diff options
author | Niels Möller <nisse@lysator.liu.se> | 2019-05-06 19:36:33 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2019-05-06 19:36:33 +0200 |
commit | ef82f2281f7c2459cd8fafa1e50598069c6a3732 (patch) | |
tree | 48014cf542f58b7d0f2dd8067b88032c17e1683d /siv-cmac-aes256.c | |
parent | 9adb998c95a50e6454a29bcc06b338d3880e6d33 (diff) | |
download | nettle-ef82f2281f7c2459cd8fafa1e50598069c6a3732.tar.gz |
SIV-CMAC mode, based on patch by Nikos Mavrogiannopoulos
This AEAD algorithm provides a way to make nonce-reuse a not critical
issue. That is particular useful to stateless servers that cannot
ensure that the nonce will not repeat. This cipher is used by
draft-ietf-ntp-using-nts-for-ntp-17.
Diffstat (limited to 'siv-cmac-aes256.c')
-rw-r--r-- | siv-cmac-aes256.c | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/siv-cmac-aes256.c b/siv-cmac-aes256.c new file mode 100644 index 00000000..1fb11ab2 --- /dev/null +++ b/siv-cmac-aes256.c @@ -0,0 +1,77 @@ +/* siv-cmac-aes256.c + + AES-SIV, RFC5297 + + Copyright (C) 2017 Nikos Mavrogiannopoulos + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include <assert.h> +#include <string.h> + +#include "aes.h" +#include "siv-cmac.h" +#include "cmac.h" +#include "ctr.h" +#include "memxor.h" +#include "memops.h" +#include "cmac-internal.h" + +void +siv_cmac_aes256_set_key(struct siv_cmac_aes256_ctx *ctx, const uint8_t *key) +{ + siv_cmac_set_key(&ctx->siv_cmac.ctx, &ctx->siv_cmac.cipher, &ctx->siv_cipher, &nettle_aes256, key); +} + +void +siv_cmac_aes256_encrypt_message(struct siv_cmac_aes256_ctx *ctx, + size_t nlength, const uint8_t *nonce, + size_t alength, const uint8_t *adata, + size_t clength, uint8_t *dst, const uint8_t *src) +{ + siv_cmac_encrypt_message(&ctx->siv_cmac.ctx, &ctx->siv_cmac.cipher, + &nettle_aes256, &ctx->siv_cipher, + nlength, nonce, alength, adata, + clength, dst, src); +} + +int +siv_cmac_aes256_decrypt_message(struct siv_cmac_aes256_ctx *ctx, + size_t nlength, const uint8_t *nonce, + size_t alength, const uint8_t *adata, + size_t mlength, uint8_t *dst, const uint8_t *src) +{ + return siv_cmac_decrypt_message(&ctx->siv_cmac.ctx, &ctx->siv_cmac.cipher, + &nettle_aes256, &ctx->siv_cipher, + nlength, nonce, alength, adata, + mlength, dst, src); +} |