diff --git a/Crypto/Cipher/AES/Internal.hs b/Crypto/Cipher/AES/Internal.hs new file mode 100644 index 0000000..6057530 --- /dev/null +++ b/Crypto/Cipher/AES/Internal.hs @@ -0,0 +1,84 @@ +-- | +-- Module : Crypto.Cipher.AES.Internal +-- License : BSD-style +-- Maintainer : Vincent Hanquez +-- Stability : stable +-- Portability : good +-- +{-# LANGUAGE ForeignFunctionInterface #-} +{-# LANGUAGE EmptyDataDecls #-} +{-# OPTIONS_GHC -fno-warn-unused-binds #-} +{-# OPTIONS_GHC -fno-warn-unused-matches #-} +module Crypto.Cipher.AES.Internal + ( + ) where + +import Data.Word +import Foreign.Ptr +import Foreign.C.Types +import Foreign.C.String + +data AES +data AESOCB +data AESGCM + +------------------------------------------------------------------------ +foreign import ccall "cryptonite_aes.h cryptonite_aes_initkey" + c_aes_init :: Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_ecb" + c_aes_encrypt_ecb :: CString -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_ecb" + c_aes_decrypt_ecb :: CString -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_cbc" + c_aes_encrypt_cbc :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_cbc" + c_aes_decrypt_cbc :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_xts" + c_aes_encrypt_xts :: CString -> Ptr AES -> Ptr AES -> Ptr Word8 -> CUInt -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_decrypt_xts" + c_aes_decrypt_xts :: CString -> Ptr AES -> Ptr AES -> Ptr Word8 -> CUInt -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gen_ctr" + c_aes_gen_ctr :: CString -> Ptr AES -> Ptr Word8 -> CUInt -> IO () + +foreign import ccall unsafe "cryptonite_aes.h cryptonite_aes_gen_ctr_cont" + c_aes_gen_ctr_cont :: CString -> Ptr AES -> Ptr Word8 -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_encrypt_ctr" + c_aes_encrypt_ctr :: CString -> Ptr AES -> Ptr Word8 -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_init" + c_aes_gcm_init :: Ptr AESGCM -> Ptr AES -> Ptr Word8 -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_aad" + c_aes_gcm_aad :: Ptr AESGCM -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_encrypt" + c_aes_gcm_encrypt :: CString -> Ptr AESGCM -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_decrypt" + c_aes_gcm_decrypt :: CString -> Ptr AESGCM -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_gcm_finish" + c_aes_gcm_finish :: CString -> Ptr AESGCM -> Ptr AES -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_init" + c_aes_ocb_init :: Ptr AESOCB -> Ptr AES -> Ptr Word8 -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_aad" + c_aes_ocb_aad :: Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_encrypt" + c_aes_ocb_encrypt :: CString -> Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_decrypt" + c_aes_ocb_decrypt :: CString -> Ptr AESOCB -> Ptr AES -> CString -> CUInt -> IO () + +foreign import ccall "cryptonite_aes.h cryptonite_aes_ocb_finish" + c_aes_ocb_finish :: CString -> Ptr AESOCB -> Ptr AES -> IO () diff --git a/cbits/aes/generic.c b/cbits/aes/generic.c index fdee5d6..32963ad 100644 --- a/cbits/aes/generic.c +++ b/cbits/aes/generic.c @@ -403,7 +403,7 @@ static void aes_main_inv(aes_key *key, uint8_t *state) t[2] = f[8]; t[6] = f[9]; t[10] = f[10]; t[14] = f[11]; \ t[3] = f[12]; t[7] = f[13]; t[11] = f[14]; t[15] = f[15] -void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input) +void cryptonite_aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input) { uint8_t block[16]; uint8_t *iptr, *optr; @@ -415,7 +415,7 @@ void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input swap_block(optr, block); } -void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input) +void cryptonite_aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input) { uint8_t block[16]; uint8_t *iptr, *optr; @@ -427,7 +427,7 @@ void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input swap_block(optr, block); } -void aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size) +void cryptonite_aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size) { int esz; diff --git a/cbits/aes/generic.h b/cbits/aes/generic.h index e54eb6b..324ccdd 100644 --- a/cbits/aes/generic.h +++ b/cbits/aes/generic.h @@ -29,6 +29,6 @@ */ #include "cryptonite_aes.h" -void aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input); -void aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input); -void aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size); +void cryptonite_aes_generic_encrypt_block(aes_block *output, aes_key *key, aes_block *input); +void cryptonite_aes_generic_decrypt_block(aes_block *output, aes_key *key, aes_block *input); +void cryptonite_aes_generic_init(aes_key *key, uint8_t *origkey, uint8_t size); diff --git a/cbits/cryptonite_aes.c b/cbits/cryptonite_aes.c index 595585a..656baa4 100644 --- a/cbits/cryptonite_aes.c +++ b/cbits/cryptonite_aes.c @@ -39,19 +39,19 @@ #include #include -void aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks); -void aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks); -void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks); -void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks); -void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t length); -void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks); +void cryptonite_aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks); +void cryptonite_aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks); +void cryptonite_aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks); +void cryptonite_aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t length); +void cryptonite_aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks); -void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks); -void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length); -void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length); -void aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length); -void aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length); +void cryptonite_aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length); +void cryptonite_aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length); +void cryptonite_aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length); +void cryptonite_aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length); enum { /* init */ @@ -80,55 +80,55 @@ enum { void *branch_table[] = { /* INIT */ - [INIT_128] = aes_generic_init, - [INIT_192] = aes_generic_init, - [INIT_256] = aes_generic_init, + [INIT_128] = cryptonite_aes_generic_init, + [INIT_192] = cryptonite_aes_generic_init, + [INIT_256] = cryptonite_aes_generic_init, /* BLOCK */ - [ENCRYPT_BLOCK_128] = aes_generic_encrypt_block, - [ENCRYPT_BLOCK_192] = aes_generic_encrypt_block, - [ENCRYPT_BLOCK_256] = aes_generic_encrypt_block, - [DECRYPT_BLOCK_128] = aes_generic_decrypt_block, - [DECRYPT_BLOCK_192] = aes_generic_decrypt_block, - [DECRYPT_BLOCK_256] = aes_generic_decrypt_block, + [ENCRYPT_BLOCK_128] = cryptonite_aes_generic_encrypt_block, + [ENCRYPT_BLOCK_192] = cryptonite_aes_generic_encrypt_block, + [ENCRYPT_BLOCK_256] = cryptonite_aes_generic_encrypt_block, + [DECRYPT_BLOCK_128] = cryptonite_aes_generic_decrypt_block, + [DECRYPT_BLOCK_192] = cryptonite_aes_generic_decrypt_block, + [DECRYPT_BLOCK_256] = cryptonite_aes_generic_decrypt_block, /* ECB */ - [ENCRYPT_ECB_128] = aes_generic_encrypt_ecb, - [ENCRYPT_ECB_192] = aes_generic_encrypt_ecb, - [ENCRYPT_ECB_256] = aes_generic_encrypt_ecb, - [DECRYPT_ECB_128] = aes_generic_decrypt_ecb, - [DECRYPT_ECB_192] = aes_generic_decrypt_ecb, - [DECRYPT_ECB_256] = aes_generic_decrypt_ecb, + [ENCRYPT_ECB_128] = cryptonite_aes_generic_encrypt_ecb, + [ENCRYPT_ECB_192] = cryptonite_aes_generic_encrypt_ecb, + [ENCRYPT_ECB_256] = cryptonite_aes_generic_encrypt_ecb, + [DECRYPT_ECB_128] = cryptonite_aes_generic_decrypt_ecb, + [DECRYPT_ECB_192] = cryptonite_aes_generic_decrypt_ecb, + [DECRYPT_ECB_256] = cryptonite_aes_generic_decrypt_ecb, /* CBC */ - [ENCRYPT_CBC_128] = aes_generic_encrypt_cbc, - [ENCRYPT_CBC_192] = aes_generic_encrypt_cbc, - [ENCRYPT_CBC_256] = aes_generic_encrypt_cbc, - [DECRYPT_CBC_128] = aes_generic_decrypt_cbc, - [DECRYPT_CBC_192] = aes_generic_decrypt_cbc, - [DECRYPT_CBC_256] = aes_generic_decrypt_cbc, + [ENCRYPT_CBC_128] = cryptonite_aes_generic_encrypt_cbc, + [ENCRYPT_CBC_192] = cryptonite_aes_generic_encrypt_cbc, + [ENCRYPT_CBC_256] = cryptonite_aes_generic_encrypt_cbc, + [DECRYPT_CBC_128] = cryptonite_aes_generic_decrypt_cbc, + [DECRYPT_CBC_192] = cryptonite_aes_generic_decrypt_cbc, + [DECRYPT_CBC_256] = cryptonite_aes_generic_decrypt_cbc, /* CTR */ - [ENCRYPT_CTR_128] = aes_generic_encrypt_ctr, - [ENCRYPT_CTR_192] = aes_generic_encrypt_ctr, - [ENCRYPT_CTR_256] = aes_generic_encrypt_ctr, + [ENCRYPT_CTR_128] = cryptonite_aes_generic_encrypt_ctr, + [ENCRYPT_CTR_192] = cryptonite_aes_generic_encrypt_ctr, + [ENCRYPT_CTR_256] = cryptonite_aes_generic_encrypt_ctr, /* XTS */ - [ENCRYPT_XTS_128] = aes_generic_encrypt_xts, - [ENCRYPT_XTS_192] = aes_generic_encrypt_xts, - [ENCRYPT_XTS_256] = aes_generic_encrypt_xts, - [DECRYPT_XTS_128] = aes_generic_decrypt_xts, - [DECRYPT_XTS_192] = aes_generic_decrypt_xts, - [DECRYPT_XTS_256] = aes_generic_decrypt_xts, + [ENCRYPT_XTS_128] = cryptonite_aes_generic_encrypt_xts, + [ENCRYPT_XTS_192] = cryptonite_aes_generic_encrypt_xts, + [ENCRYPT_XTS_256] = cryptonite_aes_generic_encrypt_xts, + [DECRYPT_XTS_128] = cryptonite_aes_generic_decrypt_xts, + [DECRYPT_XTS_192] = cryptonite_aes_generic_decrypt_xts, + [DECRYPT_XTS_256] = cryptonite_aes_generic_decrypt_xts, /* GCM */ - [ENCRYPT_GCM_128] = aes_generic_gcm_encrypt, - [ENCRYPT_GCM_192] = aes_generic_gcm_encrypt, - [ENCRYPT_GCM_256] = aes_generic_gcm_encrypt, - [DECRYPT_GCM_128] = aes_generic_gcm_decrypt, - [DECRYPT_GCM_192] = aes_generic_gcm_decrypt, - [DECRYPT_GCM_256] = aes_generic_gcm_decrypt, + [ENCRYPT_GCM_128] = cryptonite_aes_generic_gcm_encrypt, + [ENCRYPT_GCM_192] = cryptonite_aes_generic_gcm_encrypt, + [ENCRYPT_GCM_256] = cryptonite_aes_generic_gcm_encrypt, + [DECRYPT_GCM_128] = cryptonite_aes_generic_gcm_decrypt, + [DECRYPT_GCM_192] = cryptonite_aes_generic_gcm_decrypt, + [DECRYPT_GCM_256] = cryptonite_aes_generic_gcm_decrypt, /* OCB */ - [ENCRYPT_OCB_128] = aes_generic_ocb_encrypt, - [ENCRYPT_OCB_192] = aes_generic_ocb_encrypt, - [ENCRYPT_OCB_256] = aes_generic_ocb_encrypt, - [DECRYPT_OCB_128] = aes_generic_ocb_decrypt, - [DECRYPT_OCB_192] = aes_generic_ocb_decrypt, - [DECRYPT_OCB_256] = aes_generic_ocb_decrypt, + [ENCRYPT_OCB_128] = cryptonite_aes_generic_ocb_encrypt, + [ENCRYPT_OCB_192] = cryptonite_aes_generic_ocb_encrypt, + [ENCRYPT_OCB_256] = cryptonite_aes_generic_ocb_encrypt, + [DECRYPT_OCB_128] = cryptonite_aes_generic_ocb_decrypt, + [DECRYPT_OCB_192] = cryptonite_aes_generic_ocb_decrypt, + [DECRYPT_OCB_256] = cryptonite_aes_generic_ocb_decrypt, }; typedef void (*init_f)(aes_key *, uint8_t *, uint8_t); @@ -165,9 +165,9 @@ typedef void (*block_f)(aes_block *output, aes_key *key, aes_block *input); ((ocb_crypt_f) (branch_table[ENCRYPT_OCB_128 + strength])) #define GET_OCB_DECRYPT(strength) \ ((ocb_crypt_f) (branch_table[DECRYPT_OCB_128 + strength])) -#define aes_encrypt_block(o,k,i) \ +#define cryptonite_aes_encrypt_block(o,k,i) \ (((block_f) (branch_table[ENCRYPT_BLOCK_128 + k->strength]))(o,k,i)) -#define aes_decrypt_block(o,k,i) \ +#define cryptonite_aes_decrypt_block(o,k,i) \ (((block_f) (branch_table[DECRYPT_BLOCK_128 + k->strength]))(o,k,i)) #else #define GET_INIT(strenght) aes_generic_init @@ -182,8 +182,8 @@ typedef void (*block_f)(aes_block *output, aes_key *key, aes_block *input); #define GET_GCM_DECRYPT(strength) aes_generic_gcm_decrypt #define GET_OCB_ENCRYPT(strength) aes_generic_ocb_encrypt #define GET_OCB_DECRYPT(strength) aes_generic_ocb_decrypt -#define aes_encrypt_block(o,k,i) aes_generic_encrypt_block(o,k,i) -#define aes_decrypt_block(o,k,i) aes_generic_decrypt_block(o,k,i) +#define cryptonite_aes_encrypt_block(o,k,i) aes_generic_encrypt_block(o,k,i) +#define cryptonite_aes_decrypt_block(o,k,i) aes_generic_decrypt_block(o,k,i) #endif #if defined(ARCH_X86) && defined(WITH_AESNI) @@ -225,7 +225,7 @@ static void initialize_table_ni(int aesni, int pclmul) } #endif -void aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size) +void cryptonite_aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size) { switch (size) { case 16: key->nbr = 10; key->strength = 0; break; @@ -239,31 +239,31 @@ void aes_initkey(aes_key *key, uint8_t *origkey, uint8_t size) _init(key, origkey, size); } -void aes_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) { ecb_f e = GET_ECB_ENCRYPT(key->strength); e(output, key, input, nb_blocks); } -void aes_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) { ecb_f d = GET_ECB_DECRYPT(key->strength); d(output, key, input, nb_blocks); } -void aes_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) { cbc_f e = GET_CBC_ENCRYPT(key->strength); e(output, key, iv, input, nb_blocks); } -void aes_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_decrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) { cbc_f d = GET_CBC_DECRYPT(key->strength); d(output, key, iv, input, nb_blocks); } -void aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t nb_blocks) +void cryptonite_aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t nb_blocks) { aes_block block; @@ -271,11 +271,11 @@ void aes_gen_ctr(aes_block *output, aes_key *key, const aes_block *iv, uint32_t block128_copy(&block, iv); for ( ; nb_blocks-- > 0; output++, block128_inc_be(&block)) { - aes_encrypt_block(output, key, &block); + cryptonite_aes_encrypt_block(output, key, &block); } } -void aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t nb_blocks) +void cryptonite_aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t nb_blocks) { aes_block block; @@ -283,51 +283,51 @@ void aes_gen_ctr_cont(aes_block *output, aes_key *key, aes_block *iv, uint32_t n block128_copy(&block, iv); for ( ; nb_blocks-- > 0; output++, block128_inc_be(&block)) { - aes_encrypt_block(output, key, &block); + cryptonite_aes_encrypt_block(output, key, &block); } /* copy back the IV */ block128_copy(iv, &block); } -void aes_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len) +void cryptonite_aes_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len) { ctr_f e = GET_CTR_ENCRYPT(key->strength); e(output, key, iv, input, len); } -void aes_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks) { xts_f e = GET_XTS_ENCRYPT(k1->strength); e(output, k1, k2, dataunit, spoint, input, nb_blocks); } -void aes_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks) { - aes_generic_decrypt_xts(output, k1, k2, dataunit, spoint, input, nb_blocks); + cryptonite_aes_generic_decrypt_xts(output, k1, k2, dataunit, spoint, input, nb_blocks); } -void aes_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) { gcm_crypt_f e = GET_GCM_ENCRYPT(key->strength); e(output, gcm, key, input, length); } -void aes_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) { gcm_crypt_f d = GET_GCM_DECRYPT(key->strength); d(output, gcm, key, input, length); } -void aes_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) { ocb_crypt_f e = GET_OCB_ENCRYPT(key->strength); e(output, ocb, key, input, length); } -void aes_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) { ocb_crypt_f d = GET_OCB_DECRYPT(key->strength); d(output, ocb, key, input, length); @@ -339,7 +339,7 @@ static void gcm_ghash_add(aes_gcm *gcm, block128 *b) gf_mul(&gcm->tag, &gcm->h); } -void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len) +void cryptonite_aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len) { gcm->length_aad = 0; gcm->length_input = 0; @@ -349,7 +349,7 @@ void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len) block128_zero(&gcm->iv); /* prepare H : encrypt_K(0^128) */ - aes_encrypt_block(&gcm->h, key, &gcm->h); + cryptonite_aes_encrypt_block(&gcm->h, key, &gcm->h); if (len == 12) { block128_copy_bytes(&gcm->iv, iv, 12); @@ -373,7 +373,7 @@ void aes_gcm_init(aes_gcm *gcm, aes_key *key, uint8_t *iv, uint32_t len) block128_copy(&gcm->civ, &gcm->iv); } -void aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length) +void cryptonite_aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length) { gcm->length_aad += length; for (; length >= 16; input += 16, length -= 16) { @@ -388,7 +388,7 @@ void aes_gcm_aad(aes_gcm *gcm, uint8_t *input, uint32_t length) } -void aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key) +void cryptonite_aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key) { aes_block lblock; int i; @@ -398,7 +398,7 @@ void aes_gcm_finish(uint8_t *tag, aes_gcm *gcm, aes_key *key) lblock.q[1] = cpu_to_be64(gcm->length_input << 3); gcm_ghash_add(gcm, &lblock); - aes_encrypt_block(&lblock, key, &gcm->iv); + cryptonite_aes_encrypt_block(&lblock, key, &gcm->iv); block128_xor(&gcm->tag, &lblock); for (i = 0; i < 16; i++) { @@ -432,7 +432,7 @@ static void ocb_get_L_i(block128 *l, block128 *lis, unsigned int i) #undef L_CACHED } -void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len) +void cryptonite_aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len) { block128 tmp, nonce, ktop; unsigned char stretch[24]; @@ -445,7 +445,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len) /* create L*, and L$,L0,L1,L2,L3 */ block128_zero(&tmp); - aes_encrypt_block(&ocb->lstar, key, &tmp); + cryptonite_aes_encrypt_block(&ocb->lstar, key, &tmp); ocb_block_double(&ocb->ldollar, &ocb->lstar); ocb_block_double(&ocb->li[0], &ocb->ldollar); @@ -460,7 +460,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len) nonce.b[16-12-1] |= 0x01; bottom = nonce.b[15] & 0x3F; nonce.b[15] &= 0xC0; - aes_encrypt_block(&ktop, key, &nonce); + cryptonite_aes_encrypt_block(&ktop, key, &nonce); memcpy(stretch, ktop.b, 16); memcpy(tmp.b, ktop.b + 1, 8); @@ -483,7 +483,7 @@ void aes_ocb_init(aes_ocb *ocb, aes_key *key, uint8_t *iv, uint32_t len) block128_zero(&ocb->offset_aad); } -void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) { block128 tmp; unsigned int i; @@ -493,7 +493,7 @@ void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) block128_xor(&ocb->offset_aad, &tmp); block128_vxor(&tmp, &ocb->offset_aad, (block128 *) input); - aes_encrypt_block(&tmp, key, &tmp); + cryptonite_aes_encrypt_block(&tmp, key, &tmp); block128_xor(&ocb->sum_aad, &tmp); } @@ -504,36 +504,36 @@ void aes_ocb_aad(aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) block128_copy_bytes(&tmp, input, length); tmp.b[length] = 0x80; block128_xor(&tmp, &ocb->offset_aad); - aes_encrypt_block(&tmp, key, &tmp); + cryptonite_aes_encrypt_block(&tmp, key, &tmp); block128_xor(&ocb->sum_aad, &tmp); } } -void aes_ocb_finish(uint8_t *tag, aes_ocb *ocb, aes_key *key) +void cryptonite_aes_ocb_finish(uint8_t *tag, aes_ocb *ocb, aes_key *key) { block128 tmp; block128_vxor(&tmp, &ocb->sum_enc, &ocb->offset_enc); block128_xor(&tmp, &ocb->ldollar); - aes_encrypt_block((block128 *) tag, key, &tmp); + cryptonite_aes_encrypt_block((block128 *) tag, key, &tmp); block128_xor((block128 *) tag, &ocb->sum_aad); } -void aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_generic_encrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) { for ( ; nb_blocks-- > 0; input++, output++) { - aes_generic_encrypt_block(output, key, input); + cryptonite_aes_generic_encrypt_block(output, key, input); } } -void aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_generic_decrypt_ecb(aes_block *output, aes_key *key, aes_block *input, uint32_t nb_blocks) { for ( ; nb_blocks-- > 0; input++, output++) { - aes_generic_decrypt_block(output, key, input); + cryptonite_aes_generic_decrypt_block(output, key, input); } } -void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes_block *input, uint32_t nb_blocks) { aes_block block; @@ -541,12 +541,12 @@ void aes_generic_encrypt_cbc(aes_block *output, aes_key *key, aes_block *iv, aes block128_copy(&block, iv); for ( ; nb_blocks-- > 0; input++, output++) { block128_xor(&block, (block128 *) input); - aes_generic_encrypt_block(&block, key, &block); + cryptonite_aes_generic_encrypt_block(&block, key, &block); block128_copy((block128 *) output, &block); } } -void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini, aes_block *input, uint32_t nb_blocks) +void cryptonite_aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini, aes_block *input, uint32_t nb_blocks) { aes_block block, blocko; aes_block iv; @@ -555,13 +555,13 @@ void aes_generic_decrypt_cbc(aes_block *output, aes_key *key, aes_block *ivini, block128_copy(&iv, ivini); for ( ; nb_blocks-- > 0; input++, output++) { block128_copy(&block, (block128 *) input); - aes_generic_decrypt_block(&blocko, key, &block); + cryptonite_aes_generic_decrypt_block(&blocko, key, &block); block128_vxor((block128 *) output, &blocko, &iv); block128_copy(&iv, &block); } } -void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len) +void cryptonite_aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8_t *input, uint32_t len) { aes_block block, o; uint32_t nb_blocks = len / 16; @@ -571,12 +571,12 @@ void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8 block128_copy(&block, iv); for ( ; nb_blocks-- > 0; block128_inc_be(&block), output += 16, input += 16) { - aes_encrypt_block(&o, key, &block); + cryptonite_aes_encrypt_block(&o, key, &block); block128_vxor((block128 *) output, &o, (block128 *) input); } if ((len % 16) != 0) { - aes_encrypt_block(&o, key, &block); + cryptonite_aes_encrypt_block(&o, key, &block); for (i = 0; i < (len % 16); i++) { *output = ((uint8_t *) &o)[i] ^ *input; output++; @@ -585,14 +585,14 @@ void aes_generic_encrypt_ctr(uint8_t *output, aes_key *key, aes_block *iv, uint8 } } -void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks) { aes_block block, tweak; /* load IV and encrypt it using k2 as the tweak */ block128_copy(&tweak, dataunit); - aes_encrypt_block(&tweak, k2, &tweak); + cryptonite_aes_encrypt_block(&tweak, k2, &tweak); /* TO OPTIMISE: this is really inefficient way to do that */ while (spoint-- > 0) @@ -600,19 +600,19 @@ void aes_generic_encrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_bl for ( ; nb_blocks-- > 0; input++, output++, gf_mulx(&tweak)) { block128_vxor(&block, input, &tweak); - aes_encrypt_block(&block, k1, &block); + cryptonite_aes_encrypt_block(&block, k1, &block); block128_vxor(output, &block, &tweak); } } -void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, +void cryptonite_aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_block *dataunit, uint32_t spoint, aes_block *input, uint32_t nb_blocks) { aes_block block, tweak; /* load IV and encrypt it using k2 as the tweak */ block128_copy(&tweak, dataunit); - aes_encrypt_block(&tweak, k2, &tweak); + cryptonite_aes_encrypt_block(&tweak, k2, &tweak); /* TO OPTIMISE: this is really inefficient way to do that */ while (spoint-- > 0) @@ -620,12 +620,12 @@ void aes_generic_decrypt_xts(aes_block *output, aes_key *k1, aes_key *k2, aes_bl for ( ; nb_blocks-- > 0; input++, output++, gf_mulx(&tweak)) { block128_vxor(&block, input, &tweak); - aes_decrypt_block(&block, k1, &block); + cryptonite_aes_decrypt_block(&block, k1, &block); block128_vxor(output, &block, &tweak); } } -void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) { aes_block out; @@ -633,7 +633,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_ for (; length >= 16; input += 16, output += 16, length -= 16) { block128_inc_be(&gcm->civ); - aes_encrypt_block(&out, key, &gcm->civ); + cryptonite_aes_encrypt_block(&out, key, &gcm->civ); block128_xor(&out, (block128 *) input); gcm_ghash_add(gcm, &out); block128_copy((block128 *) output, &out); @@ -644,7 +644,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_ block128_inc_be(&gcm->civ); /* create e(civ) in out */ - aes_encrypt_block(&out, key, &gcm->civ); + cryptonite_aes_encrypt_block(&out, key, &gcm->civ); /* initialize a tmp as input and xor it to e(civ) */ block128_zero(&tmp); block128_copy_bytes(&tmp, input, length); @@ -658,7 +658,7 @@ void aes_generic_gcm_encrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_ } } -void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_t *input, uint32_t length) { aes_block out; @@ -666,7 +666,7 @@ void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_ for (; length >= 16; input += 16, output += 16, length -= 16) { block128_inc_be(&gcm->civ); - aes_encrypt_block(&out, key, &gcm->civ); + cryptonite_aes_encrypt_block(&out, key, &gcm->civ); gcm_ghash_add(gcm, (block128 *) input); block128_xor(&out, (block128 *) input); block128_copy((block128 *) output, &out); @@ -681,7 +681,7 @@ void aes_generic_gcm_decrypt(uint8_t *output, aes_gcm *gcm, aes_key *key, uint8_ block128_copy_bytes(&tmp, input, length); gcm_ghash_add(gcm, &tmp); - aes_encrypt_block(&out, key, &gcm->civ); + cryptonite_aes_encrypt_block(&out, key, &gcm->civ); block128_xor_bytes(&tmp, out.b, length); for (i = 0; i < length; i++) { @@ -703,11 +703,11 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key, block128_vxor(&tmp, &ocb->offset_enc, (block128 *) input); if (encrypt) { - aes_encrypt_block(&tmp, key, &tmp); + cryptonite_aes_encrypt_block(&tmp, key, &tmp); block128_vxor((block128 *) output, &ocb->offset_enc, &tmp); block128_xor(&ocb->sum_enc, (block128 *) input); } else { - aes_decrypt_block(&tmp, key, &tmp); + cryptonite_aes_decrypt_block(&tmp, key, &tmp); block128_vxor((block128 *) output, &ocb->offset_enc, &tmp); block128_xor(&ocb->sum_enc, (block128 *) output); } @@ -717,7 +717,7 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key, length = length % 16; if (length > 0) { block128_xor(&ocb->offset_enc, &ocb->lstar); - aes_encrypt_block(&pad, key, &ocb->offset_enc); + cryptonite_aes_encrypt_block(&pad, key, &ocb->offset_enc); if (encrypt) { block128_zero(&tmp); @@ -739,12 +739,12 @@ static void ocb_generic_crypt(uint8_t *output, aes_ocb *ocb, aes_key *key, } } -void aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_generic_ocb_encrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) { ocb_generic_crypt(output, ocb, key, input, length, 1); } -void aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) +void cryptonite_aes_generic_ocb_decrypt(uint8_t *output, aes_ocb *ocb, aes_key *key, uint8_t *input, uint32_t length) { ocb_generic_crypt(output, ocb, key, input, length, 0); } diff --git a/cryptonite.cabal b/cryptonite.cabal index a223a7b..0fd8c40 100644 --- a/cryptonite.cabal +++ b/cryptonite.cabal @@ -79,7 +79,8 @@ Library Crypto.Random.Entropy Crypto.Random.EntropyPool Crypto.Random.Entropy.Unsafe - Other-modules: Crypto.Hash.Utils + Other-modules: Crypto.Cipher.AES.Internal + Crypto.Hash.Utils Crypto.Hash.Utils.Cpu Crypto.Hash.Types Crypto.Hash.Internal.SHA1