From a052dd6532321ebb01936d1dcdb99481f741ad6a Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Sun, 27 Jul 2003 13:46:57 +0000 Subject: [PATCH] Add untested CFB-r mode. Will be tested soon. --- crypto/aes/aes.h | 3 +++ crypto/aes/aes_cfb.c | 57 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index da067f4a8f..9ba4e61a21 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -95,6 +95,9 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc); +void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, + const int nbits,const AES_KEY *key, + unsigned char *ivec,const int enc); void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, int *num); diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c index 9b569dda90..209a346748 100644 --- a/crypto/aes/aes_cfb.c +++ b/crypto/aes/aes_cfb.c @@ -155,3 +155,60 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, *num=n; } +/* This expects a single block of size nbits for both in and out. Note that + it corrupts any extra bits in the last byte of out */ +/* Untested, once it is working, it will be optimised */ +void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out, + const int nbits,const AES_KEY *key, + unsigned char *ivec,const int enc) + { + unsigned int n; + unsigned char ovec[AES_BLOCK_SIZE*2]; + + assert(in && out && key && ivec); + if(enc) + { + /* construct the new IV in the second half of ovec */ + AES_encrypt(ivec,ovec+AES_BLOCK_SIZE,key); + /* encrypt the input */ + for(n=0 ; n < (nbits+7)/8 ; ++n) + out[n]=in[n]^ovec[n+AES_BLOCK_SIZE]; + /* fill in the first half of the new IV with the current IV */ + memcpy(ovec,ivec,AES_BLOCK_SIZE); + /* shift ovec left most of the bits... */ + memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0)); + /* now the remaining bits */ + if(nbits%8 != 0) + for(n=0 ; n < AES_BLOCK_SIZE ; ++n) + { + ovec[n]<<=nbits%8; + ovec[n]|=ovec[n+1]>>(8-nbits%8); + } + /* finally, move it back into place */ + memcpy(ivec,ovec,AES_BLOCK_SIZE); + } + else + { + /* construct the new IV in the first half of ovec */ + AES_encrypt(ivec,ovec,key); + /* decrypt the input */ + for(n=0 ; n < (nbits+7)/8 ; ++n) + out[n]=in[n]^ovec[n]; + /* fill in the first half of the new IV with the current IV */ + memcpy(ovec,ivec,AES_BLOCK_SIZE); + /* append the ciphertext */ + memcpy(ovec+AES_BLOCK_SIZE,in,(nbits+7)/8); + /* shift ovec left most of the bits... */ + memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0)); + /* now the remaining bits */ + if(nbits%8 != 0) + for(n=0 ; n < AES_BLOCK_SIZE ; ++n) + { + ovec[n]<<=nbits%8; + ovec[n]|=ovec[n+1]>>(8-nbits%8); + } + /* finally, move it back into place */ + memcpy(ivec,ovec,AES_BLOCK_SIZE); + } + /* it is not necessary to cleanse ovec, since the IV is not secret */ + } -- 2.25.1