On Tue, Nov 25, 2014 at 10:36 AM, Niels Möller nisse@lysator.liu.se wrote:
I don't have ecb mode at all since it is not used by TLS (or any other protocol). Just cbc, and gcm for now.
Also makes sense. Then you probably should use the nettle_cipher_func type as little as possible. Rather, something like struct aes128_cbc_ctx CBC_CTX(struct aes128); nettle_crypt_func aes128_cbc_encrypt;
/* If you're going to call this function via a generic function pointer only, there's no gain to have a precise context type, it can just as well take a void * argument and cast internally. */ void aes128_cbc_encrypt (void *p...) { struct aes128_cbc_ctx *ctx = (struct aes128_cbc_ctx *) p; CBC_ENCRYPT (ctx, ...); } const struct gnutls_cipher aes128_cbc = { .name = "aes128-cbc", .size = sizeof(aes128_cbc_ctx), .encrypt = aes128_cbc_encrypt, ... };
The disadvantage here is that I need to define encrypt and decrypt functions for each possible cipher and mode. That was the reason for the usage of cbc_encrypt() and decrypt. Anyway I'll look to it.
btw. I realized that nettle-meta.h lacks definitions for 3des, des and salsa20.
regards, Nikos