cast.c

一个加密库代码

	WORD32 av[4] = { 0xeea9d0a2, 0x49fd3ba6, 
		             0xb3436fb8, 0x9d6dca92 };
	WORD32 bv[4] = { 0xb2c95eb0, 0x0c31ad71, 
		             0x80ac05b8, 0xe83d696e };
	
	WORD8 akey[16];
	WORD8 bkey[16];
#endif

	int nI;

	/* test the driver for correct encrypting and decrypting... */
	CASTCTX* testCtx = (CASTCTX*) pTestContext;

	/* offical test vector from C. Adams; For details see [1] */
	WORD8 testKey[16] = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
		                  0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A };
	WORD32 tv_p[2] = { 0x01234567, 0x89abcdef };
	WORD32 tv_c[2] = { 0x238b4fe5, 0x847e44b2 };
	WORD32 tv_t[2] = { 0x00000000, 0x00000000 };

	/* legacy does not matter here actually */
	testCtx->blLegacy = BOOL_FALSE;

	_cast_setkey(testCtx, testKey, 16);

	_cast_encrypt(testCtx, tv_p, tv_t);
	for (nI = 0; nI < sizeof(tv_t); nI++)
	  if ((tv_t[0] != tv_c[0]) || (tv_t[1] != tv_c[1]))
		return CIPHER_ERROR_INVALID;

	_cast_decrypt(testCtx, tv_t, tv_t);
	for (nI = 0; nI < sizeof(tv_t); nI++)
	  if ((tv_t[0] != tv_p[0]) || (tv_t[1] != tv_p[1]))
		return CIPHER_ERROR_INVALID;

	/* Only in the debug version is a full maintenance test
	* included. This test verify "very hard" the correctness
	* of the implementation and S-boxes. Please refer [1] for
	* more details. This test take up to some minutes,
	* depending on the CPU speed, so please don磘 get confused.
	*/

#ifdef _BIGTEST

	for (nI = 0 ; nI < 1000000 ; nI++) 
	{
		WORD32_TO_BYTES(b[0], bkey)
		WORD32_TO_BYTES(b[1], bkey + 4)
		WORD32_TO_BYTES(b[2], bkey + 8)
		WORD32_TO_BYTES(b[3], bkey + 12)

		_cast_setkey (testCtx, bkey, sizeof(bkey));
		_cast_encrypt(testCtx, &a[0], &a[0]);
		_cast_encrypt(testCtx, &a[8], &a[8]);

		WORD32_TO_BYTES(a[0], akey)
		WORD32_TO_BYTES(a[1], akey + 4)
		WORD32_TO_BYTES(a[2], akey + 8)
		WORD32_TO_BYTES(a[3], akey + 12)

		_cast_setkey (testCtx, a, sizeof(a));
		_cast_encrypt(testCtx, &b[0], &b[0]);
		_cast_encrypt(testCtx, &b[8], &b[8]);
	}
	for (nI = 0; nI < sizeof(a); nI++)
	  if (a[nI] - av[nI])
		return CIPHER_ERROR_INVALID;

	for (nI = 0; nI < sizeof(b); nI++)
	  if (b[nI] - bv[nI])
		return CIPHER_ERROR_INVALID;
#endif

	/* Test passes */
	return CIPHER_ERROR_NOERROR;
}

/*
* Create Work Context
*/
WORD32 CAST_CreateWorkContext
(void* pContext,
 const WORD8* pKey,
 WORD32 lKeyLen,
 WORD32 lMode,
 void* pInitData,
 Cipher_RandomGenerator GetRndBytes,
 const void* pRndGenData) 
{
	WORD8* pbInit;
	CASTCTX* pCtx = (CASTCTX*) pContext;

	/* check if we keep up to the standard */
	pCtx->blLegacy = (CIPHER_GETFLAGS(lMode) & CIPHER_MODE_FLAG_LEGACY) ?
		BOOL_TRUE : BOOL_FALSE;

	/* do the key setup */
	_cast_setkey(pCtx, (WORD8*)pKey, lKeyLen);

	/* for encryption create a CBC IV */
	pbInit = (WORD8*) pInitData;
	if (CIPHER_GETMODE(lMode) == CIPHER_MODE_ENCRYPT)
		GetRndBytes(pbInit, 8, pRndGenData); 

	/* set the CBC IV */
	if (pCtx->blLegacy)
	{
		pCtx->lCBCLo = BYTES_TO_WORD32_X86(pbInit);
		pCtx->lCBCHi = BYTES_TO_WORD32_X86(pbInit + 4);
	}
	else
	{
		pCtx->lCBCHi = BYTES_TO_WORD32(pbInit);
		pCtx->lCBCLo = BYTES_TO_WORD32(pbInit + 4);
	}

	/* In CAST are no weak keys known */
	return CIPHER_ERROR_NOERROR;
}

/*
* Reset Work Context
*/
void CAST_ResetWorkContext
(void* pContext,
 WORD32 lMode,
 void* pInitData,
 Cipher_RandomGenerator GetRndBytes,
 const void* pRndGenData) 
{
	CASTCTX* pCtx = (CASTCTX*) pContext;

	/* just reset the CBC IV */
	WORD8* pbInit = (WORD8*) pInitData;
	if (CIPHER_GETMODE(lMode) == CIPHER_MODE_ENCRYPT)
		GetRndBytes(pbInit, 8, pRndGenData); 

	/* set the CBC IV */
	if (pCtx->blLegacy)
	{
		pCtx->lCBCLo = BYTES_TO_WORD32_X86(pbInit);
		pCtx->lCBCHi = BYTES_TO_WORD32_X86(pbInit + 4);
	}
	else
	{
		pCtx->lCBCHi = BYTES_TO_WORD32(pbInit);
		pCtx->lCBCLo = BYTES_TO_WORD32(pbInit + 4);
	}
}


/*
* Destroy Work Context
*/
WORD32 CAST_DestroyWorkContext
(void* pContext) 
{
	/* clear the context */
	int nI;
	WORD8* clearIt = (WORD8*) pContext;
	for (nI = 0; nI < sizeof(CASTCTX); nI++) clearIt[nI] = 0x00;
	return CIPHER_ERROR_NOERROR;
}

/*
* Encrypt Buffer
*/
void CAST_EncryptBuffer
(void* pContext,
 const void* pSource,
 void* pTarget,
 WORD32 lNumOfBytes) 
{
	WORD32 lI;
	WORD32 blk[2];
	WORD8* pbIn = (WORD8*) pSource;
	WORD8* pbOut = (WORD8*) pTarget;
	CASTCTX* pCtx = (CASTCTX*) pContext;

	/* anything to encrypt? */
	lNumOfBytes &= ~7;
	if (0 == lNumOfBytes) return;

	/* work through all blocks... */
	for (lI = 0; lI < lNumOfBytes; lI += 8) 
	{
		/* get and chain the block */
		if (pCtx->blLegacy)
		{
			blk[0] = BYTES_TO_WORD32_X86(pbIn) ^ pCtx->lCBCLo;
			blk[1] = BYTES_TO_WORD32_X86(pbIn + 4) ^ pCtx->lCBCHi;
			
			blk[0] = WORD32_REVERSE_ORDER(blk[0]);
			blk[1] = WORD32_REVERSE_ORDER(blk[1]);
		}
		else
		{
			blk[0] = BYTES_TO_WORD32(pbIn) ^ pCtx->lCBCHi;
			blk[1] = BYTES_TO_WORD32(pbIn + 4) ^ pCtx->lCBCLo;
		}
		pbIn += 8;

		// encrypt the block
		_cast_encrypt(pCtx, blk, blk);

		/* copy it back and set the new CBC IV */
		if (pCtx->blLegacy)
		{
			WORD32_TO_BYTES(blk[0], pbOut)
			WORD32_TO_BYTES(blk[1], pbOut + 4)

			pCtx->lCBCLo = WORD32_REVERSE_ORDER(blk[0]);
			pCtx->lCBCHi = WORD32_REVERSE_ORDER(blk[1]);
		}
		else
		{
			WORD32_TO_BYTES(blk[0], pbOut)
			WORD32_TO_BYTES(blk[1], pbOut + 4)

			pCtx->lCBCHi = blk[0];
			pCtx->lCBCLo = blk[1];
		}

		pbOut += 8;
	}
}

/*
* Decrypt Buffer
*/
void CAST_DecryptBuffer
(void* pContext,
 const void* pSource,
 void* pTarget,
 WORD32 lNumOfBytes,
 const void* pPreviousBlock) 
{
	WORD32 lI;
	WORD32 blk[2];
	WORD32 saveIV[2];
	WORD8* pbIn = (WORD8*) pSource;
	WORD8* pbOut = (WORD8*) pTarget;
	WORD8* pbPrev = (WORD8*) pPreviousBlock;
	CASTCTX* pCtx = (CASTCTX*) pContext;

	/* anything to decrypt? */
	if (0 == (lNumOfBytes &= ~7)) return;

	/* load a new CBC IV, if necessary */
	if (CIPHER_NULL != pbPrev)  
	{
		if (pCtx->blLegacy)
		{
			pCtx->lCBCLo = BYTES_TO_WORD32_X86(pbPrev);
			pCtx->lCBCHi = BYTES_TO_WORD32_X86(pbPrev + 4);
		}
		else
		{
			pCtx->lCBCHi = BYTES_TO_WORD32(pbPrev);
			pCtx->lCBCLo = BYTES_TO_WORD32(pbPrev + 4);
		}
	}

	/* work through all blocks... */ 
	for (lI = 0; lI < lNumOfBytes; lI += 8) 
	{
		/* load the current block */
		if (pCtx->blLegacy)
		{
			blk[0] = BYTES_TO_WORD32_X86(pbIn);
			blk[1] = BYTES_TO_WORD32_X86(pbIn + 4);
		}
		else
		{
			blk[0] = BYTES_TO_WORD32(pbIn);
			blk[1] = BYTES_TO_WORD32(pbIn + 4);
		}
		pbIn += 8;

		/* save the recent CBC IV */ 
		saveIV[0] = blk[0];
		saveIV[1] = blk[1];
		
		if (pCtx->blLegacy)
		{
			blk[0] = WORD32_REVERSE_ORDER(blk[0]);
			blk[1] = WORD32_REVERSE_ORDER(blk[1]);
		}

		/* decrypt the block */ 
		_cast_decrypt(pCtx, blk, blk);

		/* unchain the recent block and set the new IV */

		if (pCtx->blLegacy)
		{
			blk[0] = WORD32_REVERSE_ORDER(blk[0]);
			blk[1] = WORD32_REVERSE_ORDER(blk[1]);

			blk[0] ^= pCtx->lCBCLo;
			blk[1] ^= pCtx->lCBCHi;

			WORD32_TO_BYTES_X86(blk[0], pbOut)
			WORD32_TO_BYTES_X86(blk[1], pbOut + 4)

			pCtx->lCBCLo = saveIV[0];
			pCtx->lCBCHi = saveIV[1];
		}
		else
		{
			blk[0] ^= pCtx->lCBCHi;
			blk[1] ^= pCtx->lCBCLo;

			WORD32_TO_BYTES(blk[0], pbOut)
			WORD32_TO_BYTES(blk[1], pbOut + 4)

			pCtx->lCBCHi = saveIV[0];
			pCtx->lCBCLo = saveIV[1];
		}

		pbOut += 8;
	}
}


/*
* That磗 all for now, folks
*/