blob: 4651f0d5aaf07882443e99ff0381473c551172dd [file] [log] [blame]
dtucker@openbsd.org4b7dd222019-06-07 14:18:48 +00001/* $OpenBSD: umac.h,v 1.4 2019/06/07 14:18:48 dtucker Exp $ */
Damien Millere45796f2007-06-11 14:01:42 +10002/* -----------------------------------------------------------------------
3 *
4 * umac.h -- C Implementation UMAC Message Authentication
5 *
6 * Version 0.93a of rfc4418.txt -- 2006 July 14
7 *
8 * For a full description of UMAC message authentication see the UMAC
9 * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac
10 * Please report bugs and suggestions to the UMAC webpage.
11 *
12 * Copyright (c) 1999-2004 Ted Krovetz
13 *
14 * Permission to use, copy, modify, and distribute this software and
15 * its documentation for any purpose and with or without fee, is hereby
16 * granted provided that the above copyright notice appears in all copies
17 * and in supporting documentation, and that the name of the copyright
18 * holder not be used in advertising or publicity pertaining to
19 * distribution of the software without specific, written prior permission.
20 *
21 * Comments should be directed to Ted Krovetz (tdk@acm.org)
22 *
23 * ---------------------------------------------------------------------- */
24
25 /* ////////////////////// IMPORTANT NOTES /////////////////////////////////
26 *
27 * 1) This version does not work properly on messages larger than 16MB
28 *
29 * 2) If you set the switch to use SSE2, then all data must be 16-byte
30 * aligned
31 *
32 * 3) When calling the function umac(), it is assumed that msg is in
33 * a writable buffer of length divisible by 32 bytes. The message itself
34 * does not have to fill the entire buffer, but bytes beyond msg may be
35 * zeroed.
36 *
37 * 4) Two free AES implementations are supported by this implementation of
38 * UMAC. Paulo Barreto's version is in the public domain and can be found
39 * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for
40 * "Barreto"). The only two files needed are rijndael-alg-fst.c and
41 * rijndael-alg-fst.h.
dtucker@openbsd.org4b7dd222019-06-07 14:18:48 +000042 * Brian Gladman's version is distributed with GNU Public license
Damien Millere45796f2007-06-11 14:01:42 +100043 * and can be found at http://fp.gladman.plus.com/AES/index.htm. It
44 * includes a fast IA-32 assembly version.
45 *
46 /////////////////////////////////////////////////////////////////////// */
47#ifndef HEADER_UMAC_H
48#define HEADER_UMAC_H
49
50
51#ifdef __cplusplus
52 extern "C" {
53#endif
54
Damien Miller94c9cd32013-07-25 11:55:39 +100055struct umac_ctx *umac_new(const u_char key[]);
Damien Millere45796f2007-06-11 14:01:42 +100056/* Dynamically allocate a umac_ctx struct, initialize variables,
57 * generate subkeys from key.
58 */
59
60#if 0
61int umac_reset(struct umac_ctx *ctx);
62/* Reset a umac_ctx to begin authenicating a new message */
63#endif
64
Damien Miller94c9cd32013-07-25 11:55:39 +100065int umac_update(struct umac_ctx *ctx, const u_char *input, long len);
Damien Millere45796f2007-06-11 14:01:42 +100066/* Incorporate len bytes pointed to by input into context ctx */
67
Damien Miller94c9cd32013-07-25 11:55:39 +100068int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
Damien Millere45796f2007-06-11 14:01:42 +100069/* Incorporate any pending data and the ctr value, and return tag.
70 * This function returns error code if ctr < 0.
71 */
72
73int umac_delete(struct umac_ctx *ctx);
74/* Deallocate the context structure */
75
76#if 0
77int umac(struct umac_ctx *ctx, u_char *input,
78 long len, u_char tag[],
79 u_char nonce[8]);
80/* All-in-one implementation of the functions Reset, Update and Final */
81#endif
82
83/* uhash.h */
84
85
86#if 0
87typedef struct uhash_ctx *uhash_ctx_t;
88 /* The uhash_ctx structure is defined by the implementation of the */
89 /* UHASH functions. */
90
91uhash_ctx_t uhash_alloc(u_char key[16]);
92 /* Dynamically allocate a uhash_ctx struct and generate subkeys using */
93 /* the kdf and kdf_key passed in. If kdf_key_len is 0 then RC6 is */
94 /* used to generate key with a fixed key. If kdf_key_len > 0 but kdf */
95 /* is NULL then the first 16 bytes pointed at by kdf_key is used as a */
96 /* key for an RC6 based KDF. */
97
98int uhash_free(uhash_ctx_t ctx);
99
100int uhash_set_params(uhash_ctx_t ctx,
101 void *params);
102
103int uhash_reset(uhash_ctx_t ctx);
104
105int uhash_update(uhash_ctx_t ctx,
106 u_char *input,
107 long len);
108
109int uhash_final(uhash_ctx_t ctx,
dtucker@openbsd.org4b7dd222019-06-07 14:18:48 +0000110 u_char output[]);
Damien Millere45796f2007-06-11 14:01:42 +1000111
112int uhash(uhash_ctx_t ctx,
113 u_char *input,
114 long len,
115 u_char output[]);
116
117#endif
118
Darren Tucker427e4092012-10-05 11:02:39 +1000119/* matching umac-128 API, we reuse umac_ctx, since it's opaque */
Damien Miller94c9cd32013-07-25 11:55:39 +1000120struct umac_ctx *umac128_new(const u_char key[]);
121int umac128_update(struct umac_ctx *ctx, const u_char *input, long len);
122int umac128_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
Darren Tucker427e4092012-10-05 11:02:39 +1000123int umac128_delete(struct umac_ctx *ctx);
124
Damien Millere45796f2007-06-11 14:01:42 +1000125#ifdef __cplusplus
126 }
127#endif
128
129#endif /* HEADER_UMAC_H */