aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/modes/cts128.c
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2012-04-10 11:54:31 +0200
committermarha <marha@users.sourceforge.net>2012-04-10 11:54:31 +0200
commit5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8 (patch)
treec800a66664ea3af61eb13928db45a26275930b0b /openssl/crypto/modes/cts128.c
parentd79e641dea89c0d5d651b11971c4c9e14df34629 (diff)
parent67326634496ef21b4acbf4cef2f05040d34aef9b (diff)
downloadvcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.gz
vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.bz2
vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.zip
Merge remote-tracking branch 'origin/released'
Conflicts: openssl/Configure openssl/Makefile openssl/crypto/opensslconf.h openssl/util/mk1mf.pl openssl/util/pl/VC-32.pl
Diffstat (limited to 'openssl/crypto/modes/cts128.c')
-rw-r--r--openssl/crypto/modes/cts128.c226
1 files changed, 216 insertions, 10 deletions
diff --git a/openssl/crypto/modes/cts128.c b/openssl/crypto/modes/cts128.c
index e0430f9fd..c0e1f3696 100644
--- a/openssl/crypto/modes/cts128.c
+++ b/openssl/crypto/modes/cts128.c
@@ -5,7 +5,8 @@
* forms are granted according to the OpenSSL license.
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -23,8 +24,9 @@
* deviates from mentioned RFCs. Most notably it allows input to be
* of block length and it doesn't flip the order of the last two
* blocks. CTS is being discussed even in ECB context, but it's not
- * adopted for any known application. This implementation complies
- * with mentioned RFCs and [as such] extends CBC mode.
+ * adopted for any known application. This implementation provides
+ * two interfaces: one compliant with above mentioned RFCs and one
+ * compliant with the NIST proposal, both extending CBC mode.
*/
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
@@ -54,6 +56,34 @@ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
return len+residue;
}
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block)
+{ size_t residue, n;
+
+ assert (in && out && key && ivec);
+
+ if (len < 16) return 0;
+
+ residue=len%16;
+
+ len -= residue;
+
+ CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
+
+ if (residue==0) return len;
+
+ in += len;
+ out += len;
+
+ for (n=0; n<residue; ++n)
+ ivec[n] ^= in[n];
+ (*block)(ivec,ivec,key);
+ memcpy(out-16+residue,ivec,16);
+
+ return len+residue;
+}
+
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc)
@@ -90,6 +120,41 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
return len+residue;
}
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc)
+{ size_t residue;
+ union { size_t align; unsigned char c[16]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len < 16) return 0;
+
+ residue=len%16;
+
+ len -= residue;
+
+ (*cbc)(in,out,len,key,ivec,1);
+
+ if (residue==0) return len;
+
+ in += len;
+ out += len;
+
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+ (*cbc)(in,out-16+residue,residue,key,ivec,1);
+#else
+ {
+ size_t n;
+ for (n=0; n<16; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = 0;
+ memcpy(tmp.c,in,residue);
+ }
+ (*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
+#endif
+ return len+residue;
+}
+
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block)
@@ -125,7 +190,51 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
for(residue+=16; n<residue; ++n)
out[n] = tmp.c[n] ^ in[n];
- return len+residue-16;
+ return 16+len+residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block)
+{ size_t residue, n;
+ union { size_t align; unsigned char c[32]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len<16) return 0;
+
+ residue=len%16;
+
+ if (residue==0) {
+ CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
+ return len;
+ }
+
+ len -= 16+residue;
+
+ if (len) {
+ CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
+ in += len;
+ out += len;
+ }
+
+ (*block)(in+residue,tmp.c+16,key);
+
+ for (n=0; n<16; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
+ memcpy(tmp.c,in,residue);
+ (*block)(tmp.c,tmp.c,key);
+
+ for(n=0; n<16; ++n) {
+ unsigned char c = in[n];
+ out[n] = tmp.c[n] ^ ivec[n];
+ ivec[n] = in[n+residue];
+ tmp.c[n] = c;
+ }
+ for(residue+=16; n<residue; ++n)
+ out[n] = tmp.c[n] ^ tmp.c[n-16];
+
+ return 16+len+residue;
}
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
@@ -160,7 +269,47 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
(*cbc)(tmp.c,tmp.c,32,key,ivec,0);
memcpy(out,tmp.c,16+residue);
#endif
- return len+residue;
+ return 16+len+residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc)
+{ size_t residue, n;
+ union { size_t align; unsigned char c[32]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len<16) return 0;
+
+ residue=len%16;
+
+ if (residue==0) {
+ (*cbc)(in,out,len,key,ivec,0);
+ return len;
+ }
+
+ len -= 16+residue;
+
+ if (len) {
+ (*cbc)(in,out,len,key,ivec,0);
+ in += len;
+ out += len;
+ }
+
+ for (n=16; n<32; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = 0;
+ /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
+ (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
+
+ memcpy(tmp.c,in,residue);
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+ (*cbc)(tmp.c,out,16+residue,key,ivec,0);
+#else
+ (*cbc)(tmp.c,tmp.c,32,key,ivec,0);
+ memcpy(out,tmp.c,16+residue);
+#endif
+ return 16+len+residue;
}
#if defined(SELFTEST)
@@ -200,9 +349,8 @@ static const unsigned char vector_64[64] =
static AES_KEY encks, decks;
void test_vector(const unsigned char *vector,size_t len)
-{ unsigned char cleartext[64];
- unsigned char iv[sizeof(test_iv)];
- unsigned char ciphertext[64];
+{ unsigned char iv[sizeof(test_iv)];
+ unsigned char cleartext[64],ciphertext[64];
size_t tail;
printf("vector_%d\n",len); fflush(stdout);
@@ -243,7 +391,57 @@ void test_vector(const unsigned char *vector,size_t len)
fprintf(stderr,"iv_%d mismatch\n",len), exit(4);
}
-main()
+void test_nistvector(const unsigned char *vector,size_t len)
+{ unsigned char iv[sizeof(test_iv)];
+ unsigned char cleartext[64],ciphertext[64],nistvector[64];
+ size_t tail;
+
+ printf("nistvector_%d\n",len); fflush(stdout);
+
+ if ((tail=len%16) == 0) tail = 16;
+
+ len -= 16 + tail;
+ memcpy(nistvector,vector,len);
+ /* flip two last blocks */
+ memcpy(nistvector+len,vector+len+16,tail);
+ memcpy(nistvector+len+tail,vector+len,16);
+ len += 16 + tail;
+ tail = 16;
+
+ /* test block-based encryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_encrypt_block(test_input,ciphertext,len,&encks,iv,(block128_f)AES_encrypt);
+ if (memcmp(ciphertext,nistvector,len))
+ fprintf(stderr,"output_%d mismatch\n",len), exit(1);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(1);
+
+ /* test block-based decryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_decrypt_block(ciphertext,cleartext,len,&decks,iv,(block128_f)AES_decrypt);
+ if (memcmp(cleartext,test_input,len))
+ fprintf(stderr,"input_%d mismatch\n",len), exit(2);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(2);
+
+ /* test streamed encryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_encrypt(test_input,ciphertext,len,&encks,iv,(cbc128_f)AES_cbc_encrypt);
+ if (memcmp(ciphertext,nistvector,len))
+ fprintf(stderr,"output_%d mismatch\n",len), exit(3);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(3);
+
+ /* test streamed decryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_decrypt(ciphertext,cleartext,len,&decks,iv,(cbc128_f)AES_cbc_encrypt);
+ if (memcmp(cleartext,test_input,len))
+ fprintf(stderr,"input_%d mismatch\n",len), exit(4);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(4);
+}
+
+int main()
{
AES_set_encrypt_key(test_key,128,&encks);
AES_set_decrypt_key(test_key,128,&decks);
@@ -254,6 +452,14 @@ main()
test_vector(vector_47,sizeof(vector_47));
test_vector(vector_48,sizeof(vector_48));
test_vector(vector_64,sizeof(vector_64));
- exit(0);
+
+ test_nistvector(vector_17,sizeof(vector_17));
+ test_nistvector(vector_31,sizeof(vector_31));
+ test_nistvector(vector_32,sizeof(vector_32));
+ test_nistvector(vector_47,sizeof(vector_47));
+ test_nistvector(vector_48,sizeof(vector_48));
+ test_nistvector(vector_64,sizeof(vector_64));
+
+ return 0;
}
#endif