Cryptography Reference
In-Depth Information
Of course, it's not particularly useful to write an encryption routine without
a decryption routine. As with AES-CCM, decrypting is pretty much the same
as encrypting, you just have to remember to authenticate the last block rather
than decrypting and outputting it. In fact, the changes to support decryption in
aes_gcm_process
in Listing 9-19 are nearly identical to those to apply the same
change to
aes_ccm_process
in Listing 9-15.
Listing 9-19:
“aes.c” aes_gcm_process with encrypt and decrypt support
int aes_gcm_
process
( const unsigned char *input,
int input_len,
unsigned char *output,
void *iv,
const unsigned char *key,
int decrypt
)
{
…
int original_input_len;
int process_len;
int block_size;
…
memset( nonce + 12, '\0', sizeof( unsigned int ) );
process_len = input_len - ( decrypt ? AES_BLOCK_SIZE : 0 );
// MAC initialization
memset( mac_block, '\0', AES_BLOCK_SIZE );
original_input_len = htonl(
process_len
3 );
…
while (
process_len
)
{
…
block_size = (
process_len
< AES_BLOCK_SIZE ) ?
process_len
: AES_BLOCK_SIZE;
aes_block_encrypt( nonce, input_block, key, 16 );
xor( input_block, input, block_size ); // implement CTR
memcpy( ( void * ) output, ( void * ) input_block, block_size );
if ( decrypt )
{
// When decrypting, put the input - e.g. the ciphertext -
// back into the input block for the MAC computation below
memcpy( input_block, input, block_size );
}
// Update the MAC; input_block contains encrypted value
memset( ( input_block + AES_BLOCK_SIZE ) -
…
process_len
-= block_size;
}
Search WWH ::
Custom Search