1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include "hitls_build.h"
17 #if defined(HITLS_CRYPTO_AES) && defined(HITLS_CRYPTO_CTR)
18
19 #include "bsl_err_internal.h"
20 #include "crypt_aes.h"
21 #include "crypt_errno.h"
22 #include "crypt_utils.h"
23 #include "crypt_modes_ctr.h"
24 #include "modes_local.h"
25
AES_CTR_EncryptBlock(MODES_CipherCommonCtx * ctx,const uint8_t * in,uint8_t * out,uint32_t len)26 int32_t AES_CTR_EncryptBlock(MODES_CipherCommonCtx *ctx, const uint8_t *in, uint8_t *out, uint32_t len)
27 {
28 // The ctx, in, and out pointers have been determined at the EAL layer and are not determined again.
29 if (ctx->ciphCtx == NULL || len == 0) {
30 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
31 return CRYPT_NULL_INPUT;
32 }
33
34 uint32_t left = len;
35 const uint8_t *tmpIn = in;
36 uint8_t *tmpOut = out;
37 while ((ctx->offset != 0) && (left > 0)) {
38 *(tmpOut++) = ((*(tmpIn++)) ^ (ctx->buf[ctx->offset++]));
39 --left;
40 ctx->offset &= (uint8_t)(ctx->blockSize - 1);
41 }
42
43 uint32_t blockSize = ctx->blockSize; // ctr supports only 16-byte block size
44 uint32_t blocks, beCtr32;
45 while (left >= blockSize) {
46 blocks = left >> 4; // Shift rightwards by 4 bytes to obtain the number of blocks.
47 beCtr32 = GET_UINT32_BE(ctx->iv, 12); // offset of 12 bytes, it is used to obtain the lower 32 bits of IV
48 beCtr32 += blocks;
49 if (beCtr32 < blocks) {
50 blocks -= beCtr32;
51 beCtr32 = 0;
52 }
53 // Shift leftwards by 4 bytes to obtain the length of the data involved in the calculation.
54 uint32_t calLen = blocks << 4;
55 (void)CRYPT_AES_CTR_Encrypt(ctx->ciphCtx, tmpIn, tmpOut, calLen, ctx->iv);
56 left -= calLen;
57 tmpIn += calLen;
58 tmpOut += calLen;
59 if (beCtr32 == 0) {
60 // 16 - 4, the lower 32 bits are carried, and the upper 12 bytes are increased by 1.
61 MODE_IncCounter(ctx->iv, blockSize - 4);
62 }
63 }
64 if (left > 0) {
65 (void)ctx->ciphMeth->encryptBlock(ctx->ciphCtx, ctx->iv, ctx->buf, blockSize);
66 MODE_IncCounter(ctx->iv, ctx->blockSize);
67 ctx->offset = 0;
68 while ((left) > 0) {
69 tmpOut[ctx->offset] = (tmpIn[ctx->offset]) ^ (ctx->buf[ctx->offset]);
70 --left;
71 ++ctx->offset;
72 }
73 }
74 return CRYPT_SUCCESS;
75 }
76
AES_CTR_Update(MODES_CipherCtx * modeCtx,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)77 int32_t AES_CTR_Update(MODES_CipherCtx *modeCtx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
78 {
79 return MODES_CipherStreamProcess(AES_CTR_EncryptBlock, &modeCtx->commonCtx, in, inLen, out, outLen);
80 }
81 #endif