Path: blob/main/contrib/bearssl/src/symcipher/aes_big_ctrcbc.c
39482 views
/*1* Copyright (c) 2017 Thomas Pornin <[email protected]>2*3* Permission is hereby granted, free of charge, to any person obtaining4* a copy of this software and associated documentation files (the5* "Software"), to deal in the Software without restriction, including6* without limitation the rights to use, copy, modify, merge, publish,7* distribute, sublicense, and/or sell copies of the Software, and to8* permit persons to whom the Software is furnished to do so, subject to9* the following conditions:10*11* The above copyright notice and this permission notice shall be12* included in all copies or substantial portions of the Software.13*14* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,15* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF16* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND17* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS18* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN19* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN20* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE21* SOFTWARE.22*/2324#include "inner.h"2526/* see bearssl_block.h */27void28br_aes_big_ctrcbc_init(br_aes_big_ctrcbc_keys *ctx,29const void *key, size_t len)30{31ctx->vtable = &br_aes_big_ctrcbc_vtable;32ctx->num_rounds = br_aes_keysched(ctx->skey, key, len);33}3435static void36xorbuf(void *dst, const void *src, size_t len)37{38unsigned char *d;39const unsigned char *s;4041d = dst;42s = src;43while (len -- > 0) {44*d ++ ^= *s ++;45}46}4748/* see bearssl_block.h */49void50br_aes_big_ctrcbc_ctr(const br_aes_big_ctrcbc_keys *ctx,51void *ctr, void *data, size_t len)52{53unsigned char *buf, *bctr;54uint32_t cc0, cc1, cc2, cc3;5556buf = data;57bctr = ctr;58cc3 = br_dec32be(bctr + 0);59cc2 = br_dec32be(bctr + 4);60cc1 = br_dec32be(bctr + 8);61cc0 = br_dec32be(bctr + 12);62while (len > 0) {63unsigned char tmp[16];64uint32_t carry;6566br_enc32be(tmp + 0, cc3);67br_enc32be(tmp + 4, cc2);68br_enc32be(tmp + 8, cc1);69br_enc32be(tmp + 12, cc0);70br_aes_big_encrypt(ctx->num_rounds, ctx->skey, tmp);71xorbuf(buf, tmp, 16);72buf += 16;73len -= 16;74cc0 ++;75carry = (~(cc0 | -cc0)) >> 31;76cc1 += carry;77carry &= (~(cc1 | -cc1)) >> 31;78cc2 += carry;79carry &= (~(cc2 | -cc2)) >> 31;80cc3 += carry;81}82br_enc32be(bctr + 0, cc3);83br_enc32be(bctr + 4, cc2);84br_enc32be(bctr + 8, cc1);85br_enc32be(bctr + 12, cc0);86}8788/* see bearssl_block.h */89void90br_aes_big_ctrcbc_mac(const br_aes_big_ctrcbc_keys *ctx,91void *cbcmac, const void *data, size_t len)92{93const unsigned char *buf;9495buf = data;96while (len > 0) {97xorbuf(cbcmac, buf, 16);98br_aes_big_encrypt(ctx->num_rounds, ctx->skey, cbcmac);99buf += 16;100len -= 16;101}102}103104/* see bearssl_block.h */105void106br_aes_big_ctrcbc_encrypt(const br_aes_big_ctrcbc_keys *ctx,107void *ctr, void *cbcmac, void *data, size_t len)108{109br_aes_big_ctrcbc_ctr(ctx, ctr, data, len);110br_aes_big_ctrcbc_mac(ctx, cbcmac, data, len);111}112113/* see bearssl_block.h */114void115br_aes_big_ctrcbc_decrypt(const br_aes_big_ctrcbc_keys *ctx,116void *ctr, void *cbcmac, void *data, size_t len)117{118br_aes_big_ctrcbc_mac(ctx, cbcmac, data, len);119br_aes_big_ctrcbc_ctr(ctx, ctr, data, len);120}121122/* see bearssl_block.h */123const br_block_ctrcbc_class br_aes_big_ctrcbc_vtable = {124sizeof(br_aes_big_ctrcbc_keys),12516,1264,127(void (*)(const br_block_ctrcbc_class **, const void *, size_t))128&br_aes_big_ctrcbc_init,129(void (*)(const br_block_ctrcbc_class *const *,130void *, void *, void *, size_t))131&br_aes_big_ctrcbc_encrypt,132(void (*)(const br_block_ctrcbc_class *const *,133void *, void *, void *, size_t))134&br_aes_big_ctrcbc_decrypt,135(void (*)(const br_block_ctrcbc_class *const *,136void *, void *, size_t))137&br_aes_big_ctrcbc_ctr,138(void (*)(const br_block_ctrcbc_class *const *,139void *, const void *, size_t))140&br_aes_big_ctrcbc_mac141};142143144