1 /* This file is in the public domain. */ 2 3 #include <sys/cdefs.h> 4 __FBSDID("$FreeBSD$"); 5 6 #include <opencrypto/xform_auth.h> 7 8 #include <sodium/crypto_onetimeauth_poly1305.h> 9 10 struct poly1305_xform_ctx { 11 struct crypto_onetimeauth_poly1305_state state; 12 }; 13 CTASSERT(sizeof(union authctx) >= sizeof(struct poly1305_xform_ctx)); 14 15 CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES); 16 CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES); 17 18 static void 19 xform_Poly1305_Init(void *polyctx) 20 { 21 /* Nop */ 22 } 23 24 static void 25 xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen) 26 { 27 struct poly1305_xform_ctx *polyctx = ctx; 28 int rc; 29 30 if (klen != POLY1305_KEY_LEN) 31 panic("%s: Bogus keylen: %u bytes", __func__, (unsigned)klen); 32 33 rc = crypto_onetimeauth_poly1305_init(&polyctx->state, key); 34 if (rc != 0) 35 panic("%s: Invariant violated: %d", __func__, rc); 36 } 37 38 static int 39 xform_Poly1305_Update(void *ctx, const void *data, u_int len) 40 { 41 struct poly1305_xform_ctx *polyctx = ctx; 42 int rc; 43 44 rc = crypto_onetimeauth_poly1305_update(&polyctx->state, data, len); 45 if (rc != 0) 46 panic("%s: Invariant violated: %d", __func__, rc); 47 return (0); 48 } 49 50 static void 51 xform_Poly1305_Final(uint8_t *digest, void *ctx) 52 { 53 struct poly1305_xform_ctx *polyctx = ctx; 54 int rc; 55 56 rc = crypto_onetimeauth_poly1305_final(&polyctx->state, digest); 57 if (rc != 0) 58 panic("%s: Invariant violated: %d", __func__, rc); 59 } 60 61 struct auth_hash auth_hash_poly1305 = { 62 .type = CRYPTO_POLY1305, 63 .name = "Poly-1305", 64 .keysize = POLY1305_KEY_LEN, 65 .hashsize = POLY1305_HASH_LEN, 66 .ctxsize = sizeof(struct poly1305_xform_ctx), 67 .blocksize = crypto_onetimeauth_poly1305_BYTES, 68 .Init = xform_Poly1305_Init, 69 .Setkey = xform_Poly1305_Setkey, 70 .Update = xform_Poly1305_Update, 71 .Final = xform_Poly1305_Final, 72 }; 73