diff options
author | marha <marha@users.sourceforge.net> | 2012-04-10 11:54:31 +0200 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2012-04-10 11:54:31 +0200 |
commit | 5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8 (patch) | |
tree | c800a66664ea3af61eb13928db45a26275930b0b /openssl/crypto/modes/cts128.c | |
parent | d79e641dea89c0d5d651b11971c4c9e14df34629 (diff) | |
parent | 67326634496ef21b4acbf4cef2f05040d34aef9b (diff) | |
download | vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.gz vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.bz2 vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.zip |
Merge remote-tracking branch 'origin/released'
Conflicts:
openssl/Configure
openssl/Makefile
openssl/crypto/opensslconf.h
openssl/util/mk1mf.pl
openssl/util/pl/VC-32.pl
Diffstat (limited to 'openssl/crypto/modes/cts128.c')
-rw-r--r-- | openssl/crypto/modes/cts128.c | 226 |
1 files changed, 216 insertions, 10 deletions
diff --git a/openssl/crypto/modes/cts128.c b/openssl/crypto/modes/cts128.c index e0430f9fd..c0e1f3696 100644 --- a/openssl/crypto/modes/cts128.c +++ b/openssl/crypto/modes/cts128.c @@ -5,7 +5,8 @@ * forms are granted according to the OpenSSL license. */ -#include "modes.h" +#include <openssl/crypto.h> +#include "modes_lcl.h" #include <string.h> #ifndef MODES_DEBUG @@ -23,8 +24,9 @@ * deviates from mentioned RFCs. Most notably it allows input to be * of block length and it doesn't flip the order of the last two * blocks. CTS is being discussed even in ECB context, but it's not - * adopted for any known application. This implementation complies - * with mentioned RFCs and [as such] extends CBC mode. + * adopted for any known application. This implementation provides + * two interfaces: one compliant with above mentioned RFCs and one + * compliant with the NIST proposal, both extending CBC mode. */ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, @@ -54,6 +56,34 @@ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, return len+residue; } +size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], block128_f block) +{ size_t residue, n; + + assert (in && out && key && ivec); + + if (len < 16) return 0; + + residue=len%16; + + len -= residue; + + CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block); + + if (residue==0) return len; + + in += len; + out += len; + + for (n=0; n<residue; ++n) + ivec[n] ^= in[n]; + (*block)(ivec,ivec,key); + memcpy(out-16+residue,ivec,16); + + return len+residue; +} + size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], cbc128_f cbc) @@ -90,6 +120,41 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, return len+residue; } +size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], cbc128_f cbc) +{ size_t residue; + union { size_t align; unsigned char c[16]; } tmp; + + assert (in && out && key && ivec); + + if (len < 16) return 0; + + residue=len%16; + + len -= residue; + + (*cbc)(in,out,len,key,ivec,1); + + if (residue==0) return len; + + in += len; + out += len; + +#if defined(CBC_HANDLES_TRUNCATED_IO) + (*cbc)(in,out-16+residue,residue,key,ivec,1); +#else + { + size_t n; + for (n=0; n<16; n+=sizeof(size_t)) + *(size_t *)(tmp.c+n) = 0; + memcpy(tmp.c,in,residue); + } + (*cbc)(tmp.c,out-16+residue,16,key,ivec,1); +#endif + return len+residue; +} + size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], block128_f block) @@ -125,7 +190,51 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, for(residue+=16; n<residue; ++n) out[n] = tmp.c[n] ^ in[n]; - return len+residue-16; + return 16+len+residue; +} + +size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], block128_f block) +{ size_t residue, n; + union { size_t align; unsigned char c[32]; } tmp; + + assert (in && out && key && ivec); + + if (len<16) return 0; + + residue=len%16; + + if (residue==0) { + CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block); + return len; + } + + len -= 16+residue; + + if (len) { + CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block); + in += len; + out += len; + } + + (*block)(in+residue,tmp.c+16,key); + + for (n=0; n<16; n+=sizeof(size_t)) + *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n); + memcpy(tmp.c,in,residue); + (*block)(tmp.c,tmp.c,key); + + for(n=0; n<16; ++n) { + unsigned char c = in[n]; + out[n] = tmp.c[n] ^ ivec[n]; + ivec[n] = in[n+residue]; + tmp.c[n] = c; + } + for(residue+=16; n<residue; ++n) + out[n] = tmp.c[n] ^ tmp.c[n-16]; + + return 16+len+residue; } size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, @@ -160,7 +269,47 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, (*cbc)(tmp.c,tmp.c,32,key,ivec,0); memcpy(out,tmp.c,16+residue); #endif - return len+residue; + return 16+len+residue; +} + +size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], cbc128_f cbc) +{ size_t residue, n; + union { size_t align; unsigned char c[32]; } tmp; + + assert (in && out && key && ivec); + + if (len<16) return 0; + + residue=len%16; + + if (residue==0) { + (*cbc)(in,out,len,key,ivec,0); + return len; + } + + len -= 16+residue; + + if (len) { + (*cbc)(in,out,len,key,ivec,0); + in += len; + out += len; + } + + for (n=16; n<32; n+=sizeof(size_t)) + *(size_t *)(tmp.c+n) = 0; + /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */ + (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0); + + memcpy(tmp.c,in,residue); +#if defined(CBC_HANDLES_TRUNCATED_IO) + (*cbc)(tmp.c,out,16+residue,key,ivec,0); +#else + (*cbc)(tmp.c,tmp.c,32,key,ivec,0); + memcpy(out,tmp.c,16+residue); +#endif + return 16+len+residue; } #if defined(SELFTEST) @@ -200,9 +349,8 @@ static const unsigned char vector_64[64] = static AES_KEY encks, decks; void test_vector(const unsigned char *vector,size_t len) -{ unsigned char cleartext[64]; - unsigned char iv[sizeof(test_iv)]; - unsigned char ciphertext[64]; +{ unsigned char iv[sizeof(test_iv)]; + unsigned char cleartext[64],ciphertext[64]; size_t tail; printf("vector_%d\n",len); fflush(stdout); @@ -243,7 +391,57 @@ void test_vector(const unsigned char *vector,size_t len) fprintf(stderr,"iv_%d mismatch\n",len), exit(4); } -main() +void test_nistvector(const unsigned char *vector,size_t len) +{ unsigned char iv[sizeof(test_iv)]; + unsigned char cleartext[64],ciphertext[64],nistvector[64]; + size_t tail; + + printf("nistvector_%d\n",len); fflush(stdout); + + if ((tail=len%16) == 0) tail = 16; + + len -= 16 + tail; + memcpy(nistvector,vector,len); + /* flip two last blocks */ + memcpy(nistvector+len,vector+len+16,tail); + memcpy(nistvector+len+tail,vector+len,16); + len += 16 + tail; + tail = 16; + + /* test block-based encryption */ + memcpy(iv,test_iv,sizeof(test_iv)); + CRYPTO_nistcts128_encrypt_block(test_input,ciphertext,len,&encks,iv,(block128_f)AES_encrypt); + if (memcmp(ciphertext,nistvector,len)) + fprintf(stderr,"output_%d mismatch\n",len), exit(1); + if (memcmp(iv,nistvector+len-tail,sizeof(iv))) + fprintf(stderr,"iv_%d mismatch\n",len), exit(1); + + /* test block-based decryption */ + memcpy(iv,test_iv,sizeof(test_iv)); + CRYPTO_nistcts128_decrypt_block(ciphertext,cleartext,len,&decks,iv,(block128_f)AES_decrypt); + if (memcmp(cleartext,test_input,len)) + fprintf(stderr,"input_%d mismatch\n",len), exit(2); + if (memcmp(iv,nistvector+len-tail,sizeof(iv))) + fprintf(stderr,"iv_%d mismatch\n",len), exit(2); + + /* test streamed encryption */ + memcpy(iv,test_iv,sizeof(test_iv)); + CRYPTO_nistcts128_encrypt(test_input,ciphertext,len,&encks,iv,(cbc128_f)AES_cbc_encrypt); + if (memcmp(ciphertext,nistvector,len)) + fprintf(stderr,"output_%d mismatch\n",len), exit(3); + if (memcmp(iv,nistvector+len-tail,sizeof(iv))) + fprintf(stderr,"iv_%d mismatch\n",len), exit(3); + + /* test streamed decryption */ + memcpy(iv,test_iv,sizeof(test_iv)); + CRYPTO_nistcts128_decrypt(ciphertext,cleartext,len,&decks,iv,(cbc128_f)AES_cbc_encrypt); + if (memcmp(cleartext,test_input,len)) + fprintf(stderr,"input_%d mismatch\n",len), exit(4); + if (memcmp(iv,nistvector+len-tail,sizeof(iv))) + fprintf(stderr,"iv_%d mismatch\n",len), exit(4); +} + +int main() { AES_set_encrypt_key(test_key,128,&encks); AES_set_decrypt_key(test_key,128,&decks); @@ -254,6 +452,14 @@ main() test_vector(vector_47,sizeof(vector_47)); test_vector(vector_48,sizeof(vector_48)); test_vector(vector_64,sizeof(vector_64)); - exit(0); + + test_nistvector(vector_17,sizeof(vector_17)); + test_nistvector(vector_31,sizeof(vector_31)); + test_nistvector(vector_32,sizeof(vector_32)); + test_nistvector(vector_47,sizeof(vector_47)); + test_nistvector(vector_48,sizeof(vector_48)); + test_nistvector(vector_64,sizeof(vector_64)); + + return 0; } #endif |