Startsida Utforska Hjälp
Logga in
sl1nk
/
tarsnap
spegling av https://github.com/Tarsnap/tarsnap.git
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Ärenden 0 Wiki
Träd: b59e3e0c29
Grenar Taggar
tarsnap
/
libcperciva
/
crypto
/
crypto_aesctr_shared.c

crypto_aesctr_shared.c 2.8 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 
  1. /*
    2. 

  2.  * This code is shared between crypto_aesctr*.c files, and should not be
    3. 

  3.  * compiled as a separate translation unit.  For details, see the comments in
    4. 

  4.  * those files.
    5. 

  5.  */
    6. 

  6. 

  7. /* AES-CTR state. */
    8. 

  8. struct crypto_aesctr {
    9. 

  9. 	const struct crypto_aes_key * key;
    10. 

  10. 	uint64_t bytectr;
    11. 

  11. 	uint8_t buf[16];
    12. 

  12. 	uint8_t pblk[16];
    13. 

  13. };
    14. 

  14. 

  15. /* Generate a block of cipherstream. */
    16. 

  16. static inline void
    17. 

  17. crypto_aesctr_stream_cipherblock_generate(struct crypto_aesctr * stream)
    18. 

  18. {
    19. 

  19. 

  20. 	/* Sanity check. */
    21. 

  21. 	assert(stream->bytectr % 16 == 0);
    22. 

  22. 

  23. 	/* Prepare counter. */
    24. 

  24. 	stream->pblk[15]++;
    25. 

  25. 	if (stream->pblk[15] == 0) {
    26. 

  26. 		/*
    27. 

  27. 		 * If incrementing the least significant byte resulted in it
    28. 

  28. 		 * wrapping, re-encode the complete 64-bit value.
    29. 

  29. 		 */
    30. 

  30. 		be64enc(stream->pblk + 8, stream->bytectr / 16);
    31. 

  31. 	}
    32. 

  32. 

  33. 	/* Encrypt the cipherblock. */
    34. 

  34. 	crypto_aes_encrypt_block(stream->pblk, stream->buf, stream->key);
    35. 

  35. }
    36. 

  36. 

  37. /* Encrypt ${nbytes} bytes, then update ${inbuf}, ${outbuf}, and ${buflen}. */
    38. 

  38. static inline void
    39. 

  39. crypto_aesctr_stream_cipherblock_use(struct crypto_aesctr * stream,
    40. 

  40.     const uint8_t ** inbuf, uint8_t ** outbuf, size_t * buflen, size_t nbytes,
    41. 

  41.     size_t bytemod)
    42. 

  42. {
    43. 

  43. 	size_t i;
    44. 

  44. 

  45. 	/* Encrypt the byte(s). */
    46. 

  46. 	for (i = 0; i < nbytes; i++)
    47. 

  47. 		(*outbuf)[i] = (*inbuf)[i] ^ stream->buf[bytemod + i];
    48. 

  48. 

  49. 	/* Move to the next byte(s) of cipherstream. */
    50. 

  50. 	stream->bytectr += nbytes;
    51. 

  51. 

  52. 	/* Update the positions. */
    53. 

  53. 	*inbuf += nbytes;
    54. 

  54. 	*outbuf += nbytes;
    55. 

  55. 	*buflen -= nbytes;
    56. 

  56. }
    57. 

  57. 

  58. /*
    59. 

  59.  * Process any bytes before we can process a whole block.  Return 1 if there
    60. 

  60.  * are no bytes left to process after calling this function.
    61. 

  61.  */
    62. 

  62. static inline int
    63. 

  63. crypto_aesctr_stream_pre_wholeblock(struct crypto_aesctr * stream,
    64. 

  64.     const uint8_t ** inbuf, uint8_t ** outbuf, size_t * buflen_p)
    65. 

  65. {
    66. 

  66. 	size_t bytemod;
    67. 

  67. 

  68. 	/* Do we have any bytes left in the current cipherblock? */
    69. 

  69. 	bytemod = stream->bytectr % 16;
    70. 

  70. 	if (bytemod != 0) {
    71. 

  71. 		/* Do we have enough to complete the request? */
    72. 

  72. 		if (bytemod + *buflen_p <= 16) {
    73. 

  73. 			/* Process only buflen bytes, then return. */
    74. 

  74. 			crypto_aesctr_stream_cipherblock_use(stream, inbuf,
    75. 

  75. 			    outbuf, buflen_p, *buflen_p, bytemod);
    76. 

  76. 			return (1);
    77. 

  77. 		}
    78. 

  78. 

  79. 		/* Encrypt the byte(s) and update the positions. */
    80. 

  80. 		crypto_aesctr_stream_cipherblock_use(stream, inbuf, outbuf,
    81. 

  81. 		    buflen_p, 16 - bytemod, bytemod);
    82. 

  82. 	}
    83. 

  83. 

  84. 	/* Success! */
    85. 

  85. 	return (0);
    86. 

  86. }
    87. 

  87. 

  88. /* Process any final bytes after finishing all whole blocks. */
    89. 

  89. static inline void
    90. 

  90. crypto_aesctr_stream_post_wholeblock(struct crypto_aesctr * stream,
    91. 

  91.     const uint8_t ** inbuf, uint8_t ** outbuf, size_t * buflen_p)
    92. 

  92. {
    93. 

  93. 

  94. 	/* Process any final bytes; we need a new cipherblock. */
    95. 

  95. 	if (*buflen_p > 0) {
    96. 

  96. 		/* Generate a block of cipherstream. */
    97. 

  97. 		crypto_aesctr_stream_cipherblock_generate(stream);
    98. 

  98. 

  99. 		/* Encrypt the byte(s) and update the positions. */
    100. 

  100. 		crypto_aesctr_stream_cipherblock_use(stream, inbuf, outbuf,
    101. 

  101. 		    buflen_p, *buflen_p, 0);
    102. 

  102. 	}
    103. 

  103. }
    104. 

  104.