Add untested CFB-r mode. Will be tested soon.

diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h
index da067f4a8fa51b3fc9a36d93a67ad4abe8601663..9ba4e61a216f111751314b32df6994361e804b80 100644 (file)
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@@ -95,6 +95,9 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
        const unsigned long length, const AES_KEY *key,
        unsigned char *ivec, int *num, const int enc);
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+                           const int nbits,const AES_KEY *key,
+                           unsigned char *ivec,const int enc);
 void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
        const unsigned long length, const AES_KEY *key,
        unsigned char *ivec, int *num);

diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c
index 9b569dda903e983ae3514fa93099a4ab9d23d639..209a34674873bfee07fce620cf1098401f42460d 100644 (file)
--- a/crypto/aes/aes_cfb.c
+++ b/crypto/aes/aes_cfb.c
@@ -155,3 +155,60 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
        *num=n;
 }
 
+/* This expects a single block of size nbits for both in and out. Note that
+   it corrupts any extra bits in the last byte of out */
+/* Untested, once it is working, it will be optimised */
+void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+                           const int nbits,const AES_KEY *key,
+                           unsigned char *ivec,const int enc)
+    {
+    unsigned int n;
+    unsigned char ovec[AES_BLOCK_SIZE*2];
+
+    assert(in && out && key && ivec);
+    if(enc)
+       {
+       /* construct the new IV in the second half of ovec */
+       AES_encrypt(ivec,ovec+AES_BLOCK_SIZE,key);
+       /* encrypt the input */
+       for(n=0 ; n < (nbits+7)/8 ; ++n)
+           out[n]=in[n]^ovec[n+AES_BLOCK_SIZE];
+       /* fill in the first half of the new IV with the current IV */
+       memcpy(ovec,ivec,AES_BLOCK_SIZE);
+       /* shift ovec left most of the bits... */
+       memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+       /* now the remaining bits */
+       if(nbits%8 != 0)
+           for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+               {
+               ovec[n]<<=nbits%8;
+               ovec[n]|=ovec[n+1]>>(8-nbits%8);
+               }
+       /* finally, move it back into place */
+       memcpy(ivec,ovec,AES_BLOCK_SIZE);
+       }
+    else
+       {
+       /* construct the new IV in the first half of ovec */
+       AES_encrypt(ivec,ovec,key);
+       /* decrypt the input */
+       for(n=0 ; n < (nbits+7)/8 ; ++n)
+           out[n]=in[n]^ovec[n];
+       /* fill in the first half of the new IV with the current IV */
+       memcpy(ovec,ivec,AES_BLOCK_SIZE);
+       /* append the ciphertext */
+       memcpy(ovec+AES_BLOCK_SIZE,in,(nbits+7)/8);
+       /* shift ovec left most of the bits... */
+       memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
+       /* now the remaining bits */
+       if(nbits%8 != 0)
+           for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+               {
+               ovec[n]<<=nbits%8;
+               ovec[n]|=ovec[n+1]>>(8-nbits%8);
+               }
+       /* finally, move it back into place */
+       memcpy(ivec,ovec,AES_BLOCK_SIZE);
+       }
+    /* it is not necessary to cleanse ovec, since the IV is not secret */
+    }