RetroArch
Macros | Functions | Variables
gcm.c File Reference
#include "mbedtls/config.h"
#include "mbedtls/gcm.h"
#include <string.h>
#include "mbedtls/aesni.h"
#include "mbedtls/platform.h"
#include "arc4_alt.h"
Include dependency graph for gcm.c:

Macros

#define GET_UINT32_BE(n, b, i)
 
#define PUT_UINT32_BE(n, b, i)
 
#define MAX_TESTS   6
 

Functions

void mbedtls_gcm_init (mbedtls_gcm_context *ctx)
 Initialize GCM context (just makes references valid) Makes the context ready for mbedtls_gcm_setkey() or mbedtls_gcm_free(). More...
 
static int gcm_gen_table (mbedtls_gcm_context *ctx)
 
int mbedtls_gcm_setkey (mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key, unsigned int keybits)
 GCM initialization (encryption) More...
 
static void gcm_mult (mbedtls_gcm_context *ctx, const unsigned char x[16], unsigned char output[16])
 
int mbedtls_gcm_starts (mbedtls_gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len)
 Generic GCM stream start function. More...
 
int mbedtls_gcm_update (mbedtls_gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output)
 Generic GCM update function. Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before mbedtls_gcm_finish() can be less than 16 bytes! More...
 
int mbedtls_gcm_finish (mbedtls_gcm_context *ctx, unsigned char *tag, size_t tag_len)
 Generic GCM finalisation function. Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes. More...
 
int mbedtls_gcm_crypt_and_tag (mbedtls_gcm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, size_t tag_len, unsigned char *tag)
 GCM buffer encryption/decryption using a block cipher. More...
 
int mbedtls_gcm_auth_decrypt (mbedtls_gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *tag, size_t tag_len, const unsigned char *input, unsigned char *output)
 GCM buffer authenticated decryption using a block cipher. More...
 
void mbedtls_gcm_free (mbedtls_gcm_context *ctx)
 Free a GCM context and underlying cipher sub-context. More...
 
int mbedtls_gcm_self_test (int verbose)
 Checkup routine. More...
 

Variables

static const uint64_t last4 [16]
 
static const int key_index [MAX_TESTS]
 
static const unsigned char gcm_key [MAX_TESTS][32]
 
static const size_t gcm_iv_len [MAX_TESTS]
 
static const int iv_index [MAX_TESTS]
 
static const unsigned char gcm_iv [MAX_TESTS][64]
 
static const size_t gcm_add_len [MAX_TESTS]
 
static const int add_index [MAX_TESTS]
 
static const unsigned char additional [MAX_TESTS][64]
 
static const size_t pt_len [MAX_TESTS]
 
static const int pt_index [MAX_TESTS]
 
static const unsigned char pt [MAX_TESTS][64]
 
static const unsigned char ct [MAX_TESTS *3][64]
 
static const unsigned char tag [MAX_TESTS *3][16]
 

Macro Definition Documentation

◆ GET_UINT32_BE

#define GET_UINT32_BE (   n,
  b,
 
)
Value:
{ \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
}
GLboolean GLboolean GLboolean b
Definition: glext.h:6844
GLdouble n
Definition: glext.h:8396
unsigned int uint32_t
Definition: stdint.h:126

◆ MAX_TESTS

#define MAX_TESTS   6

◆ PUT_UINT32_BE

#define PUT_UINT32_BE (   n,
  b,
 
)
Value:
{ \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
}
GLboolean GLboolean GLboolean b
Definition: glext.h:6844
GLdouble n
Definition: glext.h:8396

Function Documentation

◆ gcm_gen_table()

static int gcm_gen_table ( mbedtls_gcm_context ctx)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ gcm_mult()

static void gcm_mult ( mbedtls_gcm_context ctx,
const unsigned char  x[16],
unsigned char  output[16] 
)
static
Here is the caller graph for this function:

◆ mbedtls_gcm_auth_decrypt()

int mbedtls_gcm_auth_decrypt ( mbedtls_gcm_context ctx,
size_t  length,
const unsigned char *  iv,
size_t  iv_len,
const unsigned char *  add,
size_t  add_len,
const unsigned char *  tag,
size_t  tag_len,
const unsigned char *  input,
unsigned char *  output 
)

GCM buffer authenticated decryption using a block cipher.

Note
On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.
Parameters
ctxGCM context
lengthlength of the input data
ivinitialization vector
iv_lenlength of IV
addadditional data
add_lenlength of additional data
tagbuffer holding the tag
tag_lenlength of the tag
inputbuffer holding the input data
outputbuffer for holding the output data
Returns
0 if successful and authenticated, MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_crypt_and_tag()

int mbedtls_gcm_crypt_and_tag ( mbedtls_gcm_context ctx,
int  mode,
size_t  length,
const unsigned char *  iv,
size_t  iv_len,
const unsigned char *  add,
size_t  add_len,
const unsigned char *  input,
unsigned char *  output,
size_t  tag_len,
unsigned char *  tag 
)

GCM buffer encryption/decryption using a block cipher.

Note
On encryption, the output buffer can be the same as the input buffer. On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.
Parameters
ctxGCM context
modeMBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
lengthlength of the input data
ivinitialization vector
iv_lenlength of IV
addadditional data
add_lenlength of additional data
inputbuffer holding the input data
outputbuffer for holding the output data
tag_lenlength of the tag to generate
tagbuffer for holding the tag
Returns
0 if successful
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_finish()

int mbedtls_gcm_finish ( mbedtls_gcm_context ctx,
unsigned char *  tag,
size_t  tag_len 
)

Generic GCM finalisation function. Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes.

Parameters
ctxGCM context
tagbuffer for holding the tag
tag_lenlength of the tag to generate (must be at least 4)
Returns
0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_free()

void mbedtls_gcm_free ( mbedtls_gcm_context ctx)

Free a GCM context and underlying cipher sub-context.

Parameters
ctxGCM context to free
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_init()

void mbedtls_gcm_init ( mbedtls_gcm_context ctx)

Initialize GCM context (just makes references valid) Makes the context ready for mbedtls_gcm_setkey() or mbedtls_gcm_free().

Parameters
ctxGCM context to initialize
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_self_test()

int mbedtls_gcm_self_test ( int  verbose)

Checkup routine.

Returns
0 if successful, or 1 if the test failed
Here is the call graph for this function:

◆ mbedtls_gcm_setkey()

int mbedtls_gcm_setkey ( mbedtls_gcm_context ctx,
mbedtls_cipher_id_t  cipher,
const unsigned char *  key,
unsigned int  keybits 
)

GCM initialization (encryption)

Parameters
ctxGCM context to be initialized
ciphercipher to use (a 128-bit block cipher)
keyencryption key
keybitsmust be 128, 192 or 256
Returns
0 if successful, or a cipher specific error code
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_starts()

int mbedtls_gcm_starts ( mbedtls_gcm_context ctx,
int  mode,
const unsigned char *  iv,
size_t  iv_len,
const unsigned char *  add,
size_t  add_len 
)

Generic GCM stream start function.

Parameters
ctxGCM context
modeMBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
ivinitialization vector
iv_lenlength of IV
addadditional data (or NULL if length is 0)
add_lenlength of additional data
Returns
0 if successful
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_gcm_update()

int mbedtls_gcm_update ( mbedtls_gcm_context ctx,
size_t  length,
const unsigned char *  input,
unsigned char *  output 
)

Generic GCM update function. Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before mbedtls_gcm_finish() can be less than 16 bytes!

Note
On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.
Parameters
ctxGCM context
lengthlength of the input data
inputbuffer holding the input data
outputbuffer for holding the output data
Returns
0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ add_index

const int add_index[MAX_TESTS]
static
Initial value:
=
{ 0, 0, 0, 1, 1, 1 }

◆ additional

const unsigned char additional[MAX_TESTS][64]
static
Initial value:
=
{
{ 0x00 },
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2 },
}

◆ ct

const unsigned char ct[MAX_TESTS *3][64]
static

◆ gcm_add_len

const size_t gcm_add_len[MAX_TESTS]
static
Initial value:
=
{ 0, 0, 0, 20, 20, 20 }

◆ gcm_iv

const unsigned char gcm_iv[MAX_TESTS][64]
static
Initial value:
=
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00 },
{ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88 },
{ 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
0xa6, 0x37, 0xb3, 0x9b },
}

◆ gcm_iv_len

const size_t gcm_iv_len[MAX_TESTS]
static
Initial value:
=
{ 12, 12, 12, 12, 8, 60 }

◆ gcm_key

const unsigned char gcm_key[MAX_TESTS][32]
static
Initial value:
=
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
}

◆ iv_index

const int iv_index[MAX_TESTS]
static
Initial value:
=
{ 0, 0, 1, 1, 1, 2 }

◆ key_index

const int key_index[MAX_TESTS]
static
Initial value:
=
{ 0, 0, 1, 1, 1, 1 }

◆ last4

const uint64_t last4[16]
static
Initial value:
=
{
0x0000, 0x1c20, 0x3840, 0x2460,
0x7080, 0x6ca0, 0x48c0, 0x54e0,
0xe100, 0xfd20, 0xd940, 0xc560,
0x9180, 0x8da0, 0xa9c0, 0xb5e0
}

◆ pt

const unsigned char pt[MAX_TESTS][64]
static
Initial value:
=
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
}

◆ pt_index

const int pt_index[MAX_TESTS]
static
Initial value:
=
{ 0, 0, 1, 1, 1, 1 }

◆ pt_len

const size_t pt_len[MAX_TESTS]
static
Initial value:
=
{ 0, 16, 64, 60, 60, 60 }

◆ tag

const unsigned char tag[MAX_TESTS *3][16]
static