X-Git-Url: https://main.carlh.net/gitweb/?a=blobdiff_plain;f=src%2FAS_DCP_AES.cpp;h=379e8abe9e42deead11e1726f7603ecf3d3ccaf9;hb=665b2e2e5dcf2266e636d29bcf4ef281da65117f;hp=fbb19908ca5b4e11bb7191ee03e28134b438b298;hpb=a48b3a939a031ec369c58b054c126d7dec963a18;p=asdcplib.git diff --git a/src/AS_DCP_AES.cpp b/src/AS_DCP_AES.cpp index fbb1990..379e8ab 100755 --- a/src/AS_DCP_AES.cpp +++ b/src/AS_DCP_AES.cpp @@ -58,6 +58,7 @@ print_ssl_error() class ASDCP::AESEncContext::h__AESContext : public AES_KEY { public: + Kumu::SymmetricKey m_KeyBuf; byte_t m_IVec[CBC_BLOCK_SIZE]; }; @@ -76,8 +77,9 @@ ASDCP::AESEncContext::InitKey(const byte_t* key) return RESULT_INIT; m_Context = new h__AESContext; + m_Context->m_KeyBuf.Set(key); - if ( AES_set_encrypt_key(key, KEY_SIZE_BITS, m_Context) ) + if ( AES_set_encrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) ) { print_ssl_error(); return RESULT_CRYPT_INIT; @@ -159,6 +161,7 @@ ASDCP::AESEncContext::EncryptBlock(const byte_t* pt_buf, byte_t* ct_buf, ui32_t class ASDCP::AESDecContext::h__AESContext : public AES_KEY { public: + Kumu::SymmetricKey m_KeyBuf; byte_t m_IVec[CBC_BLOCK_SIZE]; }; @@ -177,8 +180,9 @@ ASDCP::AESDecContext::InitKey(const byte_t* key) return RESULT_INIT; m_Context = new h__AESContext; + m_Context->m_KeyBuf.Set(key); - if ( AES_set_decrypt_key(key, KEY_SIZE_BITS, m_Context) ) + if ( AES_set_decrypt_key(m_Context->m_KeyBuf.Value(), KEY_SIZE_BITS, m_Context) ) { print_ssl_error(); return RESULT_CRYPT_INIT; @@ -241,27 +245,8 @@ ASDCP::AESDecContext::DecryptBlock(const byte_t* ct_buf, byte_t* pt_buf, ui32_t static const ui32_t B_len = 64; // rfc 2104, Sec. 2 -static byte_t ipad[B_len] = { - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 -}; - -static byte_t opad[B_len] = { - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c -}; +static byte_t const ipad_const = 0x36; +static byte_t const opad_const = 0x5c; class HMACContext::h__HMACContext { @@ -281,6 +266,9 @@ public: { byte_t rng_buf[SHA_DIGEST_LENGTH*2]; Kumu::Gen_FIPS_186_Value(key, KeyLen, rng_buf, SHA_DIGEST_LENGTH*2); + + // rng_buf contains two rounds, x0 and x1 (each 160 bits). + // Use x1 per SMPTE 430-6-2006 Sec. 7.10 memcpy(m_key, rng_buf+SHA_DIGEST_LENGTH, KeyLen); Reset(); } @@ -317,7 +305,7 @@ public: // H(K XOR opad, H(K XOR ipad, text)) // ^^^^^^^^^^ for ( ui32_t i = 0; i < B_len; i++ ) - xor_buf[i] ^= ipad[i]; + xor_buf[i] ^= ipad_const; SHA1_Update(&m_SHA, xor_buf, B_len); } @@ -347,7 +335,7 @@ public: // H(K XOR opad, H(K XOR ipad, text)) // ^^^^^^^^^^ for ( ui32_t i = 0; i < B_len; i++ ) - xor_buf[i] ^= opad[i]; + xor_buf[i] ^= opad_const; SHA1_Update(&SHA, xor_buf, B_len);