From: Andy Polyakov Date: Sat, 10 Apr 2010 14:01:02 +0000 (+0000) Subject: cts128.c: add support for NIST "Ciphertext Stealing" proposal. X-Git-Tag: OpenSSL-fips-2_0-rc1~1139 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=67a315b60baa3e66bc27c3a0021857fa576683bb;p=oweals%2Fopenssl.git cts128.c: add support for NIST "Ciphertext Stealing" proposal. --- diff --git a/crypto/modes/cts128.c b/crypto/modes/cts128.c index e0430f9fdc..450ea44a92 100644 --- a/crypto/modes/cts128.c +++ b/crypto/modes/cts128.c @@ -23,8 +23,9 @@ * deviates from mentioned RFCs. Most notably it allows input to be * of block length and it doesn't flip the order of the last two * blocks. CTS is being discussed even in ECB context, but it's not - * adopted for any known application. This implementation complies - * with mentioned RFCs and [as such] extends CBC mode. + * adopted for any known application. This implementation provides + * two interfaces: one compliant with above mentioned RFCs and one + * compliant with the NIST proposal, both extending CBC mode. */ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, @@ -54,6 +55,34 @@ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, return len+residue; } +size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], block128_f block) +{ size_t residue, n; + + assert (in && out && key && ivec); + + if (len < 16) return 0; + + residue=len%16; + + len -= residue; + + CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block); + + if (residue==0) return len; + + in += len; + out += len; + + for (n=0; n