1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis */ 2 /* SPDX-License-Identifier: Unlicense */ 3 4 #ifdef LTC_HMAC 5 typedef struct Hmac_state { 6 hash_state md; 7 int hash; 8 unsigned char key[MAXBLOCKSIZE]; 9 } hmac_state; 10 11 int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen); 12 int hmac_process(hmac_state *hmac, const unsigned char *in, unsigned long inlen); 13 int hmac_done(hmac_state *hmac, unsigned char *out, unsigned long *outlen); 14 int hmac_test(void); 15 int hmac_memory(int hash, 16 const unsigned char *key, unsigned long keylen, 17 const unsigned char *in, unsigned long inlen, 18 unsigned char *out, unsigned long *outlen); 19 int hmac_memory_multi(int hash, 20 const unsigned char *key, unsigned long keylen, 21 unsigned char *out, unsigned long *outlen, 22 const unsigned char *in, unsigned long inlen, ...) 23 LTC_NULL_TERMINATED; 24 int hmac_file(int hash, const char *fname, const unsigned char *key, 25 unsigned long keylen, 26 unsigned char *out, unsigned long *outlen); 27 #endif 28 29 #ifdef LTC_OMAC 30 31 typedef struct { 32 int cipher_idx, 33 buflen, 34 blklen; 35 unsigned char block[MAXBLOCKSIZE], 36 prev[MAXBLOCKSIZE], 37 Lu[2][MAXBLOCKSIZE]; 38 symmetric_key key; 39 } omac_state; 40 41 int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned long keylen); 42 int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen); 43 int omac_done(omac_state *omac, unsigned char *out, unsigned long *outlen); 44 int omac_memory(int cipher, 45 const unsigned char *key, unsigned long keylen, 46 const unsigned char *in, unsigned long inlen, 47 unsigned char *out, unsigned long *outlen); 48 int omac_memory_multi(int cipher, 49 const unsigned char *key, unsigned long keylen, 50 unsigned char *out, unsigned long *outlen, 51 const unsigned char *in, unsigned long inlen, ...) 52 LTC_NULL_TERMINATED; 53 int omac_file(int cipher, 54 const unsigned char *key, unsigned long keylen, 55 const char *filename, 56 unsigned char *out, unsigned long *outlen); 57 int omac_test(void); 58 #endif /* LTC_OMAC */ 59 60 #ifdef LTC_PMAC 61 62 typedef struct { 63 unsigned char Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */ 64 Li[MAXBLOCKSIZE], /* value of Li [current value, we calc from previous recall] */ 65 Lr[MAXBLOCKSIZE], /* L * x^-1 */ 66 block[MAXBLOCKSIZE], /* currently accumulated block */ 67 checksum[MAXBLOCKSIZE]; /* current checksum */ 68 69 symmetric_key key; /* scheduled key for cipher */ 70 unsigned long block_index; /* index # for current block */ 71 int cipher_idx, /* cipher idx */ 72 block_len, /* length of block */ 73 buflen; /* number of bytes in the buffer */ 74 } pmac_state; 75 76 int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen); 77 int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen); 78 int pmac_done(pmac_state *pmac, unsigned char *out, unsigned long *outlen); 79 80 int pmac_memory(int cipher, 81 const unsigned char *key, unsigned long keylen, 82 const unsigned char *in, unsigned long inlen, 83 unsigned char *out, unsigned long *outlen); 84 85 int pmac_memory_multi(int cipher, 86 const unsigned char *key, unsigned long keylen, 87 unsigned char *out, unsigned long *outlen, 88 const unsigned char *in, unsigned long inlen, ...) 89 LTC_NULL_TERMINATED; 90 91 int pmac_file(int cipher, 92 const unsigned char *key, unsigned long keylen, 93 const char *filename, 94 unsigned char *out, unsigned long *outlen); 95 96 int pmac_test(void); 97 98 /* internal functions */ 99 int pmac_ntz(unsigned long x); 100 void pmac_shift_xor(pmac_state *pmac); 101 102 #endif /* PMAC */ 103 104 #ifdef LTC_POLY1305 105 typedef struct { 106 ulong32 r[5]; 107 ulong32 h[5]; 108 ulong32 pad[4]; 109 unsigned long leftover; 110 unsigned char buffer[16]; 111 int final; 112 } poly1305_state; 113 114 int poly1305_init(poly1305_state *st, const unsigned char *key, unsigned long keylen); 115 int poly1305_process(poly1305_state *st, const unsigned char *in, unsigned long inlen); 116 int poly1305_done(poly1305_state *st, unsigned char *mac, unsigned long *maclen); 117 int poly1305_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); 118 int poly1305_memory_multi(const unsigned char *key, unsigned long keylen, 119 unsigned char *mac, unsigned long *maclen, 120 const unsigned char *in, unsigned long inlen, ...) 121 LTC_NULL_TERMINATED; 122 int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); 123 int poly1305_test(void); 124 #endif /* LTC_POLY1305 */ 125 126 #ifdef LTC_BLAKE2SMAC 127 typedef hash_state blake2smac_state; 128 int blake2smac_init(blake2smac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); 129 int blake2smac_process(blake2smac_state *st, const unsigned char *in, unsigned long inlen); 130 int blake2smac_done(blake2smac_state *st, unsigned char *mac, unsigned long *maclen); 131 int blake2smac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); 132 int blake2smac_memory_multi(const unsigned char *key, unsigned long keylen, 133 unsigned char *mac, unsigned long *maclen, 134 const unsigned char *in, unsigned long inlen, ...) 135 LTC_NULL_TERMINATED; 136 int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); 137 int blake2smac_test(void); 138 #endif /* LTC_BLAKE2SMAC */ 139 140 #ifdef LTC_BLAKE2BMAC 141 typedef hash_state blake2bmac_state; 142 int blake2bmac_init(blake2bmac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); 143 int blake2bmac_process(blake2bmac_state *st, const unsigned char *in, unsigned long inlen); 144 int blake2bmac_done(blake2bmac_state *st, unsigned char *mac, unsigned long *maclen); 145 int blake2bmac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); 146 int blake2bmac_memory_multi(const unsigned char *key, unsigned long keylen, 147 unsigned char *mac, unsigned long *maclen, 148 const unsigned char *in, unsigned long inlen, ...) 149 LTC_NULL_TERMINATED; 150 int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); 151 int blake2bmac_test(void); 152 #endif /* LTC_BLAKE2BMAC */ 153 154 155 #ifdef LTC_PELICAN 156 157 typedef struct pelican_state 158 { 159 symmetric_key K; 160 unsigned char state[16]; 161 int buflen; 162 } pelican_state; 163 164 int pelican_init(pelican_state *pelmac, const unsigned char *key, unsigned long keylen); 165 int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned long inlen); 166 int pelican_done(pelican_state *pelmac, unsigned char *out); 167 int pelican_test(void); 168 169 int pelican_memory(const unsigned char *key, unsigned long keylen, 170 const unsigned char *in, unsigned long inlen, 171 unsigned char *out); 172 173 #endif 174 175 #ifdef LTC_XCBC 176 177 /* add this to "keylen" to xcbc_init to use a pure three-key XCBC MAC */ 178 #define LTC_XCBC_PURE 0x8000UL 179 180 typedef struct { 181 unsigned char K[3][MAXBLOCKSIZE], 182 IV[MAXBLOCKSIZE]; 183 184 symmetric_key key; 185 186 int cipher, 187 buflen, 188 blocksize; 189 } xcbc_state; 190 191 int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen); 192 int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen); 193 int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen); 194 int xcbc_memory(int cipher, 195 const unsigned char *key, unsigned long keylen, 196 const unsigned char *in, unsigned long inlen, 197 unsigned char *out, unsigned long *outlen); 198 int xcbc_memory_multi(int cipher, 199 const unsigned char *key, unsigned long keylen, 200 unsigned char *out, unsigned long *outlen, 201 const unsigned char *in, unsigned long inlen, ...) 202 LTC_NULL_TERMINATED; 203 int xcbc_file(int cipher, 204 const unsigned char *key, unsigned long keylen, 205 const char *filename, 206 unsigned char *out, unsigned long *outlen); 207 int xcbc_test(void); 208 209 #endif 210 211 #ifdef LTC_F9_MODE 212 213 typedef struct { 214 unsigned char akey[MAXBLOCKSIZE], 215 ACC[MAXBLOCKSIZE], 216 IV[MAXBLOCKSIZE]; 217 218 symmetric_key key; 219 220 int cipher, 221 buflen, 222 keylen, 223 blocksize; 224 } f9_state; 225 226 int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen); 227 int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen); 228 int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen); 229 int f9_memory(int cipher, 230 const unsigned char *key, unsigned long keylen, 231 const unsigned char *in, unsigned long inlen, 232 unsigned char *out, unsigned long *outlen); 233 int f9_memory_multi(int cipher, 234 const unsigned char *key, unsigned long keylen, 235 unsigned char *out, unsigned long *outlen, 236 const unsigned char *in, unsigned long inlen, ...) 237 LTC_NULL_TERMINATED; 238 int f9_file(int cipher, 239 const unsigned char *key, unsigned long keylen, 240 const char *fname, 241 unsigned char *out, unsigned long *outlen); 242 int f9_test(void); 243 244 #endif 245 246 /* 247 * ENC+AUTH modes 248 */ 249 250 #ifdef LTC_EAX_MODE 251 252 #if !(defined(LTC_OMAC) && defined(LTC_CTR_MODE)) 253 #error LTC_EAX_MODE requires LTC_OMAC and CTR 254 #endif 255 256 typedef struct { 257 unsigned char N[MAXBLOCKSIZE]; 258 symmetric_CTR ctr; 259 omac_state headeromac, ctomac; 260 } eax_state; 261 262 int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long keylen, 263 const unsigned char *nonce, unsigned long noncelen, 264 const unsigned char *header, unsigned long headerlen); 265 266 int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, unsigned long length); 267 int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt, unsigned long length); 268 int eax_addheader(eax_state *eax, const unsigned char *header, unsigned long length); 269 int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen); 270 271 int eax_encrypt_authenticate_memory(int cipher, 272 const unsigned char *key, unsigned long keylen, 273 const unsigned char *nonce, unsigned long noncelen, 274 const unsigned char *header, unsigned long headerlen, 275 const unsigned char *pt, unsigned long ptlen, 276 unsigned char *ct, 277 unsigned char *tag, unsigned long *taglen); 278 279 int eax_decrypt_verify_memory(int cipher, 280 const unsigned char *key, unsigned long keylen, 281 const unsigned char *nonce, unsigned long noncelen, 282 const unsigned char *header, unsigned long headerlen, 283 const unsigned char *ct, unsigned long ctlen, 284 unsigned char *pt, 285 const unsigned char *tag, unsigned long taglen, 286 int *stat); 287 288 int eax_test(void); 289 #endif /* EAX MODE */ 290 291 #ifdef LTC_OCB_MODE 292 typedef struct { 293 unsigned char L[MAXBLOCKSIZE], /* L value */ 294 Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */ 295 Li[MAXBLOCKSIZE], /* value of Li [current value, we calc from previous recall] */ 296 Lr[MAXBLOCKSIZE], /* L * x^-1 */ 297 R[MAXBLOCKSIZE], /* R value */ 298 checksum[MAXBLOCKSIZE]; /* current checksum */ 299 300 symmetric_key key; /* scheduled key for cipher */ 301 unsigned long block_index; /* index # for current block */ 302 int cipher, /* cipher idx */ 303 block_len; /* length of block */ 304 } ocb_state; 305 306 int ocb_init(ocb_state *ocb, int cipher, 307 const unsigned char *key, unsigned long keylen, const unsigned char *nonce); 308 309 int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct); 310 int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt); 311 312 int ocb_done_encrypt(ocb_state *ocb, 313 const unsigned char *pt, unsigned long ptlen, 314 unsigned char *ct, 315 unsigned char *tag, unsigned long *taglen); 316 317 int ocb_done_decrypt(ocb_state *ocb, 318 const unsigned char *ct, unsigned long ctlen, 319 unsigned char *pt, 320 const unsigned char *tag, unsigned long taglen, int *stat); 321 322 int ocb_encrypt_authenticate_memory(int cipher, 323 const unsigned char *key, unsigned long keylen, 324 const unsigned char *nonce, 325 const unsigned char *pt, unsigned long ptlen, 326 unsigned char *ct, 327 unsigned char *tag, unsigned long *taglen); 328 329 int ocb_decrypt_verify_memory(int cipher, 330 const unsigned char *key, unsigned long keylen, 331 const unsigned char *nonce, 332 const unsigned char *ct, unsigned long ctlen, 333 unsigned char *pt, 334 const unsigned char *tag, unsigned long taglen, 335 int *stat); 336 337 int ocb_test(void); 338 339 /* internal functions */ 340 void ocb_shift_xor(ocb_state *ocb, unsigned char *Z); 341 int ocb_ntz(unsigned long x); 342 int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen, 343 unsigned char *ct, unsigned char *tag, unsigned long *taglen, int mode); 344 345 #endif /* LTC_OCB_MODE */ 346 347 #ifdef LTC_OCB3_MODE 348 typedef struct { 349 unsigned char Offset_0[MAXBLOCKSIZE], /* Offset_0 value */ 350 Offset_current[MAXBLOCKSIZE], /* Offset_{current_block_index} value */ 351 L_dollar[MAXBLOCKSIZE], /* L_$ value */ 352 L_star[MAXBLOCKSIZE], /* L_* value */ 353 L_[32][MAXBLOCKSIZE], /* L_{i} values */ 354 tag_part[MAXBLOCKSIZE], /* intermediate result of tag calculation */ 355 checksum[MAXBLOCKSIZE]; /* current checksum */ 356 357 /* AAD related members */ 358 unsigned char aSum_current[MAXBLOCKSIZE], /* AAD related helper variable */ 359 aOffset_current[MAXBLOCKSIZE], /* AAD related helper variable */ 360 adata_buffer[MAXBLOCKSIZE]; /* AAD buffer */ 361 int adata_buffer_bytes; /* bytes in AAD buffer */ 362 unsigned long ablock_index; /* index # for current adata (AAD) block */ 363 364 symmetric_key key; /* scheduled key for cipher */ 365 unsigned long block_index; /* index # for current data block */ 366 int cipher, /* cipher idx */ 367 tag_len, /* length of tag */ 368 block_len; /* length of block */ 369 } ocb3_state; 370 371 int ocb3_init(ocb3_state *ocb, int cipher, 372 const unsigned char *key, unsigned long keylen, 373 const unsigned char *nonce, unsigned long noncelen, 374 unsigned long taglen); 375 376 int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct); 377 int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt); 378 int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct); 379 int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt); 380 int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen); 381 int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen); 382 383 int ocb3_encrypt_authenticate_memory(int cipher, 384 const unsigned char *key, unsigned long keylen, 385 const unsigned char *nonce, unsigned long noncelen, 386 const unsigned char *adata, unsigned long adatalen, 387 const unsigned char *pt, unsigned long ptlen, 388 unsigned char *ct, 389 unsigned char *tag, unsigned long *taglen); 390 391 int ocb3_decrypt_verify_memory(int cipher, 392 const unsigned char *key, unsigned long keylen, 393 const unsigned char *nonce, unsigned long noncelen, 394 const unsigned char *adata, unsigned long adatalen, 395 const unsigned char *ct, unsigned long ctlen, 396 unsigned char *pt, 397 const unsigned char *tag, unsigned long taglen, 398 int *stat); 399 400 int ocb3_test(void); 401 402 #endif /* LTC_OCB3_MODE */ 403 404 #ifdef LTC_CCM_MODE 405 406 #define CCM_ENCRYPT LTC_ENCRYPT 407 #define CCM_DECRYPT LTC_DECRYPT 408 409 typedef struct { 410 symmetric_key K; 411 int cipher, /* which cipher */ 412 taglen, /* length of the tag (encoded in M value) */ 413 x; /* index in PAD */ 414 415 unsigned long L, /* L value */ 416 ptlen, /* length that will be enc / dec */ 417 current_ptlen, /* current processed length */ 418 aadlen, /* length of the aad */ 419 current_aadlen, /* length of the currently provided add */ 420 noncelen; /* length of the nonce */ 421 422 unsigned char PAD[16], /* flags | Nonce N | l(m) */ 423 ctr[16], 424 CTRPAD[16], 425 CTRlen; 426 } ccm_state; 427 428 int ccm_init(ccm_state *ccm, int cipher, 429 const unsigned char *key, int keylen, int ptlen, int taglen, int aadlen); 430 431 int ccm_reset(ccm_state *ccm); 432 433 int ccm_add_nonce(ccm_state *ccm, 434 const unsigned char *nonce, unsigned long noncelen); 435 436 int ccm_add_aad(ccm_state *ccm, 437 const unsigned char *adata, unsigned long adatalen); 438 439 int ccm_process(ccm_state *ccm, 440 unsigned char *pt, unsigned long ptlen, 441 unsigned char *ct, 442 int direction); 443 444 int ccm_done(ccm_state *ccm, 445 unsigned char *tag, unsigned long *taglen); 446 447 int ccm_memory(int cipher, 448 const unsigned char *key, unsigned long keylen, 449 symmetric_key *uskey, 450 const unsigned char *nonce, unsigned long noncelen, 451 const unsigned char *header, unsigned long headerlen, 452 unsigned char *pt, unsigned long ptlen, 453 unsigned char *ct, 454 unsigned char *tag, unsigned long *taglen, 455 int direction); 456 457 int ccm_test(void); 458 459 #endif /* LTC_CCM_MODE */ 460 461 #if defined(LRW_MODE) || defined(LTC_GCM_MODE) 462 void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c); 463 #endif 464 465 466 /* table shared between GCM and LRW */ 467 #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST)) 468 extern const unsigned char gcm_shift_table[]; 469 #endif 470 471 #ifdef LTC_GCM_MODE 472 473 #define GCM_ENCRYPT LTC_ENCRYPT 474 #define GCM_DECRYPT LTC_DECRYPT 475 476 #define LTC_GCM_MODE_IV 0 477 #define LTC_GCM_MODE_AAD 1 478 #define LTC_GCM_MODE_TEXT 2 479 480 typedef struct { 481 symmetric_key K; 482 unsigned char H[16], /* multiplier */ 483 X[16], /* accumulator */ 484 Y[16], /* counter */ 485 Y_0[16], /* initial counter */ 486 buf[16]; /* buffer for stuff */ 487 488 int cipher, /* which cipher */ 489 ivmode, /* Which mode is the IV in? */ 490 mode, /* mode the GCM code is in */ 491 buflen; /* length of data in buf */ 492 493 ulong64 totlen, /* 64-bit counter used for IV and AAD */ 494 pttotlen; /* 64-bit counter for the PT */ 495 496 #ifdef LTC_GCM_TABLES 497 unsigned char PC[16][256][16] /* 16 tables of 8x128 */ 498 #ifdef LTC_GCM_TABLES_SSE2 499 LTC_ALIGN(16) 500 #endif 501 ; 502 #endif 503 } gcm_state; 504 505 void gcm_mult_h(const gcm_state *gcm, unsigned char *I); 506 507 int gcm_init(gcm_state *gcm, int cipher, 508 const unsigned char *key, int keylen); 509 510 int gcm_reset(gcm_state *gcm); 511 512 int gcm_add_iv(gcm_state *gcm, 513 const unsigned char *IV, unsigned long IVlen); 514 515 int gcm_add_aad(gcm_state *gcm, 516 const unsigned char *adata, unsigned long adatalen); 517 518 int gcm_process(gcm_state *gcm, 519 unsigned char *pt, unsigned long ptlen, 520 unsigned char *ct, 521 int direction); 522 523 int gcm_done(gcm_state *gcm, 524 unsigned char *tag, unsigned long *taglen); 525 526 int gcm_memory( int cipher, 527 const unsigned char *key, unsigned long keylen, 528 const unsigned char *IV, unsigned long IVlen, 529 const unsigned char *adata, unsigned long adatalen, 530 unsigned char *pt, unsigned long ptlen, 531 unsigned char *ct, 532 unsigned char *tag, unsigned long *taglen, 533 int direction); 534 int gcm_test(void); 535 536 #endif /* LTC_GCM_MODE */ 537 538 #ifdef LTC_CHACHA20POLY1305_MODE 539 540 typedef struct { 541 poly1305_state poly; 542 chacha_state chacha; 543 ulong64 aadlen; 544 ulong64 ctlen; 545 int aadflg; 546 } chacha20poly1305_state; 547 548 #define CHACHA20POLY1305_ENCRYPT LTC_ENCRYPT 549 #define CHACHA20POLY1305_DECRYPT LTC_DECRYPT 550 551 int chacha20poly1305_init(chacha20poly1305_state *st, const unsigned char *key, unsigned long keylen); 552 int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen); 553 int chacha20poly1305_setiv_rfc7905(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 sequence_number); 554 int chacha20poly1305_add_aad(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen); 555 int chacha20poly1305_encrypt(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); 556 int chacha20poly1305_decrypt(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); 557 int chacha20poly1305_done(chacha20poly1305_state *st, unsigned char *tag, unsigned long *taglen); 558 int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, 559 const unsigned char *iv, unsigned long ivlen, 560 const unsigned char *aad, unsigned long aadlen, 561 const unsigned char *in, unsigned long inlen, 562 unsigned char *out, 563 unsigned char *tag, unsigned long *taglen, 564 int direction); 565 int chacha20poly1305_test(void); 566 567 #endif /* LTC_CHACHA20POLY1305_MODE */ 568