Cryptography Reference
In-Depth Information
non-CBC from CBC. There are other chaining methods as well, such as
OFB
(
output feedback
), which I discuss later.
You can add support for initialization vectors into
des_operate
easily as
shown in Listing 2-19.
Listing 2-19:
“des.c” des_operate with CBC support and padding removed from des_encrypt
static void des_operate( const unsigned char *input,
int input_len,
unsigned char *output,
const unsigned char *iv,
const unsigned char *key,
op_type operation )
{
unsigned char input_block[ DES_BLOCK_SIZE ];
assert( !( input_len % DES_BLOCK_SIZE ) );
while ( input_len )
{
memcpy( ( void * ) input_block, ( void * ) input, DES_BLOCK_SIZE );
xor( input_block, iv, DES_BLOCK_SIZE ); // implement CBC
des_block_operate( input_block, output, key, operation );
memcpy( ( void * ) iv, ( void * ) output, DES_BLOCK_SIZE ); // CBC
input += DES_BLOCK_SIZE;
output += DES_BLOCK_SIZE;
input_len -= DES_BLOCK_SIZE;
}
}
…
void des_encrypt( const unsigned char *plaintext,
const int plaintext_len,
unsigned char *ciphertext,
const unsigned char *iv,
const unsigned char *key )
{
des_operate( plaintext, plaintext_len, ciphertext,
iv, key, OP_ENCRYPT );
}
As you can see, this isn't particularly complex. You just pass in a DES_BLOCK_
SIZE byte array, XOR it with the fi rst block — before encrypting it — and then keep
track of the output on each iteration so that it can be XORed, before encryption,
with each subsequent block.
Notice also that, with each operation, you overwrite the contents of the
iv
array. This means that the caller can invoke
des_operate
again, pointing to the
same
iv
memory location, and encrypt streamed data.
Search WWH ::
Custom Search