|
Packit Service |
991b93 |
/* poly1305.h
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
Poly1305 message authentication code.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
Copyright (C) 2013 Nikos Mavrogiannopoulos
|
|
Packit Service |
991b93 |
Copyright (C) 2013, 2014 Niels Möller
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
This file is part of GNU Nettle.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
GNU Nettle is free software: you can redistribute it and/or
|
|
Packit Service |
991b93 |
modify it under the terms of either:
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
* the GNU Lesser General Public License as published by the Free
|
|
Packit Service |
991b93 |
Software Foundation; either version 3 of the License, or (at your
|
|
Packit Service |
991b93 |
option) any later version.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
or
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
* the GNU General Public License as published by the Free
|
|
Packit Service |
991b93 |
Software Foundation; either version 2 of the License, or (at your
|
|
Packit Service |
991b93 |
option) any later version.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
or both in parallel, as here.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
GNU Nettle is distributed in the hope that it will be useful,
|
|
Packit Service |
991b93 |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
991b93 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
991b93 |
General Public License for more details.
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
You should have received copies of the GNU General Public License and
|
|
Packit Service |
991b93 |
the GNU Lesser General Public License along with this program. If
|
|
Packit Service |
991b93 |
not, see http://www.gnu.org/licenses/.
|
|
Packit Service |
991b93 |
*/
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#ifndef GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_POLY1305_H_INCLUDED
|
|
Packit Service |
991b93 |
#define GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_POLY1305_H_INCLUDED
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#include <nettle/aes.h>
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#ifdef __cplusplus
|
|
Packit Service |
991b93 |
extern "C" {
|
|
Packit Service |
991b93 |
#endif
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Name mangling */
|
|
Packit Service |
991b93 |
#define poly1305_aes_set_key gnutls_nettle_backport_poly1305_aes_set_key
|
|
Packit Service |
991b93 |
#define poly1305_aes_set_nonce gnutls_nettle_backport_poly1305_aes_set_nonce
|
|
Packit Service |
991b93 |
#define poly1305_aes_update gnutls_nettle_backport_poly1305_aes_update
|
|
Packit Service |
991b93 |
#define poly1305_aes_digest gnutls_nettle_backport_poly1305_aes_digest
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Low level functions/macros for the poly1305 construction. */
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#define POLY1305_BLOCK_SIZE 16
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
struct poly1305_ctx {
|
|
Packit Service |
991b93 |
/* Key, 128-bit value and some cached multiples. */
|
|
Packit Service |
991b93 |
union
|
|
Packit Service |
991b93 |
{
|
|
Packit Service |
991b93 |
uint32_t r32[6];
|
|
Packit Service |
991b93 |
uint64_t r64[3];
|
|
Packit Service |
991b93 |
} r;
|
|
Packit Service |
991b93 |
uint32_t s32[3];
|
|
Packit Service |
991b93 |
/* State, represented as words of 26, 32 or 64 bits, depending on
|
|
Packit Service |
991b93 |
implementation. */
|
|
Packit Service |
991b93 |
/* High bits first, to maintain alignment. */
|
|
Packit Service |
991b93 |
uint32_t hh;
|
|
Packit Service |
991b93 |
union
|
|
Packit Service |
991b93 |
{
|
|
Packit Service |
991b93 |
uint32_t h32[4];
|
|
Packit Service |
991b93 |
uint64_t h64[2];
|
|
Packit Service |
991b93 |
} h;
|
|
Packit Service |
991b93 |
};
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* poly1305-aes */
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#define POLY1305_AES_KEY_SIZE 32
|
|
Packit Service |
991b93 |
#define POLY1305_AES_DIGEST_SIZE 16
|
|
Packit Service |
991b93 |
#define POLY1305_AES_NONCE_SIZE 16
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
struct poly1305_aes_ctx
|
|
Packit Service |
991b93 |
{
|
|
Packit Service |
991b93 |
/* Keep aes context last, to make it possible to use a general
|
|
Packit Service |
991b93 |
poly1305_update if other variants are added. */
|
|
Packit Service |
991b93 |
struct poly1305_ctx pctx;
|
|
Packit Service |
991b93 |
uint8_t block[POLY1305_BLOCK_SIZE];
|
|
Packit Service |
991b93 |
unsigned index;
|
|
Packit Service |
991b93 |
uint8_t nonce[POLY1305_BLOCK_SIZE];
|
|
Packit Service |
991b93 |
struct aes128_ctx aes;
|
|
Packit Service |
991b93 |
};
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Also initialize the nonce to zero. */
|
|
Packit Service |
991b93 |
void
|
|
Packit Service |
991b93 |
poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key);
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Optional, if not used, messages get incrementing nonces starting
|
|
Packit Service |
991b93 |
from zero. */
|
|
Packit Service |
991b93 |
void
|
|
Packit Service |
991b93 |
poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
|
|
Packit Service |
991b93 |
const uint8_t *nonce);
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Update is not aes-specific, but since this is the only implemented
|
|
Packit Service |
991b93 |
variant, we need no more general poly1305_update. */
|
|
Packit Service |
991b93 |
void
|
|
Packit Service |
991b93 |
poly1305_aes_update (struct poly1305_aes_ctx *ctx, size_t length, const uint8_t *data);
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
/* Also increments the nonce */
|
|
Packit Service |
991b93 |
void
|
|
Packit Service |
991b93 |
poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
|
|
Packit Service |
991b93 |
size_t length, uint8_t *digest);
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#ifdef __cplusplus
|
|
Packit Service |
991b93 |
}
|
|
Packit Service |
991b93 |
#endif
|
|
Packit Service |
991b93 |
|
|
Packit Service |
991b93 |
#endif /* GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_POLY1305_H_INCLUDED */
|