Add _nettle_poly1305_blocks

diff --git a/Makefile.in b/Makefile.in
index 86b8a536e15012e7fdd445215f90f438d70e4cad..f4069ab78f5ca7dee22a41505860e8460469ab8d 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -136,7 +136,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c aes-decrypt-table.c \
                 nettle-meta-ciphers.c nettle-meta-hashes.c nettle-meta-macs.c \
                 pbkdf2.c pbkdf2-hmac-gosthash94.c pbkdf2-hmac-sha1.c \
                 pbkdf2-hmac-sha256.c pbkdf2-hmac-sha384.c pbkdf2-hmac-sha512.c \
-                poly1305-aes.c poly1305-internal.c \
+                poly1305-aes.c poly1305-internal.c poly1305-update.c \
                 realloc.c \
                 ripemd160.c ripemd160-compress.c ripemd160-meta.c \
                 salsa20-core-internal.c salsa20-crypt-internal.c \

diff --git a/chacha-poly1305.c b/chacha-poly1305.c
index 7a423e1e627ac12cd221468063f8c3e9c5f292e4..ea8b295283c3094179e3954b139d7a075d4f5823 100644 (file)
--- a/chacha-poly1305.c
+++ b/chacha-poly1305.c
@@ -97,7 +97,8 @@ static void
 poly1305_update (struct chacha_poly1305_ctx *ctx,
                 size_t length, const uint8_t *data)
 {
-  MD_UPDATE (ctx, length, data, COMPRESS, (void) 0);
+  ctx->index = _nettle_poly1305_update (&(ctx)->poly1305,
+                                       ctx->block, ctx->index, length, data);
 }
 
 static void

diff --git a/md-internal.h b/md-internal.h
index fe520c63ce152172bc7b758d86f071b2dad8e1bf..a97b7b903d3ad12c6ea89900c5bb000a41f1bd30 100644 (file)
--- a/md-internal.h
+++ b/md-internal.h
@@ -32,6 +32,8 @@
 #ifndef NETTLE_MD_INTERNAL_H_INCLUDED
 #define NETTLE_MD_INTERNAL_H_INCLUDED
 
+#include <string.h>
+
 /* Internal helper macros for Merkle-Damgård hash functions. Assumes the context
    structs includes the following fields:
 
@@ -51,7 +53,18 @@
     memcpy((ctx)->block + (ctx)->index, (data), __md_left);    \
     (data) += __md_left;                                       \
     (length) -= __md_left;                                     \
-    (ctx)->index = 0;                                          \
   } while(0)
 
+#define MD_FILL_OR_RETURN_INDEX(block_size, block, index, length, data)        \
+  do {                                                                 \
+    unsigned __md_left = (block_size) - (index);                       \
+    if ((length) < __md_left)                                          \
+      {                                                                        \
+       memcpy(block + (index), (data), (length));                      \
+       return (index) + (length);                                      \
+      }                                                                        \
+    memcpy((block) + (index), (data), __md_left);                      \
+    (data) += __md_left;                                               \
+    (length) -= __md_left;                                             \
+  } while(0)
 #endif /* NETTLE_MD_INTERNAL_H_INCLUDED */

diff --git a/poly1305-aes.c b/poly1305-aes.c
index a4050254bb9ff15d4ad553f72bec26231a2bdcc6..9fede86dd53a8f700a270a2116918b859535b9ef 100644 (file)
--- a/poly1305-aes.c
+++ b/poly1305-aes.c
@@ -40,6 +40,7 @@
 #include "poly1305.h"
 #include "poly1305-internal.h"
 #include "macros.h"
+#include "md-internal.h"
 
 void
 poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t * key)
@@ -56,13 +57,12 @@ poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx,
   memcpy (ctx->nonce, nonce, POLY1305_AES_NONCE_SIZE);
 }
 
-#define COMPRESS(ctx, data) _nettle_poly1305_block(&(ctx)->pctx, (data), 1)
-
 void
 poly1305_aes_update (struct poly1305_aes_ctx *ctx,
                     size_t length, const uint8_t *data)
 {
-  MD_UPDATE (ctx, length, data, COMPRESS, (void) 0);
+  ctx->index = _nettle_poly1305_update (&(ctx)->pctx,
+                                       ctx->block, ctx->index, length, data);
 }
 
 void

diff --git a/poly1305-internal.c b/poly1305-internal.c
index 380b934eed72d512283dd7394df8fa62dca1f5cf..cd9583f57e995a091d43faf38cd3149d5a8e93fb 100644 (file)
--- a/poly1305-internal.c
+++ b/poly1305-internal.c
@@ -169,6 +169,15 @@ _nettle_poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m, unsigned t4)
   ctx->h0 += b * 5;
 }
 
+const uint8_t *
+_nettle_poly1305_blocks (struct poly1305_ctx *ctx, size_t blocks, const uint8_t *m)
+{
+  for (; blocks > 0; blocks--, m += POLY1305_BLOCK_SIZE)
+    _nettle_poly1305_block (ctx, m, 1);
+
+  return m;
+}
+
 /* Adds digest to the nonce */
 void
 _nettle_poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s)

diff --git a/poly1305-internal.h b/poly1305-internal.h
index 9932d5245eee33b097aced314accade9fcc08ac2..a6afd46601d58ae8ef530f325ec6b7ec9f608adb 100644 (file)
--- a/poly1305-internal.h
+++ b/poly1305-internal.h
@@ -53,7 +53,15 @@ void _nettle_poly1305_digest (struct poly1305_ctx *ctx, union nettle_block16 *s)
 /* Process one block. */
 void _nettle_poly1305_block (struct poly1305_ctx *ctx, const uint8_t *m,
                             unsigned high);
-
+/* Updates CTX by hashing M, which must be an integral number of
+   blocks. For convenience, returns a pointer to the end of the
+   data. Implies 128 set on all input blocks. */
+const uint8_t *
+_nettle_poly1305_blocks (struct poly1305_ctx *ctx, size_t blocks, const uint8_t *m);
+
+unsigned
+_nettle_poly1305_update (struct poly1305_ctx *ctx, uint8_t *buffer, unsigned index,
+                        size_t length, const uint8_t *m);
 #ifdef __cplusplus
 }
 #endif