コード例 #1
0
ファイル: cipher.c プロジェクト: intgr/gnutls
static int
wrap_nettle_cipher_setkey (void *_ctx, const void *key, size_t keysize)
{
  struct nettle_cipher_ctx *ctx = _ctx;
  uint8_t des_key[DES3_KEY_SIZE];

  switch (ctx->algo)
    {
    case GNUTLS_CIPHER_AES_128_GCM:
    case GNUTLS_CIPHER_AES_256_GCM:
      gcm_aes_set_key(&ctx->ctx.aes_gcm, keysize, key);
      break;
    case GNUTLS_CIPHER_AES_128_CBC:
    case GNUTLS_CIPHER_AES_192_CBC:
    case GNUTLS_CIPHER_AES_256_CBC:
      if (ctx->enc)
        aes_set_encrypt_key (ctx->ctx_ptr, keysize, key);
      else
        aes_set_decrypt_key (ctx->ctx_ptr, keysize, key);
      break;
    case GNUTLS_CIPHER_CAMELLIA_128_CBC:
    case GNUTLS_CIPHER_CAMELLIA_192_CBC:
    case GNUTLS_CIPHER_CAMELLIA_256_CBC:
      if (ctx->enc)
        camellia_set_encrypt_key (ctx->ctx_ptr, keysize, key);
      else
        camellia_set_decrypt_key (ctx->ctx_ptr, keysize, key);
      break;
    case GNUTLS_CIPHER_3DES_CBC:
      if (keysize != DES3_KEY_SIZE)
        {
          gnutls_assert ();
          return GNUTLS_E_INTERNAL_ERROR;
        }

      des_fix_parity (keysize, des_key, key);

      /* this fails on weak keys */
      if (des3_set_key (ctx->ctx_ptr, des_key) != 1)
        {
          gnutls_assert ();
          return GNUTLS_E_INTERNAL_ERROR;
        }
      break;
    case GNUTLS_CIPHER_DES_CBC:
      if (keysize != DES_KEY_SIZE)
        {
          gnutls_assert ();
          return GNUTLS_E_INTERNAL_ERROR;
        }

      des_fix_parity (keysize, des_key, key);

      if (des_set_key (ctx->ctx_ptr, des_key) != 1)
        {
          gnutls_assert ();
          return GNUTLS_E_INTERNAL_ERROR;
        }
      break;
    case GNUTLS_CIPHER_ARCFOUR_128:
    case GNUTLS_CIPHER_ARCFOUR_40:
      arcfour_set_key (ctx->ctx_ptr, keysize, key);
      break;
    case GNUTLS_CIPHER_RC2_40_CBC:
      arctwo_set_key (ctx->ctx_ptr, keysize, key);
      break;
    default:
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  return 0;
}
コード例 #2
0
ファイル: cipher.c プロジェクト: vote539/gnutls
static int
wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize)
{
	struct nettle_cipher_ctx *ctx = _ctx;
	uint8_t des_key[DES3_KEY_SIZE];

	switch (ctx->algo) {
	case GNUTLS_CIPHER_AES_128_GCM:
	case GNUTLS_CIPHER_AES_256_GCM:
		gcm_aes_set_key(&ctx->ctx.aes_gcm, keysize, key);
		break;
	case GNUTLS_CIPHER_AES_128_CBC:
	case GNUTLS_CIPHER_AES_192_CBC:
	case GNUTLS_CIPHER_AES_256_CBC:
		if (ctx->enc)
			aes_set_encrypt_key(ctx->ctx_ptr, keysize, key);
		else
			aes_set_decrypt_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_CAMELLIA_128_CBC:
	case GNUTLS_CIPHER_CAMELLIA_192_CBC:
	case GNUTLS_CIPHER_CAMELLIA_256_CBC:
		if (ctx->enc)
			camellia_set_encrypt_key(ctx->ctx_ptr, keysize,
						 key);
		else
			camellia_set_decrypt_key(ctx->ctx_ptr, keysize,
						 key);
		break;
	case GNUTLS_CIPHER_3DES_CBC:
		if (keysize != DES3_KEY_SIZE) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}

		des_fix_parity(keysize, des_key, key);

		if (des3_set_key(ctx->ctx_ptr, des_key) != 1) {
			gnutls_assert();
		}
		zeroize_temp_key(des_key, sizeof(des_key));

		break;
	case GNUTLS_CIPHER_CAMELLIA_128_GCM:
	case GNUTLS_CIPHER_CAMELLIA_256_GCM:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		_gcm_camellia_set_key(&ctx->ctx.camellia_gcm, keysize,
				      key);
		break;
	case GNUTLS_CIPHER_DES_CBC:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		if (keysize != DES_KEY_SIZE) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}

		des_fix_parity(keysize, des_key, key);

		if (des_set_key(ctx->ctx_ptr, des_key) != 1) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}
		zeroize_temp_key(des_key, sizeof(des_key));
		break;
	case GNUTLS_CIPHER_ARCFOUR_128:
	case GNUTLS_CIPHER_ARCFOUR_40:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		arcfour_set_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_SALSA20_256:
	case GNUTLS_CIPHER_ESTREAM_SALSA20_256:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		salsa20_set_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_RC2_40_CBC:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		arctwo_set_key(ctx->ctx_ptr, keysize, key);
		break;
	default:
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	return 0;
}