aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https/lgl/rijndael-api-fst.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https/lgl/rijndael-api-fst.c')
-rw-r--r--src/daemon/https/lgl/rijndael-api-fst.c519
1 files changed, 0 insertions, 519 deletions
diff --git a/src/daemon/https/lgl/rijndael-api-fst.c b/src/daemon/https/lgl/rijndael-api-fst.c
deleted file mode 100644
index d4196948..00000000
--- a/src/daemon/https/lgl/rijndael-api-fst.c
+++ /dev/null
@@ -1,519 +0,0 @@
1/* rijndael-api-fst.c --- Rijndael cipher implementation.
2 * Copyright (C) 2005, 2006 Free Software Foundation, Inc.
3 *
4 * This file is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Lesser General Public License as published
6 * by the Free Software Foundation; either version 2.1, or (at your
7 * option) any later version.
8 *
9 * This file is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public License
15 * along with this file; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 */
20
21/* Adapted for gnulib by Simon Josefsson.
22 *
23 * Based on public domain "Optimised C code" retrieved from (SHA1
24 * 7c8e4b00d06685d1dbc6724a9e0d502353de339e):
25 * http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/rijndael-fst-3.0.zip
26 */
27
28#include "MHD_config.h"
29
30/**
31 * rijndael-api-fst.c
32 *
33 * @version 2.9 (December 2000)
34 *
35 * Optimised ANSI C code for the Rijndael cipher (now AES)
36 *
37 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
38 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
39 * @author Paulo Barreto <paulo.barreto@terra.com.br>
40 *
41 * This code is hereby placed in the public domain.
42 *
43 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
44 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
45 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
47 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
48 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
49 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
50 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
51 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
52 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
53 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
54 *
55 * Acknowledgements:
56 *
57 * We are deeply indebted to the following people for their bug reports,
58 * fixes, and improvement suggestions to this implementation. Though we
59 * tried to list all contributions, we apologise in advance for any
60 * missing reference.
61 *
62 * Andrew Bales <Andrew.Bales@Honeywell.com>
63 * Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
64 * John Skodon <skodonj@webquill.com>
65 */
66
67#include "rijndael-alg-fst.h"
68#include "rijndael-api-fst.h"
69
70#include <assert.h>
71#include <stdlib.h>
72#include <string.h>
73
74rijndael_rc
75MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction,
76 size_t keyLen, const char *keyMaterial)
77{
78 size_t i;
79 char *keyMat;
80 char cipherKey[RIJNDAEL_MAXKB];
81
82 if (key == NULL)
83 {
84 return RIJNDAEL_BAD_KEY_INSTANCE;
85 }
86
87 if ((direction == RIJNDAEL_DIR_ENCRYPT)
88 || (direction == RIJNDAEL_DIR_DECRYPT))
89 {
90 key->direction = direction;
91 }
92 else
93 {
94 return RIJNDAEL_BAD_KEY_DIR;
95 }
96
97 if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256))
98 {
99 key->keyLen = keyLen;
100 }
101 else
102 {
103 return RIJNDAEL_BAD_KEY_MAT;
104 }
105
106 if (keyMaterial != NULL)
107 {
108 strncpy (key->keyMaterial, keyMaterial, keyLen / 4);
109 }
110
111 /* initialize key schedule: */
112 keyMat = key->keyMaterial;
113 for (i = 0; i < key->keyLen / 8; i++)
114 {
115 char t, v;
116
117 t = *keyMat++;
118 if ((t >= '0') && (t <= '9'))
119 v = (t - '0') << 4;
120 else if ((t >= 'a') && (t <= 'f'))
121 v = (t - 'a' + 10) << 4;
122 else if ((t >= 'A') && (t <= 'F'))
123 v = (t - 'A' + 10) << 4;
124 else
125 return RIJNDAEL_BAD_KEY_MAT;
126
127 t = *keyMat++;
128 if ((t >= '0') && (t <= '9'))
129 v ^= (t - '0');
130 else if ((t >= 'a') && (t <= 'f'))
131 v ^= (t - 'a' + 10);
132 else if ((t >= 'A') && (t <= 'F'))
133 v ^= (t - 'A' + 10);
134 else
135 return RIJNDAEL_BAD_KEY_MAT;
136
137 cipherKey[i] = v;
138 }
139 if (direction == RIJNDAEL_DIR_ENCRYPT)
140 {
141 key->Nr = MHD_rijndaelKeySetupEnc (key->rk, cipherKey, keyLen);
142 }
143 else
144 {
145 key->Nr = MHD_rijndaelKeySetupDec (key->rk, cipherKey, keyLen);
146 }
147 MHD_rijndaelKeySetupEnc (key->ek, cipherKey, keyLen);
148 return 0;
149}
150
151rijndael_rc
152MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher,
153 rijndael_mode mode, const char *IV)
154{
155 if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC)
156 || (mode == RIJNDAEL_MODE_CFB1))
157 {
158 cipher->mode = mode;
159 }
160 else
161 {
162 return RIJNDAEL_BAD_CIPHER_MODE;
163 }
164 if (IV != NULL)
165 {
166 int i;
167 for (i = 0; i < RIJNDAEL_MAX_IV_SIZE; i++)
168 {
169 int t, j;
170
171 t = IV[2 * i];
172 if ((t >= '0') && (t <= '9'))
173 j = (t - '0') << 4;
174 else if ((t >= 'a') && (t <= 'f'))
175 j = (t - 'a' + 10) << 4;
176 else if ((t >= 'A') && (t <= 'F'))
177 j = (t - 'A' + 10) << 4;
178 else
179 return RIJNDAEL_BAD_CIPHER_INSTANCE;
180
181 t = IV[2 * i + 1];
182 if ((t >= '0') && (t <= '9'))
183 j ^= (t - '0');
184 else if ((t >= 'a') && (t <= 'f'))
185 j ^= (t - 'a' + 10);
186 else if ((t >= 'A') && (t <= 'F'))
187 j ^= (t - 'A' + 10);
188 else
189 return RIJNDAEL_BAD_CIPHER_INSTANCE;
190
191 cipher->IV[i] = (uint8_t) j;
192 }
193 }
194 else
195 {
196 memset (cipher->IV, 0, RIJNDAEL_MAX_IV_SIZE);
197 }
198 return 0;
199}
200
201int
202MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher,
203 const rijndaelKeyInstance * key,
204 const char *input, size_t inputLen, char *outBuffer)
205{
206 size_t i, k, t, numBlocks;
207 char block[16], *iv;
208
209 if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_DECRYPT)
210 {
211 return RIJNDAEL_BAD_CIPHER_STATE;
212 }
213 if (input == NULL || inputLen <= 0)
214 {
215 return 0; /* nothing to do */
216 }
217
218 numBlocks = inputLen / 128;
219
220 switch (cipher->mode)
221 {
222 case RIJNDAEL_MODE_ECB:
223 for (i = numBlocks; i > 0; i--)
224 {
225 MHD_rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
226 input += 16;
227 outBuffer += 16;
228 }
229 break;
230
231 case RIJNDAEL_MODE_CBC:
232 iv = cipher->IV;
233 for (i = numBlocks; i > 0; i--)
234 {
235 ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
236 ((uint32_t *) iv)[0];
237 ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
238 ((uint32_t *) iv)[1];
239 ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
240 ((uint32_t *) iv)[2];
241 ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
242 ((uint32_t *) iv)[3];
243 MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
244 memcpy (cipher->IV, outBuffer, 16);
245 input += 16;
246 outBuffer += 16;
247 }
248 break;
249
250 case RIJNDAEL_MODE_CFB1:
251 iv = cipher->IV;
252 for (i = numBlocks; i > 0; i--)
253 {
254 memcpy (outBuffer, input, 16);
255 for (k = 0; k < 128; k++)
256 {
257 MHD_rijndaelEncrypt (key->ek, key->Nr, iv, block);
258 outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
259 for (t = 0; t < 15; t++)
260 {
261 iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
262 }
263 iv[15] = (iv[15] << 1) |
264 ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1);
265 }
266 outBuffer += 16;
267 input += 16;
268 }
269 break;
270
271 default:
272 return RIJNDAEL_BAD_CIPHER_STATE;
273 }
274
275 return 128 * numBlocks;
276}
277
278int
279MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher,
280 const rijndaelKeyInstance * key,
281 const char *input, size_t inputOctets,
282 char *outBuffer)
283{
284 size_t i, numBlocks, padLen;
285 char block[16], *iv;
286
287 if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_DECRYPT)
288 {
289 return RIJNDAEL_BAD_CIPHER_STATE;
290 }
291 if (input == NULL || inputOctets <= 0)
292 {
293 return 0; /* nothing to do */
294 }
295
296 numBlocks = inputOctets / 16;
297
298 switch (cipher->mode)
299 {
300 case RIJNDAEL_MODE_ECB:
301 for (i = numBlocks; i > 0; i--)
302 {
303 MHD_rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
304 input += 16;
305 outBuffer += 16;
306 }
307 padLen = 16 - (inputOctets - 16 * numBlocks);
308 assert (padLen > 0 && padLen <= 16);
309 memcpy (block, input, 16 - padLen);
310 memset (block + 16 - padLen, padLen, padLen);
311 MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
312 break;
313
314 case RIJNDAEL_MODE_CBC:
315 iv = cipher->IV;
316 for (i = numBlocks; i > 0; i--)
317 {
318 ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
319 ((uint32_t *) iv)[0];
320 ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
321 ((uint32_t *) iv)[1];
322 ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
323 ((uint32_t *) iv)[2];
324 ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
325 ((uint32_t *) iv)[3];
326 MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
327 memcpy (cipher->IV, outBuffer, 16);
328 input += 16;
329 outBuffer += 16;
330 }
331 padLen = 16 - (inputOctets - 16 * numBlocks);
332 assert (padLen > 0 && padLen <= 16);
333 for (i = 0; i < 16 - padLen; i++)
334 {
335 block[i] = input[i] ^ iv[i];
336 }
337 for (i = 16 - padLen; i < 16; i++)
338 {
339 block[i] = (char) padLen ^ iv[i];
340 }
341 MHD_rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
342 memcpy (cipher->IV, outBuffer, 16);
343 break;
344
345 default:
346 return RIJNDAEL_BAD_CIPHER_STATE;
347 }
348
349 return 16 * (numBlocks + 1);
350}
351
352int
353MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher,
354 const rijndaelKeyInstance * key,
355 const char *input, size_t inputLen, char *outBuffer)
356{
357 size_t i, k, t, numBlocks;
358 char block[16], *iv;
359
360 if (cipher == NULL
361 || key == NULL
362 || (cipher->mode != RIJNDAEL_MODE_CFB1
363 && key->direction == RIJNDAEL_DIR_ENCRYPT))
364 {
365 return RIJNDAEL_BAD_CIPHER_STATE;
366 }
367 if (input == NULL || inputLen <= 0)
368 {
369 return 0; /* nothing to do */
370 }
371
372 numBlocks = inputLen / 128;
373
374 switch (cipher->mode)
375 {
376 case RIJNDAEL_MODE_ECB:
377 for (i = numBlocks; i > 0; i--)
378 {
379 MHD_rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
380 input += 16;
381 outBuffer += 16;
382 }
383 break;
384
385 case RIJNDAEL_MODE_CBC:
386 iv = cipher->IV;
387 for (i = numBlocks; i > 0; i--)
388 {
389 MHD_rijndaelDecrypt (key->rk, key->Nr, input, block);
390 ((uint32_t *) block)[0] ^= ((uint32_t *) iv)[0];
391 ((uint32_t *) block)[1] ^= ((uint32_t *) iv)[1];
392 ((uint32_t *) block)[2] ^= ((uint32_t *) iv)[2];
393 ((uint32_t *) block)[3] ^= ((uint32_t *) iv)[3];
394 memcpy (cipher->IV, input, 16);
395 memcpy (outBuffer, block, 16);
396 input += 16;
397 outBuffer += 16;
398 }
399 break;
400
401 case RIJNDAEL_MODE_CFB1:
402 iv = cipher->IV;
403 for (i = numBlocks; i > 0; i--)
404 {
405 memcpy (outBuffer, input, 16);
406 for (k = 0; k < 128; k++)
407 {
408 MHD_rijndaelEncrypt (key->ek, key->Nr, iv, block);
409 for (t = 0; t < 15; t++)
410 {
411 iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
412 }
413 iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1);
414 outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
415 }
416 outBuffer += 16;
417 input += 16;
418 }
419 break;
420
421 default:
422 return RIJNDAEL_BAD_CIPHER_STATE;
423 }
424
425 return 128 * numBlocks;
426}
427
428int
429MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher,
430 const rijndaelKeyInstance * key,
431 const char *input, size_t inputOctets,
432 char *outBuffer)
433{
434 size_t i, numBlocks, padLen;
435 char block[16];
436
437 if (cipher == NULL || key == NULL || key->direction == RIJNDAEL_DIR_ENCRYPT)
438 {
439 return RIJNDAEL_BAD_CIPHER_STATE;
440 }
441 if (input == NULL || inputOctets <= 0)
442 {
443 return 0; /* nothing to do */
444 }
445 if (inputOctets % 16 != 0)
446 {
447 return RIJNDAEL_BAD_DATA;
448 }
449
450 numBlocks = inputOctets / 16;
451
452 switch (cipher->mode)
453 {
454 case RIJNDAEL_MODE_ECB:
455 /* all blocks but last */
456 for (i = numBlocks - 1; i > 0; i--)
457 {
458 MHD_rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
459 input += 16;
460 outBuffer += 16;
461 }
462 /* last block */
463 MHD_rijndaelDecrypt (key->rk, key->Nr, input, block);
464 padLen = block[15];
465 if (padLen >= 16)
466 {
467 return RIJNDAEL_BAD_DATA;
468 }
469 for (i = 16 - padLen; i < 16; i++)
470 {
471 if (block[i] != padLen)
472 {
473 return RIJNDAEL_BAD_DATA;
474 }
475 }
476 memcpy (outBuffer, block, 16 - padLen);
477 break;
478
479 case RIJNDAEL_MODE_CBC:
480 /* all blocks but last */
481 for (i = numBlocks - 1; i > 0; i--)
482 {
483 MHD_rijndaelDecrypt (key->rk, key->Nr, input, block);
484 ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0];
485 ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1];
486 ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2];
487 ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3];
488 memcpy (cipher->IV, input, 16);
489 memcpy (outBuffer, block, 16);
490 input += 16;
491 outBuffer += 16;
492 }
493 /* last block */
494 MHD_rijndaelDecrypt (key->rk, key->Nr, input, block);
495 ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0];
496 ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1];
497 ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2];
498 ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3];
499 padLen = block[15];
500 if (padLen <= 0 || padLen > 16)
501 {
502 return RIJNDAEL_BAD_DATA;
503 }
504 for (i = 16 - padLen; i < 16; i++)
505 {
506 if (block[i] != padLen)
507 {
508 return RIJNDAEL_BAD_DATA;
509 }
510 }
511 memcpy (outBuffer, block, 16 - padLen);
512 break;
513
514 default:
515 return RIJNDAEL_BAD_CIPHER_STATE;
516 }
517
518 return 16 * numBlocks - padLen;
519}