- revert to old rijndael code. new rijndael code broke gbde.
- since aes-xcbc-mac and aes-ctr require functions in new rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
This commit is contained in:
Hajimu UMEMOTO
parent
e1419c08e2
commit
9132d5071c
@ -1439,12 +1439,12 @@ netinet/tcp_syncache.c optional inet
|
||||
netinet/tcp_timer.c optional inet
|
||||
netinet/tcp_usrreq.c optional inet
|
||||
netinet/udp_usrreq.c optional inet
|
||||
netinet6/ah_aesxcbcmac.c optional ipsec
|
||||
#netinet6/ah_aesxcbcmac.c optional ipsec
|
||||
netinet6/ah_core.c optional ipsec
|
||||
netinet6/ah_input.c optional ipsec
|
||||
netinet6/ah_output.c optional ipsec
|
||||
netinet6/dest6.c optional inet6
|
||||
netinet6/esp_aesctr.c optional ipsec ipsec_esp
|
||||
#netinet6/esp_aesctr.c optional ipsec ipsec_esp
|
||||
netinet6/esp_core.c optional ipsec ipsec_esp
|
||||
netinet6/esp_input.c optional ipsec ipsec_esp
|
||||
netinet6/esp_output.c optional ipsec ipsec_esp
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,40 +1,34 @@
|
||||
/* $FreeBSD$ */
|
||||
/* $KAME: rijndael-alg-fst.h,v 1.5 2003/07/15 10:47:16 itojun Exp $ */
|
||||
/**
|
||||
* rijndael-alg-fst.h
|
||||
/* $KAME: rijndael-alg-fst.h,v 1.4 2000/10/02 17:14:26 itojun Exp $ */
|
||||
|
||||
/*
|
||||
* rijndael-alg-fst.h v2.3 April '2000
|
||||
*
|
||||
* @version 3.0 (December 2000)
|
||||
* Optimised ANSI C code
|
||||
*
|
||||
* Optimised ANSI C code for the Rijndael cipher (now AES)
|
||||
*
|
||||
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
|
||||
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
|
||||
* @author Paulo Barreto <paulo.barreto@terra.com.br>
|
||||
*
|
||||
* This code is hereby placed in the public domain.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
|
||||
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
|
||||
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
||||
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test.
|
||||
*/
|
||||
|
||||
#ifndef __RIJNDAEL_ALG_FST_H
|
||||
#define __RIJNDAEL_ALG_FST_H
|
||||
|
||||
#define RIJNDAEL_MAXKC (256/32)
|
||||
#define RIJNDAEL_MAXKB (256/8)
|
||||
#define RIJNDAEL_MAXNR 14
|
||||
#define RIJNDAEL_MAXKC (256/32)
|
||||
#define RIJNDAEL_MAXROUNDS 14
|
||||
|
||||
int rijndaelKeySetupEnc(u_int32_t rk[/*4*(Nr + 1)*/], const u_int8_t cipherKey[], int keyBits);
|
||||
int rijndaelKeySetupDec(u_int32_t rk[/*4*(Nr + 1)*/], const u_int8_t cipherKey[], int keyBits);
|
||||
void rijndaelEncrypt(const u_int32_t rk[/*4*(Nr + 1)*/], int Nr, const u_int8_t pt[16], u_int8_t ct[16]);
|
||||
void rijndaelDecrypt(const u_int32_t rk[/*4*(Nr + 1)*/], int Nr, const u_int8_t ct[16], u_int8_t pt[16]);
|
||||
int rijndaelKeySched(u_int8_t k[RIJNDAEL_MAXKC][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
|
||||
|
||||
int rijndaelKeyEncToDec(u_int8_t W[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
|
||||
|
||||
int rijndaelEncrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
|
||||
|
||||
#ifdef INTERMEDIATE_VALUE_KAT
|
||||
int rijndaelEncryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds);
|
||||
#endif /* INTERMEDIATE_VALUE_KAT */
|
||||
|
||||
int rijndaelDecrypt(u_int8_t a[16], u_int8_t b[16], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS);
|
||||
|
||||
#ifdef INTERMEDIATE_VALUE_KAT
|
||||
int rijndaelDecryptRound(u_int8_t a[4][4], u_int8_t rk[RIJNDAEL_MAXROUNDS+1][4][4], int ROUNDS, int rounds);
|
||||
#endif /* INTERMEDIATE_VALUE_KAT */
|
||||
|
||||
#endif /* __RIJNDAEL_ALG_FST_H */
|
||||
|
||||
@ -1,59 +1,44 @@
|
||||
/* $KAME: rijndael-api-fst.c,v 1.18 2003/07/24 15:10:30 itojun Exp $ */
|
||||
/* $KAME: rijndael-api-fst.c,v 1.10 2001/05/27 09:34:18 itojun Exp $ */
|
||||
|
||||
/**
|
||||
* rijndael-api-fst.c
|
||||
/*
|
||||
* rijndael-api-fst.c v2.3 April '2000
|
||||
*
|
||||
* @version 2.9 (December 2000)
|
||||
* Optimised ANSI C code
|
||||
*
|
||||
* Optimised ANSI C code for the Rijndael cipher (now AES)
|
||||
* authors: v1.0: Antoon Bosselaers
|
||||
* v2.0: Vincent Rijmen
|
||||
* v2.1: Vincent Rijmen
|
||||
* v2.2: Vincent Rijmen
|
||||
* v2.3: Paulo Barreto
|
||||
* v2.4: Vincent Rijmen
|
||||
*
|
||||
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
|
||||
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
|
||||
* @author Paulo Barreto <paulo.barreto@terra.com.br>
|
||||
*
|
||||
* This code is hereby placed in the public domain.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
|
||||
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
|
||||
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
||||
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* Acknowledgements:
|
||||
*
|
||||
* We are deeply indebted to the following people for their bug reports,
|
||||
* fixes, and improvement suggestions to this implementation. Though we
|
||||
* tried to list all contributions, we apologise in advance for any
|
||||
* missing reference.
|
||||
*
|
||||
* Andrew Bales <Andrew.Bales@Honeywell.com>
|
||||
* Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
|
||||
* John Skodon <skodonj@webquill.com>
|
||||
* This code is placed in the public domain.
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/types.h>
|
||||
#ifdef _KERNEL
|
||||
#include <sys/systm.h>
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#endif
|
||||
|
||||
#include <crypto/rijndael/rijndael_local.h>
|
||||
#include <crypto/rijndael/rijndael-alg-fst.h>
|
||||
#include <crypto/rijndael/rijndael-api-fst.h>
|
||||
#include <crypto/rijndael/rijndael_local.h>
|
||||
|
||||
#ifndef TRUE
|
||||
#define TRUE 1
|
||||
#endif
|
||||
|
||||
typedef u_int8_t BYTE;
|
||||
|
||||
int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) {
|
||||
u_int8_t cipherKey[RIJNDAEL_MAXKB];
|
||||
u8 k[RIJNDAEL_MAXKC][4];
|
||||
int i;
|
||||
char *keyMat;
|
||||
|
||||
if (key == NULL) {
|
||||
return BAD_KEY_INSTANCE;
|
||||
@ -65,24 +50,28 @@ int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMate
|
||||
return BAD_KEY_DIR;
|
||||
}
|
||||
|
||||
if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) {
|
||||
if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) {
|
||||
key->keyLen = keyLen;
|
||||
} else {
|
||||
return BAD_KEY_MAT;
|
||||
}
|
||||
|
||||
if (keyMaterial != NULL) {
|
||||
memcpy(key->keyMaterial, keyMaterial, keyLen/8);
|
||||
bcopy(keyMaterial, key->keyMaterial, keyLen/8);
|
||||
}
|
||||
|
||||
key->ROUNDS = keyLen/32 + 6;
|
||||
|
||||
/* initialize key schedule: */
|
||||
memcpy(cipherKey, key->keyMaterial, keyLen/8);
|
||||
if (direction == DIR_ENCRYPT) {
|
||||
key->Nr = rijndaelKeySetupEnc(key->rk, cipherKey, keyLen);
|
||||
} else {
|
||||
key->Nr = rijndaelKeySetupDec(key->rk, cipherKey, keyLen);
|
||||
keyMat = key->keyMaterial;
|
||||
for (i = 0; i < key->keyLen/8; i++) {
|
||||
k[i >> 2][i & 3] = (u8)keyMat[i];
|
||||
}
|
||||
rijndaelKeySetupEnc(key->ek, cipherKey, keyLen);
|
||||
rijndaelKeySched(k, key->keySched, key->ROUNDS);
|
||||
if (direction == DIR_DECRYPT) {
|
||||
rijndaelKeyEncToDec(key->keySched, key->ROUNDS);
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@ -93,21 +82,17 @@ int rijndael_cipherInit(cipherInstance *cipher, BYTE mode, char *IV) {
|
||||
return BAD_CIPHER_MODE;
|
||||
}
|
||||
if (IV != NULL) {
|
||||
memcpy(cipher->IV, IV, RIJNDAEL_MAX_IV_SIZE);
|
||||
bcopy(IV, cipher->IV, MAX_IV_SIZE);
|
||||
} else {
|
||||
memset(cipher->IV, 0, RIJNDAEL_MAX_IV_SIZE);
|
||||
bzero(cipher->IV, MAX_IV_SIZE);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
BYTE *input, int inputLen, BYTE *outBuffer) {
|
||||
int i, k, t, numBlocks;
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
u_int8_t block[16], iv[16];
|
||||
#else
|
||||
u_int8_t block[16], *iv;
|
||||
#endif
|
||||
int i, k, numBlocks;
|
||||
u8 block[16], iv[4][4];
|
||||
|
||||
if (cipher == NULL ||
|
||||
key == NULL ||
|
||||
@ -121,9 +106,9 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
numBlocks = inputLen/128;
|
||||
|
||||
switch (cipher->mode) {
|
||||
case MODE_ECB:
|
||||
case MODE_ECB:
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelEncrypt(key->rk, key->Nr, input, outBuffer);
|
||||
rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
@ -131,58 +116,77 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
|
||||
case MODE_CBC:
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, cipher->IV, 16);
|
||||
bcopy(cipher->IV, block, 16);
|
||||
bcopy(input, iv, 16);
|
||||
((u32*)block)[0] ^= ((u32*)iv)[0];
|
||||
((u32*)block)[1] ^= ((u32*)iv)[1];
|
||||
((u32*)block)[2] ^= ((u32*)iv)[2];
|
||||
((u32*)block)[3] ^= ((u32*)iv)[3];
|
||||
#else
|
||||
iv = cipher->IV;
|
||||
((u32*)block)[0] = ((u32*)cipher->IV)[0] ^ ((u32*)input)[0];
|
||||
((u32*)block)[1] = ((u32*)cipher->IV)[1] ^ ((u32*)input)[1];
|
||||
((u32*)block)[2] = ((u32*)cipher->IV)[2] ^ ((u32*)input)[2];
|
||||
((u32*)block)[3] = ((u32*)cipher->IV)[3] ^ ((u32*)input)[3];
|
||||
#endif
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
for (i = numBlocks - 1; i > 0; i--) {
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(block, input, 16);
|
||||
((u_int32_t*)block)[0] ^= ((u_int32_t*)iv)[0];
|
||||
((u_int32_t*)block)[1] ^= ((u_int32_t*)iv)[1];
|
||||
((u_int32_t*)block)[2] ^= ((u_int32_t*)iv)[2];
|
||||
((u_int32_t*)block)[3] ^= ((u_int32_t*)iv)[3];
|
||||
bcopy(outBuffer, block, 16);
|
||||
bcopy(input, iv, 16);
|
||||
((u32*)block)[0] ^= ((u32*)iv)[0];
|
||||
((u32*)block)[1] ^= ((u32*)iv)[1];
|
||||
((u32*)block)[2] ^= ((u32*)iv)[2];
|
||||
((u32*)block)[3] ^= ((u32*)iv)[3];
|
||||
#else
|
||||
((u_int32_t*)block)[0] = ((u_int32_t*)input)[0] ^ ((u_int32_t*)iv)[0];
|
||||
((u_int32_t*)block)[1] = ((u_int32_t*)input)[1] ^ ((u_int32_t*)iv)[1];
|
||||
((u_int32_t*)block)[2] = ((u_int32_t*)input)[2] ^ ((u_int32_t*)iv)[2];
|
||||
((u_int32_t*)block)[3] = ((u_int32_t*)input)[3] ^ ((u_int32_t*)iv)[3];
|
||||
((u32*)block)[0] = ((u32*)outBuffer)[0] ^ ((u32*)input)[0];
|
||||
((u32*)block)[1] = ((u32*)outBuffer)[1] ^ ((u32*)input)[1];
|
||||
((u32*)block)[2] = ((u32*)outBuffer)[2] ^ ((u32*)input)[2];
|
||||
((u32*)block)[3] = ((u32*)outBuffer)[3] ^ ((u32*)input)[3];
|
||||
#endif
|
||||
rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, outBuffer, 16);
|
||||
#else
|
||||
iv = outBuffer;
|
||||
#endif
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
}
|
||||
break;
|
||||
|
||||
case MODE_CFB1:
|
||||
|
||||
case MODE_CFB1:
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, cipher->IV, 16);
|
||||
#else
|
||||
iv = cipher->IV;
|
||||
#endif
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
memcpy(outBuffer, input, 16);
|
||||
for (k = 0; k < 128; k++) {
|
||||
rijndaelEncrypt(key->ek, key->Nr, iv, block);
|
||||
outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
|
||||
for (t = 0; t < 15; t++) {
|
||||
iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
|
||||
}
|
||||
iv[15] = (iv[15] << 1) | ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1);
|
||||
}
|
||||
outBuffer += 16;
|
||||
input += 16;
|
||||
}
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(cipher->IV, iv, 16);
|
||||
#endif
|
||||
break;
|
||||
|
||||
bcopy(cipher->IV, iv, 16);
|
||||
#else /* !STRICT_ALIGN */
|
||||
*((u32*)iv[0]) = *((u32*)(cipher->IV ));
|
||||
*((u32*)iv[1]) = *((u32*)(cipher->IV+ 4));
|
||||
*((u32*)iv[2]) = *((u32*)(cipher->IV+ 8));
|
||||
*((u32*)iv[3]) = *((u32*)(cipher->IV+12));
|
||||
#endif /* ?STRICT_ALIGN */
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
for (k = 0; k < 128; k++) {
|
||||
*((u32*) block ) = *((u32*)iv[0]);
|
||||
*((u32*)(block+ 4)) = *((u32*)iv[1]);
|
||||
*((u32*)(block+ 8)) = *((u32*)iv[2]);
|
||||
*((u32*)(block+12)) = *((u32*)iv[3]);
|
||||
rijndaelEncrypt(block, block, key->keySched, key->ROUNDS);
|
||||
outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7);
|
||||
iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7);
|
||||
iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7);
|
||||
iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7);
|
||||
iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7);
|
||||
iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7);
|
||||
iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7);
|
||||
iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7);
|
||||
iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7);
|
||||
iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7);
|
||||
iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7);
|
||||
iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7);
|
||||
iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7);
|
||||
iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7);
|
||||
iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7);
|
||||
iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7);
|
||||
iv[3][3] = (iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
return BAD_CIPHER_STATE;
|
||||
}
|
||||
@ -202,7 +206,7 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
BYTE *input, int inputOctets, BYTE *outBuffer) {
|
||||
int i, numBlocks, padLen;
|
||||
u_int8_t block[16], *iv;
|
||||
u8 block[16], *iv, *cp;
|
||||
|
||||
if (cipher == NULL ||
|
||||
key == NULL ||
|
||||
@ -216,28 +220,29 @@ int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
numBlocks = inputOctets/16;
|
||||
|
||||
switch (cipher->mode) {
|
||||
case MODE_ECB:
|
||||
case MODE_ECB:
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelEncrypt(key->rk, key->Nr, input, outBuffer);
|
||||
rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
padLen = 16 - (inputOctets - 16*numBlocks);
|
||||
if (padLen <= 0 || padLen > 16)
|
||||
return BAD_CIPHER_STATE;
|
||||
memcpy(block, input, 16 - padLen);
|
||||
memset(block + 16 - padLen, padLen, padLen);
|
||||
rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
|
||||
bcopy(input, block, 16 - padLen);
|
||||
for (cp = block + 16 - padLen; cp < block + 16; cp++)
|
||||
*cp = padLen;
|
||||
rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS);
|
||||
break;
|
||||
|
||||
case MODE_CBC:
|
||||
iv = cipher->IV;
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
((u_int32_t*)block)[0] = ((u_int32_t*)input)[0] ^ ((u_int32_t*)iv)[0];
|
||||
((u_int32_t*)block)[1] = ((u_int32_t*)input)[1] ^ ((u_int32_t*)iv)[1];
|
||||
((u_int32_t*)block)[2] = ((u_int32_t*)input)[2] ^ ((u_int32_t*)iv)[2];
|
||||
((u_int32_t*)block)[3] = ((u_int32_t*)input)[3] ^ ((u_int32_t*)iv)[3];
|
||||
rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
|
||||
((u32*)block)[0] = ((u32*)input)[0] ^ ((u32*)iv)[0];
|
||||
((u32*)block)[1] = ((u32*)input)[1] ^ ((u32*)iv)[1];
|
||||
((u32*)block)[2] = ((u32*)input)[2] ^ ((u32*)iv)[2];
|
||||
((u32*)block)[3] = ((u32*)input)[3] ^ ((u32*)iv)[3];
|
||||
rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS);
|
||||
iv = outBuffer;
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
@ -251,7 +256,7 @@ int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
for (i = 16 - padLen; i < 16; i++) {
|
||||
block[i] = (BYTE)padLen ^ iv[i];
|
||||
}
|
||||
rijndaelEncrypt(key->rk, key->Nr, block, outBuffer);
|
||||
rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS);
|
||||
break;
|
||||
|
||||
default:
|
||||
@ -263,12 +268,8 @@ int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
|
||||
int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
BYTE *input, int inputLen, BYTE *outBuffer) {
|
||||
int i, k, t, numBlocks;
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
u_int8_t block[16], iv[16];
|
||||
#else
|
||||
u_int8_t block[16], *iv;
|
||||
#endif
|
||||
int i, k, numBlocks;
|
||||
u8 block[16], iv[4][4];
|
||||
|
||||
if (cipher == NULL ||
|
||||
key == NULL ||
|
||||
@ -282,63 +283,79 @@ int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
numBlocks = inputLen/128;
|
||||
|
||||
switch (cipher->mode) {
|
||||
case MODE_ECB:
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, outBuffer);
|
||||
case MODE_ECB:
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
break;
|
||||
|
||||
case MODE_CBC:
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, cipher->IV, 16);
|
||||
#if 1 /*STRICT_ALIGN */
|
||||
bcopy(cipher->IV, iv, 16);
|
||||
#else
|
||||
iv = cipher->IV;
|
||||
*((u32*)iv[0]) = *((u32*)(cipher->IV ));
|
||||
*((u32*)iv[1]) = *((u32*)(cipher->IV+ 4));
|
||||
*((u32*)iv[2]) = *((u32*)(cipher->IV+ 8));
|
||||
*((u32*)iv[3]) = *((u32*)(cipher->IV+12));
|
||||
#endif
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, block);
|
||||
((u_int32_t*)block)[0] ^= ((u_int32_t*)iv)[0];
|
||||
((u_int32_t*)block)[1] ^= ((u_int32_t*)iv)[1];
|
||||
((u_int32_t*)block)[2] ^= ((u_int32_t*)iv)[2];
|
||||
((u_int32_t*)block)[3] ^= ((u_int32_t*)iv)[3];
|
||||
rijndaelDecrypt(input, block, key->keySched, key->ROUNDS);
|
||||
((u32*)block)[0] ^= *((u32*)iv[0]);
|
||||
((u32*)block)[1] ^= *((u32*)iv[1]);
|
||||
((u32*)block)[2] ^= *((u32*)iv[2]);
|
||||
((u32*)block)[3] ^= *((u32*)iv[3]);
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, input, 16);
|
||||
bcopy(input, iv, 16);
|
||||
bcopy(block, outBuffer, 16);
|
||||
#else
|
||||
memcpy(cipher->IV, input, 16);
|
||||
*((u32*)iv[0]) = ((u32*)input)[0]; ((u32*)outBuffer)[0] = ((u32*)block)[0];
|
||||
*((u32*)iv[1]) = ((u32*)input)[1]; ((u32*)outBuffer)[1] = ((u32*)block)[1];
|
||||
*((u32*)iv[2]) = ((u32*)input)[2]; ((u32*)outBuffer)[2] = ((u32*)block)[2];
|
||||
*((u32*)iv[3]) = ((u32*)input)[3]; ((u32*)outBuffer)[3] = ((u32*)block)[3];
|
||||
#endif
|
||||
memcpy(outBuffer, block, 16);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(cipher->IV, iv, 16);
|
||||
#endif
|
||||
break;
|
||||
|
||||
case MODE_CFB1:
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(iv, cipher->IV, 16);
|
||||
|
||||
case MODE_CFB1:
|
||||
#if 1 /*STRICT_ALIGN */
|
||||
bcopy(cipher->IV, iv, 16);
|
||||
#else
|
||||
iv = cipher->IV;
|
||||
*((u32*)iv[0]) = *((u32*)(cipher->IV));
|
||||
*((u32*)iv[1]) = *((u32*)(cipher->IV+ 4));
|
||||
*((u32*)iv[2]) = *((u32*)(cipher->IV+ 8));
|
||||
*((u32*)iv[3]) = *((u32*)(cipher->IV+12));
|
||||
#endif
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
memcpy(outBuffer, input, 16);
|
||||
for (k = 0; k < 128; k++) {
|
||||
rijndaelEncrypt(key->ek, key->Nr, iv, block);
|
||||
for (t = 0; t < 15; t++) {
|
||||
iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
|
||||
}
|
||||
iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1);
|
||||
outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
|
||||
}
|
||||
outBuffer += 16;
|
||||
input += 16;
|
||||
}
|
||||
#if 1 /*STRICT_ALIGN*/
|
||||
memcpy(cipher->IV, iv, 16);
|
||||
#endif
|
||||
break;
|
||||
for (i = numBlocks; i > 0; i--) {
|
||||
for (k = 0; k < 128; k++) {
|
||||
*((u32*) block ) = *((u32*)iv[0]);
|
||||
*((u32*)(block+ 4)) = *((u32*)iv[1]);
|
||||
*((u32*)(block+ 8)) = *((u32*)iv[2]);
|
||||
*((u32*)(block+12)) = *((u32*)iv[3]);
|
||||
rijndaelEncrypt(block, block, key->keySched, key->ROUNDS);
|
||||
iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7);
|
||||
iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7);
|
||||
iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7);
|
||||
iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7);
|
||||
iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7);
|
||||
iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7);
|
||||
iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7);
|
||||
iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7);
|
||||
iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7);
|
||||
iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7);
|
||||
iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7);
|
||||
iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7);
|
||||
iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7);
|
||||
iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7);
|
||||
iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7);
|
||||
iv[3][3] = (iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1);
|
||||
outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
return BAD_CIPHER_STATE;
|
||||
@ -350,7 +367,8 @@ int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
BYTE *input, int inputOctets, BYTE *outBuffer) {
|
||||
int i, numBlocks, padLen;
|
||||
u_int8_t block[16];
|
||||
u8 block[16];
|
||||
u32 iv[4];
|
||||
|
||||
if (cipher == NULL ||
|
||||
key == NULL ||
|
||||
@ -369,13 +387,13 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
switch (cipher->mode) {
|
||||
case MODE_ECB:
|
||||
/* all blocks but last */
|
||||
for (i = numBlocks - 1; i > 0; i--) {
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, outBuffer);
|
||||
for (i = numBlocks - 1; i > 0; i--) {
|
||||
rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
/* last block */
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, block);
|
||||
rijndaelDecrypt(input, block, key->keySched, key->ROUNDS);
|
||||
padLen = block[15];
|
||||
if (padLen >= 16) {
|
||||
return BAD_DATA;
|
||||
@ -385,28 +403,29 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
return BAD_DATA;
|
||||
}
|
||||
}
|
||||
memcpy(outBuffer, block, 16 - padLen);
|
||||
bcopy(block, outBuffer, 16 - padLen);
|
||||
break;
|
||||
|
||||
case MODE_CBC:
|
||||
bcopy(cipher->IV, iv, 16);
|
||||
/* all blocks but last */
|
||||
for (i = numBlocks - 1; i > 0; i--) {
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, block);
|
||||
((u_int32_t*)block)[0] ^= ((u_int32_t*)cipher->IV)[0];
|
||||
((u_int32_t*)block)[1] ^= ((u_int32_t*)cipher->IV)[1];
|
||||
((u_int32_t*)block)[2] ^= ((u_int32_t*)cipher->IV)[2];
|
||||
((u_int32_t*)block)[3] ^= ((u_int32_t*)cipher->IV)[3];
|
||||
memcpy(cipher->IV, input, 16);
|
||||
memcpy(outBuffer, block, 16);
|
||||
rijndaelDecrypt(input, block, key->keySched, key->ROUNDS);
|
||||
((u32*)block)[0] ^= iv[0];
|
||||
((u32*)block)[1] ^= iv[1];
|
||||
((u32*)block)[2] ^= iv[2];
|
||||
((u32*)block)[3] ^= iv[3];
|
||||
bcopy(input, iv, 16);
|
||||
bcopy(block, outBuffer, 16);
|
||||
input += 16;
|
||||
outBuffer += 16;
|
||||
}
|
||||
/* last block */
|
||||
rijndaelDecrypt(key->rk, key->Nr, input, block);
|
||||
((u_int32_t*)block)[0] ^= ((u_int32_t*)cipher->IV)[0];
|
||||
((u_int32_t*)block)[1] ^= ((u_int32_t*)cipher->IV)[1];
|
||||
((u_int32_t*)block)[2] ^= ((u_int32_t*)cipher->IV)[2];
|
||||
((u_int32_t*)block)[3] ^= ((u_int32_t*)cipher->IV)[3];
|
||||
rijndaelDecrypt(input, block, key->keySched, key->ROUNDS);
|
||||
((u32*)block)[0] ^= iv[0];
|
||||
((u32*)block)[1] ^= iv[1];
|
||||
((u32*)block)[2] ^= iv[2];
|
||||
((u32*)block)[3] ^= iv[3];
|
||||
padLen = block[15];
|
||||
if (padLen <= 0 || padLen > 16) {
|
||||
return BAD_DATA;
|
||||
@ -416,7 +435,7 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
return BAD_DATA;
|
||||
}
|
||||
}
|
||||
memcpy(outBuffer, block, 16 - padLen);
|
||||
bcopy(block, outBuffer, 16 - padLen);
|
||||
break;
|
||||
|
||||
default:
|
||||
@ -426,3 +445,49 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
return 16*numBlocks - padLen;
|
||||
}
|
||||
|
||||
#ifdef INTERMEDIATE_VALUE_KAT
|
||||
/**
|
||||
* cipherUpdateRounds:
|
||||
*
|
||||
* Encrypts/Decrypts exactly one full block a specified number of rounds.
|
||||
* Only used in the Intermediate Value Known Answer Test.
|
||||
*
|
||||
* Returns:
|
||||
* TRUE - on success
|
||||
* BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized)
|
||||
*/
|
||||
int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key,
|
||||
BYTE *input, int inputLen, BYTE *outBuffer, int rounds) {
|
||||
int j;
|
||||
u8 block[4][4];
|
||||
|
||||
if (cipher == NULL || key == NULL) {
|
||||
return BAD_CIPHER_STATE;
|
||||
}
|
||||
|
||||
for (j = 3; j >= 0; j--) {
|
||||
/* parse input stream into rectangular array */
|
||||
*((u32*)block[j]) = *((u32*)(input+4*j));
|
||||
}
|
||||
|
||||
switch (key->direction) {
|
||||
case DIR_ENCRYPT:
|
||||
rijndaelEncryptRound(block, key->keySched, key->ROUNDS, rounds);
|
||||
break;
|
||||
|
||||
case DIR_DECRYPT:
|
||||
rijndaelDecryptRound(block, key->keySched, key->ROUNDS, rounds);
|
||||
break;
|
||||
|
||||
default:
|
||||
return BAD_KEY_DIR;
|
||||
}
|
||||
|
||||
for (j = 3; j >= 0; j--) {
|
||||
/* parse rectangular array into output ciphertext bytes */
|
||||
*((u32*)(outBuffer+4*j)) = *((u32*)block[j]);
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
#endif /* INTERMEDIATE_VALUE_KAT */
|
||||
|
||||
@ -1,42 +1,12 @@
|
||||
/* $FreeBSD$ */
|
||||
/* $NetBSD: rijndael-api-fst.h,v 1.5 2003/07/16 05:08:09 itojun Exp $ */
|
||||
/* $KAME: rijndael-api-fst.h,v 1.9 2003/07/16 05:09:38 itojun Exp $ */
|
||||
/* $KAME: rijndael-api-fst.h,v 1.6 2001/05/27 00:23:23 itojun Exp $ */
|
||||
|
||||
/**
|
||||
* rijndael-api-fst.h
|
||||
/*
|
||||
* rijndael-api-fst.h v2.3 April '2000
|
||||
*
|
||||
* @version 2.9 (December 2000)
|
||||
* Optimised ANSI C code
|
||||
*
|
||||
* Optimised ANSI C code for the Rijndael cipher (now AES)
|
||||
*
|
||||
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
|
||||
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
|
||||
* @author Paulo Barreto <paulo.barreto@terra.com.br>
|
||||
*
|
||||
* This code is hereby placed in the public domain.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
|
||||
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
|
||||
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
||||
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* Acknowledgements:
|
||||
*
|
||||
* We are deeply indebted to the following people for their bug reports,
|
||||
* fixes, and improvement suggestions to this implementation. Though we
|
||||
* tried to list all contributions, we apologise in advance for any
|
||||
* missing reference.
|
||||
*
|
||||
* Andrew Bales <Andrew.Bales@Honeywell.com>
|
||||
* Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
|
||||
* John Skodon <skodonj@webquill.com>
|
||||
* #define INTERMEDIATE_VALUE_KAT to generate the Intermediate Value Known Answer Test.
|
||||
*/
|
||||
|
||||
#ifndef __RIJNDAEL_API_FST_H
|
||||
@ -44,17 +14,18 @@
|
||||
|
||||
#include <crypto/rijndael/rijndael-alg-fst.h>
|
||||
|
||||
/* Generic Defines */
|
||||
/* Defines:
|
||||
Add any additional defines you need
|
||||
*/
|
||||
|
||||
#define DIR_ENCRYPT 0 /* Are we encrpyting? */
|
||||
#define DIR_DECRYPT 1 /* Are we decrpyting? */
|
||||
#define MODE_ECB 1 /* Are we ciphering in ECB mode? */
|
||||
#define MODE_CBC 2 /* Are we ciphering in CBC mode? */
|
||||
#define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */
|
||||
#define TRUE 1
|
||||
#define FALSE 0
|
||||
#define BITSPERBLOCK 128 /* Default number of bits in a cipher block */
|
||||
|
||||
/* Error Codes */
|
||||
/* Error Codes - CHANGE POSSIBLE: inclusion of additional error codes */
|
||||
#define BAD_KEY_DIR -1 /* Key direction is invalid, e.g., unknown value */
|
||||
#define BAD_KEY_MAT -2 /* Key material not of correct length */
|
||||
#define BAD_KEY_INSTANCE -3 /* Key passed is not valid */
|
||||
@ -65,42 +36,67 @@
|
||||
#define BAD_DATA -8 /* Data contents are invalid, e.g., invalid padding */
|
||||
#define BAD_OTHER -9 /* Unknown error */
|
||||
|
||||
/* Algorithm-specific Defines */
|
||||
#define RIJNDAEL_MAX_KEY_SIZE 64 /* # of ASCII char's needed to represent a key */
|
||||
#define RIJNDAEL_MAX_IV_SIZE 16 /* # bytes needed to represent an IV */
|
||||
/* CHANGE POSSIBLE: inclusion of algorithm specific defines */
|
||||
#define MAX_KEY_SIZE 64 /* # of ASCII char's needed to represent a key */
|
||||
#define MAX_IV_SIZE 16 /* # bytes needed to represent an IV */
|
||||
|
||||
/* Typedefs */
|
||||
/* Typedefs:
|
||||
|
||||
typedef unsigned char BYTE;
|
||||
Typedef'ed data storage elements. Add any algorithm specific
|
||||
parameters at the bottom of the structs as appropriate.
|
||||
*/
|
||||
|
||||
/* The structure for key information */
|
||||
typedef struct {
|
||||
BYTE direction; /* Key used for encrypting or decrypting? */
|
||||
u_int8_t direction; /* Key used for encrypting or decrypting? */
|
||||
int keyLen; /* Length of the key */
|
||||
char keyMaterial[RIJNDAEL_MAX_KEY_SIZE+1]; /* Raw key data in ASCII, e.g., user input or KAT values */
|
||||
int Nr; /* key-length-dependent number of rounds */
|
||||
u_int32_t rk[4*(RIJNDAEL_MAXNR + 1)]; /* key schedule */
|
||||
u_int32_t ek[4*(RIJNDAEL_MAXNR + 1)]; /* CFB1 key schedule (encryption only) */
|
||||
char keyMaterial[MAX_KEY_SIZE+1]; /* Raw key data in ASCII, e.g., user input or KAT values */
|
||||
/* The following parameters are algorithm dependent, replace or add as necessary */
|
||||
int ROUNDS; /* key-length-dependent number of rounds */
|
||||
int blockLen; /* block length */
|
||||
union {
|
||||
u_int8_t xkS8[RIJNDAEL_MAXROUNDS+1][4][4]; /* key schedule */
|
||||
u_int32_t xkS32[RIJNDAEL_MAXROUNDS+1][4]; /* key schedule */
|
||||
} xKeySched;
|
||||
#define keySched xKeySched.xkS8
|
||||
} keyInstance;
|
||||
|
||||
/* The structure for cipher information */
|
||||
typedef struct { /* changed order of the components */
|
||||
BYTE mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
|
||||
BYTE IV[RIJNDAEL_MAX_IV_SIZE]; /* A possible Initialization Vector for ciphering */
|
||||
u_int8_t mode; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
|
||||
u_int8_t IV[MAX_IV_SIZE]; /* A possible Initialization Vector for ciphering */
|
||||
/* Add any algorithm specific parameters needed here */
|
||||
int blockLen; /* Sample: Handles non-128 bit block sizes (if available) */
|
||||
} cipherInstance;
|
||||
|
||||
/* Function prototypes */
|
||||
/* CHANGED: nothing
|
||||
TODO: implement the following extensions to setup 192-bit and 256-bit block lengths:
|
||||
makeKeyEx(): parameter blockLen added
|
||||
-- this parameter is absolutely necessary if you want to
|
||||
setup the round keys in a variable block length setting
|
||||
cipherInitEx(): parameter blockLen added (for obvious reasons)
|
||||
*/
|
||||
|
||||
int rijndael_makeKey(keyInstance *, BYTE, int, char *);
|
||||
int rijndael_makeKey(keyInstance *key, u_int8_t direction, int keyLen, char *keyMaterial);
|
||||
|
||||
int rijndael_cipherInit(cipherInstance *, BYTE, char *);
|
||||
int rijndael_cipherInit(cipherInstance *cipher, u_int8_t mode, char *IV);
|
||||
|
||||
int rijndael_blockEncrypt(cipherInstance *, keyInstance *, BYTE *, int, BYTE *);
|
||||
int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
u_int8_t *input, int inputLen, u_int8_t *outBuffer);
|
||||
|
||||
int rijndael_padEncrypt(cipherInstance *, keyInstance *, BYTE *, int, BYTE *);
|
||||
int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
|
||||
u_int8_t *input, int inputOctets, u_int8_t *outBuffer);
|
||||
|
||||
int rijndael_blockDecrypt(cipherInstance *, keyInstance *, BYTE *, int, BYTE *);
|
||||
int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
u_int8_t *input, int inputLen, u_int8_t *outBuffer);
|
||||
|
||||
int rijndael_padDecrypt(cipherInstance *, keyInstance *, BYTE *, int, BYTE *);
|
||||
int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
|
||||
u_int8_t *input, int inputOctets, u_int8_t *outBuffer);
|
||||
|
||||
#endif /* __RIJNDAEL_API_FST_H */
|
||||
#ifdef INTERMEDIATE_VALUE_KAT
|
||||
int rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key,
|
||||
u_int8_t *input, int inputLen, u_int8_t *outBuffer, int Rounds);
|
||||
#endif /* INTERMEDIATE_VALUE_KAT */
|
||||
|
||||
#endif /* __RIJNDAEL_API_FST_H */
|
||||
|
||||
@ -189,10 +189,12 @@ ah_algorithm_lookup(idx)
|
||||
"hmac-ripemd160",
|
||||
ah_hmac_ripemd160_init, ah_hmac_ripemd160_loop,
|
||||
ah_hmac_ripemd160_result, },
|
||||
#ifdef ENABLE_AES_XCBC_MAC
|
||||
{ ah_sumsiz_1216, ah_common_mature, 128, 128,
|
||||
"aes-xcbc-mac",
|
||||
ah_aes_xcbc_mac_init, ah_aes_xcbc_mac_loop,
|
||||
ah_aes_xcbc_mac_result, },
|
||||
#endif
|
||||
};
|
||||
|
||||
switch (idx) {
|
||||
@ -214,8 +216,10 @@ ah_algorithm_lookup(idx)
|
||||
return &ah_algorithms[7];
|
||||
case SADB_X_AALG_RIPEMD160HMAC:
|
||||
return &ah_algorithms[8];
|
||||
#ifdef ENABLE_AES_XCBC_MAC
|
||||
case SADB_X_AALG_AES_XCBC_MAC:
|
||||
return &ah_algorithms[9];
|
||||
#endif
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -153,9 +153,11 @@ static const struct esp_algorithm esp_algorithms[] = {
|
||||
esp_common_ivlen, esp_cbc_decrypt,
|
||||
esp_cbc_encrypt, esp_rijndael_schedule,
|
||||
esp_rijndael_blockdecrypt, esp_rijndael_blockencrypt },
|
||||
#ifdef ENABLE_EALG_AESCTR
|
||||
{ 16, 8, esp_aesctr_mature, 160, 288, esp_aesctr_schedlen, "aes-ctr",
|
||||
esp_common_ivlen, esp_aesctr_decrypt,
|
||||
esp_aesctr_encrypt, esp_aesctr_schedule },
|
||||
#endif
|
||||
};
|
||||
|
||||
const struct esp_algorithm *
|
||||
@ -176,8 +178,10 @@ esp_algorithm_lookup(idx)
|
||||
return &esp_algorithms[4];
|
||||
case SADB_X_EALG_RIJNDAELCBC:
|
||||
return &esp_algorithms[5];
|
||||
#ifdef ENABLE_EALG_AESCTR
|
||||
case SADB_X_EALG_AESCTR:
|
||||
return &esp_algorithms[6];
|
||||
#endif
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user