diff --git a/ChangeLog b/ChangeLog
index ac76f040657a31281693b44fea773ce05c510a50..28d2a750a650a7b3ace453b92bd0cee3ee2088df 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2014-03-18 Niels Möller <nisse@lysator.liu.se>
+
+ * nettle-types.h (nettle_cipher_func): New typedef, similar to
+ nettle_crypt_func, but with a const context, intended for block
+ ciphers.
+ * nettle-meta.h (struct nettle_cipher): Use the nettle_cipher_func
+ type.
+ * Many other files affected: aes*-meta.c, camellia*-meta.c,
+ cast128-meta.c, serpent-meta.c, twofish-meta.c, cbc.[ch],
+ ctr.[ch], ctr.[ch], des-compat.c, eax.[ch], gcm*.[ch],
+ nettle-internal.*, testsuite/aes-test.c,
+ examples/nettle-benchmark.c, examples/nettle-openssl.c.
+
2014-03-16 Niels Möller <nisse@lysator.liu.se>
* chacha-set-key.c: Include string.h.
diff --git a/aes128-meta.c b/aes128-meta.c
index 4c72d735fbe2d665e4bac25d87245236deb7e323..3565babc8adbfdf37874a5840bc2cc7e894de9b1 100644
--- a/aes128-meta.c
+++ b/aes128-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes128 =
AES_BLOCK_SIZE, AES128_KEY_SIZE,
(nettle_set_key_func *) aes128_set_encrypt_key,
(nettle_set_key_func *) aes128_set_decrypt_key,
- (nettle_crypt_func *) aes128_encrypt,
- (nettle_crypt_func *) aes128_decrypt
+ (nettle_cipher_func *) aes128_encrypt,
+ (nettle_cipher_func *) aes128_decrypt
};
diff --git a/aes192-meta.c b/aes192-meta.c
index 807192491751ce8be3d7be3034ef49786990b9f6..a900eb860fdc0fa7142daead75e15c9ab3b6063c 100644
--- a/aes192-meta.c
+++ b/aes192-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes192 =
AES_BLOCK_SIZE, AES192_KEY_SIZE,
(nettle_set_key_func *) aes192_set_encrypt_key,
(nettle_set_key_func *) aes192_set_decrypt_key,
- (nettle_crypt_func *) aes192_encrypt,
- (nettle_crypt_func *) aes192_decrypt
+ (nettle_cipher_func *) aes192_encrypt,
+ (nettle_cipher_func *) aes192_decrypt
};
diff --git a/aes256-meta.c b/aes256-meta.c
index 7f1e2e1ef028727d0cc367666fcfd3c1d3fba9de..7e38a0d29ef624fd7123f72c1d15206c480b786f 100644
--- a/aes256-meta.c
+++ b/aes256-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes256 =
AES_BLOCK_SIZE, AES256_KEY_SIZE,
(nettle_set_key_func *) aes256_set_encrypt_key,
(nettle_set_key_func *) aes256_set_decrypt_key,
- (nettle_crypt_func *) aes256_encrypt,
- (nettle_crypt_func *) aes256_decrypt
+ (nettle_cipher_func *) aes256_encrypt,
+ (nettle_cipher_func *) aes256_decrypt
};
diff --git a/arctwo-meta.c b/arctwo-meta.c
index b234a0b6307850c81b5dbff5759f889a76743cb0..fec8c0c640dbd42f665678813bb244175ba89d48 100644
--- a/arctwo-meta.c
+++ b/arctwo-meta.c
@@ -34,8 +34,8 @@
ARCTWO_BLOCK_SIZE, bits/8, \
(nettle_set_key_func *) arctwo ## bits ## _set_key, \
(nettle_set_key_func *) arctwo ## bits ## _set_key, \
- (nettle_crypt_func *) arctwo_encrypt, \
- (nettle_crypt_func *) arctwo_decrypt, \
+ (nettle_cipher_func *) arctwo_encrypt, \
+ (nettle_cipher_func *) arctwo_decrypt, \
}
const struct nettle_cipher nettle_arctwo40
= ARCTWO(40);
@@ -51,6 +51,6 @@ const struct nettle_cipher nettle_arctwo_gutmann128 =
ARCTWO_BLOCK_SIZE, 16,
(nettle_set_key_func *) arctwo128_set_key_gutmann,
(nettle_set_key_func *) arctwo128_set_key_gutmann,
- (nettle_crypt_func *) arctwo_encrypt,
- (nettle_crypt_func *) arctwo_decrypt,
+ (nettle_cipher_func *) arctwo_encrypt,
+ (nettle_cipher_func *) arctwo_decrypt,
};
diff --git a/camellia128-meta.c b/camellia128-meta.c
index 97748b0874536d4726455bcd0af169b61f5104af..ae9c2cb4fccc621872d97cb143005edc45c91605 100644
--- a/camellia128-meta.c
+++ b/camellia128-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia128 =
CAMELLIA_BLOCK_SIZE, CAMELLIA128_KEY_SIZE,
(nettle_set_key_func *) camellia128_set_encrypt_key,
(nettle_set_key_func *) camellia128_set_decrypt_key,
- (nettle_crypt_func *) camellia128_crypt,
- (nettle_crypt_func *) camellia128_crypt
+ (nettle_cipher_func *) camellia128_crypt,
+ (nettle_cipher_func *) camellia128_crypt
};
diff --git a/camellia192-meta.c b/camellia192-meta.c
index 62d9b194fb356f1d893141f16c97f8a8ea23cdad..d54caa776ea14a5883d6161e47ff89b61fa60ef5 100644
--- a/camellia192-meta.c
+++ b/camellia192-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia192 =
CAMELLIA_BLOCK_SIZE, CAMELLIA192_KEY_SIZE,
(nettle_set_key_func *) camellia192_set_encrypt_key,
(nettle_set_key_func *) camellia192_set_decrypt_key,
- (nettle_crypt_func *) camellia256_crypt,
- (nettle_crypt_func *) camellia256_crypt
+ (nettle_cipher_func *) camellia256_crypt,
+ (nettle_cipher_func *) camellia256_crypt
};
diff --git a/camellia256-meta.c b/camellia256-meta.c
index 86d6278bbee476eb393a3aea88a02e82eabba06b..0413ded0d38478189fe1174ac4f85f0c85ae6b08 100644
--- a/camellia256-meta.c
+++ b/camellia256-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia256 =
CAMELLIA_BLOCK_SIZE, CAMELLIA256_KEY_SIZE,
(nettle_set_key_func *) camellia256_set_encrypt_key,
(nettle_set_key_func *) camellia256_set_decrypt_key,
- (nettle_crypt_func *) camellia256_crypt,
- (nettle_crypt_func *) camellia256_crypt
+ (nettle_cipher_func *) camellia256_crypt,
+ (nettle_cipher_func *) camellia256_crypt
};
diff --git a/cast128-meta.c b/cast128-meta.c
index e103d7b33e93347b95e176641aaccc00836ad77e..783b1f4e26f0867a1d239f841f17440ceb1c0b67 100644
--- a/cast128-meta.c
+++ b/cast128-meta.c
@@ -33,6 +33,6 @@ const struct nettle_cipher nettle_cast128 =
CAST128_BLOCK_SIZE, CAST128_KEY_SIZE,
(nettle_set_key_func *) cast128_set_key,
(nettle_set_key_func *) cast128_set_key,
- (nettle_crypt_func *) cast128_encrypt,
- (nettle_crypt_func *) cast128_decrypt
+ (nettle_cipher_func *) cast128_encrypt,
+ (nettle_cipher_func *) cast128_decrypt
};
diff --git a/cbc.c b/cbc.c
index 16edd4dd6188740ec34341b23dead47017d301b9..3804635d2f43a7888650df141888e37f75803fe3 100644
--- a/cbc.c
+++ b/cbc.c
@@ -37,7 +37,7 @@
#include "nettle-internal.h"
void
-cbc_encrypt(void *ctx, nettle_crypt_func *f,
+cbc_encrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src)
@@ -56,7 +56,7 @@ cbc_encrypt(void *ctx, nettle_crypt_func *f,
#define CBC_BUFFER_LIMIT 512
void
-cbc_decrypt(void *ctx, nettle_crypt_func *f,
+cbc_decrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src)
diff --git a/cbc.h b/cbc.h
index eb01239c563ea1292dfaafe9515d90b2dced05a9..0c52188b06c8a0edfe0c2bb8e4a28dfd77107ede 100644
--- a/cbc.h
+++ b/cbc.h
@@ -37,13 +37,13 @@ extern "C" {
#define cbc_decrypt nettle_cbc_decrypt
void
-cbc_encrypt(void *ctx, nettle_crypt_func *f,
+cbc_encrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src);
void
-cbc_decrypt(void *ctx, nettle_crypt_func *f,
+cbc_decrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src);
@@ -58,16 +58,16 @@ memcpy((ctx)->iv, (data), sizeof((ctx)->iv))
#define CBC_ENCRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
: cbc_encrypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#define CBC_DECRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
: cbc_decrypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#ifdef __cplusplus
}
diff --git a/ctr.c b/ctr.c
index 80a072b4aa1d02563fac798eb0ae0d9d5930c624..38d54a3f121b5c95d003b79390f353ef4048fe65 100644
--- a/ctr.c
+++ b/ctr.c
@@ -40,7 +40,7 @@
#define NBLOCKS 4
void
-ctr_crypt(void *ctx, nettle_crypt_func *f,
+ctr_crypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *ctr,
size_t length, uint8_t *dst,
const uint8_t *src)
diff --git a/ctr.h b/ctr.h
index 14d520d3171bcca00e4a0cd3814bc1fe9d40aa8c..5746060b883873ee0e1f3d714ac0a419c19a5a8f 100644
--- a/ctr.h
+++ b/ctr.h
@@ -37,7 +37,7 @@ extern "C" {
#define ctr_crypt nettle_ctr_crypt
void
-ctr_crypt(void *ctx, nettle_crypt_func *f,
+ctr_crypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *ctr,
size_t length, uint8_t *dst,
const uint8_t *src);
@@ -51,9 +51,9 @@ memcpy((ctx)->ctr, (data), sizeof((ctx)->ctr))
#define CTR_CRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \
: ctr_crypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->ctr), (self)->ctr, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#ifdef __cplusplus
}
diff --git a/des-compat.c b/des-compat.c
index a74386a5f449c47cb5e9d009497c030fbd33d1d0..c3048b99fbbea46f7541c018fab81959ccfdec9e 100644
--- a/des-compat.c
+++ b/des-compat.c
@@ -113,13 +113,13 @@ des_ncbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
switch (enc)
{
case DES_ENCRYPT:
- nettle_cbc_encrypt(ctx, (nettle_crypt_func *) des_encrypt,
+ nettle_cbc_encrypt(ctx, (nettle_cipher_func *) des_encrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
case DES_DECRYPT:
nettle_cbc_decrypt(ctx,
- (nettle_crypt_func *) des_decrypt,
+ (nettle_cipher_func *) des_decrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
@@ -166,12 +166,12 @@ des_ede3_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
switch (enc)
{
case DES_ENCRYPT:
- nettle_cbc_encrypt(&keys, (nettle_crypt_func *) des_compat_des3_encrypt,
+ nettle_cbc_encrypt(&keys, (nettle_cipher_func *) des_compat_des3_encrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
case DES_DECRYPT:
- nettle_cbc_decrypt(&keys, (nettle_crypt_func *) des_compat_des3_decrypt,
+ nettle_cbc_decrypt(&keys, (nettle_cipher_func *) des_compat_des3_decrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
diff --git a/eax.c b/eax.c
index 970ebbd3a13c8f579abdfc73d2d37fac123ff1bd..dce7dd91339ca598e95a99ac8b95b9517d6d610a 100644
--- a/eax.c
+++ b/eax.c
@@ -56,7 +56,7 @@ block16_xor (union nettle_block16 *dst, const union nettle_block16 *src)
static void
omac_update (union nettle_block16 *state, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, const uint8_t *data)
{
for (; length >= EAX_BLOCK_SIZE;
@@ -79,7 +79,7 @@ omac_update (union nettle_block16 *state, const struct eax_key *key,
static void
omac_final (union nettle_block16 *state, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f)
+ const void *cipher, nettle_cipher_func *f)
{
block16_xor (state, &key->pad_block);
f (cipher, EAX_BLOCK_SIZE, state->b, state->b);
@@ -100,7 +100,7 @@ gf2_double (uint8_t *r, const uint8_t *a)
}
void
-eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f)
+eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f)
{
static const union nettle_block16 zero_block;
f (cipher, EAX_BLOCK_SIZE, key->pad_block.b, zero_block.b);
@@ -111,7 +111,7 @@ eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f)
void
eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t nonce_length, const uint8_t *nonce)
{
omac_init (&eax->omac_nonce, 0);
@@ -125,7 +125,7 @@ eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
void
eax_update (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t data_length, const uint8_t *data)
{
omac_update (&eax->omac_data, key, cipher, f, data_length, data);
@@ -133,7 +133,7 @@ eax_update (struct eax_ctx *eax, const struct eax_key *key,
void
eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
ctr_crypt (cipher, f, EAX_BLOCK_SIZE, eax->ctr.b, length, dst, src);
@@ -142,7 +142,7 @@ eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
void
eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
omac_update (&eax->omac_message, key, cipher, f, length, src);
@@ -151,7 +151,7 @@ eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
void
eax_digest (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest)
{
assert (length > 0);
diff --git a/eax.h b/eax.h
index 4509f889d110eff059bea8d4493751f99063af77..0c019796c85e49639b5b77df220bd6c63a6404b7 100644
--- a/eax.h
+++ b/eax.h
@@ -71,31 +71,31 @@ struct eax_ctx
};
void
-eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f);
+eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f);
void
eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t nonce_length, const uint8_t *nonce);
void
eax_update (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t data_length, const uint8_t *data);
void
eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
eax_digest (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest);
/* Put the cipher last, to get cipher-independent offsets for the EAX
@@ -107,37 +107,37 @@ eax_digest (struct eax_ctx *eax, const struct eax_key *key,
do { \
(set_key)(&(ctx)->cipher, (data)); \
if (0) (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0); \
- eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_crypt_func *) encrypt); \
+ eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_cipher_func *) encrypt); \
} while (0)
#define EAX_SET_NONCE(ctx, encrypt, length, nonce) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_set_nonce (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (nonce)))
#define EAX_UPDATE(ctx, encrypt, length, data) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_update (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (data)))
#define EAX_ENCRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_encrypt (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DECRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_decrypt (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DIGEST(ctx, encrypt, length, digest) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_digest (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (digest)))
struct eax_aes128_ctx EAX_CTX(struct aes128_ctx);
diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c
index 8a15891ab954274d3294a3f5dca5f071edf3ee46..60ca4f2b97850a4c86e852c41b2dc29b42340079 100644
--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
@@ -186,7 +186,7 @@ bench_hash(void *arg)
struct bench_cipher_info
{
void *ctx;
- nettle_crypt_func *crypt;
+ nettle_cipher_func *crypt;
uint8_t *data;
};
@@ -200,7 +200,7 @@ bench_cipher(void *arg)
struct bench_cbc_info
{
void *ctx;
- nettle_crypt_func *crypt;
+ nettle_cipher_func *crypt;
uint8_t *data;
diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c
index a2678363ddc743a6b1189a682a53a322066b96b3..c16539335049439f39c2e4265968af5adf6c6eaa 100644
--- a/examples/nettle-openssl.c
+++ b/examples/nettle-openssl.c
@@ -89,9 +89,9 @@ openssl_aes256_set_decrypt_key(void *ctx, const uint8_t *key)
AES_set_decrypt_key(key, 256, ctx);
}
-static nettle_crypt_func openssl_aes_encrypt;
+static nettle_cipher_func openssl_aes_encrypt;
static void
-openssl_aes_encrypt(void *ctx, size_t length,
+openssl_aes_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % AES_BLOCK_SIZE));
@@ -104,9 +104,9 @@ openssl_aes_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_aes_decrypt;
+static nettle_cipher_func openssl_aes_decrypt;
static void
-openssl_aes_decrypt(void *ctx, size_t length,
+openssl_aes_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % AES_BLOCK_SIZE));
@@ -157,9 +157,9 @@ openssl_bf128_set_key(void *ctx, const uint8_t *key)
BF_set_key(ctx, 16, key);
}
-static nettle_crypt_func openssl_bf_encrypt;
+static nettle_cipher_func openssl_bf_encrypt;
static void
-openssl_bf_encrypt(void *ctx, size_t length,
+openssl_bf_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % BF_BLOCK));
@@ -172,9 +172,9 @@ openssl_bf_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_bf_decrypt;
+static nettle_cipher_func openssl_bf_decrypt;
static void
-openssl_bf_decrypt(void *ctx, size_t length,
+openssl_bf_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % BF_BLOCK));
@@ -210,30 +210,32 @@ openssl_des_set_key(void *ctx, const uint8_t *key)
#define DES_BLOCK_SIZE 8
-static nettle_crypt_func openssl_des_encrypt;
+static nettle_cipher_func openssl_des_encrypt;
static void
-openssl_des_encrypt(void *ctx, size_t length,
+openssl_des_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % DES_BLOCK_SIZE));
while (length)
{
- DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_ENCRYPT);
+ DES_ecb_encrypt((void *) src, (void *) dst,
+ (void *) ctx, DES_ENCRYPT);
length -= DES_BLOCK_SIZE;
dst += DES_BLOCK_SIZE;
src += DES_BLOCK_SIZE;
}
}
-static nettle_crypt_func openssl_des_decrypt;
+static nettle_cipher_func openssl_des_decrypt;
static void
-openssl_des_decrypt(void *ctx, size_t length,
+openssl_des_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % DES_BLOCK_SIZE));
while (length)
{
- DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_DECRYPT);
+ DES_ecb_encrypt((void *) src, (void *) dst,
+ (void *) ctx, DES_DECRYPT);
length -= DES_BLOCK_SIZE;
dst += DES_BLOCK_SIZE;
src += DES_BLOCK_SIZE;
@@ -257,9 +259,9 @@ openssl_cast128_set_key(void *ctx, const uint8_t *key)
CAST_set_key(ctx, 16, key);
}
-static nettle_crypt_func openssl_cast_encrypt;
+static nettle_cipher_func openssl_cast_encrypt;
static void
-openssl_cast_encrypt(void *ctx, size_t length,
+openssl_cast_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % CAST_BLOCK));
@@ -272,9 +274,9 @@ openssl_cast_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_cast_decrypt;
+static nettle_cipher_func openssl_cast_decrypt;
static void
-openssl_cast_decrypt(void *ctx, size_t length,
+openssl_cast_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % CAST_BLOCK));
diff --git a/gcm-aes.c b/gcm-aes.c
index 37213c3c533b16813f3c5de760661b2c4999a5b6..c35bc68b8314d00be845098ed8d25bce256eaebe 100644
--- a/gcm-aes.c
+++ b/gcm-aes.c
@@ -34,7 +34,7 @@ gcm_aes_set_key(struct gcm_aes_ctx *ctx, size_t length, const uint8_t *key)
{
aes_set_encrypt_key (&ctx->cipher, length, key);
gcm_set_key (&ctx->key, &ctx->cipher,
- (nettle_crypt_func *) aes_encrypt);
+ (nettle_cipher_func *) aes_encrypt);
}
void
diff --git a/gcm.c b/gcm.c
index d942deb6fcc9e83282c1657bae6bcc470e900e02..2f69951775deb3f2081f679dea5c69c7bdcad7bd 100644
--- a/gcm.c
+++ b/gcm.c
@@ -328,7 +328,7 @@ gcm_gf_mul (union nettle_block16 *x, const union nettle_block16 *table)
*/
void
gcm_set_key(struct gcm_key *key,
- void *cipher, nettle_crypt_func *f)
+ const void *cipher, nettle_cipher_func *f)
{
/* Middle element if GCM_TABLE_BITS > 0, otherwise the first
element */
@@ -427,7 +427,7 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key,
}
static void
-gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f,
+gcm_crypt(struct gcm_ctx *ctx, const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
uint8_t buffer[GCM_BLOCK_SIZE];
@@ -465,7 +465,7 @@ gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f,
void
gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
assert(ctx->data_size % GCM_BLOCK_SIZE == 0);
@@ -478,7 +478,7 @@ gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
assert(ctx->data_size % GCM_BLOCK_SIZE == 0);
@@ -491,7 +491,7 @@ gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest)
{
uint8_t buffer[GCM_BLOCK_SIZE];
diff --git a/gcm.h b/gcm.h
index 5cc4276b9dc0e0bb005e686498a3cb549714559c..8ccfb35298799bf7bb17d2cd16bae2afb50437f9 100644
--- a/gcm.h
+++ b/gcm.h
@@ -111,12 +111,9 @@ struct gcm_ctx {
uint64_t data_size;
};
-/* FIXME: Should use const for the cipher context. Then needs const for
- nettle_crypt_func, which also rules out using that abstraction for
- arcfour. */
void
gcm_set_key(struct gcm_key *key,
- void *cipher, nettle_crypt_func *f);
+ const void *cipher, nettle_cipher_func *f);
void
gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key,
@@ -128,17 +125,17 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_encrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest);
/* Convenience macrology (not sure how useful it is) */
@@ -152,7 +149,7 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
(set_key)(&(ctx)->cipher, (key)); \
if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0); \
gcm_set_key(&(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt)); \
+ (nettle_cipher_func *) (encrypt)); \
} while (0)
#define GCM_SET_IV(ctx, length, data) \
@@ -164,19 +161,19 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
#define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DECRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DIGEST(ctx, encrypt, length, digest) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (digest)))
struct gcm_aes128_ctx GCM_CTX(struct aes128_ctx);
diff --git a/nettle-internal.c b/nettle-internal.c
index 96e06f42c90af9dda7f319d74ff78104181fee05..639a66ad7d5b2a8aa5589d1625cc18d4e251f34d 100644
--- a/nettle-internal.c
+++ b/nettle-internal.c
@@ -45,8 +45,8 @@ nettle_des = {
DES_BLOCK_SIZE, DES_KEY_SIZE,
(nettle_set_key_func *) des_set_key,
(nettle_set_key_func *) des_set_key,
- (nettle_crypt_func *) des_encrypt,
- (nettle_crypt_func *) des_decrypt
+ (nettle_cipher_func *) des_encrypt,
+ (nettle_cipher_func *) des_decrypt
};
const struct nettle_cipher
@@ -55,8 +55,8 @@ nettle_des3 = {
DES3_BLOCK_SIZE, DES3_KEY_SIZE,
(nettle_set_key_func *) des3_set_key,
(nettle_set_key_func *) des3_set_key,
- (nettle_crypt_func *) des3_encrypt,
- (nettle_crypt_func *) des3_decrypt
+ (nettle_cipher_func *) des3_encrypt,
+ (nettle_cipher_func *) des3_decrypt
};
/* NOTE: This is not as nice as one might think, as we pretend
@@ -67,54 +67,50 @@ nettle_blowfish128 =
BLOWFISH_BLOCK_SIZE, BLOWFISH128_KEY_SIZE,
(nettle_set_key_func *) blowfish128_set_key,
(nettle_set_key_func *) blowfish128_set_key,
- (nettle_crypt_func *) blowfish_encrypt,
- (nettle_crypt_func *) blowfish_decrypt
+ (nettle_cipher_func *) blowfish_encrypt,
+ (nettle_cipher_func *) blowfish_decrypt
};
-/* Sets a fix zero iv. For benchmarking only. */
-static void
-chacha_set_key_hack(void *ctx, const uint8_t *key)
-{
- static const uint8_t nonce[CHACHA_NONCE_SIZE];
- chacha_set_key (ctx, key);
- chacha_set_nonce (ctx, nonce);
-}
-/* Claim zero block size, to classify as a stream cipher. */
-const struct nettle_cipher
+const struct nettle_aead
nettle_chacha = {
"chacha", sizeof(struct chacha_ctx),
- 0, CHACHA_KEY_SIZE,
- chacha_set_key_hack, chacha_set_key_hack,
+ CHACHA_BLOCK_SIZE, CHACHA_KEY_SIZE,
+ CHACHA_NONCE_SIZE, 0,
+ (nettle_set_key_func *) chacha_set_key,
+ (nettle_set_key_func *) chacha_set_key,
+ (nettle_set_key_func *) chacha_set_nonce,
+ NULL,
+ (nettle_crypt_func *) chacha_crypt,
(nettle_crypt_func *) chacha_crypt,
- (nettle_crypt_func *) chacha_crypt
+ NULL,
};
-/* Sets a fix zero iv. For benchmarking only. */
-static void
-salsa20_set_key_hack(void *ctx, const uint8_t *key)
-{
- static const uint8_t iv[SALSA20_IV_SIZE];
- salsa20_256_set_key (ctx, key);
- salsa20_set_iv (ctx, iv);
-}
-
-/* Claim zero block size, to classify as a stream cipher. */
-const struct nettle_cipher
+const struct nettle_aead
nettle_salsa20 = {
"salsa20", sizeof(struct salsa20_ctx),
- 0, SALSA20_256_KEY_SIZE,
- salsa20_set_key_hack, salsa20_set_key_hack,
+ SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE,
+ SALSA20_NONCE_SIZE, 0,
+ (nettle_set_key_func *) salsa20_256_set_key,
+ (nettle_set_key_func *) salsa20_256_set_key,
+ (nettle_set_key_func *) salsa20_set_nonce,
+ NULL,
(nettle_crypt_func *) salsa20_crypt,
- (nettle_crypt_func *) salsa20_crypt
+ (nettle_crypt_func *) salsa20_crypt,
+ NULL,
};
-const struct nettle_cipher
+const struct nettle_aead
nettle_salsa20r12 = {
"salsa20r12", sizeof(struct salsa20_ctx),
- 0, SALSA20_256_KEY_SIZE,
- salsa20_set_key_hack, salsa20_set_key_hack,
+ SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE,
+ SALSA20_NONCE_SIZE, 0,
+ (nettle_set_key_func*) salsa20_256_set_key,
+ (nettle_set_key_func*) salsa20_256_set_key,
+ (nettle_set_key_func*) salsa20_set_nonce,
+ NULL,
+ (nettle_crypt_func *) salsa20r12_crypt,
(nettle_crypt_func *) salsa20r12_crypt,
- (nettle_crypt_func *) salsa20r12_crypt
+ NULL,
};
diff --git a/nettle-internal.h b/nettle-internal.h
index d91a81f9d75d78ad55c5e2f7f207459524103fae..1817368107172bbabe560fbdc34c3b953cea36bf 100644
--- a/nettle-internal.h
+++ b/nettle-internal.h
@@ -58,21 +58,20 @@ extern const struct nettle_cipher nettle_des3;
extern const struct nettle_cipher nettle_blowfish128;
-/* For benchmarking only, sets no iv and lies about the block size. */
-extern const struct nettle_cipher nettle_chacha;
-extern const struct nettle_cipher nettle_salsa20;
-extern const struct nettle_cipher nettle_salsa20r12;
-
extern const struct nettle_cipher nettle_unified_aes128;
extern const struct nettle_cipher nettle_unified_aes192;
extern const struct nettle_cipher nettle_unified_aes256;
+/* Stream ciphers treated as aead algorithms with no authentication. */
+extern const struct nettle_aead nettle_chacha;
+extern const struct nettle_aead nettle_salsa20;
+extern const struct nettle_aead nettle_salsa20r12;
+
/* Glue to openssl, for comparative benchmarking. Code in
* examples/nettle-openssl.c. */
extern const struct nettle_cipher nettle_openssl_aes128;
extern const struct nettle_cipher nettle_openssl_aes192;
extern const struct nettle_cipher nettle_openssl_aes256;
-extern const struct nettle_cipher nettle_openssl_arcfour128;
extern const struct nettle_cipher nettle_openssl_blowfish128;
extern const struct nettle_cipher nettle_openssl_des;
extern const struct nettle_cipher nettle_openssl_cast128;
diff --git a/nettle-meta.h b/nettle-meta.h
index f7b8675f2ee480ca84dccfdda9f9606061bc8c73..15a5b22ccc7cb8980cc6c7e0992dc66b05d2e745 100644
--- a/nettle-meta.h
+++ b/nettle-meta.h
@@ -48,8 +48,8 @@ struct nettle_cipher
nettle_set_key_func *set_encrypt_key;
nettle_set_key_func *set_decrypt_key;
- nettle_crypt_func *encrypt;
- nettle_crypt_func *decrypt;
+ nettle_cipher_func *encrypt;
+ nettle_cipher_func *decrypt;
};
/* null-terminated list of ciphers implemented by this version of nettle */
diff --git a/nettle-types.h b/nettle-types.h
index fe3c5246d26f45c1557e6083c50008abdb351df0..6ab815f8ef9625d1232b6a522dab0a203e5b85db 100644
--- a/nettle-types.h
+++ b/nettle-types.h
@@ -54,12 +54,14 @@ typedef void *nettle_realloc_func(void *ctx, void *p, size_t length);
/* Ciphers */
typedef void nettle_set_key_func(void *ctx, const uint8_t *key);
-/* Uses a void * for cipher contexts.
+/* For block ciphers, const context. */
+typedef void nettle_cipher_func(const void *ctx,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
- For block ciphers it would make sense with a const void * for the
- context, but we use the same typedef for stream ciphers where the
- internal state changes during the encryption. */
+/* Uses a void * for cipher contexts. Used for crypt operations where
+ the internal state changes during the encryption. */
typedef void nettle_crypt_func(void *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
diff --git a/serpent-meta.c b/serpent-meta.c
index 20504f72c50a59897d57bc1378fbbdbb2c61eca0..14a61dcd988d098b6d3cdad277c1b3d1d43d35c8 100644
--- a/serpent-meta.c
+++ b/serpent-meta.c
@@ -35,8 +35,8 @@
SERPENT ## bits ##_KEY_SIZE, \
(nettle_set_key_func *) serpent ## bits ## _set_key, \
(nettle_set_key_func *) serpent ## bits ## _set_key, \
- (nettle_crypt_func *) serpent_encrypt, \
- (nettle_crypt_func *) serpent_decrypt \
+ (nettle_cipher_func *) serpent_encrypt, \
+ (nettle_cipher_func *) serpent_decrypt \
}
const struct nettle_cipher nettle_serpent128
diff --git a/testsuite/aes-test.c b/testsuite/aes-test.c
index 9f80319be388c6b739566c23ce4053b7f177c297..57e1eff42505101391c8bf6cbbbd327307fd0069 100644
--- a/testsuite/aes-test.c
+++ b/testsuite/aes-test.c
@@ -91,8 +91,8 @@ unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key)
AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE, \
unified_aes ## bits ##_set_encrypt_key, \
unified_aes ## bits ##_set_decrypt_key, \
- (nettle_crypt_func *) aes_encrypt, \
- (nettle_crypt_func *) aes_decrypt, \
+ (nettle_cipher_func *) aes_encrypt, \
+ (nettle_cipher_func *) aes_decrypt, \
}
const struct nettle_cipher nettle_unified_aes128
= UNIFIED_AES(128);
diff --git a/twofish-meta.c b/twofish-meta.c
index 31e4d0208af29e9faaba59067434c211697a528e..2675ba5298b3cd8afbcc2765fa61c1a586ef9925 100644
--- a/twofish-meta.c
+++ b/twofish-meta.c
@@ -35,8 +35,8 @@
TWOFISH ## bits ## _KEY_SIZE, \
(nettle_set_key_func *) twofish ## bits ## _set_key, \
(nettle_set_key_func *) twofish ## bits ## _set_key, \
- (nettle_crypt_func *) twofish_encrypt, \
- (nettle_crypt_func *) twofish_decrypt \
+ (nettle_cipher_func *) twofish_encrypt, \
+ (nettle_cipher_func *) twofish_decrypt \
}
const struct nettle_cipher nettle_twofish128