[cipher] re-enable XTS code
This commit is contained in:
Vincent Hanquez
parent
d6f2f7c1c0
commit
224b34eb2c
@ -37,7 +37,7 @@ import qualified Data.ByteString as B
|
|||||||
import Data.Byteable
|
import Data.Byteable
|
||||||
import Data.Word
|
import Data.Word
|
||||||
import Crypto.Cipher.Types.Base
|
import Crypto.Cipher.Types.Base
|
||||||
--import Crypto.Cipher.Types.GF
|
import Crypto.Cipher.Types.GF
|
||||||
import Crypto.Cipher.Types.Utils
|
import Crypto.Cipher.Types.Utils
|
||||||
|
|
||||||
import Crypto.Internal.ByteArray
|
import Crypto.Internal.ByteArray
|
||||||
@ -54,11 +54,11 @@ instance BlockCipher c => ByteArrayAccess (IV c) where
|
|||||||
instance Eq (IV c) where
|
instance Eq (IV c) where
|
||||||
(IV a) == (IV b) = byteArrayEq a b
|
(IV a) == (IV b) = byteArrayEq a b
|
||||||
|
|
||||||
type XTS cipher = (cipher, cipher)
|
type XTS ba cipher = (cipher, cipher)
|
||||||
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
||||||
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
||||||
-> ByteString -- ^ Data
|
-> ba -- ^ Data
|
||||||
-> ByteString -- ^ Processed Data
|
-> ba -- ^ Processed Data
|
||||||
|
|
||||||
-- | Symmetric block cipher class
|
-- | Symmetric block cipher class
|
||||||
class Cipher cipher => BlockCipher cipher where
|
class Cipher cipher => BlockCipher cipher where
|
||||||
@ -132,23 +132,25 @@ class BlockCipher cipher => BlockCipher128 cipher where
|
|||||||
--
|
--
|
||||||
-- input need to be a multiple of the blocksize, and the cipher
|
-- input need to be a multiple of the blocksize, and the cipher
|
||||||
-- need to process 128 bits block only
|
-- need to process 128 bits block only
|
||||||
xtsEncrypt :: (cipher, cipher)
|
xtsEncrypt :: ByteArray ba
|
||||||
|
=> (cipher, cipher)
|
||||||
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
||||||
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
||||||
-> ByteString -- ^ Plaintext
|
-> ba -- ^ Plaintext
|
||||||
-> ByteString -- ^ Ciphertext
|
-> ba -- ^ Ciphertext
|
||||||
xtsEncrypt = undefined -- xtsEncryptGeneric
|
xtsEncrypt = xtsEncryptGeneric
|
||||||
|
|
||||||
-- | decrypt using the XTS mode.
|
-- | decrypt using the XTS mode.
|
||||||
--
|
--
|
||||||
-- input need to be a multiple of the blocksize, and the cipher
|
-- input need to be a multiple of the blocksize, and the cipher
|
||||||
-- need to process 128 bits block only
|
-- need to process 128 bits block only
|
||||||
xtsDecrypt :: (cipher, cipher)
|
xtsDecrypt :: ByteArray ba
|
||||||
|
=> (cipher, cipher)
|
||||||
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
-> IV cipher -- ^ Usually represent the Data Unit (e.g. disk sector)
|
||||||
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
-> DataUnitOffset -- ^ Offset in the data unit in number of blocks
|
||||||
-> ByteString -- ^ Ciphertext
|
-> ba -- ^ Ciphertext
|
||||||
-> ByteString -- ^ Plaintext
|
-> ba -- ^ Plaintext
|
||||||
xtsDecrypt = undefined -- xtsDecryptGeneric
|
xtsDecrypt = xtsDecryptGeneric
|
||||||
|
|
||||||
-- | Authenticated Encryption with Associated Data algorithms
|
-- | Authenticated Encryption with Associated Data algorithms
|
||||||
data AEAD cipher = AEAD cipher (AEADState cipher)
|
data AEAD cipher = AEAD cipher (AEADState cipher)
|
||||||
@ -241,30 +243,27 @@ ctrCombineGeneric cipher ivini input = byteArrayConcat $ doCnt ivini $ chunk (bl
|
|||||||
let ivEnc = ecbEncrypt cipher ivd
|
let ivEnc = ecbEncrypt cipher ivd
|
||||||
in byteArrayXor i ivEnc : doCnt (ivAdd iv 1) is
|
in byteArrayXor i ivEnc : doCnt (ivAdd iv 1) is
|
||||||
|
|
||||||
{-
|
xtsEncryptGeneric :: (ByteArray ba, BlockCipher128 cipher) => XTS ba cipher
|
||||||
xtsEncryptGeneric :: BlockCipher128 cipher => XTS cipher
|
|
||||||
xtsEncryptGeneric = xtsGeneric ecbEncrypt
|
xtsEncryptGeneric = xtsGeneric ecbEncrypt
|
||||||
|
|
||||||
xtsDecryptGeneric :: BlockCipher128 cipher => XTS cipher
|
xtsDecryptGeneric :: (ByteArray ba, BlockCipher128 cipher) => XTS ba cipher
|
||||||
xtsDecryptGeneric = xtsGeneric ecbDecrypt
|
xtsDecryptGeneric = xtsGeneric ecbDecrypt
|
||||||
|
|
||||||
xtsGeneric :: BlockCipher128 cipher
|
xtsGeneric :: (ByteArray ba, BlockCipher128 cipher)
|
||||||
=> (cipher -> B.ByteString -> B.ByteString)
|
=> (cipher -> ba -> ba)
|
||||||
-> (cipher, cipher)
|
-> (cipher, cipher)
|
||||||
-> IV cipher
|
-> IV cipher
|
||||||
-> DataUnitOffset
|
-> DataUnitOffset
|
||||||
-> ByteString
|
-> ba
|
||||||
-> ByteString
|
-> ba
|
||||||
xtsGeneric f (cipher, tweakCipher) iv sPoint input
|
xtsGeneric f (cipher, tweakCipher) (IV iv) sPoint input =
|
||||||
| blockSize cipher /= 16 = error "XTS mode is only available with cipher that have a block size of 128 bits"
|
byteArrayConcat $ doXts iniTweak $ chunk (blockSize cipher) input
|
||||||
| otherwise = byteArrayConcat $ doXts iniTweak $ chunk (blockSize cipher) input
|
|
||||||
where encTweak = ecbEncrypt tweakCipher iv
|
where encTweak = ecbEncrypt tweakCipher iv
|
||||||
iniTweak = iterate xtsGFMul encTweak !! fromIntegral sPoint
|
iniTweak = iterate xtsGFMul encTweak !! fromIntegral sPoint
|
||||||
doXts _ [] = []
|
doXts _ [] = []
|
||||||
doXts tweak (i:is) =
|
doXts tweak (i:is) =
|
||||||
let o = bxor (f cipher $ bxor i tweak) tweak
|
let o = byteArrayXor (f cipher $ byteArrayXor i tweak) tweak
|
||||||
in o : doXts (xtsGFMul tweak) is
|
in o : doXts (xtsGFMul tweak) is
|
||||||
-}
|
|
||||||
|
|
||||||
{-
|
{-
|
||||||
-- | Encrypt using CFB mode in 8 bit output
|
-- | Encrypt using CFB mode in 8 bit output
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user