+2014-04-30 Niels Möller <nisse@lysator.liu.se>
+
+ * ccm.c (CCM_IV_MAX_SIZE, CCM_IV_MIN_SIZE): Deleted, replaced by
+ public constants CCM_MIN_NONCE_SIZE and CCM_MAX_NONCE_SIZE.
+ (ccm_build_iv): Updated for above rename.
+ (CCM_L_MAX_SIZE): Deleted, no longer used.
+
+ * ccm.h (CCM_MIN_NONCE_SIZE, CCM_MAX_NONCE_SIZE): New constants.
+ (CCM_MAX_MSG_SIZE): New macro.
+
2014-04-27 Niels Möller <nisse@lysator.liu.se>
* nettle.texinfo (Cipher modes): Subsection on AEAD constructions.
#define CCM_OFFSET_FLAGS 0
#define CCM_OFFSET_NONCE 1
#define CCM_L_SIZE(_nlen_) (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - (_nlen_))
-#define CCM_L_MAX_SIZE (CCM_FLAG_L+1)
-#define CCM_IV_MAX_SIZE (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - 1)
-#define CCM_IV_MIN_SIZE (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - CCM_L_MAX_SIZE)
/*
* The data input to the CBC-MAC: L(a) | adata | padding | plaintext | padding
unsigned int i;
/* Sanity check the nonce length. */
- assert(noncelen >= CCM_IV_MIN_SIZE);
- assert(noncelen <= CCM_IV_MAX_SIZE);
+ assert(noncelen >= CCM_MIN_NONCE_SIZE);
+ assert(noncelen <= CCM_MAX_NONCE_SIZE);
/* Generate the IV */
iv[CCM_OFFSET_FLAGS] = flags | CCM_FLAG_SET_L(CCM_L_SIZE(noncelen));
/* For CCM, the block size of the block cipher shall be 128 bits. */
#define CCM_BLOCK_SIZE 16
+#define CCM_MIN_NONCE_SIZE 7
+#define CCM_MAX_NONCE_SIZE 14
+
+/* Maximum cleartext message size, as a function of the nonce size N.
+ The length field is L octets, with L = 15 - N, and then the maximum
+ size M = 2^{8L} - 1. */
+#define CCM_MAX_MSG_SIZE(N) \
+ ((sizeof(size_t) + (N) <= 15) \
+ ? ~(size_t) 0 \
+ : ((size_t) 1 << (8*(15 - N))) - 1)
/* Per-message state */
struct ccm_ctx {
projects / thirdparty / nettle.git / commitdiff
