#include <corecrypto/ccn.h> /* TODO: Remove dependency on this header. */
#include <corecrypto/ccmode_impl.h>
-#if !defined(__NO_ASM__)
-#if (defined(__x86_64__) && CCAES_INTEL) || (CCAES_ARM && defined(__ARM_NEON__))
-#define CCMODE_GCM_VNG_SPEEDUP 1
-#define CCMODE_CCM_VNG_SPEEDUP 1
-#else
-#define CCMODE_GCM_VNG_SPEEDUP 0
-#define CCMODE_CCM_VNG_SPEEDUP 0
-#endif
-
-#if ( (defined(__x86_64__) && CCAES_INTEL) \
- || (defined(__arm64__) && CCAES_ARM) \
- || defined(__ARM_NEON__)) // Supported even when not using the ARM AES
-
-#define CCMODE_CTR_VNG_SPEEDUP 1
-#else
-#define CCMODE_CTR_VNG_SPEEDUP 0
-#endif
-#endif /* !defined(__NO_ASM__) */
+/* Function and macros defined in this file are only to be used
+ within corecrypto files.
+ */
/* For CBC, direction of underlying ecb is the same as the cbc direction */
#define CCMODE_CBC_FACTORY(_cipher_, _dir_) \
void ccmode_cbc_init(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
size_t rawkey_len, const void *rawkey);
-void ccmode_cbc_decrypt(const cccbc_ctx *ctx, cccbc_iv *iv, unsigned long nblocks,
+void ccmode_cbc_decrypt(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks,
const void *in, void *out);
-void ccmode_cbc_encrypt(const cccbc_ctx *ctx, cccbc_iv *iv, unsigned long nblocks,
+void ccmode_cbc_encrypt(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks,
const void *in, void *out);
struct _ccmode_cbc_key {
example if it's part of a larger structure). Normally you would pass a
ecb decrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cbc_decrypt(struct ccmode_cbc *cbc,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cbc cbc_decrypt = CCMODE_FACTORY_CBC_DECRYPT(ecb);
- *cbc = cbc_decrypt;
-}
+ const struct ccmode_ecb *ecb);
/* Use these function to runtime initialize a ccmode_cbc encrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cbc_encrypt(struct ccmode_cbc *cbc,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cbc cbc_encrypt = CCMODE_FACTORY_CBC_ENCRYPT(ecb);
- *cbc = cbc_encrypt;
-}
+ const struct ccmode_ecb *ecb);
void ccmode_cfb_init(const struct ccmode_cfb *cfb, cccfb_ctx *ctx,
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cfb_decrypt(struct ccmode_cfb *cfb,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cfb cfb_decrypt = CCMODE_FACTORY_CFB_DECRYPT(ecb);
- *cfb = cfb_decrypt;
-}
+ const struct ccmode_ecb *ecb);
/* Use these function to runtime initialize a ccmode_cfb encrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cfb_encrypt(struct ccmode_cfb *cfb,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cfb cfb_encrypt = CCMODE_FACTORY_CFB_ENCRYPT(ecb);
- *cfb = cfb_encrypt;
-}
+ const struct ccmode_ecb *ecb);
void ccmode_cfb8_init(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx,
size_t rawkey_len, const void *rawkey, const void *iv);
example if it's part of a larger structure). Normally you would pass a
ecb decrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cfb8_decrypt(struct ccmode_cfb8 *cfb8,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cfb8 cfb8_decrypt = CCMODE_FACTORY_CFB8_DECRYPT(ecb);
- *cfb8 = cfb8_decrypt;
-}
+ const struct ccmode_ecb *ecb);
/* Use these function to runtime initialize a ccmode_cfb8 encrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_cfb8_encrypt(struct ccmode_cfb8 *cfb8,
- const struct ccmode_ecb *ecb) {
- struct ccmode_cfb8 cfb8_encrypt = CCMODE_FACTORY_CFB8_ENCRYPT(ecb);
- *cfb8 = cfb8_encrypt;
-}
+ const struct ccmode_ecb *ecb);
void ccmode_ctr_init(const struct ccmode_ctr *ctr, ccctr_ctx *ctx,
size_t rawkey_len, const void *rawkey, const void *iv);
.custom = (ECB_ENCRYPT) \
}
-#if !defined(__NO_ASM__)
-#if CCMODE_CTR_VNG_SPEEDUP
-void ccmode_aes_ctr_crypt_vng(ccctr_ctx *ctx, size_t nbytes,
- const void *in, void *out);
-
-/* Use this to statically initialize a ccmode_ctr object for decryption. */
-#define CCMODE_VNG_AES_CTR_CRYPT(ECB_ENCRYPT) { \
-.size = ccn_sizeof_size(sizeof(struct _ccmode_ctr_key)) + 2 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
-.block_size = 1, \
-.init = ccmode_ctr_init, \
-.ctr = ccmode_aes_ctr_crypt_vng, \
-.custom = (ECB_ENCRYPT) \
-}
-#endif /* CCMODE_CTR_VNG_SPEEDUP */
-#endif /* defined(__NO_ASM__) */
-
/* Use these function to runtime initialize a ccmode_ctr decrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_ctr_crypt(struct ccmode_ctr *ctr,
- const struct ccmode_ecb *ecb) {
- struct ccmode_ctr ctr_crypt = CCMODE_FACTORY_CTR_CRYPT(ecb);
- *ctr = ctr_crypt;
-}
-
-/* GCM FEATURES. */
-//#define CCMODE_GCM_TABLES 1
-#define CCMODE_GCM_FAST 1
-
-#ifdef CCMODE_GCM_FAST
-#define CCMODE_GCM_FAST_TYPE cc_unit
-#endif
-
-#ifdef CCMODE_GCM_TABLES
+ const struct ccmode_ecb *ecb);
-//#define CCMODE_GCM_TABLES_SSE2 1
-
-extern const unsigned char gcm_shift_table[256*2];
-#endif
/* Create a gcm key from a gcm mode object.
key must point to at least sizeof(CCMODE_GCM_KEY(ecb)) bytes of free
storage. */
-void ccmode_gcm_init(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx,
+int ccmode_gcm_init(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx,
size_t rawkey_len, const void *rawkey);
-void ccmode_gcm_set_iv(ccgcm_ctx *ctx, size_t iv_size, const void *iv);
-void ccmode_gcm_gmac(ccgcm_ctx *ctx, size_t nbytes, const void *in);
-void ccmode_gcm_decrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
+int ccmode_gcm_set_iv(ccgcm_ctx *ctx, size_t iv_size, const void *iv);
+int ccmode_gcm_aad(ccgcm_ctx *ctx, size_t nbytes, const void *in);
+int ccmode_gcm_decrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
void *out);
-void ccmode_gcm_encrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
+int ccmode_gcm_encrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
void *out);
-void ccmode_gcm_finalize(ccgcm_ctx *key, size_t tag_size, void *tag);
-void ccmode_gcm_reset(ccgcm_ctx *key);
+/*!
+ @function ccmode_gcm_finalize() finalizes AES-GCM call sequence
+ @param key encryption or decryption key
+ @param tag_size
+ @param tag
+ @result 0=success or non zero= error
+ @discussion For decryption, the tag parameter must be the expected-tag. A secure compare is performed between the provided expected-tag and the computed-tag. If they are the same, 0 is returned. Otherwise, non zero is returned. For encryption, tag is output and provides the authentication tag.
+
+ */
+int ccmode_gcm_finalize(ccgcm_ctx *key, size_t tag_size, void *tag);
+int ccmode_gcm_reset(ccgcm_ctx *key);
+
+
+// Here is what the structure looks like in memory
+// [ temp space | length | *ecb | *ecb_key | table | ecb_key ]
+// size of table depends on the implementation (VNG vs factory)
struct _ccmode_gcm_key {
// 5 blocks of temp space.
unsigned char H[16]; /* multiplier */
unsigned char Y_0[16]; /* initial counter */
unsigned char buf[16]; /* buffer for stuff */
- const struct ccmode_ecb *ecb;
+ // State and length
uint32_t ivmode; /* Which mode is the IV in? */
- uint32_t mode; /* mode the GCM code is in */
+ uint32_t state; /* state the GCM code is in */
uint32_t buflen; /* length of data in buf */
uint64_t totlen; /* 64-bit counter used for IV and AAD */
- uint64_t pttotlen; /* 64-bit counter for the PT */
-
-#ifdef CCMODE_GCM_TABLES
- /* TODO: Make table based gcm a separate mode object. */
- unsigned char PC[16][256][16] /* 16 tables of 8x128 */
-#ifdef CCMODE_GCM_TABLES_SSE2
- __attribute__ ((aligned (16)))
-#endif /* CCMODE_GCM_TABLES_SSE2 */
- ;
-#endif /* CCMODE_GCM_TABLES */
-
-#if !defined(__NO_ASM__)
-#if CCMODE_GCM_VNG_SPEEDUP
-#if !defined(__arm64__) && defined(__ARM_NEON__)
- unsigned char Htable[8*2] __attribute__((aligned(16)));
-#else
- unsigned char Htable[16*8*2] __attribute__((aligned(16)));
-#endif
-#endif /* CCMODE_GCM_VNG_SPEEDUP */
-#endif /* !defined(__NO_ASM__) */
- cc_unit u[];
+ uint64_t pttotlen; /* 64-bit counter for the plaintext PT */
+
+ // ECB
+ const struct ccmode_ecb *ecb; // ecb mode
+ // Pointer to the ECB key in the buffer
+ void *ecb_key; // address of the ecb_key in u, set in init function
+ int encdec; //is it an encrypt or decrypt object
+ // Buffer with ECB key and H table if applicable
+ unsigned char u[] __attribute__ ((aligned (16))); // ecb key + tables
};
-/* Use this to statically initialize a ccmode_gcm object for decryption. */
-#define CCMODE_FACTORY_GCM_DECRYPT(ECB_ENCRYPT) { \
-.size = ccn_sizeof_size(sizeof(struct _ccmode_gcm_key)) + 5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
-.block_size = 1, \
-.init = ccmode_gcm_init, \
-.set_iv = ccmode_gcm_set_iv, \
-.gmac = ccmode_gcm_gmac, \
-.gcm = ccmode_gcm_decrypt, \
-.finalize = ccmode_gcm_finalize, \
-.reset = ccmode_gcm_reset, \
-.custom = (ECB_ENCRYPT) \
-}
-
-/* Use this to statically initialize a ccmode_gcm object for encryption. */
-#define CCMODE_FACTORY_GCM_ENCRYPT(ECB_ENCRYPT) { \
-.size = ccn_sizeof_size(sizeof(struct _ccmode_gcm_key)) + 5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
-.block_size = 1, \
-.init = ccmode_gcm_init, \
-.set_iv = ccmode_gcm_set_iv, \
-.gmac = ccmode_gcm_gmac, \
-.gcm = ccmode_gcm_encrypt, \
-.finalize = ccmode_gcm_finalize, \
-.reset = ccmode_gcm_reset, \
-.custom = (ECB_ENCRYPT) \
-}
+#define GCM_ECB_KEY_SIZE(ECB_ENCRYPT) \
+ ((5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size)) \
+ + ccn_sizeof_size((ECB_ENCRYPT)->size))
/* Use these function to runtime initialize a ccmode_gcm decrypt object (for
example if it's part of a larger structure). For GCM you always pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_gcm_decrypt(struct ccmode_gcm *gcm,
- const struct ccmode_ecb *ecb_encrypt) {
- struct ccmode_gcm gcm_decrypt = CCMODE_FACTORY_GCM_DECRYPT(ecb_encrypt);
- *gcm = gcm_decrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
/* Use these function to runtime initialize a ccmode_gcm encrypt object (for
example if it's part of a larger structure). For GCM you always pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_gcm_encrypt(struct ccmode_gcm *gcm,
- const struct ccmode_ecb *ecb_encrypt) {
- struct ccmode_gcm gcm_encrypt = CCMODE_FACTORY_GCM_ENCRYPT(ecb_encrypt);
- *gcm = gcm_encrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
/* CCM (only NIST approved with AES) */
-void ccmode_ccm_init(const struct ccmode_ccm *ccm, ccccm_ctx *ctx,
+int ccmode_ccm_init(const struct ccmode_ccm *ccm, ccccm_ctx *ctx,
size_t rawkey_len, const void *rawkey);
-void ccmode_ccm_set_iv(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nonce_len, const void *nonce,
+int ccmode_ccm_set_iv(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nonce_len, const void *nonce,
size_t mac_size, size_t auth_len, size_t data_len);
/* internal function */
void ccmode_ccm_macdata(ccccm_ctx *key, ccccm_nonce *nonce_ctx, unsigned new_block, size_t nbytes, const void *in);
/* api function - disallows only mac'd data after data to encrypt was sent */
-void ccmode_ccm_cbcmac(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in);
+int ccmode_ccm_cbcmac(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in);
/* internal function */
void ccmode_ccm_crypt(ccccm_ctx *key, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out);
-void ccmode_ccm_decrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
- void *out);
-void ccmode_ccm_encrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
+int ccmode_ccm_decrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
void *out);
-#if !defined(__NO_ASM__)
-#if CCMODE_CCM_VNG_SPEEDUP
-void ccmode_ccm_decrypt_vector(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
+int ccmode_ccm_encrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
void *out);
-void ccmode_ccm_encrypt_vector(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
- void *out);
-#endif /* CCMODE_CCM_VNG_SPEEDUP */
-#endif /* !defined(__NO_ASM__) */
-void ccmode_ccm_finalize(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
-void ccmode_ccm_reset(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
+int ccmode_ccm_finalize(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
+int ccmode_ccm_reset(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
struct _ccmode_ccm_key {
const struct ccmode_ecb *ecb;
.custom = (ECB_ENCRYPT) \
}
-#if !defined(__NO_ASM__)
-/* for x86_64/arm64 speedup */
-#if CCMODE_CCM_VNG_SPEEDUP
-/* Use this to statically initialize a ccmode_ccm object for decryption. */
-#define CCMODE_VNG_CCM_DECRYPT(ECB_ENCRYPT) { \
-.size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
-.nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
-.block_size = 1, \
-.init = ccmode_ccm_init, \
-.set_iv = ccmode_ccm_set_iv, \
-.cbcmac = ccmode_ccm_cbcmac, \
-.ccm = ccmode_ccm_decrypt_vector, \
-.finalize = ccmode_ccm_finalize, \
-.reset = ccmode_ccm_reset, \
-.custom = (ECB_ENCRYPT) \
-}
-
-/* Use this to statically initialize a ccmode_ccm object for encryption. */
-#define CCMODE_VNG_CCM_ENCRYPT(ECB_ENCRYPT) { \
-.size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
-.nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
-.block_size = 1, \
-.init = ccmode_ccm_init, \
-.set_iv = ccmode_ccm_set_iv, \
-.cbcmac = ccmode_ccm_cbcmac, \
-.ccm = ccmode_ccm_encrypt_vector, \
-.finalize = ccmode_ccm_finalize, \
-.reset = ccmode_ccm_reset, \
-.custom = (ECB_ENCRYPT) \
-}
-#endif /* CCMODE_CCM_VNG_SPEEDUP */
-#endif /* !defined(__NO_ASM__) */
-
/* Use these function to runtime initialize a ccmode_ccm decrypt object (for
example if it's part of a larger structure). For CCM you always pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
+
void ccmode_factory_ccm_decrypt(struct ccmode_ccm *ccm,
- const struct ccmode_ecb *ecb_encrypt) {
-#if !defined(__NO_ASM__) && CCMODE_CCM_VNG_SPEEDUP
- struct ccmode_ccm ccm_decrypt = CCMODE_VNG_CCM_DECRYPT(ecb_encrypt);
-#else
- struct ccmode_ccm ccm_decrypt = CCMODE_FACTORY_CCM_DECRYPT(ecb_encrypt);
-#endif /* CCMODE_CCM_VNG_SPEEDUP */
- *ccm = ccm_decrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
/* Use these function to runtime initialize a ccmode_ccm encrypt object (for
example if it's part of a larger structure). For CCM you always pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_ccm_encrypt(struct ccmode_ccm *ccm,
- const struct ccmode_ecb *ecb_encrypt) {
-#if !defined(__NO_ASM__) && CCMODE_CCM_VNG_SPEEDUP
- struct ccmode_ccm ccm_encrypt = CCMODE_VNG_CCM_ENCRYPT(ecb_encrypt);
-#else
- struct ccmode_ccm ccm_encrypt = CCMODE_FACTORY_CCM_ENCRYPT(ecb_encrypt);
-#endif /* CCMODE_CCM_VNG_SPEEDUP */
- *ccm = ccm_encrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
void ccmode_ofb_init(const struct ccmode_ofb *ofb, ccofb_ctx *ctx,
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_ofb_crypt(struct ccmode_ofb *ofb,
- const struct ccmode_ecb *ecb) {
- struct ccmode_ofb ofb_crypt = CCMODE_FACTORY_OFB_CRYPT(ecb);
- *ofb = ofb_crypt;
-}
-
+ const struct ccmode_ecb *ecb);
-int ccmode_omac_decrypt(ccomac_ctx *ctx, unsigned long nblocks,
+int ccmode_omac_decrypt(ccomac_ctx *ctx, size_t nblocks,
const void *tweak, const void *in, void *out);
-int ccmode_omac_encrypt(ccomac_ctx *ctx, unsigned long nblocks,
+int ccmode_omac_encrypt(ccomac_ctx *ctx, size_t nblocks,
const void *tweak, const void *in, void *out);
/* Create a omac key from a omac mode object. The tweak_len here
key must point to at least sizeof(CCMODE_OMAC_KEY(ecb)) bytes of free
storage. */
void ccmode_omac_init(const struct ccmode_omac *omac, ccomac_ctx *ctx,
- cc_size tweak_len, size_t rawkey_len,
+ size_t tweak_len, size_t rawkey_len,
const void *rawkey);
struct _ccmode_omac_key {
example if it's part of a larger structure). Normally you would pass a
ecb decrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_omac_decrypt(struct ccmode_omac *omac,
- const struct ccmode_ecb *ecb) {
- struct ccmode_omac omac_decrypt = CCMODE_FACTORY_OMAC_DECRYPT(ecb);
- *omac = omac_decrypt;
-}
+ const struct ccmode_ecb *ecb);
/* Use these function to runtime initialize a ccmode_omac encrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_omac_encrypt(struct ccmode_omac *omac,
- const struct ccmode_ecb *ecb) {
- struct ccmode_omac omac_encrypt = CCMODE_FACTORY_OMAC_ENCRYPT(ecb);
- *omac = omac_encrypt;
-}
+ const struct ccmode_ecb *ecb);
/* Function prototypes used by the macros below, do not call directly. */
size_t key_len, const void *data_key,
const void *tweak_key);
void *ccmode_xts_crypt(const ccxts_ctx *ctx, ccxts_tweak *tweak,
- unsigned long nblocks, const void *in, void *out);
+ size_t nblocks, const void *in, void *out);
void ccmode_xts_set_tweak(const ccxts_ctx *ctx, ccxts_tweak *tweak,
const void *iv);
// the bytes_processed field in the context will accumuate the number of blocks processed and
// will fail the encrypt/decrypt if the size is violated. This counter will be reset to 0
// when set_tweak is called.
- unsigned long blocks_processed;
+ size_t blocks_processed;
cc_unit u[];
};
/* Use this to statically initialize a ccmode_xts object for decryption. */
#define CCMODE_FACTORY_XTS_DECRYPT(ECB, ECB_ENCRYPT) { \
.size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
-.tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(16), \
-.block_size = 16, \
+.tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(ecb->block_size), \
+.block_size = ecb->block_size, \
.init = ccmode_xts_init, \
.set_tweak = ccmode_xts_set_tweak, \
.xts = ccmode_xts_crypt, \
/* Use this to statically initialize a ccmode_xts object for encryption. */
#define CCMODE_FACTORY_XTS_ENCRYPT(ECB, ECB_ENCRYPT) { \
.size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
-.tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(16), \
-.block_size = 16, \
+.tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(ecb->block_size), \
+.block_size = ecb->block_size, \
.init = ccmode_xts_init, \
.set_tweak = ccmode_xts_set_tweak, \
.xts = ccmode_xts_crypt, \
example if it's part of a larger structure). Normally you would pass a
ecb decrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_xts_decrypt(struct ccmode_xts *xts,
const struct ccmode_ecb *ecb,
- const struct ccmode_ecb *ecb_encrypt) {
- struct ccmode_xts xts_decrypt = CCMODE_FACTORY_XTS_DECRYPT(ecb, ecb_encrypt);
- *xts = xts_decrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
/* Use these function to runtime initialize a ccmode_xts encrypt object (for
example if it's part of a larger structure). Normally you would pass a
ecb encrypt mode implementation of some underlying algorithm as the ecb
parameter. */
-CC_INLINE
void ccmode_factory_xts_encrypt(struct ccmode_xts *xts,
const struct ccmode_ecb *ecb,
- const struct ccmode_ecb *ecb_encrypt) {
- struct ccmode_xts xts_encrypt = CCMODE_FACTORY_XTS_ENCRYPT(ecb, ecb_encrypt);
- *xts = xts_encrypt;
-}
+ const struct ccmode_ecb *ecb_encrypt);
#endif /* _CORECRYPTO_CCMODE_FACTORY_H_ */
projects / apple / xnu.git / blobdiff