static void
g_aes_read_done(struct bio *bp)
{
struct g_geom *gp;
struct g_aes_softc *sc;
u_char *p, *b, *e, *sb;
keyInstance dkey;
off_t o;
gp = bp->bio_from->geom;
sc = gp->softc;
sb = g_malloc(sc->sectorsize, M_WAITOK);
b = bp->bio_data;
e = bp->bio_data;
e += bp->bio_length;
o = bp->bio_offset - sc->sectorsize;
for (p = b; p < e; p += sc->sectorsize) {
g_aes_makekey(sc, o, &dkey, DIR_DECRYPT);
rijndael_blockDecrypt(&sc->ci, &dkey, p, sc->sectorsize * 8, sb);
bcopy(sb, p, sc->sectorsize);
o += sc->sectorsize;
}
bzero(&dkey, sizeof dkey); /* destroy evidence */
bzero(sb, sc->sectorsize); /* destroy evidence */
g_free(sb);
g_std_done(bp);
}
void
aes_cbc_dec_int(void *privdata, void *dst, void *src, int len)
{
struct aes_encdata *ae = (void *)privdata;
cipherInstance cipher;
rijndael_cipherInit(&cipher, MODE_CBC, ae->ae_iv);
rijndael_blockDecrypt(&cipher, ae->ae_key, src, len * 8, dst);
memcpy(ae->ae_iv, (u_int8_t *)src + (len - 16), 16);
}
int
main(int argc, char **argv)
{
keyInstance ki;
cipherInstance ci;
uint8_t key[16];
uint8_t in[LL];
uint8_t out[LL];
int i, j;
rijndael_cipherInit(&ci, MODE_CBC, NULL);
for (i = 0; i < 16; i++)
key[i] = i;
rijndael_makeKey(&ki, DIR_DECRYPT, 128, key);
for (i = 0; i < LL; i++)
in[i] = i;
rijndael_blockDecrypt(&ci, &ki, in, LL * 8, out);
for (i = 0; i < LL; i++)
printf("%02x", out[i]);
putchar('\n');
rijndael_blockDecrypt(&ci, &ki, in, LL * 8, in);
j = 0;
for (i = 0; i < LL; i++) {
printf("%02x", in[i]);
if (in[i] != out[i])
j++;
}
putchar('\n');
if (j != 0) {
fprintf(stderr,
"Error: inplace decryption fails in %d places\n", j);
return (1);
} else {
return (0);
}
}
int
esp_rijndael_blockdecrypt(const struct esp_algorithm *algo,
struct secasvar *sav, u_int8_t *s, u_int8_t *d)
{
cipherInstance c;
keyInstance *p;
/* does not take advantage of CBC mode support */
bzero(&c, sizeof(c));
if (rijndael_cipherInit(&c, MODE_ECB, NULL) < 0)
return -1;
p = (keyInstance *)sav->sched;
if (rijndael_blockDecrypt(&c, &p[0], s, algo->padbound * 8, d) < 0)
return -1;
return 0;
}
int
geliboot_crypt(u_int algo, int enc, u_char *data, size_t datasize,
const u_char *key, size_t keysize, u_char *iv)
{
keyInstance aeskey;
cipherInstance cipher;
struct aes_xts_ctx xtsctx, *ctxp;
size_t xts_len;
int err, blks, i;
switch (algo) {
case CRYPTO_AES_CBC:
err = rijndael_makeKey(&aeskey, !enc, keysize,
(const char *)key);
if (err < 0) {
printf("Failed to setup decryption keys: %d\n", err);
return (err);
}
err = rijndael_cipherInit(&cipher, MODE_CBC, iv);
if (err < 0) {
printf("Failed to setup IV: %d\n", err);
return (err);
}
switch (enc) {
case 0: /* decrypt */
blks = rijndael_blockDecrypt(&cipher, &aeskey, data,
datasize * 8, data);
break;
case 1: /* encrypt */
blks = rijndael_blockEncrypt(&cipher, &aeskey, data,
datasize * 8, data);
break;
}
if (datasize != (blks / 8)) {
printf("Failed to decrypt the entire input: "
"%u != %u\n", blks, datasize);
return (1);
}
break;
case CRYPTO_AES_XTS:
xts_len = keysize << 1;
ctxp = &xtsctx;
rijndael_set_key(&ctxp->key1, key, xts_len / 2);
rijndael_set_key(&ctxp->key2, key + (xts_len / 16), xts_len / 2);
enc_xform_aes_xts.reinit(ctxp, iv);
switch (enc) {
case 0: /* decrypt */
for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) {
enc_xform_aes_xts.decrypt(ctxp, data + i);
}
break;
case 1: /* encrypt */
for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) {
enc_xform_aes_xts.encrypt(ctxp, data + i);
}
break;
}
break;
default:
printf("Unsupported crypto algorithm #%d\n", algo);
return (1);
}
return (0);
}
