1 unit AES_CTR;
2
3 (*************************************************************************
4
5 DESCRIPTION : AES CTR mode functions
6 Because of buffering en/decrypting is associative
7 User can supply a custom increment function
8
9 REQUIREMENTS : TP5-7, D1-D7/D9-D10/D12, FPC, VP
10
11 EXTERNAL DATA : ---
12
13 MEMORY USAGE : ---
14
15 DISPLAY MODE : ---
16
17 REFERENCES : [3] http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
18 [1] http://csrc.nist.gov/fips/fips-197.pdf
19
20 REMARKS : - If a predefined or user-supplied INCProc is used, it must
21 be set before using AES_CTR_Seek.
22 - AES_CTR_Seek may be time-consuming for user-defined
23 INCProcs, because this function is called many times.
24 See AES_CTR_Seek how to provide user-supplied short-cuts.
25
26 WARNING : - CTR mode demands that the same key / initial CTR pair is
27 never reused for encryption. This requirement is especially
28 important for the CTR_Seek function. If different data is
29 written to the same position there will be leakage of
30 information about the plaintexts. Therefore CTR_Seek should
31 normally be used for random reads only.
32 - Default IncProc changed to IncMSBFull in V0.30, for old
33 defaults call AES_SetIncProc(AES_IncMSBPart,.) after AES_CTR_Init
34 or (less flexible) set DefaultIncMSBPart := true
35
36 Version Date Author Modification
37 ------- -------- ------- ------------------------------------------
38 0.10 16.08.03 we initial version
39 0.20 15.09.03 we use IncProc, with IncLSB, IncMSB
40 0.21 20.09.03 we fixed obscure FPC @ bug
41 0.22 21.09.03 we functions, error codes
42 0.23 27.09.03 we FPC/go32v2
43 0.24 03.10.03 we 3-para encr/decr
44 0.25 05.10.03 we STD.INC, TP5-6
45 0.26 05.10.03 we SetIncProc, Init without IncP
46 0.27 05.10.03 we Bugfix for FPC: @ and IncProc
47 0.28 01.01.04 we Handle full blocks first
48 0.30 11.06.04 we 4 IncProcs, default IncMSBFull
49 0.31 12.06.04 we uses BLKSIZE constant
50 0.32 12.06.04 we check for nil pointers
51 0.33 02.07.04 we {$ifdef DLL} stdcall; {$endif}
52 0.34 30.11.04 we AES_XorBlock, AESBLKSIZE
53 0.35 01.12.04 we AES_ prefix for increment routines
54 0.36 09.07.06 we Checked: D9-D10
55 0.37 23.06.07 we Use conditional define FPC_ProcVar
56 0.38 21.06.08 we Make IncProcs work with FPC -dDebug
57 0.39 16.11.08 we Use Ptr2Inc, pByte from BTypes
58 0.40 19.06.10 we Initial version of AES_CTR_Seek
59 0.41 20.06.10 we AES_CTR_Seek: calculate IV if IncProc is known
60 0.42 20.06.10 we AES_CTR_Seek64
61 0.43 21.06.10 we AES_CTR_Seek: Fix loop for user-defined IncProcs
62 0.44 27.07.10 we Longint ILen in AES_CTR_En/Decrypt
63 0.45 31.07.10 we AES_CTR_Seek source moved to aes_seek.inc
64 **************************************************************************)
65
66
67 (*-------------------------------------------------------------------------
68 (C) Copyright 2002-2010 Wolfgang Ehrhardt
69
70 This software is provided 'as-is', without any express or implied warranty.
71 In no event will the authors be held liable for any damages arising from
72 the use of this software.
73
74 Permission is granted to anyone to use this software for any purpose,
75 including commercial applications, and to alter it and redistribute it
76 freely, subject to the following restrictions:
77
78 1. The origin of this software must not be misrepresented; you must not
79 claim that you wrote the original software. If you use this software in
80 a product, an acknowledgment in the product documentation would be
81 appreciated but is not required.
82
83 2. Altered source versions must be plainly marked as such, and must not be
84 misrepresented as being the original software.
85
86 3. This notice may not be removed or altered from any source distribution.
87 ----------------------------------------------------------------------------*)
88
89 {$i STD.INC}
90
91 interface
92
93
94 uses
95 BTypes, AES_Type, AES_Base, AES_Encr;
96
97
98 const
99 DefaultIncMSBPart: boolean = false; {if true use AES_IncMSBPart as default}
100
101
102 {$ifdef CONST}
AES_CTR_Initnull103 function AES_CTR_Init(const Key; KeyBits: word; const CTR: TAESBlock; var ctx: TAESContext): integer;
104 {-AES key expansion, error if inv. key size, encrypt CTR}
105 {$ifdef DLL} stdcall; {$endif}
106 {$else}
AES_CTR_Initnull107 function AES_CTR_Init(var Key; KeyBits: word; var CTR: TAESBlock; var ctx: TAESContext): integer;
108 {-AES key expansion, error if inv. key size, encrypt CTR}
109 {$endif}
110
111
112 {$ifndef DLL}
AES_CTR_Seeknull113 function AES_CTR_Seek({$ifdef CONST}const{$else}var{$endif} iCTR: TAESBlock;
114 SOL, SOH: longint; var ctx: TAESContext): integer;
115 {-Setup ctx for random access crypto stream starting at 64 bit offset SOH*2^32+SOL,}
116 { SOH >= 0. iCTR is the initial CTR for offset 0, i.e. the same as in AES_CTR_Init.}
117 {$ifdef HAS_INT64}
AES_CTR_Seek64null118 function AES_CTR_Seek64(const iCTR: TAESBlock; SO: int64; var ctx: TAESContext): integer;
119 {-Setup ctx for random access crypto stream starting at 64 bit offset SO >= 0;}
120 { iCTR is the initial CTR value for offset 0, i.e. the same as in AES_CTR_Init.}
121 {$endif}
122 {$endif}
123
124
AES_CTR_Encryptnull125 function AES_CTR_Encrypt(ptp, ctp: Pointer; ILen: longint; var ctx: TAESContext): integer;
126 {-Encrypt ILen bytes from ptp^ to ctp^ in CTR mode}
127 {$ifdef DLL} stdcall; {$endif}
128
AES_CTR_Decryptnull129 function AES_CTR_Decrypt(ctp, ptp: Pointer; ILen: longint; var ctx: TAESContext): integer;
130 {-Decrypt ILen bytes from ctp^ to ptp^ in CTR mode}
131 {$ifdef DLL} stdcall; {$endif}
132
AES_SetIncProcnull133 function AES_SetIncProc(IncP: TIncProc; var ctx: TAESContext): integer;
134 {-Set user supplied IncCTR proc}
135 {$ifdef DLL} stdcall; {$endif}
136
137 procedure AES_IncMSBFull(var CTR: TAESBlock);
138 {-Increment CTR[15]..CTR[0]}
139 {$ifdef DLL} stdcall; {$endif}
140
141 procedure AES_IncLSBFull(var CTR: TAESBlock);
142 {-Increment CTR[0]..CTR[15]}
143 {$ifdef DLL} stdcall; {$endif}
144
145 procedure AES_IncMSBPart(var CTR: TAESBlock);
146 {-Increment CTR[15]..CTR[8]}
147 {$ifdef DLL} stdcall; {$endif}
148
149 procedure AES_IncLSBPart(var CTR: TAESBlock);
150 {-Increment CTR[0]..CTR[7]}
151 {$ifdef DLL} stdcall; {$endif}
152
153
154 implementation
155
156
157 {---------------------------------------------------------------------------}
158 procedure AES_IncMSBPart(var CTR: TAESBlock);
159 {-Increment CTR[15]..CTR[8]}
160 var
161 j: integer;
162 begin
163 for j:=15 downto 8 do begin
164 if CTR[j]=$FF then CTR[j] := 0
165 else begin
166 inc(CTR[j]);
167 exit;
168 end;
169 end;
170 end;
171
172
173 {---------------------------------------------------------------------------}
174 procedure AES_IncLSBPart(var CTR: TAESBlock);
175 {-Increment CTR[0]..CTR[7]}
176 var
177 j: integer;
178 begin
179 for j:=0 to 7 do begin
180 if CTR[j]=$FF then CTR[j] := 0
181 else begin
182 inc(CTR[j]);
183 exit;
184 end;
185 end;
186 end;
187
188
189 {---------------------------------------------------------------------------}
190 procedure AES_IncMSBFull(var CTR: TAESBlock);
191 {-Increment CTR[15]..CTR[0]}
192 var
193 j: integer;
194 begin
195 for j:=15 downto 0 do begin
196 if CTR[j]=$FF then CTR[j] := 0
197 else begin
198 inc(CTR[j]);
199 exit;
200 end;
201 end;
202 end;
203
204
205 {---------------------------------------------------------------------------}
206 procedure AES_IncLSBFull(var CTR: TAESBlock);
207 {-Increment CTR[0]..CTR[15]}
208 var
209 j: integer;
210 begin
211 for j:=0 to 15 do begin
212 if CTR[j]=$FF then CTR[j] := 0
213 else begin
214 inc(CTR[j]);
215 exit;
216 end;
217 end;
218 end;
219
220
221 {---------------------------------------------------------------------------}
AES_SetIncProcnull222 function AES_SetIncProc(IncP: TIncProc; var ctx: TAESContext): integer;
223 {-Set user supplied IncCTR proc}
224 begin
225 AES_SetIncProc := AES_Err_MultipleIncProcs;
226 with ctx do begin
227 {$ifdef FPC_ProcVar}
228 if IncProc=nil then begin
229 IncProc := IncP;
230 AES_SetIncProc := 0;
231 end;
232 {$else}
233 if @IncProc=nil then begin
234 IncProc := IncP;
235 AES_SetIncProc := 0;
236 end;
237 {$endif}
238 end;
239 end;
240
241
242 {---------------------------------------------------------------------------}
243 {$ifdef CONST}
AES_CTR_Initnull244 function AES_CTR_Init(const Key; KeyBits: word; const CTR: TAESBlock; var ctx: TAESContext): integer;
245 {$else}
AES_CTR_Initnull246 function AES_CTR_Init(var Key; KeyBits: word; var CTR: TAESBlock; var ctx: TAESContext): integer;
247 {$endif}
248 {-AES key expansion, error if inv. key size, encrypt CTR}
249 var
250 err: integer;
251 begin
252 {AES key expansion, error if inv. key size}
253 err := AES_Init_Encr(Key, KeyBits, ctx);
254 if (err=0) and DefaultIncMSBPart then begin
255 {$ifdef FPC_ProcVar}
256 err := AES_SetIncProc(@AES_IncMSBPart, ctx);
257 {$else}
258 err := AES_SetIncProc(AES_IncMSBPart, ctx);
259 {$endif}
260 end;
261 if err=0 then begin
262 ctx.IV := CTR;
263 {encrypt CTR}
264 AES_Encrypt(ctx, CTR, ctx.buf);
265 end;
266 AES_CTR_Init := err;
267 end;
268
269
270 {---------------------------------------------------------------------------}
AES_CTR_Encryptnull271 function AES_CTR_Encrypt(ptp, ctp: Pointer; ILen: longint; var ctx: TAESContext): integer;
272 {-Encrypt ILen bytes from ptp^ to ctp^ in CTR mode}
273 begin
274 AES_CTR_Encrypt := 0;
275
276 if ctx.Decrypt<>0 then begin
277 AES_CTR_Encrypt := AES_Err_Invalid_Mode;
278 exit;
279 end;
280
281 {$ifdef BIT16}
282 if (ofs(ptp^)+ILen>$FFFF) or (ofs(ctp^)+ILen>$FFFF) then begin
283 AES_CTR_Encrypt := AES_Err_Invalid_16Bit_Length;
284 exit;
285 end;
286 {$endif}
287
288 if (ptp=nil) or (ctp=nil) then begin
289 if ILen>0 then begin
290 AES_CTR_Encrypt := AES_Err_NIL_Pointer; {nil pointer to block with nonzero length}
291 exit;
292 end;
293 end;
294
295 if ctx.blen=0 then begin
296 {Handle full blocks first}
297 while ILen>=AESBLKSIZE do with ctx do begin
298 {Cipher text = plain text xor encr(CTR), cf. [3] 6.5}
299 AES_XorBlock(PAESBlock(ptp)^, buf, PAESBlock(ctp)^);
300 inc(Ptr2Inc(ptp), AESBLKSIZE);
301 inc(Ptr2Inc(ctp), AESBLKSIZE);
302 dec(ILen, AESBLKSIZE);
303 {use AES_IncMSBFull if IncProc=nil}
304 {$ifdef FPC_ProcVar}
305 if IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
306 {$else}
307 if @IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
308 {$endif}
309 AES_Encrypt(ctx, IV, buf);
310 end;
311 end;
312
313 {Handle remaining bytes}
314 while ILen>0 do with ctx do begin
315 {Refill buffer with encrypted CTR}
316 if bLen>=AESBLKSIZE then begin
317 {use AES_IncMSBFull if IncProc=nil}
318 {$ifdef FPC_ProcVar}
319 if IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
320 {$else}
321 if @IncProc=nil then AES_IncMSBFull(IV) else IncProc(IV);
322 {$endif}
323 AES_Encrypt(ctx, IV, buf);
324 bLen := 0;
325 end;
326 {Cipher text = plain text xor encr(CTR), cf. [3] 6.5}
327 pByte(ctp)^ := buf[bLen] xor pByte(ptp)^;
328 inc(bLen);
329 inc(Ptr2Inc(ptp));
330 inc(Ptr2Inc(ctp));
331 dec(ILen);
332 end;
333 end;
334
335
336 {---------------------------------------------------------------------------}
AES_CTR_Decryptnull337 function AES_CTR_Decrypt(ctp, ptp: Pointer; ILen: longint; var ctx: TAESContext): integer;
338 {-Decrypt ILen bytes from ctp^ to ptp^ in CTR mode}
339 begin
340 {Decrypt = encrypt for CTR mode}
341 AES_CTR_Decrypt := AES_CTR_Encrypt(ctp, ptp, ILen, ctx);
342 end;
343
344
345 {$ifndef DLL}
346 {$i aes_seek.inc}
347 {$endif}
348
349
350 end.
351