FFmpeg
aes_ctr.c
Go to the documentation of this file.
1 /*
2  * AES-CTR cipher
3  * Copyright (c) 2015 Eran Kornblau <erankor at gmail dot com>
4  *
5  * This file is part of FFmpeg.
6  *
7  * FFmpeg is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU Lesser General Public
9  * License as published by the Free Software Foundation; either
10  * version 2.1 of the License, or (at your option) any later version.
11  *
12  * FFmpeg is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with FFmpeg; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20  */
21 
22 #include <string.h>
23 
24 #include "aes_ctr.h"
25 #include "aes.h"
26 #include "aes_internal.h"
27 #include "intreadwrite.h"
28 #include "macros.h"
29 #include "mem.h"
30 #include "random_seed.h"
31 
32 #define AES_BLOCK_SIZE (16)
33 
34 typedef struct AVAESCTR {
35  DECLARE_ALIGNED(8, uint8_t, counter)[AES_BLOCK_SIZE];
36  DECLARE_ALIGNED(8, uint8_t, encrypted_counter)[AES_BLOCK_SIZE];
37  AVAES aes;
38 } AVAESCTR;
39 
40 struct AVAESCTR *av_aes_ctr_alloc(void)
41 {
42  return av_mallocz(sizeof(struct AVAESCTR));
43 }
44 
45 void av_aes_ctr_set_iv(struct AVAESCTR *a, const uint8_t* iv)
46 {
47  memcpy(a->counter, iv, AES_CTR_IV_SIZE);
48  memset(a->counter + AES_CTR_IV_SIZE, 0, sizeof(a->counter) - AES_CTR_IV_SIZE);
49 }
50 
51 void av_aes_ctr_set_full_iv(struct AVAESCTR *a, const uint8_t* iv)
52 {
53  memcpy(a->counter, iv, sizeof(a->counter));
54 }
55 
56 const uint8_t* av_aes_ctr_get_iv(struct AVAESCTR *a)
57 {
58  return a->counter;
59 }
60 
61 void av_aes_ctr_set_random_iv(struct AVAESCTR *a)
62 {
63  uint32_t iv[2];
64 
65  iv[0] = av_get_random_seed();
66  iv[1] = av_get_random_seed();
67 
68  av_aes_ctr_set_iv(a, (uint8_t*)iv);
69 }
70 
71 int av_aes_ctr_init(struct AVAESCTR *a, const uint8_t *key)
72 {
73  av_aes_init(&a->aes, key, 128, 0);
74 
75  memset(a->counter, 0, sizeof(a->counter));
76 
77  return 0;
78 }
79 
80 void av_aes_ctr_free(struct AVAESCTR *a)
81 {
82  av_free(a);
83 }
84 
85 static inline void av_aes_ctr_increment_be64(uint8_t* counter)
86 {
87  uint64_t c = AV_RB64A(counter) + 1;
88  AV_WB64A(counter, c);
89 }
90 
91 void av_aes_ctr_increment_iv(struct AVAESCTR *a)
92 {
93  av_aes_ctr_increment_be64(a->counter);
94  memset(a->counter + AES_CTR_IV_SIZE, 0, sizeof(a->counter) - AES_CTR_IV_SIZE);
95 }
96 
97 void av_aes_ctr_crypt(struct AVAESCTR *a, uint8_t *dst, const uint8_t *src, int count)
98 {
99  while (count >= AES_BLOCK_SIZE) {
100  av_aes_crypt(&a->aes, a->encrypted_counter, a->counter, 1, NULL, 0);
101  av_aes_ctr_increment_be64(a->counter + 8);
102 #if HAVE_FAST_64BIT
103  for (int len = 0; len < AES_BLOCK_SIZE; len += 8)
104  AV_WN64(&dst[len], AV_RN64(&src[len]) ^ AV_RN64A(&a->encrypted_counter[len]));
105 #else
106  for (int len = 0; len < AES_BLOCK_SIZE; len += 4)
107  AV_WN32(&dst[len], AV_RN32(&src[len]) ^ AV_RN32A(&a->encrypted_counter[len]));
108 #endif
109  dst += AES_BLOCK_SIZE;
110  src += AES_BLOCK_SIZE;
111  count -= AES_BLOCK_SIZE;
112  }
113 
114  if (count > 0) {
115  av_aes_crypt(&a->aes, a->encrypted_counter, a->counter, 1, NULL, 0);
116  av_aes_ctr_increment_be64(a->counter + 8);
117  for (int len = 0; len < count; len++)
118  dst[len] = src[len] ^ a->encrypted_counter[len];
119  }
120 }
av_aes_init
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
Initialize an AVAES context.
Definition: aes.c:230
AV_RN64
#define AV_RN64(p)
Definition: intreadwrite.h:364
av_aes_ctr_set_random_iv
void av_aes_ctr_set_random_iv(struct AVAESCTR *a)
Generate a random iv.
Definition: aes_ctr.c:61
av_get_random_seed
uint32_t av_get_random_seed(void)
Get a seed to use in conjunction with random functions.
Definition: random_seed.c:196
macros.h
AV_RB64A
#define AV_RB64A(p)
Definition: intreadwrite.h:589
intreadwrite.h
av_aes_ctr_get_iv
const uint8_t * av_aes_ctr_get_iv(struct AVAESCTR *a)
Get the current iv.
Definition: aes_ctr.c:56
AES_BLOCK_SIZE
#define AES_BLOCK_SIZE
Definition: aes_ctr.c:32
key
const char * key
Definition: hwcontext_opencl.c:189
AVAESCTR::aes
AVAES aes
Definition: aes_ctr.c:37
aes.h
NULL
#define NULL
Definition: coverity.c:32
av_aes_ctr_alloc
struct AVAESCTR * av_aes_ctr_alloc(void)
Allocate an AVAESCTR context.
Definition: aes_ctr.c:40
AV_RN32
#define AV_RN32(p)
Definition: intreadwrite.h:360
av_aes_crypt
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decrypt)
Encrypt or decrypt a buffer using a previously initialized context.
Definition: aes.c:170
c
Undefined Behavior In the C some operations are like signed integer dereferencing freed accessing outside allocated Undefined Behavior must not occur in a C it is not safe even if the output of undefined operations is unused The unsafety may seem nit picking but Optimizing compilers have in fact optimized code on the assumption that no undefined Behavior occurs Optimizing code based on wrong assumptions can and has in some cases lead to effects beyond the output of computations The signed integer overflow problem in speed critical code Code which is highly optimized and works with signed integers sometimes has the problem that often the output of the computation does not c
Definition: undefined.txt:32
AV_WB64A
#define AV_WB64A(p, v)
Definition: intreadwrite.h:592
av_aes_ctr_init
int av_aes_ctr_init(struct AVAESCTR *a, const uint8_t *key)
Initialize an AVAESCTR context.
Definition: aes_ctr.c:71
DECLARE_ALIGNED
#define DECLARE_ALIGNED(n, t, v)
Definition: mem_internal.h:104
AV_WN32
#define AV_WN32(p, v)
Definition: intreadwrite.h:372
dst
uint8_t ptrdiff_t const uint8_t ptrdiff_t int intptr_t intptr_t int int16_t * dst
Definition: dsp.h:83
av_aes_ctr_set_iv
void av_aes_ctr_set_iv(struct AVAESCTR *a, const uint8_t *iv)
Forcefully change the 8-byte iv.
Definition: aes_ctr.c:45
av_aes_ctr_set_full_iv
void av_aes_ctr_set_full_iv(struct AVAESCTR *a, const uint8_t *iv)
Forcefully change the "full" 16-byte iv, including the counter.
Definition: aes_ctr.c:51
AV_RN64A
#define AV_RN64A(p)
Definition: intreadwrite.h:526
aes_ctr.h
AVAESCTR::encrypted_counter
uint8_t encrypted_counter[AES_BLOCK_SIZE]
Definition: aes_ctr.c:36
a
The reader does not expect b to be semantically here and if the code is changed by maybe adding a a division or other the signedness will almost certainly be mistaken To avoid this confusion a new type was SUINT is the C unsigned type but it holds a signed int to use the same example SUINT a
Definition: undefined.txt:41
aes_internal.h
av_aes_ctr_free
void av_aes_ctr_free(struct AVAESCTR *a)
Release an AVAESCTR context.
Definition: aes_ctr.c:80
av_mallocz
void * av_mallocz(size_t size)
Allocate a memory block with alignment suitable for all memory accesses (including vectors if availab...
Definition: mem.c:256
len
int len
Definition: vorbis_enc_data.h:426
AV_RN32A
#define AV_RN32A(p)
Definition: intreadwrite.h:522
AVAES
Definition: aes_internal.h:34
random_seed.h
AVAESCTR::counter
uint8_t counter[AES_BLOCK_SIZE]
Definition: aes_ctr.c:35
av_aes_ctr_increment_iv
void av_aes_ctr_increment_iv(struct AVAESCTR *a)
Increment the top 64 bit of the iv (performed after each frame)
Definition: aes_ctr.c:91
av_aes_ctr_crypt
void av_aes_ctr_crypt(struct AVAESCTR *a, uint8_t *dst, const uint8_t *src, int count)
Process a buffer using a previously initialized context.
Definition: aes_ctr.c:97
mem.h
av_free
#define av_free(p)
Definition: tableprint_vlc.h:34
AES_CTR_IV_SIZE
#define AES_CTR_IV_SIZE
Definition: aes_ctr.h:36
AV_WN64
#define AV_WN64(p, v)
Definition: intreadwrite.h:376
av_aes_ctr_increment_be64
static void av_aes_ctr_increment_be64(uint8_t *counter)
Definition: aes_ctr.c:85
AVAESCTR
Definition: aes_ctr.c:34
src
#define src
Definition: vp8dsp.c:248
Generated on Sat Apr 12 2025 19:22:59 for FFmpeg by   doxygen 1.8.17