} while ((size & (AES_BLOCKSIZE - 1)) != 0);
/* Encrypt content+MAC+padding in place */
- {
- psCipherContext_t ctx;
- psAesInit(&ctx, buf - AES_BLOCKSIZE, /* IV */
- tls->client_write_key, tls->key_size /* selects 128/256 */
- );
- psAesEncrypt(&ctx,
- buf, /* plaintext */
- buf, /* ciphertext */
- size
- );
- }
+ aes_cbc_encrypt(
+ tls->client_write_key, tls->key_size, /* selects 128/256 */
+ buf - AES_BLOCKSIZE, /* IV */
+ buf, size, /* plaintext */
+ buf /* ciphertext */
+ );
/* Write out */
dbg("writing 5 + %u IV + %u encrypted bytes, padding_length:0x%02x\n",
/* Needs to be decrypted? */
if (tls->min_encrypted_len_on_read > tls->MAC_size) {
- psCipherContext_t ctx;
uint8_t *p = tls->inbuf + RECHDR_LEN;
int padding_len;
sz, tls->min_encrypted_len_on_read);
}
/* Decrypt content+MAC+padding, moving it over IV in the process */
- psAesInit(&ctx, p, /* IV */
- tls->server_write_key, tls->key_size /* selects 128/256 */
- );
sz -= AES_BLOCKSIZE; /* we will overwrite IV now */
- psAesDecrypt(&ctx,
- p + AES_BLOCKSIZE, /* ciphertext */
- p, /* plaintext */
- sz
+ aes_cbc_decrypt(
+ tls->server_write_key, tls->key_size, /* selects 128/256 */
+ p, /* IV */
+ p + AES_BLOCKSIZE, sz, /* ciphertext */
+ p /* plaintext */
);
padding_len = p[sz - 1];
dbg("encrypted size:%u type:0x%02x padding_length:0x%02x\n", sz, p[0], padding_len);
*/
#include "tls.h"
+static
+int32 psAesInitKey(const unsigned char *key, uint32 keylen, psAesKey_t *skey);
+static
+void psAesEncryptBlock(const unsigned char *pt, unsigned char *ct,
+ psAesKey_t *skey);
+static
+void psAesDecryptBlock(const unsigned char *ct, unsigned char *pt,
+ psAesKey_t *skey);
+static
+int32 psAesInit(psCipherContext_t *ctx, unsigned char *IV,
+ const unsigned char *key, uint32 keylen);
+static
+int32 psAesEncrypt(psCipherContext_t *ctx, const unsigned char *pt,
+ unsigned char *ct, uint32 len);
+static
+int32 psAesDecrypt(psCipherContext_t *ctx, const unsigned char *ct,
+ unsigned char *pt, uint32 len);
+
+void aes_cbc_encrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst)
+{
+ psCipherContext_t ctx;
+ psAesInit(&ctx, iv, key, klen);
+ psAesEncrypt(&ctx,
+ data, /* plaintext */
+ dst, /* ciphertext */
+ len
+ );
+}
+
+void aes_cbc_decrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst)
+{
+ psCipherContext_t ctx;
+ psAesInit(&ctx, iv, key, klen);
+ psAesDecrypt(&ctx,
+ data, /* ciphertext */
+ dst, /* plaintext */
+ len
+ );
+}
+
/* The file is taken almost verbatim from matrixssl-3-7-2b-open/crypto/symmetric/.
* Changes are flagged with //bbox
*/
Software implementation of AES CBC APIs
*/
#ifndef USE_AES_CBC_EXTERNAL
+static //bbox
int32 psAesInit(psCipherContext_t *ctx, unsigned char *IV,
- unsigned char *key, uint32 keylen)
+ const unsigned char *key, uint32 keylen)
{
int32 x, err;
return PS_SUCCESS;
}
-int32 psAesEncrypt(psCipherContext_t *ctx, unsigned char *pt,
+static //bbox
+int32 psAesEncrypt(psCipherContext_t *ctx, const unsigned char *pt,
unsigned char *ct, uint32 len)
{
int32 x;
return len;
}
-int32 psAesDecrypt(psCipherContext_t *ctx, unsigned char *ct,
+static //bbox
+int32 psAesDecrypt(psCipherContext_t *ctx, const unsigned char *ct,
unsigned char *pt, uint32 len)
{
int32 x;
skey: The key in as scheduled by this function.
*/
+static //bbox
int32 psAesInitKey(const unsigned char *key, uint32 keylen, psAesKey_t *skey)
{
int32 i, j;
#ifdef USE_BURN_STACK
+static //bbox
void psAesEncryptBlock(const unsigned char *pt, unsigned char *ct,
psAesKey_t *skey)
{
static void _aes_ecb_encrypt(const unsigned char *pt, unsigned char *ct,
psAesKey_t *skey)
#else
+static //bbox
void psAesEncryptBlock(const unsigned char *pt, unsigned char *ct,
psAesKey_t *skey)
#endif /* USE_BURN_STACK */
}
#ifdef USE_BURN_STACK
+static //bbox
void psAesDecryptBlock(const unsigned char *ct, unsigned char *pt,
psAesKey_t *skey)
{
static void _aes_ecb_decrypt(const unsigned char *ct, unsigned char *pt,
psAesKey_t *skey)
#else
+static //bbox
void psAesDecryptBlock(const unsigned char *ct, unsigned char *pt,
psAesKey_t *skey)
#endif /* USE_BURN_STACK */
* Selected few declarations for AES.
*/
-int32 psAesInitKey(const unsigned char *key, uint32 keylen, psAesKey_t *skey);
-void psAesEncryptBlock(const unsigned char *pt, unsigned char *ct,
- psAesKey_t *skey);
-void psAesDecryptBlock(const unsigned char *ct, unsigned char *pt,
- psAesKey_t *skey);
-
-int32 psAesInit(psCipherContext_t *ctx, unsigned char *IV,
- unsigned char *key, uint32 keylen);
-int32 psAesEncrypt(psCipherContext_t *ctx, unsigned char *pt,
- unsigned char *ct, uint32 len);
-int32 psAesDecrypt(psCipherContext_t *ctx, unsigned char *ct,
- unsigned char *pt, uint32 len);
+void aes_cbc_encrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst);
+void aes_cbc_decrypt(const void *key, int klen, void *iv, const void *data, size_t len, void *dst);
projects / oweals / busybox.git / commitdiff