xref: /freebsd/sys/opencrypto/xform_poly1305.c (revision 31d62a73c2e6ac0ff413a7a17700ffc7dce254ef)
1 /* This file is in the public domain. */
2 
3 #include <sys/cdefs.h>
4 __FBSDID("$FreeBSD$");
5 
6 #include <opencrypto/xform_auth.h>
7 #include <opencrypto/xform_poly1305.h>
8 
9 #include <sodium/crypto_onetimeauth_poly1305.h>
10 
11 struct poly1305_xform_ctx {
12 	struct crypto_onetimeauth_poly1305_state state;
13 };
14 CTASSERT(sizeof(union authctx) >= sizeof(struct poly1305_xform_ctx));
15 
16 CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES);
17 CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES);
18 
19 void
20 Poly1305_Init(struct poly1305_xform_ctx *polyctx)
21 {
22 	/* Nop */
23 }
24 
25 void
26 Poly1305_Setkey(struct poly1305_xform_ctx *polyctx,
27     const uint8_t key[__min_size(POLY1305_KEY_LEN)], size_t klen)
28 {
29 	int rc;
30 
31 	if (klen != POLY1305_KEY_LEN)
32 		panic("%s: Bogus keylen: %u bytes", __func__, (unsigned)klen);
33 
34 	rc = crypto_onetimeauth_poly1305_init(&polyctx->state, key);
35 	if (rc != 0)
36 		panic("%s: Invariant violated: %d", __func__, rc);
37 }
38 
39 static void
40 xform_Poly1305_Setkey(void *ctx, const uint8_t *key, uint16_t klen)
41 {
42 	Poly1305_Setkey(ctx, key, klen);
43 }
44 
45 int
46 Poly1305_Update(struct poly1305_xform_ctx *polyctx, const void *data,
47     size_t len)
48 {
49 	int rc;
50 
51 	rc = crypto_onetimeauth_poly1305_update(&polyctx->state, data, len);
52 	if (rc != 0)
53 		panic("%s: Invariant violated: %d", __func__, rc);
54 	return (0);
55 }
56 
57 static int
58 xform_Poly1305_Update(void *ctx, const uint8_t *data, uint16_t len)
59 {
60 	return (Poly1305_Update(ctx, data, len));
61 }
62 
63 void
64 Poly1305_Final(uint8_t digest[__min_size(POLY1305_HASH_LEN)],
65     struct poly1305_xform_ctx *polyctx)
66 {
67 	int rc;
68 
69 	rc = crypto_onetimeauth_poly1305_final(&polyctx->state, digest);
70 	if (rc != 0)
71 		panic("%s: Invariant violated: %d", __func__, rc);
72 }
73 
74 static void
75 xform_Poly1305_Final(uint8_t *digest, void *ctx)
76 {
77 	Poly1305_Final(digest, ctx);
78 }
79 
80 struct auth_hash auth_hash_poly1305 = {
81 	.type = CRYPTO_POLY1305,
82 	.name = "Poly-1305",
83 	.keysize = POLY1305_KEY_LEN,
84 	.hashsize = POLY1305_HASH_LEN,
85 	.ctxsize = sizeof(struct poly1305_xform_ctx),
86 	.blocksize = crypto_onetimeauth_poly1305_BYTES,
87 	.Init = (void *)Poly1305_Init,
88 	.Setkey = xform_Poly1305_Setkey,
89 	.Update = xform_Poly1305_Update,
90 	.Final = xform_Poly1305_Final,
91 };
92