Exemplo n.º 1
0
err_status_t
aes_icm_output(aes_icm_ctx_t *c, octet_t *buffer, int num_octets_to_output) {
    unsigned int len = num_octets_to_output;

    /* zeroize the buffer */
    octet_string_set_to_zero(buffer, num_octets_to_output);

    /* exor keystream into buffer */
    return aes_icm_encrypt(c, buffer, &len);
}
Exemplo n.º 2
0
ismacryp_rc_t ismacrypDecryptSample (ismacryp_session_id_t session,
                                     uint32_t length,
                                     uint8_t *data)
{
  ismacryp_session_t *sp;
  uint8_t  nonce[AES_KEY_LEN];
#ifndef NULL_ISMACRYP
  err_status_t rc = err_status_ok;
#endif

  if (findInSessionList(session, &sp)) {
     fprintf(stdout, "Failed to decrypt. Unknown session %d \n", session);
    return ismacryp_rc_sessid_error;
  }

  sp->sample_count++;

#ifndef NULL_ISMACRYP
  if ( sp->sample_count == 1 ) {
      memset(nonce,0,AES_KEY_LEN);
      //rc=aes_icm_set_segment(sp->cp->state, 0); // defunct function.
      rc=aes_icm_set_iv(sp->cp->state, nonce);
  }
#endif

  fprintf(stdout,"D s: %d  #%05d  L: %5d  Ctr: %s  Left: %d\n", 
                       sp->sessid, sp->sample_count, length,
#ifndef NULL_ISMACRYP
                       v64_hex_string((v64_t)((aes_icm_ctx_t *)(sp->cp->state))->counter.v64[1]),
                       ((aes_icm_ctx_t *)(sp->cp->state))->bytes_in_buffer
#else
                       "n/a",
                       0
#endif
                       );


#ifndef NULL_ISMACRYP
  // length will not be updated in calling function (obviously) awv.
  rc=aes_icm_encrypt(sp->cp->state, data,&length);
#endif

  return ismacryp_rc_ok;

}
Exemplo n.º 3
0
ismacryp_rc_t ismacrypDecryptSampleRandomAccess (
                                    ismacryp_session_id_t session,
                                    uint32_t BSO,
                                    uint32_t length,
                                    uint8_t *data)
{ 
  ismacryp_session_t *sp;
#ifndef NULL_ISMACRYP
  err_status_t rc = err_status_ok;
#endif
  uint32_t  counter;
  uint32_t  remainder;
  uint8_t   nonce[AES_KEY_LEN];
  uint8_t   fakedata[16];
  
  if (findInSessionList(session, &sp)) {
     fprintf(stdout, "Failed to decrypt random access. Unknown session %d \n", session);
     return ismacryp_rc_sessid_error;
  }

  // calculate counter from BSO
  counter = BSO/AES_BYTES_PER_COUNT;
  remainder = BSO%AES_BYTES_PER_COUNT;
  if ( remainder ) {
       // a non-zero remainder means that the key corresponding to 
       // counter has only decrypted a number of bytes equal
       // to remainder in the preceding data. therefore that key must 
       // be used to decrypt the first (AES_BYTES_PER_COUNT - remainder)
       // bytes of this data. so we need to first set the previous key
       // and do a fake decrypt to get everything set up properly for this
       // decrypt.
     
       // this is the fake decrypt of remainder bytes.
       memset(nonce,0,AES_KEY_LEN);
       *((uint32_t *)(&nonce[12])) = htonl(counter);
#ifndef NULL_ISMACRYP
       rc=aes_icm_set_iv(sp->cp->state, nonce);
       rc=aes_icm_encrypt(sp->cp->state, fakedata, &remainder);
#endif

       // now calculate the correct counter for this data 
       counter++;
       remainder = AES_BYTES_PER_COUNT - remainder;
  }

  memset(nonce,0,AES_KEY_LEN);
  *((uint32_t *)(&nonce[12])) = htonl(counter);
#ifndef NULL_ISMACRYP
  rc=aes_icm_set_iv(sp->cp->state, nonce);
  // set the number of bytes the previous key should decrypt 
  ((aes_icm_ctx_t *)(sp->cp->state))->bytes_in_buffer = remainder;
#endif
  
  fprintf(stdout,"D s: %d      RA BSO: %7d  L: %5d  Ctr: %s  Left: %d\n",
                       sp->sessid, BSO, length,
#ifndef NULL_ISMACRYP
                       v64_hex_string((v64_t)((aes_icm_ctx_t *)(sp->cp->state))->counter.v64[1]),
                       ((aes_icm_ctx_t *)(sp->cp->state))->bytes_in_buffer
#else
                       "n/a",
                       0
#endif
                       );
  
  // length will not be updated in calling function (obviously) awv.
#ifndef NULL_ISMACRYP
  rc=aes_icm_encrypt(sp->cp->state, data,&length);
#endif

  return ismacryp_rc_ok;
}
Exemplo n.º 4
0
ismacryp_rc_t ismacrypEncryptSampleAddHeader (ismacryp_session_id_t session,
                                              uint32_t length,
                                              uint8_t *data,
                                              uint32_t *new_length,
                                              uint8_t **new_data)
{
  ismacryp_session_t *sp;
#ifndef NULL_ISMACRYP
  err_status_t rc = err_status_ok;
#endif
  uint8_t  *temp_data;
  int      header_length;
  uint8_t  nonce[AES_KEY_LEN];

  if (findInSessionList(session, &sp)) {
     fprintf(stdout, "Failed to encrypt+add header. Unknown session %d \n", session);
     return ismacryp_rc_sessid_error;
  }

  sp->sample_count++;

  if (sp->selective_enc  ) {
         fprintf(stdout,"    Selective encryption is not supported.\n");
         return ismacryp_rc_unsupported_error;
  }
  else {
        header_length = ISMACRYP_DEFAULT_KEYINDICATOR_LENGTH +
                        sp->IV_len;

        fprintf(stdout,"E s: %d, #%05d. l: %5d BSO: %6d IV l: %d ctr: %s left: %d\n", 
                       sp->sessid, sp->sample_count, length, sp->BSO, sp->IV_len,
#ifndef NULL_ISMACRYP
                       v64_hex_string((v64_t)((aes_icm_ctx_t *)(sp->cp->state))->counter.v64[1]),
                       ((aes_icm_ctx_t *)(sp->cp->state))->bytes_in_buffer
#else
                       "n/a",
                       0
#endif
                       );

        *new_length = header_length + length;
        //fprintf(stdout,"     session: %d  length : %d  new length : %d\n", 
        //                     sp->sessid, length, *new_length);
        temp_data = (uint8_t *) malloc((size_t) *new_length);
        if ( temp_data == NULL ) {
            fprintf(stdout, "Failed to encrypt+add header, mem error. Session %d \n", session);
            return ismacryp_rc_memory_error; 
        }
        memcpy( &temp_data[header_length], data, length);
        memset(temp_data,0,header_length);

        // this is where to set IV which for encryption is BSO
        *((uint32_t *)(&temp_data[header_length-sizeof(uint32_t)])) = htonl(sp->BSO);
         
        // increment BSO after setting IV
        sp->BSO+=length;
   }

#ifndef NULL_ISMACRYP
   if ( sp->sample_count == 1 ) {
       memset(nonce,0,AES_KEY_LEN);
       //rc=aes_icm_set_segment(sp->cp->state, 0); // defunct function.
       rc=aes_icm_set_iv(sp->cp->state, nonce);
   }

   // length will not be updated in calling function (obviously) awv.
   rc=aes_icm_encrypt(sp->cp->state, &temp_data[header_length],&length);
   if (rc != err_status_ok) {
        free(new_data);
        new_data = NULL;
        fprintf(stdout, "Failed to encrypt+add header. aes error %d \n", session, rc);
        return ismacryp_rc_encrypt_error;
   }
#endif

   *new_data = temp_data;
   return ismacryp_rc_ok;
}