1d4af9e69SDag-Erling Smørgrav /* $OpenBSD: umac.h,v 1.1 2007/06/07 19:37:34 pvalchev Exp $ */ 2d4af9e69SDag-Erling Smørgrav /* ----------------------------------------------------------------------- 3d4af9e69SDag-Erling Smørgrav * 4d4af9e69SDag-Erling Smørgrav * umac.h -- C Implementation UMAC Message Authentication 5d4af9e69SDag-Erling Smørgrav * 6d4af9e69SDag-Erling Smørgrav * Version 0.93a of rfc4418.txt -- 2006 July 14 7d4af9e69SDag-Erling Smørgrav * 8d4af9e69SDag-Erling Smørgrav * For a full description of UMAC message authentication see the UMAC 9d4af9e69SDag-Erling Smørgrav * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac 10d4af9e69SDag-Erling Smørgrav * Please report bugs and suggestions to the UMAC webpage. 11d4af9e69SDag-Erling Smørgrav * 12d4af9e69SDag-Erling Smørgrav * Copyright (c) 1999-2004 Ted Krovetz 13d4af9e69SDag-Erling Smørgrav * 14d4af9e69SDag-Erling Smørgrav * Permission to use, copy, modify, and distribute this software and 15d4af9e69SDag-Erling Smørgrav * its documentation for any purpose and with or without fee, is hereby 16d4af9e69SDag-Erling Smørgrav * granted provided that the above copyright notice appears in all copies 17d4af9e69SDag-Erling Smørgrav * and in supporting documentation, and that the name of the copyright 18d4af9e69SDag-Erling Smørgrav * holder not be used in advertising or publicity pertaining to 19d4af9e69SDag-Erling Smørgrav * distribution of the software without specific, written prior permission. 20d4af9e69SDag-Erling Smørgrav * 21d4af9e69SDag-Erling Smørgrav * Comments should be directed to Ted Krovetz (tdk@acm.org) 22d4af9e69SDag-Erling Smørgrav * 23d4af9e69SDag-Erling Smørgrav * ---------------------------------------------------------------------- */ 24d4af9e69SDag-Erling Smørgrav 25d4af9e69SDag-Erling Smørgrav /* ////////////////////// IMPORTANT NOTES ///////////////////////////////// 26d4af9e69SDag-Erling Smørgrav * 27d4af9e69SDag-Erling Smørgrav * 1) This version does not work properly on messages larger than 16MB 28d4af9e69SDag-Erling Smørgrav * 29d4af9e69SDag-Erling Smørgrav * 2) If you set the switch to use SSE2, then all data must be 16-byte 30d4af9e69SDag-Erling Smørgrav * aligned 31d4af9e69SDag-Erling Smørgrav * 32d4af9e69SDag-Erling Smørgrav * 3) When calling the function umac(), it is assumed that msg is in 33d4af9e69SDag-Erling Smørgrav * a writable buffer of length divisible by 32 bytes. The message itself 34d4af9e69SDag-Erling Smørgrav * does not have to fill the entire buffer, but bytes beyond msg may be 35d4af9e69SDag-Erling Smørgrav * zeroed. 36d4af9e69SDag-Erling Smørgrav * 37d4af9e69SDag-Erling Smørgrav * 4) Two free AES implementations are supported by this implementation of 38d4af9e69SDag-Erling Smørgrav * UMAC. Paulo Barreto's version is in the public domain and can be found 39d4af9e69SDag-Erling Smørgrav * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for 40d4af9e69SDag-Erling Smørgrav * "Barreto"). The only two files needed are rijndael-alg-fst.c and 41d4af9e69SDag-Erling Smørgrav * rijndael-alg-fst.h. 42d4af9e69SDag-Erling Smørgrav * Brian Gladman's version is distributed with GNU Public lisence 43d4af9e69SDag-Erling Smørgrav * and can be found at http://fp.gladman.plus.com/AES/index.htm. It 44d4af9e69SDag-Erling Smørgrav * includes a fast IA-32 assembly version. 45d4af9e69SDag-Erling Smørgrav * 46d4af9e69SDag-Erling Smørgrav /////////////////////////////////////////////////////////////////////// */ 47d4af9e69SDag-Erling Smørgrav #ifndef HEADER_UMAC_H 48d4af9e69SDag-Erling Smørgrav #define HEADER_UMAC_H 49d4af9e69SDag-Erling Smørgrav 50d4af9e69SDag-Erling Smørgrav 51d4af9e69SDag-Erling Smørgrav #ifdef __cplusplus 52d4af9e69SDag-Erling Smørgrav extern "C" { 53d4af9e69SDag-Erling Smørgrav #endif 54d4af9e69SDag-Erling Smørgrav 55d4af9e69SDag-Erling Smørgrav struct umac_ctx *umac_new(u_char key[]); 56d4af9e69SDag-Erling Smørgrav /* Dynamically allocate a umac_ctx struct, initialize variables, 57d4af9e69SDag-Erling Smørgrav * generate subkeys from key. 58d4af9e69SDag-Erling Smørgrav */ 59d4af9e69SDag-Erling Smørgrav 60d4af9e69SDag-Erling Smørgrav #if 0 61d4af9e69SDag-Erling Smørgrav int umac_reset(struct umac_ctx *ctx); 62d4af9e69SDag-Erling Smørgrav /* Reset a umac_ctx to begin authenicating a new message */ 63d4af9e69SDag-Erling Smørgrav #endif 64d4af9e69SDag-Erling Smørgrav 65d4af9e69SDag-Erling Smørgrav int umac_update(struct umac_ctx *ctx, u_char *input, long len); 66d4af9e69SDag-Erling Smørgrav /* Incorporate len bytes pointed to by input into context ctx */ 67d4af9e69SDag-Erling Smørgrav 68d4af9e69SDag-Erling Smørgrav int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]); 69d4af9e69SDag-Erling Smørgrav /* Incorporate any pending data and the ctr value, and return tag. 70d4af9e69SDag-Erling Smørgrav * This function returns error code if ctr < 0. 71d4af9e69SDag-Erling Smørgrav */ 72d4af9e69SDag-Erling Smørgrav 73d4af9e69SDag-Erling Smørgrav int umac_delete(struct umac_ctx *ctx); 74d4af9e69SDag-Erling Smørgrav /* Deallocate the context structure */ 75d4af9e69SDag-Erling Smørgrav 76d4af9e69SDag-Erling Smørgrav #if 0 77d4af9e69SDag-Erling Smørgrav int umac(struct umac_ctx *ctx, u_char *input, 78d4af9e69SDag-Erling Smørgrav long len, u_char tag[], 79d4af9e69SDag-Erling Smørgrav u_char nonce[8]); 80d4af9e69SDag-Erling Smørgrav /* All-in-one implementation of the functions Reset, Update and Final */ 81d4af9e69SDag-Erling Smørgrav #endif 82d4af9e69SDag-Erling Smørgrav 83d4af9e69SDag-Erling Smørgrav /* uhash.h */ 84d4af9e69SDag-Erling Smørgrav 85d4af9e69SDag-Erling Smørgrav 86d4af9e69SDag-Erling Smørgrav #if 0 87d4af9e69SDag-Erling Smørgrav typedef struct uhash_ctx *uhash_ctx_t; 88d4af9e69SDag-Erling Smørgrav /* The uhash_ctx structure is defined by the implementation of the */ 89d4af9e69SDag-Erling Smørgrav /* UHASH functions. */ 90d4af9e69SDag-Erling Smørgrav 91d4af9e69SDag-Erling Smørgrav uhash_ctx_t uhash_alloc(u_char key[16]); 92d4af9e69SDag-Erling Smørgrav /* Dynamically allocate a uhash_ctx struct and generate subkeys using */ 93d4af9e69SDag-Erling Smørgrav /* the kdf and kdf_key passed in. If kdf_key_len is 0 then RC6 is */ 94d4af9e69SDag-Erling Smørgrav /* used to generate key with a fixed key. If kdf_key_len > 0 but kdf */ 95d4af9e69SDag-Erling Smørgrav /* is NULL then the first 16 bytes pointed at by kdf_key is used as a */ 96d4af9e69SDag-Erling Smørgrav /* key for an RC6 based KDF. */ 97d4af9e69SDag-Erling Smørgrav 98d4af9e69SDag-Erling Smørgrav int uhash_free(uhash_ctx_t ctx); 99d4af9e69SDag-Erling Smørgrav 100d4af9e69SDag-Erling Smørgrav int uhash_set_params(uhash_ctx_t ctx, 101d4af9e69SDag-Erling Smørgrav void *params); 102d4af9e69SDag-Erling Smørgrav 103d4af9e69SDag-Erling Smørgrav int uhash_reset(uhash_ctx_t ctx); 104d4af9e69SDag-Erling Smørgrav 105d4af9e69SDag-Erling Smørgrav int uhash_update(uhash_ctx_t ctx, 106d4af9e69SDag-Erling Smørgrav u_char *input, 107d4af9e69SDag-Erling Smørgrav long len); 108d4af9e69SDag-Erling Smørgrav 109d4af9e69SDag-Erling Smørgrav int uhash_final(uhash_ctx_t ctx, 110d4af9e69SDag-Erling Smørgrav u_char ouput[]); 111d4af9e69SDag-Erling Smørgrav 112d4af9e69SDag-Erling Smørgrav int uhash(uhash_ctx_t ctx, 113d4af9e69SDag-Erling Smørgrav u_char *input, 114d4af9e69SDag-Erling Smørgrav long len, 115d4af9e69SDag-Erling Smørgrav u_char output[]); 116d4af9e69SDag-Erling Smørgrav 117d4af9e69SDag-Erling Smørgrav #endif 118d4af9e69SDag-Erling Smørgrav 119d4af9e69SDag-Erling Smørgrav #ifdef __cplusplus 120d4af9e69SDag-Erling Smørgrav } 121d4af9e69SDag-Erling Smørgrav #endif 122d4af9e69SDag-Erling Smørgrav 123d4af9e69SDag-Erling Smørgrav #endif /* HEADER_UMAC_H */ 124