8 #include <botan/gmac.h>
27 m_initialized =
false;
32 return "GMAC(" + m_cipher->name() +
")";
40 void GMAC::add_data(
const uint8_t input[],
size_t size)
46 m_aad_buf.insert(m_aad_buf.end(), input, input + size);
47 if(m_aad_buf.size() >= GCM_BS)
52 m_aad_buf.size() - (m_aad_buf.size() % GCM_BS));
55 m_aad_buf.erase(m_aad_buf.begin(),
56 m_aad_buf.end() - (m_aad_buf.size() % GCM_BS));
60 void GMAC::key_schedule(
const uint8_t key[],
size_t size)
63 m_cipher->set_key(key, size);
64 m_cipher->encrypt(
m_H_ad.data(),
m_H.data());
67 void GMAC::start_msg(
const uint8_t nonce[],
size_t nonce_len)
69 secure_vector<uint8_t> y0(GCM_BS);
73 copy_mem(y0.data(), nonce, nonce_len);
82 secure_vector<uint8_t> m_enc_y0(GCM_BS);
83 m_cipher->encrypt(y0.data(), m_enc_y0.data());
88 void GMAC::final_result(uint8_t mac[])
94 "The GMAC computation has not been initialized with a fresh "
98 if(m_aad_buf.size() > 0)
105 std::copy(result.begin(), result.end(), mac);
111 return new GMAC(m_cipher->clone());
secure_vector< uint8_t > m_H
secure_vector< uint8_t > m_ghash
void start(const uint8_t nonce[], size_t len)
void add_final_block(secure_vector< uint8_t > &x, size_t ad_len, size_t pt_len)
void ghash_update(secure_vector< uint8_t > &x, const uint8_t input[], size_t input_len)
#define BOTAN_ASSERT(expr, assertion_made)
secure_vector< uint8_t > m_H_ad
void copy_mem(T *out, const T *in, size_t n)
GMAC(BlockCipher *cipher)
MessageAuthenticationCode * clone() const override
secure_vector< uint8_t > final()
std::string name() const override
size_t output_length() const override