return cs->bInit;
}
-void CryptState_genKey(cryptState_t *cs) {
- RAND_bytes(cs->raw_key, AES_BLOCK_SIZE);
- RAND_bytes(cs->encrypt_iv, AES_BLOCK_SIZE);
- RAND_bytes(cs->decrypt_iv, AES_BLOCK_SIZE);
-#ifndef USE_POLARSSL
- AES_set_encrypt_key(cs->raw_key, 128, &cs->encrypt_key);
- AES_set_decrypt_key(cs->raw_key, 128, &cs->decrypt_key);
-#else
- aes_setkey_enc(&cs->aes_enc, cs->raw_key, 128);
- aes_setkey_dec(&cs->aes_dec, cs->raw_key, 128);
-#endif
+void CryptState_genKey(cryptState_t *cs)
+{
+ CRYPT_RANDOM_BYTES(&cs->raw_key, AES_BLOCK_SIZE);
+ CRYPT_RANDOM_BYTES(&cs->encrypt_iv, AES_BLOCK_SIZE);
+ CRYPT_RANDOM_BYTES(&cs->decrypt_iv, AES_BLOCK_SIZE);
+
+ CRYPT_SET_ENC_KEY(&cs->encrypt_key, cs->raw_key, 128);
+ CRYPT_SET_DEC_KEY(&cs->decrypt_key, cs->raw_key, 128);
+
cs->bInit = true;
}
memcpy(cs->raw_key, rkey, AES_BLOCK_SIZE);
memcpy(cs->encrypt_iv, eiv, AES_BLOCK_SIZE);
memcpy(cs->decrypt_iv, div, AES_BLOCK_SIZE);
-#ifndef USE_POLARSSL
- AES_set_encrypt_key(cs->decrypt_iv, 128, &cs->encrypt_key);
- AES_set_decrypt_key(cs->raw_key, 128, &cs->decrypt_key);
-#else
- aes_setkey_enc(&cs->aes_enc, cs->decrypt_iv, 128);
- aes_setkey_dec(&cs->aes_dec, cs->raw_key, 128);
-#endif
+
+ CRYPT_SET_ENC_KEY(&cs->encrypt_key, cs->decrypt_iv, 128);
+ CRYPT_SET_DEC_KEY(&cs->decrypt_key, cs->raw_key, 128);
+
cs->bInit = true;
}
block[i]=0;
}
-#ifdef USE_POLARSSL
-#define AESencrypt(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->aes_enc, AES_ENCRYPT, (unsigned char *)(src), (unsigned char *)(dst));
-#define AESdecrypt(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->aes_dec, AES_DECRYPT, (unsigned char *)(src), (unsigned char *)(dst));
-#else
-#define AESencrypt(src, dst, cryptstate) AES_encrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->encrypt_key);
-#define AESdecrypt(src, dst, cryptstate) AES_decrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->decrypt_key);
-#endif
-
void CryptState_ocb_encrypt(cryptState_t *cs, const unsigned char *plain, unsigned char *encrypted, unsigned int len, const unsigned char *nonce, unsigned char *tag) {
subblock checksum[BLOCKSIZE], delta[BLOCKSIZE], tmp[BLOCKSIZE], pad[BLOCKSIZE];
// Initialize
- AESencrypt(nonce, delta, cs);
+ CRYPT_AES_ENCRYPT(nonce, delta, cs);
ZERO(checksum);
while (len > AES_BLOCK_SIZE) {
S2(delta);
XOR(tmp, delta, (const subblock *)(plain));
- AESencrypt(tmp, tmp, cs);
+ CRYPT_AES_ENCRYPT(tmp, tmp, cs);
XOR((subblock *)(encrypted), delta, tmp);
XOR(checksum, checksum, (subblock *)(plain));
len -= AES_BLOCK_SIZE;
ZERO(tmp);
tmp[BLOCKSIZE - 1] = SWAPPED(len * 8);
XOR(tmp, tmp, delta);
- AESencrypt(tmp, pad, cs);
+ CRYPT_AES_ENCRYPT(tmp, pad, cs);
memcpy(tmp, plain, len);
memcpy((unsigned char *)tmp + len, (unsigned char *)pad + len, AES_BLOCK_SIZE - len);
XOR(checksum, checksum, tmp);
S3(delta);
XOR(tmp, delta, checksum);
- AESencrypt(tmp, tag, cs);
+ CRYPT_AES_ENCRYPT(tmp, tag, cs);
}
void CryptState_ocb_decrypt(cryptState_t *cs, const unsigned char *encrypted, unsigned char *plain, unsigned int len, const unsigned char *nonce, unsigned char *tag) {
subblock checksum[BLOCKSIZE], delta[BLOCKSIZE], tmp[BLOCKSIZE], pad[BLOCKSIZE];
// Initialize
- AESencrypt(nonce, delta, cs);
+ CRYPT_AES_ENCRYPT(nonce, delta, cs);
ZERO(checksum);
while (len > AES_BLOCK_SIZE) {
S2(delta);
XOR(tmp, delta, (const subblock *)(encrypted));
- AESdecrypt(tmp, tmp, cs);
+ CRYPT_AES_DECRYPT(tmp, tmp, cs);
XOR((subblock *)(plain), delta, tmp);
XOR(checksum, checksum, (const subblock *)(plain));
len -= AES_BLOCK_SIZE;
ZERO(tmp);
tmp[BLOCKSIZE - 1] = SWAPPED(len * 8);
XOR(tmp, tmp, delta);
- AESencrypt(tmp, pad, cs);
+ CRYPT_AES_ENCRYPT(tmp, pad, cs);
memset(tmp, 0, AES_BLOCK_SIZE);
memcpy(tmp, encrypted, len);
XOR(tmp, tmp, pad);
S3(delta);
XOR(tmp, delta, checksum);
- AESencrypt(tmp, tag, cs);
+ CRYPT_AES_ENCRYPT(tmp, tag, cs);
}
#include "byteorder.h"
#include "config.h"
-#ifdef USE_POLARSSL
+#if defined(USE_POLARSSL)
+
#include <polarssl/havege.h>
#include <polarssl/aes.h>
+
+#define CRYPT_AES_KEY aes_context
#define AES_BLOCK_SIZE 16
+
+#define CRYPT_RANDOM_BYTES(dest, size) RAND_bytes((dest), (size))
+#define CRYPT_SET_ENC_KEY(dest, source, size) aes_setkey_enc((dest), (source), (size));
+#define CRYPT_SET_DEC_KEY(dest, source, size) aes_setkey_dec((dest), (source), (size));
+
+#define CRYPT_AES_ENCRYPT(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->encrypt_key, AES_ENCRYPT, (unsigned char *)(src), (unsigned char *)(dst));
+#define CRYPT_AES_DECRYPT(src, dst, cryptstate) aes_crypt_ecb(&(cryptstate)->decrypt_key, AES_DECRYPT, (unsigned char *)(src), (unsigned char *)(dst));
+
+#elif defined(USE_GNUTLS)
+
+#include <nettle/aes.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+
+#define CRYPT_AES_KEY struct aes_ctx
+#define CRYPT_RANDOM_BYTES(dest, size) gnutls_rnd(GNUTLS_RND_KEY, (dest), (size))
+#define CRYPT_SET_ENC_KEY(dest, source, size) aes_set_encrypt_key((dest), (size)/8, (source));
+#define CRYPT_SET_DEC_KEY(dest, source, size) aes_set_decrypt_key((dest), (size)/8, (source));
+
+#define CRYPT_AES_ENCRYPT(src, dest, ctx) aes_encrypt(&(ctx)->encrypt_key, AES_BLOCK_SIZE, (uint8_t *)(dest), (uint8_t *)(src))
+#define CRYPT_AES_DECRYPT(src, dest, ctx) aes_decrypt(&(ctx)->decrypt_key, AES_BLOCK_SIZE, (uint8_t *)(dest), (uint8_t *)(src))
+
#else
+
#include <openssl/rand.h>
#include <openssl/aes.h>
+
+#define CRYPT_AES_KEY AES_KEY
+#define CRYPT_RANDOM_BYTES(dest, size) RAND_bytes((dest), (size))
+#define CRYPT_SET_ENC_KEY(dest, source, size) AES_set_encrypt_key((source), (size), (dest));
+#define CRYPT_SET_DEC_KEY(dest, source, size) AES_set_decrypt_key((source), (size), (dest));
+
+#define CRYPT_AES_ENCRYPT(src, dst, cryptstate) AES_encrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->encrypt_key);
+#define CRYPT_AES_DECRYPT(src, dst, cryptstate) AES_decrypt((unsigned char *)(src), (unsigned char *)(dst), &(cryptstate)->decrypt_key);
+
#endif
#include <stdint.h>
unsigned int uiRemoteLate;
unsigned int uiRemoteLost;
unsigned int uiRemoteResync;
-#ifndef USE_POLARSSL
- AES_KEY encrypt_key;
- AES_KEY decrypt_key;
-#else
- aes_context aes_enc;
- aes_context aes_dec;
-#endif
+
+ CRYPT_AES_KEY encrypt_key;
+ CRYPT_AES_KEY decrypt_key;
+
etimer_t tLastGood;
etimer_t tLastRequest;
bool_t bInit;
projects / umurmur.git / commitdiff