fork of https://github.com/rust-rocksdb/rust-rocksdb for nextgraph
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
113 lines
5.4 KiB
113 lines
5.4 KiB
/*******************************************************************************
|
|
* Copyright (C) 2022 Intel Corporation
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the 'License');
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing,
|
|
* software distributed under the License is distributed on an 'AS IS' BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions
|
|
* and limitations under the License.
|
|
*
|
|
*******************************************************************************/
|
|
|
|
#ifndef SM4_GCM_H
|
|
#define SM4_GCM_H
|
|
|
|
#include <crypto_mb/sm4.h>
|
|
|
|
#include <immintrin.h>
|
|
|
|
#define SM4_GCM_CONTEXT_BUFFER_SLOT_TYPE int64u
|
|
|
|
#define SM4_GCM_CONTEXT_BUFFER_SLOT_SIZE_BYTES (sizeof(SM4_GCM_CONTEXT_BUFFER_SLOT_TYPE))
|
|
#define SM4_GCM_CONTEXT_BUFFER_SIZE_BYTES ((SM4_LINES * SM4_BLOCK_SIZE) / SM4_GCM_CONTEXT_BUFFER_SLOT_SIZE_BYTES)
|
|
|
|
#define SM4_GCM_HASHKEY_PWR_NUM 8
|
|
|
|
/*
|
|
// Enum to control call sequence
|
|
//
|
|
// Valid call sequence:
|
|
//
|
|
// 1) mbx_sm4_gcm_init_mb16
|
|
// 2) mbx_sm4_gcm_update_iv_mb16 – optional, can be called as many times as necessary
|
|
// 3) mbx_sm4_gcm_update_aad_mb16 – optional, can be called as many times as necessary
|
|
// 4) mbx_sm4_gcm_encrypt_mb16/mbx_sm4_gcm_decrypt_mb16 – optional, can be called as many times as necessary
|
|
// 5) mbx_sm4_gcm_get_tag_mb16
|
|
//
|
|
// Call sequence restrictions:
|
|
//
|
|
// * mbx_sm4_gcm_get_tag_mb16 can be called after IV is fully processed.
|
|
// IV is fully processed if buffer with partial block (Block of less than 16 bytes size) was processed or if mbx_sm4_gcm_update_aad_mb16 was called
|
|
// * functions at steps 2-4 can be called as many times as needed to process payload while this functions processes buffers
|
|
// with full blocks (Blocks of 16 bytes size) or empty buffers and length of processed payload is not overflowed.
|
|
// * if functions at steps 2-4 called to process a partial block, it can’t be called again.
|
|
// * if mbx_sm4_gcm_update_aad_mb16 was called, mbx_sm4_gcm_update_iv_mb16 can’t be called.
|
|
// * if mbx_sm4_gcm_encrypt_mb16 or mbx_sm4_gcm_decrypt_mb16 was called, mbx_sm4_gcm_update_aad_mb16 and mbx_sm4_gcm_update_iv_mb16 can’t be called.
|
|
// * if mbx_sm4_gcm_encrypt_mb16 was called, mbx_sm4_gcm_decrypt_mb16 can’t be called.
|
|
// * if mbx_sm4_gcm_decrypt_mb16 was called, mbx_sm4_gcm_encrypt_mb16 can’t be called.
|
|
*/
|
|
typedef enum { sm4_gcm_update_iv = 0xF0A1, sm4_gcm_update_aad, sm4_gcm_start_encdec, sm4_gcm_enc, sm4_gcm_dec, sm4_gcm_get_tag } sm4_gcm_state;
|
|
|
|
struct _sm4_gcm_context_mb16 {
|
|
__m128i hashkey[SM4_GCM_HASHKEY_PWR_NUM][SM4_LINES]; /* Set of hashkeys for ghash computation */
|
|
__m128i j0[SM4_LINES]; /* J0 value accumulator for IV processing */
|
|
__m128i ghash[SM4_LINES]; /* ghash value accumulator for AAD and TXT processing */
|
|
__m128i ctr[SM4_LINES]; /* counter for gctr encryption */
|
|
|
|
/*
|
|
// buffer to store IV, AAD and TXT length in bytes
|
|
//
|
|
// this buffer is used to store IV length to compute J0 block
|
|
// and reused to store AAD and TXT length to compute ghash
|
|
//
|
|
// length is stored as follow:
|
|
//
|
|
// J0 computation:
|
|
// [64 bits with IV len (buffer 0)]
|
|
// [64 bits with IV len (buffer 1)]
|
|
// ..
|
|
// [64 bits with IV len (buffer SM4_LINES-1)]
|
|
//
|
|
// Only half of buffer is used for J0 computation
|
|
//
|
|
// ghash computation:
|
|
// [64 bits with AAD len (buffer 0)][64 bits with TXT len (buffer 0)]
|
|
// [64 bits with AAD len (buffer 1)][64 bits with TXT len (buffer 1)]
|
|
// ..
|
|
// [64 bits with AAD len (buffer SM4_LINES-1)][64 bits with TXT len (buffer SM4_LINES-1)]
|
|
//
|
|
*/
|
|
int64u len[SM4_LINES * 2];
|
|
|
|
mbx_sm4_key_schedule key_sched; /* SM4 key schedule */
|
|
sm4_gcm_state state; /* call sequence state */
|
|
};
|
|
|
|
typedef struct _sm4_gcm_context_mb16 SM4_GCM_CTX_mb16;
|
|
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_init_mb16(const sm4_key *const pa_key[SM4_LINES],
|
|
const int8u *const pa_iv[SM4_LINES],
|
|
const int iv_len[SM4_LINES],
|
|
SM4_GCM_CTX_mb16 *p_context);
|
|
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_update_iv_mb16(const int8u *const pa_iv[SM4_LINES], const int iv_len[SM4_LINES], SM4_GCM_CTX_mb16 *p_state);
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_update_aad_mb16(const int8u *const pa_aad[SM4_LINES], const int aad_len[SM4_LINES], SM4_GCM_CTX_mb16 *p_state);
|
|
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_encrypt_mb16(int8u *pa_out[SM4_LINES],
|
|
const int8u *const pa_in[SM4_LINES],
|
|
const int in_len[SM4_LINES],
|
|
SM4_GCM_CTX_mb16 *p_context);
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_decrypt_mb16(int8u *pa_out[SM4_LINES],
|
|
const int8u *const pa_in[SM4_LINES],
|
|
const int in_len[SM4_LINES],
|
|
SM4_GCM_CTX_mb16 *p_context);
|
|
|
|
EXTERN_C mbx_status16 mbx_sm4_gcm_get_tag_mb16(int8u *pa_tag[SM4_LINES], const int tag_len[SM4_LINES], SM4_GCM_CTX_mb16 *p_context);
|
|
|
|
#endif /* SM4_GCM_H */
|
|
|