00001 /* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */ 00002 /* ==================================================================== 00003 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 00004 * 00005 * Redistribution and use in source and binary forms, with or without 00006 * modification, are permitted provided that the following conditions 00007 * are met: 00008 * 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer. 00011 * 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in 00014 * the documentation and/or other materials provided with the 00015 * distribution. 00016 * 00017 * 3. All advertising materials mentioning features or use of this 00018 * software must display the following acknowledgment: 00019 * "This product includes software developed by the OpenSSL Project 00020 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 00021 * 00022 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 00023 * endorse or promote products derived from this software without 00024 * prior written permission. For written permission, please contact 00025 * openssl-core@openssl.org. 00026 * 00027 * 5. Products derived from this software may not be called "OpenSSL" 00028 * nor may "OpenSSL" appear in their names without prior written 00029 * permission of the OpenSSL Project. 00030 * 00031 * 6. Redistributions of any form whatsoever must retain the following 00032 * acknowledgment: 00033 * "This product includes software developed by the OpenSSL Project 00034 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 00035 * 00036 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 00037 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 00038 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 00039 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 00040 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00041 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00042 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 00043 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 00044 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 00045 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 00046 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 00047 * OF THE POSSIBILITY OF SUCH DAMAGE. 00048 * ==================================================================== 00049 * 00050 */ 00051 00052 #ifndef AES_DEBUG 00053 # ifndef NDEBUG 00054 # define NDEBUG 00055 # endif 00056 #endif 00057 #include <aversive.h> 00058 #include <assert.h> 00059 #include "aes_locl.h" 00060 #include "aes.h" 00061 #include "aes_locl.h" 00062 00063 /* NOTE: CTR mode is big-endian. The rest of the AES code 00064 * is endian-neutral. */ 00065 00066 /* increment counter (128-bit int) by 2^64 */ 00067 void AES_ctr128_inc(unsigned char *counter) { 00068 unsigned long c; 00069 00070 /* Grab 3rd dword of counter and increment */ 00071 #ifdef L_ENDIAN 00072 c = GETU32(counter + 8); 00073 c++; 00074 PUTU32(counter + 8, c); 00075 #else 00076 c = GETU32(counter + 4); 00077 c++; 00078 PUTU32(counter + 4, c); 00079 #endif 00080 00081 /* if no overflow, we're done */ 00082 if (c) 00083 return; 00084 00085 /* Grab top dword of counter and increment */ 00086 #ifdef L_ENDIAN 00087 c = GETU32(counter + 12); 00088 c++; 00089 PUTU32(counter + 12, c); 00090 #else 00091 c = GETU32(counter + 0); 00092 c++; 00093 PUTU32(counter + 0, c); 00094 #endif 00095 00096 } 00097 00098 /* The input encrypted as though 128bit counter mode is being 00099 * used. The extra state information to record how much of the 00100 * 128bit block we have used is contained in *num, and the 00101 * encrypted counter is kept in ecount_buf. Both *num and 00102 * ecount_buf must be initialised with zeros before the first 00103 * call to AES_ctr128_encrypt(). 00104 */ 00105 void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, 00106 const unsigned long length, const AES_KEY *key, 00107 unsigned char counter[AES_BLOCK_SIZE], 00108 unsigned char ecount_buf[AES_BLOCK_SIZE], 00109 unsigned int *num) { 00110 00111 unsigned int n; 00112 unsigned long l=length; 00113 00114 assert(in && out && key && counter && num); 00115 assert(*num < AES_BLOCK_SIZE); 00116 00117 n = *num; 00118 00119 while (l--) { 00120 if (n == 0) { 00121 AES_encrypt(counter, ecount_buf, key); 00122 AES_ctr128_inc(counter); 00123 } 00124 *(out++) = *(in++) ^ ecount_buf[n]; 00125 n = (n+1) % AES_BLOCK_SIZE; 00126 } 00127 00128 *num=n; 00129 }