Update external polarssl to 1.3.8

There were some fixes back on March 13th, 2014 for fixing compiling on MIPS64.
Also some fixes on June 25th, 2014 for SPARC64 fixes.

Probably more things, but those are what I care about.
This commit is contained in:
Ryan Houdek
2014-09-08 01:58:33 -05:00
parent 6ea82790ba
commit a48e284317
130 changed files with 12346 additions and 4632 deletions

View File

@ -1,7 +1,7 @@
/*
* Camellia implementation
*
* Copyright (C) 2006-2013, Brainspark B.V.
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -29,14 +29,29 @@
* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_CAMELLIA_C)
#include "polarssl/camellia.h"
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#if !defined(POLARSSL_CAMELLIA_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* 32-bit integer manipulation macros (big endian)
*/
@ -97,86 +112,86 @@ static const unsigned char FSb[256] =
#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
#else
#else /* POLARSSL_CAMELLIA_SMALL_MEMORY */
static const unsigned char FSb[256] =
{
112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77,
139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215,
20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80,
170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148,
135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77,
139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215,
20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80,
170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148,
135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
};
static const unsigned char FSb2[256] =
{
224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130,
70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123,
13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52,
77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154,
23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51,
191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175,
40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68,
253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160,
85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165,
32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41,
15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197,
164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92,
211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178,
240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245,
228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73,
128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61
224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130,
70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123,
13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52,
77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154,
23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51,
191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175,
40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68,
253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160,
85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165,
32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41,
15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197,
164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92,
211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178,
240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245,
228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73,
128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61
};
static const unsigned char FSb3[256] =
{
56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160,
145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222,
67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13,
83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166,
197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204,
239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235,
10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17,
127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40,
85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105,
8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74,
195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23,
244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172,
60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125,
57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82,
32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79
56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160,
145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222,
67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13,
83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166,
197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204,
239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235,
10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17,
127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40,
85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105,
8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74,
195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23,
244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172,
60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125,
57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82,
32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79
};
static const unsigned char FSb4[256] =
{
112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146,
134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108,
139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4,
20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105,
170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221,
135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99,
233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141,
114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128,
130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189,
184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77,
13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215,
88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80,
208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148,
92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46,
121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250,
7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158
112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146,
134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108,
139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4,
20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105,
170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221,
135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99,
233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141,
114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128,
130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189,
184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77,
13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215,
88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80,
208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148,
92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46,
121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250,
7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158
};
#define SBOX1(n) FSb[(n)]
@ -184,7 +199,7 @@ static const unsigned char FSb4[256] =
#define SBOX3(n) FSb3[(n)]
#define SBOX4(n) FSb4[(n)]
#endif
#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */
static const unsigned char shifts[2][4][4] =
{
@ -258,13 +273,13 @@ static const signed char transposes[2][20] =
(XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR); \
(XL) = ((XR) | (KR)) ^ (XL); \
}
#define FLInv(YL, YR, KL, KR) \
{ \
(YL) = ((YR) | (KR)) ^ (YL); \
(YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR); \
}
#define SHIFT_AND_PLACE(INDEX, OFFSET) \
{ \
TK[0] = KC[(OFFSET) * 4 + 0]; \
@ -272,17 +287,18 @@ static const signed char transposes[2][20] =
TK[2] = KC[(OFFSET) * 4 + 2]; \
TK[3] = KC[(OFFSET) * 4 + 3]; \
\
for ( i = 1; i <= 4; i++ ) \
if (shifts[(INDEX)][(OFFSET)][i -1]) \
ROTL(TK + i * 4, TK, (15 * i) % 32); \
for( i = 1; i <= 4; i++ ) \
if( shifts[(INDEX)][(OFFSET)][i -1] ) \
ROTL(TK + i * 4, TK, ( 15 * i ) % 32); \
\
for ( i = 0; i < 20; i++ ) \
if (indexes[(INDEX)][(OFFSET)][i] != -1) { \
RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \
} \
for( i = 0; i < 20; i++ ) \
if( indexes[(INDEX)][(OFFSET)][i] != -1 ) { \
RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \
} \
}
static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t z[2])
static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
uint32_t z[2])
{
uint32_t I0, I1;
I0 = x[0] ^ k[0];
@ -306,10 +322,24 @@ static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t
z[1] ^= I0;
}
void camellia_init( camellia_context *ctx )
{
memset( ctx, 0, sizeof( camellia_context ) );
}
void camellia_free( camellia_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( camellia_context ) );
}
/*
* Camellia key schedule (encryption)
*/
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int idx;
size_t i;
@ -321,8 +351,8 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsign
RK = ctx->rk;
memset(t, 0, 64);
memset(RK, 0, sizeof(ctx->rk));
memset( t, 0, 64 );
memset( RK, 0, sizeof(ctx->rk) );
switch( keysize )
{
@ -332,77 +362,77 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsign
default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH );
}
for( i = 0; i < keysize / 8; ++i)
for( i = 0; i < keysize / 8; ++i )
t[i] = key[i];
if (keysize == 192) {
for (i = 0; i < 8; i++)
if( keysize == 192 ) {
for( i = 0; i < 8; i++ )
t[24 + i] = ~t[16 + i];
}
/*
* Prepare SIGMA values
*/
for (i = 0; i < 6; i++) {
GET_UINT32_BE(SIGMA[i][0], SIGMA_CHARS[i], 0);
GET_UINT32_BE(SIGMA[i][1], SIGMA_CHARS[i], 4);
for( i = 0; i < 6; i++ ) {
GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 );
GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 );
}
/*
* Key storage in KC
* Order: KL, KR, KA, KB
*/
memset(KC, 0, sizeof(KC));
memset( KC, 0, sizeof(KC) );
/* Store KL, KR */
for (i = 0; i < 8; i++)
GET_UINT32_BE(KC[i], t, i * 4);
for( i = 0; i < 8; i++ )
GET_UINT32_BE( KC[i], t, i * 4 );
/* Generate KA */
for( i = 0; i < 4; ++i)
for( i = 0; i < 4; ++i )
KC[8 + i] = KC[i] ^ KC[4 + i];
camellia_feistel(KC + 8, SIGMA[0], KC + 10);
camellia_feistel(KC + 10, SIGMA[1], KC + 8);
camellia_feistel( KC + 8, SIGMA[0], KC + 10 );
camellia_feistel( KC + 10, SIGMA[1], KC + 8 );
for( i = 0; i < 4; ++i)
for( i = 0; i < 4; ++i )
KC[8 + i] ^= KC[i];
camellia_feistel(KC + 8, SIGMA[2], KC + 10);
camellia_feistel(KC + 10, SIGMA[3], KC + 8);
camellia_feistel( KC + 8, SIGMA[2], KC + 10 );
camellia_feistel( KC + 10, SIGMA[3], KC + 8 );
if (keysize > 128) {
if( keysize > 128 ) {
/* Generate KB */
for( i = 0; i < 4; ++i)
for( i = 0; i < 4; ++i )
KC[12 + i] = KC[4 + i] ^ KC[8 + i];
camellia_feistel(KC + 12, SIGMA[4], KC + 14);
camellia_feistel(KC + 14, SIGMA[5], KC + 12);
camellia_feistel( KC + 12, SIGMA[4], KC + 14 );
camellia_feistel( KC + 14, SIGMA[5], KC + 12 );
}
/*
* Generating subkeys
*/
*/
/* Manipulating KL */
SHIFT_AND_PLACE(idx, 0);
SHIFT_AND_PLACE( idx, 0 );
/* Manipulating KR */
if (keysize > 128) {
SHIFT_AND_PLACE(idx, 1);
if( keysize > 128 ) {
SHIFT_AND_PLACE( idx, 1 );
}
/* Manipulating KA */
SHIFT_AND_PLACE(idx, 2);
SHIFT_AND_PLACE( idx, 2 );
/* Manipulating KB */
if (keysize > 128) {
SHIFT_AND_PLACE(idx, 3);
if( keysize > 128 ) {
SHIFT_AND_PLACE( idx, 3 );
}
/* Do transpositions */
for ( i = 0; i < 20; i++ ) {
if (transposes[idx][i] != -1) {
for( i = 0; i < 20; i++ ) {
if( transposes[idx][i] != -1 ) {
RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
}
}
@ -413,29 +443,25 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsign
/*
* Camellia key schedule (decryption)
*/
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int idx;
int idx, ret;
size_t i;
camellia_context cty;
uint32_t *RK;
uint32_t *SK;
int ret;
switch( keysize )
{
case 128: ctx->nr = 3; idx = 0; break;
case 192:
case 256: ctx->nr = 4; idx = 1; break;
default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH );
}
camellia_init( &cty );
/* Also checks keysize */
if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) )
goto exit;
ctx->nr = cty.nr;
idx = ( ctx->nr == 4 );
RK = ctx->rk;
ret = camellia_setkey_enc(&cty, key, keysize);
if( ret != 0 )
return( ret );
SK = cty.rk + 24 * 2 + 8 * idx * 2;
*RK++ = *SK++;
@ -443,7 +469,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsign
*RK++ = *SK++;
*RK++ = *SK++;
for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4)
for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 )
{
*RK++ = *SK++;
*RK++ = *SK++;
@ -456,9 +482,10 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsign
*RK++ = *SK++;
*RK++ = *SK++;
memset( &cty, 0, sizeof( camellia_context ) );
exit:
camellia_free( &cty );
return( 0 );
return( ret );
}
/*
@ -487,22 +514,22 @@ int camellia_crypt_ecb( camellia_context *ctx,
X[2] ^= *RK++;
X[3] ^= *RK++;
while (NR) {
while( NR ) {
--NR;
camellia_feistel(X, RK, X + 2);
camellia_feistel( X, RK, X + 2 );
RK += 2;
camellia_feistel(X + 2, RK, X);
camellia_feistel( X + 2, RK, X );
RK += 2;
camellia_feistel(X, RK, X + 2);
camellia_feistel( X, RK, X + 2 );
RK += 2;
camellia_feistel(X + 2, RK, X);
camellia_feistel( X + 2, RK, X );
RK += 2;
camellia_feistel(X, RK, X + 2);
camellia_feistel( X, RK, X + 2 );
RK += 2;
camellia_feistel(X + 2, RK, X);
camellia_feistel( X + 2, RK, X );
RK += 2;
if (NR) {
if( NR ) {
FL(X[0], X[1], RK[0], RK[1]);
RK += 2;
FLInv(X[2], X[3], RK[0], RK[1]);
@ -603,7 +630,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
*output++ = (unsigned char)( c ^ iv[n] );
iv[n] = (unsigned char) c;
n = (n + 1) & 0x0F;
n = ( n + 1 ) & 0x0F;
}
}
else
@ -615,7 +642,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
n = (n + 1) & 0x0F;
n = ( n + 1 ) & 0x0F;
}
}
@ -643,7 +670,8 @@ int camellia_crypt_ctr( camellia_context *ctx,
while( length-- )
{
if( n == 0 ) {
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter, stream_block );
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter,
stream_block );
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
@ -652,7 +680,7 @@ int camellia_crypt_ctr( camellia_context *ctx,
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
n = (n + 1) & 0x0F;
n = ( n + 1 ) & 0x0F;
}
*nc_off = n;
@ -681,14 +709,14 @@ static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
{
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
},
{
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
},
@ -697,7 +725,7 @@ static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
@ -708,7 +736,7 @@ static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] =
{
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
{ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
{ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
};
@ -884,44 +912,44 @@ int camellia_self_test( int verbose )
memset( key, 0, 32 );
for (j = 0; j < 6; j++) {
for( j = 0; j < 6; j++ ) {
u = j >> 1;
v = j & 1;
if( verbose != 0 )
printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == CAMELLIA_DECRYPT) ? "dec" : "enc");
polarssl_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == CAMELLIA_DECRYPT) ? "dec" : "enc");
for (i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u);
for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
if (v == CAMELLIA_DECRYPT) {
camellia_setkey_dec(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_cipher[u][i], 16);
memcpy(dst, camellia_test_ecb_plain[i], 16);
if( v == CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
memcpy( dst, camellia_test_ecb_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */
camellia_setkey_enc(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_plain[i], 16);
memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
camellia_setkey_enc( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_plain[i], 16 );
memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
}
camellia_crypt_ecb(&ctx, v, src, buf);
camellia_crypt_ecb( &ctx, v, src, buf );
if( memcmp( buf, dst, 16 ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
printf( "passed\n" );
polarssl_printf( "passed\n" );
}
if( verbose != 0 )
printf( "\n" );
polarssl_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
@ -933,49 +961,49 @@ int camellia_self_test( int verbose )
v = j & 1;
if( verbose != 0 )
printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
polarssl_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( src, camellia_test_cbc_iv, 16);
memcpy( dst, camellia_test_cbc_iv, 16);
memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u);
memcpy( src, camellia_test_cbc_iv, 16 );
memcpy( dst, camellia_test_cbc_iv, 16 );
memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
if (v == CAMELLIA_DECRYPT) {
camellia_setkey_dec(&ctx, key, 128 + u * 64);
if( v == CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 );
} else {
camellia_setkey_enc(&ctx, key, 128 + u * 64);
camellia_setkey_enc( &ctx, key, 128 + u * 64 );
}
for (i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
if (v == CAMELLIA_DECRYPT) {
if( v == CAMELLIA_DECRYPT ) {
memcpy( iv , src, 16 );
memcpy(src, camellia_test_cbc_cipher[u][i], 16);
memcpy(dst, camellia_test_cbc_plain[i], 16);
memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
memcpy( dst, camellia_test_cbc_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */
memcpy( iv , dst, 16 );
memcpy(src, camellia_test_cbc_plain[i], 16);
memcpy(dst, camellia_test_cbc_cipher[u][i], 16);
memcpy( src, camellia_test_cbc_plain[i], 16 );
memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
}
camellia_crypt_cbc(&ctx, v, 16, iv, src, buf);
camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
if( memcmp( buf, dst, 16 ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
printf( "passed\n" );
polarssl_printf( "passed\n" );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
if( verbose != 0 )
printf( "\n" );
polarssl_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CTR)
/*
@ -987,8 +1015,8 @@ int camellia_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
printf( " CAMELLIA-CTR-128 (%s): ",
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
polarssl_printf( " CAMELLIA-CTR-128 (%s): ",
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
memcpy( key, camellia_test_ctr_key[u], 16 );
@ -1001,12 +1029,13 @@ int camellia_self_test( int verbose )
len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_ct[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
polarssl_printf( "failed\n" );
return( 1 );
}
@ -1016,28 +1045,29 @@ int camellia_self_test( int verbose )
len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_pt[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
printf( "passed\n" );
polarssl_printf( "passed\n" );
}
if( verbose != 0 )
printf( "\n" );
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */
return ( 0 );
return( 0 );
}
#endif
#endif /* POLARSSL_SELF_TEST */
#endif
#endif /* POLARSSL_CAMELLIA_C */