Lines Matching refs:ctr
59 static void inc_128(PROV_DRBG_CTR *ctr) in inc_128() argument
61 unsigned char *p = &ctr->V[0]; in inc_128()
72 static void ctr_XOR(PROV_DRBG_CTR *ctr, const unsigned char *in, size_t inlen) in ctr_XOR() argument
83 n = inlen < ctr->keylen ? inlen : ctr->keylen; in ctr_XOR()
85 ctr->K[i] ^= in[i]; in ctr_XOR()
86 if (inlen <= ctr->keylen) in ctr_XOR()
89 n = inlen - ctr->keylen; in ctr_XOR()
95 ctr->V[i] ^= in[i + ctr->keylen]; in ctr_XOR()
101 __owur static int ctr_BCC_block(PROV_DRBG_CTR *ctr, unsigned char *out, in ctr_BCC_block() argument
109 if (!EVP_CipherUpdate(ctr->ctx_df, out, &outlen, out, len) in ctr_BCC_block()
119 __owur static int ctr_BCC_blocks(PROV_DRBG_CTR *ctr, const unsigned char *in) in ctr_BCC_blocks() argument
126 if (ctr->keylen != 16) { in ctr_BCC_blocks()
130 return ctr_BCC_block(ctr, ctr->KX, in_tmp, AES_BLOCK_SIZE * num_of_blk); in ctr_BCC_blocks()
137 __owur static int ctr_BCC_init(PROV_DRBG_CTR *ctr) in ctr_BCC_init() argument
142 memset(ctr->KX, 0, 48); in ctr_BCC_init()
143 num_of_blk = ctr->keylen == 16 ? 2 : 3; in ctr_BCC_init()
146 return ctr_BCC_block(ctr, ctr->KX, bltmp, num_of_blk * AES_BLOCK_SIZE); in ctr_BCC_init()
152 __owur static int ctr_BCC_update(PROV_DRBG_CTR *ctr, in ctr_BCC_update() argument
159 if (ctr->bltmp_pos) { in ctr_BCC_update()
160 size_t left = 16 - ctr->bltmp_pos; in ctr_BCC_update()
164 memcpy(ctr->bltmp + ctr->bltmp_pos, in, left); in ctr_BCC_update()
165 if (!ctr_BCC_blocks(ctr, ctr->bltmp)) in ctr_BCC_update()
167 ctr->bltmp_pos = 0; in ctr_BCC_update()
175 if (!ctr_BCC_blocks(ctr, in)) in ctr_BCC_update()
181 memcpy(ctr->bltmp + ctr->bltmp_pos, in, inlen); in ctr_BCC_update()
182 ctr->bltmp_pos += inlen; in ctr_BCC_update()
187 __owur static int ctr_BCC_final(PROV_DRBG_CTR *ctr) in ctr_BCC_final() argument
189 if (ctr->bltmp_pos) { in ctr_BCC_final()
190 memset(ctr->bltmp + ctr->bltmp_pos, 0, 16 - ctr->bltmp_pos); in ctr_BCC_final()
191 if (!ctr_BCC_blocks(ctr, ctr->bltmp)) in ctr_BCC_final()
197 __owur static int ctr_df(PROV_DRBG_CTR *ctr, in ctr_df() argument
204 unsigned char *p = ctr->bltmp; in ctr_df()
207 if (!ctr_BCC_init(ctr)) in ctr_df()
226 *p = (unsigned char)((ctr->keylen + 16) & 0xff); in ctr_df()
227 ctr->bltmp_pos = 8; in ctr_df()
228 if (!ctr_BCC_update(ctr, in1, in1len) in ctr_df()
229 || !ctr_BCC_update(ctr, in2, in2len) in ctr_df()
230 || !ctr_BCC_update(ctr, in3, in3len) in ctr_df()
231 || !ctr_BCC_update(ctr, &c80, 1) in ctr_df()
232 || !ctr_BCC_final(ctr)) in ctr_df()
235 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->KX, NULL, -1)) in ctr_df()
238 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX, &outlen, ctr->KX + ctr->keylen, in ctr_df()
242 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 16, &outlen, ctr->KX, in ctr_df()
246 if (ctr->keylen != 16) in ctr_df()
247 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 32, &outlen, in ctr_df()
248 ctr->KX + 16, AES_BLOCK_SIZE) in ctr_df()
265 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in ctr_update() local
271 memcpy(V_tmp, ctr->V, 16); in ctr_update()
272 inc_128(ctr); in ctr_update()
273 memcpy(V_tmp + 16, ctr->V, 16); in ctr_update()
274 if (ctr->keylen == 16) { in ctr_update()
277 inc_128(ctr); in ctr_update()
278 memcpy(V_tmp + 32, ctr->V, 16); in ctr_update()
281 if (!EVP_CipherUpdate(ctr->ctx_ecb, out, &outlen, V_tmp, len) in ctr_update()
284 memcpy(ctr->K, out, ctr->keylen); in ctr_update()
285 memcpy(ctr->V, out + ctr->keylen, 16); in ctr_update()
287 if (ctr->use_df) { in ctr_update()
290 if (!ctr_df(ctr, in1, in1len, nonce, noncelen, in2, in2len)) in ctr_update()
294 ctr_XOR(ctr, ctr->KX, drbg->seedlen); in ctr_update()
296 ctr_XOR(ctr, in1, in1len); in ctr_update()
297 ctr_XOR(ctr, in2, in2len); in ctr_update()
300 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1) in ctr_update()
301 || !EVP_CipherInit_ex(ctr->ctx_ctr, NULL, NULL, ctr->K, NULL, -1)) in ctr_update()
311 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_instantiate() local
316 memset(ctr->K, 0, sizeof(ctr->K)); in drbg_ctr_instantiate()
317 memset(ctr->V, 0, sizeof(ctr->V)); in drbg_ctr_instantiate()
318 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1)) in drbg_ctr_instantiate()
321 inc_128(ctr); in drbg_ctr_instantiate()
345 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_reseed() local
350 inc_128(ctr); in drbg_ctr_reseed()
382 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_generate() local
387 inc_128(ctr); in drbg_ctr_generate()
392 if (ctr->use_df) { in drbg_ctr_generate()
400 inc_128(ctr); in drbg_ctr_generate()
403 inc_128(ctr); in drbg_ctr_generate()
413 if (!EVP_CipherInit_ex(ctr->ctx_ctr, in drbg_ctr_generate()
414 NULL, NULL, NULL, ctr->V, -1)) in drbg_ctr_generate()
427 ctr32 = GETU32(ctr->V + 12) + blocks; in drbg_ctr_generate()
435 ctr96_inc(ctr->V); in drbg_ctr_generate()
437 PUTU32(ctr->V + 12, ctr32); in drbg_ctr_generate()
439 if (!EVP_CipherUpdate(ctr->ctx_ctr, out, &outl, out, buflen) in drbg_ctr_generate()
465 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_uninstantiate() local
467 OPENSSL_cleanse(ctr->K, sizeof(ctr->K)); in drbg_ctr_uninstantiate()
468 OPENSSL_cleanse(ctr->V, sizeof(ctr->V)); in drbg_ctr_uninstantiate()
469 OPENSSL_cleanse(ctr->bltmp, sizeof(ctr->bltmp)); in drbg_ctr_uninstantiate()
470 OPENSSL_cleanse(ctr->KX, sizeof(ctr->KX)); in drbg_ctr_uninstantiate()
471 ctr->bltmp_pos = 0; in drbg_ctr_uninstantiate()
483 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_verify_zeroization() local
485 PROV_DRBG_VERYIFY_ZEROIZATION(ctr->K); in drbg_ctr_verify_zeroization()
486 PROV_DRBG_VERYIFY_ZEROIZATION(ctr->V); in drbg_ctr_verify_zeroization()
487 PROV_DRBG_VERYIFY_ZEROIZATION(ctr->bltmp); in drbg_ctr_verify_zeroization()
488 PROV_DRBG_VERYIFY_ZEROIZATION(ctr->KX); in drbg_ctr_verify_zeroization()
489 if (ctr->bltmp_pos != 0) in drbg_ctr_verify_zeroization()
496 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_init_lengths() local
501 if (ctr->use_df) { in drbg_ctr_init_lengths()
509 if (ctr->keylen > 0) { in drbg_ctr_init_lengths()
510 drbg->min_entropylen = ctr->keylen; in drbg_ctr_init_lengths()
514 const size_t len = ctr->keylen > 0 ? drbg->seedlen : DRBG_MAX_LENGTH; in drbg_ctr_init_lengths()
529 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_init() local
532 if (ctr->cipher_ctr == NULL) { in drbg_ctr_init()
536 ctr->keylen = keylen = EVP_CIPHER_get_key_length(ctr->cipher_ctr); in drbg_ctr_init()
537 if (ctr->ctx_ecb == NULL) in drbg_ctr_init()
538 ctr->ctx_ecb = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
539 if (ctr->ctx_ctr == NULL) in drbg_ctr_init()
540 ctr->ctx_ctr = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
541 if (ctr->ctx_ecb == NULL || ctr->ctx_ctr == NULL) { in drbg_ctr_init()
546 if (!EVP_CipherInit_ex(ctr->ctx_ecb, in drbg_ctr_init()
547 ctr->cipher_ecb, NULL, NULL, NULL, 1) in drbg_ctr_init()
548 || !EVP_CipherInit_ex(ctr->ctx_ctr, in drbg_ctr_init()
549 ctr->cipher_ctr, NULL, NULL, NULL, 1)) { in drbg_ctr_init()
557 if (ctr->use_df) { in drbg_ctr_init()
566 if (ctr->ctx_df == NULL) in drbg_ctr_init()
567 ctr->ctx_df = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
568 if (ctr->ctx_df == NULL) { in drbg_ctr_init()
573 if (!EVP_CipherInit_ex(ctr->ctx_df, in drbg_ctr_init()
574 ctr->cipher_ecb, NULL, df_key, NULL, 1)) { in drbg_ctr_init()
582 EVP_CIPHER_CTX_free(ctr->ctx_ecb); in drbg_ctr_init()
583 EVP_CIPHER_CTX_free(ctr->ctx_ctr); in drbg_ctr_init()
584 ctr->ctx_ecb = ctr->ctx_ctr = NULL; in drbg_ctr_init()
590 PROV_DRBG_CTR *ctr; in drbg_ctr_new() local
592 ctr = OPENSSL_secure_zalloc(sizeof(*ctr)); in drbg_ctr_new()
593 if (ctr == NULL) { in drbg_ctr_new()
598 ctr->use_df = 1; in drbg_ctr_new()
599 drbg->data = ctr; in drbg_ctr_new()
614 PROV_DRBG_CTR *ctr; in drbg_ctr_free() local
616 if (drbg != NULL && (ctr = (PROV_DRBG_CTR *)drbg->data) != NULL) { in drbg_ctr_free()
617 EVP_CIPHER_CTX_free(ctr->ctx_ecb); in drbg_ctr_free()
618 EVP_CIPHER_CTX_free(ctr->ctx_ctr); in drbg_ctr_free()
619 EVP_CIPHER_CTX_free(ctr->ctx_df); in drbg_ctr_free()
620 EVP_CIPHER_free(ctr->cipher_ecb); in drbg_ctr_free()
621 EVP_CIPHER_free(ctr->cipher_ctr); in drbg_ctr_free()
623 OPENSSL_secure_clear_free(ctr, sizeof(*ctr)); in drbg_ctr_free()
631 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_get_ctx_params() local
635 if (p != NULL && !OSSL_PARAM_set_int(p, ctr->use_df)) in drbg_ctr_get_ctx_params()
640 if (ctr->cipher_ctr == NULL in drbg_ctr_get_ctx_params()
642 EVP_CIPHER_get0_name(ctr->cipher_ctr))) in drbg_ctr_get_ctx_params()
664 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)ctx->data; in drbg_ctr_set_ctx_params() local
674 ctr->use_df = i != 0; in drbg_ctr_set_ctx_params()
702 EVP_CIPHER_free(ctr->cipher_ecb); in drbg_ctr_set_ctx_params()
703 EVP_CIPHER_free(ctr->cipher_ctr); in drbg_ctr_set_ctx_params()
704 ctr->cipher_ctr = EVP_CIPHER_fetch(libctx, base, propquery); in drbg_ctr_set_ctx_params()
705 ctr->cipher_ecb = EVP_CIPHER_fetch(libctx, ecb, propquery); in drbg_ctr_set_ctx_params()
707 if (ctr->cipher_ctr == NULL || ctr->cipher_ecb == NULL) { in drbg_ctr_set_ctx_params()