From a7dada790fd758dd2df2d43eff2059960d3397ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 29 Mar 2019 07:32:42 +0100
Subject: Redefine struct aes_ctx as a union of key-size specific contexts.

---
 aes.h | 84 +++++++++++++++++++++++++++++++++++--------------------------------
 1 file changed, 44 insertions(+), 40 deletions(-)

(limited to 'aes.h')

diff --git a/aes.h b/aes.h
index 333ec52f..25cb4ed0 100644
--- a/aes.h
+++ b/aes.h
@@ -71,46 +71,6 @@ extern "C" {
 #define _AES192_ROUNDS 12
 #define _AES256_ROUNDS 14
 
-/* Variable key size between 128 and 256 bits. But the only valid
- * values are 16 (128 bits), 24 (192 bits) and 32 (256 bits). */
-#define AES_MIN_KEY_SIZE AES128_KEY_SIZE
-#define AES_MAX_KEY_SIZE AES256_KEY_SIZE
-
-/* The older nettle-2.7 AES interface is deprecated, please migrate to
-   the newer interface where each algorithm has a fixed key size. */
-
-#define AES_KEY_SIZE 32
-
-struct aes_ctx
-{
-  unsigned rounds;  /* number of rounds to use for our key size */
-  uint32_t keys[4*(_AES256_ROUNDS + 1)];  /* maximum size of key schedule */
-};
-
-void
-aes_set_encrypt_key(struct aes_ctx *ctx,
-		    size_t length, const uint8_t *key)
-  _NETTLE_ATTRIBUTE_DEPRECATED;
-
-void
-aes_set_decrypt_key(struct aes_ctx *ctx,
-		   size_t length, const uint8_t *key)
-  _NETTLE_ATTRIBUTE_DEPRECATED;
-
-void
-aes_invert_key(struct aes_ctx *dst,
-	       const struct aes_ctx *src)
-  _NETTLE_ATTRIBUTE_DEPRECATED;
-
-void
-aes_encrypt(const struct aes_ctx *ctx,
-	    size_t length, uint8_t *dst,
-	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
-void
-aes_decrypt(const struct aes_ctx *ctx,
-	    size_t length, uint8_t *dst,
-	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
-
 struct aes128_ctx
 {
   uint32_t keys[4 * (_AES128_ROUNDS + 1)];
@@ -174,6 +134,50 @@ aes256_decrypt(const struct aes256_ctx *ctx,
 	       size_t length, uint8_t *dst,
 	       const uint8_t *src);
 
+/* The older nettle-2.7 AES interface is deprecated, please migrate to
+   the newer interface where each algorithm has a fixed key size. */
+
+/* Variable key size between 128 and 256 bits. But the only valid
+ * values are 16 (128 bits), 24 (192 bits) and 32 (256 bits). */
+#define AES_MIN_KEY_SIZE AES128_KEY_SIZE
+#define AES_MAX_KEY_SIZE AES256_KEY_SIZE
+
+#define AES_KEY_SIZE 32
+
+struct aes_ctx
+{
+  unsigned key_size;  /* In octets */
+  union {
+    struct aes128_ctx ctx128;
+    struct aes192_ctx ctx192;
+    struct aes256_ctx ctx256;
+  } u;
+};
+
+void
+aes_set_encrypt_key(struct aes_ctx *ctx,
+		    size_t length, const uint8_t *key)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
+
+void
+aes_set_decrypt_key(struct aes_ctx *ctx,
+		   size_t length, const uint8_t *key)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
+
+void
+aes_invert_key(struct aes_ctx *dst,
+	       const struct aes_ctx *src)
+  _NETTLE_ATTRIBUTE_DEPRECATED;
+
+void
+aes_encrypt(const struct aes_ctx *ctx,
+	    size_t length, uint8_t *dst,
+	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
+void
+aes_decrypt(const struct aes_ctx *ctx,
+	    size_t length, uint8_t *dst,
+	    const uint8_t *src) _NETTLE_ATTRIBUTE_DEPRECATED;
+
 #ifdef __cplusplus
 }
 #endif
-- 
cgit v1.2.1