diff options
Diffstat (limited to 'src/lib/modes/aead/gcm')
-rw-r--r-- | src/lib/modes/aead/gcm/clmul/clmul.cpp | 2 | ||||
-rw-r--r-- | src/lib/modes/aead/gcm/clmul/clmul.h | 2 | ||||
-rw-r--r-- | src/lib/modes/aead/gcm/gcm.cpp | 72 | ||||
-rw-r--r-- | src/lib/modes/aead/gcm/gcm.h | 38 |
4 files changed, 57 insertions, 57 deletions
diff --git a/src/lib/modes/aead/gcm/clmul/clmul.cpp b/src/lib/modes/aead/gcm/clmul/clmul.cpp index 725ef3da3..ed3473b4e 100644 --- a/src/lib/modes/aead/gcm/clmul/clmul.cpp +++ b/src/lib/modes/aead/gcm/clmul/clmul.cpp @@ -12,7 +12,7 @@ namespace Botan { BOTAN_FUNC_ISA("pclmul,ssse3") -void gcm_multiply_clmul(byte x[16], const byte H[16]) +void gcm_multiply_clmul(uint8_t x[16], const uint8_t H[16]) { /* * Algorithms 1 and 5 from Intel's CLMUL guide diff --git a/src/lib/modes/aead/gcm/clmul/clmul.h b/src/lib/modes/aead/gcm/clmul/clmul.h index a3d8d9851..5e4a0de35 100644 --- a/src/lib/modes/aead/gcm/clmul/clmul.h +++ b/src/lib/modes/aead/gcm/clmul/clmul.h @@ -12,7 +12,7 @@ namespace Botan { -void gcm_multiply_clmul(byte x[16], const byte H[16]); +void gcm_multiply_clmul(uint8_t x[16], const uint8_t H[16]); } diff --git a/src/lib/modes/aead/gcm/gcm.cpp b/src/lib/modes/aead/gcm/gcm.cpp index e0bc59a8d..0d0cbff3c 100644 --- a/src/lib/modes/aead/gcm/gcm.cpp +++ b/src/lib/modes/aead/gcm/gcm.cpp @@ -20,21 +20,21 @@ namespace Botan { static const size_t GCM_BS = 16; -void GHASH::gcm_multiply(secure_vector<byte>& x) const +void GHASH::gcm_multiply(secure_vector<uint8_t>& x) const { #if defined(BOTAN_HAS_GCM_CLMUL) if(CPUID::has_clmul()) return gcm_multiply_clmul(x.data(), m_H.data()); #endif - static const u64bit R = 0xE100000000000000; + static const uint64_t R = 0xE100000000000000; - u64bit H[2] = { - load_be<u64bit>(m_H.data(), 0), - load_be<u64bit>(m_H.data(), 1) + uint64_t H[2] = { + load_be<uint64_t>(m_H.data(), 0), + load_be<uint64_t>(m_H.data(), 1) }; - u64bit Z[2] = { 0, 0 }; + uint64_t Z[2] = { 0, 0 }; CT::poison(H, 2); CT::poison(Z, 2); @@ -44,30 +44,30 @@ void GHASH::gcm_multiply(secure_vector<byte>& x) const for(size_t i = 0; i != 2; ++i) { - const u64bit X = load_be<u64bit>(x.data(), i); + const uint64_t X = load_be<uint64_t>(x.data(), i); - u64bit mask = 0x8000000000000000; + uint64_t mask = 0x8000000000000000; for(size_t j = 0; j != 64; ++j) { - const u64bit XMASK = CT::expand_mask<u64bit>(X & mask); + const uint64_t XMASK = CT::expand_mask<uint64_t>(X & mask); mask >>= 1; Z[0] ^= H[0] & XMASK; Z[1] ^= H[1] & XMASK; // GCM's bit ops are reversed so we carry out of the bottom - const u64bit carry = R & CT::expand_mask<u64bit>(H[1] & 1); + const uint64_t carry = R & CT::expand_mask<uint64_t>(H[1] & 1); H[1] = (H[1] >> 1) | (H[0] << 63); H[0] = (H[0] >> 1) ^ carry; } } - store_be<u64bit>(x.data(), Z[0], Z[1]); + store_be<uint64_t>(x.data(), Z[0], Z[1]); CT::unpoison(x.data(), x.size()); } -void GHASH::ghash_update(secure_vector<byte>& ghash, - const byte input[], size_t length) +void GHASH::ghash_update(secure_vector<uint8_t>& ghash, + const uint8_t input[], size_t length) { /* This assumes if less than block size input then we're just on the @@ -86,7 +86,7 @@ void GHASH::ghash_update(secure_vector<byte>& ghash, } } -void GHASH::key_schedule(const byte key[], size_t length) +void GHASH::key_schedule(const uint8_t key[], size_t length) { m_H.assign(key, key+length); m_H_ad.resize(GCM_BS); @@ -94,13 +94,13 @@ void GHASH::key_schedule(const byte key[], size_t length) m_text_len = 0; } -void GHASH::start(const byte nonce[], size_t len) +void GHASH::start(const uint8_t nonce[], size_t len) { m_nonce.assign(nonce, nonce + len); m_ghash = m_H_ad; } -void GHASH::set_associated_data(const byte input[], size_t length) +void GHASH::set_associated_data(const uint8_t input[], size_t length) { zeroise(m_H_ad); @@ -108,7 +108,7 @@ void GHASH::set_associated_data(const byte input[], size_t length) m_ad_len = length; } -void GHASH::update(const byte input[], size_t length) +void GHASH::update(const uint8_t input[], size_t length) { BOTAN_ASSERT(m_ghash.size() == GCM_BS, "Key was set"); @@ -117,19 +117,19 @@ void GHASH::update(const byte input[], size_t length) ghash_update(m_ghash, input, length); } -void GHASH::add_final_block(secure_vector<byte>& hash, +void GHASH::add_final_block(secure_vector<uint8_t>& hash, size_t ad_len, size_t text_len) { - secure_vector<byte> final_block(GCM_BS); - store_be<u64bit>(final_block.data(), 8*ad_len, 8*text_len); + secure_vector<uint8_t> final_block(GCM_BS); + store_be<uint64_t>(final_block.data(), 8*ad_len, 8*text_len); ghash_update(hash, final_block.data(), final_block.size()); } -secure_vector<byte> GHASH::final() +secure_vector<uint8_t> GHASH::final() { add_final_block(m_ghash, m_ad_len, m_text_len); - secure_vector<byte> mac; + secure_vector<uint8_t> mac; mac.swap(m_ghash); mac ^= m_nonce; @@ -137,10 +137,10 @@ secure_vector<byte> GHASH::final() return mac; } -secure_vector<byte> GHASH::nonce_hash(const byte nonce[], size_t nonce_len) +secure_vector<uint8_t> GHASH::nonce_hash(const uint8_t nonce[], size_t nonce_len) { BOTAN_ASSERT(m_ghash.size() == 0, "nonce_hash called during wrong time"); - secure_vector<byte> y0(GCM_BS); + secure_vector<uint8_t> y0(GCM_BS); ghash_update(y0, nonce, nonce_len); add_final_block(y0, 0, nonce_len); @@ -217,29 +217,29 @@ Key_Length_Specification GCM_Mode::key_spec() const return m_ctr->key_spec(); } -void GCM_Mode::key_schedule(const byte key[], size_t keylen) +void GCM_Mode::key_schedule(const uint8_t key[], size_t keylen) { m_ctr->set_key(key, keylen); - const std::vector<byte> zeros(GCM_BS); + const std::vector<uint8_t> zeros(GCM_BS); m_ctr->set_iv(zeros.data(), zeros.size()); - secure_vector<byte> H(GCM_BS); + secure_vector<uint8_t> H(GCM_BS); m_ctr->encipher(H); m_ghash->set_key(H); } -void GCM_Mode::set_associated_data(const byte ad[], size_t ad_len) +void GCM_Mode::set_associated_data(const uint8_t ad[], size_t ad_len) { m_ghash->set_associated_data(ad, ad_len); } -void GCM_Mode::start_msg(const byte nonce[], size_t nonce_len) +void GCM_Mode::start_msg(const uint8_t nonce[], size_t nonce_len) { if(!valid_nonce_length(nonce_len)) throw Invalid_IV_Length(name(), nonce_len); - secure_vector<byte> y0(GCM_BS); + secure_vector<uint8_t> y0(GCM_BS); if(nonce_len == 12) { @@ -253,7 +253,7 @@ void GCM_Mode::start_msg(const byte nonce[], size_t nonce_len) m_ctr->set_iv(y0.data(), y0.size()); - secure_vector<byte> m_enc_y0(GCM_BS); + secure_vector<uint8_t> m_enc_y0(GCM_BS); m_ctr->encipher(m_enc_y0); m_ghash->start(m_enc_y0.data(), m_enc_y0.size()); @@ -267,11 +267,11 @@ size_t GCM_Encryption::process(uint8_t buf[], size_t sz) return sz; } -void GCM_Encryption::finish(secure_vector<byte>& buffer, size_t offset) +void GCM_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset) { BOTAN_ARG_CHECK(offset <= buffer.size()); const size_t sz = buffer.size() - offset; - byte* buf = buffer.data() + offset; + uint8_t* buf = buffer.data() + offset; m_ctr->cipher(buf, buf, sz); m_ghash->update(buf, sz); @@ -287,11 +287,11 @@ size_t GCM_Decryption::process(uint8_t buf[], size_t sz) return sz; } -void GCM_Decryption::finish(secure_vector<byte>& buffer, size_t offset) +void GCM_Decryption::finish(secure_vector<uint8_t>& buffer, size_t offset) { BOTAN_ARG_CHECK(offset <= buffer.size()); const size_t sz = buffer.size() - offset; - byte* buf = buffer.data() + offset; + uint8_t* buf = buffer.data() + offset; if(sz < tag_size()) throw Exception("Insufficient input for GCM decryption, tag missing"); @@ -307,7 +307,7 @@ void GCM_Decryption::finish(secure_vector<byte>& buffer, size_t offset) auto mac = m_ghash->final(); - const byte* included_tag = &buffer[remaining+offset]; + const uint8_t* included_tag = &buffer[remaining+offset]; if(!same_mem(mac.data(), included_tag, tag_size())) throw Integrity_Failure("GCM tag check failed"); diff --git a/src/lib/modes/aead/gcm/gcm.h b/src/lib/modes/aead/gcm/gcm.h index 65b6b0474..e2e3a2c9d 100644 --- a/src/lib/modes/aead/gcm/gcm.h +++ b/src/lib/modes/aead/gcm/gcm.h @@ -23,7 +23,7 @@ class GHASH; class BOTAN_DLL GCM_Mode : public AEAD_Mode { public: - void set_associated_data(const byte ad[], size_t ad_len) override; + void set_associated_data(const uint8_t ad[], size_t ad_len) override; std::string name() const override; @@ -52,9 +52,9 @@ class BOTAN_DLL GCM_Mode : public AEAD_Mode std::unique_ptr<StreamCipher> m_ctr; std::unique_ptr<GHASH> m_ghash; private: - void start_msg(const byte nonce[], size_t nonce_len) override; + void start_msg(const uint8_t nonce[], size_t nonce_len) override; - void key_schedule(const byte key[], size_t length) override; + void key_schedule(const uint8_t key[], size_t length) override; }; /** @@ -77,7 +77,7 @@ class BOTAN_DLL GCM_Encryption final : public GCM_Mode size_t process(uint8_t buf[], size_t size) override; - void finish(secure_vector<byte>& final_block, size_t offset = 0) override; + void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override; }; /** @@ -103,7 +103,7 @@ class BOTAN_DLL GCM_Decryption final : public GCM_Mode size_t process(uint8_t buf[], size_t size) override; - void finish(secure_vector<byte>& final_block, size_t offset = 0) override; + void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) override; }; /** @@ -113,18 +113,18 @@ class BOTAN_DLL GCM_Decryption final : public GCM_Mode class BOTAN_DLL GHASH : public SymmetricAlgorithm { public: - void set_associated_data(const byte ad[], size_t ad_len); + void set_associated_data(const uint8_t ad[], size_t ad_len); - secure_vector<byte> nonce_hash(const byte nonce[], size_t len); + secure_vector<uint8_t> nonce_hash(const uint8_t nonce[], size_t len); - void start(const byte nonce[], size_t len); + void start(const uint8_t nonce[], size_t len); /* * Assumes input len is multiple of 16 */ - void update(const byte in[], size_t len); + void update(const uint8_t in[], size_t len); - secure_vector<byte> final(); + secure_vector<uint8_t> final(); Key_Length_Specification key_spec() const override { return Key_Length_Specification(16); } @@ -135,23 +135,23 @@ class BOTAN_DLL GHASH : public SymmetricAlgorithm std::string name() const override { return "GHASH"; } protected: - void ghash_update(secure_vector<byte>& x, - const byte input[], size_t input_len); + void ghash_update(secure_vector<uint8_t>& x, + const uint8_t input[], size_t input_len); - void add_final_block(secure_vector<byte>& x, + void add_final_block(secure_vector<uint8_t>& x, size_t ad_len, size_t pt_len); - secure_vector<byte> m_H; - secure_vector<byte> m_H_ad; - secure_vector<byte> m_ghash; + secure_vector<uint8_t> m_H; + secure_vector<uint8_t> m_H_ad; + secure_vector<uint8_t> m_ghash; size_t m_ad_len = 0; private: - void key_schedule(const byte key[], size_t key_len) override; + void key_schedule(const uint8_t key[], size_t key_len) override; - void gcm_multiply(secure_vector<byte>& x) const; + void gcm_multiply(secure_vector<uint8_t>& x) const; - secure_vector<byte> m_nonce; + secure_vector<uint8_t> m_nonce; size_t m_text_len = 0; }; |