#define OCB_NONCE_SIZE 12
+struct ocb_aes128_ctx
+{
+ struct ocb_ctx ocb;
+ struct ocb_aes128_encrypt_key key;
+ struct aes128_ctx decrypt;
+};
+
+static void
+set_encrypt_key_wrapper (struct ocb_aes128_ctx *ctx, const uint8_t *key)
+{
+ ocb_aes128_set_encrypt_key(&ctx->key, key);
+}
+
+static void
+set_decrypt_key_wrapper (struct ocb_aes128_ctx *ctx, const uint8_t *key)
+{
+ ocb_aes128_set_decrypt_key(&ctx->key, &ctx->decrypt, key);
+}
+
+static void
+set_nonce_wrapper (struct ocb_aes128_ctx *ctx, const uint8_t *nonce)
+{
+ ocb_aes128_set_nonce (&ctx->ocb, &ctx->key,
+ OCB_DIGEST_SIZE, OCB_NONCE_SIZE, nonce);
+}
+
+static void
+update_wrapper (struct ocb_aes128_ctx *ctx, size_t length, const uint8_t *data)
+{
+ ocb_aes128_update (&ctx->ocb, &ctx->key, length, data);
+}
+
+static void
+encrypt_wrapper (struct ocb_aes128_ctx *ctx,
+ size_t length, uint8_t *dst, const uint8_t *src)
+{
+ ocb_aes128_encrypt (&ctx->ocb, &ctx->key, length, dst, src);
+}
+
+static void
+decrypt_wrapper (struct ocb_aes128_ctx *ctx,
+ size_t length, uint8_t *dst, const uint8_t *src)
+{
+ ocb_aes128_decrypt (&ctx->ocb, &ctx->key, &ctx->decrypt, length, dst, src);
+}
+
static void
-ocb_aes128_set_nonce12 (struct ocb_aes128_ctx *ctx,
- const uint8_t *nonce)
+digest_wrapper (struct ocb_aes128_ctx *ctx, size_t length, uint8_t *digest)
{
- ocb_aes128_set_nonce (ctx, OCB_NONCE_SIZE, nonce);
+ ocb_aes128_digest (&ctx->ocb, &ctx->key, length, digest);
}
const struct nettle_aead
{ "ocb_aes128", sizeof(struct ocb_aes128_ctx),
OCB_BLOCK_SIZE, AES128_KEY_SIZE,
OCB_NONCE_SIZE, OCB_DIGEST_SIZE,
- (nettle_set_key_func *) ocb_aes128_set_key,
- (nettle_set_key_func *) ocb_aes128_set_key,
- (nettle_set_key_func *) ocb_aes128_set_nonce12,
- (nettle_hash_update_func *) ocb_aes128_update,
- (nettle_crypt_func *) ocb_aes128_encrypt,
- (nettle_crypt_func *) ocb_aes128_decrypt,
- (nettle_hash_digest_func *) ocb_aes128_digest
+ (nettle_set_key_func *) set_encrypt_key_wrapper,
+ (nettle_set_key_func *) set_decrypt_key_wrapper,
+ (nettle_set_key_func *) set_nonce_wrapper,
+ (nettle_hash_update_func *) update_wrapper,
+ (nettle_crypt_func *) encrypt_wrapper,
+ (nettle_crypt_func *) decrypt_wrapper,
+ (nettle_hash_digest_func *) digest_wrapper
};
#include "ocb.h"
void
-ocb_aes128_set_key (struct ocb_aes128_ctx *ctx, const uint8_t *key)
+ocb_aes128_set_encrypt_key (struct ocb_aes128_encrypt_key *ocb_key, const uint8_t *key)
{
- aes128_set_encrypt_key (&ctx->encrypt, key);
- aes128_invert_key (&ctx->decrypt, &ctx->encrypt);
- ocb_set_key (&ctx->key, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt);
+ aes128_set_encrypt_key (&ocb_key->encrypt, key);
+ ocb_set_key (&ocb_key->ocb, &ocb_key->encrypt, (nettle_cipher_func *) aes128_encrypt);
}
void
-ocb_aes128_set_nonce (struct ocb_aes128_ctx *ctx,
- size_t nonce_length, const uint8_t *nonce)
+ocb_aes128_set_decrypt_key (struct ocb_aes128_encrypt_key *ocb_key, struct aes128_ctx *decrypt,
+ const uint8_t *key)
{
- ocb_set_nonce (&ctx->ocb, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt,
- OCB_DIGEST_SIZE, nonce_length, nonce);
+ ocb_aes128_set_encrypt_key (ocb_key, key);
+ aes128_invert_key (decrypt, &ocb_key->encrypt);
}
void
-ocb_aes128_update (struct ocb_aes128_ctx *ctx,
+ocb_aes128_set_nonce (struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ size_t tag_length, size_t nonce_length, const uint8_t *nonce)
+{
+ ocb_set_nonce (ctx, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ tag_length, nonce_length, nonce);
+}
+
+void
+ocb_aes128_update (struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
size_t length, const uint8_t *data)
{
- ocb_update (&ctx->ocb, &ctx->key, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ ocb_update (ctx, &key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
length, data);
}
void
-ocb_aes128_encrypt(struct ocb_aes128_ctx *ctx,
+ocb_aes128_encrypt(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
size_t length, uint8_t *dst, const uint8_t *src)
{
- ocb_encrypt (&ctx->ocb, &ctx->key, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ ocb_encrypt (ctx, &key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
length, dst, src);
}
void
-ocb_aes128_decrypt(struct ocb_aes128_ctx *ctx,
+ocb_aes128_decrypt(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ const struct aes128_ctx *decrypt,
size_t length, uint8_t *dst, const uint8_t *src)
{
- ocb_decrypt (&ctx->ocb, &ctx->key, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt,
- &ctx->decrypt, (nettle_cipher_func *) aes128_decrypt,
+ ocb_decrypt (ctx, &key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ decrypt, (nettle_cipher_func *) aes128_decrypt,
length, dst, src);
}
void
-ocb_aes128_digest(struct ocb_aes128_ctx *ctx, size_t length, uint8_t *digest)
+ocb_aes128_digest(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ size_t length, uint8_t *digest)
{
- ocb_digest (&ctx->ocb, &ctx->key, &ctx->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ ocb_digest (ctx, &key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
length, digest);
}
void
-ocb_aes128_encrypt_message (const struct aes128_ctx *cipher,
+ocb_aes128_encrypt_message (const struct ocb_aes128_encrypt_key *key,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
size_t clength, uint8_t *dst, const uint8_t *src)
{
- struct ocb_key key;
- ocb_set_key (&key, cipher, (nettle_cipher_func *) aes128_encrypt);
- ocb_encrypt_message (&key, cipher, (nettle_cipher_func *) aes128_encrypt,
+ ocb_encrypt_message (&key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
nlength, nonce, alength, adata, tlength, clength, dst, src);
}
int
-ocb_aes128_decrypt_message (const struct aes128_ctx *cipher,
+ocb_aes128_decrypt_message (const struct ocb_aes128_encrypt_key *key,
+ const struct aes128_ctx *decrypt,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
size_t mlength, uint8_t *dst, const uint8_t *src)
{
- struct ocb_key key;
- struct aes128_ctx decrypt_ctx;
- aes128_invert_key (&decrypt_ctx, cipher);
- ocb_set_key (&key, cipher, (nettle_cipher_func *) aes128_encrypt);
- return ocb_decrypt_message (&key, cipher, (nettle_cipher_func *) aes128_encrypt,
- &decrypt_ctx, (nettle_cipher_func *) aes128_decrypt,
+ return ocb_decrypt_message (&key->ocb, &key->encrypt, (nettle_cipher_func *) aes128_encrypt,
+ &decrypt, (nettle_cipher_func *) aes128_decrypt,
nlength, nonce, alength, adata,
tlength, mlength, dst, src);
}
#define ocb_digest nettle_ocb_digest
#define ocb_encrypt_message nettle_ocb_encrypt_message
#define ocb_decrypt_message nettle_ocb_decrypt_message
-#define ocb_aes128_set_key nettle_ocb_aes128_set_key
+#define ocb_aes128_set_encrypt_key nettle_ocb_aes128_set_encrypt_key
+#define ocb_aes128_set_decrypt_key nettle_ocb_aes128_set_decrypt_key
#define ocb_aes128_set_nonce nettle_ocb_aes128_set_nonce
#define ocb_aes128_update nettle_ocb_aes128_update
#define ocb_aes128_encrypt nettle_ocb_aes128_encrypt
size_t mlength, uint8_t *dst, const uint8_t *src);
/* OCB-AES */
-struct ocb_aes128_ctx
+/* This struct represents an expanded key for ocb-aes encryption. For
+ decryption, a separate decryption context is needed as well. */
+struct ocb_aes128_encrypt_key
{
- struct ocb_key key;
- struct ocb_ctx ocb;
+ struct ocb_key ocb;
struct aes128_ctx encrypt;
- struct aes128_ctx decrypt;
};
void
-ocb_aes128_set_key (struct ocb_aes128_ctx *ctx, const uint8_t *key);
+ocb_aes128_set_encrypt_key (struct ocb_aes128_encrypt_key *ocb, const uint8_t *key);
void
-ocb_aes128_set_nonce (struct ocb_aes128_ctx *ctx,
- size_t nonce_length, const uint8_t *nonce);
+ocb_aes128_set_decrypt_key (struct ocb_aes128_encrypt_key *ocb, struct aes128_ctx *decrypt,
+ const uint8_t *key);
void
-ocb_aes128_update (struct ocb_aes128_ctx *ctx,
+ocb_aes128_set_nonce (struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ size_t tag_length, size_t nonce_length, const uint8_t *nonce);
+
+void
+ocb_aes128_update (struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
size_t length, const uint8_t *data);
void
-ocb_aes128_encrypt(struct ocb_aes128_ctx *ctx,
+ocb_aes128_encrypt(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
size_t length, uint8_t *dst, const uint8_t *src);
void
-ocb_aes128_decrypt(struct ocb_aes128_ctx *ctx,
+ocb_aes128_decrypt(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ const struct aes128_ctx *decrypt,
size_t length, uint8_t *dst, const uint8_t *src);
void
-ocb_aes128_digest(struct ocb_aes128_ctx *ctx, size_t length, uint8_t *digest);
+ocb_aes128_digest(struct ocb_ctx *ctx, const struct ocb_aes128_encrypt_key *key,
+ size_t length, uint8_t *digest);
void
-ocb_aes128_encrypt_message (const struct aes128_ctx *cipher,
+ocb_aes128_encrypt_message (const struct ocb_aes128_encrypt_key *key,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
size_t clength, uint8_t *dst, const uint8_t *src);
int
-ocb_aes128_decrypt_message (const struct aes128_ctx *cipher,
+ocb_aes128_decrypt_message (const struct ocb_aes128_encrypt_key *key,
+ const struct aes128_ctx *decrypt,
size_t nlength, const uint8_t *nonce,
size_t alength, const uint8_t *adata,
size_t tlength,
projects / thirdparty / nettle.git / commitdiff
