diff options
| author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-11-20 15:06:03 +0200 |
|---|---|---|
| committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-11-20 18:45:46 +0200 |
| commit | fb1e52e3fe231671de546eacd6becd31c26c4f7b (patch) | |
| tree | 7d99e8d25341febcb8d66c8cf8b1229ae590e3a6 /cipher/cipher-internal.h | |
| parent | 2d870a9142e8c8b3f008e1ad8e83e4bdf7a8e4e7 (diff) | |
| download | libgcrypt-fb1e52e3fe231671de546eacd6becd31c26c4f7b.tar.gz | |
GCM: Add support for split data buffers and online operation
* cipher/cipher-gcm.c (do_ghash_buf): Add buffering for less than
blocksize length input and padding handling.
(_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt): Add handling
for AAD padding and check if data has already being padded.
(_gcry_cipher_gcm_authenticate): Check that AAD or data has not being
padded yet.
(_gcry_cipher_gcm_initiv): Clear padding marks.
(_gcry_cipher_gcm_tag): Add finalization and padding; Clear sensitive
data from cipher handle, since they are not used after generating tag.
* cipher/cipher-internal.h (gcry_cipher_handle): Add 'u_mode.gcm.macbuf',
'u_mode.gcm.mac_unused', 'u_mode.gcm.ghash_data_finalized' and
'u_mode.gcm.ghash_aad_finalized'.
* tests/basic.c (check_gcm_cipher): Rename to...
(_check_gcm_cipher): ...this and add handling for different buffer step
lengths; Enable per byte buffer testing.
(check_gcm_cipher): Call _check_gcm_cipher with different buffer step
sizes.
--
Until now, GCM was expecting full data to be input in one go. This patch adds
support for feeding data continuously (for encryption/decryption/aad).
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'cipher/cipher-internal.h')
| -rw-r--r-- | cipher/cipher-internal.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h index 225f6993..ede6f757 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -168,6 +168,10 @@ struct gcry_cipher_handle unsigned char tag[MAX_BLOCKSIZE]; } u_tag; + /* Space to save partial input lengths for MAC. */ + unsigned char macbuf[GCRY_CCM_BLOCK_LEN]; + int mac_unused; /* Number of unprocessed bytes in MACBUF. */ + /* byte counters for GCM */ u32 aadlen[2]; u32 datalen[2]; @@ -187,6 +191,9 @@ struct gcry_cipher_handle #endif #endif + unsigned int ghash_data_finalized:1; + unsigned int ghash_aad_finalized:1; + unsigned int datalen_over_limits:1; unsigned int disallow_encryption_because_of_setiv_in_fips_mode:1; #ifdef GCM_USE_INTEL_PCLMUL |