xref: /netbsd-src/crypto/external/bsd/heimdal/dist/lib/hcrypto/aes.c (revision d3273b5b76f5afaafe308cead5511dbb8df8c5e9) 
1 /*	$NetBSD: aes.c,v 1.2 2017/01/28 21:31:47 christos Exp $	*/
2 
3 /*
4  * Copyright (c) 2003 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include <config.h>
37 #include <krb5/roken.h>
38 
39 #ifdef KRB5
40 #include <krb5/krb5-types.h>
41 #endif
42 
43 #include "rijndael-alg-fst.h"
44 #include "aes.h"
45 
46 int
AES_set_encrypt_key(const unsigned char * userkey,const int bits,AES_KEY * key)47 AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
48 {
49     key->rounds = rijndaelKeySetupEnc(key->key, userkey, bits);
50     if (key->rounds == 0)
51 	return -1;
52     return 0;
53 }
54 
55 int
AES_set_decrypt_key(const unsigned char * userkey,const int bits,AES_KEY * key)56 AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
57 {
58     key->rounds = rijndaelKeySetupDec(key->key, userkey, bits);
59     if (key->rounds == 0)
60 	return -1;
61     return 0;
62 }
63 
64 void
AES_encrypt(const unsigned char * in,unsigned char * out,const AES_KEY * key)65 AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
66 {
67     rijndaelEncrypt(key->key, key->rounds, in, out);
68 }
69 
70 void
AES_decrypt(const unsigned char * in,unsigned char * out,const AES_KEY * key)71 AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
72 {
73     rijndaelDecrypt(key->key, key->rounds, in, out);
74 }
75 
76 void
AES_cbc_encrypt(const unsigned char * in,unsigned char * out,unsigned long size,const AES_KEY * key,unsigned char * iv,int forward_encrypt)77 AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
78 		unsigned long size, const AES_KEY *key,
79 		unsigned char *iv, int forward_encrypt)
80 {
81     unsigned char tmp[AES_BLOCK_SIZE];
82     int i;
83 
84     if (forward_encrypt) {
85 	while (size >= AES_BLOCK_SIZE) {
86 	    for (i = 0; i < AES_BLOCK_SIZE; i++)
87 		tmp[i] = in[i] ^ iv[i];
88 	    AES_encrypt(tmp, out, key);
89 	    memcpy(iv, out, AES_BLOCK_SIZE);
90 	    size -= AES_BLOCK_SIZE;
91 	    in += AES_BLOCK_SIZE;
92 	    out += AES_BLOCK_SIZE;
93 	}
94 	if (size) {
95 	    for (i = 0; i < size; i++)
96 		tmp[i] = in[i] ^ iv[i];
97 	    for (i = size; i < AES_BLOCK_SIZE; i++)
98 		tmp[i] = iv[i];
99 	    AES_encrypt(tmp, out, key);
100 	    memcpy(iv, out, AES_BLOCK_SIZE);
101 	}
102     } else {
103 	while (size >= AES_BLOCK_SIZE) {
104 	    memcpy(tmp, in, AES_BLOCK_SIZE);
105 	    AES_decrypt(tmp, out, key);
106 	    for (i = 0; i < AES_BLOCK_SIZE; i++)
107 		out[i] ^= iv[i];
108 	    memcpy(iv, tmp, AES_BLOCK_SIZE);
109 	    size -= AES_BLOCK_SIZE;
110 	    in += AES_BLOCK_SIZE;
111 	    out += AES_BLOCK_SIZE;
112 	}
113 	if (size) {
114 	    memcpy(tmp, in, AES_BLOCK_SIZE);
115 	    AES_decrypt(tmp, out, key);
116 	    for (i = 0; i < size; i++)
117 		out[i] ^= iv[i];
118 	    memcpy(iv, tmp, AES_BLOCK_SIZE);
119 	}
120     }
121 }
122 
123 void
AES_cfb8_encrypt(const unsigned char * in,unsigned char * out,unsigned long size,const AES_KEY * key,unsigned char * iv,int forward_encrypt)124 AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
125                  unsigned long size, const AES_KEY *key,
126                  unsigned char *iv, int forward_encrypt)
127 {
128     int i;
129 
130     for (i = 0; i < size; i++) {
131         unsigned char tmp[AES_BLOCK_SIZE + 1];
132 
133         memcpy(tmp, iv, AES_BLOCK_SIZE);
134         AES_encrypt(iv, iv, key);
135         if (!forward_encrypt) {
136             tmp[AES_BLOCK_SIZE] = in[i];
137         }
138         out[i] = in[i] ^ iv[0];
139         if (forward_encrypt) {
140             tmp[AES_BLOCK_SIZE] = out[i];
141         }
142         memcpy(iv, &tmp[1], AES_BLOCK_SIZE);
143     }
144 }
145