EIC code displayed by LXR |
|
|
|
|||
File indexing completed on 2025-01-18 10:02:16
0001 /* poly1305.h 0002 0003 Poly1305 message authentication code. 0004 0005 Copyright (C) 2013 Nikos Mavrogiannopoulos 0006 Copyright (C) 2013, 2014 Niels Möller 0007 0008 This file is part of GNU Nettle. 0009 0010 GNU Nettle is free software: you can redistribute it and/or 0011 modify it under the terms of either: 0012 0013 * the GNU Lesser General Public License as published by the Free 0014 Software Foundation; either version 3 of the License, or (at your 0015 option) any later version. 0016 0017 or 0018 0019 * the GNU General Public License as published by the Free 0020 Software Foundation; either version 2 of the License, or (at your 0021 option) any later version. 0022 0023 or both in parallel, as here. 0024 0025 GNU Nettle is distributed in the hope that it will be useful, 0026 but WITHOUT ANY WARRANTY; without even the implied warranty of 0027 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 0028 General Public License for more details. 0029 0030 You should have received copies of the GNU General Public License and 0031 the GNU Lesser General Public License along with this program. If 0032 not, see http://www.gnu.org/licenses/. 0033 */ 0034 0035 #ifndef NETTLE_POLY1305_H_INCLUDED 0036 #define NETTLE_POLY1305_H_INCLUDED 0037 0038 #include "aes.h" 0039 0040 #ifdef __cplusplus 0041 extern "C" { 0042 #endif 0043 0044 /* Name mangling */ 0045 #define poly1305_aes_set_key nettle_poly1305_aes_set_key 0046 #define poly1305_aes_set_nonce nettle_poly1305_aes_set_nonce 0047 #define poly1305_aes_update nettle_poly1305_aes_update 0048 #define poly1305_aes_digest nettle_poly1305_aes_digest 0049 0050 /* Low level functions/macros for the poly1305 construction. */ 0051 0052 #define POLY1305_BLOCK_SIZE 16 0053 0054 struct poly1305_ctx { 0055 /* Key, 128-bit value and some cached multiples. */ 0056 union 0057 { 0058 uint32_t r32[6]; 0059 uint64_t r64[3]; 0060 } r; 0061 uint32_t s32[3]; 0062 /* State, represented as words of 26, 32 or 64 bits, depending on 0063 implementation. */ 0064 /* High bits first, to maintain alignment. */ 0065 uint32_t hh; 0066 union 0067 { 0068 uint32_t h32[4]; 0069 uint64_t h64[2]; 0070 } h; 0071 }; 0072 0073 /* poly1305-aes */ 0074 0075 #define POLY1305_AES_KEY_SIZE 32 0076 #define POLY1305_AES_DIGEST_SIZE 16 0077 #define POLY1305_AES_NONCE_SIZE 16 0078 0079 struct poly1305_aes_ctx 0080 { 0081 /* Keep aes context last, to make it possible to use a general 0082 poly1305_update if other variants are added. */ 0083 struct poly1305_ctx pctx; 0084 uint8_t block[POLY1305_BLOCK_SIZE]; 0085 unsigned index; 0086 uint8_t nonce[POLY1305_BLOCK_SIZE]; 0087 struct aes128_ctx aes; 0088 }; 0089 0090 /* Also initialize the nonce to zero. */ 0091 void 0092 poly1305_aes_set_key (struct poly1305_aes_ctx *ctx, const uint8_t *key); 0093 0094 /* Optional, if not used, messages get incrementing nonces starting 0095 from zero. */ 0096 void 0097 poly1305_aes_set_nonce (struct poly1305_aes_ctx *ctx, 0098 const uint8_t *nonce); 0099 0100 /* Update is not aes-specific, but since this is the only implemented 0101 variant, we need no more general poly1305_update. */ 0102 void 0103 poly1305_aes_update (struct poly1305_aes_ctx *ctx, size_t length, const uint8_t *data); 0104 0105 /* Also increments the nonce */ 0106 void 0107 poly1305_aes_digest (struct poly1305_aes_ctx *ctx, 0108 size_t length, uint8_t *digest); 0109 0110 #ifdef __cplusplus 0111 } 0112 #endif 0113 0114 #endif /* NETTLE_POLY1305_H_INCLUDED */
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.3.7 LXR engine. The LXR team |
|