11 #if defined(MBEDTLS_POLY1305_C)
21 #if !defined(MBEDTLS_POLY1305_ALT)
23 #define POLY1305_BLOCK_SIZE_BYTES (16U)
29 #if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
43 return lo + (me << 16) + ((
uint64_t) hi << 32);
66 const unsigned char *
input,
70 uint32_t acc0, acc1, acc2, acc3, acc4;
81 rs1 =
r1 + (
r1 >> 2U);
82 rs2 =
r2 + (
r2 >> 2U);
83 rs3 =
r3 + (
r3 >> 2U);
92 for (
i = 0
U;
i < nblocks;
i++) {
101 d1 += (
uint64_t) acc1 + (d0 >> 32U);
102 d2 += (
uint64_t) acc2 + (d1 >> 32U);
103 d3 += (
uint64_t) acc3 + (d2 >> 32U);
108 acc4 += (
uint32_t) (d3 >> 32U) + needs_padding;
111 d0 = mul64(acc0,
r0) +
115 d1 = mul64(acc0,
r1) +
120 d2 = mul64(acc0,
r2) +
125 d3 = mul64(acc0,
r3) +
140 acc4 = (
uint32_t) (d3 >> 32) + acc4;
142 d0 = (
uint64_t) acc0 + (acc4 >> 2) + (acc4 & 0xFFFFFFFCU);
154 offset += POLY1305_BLOCK_SIZE_BYTES;
172 unsigned char mac[16])
176 uint32_t acc0, acc1, acc2, acc3, acc4;
207 acc0 = (acc0 & mask_inv) | (
g0 &
mask);
208 acc1 = (acc1 & mask_inv) | (g1 &
mask);
209 acc2 = (acc2 & mask_inv) | (g2 &
mask);
210 acc3 = (acc3 & mask_inv) | (g3 &
mask);
243 const unsigned char key[32])
271 const unsigned char *
input,
275 size_t remaining = ilen;
276 size_t queue_free_len;
279 if ((remaining > 0
U) && (
ctx->queue_len > 0
U)) {
280 queue_free_len = (POLY1305_BLOCK_SIZE_BYTES -
ctx->queue_len);
282 if (ilen < queue_free_len) {
286 memcpy(&
ctx->queue[
ctx->queue_len],
290 ctx->queue_len += ilen;
295 memcpy(&
ctx->queue[
ctx->queue_len],
301 poly1305_process(
ctx, 1U,
ctx->queue, 1U);
304 remaining -= queue_free_len;
308 if (remaining >= POLY1305_BLOCK_SIZE_BYTES) {
309 nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES;
313 offset += nblocks * POLY1305_BLOCK_SIZE_BYTES;
314 remaining %= POLY1305_BLOCK_SIZE_BYTES;
317 if (remaining > 0
U) {
319 ctx->queue_len = remaining;
327 unsigned char mac[16])
330 if (
ctx->queue_len > 0
U) {
332 ctx->queue[
ctx->queue_len] = 1U;
336 memset(&
ctx->queue[
ctx->queue_len],
338 POLY1305_BLOCK_SIZE_BYTES -
ctx->queue_len);
340 poly1305_process(
ctx, 1U,
344 poly1305_compute_mac(
ctx, mac);
350 const unsigned char *
input,
352 unsigned char mac[16])
378 #if defined(MBEDTLS_SELF_TEST)
380 static const unsigned char test_keys[2][32] =
383 0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33,
384 0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8,
385 0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd,
386 0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b
389 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a,
390 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0,
391 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09,
392 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0
396 static const unsigned char test_data[2][127] =
399 0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x67, 0x72,
400 0x61, 0x70, 0x68, 0x69, 0x63, 0x20, 0x46, 0x6f,
401 0x72, 0x75, 0x6d, 0x20, 0x52, 0x65, 0x73, 0x65,
402 0x61, 0x72, 0x63, 0x68, 0x20, 0x47, 0x72, 0x6f,
406 0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72,
407 0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61,
408 0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
409 0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f,
410 0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20,
411 0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64,
412 0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20,
413 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77,
414 0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c,
415 0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77,
416 0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20,
417 0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65,
418 0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74,
419 0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20,
420 0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75,
421 0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e
425 static const size_t test_data_len[2] =
431 static const unsigned char test_mac[2][16] =
434 0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6,
435 0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9
438 0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61,
439 0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62
446 #define ASSERT(cond, args) \
452 mbedtls_printf args; \
459 int mbedtls_poly1305_self_test(
int verbose)
461 unsigned char mac[16];
465 for (
i = 0
U;
i < 2U;
i++) {
474 ASSERT(0 == ret, (
"error code: %i\n", ret));
476 ASSERT(0 == memcmp(mac, test_mac[
i], 16U), (
"failed (mac)\n"));
#define MBEDTLS_GET_UINT32_LE(data, offset)
Get the unsigned 32 bits integer corresponding to four bytes in little-endian order (LSB first).
#define MBEDTLS_PUT_UINT32_LE(n, data, offset)
Put in memory a 32 bits unsigned integer in little-endian order.
static void cleanup(void)
const struct ncbi::grid::netcache::search::fields::KEY key
#define ASSERT
macro for assert.
#define mbedtls_platform_zeroize
This file contains Poly1305 definitions and functions.
int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx, const unsigned char *input, size_t ilen)
This functions feeds an input buffer into an ongoing Poly1305 computation.
int mbedtls_poly1305_mac(const unsigned char key[32], const unsigned char *input, size_t ilen, unsigned char mac[16])
This function calculates the Poly1305 MAC of the input buffer with the provided key.
int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx, unsigned char mac[16])
This function generates the Poly1305 Message Authentication Code (MAC).
void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx)
This function initializes the specified Poly1305 context.
int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx, const unsigned char key[32])
This function sets the one-time authentication key.
void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx)
This function releases and clears the specified Poly1305 context.
static const sljit_gpr r1
static const sljit_gpr r0
static const sljit_gpr r3
static const sljit_gpr r2
Error to string translation.
#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED
This is a bug in the library.
float g0(Seg_Nsm *spn, Thd_Cxe *cxe)