static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
if (!xctx->xts.key1 || !xctx->xts.key2)
return 0;
if (!out || !in || len<AES_BLOCK_SIZE)
return 0;
#ifdef OPENSSL_FIPS
/* Requirement of SP800-38E */
if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
(len > (1UL<<20)*16))
{
EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
return 0;
}
#endif
if (xctx->stream)
(*xctx->stream)(in, out, len,
xctx->xts.key1, xctx->xts.key2, ctx->iv);
else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
ctx->encrypt))
return 0;
return 1;
}
static int
aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
if (!xctx->xts.key1 || !xctx->xts.key2)
return 0;
if (!out || !in || len < AES_BLOCK_SIZE)
return 0;
if (xctx->stream)
(*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2,
ctx->iv);
else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
ctx->encrypt))
return 0;
return 1;
}
static int32_t encrypt_aes_xts(const unsigned char *from,
unsigned char *to, size_t length,
off_t offset, const int enc,
struct object_cipher_info *object)
{
XTS128_CONTEXT ctx;
if (enc) {
ctx.key1 = &object->u.aes_xts.dkey[AES_ENCRYPT];
ctx.block1 = (block128_f)AES_encrypt;
}
else {
ctx.key1 = &object->u.aes_xts.dkey[AES_DECRYPT];
ctx.block1 = (block128_f)AES_decrypt;
}
ctx.key2 = &object->u.aes_xts.tkey;
ctx.block2 = (block128_f)AES_encrypt;
return CRYPTO_xts128_encrypt(&ctx,
object->u.aes_xts.ivec,
from,
to,
length, enc);
}
