nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
aes-encrypt-internal.c aes-encrypt.c aes-encrypt-table.c \
aes-invert-internal.c aes-set-key-internal.c \
- aes-set-encrypt-key.c aes-set-decrypt-key.c \
aes128-set-encrypt-key.c aes128-set-decrypt-key.c \
aes128-meta.c \
aes192-set-encrypt-key.c aes192-set-decrypt-key.c \
chacha-set-key.c chacha-set-nonce.c \
ctr.c ctr16.c des.c des3.c des-compat.c \
eax.c eax-aes128.c eax-aes128-meta.c \
- gcm.c gcm-aes.c \
+ gcm.c \
gcm-aes128.c gcm-aes128-meta.c \
gcm-aes192.c gcm-aes192-meta.c \
gcm-aes256.c gcm-aes256-meta.c \
}
};
-void
-aes_decrypt(const struct aes_ctx *ctx,
- size_t length, uint8_t *dst,
- const uint8_t *src)
-{
- assert(!(length % AES_BLOCK_SIZE) );
- _aes_decrypt(ctx->rounds, ctx->keys, &_aes_decrypt_table,
- length, dst, src);
-}
-
void
aes128_decrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
#include "aes-internal.h"
-/* The main point on this function is to help the assembler
+/* The main point on these functions is to help the assembler
implementations of _nettle_aes_encrypt to get the table pointer.
For PIC code, the details can be complex and system dependent. */
-void
-aes_encrypt(const struct aes_ctx *ctx,
- size_t length, uint8_t *dst,
- const uint8_t *src)
-{
- assert(!(length % AES_BLOCK_SIZE) );
- _aes_encrypt(ctx->rounds, ctx->keys, &_aes_encrypt_table,
- length, dst, src);
-}
-
void
aes128_encrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
+++ /dev/null
-/* aes-set-decrypt-key.c
-
- Inverse key setup for the aes/rijndael block cipher.
-
- Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Möller
- Copyright (C) 2013 Niels Möller
-
- This file is part of GNU Nettle.
-
- GNU Nettle is free software: you can redistribute it and/or
- modify it under the terms of either:
-
- * the GNU Lesser General Public License as published by the Free
- Software Foundation; either version 3 of the License, or (at your
- option) any later version.
-
- or
-
- * the GNU General Public License as published by the Free
- Software Foundation; either version 2 of the License, or (at your
- option) any later version.
-
- or both in parallel, as here.
-
- GNU Nettle is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received copies of the GNU General Public License and
- the GNU Lesser General Public License along with this program. If
- not, see http://www.gnu.org/licenses/.
-*/
-
-#if HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include "aes-internal.h"
-
-void
-aes_invert_key(struct aes_ctx *dst,
- const struct aes_ctx *src)
-{
- _aes_invert (src->rounds, dst->keys, src->keys);
- dst->rounds = src->rounds;
-}
-
-void
-aes_set_decrypt_key(struct aes_ctx *ctx,
- size_t keysize, const uint8_t *key)
-{
- /* We first create subkeys for encryption,
- * then modify the subkeys for decryption. */
- aes_set_encrypt_key(ctx, keysize, key);
- aes_invert_key(ctx, ctx);
-}
-
+++ /dev/null
-/* aes-set-encrypt-key.c
-
- Key setup for the aes/rijndael block cipher.
-
- Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Möller
- Copyright (C) 2013 Niels Möller
-
- This file is part of GNU Nettle.
-
- GNU Nettle is free software: you can redistribute it and/or
- modify it under the terms of either:
-
- * the GNU Lesser General Public License as published by the Free
- Software Foundation; either version 3 of the License, or (at your
- option) any later version.
-
- or
-
- * the GNU General Public License as published by the Free
- Software Foundation; either version 2 of the License, or (at your
- option) any later version.
-
- or both in parallel, as here.
-
- GNU Nettle is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received copies of the GNU General Public License and
- the GNU Lesser General Public License along with this program. If
- not, see http://www.gnu.org/licenses/.
-*/
-
-#if HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include <assert.h>
-
-#include "aes-internal.h"
-
-void
-aes_set_encrypt_key(struct aes_ctx *ctx,
- size_t keysize, const uint8_t *key)
-{
- unsigned nk, nr;
-
- assert(keysize >= AES_MIN_KEY_SIZE);
- assert(keysize <= AES_MAX_KEY_SIZE);
-
- /* Truncate keysizes to the valid key sizes provided by Rijndael */
- if (keysize == AES256_KEY_SIZE) {
- nk = 8;
- nr = _AES256_ROUNDS;
- } else if (keysize >= AES192_KEY_SIZE) {
- nk = 6;
- nr = _AES192_ROUNDS;
- } else { /* must be 16 or more */
- nk = 4;
- nr = _AES128_ROUNDS;
- }
-
- ctx->rounds = nr;
- _aes_set_key (nr, nk, ctx->keys, key);
-}
#endif
/* Name mangling */
-#define aes_set_encrypt_key nettle_aes_set_encrypt_key
-#define aes_set_decrypt_key nettle_aes_set_decrypt_key
-#define aes_invert_key nettle_aes_invert_key
-#define aes_encrypt nettle_aes_encrypt
-#define aes_decrypt nettle_aes_decrypt
#define aes128_set_encrypt_key nettle_aes128_set_encrypt_key
#define aes128_set_decrypt_key nettle_aes128_set_decrypt_key
#define aes128_invert_key nettle_aes128_invert_key
#define _AES192_ROUNDS 12
#define _AES256_ROUNDS 14
-/* Variable key size between 128 and 256 bits. But the only valid
- * values are 16 (128 bits), 24 (192 bits) and 32 (256 bits). */
-#define AES_MIN_KEY_SIZE AES128_KEY_SIZE
-#define AES_MAX_KEY_SIZE AES256_KEY_SIZE
-
-/* Older nettle-2.7 interface */
-
-#define AES_KEY_SIZE 32
-
-struct aes_ctx
-{
- unsigned rounds; /* number of rounds to use for our key size */
- uint32_t keys[4*(_AES256_ROUNDS + 1)]; /* maximum size of key schedule */
-};
-
-void
-aes_set_encrypt_key(struct aes_ctx *ctx,
- size_t length, const uint8_t *key);
-
-void
-aes_set_decrypt_key(struct aes_ctx *ctx,
- size_t length, const uint8_t *key);
-
-void
-aes_invert_key(struct aes_ctx *dst,
- const struct aes_ctx *src);
-
-void
-aes_encrypt(const struct aes_ctx *ctx,
- size_t length, uint8_t *dst,
- const uint8_t *src);
-void
-aes_decrypt(const struct aes_ctx *ctx,
- size_t length, uint8_t *dst,
- const uint8_t *src);
-
struct aes128_ctx
{
uint32_t keys[4 * (_AES128_ROUNDS + 1)];
+++ /dev/null
-/* gcm-aes.c
-
- Galois counter mode using AES as the underlying cipher.
-
- Copyright (C) 2011 Niels Möller
-
- This file is part of GNU Nettle.
-
- GNU Nettle is free software: you can redistribute it and/or
- modify it under the terms of either:
-
- * the GNU Lesser General Public License as published by the Free
- Software Foundation; either version 3 of the License, or (at your
- option) any later version.
-
- or
-
- * the GNU General Public License as published by the Free
- Software Foundation; either version 2 of the License, or (at your
- option) any later version.
-
- or both in parallel, as here.
-
- GNU Nettle is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received copies of the GNU General Public License and
- the GNU Lesser General Public License along with this program. If
- not, see http://www.gnu.org/licenses/.
-*/
-
-#if HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include "gcm.h"
-
-void
-gcm_aes_set_key(struct gcm_aes_ctx *ctx, size_t length, const uint8_t *key)
-{
- aes_set_encrypt_key (&ctx->cipher, length, key);
- gcm_set_key (&ctx->key, &ctx->cipher,
- (nettle_cipher_func *) aes_encrypt);
-}
-
-void
-gcm_aes_set_iv(struct gcm_aes_ctx *ctx,
- size_t length, const uint8_t *iv)
-{
- GCM_SET_IV(ctx, length, iv);
-}
-
-void
-gcm_aes_update(struct gcm_aes_ctx *ctx, size_t length, const uint8_t *data)
-{
- GCM_UPDATE(ctx, length, data);
-}
-
-void
-gcm_aes_encrypt(struct gcm_aes_ctx *ctx,
- size_t length, uint8_t *dst, const uint8_t *src)
-{
- GCM_ENCRYPT(ctx, aes_encrypt, length, dst, src);
-}
-
-void
-gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
- size_t length, uint8_t *dst, const uint8_t *src)
-{
- GCM_DECRYPT(ctx, aes_encrypt, length, dst, src);
-}
-
-void
-gcm_aes_digest(struct gcm_aes_ctx *ctx,
- size_t length, uint8_t *digest)
-{
- GCM_DIGEST(ctx, aes_encrypt, length, digest);
-}
gcm_aes256_digest(struct gcm_aes256_ctx *ctx,
size_t length, uint8_t *digest);
-/* Old aes interface, for backwards compatibility */
-struct gcm_aes_ctx GCM_CTX(struct aes_ctx);
-
-void
-gcm_aes_set_key(struct gcm_aes_ctx *ctx,
- size_t length, const uint8_t *key);
-
-void
-gcm_aes_set_iv(struct gcm_aes_ctx *ctx,
- size_t length, const uint8_t *iv);
-
-void
-gcm_aes_update(struct gcm_aes_ctx *ctx,
- size_t length, const uint8_t *data);
-
-void
-gcm_aes_encrypt(struct gcm_aes_ctx *ctx,
- size_t length, uint8_t *dst, const uint8_t *src);
-
-void
-gcm_aes_decrypt(struct gcm_aes_ctx *ctx,
- size_t length, uint8_t *dst, const uint8_t *src);
-
-void
-gcm_aes_digest(struct gcm_aes_ctx *ctx, size_t length, uint8_t *digest);
-
struct gcm_camellia128_ctx GCM_CTX(struct camellia128_ctx);
#include "aes.h"
#include "nettle-internal.h"
+typedef void invert_func (void *, void *) ;
+
static void
-test_invert(const struct tstring *key,
+test_invert(const struct nettle_cipher *cipher,
+ invert_func *invert,
+ const struct tstring *key,
const struct tstring *cleartext,
const struct tstring *ciphertext)
{
- struct aes_ctx encrypt;
- struct aes_ctx decrypt;
+ void *encrypt = xalloc(cipher->context_size);
+ void *decrypt = xalloc(cipher->context_size);
uint8_t *data = xalloc(cleartext->length);
size_t length;
ASSERT (cleartext->length == ciphertext->length);
+ ASSERT (key->length == cipher->key_size);
length = cleartext->length;
- aes_set_encrypt_key (&encrypt, key->length, key->data);
- aes_encrypt (&encrypt, length, data, cleartext->data);
+ cipher->set_encrypt_key (encrypt, key->data);
+ cipher->encrypt (encrypt, length, data, cleartext->data);
if (!MEMEQ(length, data, ciphertext->data))
{
FAIL();
}
- aes_invert_key (&decrypt, &encrypt);
- aes_decrypt (&decrypt, length, data, data);
+ invert (decrypt, encrypt);
+ cipher->decrypt (decrypt, length, data, data);
if (!MEMEQ(length, data, cleartext->data))
{
fprintf(stderr, "\n");
FAIL();
}
+ free (encrypt);
+ free (decrypt);
free (data);
}
-/* Old, unified, interface */
-static nettle_set_key_func unified_aes128_set_encrypt_key;
-static nettle_set_key_func unified_aes128_set_encrypt_key;
-static nettle_set_key_func unified_aes192_set_encrypt_key;
-static nettle_set_key_func unified_aes192_set_encrypt_key;
-static nettle_set_key_func unified_aes256_set_encrypt_key;
-static nettle_set_key_func unified_aes256_set_encrypt_key;
-static void
-unified_aes128_set_encrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_encrypt_key (ctx, AES128_KEY_SIZE, key);
-}
-static void
-unified_aes128_set_decrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_decrypt_key (ctx, AES128_KEY_SIZE, key);
-}
-
-static void
-unified_aes192_set_encrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_encrypt_key (ctx, AES192_KEY_SIZE, key);
-}
-static void
-unified_aes192_set_decrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_decrypt_key (ctx, AES192_KEY_SIZE, key);
-}
-
-static void
-unified_aes256_set_encrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_encrypt_key (ctx, AES256_KEY_SIZE, key);
-}
-static void
-unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key)
-{
- aes_set_decrypt_key (ctx, AES256_KEY_SIZE, key);
-}
-
-#define UNIFIED_AES(bits) { \
- "unified-aes" #bits, sizeof(struct aes_ctx), \
- AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE, \
- unified_aes ## bits ##_set_encrypt_key, \
- unified_aes ## bits ##_set_decrypt_key, \
- (nettle_cipher_func *) aes_encrypt, \
- (nettle_cipher_func *) aes_decrypt, \
-}
-const struct nettle_cipher nettle_unified_aes128
-= UNIFIED_AES(128);
-const struct nettle_cipher nettle_unified_aes192
-= UNIFIED_AES(192);
-const struct nettle_cipher nettle_unified_aes256
-= UNIFIED_AES(256);
-
-static void
-test_cipher2(const struct nettle_cipher *c1,
- const struct nettle_cipher *c2,
- const struct tstring *key,
- const struct tstring *cleartext,
- const struct tstring *ciphertext)
-{
- test_cipher (c1, key, cleartext, ciphertext);
- test_cipher (c2, key, cleartext, ciphertext);
-}
-
void
test_main(void)
{
- /* Test both the new interface and the older unified interface. */
-
/* 128 bit keys */
- test_cipher2(&nettle_aes128, &nettle_unified_aes128,
+ test_cipher(&nettle_aes128,
SHEX("0001020305060708 0A0B0C0D0F101112"),
SHEX("506812A45F08C889 B97F5980038B8359"),
SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
- test_cipher2(&nettle_aes128, &nettle_unified_aes128,
+ test_cipher(&nettle_aes128,
SHEX("14151617191A1B1C 1E1F202123242526"),
SHEX("5C6D71CA30DE8B8B 00549984D2EC7D4B"),
SHEX("59AB30F4D4EE6E4F F9907EF65B1FB68C"));
- test_cipher2(&nettle_aes128, &nettle_unified_aes128,
+ test_cipher(&nettle_aes128,
SHEX("28292A2B2D2E2F30 323334353738393A"),
SHEX("53F3F4C64F8616E4 E7C56199F48F21F6"),
SHEX("BF1ED2FCB2AF3FD4 1443B56D85025CB1"));
- test_cipher2(&nettle_aes128, &nettle_unified_aes128,
+ test_cipher(&nettle_aes128,
SHEX("A0A1A2A3A5A6A7A8 AAABACADAFB0B1B2"),
SHEX("F5F4F7F684878689 A6A7A0A1D2CDCCCF"),
SHEX("CE52AF650D088CA5 59425223F4D32694"));
/* 192 bit keys */
- test_cipher2(&nettle_aes192, &nettle_unified_aes192,
+ test_cipher(&nettle_aes192,
SHEX("0001020305060708 0A0B0C0D0F101112"
"14151617191A1B1C"),
SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
/* 256 bit keys */
- test_cipher2(&nettle_aes256, &nettle_unified_aes256,
+ test_cipher(&nettle_aes256,
SHEX("0001020305060708 0A0B0C0D0F101112"
"14151617191A1B1C 1E1F202123242526"),
SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
/* This test case has been problematic with the CBC test case */
- test_cipher2(&nettle_aes256, &nettle_unified_aes256,
+ test_cipher(&nettle_aes256,
SHEX("8d ae 93 ff fc 78 c9 44"
"2a bd 0c 1e 68 bc a6 c7"
"05 c7 84 e3 5a a9 11 8b"
* F.1.1 ECB-AES128-Encrypt
*/
- test_cipher2(&nettle_aes128, &nettle_unified_aes128,
+ test_cipher(&nettle_aes128,
SHEX("2b7e151628aed2a6abf7158809cf4f3c"),
SHEX("6bc1bee22e409f96e93d7e117393172a"
"ae2d8a571e03ac9c9eb76fac45af8e51"
/* F.1.3 ECB-AES192-Encrypt */
- test_cipher2(&nettle_aes192, &nettle_unified_aes192,
+ test_cipher(&nettle_aes192,
SHEX("8e73b0f7da0e6452c810f32b809079e5 62f8ead2522c6b7b"),
SHEX("6bc1bee22e409f96e93d7e117393172a"
"ae2d8a571e03ac9c9eb76fac45af8e51"
"9a4b41ba738d6c72fb16691603c18e0e"));
/* F.1.5 ECB-AES256-Encrypt */
- test_cipher2(&nettle_aes256, &nettle_unified_aes256,
+ test_cipher(&nettle_aes256,
SHEX("603deb1015ca71be2b73aef0857d7781"
"1f352c073b6108d72d9810a30914dff4"),
SHEX("6bc1bee22e409f96e93d7e117393172a"
"23304b7a39f9f3ff067d8d8f9e24ecc7"));
/* Test aes_invert_key with src != dst */
- test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"),
+ test_invert(&nettle_aes128, (invert_func *) aes128_invert_key,
+ SHEX("0001020305060708 0A0B0C0D0F101112"),
SHEX("506812A45F08C889 B97F5980038B8359"),
SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
- test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
+ test_invert(&nettle_aes192, (invert_func *) aes192_invert_key,
+ SHEX("0001020305060708 0A0B0C0D0F101112"
"14151617191A1B1C"),
SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
- test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
+ test_invert(&nettle_aes256, (invert_func *) aes256_invert_key,
+ SHEX("0001020305060708 0A0B0C0D0F101112"
"14151617191A1B1C 1E1F202123242526"),
SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
SHEX("1946DABF6A03A2A2 C3D0B05080AED6FC"));
}
}
-static nettle_set_key_func gcm_unified_aes128_set_key;
-static nettle_set_key_func gcm_unified_aes128_set_iv;
-static void
-gcm_unified_aes128_set_key (void *ctx, const uint8_t *key)
-{
- gcm_aes_set_key (ctx, AES128_KEY_SIZE, key);
-}
-static void
-gcm_unified_aes128_set_iv (void *ctx, const uint8_t *iv)
-{
- gcm_aes_set_iv (ctx, GCM_IV_SIZE, iv);
-}
-static const struct nettle_aead
-nettle_gcm_unified_aes128 = {
- "gcm-aes128",
- sizeof (struct gcm_aes_ctx),
- GCM_BLOCK_SIZE, AES128_KEY_SIZE,
- GCM_IV_SIZE, GCM_DIGEST_SIZE,
- (nettle_set_key_func *) gcm_unified_aes128_set_key,
- (nettle_set_key_func *) gcm_unified_aes128_set_key,
- (nettle_set_key_func *) gcm_unified_aes128_set_iv,
- (nettle_hash_update_func *) gcm_aes_update,
- (nettle_crypt_func *) gcm_aes_encrypt,
- (nettle_crypt_func *) gcm_aes_decrypt,
- (nettle_hash_digest_func *) gcm_aes_digest
-};
-
-
void
test_main(void)
{
"16aedbf5a0de6a57a637b39b"),
SHEX("619cc5aefffe0bfa462af43c1699d050"));
- /* Same test, but with old gcm_aes interface */
- test_aead(&nettle_gcm_unified_aes128,
- (nettle_hash_update_func *) gcm_aes_set_iv,
- SHEX("feffe9928665731c6d6a8f9467308308"),
- SHEX("feedfacedeadbeeffeedfacedeadbeef"
- "abaddad2"),
- SHEX("d9313225f88406e5a55909c5aff5269a"
- "86a7a9531534f7da2e4c303d8a318a72"
- "1c3c0c95956809532fcf0e2449a6b525"
- "b16aedf5aa0de657ba637b39"),
- SHEX("8ce24998625615b603a033aca13fb894"
- "be9112a5c3a211a8ba262a3cca7e2ca7"
- "01e4a9a4fba43c90ccdcb281d48c7c6f"
- "d62875d2aca417034c34aee5"),
- SHEX("9313225df88406e555909c5aff5269aa"
- "6a7a9538534f7da1e4c303d2a318a728"
- "c3c0c95156809539fcf0e2429a6b5254"
- "16aedbf5a0de6a57a637b39b"),
- SHEX("619cc5aefffe0bfa462af43c1699d050"));
-
/* Test case 7 */
test_aead(&nettle_gcm_aes192, NULL,
SHEX("00000000000000000000000000000000"
projects / thirdparty / nettle.git / commitdiff
