OSStatus AES_CBCFrame_Update( AES_CBCFrame_Context *inContext, const void *inSrc, size_t inSrcLen, void *inDst ) { OSStatus err; const uint8_t * src; const uint8_t * end; uint8_t * dst; size_t len; src = (const uint8_t *) inSrc; end = src + inSrcLen; dst = (uint8_t *) inDst; // Process whole blocks. len = inSrcLen & ~( (size_t)( kAES_CBCFrame_Size - 1 ) ); if( len > 0 ) { #if( AES_UTILS_USE_COMMON_CRYPTO ) err = CCCryptorReset( inContext->cryptor, inContext->iv ); require_noerr( err, exit ); err = CCCryptorUpdate( inContext->cryptor, src, len, dst, len, &len ); require_noerr( err, exit ); #elif( AES_UTILS_USE_GLADMAN_AES ) uint8_t iv[ kAES_CBCFrame_Size ]; memcpy( iv, inContext->iv, kAES_CBCFrame_Size ); // Use local copy so original IV is not changed. if( inContext->encrypt ) aes_cbc_encrypt( src, dst, (int) len, iv, &inContext->ctx.encrypt ); else aes_cbc_decrypt( src, dst, (int) len, iv, &inContext->ctx.decrypt ); #elif( AES_UTILS_USE_USSL ) uint8_t iv[ kAES_CBCFrame_Size ]; memcpy( iv, inContext->iv, kAES_CBCFrame_Size ); // Use local copy so original IV is not changed. if( inContext->encrypt ) aes_crypt_cbc( &inContext->ctx, AES_ENCRYPT, len, iv, (unsigned char *) src, dst ); else aes_crypt_cbc( &inContext->ctx, AES_DECRYPT, len, iv, (unsigned char *) src, dst ); #else uint8_t iv[ kAES_CBCFrame_Size ]; memcpy( iv, inContext->iv, kAES_CBCFrame_Size ); // Use local copy so original IV is not changed. AES_cbc_encrypt( src, dst, (unsigned long) len, &inContext->key, iv, inContext->mode ); #endif src += len; dst += len; } // The remaining bytes are just copied unencrypted. while( src != end ) *dst++ = *src++; err = kNoErr; #if( AES_UTILS_USE_COMMON_CRYPTO ) exit: #endif return( err ); }
static int aes_ctr_encrypt_counter(archive_crypto_ctx *ctx) { CCCryptorRef ref = ctx->ctx; CCCryptorStatus r; r = CCCryptorReset(ref, NULL); if (r != kCCSuccess) return -1; r = CCCryptorUpdate(ref, ctx->nonce, AES_BLOCK_SIZE, ctx->encr_buf, AES_BLOCK_SIZE, NULL); return (r == kCCSuccess)? 0: -1; }
static int __aes_process (crypto_aes_t *crypto, CCCryptorRef cryptor, const void *src, unsigned int src_size, void *dst, unsigned int *dst_size) { size_t out_avail; size_t used = 0; uint8_t *outp; size_t moved; pthread_mutex_lock(&(crypto->lock)); outp = (uint8_t *)dst; out_avail = src_size + 16; if (CCCryptorUpdate(cryptor, src, src_size, outp, out_avail, &moved)) { pthread_mutex_unlock(&(crypto->lock)); CCCryptorReset(cryptor, crypto->iv); return(-2); } outp += moved; used += moved; out_avail -= moved; if (CCCryptorFinal(cryptor, outp, out_avail, &moved)) { pthread_mutex_unlock(&(crypto->lock)); CCCryptorReset(cryptor, crypto->iv); return(-3); } used += moved; if (dst_size != NULL) *dst_size = used; CCCryptorReset(cryptor, crypto->iv); pthread_mutex_unlock(&(crypto->lock)); return(0); }
extern "C" int AppleCryptoNative_CryptorReset(CCCryptorRef cryptor, const uint8_t* pbIv, int32_t* pccStatus) { if (pccStatus == nullptr) return -1; *pccStatus = 0; if (cryptor == nullptr) return -1; CCStatus status = CCCryptorReset(cryptor, pbIv); *pccStatus = status; return status == kCCSuccess; }
int32_t AppleCryptoNative_CryptorReset(CCCryptorRef cryptor, const uint8_t* pbIv, int32_t* pccStatus) { if (pccStatus == NULL) return -1; *pccStatus = 0; if (cryptor == NULL) return -1; // 10.13 Beta reports an error when resetting ECB, which is the only mode which has a null IV. if (pbIv == NULL) return 1; CCStatus status = CCCryptorReset(cryptor, pbIv); *pccStatus = status; return status == kCCSuccess; }
static int init_cc_key(int encp, CCAlgorithm alg, CCOptions opts, const void *key, size_t keylen, const void *iv, CCCryptorRef *ref) { CCOperation op = encp ? kCCEncrypt : kCCDecrypt; CCCryptorStatus ret; if (*ref) { if (key == NULL && iv) { CCCryptorReset(*ref, iv); return 1; } CCCryptorRelease(*ref); } if (key) { ret = CCCryptorCreate(op, alg, opts, key, keylen, iv, ref); if (ret) return 0; } return 1; }
wi_integer_t wi_cipher_decrypt_bytes(wi_cipher_t *cipher, const void *encrypted_buffer, wi_uinteger_t encrypted_length, void *decrypted_buffer) { #ifdef WI_CIPHER_OPENSSL int decrypted_length, padded_length; if(EVP_DecryptUpdate(&cipher->decrypt_ctx, decrypted_buffer, &decrypted_length, encrypted_buffer, encrypted_length) != 1) { wi_error_set_openssl_error(); return -1; } if(EVP_DecryptFinal_ex(&cipher->decrypt_ctx, decrypted_buffer + decrypted_length, &padded_length) != 1) { wi_error_set_openssl_error(); return -1; } if(EVP_DecryptInit_ex(&cipher->decrypt_ctx, NULL, NULL, NULL, NULL) != 1) { wi_error_set_openssl_error(); return -1; } return decrypted_length + padded_length; #endif #ifdef WI_CIPHER_COMMONCRYPTO CCCryptorStatus status; size_t available_length, decrypted_length, padded_length; available_length = wi_cipher_block_size(cipher) + encrypted_length; status = CCCryptorUpdate(cipher->decrypt_ref, encrypted_buffer, encrypted_length, decrypted_buffer, available_length, &decrypted_length); if(status != kCCSuccess) { wi_error_set_commoncrypto_error(status); return -1; } status = CCCryptorFinal(cipher->decrypt_ref, decrypted_buffer + decrypted_length, available_length - decrypted_length, &padded_length); if(status != kCCSuccess) { wi_error_set_commoncrypto_error(status); return -1; } status = CCCryptorReset(cipher->decrypt_ref, cipher->iv ? wi_data_bytes(cipher->iv) : NULL); if(status != kCCSuccess) { wi_error_set_commoncrypto_error(status); return -1; } return decrypted_length + padded_length; #endif }
OSStatus AES_CBCFrame_Update2( AES_CBCFrame_Context * inContext, const void * inSrc1, size_t inLen1, const void * inSrc2, size_t inLen2, void * inDst ) { const uint8_t * src1 = (const uint8_t *) inSrc1; const uint8_t * end1 = src1 + inLen1; const uint8_t * src2 = (const uint8_t *) inSrc2; const uint8_t * end2 = src2 + inLen2; uint8_t * dst = (uint8_t *) inDst; OSStatus err; size_t len; size_t i; #if( !AES_UTILS_USE_COMMON_CRYPTO ) uint8_t iv[ kAES_CBCFrame_Size ]; #endif #if( AES_UTILS_USE_COMMON_CRYPTO ) if( ( inLen1 + inLen2 ) >= kAES_CBCFrame_Size ) { err = CCCryptorReset( inContext->cryptor, inContext->iv ); require_noerr( err, exit ); } #else memcpy( iv, inContext->iv, kAES_CBCFrame_Size ); // Use local copy so original IV is not changed. #endif // Process all whole blocks from buffer 1. len = inLen1 & ~( (size_t)( kAES_CBCFrame_Size - 1 ) ); if( len > 0 ) { #if( AES_UTILS_USE_COMMON_CRYPTO ) err = CCCryptorUpdate( inContext->cryptor, src1, len, dst, len, &len ); require_noerr( err, exit ); #elif( AES_UTILS_USE_GLADMAN_AES ) if( inContext->encrypt ) aes_cbc_encrypt( src1, dst, (int) len, iv, &inContext->ctx.encrypt ); else aes_cbc_decrypt( src1, dst, (int) len, iv, &inContext->ctx.decrypt ); #elif( AES_UTILS_USE_USSL ) if( inContext->encrypt ) aes_crypt_cbc( &inContext->ctx, AES_ENCRYPT, len, iv, (unsigned char *) src1, dst ); else aes_crypt_cbc( &inContext->ctx, AES_DECRYPT, len, iv, (unsigned char *) src1, dst ); #else AES_cbc_encrypt( src1, dst, (unsigned long) len, &inContext->key, iv, inContext->mode ); #endif src1 += len; dst += len; } // If there are any partial block bytes in buffer 1 and enough bytes in buffer 2 to fill a // block then combine them into a temporary buffer and encrypt it. if( ( src1 != end1 ) && ( ( ( end1 - src1 ) + ( end2 - src2 ) ) >= kAES_CBCFrame_Size ) ) { uint8_t buf[ kAES_CBCFrame_Size ]; for( i = 0; src1 != end1; ++i ) { buf[ i ] = *src1++; } for( ; ( i < kAES_CBCFrame_Size ) && ( src2 != end2 ); ++i ) { buf[ i ] = *src2++; } #if( AES_UTILS_USE_COMMON_CRYPTO ) err = CCCryptorUpdate( inContext->cryptor, buf, i, dst, i, &i ); require_noerr( err, exit ); #elif( AES_UTILS_USE_GLADMAN_AES ) if( inContext->encrypt ) aes_cbc_encrypt( buf, dst, (int) i, iv, &inContext->ctx.encrypt ); else aes_cbc_decrypt( buf, dst, (int) i, iv, &inContext->ctx.decrypt ); #elif( AES_UTILS_USE_USSL ) if( inContext->encrypt ) aes_crypt_cbc( &inContext->ctx, AES_ENCRYPT, i, iv, buf, dst ); else aes_crypt_cbc( &inContext->ctx, AES_DECRYPT, i, iv, buf, dst ); #else AES_cbc_encrypt( buf, dst, (unsigned long) i, &inContext->key, iv, inContext->mode ); #endif dst += i; } // Process any remaining whole blocks in buffer 2. len = ( (size_t)( end2 - src2 ) ) & ~( (size_t)( kAES_CBCFrame_Size - 1 ) ); if( len > 0 ) { #if( AES_UTILS_USE_COMMON_CRYPTO ) err = CCCryptorUpdate( inContext->cryptor, src2, len, dst, len, &len ); require_noerr( err, exit ); #elif( AES_UTILS_USE_GLADMAN_AES ) if( inContext->encrypt ) aes_cbc_encrypt( src2, dst, (int) len, iv, &inContext->ctx.encrypt ); else aes_cbc_decrypt( src2, dst, (int) len, iv, &inContext->ctx.decrypt ); #elif( AES_UTILS_USE_USSL ) if( inContext->encrypt ) aes_crypt_cbc( &inContext->ctx, AES_ENCRYPT, len, iv, (unsigned char *) src2, dst ); else aes_crypt_cbc( &inContext->ctx, AES_DECRYPT, len, iv, (unsigned char *) src2, dst ); #else AES_cbc_encrypt( src2, dst, (unsigned long) len, &inContext->key, iv, inContext->mode ); #endif src2 += len; dst += len; } // Any remaining bytes are just copied unencrypted. while( src1 != end1 ) *dst++ = *src1++; while( src2 != end2 ) *dst++ = *src2++; err = kNoErr; #if( AES_UTILS_USE_COMMON_CRYPTO ) exit: #endif return( err ); }