cryptonitize AES, and add foreign function interfaces to it (not exported).

Crypto/Cipher/AES/Internal.hs

@@ -0,0 +1,84 @@
+-- |
+-- Module      : Crypto.Cipher.AES.Internal
+-- License     : BSD-style
+-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
+-- Stability   : stable
+-- Portability : good
+--
+{-# LANGUAGE ForeignFunctionInterface #-}
+{-# LANGUAGE EmptyDataDecls #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+module Crypto.Cipher.AES.Internal
+    (
+    ) where
+
+import Data.Word
+import Foreign.Ptr
+import Foreign.C.Types
+import Foreign.C.String
+
+data AES
+data AESOCB
+data AESGCM
+
+------------------------------------------------------------------------
+foreign import ccall "cryptonite_aes.h cryptonite_aes_initkey"
+    c_aes_init :: Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_ecb"
+    c_aes_encrypt_ecb :: CString -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_ecb"
+    c_aes_decrypt_ecb :: CString -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_cbc"
+    c_aes_encrypt_cbc :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_cbc"
+    c_aes_decrypt_cbc :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_xts"
+    c_aes_encrypt_xts :: CString -> Ptr AES -> Ptr AES -> Ptr Word8 -> CUInt -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_xts"
+    c_aes_decrypt_xts :: CString -> Ptr AES -> Ptr AES -> Ptr Word8 -> CUInt -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gen_ctr"
+    c_aes_gen_ctr :: CString -> Ptr AES -> Ptr Word8 -> CUInt -> IO ()
+
+foreign import ccall unsafe "cryptonite_aes.h cryptonite_aes_gen_ctr_cont"
+    c_aes_gen_ctr_cont :: CString -> Ptr AES -> Ptr Word8 -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_ctr"
+    c_aes_encrypt_ctr :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_init"
+    c_aes_gcm_init :: Ptr AESGCM -> Ptr AES -> Ptr Word8 -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_aad"
+    c_aes_gcm_aad :: Ptr AESGCM -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_encrypt"
+    c_aes_gcm_encrypt :: CString -> Ptr AESGCM -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_decrypt"
+    c_aes_gcm_decrypt :: CString -> Ptr AESGCM -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_finish"
+    c_aes_gcm_finish :: CString -> Ptr AESGCM -> Ptr AES -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_init"
+    c_aes_ocb_init :: Ptr AESOCB -> Ptr AES -> Ptr Word8 -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_aad"
+    c_aes_ocb_aad :: Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_encrypt"
+    c_aes_ocb_encrypt :: CString -> Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_decrypt"
+    c_aes_ocb_decrypt :: CString -> Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO ()
+
+foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_finish"
+    c_aes_ocb_finish :: CString -> Ptr AESOCB -> Ptr AES -> IO ()

cbits/aes/generic.c

@@ -403,7 +403,7 @@ static void aes_main_inv(aes_key *key, uint8_t *state)
 	t[2] = f[8]; t[6] = f[9]; t[10] = f[10]; t[14] = f[11]; \
 	t[3] = f[12]; t[7] = f[13]; t[11] = f[14]; t[15] = f[15]
 
-void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input)
+void cryptonite_aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input)
 {
 	uint8_t block[16];
 	uint8_t *iptr, *optr;
@@ -415,7 +415,7 @@ void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input
 	swap_block(optr, block);
 }
 
-void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input)
+void cryptonite_aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input)
 {
 	uint8_t block[16];
 	uint8_t *iptr, *optr;
@@ -427,7 +427,7 @@ void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input
 	swap_block(optr, block);
 }
 
-void aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size)
+void cryptonite_aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size)
 {
 	int esz;
 

cbits/aes/generic.h

@@ -29,6 +29,6 @@
  */
 #include "cryptonite_aes.h"
 
-void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input);
+void cryptonite_aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input);
-void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input);
+void cryptonite_aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input);
-void aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size);
+void cryptonite_aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size);

cbits/cryptonite_aes.c

@@ -39,19 +39,19 @@
 #include <aes/gf.h>
 #include <aes/x86ni.h>
 
-void aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks);
+void cryptonite_aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks);
-void aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks);
+void cryptonite_aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks);
-void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks);
+void cryptonite_aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks);
-void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks);
+void cryptonite_aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks);
-void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t length);
+void cryptonite_aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t length);
-void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                              uint32_t spoint, aes_block *input, uint32_t nb_blocks);
-void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                              uint32_t spoint, aes_block *input, uint32_t nb_blocks);
-void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length);
+void cryptonite_aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length);
-void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length);
+void cryptonite_aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length);
-void aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length);
+void cryptonite_aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length);
-void aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length);
+void cryptonite_aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length);
 
 enum {
 	/* init */
@@ -80,55 +80,55 @@ enum {
 
 void *branch_table[] = {
 	/* INIT */
-	[INIT_128]          = aes_generic_init,
+	[INIT_128]          = cryptonite_aes_generic_init,
-	[INIT_192]          = aes_generic_init,
+	[INIT_192]          = cryptonite_aes_generic_init,
-	[INIT_256]          = aes_generic_init,
+	[INIT_256]          = cryptonite_aes_generic_init,
 	/* BLOCK */
-	[ENCRYPT_BLOCK_128] = aes_generic_encrypt_block,
+	[ENCRYPT_BLOCK_128] = cryptonite_aes_generic_encrypt_block,
-	[ENCRYPT_BLOCK_192] = aes_generic_encrypt_block,
+	[ENCRYPT_BLOCK_192] = cryptonite_aes_generic_encrypt_block,
-	[ENCRYPT_BLOCK_256] = aes_generic_encrypt_block,
+	[ENCRYPT_BLOCK_256] = cryptonite_aes_generic_encrypt_block,
-	[DECRYPT_BLOCK_128] = aes_generic_decrypt_block,
+	[DECRYPT_BLOCK_128] = cryptonite_aes_generic_decrypt_block,
-	[DECRYPT_BLOCK_192] = aes_generic_decrypt_block,
+	[DECRYPT_BLOCK_192] = cryptonite_aes_generic_decrypt_block,
-	[DECRYPT_BLOCK_256] = aes_generic_decrypt_block,
+	[DECRYPT_BLOCK_256] = cryptonite_aes_generic_decrypt_block,
 	/* ECB */
-	[ENCRYPT_ECB_128]   = aes_generic_encrypt_ecb,
+	[ENCRYPT_ECB_128]   = cryptonite_aes_generic_encrypt_ecb,
-	[ENCRYPT_ECB_192]   = aes_generic_encrypt_ecb,
+	[ENCRYPT_ECB_192]   = cryptonite_aes_generic_encrypt_ecb,
-	[ENCRYPT_ECB_256]   = aes_generic_encrypt_ecb,
+	[ENCRYPT_ECB_256]   = cryptonite_aes_generic_encrypt_ecb,
-	[DECRYPT_ECB_128]   = aes_generic_decrypt_ecb,
+	[DECRYPT_ECB_128]   = cryptonite_aes_generic_decrypt_ecb,
-	[DECRYPT_ECB_192]   = aes_generic_decrypt_ecb,
+	[DECRYPT_ECB_192]   = cryptonite_aes_generic_decrypt_ecb,
-	[DECRYPT_ECB_256]   = aes_generic_decrypt_ecb,
+	[DECRYPT_ECB_256]   = cryptonite_aes_generic_decrypt_ecb,
 	/* CBC */
-	[ENCRYPT_CBC_128]   = aes_generic_encrypt_cbc,
+	[ENCRYPT_CBC_128]   = cryptonite_aes_generic_encrypt_cbc,
-	[ENCRYPT_CBC_192]   = aes_generic_encrypt_cbc,
+	[ENCRYPT_CBC_192]   = cryptonite_aes_generic_encrypt_cbc,
-	[ENCRYPT_CBC_256]   = aes_generic_encrypt_cbc,
+	[ENCRYPT_CBC_256]   = cryptonite_aes_generic_encrypt_cbc,
-	[DECRYPT_CBC_128]   = aes_generic_decrypt_cbc,
+	[DECRYPT_CBC_128]   = cryptonite_aes_generic_decrypt_cbc,
-	[DECRYPT_CBC_192]   = aes_generic_decrypt_cbc,
+	[DECRYPT_CBC_192]   = cryptonite_aes_generic_decrypt_cbc,
-	[DECRYPT_CBC_256]   = aes_generic_decrypt_cbc,
+	[DECRYPT_CBC_256]   = cryptonite_aes_generic_decrypt_cbc,
 	/* CTR */
-	[ENCRYPT_CTR_128]   = aes_generic_encrypt_ctr,
+	[ENCRYPT_CTR_128]   = cryptonite_aes_generic_encrypt_ctr,
-	[ENCRYPT_CTR_192]   = aes_generic_encrypt_ctr,
+	[ENCRYPT_CTR_192]   = cryptonite_aes_generic_encrypt_ctr,
-	[ENCRYPT_CTR_256]   = aes_generic_encrypt_ctr,
+	[ENCRYPT_CTR_256]   = cryptonite_aes_generic_encrypt_ctr,
 	/* XTS */
-	[ENCRYPT_XTS_128]   = aes_generic_encrypt_xts,
+	[ENCRYPT_XTS_128]   = cryptonite_aes_generic_encrypt_xts,
-	[ENCRYPT_XTS_192]   = aes_generic_encrypt_xts,
+	[ENCRYPT_XTS_192]   = cryptonite_aes_generic_encrypt_xts,
-	[ENCRYPT_XTS_256]   = aes_generic_encrypt_xts,
+	[ENCRYPT_XTS_256]   = cryptonite_aes_generic_encrypt_xts,
-	[DECRYPT_XTS_128]   = aes_generic_decrypt_xts,
+	[DECRYPT_XTS_128]   = cryptonite_aes_generic_decrypt_xts,
-	[DECRYPT_XTS_192]   = aes_generic_decrypt_xts,
+	[DECRYPT_XTS_192]   = cryptonite_aes_generic_decrypt_xts,
-	[DECRYPT_XTS_256]   = aes_generic_decrypt_xts,
+	[DECRYPT_XTS_256]   = cryptonite_aes_generic_decrypt_xts,
 	/* GCM */
-	[ENCRYPT_GCM_128]   = aes_generic_gcm_encrypt,
+	[ENCRYPT_GCM_128]   = cryptonite_aes_generic_gcm_encrypt,
-	[ENCRYPT_GCM_192]   = aes_generic_gcm_encrypt,
+	[ENCRYPT_GCM_192]   = cryptonite_aes_generic_gcm_encrypt,
-	[ENCRYPT_GCM_256]   = aes_generic_gcm_encrypt,
+	[ENCRYPT_GCM_256]   = cryptonite_aes_generic_gcm_encrypt,
-	[DECRYPT_GCM_128]   = aes_generic_gcm_decrypt,
+	[DECRYPT_GCM_128]   = cryptonite_aes_generic_gcm_decrypt,
-	[DECRYPT_GCM_192]   = aes_generic_gcm_decrypt,
+	[DECRYPT_GCM_192]   = cryptonite_aes_generic_gcm_decrypt,
-	[DECRYPT_GCM_256]   = aes_generic_gcm_decrypt,
+	[DECRYPT_GCM_256]   = cryptonite_aes_generic_gcm_decrypt,
 	/* OCB */
-	[ENCRYPT_OCB_128]   = aes_generic_ocb_encrypt,
+	[ENCRYPT_OCB_128]   = cryptonite_aes_generic_ocb_encrypt,
-	[ENCRYPT_OCB_192]   = aes_generic_ocb_encrypt,
+	[ENCRYPT_OCB_192]   = cryptonite_aes_generic_ocb_encrypt,
-	[ENCRYPT_OCB_256]   = aes_generic_ocb_encrypt,
+	[ENCRYPT_OCB_256]   = cryptonite_aes_generic_ocb_encrypt,
-	[DECRYPT_OCB_128]   = aes_generic_ocb_decrypt,
+	[DECRYPT_OCB_128]   = cryptonite_aes_generic_ocb_decrypt,
-	[DECRYPT_OCB_192]   = aes_generic_ocb_decrypt,
+	[DECRYPT_OCB_192]   = cryptonite_aes_generic_ocb_decrypt,
-	[DECRYPT_OCB_256]   = aes_generic_ocb_decrypt,
+	[DECRYPT_OCB_256]   = cryptonite_aes_generic_ocb_decrypt,
 };
 
 typedef void (*init_f)(aes_key *, uint8_t *, uint8_t);
@@ -165,9 +165,9 @@ typedef void (*block_f)(aes_block *output, aes_key *key, aes_block *input);
 	((ocb_crypt_f) (branch_table[ENCRYPT_OCB_128 + strength]))
 #define GET_OCB_DECRYPT(strength) \
 	((ocb_crypt_f) (branch_table[DECRYPT_OCB_128 + strength]))
-#define aes_encrypt_block(o,k,i) \
+#define cryptonite_aes_encrypt_block(o,k,i) \
 	(((block_f) (branch_table[ENCRYPT_BLOCK_128 + k->strength]))(o,k,i))
-#define aes_decrypt_block(o,k,i) \
+#define cryptonite_aes_decrypt_block(o,k,i) \
 	(((block_f) (branch_table[DECRYPT_BLOCK_128 + k->strength]))(o,k,i))
 #else
 #define GET_INIT(strenght) aes_generic_init
@@ -182,8 +182,8 @@ typedef void (*block_f)(aes_block *output, aes_key *key, aes_block *input);
 #define GET_GCM_DECRYPT(strength) aes_generic_gcm_decrypt
 #define GET_OCB_ENCRYPT(strength) aes_generic_ocb_encrypt
 #define GET_OCB_DECRYPT(strength) aes_generic_ocb_decrypt
-#define aes_encrypt_block(o,k,i) aes_generic_encrypt_block(o,k,i)
+#define cryptonite_aes_encrypt_block(o,k,i) aes_generic_encrypt_block(o,k,i)
-#define aes_decrypt_block(o,k,i) aes_generic_decrypt_block(o,k,i)
+#define cryptonite_aes_decrypt_block(o,k,i) aes_generic_decrypt_block(o,k,i)
 #endif
 
 #if defined(ARCH_X86) && defined(WITH_AESNI)
@@ -225,7 +225,7 @@ static void initialize_table_ni(int aesni, int pclmul)
 }
 #endif
 
-void aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size)
+void cryptonite_aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size)
 {
 	switch (size) {
 	case 16: key->nbr = 10; key->strength = 0; break;
@@ -239,31 +239,31 @@ void aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size)
 	_init(key, origkey, size);
 }
 
-void aes_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
 {
 	ecb_f e = GET_ECB_ENCRYPT(key->strength);
 	e(output, key, input, nb_blocks);
 }
 
-void aes_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
 {
 	ecb_f d = GET_ECB_DECRYPT(key->strength);
 	d(output, key, input, nb_blocks);
 }
 
-void aes_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
 {
 	cbc_f e = GET_CBC_ENCRYPT(key->strength);
 	e(output, key, iv, input, nb_blocks);
 }
 
-void aes_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
 {
 	cbc_f d = GET_CBC_DECRYPT(key->strength);
 	d(output, key, iv, input, nb_blocks);
 }
 
-void aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t nb_blocks)
+void cryptonite_aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t nb_blocks)
 {
 	aes_block block;
 
@@ -271,11 +271,11 @@ void aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t
 	block128_copy(&block, iv);
 
 	for ( ; nb_blocks-- > 0; output++, block128_inc_be(&block)) {
-		aes_encrypt_block(output, key, &block);
+		cryptonite_aes_encrypt_block(output, key, &block);
 	}
 }
 
-void aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t nb_blocks)
+void cryptonite_aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t nb_blocks)
 {
 	aes_block block;
 
@@ -283,51 +283,51 @@ void aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t n
 	block128_copy(&block, iv);
 
 	for ( ; nb_blocks-- > 0; output++, block128_inc_be(&block)) {
-		aes_encrypt_block(output, key, &block);
+		cryptonite_aes_encrypt_block(output, key, &block);
 	}
 
 	/* copy back the IV */
 	block128_copy(iv, &block);
 }
 
-void aes_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len)
+void cryptonite_aes_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len)
 {
 	ctr_f e = GET_CTR_ENCRYPT(key->strength);
 	e(output, key, iv, input, len);
 }
 
-void aes_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                      uint32_t spoint, aes_block *input, uint32_t nb_blocks)
 {
 	xts_f e = GET_XTS_ENCRYPT(k1->strength);
 	e(output, k1, k2, dataunit, spoint, input, nb_blocks);
 }
 
-void aes_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                      uint32_t spoint, aes_block *input, uint32_t nb_blocks)
 {
-	aes_generic_decrypt_xts(output, k1, k2, dataunit, spoint, input, nb_blocks);
+	cryptonite_aes_generic_decrypt_xts(output, k1, k2, dataunit, spoint, input, nb_blocks);
 }
 
-void aes_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
 {
 	gcm_crypt_f e = GET_GCM_ENCRYPT(key->strength);
 	e(output, gcm, key, input, length);
 }
 
-void aes_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
 {
 	gcm_crypt_f d = GET_GCM_DECRYPT(key->strength);
 	d(output, gcm, key, input, length);
 }
 
-void aes_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 {
 	ocb_crypt_f e = GET_OCB_ENCRYPT(key->strength);
 	e(output, ocb, key, input, length);
 }
 
-void aes_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 {
 	ocb_crypt_f d = GET_OCB_DECRYPT(key->strength);
 	d(output, ocb, key, input, length);
@@ -339,7 +339,7 @@ static void gcm_ghash_add(aes_gcm *gcm, block128 *b)
 	gf_mul(&gcm->tag, &gcm->h);
 }
 
-void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len)
+void cryptonite_aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len)
 {
 	gcm->length_aad = 0;
 	gcm->length_input = 0;
@@ -349,7 +349,7 @@ void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len)
 	block128_zero(&gcm->iv);
 
 	/* prepare H : encrypt_K(0^128) */
-	aes_encrypt_block(&gcm->h, key, &gcm->h);
+	cryptonite_aes_encrypt_block(&gcm->h, key, &gcm->h);
 
 	if (len == 12) {
 		block128_copy_bytes(&gcm->iv, iv, 12);
@@ -373,7 +373,7 @@ void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len)
 	block128_copy(&gcm->civ, &gcm->iv);
 }
 
-void aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length)
+void cryptonite_aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length)
 {
 	gcm->length_aad += length;
 	for (; length >= 16; input += 16, length -= 16) {
@@ -388,7 +388,7 @@ void aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length)
 
 }
 
-void aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key)
+void cryptonite_aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key)
 {
 	aes_block lblock;
 	int i;
@@ -398,7 +398,7 @@ void aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key)
 	lblock.q[1] = cpu_to_be64(gcm->length_input << 3);
 	gcm_ghash_add(gcm, &lblock);
 
-	aes_encrypt_block(&lblock, key, &gcm->iv);
+	cryptonite_aes_encrypt_block(&lblock, key, &gcm->iv);
 	block128_xor(&gcm->tag, &lblock);
 
 	for (i = 0; i < 16; i++) {
@@ -432,7 +432,7 @@ static void ocb_get_L_i(block128 *l, block128 *lis, unsigned int i)
 #undef L_CACHED
 }
 
-void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len)
+void cryptonite_aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len)
 {
 	block128 tmp, nonce, ktop;
 	unsigned char stretch[24];
@@ -445,7 +445,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len)
 
 	/* create L*, and L$,L0,L1,L2,L3 */
 	block128_zero(&tmp);
-	aes_encrypt_block(&ocb->lstar, key, &tmp);
+	cryptonite_aes_encrypt_block(&ocb->lstar, key, &tmp);
 
 	ocb_block_double(&ocb->ldollar, &ocb->lstar);
 	ocb_block_double(&ocb->li[0], &ocb->ldollar);
@@ -460,7 +460,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len)
 	nonce.b[16-12-1] |= 0x01;
 	bottom = nonce.b[15] & 0x3F;
 	nonce.b[15] &= 0xC0;
-	aes_encrypt_block(&ktop, key, &nonce);
+	cryptonite_aes_encrypt_block(&ktop, key, &nonce);
 	memcpy(stretch, ktop.b, 16);
 
 	memcpy(tmp.b, ktop.b + 1, 8);
@@ -483,7 +483,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len)
 	block128_zero(&ocb->offset_aad);
 }
 
-void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 {
 	block128 tmp;
 	unsigned int i;
@@ -493,7 +493,7 @@ void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 		block128_xor(&ocb->offset_aad, &tmp);
 
 		block128_vxor(&tmp, &ocb->offset_aad, (block128 *) input);
-		aes_encrypt_block(&tmp, key, &tmp);
+		cryptonite_aes_encrypt_block(&tmp, key, &tmp);
 		block128_xor(&ocb->sum_aad, &tmp);
 	}
 
@@ -504,36 +504,36 @@ void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 		block128_copy_bytes(&tmp, input, length);
 		tmp.b[length] = 0x80;
 		block128_xor(&tmp, &ocb->offset_aad);
-		aes_encrypt_block(&tmp, key, &tmp);
+		cryptonite_aes_encrypt_block(&tmp, key, &tmp);
 		block128_xor(&ocb->sum_aad, &tmp);
 	}
 }
 
-void aes_ocb_finish(uint8_t *tag, aes_ocb *ocb, aes_key *key)
+void cryptonite_aes_ocb_finish(uint8_t *tag, aes_ocb *ocb, aes_key *key)
 {
 	block128 tmp;
 
 	block128_vxor(&tmp, &ocb->sum_enc, &ocb->offset_enc);
 	block128_xor(&tmp, &ocb->ldollar);
-	aes_encrypt_block((block128 *) tag, key, &tmp);
+	cryptonite_aes_encrypt_block((block128 *) tag, key, &tmp);
 	block128_xor((block128 *) tag, &ocb->sum_aad);
 }
 
-void aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
 {
 	for ( ; nb_blocks-- > 0; input++, output++) {
-		aes_generic_encrypt_block(output, key, input);
+		cryptonite_aes_generic_encrypt_block(output, key, input);
 	}
 }
 
-void aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks)
 {
 	for ( ; nb_blocks-- > 0; input++, output++) {
-		aes_generic_decrypt_block(output, key, input);
+		cryptonite_aes_generic_decrypt_block(output, key, input);
 	}
 }
 
-void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks)
 {
 	aes_block block;
 
@@ -541,12 +541,12 @@ void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes
 	block128_copy(&block, iv);
 	for ( ; nb_blocks-- > 0; input++, output++) {
 		block128_xor(&block, (block128 *) input);
-		aes_generic_encrypt_block(&block, key, &block);
+		cryptonite_aes_generic_encrypt_block(&block, key, &block);
 		block128_copy((block128 *) output, &block);
 	}
 }
 
-void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini, aes_block *input, uint32_t nb_blocks)
+void cryptonite_aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini, aes_block *input, uint32_t nb_blocks)
 {
 	aes_block block, blocko;
 	aes_block iv;
@@ -555,13 +555,13 @@ void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini,
 	block128_copy(&iv, ivini);
 	for ( ; nb_blocks-- > 0; input++, output++) {
 		block128_copy(&block, (block128 *) input);
-		aes_generic_decrypt_block(&blocko, key, &block);
+		cryptonite_aes_generic_decrypt_block(&blocko, key, &block);
 		block128_vxor((block128 *) output, &blocko, &iv);
 		block128_copy(&iv, &block);
 	}
 }
 
-void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len)
+void cryptonite_aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len)
 {
 	aes_block block, o;
 	uint32_t nb_blocks = len / 16;
@@ -571,12 +571,12 @@ void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8
 	block128_copy(&block, iv);
 
 	for ( ; nb_blocks-- > 0; block128_inc_be(&block), output += 16, input += 16) {
-		aes_encrypt_block(&o, key, &block);
+		cryptonite_aes_encrypt_block(&o, key, &block);
 		block128_vxor((block128 *) output, &o, (block128 *) input);
 	}
 
 	if ((len % 16) != 0) {
-		aes_encrypt_block(&o, key, &block);
+		cryptonite_aes_encrypt_block(&o, key, &block);
 		for (i = 0; i < (len % 16); i++) {
 			*output = ((uint8_t *) &o)[i] ^ *input;
 			output++;
@@ -585,14 +585,14 @@ void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8
 	}
 }
 
-void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                              uint32_t spoint, aes_block *input, uint32_t nb_blocks)
 {
 	aes_block block, tweak;
 
 	/* load IV and encrypt it using k2 as the tweak */
 	block128_copy(&tweak, dataunit);
-	aes_encrypt_block(&tweak, k2, &tweak);
+	cryptonite_aes_encrypt_block(&tweak, k2, &tweak);
 
 	/* TO OPTIMISE: this is really inefficient way to do that */
 	while (spoint-- > 0)
@@ -600,19 +600,19 @@ void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_bl
 
 	for ( ; nb_blocks-- > 0; input++, output++, gf_mulx(&tweak)) {
 		block128_vxor(&block, input, &tweak);
-		aes_encrypt_block(&block, k1, &block);
+		cryptonite_aes_encrypt_block(&block, k1, &block);
 		block128_vxor(output, &block, &tweak);
 	}
 }
 
-void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
+void cryptonite_aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit,
                              uint32_t spoint, aes_block *input, uint32_t nb_blocks)
 {
 	aes_block block, tweak;
 
 	/* load IV and encrypt it using k2 as the tweak */
 	block128_copy(&tweak, dataunit);
-	aes_encrypt_block(&tweak, k2, &tweak);
+	cryptonite_aes_encrypt_block(&tweak, k2, &tweak);
 
 	/* TO OPTIMISE: this is really inefficient way to do that */
 	while (spoint-- > 0)
@@ -620,12 +620,12 @@ void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_bl
 
 	for ( ; nb_blocks-- > 0; input++, output++, gf_mulx(&tweak)) {
 		block128_vxor(&block, input, &tweak);
-		aes_decrypt_block(&block, k1, &block);
+		cryptonite_aes_decrypt_block(&block, k1, &block);
 		block128_vxor(output, &block, &tweak);
 	}
 }
 
-void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
 {
 	aes_block out;
 
@@ -633,7 +633,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_
 	for (; length >= 16; input += 16, output += 16, length -= 16) {
 		block128_inc_be(&gcm->civ);
 
-		aes_encrypt_block(&out, key, &gcm->civ);
+		cryptonite_aes_encrypt_block(&out, key, &gcm->civ);
 		block128_xor(&out, (block128 *) input);
 		gcm_ghash_add(gcm, &out);
 		block128_copy((block128 *) output, &out);
@@ -644,7 +644,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_
 
 		block128_inc_be(&gcm->civ);
 		/* create e(civ) in out */
-		aes_encrypt_block(&out, key, &gcm->civ);
+		cryptonite_aes_encrypt_block(&out, key, &gcm->civ);
 		/* initialize a tmp as input and xor it to e(civ) */
 		block128_zero(&tmp);
 		block128_copy_bytes(&tmp, input, length);
@@ -658,7 +658,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_
 	}
 }
 
-void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length)
 {
 	aes_block out;
 
@@ -666,7 +666,7 @@ void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_
 	for (; length >= 16; input += 16, output += 16, length -= 16) {
 		block128_inc_be(&gcm->civ);
 
-		aes_encrypt_block(&out, key, &gcm->civ);
+		cryptonite_aes_encrypt_block(&out, key, &gcm->civ);
 		gcm_ghash_add(gcm, (block128 *) input);
 		block128_xor(&out, (block128 *) input);
 		block128_copy((block128 *) output, &out);
@@ -681,7 +681,7 @@ void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_
 		block128_copy_bytes(&tmp, input, length);
 		gcm_ghash_add(gcm, &tmp);
 
-		aes_encrypt_block(&out, key, &gcm->civ);
+		cryptonite_aes_encrypt_block(&out, key, &gcm->civ);
 		block128_xor_bytes(&tmp, out.b, length);
 
 		for (i = 0; i < length; i++) {
@@ -703,11 +703,11 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key,
 
 		block128_vxor(&tmp, &ocb->offset_enc, (block128 *) input);
 		if (encrypt) {
-			aes_encrypt_block(&tmp, key, &tmp);
+			cryptonite_aes_encrypt_block(&tmp, key, &tmp);
 			block128_vxor((block128 *) output, &ocb->offset_enc, &tmp);
 			block128_xor(&ocb->sum_enc, (block128 *) input);
 		} else {
-			aes_decrypt_block(&tmp, key, &tmp);
+			cryptonite_aes_decrypt_block(&tmp, key, &tmp);
 			block128_vxor((block128 *) output, &ocb->offset_enc, &tmp);
 			block128_xor(&ocb->sum_enc, (block128 *) output);
 		}
@@ -717,7 +717,7 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key,
 	length = length % 16;
 	if (length > 0) {
 		block128_xor(&ocb->offset_enc, &ocb->lstar);
-		aes_encrypt_block(&pad, key, &ocb->offset_enc);
+		cryptonite_aes_encrypt_block(&pad, key, &ocb->offset_enc);
 
 		if (encrypt) {
 			block128_zero(&tmp);
@@ -739,12 +739,12 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key,
 	}
 }
 
-void aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 {
 	ocb_generic_crypt(output, ocb, key, input, length, 1);
 }
 
-void aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
+void cryptonite_aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length)
 {
 	ocb_generic_crypt(output, ocb, key, input, length, 0);
 }

cryptonite.cabal

@@ -79,7 +79,8 @@ Library
                      Crypto.Random.Entropy
                      Crypto.Random.EntropyPool
                      Crypto.Random.Entropy.Unsafe
-  Other-modules:     Crypto.Hash.Utils
+  Other-modules:     Crypto.Cipher.AES.Internal
+                     Crypto.Hash.Utils
                      Crypto.Hash.Utils.Cpu
                      Crypto.Hash.Types
                      Crypto.Hash.Internal.SHA1