From 12bb7bcfff4db1b122c4643859f3d4f1420fba38 Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Wed, 29 Apr 2015 02:58:10 +0200 Subject: [PATCH] libsec: remove aesCTRencrypt()/aesCTRdecrypt() (thanks mischief and qrstuv) as mischief and qrstuv point out, these functions are not very usefull and are even implemented wrong (incrementCTR()), so deleting the code. --- sys/include/libsec.h | 3 --- sys/man/2/aes | 15 +---------- sys/src/libsec/port/aes.c | 55 --------------------------------------- 3 files changed, 1 insertion(+), 72 deletions(-) diff --git a/sys/include/libsec.h b/sys/include/libsec.h index 4ab074fdb..ccebac087 100644 --- a/sys/include/libsec.h +++ b/sys/include/libsec.h @@ -23,7 +23,6 @@ struct AESstate ulong setup; int rounds; int keybytes; - uint ctrsz; uchar key[AESmaxkey]; /* unexpanded key */ ulong ekey[4*(AESmaxrounds + 1)]; /* encryption key */ ulong dkey[4*(AESmaxrounds + 1)]; /* decryption key */ @@ -38,8 +37,6 @@ void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]); void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec); void aesCBCencrypt(uchar *p, int len, AESstate *s); void aesCBCdecrypt(uchar *p, int len, AESstate *s); -void aesCTRdecrypt(uchar *p, int len, AESstate *s); -void aesCTRencrypt(uchar *p, int len, AESstate *s); void setupAESXCBCstate(AESstate *s); uchar* aesXCBCmac(uchar *p, int len, AESstate *s); diff --git a/sys/man/2/aes b/sys/man/2/aes index caae33630..fd5438bdf 100644 --- a/sys/man/2/aes +++ b/sys/man/2/aes @@ -1,6 +1,6 @@ .TH AES 2 .SH NAME -setupAESstate, aesCBCencrypt, aesCBCdecrypt, aesCTRencrypt, aesCTRdecrypt, setupAESXCBCstate, aesXCBCmac - advanced encryption standard (rijndael) +setupAESstate, aesCBCencrypt, aesCBCdecrypt, setupAESXCBCstate, aesXCBCmac - advanced encryption standard (rijndael) .SH SYNOPSIS .B #include .br @@ -28,12 +28,6 @@ void aesCBCencrypt(uchar *p, int len, AESstate *s) void aesCBCdecrypt(uchar *p, int len, AESstate *s) .PP .B -void aesCTRencrypt(uchar *p, int len, AESstate *s) -.PP -.B -void aesCTRdecrypt(uchar *p, int len, AESstate *s) -.PP -.B void setupAESXCBCstate(AESstate *s) .PP .B @@ -52,11 +46,6 @@ are the block ciphers, corresponding to and .I aesCBCdecrypt implement cipher-block-chaining encryption. -.I AesCTRencrypt -and -.I aesCTRdecrypt -implement counter mode, per RFC 3686; -they are identical operations. .I setupAESXCBCstate and .I aesXCBCmac @@ -93,8 +82,6 @@ in The functions .IR aes_encrypt , .IR aes_decrypt , -.IR aesCTRencrypt , -.IR aesCTRdecrypt , .IR setupAESXCBCstate , and .IR aesXCBCmac diff --git a/sys/src/libsec/port/aes.c b/sys/src/libsec/port/aes.c index c90eb10ab..9dcf26547 100644 --- a/sys/src/libsec/port/aes.c +++ b/sys/src/libsec/port/aes.c @@ -220,61 +220,6 @@ aesCBCdecrypt(uchar *p, int len, AESstate *s) } } -/* - * AES-CTR mode, per rfc3686. - * CTRs could be precalculated for efficiency - * and there would also be less back and forth mp - */ - -static void -incrementCTR(uchar *p, uint ctrsz) -{ - int len; - uchar *ctr; - mpint *mpctr, *mpctrsz; - - ctr = p + AESbsize - ctrsz; - mpctr = betomp(ctr, ctrsz, nil); - mpctrsz = itomp(1 << (ctrsz*8), nil); - mpadd(mpctr, mpone, mpctr); - mpmod(mpctr, mpctrsz, mpctr); - len = mptobe(mpctr, ctr, ctrsz, nil); - assert(len == ctrsz); - mpfree(mpctrsz); - mpfree(mpctr); -} - -void -aesCTRencrypt(uchar *p, int len, AESstate *s) -{ - uchar q[AESbsize]; - uchar *ip, *eip, *ctr; - - ctr = s->ivec; - for(; len >= AESbsize; len -= AESbsize){ - ip = q; - aes_encrypt(s->ekey, s->rounds, ctr, q); - for(eip = p + AESbsize; p < eip; ) - *p++ ^= *ip++; - incrementCTR(ctr, s->ctrsz); - } - - if(len > 0){ - ip = q; - aes_encrypt(s->ekey, s->rounds, ctr, q); - for(eip = p + len; p < eip; ) - *p++ ^= *ip++; - incrementCTR(ctr, s->ctrsz); - } -} - -void -aesCTRdecrypt(uchar *p, int len, AESstate *s) -{ - aesCTRencrypt(p, len, s); -} - - /* taken from sha1; TODO: verify suitability (esp. byte order) for aes */ /* * encodes input (ulong) into output (uchar). Assumes len is