aboutsummaryrefslogtreecommitdiff
path: root/src/include/ipxe/gcm.h
AgeCommit message (Collapse)AuthorFilesLines
2024-02-10[build] Fix build failures with older versions of gcccentos7Michael Brown1-1/+2
Some versions of gcc (observed with gcc 4.8.5 in CentOS 7) will report spurious build_assert() failures for some assertions about structure layouts. There is no clear pattern as to what causes these spurious failures, and the build assertion does succeed in that no unresolvable symbol reference is generated in the compiled code. Adjust the assertions to work around these apparent compiler issues. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2024-01-16[libc] Replace linker_assert() with build_assert()Michael Brown1-7/+4
We currently implement build-time assertions via a mechanism that generates a call to an undefined external function that will cause the link to fail unless the compiler can prove that the asserted condition is true (and thereby eliminate the undefined function call). This assertion mechanism can be used for conditions that are not amenable to the use of static_assert(), since static_assert() will not allow for proofs via dead code elimination. Add __attribute__((error(...))) to the undefined external function, so that the error is raised at compile time rather than at link time. This allows us to provide a more meaningful error message (which will include the file name and line number, as with any other compile-time error), and avoids the need for the caller to specify a unique symbol name for the external function. Change the name from linker_assert() to build_assert(), since the assertion now takes place at compile time rather than at link time. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2022-11-09[crypto] Ensure relevant GCM cipher state is cleared by cipher_setiv()Michael Brown1-4/+4
Reset the accumulated authentication state when cipher_setiv() is called, to allow the cipher to be reused without resetting the key. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2022-11-07[crypto] Add concept of cipher alignment sizeMichael Brown1-0/+1
The GCM cipher mode of operation (in common with other counter-based modes of operation) has a notion of blocksize that does not neatly fall into our current abstraction: it does operate in 16-byte blocks but allows for an arbitrary overall data length (i.e. the final block may be incomplete). Model this by adding a concept of alignment size. Each call to encrypt() or decrypt() must begin at a multiple of the alignment size from the start of the data stream. This allows us to model GCM by using a block size of 1 byte and an alignment size of 16 bytes. As a side benefit, this same concept allows us to neatly model the fact that raw AES can encrypt only a single 16-byte block, by specifying an alignment size of zero on this cipher. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2022-10-25[crypto] Add block cipher Galois/Counter mode of operationMichael Brown1-0/+132
Signed-off-by: Michael Brown <mcb30@ipxe.org>
generated by cgit v1.1 at 2024-10-19 00:22:34 +0000