int ctr_mode_final(ctr_ctx_t *ctx, crypto_data_t *out, int (*encrypt_block)(const void *, const uint8_t *, uint8_t *)) { uint8_t *lastp; uint8_t *p; int i; if (out->cd_length < ctx->ctr_remainder_len) return (CRYPTO_DATA_LEN_RANGE); encrypt_block(ctx->ctr_keysched, (uint8_t *)ctx->ctr_cb, (uint8_t *)ctx->ctr_tmp); lastp = (uint8_t *)ctx->ctr_tmp; p = (uint8_t *)ctx->ctr_remainder; for (i = 0; i < ctx->ctr_remainder_len; i++) { p[i] ^= lastp[i]; } (void) crypto_put_output_data(p, out, ctx->ctr_remainder_len); out->cd_offset += ctx->ctr_remainder_len; ctx->ctr_remainder_len = 0; return (CRYPTO_SUCCESS); }
/* * Algorithm independent ECB functions. */ int ecb_cipher_contiguous_blocks(ecb_ctx_t *ctx, char *data, size_t length, crypto_data_t *out, size_t block_size, int (*cipher)(const void *ks, const uint8_t *pt, uint8_t *ct)) { size_t remainder = length; size_t need; uint8_t *datap = (uint8_t *)data; uint8_t *blockp; uint8_t *lastp; if (length + ctx->ecb_remainder_len < block_size) { /* accumulate bytes here and return */ bcopy(datap, (uint8_t *)ctx->ecb_remainder + ctx->ecb_remainder_len, length); ctx->ecb_remainder_len += length; ctx->ecb_copy_to = datap; return (CRYPTO_SUCCESS); } lastp = (uint8_t *)ctx->ecb_iv; do { /* Unprocessed data from last call. */ if (ctx->ecb_remainder_len > 0) { need = block_size - ctx->ecb_remainder_len; if (need > remainder) return (CRYPTO_DATA_LEN_RANGE); bcopy(datap, &((uint8_t *)ctx->ecb_remainder) [ctx->ecb_remainder_len], need); blockp = (uint8_t *)ctx->ecb_remainder; } else { blockp = datap; } if (out == NULL) { cipher(ctx->ecb_keysched, blockp, blockp); ctx->ecb_lastp = blockp; lastp = blockp; if (ctx->ecb_remainder_len > 0) { bcopy(blockp, ctx->ecb_copy_to, ctx->ecb_remainder_len); bcopy(blockp + ctx->ecb_remainder_len, datap, need); } } else { cipher(ctx->ecb_keysched, blockp, lastp); (void) crypto_put_output_data(lastp, out, block_size); /* update offset */ out->cd_offset += block_size; } /* Update pointer to next block of data to be processed. */ if (ctx->ecb_remainder_len != 0) { datap += need; ctx->ecb_remainder_len = 0; } else { datap += block_size; } remainder = (size_t)&data[length] - (size_t)datap; /* Incomplete last block. */ if (remainder > 0 && remainder < block_size) { bcopy(datap, ctx->ecb_remainder, remainder); ctx->ecb_remainder_len = remainder; ctx->ecb_copy_to = datap; goto out; } ctx->ecb_copy_to = NULL; } while (remainder > 0); out: return (CRYPTO_SUCCESS); }
/* * Encrypt and decrypt multiple blocks of data in counter mode. */ int ctr_mode_contiguous_blocks(ctr_ctx_t *ctx, char *data, size_t length, crypto_data_t *out, size_t block_size, int (*cipher)(const void *ks, const uint8_t *pt, uint8_t *ct), void (*xor_block)(uint8_t *, uint8_t *)) { size_t remainder = length; size_t need; uint8_t *datap = (uint8_t *)data; uint8_t *blockp; uint8_t *lastp; uint64_t lower_counter, upper_counter; if (length + ctx->ctr_remainder_len < block_size) { /* accumulate bytes here and return */ bcopy(datap, (uint8_t *)ctx->ctr_remainder + ctx->ctr_remainder_len, length); ctx->ctr_remainder_len += length; ctx->ctr_copy_to = datap; return (CRYPTO_SUCCESS); } lastp = (uint8_t *)ctx->ctr_cb; do { /* Unprocessed data from last call. */ if (ctx->ctr_remainder_len > 0) { need = block_size - ctx->ctr_remainder_len; if (need > remainder) return (CRYPTO_DATA_LEN_RANGE); bcopy(datap, &((uint8_t *)ctx->ctr_remainder) [ctx->ctr_remainder_len], need); blockp = (uint8_t *)ctx->ctr_remainder; } else { blockp = datap; } /* ctr_cb is the counter block */ cipher(ctx->ctr_keysched, (uint8_t *)ctx->ctr_cb, (uint8_t *)ctx->ctr_tmp); lastp = (uint8_t *)ctx->ctr_tmp; /* * Increment Counter. */ lower_counter = ntohll(ctx->ctr_cb[1] & ctx->ctr_lower_mask); lower_counter = htonll(lower_counter + 1); lower_counter &= ctx->ctr_lower_mask; ctx->ctr_cb[1] = (ctx->ctr_cb[1] & ~(ctx->ctr_lower_mask)) | lower_counter; /* wrap around */ if (lower_counter == 0) { upper_counter = ntohll(ctx->ctr_cb[0] & ctx->ctr_upper_mask); upper_counter = htonll(upper_counter + 1); upper_counter &= ctx->ctr_upper_mask; ctx->ctr_cb[0] = (ctx->ctr_cb[0] & ~(ctx->ctr_upper_mask)) | upper_counter; } /* * XOR encrypted counter block with the current clear block. */ xor_block(blockp, lastp); if (out == NULL) { if (ctx->ctr_remainder_len > 0) { bcopy(lastp, ctx->ctr_copy_to, ctx->ctr_remainder_len); bcopy(lastp + ctx->ctr_remainder_len, datap, need); } } else { (void) crypto_put_output_data(lastp, out, block_size); /* update offset */ out->cd_offset += block_size; } /* Update pointer to next block of data to be processed. */ if (ctx->ctr_remainder_len != 0) { datap += need; ctx->ctr_remainder_len = 0; } else { datap += block_size; } remainder = (size_t)&data[length] - (size_t)datap; /* Incomplete last block. */ if (remainder > 0 && remainder < block_size) { bcopy(datap, ctx->ctr_remainder, remainder); ctx->ctr_remainder_len = remainder; ctx->ctr_copy_to = datap; goto out; } ctx->ctr_copy_to = NULL; } while (remainder > 0); out: return (CRYPTO_SUCCESS); }