/** Combined XEX mode encrypt/decrypt, since they're almost the same. * See xexEncryptInternal() and xexDecryptInternal() for a description of * what this does and what each parameter is. * \param out For encryption, this will be the resulting ciphertext. For * decryption, this will be the resulting plaintext. * \param in For encryption, this will be the source plaintext. For * decryption, this will be the source ciphertext. * \param n See xexEncryptInternal(). * \param seq See xexEncryptInternal(). * \param tweak_key See xexEncryptInternal(). * \param encrypt_key See xexEncryptInternal(). * \param is_decrypt To decrypt, use true. To encrypt, use false. */ static void xexEnDecrypt(uint8_t *out, uint8_t *in, uint8_t *n, uint8_t seq, uint8_t *tweak_key, uint8_t *encrypt_key, bool is_decrypt) { uint8_t expanded_key[EXPANDED_KEY_SIZE]; uint8_t delta[16]; uint8_t buffer[16]; uint8_t i; aesExpandKey(expanded_key, tweak_key); aesEncrypt(delta, n, expanded_key); for (i = 0; i < seq; i++) { doubleInGF(delta); } memcpy(buffer, in, 16); xor16Bytes(buffer, delta); aesExpandKey(expanded_key, encrypt_key); if (is_decrypt) { aesDecrypt(out, buffer, expanded_key); } else { aesEncrypt(out, buffer, expanded_key); } xor16Bytes(out, delta); }
/** Second part of deterministic 256 bit number generation. * See comments to generateDeterministic256() for details. * It was split into two parts to most efficiently use stack space. * \param out See generateDeterministic256(). * \param hash See generateDeterministic256(). * \param seed See generateDeterministic256(). */ static NOINLINE void generateDeterministic256Part2(BigNum256 out, uint8_t *hash, uint8_t *seed) { uint8_t expanded_key[EXPANDED_KEY_SIZE]; aesExpandKey(expanded_key, &(seed[0])); aesEncrypt(&(out[0]), &(hash[0]), expanded_key); aesExpandKey(expanded_key, &(seed[16])); aesEncrypt(&(out[16]), &(hash[16]), expanded_key); }