/** Combined XEX mode encrypt/decrypt, since they're almost the same.
* See xexEncryptInternal() and xexDecryptInternal() for a description of
* what this does and what each parameter is.
* \param out For encryption, this will be the resulting ciphertext. For
* decryption, this will be the resulting plaintext.
* \param in For encryption, this will be the source plaintext. For
* decryption, this will be the source ciphertext.
* \param n See xexEncryptInternal().
* \param seq See xexEncryptInternal().
* \param tweak_key See xexEncryptInternal().
* \param encrypt_key See xexEncryptInternal().
* \param is_decrypt To decrypt, use true. To encrypt, use false.
*/
static void xexEnDecrypt(uint8_t *out, uint8_t *in, uint8_t *n, uint8_t seq, uint8_t *tweak_key, uint8_t *encrypt_key, bool is_decrypt)
{
uint8_t expanded_key[EXPANDED_KEY_SIZE];
uint8_t delta[16];
uint8_t buffer[16];
uint8_t i;
aesExpandKey(expanded_key, tweak_key);
aesEncrypt(delta, n, expanded_key);
for (i = 0; i < seq; i++)
{
doubleInGF(delta);
}
memcpy(buffer, in, 16);
xor16Bytes(buffer, delta);
aesExpandKey(expanded_key, encrypt_key);
if (is_decrypt)
{
aesDecrypt(out, buffer, expanded_key);
}
else
{
aesEncrypt(out, buffer, expanded_key);
}
xor16Bytes(out, delta);
}
/** Second part of deterministic 256 bit number generation.
* See comments to generateDeterministic256() for details.
* It was split into two parts to most efficiently use stack space.
* \param out See generateDeterministic256().
* \param hash See generateDeterministic256().
* \param seed See generateDeterministic256().
*/
static NOINLINE void generateDeterministic256Part2(BigNum256 out, uint8_t *hash, uint8_t *seed)
{
uint8_t expanded_key[EXPANDED_KEY_SIZE];
aesExpandKey(expanded_key, &(seed[0]));
aesEncrypt(&(out[0]), &(hash[0]), expanded_key);
aesExpandKey(expanded_key, &(seed[16]));
aesEncrypt(&(out[16]), &(hash[16]), expanded_key);
}
