#include "polarssl/config.h"
#include "polarssl/gcm.h"
#include <stdio.h>
Go to the source code of this file.
Defines | |
#define | MAX_TESTS 6 |
Functions | |
static int | gcm_gen_table (gcm_context *ctx) |
int | gcm_init (gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, unsigned int keysize) |
GCM initialization (encryption). | |
static void | gcm_mult (gcm_context *ctx, const unsigned char x[16], unsigned char output[16]) |
int | gcm_starts (gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len) |
Generic GCM stream start function. | |
int | gcm_update (gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output) |
Generic GCM update function. | |
int | gcm_finish (gcm_context *ctx, unsigned char *tag, size_t tag_len) |
Generic GCM finalisation function. | |
int | gcm_crypt_and_tag (gcm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, size_t tag_len, unsigned char *tag) |
GCM buffer encryption/decryption using a block cipher. | |
int | gcm_auth_decrypt (gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *tag, size_t tag_len, const unsigned char *input, unsigned char *output) |
GCM buffer authenticated decryption using a block cipher. | |
void | gcm_free (gcm_context *ctx) |
Free a GCM context and underlying cipher sub-context. | |
int | gcm_self_test (int verbose) |
Checkup routine. | |
Variables | |
static const uint64_t | last4 [16] |
int | key_index [MAX_TESTS] |
unsigned char | key [MAX_TESTS][32] |
size_t | iv_len [MAX_TESTS] |
int | iv_index [MAX_TESTS] |
unsigned char | iv [MAX_TESTS][64] |
size_t | add_len [MAX_TESTS] |
int | add_index [MAX_TESTS] |
unsigned char | additional [MAX_TESTS][64] |
size_t | pt_len [MAX_TESTS] |
int | pt_index [MAX_TESTS] |
unsigned char | pt [MAX_TESTS][64] |
unsigned char | ct [MAX_TESTS *3][64] |
unsigned char | tag [MAX_TESTS *3][16] |
#define MAX_TESTS 6 |
Definition at line 424 of file gcm.c.
Referenced by gcm_self_test(), and pkcs5_self_test().
int gcm_auth_decrypt | ( | gcm_context * | ctx, | |
size_t | length, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len, | |||
const unsigned char * | tag, | |||
size_t | tag_len, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
GCM buffer authenticated decryption using a block cipher.
ctx | GCM context | |
length | length of the input data | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data | |
add_len | length of additional data | |
tag | buffer holding the tag | |
tag_len | length of the tag | |
input | buffer holding the input data | |
output | buffer for holding the output data |
Definition at line 379 of file gcm.c.
References gcm_crypt_and_tag(), GCM_DECRYPT, and POLARSSL_ERR_GCM_AUTH_FAILED.
Referenced by test_suite_gcm_decrypt_and_verify().
int gcm_crypt_and_tag | ( | gcm_context * | ctx, | |
int | mode, | |||
size_t | length, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len, | |||
const unsigned char * | input, | |||
unsigned char * | output, | |||
size_t | tag_len, | |||
unsigned char * | tag | |||
) |
GCM buffer encryption/decryption using a block cipher.
ctx | GCM context | |
mode | GCM_ENCRYPT or GCM_DECRYPT | |
length | length of the input data | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data | |
add_len | length of additional data | |
input | buffer holding the input data | |
output | buffer for holding the output data | |
tag_len | length of the tag to generate | |
tag | buffer for holding the tag |
Definition at line 353 of file gcm.c.
References gcm_finish(), gcm_starts(), and gcm_update().
Referenced by gcm_auth_decrypt(), gcm_self_test(), and test_suite_gcm_encrypt_and_tag().
int gcm_finish | ( | gcm_context * | ctx, | |
unsigned char * | tag, | |||
size_t | tag_len | |||
) |
Generic GCM finalisation function.
Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes.
ctx | GCM context | |
tag | buffer for holding the tag (may be NULL if tag_len is 0) | |
tag_len | length of the tag to generate |
Definition at line 317 of file gcm.c.
References gcm_context::add_len, gcm_context::base_ectr, gcm_context::buf, gcm_mult(), gcm_context::len, POLARSSL_ERR_GCM_BAD_INPUT, and PUT_UINT32_BE.
Referenced by gcm_crypt_and_tag(), and gcm_self_test().
void gcm_free | ( | gcm_context * | ctx | ) |
Free a GCM context and underlying cipher sub-context.
ctx |
Definition at line 409 of file gcm.c.
References gcm_context::cipher_ctx, and cipher_free_ctx().
Referenced by gcm_ctx_free(), gcm_self_test(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
static int gcm_gen_table | ( | gcm_context * | ctx | ) | [static] |
Definition at line 57 of file gcm.c.
References gcm_context::cipher_ctx, cipher_update(), GET_UINT32_BE, gcm_context::HH, and gcm_context::HL.
Referenced by gcm_init().
int gcm_init | ( | gcm_context * | ctx, | |
cipher_id_t | cipher, | |||
const unsigned char * | key, | |||
unsigned int | keysize | |||
) |
GCM initialization (encryption).
ctx | GCM context to be initialized | |
cipher | cipher to use (a 128-bit block cipher) | |
key | encryption key | |
keysize | must be 128, 192 or 256 |
Definition at line 108 of file gcm.c.
References cipher_info_t::block_size, gcm_context::cipher_ctx, cipher_info_from_values(), cipher_init_ctx(), cipher_setkey(), gcm_gen_table(), POLARSSL_ENCRYPT, POLARSSL_ERR_GCM_BAD_INPUT, and POLARSSL_MODE_ECB.
Referenced by gcm_aes_setkey_wrap(), gcm_camellia_setkey_wrap(), gcm_self_test(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
static void gcm_mult | ( | gcm_context * | ctx, | |
const unsigned char | x[16], | |||
unsigned char | output[16] | |||
) | [static] |
Definition at line 146 of file gcm.c.
References gcm_context::HH, gcm_context::HL, last4, and PUT_UINT32_BE.
Referenced by gcm_finish(), gcm_starts(), and gcm_update().
int gcm_self_test | ( | int | verbose | ) |
Checkup routine.
Definition at line 646 of file gcm.c.
References add_index, add_len, additional, ct, gcm_crypt_and_tag(), GCM_DECRYPT, GCM_ENCRYPT, gcm_finish(), gcm_free(), gcm_init(), gcm_starts(), gcm_update(), iv, iv_index, iv_len, key, key_index, key_len, MAX_TESTS, POLARSSL_CIPHER_ID_AES, pt, pt_index, pt_len, and tag.
Referenced by test_suite_gcm_selftest().
int gcm_starts | ( | gcm_context * | ctx, | |
int | mode, | |||
const unsigned char * | iv, | |||
size_t | iv_len, | |||
const unsigned char * | add, | |||
size_t | add_len | |||
) |
Generic GCM stream start function.
ctx | GCM context | |
mode | GCM_ENCRYPT or GCM_DECRYPT | |
iv | initialization vector | |
iv_len | length of IV | |
add | additional data (or NULL if length is 0) | |
add_len | length of additional data |
Definition at line 192 of file gcm.c.
References gcm_context::add_len, gcm_context::base_ectr, gcm_context::buf, gcm_context::cipher_ctx, cipher_update(), gcm_mult(), gcm_context::len, gcm_context::mode, PUT_UINT32_BE, and gcm_context::y.
Referenced by gcm_crypt_and_tag(), and gcm_self_test().
int gcm_update | ( | gcm_context * | ctx, | |
size_t | length, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Generic GCM update function.
Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before gcm_finish() can be less than 16 bytes!
ctx | GCM context | |
length | length of the input data | |
input | buffer holding the input data | |
output | buffer for holding the output data |
Definition at line 266 of file gcm.c.
References gcm_context::buf, gcm_context::cipher_ctx, cipher_update(), GCM_DECRYPT, GCM_ENCRYPT, gcm_mult(), gcm_context::len, gcm_context::mode, POLARSSL_ERR_GCM_BAD_INPUT, and gcm_context::y.
Referenced by cipher_update(), gcm_crypt_and_tag(), and gcm_self_test().
int add_index[MAX_TESTS] |
{ 0, 0, 0, 1, 1, 1 }
Definition at line 466 of file gcm.c.
Referenced by gcm_self_test().
size_t add_len[MAX_TESTS] |
{ 0, 0, 0, 20, 20, 20 }
Definition at line 463 of file gcm.c.
Referenced by gcm_self_test(), pem_write_buffer(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
unsigned char additional[MAX_TESTS][64] |
{ { 0x00 }, { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }, }
Definition at line 469 of file gcm.c.
Referenced by gcm_self_test().
unsigned char ct[MAX_TESTS *3][64] |
Definition at line 497 of file gcm.c.
Referenced by gcm_self_test().
unsigned char iv[MAX_TESTS][64] |
{ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }, { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, 0xa6, 0x37, 0xb3, 0x9b }, }
Definition at line 447 of file gcm.c.
Referenced by aes_self_test(), block_cipher_df(), blowfish_crypt_cbc(), blowfish_crypt_cfb64(), camellia_self_test(), des_self_test(), gcm_self_test(), pkcs12_pbe(), pkcs5_pbes2(), ssl_parse_ticket(), ssl_write_ticket(), test_suite_dec_empty_buf(), test_suite_decrypt_test_vec(), test_suite_enc_dec_buf(), test_suite_enc_dec_buf_multipart(), and test_suite_enc_fail().
int iv_index[MAX_TESTS] |
{ 0, 0, 1, 1, 1, 2 }
Definition at line 444 of file gcm.c.
Referenced by gcm_self_test().
size_t iv_len[MAX_TESTS] |
{ 12, 12, 12, 12, 8, 60 }
Definition at line 441 of file gcm.c.
Referenced by gcm_self_test(), test_suite_decrypt_test_vec(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
unsigned char key[MAX_TESTS][32] |
{ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, }
Definition at line 429 of file gcm.c.
Referenced by aes_self_test(), block_cipher_df(), camellia_self_test(), ctr_drbg_init_entropy_len(), des3_set2key(), des3_set2key_dec(), des3_set2key_enc(), des3_set3key_dec(), des3_set3key_enc(), des_key_check_key_parity(), des_key_check_weak(), des_key_set_parity(), des_self_test(), des_setkey(), des_setkey_dec(), des_setkey_enc(), gcm_self_test(), pkcs12_pbe(), pkcs12_pbe_sha1_rc4_128(), pkcs5_pbes2(), pkcs5_self_test(), test_suite_dec_empty_buf(), test_suite_decrypt_test_vec(), test_suite_des_key_parity_run(), test_suite_enc_dec_buf(), test_suite_enc_dec_buf_multipart(), test_suite_enc_fail(), test_suite_pbkdf2_hmac(), test_suite_pk_ec_test_vec(), test_suite_pk_write_key_check(), test_suite_pk_write_pubkey_check(), test_suite_test_vec_ecb(), and test_suite_x509_csr_check().
int key_index[MAX_TESTS] |
{ 0, 0, 1, 1, 1, 1 }
Definition at line 426 of file gcm.c.
Referenced by gcm_self_test().
const uint64_t last4[16] [static] |
{ 0x0000, 0x1c20, 0x3840, 0x2460, 0x7080, 0x6ca0, 0x48c0, 0x54e0, 0xe100, 0xfd20, 0xd940, 0xc560, 0x9180, 0x8da0, 0xa9c0, 0xb5e0 }
Definition at line 138 of file gcm.c.
Referenced by gcm_mult().
unsigned char pt[MAX_TESTS][64] |
{ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, }
Definition at line 483 of file gcm.c.
Referenced by gcm_self_test(), and test_suite_ecp_tls_write_read_point().
int pt_index[MAX_TESTS] |
{ 0, 0, 1, 1, 1, 1 }
Definition at line 480 of file gcm.c.
Referenced by gcm_self_test().
size_t pt_len[MAX_TESTS] |
{ 0, 16, 64, 60, 60, 60 }
Definition at line 477 of file gcm.c.
Referenced by ecdh_make_params(), gcm_self_test(), test_suite_gcm_decrypt_and_verify(), and test_suite_gcm_encrypt_and_tag().
unsigned char tag[MAX_TESTS *3][16] |
Definition at line 606 of file gcm.c.
Referenced by gcm_self_test(), test_suite_decrypt_test_vec(), test_suite_enc_dec_buf(), x509_get_subject_alt_name(), and x509_get_time().