<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <title>DTN Reference Implementation: gcm.h Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"> <link href="doxygen.css" rel="stylesheet" type="text/css"> </head><body> <!-- Generated by Doxygen 1.5.8 --> <div class="navigation" id="top"> <div class="tabs"> <ul> <li><a href="main.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="annotated.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div class="tabs"> <ul> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>File Members</span></a></li> </ul> </div> <h1>gcm.h</h1><a href="gcm_8h.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span> <a name="l00002"></a>00002 <span class="comment"> ---------------------------------------------------------------------------</span> <a name="l00003"></a>00003 <span class="comment"> Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.</span> <a name="l00004"></a>00004 <span class="comment"></span> <a name="l00005"></a>00005 <span class="comment"> LICENSE TERMS</span> <a name="l00006"></a>00006 <span class="comment"></span> <a name="l00007"></a>00007 <span class="comment"> The free distribution and use of this software in both source and binary</span> <a name="l00008"></a>00008 <span class="comment"> form is allowed (with or without changes) provided that:</span> <a name="l00009"></a>00009 <span class="comment"></span> <a name="l00010"></a>00010 <span class="comment"> 1. distributions of this source code include the above copyright</span> <a name="l00011"></a>00011 <span class="comment"> notice, this list of conditions and the following disclaimer;</span> <a name="l00012"></a>00012 <span class="comment"></span> <a name="l00013"></a>00013 <span class="comment"> 2. distributions in binary form include the above copyright</span> <a name="l00014"></a>00014 <span class="comment"> notice, this list of conditions and the following disclaimer</span> <a name="l00015"></a>00015 <span class="comment"> in the documentation and/or other associated materials;</span> <a name="l00016"></a>00016 <span class="comment"></span> <a name="l00017"></a>00017 <span class="comment"> 3. the copyright holder's name is not used to endorse products</span> <a name="l00018"></a>00018 <span class="comment"> built using this software without specific written permission.</span> <a name="l00019"></a>00019 <span class="comment"></span> <a name="l00020"></a>00020 <span class="comment"> ALTERNATIVELY, provided that this notice is retained in full, this product</span> <a name="l00021"></a>00021 <span class="comment"> may be distributed under the terms of the GNU General Public License (GPL),</span> <a name="l00022"></a>00022 <span class="comment"> in which case the provisions of the GPL apply INSTEAD OF those given above.</span> <a name="l00023"></a>00023 <span class="comment"></span> <a name="l00024"></a>00024 <span class="comment"> DISCLAIMER</span> <a name="l00025"></a>00025 <span class="comment"></span> <a name="l00026"></a>00026 <span class="comment"> This software is provided 'as is' with no explicit or implied warranties</span> <a name="l00027"></a>00027 <span class="comment"> in respect of its properties, including, but not limited to, correctness</span> <a name="l00028"></a>00028 <span class="comment"> and/or fitness for purpose.</span> <a name="l00029"></a>00029 <span class="comment"> ---------------------------------------------------------------------------</span> <a name="l00030"></a>00030 <span class="comment"> Issue Date: 13/10/2006</span> <a name="l00031"></a>00031 <span class="comment">*/</span> <a name="l00032"></a>00032 <a name="l00033"></a>00033 <span class="comment">/* This file changed 5 June 2007 to reflect name change </span> <a name="l00034"></a>00034 <span class="comment"> of included file from "aes.h" to "gcm_aes.h"</span> <a name="l00035"></a>00035 <span class="comment"> Changed by Peter Lovell, SPARTA Inc., for DTN project.</span> <a name="l00036"></a>00036 <span class="comment">*/</span> <a name="l00037"></a>00037 <a name="l00038"></a>00038 <span class="preprocessor">#ifndef _GCM_H</span> <a name="l00039"></a>00039 <span class="preprocessor"></span><span class="preprocessor">#define _GCM_H</span> <a name="l00040"></a>00040 <span class="preprocessor"></span> <a name="l00041"></a>00041 <span class="comment">/* This define sets the memory alignment that will be used for fast move</span> <a name="l00042"></a>00042 <span class="comment"> and xor operations on buffers when the alignment matches this value. </span> <a name="l00043"></a>00043 <span class="comment">*/</span> <a name="l00044"></a>00044 <span class="preprocessor">#if !defined( BFR_UNIT )</span> <a name="l00045"></a>00045 <span class="preprocessor"></span><span class="preprocessor"># if 1</span> <a name="l00046"></a><a class="code" href="gcm_8h.html#d63e1f447f6a9816ca34e2a77c1adeea">00046</a> <span class="preprocessor"></span><span class="preprocessor"># define BFR_UNIT 64</span> <a name="l00047"></a>00047 <span class="preprocessor"></span><span class="preprocessor"># elif 0</span> <a name="l00048"></a>00048 <span class="preprocessor"></span><span class="preprocessor"># define BFR_UNIT 32</span> <a name="l00049"></a>00049 <span class="preprocessor"></span><span class="preprocessor"># else</span> <a name="l00050"></a>00050 <span class="preprocessor"></span><span class="preprocessor"># define BFR_UNIT 8</span> <a name="l00051"></a>00051 <span class="preprocessor"></span><span class="preprocessor"># endif</span> <a name="l00052"></a>00052 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00053"></a>00053 <span class="preprocessor"></span> <a name="l00054"></a>00054 <span class="preprocessor">#include "<a class="code" href="gcm__aes_8h.html">gcm_aes.h</a>"</span> <a name="l00055"></a>00055 <span class="preprocessor">#include "<a class="code" href="gf128mul_8h.html">gf128mul.h</a>"</span> <a name="l00056"></a>00056 <a name="l00057"></a>00057 <span class="preprocessor">#if defined(__cplusplus)</span> <a name="l00058"></a>00058 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="stringliteral">"C"</span> <a name="l00059"></a>00059 { <a name="l00060"></a>00060 <span class="preprocessor">#endif</span> <a name="l00061"></a>00061 <span class="preprocessor"></span> <a name="l00062"></a>00062 <span class="comment">/* After encryption or decryption operations the return value of</span> <a name="l00063"></a>00063 <span class="comment"> 'compute tag' will be one of the values RETURN_OK, RETURN_WARN</span> <a name="l00064"></a>00064 <span class="comment"> or RETURN_ERROR, the latter indicating an error. A return value</span> <a name="l00065"></a>00065 <span class="comment"> RETURN_OK indicates that both encryption and authentication</span> <a name="l00066"></a>00066 <span class="comment"> have taken place and resulted in the returned tag value. If</span> <a name="l00067"></a>00067 <span class="comment"> the returned value is RETURN_WARN, the tag value is the result</span> <a name="l00068"></a>00068 <span class="comment"> of authentication alone without encryption (CCM) or decryption</span> <a name="l00069"></a>00069 <span class="comment"> (GCM and EAX).</span> <a name="l00070"></a>00070 <span class="comment">*/</span> <a name="l00071"></a>00071 <span class="preprocessor">#ifndef RETURN_OK</span> <a name="l00072"></a><a class="code" href="gcm_8h.html#a529a3ade43a2979d477e450242004b0">00072</a> <span class="preprocessor"></span><span class="preprocessor"># define RETURN_WARN 1</span> <a name="l00073"></a><a class="code" href="gcm_8h.html#b747ac432edef91062f2946bb521e49f">00073</a> <span class="preprocessor"></span><span class="preprocessor"># define RETURN_OK 0</span> <a name="l00074"></a><a class="code" href="gcm_8h.html#9eec9e2a2ffc5f3c7a1bfbe1ba4a4c2b">00074</a> <span class="preprocessor"></span><span class="preprocessor"># define RETURN_ERROR -1</span> <a name="l00075"></a>00075 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00076"></a>00076 <span class="preprocessor"></span> <a name="l00077"></a><a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">00077</a> <span class="keyword">typedef</span> <span class="keywordtype">int</span> <a class="code" href="gcm_8h.html#a0762d336f64b72721690d6706f5802b">ret_type</a>; <a name="l00078"></a>00078 <a class="code" href="brg__types_8h.html#b29af6710b839af7ecf13eada493abd6">dec_unit_type</a>(<a class="code" href="gcm_8h.html#d63e1f447f6a9816ca34e2a77c1adeea">BFR_UNIT</a>, buf_unit); <a name="l00079"></a>00079 <a class="code" href="brg__types_8h.html#290d801795408bebbc420f1782b2c844">dec_bufr_type</a>(<a class="code" href="gcm_8h.html#d63e1f447f6a9816ca34e2a77c1adeea">BFR_UNIT</a>, AES_BLOCK_SIZE, buf_type); <a name="l00080"></a>00080 <a name="l00081"></a><a class="code" href="gcm_8h.html#0c56cb56e66965c61e5e4ee91cfdb923">00081</a> <span class="preprocessor">#define GCM_BLOCK_SIZE AES_BLOCK_SIZE</span> <a name="l00082"></a>00082 <span class="preprocessor"></span> <a name="l00083"></a>00083 <span class="comment">/* The GCM-AES context */</span> <a name="l00084"></a>00084 <a name="l00085"></a><a class="code" href="structgcm__ctx.html">00085</a> <span class="keyword">typedef</span> <span class="keyword">struct</span> <a name="l00086"></a>00086 { <a name="l00087"></a>00087 <span class="preprocessor">#if defined( TABLES_64K )</span> <a name="l00088"></a>00088 <span class="preprocessor"></span> uint_32t <a class="code" href="gf128mul_8h.html#d95743766ddb13c6b2ed7a7cfc0dcfc3">gf_t64k</a>[16][256][<a class="code" href="gcm_8h.html#0c56cb56e66965c61e5e4ee91cfdb923">GCM_BLOCK_SIZE</a> / 4]; <a name="l00089"></a>00089 <span class="preprocessor">#endif</span> <a name="l00090"></a>00090 <span class="preprocessor"></span><span class="preprocessor">#if defined( TABLES_8K )</span> <a name="l00091"></a><a class="code" href="structgcm__ctx.html#8bb876afd63b8aebb68a46ce3e553f5b">00091</a> <span class="preprocessor"></span> uint_32t <a class="code" href="gf128mul_8h.html#8ee1171a70369c3d03f9d88098b0b1a2">gf_t8k</a>[32][16][<a class="code" href="gcm_8h.html#0c56cb56e66965c61e5e4ee91cfdb923">GCM_BLOCK_SIZE</a> / 4]; <a name="l00092"></a>00092 <span class="preprocessor">#endif</span> <a name="l00093"></a>00093 <span class="preprocessor"></span><span class="preprocessor">#if defined( TABLES_4K )</span> <a name="l00094"></a>00094 <span class="preprocessor"></span> uint_32t <a class="code" href="gf128mul_8h.html#d8d711edfa1d329deae96fe42eb956c0">gf_t4k</a>[256][<a class="code" href="gcm_8h.html#0c56cb56e66965c61e5e4ee91cfdb923">GCM_BLOCK_SIZE</a> / 4]; <a name="l00095"></a>00095 <span class="preprocessor">#endif</span> <a name="l00096"></a>00096 <span class="preprocessor"></span><span class="preprocessor">#if defined( TABLES_256 )</span> <a name="l00097"></a>00097 <span class="preprocessor"></span> uint_32t <a class="code" href="gf128mul_8h.html#3148a7ff3d3687da32bb54ec481afd09">gf_t256</a>[16][<a class="code" href="gcm_8h.html#0c56cb56e66965c61e5e4ee91cfdb923">GCM_BLOCK_SIZE</a> / 4]; <a name="l00098"></a>00098 <span class="preprocessor">#endif</span> <a name="l00099"></a><a class="code" href="structgcm__ctx.html#cec97dbf01acc6e870f8cff42f77f307">00099</a> <span class="preprocessor"></span> buf_type ctr_val; <span class="comment">/* CTR counter value */</span> <a name="l00100"></a><a class="code" href="structgcm__ctx.html#71155c6a749cc4a762ab3fd6592b85ba">00100</a> buf_type enc_ctr; <span class="comment">/* encrypted CTR block */</span> <a name="l00101"></a><a class="code" href="structgcm__ctx.html#cdf1bf72d20281bc1524ac2ab9ace4d1">00101</a> buf_type hdr_ghv; <span class="comment">/* ghash buffer (header) */</span> <a name="l00102"></a><a class="code" href="structgcm__ctx.html#2317c088d254584b24d6ce79380499df">00102</a> buf_type txt_ghv; <span class="comment">/* ghash buffer (ciphertext) */</span> <a name="l00103"></a><a class="code" href="structgcm__ctx.html#c658ad862b1215e0a1a51c8e8af730be">00103</a> buf_type ghash_h; <span class="comment">/* ghash H value */</span> <a name="l00104"></a><a class="code" href="structgcm__ctx.html#beb5e0d4f7345cb6bda46b4b02a91d08">00104</a> <a class="code" href="gcm__aes_8h.html#3fe2bc67172e2479a0b178d134b076bc">aes_encrypt_ctx</a> aes[1]; <span class="comment">/* AES encryption context */</span> <a name="l00105"></a><a class="code" href="structgcm__ctx.html#aaebffae6b9b8655beb6a1dcd8fd4434">00105</a> uint_32t y0_val; <span class="comment">/* initial counter value */</span> <a name="l00106"></a><a class="code" href="structgcm__ctx.html#5862d3341432b8c03347412829b4cd13">00106</a> uint_32t hdr_cnt; <span class="comment">/* header bytes so far */</span> <a name="l00107"></a><a class="code" href="structgcm__ctx.html#4c08493c62b8208cdc28c1f44f82533a">00107</a> uint_32t txt_ccnt; <span class="comment">/* text bytes so far (encrypt) */</span> <a name="l00108"></a><a class="code" href="structgcm__ctx.html#6ec1594d93c793049635e0614bdf8de7">00108</a> uint_32t txt_acnt; <span class="comment">/* text bytes so far (auth) */</span> <a name="l00109"></a>00109 } <a class="code" href="structgcm__ctx.html">gcm_ctx</a>; <a name="l00110"></a>00110 <a name="l00111"></a>00111 <span class="comment">/* The following calls handle mode initialisation, keying and completion */</span> <a name="l00112"></a>00112 <a name="l00113"></a>00113 ret_type <a class="code" href="gcm_8h.html#721f02566e2e0717ba131e470028ac3d">gcm_init_and_key</a>( <span class="comment">/* initialise mode and set key */</span> <a name="l00114"></a>00114 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> key[], <span class="comment">/* the key value */</span> <a name="l00115"></a>00115 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> key_len, <span class="comment">/* and its length in bytes */</span> <a name="l00116"></a>00116 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00117"></a>00117 <a name="l00118"></a>00118 ret_type <a class="code" href="gcm_8h.html#0e37bb8dc094c7ab3af2c1e4bafcc360">gcm_end</a>( <span class="comment">/* clean up and end operation */</span> <a name="l00119"></a>00119 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00120"></a>00120 <a name="l00121"></a>00121 <span class="comment">/* The following calls handle complete messages in memory in a single operation */</span> <a name="l00122"></a>00122 <a name="l00123"></a>00123 ret_type <a class="code" href="gcm_8h.html#1d46a1f6a2fc83e504eb48a55814b289">gcm_encrypt_message</a>( <span class="comment">/* encrypt an entire message */</span> <a name="l00124"></a>00124 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00125"></a>00125 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00126"></a>00126 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00127"></a>00127 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00128"></a>00128 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> msg[], <span class="comment">/* the message buffer */</span> <a name="l00129"></a>00129 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> msg_len, <span class="comment">/* and its length in bytes */</span> <a name="l00130"></a>00130 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00131"></a>00131 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00132"></a>00132 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00133"></a>00133 <a name="l00134"></a>00134 <span class="comment">/* RETURN_OK is returned if the input tag */</span> <a name="l00135"></a>00135 <span class="comment">/* matches that for the decrypted message */</span> <a name="l00136"></a>00136 ret_type <a class="code" href="gcm_8h.html#83f849d6a9182d6a6675b4d423f4d8ee">gcm_decrypt_message</a>( <span class="comment">/* decrypt an entire message */</span> <a name="l00137"></a>00137 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00138"></a>00138 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00139"></a>00139 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00140"></a>00140 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00141"></a>00141 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> msg[], <span class="comment">/* the message buffer */</span> <a name="l00142"></a>00142 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> msg_len, <span class="comment">/* and its length in bytes */</span> <a name="l00143"></a>00143 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00144"></a>00144 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00145"></a>00145 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00146"></a>00146 <a name="l00147"></a>00147 <span class="comment">/* The following calls handle messages in a sequence of operations followed by */</span> <a name="l00148"></a>00148 <span class="comment">/* tag computation after the sequence has been completed. In these calls the */</span> <a name="l00149"></a>00149 <span class="comment">/* user is responsible for verfiying the computed tag on decryption */</span> <a name="l00150"></a>00150 <a name="l00151"></a>00151 ret_type <a class="code" href="gcm_8h.html#48cd234f03c3e3a1c89430a979fa3fca">gcm_init_message</a>( <span class="comment">/* initialise a new message */</span> <a name="l00152"></a>00152 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> iv[], <span class="comment">/* the initialisation vector */</span> <a name="l00153"></a>00153 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> iv_len, <span class="comment">/* and its length in bytes */</span> <a name="l00154"></a>00154 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00155"></a>00155 <a name="l00156"></a>00156 ret_type <a class="code" href="gcm_8h.html#95f68fdf95d3cf02bea89a68614a046f">gcm_auth_header</a>( <span class="comment">/* authenticate the header */</span> <a name="l00157"></a>00157 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hdr[], <span class="comment">/* the header buffer */</span> <a name="l00158"></a>00158 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> hdr_len, <span class="comment">/* and its length in bytes */</span> <a name="l00159"></a>00159 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00160"></a>00160 <a name="l00161"></a>00161 ret_type <a class="code" href="gcm_8h.html#14c0cae74fab923c0290ccbc0baa4a44">gcm_encrypt</a>( <span class="comment">/* encrypt & authenticate data */</span> <a name="l00162"></a>00162 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00163"></a>00163 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00164"></a>00164 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00165"></a>00165 <a name="l00166"></a>00166 ret_type <a class="code" href="gcm_8h.html#eda1ee70a25e5b06af8341018a95b11d">gcm_decrypt</a>( <span class="comment">/* authenticate & decrypt data */</span> <a name="l00167"></a>00167 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00168"></a>00168 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00169"></a>00169 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00170"></a>00170 <a name="l00171"></a>00171 ret_type <a class="code" href="gcm_8h.html#84e08678ef30d0737224927a37c85e3b">gcm_compute_tag</a>( <span class="comment">/* compute authentication tag */</span> <a name="l00172"></a>00172 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag[], <span class="comment">/* the buffer for the tag */</span> <a name="l00173"></a>00173 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> tag_len, <span class="comment">/* and its length in bytes */</span> <a name="l00174"></a>00174 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00175"></a>00175 <a name="l00176"></a>00176 <span class="comment">/* The use of the following calls should be avoided if possible because their</span> <a name="l00177"></a>00177 <span class="comment"> use requires a very good understanding of the way this encryption mode</span> <a name="l00178"></a>00178 <span class="comment"> works and the way in which this code implements it in order to use them</span> <a name="l00179"></a>00179 <span class="comment"> correctly.</span> <a name="l00180"></a>00180 <span class="comment"></span> <a name="l00181"></a>00181 <span class="comment"> The gcm_auth_data routine is used to authenticate encrypted message data.</span> <a name="l00182"></a>00182 <span class="comment"> In message encryption gcm_crypt_data must be called before gcm_auth_data</span> <a name="l00183"></a>00183 <span class="comment"> is called since it is encrypted data that is authenticated. In message</span> <a name="l00184"></a>00184 <span class="comment"> decryption authentication must occur before decryption and data can be</span> <a name="l00185"></a>00185 <span class="comment"> authenticated without being decrypted if necessary.</span> <a name="l00186"></a>00186 <span class="comment"></span> <a name="l00187"></a>00187 <span class="comment"> If these calls are used it is up to the user to ensure that these routines</span> <a name="l00188"></a>00188 <span class="comment"> are called in the correct order and that the correct data is passed to them.</span> <a name="l00189"></a>00189 <span class="comment"></span> <a name="l00190"></a>00190 <span class="comment"> When gcm_compute_tag is called it is assumed that an error in use has</span> <a name="l00191"></a>00191 <span class="comment"> occurred if both encryption (or decryption) and authentication have taken</span> <a name="l00192"></a>00192 <span class="comment"> place but the total lengths of the message data respectively authenticated</span> <a name="l00193"></a>00193 <span class="comment"> and encrypted are not the same. If authentication has taken place but there</span> <a name="l00194"></a>00194 <span class="comment"> has been no corresponding encryption or decryption operations (none at all)</span> <a name="l00195"></a>00195 <span class="comment"> only a warning is issued. This should be treated as an error if it occurs</span> <a name="l00196"></a>00196 <span class="comment"> during encryption but it is only signalled as a warning as it might be</span> <a name="l00197"></a>00197 <span class="comment"> intentional when decryption operations are involved (this avoids having</span> <a name="l00198"></a>00198 <span class="comment"> different compute tag functions for encryption and decryption). Decryption</span> <a name="l00199"></a>00199 <span class="comment"> operations can be undertaken freely after authetication but if the tag is</span> <a name="l00200"></a>00200 <span class="comment"> computed after such operations an error will be signalled if the lengths of</span> <a name="l00201"></a>00201 <span class="comment"> the data authenticated and decrypted don't match.</span> <a name="l00202"></a>00202 <span class="comment">*/</span> <a name="l00203"></a>00203 <a name="l00204"></a>00204 ret_type <a class="code" href="gcm_8h.html#e0d5938e51cb31e58db485abbd400e39">gcm_auth_data</a>( <span class="comment">/* authenticate ciphertext data */</span> <a name="l00205"></a>00205 <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00206"></a>00206 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00207"></a>00207 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00208"></a>00208 <a name="l00209"></a>00209 ret_type <a class="code" href="gcm_8h.html#734d3157fb8a3da6f8af7a92855021b0">gcm_crypt_data</a>( <span class="comment">/* encrypt or decrypt data */</span> <a name="l00210"></a>00210 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> data[], <span class="comment">/* the data buffer */</span> <a name="l00211"></a>00211 <span class="keywordtype">unsigned</span> <span class="keywordtype">long</span> data_len, <span class="comment">/* and its length in bytes */</span> <a name="l00212"></a>00212 <a class="code" href="structgcm__ctx.html">gcm_ctx</a> ctx[1]); <span class="comment">/* the mode context */</span> <a name="l00213"></a>00213 <a name="l00214"></a>00214 <span class="preprocessor">#if defined(__cplusplus)</span> <a name="l00215"></a>00215 <span class="preprocessor"></span>} <a name="l00216"></a>00216 <span class="preprocessor">#endif</span> <a name="l00217"></a>00217 <span class="preprocessor"></span> <a name="l00218"></a>00218 <span class="preprocessor">#endif</span> </pre></div></div> <hr size="1"><address style="text-align: right;"><small>Generated on Fri Jan 30 09:26:56 2009 for DTN Reference Implementation by <a href="http://www.doxygen.org/index.html"> <img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.8 </small></address> </body> </html>