Implement AES-GCM-SIV

This implements AES-GCM-SIV, described in RFC8452, on top of the existing AES-GCM primitives. In particular, its hash algorithm POLYVAL is implemented using the GHASH with additional byte order conversion according to RFC8452 Appendix A. Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2022-08-16 16:37:51 +0900
committer: Daiki Ueno <dueno@redhat.com> 2022-09-27 06:46:41 +0900
commit: f5b64ecc8decb86f2716b050a69828e8b9c71180 (patch)
tree: 7088b646b95fea94cc4e29707bb6004ab3f93090 /nettle-internal.h
parent: ff660604eb66c5ff2b2bb508ba7f41b9c13c8087 (diff)
download: nettle-f5b64ecc8decb86f2716b050a69828e8b9c71180.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/nettle-internal.h b/nettle-internal.h
index 92416400..b7726d68 100644
--- a/nettle-internal.h
+++ b/nettle-internal.h
@@ -80,6 +80,7 @@
 #define NETTLE_MAX_HASH_CONTEXT_SIZE (sizeof(struct sha3_224_ctx))
 #define NETTLE_MAX_SEXP_ASSOC 17
 #define NETTLE_MAX_CIPHER_BLOCK_SIZE 32
+#define NETTLE_MAX_CIPHER_KEY_SIZE 32
 
 /* Doesn't quite fit with the other algorithms, because of the weak
  * keys. Weak keys are not reported, the functions will simply crash
author	Daiki Ueno <dueno@redhat.com>	2022-08-16 16:37:51 +0900
committer	Daiki Ueno <dueno@redhat.com>	2022-09-27 06:46:41 +0900
commit	f5b64ecc8decb86f2716b050a69828e8b9c71180 (patch)
tree	7088b646b95fea94cc4e29707bb6004ab3f93090 /nettle-internal.h
parent	ff660604eb66c5ff2b2bb508ba7f41b9c13c8087 (diff)
download	nettle-f5b64ecc8decb86f2716b050a69828e8b9c71180.tar.gz