-
Notifications
You must be signed in to change notification settings - Fork 6
/
aes_ctr.pas
350 lines (288 loc) · 11.4 KB
/
aes_ctr.pas
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
unit AES_CTR;
(*************************************************************************
DESCRIPTION : AES CTR mode functions
Because of buffering en/decrypting is associative
User can supply a custom increment function
REQUIREMENTS : TP5-7, D1-D7/D9-D10/D12, FPC, VP
EXTERNAL DATA : ---
MEMORY USAGE : ---
DISPLAY MODE : ---
REFERENCES : [3] http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
[1] http://csrc.nist.gov/fips/fips-197.pdf
REMARKS : - If a predefined or user-supplied INCProc is used, it must
be set before using AES_CTR_Seek.
- AES_CTR_Seek may be time-consuming for user-defined
INCProcs, because this function is called many times.
See AES_CTR_Seek how to provide user-supplied short-cuts.
WARNING : - CTR mode demands that the same key / initial CTR pair is
never reused for encryption. This requirement is especially
important for the CTR_Seek function. If different data is
written to the same position there will be leakage of
information about the plaintexts. Therefore CTR_Seek should
normally be used for random reads only.
- Default IncProc changed to IncMSBFull in V0.30, for old
defaults call AES_SetIncProc(AES_IncMSBPart,.) after AES_CTR_Init
or (less flexible) set DefaultIncMSBPart := true
Version Date Author Modification
------- -------- ------- ------------------------------------------
0.10 16.08.03 we initial version
0.20 15.09.03 we use IncProc, with IncLSB, IncMSB
0.21 20.09.03 we fixed obscure FPC @ bug
0.22 21.09.03 we functions, error codes
0.23 27.09.03 we FPC/go32v2
0.24 03.10.03 we 3-para encr/decr
0.25 05.10.03 we STD.INC, TP5-6
0.26 05.10.03 we SetIncProc, Init without IncP
0.27 05.10.03 we Bugfix for FPC: @ and IncProc
0.28 01.01.04 we Handle full blocks first
0.30 11.06.04 we 4 IncProcs, default IncMSBFull
0.31 12.06.04 we uses BLKSIZE constant
0.32 12.06.04 we check for nil pointers
0.33 02.07.04 we {$ifdef DLL} stdcall; {$endif}
0.34 30.11.04 we AES_XorBlock, AESBLKSIZE
0.35 01.12.04 we AES_ prefix for increment routines
0.36 09.07.06 we Checked: D9-D10
0.37 23.06.07 we Use conditional define FPC_ProcVar
0.38 21.06.08 we Make IncProcs work with FPC -dDebug
0.39 16.11.08 we Use Ptr2Inc, pByte from BTypes
0.40 19.06.10 we Initial version of AES_CTR_Seek
0.41 20.06.10 we AES_CTR_Seek: calculate IV if IncProc is known
0.42 20.06.10 we AES_CTR_Seek64
0.43 21.06.10 we AES_CTR_Seek: Fix loop for user-defined IncProcs
0.44 27.07.10 we Longint ILen in AES_CTR_En/Decrypt
0.45 31.07.10 we AES_CTR_Seek source moved to aes_seek.inc
**************************************************************************)
(*-------------------------------------------------------------------------
(C) Copyright 2002-2010 Wolfgang Ehrhardt
This software is provided 'as-is', without any express or implied warranty.
In no event will the authors be held liable for any damages arising from
the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software in
a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
----------------------------------------------------------------------------*)
{$i STD.INC}
interface
uses
BTypes, AES_Type, AES_Base, AES_Encr;
const
DefaultIncMSBPart: boolean = false; {if true use AES_IncMSBPart as default}
{$ifdef CONST}
function AES_CTR_Init(const Key; KeyBits: word; const CTR: TAESBlock; var ctx: TAESContext): integer;
{-AES key expansion, error if inv. key size, encrypt CTR}
{$ifdef DLL} stdcall; {$endif}
{$else}
function AES_CTR_Init(var Key; KeyBits: word; var CTR: TAESBlock; var ctx: TAESContext): integer;
{-AES key expansion, error if inv. key size, encrypt CTR}
{$endif}
{$ifndef DLL}
function AES_CTR_Seek({$ifdef CONST}const{$else}var{$endif} iCTR: TAESBlock;
SOL, SOH: longint; var ctx: TAESContext): integer;
{-Setup ctx for random access crypto stream starting at 64 bit offset SOH*2^32+SOL,}
{ SOH >= 0. iCTR is the initial CTR for offset 0, i.e. the same as in AES_CTR_Init.}
{$ifdef HAS_INT64}
function AES_CTR_Seek64(const iCTR: TAESBlock; SO: int64; var ctx: TAESContext): integer;
{-Setup ctx for random access crypto stream starting at 64 bit offset SO >= 0;}
{ iCTR is the initial CTR value for offset 0, i.e. the same as in AES_CTR_Init.}
{$endif}
{$endif}
function AES_CTR_Encrypt(ptp, ctp: Pointer; ILen: longint; var ctx: TAESContext): integer;
{-Encrypt ILen bytes from ptp^ to ctp^ in CTR mode}
{$ifdef DLL} stdcall; {$endif}
function AES_CTR_Decrypt(ctp, ptp: Pointer; ILen: longint; var ctx: TAESContext): integer;
{-Decrypt ILen bytes from ctp^ to ptp^ in CTR mode}
{$ifdef DLL} stdcall; {$endif}
function AES_SetIncProc(IncP: TIncProc; var ctx: TAESContext): integer;
{-Set user supplied IncCTR proc}
{$ifdef DLL} stdcall; {$endif}
procedure AES_IncMSBFull(var CTR: TAESBlock);
{-Increment CTR[15]..CTR[0]}
{$ifdef DLL} stdcall; {$endif}
procedure AES_IncLSBFull(var CTR: TAESBlock);
{-Increment CTR[0]..CTR[15]}
{$ifdef DLL} stdcall; {$endif}
procedure AES_IncMSBPart(var CTR: TAESBlock);
{-Increment CTR[15]..CTR[8]}
{$ifdef DLL} stdcall; {$endif}
procedure AES_IncLSBPart(var CTR: TAESBlock);
{-Increment CTR[0]..CTR[7]}
{$ifdef DLL} stdcall; {$endif}
implementation
{---------------------------------------------------------------------------}
procedure AES_IncMSBPart(var CTR: TAESBlock);
{-Increment CTR[15]..CTR[8]}
var
j: integer;
begin
for j:=15 downto 8 do begin
if CTR[j]=$FF then CTR[j] := 0
else begin
inc(CTR[j]);
exit;
end;
end;
end;
{---------------------------------------------------------------------------}
procedure AES_IncLSBPart(var CTR: TAESBlock);
{-Increment CTR[0]..CTR[7]}
var
j: integer;
begin
for j:=0 to 7 do begin
if CTR[j]=$FF then CTR[j] := 0
else begin
inc(CTR[j]);
exit;
end;
end;
end;
{---------------------------------------------------------------------------}
procedure AES_IncMSBFull(var CTR: TAESBlock);
{-Increment CTR[15]..CTR[0]}
var
j: integer;
begin
for j:=15 downto 0 do begin
if CTR[j]=$FF then CTR[j] := 0
else begin
inc(CTR[j]);
exit;
end;
end;
end;
{---------------------------------------------------------------------------}
procedure AES_IncLSBFull(var CTR: TAESBlock);
{-Increment CTR[0]..CTR[15]}
var
j: integer;
begin
for j:=0 to 15 do begin
if CTR[j]=$FF then CTR[j] := 0
else begin
inc(CTR[j]);
exit;
end;
end;
end;
{---------------------------------------------------------------------------}
function AES_SetIncProc(IncP: TIncProc; var ctx: TAESContext): integer;
{-Set user supplied IncCTR proc}
begin
AES_SetIncProc := AES_Err_MultipleIncProcs;
with ctx do begin
{$ifdef FPC_ProcVar}
if IncProc=nil then begin
IncProc := IncP;
AES_SetIncProc := 0;
end;
{$else}
if @IncProc=nil then begin
IncProc := IncP;
AES_SetIncProc := 0;
end;
{$endif}
end;
end;
{---------------------------------------------------------------------------}
{$ifdef CONST}
function AES_CTR_Init(const Key; KeyBits: word; const CTR: TAESBlock; var ctx: TAESContext): integer;
{$else}
function AES_CTR_Init(var Key; KeyBits: word; var CTR: TAESBlock; var ctx: TAESContext): integer;
{$endif}
{-AES key expansion, error if inv. key size, encrypt CTR}
var
err: integer;
begin
{AES key expansion, error if inv. key size}
err := AES_Init_Encr(Key, KeyBits, ctx);
if (err=0) and DefaultIncMSBPart then begin
{$ifdef FPC_ProcVar}
err := AES_SetIncProc(@AES_IncMSBPart, ctx);
{$else}
err := AES_SetIncProc(AES_IncMSBPart, ctx);
{$endif}
end;
if err=0 then begin
ctx.IV := CTR;
{encrypt CTR}
AES_Encrypt(ctx, CTR, ctx.buf);
end;
AES_CTR_Init := err;
end;
{---------------------------------------------------------------------------}
function AES_CTR_Encrypt(ptp, ctp: Pointer; ILen: longint; var ctx: TAESContext): integer;
{-Encrypt ILen bytes from ptp^ to ctp^ in CTR mode}
begin
AES_CTR_Encrypt := 0;
if ctx.Decrypt<>0 then begin
AES_CTR_Encrypt := AES_Err_Invalid_Mode;
exit;
end;
{$ifdef BIT16}
if (ofs(ptp^)+ILen>$FFFF) or (ofs(ctp^)+ILen>$FFFF) then begin
AES_CTR_Encrypt := AES_Err_Invalid_16Bit_Length;
exit;
end;
{$endif}
if (ptp=nil) or (ctp=nil) then begin
if ILen>0 then begin
AES_CTR_Encrypt := AES_Err_NIL_Pointer; {nil pointer to block with nonzero length}
exit;
end;
end;
if ctx.blen=0 then begin
{Handle full blocks first}
while ILen>=AESBLKSIZE do with ctx do begin
{Cipher text = plain text xor encr(CTR), cf. [3] 6.5}
AES_XorBlock(PAESBlock(ptp)^, buf, PAESBlock(ctp)^);
inc(Ptr2Inc(ptp), AESBLKSIZE);
inc(Ptr2Inc(ctp), AESBLKSIZE);
dec(ILen, AESBLKSIZE);
{use AES_IncMSBFull if IncProc=nil}
{$ifdef FPC_ProcVar}
if IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
{$else}
if @IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
{$endif}
AES_Encrypt(ctx, IV, buf);
end;
end;
{Handle remaining bytes}
while ILen>0 do with ctx do begin
{Refill buffer with encrypted CTR}
if bLen>=AESBLKSIZE then begin
{use AES_IncMSBFull if IncProc=nil}
{$ifdef FPC_ProcVar}
if IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
{$else}
if @IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
{$endif}
AES_Encrypt(ctx, IV, buf);
bLen := 0;
end;
{Cipher text = plain text xor encr(CTR), cf. [3] 6.5}
pByte(ctp)^ := buf[bLen] xor pByte(ptp)^;
inc(bLen);
inc(Ptr2Inc(ptp));
inc(Ptr2Inc(ctp));
dec(ILen);
end;
end;
{---------------------------------------------------------------------------}
function AES_CTR_Decrypt(ctp, ptp: Pointer; ILen: longint; var ctx: TAESContext): integer;
{-Decrypt ILen bytes from ctp^ to ptp^ in CTR mode}
begin
{Decrypt = encrypt for CTR mode}
AES_CTR_Decrypt := AES_CTR_Encrypt(ctp, ptp, ILen, ctx);
end;
{$ifndef DLL}
{$i aes_seek.inc}
{$endif}
end.