1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
/* poly1305.h
*
* Copyright (C) 2006-2020 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/wolfcrypt/poly1305.h
*/
#ifndef WOLF_CRYPT_POLY1305_H
#define WOLF_CRYPT_POLY1305_H
#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_POLY1305
#ifdef __cplusplus
extern "C" {
#endif
/* auto detect between 32bit / 64bit */
#if defined(__SIZEOF_INT128__) && defined(__LP64__)
#define WC_HAS_SIZEOF_INT128_64BIT
#endif
#if defined(_MSC_VER) && defined(_M_X64)
#define WC_HAS_MSVC_64BIT
#endif
#if (defined(__GNUC__) && defined(__LP64__) && \
((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4))))
#define WC_HAS_GCC_4_4_64BIT
#endif
#ifdef USE_INTEL_SPEEDUP
#elif (defined(WC_HAS_SIZEOF_INT128_64BIT) || defined(WC_HAS_MSVC_64BIT) || \
defined(WC_HAS_GCC_4_4_64BIT))
#define POLY130564
#else
#define POLY130532
#endif
enum {
POLY1305 = 7,
POLY1305_BLOCK_SIZE = 16,
POLY1305_DIGEST_SIZE = 16,
};
#define WC_POLY1305_PAD_SZ 16
#define WC_POLY1305_MAC_SZ 16
/* Poly1305 state */
typedef struct Poly1305 {
#ifdef USE_INTEL_SPEEDUP
word64 r[3];
word64 h[3];
word64 pad[2];
word64 hh[20];
word32 r1[8];
word32 r2[8];
word32 r3[8];
word32 r4[8];
word64 hm[16];
unsigned char buffer[8*POLY1305_BLOCK_SIZE];
size_t leftover;
unsigned char finished;
unsigned char started;
#else
#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
ALIGN128 word32 r[5];
ALIGN128 word32 r_2[5]; // r^2
ALIGN128 word32 r_4[5]; // r^4
ALIGN128 word32 h[5];
word32 pad[4];
word64 leftover;
#else
#if defined(POLY130564)
word64 r[3];
word64 h[3];
word64 pad[2];
#else
word32 r[5];
word32 h[5];
word32 pad[4];
#endif
size_t leftover;
#endif /* WOLFSSL_ARMASM */
unsigned char buffer[POLY1305_BLOCK_SIZE];
unsigned char finished;
#endif
} Poly1305;
/* does init */
WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key,
word32 kySz);
WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32);
WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
/* AEAD Functions */
WOLFSSL_API int wc_Poly1305_Pad(Poly1305* ctx, word32 lenToPad);
WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 dataSz);
WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
byte* input, word32 sz, byte* tag, word32 tagSz);
void poly1305_block(Poly1305* ctx, const unsigned char *m);
void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
size_t bytes);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* HAVE_POLY1305 */
#endif /* WOLF_CRYPT_POLY1305_H */
|