Mercurial > dropbear

comparison libtomcrypt/src/modes/xts/xts_decrypt.c @ 1435:f849a5ca2efc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
update to libtomcrypt 1.17 (with Dropbear changes)
author Matt Johnston <matt@ucc.asn.au>
date Sat, 24 Jun 2017 17:50:50 +0800
parents
children 6dba84798cd5
comparison
equal deleted inserted replaced
1434:27b9ddb06b09 1435:f849a5ca2efc
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */
11 #include "tomcrypt.h"
12
13 /**
14 Source donated by Elliptic Semiconductor Inc (www.ellipticsemi.com) to the LibTom Projects
15 */
16
17 #ifdef LTC_XTS_MODE
18
19 static int tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned char *T, symmetric_xts *xts)
20 {
21 unsigned long x;
22 int err;
23
24 /* tweak encrypt block i */
25 #ifdef LTC_FAST
26 for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
27 *((LTC_FAST_TYPE*)&P[x]) = *((LTC_FAST_TYPE*)&C[x]) ^ *((LTC_FAST_TYPE*)&T[x]);
28 }
29 #else
30 for (x = 0; x < 16; x++) {
31 P[x] = C[x] ^ T[x];
32 }
33 #endif
34
35 err = cipher_descriptor[xts->cipher].ecb_decrypt(P, P, &xts->key1);
36
37 #ifdef LTC_FAST
38 for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
39 *((LTC_FAST_TYPE*)&P[x]) ^= *((LTC_FAST_TYPE*)&T[x]);
40 }
41 #else
42 for (x = 0; x < 16; x++) {
43 P[x] = P[x] ^ T[x];
44 }
45 #endif
46
47 /* LFSR the tweak */
48 xts_mult_x(T);
49
50 return err;
51 }
52
53 /** XTS Decryption
54 @param ct [in] Ciphertext
55 @param ptlen Length of plaintext (and ciphertext)
56 @param pt [out] Plaintext
57 @param tweak [in] The 128--bit encryption tweak (e.g. sector number)
58 @param xts The XTS structure
59 Returns CRYPT_OK upon success
60 */int xts_decrypt(
61 const unsigned char *ct, unsigned long ptlen,
62 unsigned char *pt,
63 const unsigned char *tweak,
64 symmetric_xts *xts)
65 {
66 unsigned char PP[16], CC[16], T[16];
67 unsigned long i, m, mo, lim;
68 int err;
69
70 /* check inputs */
71 LTC_ARGCHK(pt != NULL);
72 LTC_ARGCHK(ct != NULL);
73 LTC_ARGCHK(tweak != NULL);
74 LTC_ARGCHK(xts != NULL);
75
76 /* check if valid */
77 if ((err = cipher_is_valid(xts->cipher)) != CRYPT_OK) {
78 return err;
79 }
80
81 /* get number of blocks */
82 m = ptlen >> 4;
83 mo = ptlen & 15;
84
85 /* must have at least one full block */
86 if (m == 0) {
87 return CRYPT_INVALID_ARG;
88 }
89
90 /* encrypt the tweak */
91 if ((err = cipher_descriptor[xts->cipher].ecb_encrypt(tweak, T, &xts->key2)) != CRYPT_OK) {
92 return err;
93 }
94
95 /* for i = 0 to m-2 do */
96 if (mo == 0) {
97 lim = m;
98 } else {
99 lim = m - 1;
100 }
101
102 for (i = 0; i < lim; i++) {
103 err = tweak_uncrypt(ct, pt, T, xts);
104 ct += 16;
105 pt += 16;
106 }
107
108 /* if ptlen not divide 16 then */
109 if (mo > 0) {
110 XMEMCPY(CC, T, 16);
111 xts_mult_x(CC);
112
113 /* PP = tweak decrypt block m-1 */
114 if ((err = tweak_uncrypt(ct, PP, CC, xts)) != CRYPT_OK) {
115 return err;
116 }
117
118 /* Pm = first ptlen % 16 bytes of PP */
119 for (i = 0; i < mo; i++) {
120 CC[i] = ct[16+i];
121 pt[16+i] = PP[i];
122 }
123 for (; i < 16; i++) {
124 CC[i] = PP[i];
125 }
126
127 /* Pm-1 = Tweak uncrypt CC */
128 if ((err = tweak_uncrypt(CC, pt, T, xts)) != CRYPT_OK) {
129 return err;
130 }
131 }
132
133 return CRYPT_OK;
134 }
135
136 #endif
137
138 /* $Source$ */
139 /* $Revision$ */
140 /* $Date$ */
141