summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2003-06-30 19:18:32 +0000
committerNick Mathewson <nickm@torproject.org>2003-06-30 19:18:32 +0000
commit300984c05773084b3a70de88c8deedd8723645e7 (patch)
treed3f48c44f886bafa9dc7b2d283866acdf3457fcf /src
parenta0f15883187da1a381e5a5e1495373b0d30ff636 (diff)
downloadtor-300984c05773084b3a70de88c8deedd8723645e7.tar.gz
tor-300984c05773084b3a70de88c8deedd8723645e7.zip
Add AES counter-mode support to the crypt library
svn:r362
Diffstat (limited to 'src')
-rw-r--r--src/common/Makefile.am4
-rw-r--r--src/common/crypto.c47
-rw-r--r--src/common/crypto.h4
-rw-r--r--src/or/test.c1
4 files changed, 49 insertions, 7 deletions
diff --git a/src/common/Makefile.am b/src/common/Makefile.am
index 11018d53f7..dd50da6eda 100644
--- a/src/common/Makefile.am
+++ b/src/common/Makefile.am
@@ -3,7 +3,7 @@ noinst_LIBRARIES = libor.a
#CFLAGS = -Wall -Wpointer-arith -O2
-libor_a_SOURCES = log.c crypto.c fakepoll.c util.c
+libor_a_SOURCES = log.c crypto.c fakepoll.c util.c aes.c
-noinst_HEADERS = log.h crypto.h fakepoll.h test.h util.h
+noinst_HEADERS = log.h crypto.h fakepoll.h test.h util.h aes.h
diff --git a/src/common/crypto.c b/src/common/crypto.c
index e3b24d7043..5365502fdf 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -20,6 +20,7 @@
#include "crypto.h"
#include "../or/or.h"
#include "log.h"
+#include "aes.h"
#if OPENSSL_VERSION_NUMBER < 0x00905000l
#error "We require openssl >= 0.9.5"
@@ -55,6 +56,7 @@ crypto_cipher_iv_length(int type) {
case CRYPTO_CIPHER_DES: return 8;
case CRYPTO_CIPHER_RC4: return 16;
case CRYPTO_CIPHER_3DES: return 8;
+ case CRYPTO_CIPHER_AES_CTR: return 0;
default: assert(0); return -1;
}
}
@@ -71,6 +73,7 @@ crypto_cipher_key_length(int type) {
case CRYPTO_CIPHER_DES: return 8;
case CRYPTO_CIPHER_RC4: return 16;
case CRYPTO_CIPHER_3DES: return 16;
+ case CRYPTO_CIPHER_AES_CTR: return 16;
default: assert(0); return -1;
}
}
@@ -205,7 +208,9 @@ crypto_cipher_env_t *crypto_new_cipher_env(int type)
iv_len = crypto_cipher_iv_length(type);
key_len = crypto_cipher_key_length(type);
- if (! crypto_cipher_evp_cipher(type,0))
+ if (type == CRYPTO_CIPHER_AES_CTR) {
+ env->aux = (unsigned char *)aes_new_cipher();
+ } else if (! crypto_cipher_evp_cipher(type,0))
/* This is not an openssl cipher */
goto err;
else {
@@ -236,7 +241,11 @@ void crypto_free_cipher_env(crypto_cipher_env_t *env)
{
assert(env);
- if (crypto_cipher_evp_cipher(env->type,0)) {
+ if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ assert(env->aux);
+ aes_free_cipher((aes_cnt_cipher_t*)env->aux);
+ env->aux = NULL;
+ } else if (crypto_cipher_evp_cipher(env->type,0)) {
/* This is an openssl cipher */
assert(env->aux);
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)env->aux);
@@ -618,6 +627,9 @@ int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux,
crypto_cipher_evp_cipher(env->type, 1),
env->key, env->iv));
+ } else if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ aes_set_key((aes_cnt_cipher_t*)env->aux, env->key, 128);
+ return 0;
} else {
return -1;
}
@@ -631,6 +643,9 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux,
crypto_cipher_evp_cipher(env->type, 0),
env->key, env->iv));
+ } else if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ aes_set_key((aes_cnt_cipher_t*)env->aux, env->key, 128);
+ return 0;
} else {
return -1;
}
@@ -642,7 +657,12 @@ int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigne
assert(env && from && to);
- RETURN_SSL_OUTCOME(EVP_EncryptUpdate((EVP_CIPHER_CTX *)env->aux, to, &tolen, from, fromlen));
+ if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ aes_crypt((aes_cnt_cipher_t*)env->aux, from, fromlen, to);
+ return 0;
+ } else {
+ RETURN_SSL_OUTCOME(EVP_EncryptUpdate((EVP_CIPHER_CTX *)env->aux, to, &tolen, from, fromlen));
+ }
}
int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to)
@@ -650,10 +670,27 @@ int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigne
int tolen;
assert(env && from && to);
-
- RETURN_SSL_OUTCOME(EVP_DecryptUpdate((EVP_CIPHER_CTX *)env->aux, to, &tolen, from, fromlen));
+
+ if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ aes_crypt((aes_cnt_cipher_t*)env->aux, from, fromlen, to);
+ return 0;
+ } else {
+ RETURN_SSL_OUTCOME(EVP_DecryptUpdate((EVP_CIPHER_CTX *)env->aux, to, &tolen, from, fromlen));
+ }
+}
+
+int
+crypto_cipher_advance(crypto_cipher_env_t *env, long delta)
+{
+ if (env->type == CRYPTO_CIPHER_AES_CTR) {
+ aes_adjust_counter((aes_cnt_cipher_t*)env->aux, delta);
+ return 0;
+ } else {
+ return -1;
+ }
}
+
/* SHA-1 */
int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest)
{
diff --git a/src/common/crypto.h b/src/common/crypto.h
index b71ed902fa..50b2c9540d 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -13,6 +13,7 @@
#define CRYPTO_CIPHER_DES 1
#define CRYPTO_CIPHER_RC4 2
#define CRYPTO_CIPHER_3DES 3
+#define CRYPTO_CIPHER_AES_CTR 4
#define CRYPTO_PK_RSA 0
@@ -93,6 +94,9 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
int crypto_cipher_decrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to);
+/* only implemented for CRYPTO_CIPHER_AES_CTR */
+int crypto_cipher_advance(crypto_cipher_env_t *env, long delta);
+
/* convenience function: wraps crypto_create_crypto_env, set_key, set_iv, and init. */
crypto_cipher_env_t *crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode);
diff --git a/src/or/test.c b/src/or/test.c
index 45f1d4c8e4..5ca5419d05 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -200,6 +200,7 @@ test_crypto()
CRYPTO_CIPHER_DES,
CRYPTO_CIPHER_RC4,
CRYPTO_CIPHER_3DES,
+ CRYPTO_CIPHER_AES_CTR,
-1 };
data1 = tor_malloc(1024);