The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/opencrypto/xform_aes_cbc.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10  
    1 /*      $OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $  */
    2 /*-
    3  * The authors of this code are John Ioannidis (ji@tla.org),
    4  * Angelos D. Keromytis (kermit@csd.uch.gr),
    5  * Niels Provos (provos@physnet.uni-hamburg.de) and
    6  * Damien Miller (djm@mindrot.org).
    7  *
    8  * This code was written by John Ioannidis for BSD/OS in Athens, Greece,
    9  * in November 1995.
   10  *
   11  * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
   12  * by Angelos D. Keromytis.
   13  *
   14  * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
   15  * and Niels Provos.
   16  *
   17  * Additional features in 1999 by Angelos D. Keromytis.
   18  *
   19  * AES XTS implementation in 2008 by Damien Miller
   20  *
   21  * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
   22  * Angelos D. Keromytis and Niels Provos.
   23  *
   24  * Copyright (C) 2001, Angelos D. Keromytis.
   25  *
   26  * Copyright (C) 2008, Damien Miller
   27  * Copyright (c) 2014 The FreeBSD Foundation
   28  * All rights reserved.
   29  *
   30  * Portions of this software were developed by John-Mark Gurney
   31  * under sponsorship of the FreeBSD Foundation and
   32  * Rubicon Communications, LLC (Netgate).
   33  *
   34  * Permission to use, copy, and modify this software with or without fee
   35  * is hereby granted, provided that this entire notice is included in
   36  * all copies of any software which is or includes a copy or
   37  * modification of this software.
   38  * You may use this code under the GNU public license if you so wish. Please
   39  * contribute changes back to the authors under this freer than GPL license
   40  * so that we may further the use of strong encryption without limitations to
   41  * all.
   42  *
   43  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
   44  * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
   45  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
   46  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
   47  * PURPOSE.
   48  */
   49 
   50 #include <sys/cdefs.h>
   51 __FBSDID("$FreeBSD$");
   52 
   53 #include <sys/types.h>
   54 #include <crypto/rijndael/rijndael.h>
   55 #include <opencrypto/xform_enc.h>
   56 
   57 struct aes_cbc_ctx {
   58         rijndael_ctx key;
   59         char iv[AES_BLOCK_LEN];
   60 };
   61 
   62 static  int aes_cbc_setkey(void *, const uint8_t *, int);
   63 static  void aes_cbc_encrypt(void *, const uint8_t *, uint8_t *);
   64 static  void aes_cbc_decrypt(void *, const uint8_t *, uint8_t *);
   65 static  void aes_cbc_encrypt_multi(void *, const uint8_t *, uint8_t *, size_t);
   66 static  void aes_cbc_decrypt_multi(void *, const uint8_t *, uint8_t *, size_t);
   67 static  void aes_cbc_reinit(void *, const uint8_t *, size_t);
   68 
   69 /* Encryption instances */
   70 const struct enc_xform enc_xform_aes_cbc = {
   71         .type = CRYPTO_AES_CBC,
   72         .name = "AES-CBC",
   73         .ctxsize = sizeof(struct aes_cbc_ctx),
   74         .blocksize = AES_BLOCK_LEN,
   75         .ivsize = AES_BLOCK_LEN,
   76         .minkey = AES_MIN_KEY,
   77         .maxkey = AES_MAX_KEY,
   78         .setkey = aes_cbc_setkey,
   79         .reinit = aes_cbc_reinit,
   80         .encrypt = aes_cbc_encrypt,
   81         .decrypt = aes_cbc_decrypt,
   82         .encrypt_multi = aes_cbc_encrypt_multi,
   83         .decrypt_multi = aes_cbc_decrypt_multi,
   84 };
   85 
   86 /*
   87  * Encryption wrapper routines.
   88  */
   89 static void
   90 aes_cbc_encrypt(void *vctx, const uint8_t *in, uint8_t *out)
   91 {
   92         struct aes_cbc_ctx *ctx = vctx;
   93 
   94         for (u_int i = 0; i < AES_BLOCK_LEN; i++)
   95                 out[i] = in[i] ^ ctx->iv[i];
   96         rijndael_encrypt(&ctx->key, out, out);
   97         memcpy(ctx->iv, out, AES_BLOCK_LEN);
   98 }
   99 
  100 static void
  101 aes_cbc_decrypt(void *vctx, const uint8_t *in, uint8_t *out)
  102 {
  103         struct aes_cbc_ctx *ctx = vctx;
  104         char block[AES_BLOCK_LEN];
  105 
  106         memcpy(block, in, AES_BLOCK_LEN);
  107         rijndael_decrypt(&ctx->key, in, out);
  108         for (u_int i = 0; i < AES_BLOCK_LEN; i++)
  109                 out[i] ^= ctx->iv[i];
  110         memcpy(ctx->iv, block, AES_BLOCK_LEN);
  111         explicit_bzero(block, sizeof(block));
  112 }
  113 
  114 static void
  115 aes_cbc_encrypt_multi(void *vctx, const uint8_t *in, uint8_t *out, size_t len)
  116 {
  117         struct aes_cbc_ctx *ctx = vctx;
  118 
  119         KASSERT(len % AES_BLOCK_LEN == 0, ("%s: invalid length", __func__));
  120         while (len > 0) {
  121                 for (u_int i = 0; i < AES_BLOCK_LEN; i++)
  122                         out[i] = in[i] ^ ctx->iv[i];
  123                 rijndael_encrypt(&ctx->key, out, out);
  124                 memcpy(ctx->iv, out, AES_BLOCK_LEN);
  125                 out += AES_BLOCK_LEN;
  126                 in += AES_BLOCK_LEN;
  127                 len -= AES_BLOCK_LEN;
  128         }
  129 }
  130 
  131 static void
  132 aes_cbc_decrypt_multi(void *vctx, const uint8_t *in, uint8_t *out, size_t len)
  133 {
  134         struct aes_cbc_ctx *ctx = vctx;
  135         char block[AES_BLOCK_LEN];
  136 
  137         KASSERT(len % AES_BLOCK_LEN == 0, ("%s: invalid length", __func__));
  138         while (len > 0) {
  139                 memcpy(block, in, AES_BLOCK_LEN);
  140                 rijndael_decrypt(&ctx->key, in, out);
  141                 for (u_int i = 0; i < AES_BLOCK_LEN; i++)
  142                         out[i] ^= ctx->iv[i];
  143                 memcpy(ctx->iv, block, AES_BLOCK_LEN);
  144                 out += AES_BLOCK_LEN;
  145                 in += AES_BLOCK_LEN;
  146                 len -= AES_BLOCK_LEN;
  147         }
  148         explicit_bzero(block, sizeof(block));
  149 }
  150 
  151 static int
  152 aes_cbc_setkey(void *vctx, const uint8_t *key, int len)
  153 {
  154         struct aes_cbc_ctx *ctx = vctx;
  155 
  156         if (len != 16 && len != 24 && len != 32)
  157                 return (EINVAL);
  158 
  159         rijndael_set_key(&ctx->key, key, len * 8);
  160         return (0);
  161 }
  162 
  163 static void
  164 aes_cbc_reinit(void *vctx, const uint8_t *iv, size_t iv_len)
  165 {
  166         struct aes_cbc_ctx *ctx = vctx;
  167 
  168         KASSERT(iv_len == sizeof(ctx->iv), ("%s: bad IV length", __func__));
  169         memcpy(ctx->iv, iv, sizeof(ctx->iv));
  170 }

Cache object: f0186ba17646a4d4cf66c6ca204e7152

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.