From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 21 Nov 2019 20:35:07 +0000 (+0100)
Subject: aes: Added AES_ECB support
X-Git-Tag: 5.8.2rc1~11^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f884ee649719a39cc706e8d71eaa27435bd86ccb;p=thirdparty%2Fstrongswan.git

aes: Added AES_ECB support
---

diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c
index 243a142967..fc1d16c320 100644
--- a/src/libstrongswan/plugins/aes/aes_crypter.c
+++ b/src/libstrongswan/plugins/aes/aes_crypter.c
@@ -70,6 +70,11 @@ struct private_aes_crypter_t {
 	* Key size of this AES cypher object.
 	*/
 	uint32_t key_size;
+
+	/**
+	* Does AES mode require an IV
+	*/
+	bool has_iv;
 };
 
 /**
@@ -804,26 +809,29 @@ METHOD(crypter_t, decrypt, bool,
 	in = data.ptr;
 
 	pos = data.len-16;
-	in += pos;
+	in  += pos;
 	out += pos;
 	while (pos >= 0)
 	{
 		decrypt_block(this, in, out);
-		if (pos==0)
+		if (this->has_iv)
 		{
-			iv_i=(const uint32_t*) (iv.ptr);
-		}
-		else
-		{
-			iv_i=(const uint32_t*) (in-16);
+			if (pos == 0)
+			{
+				iv_i = (const uint32_t*) (iv.ptr);
+			}
+			else
+			{
+				iv_i = (const uint32_t*) (in-16);
+			}
+			*((uint32_t *)(&out[ 0])) ^= iv_i[0];
+			*((uint32_t *)(&out[ 4])) ^= iv_i[1];
+			*((uint32_t *)(&out[ 8])) ^= iv_i[2];
+			*((uint32_t *)(&out[12])) ^= iv_i[3];
 		}
-		*((uint32_t *)(&out[ 0])) ^= iv_i[0];
-		*((uint32_t *)(&out[ 4])) ^= iv_i[1];
-		*((uint32_t *)(&out[ 8])) ^= iv_i[2];
-		*((uint32_t *)(&out[12])) ^= iv_i[3];
-		in-=16;
-		out-=16;
-		pos-=16;
+		in-=  16;
+		out-= 16;
+		pos-= 16;
 	}
 	return TRUE;
 }
@@ -835,7 +843,7 @@ METHOD(crypter_t, encrypt, bool,
 	const uint32_t *iv_i;
 	uint8_t *in, *out;
 
-	in = data.ptr;
+	in  = data.ptr;
 	out = data.ptr;
 	if (encrypted)
 	{
@@ -843,25 +851,36 @@ METHOD(crypter_t, encrypt, bool,
 		out = encrypted->ptr;
 	}
 
-	pos=0;
-	while(pos<data.len)
+	pos = 0;
+	while (pos < data.len)
 	{
-		if (pos==0)
+		if (this->has_iv)
 		{
-			iv_i=(const uint32_t*) iv.ptr;
+			if (pos == 0)
+			{
+				iv_i = (const uint32_t*) iv.ptr;
+			}
+			else
+			{
+				iv_i = (const uint32_t*) (out-16);
+			}
+			*((uint32_t *)(&out[ 0])) = iv_i[0]^*((const uint32_t *)(&in[ 0]));
+			*((uint32_t *)(&out[ 4])) = iv_i[1]^*((const uint32_t *)(&in[ 4]));
+			*((uint32_t *)(&out[ 8])) = iv_i[2]^*((const uint32_t *)(&in[ 8]));
+			*((uint32_t *)(&out[12])) = iv_i[3]^*((const uint32_t *)(&in[12]));
 		}
 		else
 		{
-			iv_i=(const uint32_t*) (out-16);
+			*((uint32_t *)(&out[ 0])) = *((const uint32_t *)(&in[ 0]));
+			*((uint32_t *)(&out[ 4])) = *((const uint32_t *)(&in[ 4]));
+			*((uint32_t *)(&out[ 8])) = *((const uint32_t *)(&in[ 8]));
+			*((uint32_t *)(&out[12])) = *((const uint32_t *)(&in[12]));
+
 		}
-		*((uint32_t *)(&out[ 0])) = iv_i[0]^*((const uint32_t *)(&in[ 0]));
-		*((uint32_t *)(&out[ 4])) = iv_i[1]^*((const uint32_t *)(&in[ 4]));
-		*((uint32_t *)(&out[ 8])) = iv_i[2]^*((const uint32_t *)(&in[ 8]));
-		*((uint32_t *)(&out[12])) = iv_i[3]^*((const uint32_t *)(&in[12]));
 		encrypt_block(this, out, out);
-		in+=16;
-		out+=16;
-		pos+=16;
+		in+=  16;
+		out+= 16;
+		pos+= 16;
 	}
 	return TRUE;
 }
@@ -875,7 +894,7 @@ METHOD(crypter_t, get_block_size, size_t,
 METHOD(crypter_t, get_iv_size, size_t,
 	private_aes_crypter_t *this)
 {
-	return AES_BLOCK_SIZE;
+	return this->has_iv ? AES_BLOCK_SIZE : 0;
 }
 
 METHOD(crypter_t, get_key_size, size_t,
@@ -978,11 +997,20 @@ METHOD(crypter_t, destroy, void,
 aes_crypter_t *aes_crypter_create(encryption_algorithm_t algo, size_t key_size)
 {
 	private_aes_crypter_t *this;
+	bool has_iv;
 
-	if (algo != ENCR_AES_CBC)
+	switch (algo)
 	{
-		return NULL;
+		case ENCR_AES_CBC:
+			has_iv = TRUE;
+			break;
+		case ENCR_AES_ECB:
+			has_iv = FALSE;
+			break;
+		default:
+			return NULL;
 	}
+
 	switch (key_size)
 	{
 		case 0:
@@ -1010,6 +1038,7 @@ aes_crypter_t *aes_crypter_create(encryption_algorithm_t algo, size_t key_size)
 		},
 		.key_size = key_size,
 		.aes_Nkey = key_size / 4,
+		.has_iv = has_iv,
 	);
 
 	return &this->public;
diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c
index bfb356e58b..27dbd18ffa 100644
--- a/src/libstrongswan/plugins/aes/aes_plugin.c
+++ b/src/libstrongswan/plugins/aes/aes_plugin.c
@@ -45,6 +45,9 @@ METHOD(plugin_t, get_features, int,
 			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 16),
 			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 24),
 			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 32),
+			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 16),
+			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 24),
+			PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 32),
 	};
 	*features = f;
 	return countof(f);