![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to crypto.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [truecrypt] / truecrypt / common|
Return to crypto.c CVS log | Up to [truecrypt] / truecrypt / common |
1.1.1.7 ! root 1: /* Legal Notice: The source code contained in this file has been derived from ! 2: the source code of Encryption for the Masses 2.02a, which is Copyright (c) ! 3: 1998-99 Paul Le Roux and which is covered by the 'License Agreement for ! 4: Encryption for the Masses'. Modifications and additions to that source code ! 5: contained in this file are Copyright (c) 2004-2005 TrueCrypt Foundation and ! 6: Copyright (c) 2004 TrueCrypt Team, and are covered by TrueCrypt License 2.0 ! 7: the full text of which is contained in the file License.txt included in ! 8: TrueCrypt binary and source code distribution archives. */ ! 9: ! 10: #include "Tcdefs.h" ! 11: #include "Crypto.h" ! 12: #include "Crc.h" ! 13: #include "Endian.h" ! 14: ! 15: #ifdef LINUX_DRIVER ! 16: #include <linux/string.h> ! 17: #endif 1.1.1.5 root 18: 19: /* Update the following when adding a new cipher or EA: 20: 21: Crypto.h: 22: ID #define 23: MAX_EXPANDED_KEY #define 24: 25: Crypto.c: 26: Ciphers[] 27: EncryptionAlgorithms[] 28: CipherInit() 29: EncipherBlock() 30: DecipherBlock() 1.1.1.7 ! root 31: 1.1.1.5 root 32: */ 33: 34: // Cipher configuration 35: static Cipher Ciphers[] = 36: { 1.1.1.7 ! root 37: // Block Size Key Size Key Schedule Size ! 38: // ID Name (Bytes) (Bytes) (Bytes) 1.1.1.5 root 39: { AES, "AES", 16, 32, sizeof(aes_encrypt_ctx)+sizeof(aes_decrypt_ctx) }, 40: { BLOWFISH, "Blowfish", 8, 56, 4168 }, 41: { CAST, "CAST5", 8, 16, 128 }, 42: { DES56, "DES", 8, 7, 128 }, 43: { SERPENT, "Serpent", 16, 32, 140*4 }, 1.1.1.7 ! root 44: { TRIPLEDES,"Triple DES", 8, 8*3, 128*3 }, 1.1.1.5 root 45: { TWOFISH, "Twofish", 16, 32, TWOFISH_KS }, 46: { 0, 0, 0, 0, 0 } 47: }; 48: 49: // Encryption algorithm configuration 50: static EncryptionAlgorithm EncryptionAlgorithms[] = 51: { 52: // Cipher(s) Mode 53: { { 0, 0 } , 0 }, // (must be null) 54: { { AES, 0 } , CBC }, // AES 55: { { BLOWFISH, 0 } , CBC }, // Blowfish 56: { { CAST, 0 } , CBC }, // CAST5 57: { { SERPENT, 0 } , CBC }, // Serpent 58: { { TRIPLEDES, 0 } , CBC }, // Triple DES 59: { { TWOFISH, 0 } , CBC }, // Twofish 60: { { BLOWFISH, AES, 0 } , INNER_CBC }, // AES-Blowfish 61: { { SERPENT, BLOWFISH, AES, 0 } , INNER_CBC }, // AES-Blowfish-Serpent 62: { { TWOFISH, AES, 0 } , OUTER_CBC }, // AES-Twofish 63: { { SERPENT, TWOFISH, AES, 0 } , OUTER_CBC }, // AES-Twofish-Serpent 64: { { AES, SERPENT, 0 } , OUTER_CBC }, // Serpent-AES 65: { { AES, TWOFISH, SERPENT, 0 } , OUTER_CBC }, // Serpent-Twofish-AES 66: { { SERPENT, TWOFISH, 0 } , OUTER_CBC }, // Twofish-Serpent 67: { { 0, 0 } , 0 } // (must be null) 68: }; 69: 1.1.1.7 ! root 70: /* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */ ! 71: int CipherInit (int cipher, unsigned char *key, unsigned char *ks) 1.1.1.5 root 72: { 1.1.1.7 ! root 73: int retVal = 0; ! 74: 1.1.1.5 root 75: switch (cipher) 76: { 77: case BLOWFISH: 78: BF_set_key ((BF_KEY *)ks, CipherGetKeySize(BLOWFISH), key); 79: break; 80: 81: case AES: 1.1.1.7 ! root 82: if (aes_encrypt_key(key, CipherGetKeySize(AES), (aes_encrypt_ctx *) ks) != aes_good) ! 83: return ERR_CIPHER_INIT_FAILURE; ! 84: ! 85: if (aes_decrypt_key(key, CipherGetKeySize(AES), (aes_decrypt_ctx *) (ks + sizeof(aes_encrypt_ctx))) != aes_good) ! 86: return ERR_CIPHER_INIT_FAILURE; ! 87: 1.1.1.5 root 88: break; 89: 1.1.1.7 ! root 90: case DES56: ! 91: /* Included for testing purposes only */ ! 92: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks)) ! 93: { ! 94: case -1: ! 95: return ERR_CIPHER_INIT_FAILURE; ! 96: case -2: ! 97: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error ! 98: break; ! 99: } 1.1.1.5 root 100: break; 101: 102: case CAST: 103: CAST_set_key((CAST_KEY *) ks, CipherGetKeySize(CAST), key); 104: break; 105: 106: case SERPENT: 107: serpent_set_key (key, CipherGetKeySize(SERPENT) * 8, ks); 108: break; 109: 110: case TRIPLEDES: 1.1.1.7 ! root 111: switch (des_key_sched ((des_cblock *) key, (struct des_ks_struct *) ks)) ! 112: { ! 113: case -1: ! 114: return ERR_CIPHER_INIT_FAILURE; ! 115: case -2: ! 116: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error ! 117: break; ! 118: } ! 119: switch (des_key_sched ((des_cblock *) ((char*)(key)+8), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56)))) ! 120: { ! 121: case -1: ! 122: return ERR_CIPHER_INIT_FAILURE; ! 123: case -2: ! 124: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error ! 125: break; ! 126: } ! 127: switch (des_key_sched ((des_cblock *) ((char*)(key)+16), (struct des_ks_struct *) (ks + CipherGetKeyScheduleSize (DES56) * 2))) ! 128: { ! 129: case -1: ! 130: return ERR_CIPHER_INIT_FAILURE; ! 131: case -2: ! 132: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error ! 133: break; ! 134: } 1.1.1.5 root 135: break; 136: 137: case TWOFISH: 138: twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key, CipherGetKeySize(TWOFISH) * 8); 139: break; 140: 141: } 1.1.1.7 ! root 142: return retVal; 1.1.1.5 root 143: } 144: 145: void EncipherBlock(int cipher, void *data, void *ks) 146: { 147: switch (cipher) 148: { 1.1.1.7 ! root 149: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 1); break; 1.1.1.5 root 150: case AES: aes_encrypt (data, data, ks); break; 151: case DES56: des_encrypt (data, ks, 1); break; 152: case CAST: CAST_ecb_encrypt (data, data, ks, 1); break; 153: case SERPENT: serpent_encrypt (data, data, ks); break; 154: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, 155: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)), (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 1); break; 156: case TWOFISH: twofish_encrypt (ks, data, data); break; 157: } 158: } 159: 160: void DecipherBlock(int cipher, void *data, void *ks) 161: { 162: switch (cipher) 163: { 1.1.1.7 ! root 164: case BLOWFISH: BF_ecb_le_encrypt (data, data, ks, 0); break; 1.1.1.5 root 165: case AES: aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); break; 166: case DES56: des_encrypt (data, ks, 0); break; 167: case CAST: CAST_ecb_encrypt (data, data, ks,0); break; 168: case SERPENT: serpent_decrypt (data, data, ks); break; 169: case TRIPLEDES: des_ecb3_encrypt (data, data, ks, 170: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56)), 171: (void*)((char*) ks + CipherGetKeyScheduleSize (DES56) * 2), 0); break; 172: case TWOFISH: twofish_decrypt (ks, data, data); break; 173: } 174: } 175: 176: // Ciphers support 177: 178: Cipher *CipherGet (int id) 179: { 180: int i; 181: for (i = 0; Ciphers[i].Id != 0; i++) 182: if (Ciphers[i].Id == id) 183: return &Ciphers[i]; 184: 185: return 0; 186: } 187: 188: char *CipherGetName (int cipherId) 189: { 190: return CipherGet (cipherId) -> Name; 191: } 192: 193: int CipherGetBlockSize (int cipherId) 194: { 195: return CipherGet (cipherId) -> BlockSize; 196: } 197: 198: int CipherGetKeySize (int cipherId) 199: { 200: return CipherGet (cipherId) -> KeySize; 201: } 202: 203: int CipherGetKeyScheduleSize (int cipherId) 204: { 205: return CipherGet (cipherId) -> KeyScheduleSize; 206: } 207: 208: 209: // Encryption algorithms support 210: 211: int EAGetFirst () 212: { 213: return 1; 214: } 215: 216: // Returns number of EAs 217: int EAGetCount (void) 218: { 219: int ea, count = 0; 220: 221: for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) 222: { 223: count++; 224: } 225: return count; 226: } 227: 228: int EAGetNext (int previousEA) 229: { 230: int id = previousEA + 1; 231: if (EncryptionAlgorithms[id].Ciphers[0] != 0) return id; 232: return 0; 233: } 234: 1.1.1.7 ! root 235: /* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */ ! 236: int EAInit (int ea, unsigned char *key, unsigned char *ks) 1.1.1.5 root 237: { 1.1.1.7 ! root 238: int c, retVal = 0; 1.1.1.5 root 239: 240: for (c = EAGetFirstCipher (ea); c != 0; c = EAGetNextCipher (ea, c)) 241: { 1.1.1.7 ! root 242: switch (CipherInit (c, key, ks)) ! 243: { ! 244: case ERR_CIPHER_INIT_FAILURE: ! 245: return ERR_CIPHER_INIT_FAILURE; ! 246: ! 247: case ERR_CIPHER_INIT_WEAK_KEY: ! 248: retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error ! 249: break; ! 250: } 1.1.1.5 root 251: 252: key += CipherGetKeySize (c); 253: ks += CipherGetKeyScheduleSize (c); 254: } 1.1.1.7 ! root 255: return retVal; 1.1.1.5 root 256: } 257: 258: // Returns name of EA, cascaded cipher names are separated by hyphens 259: char *EAGetName (char *buf, int ea) 260: { 261: int i = EAGetLastCipher(ea); 262: strcpy (buf, CipherGetName (i)); 263: 264: while (i = EAGetPreviousCipher(ea, i)) 265: { 266: strcat (buf, "-"); 267: strcat (buf, CipherGetName (i)); 268: } 269: 270: return buf; 271: } 272: 273: // Returns sum of key sizes of all EA ciphers 274: int EAGetKeySize (int ea) 275: { 276: int i = EAGetFirstCipher(ea); 277: int size = CipherGetKeySize (i); 278: 279: while (i = EAGetNextCipher(ea, i)) 280: { 281: size += CipherGetKeySize (i); 282: } 283: 284: return size; 285: } 286: 287: // Returns the mode of operation of the whole EA 288: int EAGetMode (int ea) 289: { 290: return (EncryptionAlgorithms[ea].Mode); 291: } 292: 293: // Returns the name of the mode of operation of the whole EA 1.1.1.7 ! root 294: char *EAGetModeName (int ea, BOOL capitalLetters) 1.1.1.5 root 295: { 296: switch (EncryptionAlgorithms[ea].Mode) 297: { 298: case CBC: 1.1.1.7 ! root 299: { ! 300: char eaName[100]; ! 301: EAGetName (eaName, ea); 1.1.1.5 root 302: 1.1.1.7 ! root 303: if (strcmp (eaName, "Triple DES") == 0) ! 304: return capitalLetters ? "Outer-CBC" : "outer-CBC"; 1.1.1.5 root 305: 1.1.1.7 ! root 306: return "CBC"; ! 307: } 1.1.1.5 root 308: 309: case OUTER_CBC: 1.1.1.7 ! root 310: return capitalLetters ? "Outer-CBC" : "outer-CBC"; 1.1.1.5 root 311: 312: case INNER_CBC: 1.1.1.7 ! root 313: return capitalLetters ? "Inner-CBC" : "inner-CBC"; 1.1.1.5 root 314: 315: } 1.1.1.7 ! root 316: return "[unknown]"; 1.1.1.5 root 317: } 318: 319: // Returns sum of key schedule sizes of all EA ciphers 320: int EAGetKeyScheduleSize (int ea) 321: { 322: int i = EAGetFirstCipher(ea); 323: int size = CipherGetKeyScheduleSize (i); 324: 325: while (i = EAGetNextCipher(ea, i)) 326: { 327: size += CipherGetKeyScheduleSize (i); 328: } 329: 330: return size; 331: } 332: 333: // Returns largest key needed by all EAs 334: int EAGetLargestKey () 335: { 336: int ea, key = 0; 337: 338: for (ea = EAGetFirst (); ea != 0 ; ea = EAGetNext (ea)) 339: { 340: if (EAGetKeySize (ea) >= key) 341: key = EAGetKeySize (ea); 342: } 343: 344: return key; 345: } 346: 347: // Returns number of ciphers in EA 348: int EAGetCipherCount (int ea) 349: { 350: int i = 0; 351: while (EncryptionAlgorithms[ea].Ciphers[i++]); 352: 353: return i - 1; 354: } 355: 356: 357: int EAGetFirstCipher (int ea) 358: { 359: return EncryptionAlgorithms[ea].Ciphers[0]; 360: } 361: 362: int EAGetLastCipher (int ea) 363: { 364: int c, i = 0; 365: while (c = EncryptionAlgorithms[ea].Ciphers[i++]); 366: 367: return EncryptionAlgorithms[ea].Ciphers[i - 2]; 368: } 369: 370: int EAGetNextCipher (int ea, int previousCipherId) 371: { 372: int c, i = 0; 373: while (c = EncryptionAlgorithms[ea].Ciphers[i++]) 374: { 375: if (c == previousCipherId) 376: return EncryptionAlgorithms[ea].Ciphers[i]; 377: } 378: 379: return 0; 380: } 381: 382: int EAGetPreviousCipher (int ea, int previousCipherId) 383: { 384: int c, i = 0; 385: 386: if (EncryptionAlgorithms[ea].Ciphers[i++] == previousCipherId) 387: return 0; 388: 389: while (c = EncryptionAlgorithms[ea].Ciphers[i++]) 390: { 391: if (c == previousCipherId) 392: return EncryptionAlgorithms[ea].Ciphers[i - 2]; 393: } 394: 395: return 0; 396: } 397: 1.1.1.7 ! root 398: char *get_hash_algo_name (int hash_algo_id) 1.1.1.5 root 399: { 1.1.1.7 ! root 400: switch (hash_algo_id) 1.1.1.5 root 401: { 1.1.1.7 ! root 402: case SHA1: return "SHA-1"; ! 403: case RIPEMD160: return "RIPEMD-160"; ! 404: case WHIRLPOOL: return "Whirlpool"; 1.1.1.5 root 405: default: return "Unknown"; 406: } 407: } 408: 1.1.1.7 ! root 409: #ifndef LINUX_DRIVER 1.1 root 410: 411: PCRYPTO_INFO 412: crypto_open () 413: { 414: /* Do the crt allocation */ 415: PCRYPTO_INFO cryptoInfo = TCalloc (sizeof (CRYPTO_INFO)); 1.1.1.2 root 416: #ifndef DEVICE_DRIVER 1.1.1.7 ! root 417: #ifdef _WIN32 1.1.1.2 root 418: VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO)); 419: #endif 1.1.1.7 ! root 420: #endif 1.1.1.2 root 421: 1.1 root 422: if (cryptoInfo == NULL) 423: return NULL; 424: 1.1.1.5 root 425: cryptoInfo->ea = -1; 1.1 root 426: return cryptoInfo; 427: } 428: 429: void 430: crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen) 431: { 432: keyInfo->keyLength = nUserKeyLen; 433: burn (keyInfo->userKey, sizeof (keyInfo->userKey)); 434: memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen); 435: } 436: 437: void 438: crypto_close (PCRYPTO_INFO cryptoInfo) 439: { 1.1.1.7 ! root 440: if (cryptoInfo != NULL) ! 441: { ! 442: burn (cryptoInfo, sizeof (CRYPTO_INFO)); 1.1.1.2 root 443: #ifndef DEVICE_DRIVER 1.1.1.7 ! root 444: #ifdef _WIN32 ! 445: VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO)); ! 446: #endif 1.1.1.2 root 447: #endif 1.1.1.7 ! root 448: TCfree (cryptoInfo); ! 449: } 1.1 root 450: } 1.1.1.7 ! root 451: ! 452: #endif // LINUX_DRIVER 1.1 root 453: 1.1.1.5 root 454: 455: // Initializes IV and whitening values for sector encryption/decryption 456: static void 457: InitSectorIVAndWhitening (unsigned __int64 secNo, 458: int blockSize, 1.1.1.7 ! root 459: unsigned __int32 *iv, 1.1.1.5 root 460: unsigned __int64 *ivSeed, 1.1.1.7 ! root 461: unsigned __int32 *whitening) 1.1 root 462: { 1.1.1.5 root 463: unsigned __int64 iv64[4]; 1.1.1.7 ! root 464: unsigned __int32 *iv32 = (unsigned __int32 *) iv64; 1.1.1.5 root 465: 1.1.1.7 ! root 466: iv64[0] = ivSeed[0] ^ LE64(secNo); ! 467: iv64[1] = ivSeed[1] ^ LE64(secNo); ! 468: iv64[2] = ivSeed[2] ^ LE64(secNo); 1.1.1.5 root 469: if (blockSize == 16) 1.1 root 470: { 1.1.1.7 ! root 471: iv64[3] = ivSeed[3] ^ LE64(secNo); 1.1.1.5 root 472: } 473: 474: iv[0] = iv32[0]; 475: iv[1] = iv32[1]; 476: 477: switch (blockSize) 478: { 479: case 16: 480: 481: // 128-bit block 482: 483: iv[2] = iv32[2]; 484: iv[3] = iv32[3]; 485: 1.1.1.7 ! root 486: whitening[0] = LE32( crc32int ( &iv32[4] ) ^ crc32int ( &iv32[7] ) ); ! 487: whitening[1] = LE32( crc32int ( &iv32[5] ) ^ crc32int ( &iv32[6] ) ); 1.1.1.5 root 488: break; 489: 490: case 8: 491: 492: // 64-bit block 493: 1.1.1.7 ! root 494: whitening[0] = LE32( crc32int ( &iv32[2] ) ^ crc32int ( &iv32[5] ) ); ! 495: whitening[1] = LE32( crc32int ( &iv32[3] ) ^ crc32int ( &iv32[4] ) ); 1.1.1.5 root 496: break; 1.1 root 497: } 498: } 499: 1.1.1.5 root 500: 501: // EncryptBufferCBC 502: // 503: // data: data to be encrypted 504: // len: number of bytes to encrypt (must be divisible by the largest cipher block size) 505: // ks: scheduled key 506: // iv: IV 507: // whitening: whitening constants 508: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC) 509: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC) 510: 511: static void 1.1.1.7 ! root 512: EncryptBufferCBC (unsigned __int32 *data, ! 513: unsigned int len, 1.1.1.5 root 514: unsigned char *ks, 1.1.1.7 ! root 515: unsigned __int32 *iv, ! 516: unsigned __int32 *whitening, 1.1.1.5 root 517: int ea, 518: int cipher) 1.1 root 519: { 1.1.1.7 ! root 520: unsigned __int32 bufIV[4]; 1.1.1.5 root 521: unsigned __int64 i; 522: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher); 523: 524: // IV 525: bufIV[0] = iv[0]; 526: bufIV[1] = iv[1]; 527: if (blockSize == 16) 528: { 529: bufIV[2] = iv[2]; 530: bufIV[3] = iv[3]; 531: } 532: 533: // Encrypt each block 534: for (i = 0; i < len/blockSize; i++) 535: { 536: // CBC 537: data[0] ^= bufIV[0]; 538: data[1] ^= bufIV[1]; 539: if (blockSize == 16) 540: { 541: data[2] ^= bufIV[2]; 542: data[3] ^= bufIV[3]; 543: } 544: 545: if (ea != 0) 546: { 547: // Outer-CBC 548: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher)) 549: { 550: EncipherBlock (cipher, data, ks); 551: ks += CipherGetKeyScheduleSize (cipher); 552: } 553: ks -= EAGetKeyScheduleSize (ea); 554: } 555: else 556: { 557: // CBC/inner-CBC 558: EncipherBlock (cipher, data, ks); 559: } 560: 561: // CBC 562: bufIV[0] = data[0]; 563: bufIV[1] = data[1]; 564: if (blockSize == 16) 565: { 566: bufIV[2] = data[2]; 567: bufIV[3] = data[3]; 568: } 569: 570: // Whitening 571: data[0] ^= whitening[0]; 572: data[1] ^= whitening[1]; 573: if (blockSize == 16) 574: { 575: data[2] ^= whitening[0]; 576: data[3] ^= whitening[1]; 577: } 578: 1.1.1.7 ! root 579: data += blockSize / sizeof(*data); 1.1.1.5 root 580: } 1.1 root 581: } 582: 1.1.1.5 root 583: 584: // DecryptBufferCBC 585: // 586: // data: data to be decrypted 587: // len: number of bytes to decrypt (must be divisible by the largest cipher block size) 588: // ks: scheduled key 589: // iv: IV 590: // whitening: whitening constants 591: // ea: outer-CBC cascade ID (0 = CBC/inner-CBC) 592: // cipher: CBC/inner-CBC cipher ID (0 = outer-CBC) 593: 594: static void 1.1.1.7 ! root 595: DecryptBufferCBC (unsigned __int32 *data, ! 596: unsigned int len, 1.1.1.5 root 597: unsigned char *ks, 1.1.1.7 ! root 598: unsigned __int32 *iv, ! 599: unsigned __int32 *whitening, 1.1.1.5 root 600: int ea, 601: int cipher) 1.1 root 602: { 1.1.1.7 ! root 603: unsigned __int32 bufIV[4]; 1.1.1.5 root 604: unsigned __int64 i; 1.1.1.7 ! root 605: unsigned __int32 ct[4]; 1.1.1.5 root 606: int blockSize = CipherGetBlockSize (ea != 0 ? EAGetFirstCipher (ea) : cipher); 607: 608: // IV 609: bufIV[0] = iv[0]; 610: bufIV[1] = iv[1]; 611: if (blockSize == 16) 1.1 root 612: { 1.1.1.5 root 613: bufIV[2] = iv[2]; 614: bufIV[3] = iv[3]; 615: } 616: 617: // Decrypt each block 618: for (i = 0; i < len/blockSize; i++) 619: { 620: // Dewhitening 621: data[0] ^= whitening[0]; 622: data[1] ^= whitening[1]; 623: if (blockSize == 16) 624: { 625: data[2] ^= whitening[0]; 626: data[3] ^= whitening[1]; 627: } 628: 629: // CBC 630: ct[0] = data[0]; 631: ct[1] = data[1]; 632: if (blockSize == 16) 633: { 634: ct[2] = data[2]; 635: ct[3] = data[3]; 636: } 637: 638: if (ea != 0) 639: { 640: // Outer-CBC 641: ks += EAGetKeyScheduleSize (ea); 642: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher)) 643: { 644: ks -= CipherGetKeyScheduleSize (cipher); 645: DecipherBlock (cipher, data, ks); 646: } 647: } 648: else 649: { 650: // CBC/inner-CBC 651: DecipherBlock (cipher, data, ks); 652: } 653: 654: // CBC 655: data[0] ^= bufIV[0]; 656: data[1] ^= bufIV[1]; 657: bufIV[0] = ct[0]; 658: bufIV[1] = ct[1]; 659: if (blockSize == 16) 660: { 661: data[2] ^= bufIV[2]; 662: data[3] ^= bufIV[3]; 663: bufIV[2] = ct[2]; 664: bufIV[3] = ct[3]; 665: } 666: 1.1.1.7 ! root 667: data += blockSize / sizeof(*data); 1.1 root 668: } 669: } 1.1.1.5 root 670: 671: 672: // EncryptBuffer 673: // 674: // buf: data to be encrypted 675: // len: number of bytes to encrypt; must be divisible by the block size (for cascaded 676: // ciphers divisible by the largest block size used within the cascade) 677: // ks: scheduled key 678: // iv: IV 679: // whitening: whitening constants 680: // ea: encryption algorithm 681: 682: void 1.1.1.7 ! root 683: EncryptBuffer (unsigned __int32 *buf, 1.1.1.5 root 684: unsigned __int64 len, 685: unsigned char *ks, 686: void *iv, 687: void *whitening, 688: int ea) 689: { 690: int cipher; 691: 692: switch (EAGetMode(ea)) 693: { 694: case CBC: 695: case INNER_CBC: 696: 697: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher)) 698: { 699: EncryptBufferCBC (buf, 1.1.1.7 ! root 700: (unsigned int) len, 1.1.1.5 root 701: ks, 1.1.1.7 ! root 702: (unsigned __int32 *) iv, ! 703: (unsigned __int32 *) whitening, 1.1.1.5 root 704: 0, 705: cipher); 706: 707: ks += CipherGetKeyScheduleSize (cipher); 708: } 709: 710: break; 711: 712: case OUTER_CBC: 713: 714: EncryptBufferCBC (buf, 1.1.1.7 ! root 715: (unsigned int) len, 1.1.1.5 root 716: ks, 1.1.1.7 ! root 717: (unsigned __int32 *) iv, ! 718: (unsigned __int32 *) whitening, 1.1.1.5 root 719: ea, 720: 0); 721: 722: break; 723: } 724: } 725: 726: // EncryptSectors 727: // 728: // buf: data to be encrypted 729: // secNo: sector number relative to volume start 730: // noSectors: number of sectors in buffer 731: // ks: scheduled key 732: // iv: IV 733: // ea: encryption algorithm 734: 735: void _cdecl 1.1.1.7 ! root 736: EncryptSectors (unsigned __int32 *buf, 1.1.1.5 root 737: unsigned __int64 secNo, 738: unsigned __int64 noSectors, 739: unsigned char *ks, 740: void *iv, 741: int ea) 742: { 743: unsigned __int64 *iv64 = (unsigned __int64 *) iv; 1.1.1.7 ! root 744: unsigned __int32 sectorIV[4]; ! 745: unsigned __int32 secWhitening[2]; 1.1.1.5 root 746: int cipher; 747: 748: switch (EAGetMode(ea)) 749: { 750: case CBC: 751: case INNER_CBC: 752: 753: while (noSectors--) 754: { 755: for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher)) 756: { 757: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening); 758: 759: EncryptBufferCBC (buf, 760: SECTOR_SIZE, 761: ks, 762: sectorIV, 763: secWhitening, 764: 0, 765: cipher); 766: 767: ks += CipherGetKeyScheduleSize (cipher); 768: } 769: ks -= EAGetKeyScheduleSize (ea); 1.1.1.7 ! root 770: buf += SECTOR_SIZE / sizeof(*buf); 1.1.1.5 root 771: secNo++; 772: } 773: break; 774: 775: case OUTER_CBC: 776: 777: while (noSectors--) 778: { 779: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening); 780: 781: EncryptBufferCBC (buf, 782: SECTOR_SIZE, 783: ks, 784: sectorIV, 785: secWhitening, 786: ea, 787: 0); 788: 1.1.1.7 ! root 789: buf += SECTOR_SIZE / sizeof(*buf); 1.1.1.5 root 790: secNo++; 791: } 792: break; 793: } 794: } 795: 796: // DecryptBuffer 797: // 798: // buf: data to be decrypted 799: // len: number of bytes to decrypt; must be divisible by the block size (for cascaded 800: // ciphers divisible by the largest block size used within the cascade) 801: // ks: scheduled key 802: // iv: IV 803: // whitening: whitening constants 804: // ea: encryption algorithm 805: void 1.1.1.7 ! root 806: DecryptBuffer (unsigned __int32 *buf, 1.1.1.5 root 807: unsigned __int64 len, 808: unsigned char *ks, 809: void *iv, 810: void *whitening, 811: int ea) 812: { 813: int cipher; 814: 815: switch (EAGetMode(ea)) 816: { 817: case CBC: 818: case INNER_CBC: 819: 820: ks += EAGetKeyScheduleSize (ea); 821: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher)) 822: { 823: ks -= CipherGetKeyScheduleSize (cipher); 824: 825: DecryptBufferCBC (buf, 1.1.1.7 ! root 826: (unsigned int) len, 1.1.1.5 root 827: ks, 1.1.1.7 ! root 828: (unsigned __int32 *) iv, ! 829: (unsigned __int32 *) whitening, 1.1.1.5 root 830: 0, 831: cipher); 832: } 833: break; 834: 835: case OUTER_CBC: 836: 837: DecryptBufferCBC (buf, 1.1.1.7 ! root 838: (unsigned int) len, 1.1.1.5 root 839: ks, 1.1.1.7 ! root 840: (unsigned __int32 *) iv, ! 841: (unsigned __int32 *) whitening, 1.1.1.5 root 842: ea, 843: 0); 844: 845: break; 846: } 847: } 848: 849: // DecryptSectors 850: // 851: // buf: data to be decrypted 852: // secNo: sector number relative to volume start 853: // noSectors: number of sectors in buffer 854: // ks: scheduled key 855: // iv: IV 856: // ea: encryption algorithm 857: 858: void _cdecl 1.1.1.7 ! root 859: DecryptSectors (unsigned __int32 *buf, 1.1.1.5 root 860: unsigned __int64 secNo, 861: unsigned __int64 noSectors, 862: unsigned char *ks, 863: void *iv, 864: int ea) 865: { 866: unsigned __int64 *iv64 = (unsigned __int64 *) iv; 1.1.1.7 ! root 867: unsigned __int32 sectorIV[4]; ! 868: unsigned __int32 secWhitening[2]; 1.1.1.5 root 869: int cipher; 870: 871: switch (EAGetMode(ea)) 872: { 873: case CBC: 874: case INNER_CBC: 875: 876: while (noSectors--) 877: { 878: ks += EAGetKeyScheduleSize (ea); 879: for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher)) 880: { 881: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (cipher), sectorIV, iv64, secWhitening); 882: 883: ks -= CipherGetKeyScheduleSize (cipher); 884: 885: DecryptBufferCBC (buf, 886: SECTOR_SIZE, 887: ks, 888: sectorIV, 889: secWhitening, 890: 0, 891: cipher); 892: } 1.1.1.7 ! root 893: buf += SECTOR_SIZE / sizeof(*buf); 1.1.1.5 root 894: secNo++; 895: } 896: break; 897: 898: case OUTER_CBC: 899: 900: while (noSectors--) 901: { 902: InitSectorIVAndWhitening (secNo, CipherGetBlockSize (EAGetFirstCipher (ea)), sectorIV, iv64, secWhitening); 903: 904: DecryptBufferCBC (buf, 905: SECTOR_SIZE, 906: ks, 907: sectorIV, 908: secWhitening, 909: ea, 910: 0); 911: 1.1.1.7 ! root 912: buf += SECTOR_SIZE / sizeof(*buf); 1.1.1.5 root 913: secNo++; 914: } 915: break; 916: } 917: } 918:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.