security/nss/lib/freebl/intel-gcm.h@6474c204b198
security/nss/lib/freebl/intel-gcm.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 /******************************************************************************/
2 /* LICENSE: */
3 /* This submission to NSS is to be made available under the terms of the */
4 /* Mozilla Public License, v. 2.0. You can obtain one at http: */
5 /* //mozilla.org/MPL/2.0/. */
6 /******************************************************************************/
7 /* Copyright(c) 2013, Intel Corp. */
8 /******************************************************************************/
9 /* Reference: */
10 /* [1] Shay Gueron, Michael E. Kounavis: Intel® Carry-Less Multiplication */
11 /* Instruction and its Usage for Computing the GCM Mode (Rev. 2.01) */
12 /* http://software.intel.com/sites/default/files/article/165685/clmul-wp-r*/
13 /*ev-2.01-2012-09-21.pdf */
14 /* [2] S. Gueron, M. E. Kounavis: Efficient Implementation of the Galois */
15 /* Counter Mode Using a Carry-less Multiplier and a Fast Reduction */
16 /* Algorithm. Information Processing Letters 110: 549–553 (2010). */
17 /* [3] S. Gueron: AES Performance on the 2nd Generation Intel® Core™ Processor*/
18 /* Family (to be posted) (2012). */
19 /* [4] S. Gueron: Fast GHASH computations for speeding up AES-GCM (to be */
20 /* published) (2012). */
22 #ifndef INTEL_GCM_H
23 #define INTEL_GCM_H 1
25 #include "blapii.h"
27 typedef struct intel_AES_GCMContextStr intel_AES_GCMContext;
29 intel_AES_GCMContext *intel_AES_GCM_CreateContext(void *context, freeblCipherFunc cipher,
30 const unsigned char *params, unsigned int blocksize);
32 void intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm, PRBool freeit);
34 SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm, unsigned char *outbuf,
35 unsigned int *outlen, unsigned int maxout,
36 const unsigned char *inbuf, unsigned int inlen,
37 unsigned int blocksize);
39 SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm, unsigned char *outbuf,
40 unsigned int *outlen, unsigned int maxout,
41 const unsigned char *inbuf, unsigned int inlen,
42 unsigned int blocksize);
44 /* Prorotypes of functions in the assembler file for fast AES-GCM, using
45 Intel AES-NI and CLMUL-NI, as described in [1]
46 [1] Shay Gueron, Michael E. Kounavis: Intel® Carry-Less Multiplication
47 Instruction and its Usage for Computing the GCM Mode */
49 /* Prepares the constants used in the aggregated reduction method */
50 void intel_aes_gcmINIT(unsigned char Htbl[16*16],
51 unsigned char *KS,
52 int NR);
54 /* Produces the final GHASH value */
55 void intel_aes_gcmTAG(unsigned char Htbl[16*16],
56 unsigned char *Tp,
57 unsigned long Mlen,
58 unsigned long Alen,
59 unsigned char* X0,
60 unsigned char* TAG);
62 /* Hashes the Additional Authenticated Data, should be used before enc/dec.
63 Operates on whole blocks only. Partial blocks should be padded externally. */
64 void intel_aes_gcmAAD(unsigned char Htbl[16*16],
65 unsigned char *AAD,
66 unsigned long Alen,
67 unsigned char *Tp);
69 /* Encrypts and hashes the Plaintext.
70 Operates on any length of data, however partial block should only be encrypted
71 at the last call, otherwise the result will be incorrect. */
72 void intel_aes_gcmENC(const unsigned char* PT,
73 unsigned char* CT,
74 void *Gctx,
75 unsigned long len);
77 /* Similar to ENC, but decrypts the Ciphertext. */
78 void intel_aes_gcmDEC(const unsigned char* CT,
79 unsigned char* PT,
80 void *Gctx,
81 unsigned long len);
83 #endif
