAC_NONCE_CACHED;
+    }
   pad = ctx->pad_cache + 2*(ctx->nonce_low & 1);
 
   /* Increment nonce */