projects / thirdparty / chrony.git / blame
| Commit | Line | Data |
|---|---|---|
| 881d07fa ML |
1 | /* |
| 2 | chronyd/chronyc - Programs for keeping computer clocks accurate. | |
| 3 | ||
| 4 | ********************************************************************** | |
| 5 | * Copyright (C) Miroslav Lichvar 2019 | |
| 6 | * | |
| 7 | * This program is free software; you can redistribute it and/or modify | |
| 8 | * it under the terms of version 2 of the GNU General Public License as | |
| 9 | * published by the Free Software Foundation. | |
| 10 | * | |
| 11 | * This program is distributed in the hope that it will be useful, but | |
| 12 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 14 | * General Public License for more details. | |
| 15 | * | |
| 16 | * You should have received a copy of the GNU General Public License along | |
| 17 | * with this program; if not, write to the Free Software Foundation, Inc., | |
| 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 19 | * | |
| 20 | ********************************************************************** | |
| 21 | ||
| 22 | ======================================================================= | |
| 23 | ||
| 24 | SIV ciphers using the Nettle library | |
| 25 | */ | |
| 26 | ||
| 27 | #include "config.h" | |
| 28 | ||
| 29 | #include "sysincl.h" | |
| 30 | ||
| 2d798bc4 | 31 | #ifdef HAVE_NETTLE_SIV_CMAC |
| 881d07fa | 32 | #include <nettle/siv-cmac.h> |
| 2d798bc4 ML |
33 | #else |
| 34 | #include "siv_nettle_int.c" | |
| 35 | #endif | |
| 881d07fa ML |
36 | |
| 37 | #include "memory.h" | |
| 38 | #include "siv.h" | |
| 39 | ||
| 40 | struct SIV_Instance_Record { | |
| 41 | struct siv_cmac_aes128_ctx siv; | |
| 2bb88b45 | 42 | int key_set; |
| 881d07fa ML |
43 | }; |
| 44 | ||
| 45 | /* ================================================== */ | |
| 46 | ||
| 47 | SIV_Instance | |
| 48 | SIV_CreateInstance(SIV_Algorithm algorithm) | |
| 49 | { | |
| 50 | SIV_Instance instance; | |
| 51 | ||
| 52 | if (algorithm != AEAD_AES_SIV_CMAC_256) | |
| 53 | return NULL; | |
| 54 | ||
| 55 | instance = MallocNew(struct SIV_Instance_Record); | |
| 2bb88b45 | 56 | instance->key_set = 0; |
| 881d07fa ML |
57 | |
| 58 | return instance; | |
| 59 | } | |
| 60 | ||
| 61 | /* ================================================== */ | |
| 62 | ||
| 63 | void | |
| 64 | SIV_DestroyInstance(SIV_Instance instance) | |
| 65 | { | |
| 66 | Free(instance); | |
| 67 | } | |
| 68 | ||
| 69 | /* ================================================== */ | |
| 70 | ||
| 71 | int | |
| 72 | SIV_GetKeyLength(SIV_Algorithm algorithm) | |
| 73 | { | |
| 32a82a38 ML |
74 | assert(32 <= SIV_MAX_KEY_LENGTH); |
| 75 | ||
| 881d07fa ML |
76 | if (algorithm == AEAD_AES_SIV_CMAC_256) |
| 77 | return 32; | |
| 78 | return 0; | |
| 79 | } | |
| 80 | ||
| 81 | /* ================================================== */ | |
| 82 | ||
| 83 | int | |
| 84 | SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length) | |
| 85 | { | |
| 86 | if (length != 32) | |
| 87 | return 0; | |
| 88 | ||
| 89 | siv_cmac_aes128_set_key(&instance->siv, key); | |
| 90 | ||
| 2bb88b45 ML |
91 | instance->key_set = 1; |
| 92 | ||
| 881d07fa ML |
93 | return 1; |
| 94 | } | |
| 95 | ||
| 96 | /* ================================================== */ | |
| 97 | ||
| 98 | int | |
| 99 | SIV_GetTagLength(SIV_Instance instance) | |
| 100 | { | |
| 32a82a38 ML |
101 | assert(SIV_DIGEST_SIZE <= SIV_MAX_TAG_LENGTH); |
| 102 | ||
| 881d07fa ML |
103 | return SIV_DIGEST_SIZE; |
| 104 | } | |
| 105 | ||
| 106 | /* ================================================== */ | |
| 107 | ||
| 108 | int | |
| 109 | SIV_Encrypt(SIV_Instance instance, | |
| 110 | const unsigned char *nonce, int nonce_length, | |
| 111 | const void *assoc, int assoc_length, | |
| 112 | const void *plaintext, int plaintext_length, | |
| 113 | unsigned char *ciphertext, int ciphertext_length) | |
| 114 | { | |
| 2bb88b45 ML |
115 | if (!instance->key_set) |
| 116 | return 0; | |
| 117 | ||
| 881d07fa ML |
118 | if (nonce_length < SIV_MIN_NONCE_SIZE || assoc_length < 0 || |
| 119 | plaintext_length < 0 || plaintext_length > ciphertext_length || | |
| 120 | plaintext_length + SIV_DIGEST_SIZE != ciphertext_length) | |
| 121 | return 0; | |
| 122 | ||
| 123 | assert(assoc && plaintext); | |
| 124 | ||
| 125 | siv_cmac_aes128_encrypt_message(&instance->siv, nonce_length, nonce, | |
| 126 | assoc_length, assoc, | |
| 127 | ciphertext_length, ciphertext, plaintext); | |
| 128 | return 1; | |
| 129 | } | |
| 130 | ||
| 131 | /* ================================================== */ | |
| 132 | ||
| 133 | int | |
| 134 | SIV_Decrypt(SIV_Instance instance, | |
| 135 | const unsigned char *nonce, int nonce_length, | |
| 136 | const void *assoc, int assoc_length, | |
| 137 | const unsigned char *ciphertext, int ciphertext_length, | |
| 138 | void *plaintext, int plaintext_length) | |
| 139 | { | |
| 2bb88b45 ML |
140 | if (!instance->key_set) |
| 141 | return 0; | |
| 142 | ||
| 881d07fa ML |
143 | if (nonce_length < SIV_MIN_NONCE_SIZE || assoc_length < 0 || |
| 144 | plaintext_length < 0 || plaintext_length > ciphertext_length || | |
| 145 | plaintext_length + SIV_DIGEST_SIZE != ciphertext_length) | |
| 146 | return 0; | |
| 147 | ||
| 148 | assert(assoc && plaintext); | |
| 149 | ||
| 150 | if (!siv_cmac_aes128_decrypt_message(&instance->siv, nonce_length, nonce, | |
| 151 | assoc_length, assoc, | |
| 152 | plaintext_length, plaintext, ciphertext)) | |
| 153 | return 0; | |
| 154 | ||
| 155 | return 1; | |
| 156 | } |