2014-01-16 Niels Möller <nisse@lysator.liu.se>
+ * poly1305-aes.c: Include poly1305.c. Rewrite functions without
+ using the POLY1305_* macros.
+
+ * Makefile.in (HEADERS): Deleted poly1305-aes.h.
+
+ * poly1305.h (POLY1305_CTX, POLY1305_SET_KEY, POLY1305_SET_NONCE)
+ (POLY1305_DIGEST): Deleted macros. Only implemented variant is
+ poly1305-aes.
+ (POLY1305_DIGEST_SIZE, POLY1305_BLOCK_SIZE, POLY1305_KEY_SIZE):
+ New constants.
+ (POLY1305_AES_KEY_SIZE, POLY1305_AES_DIGEST_SIZE): Moved here,
+ from poly1305-aes.h.
+ (struct poly1305_aes_ctx): Likewise.
+ (poly1305_aes_set_key, poly1305_aes_set_nonce)
+ (poly1305_aes_update, poly1305_aes_digest): Likewise.
+ * poly1305-aes.h: Deleted file, declarations moved to poly1305.h.
+ Update all users.
+
* poly1305-internal.c (s2, s3, s4): Fixed macros.
* poly1305-aes.h (struct poly1305_aes_ctx): Replace struct aes_ctx
pgp.h pkcs1.h realloc.h ripemd160.h rsa.h rsa-compat.h \
salsa20.h sexp.h \
serpent.h sha.h sha1.h sha2.h sha3.h twofish.h \
- umac.h yarrow.h poly1305-aes.h poly1305.h
+ umac.h yarrow.h poly1305.h
INSTALL_HEADERS = $(HEADERS) nettle-stdint.h
#include "sha3.h"
#include "twofish.h"
#include "umac.h"
-#include "poly1305-aes.h"
+#include "poly1305.h"
#include "nettle-meta.h"
#include "nettle-internal.h"
/* nettle, low-level cryptographics library
*
* Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
#endif
#include <string.h>
+
+#include "poly1305.h"
#include "macros.h"
-#include "nettle-types.h"
-#include "poly1305-aes.h"
void
poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t * key)
{
- POLY1305_SET_KEY(ctx, aes128_set_encrypt_key, key);
+ aes128_set_encrypt_key(&ctx->aes, (key));
+ poly1305_set_key(&ctx->pctx, (key+16));
+ ctx->pctx.index = 0;
}
void
poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
const uint8_t * nonce)
{
- POLY1305_SET_NONCE(ctx, nonce);
+ poly1305_set_nonce(&ctx->pctx, nonce);
}
void
poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
size_t length, uint8_t * digest)
{
- POLY1305_DIGEST(ctx, aes128_encrypt, length, digest);
+ uint8_t s[POLY1305_BLOCK_SIZE];
+ aes128_encrypt(&ctx->aes, POLY1305_BLOCK_SIZE, s, ctx->pctx.nonce);
+ poly1305_digest (&ctx->pctx, length, digest, s);
+ INCREMENT (16, (ctx)->pctx.nonce);
+ (ctx)->pctx.index = 0;
}
+++ /dev/null
-/* poly1305-aes.h
- *
- * Poly1305 message authentication code.
- */
-
-/* nettle, low-level cryptographics library
- *
- * Copyright (C) 2013 Nikos Mavrogiannopoulos
- *
- * The nettle library is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation; either version 2.1 of the License, or (at your
- * option) any later version.
- *
- * The nettle library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
- * License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with the nettle library; see the file COPYING.LIB. If not, write to
- * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
- * MA 02111-1301, USA.
- */
-
-#ifndef NETTLE_POLY1305_AES_H_INCLUDED
-#define NETTLE_POLY1305_AES_H_INCLUDED
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "nettle-types.h"
-#include "poly1305.h"
-#include "aes.h"
-
-#define POLY1305_AES_KEY_SIZE 32
-#define POLY1305_AES_DIGEST_SIZE 16
-
-#define poly1305_aes_set_key nettle_poly1305_aes_set_key
-#define poly1305_aes_set_nonce nettle_poly1305_aes_set_nonce
-#define poly1305_aes_digest nettle_poly1305_aes_digest
-
-struct poly1305_aes_ctx POLY1305_CTX(struct aes128_ctx);
-
-/* The _set_key function initialize the nonce to zero. */
-void
-poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key);
-
-/* Optional, if not used, messages get incrementing nonces starting from zero. */
-void
-poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
- const uint8_t *nonce);
-
-#define poly1305_aes_update \
- (*(void(*)(struct poly1305_aes_ctx *, size_t, const uint8_t *))&poly1305_update)
-
-/* The _digest functions increment the nonce */
-void
-poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
- size_t length, uint8_t *digest);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* NETTLE_POLY1305_AES_H_INCLUDED */
#ifndef NETTLE_POLY1305_H_INCLUDED
#define NETTLE_POLY1305_H_INCLUDED
-#include "nettle-types.h"
+#include "aes.h"
#ifdef __cplusplus
extern "C" {
#define poly1305_block nettle_poly1305_block
#define poly1305_digest nettle_poly1305_digest
+#define poly1305_aes_set_key nettle_poly1305_aes_set_key
+#define poly1305_aes_set_nonce nettle_poly1305_aes_set_nonce
+#define poly1305_aes_digest nettle_poly1305_aes_digest
+
/* Low level functions/macros for the poly1305 construction. */
+#define POLY1305_DIGEST_SIZE 16
+#define POLY1305_BLOCK_SIZE 16
+#define POLY1305_KEY_SIZE 16
+
struct poly1305_ctx {
/* Key, 128-bit value and some cached multiples. */
union
uint64_t h64[2];
} h;
- uint8_t nonce[16];
- uint8_t block[16];
+ uint8_t nonce[POLY1305_BLOCK_SIZE];
+ uint8_t block[POLY1305_BLOCK_SIZE];
unsigned index;
};
-void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16]);
+void poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[POLY1305_KEY_SIZE]);
void poly1305_set_nonce (struct poly1305_ctx *ctx, const uint8_t * nonce);
-void poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[16]);
+void poly1305_block (struct poly1305_ctx *ctx, const uint8_t m[POLY1305_BLOCK_SIZE]);
void poly1305_update (struct poly1305_ctx *ctx, size_t size, const uint8_t *data);
void poly1305_digest (struct poly1305_ctx *ctx,
size_t length, uint8_t *digest, const uint8_t *s);
-/* All-in-one context, with cipher, and state. Cipher must have a 128-bit block */
-#define POLY1305_CTX(type) \
-{ struct poly1305_ctx pctx; type cipher; }
-
-#define POLY1305_SET_KEY(ctx, set_key, key) \
- do { \
- poly1305_set_key(&(ctx)->pctx, (key+16)); \
- (set_key)(&(ctx)->cipher, (key)); \
- (ctx)->pctx.index = 0; \
- } while (0)
-
-#define POLY1305_SET_NONCE(ctx, data) \
- poly1305_set_nonce(&(ctx)->pctx, (data))
-
-#define POLY1305_DIGEST(ctx, encrypt, length, digest) \
- do { \
- uint8_t _ts[16]; \
- (encrypt)(&(ctx)->cipher, 16, _ts, (ctx)->pctx.nonce); \
- poly1305_digest (&(ctx)->pctx, (length), (digest), _ts); \
- INCREMENT (16, (ctx)->pctx.nonce); \
- (ctx)->pctx.index = 0; \
- } while(0);
+/* poly1305-aes */
+
+#define POLY1305_AES_KEY_SIZE 32
+#define POLY1305_AES_DIGEST_SIZE 16
+
+struct poly1305_aes_ctx
+{
+ /* Must be first element, for the poly1305_aes_update cast to work. */
+ struct poly1305_ctx pctx;
+ struct aes128_ctx aes;
+};
+
+/* Also initialize the nonce to zero. */
+void
+poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key);
+
+/* Optional, if not used, messages get incrementing nonces starting from zero. */
+void
+poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
+ const uint8_t *nonce);
+
+/* An alias, nothing aes-specific. */
+#define poly1305_aes_update \
+ (*(void(*)(struct poly1305_aes_ctx *, size_t, const uint8_t *))&poly1305_update)
+/* Also increments the nonce */
+void
+poly1305_aes_digest (struct poly1305_aes_ctx *ctx,
+ size_t length, uint8_t *digest);
#ifdef __cplusplus
}
#include "testutils.h"
-#include "poly1305-aes.h"
+#include "poly1305.h"
static void
update (void *ctx, nettle_hash_update_func *f,
projects / thirdparty / nettle.git / commitdiff
