صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
phcoder
/
grub-savannah-mirror
mirrorاز https://git.savannah.gnu.org/git/grub.git
دنبال کردن 1
ستاره دار 0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
شاخه: master
شاخه‌ها تگ‌ها
grub-savanna...
/
grub-core
/
lib
/
libgcrypt
/
cipher
/
cipher-cbc.c

cipher-cbc.c 8.0 KB
لینک دائمی تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293 
  1. /* cipher-cbc.c  - Generic CBC mode implementation
    2. 

  2.  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
    3. 

  3.  *               2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc.
    4. 

  4.  *
    5. 

  5.  * This file is part of Libgcrypt.
    6. 

  6.  *
    7. 

  7.  * Libgcrypt is free software; you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU Lesser General Public License as
    9. 

  9.  * published by the Free Software Foundation; either version 2.1 of
    10. 

  10.  * the License, or (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * Libgcrypt is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU Lesser General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU Lesser General Public
    18. 

  18.  * License along with this program; if not, see <http://www.gnu.org/licenses/>.
    19. 

  19.  */
    20. 

  20. 

  21. #include <config.h>
    22. 

  22. #include <stdio.h>
    23. 

  23. #include <stdlib.h>
    24. 

  24. #include <string.h>
    25. 

  25. #include <errno.h>
    26. 

  26. 

  27. #include "g10lib.h"
    28. 

  28. #include "cipher.h"
    29. 

  29. #include "./cipher-internal.h"
    30. 

  30. #include "bufhelp.h"
    31. 

  31. 

  32. 

  33. 

  34. static inline unsigned int
    35. 

  35. cbc_encrypt_inner(gcry_cipher_hd_t c, unsigned char *outbuf,
    36. 

  36.                   const unsigned char *inbuf, size_t nblocks, size_t blocksize,
    37. 

  37.                   int is_cbc_cmac)
    38. 

  38. {
    39. 

  39. 

  40.   unsigned int burn, nburn;
    41. 

  41.   size_t n;
    42. 

  42. 

  43.   burn = 0;
    44. 

  44. 

  45.   if (c->bulk.cbc_enc)
    46. 

  46.     {
    47. 

  47.       c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks,
    48. 

  48.                        is_cbc_cmac);
    49. 

  49.     }
    50. 

  50.   else
    51. 

  51.     {
    52. 

  52.       gcry_cipher_encrypt_t enc_fn = c->spec->encrypt;
    53. 

  53.       unsigned char *ivp;
    54. 

  54. 

  55.       ivp = c->u_iv.iv;
    56. 

  56. 

  57.       for (n=0; n < nblocks; n++ )
    58. 

  58.         {
    59. 

  59.           cipher_block_xor (outbuf, inbuf, ivp, blocksize);
    60. 

  60.           nburn = enc_fn ( &c->context.c, outbuf, outbuf );
    61. 

  61.           burn = nburn > burn ? nburn : burn;
    62. 

  62.           ivp = outbuf;
    63. 

  63.           inbuf += blocksize;
    64. 

  64.           if (!is_cbc_cmac)
    65. 

  65.             outbuf += blocksize;
    66. 

  66.         }
    67. 

  67. 

  68.       if (ivp != c->u_iv.iv)
    69. 

  69.         cipher_block_cpy (c->u_iv.iv, ivp, blocksize);
    70. 

  70.     }
    71. 

  71. 

  72.   return burn;
    73. 

  73. }
    74. 

  74. 

  75. 

  76. gcry_err_code_t
    77. 

  77. _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c,
    78. 

  78.                           unsigned char *outbuf, size_t outbuflen,
    79. 

  79.                           const unsigned char *inbuf, size_t inbuflen)
    80. 

  80. {
    81. 

  81.   size_t blocksize_shift = _gcry_blocksize_shift(c);
    82. 

  82.   size_t blocksize = 1 << blocksize_shift;
    83. 

  83.   size_t blocksize_mask = blocksize - 1;
    84. 

  84.   size_t nblocks = inbuflen >> blocksize_shift;
    85. 

  85.   int is_cbc_cmac = !!(c->flags & GCRY_CIPHER_CBC_MAC);
    86. 

  86.   unsigned int burn;
    87. 

  87. 

  88.   if (outbuflen < (is_cbc_cmac ? blocksize : inbuflen))
    89. 

  89.     return GPG_ERR_BUFFER_TOO_SHORT;
    90. 

  90. 

  91.   if (inbuflen & blocksize_mask)
    92. 

  92.     return GPG_ERR_INV_LENGTH;
    93. 

  93. 

  94.   burn = cbc_encrypt_inner(c, outbuf, inbuf, nblocks, blocksize, is_cbc_cmac);
    95. 

  95. 

  96.   if (burn > 0)
    97. 

  97.     _gcry_burn_stack (burn + 4 * sizeof(void *));
    98. 

  98. 

  99.   return 0;
    100. 

  100. }
    101. 

  101. 

  102. 

  103. gcry_err_code_t
    104. 

  104. _gcry_cipher_cbc_cts_encrypt (gcry_cipher_hd_t c,
    105. 

  105.                               unsigned char *outbuf, size_t outbuflen,
    106. 

  106.                               const unsigned char *inbuf, size_t inbuflen)
    107. 

  107. {
    108. 

  108.   size_t blocksize_shift = _gcry_blocksize_shift(c);
    109. 

  109.   size_t blocksize = 1 << blocksize_shift;
    110. 

  110.   size_t blocksize_mask = blocksize - 1;
    111. 

  111.   gcry_cipher_encrypt_t enc_fn = c->spec->encrypt;
    112. 

  112.   size_t nblocks = inbuflen >> blocksize_shift;
    113. 

  113.   unsigned int burn, nburn;
    114. 

  114.   unsigned char *ivp;
    115. 

  115.   int i;
    116. 

  116. 

  117.   if (outbuflen < inbuflen)
    118. 

  118.     return GPG_ERR_BUFFER_TOO_SHORT;
    119. 

  119. 

  120.   if ((inbuflen & blocksize_mask) && !(inbuflen > blocksize))
    121. 

  121.     return GPG_ERR_INV_LENGTH;
    122. 

  122. 

  123.   burn = 0;
    124. 

  124. 

  125.   if (inbuflen > blocksize)
    126. 

  126.     {
    127. 

  127.       if ((inbuflen & blocksize_mask) == 0)
    128. 

  128. 	nblocks--;
    129. 

  129.     }
    130. 

  130. 

  131.   burn = cbc_encrypt_inner(c, outbuf, inbuf, nblocks, blocksize, 0);
    132. 

  132.   inbuf += nblocks << blocksize_shift;
    133. 

  133.   outbuf += nblocks << blocksize_shift;
    134. 

  134. 

  135.   if (inbuflen > blocksize)
    136. 

  136.     {
    137. 

  137.       /* We have to be careful here, since outbuf might be equal to
    138. 

  138.          inbuf.  */
    139. 

  139.       size_t restbytes;
    140. 

  140.       unsigned char b;
    141. 

  141. 

  142.       if ((inbuflen & blocksize_mask) == 0)
    143. 

  143.         restbytes = blocksize;
    144. 

  144.       else
    145. 

  145.         restbytes = inbuflen & blocksize_mask;
    146. 

  146. 

  147.       outbuf -= blocksize;
    148. 

  148.       for (ivp = c->u_iv.iv, i = 0; i < restbytes; i++)
    149. 

  149.         {
    150. 

  150.           b = inbuf[i];
    151. 

  151.           outbuf[blocksize + i] = outbuf[i];
    152. 

  152.           outbuf[i] = b ^ *ivp++;
    153. 

  153.         }
    154. 

  154.       for (; i < blocksize; i++)
    155. 

  155.         outbuf[i] = 0 ^ *ivp++;
    156. 

  156. 

  157.       nburn = enc_fn (&c->context.c, outbuf, outbuf);
    158. 

  158.       burn = nburn > burn ? nburn : burn;
    159. 

  159.       cipher_block_cpy (c->u_iv.iv, outbuf, blocksize);
    160. 

  160.     }
    161. 

  161. 

  162.   if (burn > 0)
    163. 

  163.     _gcry_burn_stack (burn + 4 * sizeof(void *));
    164. 

  164. 

  165.   return 0;
    166. 

  166. }
    167. 

  167. 

  168. 

  169. static inline unsigned int
    170. 

  170. cbc_decrypt_inner(gcry_cipher_hd_t c, unsigned char *outbuf,
    171. 

  171.                   const unsigned char *inbuf, size_t nblocks, size_t blocksize)
    172. 

  172. {
    173. 

  173.   unsigned int burn, nburn;
    174. 

  174.   size_t n;
    175. 

  175. 

  176.   burn = 0;
    177. 

  177. 

  178.   if (c->bulk.cbc_dec)
    179. 

  179.     {
    180. 

  180.       c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
    181. 

  181.     }
    182. 

  182.   else
    183. 

  183.     {
    184. 

  184.       gcry_cipher_decrypt_t dec_fn = c->spec->decrypt;
    185. 

  185. 

  186.       for (n = 0; n < nblocks; n++)
    187. 

  187.         {
    188. 

  188.           /* Because outbuf and inbuf might be the same, we must not overwrite
    189. 

  189.              the original ciphertext block.  We use LASTIV as intermediate
    190. 

  190.              storage here because it is not used otherwise.  */
    191. 

  191.           nburn = dec_fn ( &c->context.c, c->lastiv, inbuf );
    192. 

  192.           burn = nburn > burn ? nburn : burn;
    193. 

  193.           cipher_block_xor_n_copy_2 (outbuf, c->lastiv, c->u_iv.iv, inbuf,
    194. 

  194.                                      blocksize);
    195. 

  195.           inbuf  += blocksize;
    196. 

  196.           outbuf += blocksize;
    197. 

  197.         }
    198. 

  198.     }
    199. 

  199. 

  200.   return burn;
    201. 

  201. }
    202. 

  202. 

  203. 

  204. gcry_err_code_t
    205. 

  205. _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c,
    206. 

  206.                           unsigned char *outbuf, size_t outbuflen,
    207. 

  207.                           const unsigned char *inbuf, size_t inbuflen)
    208. 

  208. {
    209. 

  209.   size_t blocksize_shift = _gcry_blocksize_shift(c);
    210. 

  210.   size_t blocksize = 1 << blocksize_shift;
    211. 

  211.   size_t blocksize_mask = blocksize - 1;
    212. 

  212.   size_t nblocks = inbuflen >> blocksize_shift;
    213. 

  213.   unsigned int burn;
    214. 

  214. 

  215.   if (outbuflen < inbuflen)
    216. 

  216.     return GPG_ERR_BUFFER_TOO_SHORT;
    217. 

  217. 

  218.   if (inbuflen & blocksize_mask)
    219. 

  219.     return GPG_ERR_INV_LENGTH;
    220. 

  220. 

  221.   burn = cbc_decrypt_inner(c, outbuf, inbuf, nblocks, blocksize);
    222. 

  222. 

  223.   if (burn > 0)
    224. 

  224.     _gcry_burn_stack (burn + 4 * sizeof(void *));
    225. 

  225. 

  226.   return 0;
    227. 

  227. }
    228. 

  228. 

  229. 

  230. gcry_err_code_t
    231. 

  231. _gcry_cipher_cbc_cts_decrypt (gcry_cipher_hd_t c,
    232. 

  232.                               unsigned char *outbuf, size_t outbuflen,
    233. 

  233.                               const unsigned char *inbuf, size_t inbuflen)
    234. 

  234. {
    235. 

  235.   size_t blocksize_shift = _gcry_blocksize_shift(c);
    236. 

  236.   size_t blocksize = 1 << blocksize_shift;
    237. 

  237.   size_t blocksize_mask = blocksize - 1;
    238. 

  238.   gcry_cipher_decrypt_t dec_fn = c->spec->decrypt;
    239. 

  239.   size_t nblocks = inbuflen >> blocksize_shift;
    240. 

  240.   unsigned int burn, nburn;
    241. 

  241.   int i;
    242. 

  242. 

  243.   if (outbuflen < inbuflen)
    244. 

  244.     return GPG_ERR_BUFFER_TOO_SHORT;
    245. 

  245. 

  246.   if ((inbuflen & blocksize_mask) && !(inbuflen > blocksize))
    247. 

  247.     return GPG_ERR_INV_LENGTH;
    248. 

  248. 

  249.   burn = 0;
    250. 

  250. 

  251.   if (inbuflen > blocksize)
    252. 

  252.     {
    253. 

  253.       nblocks--;
    254. 

  254.       if ((inbuflen & blocksize_mask) == 0)
    255. 

  255. 	nblocks--;
    256. 

  256.       cipher_block_cpy (c->lastiv, c->u_iv.iv, blocksize);
    257. 

  257.     }
    258. 

  258. 

  259.   burn = cbc_decrypt_inner(c, outbuf, inbuf, nblocks, blocksize);
    260. 

  260.   inbuf  += nblocks << blocksize_shift;
    261. 

  261.   outbuf += nblocks << blocksize_shift;
    262. 

  262. 

  263.   if (inbuflen > blocksize)
    264. 

  264.     {
    265. 

  265.       size_t restbytes;
    266. 

  266. 

  267.       if ((inbuflen & blocksize_mask) == 0)
    268. 

  268.         restbytes = blocksize;
    269. 

  269.       else
    270. 

  270.         restbytes = inbuflen & blocksize_mask;
    271. 

  271. 

  272.       cipher_block_cpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */
    273. 

  273.       buf_cpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */
    274. 

  274. 

  275.       nburn = dec_fn ( &c->context.c, outbuf, inbuf );
    276. 

  276.       burn = nburn > burn ? nburn : burn;
    277. 

  277.       buf_xor(outbuf, outbuf, c->u_iv.iv, restbytes);
    278. 

  278. 

  279.       buf_cpy (outbuf + blocksize, outbuf, restbytes);
    280. 

  280.       for(i=restbytes; i < blocksize; i++)
    281. 

  281.         c->u_iv.iv[i] = outbuf[i];
    282. 

  282.       nburn = dec_fn (&c->context.c, outbuf, c->u_iv.iv);
    283. 

  283.       burn = nburn > burn ? nburn : burn;
    284. 

  284.       cipher_block_xor(outbuf, outbuf, c->lastiv, blocksize);
    285. 

  285.       /* c->lastiv is now really lastlastiv, does this matter? */
    286. 

  286.     }
    287. 

  287. 

  288.   if (burn > 0)
    289. 

  289.     _gcry_burn_stack (burn + 4 * sizeof(void *));
    290. 

  290. 

  291.   return 0;
    292. 

  292. }
    293. 

  293.