diff options
| author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-11-15 12:28:07 +0200 |
|---|---|---|
| committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-11-16 12:52:17 +0200 |
| commit | fcd6da37d55f248d3558ee0ff385b41b866e7ded (patch) | |
| tree | b942fea4e29d43427b4e5c221d8c40455e6b8cfe /src/visibility.c | |
| parent | b95a557a43aeed68ea5e5ce02aca42ee97bfdb3b (diff) | |
| download | libgcrypt-fcd6da37d55f248d3558ee0ff385b41b866e7ded.tar.gz | |
Add new MAC API, initially with HMAC
* cipher/Makefile.am: Add 'mac.c', 'mac-internal.h' and 'mac-hmac.c'.
* cipher/bufhelp.h (buf_eq_const): New.
* cipher/cipher-ccm.c (_gcry_cipher_ccm_tag): Use 'buf_eq_const' for
constant-time compare.
* cipher/mac-hmac.c: New.
* cipher/mac-internal.h: New.
* cipher/mac.c: New.
* doc/gcrypt.texi: Add documentation for MAC API.
* src/gcrypt-int.h [GPG_ERROR_VERSION_NUMBER < 1.13]
(GPG_ERR_MAC_ALGO): New.
* src/gcrypt.h.in (gcry_mac_handle, gcry_mac_hd_t, gcry_mac_algos)
(gcry_mac_flags, gcry_mac_open, gcry_mac_close, gcry_mac_ctl)
(gcry_mac_algo_info, gcry_mac_setkey, gcry_mac_setiv, gcry_mac_write)
(gcry_mac_read, gcry_mac_verify, gcry_mac_get_algo_maclen)
(gcry_mac_get_algo_keylen, gcry_mac_algo_name, gcry_mac_map_name)
(gcry_mac_reset, gcry_mac_test_algo): New.
* src/libgcrypt.def (gcry_mac_open, gcry_mac_close, gcry_mac_ctl)
(gcry_mac_algo_info, gcry_mac_setkey, gcry_mac_setiv, gcry_mac_write)
(gcry_mac_read, gcry_mac_verify, gcry_mac_get_algo_maclen)
(gcry_mac_get_algo_keylen, gcry_mac_algo_name, gcry_mac_map_name): New.
* src/libgcrypt.vers (gcry_mac_open, gcry_mac_close, gcry_mac_ctl)
(gcry_mac_algo_info, gcry_mac_setkey, gcry_mac_setiv, gcry_mac_write)
(gcry_mac_read, gcry_mac_verify, gcry_mac_get_algo_maclen)
(gcry_mac_get_algo_keylen, gcry_mac_algo_name, gcry_mac_map_name): New.
* src/visibility.c (gcry_mac_open, gcry_mac_close, gcry_mac_ctl)
(gcry_mac_algo_info, gcry_mac_setkey, gcry_mac_setiv, gcry_mac_write)
(gcry_mac_read, gcry_mac_verify, gcry_mac_get_algo_maclen)
(gcry_mac_get_algo_keylen, gcry_mac_algo_name, gcry_mac_map_name): New.
* src/visibility.h (gcry_mac_open, gcry_mac_close, gcry_mac_ctl)
(gcry_mac_algo_info, gcry_mac_setkey, gcry_mac_setiv, gcry_mac_write)
(gcry_mac_read, gcry_mac_verify, gcry_mac_get_algo_maclen)
(gcry_mac_get_algo_keylen, gcry_mac_algo_name, gcry_mac_map_name): New.
* tests/basic.c (check_one_mac, check_mac): New.
(main): Call 'check_mac'.
* tests/bench-slope.c (bench_print_header, bench_print_footer): Allow
variable algorithm name width.
(_cipher_bench, hash_bench): Update to above change.
(bench_hash_do_bench): Add 'gcry_md_reset'.
(bench_mac_mode, bench_mac_init, bench_mac_free, bench_mac_do_bench)
(mac_ops, mac_modes, mac_bench_one, _mac_bench, mac_bench): New.
(main): Add 'mac' benchmark options.
* tests/benchmark.c (mac_repetitions, mac_bench): New.
(main): Add 'mac' benchmark options.
--
Add MAC API, with HMAC algorithms. Internally uses HMAC functionality of the
MD module.
[v2]:
- Add documentation for MAC API.
- Change length argument for gcry_mac_read from size_t to size_t* for
returning number of written bytes.
[v3]:
- HMAC algorithm ids start from 101.
- Fix coding style for new files.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'src/visibility.c')
| -rw-r--r-- | src/visibility.c | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/src/visibility.c b/src/visibility.c index 852bdf98..32357461 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -829,6 +829,112 @@ gcry_cipher_get_algo_blklen (int algo) } gcry_error_t +gcry_mac_algo_info (int algo, int what, void *buffer, size_t *nbytes) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_algo_info (algo, what, buffer, nbytes); +} + +const char * +gcry_mac_algo_name (int algorithm) +{ + return _gcry_mac_algo_name (algorithm); +} + +int +gcry_mac_map_name (const char *string) +{ + return _gcry_mac_map_name (string); +} + +unsigned int +gcry_mac_get_algo_maclen (int algo) +{ + return _gcry_mac_get_algo_maclen (algo); +} + +unsigned int +gcry_mac_get_algo_keylen (int algo) +{ + return _gcry_mac_get_algo_keylen (algo); +} + +gcry_error_t +gcry_mac_open (gcry_mac_hd_t *handle, int algo, unsigned int flags, + gcry_ctx_t ctx) +{ + if (!fips_is_operational ()) + { + *handle = NULL; + return gpg_error (fips_not_operational ()); + } + + return _gcry_mac_open (handle, algo, flags, ctx); +} + +void +gcry_mac_close (gcry_mac_hd_t hd) +{ + _gcry_mac_close (hd); +} + +gcry_error_t +gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_setkey (hd, key, keylen); +} + +gcry_error_t +gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv, size_t ivlen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_setiv (hd, iv, ivlen); +} + +gcry_error_t +gcry_mac_write (gcry_mac_hd_t hd, const void *buf, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_write (hd, buf, buflen); +} + +gcry_error_t +gcry_mac_read (gcry_mac_hd_t hd, void *outbuf, size_t *outlen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_read (hd, outbuf, outlen); +} + +gcry_error_t +gcry_mac_verify (gcry_mac_hd_t hd, const void *buf, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_verify (hd, buf, buflen); +} + +gcry_error_t +gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer, size_t buflen) +{ + if (!fips_is_operational ()) + return gpg_error (fips_not_operational ()); + + return _gcry_mac_ctl (h, cmd, buffer, buflen); +} + +gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey) { if (!fips_is_operational ()) |