~ubuntu-branches/ubuntu/utopic/nettle/utopic : contents of gcm.h at revision 17

~ubuntu-branches/ubuntu/utopic/nettle/utopic : (revision 17)

/* gcm.h
 *
 * Galois counter mode, specified by NIST,
 * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
 *
 */

/* NOTE: Tentative interface, subject to change. No effort will be
   made to avoid incompatible changes. */

/* nettle, low-level cryptographics library
 *
 * Copyright (C) 2011 Niels Möller
 * Copyright (C) 2011 Katholieke Universiteit Leuven
 * 
 * Contributed by Nikos Mavrogiannopoulos
 *
 * The nettle library is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or (at your
 * option) any later version.
 * 
 * The nettle library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public License
 * along with the nettle library; see the file COPYING.LIB.  If not, write to
 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02111-1301, USA.
 */

#ifndef NETTLE_GCM_H_INCLUDED
#define NETTLE_GCM_H_INCLUDED

#include "aes.h"

#ifdef __cplusplus
extern "C" {
#endif

/* Name mangling */
#define gcm_set_key nettle_gcm_set_key
#define gcm_set_iv nettle_gcm_set_iv
#define gcm_update nettle_gcm_update
#define gcm_encrypt nettle_gcm_encrypt
#define gcm_decrypt nettle_gcm_decrypt
#define gcm_digest nettle_gcm_digest

#define gcm_aes_set_key nettle_gcm_aes_set_key
#define gcm_aes_set_iv nettle_gcm_aes_set_iv
#define gcm_aes_update nettle_gcm_aes_update
#define gcm_aes_encrypt nettle_gcm_aes_encrypt
#define gcm_aes_decrypt nettle_gcm_aes_decrypt
#define gcm_aes_digest nettle_gcm_aes_digest

#define GCM_BLOCK_SIZE 16
#define GCM_IV_SIZE (GCM_BLOCK_SIZE - 4)

#define GCM_TABLE_BITS 8

/* To make sure that we have proper alignment. */
union gcm_block
{
  uint8_t b[GCM_BLOCK_SIZE];
  unsigned long w[GCM_BLOCK_SIZE / sizeof(unsigned long)];
};

/* Hashing subkey */
struct gcm_key
{
  union gcm_block h[1 << GCM_TABLE_BITS];
};
  
/* Per-message state, depending on the iv */
struct gcm_ctx {
  /* Original counter block */
  union gcm_block iv;
  /* Updated for each block. */
  union gcm_block ctr;
  /* Hashing state */
  union gcm_block x;
  uint64_t auth_size;
  uint64_t data_size;
};

/* FIXME: Should use const for the cipher context. Then needs const for
   nettle_crypt_func, which also rules out using that abstraction for
   arcfour. */
void
gcm_set_key(struct gcm_key *key,
	    void *cipher, nettle_crypt_func *f);

void
gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key,
	   unsigned length, const uint8_t *iv);

void
gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key,
	   unsigned length, const uint8_t *data);

void
gcm_encrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
	    void *cipher, nettle_crypt_func *f,
	    unsigned length, uint8_t *dst, const uint8_t *src);

void
gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
	    void *cipher, nettle_crypt_func *f,
	    unsigned length, uint8_t *dst, const uint8_t *src);

void
gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
	   void *cipher, nettle_crypt_func *f,
	   unsigned length, uint8_t *digest);

/* Convenience macrology (not sure how useful it is) */

/* All-in-one context, with cipher, hash subkey, and message state. */
#define GCM_CTX(type) \
{ type cipher; struct gcm_key key; struct gcm_ctx gcm; }

/* NOTE: Avoid using NULL, as we don't include anything defining it. */
#define GCM_SET_KEY(ctx, set_key, encrypt, length, data)	\
  do {								\
    (set_key)(&(ctx)->cipher, (length), (data));		\
    if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0);	\
    gcm_set_key(&(ctx)->key, &(ctx)->cipher,			\
		(nettle_crypt_func *) (encrypt));		\
  } while (0)

#define GCM_SET_IV(ctx, length, data)				\
  gcm_set_iv(&(ctx)->gcm, &(ctx)->key, (length), (data))

#define GCM_UPDATE(ctx, length, data)			\
  gcm_update(&(ctx)->gcm, &(ctx)->key, (length), (data))

#define GCM_ENCRYPT(ctx, encrypt, length, dst, src)			\
  (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0)		\
     : gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher,		\
		   (nettle_crypt_func *) (encrypt),			\
		   (length), (dst), (src)))

#define GCM_DECRYPT(ctx, encrypt, length, dst, src)			\
  (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0)		\
     : gcm_decrypt(&(ctx)->gcm,  &(ctx)->key, &(ctx)->cipher,		\
		   (nettle_crypt_func *) (encrypt),			\
		   (length), (dst), (src)))

#define GCM_DIGEST(ctx, encrypt, length, digest)			\
  (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0)		\
     : gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher,		\
		  (nettle_crypt_func *) (encrypt),			\
		  (length), (digest)))

struct gcm_aes_ctx GCM_CTX(struct aes_ctx);

void
gcm_aes_set_key(struct gcm_aes_ctx *ctx,
		unsigned length, const uint8_t *key);

void
gcm_aes_set_iv(struct gcm_aes_ctx *ctx,
	       unsigned length, const uint8_t *iv);

void
gcm_aes_update(struct gcm_aes_ctx *ctx,
	       unsigned length, const uint8_t *data);

void
gcm_aes_encrypt(struct gcm_aes_ctx *ctx,
		unsigned length, uint8_t *dst, const uint8_t *src);

void
gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
		unsigned length, uint8_t *dst, const uint8_t *src);

void
gcm_aes_digest(struct gcm_aes_ctx *ctx, unsigned length, uint8_t *digest);

#ifdef __cplusplus
}
#endif

#endif /* NETTLE_GCM_H_INCLUDED */

1.4.3 by Magnus Holmgren Import upstream version 2.2	1	/* gcm.h
	2	*
	3	* Galois counter mode, specified by NIST,
	4	* http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
	5	*
	6	*/
	7
	8	/* NOTE: Tentative interface, subject to change. No effort will be
	9	made to avoid incompatible changes. */
	10
	11	/* nettle, low-level cryptographics library
	12	*
	13	* Copyright (C) 2011 Niels Möller
	14	* Copyright (C) 2011 Katholieke Universiteit Leuven
	15	*
	16	* Contributed by Nikos Mavrogiannopoulos
	17	*
	18	* The nettle library is free software; you can redistribute it and/or modify
	19	* it under the terms of the GNU Lesser General Public License as published by
	20	* the Free Software Foundation; either version 2.1 of the License, or (at your
	21	* option) any later version.
	22	*
	23	* The nettle library is distributed in the hope that it will be useful, but
	24	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	25	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
	26	* License for more details.
	27	*
	28	* You should have received a copy of the GNU Lesser General Public License
	29	* along with the nettle library; see the file COPYING.LIB. If not, write to
1.5.2 by Magnus Holmgren Import upstream version 2.6	30	* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
1.5.2 by Magnus Holmgren Import upstream version 2.6	31	* MA 02111-1301, USA.
1.4.3 by Magnus Holmgren Import upstream version 2.2	32	*/
	33
	34	#ifndef NETTLE_GCM_H_INCLUDED
	35	#define NETTLE_GCM_H_INCLUDED
	36
	37	#include "aes.h"
	38
	39	#ifdef __cplusplus
	40	extern "C" {
	41	#endif
	42
	43	/* Name mangling */
	44	#define gcm_set_key nettle_gcm_set_key
	45	#define gcm_set_iv nettle_gcm_set_iv
	46	#define gcm_update nettle_gcm_update
	47	#define gcm_encrypt nettle_gcm_encrypt
	48	#define gcm_decrypt nettle_gcm_decrypt
	49	#define gcm_digest nettle_gcm_digest
	50
	51	#define gcm_aes_set_key nettle_gcm_aes_set_key
	52	#define gcm_aes_set_iv nettle_gcm_aes_set_iv
	53	#define gcm_aes_update nettle_gcm_aes_update
	54	#define gcm_aes_encrypt nettle_gcm_aes_encrypt
	55	#define gcm_aes_decrypt nettle_gcm_aes_decrypt
	56	#define gcm_aes_digest nettle_gcm_aes_digest
	57
	58	#define GCM_BLOCK_SIZE 16
	59	#define GCM_IV_SIZE (GCM_BLOCK_SIZE - 4)
	60
	61	#define GCM_TABLE_BITS 8
	62
	63	/* To make sure that we have proper alignment. */
	64	union gcm_block
	65	{
	66	uint8_t b[GCM_BLOCK_SIZE];
	67	unsigned long w[GCM_BLOCK_SIZE / sizeof(unsigned long)];
	68	};
	69
	70	/* Hashing subkey */
	71	struct gcm_key
	72	{
	73	union gcm_block h[1 << GCM_TABLE_BITS];
	74	};
	75
	76	/* Per-message state, depending on the iv */
	77	struct gcm_ctx {
	78	/* Original counter block */
	79	union gcm_block iv;
	80	/* Updated for each block. */
	81	union gcm_block ctr;
	82	/* Hashing state */
	83	union gcm_block x;
	84	uint64_t auth_size;
	85	uint64_t data_size;
	86	};
	87
	88	/* FIXME: Should use const for the cipher context. Then needs const for
	89	nettle_crypt_func, which also rules out using that abstraction for
	90	arcfour. */
	91	void
	92	gcm_set_key(struct gcm_key *key,
	93	void cipher, nettle_crypt_func f);
	94
	95	void
96	gcm_set_iv(struct gcm_ctx ctx, const struct gcm_key key,
97	unsigned length, const uint8_t *iv);
98
99	void
100	gcm_update(struct gcm_ctx ctx, const struct gcm_key key,
101	unsigned length, const uint8_t *data);
102
103	void
104	gcm_encrypt(struct gcm_ctx ctx, const struct gcm_key key,
105	void cipher, nettle_crypt_func f,
106	unsigned length, uint8_t dst, const uint8_t src);
107
108	void
109	gcm_decrypt(struct gcm_ctx ctx, const struct gcm_key key,
110	void cipher, nettle_crypt_func f,
111	unsigned length, uint8_t dst, const uint8_t src);
112
113	void
114	gcm_digest(struct gcm_ctx ctx, const struct gcm_key key,
115	void cipher, nettle_crypt_func f,
116	unsigned length, uint8_t *digest);
117
118	/* Convenience macrology (not sure how useful it is) */
119
120	/* All-in-one context, with cipher, hash subkey, and message state. */
121	#define GCM_CTX(type) \
122	{ type cipher; struct gcm_key key; struct gcm_ctx gcm; }
123
124	/* NOTE: Avoid using NULL, as we don't include anything defining it. */
125	#define GCM_SET_KEY(ctx, set_key, encrypt, length, data) \
126	do { \
127	(set_key)(&(ctx)->cipher, (length), (data)); \
128	if (0) (encrypt)(&(ctx)->cipher, 0, (void )0, (void )0); \
129	gcm_set_key(&(ctx)->key, &(ctx)->cipher, \
130	(nettle_crypt_func *) (encrypt)); \
131	} while (0)
132
133	#define GCM_SET_IV(ctx, length, data) \
134	gcm_set_iv(&(ctx)->gcm, &(ctx)->key, (length), (data))
135
136	#define GCM_UPDATE(ctx, length, data) \
137	gcm_update(&(ctx)->gcm, &(ctx)->key, (length), (data))
138
139	#define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \
140	(0 ? (encrypt)(&(ctx)->cipher, 0, (void )0, (void )0) \
141	: gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
142	(nettle_crypt_func *) (encrypt), \
143	(length), (dst), (src)))
144
145	#define GCM_DECRYPT(ctx, encrypt, length, dst, src) \
146	(0 ? (encrypt)(&(ctx)->cipher, 0, (void )0, (void )0) \
147	: gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
148	(nettle_crypt_func *) (encrypt), \
149	(length), (dst), (src)))
150
151	#define GCM_DIGEST(ctx, encrypt, length, digest) \
152	(0 ? (encrypt)(&(ctx)->cipher, 0, (void )0, (void )0) \
153	: gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
154	(nettle_crypt_func *) (encrypt), \
155	(length), (digest)))
156
157	struct gcm_aes_ctx GCM_CTX(struct aes_ctx);
158
159	void
160	gcm_aes_set_key(struct gcm_aes_ctx *ctx,
161	unsigned length, const uint8_t *key);
162
163	void
164	gcm_aes_set_iv(struct gcm_aes_ctx *ctx,
165	unsigned length, const uint8_t *iv);
166
167	void
168	gcm_aes_update(struct gcm_aes_ctx *ctx,
169	unsigned length, const uint8_t *data);
170
171	void
172	gcm_aes_encrypt(struct gcm_aes_ctx *ctx,
173	unsigned length, uint8_t dst, const uint8_t src);
174
175	void
176	gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
177	unsigned length, uint8_t dst, const uint8_t src);
178
179	void
180	gcm_aes_digest(struct gcm_aes_ctx ctx, unsigned length, uint8_t digest);
181
182	#ifdef __cplusplus
183	}
184	#endif
185
186	#endif /* NETTLE_GCM_H_INCLUDED */