Lines Matching refs:ctr
60 static void inc_128(PROV_DRBG_CTR *ctr) in inc_128() argument
62 unsigned char *p = &ctr->V[0]; in inc_128()
73 static void ctr_XOR(PROV_DRBG_CTR *ctr, const unsigned char *in, size_t inlen) in ctr_XOR() argument
84 n = inlen < ctr->keylen ? inlen : ctr->keylen; in ctr_XOR()
86 ctr->K[i] ^= in[i]; in ctr_XOR()
87 if (inlen <= ctr->keylen) in ctr_XOR()
90 n = inlen - ctr->keylen; in ctr_XOR()
96 ctr->V[i] ^= in[i + ctr->keylen]; in ctr_XOR()
102 __owur static int ctr_BCC_block(PROV_DRBG_CTR *ctr, unsigned char *out, in ctr_BCC_block() argument
110 if (!EVP_CipherUpdate(ctr->ctx_df, out, &outlen, out, len) in ctr_BCC_block()
120 __owur static int ctr_BCC_blocks(PROV_DRBG_CTR *ctr, const unsigned char *in) in ctr_BCC_blocks() argument
127 if (ctr->keylen != 16) { in ctr_BCC_blocks()
131 return ctr_BCC_block(ctr, ctr->KX, in_tmp, AES_BLOCK_SIZE * num_of_blk); in ctr_BCC_blocks()
138 __owur static int ctr_BCC_init(PROV_DRBG_CTR *ctr) in ctr_BCC_init() argument
143 memset(ctr->KX, 0, 48); in ctr_BCC_init()
144 num_of_blk = ctr->keylen == 16 ? 2 : 3; in ctr_BCC_init()
147 return ctr_BCC_block(ctr, ctr->KX, bltmp, num_of_blk * AES_BLOCK_SIZE); in ctr_BCC_init()
153 __owur static int ctr_BCC_update(PROV_DRBG_CTR *ctr, in ctr_BCC_update() argument
160 if (ctr->bltmp_pos) { in ctr_BCC_update()
161 size_t left = 16 - ctr->bltmp_pos; in ctr_BCC_update()
165 memcpy(ctr->bltmp + ctr->bltmp_pos, in, left); in ctr_BCC_update()
166 if (!ctr_BCC_blocks(ctr, ctr->bltmp)) in ctr_BCC_update()
168 ctr->bltmp_pos = 0; in ctr_BCC_update()
176 if (!ctr_BCC_blocks(ctr, in)) in ctr_BCC_update()
182 memcpy(ctr->bltmp + ctr->bltmp_pos, in, inlen); in ctr_BCC_update()
183 ctr->bltmp_pos += inlen; in ctr_BCC_update()
188 __owur static int ctr_BCC_final(PROV_DRBG_CTR *ctr) in ctr_BCC_final() argument
190 if (ctr->bltmp_pos) { in ctr_BCC_final()
191 memset(ctr->bltmp + ctr->bltmp_pos, 0, 16 - ctr->bltmp_pos); in ctr_BCC_final()
192 if (!ctr_BCC_blocks(ctr, ctr->bltmp)) in ctr_BCC_final()
198 __owur static int ctr_df(PROV_DRBG_CTR *ctr, in ctr_df() argument
205 unsigned char *p = ctr->bltmp; in ctr_df()
208 if (!ctr_BCC_init(ctr)) in ctr_df()
227 *p = (unsigned char)((ctr->keylen + 16) & 0xff); in ctr_df()
228 ctr->bltmp_pos = 8; in ctr_df()
229 if (!ctr_BCC_update(ctr, in1, in1len) in ctr_df()
230 || !ctr_BCC_update(ctr, in2, in2len) in ctr_df()
231 || !ctr_BCC_update(ctr, in3, in3len) in ctr_df()
232 || !ctr_BCC_update(ctr, &c80, 1) in ctr_df()
233 || !ctr_BCC_final(ctr)) in ctr_df()
236 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->KX, NULL, -1)) in ctr_df()
239 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX, &outlen, ctr->KX + ctr->keylen, in ctr_df()
243 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 16, &outlen, ctr->KX, in ctr_df()
247 if (ctr->keylen != 16) in ctr_df()
248 if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 32, &outlen, in ctr_df()
249 ctr->KX + 16, AES_BLOCK_SIZE) in ctr_df()
266 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in ctr_update() local
272 memcpy(V_tmp, ctr->V, 16); in ctr_update()
273 inc_128(ctr); in ctr_update()
274 memcpy(V_tmp + 16, ctr->V, 16); in ctr_update()
275 if (ctr->keylen == 16) { in ctr_update()
278 inc_128(ctr); in ctr_update()
279 memcpy(V_tmp + 32, ctr->V, 16); in ctr_update()
282 if (!EVP_CipherUpdate(ctr->ctx_ecb, out, &outlen, V_tmp, len) in ctr_update()
285 memcpy(ctr->K, out, ctr->keylen); in ctr_update()
286 memcpy(ctr->V, out + ctr->keylen, 16); in ctr_update()
288 if (ctr->use_df) { in ctr_update()
291 if (!ctr_df(ctr, in1, in1len, nonce, noncelen, in2, in2len)) in ctr_update()
295 ctr_XOR(ctr, ctr->KX, drbg->seedlen); in ctr_update()
297 ctr_XOR(ctr, in1, in1len); in ctr_update()
298 ctr_XOR(ctr, in2, in2len); in ctr_update()
301 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1) in ctr_update()
302 || !EVP_CipherInit_ex(ctr->ctx_ctr, NULL, NULL, ctr->K, NULL, -1)) in ctr_update()
312 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_instantiate() local
317 memset(ctr->K, 0, sizeof(ctr->K)); in drbg_ctr_instantiate()
318 memset(ctr->V, 0, sizeof(ctr->V)); in drbg_ctr_instantiate()
319 if (!EVP_CipherInit_ex(ctr->ctx_ecb, NULL, NULL, ctr->K, NULL, -1)) in drbg_ctr_instantiate()
322 inc_128(ctr); in drbg_ctr_instantiate()
355 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_reseed() local
360 inc_128(ctr); in drbg_ctr_reseed()
392 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_generate() local
397 inc_128(ctr); in drbg_ctr_generate()
402 if (ctr->use_df) { in drbg_ctr_generate()
410 inc_128(ctr); in drbg_ctr_generate()
413 inc_128(ctr); in drbg_ctr_generate()
423 if (!EVP_CipherInit_ex(ctr->ctx_ctr, in drbg_ctr_generate()
424 NULL, NULL, NULL, ctr->V, -1)) in drbg_ctr_generate()
437 ctr32 = GETU32(ctr->V + 12) + blocks; in drbg_ctr_generate()
445 ctr96_inc(ctr->V); in drbg_ctr_generate()
447 PUTU32(ctr->V + 12, ctr32); in drbg_ctr_generate()
449 if (!EVP_CipherUpdate(ctr->ctx_ctr, out, &outl, out, buflen) in drbg_ctr_generate()
475 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_uninstantiate() local
477 OPENSSL_cleanse(ctr->K, sizeof(ctr->K)); in drbg_ctr_uninstantiate()
478 OPENSSL_cleanse(ctr->V, sizeof(ctr->V)); in drbg_ctr_uninstantiate()
479 OPENSSL_cleanse(ctr->bltmp, sizeof(ctr->bltmp)); in drbg_ctr_uninstantiate()
480 OPENSSL_cleanse(ctr->KX, sizeof(ctr->KX)); in drbg_ctr_uninstantiate()
481 ctr->bltmp_pos = 0; in drbg_ctr_uninstantiate()
504 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_verify_zeroization() local
510 PROV_DRBG_VERIFY_ZEROIZATION(ctr->K); in drbg_ctr_verify_zeroization()
511 PROV_DRBG_VERIFY_ZEROIZATION(ctr->V); in drbg_ctr_verify_zeroization()
512 PROV_DRBG_VERIFY_ZEROIZATION(ctr->bltmp); in drbg_ctr_verify_zeroization()
513 PROV_DRBG_VERIFY_ZEROIZATION(ctr->KX); in drbg_ctr_verify_zeroization()
514 if (ctr->bltmp_pos != 0) in drbg_ctr_verify_zeroization()
526 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_init_lengths() local
531 if (ctr->use_df) { in drbg_ctr_init_lengths()
539 if (ctr->keylen > 0) { in drbg_ctr_init_lengths()
540 drbg->min_entropylen = ctr->keylen; in drbg_ctr_init_lengths()
544 const size_t len = ctr->keylen > 0 ? drbg->seedlen : DRBG_MAX_LENGTH; in drbg_ctr_init_lengths()
559 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_init() local
562 if (ctr->cipher_ctr == NULL) { in drbg_ctr_init()
566 ctr->keylen = keylen = EVP_CIPHER_get_key_length(ctr->cipher_ctr); in drbg_ctr_init()
567 if (ctr->ctx_ecb == NULL) in drbg_ctr_init()
568 ctr->ctx_ecb = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
569 if (ctr->ctx_ctr == NULL) in drbg_ctr_init()
570 ctr->ctx_ctr = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
571 if (ctr->ctx_ecb == NULL || ctr->ctx_ctr == NULL) { in drbg_ctr_init()
576 if (!EVP_CipherInit_ex(ctr->ctx_ecb, in drbg_ctr_init()
577 ctr->cipher_ecb, NULL, NULL, NULL, 1) in drbg_ctr_init()
578 || !EVP_CipherInit_ex(ctr->ctx_ctr, in drbg_ctr_init()
579 ctr->cipher_ctr, NULL, NULL, NULL, 1)) { in drbg_ctr_init()
587 if (ctr->use_df) { in drbg_ctr_init()
596 if (ctr->ctx_df == NULL) in drbg_ctr_init()
597 ctr->ctx_df = EVP_CIPHER_CTX_new(); in drbg_ctr_init()
598 if (ctr->ctx_df == NULL) { in drbg_ctr_init()
603 if (!EVP_CipherInit_ex(ctr->ctx_df, in drbg_ctr_init()
604 ctr->cipher_ecb, NULL, df_key, NULL, 1)) { in drbg_ctr_init()
612 EVP_CIPHER_CTX_free(ctr->ctx_ecb); in drbg_ctr_init()
613 EVP_CIPHER_CTX_free(ctr->ctx_ctr); in drbg_ctr_init()
614 ctr->ctx_ecb = ctr->ctx_ctr = NULL; in drbg_ctr_init()
620 PROV_DRBG_CTR *ctr; in drbg_ctr_new() local
622 ctr = OPENSSL_secure_zalloc(sizeof(*ctr)); in drbg_ctr_new()
623 if (ctr == NULL) in drbg_ctr_new()
626 ctr->use_df = 1; in drbg_ctr_new()
627 drbg->data = ctr; in drbg_ctr_new()
644 PROV_DRBG_CTR *ctr; in drbg_ctr_free() local
646 if (drbg != NULL && (ctr = (PROV_DRBG_CTR *)drbg->data) != NULL) { in drbg_ctr_free()
647 EVP_CIPHER_CTX_free(ctr->ctx_ecb); in drbg_ctr_free()
648 EVP_CIPHER_CTX_free(ctr->ctx_ctr); in drbg_ctr_free()
649 EVP_CIPHER_CTX_free(ctr->ctx_df); in drbg_ctr_free()
650 EVP_CIPHER_free(ctr->cipher_ecb); in drbg_ctr_free()
651 EVP_CIPHER_free(ctr->cipher_ctr); in drbg_ctr_free()
653 OPENSSL_secure_clear_free(ctr, sizeof(*ctr)); in drbg_ctr_free()
661 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; in drbg_ctr_get_ctx_params() local
675 if (p != NULL && !OSSL_PARAM_set_int(p, ctr->use_df)) in drbg_ctr_get_ctx_params()
680 if (ctr->cipher_ctr == NULL in drbg_ctr_get_ctx_params()
682 EVP_CIPHER_get0_name(ctr->cipher_ctr))) in drbg_ctr_get_ctx_params()
710 PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)ctx->data; in drbg_ctr_set_ctx_params_locked() local
720 ctr->use_df = i != 0; in drbg_ctr_set_ctx_params_locked()
746 EVP_CIPHER_free(ctr->cipher_ecb); in drbg_ctr_set_ctx_params_locked()
747 EVP_CIPHER_free(ctr->cipher_ctr); in drbg_ctr_set_ctx_params_locked()
748 ctr->cipher_ctr = EVP_CIPHER_fetch(libctx, base, propquery); in drbg_ctr_set_ctx_params_locked()
749 ctr->cipher_ecb = EVP_CIPHER_fetch(libctx, ecb, propquery); in drbg_ctr_set_ctx_params_locked()
751 if (ctr->cipher_ctr == NULL || ctr->cipher_ecb == NULL) { in drbg_ctr_set_ctx_params_locked()
