1/* This file is in the public domain. */ 2 3#include <sys/cdefs.h> 4__FBSDID("$FreeBSD$"); 5 6#include <opencrypto/xform_auth.h> 7#include <opencrypto/xform_poly1305.h> 8 9#include <sodium/crypto_onetimeauth_poly1305.h> 10 11struct poly1305_xform_ctx { 12 struct crypto_onetimeauth_poly1305_state state; 13}; 14CTASSERT(sizeof(union authctx) >= sizeof(struct poly1305_xform_ctx)); 15 16CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES); 17CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES); 18 19void 20Poly1305_Init(void *polyctx) 21{ 22 /* Nop */ 23} 24 25void 26Poly1305_Setkey(struct poly1305_xform_ctx *polyctx, 27 const uint8_t key[__min_size(POLY1305_KEY_LEN)], size_t klen) 28{ 29 int rc; 30 31 if (klen != POLY1305_KEY_LEN) 32 panic("%s: Bogus keylen: %u bytes", __func__, (unsigned)klen); 33 34 rc = crypto_onetimeauth_poly1305_init(&polyctx->state, key); 35 if (rc != 0) 36 panic("%s: Invariant violated: %d", __func__, rc); 37} 38 39static void 40xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen) 41{ 42 Poly1305_Setkey(ctx, key, klen); 43} 44 45int 46Poly1305_Update(struct poly1305_xform_ctx *polyctx, const void *data, 47 size_t len) 48{ 49 int rc; 50 51 rc = crypto_onetimeauth_poly1305_update(&polyctx->state, data, len); 52 if (rc != 0) 53 panic("%s: Invariant violated: %d", __func__, rc); 54 return (0); 55} 56 57static int 58xform_Poly1305_Update(void *ctx, const void *data, u_int len) 59{ 60 return (Poly1305_Update(ctx, data, len)); 61} 62 63void 64Poly1305_Final(uint8_t digest[__min_size(POLY1305_HASH_LEN)], 65 struct poly1305_xform_ctx *polyctx) 66{ 67 int rc; 68 69 rc = crypto_onetimeauth_poly1305_final(&polyctx->state, digest); 70 if (rc != 0) 71 panic("%s: Invariant violated: %d", __func__, rc); 72} 73 74static void 75xform_Poly1305_Final(uint8_t *digest, void *ctx) 76{ 77 Poly1305_Final(digest, ctx); 78} 79 80struct auth_hash auth_hash_poly1305 = { 81 .type = CRYPTO_POLY1305, 82 .name = "Poly-1305", 83 .keysize = POLY1305_KEY_LEN, 84 .hashsize = POLY1305_HASH_LEN, 85 .ctxsize = sizeof(struct poly1305_xform_ctx), 86 .blocksize = crypto_onetimeauth_poly1305_BYTES, 87 .Init = Poly1305_Init, 88 .Setkey = xform_Poly1305_Setkey, 89 .Update = xform_Poly1305_Update, 90 .Final = xform_Poly1305_Final, 91}; 92