mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-07 00:01:49 -04:00
crypter_t api supports in-place encryption using NULL as output parameter
This commit is contained in:
Martin Willi
parent
d691080cfc
commit
f5475fa440
@ -63,10 +63,11 @@ struct crypter_t {
|
|||||||
*
|
*
|
||||||
* The length of the iv must equal to get_block_size(), while the length
|
* The length of the iv must equal to get_block_size(), while the length
|
||||||
* of data must be a multiple it.
|
* of data must be a multiple it.
|
||||||
|
* If encrypted is NULL, the encryption is done in-place (overwriting data).
|
||||||
*
|
*
|
||||||
* @param data data to encrypt
|
* @param data data to encrypt
|
||||||
* @param iv initializing vector
|
* @param iv initializing vector
|
||||||
* @param encrypted chunk to allocate encrypted data
|
* @param encrypted chunk to allocate encrypted data, or NULL
|
||||||
*/
|
*/
|
||||||
void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
||||||
chunk_t *encrypted);
|
chunk_t *encrypted);
|
||||||
@ -76,10 +77,11 @@ struct crypter_t {
|
|||||||
*
|
*
|
||||||
* The length of the iv must equal to get_block_size(), while the length
|
* The length of the iv must equal to get_block_size(), while the length
|
||||||
* of data must be a multiple it.
|
* of data must be a multiple it.
|
||||||
|
* If decrpyted is NULL, the encryption is done in-place (overwriting data).
|
||||||
*
|
*
|
||||||
* @param data data to decrypt
|
* @param data data to decrypt
|
||||||
* @param iv initializing vector
|
* @param iv initializing vector
|
||||||
* @param encrypted chunk to allocate decrypted data
|
* @param encrypted chunk to allocate decrypted data, or NULL
|
||||||
*/
|
*/
|
||||||
void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
||||||
chunk_t *decrypted);
|
chunk_t *decrypted);
|
||||||
|
|||||||
@ -1345,9 +1345,16 @@ static void decrypt(private_aes_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
const u_int32_t *iv_i;
|
const u_int32_t *iv_i;
|
||||||
u_int8_t *in, *out;
|
u_int8_t *in, *out;
|
||||||
|
|
||||||
|
if (decrypted)
|
||||||
|
{
|
||||||
*decrypted = chunk_alloc(data.len);
|
*decrypted = chunk_alloc(data.len);
|
||||||
in = data.ptr;
|
|
||||||
out = decrypted->ptr;
|
out = decrypted->ptr;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
out = data.ptr;
|
||||||
|
}
|
||||||
|
in = data.ptr;
|
||||||
|
|
||||||
pos = data.len-16;
|
pos = data.len-16;
|
||||||
in += pos;
|
in += pos;
|
||||||
@ -1384,9 +1391,13 @@ static void encrypt (private_aes_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
const u_int32_t *iv_i;
|
const u_int32_t *iv_i;
|
||||||
u_int8_t *in, *out;
|
u_int8_t *in, *out;
|
||||||
|
|
||||||
*encrypted = chunk_alloc(data.len);
|
|
||||||
in = data.ptr;
|
in = data.ptr;
|
||||||
|
out = data.ptr;
|
||||||
|
if (encrypted)
|
||||||
|
{
|
||||||
|
*encrypted = chunk_alloc(data.len);
|
||||||
out = encrypted->ptr;
|
out = encrypted->ptr;
|
||||||
|
}
|
||||||
|
|
||||||
pos=0;
|
pos=0;
|
||||||
while(pos<data.len)
|
while(pos<data.len)
|
||||||
|
|||||||
@ -1364,10 +1364,15 @@ static void decrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
chunk_t *decrypted)
|
chunk_t *decrypted)
|
||||||
{
|
{
|
||||||
des_cblock ivb;
|
des_cblock ivb;
|
||||||
|
u_int8_t *out;
|
||||||
|
|
||||||
|
out = data.ptr;
|
||||||
|
if (decrypted)
|
||||||
|
{
|
||||||
*decrypted = chunk_alloc(data.len);
|
*decrypted = chunk_alloc(data.len);
|
||||||
|
}
|
||||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
|
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||||
data.len, this->ks, &ivb, DES_DECRYPT);
|
data.len, this->ks, &ivb, DES_DECRYPT);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1379,10 +1384,15 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
chunk_t *encrypted)
|
chunk_t *encrypted)
|
||||||
{
|
{
|
||||||
des_cblock ivb;
|
des_cblock ivb;
|
||||||
|
u_int8_t *out;
|
||||||
|
|
||||||
|
out = data.ptr;
|
||||||
|
if (encrypted)
|
||||||
|
{
|
||||||
*encrypted = chunk_alloc(data.len);
|
*encrypted = chunk_alloc(data.len);
|
||||||
|
}
|
||||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
|
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||||
data.len, this->ks, &ivb, DES_ENCRYPT);
|
data.len, this->ks, &ivb, DES_ENCRYPT);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1393,10 +1403,15 @@ static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
chunk_t *decrypted)
|
chunk_t *decrypted)
|
||||||
{
|
{
|
||||||
des_cblock ivb;
|
des_cblock ivb;
|
||||||
|
u_int8_t *out;
|
||||||
|
|
||||||
|
out = data.ptr;
|
||||||
|
if (decrypted)
|
||||||
|
{
|
||||||
*decrypted = chunk_alloc(data.len);
|
*decrypted = chunk_alloc(data.len);
|
||||||
|
}
|
||||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
|
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||||
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
||||||
&ivb, DES_DECRYPT);
|
&ivb, DES_DECRYPT);
|
||||||
}
|
}
|
||||||
@ -1408,10 +1423,15 @@ static void encrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
|||||||
chunk_t *encrypted)
|
chunk_t *encrypted)
|
||||||
{
|
{
|
||||||
des_cblock ivb;
|
des_cblock ivb;
|
||||||
|
u_int8_t *out;
|
||||||
|
|
||||||
|
out = data.ptr;
|
||||||
|
if (encrypted)
|
||||||
|
{
|
||||||
*encrypted = chunk_alloc(data.len);
|
*encrypted = chunk_alloc(data.len);
|
||||||
|
}
|
||||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
|
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||||
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
||||||
&ivb, DES_ENCRYPT);
|
&ivb, DES_ENCRYPT);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -116,13 +116,20 @@ static void crypt(private_openssl_crypter_t *this, chunk_t data,
|
|||||||
chunk_t iv, chunk_t *dst, int enc)
|
chunk_t iv, chunk_t *dst, int enc)
|
||||||
{
|
{
|
||||||
int len;
|
int len;
|
||||||
|
u_char *out;
|
||||||
|
|
||||||
|
out = data.ptr;
|
||||||
|
if (dst)
|
||||||
|
{
|
||||||
|
*dst = chunk_alloc(data.len);
|
||||||
|
out = dst->ptr;
|
||||||
|
}
|
||||||
EVP_CIPHER_CTX ctx;
|
EVP_CIPHER_CTX ctx;
|
||||||
EVP_CIPHER_CTX_init(&ctx);
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc);
|
EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc);
|
||||||
EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */
|
EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */
|
||||||
*dst = chunk_alloc(data.len);
|
EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len);
|
||||||
EVP_CipherUpdate(&ctx, dst->ptr, &len, data.ptr, data.len);
|
EVP_CipherFinal_ex(&ctx, out, &len); /* since padding is disabled this does nothing */
|
||||||
EVP_CipherFinal_ex(&ctx, dst->ptr, &len); /* since padding is disabled this does nothing */
|
|
||||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user