21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

The function spc_cfb_encrypt_update( ), which is shown later in this section, has the<br />

following signature:<br />

int spc_cfb_encrypt_update(CFB_CTX *ctx, unsigned char *in, size_t il,<br />

unsigned char *out);<br />

This function has the following arguments:<br />

ctx<br />

Pointer to the SPC_CFB_CTX object associated with the current message.<br />

in<br />

Pointer to the plaintext data to be encrypted.<br />

il<br />

Number of bytes of plaintext to be encrypted.<br />

out<br />

Pointer to the output buffer, which needs to be exactly as long as the input plaintext<br />

data.<br />

Our implementation of this function always returns 1, but a hardwarebased<br />

implementation might have an unexpected failure, so it’s important<br />

to check the return value!<br />

This API is in the spirit of PKCS #11, which provides a standard cryptographic interface<br />

to hardware. We do this so that the above functions can have the bulk of their<br />

implementations replaced with calls to PKCS #11–compliant hardware. PKCS #11<br />

APIs generally pass out data explicitly indicating the length of data outputted, while<br />

we ignore that because it will always be zero on failure or the size of the input buffer<br />

on success. Also note that PKCS #11–based calls tend to order their arguments differently<br />

from the way we do, and they will not generally wipe key material, as we do<br />

in our initialization and finalization routines.<br />

Because this API is developed with PKCS #11 in mind, it’s somewhat<br />

more low-level than it needs to be and therefore is a bit difficult to use<br />

properly. First, you need to be sure the output buffer is big enough to<br />

hold the input; otherwise, you will have a buffer overflow. Second,<br />

you need to make sure the out argument always points to the first<br />

unused byte in the output buffer. Otherwise, you will keep overwriting<br />

the same data every time spc_cfb_encrypt_update( ) outputs.<br />

Here’s our implementation of spc_cfb_encrypt_update( ):<br />

int spc_cfb_encrypt_update(SPC_CFB_CTX *ctx, unsigned char *in, size_t il,<br />

unsigned char *out) {<br />

int i;<br />

if (ctx->ix) {<br />

while (ctx->ix) {<br />

190 | Chapter 5: Symmetric Encryption<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!