This commit was generated by cvs2git to track changes on a CVS vendor

branch.

1 files changed, 80 insertions, 12 deletions

diff --git a/src/lib/libcrypto/modes/ctr128.c b/src/lib/libcrypto/modes/ctr128.c
index 932037f551..ee642c5863 100644
--- a/src/lib/libcrypto/modes/ctr128.c
+++ b/src/lib/libcrypto/modes/ctr128.c
@@ -48,7 +48,8 @@
  *
  */
 
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
 #include <string.h>
 
 #ifndef MODES_DEBUG
@@ -58,17 +59,6 @@
 #endif
 #include <assert.h>
 
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-#define STRICT_ALIGNMENT
-#if defined(__i386)     || defined(__i386__)    || \
-    defined(__x86_64)   || defined(__x86_64__)  || \
-    defined(_M_IX86)    || defined(_M_AMD64)    || defined(_M_X64) || \
-    defined(__s390__)   || defined(__s390x__)
-#  undef STRICT_ALIGNMENT
-#endif
-
 /* NOTE: the IV/counter CTR mode is big-endian.  The code itself
  * is endian-neutral. */
 
@@ -182,3 +172,81 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
 
         *num=n;
 }
+
+/* increment upper 96 bits of 128-bit counter by 1 */
+static void ctr96_inc(unsigned char *counter) {
+        u32 n=12;
+        u8  c;
+
+        do {
+                --n;
+                c = counter[n];
+                ++c;
+                counter[n] = c;
+                if (c) return;
+        } while (n);
+}
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+                        size_t len, const void *key,
+                        unsigned char ivec[16], unsigned char ecount_buf[16],
+                        unsigned int *num, ctr128_f func)
+{
+        unsigned int n,ctr32;
+
+        assert(in && out && key && ecount_buf && num);
+        assert(*num < 16);
+
+        n = *num;
+
+        while (n && len) {
+                *(out++) = *(in++) ^ ecount_buf[n];
+                --len;
+                n = (n+1) % 16;
+        }
+
+        ctr32 = GETU32(ivec+12);
+        while (len>=16) {
+                size_t blocks = len/16;
+                /*
+                 * 1<<28 is just a not-so-small yet not-so-large number...
+                 * Below condition is practically never met, but it has to
+                 * be checked for code correctness.
+                 */
+                if (sizeof(size_t)>sizeof(unsigned int) && blocks>(1U<<28))
+                        blocks = (1U<<28);
+                /*
+                 * As (*func) operates on 32-bit counter, caller
+                 * has to handle overflow. 'if' below detects the
+                 * overflow, which is then handled by limiting the
+                 * amount of blocks to the exact overflow point...
+                 */
+                ctr32 += (u32)blocks;
+                if (ctr32 < blocks) {
+                        blocks -= ctr32;
+                        ctr32   = 0;
+                }
+                (*func)(in,out,blocks,key,ivec);
+                /* (*ctr) does not update ivec, caller does: */
+                PUTU32(ivec+12,ctr32);
+                /* ... overflow was detected, propogate carry. */
+                if (ctr32 == 0) ctr96_inc(ivec);
+                blocks *= 16;
+                len -= blocks;
+                out += blocks;
+                in  += blocks;
+        }
+        if (len) {
+                memset(ecount_buf,0,16);
+                (*func)(ecount_buf,ecount_buf,1,key,ivec);
+                ++ctr32;
+                PUTU32(ivec+12,ctr32);
+                if (ctr32 == 0) ctr96_inc(ivec);
+                while (len--) {
+                        out[n] = in[n] ^ ecount_buf[n];
+                        ++n;
+                }
+        }
+
+        *num=n;
+}