Index: srtp/crypto/cipher/aes_icm.c |
=================================================================== |
--- srtp/crypto/cipher/aes_icm.c (revision 294174) |
+++ srtp/crypto/cipher/aes_icm.c (working copy) |
@@ -9,7 +9,7 @@ |
/* |
* |
- * Copyright (c) 2001-2006, Cisco Systems, Inc. |
+ * Copyright (c) 2001-2006,2013 Cisco Systems, Inc. |
* All rights reserved. |
* |
* Redistribution and use in source and binary forms, with or without |
@@ -43,6 +43,9 @@ |
* |
*/ |
+#ifdef HAVE_CONFIG_H |
+ #include <config.h> |
+#endif |
#define ALIGN_32 0 |
@@ -118,6 +121,17 @@ |
/* set pointers */ |
*c = (cipher_t *)pointer; |
+ switch (key_len) { |
+ case 46: |
+ (*c)->algorithm = AES_256_ICM; |
+ break; |
+ case 38: |
+ (*c)->algorithm = AES_192_ICM; |
+ break; |
+ default: |
+ (*c)->algorithm = AES_128_ICM; |
+ break; |
+ } |
(*c)->type = &aes_icm; |
(*c)->state = pointer + sizeof(cipher_t); |
@@ -174,17 +188,18 @@ |
else |
return err_status_bad_param; |
- /* |
+ /* |
* set counter and initial values to 'offset' value, being careful not to |
- * go past the end of the key buffer. |
+ * go past the end of the key buffer |
*/ |
v128_set_to_zero(&c->counter); |
v128_set_to_zero(&c->offset); |
- /* force last two octets of the offset to be left zero |
- * (for srtp compatibility) */ |
copy_len = key_len - base_key_len; |
- |
+ /* force last two octets of the offset to be left zero (for srtp compatibility) */ |
+ if (copy_len > 14) |
+ copy_len = 14; |
+ |
memcpy(&c->counter, key + base_key_len, copy_len); |
memcpy(&c->offset, key + base_key_len, copy_len); |
@@ -271,13 +286,16 @@ |
*/ |
err_status_t |
-aes_icm_set_iv(aes_icm_ctx_t *c, void *iv) { |
- v128_t *nonce = (v128_t *) iv; |
+aes_icm_set_iv(aes_icm_ctx_t *c, void *iv, int direction) { |
+ v128_t nonce; |
+ /* set nonce (for alignment) */ |
+ v128_copy_octet_string(&nonce, iv); |
+ |
debug_print(mod_aes_icm, |
- "setting iv: %s", v128_hex_string(nonce)); |
+ "setting iv: %s", v128_hex_string(&nonce)); |
- v128_xor(&c->counter, &c->offset, nonce); |
+ v128_xor(&c->counter, &c->offset, &nonce); |
debug_print(mod_aes_icm, |
"set_counter: %s", v128_hex_string(&c->counter)); |
@@ -297,7 +315,7 @@ |
* this is an internal, hopefully inlined function |
*/ |
-static INLINE void |
+static inline void |
aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) { |
/* fill buffer with new keystream */ |
v128_copy(&c->keystream_buffer, &c->counter); |
@@ -315,7 +333,8 @@ |
uint32_t temp; |
//alex's clock counter forward |
temp = ntohl(c->counter.v32[3]); |
- c->counter.v32[3] = htonl(++temp); |
+ ++temp; |
+ c->counter.v32[3] = htonl(temp); |
} else { |
if (!++(c->counter.v8[15])) |
++(c->counter.v8[14]); |
@@ -322,11 +341,6 @@ |
} |
} |
-static INLINE void aes_icm_advance(aes_icm_ctx_t *c) { |
- aes_icm_advance_ismacryp(c, 0); |
-} |
- |
- |
/*e |
* icm_encrypt deals with the following cases: |
* |
@@ -454,7 +468,7 @@ |
} |
err_status_t |
-aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output) { |
+aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, unsigned int num_octets_to_output) { |
unsigned int len = num_octets_to_output; |
/* zeroize the buffer */ |
@@ -464,6 +478,10 @@ |
return aes_icm_encrypt(c, buffer, &len); |
} |
+uint16_t |
+aes_icm_bytes_encrypted(aes_icm_ctx_t *c) { |
+ return htons(c->counter.v16[7]); |
+} |
char |
aes_icm_description[] = "aes integer counter mode"; |
@@ -502,6 +520,9 @@ |
aes_icm_test_case_0_plaintext, /* plaintext */ |
32, /* octets in ciphertext */ |
aes_icm_test_case_0_ciphertext, /* ciphertext */ |
+ 0, |
+ NULL, |
+ 0, |
NULL /* pointer to next testcase */ |
}; |
@@ -541,6 +562,9 @@ |
aes_icm_test_case_1_plaintext, /* plaintext */ |
32, /* octets in ciphertext */ |
aes_icm_test_case_1_ciphertext, /* ciphertext */ |
+ 0, |
+ NULL, |
+ 0, |
&aes_icm_test_case_0 /* pointer to next testcase */ |
}; |
@@ -554,9 +578,11 @@ |
(cipher_alloc_func_t) aes_icm_alloc, |
(cipher_dealloc_func_t) aes_icm_dealloc, |
(cipher_init_func_t) aes_icm_context_init, |
+ (cipher_set_aad_func_t) 0, |
(cipher_encrypt_func_t) aes_icm_encrypt, |
(cipher_decrypt_func_t) aes_icm_encrypt, |
(cipher_set_iv_func_t) aes_icm_set_iv, |
+ (cipher_get_tag_func_t) 0, |
(char *) aes_icm_description, |
(int) 0, /* instance count */ |
(cipher_test_case_t *) &aes_icm_test_case_1, |