Thoughts on implementing GCM
Werner Koch
wk at gnupg.org
Tue Apr 6 10:59:31 CEST 2010
On Sun, 4 Apr 2010 11:42, bradh at frogmouth.net said:
> new API (i.e. a peer to the existing cipher, md, etc). However I think it
> should be possible to implement it within the existing cipher code with a
> couple of additional functions - one that adds the additional authenticated
> data (A) and one that retrieves the authentication tag (T). Thoughts on this
> approach?
That is how I would do it.
> I think I may also need to extend struct gcry_cipher_handle. I'd like to store
> the hash subkey (H) - not far enough into the implementation to know if I need
> anything else. Would a union re-using the ctr[MAX_BLOCKSIZE] space be
> preferred, or should I just add new elements?
For easier readability I think it might be better to add new
elements. Merging them with unused elements can be done at any time
later.
Please don't change gcry_cipher_spec_t but change cipher_extra_spec_t
instead - if you need to do that at all.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list