1255767Sdes/* $OpenBSD: umac.h,v 1.3 2013/07/22 12:20:02 djm Exp $ */ 2180744Sdes/* ----------------------------------------------------------------------- 3180744Sdes * 4180744Sdes * umac.h -- C Implementation UMAC Message Authentication 5180744Sdes * 6180744Sdes * Version 0.93a of rfc4418.txt -- 2006 July 14 7180744Sdes * 8180744Sdes * For a full description of UMAC message authentication see the UMAC 9180744Sdes * world-wide-web page at http://www.cs.ucdavis.edu/~rogaway/umac 10180744Sdes * Please report bugs and suggestions to the UMAC webpage. 11180744Sdes * 12180744Sdes * Copyright (c) 1999-2004 Ted Krovetz 13180744Sdes * 14180744Sdes * Permission to use, copy, modify, and distribute this software and 15180744Sdes * its documentation for any purpose and with or without fee, is hereby 16180744Sdes * granted provided that the above copyright notice appears in all copies 17180744Sdes * and in supporting documentation, and that the name of the copyright 18180744Sdes * holder not be used in advertising or publicity pertaining to 19180744Sdes * distribution of the software without specific, written prior permission. 20180744Sdes * 21180744Sdes * Comments should be directed to Ted Krovetz (tdk@acm.org) 22180744Sdes * 23180744Sdes * ---------------------------------------------------------------------- */ 24180744Sdes 25180744Sdes /* ////////////////////// IMPORTANT NOTES ///////////////////////////////// 26180744Sdes * 27180744Sdes * 1) This version does not work properly on messages larger than 16MB 28180744Sdes * 29180744Sdes * 2) If you set the switch to use SSE2, then all data must be 16-byte 30180744Sdes * aligned 31180744Sdes * 32180744Sdes * 3) When calling the function umac(), it is assumed that msg is in 33180744Sdes * a writable buffer of length divisible by 32 bytes. The message itself 34180744Sdes * does not have to fill the entire buffer, but bytes beyond msg may be 35180744Sdes * zeroed. 36180744Sdes * 37180744Sdes * 4) Two free AES implementations are supported by this implementation of 38180744Sdes * UMAC. Paulo Barreto's version is in the public domain and can be found 39180744Sdes * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for 40180744Sdes * "Barreto"). The only two files needed are rijndael-alg-fst.c and 41180744Sdes * rijndael-alg-fst.h. 42180744Sdes * Brian Gladman's version is distributed with GNU Public lisence 43180744Sdes * and can be found at http://fp.gladman.plus.com/AES/index.htm. It 44180744Sdes * includes a fast IA-32 assembly version. 45180744Sdes * 46180744Sdes /////////////////////////////////////////////////////////////////////// */ 47180744Sdes#ifndef HEADER_UMAC_H 48180744Sdes#define HEADER_UMAC_H 49180744Sdes 50180744Sdes 51180744Sdes#ifdef __cplusplus 52180744Sdes extern "C" { 53180744Sdes#endif 54180744Sdes 55255767Sdesstruct umac_ctx *umac_new(const u_char key[]); 56180744Sdes/* Dynamically allocate a umac_ctx struct, initialize variables, 57180744Sdes * generate subkeys from key. 58180744Sdes */ 59180744Sdes 60180744Sdes#if 0 61180744Sdesint umac_reset(struct umac_ctx *ctx); 62180744Sdes/* Reset a umac_ctx to begin authenicating a new message */ 63180744Sdes#endif 64180744Sdes 65255767Sdesint umac_update(struct umac_ctx *ctx, const u_char *input, long len); 66180744Sdes/* Incorporate len bytes pointed to by input into context ctx */ 67180744Sdes 68255767Sdesint umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]); 69180744Sdes/* Incorporate any pending data and the ctr value, and return tag. 70180744Sdes * This function returns error code if ctr < 0. 71180744Sdes */ 72180744Sdes 73180744Sdesint umac_delete(struct umac_ctx *ctx); 74180744Sdes/* Deallocate the context structure */ 75180744Sdes 76180744Sdes#if 0 77180744Sdesint umac(struct umac_ctx *ctx, u_char *input, 78180744Sdes long len, u_char tag[], 79180744Sdes u_char nonce[8]); 80180744Sdes/* All-in-one implementation of the functions Reset, Update and Final */ 81180744Sdes#endif 82180744Sdes 83180744Sdes/* uhash.h */ 84180744Sdes 85180744Sdes 86180744Sdes#if 0 87180744Sdestypedef struct uhash_ctx *uhash_ctx_t; 88180744Sdes /* The uhash_ctx structure is defined by the implementation of the */ 89180744Sdes /* UHASH functions. */ 90180744Sdes 91180744Sdesuhash_ctx_t uhash_alloc(u_char key[16]); 92180744Sdes /* Dynamically allocate a uhash_ctx struct and generate subkeys using */ 93180744Sdes /* the kdf and kdf_key passed in. If kdf_key_len is 0 then RC6 is */ 94180744Sdes /* used to generate key with a fixed key. If kdf_key_len > 0 but kdf */ 95180744Sdes /* is NULL then the first 16 bytes pointed at by kdf_key is used as a */ 96180744Sdes /* key for an RC6 based KDF. */ 97180744Sdes 98180744Sdesint uhash_free(uhash_ctx_t ctx); 99180744Sdes 100180744Sdesint uhash_set_params(uhash_ctx_t ctx, 101180744Sdes void *params); 102180744Sdes 103180744Sdesint uhash_reset(uhash_ctx_t ctx); 104180744Sdes 105180744Sdesint uhash_update(uhash_ctx_t ctx, 106180744Sdes u_char *input, 107180744Sdes long len); 108180744Sdes 109180744Sdesint uhash_final(uhash_ctx_t ctx, 110180744Sdes u_char ouput[]); 111180744Sdes 112180744Sdesint uhash(uhash_ctx_t ctx, 113180744Sdes u_char *input, 114180744Sdes long len, 115180744Sdes u_char output[]); 116180744Sdes 117180744Sdes#endif 118180744Sdes 119248619Sdes/* matching umac-128 API, we reuse umac_ctx, since it's opaque */ 120255767Sdesstruct umac_ctx *umac128_new(const u_char key[]); 121255767Sdesint umac128_update(struct umac_ctx *ctx, const u_char *input, long len); 122255767Sdesint umac128_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]); 123248619Sdesint umac128_delete(struct umac_ctx *ctx); 124248619Sdes 125180744Sdes#ifdef __cplusplus 126180744Sdes } 127180744Sdes#endif 128180744Sdes 129180744Sdes#endif /* HEADER_UMAC_H */ 130