aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Howard <lukeh@padl.com>2010-05-12 16:40:59 +0000
committerLuke Howard <lukeh@padl.com>2010-05-12 16:40:59 +0000
commit2b6961acefa435cfe1ab3e104abf159a5fbd5696 (patch)
treec05d568fa476c4a1fbd26e7b40f079a5cf03b07f
parent10e2555f3e918ff3bca5382246774ebb6306262d (diff)
downloadkrb5-2b6961acefa435cfe1ab3e104abf159a5fbd5696.zip
krb5-2b6961acefa435cfe1ab3e104abf159a5fbd5696.tar.gz
krb5-2b6961acefa435cfe1ab3e104abf159a5fbd5696.tar.bz2
cleanup
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/camellia-ccm@24009 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat
-rw-r--r--src/lib/crypto/builtin/enc_provider/aes_ctr.c92
-rw-r--r--src/lib/crypto/builtin/enc_provider/camellia_ctr.c68
-rw-r--r--src/lib/crypto/openssl/enc_provider/aes_ctr.c113
-rw-r--r--src/lib/crypto/openssl/enc_provider/camellia_ctr.c115
4 files changed, 44 insertions, 344 deletions
diff --git a/src/lib/crypto/builtin/enc_provider/aes_ctr.c b/src/lib/crypto/builtin/enc_provider/aes_ctr.c
index 8718ee3..42a7007 100644
--- a/src/lib/crypto/builtin/enc_provider/aes_ctr.c
+++ b/src/lib/crypto/builtin/enc_provider/aes_ctr.c
@@ -42,7 +42,7 @@ xorblock(unsigned char *out, const unsigned char *in)
int z;
for (z = 0; z < BLOCK_SIZE/4; z++) {
unsigned char *outptr = &out[z*4];
- unsigned char *inptr = &in[z*4];
+ unsigned char *inptr = (unsigned char *)&in[z*4];
/*
* Use unaligned accesses. On x86, this will probably still be faster
* than multiple byte accesses for unaligned data, and for aligned data
@@ -137,79 +137,21 @@ krb5int_aes_encrypt_ctr(krb5_key key,
getctrblockno(&blockno, ctr);
for (;;) {
- unsigned char plain[BLOCK_SIZE];
+ unsigned char plain[BLOCK_SIZE], *block;
unsigned char ectr[BLOCK_SIZE];
if (blockno >= maxblocks(ctr[0] + 1))
return KRB5_CRYPTO_INTERNAL;
- if (!krb5int_c_iov_get_block((unsigned char *)plain, BLOCK_SIZE, data, num_data, &input_pos))
+ block = iov_next_block(plain, BLOCK_SIZE, data, num_data, &input_pos);
+ if (block == NULL)
break;
if (aes_enc_blk(ctr, ectr, &ctx) != aes_good)
abort();
- xorblock(plain, ectr);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)plain, BLOCK_SIZE, &output_pos);
-
- putctrblockno(++blockno, ctr);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, ctr, sizeof(ctr));
-
- return 0;
-}
-
-static krb5_error_code
-krb5int_aes_decrypt_ctr(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
-{
- aes_ctx ctx;
- unsigned char ctr[BLOCK_SIZE];
- krb5_ui_8 blockno;
- struct iov_block_state input_pos, output_pos;
-
- if (aes_enc_key(key->keyblock.contents,
- key->keyblock.length, &ctx) != aes_good)
- abort();
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /* Don't encrypt the header (B0), and use zero instead of IOV padding */
- input_pos.ignore_header = output_pos.ignore_header = 1;
- input_pos.pad_to_boundary = output_pos.pad_to_boundary = 1;
-
- if (ivec != NULL) {
- if (ivec->length != BLOCK_SIZE || (ivec->data[0] & ~(CCM_FLAG_MASK_Q)))
- return KRB5_BAD_MSIZE;
-
- memcpy(ctr, ivec->data, BLOCK_SIZE);
- } else {
- memset(ctr, 0, BLOCK_SIZE);
- ctr[0] = CCM_DEFAULT_COUNTER_LEN - 1;
- }
-
- getctrblockno(&blockno, ctr);
-
- for (;;) {
- unsigned char ectr[BLOCK_SIZE];
- unsigned char cipher[BLOCK_SIZE];
-
- if (blockno >= maxblocks(ctr[0] + 1))
- return KRB5_CRYPTO_INTERNAL;
-
- if (!krb5int_c_iov_get_block((unsigned char *)cipher, BLOCK_SIZE, data, num_data, &input_pos))
- break;
-
- if (aes_enc_blk(ctr, ectr, &ctx) != aes_good)
- abort();
-
- xorblock(cipher, ectr);
- krb5int_c_iov_put_block(data, num_data, (unsigned char *)cipher, BLOCK_SIZE, &output_pos);
+ xorblock(block, ectr);
+ iov_store_block(data, num_data, block, plain, BLOCK_SIZE, &output_pos);
putctrblockno(++blockno, ctr);
}
@@ -277,10 +219,6 @@ krb5int_aes_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage,
{
unsigned int n, q;
krb5_error_code code;
-#if 0
- krb5_enctype enctype;
- krb5_data nonce;
-#endif
code = krb5_c_crypto_length(NULL, key->enctype, KRB5_CRYPTO_TYPE_HEADER, &n);
if (code != 0)
@@ -296,20 +234,6 @@ krb5int_aes_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage,
q = 15 - n;
state->data[0] = q - 1;
-#if 0
- nonce.data = &state->data[1];
- nonce.length = n;
-
- code = krb5_c_random_make_octets(NULL, &nonce);
- if (code != 0) {
- free(state->data);
- state->data = NULL;
- return code;
- }
-
- memset(&state->data[1 + n], 0, q);
-#endif
-
return 0;
}
@@ -317,7 +241,7 @@ const struct krb5_enc_provider krb5int_enc_aes128_ctr = {
16,
16, 16,
krb5int_aes_encrypt_ctr,
- krb5int_aes_decrypt_ctr,
+ krb5int_aes_encrypt_ctr,
krb5int_aes_cbc_mac,
krb5int_aes_make_key,
krb5int_aes_init_state_ctr,
@@ -329,7 +253,7 @@ const struct krb5_enc_provider krb5int_enc_aes256_ctr = {
16,
32, 32,
krb5int_aes_encrypt_ctr,
- krb5int_aes_decrypt_ctr,
+ krb5int_aes_encrypt_ctr,
krb5int_aes_cbc_mac,
krb5int_aes_make_key,
krb5int_aes_init_state_ctr,
diff --git a/src/lib/crypto/builtin/enc_provider/camellia_ctr.c b/src/lib/crypto/builtin/enc_provider/camellia_ctr.c
index 9de61d0..695b923 100644
--- a/src/lib/crypto/builtin/enc_provider/camellia_ctr.c
+++ b/src/lib/crypto/builtin/enc_provider/camellia_ctr.c
@@ -135,79 +135,21 @@ krb5int_camellia_encrypt_ctr(krb5_key key,
getctrblockno(&blockno, ctr);
for (;;) {
- unsigned char plain[BLOCK_SIZE];
+ unsigned char plain[BLOCK_SIZE], *block;
unsigned char ectr[BLOCK_SIZE];
if (blockno >= maxblocks(ctr[0] + 1))
return KRB5_CRYPTO_INTERNAL;
- if (!krb5int_c_iov_get_block(plain, BLOCK_SIZE, data, num_data, &input_pos))
+ block = iov_next_block(plain, BLOCK_SIZE, data, num_data, &input_pos);
+ if (block == NULL)
break;
if (camellia_enc_blk(ctr, ectr, &ctx) != camellia_good)
abort();
- xorblock(plain, ectr);
- krb5int_c_iov_put_block(data, num_data, plain, BLOCK_SIZE, &output_pos);
-
- putctrblockno(++blockno, ctr);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, ctr, sizeof(ctr));
-
- return 0;
-}
-
-static krb5_error_code
-krb5int_camellia_decrypt_ctr(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
-{
- camellia_ctx ctx;
- unsigned char ctr[BLOCK_SIZE];
- krb5_ui_8 blockno;
- struct iov_block_state input_pos, output_pos;
-
- if (camellia_enc_key(key->keyblock.contents,
- key->keyblock.length, &ctx) != camellia_good)
- abort();
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /* Don't encrypt the header (B0), and use zero instead of IOV padding */
- input_pos.ignore_header = output_pos.ignore_header = 1;
- input_pos.pad_to_boundary = output_pos.pad_to_boundary = 1;
-
- if (ivec != NULL) {
- if (ivec->length != BLOCK_SIZE || (ivec->data[0] & ~(CCM_FLAG_MASK_Q)))
- return KRB5_BAD_MSIZE;
-
- memcpy(ctr, ivec->data, BLOCK_SIZE);
- } else {
- memset(ctr, 0, BLOCK_SIZE);
- ctr[0] = CCM_DEFAULT_COUNTER_LEN - 1;
- }
-
- getctrblockno(&blockno, ctr);
-
- for (;;) {
- unsigned char ectr[BLOCK_SIZE];
- unsigned char cipher[BLOCK_SIZE];
-
- if (blockno >= maxblocks(ctr[0] + 1))
- return KRB5_CRYPTO_INTERNAL;
-
- if (!krb5int_c_iov_get_block(cipher, BLOCK_SIZE, data, num_data, &input_pos))
- break;
-
- if (camellia_enc_blk(ctr, ectr, &ctx) != camellia_good)
- abort();
-
- xorblock(cipher, ectr);
- krb5int_c_iov_put_block(data, num_data, cipher, BLOCK_SIZE, &output_pos);
+ xorblock(block, ectr);
+ iov_store_block(data, num_data, block, plain, BLOCK_SIZE, &output_pos);
putctrblockno(++blockno, ctr);
}
diff --git a/src/lib/crypto/openssl/enc_provider/aes_ctr.c b/src/lib/crypto/openssl/enc_provider/aes_ctr.c
index ace20b3..36cd01e 100644
--- a/src/lib/crypto/openssl/enc_provider/aes_ctr.c
+++ b/src/lib/crypto/openssl/enc_provider/aes_ctr.c
@@ -66,20 +66,6 @@ xorblock(unsigned char *out, const unsigned char *in)
}
}
-static const EVP_CIPHER *
-map_mode(krb5_key key)
-{
- switch (krb5_k_key_enctype(NULL, key)) {
- case ENCTYPE_AES128_CCM_128:
- return EVP_aes_128_cbc();
- case ENCTYPE_AES256_CCM_128:
- return EVP_aes_256_cbc();
- default:
- break;
- }
- return NULL;
-}
-
/* Maximum number of invocations with a given nonce and key */
#define maxblocks(q) (1UL << (8 * (q)))
@@ -118,80 +104,22 @@ krb5int_aes_encrypt_ctr(krb5_key key,
}
for (blockno = 0; ; blockno++) {
- unsigned char plain[AES_BLOCK_SIZE];
- unsigned char cipher[AES_BLOCK_SIZE];
- unsigned char ectr[AES_BLOCK_SIZE];
- unsigned int num = 0;
-
- if (blockno >= maxblocks(ctr[0] + 1))
- return KRB5_CRYPTO_INTERNAL;
-
- if (!krb5int_c_iov_get_block(plain, AES_BLOCK_SIZE, data, num_data, &input_pos))
- break;
-
- memset(ectr, 0, sizeof(ectr));
- AES_ctr128_encrypt(plain, cipher, AES_BLOCK_SIZE, &enck,
- ctr, ectr, &num);
- assert(num == 0);
-
- krb5int_c_iov_put_block(data, num_data, cipher, AES_BLOCK_SIZE, &output_pos);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, ctr, sizeof(ctr));
-
- return 0;
-}
-
-static krb5_error_code
-krb5int_aes_decrypt_ctr(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
-{
- AES_KEY enck;
- unsigned char ctr[AES_BLOCK_SIZE];
- krb5_ui_8 blockno;
- struct iov_block_state input_pos, output_pos;
-
- AES_set_encrypt_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &enck);
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /* Don't encrypt the header (B0), and use zero instead of IOV padding */
- input_pos.ignore_header = output_pos.ignore_header = 1;
- input_pos.pad_to_boundary = output_pos.pad_to_boundary = 1;
-
- if (ivec != NULL) {
- if (ivec->length != AES_BLOCK_SIZE || (ivec->data[0] & ~(CCM_FLAG_MASK_Q)))
- return KRB5_BAD_MSIZE;
-
- memcpy(ctr, ivec->data, AES_BLOCK_SIZE);
- } else {
- memset(ctr, 0, AES_BLOCK_SIZE);
- ctr[0] = CCM_DEFAULT_COUNTER_LEN - 1;
- }
-
- for (blockno = 0; ; blockno++) {
- unsigned char cipher[AES_BLOCK_SIZE];
- unsigned char plain[AES_BLOCK_SIZE];
+ unsigned char storage[AES_BLOCK_SIZE], *block;
unsigned char ectr[AES_BLOCK_SIZE];
unsigned int num = 0;
if (blockno >= maxblocks(ctr[0] + 1))
return KRB5_CRYPTO_INTERNAL;
- if (!krb5int_c_iov_get_block(cipher, AES_BLOCK_SIZE, data, num_data, &input_pos))
+ block = iov_next_block(storage, AES_BLOCK_SIZE, data, num_data, &input_pos);
+ if (block == NULL)
break;
- memset(ectr, 0, sizeof(ectr));
- AES_ctr128_encrypt(cipher, plain, AES_BLOCK_SIZE, &enck,
- ctr, ectr, &num);
+ /* We should not need to initialise ectr because we're on a block boundary. */
+ AES_ctr128_encrypt(block, block, AES_BLOCK_SIZE, &enck, ctr, ectr, &num);
assert(num == 0);
- krb5int_c_iov_put_block(data, num_data, plain, AES_BLOCK_SIZE, &output_pos);
+ iov_store_block(data, num_data, block, storage, AES_BLOCK_SIZE, &output_pos);
}
if (ivec != NULL)
@@ -207,27 +135,22 @@ krb5int_aes_cbc_mac(krb5_key key,
const krb5_data *iv,
krb5_data *output)
{
+ AES_KEY enck;
unsigned char blockY[AES_BLOCK_SIZE];
struct iov_block_state iov_state;
- krb5_error_code ret;
- EVP_CIPHER_CTX ciph_ctx;
if (output->length < AES_BLOCK_SIZE)
return KRB5_BAD_MSIZE;
+ AES_set_encrypt_key(key->keyblock.contents,
+ NUM_BITS * key->keyblock.length, &enck);
+
if (iv != NULL)
memcpy(blockY, iv->data, AES_BLOCK_SIZE);
else
memset(blockY, 0, AES_BLOCK_SIZE);
- EVP_CIPHER_CTX_init(&ciph_ctx);
- if (EVP_EncryptInit_ex(&ciph_ctx, map_mode(key),
- NULL, key->keyblock.contents, NULL) == 0) {
- return KRB5_CRYPTO_INTERNAL;
- }
-
IOV_BLOCK_STATE_INIT(&iov_state);
- EVP_CIPHER_CTX_set_padding(&ciph_ctx, 0);
/*
* The CCM header may not fit in a block, because it includes a variable
@@ -237,27 +160,21 @@ krb5int_aes_cbc_mac(krb5_key key,
iov_state.include_sign_only = 1;
iov_state.pad_to_boundary = 1;
- for (ret = 0; ;) {
+ for (;;) {
unsigned char blockB[AES_BLOCK_SIZE];
- int olen = AES_BLOCK_SIZE;
if (!krb5int_c_iov_get_block(blockB, AES_BLOCK_SIZE, data, num_data, &iov_state))
break;
xorblock(blockB, blockY);
- if (EVP_EncryptUpdate(&ciph_ctx, blockY, &olen, blockB, AES_BLOCK_SIZE) == 0) {
- ret = KRB5_CRYPTO_INTERNAL;
- break;
- }
+ AES_ecb_encrypt(blockB, blockY, &enck, 1);
}
output->length = AES_BLOCK_SIZE;
memcpy(output->data, blockY, AES_BLOCK_SIZE);
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
- return ret;
+ return 0;
}
static krb5_error_code
@@ -288,7 +205,7 @@ const struct krb5_enc_provider krb5int_enc_aes128_ctr = {
16,
16, 16,
krb5int_aes_encrypt_ctr,
- krb5int_aes_decrypt_ctr,
+ krb5int_aes_encrypt_ctr,
krb5int_aes_cbc_mac,
krb5int_aes_make_key,
krb5int_aes_init_state_ctr,
@@ -300,7 +217,7 @@ const struct krb5_enc_provider krb5int_enc_aes256_ctr = {
16,
32, 32,
krb5int_aes_encrypt_ctr,
- krb5int_aes_decrypt_ctr,
+ krb5int_aes_encrypt_ctr,
krb5int_aes_cbc_mac,
krb5int_aes_make_key,
krb5int_aes_init_state_ctr,
diff --git a/src/lib/crypto/openssl/enc_provider/camellia_ctr.c b/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
index 7d81ceb..0ea7684 100644
--- a/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
+++ b/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
@@ -65,20 +65,6 @@ xorblock(unsigned char *out, const unsigned char *in)
}
}
-static const EVP_CIPHER *
-map_mode(krb5_key key)
-{
- switch (krb5_k_key_enctype(NULL, key)) {
- case ENCTYPE_CAMELLIA128_CCM_128:
- return EVP_camellia_128_cbc();
- case ENCTYPE_CAMELLIA256_CCM_128:
- return EVP_camellia_256_cbc();
- default:
- break;
- }
- return NULL;
-}
-
/* Maximum number of invocations with a given nonce and key */
#define maxblocks(q) (1UL << (8 * (q)))
@@ -117,80 +103,22 @@ krb5int_camellia_encrypt_ctr(krb5_key key,
}
for (blockno = 0; ; blockno++) {
- unsigned char plain[CAMELLIA_BLOCK_SIZE];
- unsigned char cipher[CAMELLIA_BLOCK_SIZE];
- unsigned char ectr[CAMELLIA_BLOCK_SIZE];
- unsigned int num = 0;
-
- if (blockno >= maxblocks(ctr[0] + 1))
- return KRB5_CRYPTO_INTERNAL;
-
- if (!krb5int_c_iov_get_block(plain, CAMELLIA_BLOCK_SIZE, data, num_data, &input_pos))
- break;
-
- memset(ectr, 0, sizeof(ectr));
- Camellia_ctr128_encrypt(plain, cipher, CAMELLIA_BLOCK_SIZE, &enck,
- ctr, ectr, &num);
- assert(num == 0);
-
- krb5int_c_iov_put_block(data, num_data, cipher, CAMELLIA_BLOCK_SIZE, &output_pos);
- }
-
- if (ivec != NULL)
- memcpy(ivec->data, ctr, sizeof(ctr));
-
- return 0;
-}
-
-static krb5_error_code
-krb5int_camellia_decrypt_ctr(krb5_key key,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data)
-{
- CAMELLIA_KEY enck;
- unsigned char ctr[CAMELLIA_BLOCK_SIZE];
- krb5_ui_8 blockno;
- struct iov_block_state input_pos, output_pos;
-
- Camellia_set_key(key->keyblock.contents,
- NUM_BITS * key->keyblock.length, &enck);
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /* Don't encrypt the header (B0), and use zero instead of IOV padding */
- input_pos.ignore_header = output_pos.ignore_header = 1;
- input_pos.pad_to_boundary = output_pos.pad_to_boundary = 1;
-
- if (ivec != NULL) {
- if (ivec->length != CAMELLIA_BLOCK_SIZE || (ivec->data[0] & ~(CCM_FLAG_MASK_Q)))
- return KRB5_BAD_MSIZE;
-
- memcpy(ctr, ivec->data, CAMELLIA_BLOCK_SIZE);
- } else {
- memset(ctr, 0, CAMELLIA_BLOCK_SIZE);
- ctr[0] = CCM_DEFAULT_COUNTER_LEN - 1;
- }
-
- for (blockno = 0; ; blockno++) {
- unsigned char cipher[CAMELLIA_BLOCK_SIZE];
- unsigned char plain[CAMELLIA_BLOCK_SIZE];
+ unsigned char storage[CAMELLIA_BLOCK_SIZE], *block;
unsigned char ectr[CAMELLIA_BLOCK_SIZE];
unsigned int num = 0;
if (blockno >= maxblocks(ctr[0] + 1))
return KRB5_CRYPTO_INTERNAL;
- if (!krb5int_c_iov_get_block(cipher, CAMELLIA_BLOCK_SIZE, data, num_data, &input_pos))
+ block = iov_next_block(storage, CAMELLIA_BLOCK_SIZE, data, num_data, &input_pos);
+ if (block == NULL)
break;
- memset(ectr, 0, sizeof(ectr));
- Camellia_ctr128_encrypt(cipher, plain, CAMELLIA_BLOCK_SIZE, &enck,
- ctr, ectr, &num);
+ /* We should not need to initialise ectr because we're on a block boundary. */
+ Camellia_ctr128_encrypt(block, block, CAMELLIA_BLOCK_SIZE, &enck, ctr, ectr, &num);
assert(num == 0);
- krb5int_c_iov_put_block(data, num_data, plain, CAMELLIA_BLOCK_SIZE, &output_pos);
+ iov_store_block(data, num_data, block, storage, CAMELLIA_BLOCK_SIZE, &output_pos);
}
if (ivec != NULL)
@@ -206,27 +134,22 @@ krb5int_camellia_cbc_mac(krb5_key key,
const krb5_data *iv,
krb5_data *output)
{
+ CAMELLIA_KEY enck;
unsigned char blockY[CAMELLIA_BLOCK_SIZE];
struct iov_block_state iov_state;
- krb5_error_code ret;
- EVP_CIPHER_CTX ciph_ctx;
if (output->length < CAMELLIA_BLOCK_SIZE)
return KRB5_BAD_MSIZE;
+ Camellia_set_key(key->keyblock.contents,
+ NUM_BITS * key->keyblock.length, &enck);
+
if (iv != NULL)
memcpy(blockY, iv->data, CAMELLIA_BLOCK_SIZE);
else
memset(blockY, 0, CAMELLIA_BLOCK_SIZE);
- EVP_CIPHER_CTX_init(&ciph_ctx);
- if (EVP_EncryptInit_ex(&ciph_ctx, map_mode(key),
- NULL, key->keyblock.contents, NULL) == 0) {
- return KRB5_CRYPTO_INTERNAL;
- }
-
IOV_BLOCK_STATE_INIT(&iov_state);
- EVP_CIPHER_CTX_set_padding(&ciph_ctx, 0);
/*
* The CCM header may not fit in a block, because it includes a variable
@@ -236,27 +159,21 @@ krb5int_camellia_cbc_mac(krb5_key key,
iov_state.include_sign_only = 1;
iov_state.pad_to_boundary = 1;
- for (ret = 0; ;) {
+ for (;;) {
unsigned char blockB[CAMELLIA_BLOCK_SIZE];
- int olen = CAMELLIA_BLOCK_SIZE;
if (!krb5int_c_iov_get_block(blockB, CAMELLIA_BLOCK_SIZE, data, num_data, &iov_state))
break;
xorblock(blockB, blockY);
- if (EVP_EncryptUpdate(&ciph_ctx, blockY, &olen, blockB, CAMELLIA_BLOCK_SIZE) == 0) {
- ret = KRB5_CRYPTO_INTERNAL;
- break;
- }
+ Camellia_ecb_encrypt(blockB, blockY, &enck, 1);
}
output->length = CAMELLIA_BLOCK_SIZE;
memcpy(output->data, blockY, CAMELLIA_BLOCK_SIZE);
- EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
- return ret;
+ return 0;
}
static krb5_error_code
@@ -287,7 +204,7 @@ const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
16,
16, 16,
krb5int_camellia_encrypt_ctr,
- krb5int_camellia_decrypt_ctr,
+ krb5int_camellia_encrypt_ctr,
krb5int_camellia_cbc_mac,
krb5int_camellia_make_key,
krb5int_camellia_init_state_ctr,
@@ -299,7 +216,7 @@ const struct krb5_enc_provider krb5int_enc_camellia256_ctr = {
16,
32, 32,
krb5int_camellia_encrypt_ctr,
- krb5int_camellia_decrypt_ctr,
+ krb5int_camellia_encrypt_ctr,
krb5int_camellia_cbc_mac,
krb5int_camellia_make_key,
krb5int_camellia_init_state_ctr,
@@ -307,4 +224,4 @@ const struct krb5_enc_provider krb5int_enc_camellia256_ctr = {
NULL
};
-#endif
+#endif /* !OPENSSL_NO_CAMELLIA */
generated by cgit v1.1 at 2024-09-07 15:58:42 +0000