xref: /freebsd/crypto/openssh/umac.h (revision 6888a9be566d79246a948dcc4c0a914b1bee0c32)
1*6888a9beSDag-Erling Smørgrav /* $OpenBSD: umac.h,v 1.2 2012/10/04 13:21:50 markus Exp $ */
2d4af9e69SDag-Erling Smørgrav /* -----------------------------------------------------------------------
3d4af9e69SDag-Erling Smørgrav  *
4d4af9e69SDag-Erling Smørgrav  * umac.h -- C Implementation UMAC Message Authentication
5d4af9e69SDag-Erling Smørgrav  *
6d4af9e69SDag-Erling Smørgrav  * Version 0.93a of rfc4418.txt -- 2006 July 14
7d4af9e69SDag-Erling Smørgrav  *
8d4af9e69SDag-Erling Smørgrav  * For a full description of UMAC message authentication see the UMAC
9d4af9e69SDag-Erling Smørgrav  * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac
10d4af9e69SDag-Erling Smørgrav  * Please report bugs and suggestions to the UMAC webpage.
11d4af9e69SDag-Erling Smørgrav  *
12d4af9e69SDag-Erling Smørgrav  * Copyright (c) 1999-2004 Ted Krovetz
13d4af9e69SDag-Erling Smørgrav  *
14d4af9e69SDag-Erling Smørgrav  * Permission to use, copy, modify, and distribute this software and
15d4af9e69SDag-Erling Smørgrav  * its documentation for any purpose and with or without fee, is hereby
16d4af9e69SDag-Erling Smørgrav  * granted provided that the above copyright notice appears in all copies
17d4af9e69SDag-Erling Smørgrav  * and in supporting documentation, and that the name of the copyright
18d4af9e69SDag-Erling Smørgrav  * holder not be used in advertising or publicity pertaining to
19d4af9e69SDag-Erling Smørgrav  * distribution of the software without specific, written prior permission.
20d4af9e69SDag-Erling Smørgrav  *
21d4af9e69SDag-Erling Smørgrav  * Comments should be directed to Ted Krovetz (tdk@acm.org)
22d4af9e69SDag-Erling Smørgrav  *
23d4af9e69SDag-Erling Smørgrav  * ---------------------------------------------------------------------- */
24d4af9e69SDag-Erling Smørgrav 
25d4af9e69SDag-Erling Smørgrav  /* ////////////////////// IMPORTANT NOTES /////////////////////////////////
26d4af9e69SDag-Erling Smørgrav   *
27d4af9e69SDag-Erling Smørgrav   * 1) This version does not work properly on messages larger than 16MB
28d4af9e69SDag-Erling Smørgrav   *
29d4af9e69SDag-Erling Smørgrav   * 2) If you set the switch to use SSE2, then all data must be 16-byte
30d4af9e69SDag-Erling Smørgrav   *    aligned
31d4af9e69SDag-Erling Smørgrav   *
32d4af9e69SDag-Erling Smørgrav   * 3) When calling the function umac(), it is assumed that msg is in
33d4af9e69SDag-Erling Smørgrav   * a writable buffer of length divisible by 32 bytes. The message itself
34d4af9e69SDag-Erling Smørgrav   * does not have to fill the entire buffer, but bytes beyond msg may be
35d4af9e69SDag-Erling Smørgrav   * zeroed.
36d4af9e69SDag-Erling Smørgrav   *
37d4af9e69SDag-Erling Smørgrav   * 4) Two free AES implementations are supported by this implementation of
38d4af9e69SDag-Erling Smørgrav   * UMAC. Paulo Barreto's version is in the public domain and can be found
39d4af9e69SDag-Erling Smørgrav   * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for
40d4af9e69SDag-Erling Smørgrav   * "Barreto"). The only two files needed are rijndael-alg-fst.c and
41d4af9e69SDag-Erling Smørgrav   * rijndael-alg-fst.h.
42d4af9e69SDag-Erling Smørgrav   * Brian Gladman's version is distributed with GNU Public lisence
43d4af9e69SDag-Erling Smørgrav   * and can be found at http://fp.gladman.plus.com/AES/index.htm. It
44d4af9e69SDag-Erling Smørgrav   * includes a fast IA-32 assembly version.
45d4af9e69SDag-Erling Smørgrav   *
46d4af9e69SDag-Erling Smørgrav   /////////////////////////////////////////////////////////////////////// */
47d4af9e69SDag-Erling Smørgrav #ifndef HEADER_UMAC_H
48d4af9e69SDag-Erling Smørgrav #define HEADER_UMAC_H
49d4af9e69SDag-Erling Smørgrav 
50d4af9e69SDag-Erling Smørgrav 
51d4af9e69SDag-Erling Smørgrav #ifdef __cplusplus
52d4af9e69SDag-Erling Smørgrav     extern "C" {
53d4af9e69SDag-Erling Smørgrav #endif
54d4af9e69SDag-Erling Smørgrav 
55d4af9e69SDag-Erling Smørgrav struct umac_ctx *umac_new(u_char key[]);
56d4af9e69SDag-Erling Smørgrav /* Dynamically allocate a umac_ctx struct, initialize variables,
57d4af9e69SDag-Erling Smørgrav  * generate subkeys from key.
58d4af9e69SDag-Erling Smørgrav  */
59d4af9e69SDag-Erling Smørgrav 
60d4af9e69SDag-Erling Smørgrav #if 0
61d4af9e69SDag-Erling Smørgrav int umac_reset(struct umac_ctx *ctx);
62d4af9e69SDag-Erling Smørgrav /* Reset a umac_ctx to begin authenicating a new message */
63d4af9e69SDag-Erling Smørgrav #endif
64d4af9e69SDag-Erling Smørgrav 
65d4af9e69SDag-Erling Smørgrav int umac_update(struct umac_ctx *ctx, u_char *input, long len);
66d4af9e69SDag-Erling Smørgrav /* Incorporate len bytes pointed to by input into context ctx */
67d4af9e69SDag-Erling Smørgrav 
68d4af9e69SDag-Erling Smørgrav int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]);
69d4af9e69SDag-Erling Smørgrav /* Incorporate any pending data and the ctr value, and return tag.
70d4af9e69SDag-Erling Smørgrav  * This function returns error code if ctr < 0.
71d4af9e69SDag-Erling Smørgrav  */
72d4af9e69SDag-Erling Smørgrav 
73d4af9e69SDag-Erling Smørgrav int umac_delete(struct umac_ctx *ctx);
74d4af9e69SDag-Erling Smørgrav /* Deallocate the context structure */
75d4af9e69SDag-Erling Smørgrav 
76d4af9e69SDag-Erling Smørgrav #if 0
77d4af9e69SDag-Erling Smørgrav int umac(struct umac_ctx *ctx, u_char *input,
78d4af9e69SDag-Erling Smørgrav          long len, u_char tag[],
79d4af9e69SDag-Erling Smørgrav          u_char nonce[8]);
80d4af9e69SDag-Erling Smørgrav /* All-in-one implementation of the functions Reset, Update and Final */
81d4af9e69SDag-Erling Smørgrav #endif
82d4af9e69SDag-Erling Smørgrav 
83d4af9e69SDag-Erling Smørgrav /* uhash.h */
84d4af9e69SDag-Erling Smørgrav 
85d4af9e69SDag-Erling Smørgrav 
86d4af9e69SDag-Erling Smørgrav #if 0
87d4af9e69SDag-Erling Smørgrav typedef struct uhash_ctx *uhash_ctx_t;
88d4af9e69SDag-Erling Smørgrav   /* The uhash_ctx structure is defined by the implementation of the    */
89d4af9e69SDag-Erling Smørgrav   /* UHASH functions.                                                   */
90d4af9e69SDag-Erling Smørgrav 
91d4af9e69SDag-Erling Smørgrav uhash_ctx_t uhash_alloc(u_char key[16]);
92d4af9e69SDag-Erling Smørgrav   /* Dynamically allocate a uhash_ctx struct and generate subkeys using */
93d4af9e69SDag-Erling Smørgrav   /* the kdf and kdf_key passed in. If kdf_key_len is 0 then RC6 is     */
94d4af9e69SDag-Erling Smørgrav   /* used to generate key with a fixed key. If kdf_key_len > 0 but kdf  */
95d4af9e69SDag-Erling Smørgrav   /* is NULL then the first 16 bytes pointed at by kdf_key is used as a */
96d4af9e69SDag-Erling Smørgrav   /* key for an RC6 based KDF.                                          */
97d4af9e69SDag-Erling Smørgrav 
98d4af9e69SDag-Erling Smørgrav int uhash_free(uhash_ctx_t ctx);
99d4af9e69SDag-Erling Smørgrav 
100d4af9e69SDag-Erling Smørgrav int uhash_set_params(uhash_ctx_t ctx,
101d4af9e69SDag-Erling Smørgrav                    void       *params);
102d4af9e69SDag-Erling Smørgrav 
103d4af9e69SDag-Erling Smørgrav int uhash_reset(uhash_ctx_t ctx);
104d4af9e69SDag-Erling Smørgrav 
105d4af9e69SDag-Erling Smørgrav int uhash_update(uhash_ctx_t ctx,
106d4af9e69SDag-Erling Smørgrav                u_char       *input,
107d4af9e69SDag-Erling Smørgrav                long        len);
108d4af9e69SDag-Erling Smørgrav 
109d4af9e69SDag-Erling Smørgrav int uhash_final(uhash_ctx_t ctx,
110d4af9e69SDag-Erling Smørgrav               u_char        ouput[]);
111d4af9e69SDag-Erling Smørgrav 
112d4af9e69SDag-Erling Smørgrav int uhash(uhash_ctx_t ctx,
113d4af9e69SDag-Erling Smørgrav         u_char       *input,
114d4af9e69SDag-Erling Smørgrav         long        len,
115d4af9e69SDag-Erling Smørgrav         u_char        output[]);
116d4af9e69SDag-Erling Smørgrav 
117d4af9e69SDag-Erling Smørgrav #endif
118d4af9e69SDag-Erling Smørgrav 
119*6888a9beSDag-Erling Smørgrav /* matching umac-128 API, we reuse umac_ctx, since it's opaque */
120*6888a9beSDag-Erling Smørgrav struct umac_ctx *umac128_new(u_char key[]);
121*6888a9beSDag-Erling Smørgrav int umac128_update(struct umac_ctx *ctx, u_char *input, long len);
122*6888a9beSDag-Erling Smørgrav int umac128_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]);
123*6888a9beSDag-Erling Smørgrav int umac128_delete(struct umac_ctx *ctx);
124*6888a9beSDag-Erling Smørgrav 
125d4af9e69SDag-Erling Smørgrav #ifdef __cplusplus
126d4af9e69SDag-Erling Smørgrav     }
127d4af9e69SDag-Erling Smørgrav #endif
128d4af9e69SDag-Erling Smørgrav 
129d4af9e69SDag-Erling Smørgrav #endif /* HEADER_UMAC_H */
130