{
AES_KEY ks1, ks2; /* AES key schedules to use */
XTS128_CONTEXT xts;
+ void (*stream)(const unsigned char *in,
+ unsigned char *out, size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
} EVP_AES_XTS_CTX;
typedef struct
{
aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f)aesni_encrypt;
+ xctx->stream = aesni_xts_encrypt;
}
else
{
aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f)aesni_decrypt;
+ xctx->stream = aesni_xts_decrypt;
}
aesni_set_encrypt_key(key + ctx->key_len/2,
return 1;
}
+#define aesni_xts_cipher aes_xts_cipher
static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len)
- {
- EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
- if (!xctx->xts.key1 || !xctx->xts.key2)
- return -1;
- if (!out || !in)
- return -1;
-#ifdef OPENSSL_FIPS
- /* Requirement of SP800-38E */
- if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
- (len > (1L<<20)*16))
- {
- EVPerr(EVP_F_AESNI_XTS_CIPHER, EVP_R_TOO_LARGE);
- return -1;
- }
-#endif
- if (ctx->encrypt)
- aesni_xts_encrypt(in, out, len,
- xctx->xts.key1, xctx->xts.key2, ctx->iv);
- else
- aesni_xts_decrypt(in, out, len,
- xctx->xts.key1, xctx->xts.key2, ctx->iv);
-
- return len;
- }
+ const unsigned char *in, size_t len);
static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
if (key) do
{
+ xctx->stream = NULL;
/* key_len is two AES keys */
#ifdef VPAES_CAPABLE
if (VPAES_CAPABLE)
{
EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
if (!xctx->xts.key1 || !xctx->xts.key2)
- return -1;
+ return 0;
if (!out || !in)
- return -1;
+ return 0;
#ifdef OPENSSL_FIPS
/* Requirement of SP800-38E */
if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
- (len > (1L<<20)*16))
+ (len > (1UL<<20)*16))
{
EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
- return -1;
+ return 0;
}
#endif
- if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+ if (xctx->stream)
+ (*xctx->stream)(in, out, len,
+ xctx->xts.key1, xctx->xts.key2, ctx->iv);
+ else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
ctx->encrypt))
- return -1;
- return len;
+ return 0;
+ return 1;
}
#define aes_xts_cleanup NULL
projects / oweals / openssl.git / commitdiff