Botan 2.19.2
Crypto and TLS for C&
ghash.h
Go to the documentation of this file.
1/*
2* (C) 2013 Jack Lloyd
3* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_GCM_GHASH_H_
9#define BOTAN_GCM_GHASH_H_
10
11#include <botan/sym_algo.h>
12
14
15namespace Botan {
16
17/**
18* GCM's GHASH
19* This is not intended for general use, but is exposed to allow
20* shared code between GCM and GMAC
21*/
23 {
24 public:
25 void set_associated_data(const uint8_t ad[], size_t ad_len);
26
27 secure_vector<uint8_t> BOTAN_DEPRECATED("Use other impl")
28 nonce_hash(const uint8_t nonce[], size_t nonce_len)
29 {
30 secure_vector<uint8_t> y0(GCM_BS);
31 nonce_hash(y0, nonce, nonce_len);
32 return y0;
33 }
34
35 void nonce_hash(secure_vector<uint8_t>& y0, const uint8_t nonce[], size_t len);
36
37 void start(const uint8_t nonce[], size_t len);
38
39 /*
40 * Assumes input len is multiple of 16
41 */
42 void update(const uint8_t in[], size_t len);
43
44 /*
45 * Incremental update of associated data
46 */
47 void update_associated_data(const uint8_t ad[], size_t len);
48
49 secure_vector<uint8_t> BOTAN_DEPRECATED("Use version taking output params") final()
50 {
51 secure_vector<uint8_t> mac(GCM_BS);
52 final(mac.data(), mac.size());
53 return mac;
54 }
55
56 void final(uint8_t out[], size_t out_len);
57
59 { return Key_Length_Specification(16); }
60
61 void clear() override;
62
63 void reset();
64
65 std::string name() const override { return "GHASH"; }
66
67 std::string provider() const;
68
69 void ghash_update(secure_vector<uint8_t>& x,
70 const uint8_t input[], size_t input_len);
71
72 void add_final_block(secure_vector<uint8_t>& x,
73 size_t ad_len, size_t pt_len);
74 private:
75
76#if defined(BOTAN_HAS_GHASH_CLMUL_CPU)
77 static void ghash_precompute_cpu(const uint8_t H[16], uint64_t H_pow[4*2]);
78
79 static void ghash_multiply_cpu(uint8_t x[16],
80 const uint64_t H_pow[4*2],
81 const uint8_t input[], size_t blocks);
82#endif
83
84#if defined(BOTAN_HAS_GHASH_CLMUL_VPERM)
85 static void ghash_multiply_vperm(uint8_t x[16],
86 const uint64_t HM[256],
87 const uint8_t input[], size_t blocks);
88#endif
89
90 void key_schedule(const uint8_t key[], size_t key_len) override;
91
92 void ghash_multiply(secure_vector<uint8_t>& x,
93 const uint8_t input[],
94 size_t blocks);
95
96 static const size_t GCM_BS = 16;
97
104 size_t m_ad_len = 0;
105 size_t m_text_len = 0;
106 };
107
108}
109
110#endif
std::string name() const override
Definition: ghash.h:65
Key_Length_Specification key_spec() const override
Definition: ghash.h:58
virtual void clear()=0
int(* update)(CTX *, const void *, CC_LONG len)
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr)
Definition: compiler.h:136
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65