1 /* This file is in the public domain. */ 2 3 #include <sys/cdefs.h> 4 __FBSDID("$FreeBSD$"); 5 6 #include <opencrypto/xform_auth.h> 7 8 #include <sodium/crypto_onetimeauth_poly1305.h> 9 10 struct poly1305_xform_ctx { 11 struct crypto_onetimeauth_poly1305_state state; 12 }; 13 CTASSERT(sizeof(union authctx) >= sizeof(struct poly1305_xform_ctx)); 14 15 CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES); 16 CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES); 17 CTASSERT(POLY1305_BLOCK_LEN == crypto_onetimeauth_poly1305_BYTES); 18 19 static void 20 xform_Poly1305_Init(void *polyctx) 21 { 22 /* Nop */ 23 } 24 25 static void 26 xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen) 27 { 28 struct poly1305_xform_ctx *polyctx = ctx; 29 int rc; 30 31 if (klen != POLY1305_KEY_LEN) 32 panic("%s: Bogus keylen: %u bytes", __func__, (unsigned)klen); 33 34 rc = crypto_onetimeauth_poly1305_init(&polyctx->state, key); 35 if (rc != 0) 36 panic("%s: Invariant violated: %d", __func__, rc); 37 } 38 39 static int 40 xform_Poly1305_Update(void *ctx, const void *data, u_int len) 41 { 42 struct poly1305_xform_ctx *polyctx = ctx; 43 int rc; 44 45 rc = crypto_onetimeauth_poly1305_update(&polyctx->state, data, len); 46 if (rc != 0) 47 panic("%s: Invariant violated: %d", __func__, rc); 48 return (0); 49 } 50 51 static void 52 xform_Poly1305_Final(uint8_t *digest, void *ctx) 53 { 54 struct poly1305_xform_ctx *polyctx = ctx; 55 int rc; 56 57 rc = crypto_onetimeauth_poly1305_final(&polyctx->state, digest); 58 if (rc != 0) 59 panic("%s: Invariant violated: %d", __func__, rc); 60 } 61 62 const struct auth_hash auth_hash_poly1305 = { 63 .type = CRYPTO_POLY1305, 64 .name = "Poly-1305", 65 .keysize = POLY1305_KEY_LEN, 66 .hashsize = POLY1305_HASH_LEN, 67 .ctxsize = sizeof(struct poly1305_xform_ctx), 68 .blocksize = POLY1305_BLOCK_LEN, 69 .Init = xform_Poly1305_Init, 70 .Setkey = xform_Poly1305_Setkey, 71 .Update = xform_Poly1305_Update, 72 .Final = xform_Poly1305_Final, 73 }; 74