From a9b47a42f5a8a2d3e324075bf7bee52f403c6a2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Tue, 18 Mar 2014 21:42:00 +0100
Subject: [PATCH] Define and use nettle_cipher_func, for block ciphers.
---
ChangeLog | 13 +++++++
aes128-meta.c | 4 +--
aes192-meta.c | 4 +--
aes256-meta.c | 4 +--
arctwo-meta.c | 8 ++---
camellia128-meta.c | 4 +--
camellia192-meta.c | 4 +--
camellia256-meta.c | 4 +--
cast128-meta.c | 4 +--
cbc.c | 4 +--
cbc.h | 12 +++----
ctr.c | 2 +-
ctr.h | 6 ++--
des-compat.c | 8 ++---
eax.c | 16 ++++-----
eax.h | 24 ++++++-------
examples/nettle-benchmark.c | 4 +--
examples/nettle-openssl.c | 38 ++++++++++----------
gcm-aes.c | 2 +-
gcm.c | 10 +++---
gcm.h | 19 +++++-----
nettle-internal.c | 70 +++++++++++++++++--------------------
nettle-internal.h | 11 +++---
nettle-meta.h | 4 +--
nettle-types.h | 10 +++---
serpent-meta.c | 4 +--
testsuite/aes-test.c | 4 +--
twofish-meta.c | 4 +--
28 files changed, 155 insertions(+), 146 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index ac76f040..28d2a750 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2014-03-18 Niels Möller <nisse@lysator.liu.se>
+
+ * nettle-types.h (nettle_cipher_func): New typedef, similar to
+ nettle_crypt_func, but with a const context, intended for block
+ ciphers.
+ * nettle-meta.h (struct nettle_cipher): Use the nettle_cipher_func
+ type.
+ * Many other files affected: aes*-meta.c, camellia*-meta.c,
+ cast128-meta.c, serpent-meta.c, twofish-meta.c, cbc.[ch],
+ ctr.[ch], ctr.[ch], des-compat.c, eax.[ch], gcm*.[ch],
+ nettle-internal.*, testsuite/aes-test.c,
+ examples/nettle-benchmark.c, examples/nettle-openssl.c.
+
2014-03-16 Niels Möller <nisse@lysator.liu.se>
* chacha-set-key.c: Include string.h.
diff --git a/aes128-meta.c b/aes128-meta.c
index 4c72d735..3565babc 100644
--- a/aes128-meta.c
+++ b/aes128-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes128 =
AES_BLOCK_SIZE, AES128_KEY_SIZE,
(nettle_set_key_func *) aes128_set_encrypt_key,
(nettle_set_key_func *) aes128_set_decrypt_key,
- (nettle_crypt_func *) aes128_encrypt,
- (nettle_crypt_func *) aes128_decrypt
+ (nettle_cipher_func *) aes128_encrypt,
+ (nettle_cipher_func *) aes128_decrypt
};
diff --git a/aes192-meta.c b/aes192-meta.c
index 80719249..a900eb86 100644
--- a/aes192-meta.c
+++ b/aes192-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes192 =
AES_BLOCK_SIZE, AES192_KEY_SIZE,
(nettle_set_key_func *) aes192_set_encrypt_key,
(nettle_set_key_func *) aes192_set_decrypt_key,
- (nettle_crypt_func *) aes192_encrypt,
- (nettle_crypt_func *) aes192_decrypt
+ (nettle_cipher_func *) aes192_encrypt,
+ (nettle_cipher_func *) aes192_decrypt
};
diff --git a/aes256-meta.c b/aes256-meta.c
index 7f1e2e1e..7e38a0d2 100644
--- a/aes256-meta.c
+++ b/aes256-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_aes256 =
AES_BLOCK_SIZE, AES256_KEY_SIZE,
(nettle_set_key_func *) aes256_set_encrypt_key,
(nettle_set_key_func *) aes256_set_decrypt_key,
- (nettle_crypt_func *) aes256_encrypt,
- (nettle_crypt_func *) aes256_decrypt
+ (nettle_cipher_func *) aes256_encrypt,
+ (nettle_cipher_func *) aes256_decrypt
};
diff --git a/arctwo-meta.c b/arctwo-meta.c
index b234a0b6..fec8c0c6 100644
--- a/arctwo-meta.c
+++ b/arctwo-meta.c
@@ -34,8 +34,8 @@
ARCTWO_BLOCK_SIZE, bits/8, \
(nettle_set_key_func *) arctwo ## bits ## _set_key, \
(nettle_set_key_func *) arctwo ## bits ## _set_key, \
- (nettle_crypt_func *) arctwo_encrypt, \
- (nettle_crypt_func *) arctwo_decrypt, \
+ (nettle_cipher_func *) arctwo_encrypt, \
+ (nettle_cipher_func *) arctwo_decrypt, \
}
const struct nettle_cipher nettle_arctwo40
= ARCTWO(40);
@@ -51,6 +51,6 @@ const struct nettle_cipher nettle_arctwo_gutmann128 =
ARCTWO_BLOCK_SIZE, 16,
(nettle_set_key_func *) arctwo128_set_key_gutmann,
(nettle_set_key_func *) arctwo128_set_key_gutmann,
- (nettle_crypt_func *) arctwo_encrypt,
- (nettle_crypt_func *) arctwo_decrypt,
+ (nettle_cipher_func *) arctwo_encrypt,
+ (nettle_cipher_func *) arctwo_decrypt,
};
diff --git a/camellia128-meta.c b/camellia128-meta.c
index 97748b08..ae9c2cb4 100644
--- a/camellia128-meta.c
+++ b/camellia128-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia128 =
CAMELLIA_BLOCK_SIZE, CAMELLIA128_KEY_SIZE,
(nettle_set_key_func *) camellia128_set_encrypt_key,
(nettle_set_key_func *) camellia128_set_decrypt_key,
- (nettle_crypt_func *) camellia128_crypt,
- (nettle_crypt_func *) camellia128_crypt
+ (nettle_cipher_func *) camellia128_crypt,
+ (nettle_cipher_func *) camellia128_crypt
};
diff --git a/camellia192-meta.c b/camellia192-meta.c
index 62d9b194..d54caa77 100644
--- a/camellia192-meta.c
+++ b/camellia192-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia192 =
CAMELLIA_BLOCK_SIZE, CAMELLIA192_KEY_SIZE,
(nettle_set_key_func *) camellia192_set_encrypt_key,
(nettle_set_key_func *) camellia192_set_decrypt_key,
- (nettle_crypt_func *) camellia256_crypt,
- (nettle_crypt_func *) camellia256_crypt
+ (nettle_cipher_func *) camellia256_crypt,
+ (nettle_cipher_func *) camellia256_crypt
};
diff --git a/camellia256-meta.c b/camellia256-meta.c
index 86d6278b..0413ded0 100644
--- a/camellia256-meta.c
+++ b/camellia256-meta.c
@@ -35,6 +35,6 @@ const struct nettle_cipher nettle_camellia256 =
CAMELLIA_BLOCK_SIZE, CAMELLIA256_KEY_SIZE,
(nettle_set_key_func *) camellia256_set_encrypt_key,
(nettle_set_key_func *) camellia256_set_decrypt_key,
- (nettle_crypt_func *) camellia256_crypt,
- (nettle_crypt_func *) camellia256_crypt
+ (nettle_cipher_func *) camellia256_crypt,
+ (nettle_cipher_func *) camellia256_crypt
};
diff --git a/cast128-meta.c b/cast128-meta.c
index e103d7b3..783b1f4e 100644
--- a/cast128-meta.c
+++ b/cast128-meta.c
@@ -33,6 +33,6 @@ const struct nettle_cipher nettle_cast128 =
CAST128_BLOCK_SIZE, CAST128_KEY_SIZE,
(nettle_set_key_func *) cast128_set_key,
(nettle_set_key_func *) cast128_set_key,
- (nettle_crypt_func *) cast128_encrypt,
- (nettle_crypt_func *) cast128_decrypt
+ (nettle_cipher_func *) cast128_encrypt,
+ (nettle_cipher_func *) cast128_decrypt
};
diff --git a/cbc.c b/cbc.c
index 16edd4dd..3804635d 100644
--- a/cbc.c
+++ b/cbc.c
@@ -37,7 +37,7 @@
#include "nettle-internal.h"
void
-cbc_encrypt(void *ctx, nettle_crypt_func *f,
+cbc_encrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src)
@@ -56,7 +56,7 @@ cbc_encrypt(void *ctx, nettle_crypt_func *f,
#define CBC_BUFFER_LIMIT 512
void
-cbc_decrypt(void *ctx, nettle_crypt_func *f,
+cbc_decrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src)
diff --git a/cbc.h b/cbc.h
index eb01239c..0c52188b 100644
--- a/cbc.h
+++ b/cbc.h
@@ -37,13 +37,13 @@ extern "C" {
#define cbc_decrypt nettle_cbc_decrypt
void
-cbc_encrypt(void *ctx, nettle_crypt_func *f,
+cbc_encrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src);
void
-cbc_decrypt(void *ctx, nettle_crypt_func *f,
+cbc_decrypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *iv,
size_t length, uint8_t *dst,
const uint8_t *src);
@@ -58,16 +58,16 @@ memcpy((ctx)->iv, (data), sizeof((ctx)->iv))
#define CBC_ENCRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
: cbc_encrypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#define CBC_DECRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
: cbc_decrypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#ifdef __cplusplus
}
diff --git a/ctr.c b/ctr.c
index 80a072b4..38d54a3f 100644
--- a/ctr.c
+++ b/ctr.c
@@ -40,7 +40,7 @@
#define NBLOCKS 4
void
-ctr_crypt(void *ctx, nettle_crypt_func *f,
+ctr_crypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *ctr,
size_t length, uint8_t *dst,
const uint8_t *src)
diff --git a/ctr.h b/ctr.h
index 14d520d3..5746060b 100644
--- a/ctr.h
+++ b/ctr.h
@@ -37,7 +37,7 @@ extern "C" {
#define ctr_crypt nettle_ctr_crypt
void
-ctr_crypt(void *ctx, nettle_crypt_func *f,
+ctr_crypt(const void *ctx, nettle_cipher_func *f,
size_t block_size, uint8_t *ctr,
size_t length, uint8_t *dst,
const uint8_t *src);
@@ -51,9 +51,9 @@ memcpy((ctx)->ctr, (data), sizeof((ctx)->ctr))
#define CTR_CRYPT(self, f, length, dst, src) \
(0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \
: ctr_crypt((void *) &(self)->ctx, \
- (nettle_crypt_func *) (f), \
+ (nettle_cipher_func *) (f), \
sizeof((self)->ctr), (self)->ctr, \
- (length), (dst), (src)))
+ (length), (dst), (src)))
#ifdef __cplusplus
}
diff --git a/des-compat.c b/des-compat.c
index a74386a5..c3048b99 100644
--- a/des-compat.c
+++ b/des-compat.c
@@ -113,13 +113,13 @@ des_ncbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
switch (enc)
{
case DES_ENCRYPT:
- nettle_cbc_encrypt(ctx, (nettle_crypt_func *) des_encrypt,
+ nettle_cbc_encrypt(ctx, (nettle_cipher_func *) des_encrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
case DES_DECRYPT:
nettle_cbc_decrypt(ctx,
- (nettle_crypt_func *) des_decrypt,
+ (nettle_cipher_func *) des_decrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
@@ -166,12 +166,12 @@ des_ede3_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
switch (enc)
{
case DES_ENCRYPT:
- nettle_cbc_encrypt(&keys, (nettle_crypt_func *) des_compat_des3_encrypt,
+ nettle_cbc_encrypt(&keys, (nettle_cipher_func *) des_compat_des3_encrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
case DES_DECRYPT:
- nettle_cbc_decrypt(&keys, (nettle_crypt_func *) des_compat_des3_decrypt,
+ nettle_cbc_decrypt(&keys, (nettle_cipher_func *) des_compat_des3_decrypt,
DES_BLOCK_SIZE, *iv,
length, *dst, *src);
break;
diff --git a/eax.c b/eax.c
index 970ebbd3..dce7dd91 100644
--- a/eax.c
+++ b/eax.c
@@ -56,7 +56,7 @@ block16_xor (union nettle_block16 *dst, const union nettle_block16 *src)
static void
omac_update (union nettle_block16 *state, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, const uint8_t *data)
{
for (; length >= EAX_BLOCK_SIZE;
@@ -79,7 +79,7 @@ omac_update (union nettle_block16 *state, const struct eax_key *key,
static void
omac_final (union nettle_block16 *state, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f)
+ const void *cipher, nettle_cipher_func *f)
{
block16_xor (state, &key->pad_block);
f (cipher, EAX_BLOCK_SIZE, state->b, state->b);
@@ -100,7 +100,7 @@ gf2_double (uint8_t *r, const uint8_t *a)
}
void
-eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f)
+eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f)
{
static const union nettle_block16 zero_block;
f (cipher, EAX_BLOCK_SIZE, key->pad_block.b, zero_block.b);
@@ -111,7 +111,7 @@ eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f)
void
eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t nonce_length, const uint8_t *nonce)
{
omac_init (&eax->omac_nonce, 0);
@@ -125,7 +125,7 @@ eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
void
eax_update (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t data_length, const uint8_t *data)
{
omac_update (&eax->omac_data, key, cipher, f, data_length, data);
@@ -133,7 +133,7 @@ eax_update (struct eax_ctx *eax, const struct eax_key *key,
void
eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
ctr_crypt (cipher, f, EAX_BLOCK_SIZE, eax->ctr.b, length, dst, src);
@@ -142,7 +142,7 @@ eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
void
eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
omac_update (&eax->omac_message, key, cipher, f, length, src);
@@ -151,7 +151,7 @@ eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
void
eax_digest (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest)
{
assert (length > 0);
diff --git a/eax.h b/eax.h
index 4509f889..0c019796 100644
--- a/eax.h
+++ b/eax.h
@@ -71,31 +71,31 @@ struct eax_ctx
};
void
-eax_set_key (struct eax_key *key, void *cipher, nettle_crypt_func *f);
+eax_set_key (struct eax_key *key, const void *cipher, nettle_cipher_func *f);
void
eax_set_nonce (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t nonce_length, const uint8_t *nonce);
void
eax_update (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t data_length, const uint8_t *data);
void
eax_encrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
eax_decrypt (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
eax_digest (struct eax_ctx *eax, const struct eax_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest);
/* Put the cipher last, to get cipher-independent offsets for the EAX
@@ -107,37 +107,37 @@ eax_digest (struct eax_ctx *eax, const struct eax_key *key,
do { \
(set_key)(&(ctx)->cipher, (data)); \
if (0) (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0); \
- eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_crypt_func *) encrypt); \
+ eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_cipher_func *) encrypt); \
} while (0)
#define EAX_SET_NONCE(ctx, encrypt, length, nonce) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_set_nonce (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (nonce)))
#define EAX_UPDATE(ctx, encrypt, length, data) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_update (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (data)))
#define EAX_ENCRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_encrypt (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DECRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_decrypt (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DIGEST(ctx, encrypt, length, digest) \
(0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
: eax_digest (&(ctx)->eax, &(ctx)->key, \
- &(ctx)->cipher, (nettle_crypt_func *) (encrypt), \
+ &(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (digest)))
struct eax_aes128_ctx EAX_CTX(struct aes128_ctx);
diff --git a/examples/nettle-benchmark.c b/examples/nettle-benchmark.c
index 8a15891a..60ca4f2b 100644
--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
@@ -186,7 +186,7 @@ bench_hash(void *arg)
struct bench_cipher_info
{
void *ctx;
- nettle_crypt_func *crypt;
+ nettle_cipher_func *crypt;
uint8_t *data;
};
@@ -200,7 +200,7 @@ bench_cipher(void *arg)
struct bench_cbc_info
{
void *ctx;
- nettle_crypt_func *crypt;
+ nettle_cipher_func *crypt;
uint8_t *data;
diff --git a/examples/nettle-openssl.c b/examples/nettle-openssl.c
index a2678363..c1653933 100644
--- a/examples/nettle-openssl.c
+++ b/examples/nettle-openssl.c
@@ -89,9 +89,9 @@ openssl_aes256_set_decrypt_key(void *ctx, const uint8_t *key)
AES_set_decrypt_key(key, 256, ctx);
}
-static nettle_crypt_func openssl_aes_encrypt;
+static nettle_cipher_func openssl_aes_encrypt;
static void
-openssl_aes_encrypt(void *ctx, size_t length,
+openssl_aes_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % AES_BLOCK_SIZE));
@@ -104,9 +104,9 @@ openssl_aes_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_aes_decrypt;
+static nettle_cipher_func openssl_aes_decrypt;
static void
-openssl_aes_decrypt(void *ctx, size_t length,
+openssl_aes_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % AES_BLOCK_SIZE));
@@ -157,9 +157,9 @@ openssl_bf128_set_key(void *ctx, const uint8_t *key)
BF_set_key(ctx, 16, key);
}
-static nettle_crypt_func openssl_bf_encrypt;
+static nettle_cipher_func openssl_bf_encrypt;
static void
-openssl_bf_encrypt(void *ctx, size_t length,
+openssl_bf_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % BF_BLOCK));
@@ -172,9 +172,9 @@ openssl_bf_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_bf_decrypt;
+static nettle_cipher_func openssl_bf_decrypt;
static void
-openssl_bf_decrypt(void *ctx, size_t length,
+openssl_bf_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % BF_BLOCK));
@@ -210,30 +210,32 @@ openssl_des_set_key(void *ctx, const uint8_t *key)
#define DES_BLOCK_SIZE 8
-static nettle_crypt_func openssl_des_encrypt;
+static nettle_cipher_func openssl_des_encrypt;
static void
-openssl_des_encrypt(void *ctx, size_t length,
+openssl_des_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % DES_BLOCK_SIZE));
while (length)
{
- DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_ENCRYPT);
+ DES_ecb_encrypt((void *) src, (void *) dst,
+ (void *) ctx, DES_ENCRYPT);
length -= DES_BLOCK_SIZE;
dst += DES_BLOCK_SIZE;
src += DES_BLOCK_SIZE;
}
}
-static nettle_crypt_func openssl_des_decrypt;
+static nettle_cipher_func openssl_des_decrypt;
static void
-openssl_des_decrypt(void *ctx, size_t length,
+openssl_des_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % DES_BLOCK_SIZE));
while (length)
{
- DES_ecb_encrypt((void *) src, (void *) dst, ctx, DES_DECRYPT);
+ DES_ecb_encrypt((void *) src, (void *) dst,
+ (void *) ctx, DES_DECRYPT);
length -= DES_BLOCK_SIZE;
dst += DES_BLOCK_SIZE;
src += DES_BLOCK_SIZE;
@@ -257,9 +259,9 @@ openssl_cast128_set_key(void *ctx, const uint8_t *key)
CAST_set_key(ctx, 16, key);
}
-static nettle_crypt_func openssl_cast_encrypt;
+static nettle_cipher_func openssl_cast_encrypt;
static void
-openssl_cast_encrypt(void *ctx, size_t length,
+openssl_cast_encrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % CAST_BLOCK));
@@ -272,9 +274,9 @@ openssl_cast_encrypt(void *ctx, size_t length,
}
}
-static nettle_crypt_func openssl_cast_decrypt;
+static nettle_cipher_func openssl_cast_decrypt;
static void
-openssl_cast_decrypt(void *ctx, size_t length,
+openssl_cast_decrypt(const void *ctx, size_t length,
uint8_t *dst, const uint8_t *src)
{
assert (!(length % CAST_BLOCK));
diff --git a/gcm-aes.c b/gcm-aes.c
index 37213c3c..c35bc68b 100644
--- a/gcm-aes.c
+++ b/gcm-aes.c
@@ -34,7 +34,7 @@ gcm_aes_set_key(struct gcm_aes_ctx *ctx, size_t length, const uint8_t *key)
{
aes_set_encrypt_key (&ctx->cipher, length, key);
gcm_set_key (&ctx->key, &ctx->cipher,
- (nettle_crypt_func *) aes_encrypt);
+ (nettle_cipher_func *) aes_encrypt);
}
void
diff --git a/gcm.c b/gcm.c
index d942deb6..2f699517 100644
--- a/gcm.c
+++ b/gcm.c
@@ -328,7 +328,7 @@ gcm_gf_mul (union nettle_block16 *x, const union nettle_block16 *table)
*/
void
gcm_set_key(struct gcm_key *key,
- void *cipher, nettle_crypt_func *f)
+ const void *cipher, nettle_cipher_func *f)
{
/* Middle element if GCM_TABLE_BITS > 0, otherwise the first
element */
@@ -427,7 +427,7 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key,
}
static void
-gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f,
+gcm_crypt(struct gcm_ctx *ctx, const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
uint8_t buffer[GCM_BLOCK_SIZE];
@@ -465,7 +465,7 @@ gcm_crypt(struct gcm_ctx *ctx, void *cipher, nettle_crypt_func *f,
void
gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
assert(ctx->data_size % GCM_BLOCK_SIZE == 0);
@@ -478,7 +478,7 @@ gcm_encrypt (struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src)
{
assert(ctx->data_size % GCM_BLOCK_SIZE == 0);
@@ -491,7 +491,7 @@ gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest)
{
uint8_t buffer[GCM_BLOCK_SIZE];
diff --git a/gcm.h b/gcm.h
index 5cc4276b..8ccfb352 100644
--- a/gcm.h
+++ b/gcm.h
@@ -111,12 +111,9 @@ struct gcm_ctx {
uint64_t data_size;
};
-/* FIXME: Should use const for the cipher context. Then needs const for
- nettle_crypt_func, which also rules out using that abstraction for
- arcfour. */
void
gcm_set_key(struct gcm_key *key,
- void *cipher, nettle_crypt_func *f);
+ const void *cipher, nettle_cipher_func *f);
void
gcm_set_iv(struct gcm_ctx *ctx, const struct gcm_key *key,
@@ -128,17 +125,17 @@ gcm_update(struct gcm_ctx *ctx, const struct gcm_key *key,
void
gcm_encrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
gcm_decrypt(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *dst, const uint8_t *src);
void
gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
- void *cipher, nettle_crypt_func *f,
+ const void *cipher, nettle_cipher_func *f,
size_t length, uint8_t *digest);
/* Convenience macrology (not sure how useful it is) */
@@ -152,7 +149,7 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
(set_key)(&(ctx)->cipher, (key)); \
if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0); \
gcm_set_key(&(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt)); \
+ (nettle_cipher_func *) (encrypt)); \
} while (0)
#define GCM_SET_IV(ctx, length, data) \
@@ -164,19 +161,19 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
#define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DECRYPT(ctx, encrypt, length, dst, src) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DIGEST(ctx, encrypt, length, digest) \
(0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
: gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
- (nettle_crypt_func *) (encrypt), \
+ (nettle_cipher_func *) (encrypt), \
(length), (digest)))
struct gcm_aes128_ctx GCM_CTX(struct aes128_ctx);
diff --git a/nettle-internal.c b/nettle-internal.c
index 96e06f42..639a66ad 100644
--- a/nettle-internal.c
+++ b/nettle-internal.c
@@ -45,8 +45,8 @@ nettle_des = {
DES_BLOCK_SIZE, DES_KEY_SIZE,
(nettle_set_key_func *) des_set_key,
(nettle_set_key_func *) des_set_key,
- (nettle_crypt_func *) des_encrypt,
- (nettle_crypt_func *) des_decrypt
+ (nettle_cipher_func *) des_encrypt,
+ (nettle_cipher_func *) des_decrypt
};
const struct nettle_cipher
@@ -55,8 +55,8 @@ nettle_des3 = {
DES3_BLOCK_SIZE, DES3_KEY_SIZE,
(nettle_set_key_func *) des3_set_key,
(nettle_set_key_func *) des3_set_key,
- (nettle_crypt_func *) des3_encrypt,
- (nettle_crypt_func *) des3_decrypt
+ (nettle_cipher_func *) des3_encrypt,
+ (nettle_cipher_func *) des3_decrypt
};
/* NOTE: This is not as nice as one might think, as we pretend
@@ -67,54 +67,50 @@ nettle_blowfish128 =
BLOWFISH_BLOCK_SIZE, BLOWFISH128_KEY_SIZE,
(nettle_set_key_func *) blowfish128_set_key,
(nettle_set_key_func *) blowfish128_set_key,
- (nettle_crypt_func *) blowfish_encrypt,
- (nettle_crypt_func *) blowfish_decrypt
+ (nettle_cipher_func *) blowfish_encrypt,
+ (nettle_cipher_func *) blowfish_decrypt
};
-/* Sets a fix zero iv. For benchmarking only. */
-static void
-chacha_set_key_hack(void *ctx, const uint8_t *key)
-{
- static const uint8_t nonce[CHACHA_NONCE_SIZE];
- chacha_set_key (ctx, key);
- chacha_set_nonce (ctx, nonce);
-}
-/* Claim zero block size, to classify as a stream cipher. */
-const struct nettle_cipher
+const struct nettle_aead
nettle_chacha = {
"chacha", sizeof(struct chacha_ctx),
- 0, CHACHA_KEY_SIZE,
- chacha_set_key_hack, chacha_set_key_hack,
+ CHACHA_BLOCK_SIZE, CHACHA_KEY_SIZE,
+ CHACHA_NONCE_SIZE, 0,
+ (nettle_set_key_func *) chacha_set_key,
+ (nettle_set_key_func *) chacha_set_key,
+ (nettle_set_key_func *) chacha_set_nonce,
+ NULL,
+ (nettle_crypt_func *) chacha_crypt,
(nettle_crypt_func *) chacha_crypt,
- (nettle_crypt_func *) chacha_crypt
+ NULL,
};
-/* Sets a fix zero iv. For benchmarking only. */
-static void
-salsa20_set_key_hack(void *ctx, const uint8_t *key)
-{
- static const uint8_t iv[SALSA20_IV_SIZE];
- salsa20_256_set_key (ctx, key);
- salsa20_set_iv (ctx, iv);
-}
-
-/* Claim zero block size, to classify as a stream cipher. */
-const struct nettle_cipher
+const struct nettle_aead
nettle_salsa20 = {
"salsa20", sizeof(struct salsa20_ctx),
- 0, SALSA20_256_KEY_SIZE,
- salsa20_set_key_hack, salsa20_set_key_hack,
+ SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE,
+ SALSA20_NONCE_SIZE, 0,
+ (nettle_set_key_func *) salsa20_256_set_key,
+ (nettle_set_key_func *) salsa20_256_set_key,
+ (nettle_set_key_func *) salsa20_set_nonce,
+ NULL,
(nettle_crypt_func *) salsa20_crypt,
- (nettle_crypt_func *) salsa20_crypt
+ (nettle_crypt_func *) salsa20_crypt,
+ NULL,
};
-const struct nettle_cipher
+const struct nettle_aead
nettle_salsa20r12 = {
"salsa20r12", sizeof(struct salsa20_ctx),
- 0, SALSA20_256_KEY_SIZE,
- salsa20_set_key_hack, salsa20_set_key_hack,
+ SALSA20_BLOCK_SIZE, SALSA20_256_KEY_SIZE,
+ SALSA20_NONCE_SIZE, 0,
+ (nettle_set_key_func*) salsa20_256_set_key,
+ (nettle_set_key_func*) salsa20_256_set_key,
+ (nettle_set_key_func*) salsa20_set_nonce,
+ NULL,
+ (nettle_crypt_func *) salsa20r12_crypt,
(nettle_crypt_func *) salsa20r12_crypt,
- (nettle_crypt_func *) salsa20r12_crypt
+ NULL,
};
diff --git a/nettle-internal.h b/nettle-internal.h
index d91a81f9..18173681 100644
--- a/nettle-internal.h
+++ b/nettle-internal.h
@@ -58,21 +58,20 @@ extern const struct nettle_cipher nettle_des3;
extern const struct nettle_cipher nettle_blowfish128;
-/* For benchmarking only, sets no iv and lies about the block size. */
-extern const struct nettle_cipher nettle_chacha;
-extern const struct nettle_cipher nettle_salsa20;
-extern const struct nettle_cipher nettle_salsa20r12;
-
extern const struct nettle_cipher nettle_unified_aes128;
extern const struct nettle_cipher nettle_unified_aes192;
extern const struct nettle_cipher nettle_unified_aes256;
+/* Stream ciphers treated as aead algorithms with no authentication. */
+extern const struct nettle_aead nettle_chacha;
+extern const struct nettle_aead nettle_salsa20;
+extern const struct nettle_aead nettle_salsa20r12;
+
/* Glue to openssl, for comparative benchmarking. Code in
* examples/nettle-openssl.c. */
extern const struct nettle_cipher nettle_openssl_aes128;
extern const struct nettle_cipher nettle_openssl_aes192;
extern const struct nettle_cipher nettle_openssl_aes256;
-extern const struct nettle_cipher nettle_openssl_arcfour128;
extern const struct nettle_cipher nettle_openssl_blowfish128;
extern const struct nettle_cipher nettle_openssl_des;
extern const struct nettle_cipher nettle_openssl_cast128;
diff --git a/nettle-meta.h b/nettle-meta.h
index f7b8675f..15a5b22c 100644
--- a/nettle-meta.h
+++ b/nettle-meta.h
@@ -48,8 +48,8 @@ struct nettle_cipher
nettle_set_key_func *set_encrypt_key;
nettle_set_key_func *set_decrypt_key;
- nettle_crypt_func *encrypt;
- nettle_crypt_func *decrypt;
+ nettle_cipher_func *encrypt;
+ nettle_cipher_func *decrypt;
};
/* null-terminated list of ciphers implemented by this version of nettle */
diff --git a/nettle-types.h b/nettle-types.h
index fe3c5246..6ab815f8 100644
--- a/nettle-types.h
+++ b/nettle-types.h
@@ -54,12 +54,14 @@ typedef void *nettle_realloc_func(void *ctx, void *p, size_t length);
/* Ciphers */
typedef void nettle_set_key_func(void *ctx, const uint8_t *key);
-/* Uses a void * for cipher contexts.
+/* For block ciphers, const context. */
+typedef void nettle_cipher_func(const void *ctx,
+ size_t length, uint8_t *dst,
+ const uint8_t *src);
- For block ciphers it would make sense with a const void * for the
- context, but we use the same typedef for stream ciphers where the
- internal state changes during the encryption. */
+/* Uses a void * for cipher contexts. Used for crypt operations where
+ the internal state changes during the encryption. */
typedef void nettle_crypt_func(void *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
diff --git a/serpent-meta.c b/serpent-meta.c
index 20504f72..14a61dcd 100644
--- a/serpent-meta.c
+++ b/serpent-meta.c
@@ -35,8 +35,8 @@
SERPENT ## bits ##_KEY_SIZE, \
(nettle_set_key_func *) serpent ## bits ## _set_key, \
(nettle_set_key_func *) serpent ## bits ## _set_key, \
- (nettle_crypt_func *) serpent_encrypt, \
- (nettle_crypt_func *) serpent_decrypt \
+ (nettle_cipher_func *) serpent_encrypt, \
+ (nettle_cipher_func *) serpent_decrypt \
}
const struct nettle_cipher nettle_serpent128
diff --git a/testsuite/aes-test.c b/testsuite/aes-test.c
index 9f80319b..57e1eff4 100644
--- a/testsuite/aes-test.c
+++ b/testsuite/aes-test.c
@@ -91,8 +91,8 @@ unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key)
AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE, \
unified_aes ## bits ##_set_encrypt_key, \
unified_aes ## bits ##_set_decrypt_key, \
- (nettle_crypt_func *) aes_encrypt, \
- (nettle_crypt_func *) aes_decrypt, \
+ (nettle_cipher_func *) aes_encrypt, \
+ (nettle_cipher_func *) aes_decrypt, \
}
const struct nettle_cipher nettle_unified_aes128
= UNIFIED_AES(128);
diff --git a/twofish-meta.c b/twofish-meta.c
index 31e4d020..2675ba52 100644
--- a/twofish-meta.c
+++ b/twofish-meta.c
@@ -35,8 +35,8 @@
TWOFISH ## bits ## _KEY_SIZE, \
(nettle_set_key_func *) twofish ## bits ## _set_key, \
(nettle_set_key_func *) twofish ## bits ## _set_key, \
- (nettle_crypt_func *) twofish_encrypt, \
- (nettle_crypt_func *) twofish_decrypt \
+ (nettle_cipher_func *) twofish_encrypt, \
+ (nettle_cipher_func *) twofish_decrypt \
}
const struct nettle_cipher nettle_twofish128
--
GitLab