#ifndef LIB_CRYPTO_AES_H
#define LIB_CRYPTO_AES_H 1
-#if CRYPTO_AES_USE_OPENSSL
+#if CRYPTO_AES_USE_NETTLE
+#include <nettle/aes.h>
+#include <nettle/memxor.h>
+
+#define SAMBA_AES_CBC_ENCRYPT 1
+#define SAMBA_AES_CFB8_ENCRYPT 1
+
+typedef struct aes_ctx AES_KEY;
+
+#define AES_set_encrypt_key(userkey, bits, key) \
+ aes_set_encrypt_key(key, bits/8, userkey)
+#define AES_set_decrypt_key(userkey, bits, key) aes_set_decrypt_key(key, bits/8, userkey)
+#define AES_encrypt(src, dst, key) aes_encrypt(key, AES_BLOCK_SIZE, dst, src)
+#define AES_decrypt(src, dst, key) aes_decrypt(key, AES_BLOCK_SIZE, dst, src)
+#define AES_cbc_encrypt samba_AES_cbc_encrypt
+#define AES_cfb8_encrypt samba_AES_cfb8_encrypt
+
+#define AES_ENCRYPT 1
+#define AES_DECRYPT 0
+
+void AES_cbc_encrypt(const unsigned char *, unsigned char *,
+ const unsigned long, const AES_KEY *,
+ unsigned char *, int);
+
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ unsigned long size, const AES_KEY *key,
+ unsigned char *iv, int forward_encrypt);
+
+#define aes_cfb8_encrypt(in, out, size, key, iv, forward_encrypt) \
+ AES_cfb8_encrypt(in, out, size, key, iv, forward_encrypt)
+
+#define aes_block_xor(in1, in2, out) memxor3(out, in1, in2, AES_BLOCK_SIZE)
+
+#elif CRYPTO_AES_USE_OPENSSL
#include <openssl/aes.h>
#define SAMBA_AES_BLOCK_XOR 1
conf.DEFINE('CRYPTO_USE_OPENSSL', 1)
if conf.CHECK_FUNCS_IN('AES_set_encrypt_key', 'crypto', headers='openssl/aes.h'):
conf.DEFINE('CRYPTO_AES_USE_OPENSSL', 1)
+
+if conf.CHECK_FUNCS_IN('gcm_aes_set_key gcm_aes128_set_key', 'nettle', headers='nettle/gcm.h'):
+ conf.DEFINE('CRYPTO_GCM_USE_NETTLE', 1)
+if conf.CHECK_FUNCS_IN('ccm_aes128_set_key', 'nettle', headers='nettle/ccm.h'):
+ conf.DEFINE('CRYPTO_CCM_USE_NETTLE', 1)
+if conf.CHECK_FUNCS_IN('aes_set_encrypt_key', 'nettle', headers='nettle/aes.h'):
+ conf.DEFINE('CRYPTO_AES_USE_NETTLE', 1)