diff options
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | aes128-meta.c | 4 | ||||
| -rw-r--r-- | aes192-meta.c | 4 | ||||
| -rw-r--r-- | aes256-meta.c | 4 | ||||
| -rw-r--r-- | arctwo-meta.c | 8 | ||||
| -rw-r--r-- | camellia128-meta.c | 4 | ||||
| -rw-r--r-- | camellia192-meta.c | 4 | ||||
| -rw-r--r-- | camellia256-meta.c | 4 | ||||
| -rw-r--r-- | cast128-meta.c | 4 | ||||
| -rw-r--r-- | cbc.c | 4 | ||||
| -rw-r--r-- | cbc.h | 12 | ||||
| -rw-r--r-- | ctr.c | 2 | ||||
| -rw-r--r-- | ctr.h | 6 | ||||
| -rw-r--r-- | des-compat.c | 8 | ||||
| -rw-r--r-- | eax.c | 16 | ||||
| -rw-r--r-- | eax.h | 24 | ||||
| -rw-r--r-- | examples/nettle-benchmark.c | 4 | ||||
| -rw-r--r-- | examples/nettle-openssl.c | 38 | ||||
| -rw-r--r-- | gcm-aes.c | 2 | ||||
| -rw-r--r-- | gcm.c | 10 | ||||
| -rw-r--r-- | gcm.h | 19 | ||||
| -rw-r--r-- | nettle-internal.c | 70 | ||||
| -rw-r--r-- | nettle-internal.h | 11 | ||||
| -rw-r--r-- | nettle-meta.h | 4 | ||||
| -rw-r--r-- | nettle-types.h | 10 | ||||
| -rw-r--r-- | serpent-meta.c | 4 | ||||
| -rw-r--r-- | testsuite/aes-test.c | 4 | ||||
| -rw-r--r-- | twofish-meta.c | 4 |
28 files changed, 155 insertions, 146 deletions
@@ -1,3 +1,16 @@ +2014-03-18 Niels Möller <nisse@lysator.liu.se> + + * nettle-types.h (nettle_cipher_func): New typedef, similar to + nettle_crypt_func, but with a const context, intended for block + ciphers. + * nettle-meta.h (struct nettle_cipher): Use the nettle_cipher_func + type. + * Many other files affected: aes*-meta.c, camellia*-meta.c, + cast128-meta.c, serpent-meta.c, twofish-meta.c, cbc.[ch], + ctr.[ch], ctr.[ch], des-compat.c, eax.[ch], gcm*.[ch], + nettle-internal.*, testsuite/aes-test.c, + examples/nettle-benchmark.c, examples/nettle-openssl.c. + 2014-03-16 Niels Möller <nisse@lysator.liu.se> * chacha-set-key.c: Include string.h. diff --git a/aes128-meta.c b/aes128-meta.c index 4c72d735..3565babc 100644 --- a/aes128-meta.c +++ b/aes128-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes128 = AES_BLOCK_SIZE, AES128_KEY_SIZE, (nettle_set_key_func *) aes128_set_encrypt_key, (nettle_set_key_func *) aes128_set_decrypt_key, - (nettle_crypt_func *) aes128_encrypt, - (nettle_crypt_func *) aes128_decrypt + (nettle_cipher_func *) aes128_encrypt, + (nettle_cipher_func *) aes128_decrypt }; diff --git a/aes192-meta.c b/aes192-meta.c index 80719249..a900eb86 100644 --- a/aes192-meta.c +++ b/aes192-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes192 = AES_BLOCK_SIZE, AES192_KEY_SIZE, (nettle_set_key_func *) aes192_set_encrypt_key, (nettle_set_key_func *) aes192_set_decrypt_key, - (nettle_crypt_func *) aes192_encrypt, - (nettle_crypt_func *) aes192_decrypt + (nettle_cipher_func *) aes192_encrypt, + (nettle_cipher_func *) aes192_decrypt }; diff --git a/aes256-meta.c b/aes256-meta.c index 7f1e2e1e..7e38a0d2 100644 --- a/aes256-meta.c +++ b/aes256-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes256 = AES_BLOCK_SIZE, AES256_KEY_SIZE, (nettle_set_key_func *) aes256_set_encrypt_key, (nettle_set_key_func *) aes256_set_decrypt_key, - (nettle_crypt_func *) aes256_encrypt, - (nettle_crypt_func *) aes256_decrypt + (nettle_cipher_func *) aes256_encrypt, + (nettle_cipher_func *) aes256_decrypt }; diff --git a/arctwo-meta.c b/arctwo-meta.c index b234a0b6..fec8c0c6 100644 --- a/arctwo-meta.c +++ b/arctwo-meta.c @@ -34,8 +34,8 @@ ARCTWO_BLOCK_SIZE, bits/8, \ (nettle_set_key_func *) arctwo ## bits ## _set_key, \ (nettle_set_key_func *) arctwo ## bits ## _set_key, \ - (nettle_crypt_func *) arctwo_encrypt, \ - (nettle_crypt_func *) arctwo_decrypt, \ + (nettle_cipher_func *) arctwo_encrypt, \ + (nettle_cipher_func *) arctwo_decrypt, \ } const struct nettle_cipher nettle_arctwo40 = ARCTWO(40); @@ -51,6 +51,6 @@ const struct nettle_cipher nettle_arctwo_gutmann128 = ARCTWO_BLOCK_SIZE, 16, (nettle_set_key_func *) arctwo128_set_key_gutmann, (nettle_set_key_func *) arctwo128_set_key_gutmann, - (nettle_crypt_func *) arctwo_encrypt, - (nettle_crypt_func *) arctwo_decrypt, + (nettle_cipher_func *) arctwo_encrypt, + (nettle_cipher_func *) arctwo_decrypt, }; diff --git a/camellia128-meta.c b/camellia128-meta.c index 97748b08..ae9c2cb4 100644 --- a/camellia128-meta.c +++ b/camellia128-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia128 = CAMELLIA_BLOCK_SIZE, CAMELLIA128_KEY_SIZE, (nettle_set_key_func *) camellia128_set_encrypt_key, (nettle_set_key_func *) camellia128_set_decrypt_key, - (nettle_crypt_func *) camellia128_crypt, - (nettle_crypt_func *) camellia128_crypt + (nettle_cipher_func *) camellia128_crypt, + (nettle_cipher_func *) camellia128_crypt }; diff --git a/camellia192-meta.c b/camellia192-meta.c index 62d9b194..d54caa77 100644 --- a/camellia192-meta.c +++ b/camellia192-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia192 = CAMELLIA_BLOCK_SIZE, CAMELLIA192_KEY_SIZE, (nettle_set_key_func *) camellia192_set_encrypt_key, (nettle_set_key_func *) camellia192_set_decrypt_key, - (nettle_crypt_func *) camellia256_crypt, - (nettle_crypt_func *) camellia256_crypt + (nettle_cipher_func *) camellia256_crypt, + (nettle_cipher_func *) camellia256_crypt }; diff --git a/camellia256-meta.c b/camellia256-meta.c index 86d6278b..0413ded0 100644 --- a/camellia256-meta.c +++ b/camellia256-meta.c @@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia256 = CAMELLIA_BLOCK_SIZE, CAMELLIA256_KEY_SIZE, (nettle_set_key_func *) camellia256_set_encrypt_key, (nettle_set_key_func *) camellia256_set_decrypt_key, - (nettle_crypt_func *) camellia256_crypt, - (nettle_crypt_func *) camellia256_crypt + (nettle_cipher_func *) camellia256_crypt, + (nettle_cipher_func *) camellia256_crypt }; diff --git a/cast128-meta.c b/cast128-meta.c index e103d7b3..783b1f4e 100644 --- a/cast128-meta.c +++ b/cast128-meta.c @@ -33,6 +33,6 @@ const struct nettle_cipher nettle_cast128 = CAST128_BLOCK_SIZE, CAST128_KEY_SIZE, (nettle_set_key_func *) cast128_set_key, (nettle_set_key_func *) cast128_set_key, - (nettle_crypt_func *) cast128_encrypt, - (nettle_crypt_func *) cast128_decrypt + (nettle_cipher_func *) cast128_encrypt, + (nettle_cipher_func *) cast128_decrypt }; @@ -37,7 +37,7 @@ #include "nettle-internal.h" void -cbc_encrypt(void *ctx, nettle_crypt_func *f, +cbc_encrypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src) @@ -56,7 +56,7 @@ cbc_encrypt(void *ctx, nettle_crypt_func *f, #define CBC_BUFFER_LIMIT 512 void -cbc_decrypt(void *ctx, nettle_crypt_func *f, +cbc_decrypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src) @@ -37,13 +37,13 @@ extern "C" { #define cbc_decrypt nettle_cbc_decrypt void -cbc_encrypt(void *ctx, nettle_crypt_func *f, +cbc_encrypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); void -cbc_decrypt(void *ctx, nettle_crypt_func *f, +cbc_decrypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *iv, size_t length, uint8_t *dst, const uint8_t *src); @@ -58,16 +58,16 @@ memcpy((ctx)->iv, (data), sizeof((ctx)->iv)) #define CBC_ENCRYPT(self, f, length, dst, src) \ (0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \ : cbc_encrypt((void *) &(self)->ctx, \ - (nettle_crypt_func *) (f), \ + (nettle_cipher_func *) (f), \ sizeof((self)->iv), (self)->iv, \ - (length), (dst), (src))) + (length), (dst), (src))) #define CBC_DECRYPT(self, f, length, dst, src) \ (0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \ : cbc_decrypt((void *) &(self)->ctx, \ - (nettle_crypt_func *) (f), \ + (nettle_cipher_func *) (f), \ sizeof((self)->iv), (self)->iv, \ - (length), (dst), (src))) + (length), (dst), (src))) #ifdef __cplusplus } @@ -40,7 +40,7 @@ #define NBLOCKS 4 void -ctr_crypt(void *ctx, nettle_crypt_func *f, +ctr_crypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *ctr, size_t length, uint8_t *dst, const uint8_t *src) @@ -37,7 +37,7 @@ extern "C" { #define ctr_crypt nettle_ctr_crypt void -ctr_crypt(void *ctx, nettle_crypt_func *f, +ctr_crypt(const void *ctx, nettle_cipher_func *f, size_t block_size, uint8_t *ctr, size_t length, uint8_t *dst, const uint8_t *src); @@ -51,9 +51,9 @@ memcpy((ctx)->ctr, (data), sizeof((ctx)->ctr)) #define CTR_CRYPT(self, f, length, dst, src) \ (0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \ : ctr_crypt((void *) &(self)->ctx, \ - (nettle_crypt_func *) (f), \ + (nettle_cipher_func *) (f), \ sizeof((self)->ctr), (self)->ctr, \ - (length), (dst), (src))) + (length), (dst), (src))) #ifdef __cplusplus } diff --git a/des-compat.c b/des-compat.c index a74386a5..c3048b99 100644 --- a/des-compat.c +++ b/des-compat.c @@ -113,13 +113,13 @@ des_ncbc_encrypt(const_des_cblock *src, des_cblock *dst, long length, switch (enc) { case DES_ENCRYPT: - nettle_cbc_encrypt(ctx, (nettle_crypt_func *) des_encrypt, + nettle_cbc_encrypt(ctx, (nettle_cipher_func *) des_encrypt, DES_BLOCK_SIZE, *iv, length, *dst, *src); break; case DES_DECRYPT: nettle_cbc_decrypt(ctx, - (nettle_crypt_func *) des_decrypt, + (nettle_cipher_func *) des_decrypt, DES_BLOCK_SIZE, *iv, length, *dst, *src); break; @@ -166,12 +166,12 @@ des_ede3_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length, switch (enc) { case DES_ENCRYPT: - nettle_cbc_encrypt(&keys, (nettle_crypt_func *) des_compat_des3_encrypt, + nettle_cbc_encrypt(&keys, (nettle_cipher_func *) des_compat_des3_encrypt, DES_BLOCK_SIZE, *iv, length, *dst, *src); break; case DES_DECRYPT: - nettle_cbc_decrypt(&keys, (nettle_crypt_func *) des_compat_des3_decrypt, + nettle_cbc_decrypt(&keys, (nettle_cipher_func *) des_compat_des3_decrypt, DES_BLOCK_SIZE, *iv, length, *dst, *src); break; @@ -56,7 +56,7 @@ block16_xor (union nettle_block16 *dst, const union nettle_block16 *src) static void omac_update (union nettle_block16 *state, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, const uint8_t *data) { for (; length >= EAX_BLOCK_SIZE; @@ -79,7 +79,7 @@ omac_update (union nettle_block16 *state, const struct eax_key *key, static void omac_final (union nettle_block16 *state, const struct eax_key *key, - void *cipher, nettle_crypt_func *f) + const void *cipher, nettle_cipher_func *f) { block16_xor (state, &key->pad_block); f (cipher, EAX_BLOCK_SIZE, state->b, state->b); @@ -100,7 +100,7 @@ gf2_double (uint8_t *r, const uint8_t *a) } void -eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f) +eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f) { static const union nettle_block16 zero_block; f (cipher, EAX_BLOCK_SIZE, key->pad_block.b, zero_block.b); @@ -111,7 +111,7 @@ eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f) void eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t nonce_length, const uint8_t *nonce) { omac_init (&eax->omac_nonce, 0); @@ -125,7 +125,7 @@ eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key, void eax_update (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t data_length, const uint8_t *data) { omac_update (&eax->omac_data, key, cipher, f, data_length, data); @@ -133,7 +133,7 @@ eax_update (struct eax_ctx *eax, const struct eax_key *key, void eax_encrypt (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src) { ctr_crypt (cipher, f, EAX_BLOCK_SIZE, eax->ctr.b, length, dst, src); @@ -142,7 +142,7 @@ eax_encrypt (struct eax_ctx *eax, const struct eax_key *key, void eax_decrypt (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src) { omac_update (&eax->omac_message, key, cipher, f, length, src); @@ -151,7 +151,7 @@ eax_decrypt (struct eax_ctx *eax, const struct eax_key *key, void eax_digest (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *digest) { assert (length > 0); @@ -71,31 +71,31 @@ struct eax_ctx }; void -eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f); +eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f); void eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t nonce_length, const uint8_t *nonce); void eax_update (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t data_length, const uint8_t *data); void eax_encrypt (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src); void eax_decrypt (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src); void eax_digest (struct eax_ctx *eax, const struct eax_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *digest); /* Put the cipher last, to get cipher-independent offsets for the EAX @@ -107,37 +107,37 @@ eax_digest (struct eax_ctx *eax, const struct eax_key *key, do { \ (set_key)(&(ctx)->cipher, (data)); \ if (0) (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0); \ - eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_crypt_func *) encrypt); \ + eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_cipher_func *) encrypt); \ } while (0) #define EAX_SET_NONCE(ctx, encrypt, length, nonce) \ (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \ : eax_set_nonce (&(ctx)->eax, &(ctx)->key, \ - &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \ + &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (nonce))) #define EAX_UPDATE(ctx, encrypt, length, data) \ (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \ : eax_update (&(ctx)->eax, &(ctx)->key, \ - &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \ + &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (data))) #define EAX_ENCRYPT(ctx, encrypt, length, dst, src) \ (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \ : eax_encrypt (&(ctx)->eax, &(ctx)->key, \ - &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \ + &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) #define EAX_DECRYPT(ctx, encrypt, length, dst, src) \ (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \ : eax_decrypt (&(ctx)->eax, &(ctx)->key, \ - &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \ + &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) #define EAX_DIGEST(ctx, encrypt, length, digest) \ (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \ : eax_digest (&(ctx)->eax, &(ctx)->key, \ - &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \ + &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \ (length), (digest))) struct eax_aes128_ctx EAX_CTX(struct aes128_ctx); diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c index 8a15891a..60ca4f2b 100644 --- a/examples/nettle-benchmark.c +++ b/examples/nettle-benchmark.c @@ -186,7 +186,7 @@ bench_hash(void *arg) struct bench_cipher_info { void *ctx; - nettle_crypt_func *crypt; + nettle_cipher_func *crypt; uint8_t *data; }; @@ -200,7 +200,7 @@ bench_cipher(void *arg) struct bench_cbc_info { void *ctx; - nettle_crypt_func *crypt; + nettle_cipher_func *crypt; uint8_t *data; diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c index a2678363..c1653933 100644 --- a/examples/nettle-openssl.c +++ b/examples/nettle-openssl.c @@ -89,9 +89,9 @@ openssl_aes256_set_decrypt_key(void *ctx, const uint8_t *key) AES_set_decrypt_key(key, 256, ctx); } -static nettle_crypt_func openssl_aes_encrypt; +static nettle_cipher_func openssl_aes_encrypt; static void -openssl_aes_encrypt(void *ctx, size_t length, +openssl_aes_encrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % AES_BLOCK_SIZE)); @@ -104,9 +104,9 @@ openssl_aes_encrypt(void *ctx, size_t length, } } -static nettle_crypt_func openssl_aes_decrypt; +static nettle_cipher_func openssl_aes_decrypt; static void -openssl_aes_decrypt(void *ctx, size_t length, +openssl_aes_decrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % AES_BLOCK_SIZE)); @@ -157,9 +157,9 @@ openssl_bf128_set_key(void *ctx, const uint8_t *key) BF_set_key(ctx, 16, key); } -static nettle_crypt_func openssl_bf_encrypt; +static nettle_cipher_func openssl_bf_encrypt; static void -openssl_bf_encrypt(void *ctx, size_t length, +openssl_bf_encrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % BF_BLOCK)); @@ -172,9 +172,9 @@ openssl_bf_encrypt(void *ctx, size_t length, } } -static nettle_crypt_func openssl_bf_decrypt; +static nettle_cipher_func openssl_bf_decrypt; static void -openssl_bf_decrypt(void *ctx, size_t length, +openssl_bf_decrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % BF_BLOCK)); @@ -210,30 +210,32 @@ openssl_des_set_key(void *ctx, const uint8_t *key) #define DES_BLOCK_SIZE 8 -static nettle_crypt_func openssl_des_encrypt; +static nettle_cipher_func openssl_des_encrypt; static void -openssl_des_encrypt(void *ctx, size_t length, +openssl_des_encrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % DES_BLOCK_SIZE)); while (length) { - DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_ENCRYPT); + DES_ecb_encrypt((void *) src, (void *) dst, + (void *) ctx, DES_ENCRYPT); length -= DES_BLOCK_SIZE; dst += DES_BLOCK_SIZE; src += DES_BLOCK_SIZE; } } -static nettle_crypt_func openssl_des_decrypt; +static nettle_cipher_func openssl_des_decrypt; static void -openssl_des_decrypt(void *ctx, size_t length, +openssl_des_decrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % DES_BLOCK_SIZE)); while (length) { - DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_DECRYPT); + DES_ecb_encrypt((void *) src, (void *) dst, + (void *) ctx, DES_DECRYPT); length -= DES_BLOCK_SIZE; dst += DES_BLOCK_SIZE; src += DES_BLOCK_SIZE; @@ -257,9 +259,9 @@ openssl_cast128_set_key(void *ctx, const uint8_t *key) CAST_set_key(ctx, 16, key); } -static nettle_crypt_func openssl_cast_encrypt; +static nettle_cipher_func openssl_cast_encrypt; static void -openssl_cast_encrypt(void *ctx, size_t length, +openssl_cast_encrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % CAST_BLOCK)); @@ -272,9 +274,9 @@ openssl_cast_encrypt(void *ctx, size_t length, } } -static nettle_crypt_func openssl_cast_decrypt; +static nettle_cipher_func openssl_cast_decrypt; static void -openssl_cast_decrypt(void *ctx, size_t length, +openssl_cast_decrypt(const void *ctx, size_t length, uint8_t *dst, const uint8_t *src) { assert (!(length % CAST_BLOCK)); @@ -34,7 +34,7 @@ gcm_aes_set_key(struct gcm_aes_ctx *ctx, size_t length, const uint8_t *key) { aes_set_encrypt_key (&ctx->cipher, length, key); gcm_set_key (&ctx->key, &ctx->cipher, - (nettle_crypt_func *) aes_encrypt); + (nettle_cipher_func *) aes_encrypt); } void @@ -328,7 +328,7 @@ gcm_gf_mul (union nettle_block16 *x, const union nettle_block16 *table) */ void gcm_set_key(struct gcm_key *key, - void *cipher, nettle_crypt_func *f) + const void *cipher, nettle_cipher_func *f) { /* Middle element if GCM_TABLE_BITS > 0, otherwise the first element */ @@ -427,7 +427,7 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key, } static void -gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f, +gcm_crypt(struct gcm_ctx *ctx, const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src) { uint8_t buffer[GCM_BLOCK_SIZE]; @@ -465,7 +465,7 @@ gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f, void gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src) { assert(ctx->data_size % GCM_BLOCK_SIZE == 0); @@ -478,7 +478,7 @@ gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key, void gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src) { assert(ctx->data_size % GCM_BLOCK_SIZE == 0); @@ -491,7 +491,7 @@ gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, void gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *digest) { uint8_t buffer[GCM_BLOCK_SIZE]; @@ -111,12 +111,9 @@ struct gcm_ctx { uint64_t data_size; }; -/* FIXME: Should use const for the cipher context. Then needs const for - nettle_crypt_func, which also rules out using that abstraction for - arcfour. */ void gcm_set_key(struct gcm_key *key, - void *cipher, nettle_crypt_func *f); + const void *cipher, nettle_cipher_func *f); void gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key, @@ -128,17 +125,17 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key, void gcm_encrypt(struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src); void gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *dst, const uint8_t *src); void gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, - void *cipher, nettle_crypt_func *f, + const void *cipher, nettle_cipher_func *f, size_t length, uint8_t *digest); /* Convenience macrology (not sure how useful it is) */ @@ -152,7 +149,7 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, (set_key)(&(ctx)->cipher, (key)); \ if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0); \ gcm_set_key(&(ctx)->key, &(ctx)->cipher, \ - (nettle_crypt_func *) (encrypt)); \ + (nettle_cipher_func *) (encrypt)); \ } while (0) #define GCM_SET_IV(ctx, length, data) \ @@ -164,19 +161,19 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key, #define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \ (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ : gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ - (nettle_crypt_func *) (encrypt), \ + (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) #define GCM_DECRYPT(ctx, encrypt, length, dst, src) \ (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ : gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ - (nettle_crypt_func *) (encrypt), \ + (nettle_cipher_func *) (encrypt), \ (length), (dst), (src))) #define GCM_DIGEST(ctx, encrypt, length, digest) \ (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \ : gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \ - (nettle_crypt_func *) (encrypt), \ + (nettle_cipher_func *) (encrypt), \ (length), (digest))) struct gcm_aes128_ctx GCM_CTX(struct aes128_ctx); diff --git a/nettle-internal.c b/nettle-internal.c index 96e06f42..639a66ad 100644 --- a/nettle-internal.c +++ b/nettle-internal.c @@ -45,8 +45,8 @@ nettle_des = { DES_BLOCK_SIZE, DES_KEY_SIZE, (nettle_set_key_func *) des_set_key, (nettle_set_key_func *) des_set_key, - (nettle_crypt_func *) des_encrypt, - (nettle_crypt_func *) des_decrypt + (nettle_cipher_func *) des_encrypt, + (nettle_cipher_func *) des_decrypt }; const struct nettle_cipher @@ -55,8 +55,8 @@ nettle_des3 = { DES3_BLOCK_SIZE, DES3_KEY_SIZE, (nettle_set_key_func *) des3_set_key, (nettle_set_key_func *) des3_set_key, - (nettle_crypt_func *) des3_encrypt, - (nettle_crypt_func *) des3_decrypt + (nettle_cipher_func *) des3_encrypt, + (nettle_cipher_func *) des3_decrypt }; /* NOTE: This is not as nice as one might think, as we pretend @@ -67,54 +67,50 @@ nettle_blowfish128 = BLOWFISH_BLOCK_SIZE, BLOWFISH128_KEY_SIZE, (nettle_set_key_func *) blowfish128_set_key, (nettle_set_key_func *) blowfish128_set_key, - (nettle_crypt_func *) blowfish_encrypt, - (nettle_crypt_func *) blowfish_decrypt + (nettle_cipher_func *) blowfish_encrypt, + (nettle_cipher_func *) blowfish_decrypt }; -/* Sets a fix zero iv. For benchmarking only. */ -static void -chacha_set_key_hack(void *ctx, const uint8_t *key) -{ - static const uint8_t nonce[CHACHA_NONCE_SIZE]; - chacha_set_key (ctx, key); - chacha_set_nonce (ctx, nonce); -} -/* Claim zero block size, to classify as a stream cipher. */ -const struct nettle_cipher +const struct nettle_aead nettle_chacha = { "chacha", sizeof(struct chacha_ctx), - 0, CHACHA_KEY_SIZE, - chacha_set_key_hack, chacha_set_key_hack, + CHACHA_BLOCK_SIZE, CHACHA_KEY_SIZE, + CHACHA_NONCE_SIZE, 0, + (nettle_set_key_func *) chacha_set_key, + (nettle_set_key_func *) chacha_set_key, + (nettle_set_key_func *) chacha_set_nonce, + NULL, + (nettle_crypt_func *) chacha_crypt, (nettle_crypt_func *) chacha_crypt, - (nettle_crypt_func *) chacha_crypt + NULL, }; -/* Sets a fix zero iv. For benchmarking only. */ -static void -salsa20_set_key_hack(void *ctx, const uint8_t *key) -{ - static const uint8_t iv[SALSA20_IV_SIZE]; - salsa20_256_set_key (ctx, key); - salsa20_set_iv (ctx, iv); -} - -/* Claim zero block size, to classify as a stream cipher. */ -const struct nettle_cipher +const struct nettle_aead nettle_salsa20 = { "salsa20", sizeof(struct salsa20_ctx), - 0, SALSA20_256_KEY_SIZE, - salsa20_set_key_hack, salsa20_set_key_hack, + SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE, + SALSA20_NONCE_SIZE, 0, + (nettle_set_key_func *) salsa20_256_set_key, + (nettle_set_key_func *) salsa20_256_set_key, + (nettle_set_key_func *) salsa20_set_nonce, + NULL, (nettle_crypt_func *) salsa20_crypt, - (nettle_crypt_func *) salsa20_crypt + (nettle_crypt_func *) salsa20_crypt, + NULL, }; -const struct nettle_cipher +const struct nettle_aead nettle_salsa20r12 = { "salsa20r12", sizeof(struct salsa20_ctx), - 0, SALSA20_256_KEY_SIZE, - salsa20_set_key_hack, salsa20_set_key_hack, + SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE, + SALSA20_NONCE_SIZE, 0, + (nettle_set_key_func*) salsa20_256_set_key, + (nettle_set_key_func*) salsa20_256_set_key, + (nettle_set_key_func*) salsa20_set_nonce, + NULL, + (nettle_crypt_func *) salsa20r12_crypt, (nettle_crypt_func *) salsa20r12_crypt, - (nettle_crypt_func *) salsa20r12_crypt + NULL, }; diff --git a/nettle-internal.h b/nettle-internal.h index d91a81f9..18173681 100644 --- a/nettle-internal.h +++ b/nettle-internal.h @@ -58,21 +58,20 @@ extern const struct nettle_cipher nettle_des3; extern const struct nettle_cipher nettle_blowfish128; -/* For benchmarking only, sets no iv and lies about the block size. */ -extern const struct nettle_cipher nettle_chacha; -extern const struct nettle_cipher nettle_salsa20; -extern const struct nettle_cipher nettle_salsa20r12; - extern const struct nettle_cipher nettle_unified_aes128; extern const struct nettle_cipher nettle_unified_aes192; extern const struct nettle_cipher nettle_unified_aes256; +/* Stream ciphers treated as aead algorithms with no authentication. */ +extern const struct nettle_aead nettle_chacha; +extern const struct nettle_aead nettle_salsa20; +extern const struct nettle_aead nettle_salsa20r12; + /* Glue to openssl, for comparative benchmarking. Code in * examples/nettle-openssl.c. */ extern const struct nettle_cipher nettle_openssl_aes128; extern const struct nettle_cipher nettle_openssl_aes192; extern const struct nettle_cipher nettle_openssl_aes256; -extern const struct nettle_cipher nettle_openssl_arcfour128; extern const struct nettle_cipher nettle_openssl_blowfish128; extern const struct nettle_cipher nettle_openssl_des; extern const struct nettle_cipher nettle_openssl_cast128; diff --git a/nettle-meta.h b/nettle-meta.h index f7b8675f..15a5b22c 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -48,8 +48,8 @@ struct nettle_cipher nettle_set_key_func *set_encrypt_key; nettle_set_key_func *set_decrypt_key; - nettle_crypt_func *encrypt; - nettle_crypt_func *decrypt; + nettle_cipher_func *encrypt; + nettle_cipher_func *decrypt; }; /* null-terminated list of ciphers implemented by this version of nettle */ diff --git a/nettle-types.h b/nettle-types.h index fe3c5246..6ab815f8 100644 --- a/nettle-types.h +++ b/nettle-types.h @@ -54,12 +54,14 @@ typedef void *nettle_realloc_func(void *ctx, void *p, size_t length); /* Ciphers */ typedef void nettle_set_key_func(void *ctx, const uint8_t *key); -/* Uses a void * for cipher contexts. +/* For block ciphers, const context. */ +typedef void nettle_cipher_func(const void *ctx, + size_t length, uint8_t *dst, + const uint8_t *src); - For block ciphers it would make sense with a const void * for the - context, but we use the same typedef for stream ciphers where the - internal state changes during the encryption. */ +/* Uses a void * for cipher contexts. Used for crypt operations where + the internal state changes during the encryption. */ typedef void nettle_crypt_func(void *ctx, size_t length, uint8_t *dst, const uint8_t *src); diff --git a/serpent-meta.c b/serpent-meta.c index 20504f72..14a61dcd 100644 --- a/serpent-meta.c +++ b/serpent-meta.c @@ -35,8 +35,8 @@ SERPENT ## bits ##_KEY_SIZE, \ (nettle_set_key_func *) serpent ## bits ## _set_key, \ (nettle_set_key_func *) serpent ## bits ## _set_key, \ - (nettle_crypt_func *) serpent_encrypt, \ - (nettle_crypt_func *) serpent_decrypt \ + (nettle_cipher_func *) serpent_encrypt, \ + (nettle_cipher_func *) serpent_decrypt \ } const struct nettle_cipher nettle_serpent128 diff --git a/testsuite/aes-test.c b/testsuite/aes-test.c index 9f80319b..57e1eff4 100644 --- a/testsuite/aes-test.c +++ b/testsuite/aes-test.c @@ -91,8 +91,8 @@ unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key) AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE, \ unified_aes ## bits ##_set_encrypt_key, \ unified_aes ## bits ##_set_decrypt_key, \ - (nettle_crypt_func *) aes_encrypt, \ - (nettle_crypt_func *) aes_decrypt, \ + (nettle_cipher_func *) aes_encrypt, \ + (nettle_cipher_func *) aes_decrypt, \ } const struct nettle_cipher nettle_unified_aes128 = UNIFIED_AES(128); diff --git a/twofish-meta.c b/twofish-meta.c index 31e4d020..2675ba52 100644 --- a/twofish-meta.c +++ b/twofish-meta.c @@ -35,8 +35,8 @@ TWOFISH ## bits ## _KEY_SIZE, \ (nettle_set_key_func *) twofish ## bits ## _set_key, \ (nettle_set_key_func *) twofish ## bits ## _set_key, \ - (nettle_crypt_func *) twofish_encrypt, \ - (nettle_crypt_func *) twofish_decrypt \ + (nettle_cipher_func *) twofish_encrypt, \ + (nettle_cipher_func *) twofish_decrypt \ } const struct nettle_cipher nettle_twofish128 |