crypter_t api supports in-place encryption using NULL as output parameter
authorMartin Willi <martin@strongswan.org>
Wed, 30 Apr 2008 14:02:25 +0000 (14:02 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 30 Apr 2008 14:02:25 +0000 (14:02 -0000)
src/libstrongswan/crypto/crypters/crypter.h
src/libstrongswan/plugins/aes/aes_crypter.c
src/libstrongswan/plugins/des/des_crypter.c
src/libstrongswan/plugins/openssl/openssl_crypter.c

index 0c1052d..5a64b1c 100644 (file)
@@ -63,10 +63,11 @@ struct crypter_t {
         *
         * The length of the iv must equal to get_block_size(), while the length
         * of data must be a multiple it.
+        * If encrypted is NULL, the encryption is done in-place (overwriting data).
         *
         * @param data                  data to encrypt
         * @param iv                    initializing vector
-        * @param encrypted             chunk to allocate encrypted data
+        * @param encrypted             chunk to allocate encrypted data, or NULL
         */
        void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
                                         chunk_t *encrypted);
@@ -76,10 +77,11 @@ struct crypter_t {
         *
         * The length of the iv must equal to get_block_size(), while the length
         * of data must be a multiple it.
+        * If decrpyted is NULL, the encryption is done in-place (overwriting data).
         * 
         * @param data                  data to decrypt
         * @param iv                    initializing vector
-        * @param encrypted             chunk to allocate decrypted data
+        * @param encrypted             chunk to allocate decrypted data, or NULL
         */
        void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
                                         chunk_t *decrypted);
index 5042811..046ac9b 100644 (file)
@@ -1345,9 +1345,16 @@ static void decrypt(private_aes_crypter_t *this, chunk_t data, chunk_t iv,
        const u_int32_t *iv_i;
        u_int8_t *in, *out;
        
-       *decrypted = chunk_alloc(data.len);
+       if (decrypted)
+       {
+               *decrypted = chunk_alloc(data.len);
+               out = decrypted->ptr;
+       }
+       else
+       {
+               out = data.ptr;
+       }
        in = data.ptr;
-       out = decrypted->ptr;
        
        pos = data.len-16;
        in += pos;
@@ -1384,9 +1391,13 @@ static void encrypt (private_aes_crypter_t *this, chunk_t data, chunk_t iv,
        const u_int32_t *iv_i;
        u_int8_t *in, *out;
        
-       *encrypted = chunk_alloc(data.len);
        in = data.ptr;
-       out = encrypted->ptr;
+       out = data.ptr;
+       if (encrypted)
+       {
+               *encrypted = chunk_alloc(data.len);
+               out = encrypted->ptr;
+       }
        
        pos=0;
        while(pos<data.len)
index 792f813..06d4979 100644 (file)
@@ -1364,10 +1364,15 @@ static void decrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
                                        chunk_t *decrypted)
 {
        des_cblock ivb;
+       u_int8_t *out;
        
-       *decrypted = chunk_alloc(data.len);
+       out = data.ptr;
+       if (decrypted)
+       {
+               *decrypted = chunk_alloc(data.len);
+       }
        memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-       des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+       des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
                                         data.len, this->ks, &ivb, DES_DECRYPT);
 }
 
@@ -1379,10 +1384,15 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
                                                chunk_t *encrypted)
 {
        des_cblock ivb;
+       u_int8_t *out;
        
-       *encrypted = chunk_alloc(data.len);
+       out = data.ptr;
+       if (encrypted)
+       {
+               *encrypted = chunk_alloc(data.len);
+       }
        memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-       des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+       des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
                                         data.len, this->ks, &ivb, DES_ENCRYPT);
 }
 
@@ -1393,10 +1403,15 @@ static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
                                         chunk_t *decrypted)
 {
        des_cblock ivb;
+       u_int8_t *out;
        
-       *decrypted = chunk_alloc(data.len);
+       out = data.ptr;
+       if (decrypted)
+       {
+               *decrypted = chunk_alloc(data.len);
+       }
        memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-       des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+       des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
                                                 data.len, this->ks3[0], this->ks3[1], this->ks3[2],
                                                 &ivb, DES_DECRYPT);
 }
@@ -1408,10 +1423,15 @@ static void encrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
                                         chunk_t *encrypted)
 {
        des_cblock ivb;
+       u_int8_t *out;
        
-       *encrypted = chunk_alloc(data.len);
+       out = data.ptr;
+       if (encrypted)
+       {
+               *encrypted = chunk_alloc(data.len);
+       }
        memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-       des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+       des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
                                                  data.len, this->ks3[0], this->ks3[1], this->ks3[2],
                                                  &ivb, DES_ENCRYPT);
 }
index 8cbeac5..8b9b379 100644 (file)
@@ -116,13 +116,20 @@ static void crypt(private_openssl_crypter_t *this, chunk_t data,
                                        chunk_t iv, chunk_t *dst, int enc)
 {
        int len;
+       u_char *out;
+       
+       out = data.ptr;
+       if (dst)
+       {
+               *dst = chunk_alloc(data.len);
+               out = dst->ptr;
+       }
        EVP_CIPHER_CTX ctx;
        EVP_CIPHER_CTX_init(&ctx);
        EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc);
        EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */
-       *dst = chunk_alloc(data.len);
-       EVP_CipherUpdate(&ctx, dst->ptr, &len, data.ptr, data.len);
-       EVP_CipherFinal_ex(&ctx, dst->ptr, &len); /* since padding is disabled this does nothing */
+       EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len);
+       EVP_CipherFinal_ex(&ctx, out, &len); /* since padding is disabled this does nothing */
        EVP_CIPHER_CTX_cleanup(&ctx);
 }