Пример #1
0
static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
         size_t num_data, size_t dlen)
{
    int                    ret = 0;
    size_t                 size = 0;
    unsigned char         *oblock = NULL;
    unsigned char         *dbuf = NULL;
    unsigned char          iv_cts[IV_CTS_BUF_SIZE];
    struct iov_block_state input_pos, output_pos;
    AES_KEY                deck;

    memset(iv_cts,0,sizeof(iv_cts));
    if (ivec && ivec->data){
        if (ivec->length != sizeof(iv_cts))
            return KRB5_CRYPTO_INTERNAL;
        memcpy(iv_cts, ivec->data,ivec->length);
    }

    IOV_BLOCK_STATE_INIT(&input_pos);
    IOV_BLOCK_STATE_INIT(&output_pos);

    oblock = OPENSSL_malloc(dlen);
    if (!oblock)
        return ENOMEM;
    dbuf = OPENSSL_malloc(dlen);
    if (!dbuf){
        OPENSSL_free(oblock);
        return ENOMEM;
    }

    AES_set_decrypt_key(key->keyblock.contents,
                        NUM_BITS * key->keyblock.length, &deck);

    krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);

    size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
                                 dlen, &deck,
                                 iv_cts, (cbc128_f)AES_cbc_encrypt);
    if (size <= 0)
        ret = KRB5_CRYPTO_INTERNAL;
    else {
        krb5int_c_iov_put_block(data, num_data, oblock, dlen, &output_pos);
    }

    if (!ret && ivec && ivec->data)
        memcpy(ivec->data, iv_cts, sizeof(iv_cts));

    zap(oblock, dlen);
    zap(dbuf, dlen);
    OPENSSL_free(oblock);
    OPENSSL_free(dbuf);

    return ret;
}
Пример #2
0
static krb5_error_code
cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
         size_t num_data, size_t dlen)
{
    int                    ret = 0;
    size_t                 size = 0;
    unsigned char         *oblock = NULL;
    unsigned char         *dbuf = NULL;
    unsigned char          iv_cts[IV_CTS_BUF_SIZE];
    struct iov_cursor      cursor;
    AES_KEY                deck;

    memset(iv_cts,0,sizeof(iv_cts));
    if (ivec && ivec->data) {
        if (ivec->length != sizeof(iv_cts))
            return KRB5_CRYPTO_INTERNAL;
        memcpy(iv_cts, ivec->data,ivec->length);
    }

    oblock = OPENSSL_malloc(dlen);
    if (!oblock)
        return ENOMEM;
    dbuf = OPENSSL_malloc(dlen);
    if (!dbuf) {
        OPENSSL_free(oblock);
        return ENOMEM;
    }

    AES_set_decrypt_key(key->keyblock.contents,
                        NUM_BITS * key->keyblock.length, &deck);

    k5_iov_cursor_init(&cursor, data, num_data, dlen, FALSE);
    k5_iov_cursor_get(&cursor, dbuf);

    size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
                                 dlen, &deck,
                                 iv_cts, (cbc128_f)AES_cbc_encrypt);
    if (size <= 0)
        ret = KRB5_CRYPTO_INTERNAL;
    else
        k5_iov_cursor_put(&cursor, oblock);

    if (!ret && ivec && ivec->data)
        memcpy(ivec->data, iv_cts, sizeof(iv_cts));

    zap(oblock, dlen);
    zap(dbuf, dlen);
    OPENSSL_free(oblock);
    OPENSSL_free(dbuf);

    return ret;
}
Пример #3
0
void test_vector(const unsigned char *vector, size_t len)
{
    unsigned char cleartext[64];
    unsigned char iv[sizeof(test_iv)];
    unsigned char ciphertext[64];
    size_t tail;

    printf("vector_%d\n", len);
    fflush(stdout);

    if ((tail = len % 16) == 0)
        tail = 16;
    tail += 16;

    /* test block-based encryption */
    memcpy(iv, test_iv, sizeof(test_iv));
    CRYPTO_cts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
                                (block128_f) AES_encrypt);
    if (memcmp(ciphertext, vector, len))
        fprintf(stderr, "output_%d mismatch\n", len), exit(1);
    if (memcmp(iv, vector + len - tail, sizeof(iv)))
        fprintf(stderr, "iv_%d mismatch\n", len), exit(1);

    /* test block-based decryption */
    memcpy(iv, test_iv, sizeof(test_iv));
    CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
                                (block128_f) AES_decrypt);
    if (memcmp(cleartext, test_input, len))
        fprintf(stderr, "input_%d mismatch\n", len), exit(2);
    if (memcmp(iv, vector + len - tail, sizeof(iv)))
        fprintf(stderr, "iv_%d mismatch\n", len), exit(2);

    /* test streamed encryption */
    memcpy(iv, test_iv, sizeof(test_iv));
    CRYPTO_cts128_encrypt(test_input, ciphertext, len, &encks, iv,
                          (cbc128_f) AES_cbc_encrypt);
    if (memcmp(ciphertext, vector, len))
        fprintf(stderr, "output_%d mismatch\n", len), exit(3);
    if (memcmp(iv, vector + len - tail, sizeof(iv)))
        fprintf(stderr, "iv_%d mismatch\n", len), exit(3);

    /* test streamed decryption */
    memcpy(iv, test_iv, sizeof(test_iv));
    CRYPTO_cts128_decrypt(ciphertext, cleartext, len, &decks, iv,
                          (cbc128_f) AES_cbc_encrypt);
    if (memcmp(cleartext, test_input, len))
        fprintf(stderr, "input_%d mismatch\n", len), exit(4);
    if (memcmp(iv, vector + len - tail, sizeof(iv)))
        fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
}