static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!xctx->xts.key1 || !xctx->xts.key2) return 0; if (!out || !in || len<AES_BLOCK_SIZE) return 0; #ifdef OPENSSL_FIPS /* Requirement of SP800-38E */ if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && (len > (1UL<<20)*16)) { EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE); return 0; } #endif if (xctx->stream) (*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2, ctx->iv); else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len, ctx->encrypt)) return 0; return 1; }
static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { EVP_AES_XTS_CTX *xctx = ctx->cipher_data; if (!xctx->xts.key1 || !xctx->xts.key2) return 0; if (!out || !in || len < AES_BLOCK_SIZE) return 0; if (xctx->stream) (*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2, ctx->iv); else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len, ctx->encrypt)) return 0; return 1; }
static int32_t encrypt_aes_xts(const unsigned char *from, unsigned char *to, size_t length, off_t offset, const int enc, struct object_cipher_info *object) { XTS128_CONTEXT ctx; if (enc) { ctx.key1 = &object->u.aes_xts.dkey[AES_ENCRYPT]; ctx.block1 = (block128_f)AES_encrypt; } else { ctx.key1 = &object->u.aes_xts.dkey[AES_DECRYPT]; ctx.block1 = (block128_f)AES_decrypt; } ctx.key2 = &object->u.aes_xts.tkey; ctx.block2 = (block128_f)AES_encrypt; return CRYPTO_xts128_encrypt(&ctx, object->u.aes_xts.ivec, from, to, length, enc); }