static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
size_t num_data, size_t dlen)
{
int ret = 0;
size_t size = 0;
unsigned char *oblock = NULL;
unsigned char *dbuf = NULL;
unsigned char iv_cts[IV_CTS_BUF_SIZE];
struct iov_block_state input_pos, output_pos;
AES_KEY deck;
memset(iv_cts,0,sizeof(iv_cts));
if (ivec && ivec->data){
if (ivec->length != sizeof(iv_cts))
return KRB5_CRYPTO_INTERNAL;
memcpy(iv_cts, ivec->data,ivec->length);
}
IOV_BLOCK_STATE_INIT(&input_pos);
IOV_BLOCK_STATE_INIT(&output_pos);
oblock = OPENSSL_malloc(dlen);
if (!oblock)
return ENOMEM;
dbuf = OPENSSL_malloc(dlen);
if (!dbuf){
OPENSSL_free(oblock);
return ENOMEM;
}
AES_set_decrypt_key(key->keyblock.contents,
NUM_BITS * key->keyblock.length, &deck);
krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);
size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
dlen, &deck,
iv_cts, (cbc128_f)AES_cbc_encrypt);
if (size <= 0)
ret = KRB5_CRYPTO_INTERNAL;
else {
krb5int_c_iov_put_block(data, num_data, oblock, dlen, &output_pos);
}
if (!ret && ivec && ivec->data)
memcpy(ivec->data, iv_cts, sizeof(iv_cts));
zap(oblock, dlen);
zap(dbuf, dlen);
OPENSSL_free(oblock);
OPENSSL_free(dbuf);
return ret;
}
static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
size_t num_data, size_t dlen)
{
int ret = 0;
size_t size = 0;
unsigned char *oblock = NULL;
unsigned char *dbuf = NULL;
unsigned char iv_cts[IV_CTS_BUF_SIZE];
struct iov_cursor cursor;
AES_KEY deck;
memset(iv_cts,0,sizeof(iv_cts));
if (ivec && ivec->data) {
if (ivec->length != sizeof(iv_cts))
return KRB5_CRYPTO_INTERNAL;
memcpy(iv_cts, ivec->data,ivec->length);
}
oblock = OPENSSL_malloc(dlen);
if (!oblock)
return ENOMEM;
dbuf = OPENSSL_malloc(dlen);
if (!dbuf) {
OPENSSL_free(oblock);
return ENOMEM;
}
AES_set_decrypt_key(key->keyblock.contents,
NUM_BITS * key->keyblock.length, &deck);
k5_iov_cursor_init(&cursor, data, num_data, dlen, FALSE);
k5_iov_cursor_get(&cursor, dbuf);
size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
dlen, &deck,
iv_cts, (cbc128_f)AES_cbc_encrypt);
if (size <= 0)
ret = KRB5_CRYPTO_INTERNAL;
else
k5_iov_cursor_put(&cursor, oblock);
if (!ret && ivec && ivec->data)
memcpy(ivec->data, iv_cts, sizeof(iv_cts));
zap(oblock, dlen);
zap(dbuf, dlen);
OPENSSL_free(oblock);
OPENSSL_free(dbuf);
return ret;
}
void test_vector(const unsigned char *vector, size_t len)
{
unsigned char cleartext[64];
unsigned char iv[sizeof(test_iv)];
unsigned char ciphertext[64];
size_t tail;
printf("vector_%d\n", len);
fflush(stdout);
if ((tail = len % 16) == 0)
tail = 16;
tail += 16;
/* test block-based encryption */
memcpy(iv, test_iv, sizeof(test_iv));
CRYPTO_cts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
(block128_f) AES_encrypt);
if (memcmp(ciphertext, vector, len))
fprintf(stderr, "output_%d mismatch\n", len), exit(1);
if (memcmp(iv, vector + len - tail, sizeof(iv)))
fprintf(stderr, "iv_%d mismatch\n", len), exit(1);
/* test block-based decryption */
memcpy(iv, test_iv, sizeof(test_iv));
CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
(block128_f) AES_decrypt);
if (memcmp(cleartext, test_input, len))
fprintf(stderr, "input_%d mismatch\n", len), exit(2);
if (memcmp(iv, vector + len - tail, sizeof(iv)))
fprintf(stderr, "iv_%d mismatch\n", len), exit(2);
/* test streamed encryption */
memcpy(iv, test_iv, sizeof(test_iv));
CRYPTO_cts128_encrypt(test_input, ciphertext, len, &encks, iv,
(cbc128_f) AES_cbc_encrypt);
if (memcmp(ciphertext, vector, len))
fprintf(stderr, "output_%d mismatch\n", len), exit(3);
if (memcmp(iv, vector + len - tail, sizeof(iv)))
fprintf(stderr, "iv_%d mismatch\n", len), exit(3);
/* test streamed decryption */
memcpy(iv, test_iv, sizeof(test_iv));
CRYPTO_cts128_decrypt(ciphertext, cleartext, len, &decks, iv,
(cbc128_f) AES_cbc_encrypt);
if (memcmp(cleartext, test_input, len))
fprintf(stderr, "input_%d mismatch\n", len), exit(4);
if (memcmp(iv, vector + len - tail, sizeof(iv)))
fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
}
