1*4882a593Smuzhiyun #include <stdio.h>
2*4882a593Smuzhiyun #include <stdlib.h>
3*4882a593Smuzhiyun #include <string.h>
4*4882a593Smuzhiyun #include <assert.h>
5*4882a593Smuzhiyun #include "aes_core.h"
6*4882a593Smuzhiyun
rk_init_ctr(struct ctr_state * state,const unsigned char * iv)7*4882a593Smuzhiyun static void rk_init_ctr(struct ctr_state * state, const unsigned char *iv)
8*4882a593Smuzhiyun {
9*4882a593Smuzhiyun state->num = 0;
10*4882a593Smuzhiyun memset(state->ecount, 0, 16);
11*4882a593Smuzhiyun memcpy(state->ivec, iv, 16);
12*4882a593Smuzhiyun }
13*4882a593Smuzhiyun
14*4882a593Smuzhiyun /* increment counter (128-bit int) by 1 */
rk_ctr128_inc(unsigned char * counter)15*4882a593Smuzhiyun static void rk_ctr128_inc(unsigned char *counter) {
16*4882a593Smuzhiyun unsigned int n=16;
17*4882a593Smuzhiyun unsigned char c;
18*4882a593Smuzhiyun
19*4882a593Smuzhiyun do {
20*4882a593Smuzhiyun --n;
21*4882a593Smuzhiyun c = counter[n];
22*4882a593Smuzhiyun ++c;
23*4882a593Smuzhiyun counter[n] = c;
24*4882a593Smuzhiyun if (c) return;
25*4882a593Smuzhiyun } while (n);
26*4882a593Smuzhiyun }
27*4882a593Smuzhiyun
rk_crypto_ctr128_encrypt(const unsigned char * in,unsigned char * out,int len,const void * key,unsigned char * ivec,unsigned char * ecount_buf,unsigned int * num)28*4882a593Smuzhiyun static void rk_crypto_ctr128_encrypt(const unsigned char *in, unsigned char *out,
29*4882a593Smuzhiyun int len, const void *key, unsigned char *ivec, unsigned char *ecount_buf,
30*4882a593Smuzhiyun unsigned int *num)
31*4882a593Smuzhiyun {
32*4882a593Smuzhiyun int n, l=0;
33*4882a593Smuzhiyun
34*4882a593Smuzhiyun n = *num;
35*4882a593Smuzhiyun while (l<len) {
36*4882a593Smuzhiyun if (n==0) {
37*4882a593Smuzhiyun rk_aes_encrypt(ivec, ecount_buf, key);
38*4882a593Smuzhiyun rk_ctr128_inc(ivec);
39*4882a593Smuzhiyun }
40*4882a593Smuzhiyun out[l] = in[l] ^ ecount_buf[n];
41*4882a593Smuzhiyun ++l;
42*4882a593Smuzhiyun n = (n+1) % 16;
43*4882a593Smuzhiyun }
44*4882a593Smuzhiyun
45*4882a593Smuzhiyun *num = n;
46*4882a593Smuzhiyun }
47*4882a593Smuzhiyun
48*4882a593Smuzhiyun /* XTS makes use of two different keys, usually generated by splitting
49*4882a593Smuzhiyun * the supplied block cipher's key in half.
50*4882a593Smuzhiyun * Because of the splitting, users wanting AES 256 and AES 128 encryption
51*4882a593Smuzhiyun * will need to choose key sizes of 512 bits and 256 bits respectively.
52*4882a593Smuzhiyun */
rk_aes_ctr_encrypt(const unsigned char * in,unsigned char * out,unsigned long length,const unsigned char * key,const int key_len,const unsigned char * ivec,const int enc)53*4882a593Smuzhiyun int rk_aes_ctr_encrypt(const unsigned char *in, unsigned char *out,
54*4882a593Smuzhiyun unsigned long length, const unsigned char *key, const int key_len,
55*4882a593Smuzhiyun const unsigned char *ivec, const int enc)
56*4882a593Smuzhiyun {
57*4882a593Smuzhiyun RK_AES_KEY ks;
58*4882a593Smuzhiyun struct ctr_state state;
59*4882a593Smuzhiyun
60*4882a593Smuzhiyun if(key_len != 16 && key_len != 24 && key_len != 32)
61*4882a593Smuzhiyun return -1;
62*4882a593Smuzhiyun
63*4882a593Smuzhiyun rk_init_ctr(&state, ivec);
64*4882a593Smuzhiyun rk_aes_set_encrypt_key(key, key_len * 8, &ks);
65*4882a593Smuzhiyun rk_crypto_ctr128_encrypt(in, out, length, &ks, state.ivec, state.ecount, &state.num);
66*4882a593Smuzhiyun
67*4882a593Smuzhiyun return 0;
68*4882a593Smuzhiyun }
69*4882a593Smuzhiyun
70*4882a593Smuzhiyun
71