diff options
author | Jeffrey Walton <noloader@gmail.com> | 2015-11-05 01:59:46 -0500 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2015-11-05 01:59:46 -0500 |
commit | 48809d4e85c125814425c621d8d0d89f95405924 (patch) | |
tree | 1010fd16c4b1199f3d27dd726dda241a2bd29f83 /modes.cpp | |
parent | 025337a94aceb75d188149db70c2094673772816 (diff) | |
download | cryptopp-git-48809d4e85c125814425c621d8d0d89f95405924.tar.gz |
CRYPTOPP 5.6.3 RC6 checkin
Diffstat (limited to 'modes.cpp')
-rw-r--r-- | modes.cpp | 536 |
1 files changed, 276 insertions, 260 deletions
@@ -1,260 +1,276 @@ -// modes.cpp - written and placed in the public domain by Wei Dai - -#include "pch.h" - -#ifndef CRYPTOPP_IMPORTS - -#include "modes.h" -#include "trap.h" - -#ifndef NDEBUG -# include "des.h" -#endif - -NAMESPACE_BEGIN(CryptoPP) - -#ifndef NDEBUG -void Modes_TestInstantiations() -{ - CFB_Mode<DES>::Encryption m0; - CFB_Mode<DES>::Decryption m1; - OFB_Mode<DES>::Encryption m2; - CTR_Mode<DES>::Encryption m3; - ECB_Mode<DES>::Encryption m4; - CBC_Mode<DES>::Encryption m5; -} -#endif - -void CFB_ModePolicy::Iterate(byte *output, const byte *input, CipherDir dir, size_t iterationCount) -{ - CRYPTOPP_ASSERT(m_cipher->IsForwardTransformation()); // CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt - CRYPTOPP_ASSERT(m_feedbackSize == BlockSize()); - - const unsigned int s = BlockSize(); - if (dir == ENCRYPTION) - { - m_cipher->ProcessAndXorBlock(m_register, input, output); - m_cipher->AdvancedProcessBlocks(output, input+s, output+s, (iterationCount-1)*s, 0); - memcpy(m_register, output+(iterationCount-1)*s, s); - } - else - { - memcpy_s(m_temp, m_temp.size(), input+(iterationCount-1)*s, s); // make copy first in case of in-place decryption - m_cipher->AdvancedProcessBlocks(input, input+s, output+s, (iterationCount-1)*s, BlockTransformation::BT_ReverseDirection); - m_cipher->ProcessAndXorBlock(m_register, input, output); - memcpy_s(m_register, m_register.size(), m_temp, s); - } -} - -void CFB_ModePolicy::TransformRegister() -{ - CRYPTOPP_ASSERT(m_cipher->IsForwardTransformation()); // CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt - m_cipher->ProcessBlock(m_register, m_temp); - const unsigned int updateSize = BlockSize()-m_feedbackSize; - - if (updateSize) - memmove_s(m_register, m_register.size(), m_register+m_feedbackSize, updateSize); - memcpy_s(m_register+updateSize, m_register.size()-updateSize, m_temp, m_feedbackSize); -} - -void CFB_ModePolicy::CipherResynchronize(const byte *iv, size_t length) -{ - CRYPTOPP_ASSERT(length == BlockSize()); - CopyOrZero(m_register, iv, length); - TransformRegister(); -} - -void CFB_ModePolicy::SetFeedbackSize(unsigned int feedbackSize) -{ - if (feedbackSize > BlockSize()) - throw InvalidArgument("CFB_Mode: invalid feedback size"); - m_feedbackSize = feedbackSize ? feedbackSize : BlockSize(); -} - -void CFB_ModePolicy::ResizeBuffers() -{ - CipherModeBase::ResizeBuffers(); - m_temp.New(BlockSize()); -} - -void OFB_ModePolicy::WriteKeystream(byte *keystreamBuffer, size_t iterationCount) -{ - CRYPTOPP_ASSERT(m_cipher->IsForwardTransformation()); // OFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt - unsigned int s = BlockSize(); - m_cipher->ProcessBlock(m_register, keystreamBuffer); - if (iterationCount > 1) - m_cipher->AdvancedProcessBlocks(keystreamBuffer, NULL, keystreamBuffer+s, s*(iterationCount-1), 0); - memcpy(m_register, keystreamBuffer+s*(iterationCount-1), s); -} - -void OFB_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length) -{ - CRYPTOPP_ASSERT(length == BlockSize()); - CopyOrZero(m_register, iv, length); -} - -void CTR_ModePolicy::SeekToIteration(lword iterationCount) -{ - int carry=0; - for (int i=BlockSize()-1; i>=0; i--) - { - unsigned int sum = m_register[i] + byte(iterationCount) + carry; - m_counterArray[i] = (byte) sum; - carry = sum >> 8; - iterationCount >>= 8; - } -} - -void CTR_ModePolicy::IncrementCounterBy256() -{ - IncrementCounterByOne(m_counterArray, BlockSize()-1); -} - -void CTR_ModePolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount) -{ - CRYPTOPP_ASSERT(m_cipher->IsForwardTransformation()); // CTR mode needs the "encrypt" direction of the underlying block cipher, even to decrypt - unsigned int s = BlockSize(); - unsigned int inputIncrement = input ? s : 0; - - while (iterationCount) - { - byte lsb = m_counterArray[s-1]; - size_t blocks = UnsignedMin(iterationCount, 256U-lsb); - m_cipher->AdvancedProcessBlocks(m_counterArray, input, output, blocks*s, BlockTransformation::BT_InBlockIsCounter|BlockTransformation::BT_AllowParallel); - if ((m_counterArray[s-1] = lsb + (byte)blocks) == 0) - IncrementCounterBy256(); - - output += blocks*s; - input += blocks*inputIncrement; - iterationCount -= blocks; - } -} - -void CTR_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length) -{ - CRYPTOPP_ASSERT(length == BlockSize()); - CopyOrZero(m_register, iv, length); - m_counterArray = m_register; -} - -void BlockOrientedCipherModeBase::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs ¶ms) -{ - m_cipher->SetKey(key, length, params); - ResizeBuffers(); - if (IsResynchronizable()) - { - size_t ivLength; - const byte *iv = GetIVAndThrowIfInvalid(params, ivLength); - Resynchronize(iv, (int)ivLength); - } -} - -void BlockOrientedCipherModeBase::ResizeBuffers() -{ - CipherModeBase::ResizeBuffers(); - m_buffer.New(BlockSize()); -} - -void ECB_OneWay::ProcessData(byte *outString, const byte *inString, size_t length) -{ - CRYPTOPP_ASSERT(length%BlockSize()==0); - m_cipher->AdvancedProcessBlocks(inString, NULL, outString, length, BlockTransformation::BT_AllowParallel); -} - -void CBC_Encryption::ProcessData(byte *outString, const byte *inString, size_t length) -{ - if (!length) - return; - CRYPTOPP_ASSERT(length%BlockSize()==0); - - unsigned int blockSize = BlockSize(); - m_cipher->AdvancedProcessBlocks(inString, m_register, outString, blockSize, BlockTransformation::BT_XorInput); - if (length > blockSize) - m_cipher->AdvancedProcessBlocks(inString+blockSize, outString, outString+blockSize, length-blockSize, BlockTransformation::BT_XorInput); - memcpy(m_register, outString + length - blockSize, blockSize); -} - -void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length) -{ - if (length <= BlockSize()) - { - if (!m_stolenIV) - throw InvalidArgument("CBC_Encryption: message is too short for ciphertext stealing"); - - // steal from IV - memcpy(outString, m_register, length); - outString = m_stolenIV; - } - else - { - // steal from next to last block - xorbuf(m_register, inString, BlockSize()); - m_cipher->ProcessBlock(m_register); - inString += BlockSize(); - length -= BlockSize(); - memcpy(outString+BlockSize(), m_register, length); - } - - // output last full ciphertext block - xorbuf(m_register, inString, length); - m_cipher->ProcessBlock(m_register); - memcpy(outString, m_register, BlockSize()); -} - -void CBC_Decryption::ProcessData(byte *outString, const byte *inString, size_t length) -{ - if (!length) - return; - CRYPTOPP_ASSERT(length%BlockSize()==0); - - unsigned int blockSize = BlockSize(); - memcpy(m_temp, inString+length-blockSize, blockSize); // save copy now in case of in-place decryption - if (length > blockSize) - m_cipher->AdvancedProcessBlocks(inString+blockSize, inString, outString+blockSize, length-blockSize, BlockTransformation::BT_ReverseDirection|BlockTransformation::BT_AllowParallel); - m_cipher->ProcessAndXorBlock(inString, m_register, outString); - m_register.swap(m_temp); -} - -void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length) -{ - const byte *pn, *pn1; - bool stealIV = length <= BlockSize(); - - if (stealIV) - { - pn = inString; - pn1 = m_register; - } - else - { - pn = inString + BlockSize(); - pn1 = inString; - length -= BlockSize(); - } - - // decrypt last partial plaintext block - memcpy(m_temp, pn1, BlockSize()); - m_cipher->ProcessBlock(m_temp); - xorbuf(m_temp, pn, length); - - if (stealIV) - memcpy(outString, m_temp, length); - else - { - memcpy(outString+BlockSize(), m_temp, length); - // decrypt next to last plaintext block - memcpy(m_temp, pn, length); - m_cipher->ProcessBlock(m_temp); - xorbuf(outString, m_temp, m_register, BlockSize()); - } -} - -void CBC_Decryption::ResizeBuffers() -{ - BlockOrientedCipherModeBase::ResizeBuffers(); - m_temp.New(BlockSize()); -} - -NAMESPACE_END - -#endif +// modes.cpp - written and placed in the public domain by Wei Dai
+
+#include "pch.h"
+
+#ifndef CRYPTOPP_IMPORTS
+
+#include "modes.h"
+#include "misc.h"
+
+#ifndef NDEBUG
+#include "des.h"
+#endif
+
+NAMESPACE_BEGIN(CryptoPP)
+
+#ifndef NDEBUG
+void Modes_TestInstantiations()
+{
+ CFB_Mode<DES>::Encryption m0;
+ CFB_Mode<DES>::Decryption m1;
+ OFB_Mode<DES>::Encryption m2;
+ CTR_Mode<DES>::Encryption m3;
+ ECB_Mode<DES>::Encryption m4;
+ CBC_Mode<DES>::Encryption m5;
+}
+#endif
+
+// Thanks to Zireael, http://github.com/weidai11/cryptopp/pull/46
+#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
+void CipherModeBase::ResizeBuffers()
+{
+ m_register.New(m_cipher->BlockSize());
+}
+#endif
+
+void CFB_ModePolicy::Iterate(byte *output, const byte *input, CipherDir dir, size_t iterationCount)
+{
+ assert(m_cipher->IsForwardTransformation()); // CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
+ assert(m_feedbackSize == BlockSize());
+
+ unsigned int s = BlockSize();
+ if (dir == ENCRYPTION)
+ {
+ m_cipher->ProcessAndXorBlock(m_register, input, output);
+ m_cipher->AdvancedProcessBlocks(output, input+s, output+s, (iterationCount-1)*s, 0);
+ memcpy(m_register, output+(iterationCount-1)*s, s);
+ }
+ else
+ {
+ memcpy(m_temp, input+(iterationCount-1)*s, s); // make copy first in case of in-place decryption
+ m_cipher->AdvancedProcessBlocks(input, input+s, output+s, (iterationCount-1)*s, BlockTransformation::BT_ReverseDirection);
+ m_cipher->ProcessAndXorBlock(m_register, input, output);
+ memcpy(m_register, m_temp, s);
+ }
+}
+
+void CFB_ModePolicy::TransformRegister()
+{
+ assert(m_cipher->IsForwardTransformation()); // CFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
+ m_cipher->ProcessBlock(m_register, m_temp);
+ unsigned int updateSize = BlockSize()-m_feedbackSize;
+ memmove_s(m_register, m_register.size(), m_register+m_feedbackSize, updateSize);
+ memcpy_s(m_register+updateSize, m_register.size()-updateSize, m_temp, m_feedbackSize);
+}
+
+void CFB_ModePolicy::CipherResynchronize(const byte *iv, size_t length)
+{
+ assert(length == BlockSize());
+ CopyOrZero(m_register, iv, length);
+ TransformRegister();
+}
+
+void CFB_ModePolicy::SetFeedbackSize(unsigned int feedbackSize)
+{
+ if (feedbackSize > BlockSize())
+ throw InvalidArgument("CFB_Mode: invalid feedback size");
+ m_feedbackSize = feedbackSize ? feedbackSize : BlockSize();
+}
+
+void CFB_ModePolicy::ResizeBuffers()
+{
+ CipherModeBase::ResizeBuffers();
+ m_temp.New(BlockSize());
+}
+
+void OFB_ModePolicy::WriteKeystream(byte *keystreamBuffer, size_t iterationCount)
+{
+ assert(m_cipher->IsForwardTransformation()); // OFB mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
+ unsigned int s = BlockSize();
+ m_cipher->ProcessBlock(m_register, keystreamBuffer);
+ if (iterationCount > 1)
+ m_cipher->AdvancedProcessBlocks(keystreamBuffer, NULL, keystreamBuffer+s, s*(iterationCount-1), 0);
+ memcpy(m_register, keystreamBuffer+s*(iterationCount-1), s);
+}
+
+void OFB_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
+{
+ CRYPTOPP_UNUSED(keystreamBuffer), CRYPTOPP_UNUSED(length);
+ assert(length == BlockSize());
+
+ CopyOrZero(m_register, iv, length);
+}
+
+void CTR_ModePolicy::SeekToIteration(lword iterationCount)
+{
+ int carry=0;
+ for (int i=BlockSize()-1; i>=0; i--)
+ {
+ unsigned int sum = m_register[i] + byte(iterationCount) + carry;
+ m_counterArray[i] = (byte) sum;
+ carry = sum >> 8;
+ iterationCount >>= 8;
+ }
+}
+
+void CTR_ModePolicy::IncrementCounterBy256()
+{
+ IncrementCounterByOne(m_counterArray, BlockSize()-1);
+}
+
+void CTR_ModePolicy::OperateKeystream(KeystreamOperation /*operation*/, byte *output, const byte *input, size_t iterationCount)
+{
+ assert(m_cipher->IsForwardTransformation()); // CTR mode needs the "encrypt" direction of the underlying block cipher, even to decrypt
+ unsigned int s = BlockSize();
+ unsigned int inputIncrement = input ? s : 0;
+
+ while (iterationCount)
+ {
+ byte lsb = m_counterArray[s-1];
+ size_t blocks = UnsignedMin(iterationCount, 256U-lsb);
+ m_cipher->AdvancedProcessBlocks(m_counterArray, input, output, blocks*s, BlockTransformation::BT_InBlockIsCounter|BlockTransformation::BT_AllowParallel);
+ if ((m_counterArray[s-1] = lsb + (byte)blocks) == 0)
+ IncrementCounterBy256();
+
+ output += blocks*s;
+ input += blocks*inputIncrement;
+ iterationCount -= blocks;
+ }
+}
+
+void CTR_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv, size_t length)
+{
+ CRYPTOPP_UNUSED(keystreamBuffer), CRYPTOPP_UNUSED(length);
+ assert(length == BlockSize());
+
+ CopyOrZero(m_register, iv, length);
+ m_counterArray = m_register;
+}
+
+void BlockOrientedCipherModeBase::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs ¶ms)
+{
+ m_cipher->SetKey(key, length, params);
+ ResizeBuffers();
+ if (IsResynchronizable())
+ {
+ size_t ivLength;
+ const byte *iv = GetIVAndThrowIfInvalid(params, ivLength);
+ Resynchronize(iv, (int)ivLength);
+ }
+}
+
+// Thanks to Zireael, http://github.com/weidai11/cryptopp/pull/46
+#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
+void BlockOrientedCipherModeBase::ResizeBuffers()
+{
+ CipherModeBase::ResizeBuffers();
+ m_buffer.New(BlockSize());
+}
+#endif
+
+void ECB_OneWay::ProcessData(byte *outString, const byte *inString, size_t length)
+{
+ assert(length%BlockSize()==0);
+ m_cipher->AdvancedProcessBlocks(inString, NULL, outString, length, BlockTransformation::BT_AllowParallel);
+}
+
+void CBC_Encryption::ProcessData(byte *outString, const byte *inString, size_t length)
+{
+ if (!length)
+ return;
+ assert(length%BlockSize()==0);
+
+ unsigned int blockSize = BlockSize();
+ m_cipher->AdvancedProcessBlocks(inString, m_register, outString, blockSize, BlockTransformation::BT_XorInput);
+ if (length > blockSize)
+ m_cipher->AdvancedProcessBlocks(inString+blockSize, outString, outString+blockSize, length-blockSize, BlockTransformation::BT_XorInput);
+ memcpy(m_register, outString + length - blockSize, blockSize);
+}
+
+void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
+{
+ if (length <= BlockSize())
+ {
+ if (!m_stolenIV)
+ throw InvalidArgument("CBC_Encryption: message is too short for ciphertext stealing");
+
+ // steal from IV
+ memcpy(outString, m_register, length);
+ outString = m_stolenIV;
+ }
+ else
+ {
+ // steal from next to last block
+ xorbuf(m_register, inString, BlockSize());
+ m_cipher->ProcessBlock(m_register);
+ inString += BlockSize();
+ length -= BlockSize();
+ memcpy(outString+BlockSize(), m_register, length);
+ }
+
+ // output last full ciphertext block
+ xorbuf(m_register, inString, length);
+ m_cipher->ProcessBlock(m_register);
+ memcpy(outString, m_register, BlockSize());
+}
+
+// Thanks to Zireael, http://github.com/weidai11/cryptopp/pull/46
+#ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
+void CBC_Decryption::ResizeBuffers()
+{
+ BlockOrientedCipherModeBase::ResizeBuffers();
+ m_temp.New(BlockSize());
+}
+#endif
+
+void CBC_Decryption::ProcessData(byte *outString, const byte *inString, size_t length)
+{
+ if (!length)
+ return;
+ assert(length%BlockSize()==0);
+
+ unsigned int blockSize = BlockSize();
+ memcpy(m_temp, inString+length-blockSize, blockSize); // save copy now in case of in-place decryption
+ if (length > blockSize)
+ m_cipher->AdvancedProcessBlocks(inString+blockSize, inString, outString+blockSize, length-blockSize, BlockTransformation::BT_ReverseDirection|BlockTransformation::BT_AllowParallel);
+ m_cipher->ProcessAndXorBlock(inString, m_register, outString);
+ m_register.swap(m_temp);
+}
+
+void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
+{
+ const byte *pn, *pn1;
+ bool stealIV = length <= BlockSize();
+
+ if (stealIV)
+ {
+ pn = inString;
+ pn1 = m_register;
+ }
+ else
+ {
+ pn = inString + BlockSize();
+ pn1 = inString;
+ length -= BlockSize();
+ }
+
+ // decrypt last partial plaintext block
+ memcpy(m_temp, pn1, BlockSize());
+ m_cipher->ProcessBlock(m_temp);
+ xorbuf(m_temp, pn, length);
+
+ if (stealIV)
+ memcpy(outString, m_temp, length);
+ else
+ {
+ memcpy(outString+BlockSize(), m_temp, length);
+ // decrypt next to last plaintext block
+ memcpy(m_temp, pn, length);
+ m_cipher->ProcessBlock(m_temp);
+ xorbuf(outString, m_temp, m_register, BlockSize());
+ }
+}
+
+NAMESPACE_END
+
+#endif
|