ocb.c
来自「文件驱动加密,功能强大,可产生加密分区,支持AES,MD2,MD4,MD5MD2」· C语言 代码 · 共 637 行 · 第 1/2 页
C
637 行
{
int err;
unsigned char tagbuf[MAXBLOCKSIZE];
unsigned long tagbuflen;
_ARGCHK(ocb != NULL);
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);
_ARGCHK(tag != NULL);
_ARGCHK(res != NULL);
*res = 0;
tagbuflen = sizeof(tagbuf);
if ((err = _ocb_done(ocb, ct, ctlen, pt, tagbuf, &tagbuflen, 1)) != CRYPT_OK) {
return err;
}
if (taglen <= tagbuflen && memcmp(tagbuf, tag, taglen) == 0) {
*res = 1;
}
#ifdef CLEAN_STACK
zeromem(tagbuf, sizeof(tagbuf));
#endif
return CRYPT_OK;
}
int ocb_encrypt_authenticate_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce,
const unsigned char *pt, unsigned long ptlen,
unsigned char *ct,
unsigned char *tag, unsigned long *taglen)
{
int err;
ocb_state ocb;
_ARGCHK(key != NULL);
_ARGCHK(nonce != NULL);
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);
_ARGCHK(tag != NULL);
_ARGCHK(taglen != NULL);
if ((err = ocb_init(&ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
return err;
}
while (ptlen > (unsigned long)ocb.block_len) {
if ((err = ocb_encrypt(&ocb, pt, ct)) != CRYPT_OK) {
return err;
}
ptlen -= ocb.block_len;
pt += ocb.block_len;
ct += ocb.block_len;
}
err = ocb_done_encrypt(&ocb, pt, ptlen, ct, tag, taglen);
#ifdef CLEAN_STACK
zeromem(&ocb, sizeof(ocb));
#endif
return err;
}
int ocb_decrypt_verify_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce,
const unsigned char *ct, unsigned long ctlen,
unsigned char *pt,
const unsigned char *tag, unsigned long taglen,
int *res)
{
int err;
ocb_state ocb;
_ARGCHK(key != NULL);
_ARGCHK(nonce != NULL);
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);
_ARGCHK(tag != NULL);
_ARGCHK(res != NULL);
if ((err = ocb_init(&ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
return err;
}
while (ctlen > (unsigned long)ocb.block_len) {
if ((err = ocb_decrypt(&ocb, ct, pt)) != CRYPT_OK) {
return err;
}
ctlen -= ocb.block_len;
pt += ocb.block_len;
ct += ocb.block_len;
}
err = ocb_done_decrypt(&ocb, ct, ctlen, pt, tag, taglen, res);
#ifdef CLEAN_STACK
zeromem(&ocb, sizeof(ocb));
#endif
return err;
}
int ocb_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
int ptlen;
unsigned char key[16], nonce[16], pt[34], ct[34], tag[16];
} tests[] = {
/* OCB-AES-128-0B */
{
0,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0 },
/* ct */
{ 0 },
/* tag */
{ 0x15, 0xd3, 0x7d, 0xd7, 0xc8, 0x90, 0xd5, 0xd6,
0xac, 0xab, 0x92, 0x7b, 0xc0, 0xdc, 0x60, 0xee },
},
/* OCB-AES-128-3B */
{
3,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0x00, 0x01, 0x02 },
/* ct */
{ 0xfc, 0xd3, 0x7d },
/* tag */
{ 0x02, 0x25, 0x47, 0x39, 0xa5, 0xe3, 0x56, 0x5a,
0xe2, 0xdc, 0xd6, 0x2c, 0x65, 0x97, 0x46, 0xba },
},
/* OCB-AES-128-16B */
{
16,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* ct */
{ 0x37, 0xdf, 0x8c, 0xe1, 0x5b, 0x48, 0x9b, 0xf3,
0x1d, 0x0f, 0xc4, 0x4d, 0xa1, 0xfa, 0xf6, 0xd6 },
/* tag */
{ 0xdf, 0xb7, 0x63, 0xeb, 0xdb, 0x5f, 0x0e, 0x71,
0x9c, 0x7b, 0x41, 0x61, 0x80, 0x80, 0x04, 0xdf },
},
/* OCB-AES-128-20B */
{
20,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13 },
/* ct */
{ 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
0x70, 0x03, 0xeb, 0x55},
/* tag */
{ 0x75, 0x30, 0x84, 0x14, 0x4e, 0xb6, 0x3b, 0x77,
0x0b, 0x06, 0x3c, 0x2e, 0x23, 0xcd, 0xa0, 0xbb },
},
/* OCB-AES-128-32B */
{
32,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
/* ct */
{ 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
0x4a, 0xfc, 0xbb, 0x7f, 0xed, 0xc0, 0x8c, 0xa8,
0x65, 0x4c, 0x6d, 0x30, 0x4d, 0x16, 0x12, 0xfa },
/* tag */
{ 0xc1, 0x4c, 0xbf, 0x2c, 0x1a, 0x1f, 0x1c, 0x3c,
0x13, 0x7e, 0xad, 0xea, 0x1f, 0x2f, 0x2f, 0xcf },
},
/* OCB-AES-128-34B */
{
34,
/* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
/* nonce */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
/* pt */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21 },
/* ct */
{ 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
0xd4, 0x90, 0x3d, 0xd0, 0x02, 0x5b, 0xa4, 0xaa,
0x83, 0x7c, 0x74, 0xf1, 0x21, 0xb0, 0x26, 0x0f,
0xa9, 0x5d },
/* tag */
{ 0xcf, 0x83, 0x41, 0xbb, 0x10, 0x82, 0x0c, 0xcf,
0x14, 0xbd, 0xec, 0x56, 0xb8, 0xd7, 0xd6, 0xab },
},
};
int err, x, idx, res;
unsigned long len;
unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
/* AES can be under rijndael or aes... try to find it */
if ((idx = find_cipher("aes")) == -1) {
if ((idx = find_cipher("rijndael")) == -1) {
return CRYPT_NOP;
}
}
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
len = sizeof(outtag);
if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16,
tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) {
return err;
}
if (memcmp(outtag, tests[x].tag, len) || memcmp(outct, tests[x].ct, tests[x].ptlen)) {
#if 0
unsigned long y;
printf("\n\nFailure: \nCT:\n");
for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
printf("0x%02x", outct[y]);
if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
if (!(++y % 8)) printf("\n");
}
printf("\nTAG:\n");
for (y = 0; y < len; ) {
printf("0x%02x", outtag[y]);
if (y < len-1) printf(", ");
if (!(++y % 8)) printf("\n");
}
#endif
return CRYPT_FAIL_TESTVECTOR;
}
if ((err = ocb_decrypt_verify_memory(idx, tests[x].key, 16, tests[x].nonce, outct, tests[x].ptlen,
outct, tests[x].tag, len, &res)) != CRYPT_OK) {
return err;
}
if (res != 1 || memcmp(tests[x].pt, outct, tests[x].ptlen)) {
#if 0
unsigned long y;
printf("\n\nFailure-decrypt: \nPT:\n");
for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
printf("0x%02x", outct[y]);
if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
if (!(++y % 8)) printf("\n");
}
printf("\nres = %d\n\n", res);
#endif
}
}
return CRYPT_OK;
#endif /* LTC_TEST */
}
#endif /* OCB_MODE */
/* some comments
-- it's hard to seek
-- hard to stream [you can't emit ciphertext until full block]
-- The setup is somewhat complicated...
*/
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?