summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuillaume Friloux <guillaume.friloux@gmail.com>2013-08-14 11:18:23 +0200
committerGuillaume Friloux <guillaume.friloux@gmail.com>2013-08-14 11:18:23 +0200
commitc0bad0a721b14f7ccf91a177476e053735c9da5c (patch)
tree643b9cabbdcff362d452e9325376a2e29882ce60
parent32266b74427cadbc8f1fdc44ac68e7f1977acd00 (diff)
Just a few more code... no time for now.
-rw-r--r--Makefile.am1
-rw-r--r--configure.ac2
-rw-r--r--src/bin/Makefile.mk13
-rw-r--r--src/bin/main.c17
-rw-r--r--src/lib/extra/aes.c1072
-rw-r--r--src/lib/extra/aes.h123
-rw-r--r--src/lib/skypunch_main.c12
-rw-r--r--src/lib/skypunch_private.h2
-rw-r--r--src/modules/Makefile.mk7
-rw-r--r--src/modules/mega/mega.h4
-rw-r--r--src/modules/mega/mega_main.c26
-rw-r--r--src/modules/mega/mega_utils.c40
12 files changed, 1314 insertions, 5 deletions
diff --git a/Makefile.am b/Makefile.am
index 177ffba..d937f85 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -18,5 +18,6 @@ m4/l*
18 18
19include src/lib/Makefile.mk 19include src/lib/Makefile.mk
20include src/modules/Makefile.mk 20include src/modules/Makefile.mk
21include src/bin/Makefile.mk
21 22
22.PHONY: doc 23.PHONY: doc
diff --git a/configure.ac b/configure.ac
index 436ce1c..70080c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -57,7 +57,7 @@ esac
57AC_DEFINE_UNQUOTED(SHARED_LIB_SUFFIX, "${MODULE_EXT}", [Suffix for shared objects]) 57AC_DEFINE_UNQUOTED(SHARED_LIB_SUFFIX, "${MODULE_EXT}", [Suffix for shared objects])
58 58
59 59
60SKYPUNCH_REQUIRES="eina >= 1.7.7 ecore >= 1.7.7" 60SKYPUNCH_REQUIRES="eina >= 1.7.7 ecore >= 1.7.7 ecore-con >= 1.7.7"
61AC_SUBST(requirement_skypunch) 61AC_SUBST(requirement_skypunch)
62 62
63PKG_CHECK_MODULES([SKYPUNCH], [$SKYPUNCH_REQUIRES]) 63PKG_CHECK_MODULES([SKYPUNCH], [$SKYPUNCH_REQUIRES])
diff --git a/src/bin/Makefile.mk b/src/bin/Makefile.mk
new file mode 100644
index 0000000..9d40181
--- /dev/null
+++ b/src/bin/Makefile.mk
@@ -0,0 +1,13 @@
1bin_PROGRAMS = src/bin/megaclient
2
3src_bin_megaclient_CFLAGS = \
4@SKYPUNCH_CFLAGS@
5src_bin_megaclient_CPPFLAGS = \
6-I$(top_srcdir) \
7-I$(top_srcdir)/src/include \
8-I$(top_srcdir)/src/lib
9src_bin_megaclient_LDADD = \
10@SKYPUNCH_LIBS@ \
11src/lib/libskypunch.la
12src_bin_megaclient_SOURCES = \
13src/bin/main.c
diff --git a/src/bin/main.c b/src/bin/main.c
new file mode 100644
index 0000000..5e62b22
--- /dev/null
+++ b/src/bin/main.c
@@ -0,0 +1,17 @@
1#include <Skypunch.h>
2
3
4int main(int argc, char **argv)
5{
6 Skypunch *skypunch;
7
8 skypunch_init();
9 skypunch = skypunch_new(SKYPUNCH_MEGA,
10 "toto@toto.fr:bidule");
11 skypunch_login(skypunch);
12
13 ecore_main_loop_begin();
14
15 skypunch_shutdown();
16 return 0;
17}
diff --git a/src/lib/extra/aes.c b/src/lib/extra/aes.c
new file mode 100644
index 0000000..948e36f
--- /dev/null
+++ b/src/lib/extra/aes.c
@@ -0,0 +1,1072 @@
1/*********************************************************************
2* Filename: aes.c
3* Author: Brad Conte (brad AT bradconte.com)
4* Copyright:
5* Disclaimer: This code is presented "as is" without any guarantees.
6* Details: This code is the implementation of the AES algorithm and
7 the CTR, CBC, and CCM modes of operation it can be used in.
8 AES is, specified by the NIST in in publication FIPS PUB 197,
9 availible at:
10 * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf .
11 The CBC and CTR modes of operation are specified by
12 NIST SP 800-38 A, available at:
13 * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf .
14 The CCM mode of operation is specified by NIST SP80-38 C, available at:
15 * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
16*********************************************************************/
17
18/*************************** HEADER FILES ***************************/
19#include <stdlib.h>
20#include <memory.h>
21#include "aes.h"
22
23#include <stdio.h>
24
25/****************************** MACROS ******************************/
26// The least significant byte of the word is rotated to the end.
27#define KE_ROTWORD(x) (((x) << 8) | ((x) >> 24))
28
29#define TRUE 1
30#define FALSE 0
31
32/**************************** DATA TYPES ****************************/
33#define AES_128_ROUNDS 10
34#define AES_192_ROUNDS 12
35#define AES_256_ROUNDS 14
36
37/*********************** FUNCTION DECLARATIONS **********************/
38void ccm_prepare_first_ctr_blk(BYTE counter[], const BYTE nonce[], int nonce_len, int payload_len_store_size);
39void ccm_prepare_first_format_blk(BYTE buf[], int assoc_len, int payload_len, int payload_len_store_size, int mac_len, const BYTE nonce[], int nonce_len);
40void ccm_format_assoc_data(BYTE buf[], int *end_of_buf, const BYTE assoc[], int assoc_len);
41void ccm_format_payload_data(BYTE buf[], int *end_of_buf, const BYTE payload[], int payload_len);
42
43/**************************** VARIABLES *****************************/
44// This is the specified AES SBox. To look up a substitution value, put the first
45// nibble in the first index (row) and the second nibble in the second index (column).
46static const BYTE aes_sbox[16][16] = {
47 {0x63,0x7C,0x77,0x7B,0xF2,0x6B,0x6F,0xC5,0x30,0x01,0x67,0x2B,0xFE,0xD7,0xAB,0x76},
48 {0xCA,0x82,0xC9,0x7D,0xFA,0x59,0x47,0xF0,0xAD,0xD4,0xA2,0xAF,0x9C,0xA4,0x72,0xC0},
49 {0xB7,0xFD,0x93,0x26,0x36,0x3F,0xF7,0xCC,0x34,0xA5,0xE5,0xF1,0x71,0xD8,0x31,0x15},
50 {0x04,0xC7,0x23,0xC3,0x18,0x96,0x05,0x9A,0x07,0x12,0x80,0xE2,0xEB,0x27,0xB2,0x75},
51 {0x09,0x83,0x2C,0x1A,0x1B,0x6E,0x5A,0xA0,0x52,0x3B,0xD6,0xB3,0x29,0xE3,0x2F,0x84},
52 {0x53,0xD1,0x00,0xED,0x20,0xFC,0xB1,0x5B,0x6A,0xCB,0xBE,0x39,0x4A,0x4C,0x58,0xCF},
53 {0xD0,0xEF,0xAA,0xFB,0x43,0x4D,0x33,0x85,0x45,0xF9,0x02,0x7F,0x50,0x3C,0x9F,0xA8},
54 {0x51,0xA3,0x40,0x8F,0x92,0x9D,0x38,0xF5,0xBC,0xB6,0xDA,0x21,0x10,0xFF,0xF3,0xD2},
55 {0xCD,0x0C,0x13,0xEC,0x5F,0x97,0x44,0x17,0xC4,0xA7,0x7E,0x3D,0x64,0x5D,0x19,0x73},
56 {0x60,0x81,0x4F,0xDC,0x22,0x2A,0x90,0x88,0x46,0xEE,0xB8,0x14,0xDE,0x5E,0x0B,0xDB},
57 {0xE0,0x32,0x3A,0x0A,0x49,0x06,0x24,0x5C,0xC2,0xD3,0xAC,0x62,0x91,0x95,0xE4,0x79},
58 {0xE7,0xC8,0x37,0x6D,0x8D,0xD5,0x4E,0xA9,0x6C,0x56,0xF4,0xEA,0x65,0x7A,0xAE,0x08},
59 {0xBA,0x78,0x25,0x2E,0x1C,0xA6,0xB4,0xC6,0xE8,0xDD,0x74,0x1F,0x4B,0xBD,0x8B,0x8A},
60 {0x70,0x3E,0xB5,0x66,0x48,0x03,0xF6,0x0E,0x61,0x35,0x57,0xB9,0x86,0xC1,0x1D,0x9E},
61 {0xE1,0xF8,0x98,0x11,0x69,0xD9,0x8E,0x94,0x9B,0x1E,0x87,0xE9,0xCE,0x55,0x28,0xDF},
62 {0x8C,0xA1,0x89,0x0D,0xBF,0xE6,0x42,0x68,0x41,0x99,0x2D,0x0F,0xB0,0x54,0xBB,0x16}
63};
64
65static const BYTE aes_invsbox[16][16] = {
66 {0x52,0x09,0x6A,0xD5,0x30,0x36,0xA5,0x38,0xBF,0x40,0xA3,0x9E,0x81,0xF3,0xD7,0xFB},
67 {0x7C,0xE3,0x39,0x82,0x9B,0x2F,0xFF,0x87,0x34,0x8E,0x43,0x44,0xC4,0xDE,0xE9,0xCB},
68 {0x54,0x7B,0x94,0x32,0xA6,0xC2,0x23,0x3D,0xEE,0x4C,0x95,0x0B,0x42,0xFA,0xC3,0x4E},
69 {0x08,0x2E,0xA1,0x66,0x28,0xD9,0x24,0xB2,0x76,0x5B,0xA2,0x49,0x6D,0x8B,0xD1,0x25},
70 {0x72,0xF8,0xF6,0x64,0x86,0x68,0x98,0x16,0xD4,0xA4,0x5C,0xCC,0x5D,0x65,0xB6,0x92},
71 {0x6C,0x70,0x48,0x50,0xFD,0xED,0xB9,0xDA,0x5E,0x15,0x46,0x57,0xA7,0x8D,0x9D,0x84},
72 {0x90,0xD8,0xAB,0x00,0x8C,0xBC,0xD3,0x0A,0xF7,0xE4,0x58,0x05,0xB8,0xB3,0x45,0x06},
73 {0xD0,0x2C,0x1E,0x8F,0xCA,0x3F,0x0F,0x02,0xC1,0xAF,0xBD,0x03,0x01,0x13,0x8A,0x6B},
74 {0x3A,0x91,0x11,0x41,0x4F,0x67,0xDC,0xEA,0x97,0xF2,0xCF,0xCE,0xF0,0xB4,0xE6,0x73},
75 {0x96,0xAC,0x74,0x22,0xE7,0xAD,0x35,0x85,0xE2,0xF9,0x37,0xE8,0x1C,0x75,0xDF,0x6E},
76 {0x47,0xF1,0x1A,0x71,0x1D,0x29,0xC5,0x89,0x6F,0xB7,0x62,0x0E,0xAA,0x18,0xBE,0x1B},
77 {0xFC,0x56,0x3E,0x4B,0xC6,0xD2,0x79,0x20,0x9A,0xDB,0xC0,0xFE,0x78,0xCD,0x5A,0xF4},
78 {0x1F,0xDD,0xA8,0x33,0x88,0x07,0xC7,0x31,0xB1,0x12,0x10,0x59,0x27,0x80,0xEC,0x5F},
79 {0x60,0x51,0x7F,0xA9,0x19,0xB5,0x4A,0x0D,0x2D,0xE5,0x7A,0x9F,0x93,0xC9,0x9C,0xEF},
80 {0xA0,0xE0,0x3B,0x4D,0xAE,0x2A,0xF5,0xB0,0xC8,0xEB,0xBB,0x3C,0x83,0x53,0x99,0x61},
81 {0x17,0x2B,0x04,0x7E,0xBA,0x77,0xD6,0x26,0xE1,0x69,0x14,0x63,0x55,0x21,0x0C,0x7D}
82};
83
84// This table stores pre-calculated values for all possible GF(2^8) calculations.This
85// table is only used by the (Inv)MixColumns steps.
86// USAGE: The second index (column) is the coefficient of multiplication. Only 7 different
87// coefficients are used: 0x01, 0x02, 0x03, 0x09, 0x0b, 0x0d, 0x0e, but multiplication by
88// 1 is negligible leaving only 6 coefficients. Each column of the table is devoted to one
89// of these coefficients, in the ascending order of value, from values 0x00 to 0xFF.
90static const BYTE gf_mul[256][6] = {
91 {0x00,0x00,0x00,0x00,0x00,0x00},{0x02,0x03,0x09,0x0b,0x0d,0x0e},
92 {0x04,0x06,0x12,0x16,0x1a,0x1c},{0x06,0x05,0x1b,0x1d,0x17,0x12},
93 {0x08,0x0c,0x24,0x2c,0x34,0x38},{0x0a,0x0f,0x2d,0x27,0x39,0x36},
94 {0x0c,0x0a,0x36,0x3a,0x2e,0x24},{0x0e,0x09,0x3f,0x31,0x23,0x2a},
95 {0x10,0x18,0x48,0x58,0x68,0x70},{0x12,0x1b,0x41,0x53,0x65,0x7e},
96 {0x14,0x1e,0x5a,0x4e,0x72,0x6c},{0x16,0x1d,0x53,0x45,0x7f,0x62},
97 {0x18,0x14,0x6c,0x74,0x5c,0x48},{0x1a,0x17,0x65,0x7f,0x51,0x46},
98 {0x1c,0x12,0x7e,0x62,0x46,0x54},{0x1e,0x11,0x77,0x69,0x4b,0x5a},
99 {0x20,0x30,0x90,0xb0,0xd0,0xe0},{0x22,0x33,0x99,0xbb,0xdd,0xee},
100 {0x24,0x36,0x82,0xa6,0xca,0xfc},{0x26,0x35,0x8b,0xad,0xc7,0xf2},
101 {0x28,0x3c,0xb4,0x9c,0xe4,0xd8},{0x2a,0x3f,0xbd,0x97,0xe9,0xd6},
102 {0x2c,0x3a,0xa6,0x8a,0xfe,0xc4},{0x2e,0x39,0xaf,0x81,0xf3,0xca},
103 {0x30,0x28,0xd8,0xe8,0xb8,0x90},{0x32,0x2b,0xd1,0xe3,0xb5,0x9e},
104 {0x34,0x2e,0xca,0xfe,0xa2,0x8c},{0x36,0x2d,0xc3,0xf5,0xaf,0x82},
105 {0x38,0x24,0xfc,0xc4,0x8c,0xa8},{0x3a,0x27,0xf5,0xcf,0x81,0xa6},
106 {0x3c,0x22,0xee,0xd2,0x96,0xb4},{0x3e,0x21,0xe7,0xd9,0x9b,0xba},
107 {0x40,0x60,0x3b,0x7b,0xbb,0xdb},{0x42,0x63,0x32,0x70,0xb6,0xd5},
108 {0x44,0x66,0x29,0x6d,0xa1,0xc7},{0x46,0x65,0x20,0x66,0xac,0xc9},
109 {0x48,0x6c,0x1f,0x57,0x8f,0xe3},{0x4a,0x6f,0x16,0x5c,0x82,0xed},
110 {0x4c,0x6a,0x0d,0x41,0x95,0xff},{0x4e,0x69,0x04,0x4a,0x98,0xf1},
111 {0x50,0x78,0x73,0x23,0xd3,0xab},{0x52,0x7b,0x7a,0x28,0xde,0xa5},
112 {0x54,0x7e,0x61,0x35,0xc9,0xb7},{0x56,0x7d,0x68,0x3e,0xc4,0xb9},
113 {0x58,0x74,0x57,0x0f,0xe7,0x93},{0x5a,0x77,0x5e,0x04,0xea,0x9d},
114 {0x5c,0x72,0x45,0x19,0xfd,0x8f},{0x5e,0x71,0x4c,0x12,0xf0,0x81},
115 {0x60,0x50,0xab,0xcb,0x6b,0x3b},{0x62,0x53,0xa2,0xc0,0x66,0x35},
116 {0x64,0x56,0xb9,0xdd,0x71,0x27},{0x66,0x55,0xb0,0xd6,0x7c,0x29},
117 {0x68,0x5c,0x8f,0xe7,0x5f,0x03},{0x6a,0x5f,0x86,0xec,0x52,0x0d},
118 {0x6c,0x5a,0x9d,0xf1,0x45,0x1f},{0x6e,0x59,0x94,0xfa,0x48,0x11},
119 {0x70,0x48,0xe3,0x93,0x03,0x4b},{0x72,0x4b,0xea,0x98,0x0e,0x45},
120 {0x74,0x4e,0xf1,0x85,0x19,0x57},{0x76,0x4d,0xf8,0x8e,0x14,0x59},
121 {0x78,0x44,0xc7,0xbf,0x37,0x73},{0x7a,0x47,0xce,0xb4,0x3a,0x7d},
122 {0x7c,0x42,0xd5,0xa9,0x2d,0x6f},{0x7e,0x41,0xdc,0xa2,0x20,0x61},
123 {0x80,0xc0,0x76,0xf6,0x6d,0xad},{0x82,0xc3,0x7f,0xfd,0x60,0xa3},
124 {0x84,0xc6,0x64,0xe0,0x77,0xb1},{0x86,0xc5,0x6d,0xeb,0x7a,0xbf},
125 {0x88,0xcc,0x52,0xda,0x59,0x95},{0x8a,0xcf,0x5b,0xd1,0x54,0x9b},
126 {0x8c,0xca,0x40,0xcc,0x43,0x89},{0x8e,0xc9,0x49,0xc7,0x4e,0x87},
127 {0x90,0xd8,0x3e,0xae,0x05,0xdd},{0x92,0xdb,0x37,0xa5,0x08,0xd3},
128 {0x94,0xde,0x2c,0xb8,0x1f,0xc1},{0x96,0xdd,0x25,0xb3,0x12,0xcf},
129 {0x98,0xd4,0x1a,0x82,0x31,0xe5},{0x9a,0xd7,0x13,0x89,0x3c,0xeb},
130 {0x9c,0xd2,0x08,0x94,0x2b,0xf9},{0x9e,0xd1,0x01,0x9f,0x26,0xf7},
131 {0xa0,0xf0,0xe6,0x46,0xbd,0x4d},{0xa2,0xf3,0xef,0x4d,0xb0,0x43},
132 {0xa4,0xf6,0xf4,0x50,0xa7,0x51},{0xa6,0xf5,0xfd,0x5b,0xaa,0x5f},
133 {0xa8,0xfc,0xc2,0x6a,0x89,0x75},{0xaa,0xff,0xcb,0x61,0x84,0x7b},
134 {0xac,0xfa,0xd0,0x7c,0x93,0x69},{0xae,0xf9,0xd9,0x77,0x9e,0x67},
135 {0xb0,0xe8,0xae,0x1e,0xd5,0x3d},{0xb2,0xeb,0xa7,0x15,0xd8,0x33},
136 {0xb4,0xee,0xbc,0x08,0xcf,0x21},{0xb6,0xed,0xb5,0x03,0xc2,0x2f},
137 {0xb8,0xe4,0x8a,0x32,0xe1,0x05},{0xba,0xe7,0x83,0x39,0xec,0x0b},
138 {0xbc,0xe2,0x98,0x24,0xfb,0x19},{0xbe,0xe1,0x91,0x2f,0xf6,0x17},
139 {0xc0,0xa0,0x4d,0x8d,0xd6,0x76},{0xc2,0xa3,0x44,0x86,0xdb,0x78},
140 {0xc4,0xa6,0x5f,0x9b,0xcc,0x6a},{0xc6,0xa5,0x56,0x90,0xc1,0x64},
141 {0xc8,0xac,0x69,0xa1,0xe2,0x4e},{0xca,0xaf,0x60,0xaa,0xef,0x40},
142 {0xcc,0xaa,0x7b,0xb7,0xf8,0x52},{0xce,0xa9,0x72,0xbc,0xf5,0x5c},
143 {0xd0,0xb8,0x05,0xd5,0xbe,0x06},{0xd2,0xbb,0x0c,0xde,0xb3,0x08},
144 {0xd4,0xbe,0x17,0xc3,0xa4,0x1a},{0xd6,0xbd,0x1e,0xc8,0xa9,0x14},
145 {0xd8,0xb4,0x21,0xf9,0x8a,0x3e},{0xda,0xb7,0x28,0xf2,0x87,0x30},
146 {0xdc,0xb2,0x33,0xef,0x90,0x22},{0xde,0xb1,0x3a,0xe4,0x9d,0x2c},
147 {0xe0,0x90,0xdd,0x3d,0x06,0x96},{0xe2,0x93,0xd4,0x36,0x0b,0x98},
148 {0xe4,0x96,0xcf,0x2b,0x1c,0x8a},{0xe6,0x95,0xc6,0x20,0x11,0x84},
149 {0xe8,0x9c,0xf9,0x11,0x32,0xae},{0xea,0x9f,0xf0,0x1a,0x3f,0xa0},
150 {0xec,0x9a,0xeb,0x07,0x28,0xb2},{0xee,0x99,0xe2,0x0c,0x25,0xbc},
151 {0xf0,0x88,0x95,0x65,0x6e,0xe6},{0xf2,0x8b,0x9c,0x6e,0x63,0xe8},
152 {0xf4,0x8e,0x87,0x73,0x74,0xfa},{0xf6,0x8d,0x8e,0x78,0x79,0xf4},
153 {0xf8,0x84,0xb1,0x49,0x5a,0xde},{0xfa,0x87,0xb8,0x42,0x57,0xd0},
154 {0xfc,0x82,0xa3,0x5f,0x40,0xc2},{0xfe,0x81,0xaa,0x54,0x4d,0xcc},
155 {0x1b,0x9b,0xec,0xf7,0xda,0x41},{0x19,0x98,0xe5,0xfc,0xd7,0x4f},
156 {0x1f,0x9d,0xfe,0xe1,0xc0,0x5d},{0x1d,0x9e,0xf7,0xea,0xcd,0x53},
157 {0x13,0x97,0xc8,0xdb,0xee,0x79},{0x11,0x94,0xc1,0xd0,0xe3,0x77},
158 {0x17,0x91,0xda,0xcd,0xf4,0x65},{0x15,0x92,0xd3,0xc6,0xf9,0x6b},
159 {0x0b,0x83,0xa4,0xaf,0xb2,0x31},{0x09,0x80,0xad,0xa4,0xbf,0x3f},
160 {0x0f,0x85,0xb6,0xb9,0xa8,0x2d},{0x0d,0x86,0xbf,0xb2,0xa5,0x23},
161 {0x03,0x8f,0x80,0x83,0x86,0x09},{0x01,0x8c,0x89,0x88,0x8b,0x07},
162 {0x07,0x89,0x92,0x95,0x9c,0x15},{0x05,0x8a,0x9b,0x9e,0x91,0x1b},
163 {0x3b,0xab,0x7c,0x47,0x0a,0xa1},{0x39,0xa8,0x75,0x4c,0x07,0xaf},
164 {0x3f,0xad,0x6e,0x51,0x10,0xbd},{0x3d,0xae,0x67,0x5a,0x1d,0xb3},
165 {0x33,0xa7,0x58,0x6b,0x3e,0x99},{0x31,0xa4,0x51,0x60,0x33,0x97},
166 {0x37,0xa1,0x4a,0x7d,0x24,0x85},{0x35,0xa2,0x43,0x76,0x29,0x8b},
167 {0x2b,0xb3,0x34,0x1f,0x62,0xd1},{0x29,0xb0,0x3d,0x14,0x6f,0xdf},
168 {0x2f,0xb5,0x26,0x09,0x78,0xcd},{0x2d,0xb6,0x2f,0x02,0x75,0xc3},
169 {0x23,0xbf,0x10,0x33,0x56,0xe9},{0x21,0xbc,0x19,0x38,0x5b,0xe7},
170 {0x27,0xb9,0x02,0x25,0x4c,0xf5},{0x25,0xba,0x0b,0x2e,0x41,0xfb},
171 {0x5b,0xfb,0xd7,0x8c,0x61,0x9a},{0x59,0xf8,0xde,0x87,0x6c,0x94},
172 {0x5f,0xfd,0xc5,0x9a,0x7b,0x86},{0x5d,0xfe,0xcc,0x91,0x76,0x88},
173 {0x53,0xf7,0xf3,0xa0,0x55,0xa2},{0x51,0xf4,0xfa,0xab,0x58,0xac},
174 {0x57,0xf1,0xe1,0xb6,0x4f,0xbe},{0x55,0xf2,0xe8,0xbd,0x42,0xb0},
175 {0x4b,0xe3,0x9f,0xd4,0x09,0xea},{0x49,0xe0,0x96,0xdf,0x04,0xe4},
176 {0x4f,0xe5,0x8d,0xc2,0x13,0xf6},{0x4d,0xe6,0x84,0xc9,0x1e,0xf8},
177 {0x43,0xef,0xbb,0xf8,0x3d,0xd2},{0x41,0xec,0xb2,0xf3,0x30,0xdc},
178 {0x47,0xe9,0xa9,0xee,0x27,0xce},{0x45,0xea,0xa0,0xe5,0x2a,0xc0},
179 {0x7b,0xcb,0x47,0x3c,0xb1,0x7a},{0x79,0xc8,0x4e,0x37,0xbc,0x74},
180 {0x7f,0xcd,0x55,0x2a,0xab,0x66},{0x7d,0xce,0x5c,0x21,0xa6,0x68},
181 {0x73,0xc7,0x63,0x10,0x85,0x42},{0x71,0xc4,0x6a,0x1b,0x88,0x4c},
182 {0x77,0xc1,0x71,0x06,0x9f,0x5e},{0x75,0xc2,0x78,0x0d,0x92,0x50},
183 {0x6b,0xd3,0x0f,0x64,0xd9,0x0a},{0x69,0xd0,0x06,0x6f,0xd4,0x04},
184 {0x6f,0xd5,0x1d,0x72,0xc3,0x16},{0x6d,0xd6,0x14,0x79,0xce,0x18},
185 {0x63,0xdf,0x2b,0x48,0xed,0x32},{0x61,0xdc,0x22,0x43,0xe0,0x3c},
186 {0x67,0xd9,0x39,0x5e,0xf7,0x2e},{0x65,0xda,0x30,0x55,0xfa,0x20},
187 {0x9b,0x5b,0x9a,0x01,0xb7,0xec},{0x99,0x58,0x93,0x0a,0xba,0xe2},
188 {0x9f,0x5d,0x88,0x17,0xad,0xf0},{0x9d,0x5e,0x81,0x1c,0xa0,0xfe},
189 {0x93,0x57,0xbe,0x2d,0x83,0xd4},{0x91,0x54,0xb7,0x26,0x8e,0xda},
190 {0x97,0x51,0xac,0x3b,0x99,0xc8},{0x95,0x52,0xa5,0x30,0x94,0xc6},
191 {0x8b,0x43,0xd2,0x59,0xdf,0x9c},{0x89,0x40,0xdb,0x52,0xd2,0x92},
192 {0x8f,0x45,0xc0,0x4f,0xc5,0x80},{0x8d,0x46,0xc9,0x44,0xc8,0x8e},
193 {0x83,0x4f,0xf6,0x75,0xeb,0xa4},{0x81,0x4c,0xff,0x7e,0xe6,0xaa},
194 {0x87,0x49,0xe4,0x63,0xf1,0xb8},{0x85,0x4a,0xed,0x68,0xfc,0xb6},
195 {0xbb,0x6b,0x0a,0xb1,0x67,0x0c},{0xb9,0x68,0x03,0xba,0x6a,0x02},
196 {0xbf,0x6d,0x18,0xa7,0x7d,0x10},{0xbd,0x6e,0x11,0xac,0x70,0x1e},
197 {0xb3,0x67,0x2e,0x9d,0x53,0x34},{0xb1,0x64,0x27,0x96,0x5e,0x3a},
198 {0xb7,0x61,0x3c,0x8b,0x49,0x28},{0xb5,0x62,0x35,0x80,0x44,0x26},
199 {0xab,0x73,0x42,0xe9,0x0f,0x7c},{0xa9,0x70,0x4b,0xe2,0x02,0x72},
200 {0xaf,0x75,0x50,0xff,0x15,0x60},{0xad,0x76,0x59,0xf4,0x18,0x6e},
201 {0xa3,0x7f,0x66,0xc5,0x3b,0x44},{0xa1,0x7c,0x6f,0xce,0x36,0x4a},
202 {0xa7,0x79,0x74,0xd3,0x21,0x58},{0xa5,0x7a,0x7d,0xd8,0x2c,0x56},
203 {0xdb,0x3b,0xa1,0x7a,0x0c,0x37},{0xd9,0x38,0xa8,0x71,0x01,0x39},
204 {0xdf,0x3d,0xb3,0x6c,0x16,0x2b},{0xdd,0x3e,0xba,0x67,0x1b,0x25},
205 {0xd3,0x37,0x85,0x56,0x38,0x0f},{0xd1,0x34,0x8c,0x5d,0x35,0x01},
206 {0xd7,0x31,0x97,0x40,0x22,0x13},{0xd5,0x32,0x9e,0x4b,0x2f,0x1d},
207 {0xcb,0x23,0xe9,0x22,0x64,0x47},{0xc9,0x20,0xe0,0x29,0x69,0x49},
208 {0xcf,0x25,0xfb,0x34,0x7e,0x5b},{0xcd,0x26,0xf2,0x3f,0x73,0x55},
209 {0xc3,0x2f,0xcd,0x0e,0x50,0x7f},{0xc1,0x2c,0xc4,0x05,0x5d,0x71},
210 {0xc7,0x29,0xdf,0x18,0x4a,0x63},{0xc5,0x2a,0xd6,0x13,0x47,0x6d},
211 {0xfb,0x0b,0x31,0xca,0xdc,0xd7},{0xf9,0x08,0x38,0xc1,0xd1,0xd9},
212 {0xff,0x0d,0x23,0xdc,0xc6,0xcb},{0xfd,0x0e,0x2a,0xd7,0xcb,0xc5},
213 {0xf3,0x07,0x15,0xe6,0xe8,0xef},{0xf1,0x04,0x1c,0xed,0xe5,0xe1},
214 {0xf7,0x01,0x07,0xf0,0xf2,0xf3},{0xf5,0x02,0x0e,0xfb,0xff,0xfd},
215 {0xeb,0x13,0x79,0x92,0xb4,0xa7},{0xe9,0x10,0x70,0x99,0xb9,0xa9},
216 {0xef,0x15,0x6b,0x84,0xae,0xbb},{0xed,0x16,0x62,0x8f,0xa3,0xb5},
217 {0xe3,0x1f,0x5d,0xbe,0x80,0x9f},{0xe1,0x1c,0x54,0xb5,0x8d,0x91},
218 {0xe7,0x19,0x4f,0xa8,0x9a,0x83},{0xe5,0x1a,0x46,0xa3,0x97,0x8d}
219};
220
221/*********************** FUNCTION DEFINITIONS ***********************/
222// XORs the in and out buffers, storing the result in out. Length is in bytes.
223void xor_buf(const BYTE in[], BYTE out[], size_t len)
224{
225 size_t idx;
226
227 for (idx = 0; idx < len; idx++)
228 out[idx] ^= in[idx];
229}
230
231/*******************
232* AES - CBC
233*******************/
234int aes_encrypt_cbc(const BYTE in[], size_t in_len, BYTE out[], const WORD key[], int keysize, const BYTE iv[])
235{
236 BYTE buf_in[AES_BLOCK_SIZE], buf_out[AES_BLOCK_SIZE];
237 int blocks, idx;
238
239 if (in_len % AES_BLOCK_SIZE != 0)
240 return(FALSE);
241
242 blocks = in_len / AES_BLOCK_SIZE;
243
244 memcpy(buf_out, iv, AES_BLOCK_SIZE);
245
246 for (idx = 0; idx < blocks; idx++) {
247 memcpy(buf_in, &in[idx * AES_BLOCK_SIZE], AES_BLOCK_SIZE);
248 xor_buf(buf_out, buf_in, AES_BLOCK_SIZE);
249 aes_encrypt(buf_in, buf_out, key, keysize);
250 memcpy(&out[idx * AES_BLOCK_SIZE], buf_out, AES_BLOCK_SIZE);
251 }
252
253 return(TRUE);
254}
255
256int aes_encrypt_cbc_mac(const BYTE in[], size_t in_len, BYTE out[], const WORD key[], int keysize, const BYTE iv[])
257{
258 BYTE buf_in[AES_BLOCK_SIZE], buf_out[AES_BLOCK_SIZE];
259 int blocks, idx;
260
261 if (in_len % AES_BLOCK_SIZE != 0)
262 return(FALSE);
263
264 blocks = in_len / AES_BLOCK_SIZE;
265
266 memcpy(buf_out, iv, AES_BLOCK_SIZE);
267
268 for (idx = 0; idx < blocks; idx++) {
269 memcpy(buf_in, &in[idx * AES_BLOCK_SIZE], AES_BLOCK_SIZE);
270 xor_buf(buf_out, buf_in, AES_BLOCK_SIZE);
271 aes_encrypt(buf_in, buf_out, key, keysize);
272 // Do not output all encrypted blocks.
273 }
274
275 memcpy(out, buf_out, AES_BLOCK_SIZE); // Only output the last block.
276
277 return(TRUE);
278}
279
280// No need for an aes_decrypt_cbc() for just CCM.
281
282/*******************
283* AES - CTR
284*******************/
285void increment_iv(BYTE iv[], int counter_size)
286{
287 int idx;
288
289 // Use counter_size bytes at the end of the IV as the big-endian integer to increment.
290 for (idx = AES_BLOCK_SIZE - 1; idx >= AES_BLOCK_SIZE - counter_size; idx--) {
291 iv[idx]++;
292 if (iv[idx] != 0 || idx == AES_BLOCK_SIZE - counter_size)
293 break;
294 }
295}
296
297// Performs the encryption in-place, the input and output buffers may be the same.
298// Input may be an arbitrary length (in bytes).
299void aes_encrypt_ctr(const BYTE in[], size_t in_len, BYTE out[], const WORD key[], int keysize, const BYTE iv[])
300{
301 size_t idx = 0, last_block_length;
302 BYTE iv_buf[AES_BLOCK_SIZE], out_buf[AES_BLOCK_SIZE];
303
304 if (in != out)
305 memcpy(out, in, in_len);
306
307 memcpy(iv_buf, iv, AES_BLOCK_SIZE);
308 last_block_length = in_len - AES_BLOCK_SIZE;
309
310 if (in_len > AES_BLOCK_SIZE) {
311 for (idx = 0; idx < last_block_length; idx += AES_BLOCK_SIZE) {
312 aes_encrypt(iv_buf, out_buf, key, keysize);
313 xor_buf(out_buf, &out[idx], AES_BLOCK_SIZE);
314 increment_iv(iv_buf, AES_BLOCK_SIZE);
315 }
316 }
317
318 aes_encrypt(iv_buf, out_buf, key, keysize);
319 xor_buf(out_buf, &out[idx], in_len - idx); // Use the Most Significant bytes.
320}
321
322void aes_decrypt_ctr(const BYTE in[], size_t in_len, BYTE out[], const WORD key[], int keysize, const BYTE iv[])
323{
324 // CTR encryption is its own inverse function.
325 aes_encrypt_ctr(in, in_len, out, key, keysize, iv);
326}
327
328/*******************
329* AES - CCM
330*******************/
331// out_len = payload_len + assoc_len
332int aes_encrypt_ccm(const BYTE payload[], WORD payload_len, const BYTE assoc[], unsigned short assoc_len,
333 const BYTE nonce[], unsigned short nonce_len, BYTE out[], WORD *out_len,
334 WORD mac_len, const BYTE key_str[], int keysize)
335{
336 BYTE temp_iv[AES_BLOCK_SIZE], counter[AES_BLOCK_SIZE], mac[16], *buf;
337 int end_of_buf, payload_len_store_size;
338 WORD key[60];
339
340 if (mac_len != 4 && mac_len != 6 && mac_len != 8 && mac_len != 10 &&
341 mac_len != 12 && mac_len != 14 && mac_len != 16)
342 return(FALSE);
343
344 if (nonce_len < 7 || nonce_len > 13)
345 return(FALSE);
346
347 if (assoc_len > 32768 /* = 2^15 */)
348 return(FALSE);
349
350 buf = (BYTE*)malloc(payload_len + assoc_len + 48 /*Round both payload and associated data up a block size and add an extra block.*/);
351 if (! buf)
352 return(FALSE);
353
354 // Prepare the key for usage.
355 aes_key_setup(key_str, key, keysize);
356
357 // Format the first block of the formatted data.
358 payload_len_store_size = AES_BLOCK_SIZE - 1 - nonce_len;
359 ccm_prepare_first_format_blk(buf, assoc_len, payload_len, payload_len_store_size, mac_len, nonce, nonce_len);
360 end_of_buf = AES_BLOCK_SIZE;
361
362 // Format the Associated Data, aka, assoc[].
363 ccm_format_assoc_data(buf, &end_of_buf, assoc, assoc_len);
364
365 // Format the Payload, aka payload[].
366 ccm_format_payload_data(buf, &end_of_buf, payload, payload_len);
367
368 // Create the first counter block.
369 ccm_prepare_first_ctr_blk(counter, nonce, nonce_len, payload_len_store_size);
370
371 // Perform the CBC operation with an IV of zeros on the formatted buffer to calculate the MAC.
372 memset(temp_iv, 0, AES_BLOCK_SIZE);
373 aes_encrypt_cbc_mac(buf, end_of_buf, mac, key, keysize, temp_iv);
374
375 // Copy the Payload and MAC to the output buffer.
376 memcpy(out, payload, payload_len);
377 memcpy(&out[payload_len], mac, mac_len);
378
379 // Encrypt the Payload with CTR mode with a counter starting at 1.
380 memcpy(temp_iv, counter, AES_BLOCK_SIZE);
381 increment_iv(temp_iv, AES_BLOCK_SIZE - 1 - mac_len); // Last argument is the byte size of the counting portion of the counter block. /*BUG?*/
382 aes_encrypt_ctr(out, payload_len, out, key, keysize, temp_iv);
383
384 // Encrypt the MAC with CTR mode with a counter starting at 0.
385 aes_encrypt_ctr(&out[payload_len], mac_len, &out[payload_len], key, keysize, counter);
386
387 free(buf);
388 *out_len = payload_len + mac_len;
389
390 return(TRUE);
391}
392
393// plaintext_len = ciphertext_len - mac_len
394// Needs a flag for whether the MAC matches.
395int aes_decrypt_ccm(const BYTE ciphertext[], WORD ciphertext_len, const BYTE assoc[], unsigned short assoc_len,
396 const BYTE nonce[], unsigned short nonce_len, BYTE plaintext[], WORD *plaintext_len,
397 WORD mac_len, int *mac_auth, const BYTE key_str[], int keysize)
398{
399 BYTE temp_iv[AES_BLOCK_SIZE], counter[AES_BLOCK_SIZE], mac[16], mac_buf[16], *buf;
400 int end_of_buf, plaintext_len_store_size;
401 WORD key[60];
402
403 if (ciphertext_len <= mac_len)
404 return(FALSE);
405
406 buf = (BYTE*)malloc(assoc_len + ciphertext_len /*ciphertext_len = plaintext_len + mac_len*/ + 48);
407 if (! buf)
408 return(FALSE);
409
410 // Prepare the key for usage.
411 aes_key_setup(key_str, key, keysize);
412
413 // Copy the plaintext and MAC to the output buffers.
414 *plaintext_len = ciphertext_len - mac_len;
415 plaintext_len_store_size = AES_BLOCK_SIZE - 1 - nonce_len;
416 memcpy(plaintext, ciphertext, *plaintext_len);
417 memcpy(mac, &ciphertext[*plaintext_len], mac_len);
418
419 // Prepare the first counter block for use in decryption.
420 ccm_prepare_first_ctr_blk(counter, nonce, nonce_len, plaintext_len_store_size);
421
422 // Decrypt the Payload with CTR mode with a counter starting at 1.
423 memcpy(temp_iv, counter, AES_BLOCK_SIZE);
424 increment_iv(temp_iv, AES_BLOCK_SIZE - 1 - mac_len); // (AES_BLOCK_SIZE - 1 - mac_len) is the byte size of the counting portion of the counter block.
425 aes_decrypt_ctr(plaintext, *plaintext_len, plaintext, key, keysize, temp_iv);
426
427 // Setting mac_auth to NULL disables the authentication check.
428 if (mac_auth != NULL) {
429 // Decrypt the MAC with CTR mode with a counter starting at 0.
430 aes_decrypt_ctr(mac, mac_len, mac, key, keysize, counter);
431
432 // Format the first block of the formatted data.
433 plaintext_len_store_size = AES_BLOCK_SIZE - 1 - nonce_len;
434 ccm_prepare_first_format_blk(buf, assoc_len, *plaintext_len, plaintext_len_store_size, mac_len, nonce, nonce_len);
435 end_of_buf = AES_BLOCK_SIZE;
436
437 // Format the Associated Data into the authentication buffer.
438 ccm_format_assoc_data(buf, &end_of_buf, assoc, assoc_len);
439
440 // Format the Payload into the authentication buffer.
441 ccm_format_payload_data(buf, &end_of_buf, plaintext, *plaintext_len);
442
443 // Perform the CBC operation with an IV of zeros on the formatted buffer to calculate the MAC.
444 memset(temp_iv, 0, AES_BLOCK_SIZE);
445 aes_encrypt_cbc_mac(buf, end_of_buf, mac_buf, key, keysize, temp_iv);
446
447 // Compare the calculated MAC against the MAC embedded in the ciphertext to see if they are the same.
448 if (! memcmp(mac, mac_buf, mac_len)) {
449 *mac_auth = TRUE;
450 }
451 else {
452 *mac_auth = FALSE;
453 memset(plaintext, 0, *plaintext_len);
454 }
455 }
456
457 free(buf);
458
459 return(TRUE);
460}
461
462// Creates the first counter block. First byte is flags, then the nonce, then the incremented part.
463void ccm_prepare_first_ctr_blk(BYTE counter[], const BYTE nonce[], int nonce_len, int payload_len_store_size)
464{
465 memset(counter, 0, AES_BLOCK_SIZE);
466 counter[0] = (payload_len_store_size - 1) & 0x07;
467 memcpy(&counter[1], nonce, nonce_len);
468}
469
470void ccm_prepare_first_format_blk(BYTE buf[], int assoc_len, int payload_len, int payload_len_store_size, int mac_len, const BYTE nonce[], int nonce_len)
471{
472 // Set the flags for the first byte of the first block.
473 buf[0] = ((((mac_len - 2) / 2) & 0x07) << 3) | ((payload_len_store_size - 1) & 0x07);
474 if (assoc_len > 0)
475 buf[0] += 0x40;
476 // Format the rest of the first block, storing the nonce and the size of the payload.
477 memcpy(&buf[1], nonce, nonce_len);
478 memset(&buf[1 + nonce_len], 0, AES_BLOCK_SIZE - 1 - nonce_len);
479 buf[15] = payload_len & 0x000000FF;
480 buf[14] = (payload_len >> 8) & 0x000000FF;
481}
482
483void ccm_format_assoc_data(BYTE buf[], int *end_of_buf, const BYTE assoc[], int assoc_len)
484{
485 int pad;
486
487 buf[*end_of_buf + 1] = assoc_len & 0x00FF;
488 buf[*end_of_buf] = (assoc_len >> 8) & 0x00FF;
489 *end_of_buf += 2;
490 memcpy(&buf[*end_of_buf], assoc, assoc_len);
491 *end_of_buf += assoc_len;
492 pad = AES_BLOCK_SIZE - (*end_of_buf % AES_BLOCK_SIZE); /*BUG?*/
493 memset(&buf[*end_of_buf], 0, pad);
494 *end_of_buf += pad;
495}
496
497void ccm_format_payload_data(BYTE buf[], int *end_of_buf, const BYTE payload[], int payload_len)
498{
499 int pad;
500
501 memcpy(&buf[*end_of_buf], payload, payload_len);
502 *end_of_buf += payload_len;
503 pad = *end_of_buf % AES_BLOCK_SIZE;
504 if (pad != 0)
505 pad = AES_BLOCK_SIZE - pad;
506 memset(&buf[*end_of_buf], 0, pad);
507 *end_of_buf += pad;
508}
509
510/*******************
511* AES
512*******************/
513/////////////////
514// KEY EXPANSION
515/////////////////
516
517// Substitutes a word using the AES S-Box.
518WORD SubWord(WORD word)
519{
520 unsigned int result;
521
522 result = (int)aes_sbox[(word >> 4) & 0x0000000F][word & 0x0000000F];
523 result += (int)aes_sbox[(word >> 12) & 0x0000000F][(word >> 8) & 0x0000000F] << 8;
524 result += (int)aes_sbox[(word >> 20) & 0x0000000F][(word >> 16) & 0x0000000F] << 16;
525 result += (int)aes_sbox[(word >> 28) & 0x0000000F][(word >> 24) & 0x0000000F] << 24;
526 return(result);
527}
528
529// Performs the action of generating the keys that will be used in every round of
530// encryption. "key" is the user-supplied input key, "w" is the output key schedule,
531// "keysize" is the length in bits of "key", must be 128, 192, or 256.
532void aes_key_setup(const BYTE key[], WORD w[], int keysize)
533{
534 int Nb=4,Nr,Nk,idx;
535 WORD temp,Rcon[]={0x01000000,0x02000000,0x04000000,0x08000000,0x10000000,0x20000000,
536 0x40000000,0x80000000,0x1b000000,0x36000000,0x6c000000,0xd8000000,
537 0xab000000,0x4d000000,0x9a000000};
538
539 switch (keysize) {
540 case 128: Nr = 10; Nk = 4; break;
541 case 192: Nr = 12; Nk = 6; break;
542 case 256: Nr = 14; Nk = 8; break;
543 default: return;
544 }
545
546 for (idx=0; idx < Nk; ++idx) {
547 w[idx] = ((key[4 * idx]) << 24) | ((key[4 * idx + 1]) << 16) |
548 ((key[4 * idx + 2]) << 8) | ((key[4 * idx + 3]));
549 }
550
551 for (idx = Nk; idx < Nb * (Nr+1); ++idx) {
552 temp = w[idx - 1];
553 if ((idx % Nk) == 0)
554 temp = SubWord(KE_ROTWORD(temp)) ^ Rcon[(idx-1)/Nk];
555 else if (Nk > 6 && (idx % Nk) == 4)
556 temp = SubWord(temp);
557 w[idx] = w[idx-Nk] ^ temp;
558 }
559}
560
561/////////////////
562// ADD ROUND KEY
563/////////////////
564
565// Performs the AddRoundKey step. Each round has its own pre-generated 16-byte key in the
566// form of 4 integers (the "w" array). Each integer is XOR'd by one column of the state.
567// Also performs the job of InvAddRoundKey(); since the function is a simple XOR process,
568// it is its own inverse.
569void AddRoundKey(BYTE state[][4], const WORD w[])
570{
571 BYTE subkey[4];
572
573 // memcpy(subkey,&w[idx],4); // Not accurate for big endian machines
574 // Subkey 1
575 subkey[0] = w[0] >> 24;
576 subkey[1] = w[0] >> 16;
577 subkey[2] = w[0] >> 8;
578 subkey[3] = w[0];
579 state[0][0] ^= subkey[0];
580 state[1][0] ^= subkey[1];
581 state[2][0] ^= subkey[2];
582 state[3][0] ^= subkey[3];
583 // Subkey 2
584 subkey[0] = w[1] >> 24;
585 subkey[1] = w[1] >> 16;
586 subkey[2] = w[1] >> 8;
587 subkey[3] = w[1];
588 state[0][1] ^= subkey[0];
589 state[1][1] ^= subkey[1];
590 state[2][1] ^= subkey[2];
591 state[3][1] ^= subkey[3];
592 // Subkey 3
593 subkey[0] = w[2] >> 24;
594 subkey[1] = w[2] >> 16;
595 subkey[2] = w[2] >> 8;
596 subkey[3] = w[2];
597 state[0][2] ^= subkey[0];
598 state[1][2] ^= subkey[1];
599 state[2][2] ^= subkey[2];
600 state[3][2] ^= subkey[3];
601 // Subkey 4
602 subkey[0] = w[3] >> 24;
603 subkey[1] = w[3] >> 16;
604 subkey[2] = w[3] >> 8;
605 subkey[3] = w[3];
606 state[0][3] ^= subkey[0];
607 state[1][3] ^= subkey[1];
608 state[2][3] ^= subkey[2];
609 state[3][3] ^= subkey[3];
610}
611
612/////////////////
613// (Inv)SubBytes
614/////////////////
615
616// Performs the SubBytes step. All bytes in the state are substituted with a
617// pre-calculated value from a lookup table.
618void SubBytes(BYTE state[][4])
619{
620 state[0][0] = aes_sbox[state[0][0] >> 4][state[0][0] & 0x0F];
621 state[0][1] = aes_sbox[state[0][1] >> 4][state[0][1] & 0x0F];
622 state[0][2] = aes_sbox[state[0][2] >> 4][state[0][2] & 0x0F];
623 state[0][3] = aes_sbox[state[0][3] >> 4][state[0][3] & 0x0F];
624 state[1][0] = aes_sbox[state[1][0] >> 4][state[1][0] & 0x0F];
625 state[1][1] = aes_sbox[state[1][1] >> 4][state[1][1] & 0x0F];
626 state[1][2] = aes_sbox[state[1][2] >> 4][state[1][2] & 0x0F];
627 state[1][3] = aes_sbox[state[1][3] >> 4][state[1][3] & 0x0F];
628 state[2][0] = aes_sbox[state[2][0] >> 4][state[2][0] & 0x0F];
629 state[2][1] = aes_sbox[state[2][1] >> 4][state[2][1] & 0x0F];
630 state[2][2] = aes_sbox[state[2][2] >> 4][state[2][2] & 0x0F];
631 state[2][3] = aes_sbox[state[2][3] >> 4][state[2][3] & 0x0F];
632 state[3][0] = aes_sbox[state[3][0] >> 4][state[3][0] & 0x0F];
633 state[3][1] = aes_sbox[state[3][1] >> 4][state[3][1] & 0x0F];
634 state[3][2] = aes_sbox[state[3][2] >> 4][state[3][2] & 0x0F];
635 state[3][3] = aes_sbox[state[3][3] >> 4][state[3][3] & 0x0F];
636}
637
638void InvSubBytes(BYTE state[][4])
639{
640 state[0][0] = aes_invsbox[state[0][0] >> 4][state[0][0] & 0x0F];
641 state[0][1] = aes_invsbox[state[0][1] >> 4][state[0][1] & 0x0F];
642 state[0][2] = aes_invsbox[state[0][2] >> 4][state[0][2] & 0x0F];
643 state[0][3] = aes_invsbox[state[0][3] >> 4][state[0][3] & 0x0F];
644 state[1][0] = aes_invsbox[state[1][0] >> 4][state[1][0] & 0x0F];
645 state[1][1] = aes_invsbox[state[1][1] >> 4][state[1][1] & 0x0F];
646 state[1][2] = aes_invsbox[state[1][2] >> 4][state[1][2] & 0x0F];
647 state[1][3] = aes_invsbox[state[1][3] >> 4][state[1][3] & 0x0F];
648 state[2][0] = aes_invsbox[state[2][0] >> 4][state[2][0] & 0x0F];
649 state[2][1] = aes_invsbox[state[2][1] >> 4][state[2][1] & 0x0F];
650 state[2][2] = aes_invsbox[state[2][2] >> 4][state[2][2] & 0x0F];
651 state[2][3] = aes_invsbox[state[2][3] >> 4][state[2][3] & 0x0F];
652 state[3][0] = aes_invsbox[state[3][0] >> 4][state[3][0] & 0x0F];
653 state[3][1] = aes_invsbox[state[3][1] >> 4][state[3][1] & 0x0F];
654 state[3][2] = aes_invsbox[state[3][2] >> 4][state[3][2] & 0x0F];
655 state[3][3] = aes_invsbox[state[3][3] >> 4][state[3][3] & 0x0F];
656}
657
658/////////////////
659// (Inv)ShiftRows
660/////////////////
661
662// Performs the ShiftRows step. All rows are shifted cylindrically to the left.
663void ShiftRows(BYTE state[][4])
664{
665 int t;
666
667 // Shift left by 1
668 t = state[1][0];
669 state[1][0] = state[1][1];
670 state[1][1] = state[1][2];
671 state[1][2] = state[1][3];
672 state[1][3] = t;
673 // Shift left by 2
674 t = state[2][0];
675 state[2][0] = state[2][2];
676 state[2][2] = t;
677 t = state[2][1];
678 state[2][1] = state[2][3];
679 state[2][3] = t;
680 // Shift left by 3
681 t = state[3][0];
682 state[3][0] = state[3][3];
683 state[3][3] = state[3][2];
684 state[3][2] = state[3][1];
685 state[3][1] = t;
686}
687
688// All rows are shifted cylindrically to the right.
689void InvShiftRows(BYTE state[][4])
690{
691 int t;
692
693 // Shift right by 1
694 t = state[1][3];
695 state[1][3] = state[1][2];
696 state[1][2] = state[1][1];
697 state[1][1] = state[1][0];
698 state[1][0] = t;
699 // Shift right by 2
700 t = state[2][3];
701 state[2][3] = state[2][1];
702 state[2][1] = t;
703 t = state[2][2];
704 state[2][2] = state[2][0];
705 state[2][0] = t;
706 // Shift right by 3
707 t = state[3][3];
708 state[3][3] = state[3][0];
709 state[3][0] = state[3][1];
710 state[3][1] = state[3][2];
711 state[3][2] = t;
712}
713
714/////////////////
715// (Inv)MixColumns
716/////////////////
717
718// Performs the MixColums step. The state is multiplied by itself using matrix
719// multiplication in a Galios Field 2^8. All multiplication is pre-computed in a table.
720// Addition is equivilent to XOR. (Must always make a copy of the column as the original
721// values will be destoyed.)
722void MixColumns(BYTE state[][4])
723{
724 BYTE col[4];
725
726 // Column 1
727 col[0] = state[0][0];
728 col[1] = state[1][0];
729 col[2] = state[2][0];
730 col[3] = state[3][0];
731 state[0][0] = gf_mul[col[0]][0];
732 state[0][0] ^= gf_mul[col[1]][1];
733 state[0][0] ^= col[2];
734 state[0][0] ^= col[3];
735 state[1][0] = col[0];
736 state[1][0] ^= gf_mul[col[1]][0];
737 state[1][0] ^= gf_mul[col[2]][1];
738 state[1][0] ^= col[3];
739 state[2][0] = col[0];
740 state[2][0] ^= col[1];
741 state[2][0] ^= gf_mul[col[2]][0];
742 state[2][0] ^= gf_mul[col[3]][1];
743 state[3][0] = gf_mul[col[0]][1];
744 state[3][0] ^= col[1];
745 state[3][0] ^= col[2];
746 state[3][0] ^= gf_mul[col[3]][0];
747 // Column 2
748 col[0] = state[0][1];
749 col[1] = state[1][1];
750 col[2] = state[2][1];
751 col[3] = state[3][1];
752 state[0][1] = gf_mul[col[0]][0];
753 state[0][1] ^= gf_mul[col[1]][1];
754 state[0][1] ^= col[2];
755 state[0][1] ^= col[3];
756 state[1][1] = col[0];
757 state[1][1] ^= gf_mul[col[1]][0];
758 state[1][1] ^= gf_mul[col[2]][1];
759 state[1][1] ^= col[3];
760 state[2][1] = col[0];
761 state[2][1] ^= col[1];
762 state[2][1] ^= gf_mul[col[2]][0];
763 state[2][1] ^= gf_mul[col[3]][1];
764 state[3][1] = gf_mul[col[0]][1];
765 state[3][1] ^= col[1];
766 state[3][1] ^= col[2];
767 state[3][1] ^= gf_mul[col[3]][0];
768 // Column 3
769 col[0] = state[0][2];
770 col[1] = state[1][2];
771 col[2] = state[2][2];
772 col[3] = state[3][2];
773 state[0][2] = gf_mul[col[0]][0];
774 state[0][2] ^= gf_mul[col[1]][1];
775 state[0][2] ^= col[2];
776 state[0][2] ^= col[3];
777 state[1][2] = col[0];
778 state[1][2] ^= gf_mul[col[1]][0];
779 state[1][2] ^= gf_mul[col[2]][1];
780 state[1][2] ^= col[3];
781 state[2][2] = col[0];
782 state[2][2] ^= col[1];
783 state[2][2] ^= gf_mul[col[2]][0];
784 state[2][2] ^= gf_mul[col[3]][1];
785 state[3][2] = gf_mul[col[0]][1];
786 state[3][2] ^= col[1];
787 state[3][2] ^= col[2];
788 state[3][2] ^= gf_mul[col[3]][0];
789 // Column 4
790 col[0] = state[0][3];
791 col[1] = state[1][3];
792 col[2] = state[2][3];
793 col[3] = state[3][3];
794 state[0][3] = gf_mul[col[0]][0];
795 state[0][3] ^= gf_mul[col[1]][1];
796 state[0][3] ^= col[2];
797 state[0][3] ^= col[3];
798 state[1][3] = col[0];
799 state[1][3] ^= gf_mul[col[1]][0];
800 state[1][3] ^= gf_mul[col[2]][1];
801 state[1][3] ^= col[3];
802 state[2][3] = col[0];
803 state[2][3] ^= col[1];
804 state[2][3] ^= gf_mul[col[2]][0];
805 state[2][3] ^= gf_mul[col[3]][1];
806 state[3][3] = gf_mul[col[0]][1];
807 state[3][3] ^= col[1];
808 state[3][3] ^= col[2];
809 state[3][3] ^= gf_mul[col[3]][0];
810}
811
812void InvMixColumns(BYTE state[][4])
813{
814 BYTE col[4];
815
816 // Column 1
817 col[0] = state[0][0];
818 col[1] = state[1][0];
819 col[2] = state[2][0];
820 col[3] = state[3][0];
821 state[0][0] = gf_mul[col[0]][5];
822 state[0][0] ^= gf_mul[col[1]][3];
823 state[0][0] ^= gf_mul[col[2]][4];
824 state[0][0] ^= gf_mul[col[3]][2];
825 state[1][0] = gf_mul[col[0]][2];
826 state[1][0] ^= gf_mul[col[1]][5];
827 state[1][0] ^= gf_mul[col[2]][3];
828 state[1][0] ^= gf_mul[col[3]][4];
829 state[2][0] = gf_mul[col[0]][4];
830 state[2][0] ^= gf_mul[col[1]][2];
831 state[2][0] ^= gf_mul[col[2]][5];
832 state[2][0] ^= gf_mul[col[3]][3];
833 state[3][0] = gf_mul[col[0]][3];
834 state[3][0] ^= gf_mul[col[1]][4];
835 state[3][0] ^= gf_mul[col[2]][2];
836 state[3][0] ^= gf_mul[col[3]][5];
837 // Column 2
838 col[0] = state[0][1];
839 col[1] = state[1][1];
840 col[2] = state[2][1];
841 col[3] = state[3][1];
842 state[0][1] = gf_mul[col[0]][5];
843 state[0][1] ^= gf_mul[col[1]][3];
844 state[0][1] ^= gf_mul[col[2]][4];
845 state[0][1] ^= gf_mul[col[3]][2];
846 state[1][1] = gf_mul[col[0]][2];
847 state[1][1] ^= gf_mul[col[1]][5];
848 state[1][1] ^= gf_mul[col[2]][3];
849 state[1][1] ^= gf_mul[col[3]][4];
850 state[2][1] = gf_mul[col[0]][4];
851 state[2][1] ^= gf_mul[col[1]][2];
852 state[2][1] ^= gf_mul[col[2]][5];
853 state[2][1] ^= gf_mul[col[3]][3];
854 state[3][1] = gf_mul[col[0]][3];
855 state[3][1] ^= gf_mul[col[1]][4];
856 state[3][1] ^= gf_mul[col[2]][2];
857 state[3][1] ^= gf_mul[col[3]][5];
858 // Column 3
859 col[0] = state[0][2];
860 col[1] = state[1][2];
861 col[2] = state[2][2];
862 col[3] = state[3][2];
863 state[0][2] = gf_mul[col[0]][5];
864 state[0][2] ^= gf_mul[col[1]][3];
865 state[0][2] ^= gf_mul[col[2]][4];
866 state[0][2] ^= gf_mul[col[3]][2];
867 state[1][2] = gf_mul[col[0]][2];
868 state[1][2] ^= gf_mul[col[1]][5];
869 state[1][2] ^= gf_mul[col[2]][3];
870 state[1][2] ^= gf_mul[col[3]][4];
871 state[2][2] = gf_mul[col[0]][4];
872 state[2][2] ^= gf_mul[col[1]][2];
873 state[2][2] ^= gf_mul[col[2]][5];
874 state[2][2] ^= gf_mul[col[3]][3];
875 state[3][2] = gf_mul[col[0]][3];
876 state[3][2] ^= gf_mul[col[1]][4];
877 state[3][2] ^= gf_mul[col[2]][2];
878 state[3][2] ^= gf_mul[col[3]][5];
879 // Column 4
880 col[0] = state[0][3];
881 col[1] = state[1][3];
882 col[2] = state[2][3];
883 col[3] = state[3][3];
884 state[0][3] = gf_mul[col[0]][5];
885 state[0][3] ^= gf_mul[col[1]][3];
886 state[0][3] ^= gf_mul[col[2]][4];
887 state[0][3] ^= gf_mul[col[3]][2];
888 state[1][3] = gf_mul[col[0]][2];
889 state[1][3] ^= gf_mul[col[1]][5];
890 state[1][3] ^= gf_mul[col[2]][3];
891 state[1][3] ^= gf_mul[col[3]][4];
892 state[2][3] = gf_mul[col[0]][4];
893 state[2][3] ^= gf_mul[col[1]][2];
894 state[2][3] ^= gf_mul[col[2]][5];
895 state[2][3] ^= gf_mul[col[3]][3];
896 state[3][3] = gf_mul[col[0]][3];
897 state[3][3] ^= gf_mul[col[1]][4];
898 state[3][3] ^= gf_mul[col[2]][2];
899 state[3][3] ^= gf_mul[col[3]][5];
900}
901
902/////////////////
903// (En/De)Crypt
904/////////////////
905
906void aes_encrypt(const BYTE in[], BYTE out[], const WORD key[], int keysize)
907{
908 BYTE state[4][4];
909
910 // Copy input array (should be 16 bytes long) to a matrix (sequential bytes are ordered
911 // by row, not col) called "state" for processing.
912 // *** Implementation note: The official AES documentation references the state by
913 // column, then row. Accessing an element in C requires row then column. Thus, all state
914 // references in AES must have the column and row indexes reversed for C implementation.
915 state[0][0] = in[0];
916 state[1][0] = in[1];
917 state[2][0] = in[2];
918 state[3][0] = in[3];
919 state[0][1] = in[4];
920 state[1][1] = in[5];
921 state[2][1] = in[6];
922 state[3][1] = in[7];
923 state[0][2] = in[8];
924 state[1][2] = in[9];
925 state[2][2] = in[10];
926 state[3][2] = in[11];
927 state[0][3] = in[12];
928 state[1][3] = in[13];
929 state[2][3] = in[14];
930 state[3][3] = in[15];
931
932 // Perform the necessary number of rounds. The round key is added first.
933 // The last round does not perform the MixColumns step.
934 AddRoundKey(state,&key[0]);
935 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[4]);
936 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[8]);
937 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[12]);
938 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[16]);
939 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[20]);
940 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[24]);
941 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[28]);
942 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[32]);
943 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[36]);
944 if (keysize != 128) {
945 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[40]);
946 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[44]);
947 if (keysize != 192) {
948 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[48]);
949 SubBytes(state); ShiftRows(state); MixColumns(state); AddRoundKey(state,&key[52]);
950 SubBytes(state); ShiftRows(state); AddRoundKey(state,&key[56]);
951 }
952 else {
953 SubBytes(state); ShiftRows(state); AddRoundKey(state,&key[48]);
954 }
955 }
956 else {
957 SubBytes(state); ShiftRows(state); AddRoundKey(state,&key[40]);
958 }
959
960 // Copy the state to the output array.
961 out[0] = state[0][0];
962 out[1] = state[1][0];
963 out[2] = state[2][0];
964 out[3] = state[3][0];
965 out[4] = state[0][1];
966 out[5] = state[1][1];
967 out[6] = state[2][1];
968 out[7] = state[3][1];
969 out[8] = state[0][2];
970 out[9] = state[1][2];
971 out[10] = state[2][2];
972 out[11] = state[3][2];
973 out[12] = state[0][3];
974 out[13] = state[1][3];
975 out[14] = state[2][3];
976 out[15] = state[3][3];
977}
978
979void aes_decrypt(const BYTE in[], BYTE out[], const WORD key[], int keysize)
980{
981 BYTE state[4][4];
982
983 // Copy the input to the state.
984 state[0][0] = in[0];
985 state[1][0] = in[1];
986 state[2][0] = in[2];
987 state[3][0] = in[3];
988 state[0][1] = in[4];
989 state[1][1] = in[5];
990 state[2][1] = in[6];
991 state[3][1] = in[7];
992 state[0][2] = in[8];
993 state[1][2] = in[9];
994 state[2][2] = in[10];
995 state[3][2] = in[11];
996 state[0][3] = in[12];
997 state[1][3] = in[13];
998 state[2][3] = in[14];
999 state[3][3] = in[15];
1000
1001 // Perform the necessary number of rounds. The round key is added first.
1002 // The last round does not perform the MixColumns step.
1003 if (keysize > 128) {
1004 if (keysize > 192) {
1005 AddRoundKey(state,&key[56]);
1006 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[52]);InvMixColumns(state);
1007 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[48]);InvMixColumns(state);
1008 }
1009 else {
1010 AddRoundKey(state,&key[48]);
1011 }
1012 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[44]);InvMixColumns(state);
1013 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[40]);InvMixColumns(state);
1014 }
1015 else {
1016 AddRoundKey(state,&key[40]);
1017 }
1018 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[36]);InvMixColumns(state);
1019 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[32]);InvMixColumns(state);
1020 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[28]);InvMixColumns(state);
1021 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[24]);InvMixColumns(state);
1022 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[20]);InvMixColumns(state);
1023 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[16]);InvMixColumns(state);
1024 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[12]);InvMixColumns(state);
1025 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[8]);InvMixColumns(state);
1026 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[4]);InvMixColumns(state);
1027 InvShiftRows(state);InvSubBytes(state);AddRoundKey(state,&key[0]);
1028
1029 // Copy the state to the output array.
1030 out[0] = state[0][0];
1031 out[1] = state[1][0];
1032 out[2] = state[2][0];
1033 out[3] = state[3][0];
1034 out[4] = state[0][1];
1035 out[5] = state[1][1];
1036 out[6] = state[2][1];
1037 out[7] = state[3][1];
1038 out[8] = state[0][2];
1039 out[9] = state[1][2];
1040 out[10] = state[2][2];
1041 out[11] = state[3][2];
1042 out[12] = state[0][3];
1043 out[13] = state[1][3];
1044 out[14] = state[2][3];
1045 out[15] = state[3][3];
1046}
1047
1048/*******************
1049** AES DEBUGGING FUNCTIONS
1050*******************/
1051/*
1052// This prints the "state" grid as a linear hex string.
1053void print_state(BYTE state[][4])
1054{
1055 int idx,idx2;
1056
1057 for (idx=0; idx < 4; idx++)
1058 for (idx2=0; idx2 < 4; idx2++)
1059 printf("%02x",state[idx2][idx]);
1060 printf("\n");
1061}
1062
1063// This prints the key (4 consecutive ints) used for a given round as a linear hex string.
1064void print_rnd_key(WORD key[])
1065{
1066 int idx;
1067
1068 for (idx=0; idx < 4; idx++)
1069 printf("%08x",key[idx]);
1070 printf("\n");
1071}
1072*/
diff --git a/src/lib/extra/aes.h b/src/lib/extra/aes.h
new file mode 100644
index 0000000..25721c8
--- /dev/null
+++ b/src/lib/extra/aes.h
@@ -0,0 +1,123 @@
1/*********************************************************************
2* Filename: aes.h
3* Author: Brad Conte (brad AT bradconte.com)
4* Copyright:
5* Disclaimer: This code is presented "as is" without any guarantees.
6* Details: Defines the API for the corresponding AES implementation.
7*********************************************************************/
8
9#ifndef AES_H
10#define AES_H
11
12/*************************** HEADER FILES ***************************/
13#include <stddef.h>
14
15/****************************** MACROS ******************************/
16#define AES_BLOCK_SIZE 16 // AES operates on 16 bytes at a time
17
18/**************************** DATA TYPES ****************************/
19typedef unsigned char BYTE; // 8-bit byte
20typedef unsigned int WORD; // 32-bit word, change to "long" for 16-bit machines
21
22/*********************** FUNCTION DECLARATIONS **********************/
23///////////////////
24// AES
25///////////////////
26// Key setup must be done before any AES en/de-cryption functions can be used.
27void aes_key_setup(const BYTE key[], // The key, must be 128, 192, or 256 bits
28 WORD w[], // Output key schedule to be used later
29 int keysize); // Bit length of the key, 128, 192, or 256
30
31void aes_encrypt(const BYTE in[], // 16 bytes of plaintext
32 BYTE out[], // 16 bytes of ciphertext
33 const WORD key[], // From the key setup
34 int keysize); // Bit length of the key, 128, 192, or 256
35
36void aes_decrypt(const BYTE in[], // 16 bytes of ciphertext
37 BYTE out[], // 16 bytes of plaintext
38 const WORD key[], // From the key setup
39 int keysize); // Bit length of the key, 128, 192, or 256
40
41///////////////////
42// AES - CBC
43///////////////////
44int aes_encrypt_cbc(const BYTE in[], // Plaintext
45 size_t in_len, // Must be a multiple of AES_BLOCK_SIZE
46 BYTE out[], // Ciphertext, same length as plaintext
47 const WORD key[], // From the key setup
48 int keysize, // Bit length of the key, 128, 192, or 256
49 const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long
50
51// Only output the CBC-MAC of the input.
52int aes_encrypt_cbc_mac(const BYTE in[], // plaintext
53 size_t in_len, // Must be a multiple of AES_BLOCK_SIZE
54 BYTE out[], // Output MAC
55 const WORD key[], // From the key setup
56 int keysize, // Bit length of the key, 128, 192, or 256
57 const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long
58
59///////////////////
60// AES - CTR
61///////////////////
62void increment_iv(BYTE iv[], // Must be a multiple of AES_BLOCK_SIZE
63 int counter_size); // Bytes of the IV used for counting (low end)
64
65void aes_encrypt_ctr(const BYTE in[], // Plaintext
66 size_t in_len, // Any byte length
67 BYTE out[], // Ciphertext, same length as plaintext
68 const WORD key[], // From the key setup
69 int keysize, // Bit length of the key, 128, 192, or 256
70 const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long
71
72void aes_decrypt_ctr(const BYTE in[], // Ciphertext
73 size_t in_len, // Any byte length
74 BYTE out[], // Plaintext, same length as ciphertext
75 const WORD key[], // From the key setup
76 int keysize, // Bit length of the key, 128, 192, or 256
77 const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long
78
79///////////////////
80// AES - CCM
81///////////////////
82// Returns True if the input parameters do not violate any constraint.
83int aes_encrypt_ccm(const BYTE plaintext[], // IN - Plaintext.
84 WORD plaintext_len, // IN - Plaintext length.
85 const BYTE associated_data[], // IN - Associated Data included in authentication, but not encryption.
86 unsigned short associated_data_len, // IN - Associated Data length in bytes.
87 const BYTE nonce[], // IN - The Nonce to be used for encryption.
88 unsigned short nonce_len, // IN - Nonce length in bytes.
89 BYTE ciphertext[], // OUT - Ciphertext, a concatination of the plaintext and the MAC.
90 WORD *ciphertext_len, // OUT - The length of the ciphertext, always plaintext_len + mac_len.
91 WORD mac_len, // IN - The desired length of the MAC, must be 4, 6, 8, 10, 12, 14, or 16.
92 const BYTE key[], // IN - The AES key for encryption.
93 int keysize); // IN - The length of the key in bits. Valid values are 128, 192, 256.
94
95// Returns True if the input parameters do not violate any constraint.
96// Use mac_auth to ensure decryption/validation was preformed correctly.
97// If authentication does not succeed, the plaintext is zeroed out. To overwride
98// this, call with mac_auth = NULL. The proper proceedure is to decrypt with
99// authentication enabled (mac_auth != NULL) and make a second call to that
100// ignores authentication explicitly if the first call failes.
101int aes_decrypt_ccm(const BYTE ciphertext[], // IN - Ciphertext, the concatination of encrypted plaintext and MAC.
102 WORD ciphertext_len, // IN - Ciphertext length in bytes.
103 const BYTE assoc[], // IN - The Associated Data, required for authentication.
104 unsigned short assoc_len, // IN - Associated Data length in bytes.
105 const BYTE nonce[], // IN - The Nonce to use for decryption, same one as for encryption.
106 unsigned short nonce_len, // IN - Nonce length in bytes.
107 BYTE plaintext[], // OUT - The plaintext that was decrypted. Will need to be large enough to hold ciphertext_len - mac_len.
108 WORD *plaintext_len, // OUT - Length in bytes of the output plaintext, always ciphertext_len - mac_len .
109 WORD mac_len, // IN - The length of the MAC that was calculated.
110 int *mac_auth, // OUT - TRUE if authentication succeeded, FALSE if it did not. NULL pointer will ignore the authentication.
111 const BYTE key[], // IN - The AES key for decryption.
112 int keysize); // IN - The length of the key in BITS. Valid values are 128, 192, 256.
113
114///////////////////
115// Test functions
116///////////////////
117int aes_test();
118int aes_ecb_test();
119int aes_cbc_test();
120int aes_ctr_test();
121int aes_ccm_test();
122
123#endif // AES_H
diff --git a/src/lib/skypunch_main.c b/src/lib/skypunch_main.c
index ffbbcbb..48bd9db 100644
--- a/src/lib/skypunch_main.c
+++ b/src/lib/skypunch_main.c
@@ -6,6 +6,15 @@ static int _skypunch_init_count;
6static Eina_Inlist *skypunch_modules = NULL; 6static Eina_Inlist *skypunch_modules = NULL;
7 7
8Eina_Bool 8Eina_Bool
9skypunch_login(Skypunch *skypunch)
10{
11 EINA_SAFETY_ON_NULL_RETURN_VAL(skypunch, EINA_FALSE);
12 EINA_SAFETY_ON_NULL_RETURN_VAL(skypunch->backend.login, EINA_FALSE);
13
14 return skypunch->backend.login(skypunch);
15}
16
17Eina_Bool
9skypunch_module_check(Eina_Module *m, void *d __UNUSED__) 18skypunch_module_check(Eina_Module *m, void *d __UNUSED__)
10{ 19{
11 const char *filename; 20 const char *filename;
@@ -128,11 +137,14 @@ skypunch_init(void)
128 goto shutdown_ecore; 137 goto shutdown_ecore;
129 } 138 }
130 139
140 DBG("Loading modules in %s", SKYPUNCH_MODULE_PATH);
131 mods = eina_module_list_get(NULL, SKYPUNCH_MODULE_PATH, EINA_FALSE, 141 mods = eina_module_list_get(NULL, SKYPUNCH_MODULE_PATH, EINA_FALSE,
132 skypunch_module_check, NULL); 142 skypunch_module_check, NULL);
133 if (!mods) goto shutdown_ecorecon; 143 if (!mods) goto shutdown_ecorecon;
134 eina_array_free(mods); 144 eina_array_free(mods);
135 145
146 DBG("Skypunch started");
147
136 return _skypunch_init_count; 148 return _skypunch_init_count;
137 149
138shutdown_ecorecon: 150shutdown_ecorecon:
diff --git a/src/lib/skypunch_private.h b/src/lib/skypunch_private.h
index e595e6d..26b90fe 100644
--- a/src/lib/skypunch_private.h
+++ b/src/lib/skypunch_private.h
@@ -7,6 +7,7 @@
7extern int _skypunch_log_dom_global; 7extern int _skypunch_log_dom_global;
8 8
9typedef Skypunch_Type (*Skypunch_Module_Init)(Skypunch *); 9typedef Skypunch_Type (*Skypunch_Module_Init)(Skypunch *);
10typedef Eina_Bool (*Skypunch_Module_Login)(Skypunch *);
10 11
11typedef struct _Skypunch_Module 12typedef struct _Skypunch_Module
12{ 13{
@@ -26,6 +27,7 @@ struct _Skypunch
26 { 27 {
27 void *data; 28 void *data;
28 Skypunch_Module_Init init; 29 Skypunch_Module_Init init;
30 Skypunch_Module_Login login;
29 } backend; 31 } backend;
30}; 32};
31 33
diff --git a/src/modules/Makefile.mk b/src/modules/Makefile.mk
index dec7b2d..aff3124 100644
--- a/src/modules/Makefile.mk
+++ b/src/modules/Makefile.mk
@@ -7,10 +7,13 @@ moddir = $(libdir)/skypunch/$(MODULE_ARCH)
7mod_LTLIBRARIES = src/modules/mega.la 7mod_LTLIBRARIES = src/modules/mega.la
8 8
9src_modules_mega_la_SOURCES = \ 9src_modules_mega_la_SOURCES = \
10src/modules/mega/mega_main.c 10src/modules/mega/mega_main.c \
11src/modules/mega/mega_utils.c
11 12
12src_modules_mega_la_CFLAGS = @SKYPUNCH_CFLAGS@ 13src_modules_mega_la_CFLAGS = @SKYPUNCH_CFLAGS@
13src_modules_mega_la_LIBADD = \ 14src_modules_mega_la_LIBADD = \
14src/lib/libskypunch.la 15src/lib/libskypunch.la
15src_modules_mega_la_CPPFLAGS= $(MODULE_CPPFLAGS) 16src_modules_mega_la_CPPFLAGS= $(MODULE_CPPFLAGS)
16src_modules_mega_la_LDFLAGS = -no-undefined -module -avoid-version 17src_modules_mega_la_LDFLAGS = \
18@SKYPUNCH_LIBS@ \
19-no-undefined -module -avoid-version
diff --git a/src/modules/mega/mega.h b/src/modules/mega/mega.h
new file mode 100644
index 0000000..388c0c4
--- /dev/null
+++ b/src/modules/mega/mega.h
@@ -0,0 +1,4 @@
1#include <skypunch_private.h>
2
3const char * mega_utils_str_to_a32(const char *s, size_t *l);
4
diff --git a/src/modules/mega/mega_main.c b/src/modules/mega/mega_main.c
index cdb60e9..60431b2 100644
--- a/src/modules/mega/mega_main.c
+++ b/src/modules/mega/mega_main.c
@@ -1,4 +1,25 @@
1#include <skypunch_private.h> 1#include "mega.h"
2
3Eina_Bool
4mega_login(Skypunch *skypunch)
5{
6 size_t len;
7 char **auth;
8 unsigned int nb;
9
10 EINA_SAFETY_ON_NULL_RETURN_VAL(skypunch, EINA_FALSE);
11
12 DBG("skypunch[%p]");
13
14 auth = eina_str_split_full(skypunch->auth, ":", 2, &nb);
15
16 mega_utils_str_to_a32(auth[1], &len);
17
18 free(auth[0]);
19 free(auth);
20 return EINA_TRUE;
21}
22
2 23
3Skypunch_Type 24Skypunch_Type
4skypunch_module_init(Skypunch *skypunch) 25skypunch_module_init(Skypunch *skypunch)
@@ -6,8 +27,9 @@ skypunch_module_init(Skypunch *skypunch)
6 if (!skypunch) 27 if (!skypunch)
7 return SKYPUNCH_MEGA; 28 return SKYPUNCH_MEGA;
8 29
9 INFO("Skypunch type for %p set to mega.co.nz"); 30 INFO("skypunch[%p] Skypunch type set to mega.co.nz");
10 31
11 skypunch->type = SKYPUNCH_MEGA; 32 skypunch->type = SKYPUNCH_MEGA;
33 skypunch->backend.login = mega_login;
12 return SKYPUNCH_MEGA; 34 return SKYPUNCH_MEGA;
13} 35}
diff --git a/src/modules/mega/mega_utils.c b/src/modules/mega/mega_utils.c
new file mode 100644
index 0000000..57dba31
--- /dev/null
+++ b/src/modules/mega/mega_utils.c
@@ -0,0 +1,40 @@
1#include "mega.h"
2
3const char *
4mega_utils_str_to_a32(const char *s, size_t *l)
5{
6 size_t sl,
7 slf;
8 char *s2;
9
10 EINA_SAFETY_ON_NULL_RETURN_VAL(s, NULL);
11 EINA_SAFETY_ON_NULL_RETURN_VAL(l, NULL);
12
13 sl = strlen(s);
14 slf = 4 * ((sl+3)>>2);
15
16 s2 = calloc(1, slf);
17 strcpy(s2, s);
18 return s2;
19}
20
21const char *
22mega_utils_key_encode(const char *s, size_t *l)
23{
24 unsigned int i,
25 r = 65536;
26 size_t sl;
27 char *key;
28
29 EINA_SAFETY_ON_NULL_RETURN_VAL(s, NULL);
30 EINA_SAFETY_ON_NULL_RETURN_VAL(l, NULL);
31
32 sl = strlen(s);
33 key = calloc(1, 1024);
34
35 while (r)
36 {
37
38 r--;
39 }
40}