Userland/Libraries/LibCrypto/Authentication/GHash.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

/*
 * Copyright (c) 2020, Ali Mohammad Pur <mpfard@serenityos.org>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 */

#pragma once

#include <AK/ByteReader.h>
#include <AK/String.h>
#include <AK/Types.h>
#include <LibCrypto/Hash/HashFunction.h>

namespace Crypto {
namespace Authentication {

void galois_multiply(u32 (&z)[4], const u32 (&x)[4], const u32 (&y)[4]);

struct GHashDigest {
    constexpr static size_t Size = 16;
    u8 data[Size];

    const u8* immutable_data() const { return data; }
    size_t data_length() { return Size; }
};

class GHash final {
public:
    using TagType = GHashDigest;

    template<size_t N>
    explicit GHash(const char (&key)[N])
        : GHash({ key, N })
    {
    }

    explicit GHash(const ReadonlyBytes& key)
    {
        VERIFY(key.size() >= 16);
        for (size_t i = 0; i < 16; i += 4) {
            m_key[i / 4] = AK::convert_between_host_and_big_endian(ByteReader::load32(key.offset(i)));
        }
    }

    constexpr static size_t digest_size() { return TagType::Size; }

    String class_name() const { return "GHash"; }

    TagType process(ReadonlyBytes aad, ReadonlyBytes cipher);

private:
    inline void transform(ReadonlyBytes, ReadonlyBytes);

    u32 m_key[4];
};

}

}