diff options
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | umac-internal.h | 41 | ||||
-rw-r--r-- | umac-l2.c | 24 | ||||
-rw-r--r-- | umac-l3.c | 4 | ||||
-rw-r--r-- | umac-nh-n.c | 4 | ||||
-rw-r--r-- | umac-nh.c | 2 | ||||
-rw-r--r-- | umac-poly128.c | 2 | ||||
-rw-r--r-- | umac-poly64.c | 2 | ||||
-rw-r--r-- | umac-set-key.c | 10 | ||||
-rw-r--r-- | umac128.c | 18 | ||||
-rw-r--r-- | umac32.c | 16 | ||||
-rw-r--r-- | umac64.c | 22 | ||||
-rw-r--r-- | umac96.c | 18 |
13 files changed, 77 insertions, 87 deletions
@@ -10,6 +10,7 @@ * poly1305-internal.h: Likewise. * salsa20-internal.h: Likewise. * sha3-internal.h: Likewise. + * umac-internal.h: Likewise. 2020-11-26 Niels Möller <nisse@lysator.liu.se> diff --git a/umac-internal.h b/umac-internal.h index 1d2cc091..b07a7043 100644 --- a/umac-internal.h +++ b/umac-internal.h @@ -36,24 +36,13 @@ #include "nettle-types.h" -#define _umac_set_key _nettle_umac_set_key -#define _umac_nh _nettle_umac_nh -#define _umac_nh_n _nettle_umac_nh_n -#define _umac_poly64 _nettle_umac_poly64 -#define _umac_poly128 _nettle_umac_poly128 -#define _umac_l2_init _nettle_umac_l2_init -#define _umac_l2 _nettle_umac_l2 -#define _umac_l2_final _nettle_umac_l2_final -#define _umac_l3_init _nettle_umac_l3_init -#define _umac_l3 _nettle_umac_l3 - void -_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, - uint64_t *l3_key1, uint32_t *l3_key2, - struct aes128_ctx *pad, const uint8_t *key, unsigned n); +_nettle_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, + uint64_t *l3_key1, uint32_t *l3_key2, + struct aes128_ctx *pad, const uint8_t *key, unsigned n); uint64_t -_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg); +_nettle_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg); /* Equivalent to @@ -63,33 +52,33 @@ _umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg); but processing input only once. */ void -_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, - unsigned length, const uint8_t *msg); +_nettle_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, + unsigned length, const uint8_t *msg); /* Returns y*k + m (mod p), including "marker" processing. Return value is *not* in canonical representation, and must be normalized before the output is used. */ uint64_t -_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m); +_nettle_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m); void -_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml); +_nettle_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml); void -_umac_l2_init (unsigned size, uint32_t *k); +_nettle_umac_l2_init (unsigned size, uint32_t *k); void -_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count, const uint64_t *m); +_nettle_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count, const uint64_t *m); void -_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count); +_nettle_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count); void -_umac_l3_init (unsigned size, uint64_t *k); +_nettle_umac_l3_init (unsigned size, uint64_t *k); uint32_t -_umac_l3 (const uint64_t *key, const uint64_t *m); +_nettle_umac_l3 (const uint64_t *key, const uint64_t *m); #endif /* NETTLE_UMAC_INTERNAL_H_INCLUDED */ @@ -53,7 +53,7 @@ #endif void -_umac_l2_init (unsigned size, uint32_t *k) +_nettle_umac_l2_init (unsigned size, uint32_t *k) { unsigned i; for (i = 0; i < size; i++) @@ -65,8 +65,8 @@ _umac_l2_init (unsigned size, uint32_t *k) } void -_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count, const uint64_t *m) +_nettle_umac_l2(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count, const uint64_t *m) { uint64_t *prev = state + 2*n; unsigned i; @@ -76,12 +76,12 @@ _umac_l2(const uint32_t *key, uint64_t *state, unsigned n, else if (count == 1) for (i = 0; i < n; i++, key += 6) { - uint64_t y = _umac_poly64 (key[0], key[1], 1, prev[i]); - state[2*i+1] = _umac_poly64 (key[0], key[1], y, m[i]); + uint64_t y = _nettle_umac_poly64 (key[0], key[1], 1, prev[i]); + state[2*i+1] = _nettle_umac_poly64 (key[0], key[1], y, m[i]); } else if (count < UMAC_POLY64_BLOCKS) for (i = 0; i < n; i++, key += 6) - state[2*i+1] = _umac_poly64 (key[0], key[1], state[2*i+1], m[i]); + state[2*i+1] = _nettle_umac_poly64 (key[0], key[1], state[2*i+1], m[i]); else if (count % 2 == 0) { if (count == UMAC_POLY64_BLOCKS) @@ -93,18 +93,18 @@ _umac_l2(const uint32_t *key, uint64_t *state, unsigned n, state[2*i] = 0; state[2*i+1] = 1; - _umac_poly128 (key, state + 2*i, 0, y); + _nettle_umac_poly128 (key, state + 2*i, 0, y); } memcpy (prev, m, n * sizeof(*m)); } else for (i = 0, key += 2; i < n; i++, key += 6) - _umac_poly128 (key, state + 2*i, prev[i], m[i]); + _nettle_umac_poly128 (key, state + 2*i, prev[i], m[i]); } void -_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, - uint64_t count) +_nettle_umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, + uint64_t count) { uint64_t *prev = state + 2*n; unsigned i; @@ -132,10 +132,10 @@ _umac_l2_final(const uint32_t *key, uint64_t *state, unsigned n, uint64_t pad = (uint64_t) 1 << 63; if (count % 2 == 1) for (i = 0, key += 2; i < n; i++, key += 6) - _umac_poly128 (key, state + 2*i, prev[i], pad); + _nettle_umac_poly128 (key, state + 2*i, prev[i], pad); else for (i = 0, key += 2; i < n; i++, key += 6) - _umac_poly128 (key, state + 2*i, pad, 0); + _nettle_umac_poly128 (key, state + 2*i, pad, 0); for (i = 0; i < n; i++, state += 2) { @@ -56,7 +56,7 @@ #endif void -_umac_l3_init (unsigned size, uint64_t *k) +_nettle_umac_l3_init (unsigned size, uint64_t *k) { unsigned i; for (i = 0; i < size; i++) @@ -83,7 +83,7 @@ umac_l3_word (const uint64_t *k, uint64_t w) } uint32_t -_umac_l3 (const uint64_t *key, const uint64_t *m) +_nettle_umac_l3 (const uint64_t *key, const uint64_t *m) { uint32_t y = (umac_l3_word (key, m[0]) + umac_l3_word (key + 4, m[1])) % P; diff --git a/umac-nh-n.c b/umac-nh-n.c index 7c399897..0932112a 100644 --- a/umac-nh-n.c +++ b/umac-nh-n.c @@ -49,8 +49,8 @@ _nettle_umac_nh_n_c (uint64_t *out, unsigned n, const uint32_t *key, #endif void -_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, - unsigned length, const uint8_t *msg) +_nettle_umac_nh_n (uint64_t *out, unsigned n, const uint32_t *key, + unsigned length, const uint8_t *msg) { assert (length > 0); assert (length <= 1024); @@ -47,7 +47,7 @@ _nettle_umac_nh_c (const uint32_t *key, unsigned length, const uint8_t *msg); #endif uint64_t -_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg) +_nettle_umac_nh (const uint32_t *key, unsigned length, const uint8_t *msg) { uint64_t y; diff --git a/umac-poly128.c b/umac-poly128.c index 1049b909..3bf95f4c 100644 --- a/umac-poly128.c +++ b/umac-poly128.c @@ -105,7 +105,7 @@ poly128_mul (const uint32_t *k, uint64_t *y) } void -_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml) +_nettle_umac_poly128 (const uint32_t *k, uint64_t *y, uint64_t mh, uint64_t ml) { uint64_t yh, yl, cy; diff --git a/umac-poly64.c b/umac-poly64.c index 11137cb5..345d2bde 100644 --- a/umac-poly64.c +++ b/umac-poly64.c @@ -63,7 +63,7 @@ poly64_mul (uint32_t kh, uint32_t kl, uint64_t y) } uint64_t -_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m) +_nettle_umac_poly64 (uint32_t kh, uint32_t kl, uint64_t y, uint64_t m) { if ( (m >> 32) == 0xffffffff) { diff --git a/umac-set-key.c b/umac-set-key.c index 24aa390b..9f7464f0 100644 --- a/umac-set-key.c +++ b/umac-set-key.c @@ -78,9 +78,9 @@ umac_kdf (struct aes128_ctx *aes, unsigned index, unsigned length, uint8_t *dst) #endif void -_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, - uint64_t *l3_key1, uint32_t *l3_key2, - struct aes128_ctx *aes, const uint8_t *key, unsigned n) +_nettle_umac_set_key (uint32_t *l1_key, uint32_t *l2_key, + uint64_t *l3_key1, uint32_t *l3_key2, + struct aes128_ctx *aes, const uint8_t *key, unsigned n) { unsigned size; uint8_t buffer[UMAC_KEY_SIZE]; @@ -93,11 +93,11 @@ _umac_set_key (uint32_t *l1_key, uint32_t *l2_key, size = 6*n; umac_kdf (aes, 2, size * sizeof(uint32_t), (uint8_t *) l2_key); - _umac_l2_init (size, l2_key); + _nettle_umac_l2_init (size, l2_key); size = 8*n; umac_kdf (aes, 3, size * sizeof(uint64_t), (uint8_t *) l3_key1); - _umac_l3_init (size, l3_key1); + _nettle_umac_l3_init (size, l3_key1); /* No need to byteswap these subkeys. */ umac_kdf (aes, 4, n * sizeof(uint32_t), (uint8_t *) l3_key2); @@ -44,8 +44,8 @@ void umac128_set_key (struct umac128_ctx *ctx, const uint8_t *key) { - _umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, - &ctx->pdf_key, key, 4); + _nettle_umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, + &ctx->pdf_key, key, 4); /* Clear nonce */ memset (ctx->nonce, 0, sizeof(ctx->nonce)); @@ -70,12 +70,12 @@ umac128_set_nonce (struct umac128_ctx *ctx, #define UMAC128_BLOCK(ctx, block) do { \ uint64_t __umac128_y[4]; \ - _umac_nh_n (__umac128_y, 4, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ + _nettle_umac_nh_n (__umac128_y, 4, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ __umac128_y[0] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[1] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[2] += 8*UMAC_BLOCK_SIZE; \ __umac128_y[3] += 8*UMAC_BLOCK_SIZE; \ - _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, __umac128_y); \ + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, __umac128_y); \ } while (0) void @@ -103,12 +103,12 @@ umac128_digest (struct umac128_ctx *ctx, unsigned pad = (ctx->index > 0) ? 31 & - ctx->index : 32; memset (ctx->block + ctx->index, 0, pad); - _umac_nh_n (y, 4, ctx->l1_key, ctx->index + pad, ctx->block); + _nettle_umac_nh_n (y, 4, ctx->l1_key, ctx->index + pad, ctx->block); y[0] += 8 * ctx->index; y[1] += 8 * ctx->index; y[2] += 8 * ctx->index; y[3] += 8 * ctx->index; - _umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, y); + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 4, ctx->count++, y); } assert (ctx->count > 0); @@ -117,10 +117,10 @@ umac128_digest (struct umac128_ctx *ctx, INCREMENT (ctx->nonce_length, ctx->nonce); - _umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count); + _nettle_umac_l2_final (ctx->l2_key, ctx->l2_state, 4, ctx->count); for (i = 0; i < 4; i++) - tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i, - ctx->l2_state + 2*i); + tag[i] ^= ctx->l3_key2[i] ^ _nettle_umac_l3 (ctx->l3_key1 + 8*i, + ctx->l2_state + 2*i); memcpy (digest, tag, length); @@ -44,8 +44,8 @@ void umac32_set_key (struct umac32_ctx *ctx, const uint8_t *key) { - _umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, - &ctx->pdf_key, key, 1); + _nettle_umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, + &ctx->pdf_key, key, 1); /* Clear nonce */ memset (ctx->nonce, 0, sizeof(ctx->nonce)); @@ -73,9 +73,9 @@ umac32_set_nonce (struct umac32_ctx *ctx, #define UMAC32_BLOCK(ctx, block) do { \ uint64_t __umac32_y \ - = _umac_nh (ctx->l1_key, UMAC_BLOCK_SIZE, block) \ + = _nettle_umac_nh (ctx->l1_key, UMAC_BLOCK_SIZE, block) \ + 8*UMAC_BLOCK_SIZE ; \ - _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &__umac32_y); \ + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &__umac32_y); \ } while (0) void @@ -102,9 +102,9 @@ umac32_digest (struct umac32_ctx *ctx, unsigned pad = (ctx->index > 0) ? 31 & - ctx->index : 32; memset (ctx->block + ctx->index, 0, pad); - y = _umac_nh (ctx->l1_key, ctx->index + pad, ctx->block) + y = _nettle_umac_nh (ctx->l1_key, ctx->index + pad, ctx->block) + 8 * ctx->index; - _umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &y); + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 1, ctx->count++, &y); } assert (ctx->count > 0); if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED)) @@ -129,8 +129,8 @@ umac32_digest (struct umac32_ctx *ctx, INCREMENT (i, ctx->nonce); } - _umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count); - pad ^= ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, ctx->l2_state); + _nettle_umac_l2_final (ctx->l2_key, ctx->l2_state, 1, ctx->count); + pad ^= ctx->l3_key2[0] ^ _nettle_umac_l3 (ctx->l3_key1, ctx->l2_state); memcpy (digest, &pad, length); /* Reinitialize */ @@ -44,8 +44,8 @@ void umac64_set_key (struct umac64_ctx *ctx, const uint8_t *key) { - _umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, - &ctx->pdf_key, key, 2); + _nettle_umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, + &ctx->pdf_key, key, 2); /* Clear nonce */ memset (ctx->nonce, 0, sizeof(ctx->nonce)); @@ -73,10 +73,10 @@ umac64_set_nonce (struct umac64_ctx *ctx, #define UMAC64_BLOCK(ctx, block) do { \ uint64_t __umac64_y[2]; \ - _umac_nh_n (__umac64_y, 2, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ + _nettle_umac_nh_n (__umac64_y, 2, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ __umac64_y[0] += 8*UMAC_BLOCK_SIZE; \ __umac64_y[1] += 8*UMAC_BLOCK_SIZE; \ - _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, __umac64_y); \ + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, __umac64_y); \ } while (0) void @@ -104,10 +104,10 @@ umac64_digest (struct umac64_ctx *ctx, unsigned pad = (ctx->index > 0) ? 31 & - ctx->index : 32; memset (ctx->block + ctx->index, 0, pad); - _umac_nh_n (y, 2, ctx->l1_key, ctx->index + pad, ctx->block); + _nettle_umac_nh_n (y, 2, ctx->l1_key, ctx->index + pad, ctx->block); y[0] += 8 * ctx->index; y[1] += 8 * ctx->index; - _umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, y); + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 2, ctx->count++, y); } assert (ctx->count > 0); if ( !(ctx->nonce_low & _UMAC_NONCE_CACHED)) @@ -131,11 +131,11 @@ umac64_digest (struct umac64_ctx *ctx, INCREMENT (i, ctx->nonce); } - _umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count); - tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _umac_l3 (ctx->l3_key1, - ctx->l2_state); - tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _umac_l3 (ctx->l3_key1 + 8, - ctx->l2_state + 2); + _nettle_umac_l2_final (ctx->l2_key, ctx->l2_state, 2, ctx->count); + tag[0] = pad[0] ^ ctx->l3_key2[0] ^ _nettle_umac_l3 (ctx->l3_key1, + ctx->l2_state); + tag[1] = pad[1] ^ ctx->l3_key2[1] ^ _nettle_umac_l3 (ctx->l3_key1 + 8, + ctx->l2_state + 2); memcpy (digest, tag, length); /* Reinitialize */ @@ -44,8 +44,8 @@ void umac96_set_key (struct umac96_ctx *ctx, const uint8_t *key) { - _umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, - &ctx->pdf_key, key, 3); + _nettle_umac_set_key (ctx->l1_key, ctx->l2_key, ctx->l3_key1, ctx->l3_key2, + &ctx->pdf_key, key, 3); /* Clear nonce */ memset (ctx->nonce, 0, sizeof(ctx->nonce)); @@ -70,11 +70,11 @@ umac96_set_nonce (struct umac96_ctx *ctx, #define UMAC96_BLOCK(ctx, block) do { \ uint64_t __umac96_y[3]; \ - _umac_nh_n (__umac96_y, 3, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ + _nettle_umac_nh_n (__umac96_y, 3, ctx->l1_key, UMAC_BLOCK_SIZE, block); \ __umac96_y[0] += 8*UMAC_BLOCK_SIZE; \ __umac96_y[1] += 8*UMAC_BLOCK_SIZE; \ __umac96_y[2] += 8*UMAC_BLOCK_SIZE; \ - _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, __umac96_y); \ + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, __umac96_y); \ } while (0) void @@ -102,11 +102,11 @@ umac96_digest (struct umac96_ctx *ctx, unsigned pad = (ctx->index > 0) ? 31 & - ctx->index : 32; memset (ctx->block + ctx->index, 0, pad); - _umac_nh_n (y, 3, ctx->l1_key, ctx->index + pad, ctx->block); + _nettle_umac_nh_n (y, 3, ctx->l1_key, ctx->index + pad, ctx->block); y[0] += 8 * ctx->index; y[1] += 8 * ctx->index; y[2] += 8 * ctx->index; - _umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, y); + _nettle_umac_l2 (ctx->l2_key, ctx->l2_state, 3, ctx->count++, y); } assert (ctx->count > 0); @@ -115,10 +115,10 @@ umac96_digest (struct umac96_ctx *ctx, INCREMENT (ctx->nonce_length, ctx->nonce); - _umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count); + _nettle_umac_l2_final (ctx->l2_key, ctx->l2_state, 3, ctx->count); for (i = 0; i < 3; i++) - tag[i] ^= ctx->l3_key2[i] ^ _umac_l3 (ctx->l3_key1 + 8*i, - ctx->l2_state + 2*i); + tag[i] ^= ctx->l3_key2[i] ^ _nettle_umac_l3 (ctx->l3_key1 + 8*i, + ctx->l2_state + 2*i); memcpy (digest, tag, length); |