crypter_t api supports in-place encryption using NULL as output parameter

4 files changed, 57 insertions, 17 deletions

diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h
index 0c1052d63..5a64b1cf7 100644
--- a/src/libstrongswan/crypto/crypters/crypter.h
+++ b/src/libstrongswan/crypto/crypters/crypter.h
@@ -63,10 +63,11 @@ struct crypter_t {
 	 *
 	 * The length of the iv must equal to get_block_size(), while the length
 	 * of data must be a multiple it.
+	 * If encrypted is NULL, the encryption is done in-place (overwriting data).
 	 *
 	 * @param data			data to encrypt
 	 * @param iv			initializing vector
-	 * @param encrypted		chunk to allocate encrypted data
+	 * @param encrypted		chunk to allocate encrypted data, or NULL
 	 */
 	void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
 					 chunk_t *encrypted);
@@ -76,10 +77,11 @@ struct crypter_t {
 	 *
 	 * The length of the iv must equal to get_block_size(), while the length
 	 * of data must be a multiple it.
+	 * If decrpyted is NULL, the encryption is done in-place (overwriting data).
 	 * 
 	 * @param data			data to decrypt
 	 * @param iv			initializing vector
-	 * @param encrypted		chunk to allocate decrypted data
+	 * @param encrypted		chunk to allocate decrypted data, or NULL
 	 */
 	void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
 					 chunk_t *decrypted);
diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c
index 504281138..046ac9b3d 100644
--- a/src/libstrongswan/plugins/aes/aes_crypter.c
+++ b/src/libstrongswan/plugins/aes/aes_crypter.c
@@ -1345,9 +1345,16 @@ static void decrypt(private_aes_crypter_t *this, chunk_t data, chunk_t iv,
 	const u_int32_t *iv_i;
 	u_int8_t *in, *out;
 	
-	*decrypted = chunk_alloc(data.len);
+	if (decrypted)
+	{
+		*decrypted = chunk_alloc(data.len);
+		out = decrypted->ptr;
+	}
+	else
+	{
+		out = data.ptr;
+	}
 	in = data.ptr;
-	out = decrypted->ptr;
 	
 	pos = data.len-16;
 	in += pos;
@@ -1384,9 +1391,13 @@ static void encrypt (private_aes_crypter_t *this, chunk_t data, chunk_t iv,
 	const u_int32_t *iv_i;
 	u_int8_t *in, *out;
 	
-	*encrypted = chunk_alloc(data.len);
 	in = data.ptr;
-	out = encrypted->ptr;
+	out = data.ptr;
+	if (encrypted)
+	{
+		*encrypted = chunk_alloc(data.len);
+		out = encrypted->ptr;
+	}
 	
 	pos=0;
 	while(pos<data.len)
diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c
index 792f813a2..06d497946 100644
--- a/src/libstrongswan/plugins/des/des_crypter.c
+++ b/src/libstrongswan/plugins/des/des_crypter.c
@@ -1364,10 +1364,15 @@ static void decrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
 					chunk_t *decrypted)
 {
 	des_cblock ivb;
+	u_int8_t *out;
 	
-	*decrypted = chunk_alloc(data.len);
+	out = data.ptr;
+	if (decrypted)
+	{
+		*decrypted = chunk_alloc(data.len);
+	}
 	memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-	des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+	des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
 					 data.len, this->ks, &ivb, DES_DECRYPT);
 }
 
@@ -1379,10 +1384,15 @@ static void encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv,
 						chunk_t *encrypted)
 {
 	des_cblock ivb;
+	u_int8_t *out;
 	
-	*encrypted = chunk_alloc(data.len);
+	out = data.ptr;
+	if (encrypted)
+	{
+		*encrypted = chunk_alloc(data.len);
+	}
 	memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-	des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+	des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
 					 data.len, this->ks, &ivb, DES_ENCRYPT);
 }
 
@@ -1393,10 +1403,15 @@ static void decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
 					 chunk_t *decrypted)
 {
 	des_cblock ivb;
+	u_int8_t *out;
 	
-	*decrypted = chunk_alloc(data.len);
+	out = data.ptr;
+	if (decrypted)
+	{
+		*decrypted = chunk_alloc(data.len);
+	}
 	memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-	des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+	des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
 						 data.len, this->ks3[0], this->ks3[1], this->ks3[2],
 						 &ivb, DES_DECRYPT);
 }
@@ -1408,10 +1423,15 @@ static void encrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv,
 					 chunk_t *encrypted)
 {
 	des_cblock ivb;
+	u_int8_t *out;
 	
-	*encrypted = chunk_alloc(data.len);
+	out = data.ptr;
+	if (encrypted)
+	{
+		*encrypted = chunk_alloc(data.len);
+	}
 	memcpy(&ivb, iv.ptr, sizeof(des_cblock));
-	des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+	des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)out,
 						  data.len, this->ks3[0], this->ks3[1], this->ks3[2],
 						  &ivb, DES_ENCRYPT);
 }
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index 8cbeac5d4..8b9b37904 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -116,13 +116,20 @@ static void crypt(private_openssl_crypter_t *this, chunk_t data,
 					chunk_t iv, chunk_t *dst, int enc)
 {
 	int len;
+	u_char *out;
+	
+	out = data.ptr;
+	if (dst)
+	{
+		*dst = chunk_alloc(data.len);
+		out = dst->ptr;
+	}
 	EVP_CIPHER_CTX ctx;
 	EVP_CIPHER_CTX_init(&ctx);
 	EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc);
 	EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */
-	*dst = chunk_alloc(data.len);
-	EVP_CipherUpdate(&ctx, dst->ptr, &len, data.ptr, data.len);
-	EVP_CipherFinal_ex(&ctx, dst->ptr, &len); /* since padding is disabled this does nothing */
+	EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len);
+	EVP_CipherFinal_ex(&ctx, out, &len); /* since padding is disabled this does nothing */
 	EVP_CIPHER_CTX_cleanup(&ctx);
 }