xref: /dflybsd-src/crypto/openssh/umac.h (revision 95577b5e0147377b730485d25b052a4472277761) 
1*ee116499SAntonio Huete Jimenez /* $OpenBSD: umac.h,v 1.5 2022/01/01 01:55:30 jsg Exp $ */
218de8d7fSPeter Avalos /* -----------------------------------------------------------------------
318de8d7fSPeter Avalos  *
418de8d7fSPeter Avalos  * umac.h -- C Implementation UMAC Message Authentication
518de8d7fSPeter Avalos  *
618de8d7fSPeter Avalos  * Version 0.93a of rfc4418.txt -- 2006 July 14
718de8d7fSPeter Avalos  *
818de8d7fSPeter Avalos  * For a full description of UMAC message authentication see the UMAC
918de8d7fSPeter Avalos  * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac
1018de8d7fSPeter Avalos  * Please report bugs and suggestions to the UMAC webpage.
1118de8d7fSPeter Avalos  *
1218de8d7fSPeter Avalos  * Copyright (c) 1999-2004 Ted Krovetz
1318de8d7fSPeter Avalos  *
1418de8d7fSPeter Avalos  * Permission to use, copy, modify, and distribute this software and
1518de8d7fSPeter Avalos  * its documentation for any purpose and with or without fee, is hereby
1618de8d7fSPeter Avalos  * granted provided that the above copyright notice appears in all copies
1718de8d7fSPeter Avalos  * and in supporting documentation, and that the name of the copyright
1818de8d7fSPeter Avalos  * holder not be used in advertising or publicity pertaining to
1918de8d7fSPeter Avalos  * distribution of the software without specific, written prior permission.
2018de8d7fSPeter Avalos  *
2118de8d7fSPeter Avalos  * Comments should be directed to Ted Krovetz (tdk@acm.org)
2218de8d7fSPeter Avalos  *
2318de8d7fSPeter Avalos  * ---------------------------------------------------------------------- */
2418de8d7fSPeter Avalos 
2518de8d7fSPeter Avalos  /* ////////////////////// IMPORTANT NOTES /////////////////////////////////
2618de8d7fSPeter Avalos   *
2718de8d7fSPeter Avalos   * 1) This version does not work properly on messages larger than 16MB
2818de8d7fSPeter Avalos   *
2918de8d7fSPeter Avalos   * 2) If you set the switch to use SSE2, then all data must be 16-byte
3018de8d7fSPeter Avalos   *    aligned
3118de8d7fSPeter Avalos   *
3218de8d7fSPeter Avalos   * 3) When calling the function umac(), it is assumed that msg is in
3318de8d7fSPeter Avalos   * a writable buffer of length divisible by 32 bytes. The message itself
3418de8d7fSPeter Avalos   * does not have to fill the entire buffer, but bytes beyond msg may be
3518de8d7fSPeter Avalos   * zeroed.
3618de8d7fSPeter Avalos   *
3718de8d7fSPeter Avalos   * 4) Two free AES implementations are supported by this implementation of
3818de8d7fSPeter Avalos   * UMAC. Paulo Barreto's version is in the public domain and can be found
3918de8d7fSPeter Avalos   * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for
4018de8d7fSPeter Avalos   * "Barreto"). The only two files needed are rijndael-alg-fst.c and
4118de8d7fSPeter Avalos   * rijndael-alg-fst.h.
420cbfa66cSDaniel Fojt   * Brian Gladman's version is distributed with GNU Public license
4318de8d7fSPeter Avalos   * and can be found at http://fp.gladman.plus.com/AES/index.htm. It
4418de8d7fSPeter Avalos   * includes a fast IA-32 assembly version.
4518de8d7fSPeter Avalos   *
4618de8d7fSPeter Avalos   /////////////////////////////////////////////////////////////////////// */
4718de8d7fSPeter Avalos #ifndef HEADER_UMAC_H
4818de8d7fSPeter Avalos #define HEADER_UMAC_H
4918de8d7fSPeter Avalos 
5018de8d7fSPeter Avalos 
5118de8d7fSPeter Avalos #ifdef __cplusplus
5218de8d7fSPeter Avalos     extern "C" {
5318de8d7fSPeter Avalos #endif
5418de8d7fSPeter Avalos 
5536e94dc5SPeter Avalos struct umac_ctx *umac_new(const u_char key[]);
5618de8d7fSPeter Avalos /* Dynamically allocate a umac_ctx struct, initialize variables,
5718de8d7fSPeter Avalos  * generate subkeys from key.
5818de8d7fSPeter Avalos  */
5918de8d7fSPeter Avalos 
6018de8d7fSPeter Avalos #if 0
6118de8d7fSPeter Avalos int umac_reset(struct umac_ctx *ctx);
62*ee116499SAntonio Huete Jimenez /* Reset a umac_ctx to begin authenticating a new message */
6318de8d7fSPeter Avalos #endif
6418de8d7fSPeter Avalos 
6536e94dc5SPeter Avalos int umac_update(struct umac_ctx *ctx, const u_char *input, long len);
6618de8d7fSPeter Avalos /* Incorporate len bytes pointed to by input into context ctx */
6718de8d7fSPeter Avalos 
6836e94dc5SPeter Avalos int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
6918de8d7fSPeter Avalos /* Incorporate any pending data and the ctr value, and return tag.
7018de8d7fSPeter Avalos  * This function returns error code if ctr < 0.
7118de8d7fSPeter Avalos  */
7218de8d7fSPeter Avalos 
7318de8d7fSPeter Avalos int umac_delete(struct umac_ctx *ctx);
7418de8d7fSPeter Avalos /* Deallocate the context structure */
7518de8d7fSPeter Avalos 
7618de8d7fSPeter Avalos #if 0
7718de8d7fSPeter Avalos int umac(struct umac_ctx *ctx, u_char *input,
7818de8d7fSPeter Avalos          long len, u_char tag[],
7918de8d7fSPeter Avalos          u_char nonce[8]);
8018de8d7fSPeter Avalos /* All-in-one implementation of the functions Reset, Update and Final */
8118de8d7fSPeter Avalos #endif
8218de8d7fSPeter Avalos 
8318de8d7fSPeter Avalos /* uhash.h */
8418de8d7fSPeter Avalos 
8518de8d7fSPeter Avalos 
8618de8d7fSPeter Avalos #if 0
8718de8d7fSPeter Avalos typedef struct uhash_ctx *uhash_ctx_t;
8818de8d7fSPeter Avalos   /* The uhash_ctx structure is defined by the implementation of the    */
8918de8d7fSPeter Avalos   /* UHASH functions.                                                   */
9018de8d7fSPeter Avalos 
9118de8d7fSPeter Avalos uhash_ctx_t uhash_alloc(u_char key[16]);
9218de8d7fSPeter Avalos   /* Dynamically allocate a uhash_ctx struct and generate subkeys using */
9318de8d7fSPeter Avalos   /* the kdf and kdf_key passed in. If kdf_key_len is 0 then RC6 is     */
9418de8d7fSPeter Avalos   /* used to generate key with a fixed key. If kdf_key_len > 0 but kdf  */
9518de8d7fSPeter Avalos   /* is NULL then the first 16 bytes pointed at by kdf_key is used as a */
9618de8d7fSPeter Avalos   /* key for an RC6 based KDF.                                          */
9718de8d7fSPeter Avalos 
9818de8d7fSPeter Avalos int uhash_free(uhash_ctx_t ctx);
9918de8d7fSPeter Avalos 
10018de8d7fSPeter Avalos int uhash_set_params(uhash_ctx_t ctx,
10118de8d7fSPeter Avalos                    void       *params);
10218de8d7fSPeter Avalos 
10318de8d7fSPeter Avalos int uhash_reset(uhash_ctx_t ctx);
10418de8d7fSPeter Avalos 
10518de8d7fSPeter Avalos int uhash_update(uhash_ctx_t ctx,
10618de8d7fSPeter Avalos                u_char       *input,
10718de8d7fSPeter Avalos                long        len);
10818de8d7fSPeter Avalos 
10918de8d7fSPeter Avalos int uhash_final(uhash_ctx_t ctx,
1100cbfa66cSDaniel Fojt               u_char        output[]);
11118de8d7fSPeter Avalos 
11218de8d7fSPeter Avalos int uhash(uhash_ctx_t ctx,
11318de8d7fSPeter Avalos         u_char       *input,
11418de8d7fSPeter Avalos         long        len,
11518de8d7fSPeter Avalos         u_char        output[]);
11618de8d7fSPeter Avalos 
11718de8d7fSPeter Avalos #endif
11818de8d7fSPeter Avalos 
11936e94dc5SPeter Avalos /* matching umac-128 API, we reuse umac_ctx, since it's opaque */
12036e94dc5SPeter Avalos struct umac_ctx *umac128_new(const u_char key[]);
12136e94dc5SPeter Avalos int umac128_update(struct umac_ctx *ctx, const u_char *input, long len);
12236e94dc5SPeter Avalos int umac128_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
12336e94dc5SPeter Avalos int umac128_delete(struct umac_ctx *ctx);
12436e94dc5SPeter Avalos 
12518de8d7fSPeter Avalos #ifdef __cplusplus
12618de8d7fSPeter Avalos     }
12718de8d7fSPeter Avalos #endif
12818de8d7fSPeter Avalos 
12918de8d7fSPeter Avalos #endif /* HEADER_UMAC_H */
130