mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-06 00:00:47 -04:00
crypter_t api supports in-place encryption using NULL as output parameter
This commit is contained in:
Martin Willi
parent
d691080cfc
commit
f5475fa440
@ -63,10 +63,11 @@ struct crypter_t {
|
||||
*
|
||||
* The length of the iv must equal to get_block_size(), while the length
|
||||
* of data must be a multiple it.
|
||||
* If encrypted is NULL, the encryption is done in-place (overwriting data).
|
||||
*
|
||||
* @param data data to encrypt
|
||||
* @param iv initializing vector
|
||||
* @param encrypted chunk to allocate encrypted data
|
||||
* @param encrypted chunk to allocate encrypted data, or NULL
|
||||
*/
|
||||
void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *encrypted);
|
||||
@ -76,10 +77,11 @@ struct crypter_t {
|
||||
*
|
||||
* The length of the iv must equal to get_block_size(), while the length
|
||||
* of data must be a multiple it.
|
||||
* If decrpyted is NULL, the encryption is done in-place (overwriting data).
|
||||
*
|
||||
* @param data data to decrypt
|
||||
* @param iv initializing vector
|
||||
* @param encrypted chunk to allocate decrypted data
|
||||
* @param encrypted chunk to allocate decrypted data, or NULL
|
||||
*/
|
||||
void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *decrypted);
|
||||
|
||||
@ -1345,9 +1345,16 @@ static void decrypt(private_aes_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
const u_int32_t *iv_i;
|
||||
u_int8_t *in, *out;
|
||||
|
||||
if (decrypted)
|
||||
{
|
||||
*decrypted = chunk_alloc(data.len);
|
||||
in = data.ptr;
|
||||
out = decrypted->ptr;
|
||||
}
|
||||
else
|
||||
{
|
||||
out = data.ptr;
|
||||
}
|
||||
in = data.ptr;
|
||||
|
||||
pos = data.len-16;
|
||||
in += pos;
|
||||
@ -1384,9 +1391,13 @@ static void encrypt (private_aes_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
const u_int32_t *iv_i;
|
||||
u_int8_t *in, *out;
|
||||
|
||||
*encrypted = chunk_alloc(data.len);
|
||||
in = data.ptr;
|
||||
out = data.ptr;
|
||||
if (encrypted)
|
||||
{
|
||||
*encrypted = chunk_alloc(data.len);
|
||||
out = encrypted->ptr;
|
||||
}
|
||||
|
||||
pos=0;
|
||||
while(pos<data.len)
|
||||
|
||||
@ -1364,10 +1364,15 @@ static void decrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *decrypted)
|
||||
{
|
||||
des_cblock ivb;
|
||||
u_int8_t *out;
|
||||
|
||||
out = data.ptr;
|
||||
if (decrypted)
|
||||
{
|
||||
*decrypted = chunk_alloc(data.len);
|
||||
}
|
||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
|
||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||
data.len, this->ks, &ivb, DES_DECRYPT);
|
||||
}
|
||||
|
||||
@ -1379,10 +1384,15 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *encrypted)
|
||||
{
|
||||
des_cblock ivb;
|
||||
u_int8_t *out;
|
||||
|
||||
out = data.ptr;
|
||||
if (encrypted)
|
||||
{
|
||||
*encrypted = chunk_alloc(data.len);
|
||||
}
|
||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
|
||||
des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||
data.len, this->ks, &ivb, DES_ENCRYPT);
|
||||
}
|
||||
|
||||
@ -1393,10 +1403,15 @@ static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *decrypted)
|
||||
{
|
||||
des_cblock ivb;
|
||||
u_int8_t *out;
|
||||
|
||||
out = data.ptr;
|
||||
if (decrypted)
|
||||
{
|
||||
*decrypted = chunk_alloc(data.len);
|
||||
}
|
||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
|
||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
||||
&ivb, DES_DECRYPT);
|
||||
}
|
||||
@ -1408,10 +1423,15 @@ static void encrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
|
||||
chunk_t *encrypted)
|
||||
{
|
||||
des_cblock ivb;
|
||||
u_int8_t *out;
|
||||
|
||||
out = data.ptr;
|
||||
if (encrypted)
|
||||
{
|
||||
*encrypted = chunk_alloc(data.len);
|
||||
}
|
||||
memcpy(&ivb, iv.ptr, sizeof(des_cblock));
|
||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
|
||||
des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
|
||||
data.len, this->ks3[0], this->ks3[1], this->ks3[2],
|
||||
&ivb, DES_ENCRYPT);
|
||||
}
|
||||
|
||||
@ -116,13 +116,20 @@ static void crypt(private_openssl_crypter_t *this, chunk_t data,
|
||||
chunk_t iv, chunk_t *dst, int enc)
|
||||
{
|
||||
int len;
|
||||
u_char *out;
|
||||
|
||||
out = data.ptr;
|
||||
if (dst)
|
||||
{
|
||||
*dst = chunk_alloc(data.len);
|
||||
out = dst->ptr;
|
||||
}
|
||||
EVP_CIPHER_CTX ctx;
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc);
|
||||
EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */
|
||||
*dst = chunk_alloc(data.len);
|
||||
EVP_CipherUpdate(&ctx, dst->ptr, &len, data.ptr, data.len);
|
||||
EVP_CipherFinal_ex(&ctx, dst->ptr, &len); /* since padding is disabled this does nothing */
|
||||
EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len);
|
||||
EVP_CipherFinal_ex(&ctx, out, &len); /* since padding is disabled this does nothing */
|
||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user