summaryrefslogtreecommitdiff
path: root/cipher/cipher.c
diff options
context:
space:
mode:
authorJussi Kivilinna <jussi.kivilinna@iki.fi>2018-06-19 18:34:33 +0300
committerJussi Kivilinna <jussi.kivilinna@iki.fi>2018-06-19 19:29:25 +0300
commit233e2049a2cc1c1110f541b6a7ef145a737e2c65 (patch)
tree430e6be55ed3d56bb51787cc0342a00ed1c7dacc /cipher/cipher.c
parent87d8caa47e00f1b1cea968fe38cf30c0ccc9749c (diff)
downloadlibgcrypt-233e2049a2cc1c1110f541b6a7ef145a737e2c65.tar.gz
Access cipher mode routines through routine pointers
* cipher/cipher-internal.h (gcry_cipher_handle): Add function pointers for mode operations. (_gcry_cipher_xts_crypt): Remove. (_gcry_cipher_xts_encrypt, _gcry_cipher_xts_decrypt): New. * cipher/cipher-xts.c (_gcry_cipher_xts_encrypt) (_gcry_cipher_xts_decrypt): New. * cipher/cipher.c (_gcry_cipher_setup_mode_ops): New. (_gcry_cipher_open_internal): Setup mode routines. (cipher_encrypt, cipher_decrypt): Remove. (do_stream_encrypt, do_stream_decrypt, do_encrypt_none_unknown) (do_decrypt_none_unknown): New. (_gcry_cipher_encrypt, _gcry_cipher_decrypt, _gcry_cipher_setiv) (_gcry_cipher_authenticate, _gcry_cipher_gettag) (_gcry_cipher_checktag): Adapted to use mode routines through pointers. -- Change to use mode operations through pointers to reduce per call overhead for cipher operations. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'cipher/cipher.c')
-rw-r--r--cipher/cipher.c492
1 files changed, 230 insertions, 262 deletions
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 54d00b46..a4dfc4dd 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -200,6 +200,8 @@ static gcry_cipher_spec_t * const cipher_list_algo301[] =
};
+static void _gcry_cipher_setup_mode_ops(gcry_cipher_hd_t c, int mode);
+
static int
map_algo (int algo)
@@ -706,6 +708,9 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
break;
}
+ /* Setup mode routines. */
+ _gcry_cipher_setup_mode_ops(h, mode);
+
/* Setup defaults depending on the mode. */
switch (mode)
{
@@ -723,8 +728,7 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
default:
break;
}
-
- }
+ }
}
/* Done. */
@@ -994,93 +998,78 @@ do_ecb_decrypt (gcry_cipher_hd_t c,
}
-/****************
- * Encrypt INBUF to OUTBUF with the mode selected at open.
- * inbuf and outbuf may overlap or be the same.
- * Depending on the mode some constraints apply to INBUFLEN.
- */
static gcry_err_code_t
-cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
- const byte *inbuf, size_t inbuflen)
+do_stream_encrypt (gcry_cipher_hd_t c,
+ unsigned char *outbuf, size_t outbuflen,
+ const unsigned char *inbuf, size_t inbuflen)
+{
+ (void)outbuflen;
+ c->spec->stencrypt (&c->context.c, outbuf, (void *)inbuf, inbuflen);
+ return 0;
+}
+
+static gcry_err_code_t
+do_stream_decrypt (gcry_cipher_hd_t c,
+ unsigned char *outbuf, size_t outbuflen,
+ const unsigned char *inbuf, size_t inbuflen)
+{
+ (void)outbuflen;
+ c->spec->stdecrypt (&c->context.c, outbuf, (void *)inbuf, inbuflen);
+ return 0;
+}
+
+
+static gcry_err_code_t
+do_encrypt_none_unknown (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
+ const byte *inbuf, size_t inbuflen)
{
gcry_err_code_t rc;
- if (c->mode != GCRY_CIPHER_MODE_NONE && !c->marks.key)
- {
- log_error ("cipher_encrypt: key not set\n");
- return GPG_ERR_MISSING_KEY;
- }
+ (void)outbuflen;
switch (c->mode)
{
- case GCRY_CIPHER_MODE_ECB:
- rc = do_ecb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
+ case GCRY_CIPHER_MODE_CMAC:
+ rc = GPG_ERR_INV_CIPHER_MODE;
break;
- case GCRY_CIPHER_MODE_CBC:
- if (!(c->flags & GCRY_CIPHER_CBC_CTS))
- rc = _gcry_cipher_cbc_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
+ case GCRY_CIPHER_MODE_NONE:
+ if (fips_mode () || !_gcry_get_debug_flag (0))
+ {
+ fips_signal_error ("cipher mode NONE used");
+ rc = GPG_ERR_INV_CIPHER_MODE;
+ }
else
- rc = _gcry_cipher_cbc_cts_encrypt (c, outbuf, outbuflen, inbuf,
- inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CFB:
- rc = _gcry_cipher_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CFB8:
- rc = _gcry_cipher_cfb8_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
+ {
+ if (inbuf != outbuf)
+ memmove (outbuf, inbuf, inbuflen);
+ rc = 0;
+ }
break;
- case GCRY_CIPHER_MODE_OFB:
- rc = _gcry_cipher_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
+ default:
+ log_fatal ("cipher_encrypt: invalid mode %d\n", c->mode );
+ rc = GPG_ERR_INV_CIPHER_MODE;
break;
+ }
- case GCRY_CIPHER_MODE_CTR:
- rc = _gcry_cipher_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
+ return rc;
+}
- case GCRY_CIPHER_MODE_AESWRAP:
- rc = _gcry_cipher_aeswrap_encrypt (c, outbuf, outbuflen,
- inbuf, inbuflen);
- break;
+static gcry_err_code_t
+do_decrypt_none_unknown (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
+ const byte *inbuf, size_t inbuflen)
+{
+ gcry_err_code_t rc;
- case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
+ (void)outbuflen;
+ switch (c->mode)
+ {
case GCRY_CIPHER_MODE_CMAC:
rc = GPG_ERR_INV_CIPHER_MODE;
break;
- case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_encrypt (c, outbuf, outbuflen,
- inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_XTS:
- rc = _gcry_cipher_xts_crypt (c, outbuf, outbuflen, inbuf, inbuflen, 1);
- break;
-
- case GCRY_CIPHER_MODE_STREAM:
- c->spec->stencrypt (&c->context.c,
- outbuf, (byte*)/*arggg*/inbuf, inbuflen);
- rc = 0;
- break;
-
case GCRY_CIPHER_MODE_NONE:
if (fips_mode () || !_gcry_get_debug_flag (0))
{
@@ -1096,7 +1085,7 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
break;
default:
- log_fatal ("cipher_encrypt: invalid mode %d\n", c->mode );
+ log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode );
rc = GPG_ERR_INV_CIPHER_MODE;
break;
}
@@ -1121,7 +1110,13 @@ _gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
inlen = outsize;
}
- rc = cipher_encrypt (h, out, outsize, in, inlen);
+ if (h->mode != GCRY_CIPHER_MODE_NONE && !h->marks.key)
+ {
+ log_error ("cipher_decrypt: key not set\n");
+ return GPG_ERR_MISSING_KEY;
+ }
+
+ rc = h->mode_ops.encrypt (h, out, outsize, in, inlen);
/* Failsafe: Make sure that the plaintext will never make it into
OUT if the encryption returned an error. */
@@ -1132,118 +1127,10 @@ _gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
}
-
/****************
- * Decrypt INBUF to OUTBUF with the mode selected at open.
- * inbuf and outbuf may overlap or be the same.
- * Depending on the mode some some constraints apply to INBUFLEN.
+ * Decrypt IN and write it to OUT. If IN is NULL, in-place encryption has
+ * been requested.
*/
-static gcry_err_code_t
-cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen,
- const byte *inbuf, size_t inbuflen)
-{
- gcry_err_code_t rc;
-
- if (c->mode != GCRY_CIPHER_MODE_NONE && !c->marks.key)
- {
- log_error ("cipher_decrypt: key not set\n");
- return GPG_ERR_MISSING_KEY;
- }
-
- switch (c->mode)
- {
- case GCRY_CIPHER_MODE_ECB:
- rc = do_ecb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CBC:
- if (!(c->flags & GCRY_CIPHER_CBC_CTS))
- rc = _gcry_cipher_cbc_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- else
- rc = _gcry_cipher_cbc_cts_decrypt (c, outbuf, outbuflen, inbuf,
- inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CFB:
- rc = _gcry_cipher_cfb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CFB8:
- rc = _gcry_cipher_cfb8_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_OFB:
- rc = _gcry_cipher_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CTR:
- rc = _gcry_cipher_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_AESWRAP:
- rc = _gcry_cipher_aeswrap_decrypt (c, outbuf, outbuflen,
- inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_CMAC:
- rc = GPG_ERR_INV_CIPHER_MODE;
- break;
-
- case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_decrypt (c, outbuf, outbuflen,
- inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen);
- break;
-
- case GCRY_CIPHER_MODE_XTS:
- rc = _gcry_cipher_xts_crypt (c, outbuf, outbuflen, inbuf, inbuflen, 0);
- break;
-
- case GCRY_CIPHER_MODE_STREAM:
- c->spec->stdecrypt (&c->context.c,
- outbuf, (byte*)/*arggg*/inbuf, inbuflen);
- rc = 0;
- break;
-
- case GCRY_CIPHER_MODE_NONE:
- if (fips_mode () || !_gcry_get_debug_flag (0))
- {
- fips_signal_error ("cipher mode NONE used");
- rc = GPG_ERR_INV_CIPHER_MODE;
- }
- else
- {
- if (inbuf != outbuf)
- memmove (outbuf, inbuf, inbuflen);
- rc = 0;
- }
- break;
-
- default:
- log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode );
- rc = GPG_ERR_INV_CIPHER_MODE;
- break;
- }
-
- return rc;
-}
-
-
gcry_err_code_t
_gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
const void *in, size_t inlen)
@@ -1254,9 +1141,14 @@ _gcry_cipher_decrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
inlen = outsize;
}
- return cipher_decrypt (h, out, outsize, in, inlen);
-}
+ if (h->mode != GCRY_CIPHER_MODE_NONE && !h->marks.key)
+ {
+ log_error ("cipher_decrypt: key not set\n");
+ return GPG_ERR_MISSING_KEY;
+ }
+ return h->mode_ops.decrypt (h, out, outsize, in, inlen);
+}
/****************
@@ -1287,37 +1179,10 @@ _gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen)
gcry_err_code_t
_gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen)
{
- gcry_err_code_t rc = 0;
-
- switch (hd->mode)
- {
- case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_set_nonce (hd, iv, ivlen);
- break;
-
- case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_set_nonce (hd, iv, ivlen);
- break;
-
- case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_setiv (hd, iv, ivlen);
- break;
-
- case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_setiv (hd, iv, ivlen);
- break;
-
- case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_set_nonce (hd, iv, ivlen);
- break;
-
- default:
- rc = cipher_setiv (hd, iv, ivlen);
- break;
- }
- return rc;
+ return hd->mode_ops.setiv (hd, iv, ivlen);
}
+
/* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
block size length, or (NULL,0) to set the CTR to the all-zero
block. */
@@ -1351,127 +1216,230 @@ _gcry_cipher_getctr (gcry_cipher_hd_t hd, void *ctr, size_t ctrlen)
return 0;
}
+
gcry_err_code_t
_gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
size_t abuflen)
{
gcry_err_code_t rc;
- switch (hd->mode)
+ if (hd->mode_ops.authenticate)
{
- case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_authenticate (hd, abuf, abuflen);
+ rc = hd->mode_ops.authenticate (hd, abuf, abuflen);
+ }
+ else
+ {
+ log_error ("gcry_cipher_authenticate: invalid mode %d\n", hd->mode);
+ rc = GPG_ERR_INV_CIPHER_MODE;
+ }
+
+ return rc;
+}
+
+
+gcry_err_code_t
+_gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, size_t taglen)
+{
+ gcry_err_code_t rc;
+
+ if (hd->mode_ops.get_tag)
+ {
+ rc = hd->mode_ops.get_tag (hd, outtag, taglen);
+ }
+ else
+ {
+ log_error ("gcry_cipher_gettag: invalid mode %d\n", hd->mode);
+ rc = GPG_ERR_INV_CIPHER_MODE;
+ }
+
+ return rc;
+}
+
+
+gcry_err_code_t
+_gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen)
+{
+ gcry_err_code_t rc;
+
+ if (hd->mode_ops.check_tag)
+ {
+ rc = hd->mode_ops.check_tag (hd, intag, taglen);
+ }
+ else
+ {
+ log_error ("gcry_cipher_checktag: invalid mode %d\n", hd->mode);
+ rc = GPG_ERR_INV_CIPHER_MODE;
+ }
+
+ return rc;
+}
+
+
+
+static void
+_gcry_cipher_setup_mode_ops(gcry_cipher_hd_t c, int mode)
+{
+ /* Setup encryption and decryption routines. */
+ switch (mode)
+ {
+ case GCRY_CIPHER_MODE_STREAM:
+ c->mode_ops.encrypt = do_stream_encrypt;
+ c->mode_ops.decrypt = do_stream_decrypt;
break;
- case GCRY_CIPHER_MODE_CMAC:
- rc = _gcry_cipher_cmac_authenticate (hd, abuf, abuflen);
+ case GCRY_CIPHER_MODE_ECB:
+ c->mode_ops.encrypt = do_ecb_encrypt;
+ c->mode_ops.decrypt = do_ecb_decrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_CBC:
+ if (!(c->flags & GCRY_CIPHER_CBC_CTS))
+ {
+ c->mode_ops.encrypt = _gcry_cipher_cbc_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_cbc_decrypt;
+ }
+ else
+ {
+ c->mode_ops.encrypt = _gcry_cipher_cbc_cts_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_cbc_cts_decrypt;
+ }
+ break;
+
+ case GCRY_CIPHER_MODE_CFB:
+ c->mode_ops.encrypt = _gcry_cipher_cfb_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_cfb_decrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_CFB8:
+ c->mode_ops.encrypt = _gcry_cipher_cfb8_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_cfb8_decrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_OFB:
+ c->mode_ops.encrypt = _gcry_cipher_ofb_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_ofb_encrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_CTR:
+ c->mode_ops.encrypt = _gcry_cipher_ctr_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_ctr_encrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_AESWRAP:
+ c->mode_ops.encrypt = _gcry_cipher_aeswrap_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_aeswrap_decrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_CCM:
+ c->mode_ops.encrypt = _gcry_cipher_ccm_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_ccm_decrypt;
break;
case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_authenticate (hd, abuf, abuflen);
+ c->mode_ops.encrypt = _gcry_cipher_eax_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_eax_decrypt;
break;
case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_authenticate (hd, abuf, abuflen);
+ c->mode_ops.encrypt = _gcry_cipher_gcm_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_gcm_decrypt;
break;
case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_authenticate (hd, abuf, abuflen);
+ c->mode_ops.encrypt = _gcry_cipher_poly1305_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_poly1305_decrypt;
break;
case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_authenticate (hd, abuf, abuflen);
+ c->mode_ops.encrypt = _gcry_cipher_ocb_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_ocb_decrypt;
+ break;
+
+ case GCRY_CIPHER_MODE_XTS:
+ c->mode_ops.encrypt = _gcry_cipher_xts_encrypt;
+ c->mode_ops.decrypt = _gcry_cipher_xts_decrypt;
break;
default:
- log_error ("gcry_cipher_authenticate: invalid mode %d\n", hd->mode);
- rc = GPG_ERR_INV_CIPHER_MODE;
+ c->mode_ops.encrypt = do_encrypt_none_unknown;
+ c->mode_ops.decrypt = do_decrypt_none_unknown;
break;
}
- return rc;
-}
-
-
-gcry_err_code_t
-_gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag, size_t taglen)
-{
- gcry_err_code_t rc;
-
- switch (hd->mode)
+ /* Setup IV setting routine. */
+ switch (mode)
{
case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_get_tag (hd, outtag, taglen);
- break;
-
- case GCRY_CIPHER_MODE_CMAC:
- rc = _gcry_cipher_cmac_get_tag (hd, outtag, taglen);
+ c->mode_ops.setiv = _gcry_cipher_ccm_set_nonce;
break;
case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_get_tag (hd, outtag, taglen);
+ c->mode_ops.setiv = _gcry_cipher_eax_set_nonce;
break;
case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_get_tag (hd, outtag, taglen);
+ c->mode_ops.setiv = _gcry_cipher_gcm_setiv;
break;
case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_get_tag (hd, outtag, taglen);
+ c->mode_ops.setiv = _gcry_cipher_poly1305_setiv;
break;
case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_get_tag (hd, outtag, taglen);
+ c->mode_ops.setiv = _gcry_cipher_ocb_set_nonce;
break;
default:
- log_error ("gcry_cipher_gettag: invalid mode %d\n", hd->mode);
- rc = GPG_ERR_INV_CIPHER_MODE;
+ c->mode_ops.setiv = cipher_setiv;
break;
}
- return rc;
-}
-
-gcry_err_code_t
-_gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen)
-{
- gcry_err_code_t rc;
-
- switch (hd->mode)
+ /* Setup authentication routines for AEAD modes. */
+ switch (mode)
{
case GCRY_CIPHER_MODE_CCM:
- rc = _gcry_cipher_ccm_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_ccm_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_ccm_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_ccm_check_tag;
break;
case GCRY_CIPHER_MODE_CMAC:
- rc = _gcry_cipher_cmac_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_cmac_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_cmac_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_cmac_check_tag;
break;
case GCRY_CIPHER_MODE_EAX:
- rc = _gcry_cipher_eax_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_eax_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_eax_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_eax_check_tag;
break;
case GCRY_CIPHER_MODE_GCM:
- rc = _gcry_cipher_gcm_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_gcm_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_gcm_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_gcm_check_tag;
break;
case GCRY_CIPHER_MODE_POLY1305:
- rc = _gcry_cipher_poly1305_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_poly1305_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_poly1305_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_poly1305_check_tag;
break;
case GCRY_CIPHER_MODE_OCB:
- rc = _gcry_cipher_ocb_check_tag (hd, intag, taglen);
+ c->mode_ops.authenticate = _gcry_cipher_ocb_authenticate;
+ c->mode_ops.get_tag = _gcry_cipher_ocb_get_tag;
+ c->mode_ops.check_tag = _gcry_cipher_ocb_check_tag;
break;
default:
- log_error ("gcry_cipher_checktag: invalid mode %d\n", hd->mode);
- rc = GPG_ERR_INV_CIPHER_MODE;
+ c->mode_ops.authenticate = NULL;
+ c->mode_ops.get_tag = NULL;
+ c->mode_ops.check_tag = NULL;
break;
}
-
- return rc;
}
View Lorry Controller Status