int norx_aead_decrypt( unsigned char *p, size_t *plen, const unsigned char *h, size_t hlen, const unsigned char *c, size_t clen, const unsigned char *t, size_t tlen, const unsigned char *nonce, const unsigned char *key ) { unsigned char tag[BYTES(NORX_A)]; norx_state_t state; int result = -1; if (clen < BYTES(NORX_A)) return -1; #if defined(DEBUG) printf("DECRYPTION\n"); #endif norx_init(state, key, nonce); norx_process_header(state, h, hlen); norx_decrypt_msg(state, p, c, clen - BYTES(NORX_A)); norx_process_trailer(state, t, tlen); norx_output_tag(state, tag); *plen = clen - BYTES(NORX_A); result = norx_verify_tag(c + clen - BYTES(NORX_A), tag); if(result != 0) /* burn decrypted plaintext on auth failure */ burn(p, 0, clen - BYTES(NORX_A)); burn(state, 0, sizeof(norx_state_t)); return result; }
int norx_aead_decrypt( unsigned char *m, size_t *mlen, const unsigned char *a, size_t alen, const unsigned char *c, size_t clen, const unsigned char *z, size_t zlen, const unsigned char *nonce, const unsigned char *key ) { int result = -1; unsigned char tag[BYTES(NORX_T)]; norx_state_t state; if (clen < BYTES(NORX_T)) { return -1; } norx_init(state, key, nonce); norx_absorb_data(state, a, alen, HEADER_TAG); norx_decrypt_data(state, m, c, clen - BYTES(NORX_T)); norx_absorb_data(state, z, zlen, TRAILER_TAG); norx_finalise(state, tag); *mlen = clen - BYTES(NORX_T); result = norx_verify_tag(c + clen - BYTES(NORX_T), tag); if (result != 0) { /* burn decrypted plaintext on auth failure */ burn(m, 0, clen - BYTES(NORX_T)); } burn(state, 0, sizeof(norx_state_t)); return result; }
/* High-level operations */ void norx_aead_encrypt( unsigned char *c, size_t *clen, const unsigned char *a, size_t alen, const unsigned char *m, size_t mlen, const unsigned char *z, size_t zlen, const unsigned char *nonce, const unsigned char *key ) { norx_state_t state; norx_init(state, key, nonce); norx_absorb_data(state, a, alen, HEADER_TAG); norx_encrypt_data(state, c, m, mlen); norx_absorb_data(state, z, zlen, TRAILER_TAG); norx_finalise(state, c + mlen); *clen = mlen + BYTES(NORX_T); burn(state, 0, sizeof(norx_state_t)); }
void norx_aead_encrypt( unsigned char *c, size_t *clen, const unsigned char *h, size_t hlen, const unsigned char *p, size_t plen, const unsigned char *t, size_t tlen, const unsigned char *nonce, const unsigned char *key ) { norx_state_t state; #if defined(NORX_DEBUG) printf("ENCRYPTION\n"); #endif norx_init(state, key, nonce); norx_process_header(state, h, hlen); norx_encrypt_msg(state, c, p, plen); norx_process_trailer(state, t, tlen); norx_output_tag(state, c + plen); /* append tag to ciphertext */ *clen = plen + BYTES(NORX_A); burn(state, 0, sizeof(norx_state_t)); }