Galois/Counter mode for 128-bit block ciphers. More...
#include "cipher.h"
#include <stdint.h>
Go to the source code of this file.
Data Structures | |
struct | gcm_context |
GCM context structure. More... | |
Defines | |
#define | GCM_ENCRYPT 1 |
#define | GCM_DECRYPT 0 |
#define | POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 |
Authenticated decryption failed. | |
#define | POLARSSL_ERR_GCM_BAD_INPUT -0x0014 |
Bad input parameters to function. | |
Functions | |
int | gcm_init (gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, unsigned int keysize) |
GCM initialization (encryption). | |
int | gcm_crypt_and_tag (gcm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, size_t tag_len, unsigned char *tag) |
GCM buffer encryption/decryption using a block cipher. | |
int | gcm_auth_decrypt (gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *tag, size_t tag_len, const unsigned char *input, unsigned char *output) |
GCM buffer authenticated decryption using a block cipher. | |
int | gcm_starts (gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len) |
Generic GCM stream start function. | |
int | gcm_update (gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output) |
Generic GCM update function. | |
int | gcm_finish (gcm_context *ctx, unsigned char *tag, size_t tag_len) |
Generic GCM finalisation function. | |
void | gcm_free (gcm_context *ctx) |
Free a GCM context and underlying cipher sub-context. | |
int | gcm_self_test (int verbose) |
Checkup routine. |
Galois/Counter mode for 128-bit block ciphers.
Copyright (C) 2006-2013, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Definition in file gcm.h.
#define GCM_DECRYPT 0 |
Definition at line 41 of file gcm.h.
Referenced by gcm_auth_decrypt(), gcm_self_test(), and gcm_update().
#define GCM_ENCRYPT 1 |
Definition at line 40 of file gcm.h.
Referenced by gcm_self_test(), gcm_update(), and test_suite_gcm_encrypt_and_tag().
#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 |
Authenticated decryption failed.
Definition at line 43 of file gcm.h.
Referenced by gcm_auth_decrypt(), polarssl_strerror(), and test_suite_gcm_decrypt_and_verify().
#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 |
Bad input parameters to function.
Definition at line 44 of file gcm.h.
Referenced by gcm_finish(), gcm_init(), gcm_update(), and polarssl_strerror().
int gcm_auth_decrypt | ( | gcm_context * | ctx, | |
size_t | length, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len, | |||
const unsigned char * | tag, | |||
size_t | tag_len, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
GCM buffer authenticated decryption using a block cipher.
ctx | GCM context | |
length | length of the input data | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data | |
add_len | length of additional data | |
tag | buffer holding the tag | |
tag_len | length of the tag | |
input | buffer holding the input data | |
output | buffer for holding the output data |
Definition at line 379 of file gcm.c.
References gcm_crypt_and_tag(), GCM_DECRYPT, and POLARSSL_ERR_GCM_AUTH_FAILED.
Referenced by test_suite_gcm_decrypt_and_verify().
int gcm_crypt_and_tag | ( | gcm_context * | ctx, | |
int | mode, | |||
size_t | length, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len, | |||
const unsigned char * | input, | |||
unsigned char * | output, | |||
size_t | tag_len, | |||
unsigned char * | tag | |||
) |
GCM buffer encryption/decryption using a block cipher.
ctx | GCM context | |
mode | GCM_ENCRYPT or GCM_DECRYPT | |
length | length of the input data | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data | |
add_len | length of additional data | |
input | buffer holding the input data | |
output | buffer for holding the output data | |
tag_len | length of the tag to generate | |
tag | buffer for holding the tag |
Definition at line 353 of file gcm.c.
References gcm_finish(), gcm_starts(), and gcm_update().
Referenced by gcm_auth_decrypt(), gcm_self_test(), and test_suite_gcm_encrypt_and_tag().
int gcm_finish | ( | gcm_context * | ctx, | |
unsigned char * | tag, | |||
size_t | tag_len | |||
) |
Generic GCM finalisation function.
Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes.
ctx | GCM context | |
tag | buffer for holding the tag (may be NULL if tag_len is 0) | |
tag_len | length of the tag to generate |
Definition at line 317 of file gcm.c.
References gcm_context::add_len, gcm_context::base_ectr, gcm_context::buf, gcm_mult(), gcm_context::len, POLARSSL_ERR_GCM_BAD_INPUT, and PUT_UINT32_BE.
Referenced by gcm_crypt_and_tag(), and gcm_self_test().
void gcm_free | ( | gcm_context * | ctx | ) |
Free a GCM context and underlying cipher sub-context.
ctx |
Definition at line 409 of file gcm.c.
References gcm_context::cipher_ctx, and cipher_free_ctx().
Referenced by gcm_ctx_free(), gcm_self_test(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
int gcm_init | ( | gcm_context * | ctx, | |
cipher_id_t | cipher, | |||
const unsigned char * | key, | |||
unsigned int | keysize | |||
) |
GCM initialization (encryption).
ctx | GCM context to be initialized | |
cipher | cipher to use (a 128-bit block cipher) | |
key | encryption key | |
keysize | must be 128, 192 or 256 |
Definition at line 108 of file gcm.c.
References cipher_info_t::block_size, gcm_context::cipher_ctx, cipher_info_from_values(), cipher_init_ctx(), cipher_setkey(), gcm_gen_table(), POLARSSL_ENCRYPT, POLARSSL_ERR_GCM_BAD_INPUT, and POLARSSL_MODE_ECB.
Referenced by gcm_aes_setkey_wrap(), gcm_camellia_setkey_wrap(), gcm_self_test(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
int gcm_self_test | ( | int | verbose | ) |
Checkup routine.
Definition at line 646 of file gcm.c.
References add_index, add_len, additional, ct, gcm_crypt_and_tag(), GCM_DECRYPT, GCM_ENCRYPT, gcm_finish(), gcm_free(), gcm_init(), gcm_starts(), gcm_update(), iv, iv_index, iv_len, key, key_index, key_len, MAX_TESTS, POLARSSL_CIPHER_ID_AES, pt, pt_index, pt_len, and tag.
Referenced by test_suite_gcm_selftest().
int gcm_starts | ( | gcm_context * | ctx, | |
int | mode, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len | |||
) |
Generic GCM stream start function.
ctx | GCM context | |
mode | GCM_ENCRYPT or GCM_DECRYPT | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data (or NULL if length is 0) | |
add_len | length of additional data |
Definition at line 192 of file gcm.c.
References gcm_context::add_len, gcm_context::base_ectr, gcm_context::buf, gcm_context::cipher_ctx, cipher_update(), gcm_mult(), gcm_context::len, gcm_context::mode, PUT_UINT32_BE, and gcm_context::y.
Referenced by gcm_crypt_and_tag(), and gcm_self_test().
int gcm_update | ( | gcm_context * | ctx, | |
size_t | length, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Generic GCM update function.
Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before gcm_finish() can be less than 16 bytes!
ctx | GCM context | |
length | length of the input data | |
input | buffer holding the input data | |
output | buffer for holding the output data |
Definition at line 266 of file gcm.c.
References gcm_context::buf, gcm_context::cipher_ctx, cipher_update(), GCM_DECRYPT, GCM_ENCRYPT, gcm_mult(), gcm_context::len, gcm_context::mode, POLARSSL_ERR_GCM_BAD_INPUT, and gcm_context::y.
Referenced by cipher_update(), gcm_crypt_and_tag(), and gcm_self_test().