lib/stream/ctr.c

   1 /*
   2  * Written in 2011 by Gregor Pintar <grpintar@gmail.com>
   3  *
   4  * To the extent possible under law, the author(s) have dedicated
   5  * all copyright and related and neighboring rights to this software
   6  * to the public domain worldwide.
   7  *
   8  * This software is distributed without any warranty.
   9  *
  10  * You should have received a copy of the CC0 Public Domain Dedication.
  11  * If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
  12  */
  13
  14 #include <stdint.h>
  15 #include <string.h>
  16 #include <stdlib.h>
  17
  18 #include <kripto/cast.h>
  19 #include <kripto/memwipe.h>
  20 #include <kripto/block.h>
  21 #include <kripto/stream.h>
  22 #include <kripto/desc/stream.h>
  23 #include <kripto/object/stream.h>
  24
  25 #include <kripto/stream/ctr.h>
  26
  27 struct kripto_stream
  28 {
  29         struct kripto_stream_object obj;
  30         kripto_block *block;
  31         uint8_t *x;
  32         uint8_t *buf;
  33         unsigned int blocksize;
  34         unsigned int used;
  35 };
  36
  37 static void ctr_crypt
  38 (
  39         kripto_stream *s,
  40         const void *in,
  41         void *out,
  42         size_t len
  43 )
  44 {
  45         size_t i;
  46         unsigned int n;
  47
  48         for(i = 0; i < len; i++)
  49         {
  50                 if(s->used == s->blocksize)
  51                 {
  52                         kripto_block_encrypt(s->block, s->x, s->buf);
  53                         s->used = 0;
  54
  55                         for(n = s->blocksize - 1; n; n--)
  56                                 if(++s->x[n]) break;
  57                 }
  58
  59                 U8(out)[i] = CU8(in)[i] ^ s->buf[s->used++];
  60         }
  61 }
  62
  63 static void ctr_prng
  64 (
  65         kripto_stream *s,
  66         void *out,
  67         size_t len
  68 )
  69 {
  70         size_t i;
  71         unsigned int n;
  72
  73         for(i = 0; i < len; i++)
  74         {
  75                 if(s->used == s->blocksize)
  76                 {
  77                         kripto_block_encrypt(s->block, s->x, s->buf);
  78                         s->used = 0;
  79
  80                         for(n = s->blocksize - 1; n; n--)
  81                                 if(++s->x[n]) break;
  82                 }
  83
  84                 U8(out)[i] = s->buf[s->used++];
  85         }
  86 }
  87
  88 static void ctr_destroy(kripto_stream *s)
  89 {
  90         kripto_block_destroy(s->block);
  91         kripto_memwipe(s, sizeof(kripto_stream) + (s->blocksize << 1));
  92         free(s);
  93 }
  94
  95 struct ext
  96 {
  97         kripto_stream_desc desc;
  98         const kripto_block_desc *block;
  99 };
 100
 101 #define EXT(X) ((const struct ext *)(X))
 102
 103 static kripto_stream *ctr_create
 104 (
 105         const kripto_stream_desc *desc,
 106         unsigned int rounds,
 107         const void *key,
 108         unsigned int key_len,
 109         const void *iv,
 110         unsigned int iv_len
 111 )
 112 {
 113         kripto_stream *s;
 114
 115         s = malloc(sizeof(kripto_stream) + (desc->maxiv << 1));
 116         if(!s) return 0;
 117
 118         s->obj.desc = desc;
 119         s->obj.multof = 1;
 120
 121         s->used = s->blocksize = desc->maxiv;
 122
 123         s->x = (uint8_t *)s + sizeof(kripto_stream);
 124         s->buf = s->x + s->blocksize;
 125
 126         /* block cipher */
 127         s->block = kripto_block_create(EXT(desc)->block, rounds, key, key_len);
 128         if(!s->block)
 129         {
 130                 kripto_memwipe(s, sizeof(kripto_stream) + (s->blocksize << 1));
 131                 free(s);
 132                 return 0;
 133         }
 134
 135         /* IV (nonce) */
 136         if(iv_len) memcpy(s->x, iv, iv_len);
 137         memset(s->x + iv_len, 0, s->blocksize - iv_len);
 138
 139         return s;
 140 }
 141
 142 static kripto_stream *ctr_recreate
 143 (
 144         kripto_stream *s,
 145         unsigned int rounds,
 146         const void *key,
 147         unsigned int key_len,
 148         const void *iv,
 149         unsigned int iv_len
 150 )
 151 {
 152         /* block cipher */
 153         s->block = kripto_block_recreate(s->block, rounds, key, key_len);
 154         if(!s->block)
 155         {
 156                 kripto_memwipe(s, sizeof(kripto_stream) + (s->blocksize << 1));
 157                 free(s);
 158                 return 0;
 159         }
 160
 161         /* IV (nonce) */
 162         if(iv_len) memcpy(s->x, iv, iv_len);
 163         memset(s->x + iv_len, 0, s->blocksize - iv_len);
 164
 165         s->used = s->blocksize;
 166
 167         return s;
 168 }
 169
 170 kripto_stream_desc *kripto_stream_ctr(const kripto_block_desc *block)
 171 {
 172         struct ext *s;
 173
 174         s = malloc(sizeof(struct ext));
 175         if(!s) return 0;
 176
 177         s->block = block;
 178
 179         s->desc.create = &ctr_create;
 180         s->desc.recreate = &ctr_recreate;
 181         s->desc.encrypt = &ctr_crypt;
 182         s->desc.decrypt = &ctr_crypt;
 183         s->desc.prng = &ctr_prng;
 184         s->desc.destroy = &ctr_destroy;
 185         s->desc.maxkey = kripto_block_maxkey(block);
 186         s->desc.maxiv = kripto_block_size(block);
 187
 188         return (kripto_stream_desc *)s;
 189 }