自学教程：C++ xorbuf函数代码示例

void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length){	if (length <= BlockSize())	{		if (!m_stolenIV)			throw InvalidArgument("CBC_Encryption: message is too short for ciphertext stealing");		// steal from IV		memcpy(outString, m_register, length);		outString = m_stolenIV;	}	else	{		// steal from next to last block		xorbuf(m_register, inString, BlockSize());		m_cipher->ProcessBlock(m_register);		inString += BlockSize();		length -= BlockSize();		memcpy(outString+BlockSize(), m_register, length);	}	// output last full ciphertext block	xorbuf(m_register, inString, length);	m_cipher->ProcessBlock(m_register);	memcpy(outString, m_register, BlockSize());}

void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length){	const byte *pn, *pn1;	bool stealIV = length <= BlockSize();	if (stealIV)	{		pn = inString;		pn1 = m_register;	}	else	{		pn = inString + BlockSize();		pn1 = inString;		length -= BlockSize();	}	// decrypt last partial plaintext block	memcpy(m_temp, pn1, BlockSize());	m_cipher->ProcessBlock(m_temp);	xorbuf(m_temp, pn, length);	if (stealIV)		memcpy(outString, m_temp, length);	else	{		memcpy(outString+BlockSize(), m_temp, length);		// decrypt next to last plaintext block		memcpy(m_temp, pn, length);		m_cipher->ProcessBlock(m_temp);		xorbuf(outString, m_temp, m_register, BlockSize());	}}

byte X917RNG::GenerateByte(){	if (randbuf_counter==0)	{		// calculate new enciphered timestamp		if (m_deterministicTimeVector)		{			xorbuf(dtbuf, (byte *)&m_deterministicTimeVector, STDMIN((int)sizeof(m_deterministicTimeVector), S));			while (++m_deterministicTimeVector == 0) {}	// skip 0		}		else		{			clock_t tstamp = clock();			xorbuf(dtbuf, (byte *)&tstamp, STDMIN((int)sizeof(tstamp), S));		}		cipher->ProcessBlock(dtbuf);		// combine enciphered timestamp with seed		xorbuf(randseed, dtbuf, S);		// generate a new block of random bytes		cipher->ProcessBlock(randseed, randbuf);		// compute new seed vector		for (int i=0; i<S; i++)			randseed[i] = randbuf[i] ^ dtbuf[i];		cipher->ProcessBlock(randseed);		randbuf_counter=S;	}	return(randbuf[--randbuf_counter]);}

void AdditiveCipherTemplate<S>::ProcessData(byte *outString, const byte *inString, size_t length){	if (m_leftOver > 0)	{		size_t len = STDMIN(m_leftOver, length);		xorbuf(outString, inString, KeystreamBufferEnd()-m_leftOver, len);		length -= len;		m_leftOver -= len;		inString += len;		outString += len;		if (!length)			return;	}	CRYPTOPP_ASSERT(m_leftOver == 0);	PolicyInterface &policy = this->AccessPolicy();	unsigned int bytesPerIteration = policy.GetBytesPerIteration();	if (policy.CanOperateKeystream() && length >= bytesPerIteration)	{		size_t iterations = length / bytesPerIteration;		unsigned int alignment = policy.GetAlignment();		KeystreamOperation operation = KeystreamOperation((IsAlignedOn(inString, alignment) * 2) | (int)IsAlignedOn(outString, alignment));		policy.OperateKeystream(operation, outString, inString, iterations);		inString += iterations * bytesPerIteration;		outString += iterations * bytesPerIteration;		length -= iterations * bytesPerIteration;		if (!length)			return;	}	size_t bufferByteSize = m_buffer.size();	size_t bufferIterations = bufferByteSize / bytesPerIteration;	while (length >= bufferByteSize)	{		policy.WriteKeystream(m_buffer, bufferIterations);		xorbuf(outString, inString, KeystreamBufferBegin(), bufferByteSize);		length -= bufferByteSize;		inString += bufferByteSize;		outString += bufferByteSize;	}	if (length > 0)	{		bufferByteSize = RoundUpToMultipleOf(length, bytesPerIteration);		bufferIterations = bufferByteSize / bytesPerIteration;		policy.WriteKeystream(KeystreamBufferEnd()-bufferByteSize, bufferIterations);		xorbuf(outString, inString, KeystreamBufferEnd()-bufferByteSize, length);		m_leftOver = bufferByteSize - length;	}}

inline void AdditiveCipherTemplate<S>::ProcessData(byte *outString, const byte *inString, unsigned int length){	if (m_leftOver > 0)	{		unsigned int len = STDMIN(m_leftOver, length);		xorbuf(outString, inString, KeystreamBufferEnd()-m_leftOver, len);		length -= len;		m_leftOver -= len;		inString += len;		outString += len;	}	if (!length)		return;	assert(m_leftOver == 0);	PolicyInterface &policy = this->AccessPolicy();	unsigned int bytesPerIteration = policy.GetBytesPerIteration();	unsigned int alignment = policy.GetAlignment();	if (policy.CanOperateKeystream() && length >= bytesPerIteration && IsAlignedOn(outString, alignment))	{		if (IsAlignedOn(inString, alignment))			policy.OperateKeystream(XOR_KEYSTREAM, outString, inString, length / bytesPerIteration);		else		{			memcpy(outString, inString, length);			policy.OperateKeystream(XOR_KEYSTREAM_INPLACE, outString, outString, length / bytesPerIteration);		}		inString += length - length % bytesPerIteration;		outString += length - length % bytesPerIteration;		length %= bytesPerIteration;		if (!length)			return;	}	unsigned int bufferByteSize = GetBufferByteSize(policy);	unsigned int bufferIterations = policy.GetIterationsToBuffer();	while (length >= bufferByteSize)	{		policy.WriteKeystream(m_buffer, bufferIterations);		xorbuf(outString, inString, KeystreamBufferBegin(), bufferByteSize);		length -= bufferByteSize;		inString += bufferByteSize;		outString += bufferByteSize;	}	if (length > 0)	{		policy.WriteKeystream(m_buffer, bufferIterations);		xorbuf(outString, inString, KeystreamBufferBegin(), length);		m_leftOver = bytesPerIteration - length;	}}

void SEAL::ProcessString(byte *outString, const byte *inString, unsigned int length){	while (length >= L/8-position)	{		xorbuf(outString, inString, buffer+position, L/8-position);		length -= L/8-position;		inString += L/8-position;		outString += L/8-position;		IncrementCounter();	}	xorbuf(outString, inString, buffer+position, length);	position += length;}

void CBC_Encryption::ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks){	unsigned int blockSize = BlockSize();	xorbuf(m_register, inString, blockSize);	while (--numberOfBlocks)	{		m_cipher->ProcessBlock(m_register, outString);		inString += blockSize;		xorbuf(m_register, inString, outString, blockSize);		outString += blockSize;	}	m_cipher->ProcessBlock(m_register);	memcpy(outString, m_register, blockSize);}

void SHA3::Update(const byte *input, size_t length){	size_t spaceLeft;	while (length >= (spaceLeft = r() - m_counter))	{		xorbuf(m_state.BytePtr() + m_counter, input, spaceLeft);		KeccakF1600(m_state);		input += spaceLeft;		length -= spaceLeft;		m_counter = 0;	}	xorbuf(m_state.BytePtr() + m_counter, input, length);	m_counter += (unsigned int)length;}

void VDA_CBCNotPaddedDecryptor_3_2::NextPut(const byte *inString, unsigned int){   cipher.ProcessBlock(inString, buffer);   xorbuf(buffer, reg, S);   AttachedTransformation()->Put(buffer, S);   memcpy(reg, inString, S);}

int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,           int sLen, int iterations, int kLen, int hashType){    word32 i = 1;    int    hLen;    int    j, ret;    Hmac   hmac;    byte   buffer[MAX_DIGEST_SIZE];    if (hashType == MD5) {        hLen = MD5_DIGEST_SIZE;    }    else if (hashType == SHA) {        hLen = SHA_DIGEST_SIZE;    }#ifndef NO_SHA256    else if (hashType == SHA256) {        hLen = SHA256_DIGEST_SIZE;    }#endif#ifdef CYASSL_SHA512    else if (hashType == SHA512) {        hLen = SHA512_DIGEST_SIZE;    }#endif    else        return BAD_FUNC_ARG;    ret = HmacSetKey(&hmac, hashType, passwd, pLen);    if (ret != 0)        return ret;    while (kLen) {        int currentLen;        HmacUpdate(&hmac, salt, sLen);        /* encode i */        for (j = 0; j < 4; j++) {            byte b = (byte)(i >> ((3-j) * 8));            HmacUpdate(&hmac, &b, 1);        }        HmacFinal(&hmac, buffer);        currentLen = min(kLen, hLen);        XMEMCPY(output, buffer, currentLen);        for (j = 1; j < iterations; j++) {            HmacUpdate(&hmac, buffer, hLen);            HmacFinal(&hmac, buffer);            xorbuf(output, buffer, currentLen);        }        output += currentLen;        kLen   -= currentLen;        i++;    }    return 0;}

void CBCPaddedDecryptor::ProcessBuf(){	cipher.ProcessBlock(buffer, temp);	xorbuf(temp, reg, S);	outQueue->Put(temp, S);	reg.swap(buffer);	counter = 0;}

void OldRandomPool::IncorporateEntropy(const byte *input, size_t length){	size_t t;	while (length > (t = pool.size() - addPos))	{		xorbuf(pool+addPos, input, t);		input += t;		length -= t;		Stir();	}	if (length)	{		xorbuf(pool+addPos, input, length);		addPos += length;		getPos = pool.size(); // Force stir on get	}}

void EAX_Base::AuthenticateLastFooterBlock(byte *tag, size_t macSize){	CRYPTOPP_ASSERT(m_bufferedDataLength == 0);	MessageAuthenticationCode &mac = AccessMAC();	unsigned int blockSize = mac.TagSize();	mac.TruncatedFinal(m_buffer, macSize);	xorbuf(tag, m_buffer, m_buffer+blockSize, macSize);}

void CMAC_Base::Update(const byte *input, size_t length){	assert((input && length) || !(input || length));	if (!length)		return;	BlockCipher &cipher = AccessCipher();	unsigned int blockSize = cipher.BlockSize();	if (m_counter > 0)	{		const unsigned int len = UnsignedMin(blockSize - m_counter, length);		if (len)		{			xorbuf(m_reg+m_counter, input, len);			length -= len;			input += len;			m_counter += len;		}		if (m_counter == blockSize && length > 0)		{			cipher.ProcessBlock(m_reg);			m_counter = 0;		}	}	if (length > blockSize)	{		assert(m_counter == 0);		size_t leftOver = 1 + cipher.AdvancedProcessBlocks(m_reg, input, m_reg, length-1, BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput);		input += (length - leftOver);		length = leftOver;	}	if (length > 0)	{		assert(m_counter + length <= blockSize);		xorbuf(m_reg+m_counter, input, length);		m_counter += (unsigned int)length;	}	assert(m_counter > 0);}

void RandomPool::Put(const byte *inString, unsigned int length){	unsigned t;	while (length > (t = pool.size - addPos))	{		xorbuf(pool+addPos, inString, t);		inString += t;		length -= t;		Stir();	}	if (length)	{		xorbuf(pool+addPos, inString, length);		addPos += length;		getPos = pool.size; // Force stir on get	}}

bool DSA::GeneratePrimes(const byte *seedIn, unsigned int g, int &counter,						  Integer &p, unsigned int L, Integer &q, bool useInputCounterValue){	assert(g%8 == 0);	SHA sha;	SecByteBlock seed(seedIn, g/8);	SecByteBlock U(SHA::DIGESTSIZE);	SecByteBlock temp(SHA::DIGESTSIZE);	SecByteBlock W(((L-1)/160+1) * SHA::DIGESTSIZE);	const int n = (L-1) / 160;	const int b = (L-1) % 160;	Integer X;	sha.CalculateDigest(U, seed, g/8);	for (int i=g/8-1, carry=true; i>=0 && carry; i--)		carry=!++seed[i];	sha.CalculateDigest(temp, seed, g/8);	xorbuf(U, temp, SHA::DIGESTSIZE);	U[0] |= 0x80;	U[SHA::DIGESTSIZE-1] |= 1;	q.Decode(U, SHA::DIGESTSIZE);	if (!IsPrime(q))		return false;	int counterEnd = useInputCounterValue ? counter+1 : 4096;	for (int c = 0; c < counterEnd; c++)	{		for (int k=0; k<=n; k++)		{			for (int i=g/8-1, carry=true; i>=0 && carry; i--)				carry=!++seed[i];			if (!useInputCounterValue || c == counter)				sha.CalculateDigest(W+(n-k)*SHA::DIGESTSIZE, seed, g/8);		}		if (!useInputCounterValue || c == counter)		{			W[SHA::DIGESTSIZE - 1 - b/8] |= 0x80;			X.Decode(W + SHA::DIGESTSIZE - 1 - b/8, L/8);			p = X-((X % (2*q))-1);			if (p.GetBit(L-1) && IsPrime(p))			{				counter = c;				return true;			}		}	}	return false;}

void SHA3::Update(const byte *input, size_t length){    CRYPTOPP_ASSERT((input && length) || !(input || length));    if (!length) { return; }    size_t spaceLeft;    while (length >= (spaceLeft = r() - m_counter))    {        if (spaceLeft)            xorbuf(m_state.BytePtr() + m_counter, input, spaceLeft);        KeccakF1600(m_state);        input += spaceLeft;        length -= spaceLeft;        m_counter = 0;    }    if (length)        xorbuf(m_state.BytePtr() + m_counter, input, length);    m_counter += (unsigned int)length;}

unsigned int RandomPool::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking){    unsigned t;    while (length > (t = pool.size() - addPos))    {        xorbuf(pool+addPos, inString, t);        inString += t;        length -= t;        Stir();    }    if (length)    {        xorbuf(pool+addPos, inString, length);        addPos += length;        getPos = pool.size(); // Force stir on get    }    return 0;}

// CBC Encryptinline void Mode_BASE::CBC_Encrypt(byte* out, const byte* in, word32 sz){    word32 blocks = sz / blockSz_;    while (blocks--) {        xorbuf(reg_, in, blockSz_);        ProcessAndXorBlock(reg_, 0, reg_);        memcpy(out, reg_, blockSz_);        out += blockSz_;        in  += blockSz_;    }}

void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz){    word32 blocks = sz / DES_BLOCK_SIZE;    while (blocks--) {        xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);        Des3ProcessBlock(des, (byte*)des->reg, (byte*)des->reg);        XMEMCPY(out, des->reg, DES_BLOCK_SIZE);        out += DES_BLOCK_SIZE;        in  += DES_BLOCK_SIZE;     }}

void PSSR_MEM_Base::ComputeMessageRepresentative(RandomNumberGenerator &rng, 	const byte *recoverableMessage, size_t recoverableMessageLength,	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,	byte *representative, size_t representativeBitLength) const{	assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));	const size_t u = hashIdentifier.second + 1;	const size_t representativeByteLength = BitsToBytes(representativeBitLength);	const size_t digestSize = hash.DigestSize();	const size_t saltSize = SaltLen(digestSize);	byte *const h = representative + representativeByteLength - u - digestSize;	SecByteBlock digest(digestSize), salt(saltSize);	hash.Final(digest);	rng.GenerateBlock(salt, saltSize);	// compute H = hash of M'	byte c[8];	PutWord(false, BIG_ENDIAN_ORDER, c, (word32)SafeRightShift<29>(recoverableMessageLength));	PutWord(false, BIG_ENDIAN_ORDER, c+4, word32(recoverableMessageLength << 3));	hash.Update(c, 8);	hash.Update(recoverableMessage, recoverableMessageLength);	hash.Update(digest, digestSize);	hash.Update(salt, saltSize);	hash.Final(h);	// compute representative	GetMGF().GenerateAndMask(hash, representative, representativeByteLength - u - digestSize, h, digestSize, false);	byte *xorStart = representative + representativeByteLength - u - digestSize - salt.size() - recoverableMessageLength - 1;	xorStart[0] ^= 1;	xorbuf(xorStart + 1, recoverableMessage, recoverableMessageLength);	xorbuf(xorStart + 1 + recoverableMessageLength, salt, salt.size());	memcpy(representative + representativeByteLength - u, hashIdentifier.first, hashIdentifier.second);	representative[representativeByteLength - 1] = hashIdentifier.second ? 0xcc : 0xbc;	if (representativeBitLength % 8 != 0)		representative[0] = (byte)Crop(representative[0], representativeBitLength % 8);}

/* see bearssl_block.h */uint32_tbr_aes_small_ctr_run(const br_aes_small_ctr_keys *ctx,	const void *iv, uint32_t cc, void *data, size_t len){	unsigned char *buf;	buf = data;	while (len > 0) {		unsigned char tmp[16];		memcpy(tmp, iv, 12);		br_enc32be(tmp + 12, cc ++);		br_aes_small_encrypt(ctx->num_rounds, ctx->skey, tmp);		if (len <= 16) {			xorbuf(buf, tmp, len);			break;		}		xorbuf(buf, tmp, 16);		buf += 16;		len -= 16;	}	return cc;}

size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t length, word32 flags) const{	CRYPTOPP_ASSERT(inBlocks);	CRYPTOPP_ASSERT(outBlocks);	CRYPTOPP_ASSERT(length);	size_t blockSize = BlockSize();	size_t inIncrement = (flags & (BT_InBlockIsCounter|BT_DontIncrementInOutPointers)) ? 0 : blockSize;	size_t xorIncrement = xorBlocks ? blockSize : 0;	size_t outIncrement = (flags & BT_DontIncrementInOutPointers) ? 0 : blockSize;	if (flags & BT_ReverseDirection)	{		CRYPTOPP_ASSERT(length % blockSize == 0);		inBlocks += length - blockSize;		xorBlocks += length - blockSize;		outBlocks += length - blockSize;		inIncrement = 0-inIncrement;		xorIncrement = 0-xorIncrement;		outIncrement = 0-outIncrement;	}	while (length >= blockSize)	{		if (flags & BT_XorInput)		{			// Coverity finding. However, xorBlocks is never NULL if BT_XorInput.			CRYPTOPP_ASSERT(xorBlocks);#if defined(__COVERITY__)			if (xorBlocks)#endif			xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);			ProcessBlock(outBlocks);		}		else		{			// xorBlocks can be NULL. See, for example, ECB_OneWay::ProcessData.			ProcessAndXorBlock(inBlocks, xorBlocks, outBlocks);		}		if (flags & BT_InBlockIsCounter)			const_cast<byte *>(inBlocks)[blockSize-1]++;		inBlocks += inIncrement;		outBlocks += outIncrement;		xorBlocks += xorIncrement;		length -= blockSize;	}	return length;}

size_t ArrayXorSink::Put2(const byte *begin, size_t length, int messageEnd, bool blocking){	CRYPTOPP_UNUSED(messageEnd); CRYPTOPP_UNUSED(blocking);	// Avoid passing NULL pointer to xorbuf	size_t copied = 0;	if (m_buf && begin)	{		copied = STDMIN(length, SaturatingSubtract(m_size, m_total));		xorbuf(m_buf+m_total, begin, copied);	}	m_total += copied;	return length - copied;}

/* see bearssl_block.h */voidbr_aes_big_ctrcbc_mac(const br_aes_big_ctrcbc_keys *ctx,	void *cbcmac, const void *data, size_t len){	const unsigned char *buf;	buf = data;	while (len > 0) {		xorbuf(cbcmac, buf, 16);		br_aes_big_encrypt(ctx->num_rounds, ctx->skey, cbcmac);		buf += 16;		len -= 16;	}}

int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz){    word32 blocks = sz / DES_BLOCK_SIZE;    while (blocks--) {        XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);        DesProcessBlock(des, (byte*)des->tmp, out);        xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);        XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);        out += DES_BLOCK_SIZE;        in  += DES_BLOCK_SIZE;    }    return 0;}

void CCM_Base::AuthenticateLastHeaderBlock(){	byte *cbcBuffer = CBC_Buffer();	const BlockCipher &cipher = GetBlockCipher();	if (m_aadLength != m_totalHeaderLength)		throw InvalidArgument(AlgorithmName() + ": header length doesn't match that given in SpecifyDataLengths");	if (m_bufferedDataLength > 0)	{		xorbuf(cbcBuffer, m_buffer, m_bufferedDataLength);		cipher.ProcessBlock(cbcBuffer);		m_bufferedDataLength = 0;	}}

X917RNG::X917RNG(BlockTransformation *c, const byte *seed, unsigned long deterministicTimeVector)	: cipher(c),	  S(cipher->BlockSize()),	  dtbuf(S),	  randseed(seed, S),	  randbuf(S),	  randbuf_counter(0),	  m_deterministicTimeVector(deterministicTimeVector){	if (m_deterministicTimeVector)	{		memset(dtbuf, 0, S);		memcpy(dtbuf, (byte *)&m_deterministicTimeVector, STDMIN((int)sizeof(m_deterministicTimeVector), S));	}	else	{		time_t tstamp1 = time(0);		xorbuf(dtbuf, (byte *)&tstamp1, STDMIN((int)sizeof(tstamp1), S));		cipher->ProcessBlock(dtbuf);		clock_t tstamp2 = clock();		xorbuf(dtbuf, (byte *)&tstamp2, STDMIN((int)sizeof(tstamp2), S));		cipher->ProcessBlock(dtbuf);	}}