re-factor modes to use internal ECB implementation

Author: sjaeckel

src/headers/tomcrypt_cipher.h

@@ -274,18 +274,14 @@ typedef struct {
 #ifdef LTC_CFB_MODE
 /** A block cipher CFB structure */
 typedef struct {
+   /** The ECB context of the cipher */
+   symmetric_ECB       ecb;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE],
    /** The pad used to encrypt/decrypt */
                        pad[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen,
    /** The width of the mode: 1, 8, 64, or 128 */
-                       width,
+   int                 width,
    /** The padding offset */
                        padlen;
 } symmetric_CFB;
@@ -294,50 +290,39 @@ typedef struct {
 #ifdef LTC_OFB_MODE
 /** A block cipher OFB structure */
 typedef struct {
+   /** The ECB context of the cipher */
+   symmetric_ECB       ecb;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen,
    /** The padding offset */
-                       padlen;
+   int                 padlen;
+
 } symmetric_OFB;
 #endif
 
 #ifdef LTC_CBC_MODE
 /** A block cipher CBC structure */
 typedef struct {
+   /** The ECB context of the cipher */
+   symmetric_ECB       ecb;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen;
 } symmetric_CBC;
 #endif
 
 
 #ifdef LTC_CTR_MODE
 /** A block cipher CTR structure */
 typedef struct {
+   /** The ECB context of the cipher */
+   symmetric_ECB       ecb;
    /** The counter */
    unsigned char       ctr[MAXBLOCKSIZE];
    /** The pad used to encrypt/decrypt */
    unsigned char       pad[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
 
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen,
    /** The padding offset */
-                       padlen,
+   int                 padlen,
    /** The mode (endianess) of the CTR, 0==little, 1==big */
                        mode,
    /** counter width */
@@ -349,18 +334,14 @@ typedef struct {
 #ifdef LTC_LRW_MODE
 /** A LRW structure */
 typedef struct {
+    /** The ECB context of the cipher */
+    symmetric_ECB       ecb;
     /** The current IV */
     unsigned char     IV[16],
-
     /** the tweak key */
                       tweak[16],
-
     /** The current pad, it's the product of the first 15 bytes against the tweak key */
                       pad[16];
-
-    /** The scheduled symmetric key */
-    symmetric_key     key;
-
 #ifdef LTC_LRW_TABLES
     /** The pre-computed multiplication table */
     unsigned char     PC[16][256][16];
@@ -374,17 +355,13 @@ typedef struct {
 #ifdef LTC_F8_MODE
 /** A block cipher F8 structure */
 typedef struct {
+   /** The ECB context of the cipher */
+   symmetric_ECB       ecb;
    /** The current IV */
    unsigned char       IV[MAXBLOCKSIZE],
                        MIV[MAXBLOCKSIZE];
-   /** The scheduled key */
-   symmetric_key       key;
-   /** The index of the cipher chosen */
-   int                 cipher,
-   /** The block size of the given cipher */
-                       blocklen,
    /** The padding offset */
-                       padlen;
+   int                 padlen;
    /** Current block count */
    ulong32             blockcnt;
 } symmetric_F8;
@@ -451,7 +428,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey);
+   int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, const symmetric_key *skey);
 
    /** Accelerated ECB decryption
        @param pt      Plaintext
@@ -460,7 +437,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey);
+   int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, const symmetric_key *skey);
 
    /** Accelerated CBC encryption
        @param pt      Plaintext
@@ -470,7 +447,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
+   int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const symmetric_key *skey);
 
    /** Accelerated CBC decryption
        @param pt      Plaintext
@@ -480,7 +457,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
+   int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const symmetric_key *skey);
 
    /** Accelerated CTR encryption
        @param pt      Plaintext
@@ -491,7 +468,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey);
+   int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, const symmetric_key *skey);
 
    /** Accelerated LRW
        @param pt      Plaintext
@@ -502,7 +479,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
+   int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, const symmetric_key *skey);
 
    /** Accelerated LRW
        @param ct      Ciphertext
@@ -513,7 +490,7 @@ extern struct ltc_cipher_descriptor {
        @param skey    The scheduled key context
        @return CRYPT_OK if successful
    */
-   int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
+   int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, const symmetric_key *skey);
 
    /** Accelerated CCM packet (one-shot)
        @param key        The secret key to use
@@ -533,7 +510,7 @@ extern struct ltc_cipher_descriptor {
    */
    int (*accel_ccm_memory)(
        const unsigned char *key,    unsigned long keylen,
-       symmetric_key       *uskey,
+       const symmetric_key *uskey,
        const unsigned char *nonce,  unsigned long noncelen,
        const unsigned char *header, unsigned long headerlen,
              unsigned char *pt,     unsigned long ptlen,
@@ -923,8 +900,8 @@ extern const struct ltc_cipher_descriptor tea_desc;
 #ifdef LTC_ECB_MODE
 int ecb_start(int cipher, const unsigned char *key,
               int keylen, int num_rounds, symmetric_ECB *ecb);
-int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb);
-int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_ECB *ecb);
+int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, const symmetric_ECB *ecb);
+int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, const symmetric_ECB *ecb);
 int ecb_done(symmetric_ECB *ecb);
 #endif
 
@@ -1016,7 +993,7 @@ int f8_test_mode(void);
 
 #ifdef LTC_XTS_MODE
 typedef struct {
-   symmetric_key  key1, key2;
+   symmetric_ECB  key1, key2;
    int            cipher;
 } symmetric_xts;
 

src/headers/tomcrypt_custom.h

@@ -710,6 +710,14 @@
    #error LTC_NO_MATH defined, but also a math descriptor
 #endif
 
+#if !defined(LTC_ECB_MODE)
+#if defined(LTC_CFB_MODE) || defined(LTC_OFB_MODE) || defined(LTC_CBC_MODE) || defined(LTC_CTR_MODE) || \
+    defined(LTC_F8_MODE) || defined(LTC_LRW_MODE) || defined(LTC_XTS_MODE) )
+   #error LTC_ECB_MODE not defined, but all other modes depend on it
+#endif
+#endif
+
+
 /* THREAD management */
 #ifdef LTC_PTHREAD
 

src/headers/tomcrypt_private.h

@@ -122,6 +122,10 @@ typedef struct {
 
 /* tomcrypt_cipher.h */
 
+int ecb_encrypt_block(const unsigned char *pt, unsigned char *ct, const symmetric_ECB *ecb);
+int ecb_decrypt_block(const unsigned char *ct, unsigned char *pt, const symmetric_ECB *ecb);
+
+
 void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey);
 int blowfish_expand(const unsigned char *key, int keylen,
                     const unsigned char *data, int datalen,

src/misc/pem/pem.c

@@ -197,7 +197,7 @@ int pem_decrypt(unsigned char *data, unsigned long *datalen,
             goto error_out;
          }
 
-         if ((err = padding_depad(data, datalen, padding | s.ctx.cbc.blocklen)) != CRYPT_OK) {
+         if ((err = padding_depad(data, datalen, padding | s.ctx.cbc.ecb.blocklen)) != CRYPT_OK) {
             goto error_out;
          }
 #else

src/modes/cbc/cbc_decrypt.c

@@ -32,51 +32,51 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
    LTC_ARGCHK(ct  != NULL);
    LTC_ARGCHK(cbc != NULL);
 
-   if ((err = cipher_is_valid(cbc->cipher)) != CRYPT_OK) {
+   if ((err = cipher_is_valid(cbc->ecb.cipher)) != CRYPT_OK) {
        return err;
    }
 
    /* is blocklen valid? */
-   if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV) || cbc->blocklen > (int)sizeof(tmp)) {
+   if (cbc->ecb.blocklen < 1 || cbc->ecb.blocklen > (int)sizeof(cbc->IV) || cbc->ecb.blocklen > (int)sizeof(tmp)) {
       return CRYPT_INVALID_ARG;
    }
 
-   if (len % cbc->blocklen) {
+   if (len % cbc->ecb.blocklen) {
       return CRYPT_INVALID_ARG;
    }
 #ifdef LTC_FAST
-   if (cbc->blocklen % sizeof(LTC_FAST_TYPE)) {
+   if (cbc->ecb.blocklen % sizeof(LTC_FAST_TYPE)) {
       return CRYPT_INVALID_ARG;
    }
 #endif
 
-   if (cipher_descriptor[cbc->cipher].accel_cbc_decrypt != NULL) {
-      return cipher_descriptor[cbc->cipher].accel_cbc_decrypt(ct, pt, len / cbc->blocklen, cbc->IV, &cbc->key);
+   if (cipher_descriptor[cbc->ecb.cipher].accel_cbc_decrypt != NULL) {
+      return cipher_descriptor[cbc->ecb.cipher].accel_cbc_decrypt(ct, pt, len / cbc->ecb.blocklen, cbc->IV, &cbc->ecb.key);
    }
    while (len) {
       /* decrypt */
-      if ((err = cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key)) != CRYPT_OK) {
+      if ((err = ecb_decrypt_block(ct, tmp, &cbc->ecb)) != CRYPT_OK) {
          return err;
       }
 
       /* xor IV against plaintext */
 #if defined(LTC_FAST)
-      for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
+      for (x = 0; x < cbc->ecb.blocklen; x += sizeof(LTC_FAST_TYPE)) {
          tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x));
          *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x));
          *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy;
       }
 #else
-      for (x = 0; x < cbc->blocklen; x++) {
+      for (x = 0; x < cbc->ecb.blocklen; x++) {
          tmpy       = tmp[x] ^ cbc->IV[x];
          cbc->IV[x] = ct[x];
          pt[x]      = tmpy;
       }
 #endif
 
-      ct  += cbc->blocklen;
-      pt  += cbc->blocklen;
-      len -= cbc->blocklen;
+      ct  += cbc->ecb.blocklen;
+      pt  += cbc->ecb.blocklen;
+      len -= cbc->ecb.blocklen;
    }
    return CRYPT_OK;
 }

src/modes/cbc/cbc_done.c

@@ -15,14 +15,9 @@
 */
 int cbc_done(symmetric_CBC *cbc)
 {
-   int err;
    LTC_ARGCHK(cbc != NULL);
 
-   if ((err = cipher_is_valid(cbc->cipher)) != CRYPT_OK) {
-      return err;
-   }
-   cipher_descriptor[cbc->cipher].done(&cbc->key);
-   return CRYPT_OK;
+   return ecb_done(&cbc->ecb);
 }