diff options
-rw-r--r-- | checks/validate.dat | 7 | ||||
-rw-r--r-- | src/aont/package.cpp | 14 | ||||
-rw-r--r-- | src/cryptobox/cryptobox.cpp | 7 | ||||
-rw-r--r-- | src/engine/def_engine/def_mode.cpp | 6 | ||||
-rw-r--r-- | src/filters/algo_filt.cpp | 19 | ||||
-rw-r--r-- | src/filters/filters.h | 7 | ||||
-rw-r--r-- | src/modes/ctr/ctr.cpp | 146 | ||||
-rw-r--r-- | src/modes/ctr/ctr.h | 46 | ||||
-rw-r--r-- | src/stream/ctr/ctr.cpp | 141 | ||||
-rw-r--r-- | src/stream/ctr/ctr.h | 49 | ||||
-rw-r--r-- | src/stream/ctr/info.txt (renamed from src/modes/ctr/info.txt) | 6 |
11 files changed, 231 insertions, 217 deletions
diff --git a/checks/validate.dat b/checks/validate.dat index de9db0b89..1ea88bcf3 100644 --- a/checks/validate.dat +++ b/checks/validate.dat @@ -23655,6 +23655,13 @@ DC7E84BFDA79164B7ECD8486985D38604FEBDC6740D20B3AC88F6AD82A4FB08D\ 5AE4DF3EDBD5D35E5B4F09020DB03EAB1E031DDA2FBE03D1792170A0F3009CEE:\ 2B7E151628AED2A6ABF7158809CF4F3C:F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF +# Test with 15 byte IV (last byte implicit zero) +AE2D8A571E03AC9C9EB76FAC45AF8E51\ +30C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710:\ +9806F66B7970FDFF8617187BB9FFFDFF\ +5AE4DF3EDBD5D35E5B4F09020DB03EAB1E031DDA2FBE03D1792170A0F3009CEE:\ +2B7E151628AED2A6ABF7158809CF4F3C:F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF + 6BC1BEE22E409F96E93D7E117393172AAE2D8A571E03AC9C9EB76FAC45AF8E51\ 30C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710:\ 1ABC932417521CA24F2B0459FE7E6E0B090339EC0AA6FAEFD5CCC2C6F4CE8E94\ diff --git a/src/aont/package.cpp b/src/aont/package.cpp index 6c6b56865..37bad46c8 100644 --- a/src/aont/package.cpp +++ b/src/aont/package.cpp @@ -7,7 +7,7 @@ */ #include <botan/package.h> -#include <botan/pipe.h> +#include <botan/filters.h> #include <botan/ctr.h> #include <botan/loadstor.h> #include <botan/xor_buf.h> @@ -29,12 +29,7 @@ void package(RandomNumberGenerator& rng, SymmetricKey package_key(rng, cipher->BLOCK_SIZE); - // takes ownership of cipher object - Keyed_Filter* ctr_mode = new CTR_BE(cipher, - package_key, - InitializationVector(all_zeros)); - - Pipe pipe(ctr_mode); + Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key)); pipe.process_msg(input, input_len); pipe.read(output, pipe.remaining()); @@ -113,10 +108,7 @@ void unpackage(BlockCipher* cipher, xor_buf(&package_key[0], buf, cipher->BLOCK_SIZE); } - // takes ownership of cipher object - Pipe pipe(new CTR_BE(cipher, - SymmetricKey(package_key), - InitializationVector(all_zeros))); + Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key)); pipe.process_msg(input, input_len - cipher->BLOCK_SIZE); diff --git a/src/cryptobox/cryptobox.cpp b/src/cryptobox/cryptobox.cpp index c27bbaffa..ba7553c55 100644 --- a/src/cryptobox/cryptobox.cpp +++ b/src/cryptobox/cryptobox.cpp @@ -8,9 +8,8 @@ #include <botan/cryptobox.h> #include <botan/filters.h> #include <botan/pipe.h> -#include <botan/serpent.h> +#include <botan/lookup.h> #include <botan/sha2_64.h> -#include <botan/ctr.h> #include <botan/hmac.h> #include <botan/pbkdf2.h> #include <botan/pem.h> @@ -59,7 +58,7 @@ std::string encrypt(const byte input[], u32bit input_len, InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN, CIPHER_IV_LEN); - Pipe pipe(new CTR_BE(new Serpent, cipher_key, iv), + Pipe pipe(get_cipher("Serpent/CTR-BE", cipher_key, iv, ENCRYPTION), new Fork( 0, new MAC_Filter(new HMAC(new SHA_512), @@ -121,7 +120,7 @@ std::string decrypt(const byte input[], u32bit input_len, CIPHER_IV_LEN); Pipe pipe(new Fork( - new CTR_BE(new Serpent, cipher_key, iv), + get_cipher("Serpent/CTR-BE", cipher_key, iv, ENCRYPTION), new MAC_Filter(new HMAC(new SHA_512), mac_key, MAC_OUTPUT_LEN))); diff --git a/src/engine/def_engine/def_mode.cpp b/src/engine/def_engine/def_mode.cpp index 0c7a1a2e2..120489b38 100644 --- a/src/engine/def_engine/def_mode.cpp +++ b/src/engine/def_engine/def_mode.cpp @@ -32,7 +32,7 @@ #include <botan/ofb.h> #endif -#if defined(BOTAN_HAS_CTR) +#if defined(BOTAN_HAS_CTR_BE) #include <botan/ctr.h> #endif @@ -84,9 +84,9 @@ Keyed_Filter* get_cipher_mode(const BlockCipher* block_cipher, return new OFB(block_cipher->clone()); #endif -#if defined(BOTAN_HAS_CTR) +#if defined(BOTAN_HAS_CTR_BE) if(mode == "CTR-BE") - return new CTR_BE(block_cipher->clone()); + return new StreamCipher_Filter(new CTR_BE(block_cipher->clone())); #endif #if defined(BOTAN_HAS_ECB) diff --git a/src/filters/algo_filt.cpp b/src/filters/algo_filt.cpp index 9a469b2d8..51bf92380 100644 --- a/src/filters/algo_filt.cpp +++ b/src/filters/algo_filt.cpp @@ -14,20 +14,31 @@ namespace Botan { /* * StreamCipher_Filter Constructor */ -StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name) : +StreamCipher_Filter::StreamCipher_Filter(StreamCipher* stream_cipher) : buffer(DEFAULT_BUFFERSIZE) { - Algorithm_Factory& af = global_state().algorithm_factory(); - cipher = af.make_stream_cipher(sc_name); + cipher = stream_cipher; } /* * StreamCipher_Filter Constructor */ -StreamCipher_Filter::StreamCipher_Filter(StreamCipher* stream_cipher) : +StreamCipher_Filter::StreamCipher_Filter(StreamCipher* stream_cipher, + const SymmetricKey& key) : buffer(DEFAULT_BUFFERSIZE) { cipher = stream_cipher; + cipher->set_key(key); + } + +/* +* StreamCipher_Filter Constructor +*/ +StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name) : + buffer(DEFAULT_BUFFERSIZE) + { + Algorithm_Factory& af = global_state().algorithm_factory(); + cipher = af.make_stream_cipher(sc_name); } /* diff --git a/src/filters/filters.h b/src/filters/filters.h index 418caf0aa..208332a56 100644 --- a/src/filters/filters.h +++ b/src/filters/filters.h @@ -75,6 +75,13 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter /** * Construct a stream cipher filter. + * @param cipher_obj a cipher object to use + * @param key the key to use inside this filter + */ + StreamCipher_Filter(StreamCipher* cipher_obj, const SymmetricKey& key); + + /** + * Construct a stream cipher filter. * @param cipher the name of the desired cipher */ StreamCipher_Filter(const std::string& cipher); diff --git a/src/modes/ctr/ctr.cpp b/src/modes/ctr/ctr.cpp deleted file mode 100644 index d458d7848..000000000 --- a/src/modes/ctr/ctr.cpp +++ /dev/null @@ -1,146 +0,0 @@ -/* -* CTR Mode -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/ctr.h> -#include <botan/xor_buf.h> -#include <algorithm> - -namespace Botan { - -namespace { - -const u32bit PARALLEL_BLOCKS = BOTAN_PARALLEL_BLOCKS_CTR; - -} - -/* -* CTR-BE Constructor -*/ -CTR_BE::CTR_BE(BlockCipher* ciph) : cipher(ciph) - { - position = 0; - - counter.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS); - enc_buffer.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS); - } - -/* -* CTR-BE Constructor -*/ -CTR_BE::CTR_BE(BlockCipher* ciph, const SymmetricKey& key, - const InitializationVector& iv) : - cipher(ciph) - { - position = 0; - - counter.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS); - enc_buffer.create(ciph->BLOCK_SIZE * PARALLEL_BLOCKS); - - cipher->set_key(key); - set_iv(iv); - } - -/* -* CTR_BE Destructor -*/ -CTR_BE::~CTR_BE() - { - delete cipher; - } - -/* -* Return the name of this type -*/ -std::string CTR_BE::name() const - { - return ("CTR-BE/" + cipher->name()); - } - -/* -* Set CTR-BE IV -*/ -void CTR_BE::set_iv(const InitializationVector& iv) - { - const u32bit BLOCK_SIZE = cipher->BLOCK_SIZE; - - if(iv.length() != BLOCK_SIZE) - throw Invalid_IV_Length(name(), iv.length()); - - enc_buffer.clear(); - position = 0; - - counter.copy(0, iv.begin(), iv.length()); - - for(u32bit i = 1; i != PARALLEL_BLOCKS; ++i) - { - counter.copy(i*BLOCK_SIZE, - counter.begin() + (i-1)*BLOCK_SIZE, BLOCK_SIZE); - - for(s32bit j = BLOCK_SIZE - 1; j >= 0; --j) - if(++counter[i*BLOCK_SIZE+j]) - break; - } - - cipher->encrypt_n(counter, enc_buffer, PARALLEL_BLOCKS); - } - -/* -* CTR-BE Encryption/Decryption -*/ -void CTR_BE::write(const byte input[], u32bit length) - { - u32bit copied = std::min(enc_buffer.size() - position, length); - xor_buf(enc_buffer + position, input, copied); - send(enc_buffer + position, copied); - input += copied; - length -= copied; - position += copied; - - if(position == enc_buffer.size()) - increment_counter(); - - while(length >= enc_buffer.size()) - { - xor_buf(enc_buffer, input, enc_buffer.size()); - send(enc_buffer, enc_buffer.size()); - - input += enc_buffer.size(); - length -= enc_buffer.size(); - increment_counter(); - } - - xor_buf(enc_buffer + position, input, length); - send(enc_buffer + position, length); - position += length; - } - -/* -* Increment the counter and update the buffer -*/ -void CTR_BE::increment_counter() - { - for(u32bit i = 0; i != PARALLEL_BLOCKS; ++i) - { - byte* this_ctr = counter + i*cipher->BLOCK_SIZE; - - byte last_byte = this_ctr[cipher->BLOCK_SIZE-1]; - last_byte += PARALLEL_BLOCKS; - - if(this_ctr[cipher->BLOCK_SIZE-1] > last_byte) - for(s32bit j = cipher->BLOCK_SIZE - 2; j >= 0; --j) - if(++this_ctr[j]) - break; - - this_ctr[cipher->BLOCK_SIZE-1] = last_byte; - } - - cipher->encrypt_n(counter, enc_buffer, PARALLEL_BLOCKS); - - position = 0; - } - -} diff --git a/src/modes/ctr/ctr.h b/src/modes/ctr/ctr.h deleted file mode 100644 index 1948ffe48..000000000 --- a/src/modes/ctr/ctr.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -* CTR Mode -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_COUNTER_MODE_H__ -#define BOTAN_COUNTER_MODE_H__ - -#include <botan/key_filt.h> -#include <botan/block_cipher.h> - -namespace Botan { - -/* -* CTR-BE Mode -*/ -class BOTAN_DLL CTR_BE : public Keyed_Filter - { - public: - std::string name() const; - - void set_iv(const InitializationVector&); - - void set_key(const SymmetricKey& key) { cipher->set_key(key); } - - bool valid_keylength(u32bit key_len) const - { return cipher->valid_keylength(key_len); } - - CTR_BE(BlockCipher*); - CTR_BE(BlockCipher*, const SymmetricKey&, const InitializationVector&); - - ~CTR_BE(); - private: - void write(const byte[], u32bit); - void increment_counter(); - - BlockCipher* cipher; - SecureVector<byte> counter, enc_buffer; - u32bit position; - }; - -} - -#endif diff --git a/src/stream/ctr/ctr.cpp b/src/stream/ctr/ctr.cpp new file mode 100644 index 000000000..5ef5e447f --- /dev/null +++ b/src/stream/ctr/ctr.cpp @@ -0,0 +1,141 @@ +/* +* CTR-BE Mode Cipher +* (C) 1999-2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/ctr.h> +#include <botan/xor_buf.h> + +namespace Botan { + +/* +* CTR-BE Constructor +*/ + +CTR_BE::CTR_BE(BlockCipher* ciph) : + StreamCipher(ciph->MINIMUM_KEYLENGTH, + ciph->MAXIMUM_KEYLENGTH, + ciph->KEYLENGTH_MULTIPLE), + permutation(ciph) + { + position = 0; + + counter.create(permutation->BLOCK_SIZE * BOTAN_PARALLEL_BLOCKS_CTR); + buffer.create(permutation->BLOCK_SIZE * BOTAN_PARALLEL_BLOCKS_CTR); + } + +/* +* CTR_BE Destructor +*/ +CTR_BE::~CTR_BE() + { + delete permutation; + } + +/* +* Zeroize +*/ +void CTR_BE::clear() throw() + { + permutation->clear(); + buffer.clear(); + counter.clear(); + position = 0; + } + +/* +* Set the key +*/ +void CTR_BE::key_schedule(const byte key[], u32bit key_len) + { + permutation->set_key(key, key_len); + + // Set a default all-zeros IV + set_iv(0, 0); + } + +/* +* Return the name of this type +*/ +std::string CTR_BE::name() const + { + return ("CTR-BE(" + permutation->name() + ")"); + } + +/* +* CTR-BE Encryption/Decryption +*/ +void CTR_BE::cipher(const byte in[], byte out[], u32bit length) + { + while(length >= buffer.size() - position) + { + xor_buf(out, in, buffer.begin() + position, buffer.size() - position); + length -= (buffer.size() - position); + in += (buffer.size() - position); + out += (buffer.size() - position); + increment_counter(); + } + xor_buf(out, in, buffer.begin() + position, length); + position += length; + } + +/* +* Set CTR-BE IV +*/ +void CTR_BE::set_iv(const byte iv[], u32bit iv_len) + { + if(!valid_iv_length(iv_len)) + throw Invalid_IV_Length(name(), iv_len); + + const u32bit BLOCK_SIZE = permutation->BLOCK_SIZE; + + counter.clear(); + + counter.copy(0, iv, iv_len); + + const u32bit PARALLEL_BLOCKS = counter.size() / BLOCK_SIZE; + + for(u32bit i = 1; i != PARALLEL_BLOCKS; ++i) + { + counter.copy(i*BLOCK_SIZE, + counter.begin() + (i-1)*BLOCK_SIZE, BLOCK_SIZE); + + for(s32bit j = BLOCK_SIZE - 1; j >= 0; --j) + if(++counter[i*BLOCK_SIZE+j]) + break; + } + + permutation->encrypt_n(counter, buffer, PARALLEL_BLOCKS); + position = 0; + } + +/* +* Increment the counter and update the buffer +*/ +void CTR_BE::increment_counter() + { + const u32bit PARALLEL_BLOCKS = counter.size() / permutation->BLOCK_SIZE; + + for(u32bit i = 0; i != PARALLEL_BLOCKS; ++i) + { + byte* this_ctr = counter + i*permutation->BLOCK_SIZE; + + byte last_byte = this_ctr[permutation->BLOCK_SIZE-1]; + last_byte += PARALLEL_BLOCKS; + + if(this_ctr[permutation->BLOCK_SIZE-1] > last_byte) + for(s32bit j = permutation->BLOCK_SIZE - 2; j >= 0; --j) + if(++this_ctr[j]) + break; + + this_ctr[permutation->BLOCK_SIZE-1] = last_byte; + } + + permutation->encrypt_n(counter, buffer, PARALLEL_BLOCKS); + + position = 0; + } + +} diff --git a/src/stream/ctr/ctr.h b/src/stream/ctr/ctr.h new file mode 100644 index 000000000..f60f21b5a --- /dev/null +++ b/src/stream/ctr/ctr.h @@ -0,0 +1,49 @@ +/* +* CTR-BE Mode +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_CTR_BE_H__ +#define BOTAN_CTR_BE_H__ + +#include <botan/block_cipher.h> +#include <botan/stream_cipher.h> + +namespace Botan { + +/* +* CTR-BE (Counter, big-endian) +*/ +class BOTAN_DLL CTR_BE : public StreamCipher + { + public: + void cipher(const byte in[], byte out[], u32bit length); + + void set_iv(const byte iv[], u32bit iv_len); + + bool valid_iv_length(u32bit iv_len) const + { return (iv_len <= permutation->BLOCK_SIZE); } + + std::string name() const; + + CTR_BE* clone() const + { return new CTR_BE(permutation->clone()); } + + void clear() throw(); + + CTR_BE(BlockCipher*); + ~CTR_BE(); + private: + void key_schedule(const byte key[], u32bit key_len); + void increment_counter(); + + BlockCipher* permutation; + SecureVector<byte> counter, buffer; + u32bit position; + }; + +} + +#endif diff --git a/src/modes/ctr/info.txt b/src/stream/ctr/info.txt index cb291a2c1..53ab0afa5 100644 --- a/src/modes/ctr/info.txt +++ b/src/stream/ctr/info.txt @@ -1,6 +1,6 @@ -realname "CTR block cipher mode" +realname "CTR mode" -define CTR +define CTR_BE load_on auto @@ -10,6 +10,6 @@ ctr.h </add> <requires> -modes +stream </requires> |