openssl/include/crypto
Todd Short 0113ec8460 Implement AES-GCM-SIV (RFC8452)
Fixes #16721

This uses AES-ECB to create a counter mode AES-CTR32 (32bit counter, I could
not get AES-CTR to work as-is), and GHASH to implement POLYVAL. Optimally,
there would be separate polyval assembly implementation(s), but the only one
I could find (and it was SSE2 x86_64 code) was not Apache 2.0 licensed.

This implementation lives only in the default provider; there is no legacy
implementation.

The code offered in #16721 is not used; that implementation sits on top of
OpenSSL, this one is embedded inside OpenSSL.

Full test vectors from RFC8452 are included, except the 0 length plaintext;
that is not supported; and I'm not sure it's worthwhile to do so.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18693)
2022-07-29 08:32:16 -04:00
..
__DECC_INCLUDE_EPILOGUE.H
__DECC_INCLUDE_PROLOGUE.H
aes_platform.h Use separate function to get GCM functions 2022-07-22 08:34:13 -04:00
aria.h Add ossl_aria symbols 2021-03-18 17:52:37 +10:00
asn1_dsa.h Add ossl_encode symbols 2021-03-18 17:52:37 +10:00
asn1.h libcrypto and test: rename asn1_string_to_time_t to ossl_asn1_string_to_time_t 2022-07-19 08:44:19 +02:00
asn1err.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
async.h Update copyright year 2021-02-18 15:05:17 +00:00
asyncerr.h Update copyright year 2021-06-17 13:24:59 +01:00
bioerr.h Update copyright year 2021-06-17 13:24:59 +01:00
bn_conf.h.in Update copyright year 2021-02-18 15:05:17 +00:00
bn_dh.h Update copyright year 2021-03-11 13:27:36 +00:00
bn_srp.h Update copyright year 2021-04-08 13:04:41 +01:00
bn.h Fix external symbols for bn 2021-02-26 10:32:22 +10:00
bnerr.h RSA keygen update: Raise an error if no prime candidate q is found. 2022-06-13 10:56:31 +02:00
buffererr.h Update copyright year 2021-06-17 13:24:59 +01:00
chacha.h Update copyright year 2021-02-18 15:05:17 +00:00
cmll_platform.h Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
cmperr.h Update copyright year 2021-06-17 13:24:59 +01:00
cmserr.h CMS sign digest 2022-04-02 10:42:16 -04:00
comperr.h Update copyright year 2021-06-17 13:24:59 +01:00
conferr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
context.h Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA 2022-04-01 10:49:19 +11:00
crmferr.h Update copyright year 2021-06-17 13:24:59 +01:00
cryptlib.h Fix a memleak in the FIPS provider 2021-05-24 09:39:15 +10:00
cryptoerr.h err: add additional errors 2022-01-12 20:10:21 +11:00
cterr.h Update copyright year 2021-06-17 13:24:59 +01:00
ctype.h tolower: refine the tolower code to avoid a memory access 2022-05-23 09:51:28 +10:00
decoder.h Remove the _fetch_by_number functions 2022-05-06 10:38:55 +10:00
decodererr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
des_platform.h Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
dh.h Update copyright year 2022-05-03 13:34:51 +01:00
dherr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
dsa.h Update copyright year 2022-05-03 13:34:51 +01:00
dsaerr.h Update copyright year 2021-06-17 13:24:59 +01:00
dso_conf.h.in Update copyright year 2021-02-18 15:05:17 +00:00
ec.h fips module header inclusion fine-tunning 2021-07-06 10:52:27 +10:00
ecerr.h Add error code for unsupported explicit parameters 2022-04-14 08:51:18 +02:00
ecx.h fips module header inclusion fine-tunning 2021-07-06 10:52:27 +10:00
encoder.h Remove the _fetch_by_number functions 2022-05-06 10:38:55 +10:00
encodererr.h Update copyright year 2021-06-17 13:24:59 +01:00
engine.h
engineerr.h Update copyright year 2021-06-17 13:24:59 +01:00
err.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
ess.h TS ESS: Move four internal aux function to where they belong in crypto/ts 2021-04-28 14:10:47 +02:00
esserr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
evp.h store_result: Add fallback for fetching the keymgmt from the provider of the store 2022-06-28 17:54:56 +02:00
evperr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
httperr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
lhash.h Add ossl_lhash symbols 2021-03-18 17:52:38 +10:00
md32_common.h Add ROTATE inline asm support for SM3 2022-06-22 12:46:50 +02:00
modes.h Implement AES-GCM-SIV (RFC8452) 2022-07-29 08:32:16 -04:00
objects.h Update copyright year 2021-04-08 13:04:41 +01:00
objectserr.h Update copyright year 2021-06-17 13:24:59 +01:00
ocsperr.h Update copyright year 2021-06-17 13:24:59 +01:00
pem.h Fix copyrights 2022-02-03 13:56:38 +01:00
pemerr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
pkcs7.h Add library context and property query support into the PKCS12 API 2021-04-30 09:15:50 +10:00
pkcs7err.h Update copyright year 2021-06-17 13:24:59 +01:00
pkcs12err.h Update copyright year 2021-06-17 13:24:59 +01:00
poly1305.h Update copyright year 2021-02-18 15:05:17 +00:00
ppc_arch.h Update copyright year 2022-05-03 13:34:51 +01:00
punycode.h punycode: fix indentation 2021-06-19 15:54:06 +10:00
rand_pool.h Add ossl_rand symbols 2021-03-18 17:52:37 +10:00
rand.h Pre-declare all core dispatch table functions, and fix the internal ones 2022-07-13 07:56:51 +02:00
randerr.h Update copyright year 2021-06-17 13:24:59 +01:00
riscv_arch.def Add riscv scalar crypto extension capability 2022-06-10 11:45:41 +02:00
riscv_arch.h Add basic RISC-V cpuid and OPENSSL_riscvcap 2022-05-19 16:32:49 +10:00
rsa.h Update copyright year 2022-05-03 13:34:51 +01:00
rsaerr.h errors: update error message (to be squashed) 2021-05-27 13:01:50 +10:00
security_bits.h Fix misc external ossl_ symbols. 2021-03-18 17:52:37 +10:00
sha.h Crypto: Add deprecation compatibility declarations for SHA* message digest functions 2021-05-08 14:41:36 +02:00
siphash.h Fix a TODO(3.0) in the siphash code 2021-03-17 10:16:21 +10:00
siv.h Update copyright year 2021-04-08 13:04:41 +01:00
sm2.h Correctly calculate the length of SM2 plaintext given the ciphertext 2021-08-24 14:22:07 +01:00
sm2err.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
sm4_platform.h SM4 optimization for ARM by ASIMD 2022-04-12 10:37:42 +02:00
sm4.h Add ossl_ symbols for sm3 and sm4 2021-03-18 17:52:37 +10:00
sparc_arch.h Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
sparse_array.h Add ossl_sa symbols 2021-03-18 17:52:37 +10:00
store.h Add method store cache flush and method removal to non-EVP operations 2022-05-05 15:06:12 +02:00
storeerr.h err: rename err_load_xxx_strings_int functions 2021-05-26 13:01:47 +10:00
tserr.h Update copyright year 2021-06-17 13:24:59 +01:00
types.h Added guarding #ifndef/#define to avoid duplicate include of crypto/types.h 2021-03-31 13:28:46 +10:00
uierr.h Update copyright year 2021-06-17 13:24:59 +01:00
x509.h cpp: fix included files to avoid failure in no-deprecated builds 2021-08-25 10:47:21 +10:00
x509err.h Update copyright year 2021-06-17 13:24:59 +01:00
x509v3err.h Update copyright year 2021-06-17 13:24:59 +01:00