Add Poly1305 based cipher AEAD mode

* cipher/Makefile.am: Add 'cipher-poly1305.c'. * cipher/cipher-internal.h (gcry_cipher_handle): Add 'u_mode.poly1305'. (_gcry_cipher_poly1305_encrypt, _gcry_cipher_poly1305_decrypt) (_gcry_cipher_poly1305_setiv, _gcry_cipher_poly1305_authenticate) (_gcry_cipher_poly1305_get_tag, _gcry_cipher_poly1305_check_tag): New. * cipher/cipher-poly1305.c: New. * cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey) (cipher_reset, cipher_encrypt, cipher_decrypt, _gcry_cipher_setiv) (_gcry_cipher_authenticate, _gcry_cipher_gettag) (_gcry_cipher_checktag): Handle 'GCRY_CIPHER_MODE_POLY1305'. (cipher_setiv): Move handling of 'GCRY_CIPHER_MODE_GCM' to ... (_gcry_cipher_setiv): ... here, as with other modes. * src/gcrypt.h.in: Add 'GCRY_CIPHER_MODE_POLY1305'. * tests/basic.c (_check_poly1305_cipher, check_poly1305_cipher): New. (check_ciphers): Add Poly1305 check. (check_cipher_modes): Call 'check_poly1305_cipher'. * tests/bench-slope.c (bench_gcm_encrypt_do_bench): Rename to bench_aead_... and take nonce as argument. (bench_gcm_decrypt_do_bench, bench_gcm_authenticate_do_bench): Ditto. (bench_gcm_encrypt_do_bench, bench_gcm_decrypt_do_bench) (bench_gcm_authenticate_do_bench, bench_poly1305_encrypt_do_bench) (bench_poly1305_decrypt_do_bench) (bench_poly1305_authenticate_do_bench, poly1305_encrypt_ops) (poly1305_decrypt_ops, poly1305_authenticate_ops): New. (cipher_modes): Add Poly1305. (cipher_bench_one): Add special handling for Poly1305. -- Patch adds Poly1305 based AEAD cipher mode to libgcrypt. ChaCha20 variant of this mode is proposed for use in TLS and ipsec: https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04 http://tools.ietf.org/html/draft-nir-ipsecme-chacha20-poly1305-02 Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
author: Jussi Kivilinna <jussi.kivilinna@iki.fi> 2014-05-11 12:00:19 +0300
committer: Jussi Kivilinna <jussi.kivilinna@iki.fi> 2014-05-12 20:32:45 +0300
commit: e813958419b0ec4439e6caf07d3b2234cffa2bfa (patch)
tree: 6d50e973040b0f4efbd90ad94c0f4efd81d8d266 /cipher/cipher-internal.h
parent: 73b3b75c2221a6e3bed4117e0a206a1193acd2ed (diff)
download: libgcrypt-e813958419b0ec4439e6caf07d3b2234cffa2bfa.tar.gz
1 files changed, 38 insertions, 0 deletions
diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h
index cdac445f..f6bda668 100644
--- a/cipher/cipher-internal.h
+++ b/cipher/cipher-internal.h
@@ -20,6 +20,9 @@
 #ifndef G10_CIPHER_INTERNAL_H
 #define G10_CIPHER_INTERNAL_H
 
+#include "./poly1305-internal.h"
+
+
 /* The maximum supported size of a block in bytes.  */
 #define MAX_BLOCKSIZE 16
 
@@ -154,6 +157,17 @@ struct gcry_cipher_handle
     } ccm;
 #endif
 
+    /* Mode specific storage for Poly1305 mode. */
+    struct {
+      /* byte counter for AAD and data. */
+      u32 bytecount[2];
+
+      unsigned int aad_finalized:1;
+      unsigned int bytecount_over_limits:1;
+
+      poly1305_context_t ctx;
+    } poly1305;
+
     /* Mode specific storage for CMAC mode. */
     struct {
       unsigned int tag:1; /* Set to 1 if tag has been finalized.  */
@@ -319,4 +333,28 @@ void _gcry_cipher_gcm_setkey
 /*           */   (gcry_cipher_hd_t c);
 
 
+/*-- cipher-poly1305.c --*/
+gcry_err_code_t _gcry_cipher_poly1305_encrypt
+/*           */   (gcry_cipher_hd_t c,
+                   unsigned char *outbuf, size_t outbuflen,
+                   const unsigned char *inbuf, size_t inbuflen);
+gcry_err_code_t _gcry_cipher_poly1305_decrypt
+/*           */   (gcry_cipher_hd_t c,
+                   unsigned char *outbuf, size_t outbuflen,
+                   const unsigned char *inbuf, size_t inbuflen);
+gcry_err_code_t _gcry_cipher_poly1305_setiv
+/*           */   (gcry_cipher_hd_t c,
+                   const unsigned char *iv, size_t ivlen);
+gcry_err_code_t _gcry_cipher_poly1305_authenticate
+/*           */   (gcry_cipher_hd_t c,
+                   const unsigned char *aadbuf, size_t aadbuflen);
+gcry_err_code_t _gcry_cipher_poly1305_get_tag
+/*           */   (gcry_cipher_hd_t c,
+                   unsigned char *outtag, size_t taglen);
+gcry_err_code_t _gcry_cipher_poly1305_check_tag
+/*           */   (gcry_cipher_hd_t c,
+                   const unsigned char *intag, size_t taglen);
+void _gcry_cipher_poly1305_setkey
+/*           */   (gcry_cipher_hd_t c);
+
 #endif /*G10_CIPHER_INTERNAL_H*/
author	Jussi Kivilinna <jussi.kivilinna@iki.fi>	2014-05-11 12:00:19 +0300
committer	Jussi Kivilinna <jussi.kivilinna@iki.fi>	2014-05-12 20:32:45 +0300
commit	e813958419b0ec4439e6caf07d3b2234cffa2bfa (patch)
tree	6d50e973040b0f4efbd90ad94c0f4efd81d8d266 /cipher/cipher-internal.h
parent	73b3b75c2221a6e3bed4117e0a206a1193acd2ed (diff)
download	libgcrypt-e813958419b0ec4439e6caf07d3b2234cffa2bfa.tar.gz