aes-gcm-test-program - Example program to test AES-GCM functionality. Us…

Users » HannesTschofenig » Code » aes-gcm-test-program

Hannes Tschofenig / Mbed 2 deprecated aes-gcm-test-program

Example program to test AES-GCM functionality. Used for a workshop

SSL/library/camellia.c@0:796d0f61a05b, 2018-09-27 (annotated)

Committer:: HannesTschofenig
Date:: Thu Sep 27 06:34:22 2018 +0000
Revision:: 0:796d0f61a05b

Example AES-GCM test program

Who changed what in which revision?

User	Revision	Line number	New contents of line
HannesTschofenig	0:796d0f61a05b	1	/*
HannesTschofenig	0:796d0f61a05b	2	* Camellia implementation
HannesTschofenig	0:796d0f61a05b	3	*
HannesTschofenig	0:796d0f61a05b	4	* Copyright (C) 2006-2014, Brainspark B.V.
HannesTschofenig	0:796d0f61a05b	5	*
HannesTschofenig	0:796d0f61a05b	6	* This file is part of PolarSSL (http://www.polarssl.org)
HannesTschofenig	0:796d0f61a05b	7	* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
HannesTschofenig	0:796d0f61a05b	8	*
HannesTschofenig	0:796d0f61a05b	9	* All rights reserved.
HannesTschofenig	0:796d0f61a05b	10	*
HannesTschofenig	0:796d0f61a05b	11	* This program is free software; you can redistribute it and/or modify
HannesTschofenig	0:796d0f61a05b	12	* it under the terms of the GNU General Public License as published by
HannesTschofenig	0:796d0f61a05b	13	* the Free Software Foundation; either version 2 of the License, or
HannesTschofenig	0:796d0f61a05b	14	* (at your option) any later version.
HannesTschofenig	0:796d0f61a05b	15	*
HannesTschofenig	0:796d0f61a05b	16	* This program is distributed in the hope that it will be useful,
HannesTschofenig	0:796d0f61a05b	17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
HannesTschofenig	0:796d0f61a05b	18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
HannesTschofenig	0:796d0f61a05b	19	* GNU General Public License for more details.
HannesTschofenig	0:796d0f61a05b	20	*
HannesTschofenig	0:796d0f61a05b	21	* You should have received a copy of the GNU General Public License along
HannesTschofenig	0:796d0f61a05b	22	* with this program; if not, write to the Free Software Foundation, Inc.,
HannesTschofenig	0:796d0f61a05b	23	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
HannesTschofenig	0:796d0f61a05b	24	*/
HannesTschofenig	0:796d0f61a05b	25	/*
HannesTschofenig	0:796d0f61a05b	26	* The Camellia block cipher was designed by NTT and Mitsubishi Electric
HannesTschofenig	0:796d0f61a05b	27	* Corporation.
HannesTschofenig	0:796d0f61a05b	28	*
HannesTschofenig	0:796d0f61a05b	29	* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
HannesTschofenig	0:796d0f61a05b	30	*/
HannesTschofenig	0:796d0f61a05b	31
HannesTschofenig	0:796d0f61a05b	32	#if !defined(POLARSSL_CONFIG_FILE)
HannesTschofenig	0:796d0f61a05b	33	#include "polarssl/config.h"
HannesTschofenig	0:796d0f61a05b	34	#else
HannesTschofenig	0:796d0f61a05b	35	#include POLARSSL_CONFIG_FILE
HannesTschofenig	0:796d0f61a05b	36	#endif
HannesTschofenig	0:796d0f61a05b	37
HannesTschofenig	0:796d0f61a05b	38	#if defined(POLARSSL_CAMELLIA_C)
HannesTschofenig	0:796d0f61a05b	39
HannesTschofenig	0:796d0f61a05b	40	#include "polarssl/camellia.h"
HannesTschofenig	0:796d0f61a05b	41
HannesTschofenig	0:796d0f61a05b	42	#if defined(POLARSSL_PLATFORM_C)
HannesTschofenig	0:796d0f61a05b	43	#include "polarssl/platform.h"
HannesTschofenig	0:796d0f61a05b	44	#else
HannesTschofenig	0:796d0f61a05b	45	#define polarssl_printf printf
HannesTschofenig	0:796d0f61a05b	46	#endif
HannesTschofenig	0:796d0f61a05b	47
HannesTschofenig	0:796d0f61a05b	48	#if !defined(POLARSSL_CAMELLIA_ALT)
HannesTschofenig	0:796d0f61a05b	49
HannesTschofenig	0:796d0f61a05b	50	/*
HannesTschofenig	0:796d0f61a05b	51	* 32-bit integer manipulation macros (big endian)
HannesTschofenig	0:796d0f61a05b	52	*/
HannesTschofenig	0:796d0f61a05b	53	#ifndef GET_UINT32_BE
HannesTschofenig	0:796d0f61a05b	54	#define GET_UINT32_BE(n,b,i) \
HannesTschofenig	0:796d0f61a05b	55	{ \
HannesTschofenig	0:796d0f61a05b	56	(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
HannesTschofenig	0:796d0f61a05b	57	\| ( (uint32_t) (b)[(i) + 1] << 16 ) \
HannesTschofenig	0:796d0f61a05b	58	\| ( (uint32_t) (b)[(i) + 2] << 8 ) \
HannesTschofenig	0:796d0f61a05b	59	\| ( (uint32_t) (b)[(i) + 3] ); \
HannesTschofenig	0:796d0f61a05b	60	}
HannesTschofenig	0:796d0f61a05b	61	#endif
HannesTschofenig	0:796d0f61a05b	62
HannesTschofenig	0:796d0f61a05b	63	#ifndef PUT_UINT32_BE
HannesTschofenig	0:796d0f61a05b	64	#define PUT_UINT32_BE(n,b,i) \
HannesTschofenig	0:796d0f61a05b	65	{ \
HannesTschofenig	0:796d0f61a05b	66	(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
HannesTschofenig	0:796d0f61a05b	67	(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
HannesTschofenig	0:796d0f61a05b	68	(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
HannesTschofenig	0:796d0f61a05b	69	(b)[(i) + 3] = (unsigned char) ( (n) ); \
HannesTschofenig	0:796d0f61a05b	70	}
HannesTschofenig	0:796d0f61a05b	71	#endif
HannesTschofenig	0:796d0f61a05b	72
HannesTschofenig	0:796d0f61a05b	73	static const unsigned char SIGMA_CHARS[6][8] =
HannesTschofenig	0:796d0f61a05b	74	{
HannesTschofenig	0:796d0f61a05b	75	{ 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b },
HannesTschofenig	0:796d0f61a05b	76	{ 0xb6, 0x7a, 0xe8, 0x58, 0x4c, 0xaa, 0x73, 0xb2 },
HannesTschofenig	0:796d0f61a05b	77	{ 0xc6, 0xef, 0x37, 0x2f, 0xe9, 0x4f, 0x82, 0xbe },
HannesTschofenig	0:796d0f61a05b	78	{ 0x54, 0xff, 0x53, 0xa5, 0xf1, 0xd3, 0x6f, 0x1c },
HannesTschofenig	0:796d0f61a05b	79	{ 0x10, 0xe5, 0x27, 0xfa, 0xde, 0x68, 0x2d, 0x1d },
HannesTschofenig	0:796d0f61a05b	80	{ 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
HannesTschofenig	0:796d0f61a05b	81	};
HannesTschofenig	0:796d0f61a05b	82
HannesTschofenig	0:796d0f61a05b	83	#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY)
HannesTschofenig	0:796d0f61a05b	84
HannesTschofenig	0:796d0f61a05b	85	static const unsigned char FSb[256] =
HannesTschofenig	0:796d0f61a05b	86	{
HannesTschofenig	0:796d0f61a05b	87	112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
HannesTschofenig	0:796d0f61a05b	88	35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
HannesTschofenig	0:796d0f61a05b	89	134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
HannesTschofenig	0:796d0f61a05b	90	166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77,
HannesTschofenig	0:796d0f61a05b	91	139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
HannesTschofenig	0:796d0f61a05b	92	223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215,
HannesTschofenig	0:796d0f61a05b	93	20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
HannesTschofenig	0:796d0f61a05b	94	254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80,
HannesTschofenig	0:796d0f61a05b	95	170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
HannesTschofenig	0:796d0f61a05b	96	16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148,
HannesTschofenig	0:796d0f61a05b	97	135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226,
HannesTschofenig	0:796d0f61a05b	98	82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
HannesTschofenig	0:796d0f61a05b	99	233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
HannesTschofenig	0:796d0f61a05b	100	120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
HannesTschofenig	0:796d0f61a05b	101	114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
HannesTschofenig	0:796d0f61a05b	102	64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158
HannesTschofenig	0:796d0f61a05b	103	};
HannesTschofenig	0:796d0f61a05b	104
HannesTschofenig	0:796d0f61a05b	105	#define SBOX1(n) FSb[(n)]
HannesTschofenig	0:796d0f61a05b	106	#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
HannesTschofenig	0:796d0f61a05b	107	#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
HannesTschofenig	0:796d0f61a05b	108	#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
HannesTschofenig	0:796d0f61a05b	109
HannesTschofenig	0:796d0f61a05b	110	#else /* POLARSSL_CAMELLIA_SMALL_MEMORY */
HannesTschofenig	0:796d0f61a05b	111
HannesTschofenig	0:796d0f61a05b	112	static const unsigned char FSb[256] =
HannesTschofenig	0:796d0f61a05b	113	{
HannesTschofenig	0:796d0f61a05b	114	112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
HannesTschofenig	0:796d0f61a05b	115	35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
HannesTschofenig	0:796d0f61a05b	116	134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
HannesTschofenig	0:796d0f61a05b	117	166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77,
HannesTschofenig	0:796d0f61a05b	118	139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
HannesTschofenig	0:796d0f61a05b	119	223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215,
HannesTschofenig	0:796d0f61a05b	120	20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
HannesTschofenig	0:796d0f61a05b	121	254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80,
HannesTschofenig	0:796d0f61a05b	122	170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
HannesTschofenig	0:796d0f61a05b	123	16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148,
HannesTschofenig	0:796d0f61a05b	124	135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
HannesTschofenig	0:796d0f61a05b	125	82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
HannesTschofenig	0:796d0f61a05b	126	233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
HannesTschofenig	0:796d0f61a05b	127	120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
HannesTschofenig	0:796d0f61a05b	128	114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
HannesTschofenig	0:796d0f61a05b	129	64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
HannesTschofenig	0:796d0f61a05b	130	};
HannesTschofenig	0:796d0f61a05b	131
HannesTschofenig	0:796d0f61a05b	132	static const unsigned char FSb2[256] =
HannesTschofenig	0:796d0f61a05b	133	{
HannesTschofenig	0:796d0f61a05b	134	224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130,
HannesTschofenig	0:796d0f61a05b	135	70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123,
HannesTschofenig	0:796d0f61a05b	136	13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52,
HannesTschofenig	0:796d0f61a05b	137	77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154,
HannesTschofenig	0:796d0f61a05b	138	23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51,
HannesTschofenig	0:796d0f61a05b	139	191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175,
HannesTschofenig	0:796d0f61a05b	140	40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68,
HannesTschofenig	0:796d0f61a05b	141	253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160,
HannesTschofenig	0:796d0f61a05b	142	85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165,
HannesTschofenig	0:796d0f61a05b	143	32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41,
HannesTschofenig	0:796d0f61a05b	144	15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197,
HannesTschofenig	0:796d0f61a05b	145	164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92,
HannesTschofenig	0:796d0f61a05b	146	211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178,
HannesTschofenig	0:796d0f61a05b	147	240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245,
HannesTschofenig	0:796d0f61a05b	148	228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73,
HannesTschofenig	0:796d0f61a05b	149	128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61
HannesTschofenig	0:796d0f61a05b	150	};
HannesTschofenig	0:796d0f61a05b	151
HannesTschofenig	0:796d0f61a05b	152	static const unsigned char FSb3[256] =
HannesTschofenig	0:796d0f61a05b	153	{
HannesTschofenig	0:796d0f61a05b	154	56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160,
HannesTschofenig	0:796d0f61a05b	155	145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222,
HannesTschofenig	0:796d0f61a05b	156	67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13,
HannesTschofenig	0:796d0f61a05b	157	83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166,
HannesTschofenig	0:796d0f61a05b	158	197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204,
HannesTschofenig	0:796d0f61a05b	159	239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235,
HannesTschofenig	0:796d0f61a05b	160	10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17,
HannesTschofenig	0:796d0f61a05b	161	127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40,
HannesTschofenig	0:796d0f61a05b	162	85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105,
HannesTschofenig	0:796d0f61a05b	163	8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74,
HannesTschofenig	0:796d0f61a05b	164	195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
HannesTschofenig	0:796d0f61a05b	165	41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23,
HannesTschofenig	0:796d0f61a05b	166	244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172,
HannesTschofenig	0:796d0f61a05b	167	60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125,
HannesTschofenig	0:796d0f61a05b	168	57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82,
HannesTschofenig	0:796d0f61a05b	169	32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79
HannesTschofenig	0:796d0f61a05b	170	};
HannesTschofenig	0:796d0f61a05b	171
HannesTschofenig	0:796d0f61a05b	172	static const unsigned char FSb4[256] =
HannesTschofenig	0:796d0f61a05b	173	{
HannesTschofenig	0:796d0f61a05b	174	112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146,
HannesTschofenig	0:796d0f61a05b	175	134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108,
HannesTschofenig	0:796d0f61a05b	176	139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4,
HannesTschofenig	0:796d0f61a05b	177	20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105,
HannesTschofenig	0:796d0f61a05b	178	170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221,
HannesTschofenig	0:796d0f61a05b	179	135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99,
HannesTschofenig	0:796d0f61a05b	180	233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141,
HannesTschofenig	0:796d0f61a05b	181	114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128,
HannesTschofenig	0:796d0f61a05b	182	130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189,
HannesTschofenig	0:796d0f61a05b	183	184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77,
HannesTschofenig	0:796d0f61a05b	184	13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215,
HannesTschofenig	0:796d0f61a05b	185	88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80,
HannesTschofenig	0:796d0f61a05b	186	208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148,
HannesTschofenig	0:796d0f61a05b	187	92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46,
HannesTschofenig	0:796d0f61a05b	188	121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250,
HannesTschofenig	0:796d0f61a05b	189	7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158
HannesTschofenig	0:796d0f61a05b	190	};
HannesTschofenig	0:796d0f61a05b	191
HannesTschofenig	0:796d0f61a05b	192	#define SBOX1(n) FSb[(n)]
HannesTschofenig	0:796d0f61a05b	193	#define SBOX2(n) FSb2[(n)]
HannesTschofenig	0:796d0f61a05b	194	#define SBOX3(n) FSb3[(n)]
HannesTschofenig	0:796d0f61a05b	195	#define SBOX4(n) FSb4[(n)]
HannesTschofenig	0:796d0f61a05b	196
HannesTschofenig	0:796d0f61a05b	197	#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */
HannesTschofenig	0:796d0f61a05b	198
HannesTschofenig	0:796d0f61a05b	199	static const unsigned char shifts[2][4][4] =
HannesTschofenig	0:796d0f61a05b	200	{
HannesTschofenig	0:796d0f61a05b	201	{
HannesTschofenig	0:796d0f61a05b	202	{ 1, 1, 1, 1 }, /* KL */
HannesTschofenig	0:796d0f61a05b	203	{ 0, 0, 0, 0 }, /* KR */
HannesTschofenig	0:796d0f61a05b	204	{ 1, 1, 1, 1 }, /* KA */
HannesTschofenig	0:796d0f61a05b	205	{ 0, 0, 0, 0 } /* KB */
HannesTschofenig	0:796d0f61a05b	206	},
HannesTschofenig	0:796d0f61a05b	207	{
HannesTschofenig	0:796d0f61a05b	208	{ 1, 0, 1, 1 }, /* KL */
HannesTschofenig	0:796d0f61a05b	209	{ 1, 1, 0, 1 }, /* KR */
HannesTschofenig	0:796d0f61a05b	210	{ 1, 1, 1, 0 }, /* KA */
HannesTschofenig	0:796d0f61a05b	211	{ 1, 1, 0, 1 } /* KB */
HannesTschofenig	0:796d0f61a05b	212	}
HannesTschofenig	0:796d0f61a05b	213	};
HannesTschofenig	0:796d0f61a05b	214
HannesTschofenig	0:796d0f61a05b	215	static const signed char indexes[2][4][20] =
HannesTschofenig	0:796d0f61a05b	216	{
HannesTschofenig	0:796d0f61a05b	217	{
HannesTschofenig	0:796d0f61a05b	218	{ 0, 1, 2, 3, 8, 9, 10, 11, 38, 39,
HannesTschofenig	0:796d0f61a05b	219	36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
HannesTschofenig	0:796d0f61a05b	220	{ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
HannesTschofenig	0:796d0f61a05b	221	-1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */
HannesTschofenig	0:796d0f61a05b	222	{ 4, 5, 6, 7, 12, 13, 14, 15, 16, 17,
HannesTschofenig	0:796d0f61a05b	223	18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
HannesTschofenig	0:796d0f61a05b	224	{ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
HannesTschofenig	0:796d0f61a05b	225	-1, -1, -1, -1, -1, -1, -1, -1, -1, -1 } /* KB -> RK */
HannesTschofenig	0:796d0f61a05b	226	},
HannesTschofenig	0:796d0f61a05b	227	{
HannesTschofenig	0:796d0f61a05b	228	{ 0, 1, 2, 3, 61, 62, 63, 60, -1, -1,
HannesTschofenig	0:796d0f61a05b	229	-1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
HannesTschofenig	0:796d0f61a05b	230	{ -1, -1, -1, -1, 8, 9, 10, 11, 16, 17,
HannesTschofenig	0:796d0f61a05b	231	18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */
HannesTschofenig	0:796d0f61a05b	232	{ -1, -1, -1, -1, 12, 13, 14, 15, 58, 59,
HannesTschofenig	0:796d0f61a05b	233	56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */
HannesTschofenig	0:796d0f61a05b	234	{ 4, 5, 6, 7, 65, 66, 67, 64, 20, 21,
HannesTschofenig	0:796d0f61a05b	235	22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */
HannesTschofenig	0:796d0f61a05b	236	}
HannesTschofenig	0:796d0f61a05b	237	};
HannesTschofenig	0:796d0f61a05b	238
HannesTschofenig	0:796d0f61a05b	239	static const signed char transposes[2][20] =
HannesTschofenig	0:796d0f61a05b	240	{
HannesTschofenig	0:796d0f61a05b	241	{
HannesTschofenig	0:796d0f61a05b	242	21, 22, 23, 20,
HannesTschofenig	0:796d0f61a05b	243	-1, -1, -1, -1,
HannesTschofenig	0:796d0f61a05b	244	18, 19, 16, 17,
HannesTschofenig	0:796d0f61a05b	245	11, 8, 9, 10,
HannesTschofenig	0:796d0f61a05b	246	15, 12, 13, 14
HannesTschofenig	0:796d0f61a05b	247	},
HannesTschofenig	0:796d0f61a05b	248	{
HannesTschofenig	0:796d0f61a05b	249	25, 26, 27, 24,
HannesTschofenig	0:796d0f61a05b	250	29, 30, 31, 28,
HannesTschofenig	0:796d0f61a05b	251	18, 19, 16, 17,
HannesTschofenig	0:796d0f61a05b	252	-1, -1, -1, -1,
HannesTschofenig	0:796d0f61a05b	253	-1, -1, -1, -1
HannesTschofenig	0:796d0f61a05b	254	}
HannesTschofenig	0:796d0f61a05b	255	};
HannesTschofenig	0:796d0f61a05b	256
HannesTschofenig	0:796d0f61a05b	257	/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
HannesTschofenig	0:796d0f61a05b	258	#define ROTL(DEST, SRC, SHIFT) \
HannesTschofenig	0:796d0f61a05b	259	{ \
HannesTschofenig	0:796d0f61a05b	260	(DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \
HannesTschofenig	0:796d0f61a05b	261	(DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \
HannesTschofenig	0:796d0f61a05b	262	(DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \
HannesTschofenig	0:796d0f61a05b	263	(DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \
HannesTschofenig	0:796d0f61a05b	264	}
HannesTschofenig	0:796d0f61a05b	265
HannesTschofenig	0:796d0f61a05b	266	#define FL(XL, XR, KL, KR) \
HannesTschofenig	0:796d0f61a05b	267	{ \
HannesTschofenig	0:796d0f61a05b	268	(XR) = ((((XL) & (KL)) << 1) \| (((XL) & (KL)) >> 31)) ^ (XR); \
HannesTschofenig	0:796d0f61a05b	269	(XL) = ((XR) \| (KR)) ^ (XL); \
HannesTschofenig	0:796d0f61a05b	270	}
HannesTschofenig	0:796d0f61a05b	271
HannesTschofenig	0:796d0f61a05b	272	#define FLInv(YL, YR, KL, KR) \
HannesTschofenig	0:796d0f61a05b	273	{ \
HannesTschofenig	0:796d0f61a05b	274	(YL) = ((YR) \| (KR)) ^ (YL); \
HannesTschofenig	0:796d0f61a05b	275	(YR) = ((((YL) & (KL)) << 1) \| (((YL) & (KL)) >> 31)) ^ (YR); \
HannesTschofenig	0:796d0f61a05b	276	}
HannesTschofenig	0:796d0f61a05b	277
HannesTschofenig	0:796d0f61a05b	278	#define SHIFT_AND_PLACE(INDEX, OFFSET) \
HannesTschofenig	0:796d0f61a05b	279	{ \
HannesTschofenig	0:796d0f61a05b	280	TK[0] = KC[(OFFSET) * 4 + 0]; \
HannesTschofenig	0:796d0f61a05b	281	TK[1] = KC[(OFFSET) * 4 + 1]; \
HannesTschofenig	0:796d0f61a05b	282	TK[2] = KC[(OFFSET) * 4 + 2]; \
HannesTschofenig	0:796d0f61a05b	283	TK[3] = KC[(OFFSET) * 4 + 3]; \
HannesTschofenig	0:796d0f61a05b	284	\
HannesTschofenig	0:796d0f61a05b	285	for ( i = 1; i <= 4; i++ ) \
HannesTschofenig	0:796d0f61a05b	286	if (shifts[(INDEX)][(OFFSET)][i -1]) \
HannesTschofenig	0:796d0f61a05b	287	ROTL(TK + i * 4, TK, (15 * i) % 32); \
HannesTschofenig	0:796d0f61a05b	288	\
HannesTschofenig	0:796d0f61a05b	289	for ( i = 0; i < 20; i++ ) \
HannesTschofenig	0:796d0f61a05b	290	if (indexes[(INDEX)][(OFFSET)][i] != -1) { \
HannesTschofenig	0:796d0f61a05b	291	RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \
HannesTschofenig	0:796d0f61a05b	292	} \
HannesTschofenig	0:796d0f61a05b	293	}
HannesTschofenig	0:796d0f61a05b	294
HannesTschofenig	0:796d0f61a05b	295	static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
HannesTschofenig	0:796d0f61a05b	296	uint32_t z[2])
HannesTschofenig	0:796d0f61a05b	297	{
HannesTschofenig	0:796d0f61a05b	298	uint32_t I0, I1;
HannesTschofenig	0:796d0f61a05b	299	I0 = x[0] ^ k[0];
HannesTschofenig	0:796d0f61a05b	300	I1 = x[1] ^ k[1];
HannesTschofenig	0:796d0f61a05b	301
HannesTschofenig	0:796d0f61a05b	302	I0 = (SBOX1((I0 >> 24) & 0xFF) << 24) \|
HannesTschofenig	0:796d0f61a05b	303	(SBOX2((I0 >> 16) & 0xFF) << 16) \|
HannesTschofenig	0:796d0f61a05b	304	(SBOX3((I0 >> 8) & 0xFF) << 8) \|
HannesTschofenig	0:796d0f61a05b	305	(SBOX4((I0 ) & 0xFF) );
HannesTschofenig	0:796d0f61a05b	306	I1 = (SBOX2((I1 >> 24) & 0xFF) << 24) \|
HannesTschofenig	0:796d0f61a05b	307	(SBOX3((I1 >> 16) & 0xFF) << 16) \|
HannesTschofenig	0:796d0f61a05b	308	(SBOX4((I1 >> 8) & 0xFF) << 8) \|
HannesTschofenig	0:796d0f61a05b	309	(SBOX1((I1 ) & 0xFF) );
HannesTschofenig	0:796d0f61a05b	310
HannesTschofenig	0:796d0f61a05b	311	I0 ^= (I1 << 8) \| (I1 >> 24);
HannesTschofenig	0:796d0f61a05b	312	I1 ^= (I0 << 16) \| (I0 >> 16);
HannesTschofenig	0:796d0f61a05b	313	I0 ^= (I1 >> 8) \| (I1 << 24);
HannesTschofenig	0:796d0f61a05b	314	I1 ^= (I0 >> 8) \| (I0 << 24);
HannesTschofenig	0:796d0f61a05b	315
HannesTschofenig	0:796d0f61a05b	316	z[0] ^= I1;
HannesTschofenig	0:796d0f61a05b	317	z[1] ^= I0;
HannesTschofenig	0:796d0f61a05b	318	}
HannesTschofenig	0:796d0f61a05b	319
HannesTschofenig	0:796d0f61a05b	320	/*
HannesTschofenig	0:796d0f61a05b	321	* Camellia key schedule (encryption)
HannesTschofenig	0:796d0f61a05b	322	*/
HannesTschofenig	0:796d0f61a05b	323	int camellia_setkey_enc( camellia_context ctx, const unsigned char key,
HannesTschofenig	0:796d0f61a05b	324	unsigned int keysize )
HannesTschofenig	0:796d0f61a05b	325	{
HannesTschofenig	0:796d0f61a05b	326	int idx;
HannesTschofenig	0:796d0f61a05b	327	size_t i;
HannesTschofenig	0:796d0f61a05b	328	uint32_t *RK;
HannesTschofenig	0:796d0f61a05b	329	unsigned char t[64];
HannesTschofenig	0:796d0f61a05b	330	uint32_t SIGMA[6][2];
HannesTschofenig	0:796d0f61a05b	331	uint32_t KC[16];
HannesTschofenig	0:796d0f61a05b	332	uint32_t TK[20];
HannesTschofenig	0:796d0f61a05b	333
HannesTschofenig	0:796d0f61a05b	334	RK = ctx->rk;
HannesTschofenig	0:796d0f61a05b	335
HannesTschofenig	0:796d0f61a05b	336	memset(t, 0, 64);
HannesTschofenig	0:796d0f61a05b	337	memset(RK, 0, sizeof(ctx->rk));
HannesTschofenig	0:796d0f61a05b	338
HannesTschofenig	0:796d0f61a05b	339	switch( keysize )
HannesTschofenig	0:796d0f61a05b	340	{
HannesTschofenig	0:796d0f61a05b	341	case 128: ctx->nr = 3; idx = 0; break;
HannesTschofenig	0:796d0f61a05b	342	case 192:
HannesTschofenig	0:796d0f61a05b	343	case 256: ctx->nr = 4; idx = 1; break;
HannesTschofenig	0:796d0f61a05b	344	default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH );
HannesTschofenig	0:796d0f61a05b	345	}
HannesTschofenig	0:796d0f61a05b	346
HannesTschofenig	0:796d0f61a05b	347	for( i = 0; i < keysize / 8; ++i)
HannesTschofenig	0:796d0f61a05b	348	t[i] = key[i];
HannesTschofenig	0:796d0f61a05b	349
HannesTschofenig	0:796d0f61a05b	350	if (keysize == 192) {
HannesTschofenig	0:796d0f61a05b	351	for (i = 0; i < 8; i++)
HannesTschofenig	0:796d0f61a05b	352	t[24 + i] = ~t[16 + i];
HannesTschofenig	0:796d0f61a05b	353	}
HannesTschofenig	0:796d0f61a05b	354
HannesTschofenig	0:796d0f61a05b	355	/*
HannesTschofenig	0:796d0f61a05b	356	* Prepare SIGMA values
HannesTschofenig	0:796d0f61a05b	357	*/
HannesTschofenig	0:796d0f61a05b	358	for (i = 0; i < 6; i++) {
HannesTschofenig	0:796d0f61a05b	359	GET_UINT32_BE(SIGMA[i][0], SIGMA_CHARS[i], 0);
HannesTschofenig	0:796d0f61a05b	360	GET_UINT32_BE(SIGMA[i][1], SIGMA_CHARS[i], 4);
HannesTschofenig	0:796d0f61a05b	361	}
HannesTschofenig	0:796d0f61a05b	362
HannesTschofenig	0:796d0f61a05b	363	/*
HannesTschofenig	0:796d0f61a05b	364	* Key storage in KC
HannesTschofenig	0:796d0f61a05b	365	* Order: KL, KR, KA, KB
HannesTschofenig	0:796d0f61a05b	366	*/
HannesTschofenig	0:796d0f61a05b	367	memset(KC, 0, sizeof(KC));
HannesTschofenig	0:796d0f61a05b	368
HannesTschofenig	0:796d0f61a05b	369	/* Store KL, KR */
HannesTschofenig	0:796d0f61a05b	370	for (i = 0; i < 8; i++)
HannesTschofenig	0:796d0f61a05b	371	GET_UINT32_BE(KC[i], t, i * 4);
HannesTschofenig	0:796d0f61a05b	372
HannesTschofenig	0:796d0f61a05b	373	/* Generate KA */
HannesTschofenig	0:796d0f61a05b	374	for( i = 0; i < 4; ++i)
HannesTschofenig	0:796d0f61a05b	375	KC[8 + i] = KC[i] ^ KC[4 + i];
HannesTschofenig	0:796d0f61a05b	376
HannesTschofenig	0:796d0f61a05b	377	camellia_feistel(KC + 8, SIGMA[0], KC + 10);
HannesTschofenig	0:796d0f61a05b	378	camellia_feistel(KC + 10, SIGMA[1], KC + 8);
HannesTschofenig	0:796d0f61a05b	379
HannesTschofenig	0:796d0f61a05b	380	for( i = 0; i < 4; ++i)
HannesTschofenig	0:796d0f61a05b	381	KC[8 + i] ^= KC[i];
HannesTschofenig	0:796d0f61a05b	382
HannesTschofenig	0:796d0f61a05b	383	camellia_feistel(KC + 8, SIGMA[2], KC + 10);
HannesTschofenig	0:796d0f61a05b	384	camellia_feistel(KC + 10, SIGMA[3], KC + 8);
HannesTschofenig	0:796d0f61a05b	385
HannesTschofenig	0:796d0f61a05b	386	if (keysize > 128) {
HannesTschofenig	0:796d0f61a05b	387	/* Generate KB */
HannesTschofenig	0:796d0f61a05b	388	for( i = 0; i < 4; ++i)
HannesTschofenig	0:796d0f61a05b	389	KC[12 + i] = KC[4 + i] ^ KC[8 + i];
HannesTschofenig	0:796d0f61a05b	390
HannesTschofenig	0:796d0f61a05b	391	camellia_feistel(KC + 12, SIGMA[4], KC + 14);
HannesTschofenig	0:796d0f61a05b	392	camellia_feistel(KC + 14, SIGMA[5], KC + 12);
HannesTschofenig	0:796d0f61a05b	393	}
HannesTschofenig	0:796d0f61a05b	394
HannesTschofenig	0:796d0f61a05b	395	/*
HannesTschofenig	0:796d0f61a05b	396	* Generating subkeys
HannesTschofenig	0:796d0f61a05b	397	*/
HannesTschofenig	0:796d0f61a05b	398
HannesTschofenig	0:796d0f61a05b	399	/* Manipulating KL */
HannesTschofenig	0:796d0f61a05b	400	SHIFT_AND_PLACE(idx, 0);
HannesTschofenig	0:796d0f61a05b	401
HannesTschofenig	0:796d0f61a05b	402	/* Manipulating KR */
HannesTschofenig	0:796d0f61a05b	403	if (keysize > 128) {
HannesTschofenig	0:796d0f61a05b	404	SHIFT_AND_PLACE(idx, 1);
HannesTschofenig	0:796d0f61a05b	405	}
HannesTschofenig	0:796d0f61a05b	406
HannesTschofenig	0:796d0f61a05b	407	/* Manipulating KA */
HannesTschofenig	0:796d0f61a05b	408	SHIFT_AND_PLACE(idx, 2);
HannesTschofenig	0:796d0f61a05b	409
HannesTschofenig	0:796d0f61a05b	410	/* Manipulating KB */
HannesTschofenig	0:796d0f61a05b	411	if (keysize > 128) {
HannesTschofenig	0:796d0f61a05b	412	SHIFT_AND_PLACE(idx, 3);
HannesTschofenig	0:796d0f61a05b	413	}
HannesTschofenig	0:796d0f61a05b	414
HannesTschofenig	0:796d0f61a05b	415	/* Do transpositions */
HannesTschofenig	0:796d0f61a05b	416	for ( i = 0; i < 20; i++ ) {
HannesTschofenig	0:796d0f61a05b	417	if (transposes[idx][i] != -1) {
HannesTschofenig	0:796d0f61a05b	418	RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
HannesTschofenig	0:796d0f61a05b	419	}
HannesTschofenig	0:796d0f61a05b	420	}
HannesTschofenig	0:796d0f61a05b	421
HannesTschofenig	0:796d0f61a05b	422	return( 0 );
HannesTschofenig	0:796d0f61a05b	423	}
HannesTschofenig	0:796d0f61a05b	424
HannesTschofenig	0:796d0f61a05b	425	/*
HannesTschofenig	0:796d0f61a05b	426	* Camellia key schedule (decryption)
HannesTschofenig	0:796d0f61a05b	427	*/
HannesTschofenig	0:796d0f61a05b	428	int camellia_setkey_dec( camellia_context ctx, const unsigned char key,
HannesTschofenig	0:796d0f61a05b	429	unsigned int keysize )
HannesTschofenig	0:796d0f61a05b	430	{
HannesTschofenig	0:796d0f61a05b	431	int idx;
HannesTschofenig	0:796d0f61a05b	432	size_t i;
HannesTschofenig	0:796d0f61a05b	433	camellia_context cty;
HannesTschofenig	0:796d0f61a05b	434	uint32_t *RK;
HannesTschofenig	0:796d0f61a05b	435	uint32_t *SK;
HannesTschofenig	0:796d0f61a05b	436	int ret;
HannesTschofenig	0:796d0f61a05b	437
HannesTschofenig	0:796d0f61a05b	438	switch( keysize )
HannesTschofenig	0:796d0f61a05b	439	{
HannesTschofenig	0:796d0f61a05b	440	case 128: ctx->nr = 3; idx = 0; break;
HannesTschofenig	0:796d0f61a05b	441	case 192:
HannesTschofenig	0:796d0f61a05b	442	case 256: ctx->nr = 4; idx = 1; break;
HannesTschofenig	0:796d0f61a05b	443	default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH );
HannesTschofenig	0:796d0f61a05b	444	}
HannesTschofenig	0:796d0f61a05b	445
HannesTschofenig	0:796d0f61a05b	446	RK = ctx->rk;
HannesTschofenig	0:796d0f61a05b	447
HannesTschofenig	0:796d0f61a05b	448	ret = camellia_setkey_enc(&cty, key, keysize);
HannesTschofenig	0:796d0f61a05b	449	if( ret != 0 )
HannesTschofenig	0:796d0f61a05b	450	return( ret );
HannesTschofenig	0:796d0f61a05b	451
HannesTschofenig	0:796d0f61a05b	452	SK = cty.rk + 24 * 2 + 8 * idx * 2;
HannesTschofenig	0:796d0f61a05b	453
HannesTschofenig	0:796d0f61a05b	454	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	455	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	456	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	457	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	458
HannesTschofenig	0:796d0f61a05b	459	for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4)
HannesTschofenig	0:796d0f61a05b	460	{
HannesTschofenig	0:796d0f61a05b	461	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	462	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	463	}
HannesTschofenig	0:796d0f61a05b	464
HannesTschofenig	0:796d0f61a05b	465	SK -= 2;
HannesTschofenig	0:796d0f61a05b	466
HannesTschofenig	0:796d0f61a05b	467	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	468	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	469	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	470	RK++ = SK++;
HannesTschofenig	0:796d0f61a05b	471
HannesTschofenig	0:796d0f61a05b	472	memset( &cty, 0, sizeof( camellia_context ) );
HannesTschofenig	0:796d0f61a05b	473
HannesTschofenig	0:796d0f61a05b	474	return( 0 );
HannesTschofenig	0:796d0f61a05b	475	}
HannesTschofenig	0:796d0f61a05b	476
HannesTschofenig	0:796d0f61a05b	477	/*
HannesTschofenig	0:796d0f61a05b	478	* Camellia-ECB block encryption/decryption
HannesTschofenig	0:796d0f61a05b	479	*/
HannesTschofenig	0:796d0f61a05b	480	int camellia_crypt_ecb( camellia_context *ctx,
HannesTschofenig	0:796d0f61a05b	481	int mode,
HannesTschofenig	0:796d0f61a05b	482	const unsigned char input[16],
HannesTschofenig	0:796d0f61a05b	483	unsigned char output[16] )
HannesTschofenig	0:796d0f61a05b	484	{
HannesTschofenig	0:796d0f61a05b	485	int NR;
HannesTschofenig	0:796d0f61a05b	486	uint32_t *RK, X[4];
HannesTschofenig	0:796d0f61a05b	487
HannesTschofenig	0:796d0f61a05b	488	( (void) mode );
HannesTschofenig	0:796d0f61a05b	489
HannesTschofenig	0:796d0f61a05b	490	NR = ctx->nr;
HannesTschofenig	0:796d0f61a05b	491	RK = ctx->rk;
HannesTschofenig	0:796d0f61a05b	492
HannesTschofenig	0:796d0f61a05b	493	GET_UINT32_BE( X[0], input, 0 );
HannesTschofenig	0:796d0f61a05b	494	GET_UINT32_BE( X[1], input, 4 );
HannesTschofenig	0:796d0f61a05b	495	GET_UINT32_BE( X[2], input, 8 );
HannesTschofenig	0:796d0f61a05b	496	GET_UINT32_BE( X[3], input, 12 );
HannesTschofenig	0:796d0f61a05b	497
HannesTschofenig	0:796d0f61a05b	498	X[0] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	499	X[1] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	500	X[2] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	501	X[3] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	502
HannesTschofenig	0:796d0f61a05b	503	while (NR) {
HannesTschofenig	0:796d0f61a05b	504	--NR;
HannesTschofenig	0:796d0f61a05b	505	camellia_feistel(X, RK, X + 2);
HannesTschofenig	0:796d0f61a05b	506	RK += 2;
HannesTschofenig	0:796d0f61a05b	507	camellia_feistel(X + 2, RK, X);
HannesTschofenig	0:796d0f61a05b	508	RK += 2;
HannesTschofenig	0:796d0f61a05b	509	camellia_feistel(X, RK, X + 2);
HannesTschofenig	0:796d0f61a05b	510	RK += 2;
HannesTschofenig	0:796d0f61a05b	511	camellia_feistel(X + 2, RK, X);
HannesTschofenig	0:796d0f61a05b	512	RK += 2;
HannesTschofenig	0:796d0f61a05b	513	camellia_feistel(X, RK, X + 2);
HannesTschofenig	0:796d0f61a05b	514	RK += 2;
HannesTschofenig	0:796d0f61a05b	515	camellia_feistel(X + 2, RK, X);
HannesTschofenig	0:796d0f61a05b	516	RK += 2;
HannesTschofenig	0:796d0f61a05b	517
HannesTschofenig	0:796d0f61a05b	518	if (NR) {
HannesTschofenig	0:796d0f61a05b	519	FL(X[0], X[1], RK[0], RK[1]);
HannesTschofenig	0:796d0f61a05b	520	RK += 2;
HannesTschofenig	0:796d0f61a05b	521	FLInv(X[2], X[3], RK[0], RK[1]);
HannesTschofenig	0:796d0f61a05b	522	RK += 2;
HannesTschofenig	0:796d0f61a05b	523	}
HannesTschofenig	0:796d0f61a05b	524	}
HannesTschofenig	0:796d0f61a05b	525
HannesTschofenig	0:796d0f61a05b	526	X[2] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	527	X[3] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	528	X[0] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	529	X[1] ^= *RK++;
HannesTschofenig	0:796d0f61a05b	530
HannesTschofenig	0:796d0f61a05b	531	PUT_UINT32_BE( X[2], output, 0 );
HannesTschofenig	0:796d0f61a05b	532	PUT_UINT32_BE( X[3], output, 4 );
HannesTschofenig	0:796d0f61a05b	533	PUT_UINT32_BE( X[0], output, 8 );
HannesTschofenig	0:796d0f61a05b	534	PUT_UINT32_BE( X[1], output, 12 );
HannesTschofenig	0:796d0f61a05b	535
HannesTschofenig	0:796d0f61a05b	536	return( 0 );
HannesTschofenig	0:796d0f61a05b	537	}
HannesTschofenig	0:796d0f61a05b	538
HannesTschofenig	0:796d0f61a05b	539	#if defined(POLARSSL_CIPHER_MODE_CBC)
HannesTschofenig	0:796d0f61a05b	540	/*
HannesTschofenig	0:796d0f61a05b	541	* Camellia-CBC buffer encryption/decryption
HannesTschofenig	0:796d0f61a05b	542	*/
HannesTschofenig	0:796d0f61a05b	543	int camellia_crypt_cbc( camellia_context *ctx,
HannesTschofenig	0:796d0f61a05b	544	int mode,
HannesTschofenig	0:796d0f61a05b	545	size_t length,
HannesTschofenig	0:796d0f61a05b	546	unsigned char iv[16],
HannesTschofenig	0:796d0f61a05b	547	const unsigned char *input,
HannesTschofenig	0:796d0f61a05b	548	unsigned char *output )
HannesTschofenig	0:796d0f61a05b	549	{
HannesTschofenig	0:796d0f61a05b	550	int i;
HannesTschofenig	0:796d0f61a05b	551	unsigned char temp[16];
HannesTschofenig	0:796d0f61a05b	552
HannesTschofenig	0:796d0f61a05b	553	if( length % 16 )
HannesTschofenig	0:796d0f61a05b	554	return( POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
HannesTschofenig	0:796d0f61a05b	555
HannesTschofenig	0:796d0f61a05b	556	if( mode == CAMELLIA_DECRYPT )
HannesTschofenig	0:796d0f61a05b	557	{
HannesTschofenig	0:796d0f61a05b	558	while( length > 0 )
HannesTschofenig	0:796d0f61a05b	559	{
HannesTschofenig	0:796d0f61a05b	560	memcpy( temp, input, 16 );
HannesTschofenig	0:796d0f61a05b	561	camellia_crypt_ecb( ctx, mode, input, output );
HannesTschofenig	0:796d0f61a05b	562
HannesTschofenig	0:796d0f61a05b	563	for( i = 0; i < 16; i++ )
HannesTschofenig	0:796d0f61a05b	564	output[i] = (unsigned char)( output[i] ^ iv[i] );
HannesTschofenig	0:796d0f61a05b	565
HannesTschofenig	0:796d0f61a05b	566	memcpy( iv, temp, 16 );
HannesTschofenig	0:796d0f61a05b	567
HannesTschofenig	0:796d0f61a05b	568	input += 16;
HannesTschofenig	0:796d0f61a05b	569	output += 16;
HannesTschofenig	0:796d0f61a05b	570	length -= 16;
HannesTschofenig	0:796d0f61a05b	571	}
HannesTschofenig	0:796d0f61a05b	572	}
HannesTschofenig	0:796d0f61a05b	573	else
HannesTschofenig	0:796d0f61a05b	574	{
HannesTschofenig	0:796d0f61a05b	575	while( length > 0 )
HannesTschofenig	0:796d0f61a05b	576	{
HannesTschofenig	0:796d0f61a05b	577	for( i = 0; i < 16; i++ )
HannesTschofenig	0:796d0f61a05b	578	output[i] = (unsigned char)( input[i] ^ iv[i] );
HannesTschofenig	0:796d0f61a05b	579
HannesTschofenig	0:796d0f61a05b	580	camellia_crypt_ecb( ctx, mode, output, output );
HannesTschofenig	0:796d0f61a05b	581	memcpy( iv, output, 16 );
HannesTschofenig	0:796d0f61a05b	582
HannesTschofenig	0:796d0f61a05b	583	input += 16;
HannesTschofenig	0:796d0f61a05b	584	output += 16;
HannesTschofenig	0:796d0f61a05b	585	length -= 16;
HannesTschofenig	0:796d0f61a05b	586	}
HannesTschofenig	0:796d0f61a05b	587	}
HannesTschofenig	0:796d0f61a05b	588
HannesTschofenig	0:796d0f61a05b	589	return( 0 );
HannesTschofenig	0:796d0f61a05b	590	}
HannesTschofenig	0:796d0f61a05b	591	#endif /* POLARSSL_CIPHER_MODE_CBC */
HannesTschofenig	0:796d0f61a05b	592
HannesTschofenig	0:796d0f61a05b	593	#if defined(POLARSSL_CIPHER_MODE_CFB)
HannesTschofenig	0:796d0f61a05b	594	/*
HannesTschofenig	0:796d0f61a05b	595	* Camellia-CFB128 buffer encryption/decryption
HannesTschofenig	0:796d0f61a05b	596	*/
HannesTschofenig	0:796d0f61a05b	597	int camellia_crypt_cfb128( camellia_context *ctx,
HannesTschofenig	0:796d0f61a05b	598	int mode,
HannesTschofenig	0:796d0f61a05b	599	size_t length,
HannesTschofenig	0:796d0f61a05b	600	size_t *iv_off,
HannesTschofenig	0:796d0f61a05b	601	unsigned char iv[16],
HannesTschofenig	0:796d0f61a05b	602	const unsigned char *input,
HannesTschofenig	0:796d0f61a05b	603	unsigned char *output )
HannesTschofenig	0:796d0f61a05b	604	{
HannesTschofenig	0:796d0f61a05b	605	int c;
HannesTschofenig	0:796d0f61a05b	606	size_t n = *iv_off;
HannesTschofenig	0:796d0f61a05b	607
HannesTschofenig	0:796d0f61a05b	608	if( mode == CAMELLIA_DECRYPT )
HannesTschofenig	0:796d0f61a05b	609	{
HannesTschofenig	0:796d0f61a05b	610	while( length-- )
HannesTschofenig	0:796d0f61a05b	611	{
HannesTschofenig	0:796d0f61a05b	612	if( n == 0 )
HannesTschofenig	0:796d0f61a05b	613	camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv );
HannesTschofenig	0:796d0f61a05b	614
HannesTschofenig	0:796d0f61a05b	615	c = *input++;
HannesTschofenig	0:796d0f61a05b	616	*output++ = (unsigned char)( c ^ iv[n] );
HannesTschofenig	0:796d0f61a05b	617	iv[n] = (unsigned char) c;
HannesTschofenig	0:796d0f61a05b	618
HannesTschofenig	0:796d0f61a05b	619	n = (n + 1) & 0x0F;
HannesTschofenig	0:796d0f61a05b	620	}
HannesTschofenig	0:796d0f61a05b	621	}
HannesTschofenig	0:796d0f61a05b	622	else
HannesTschofenig	0:796d0f61a05b	623	{
HannesTschofenig	0:796d0f61a05b	624	while( length-- )
HannesTschofenig	0:796d0f61a05b	625	{
HannesTschofenig	0:796d0f61a05b	626	if( n == 0 )
HannesTschofenig	0:796d0f61a05b	627	camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv );
HannesTschofenig	0:796d0f61a05b	628
HannesTschofenig	0:796d0f61a05b	629	iv[n] = output++ = (unsigned char)( iv[n] ^ input++ );
HannesTschofenig	0:796d0f61a05b	630
HannesTschofenig	0:796d0f61a05b	631	n = (n + 1) & 0x0F;
HannesTschofenig	0:796d0f61a05b	632	}
HannesTschofenig	0:796d0f61a05b	633	}
HannesTschofenig	0:796d0f61a05b	634
HannesTschofenig	0:796d0f61a05b	635	*iv_off = n;
HannesTschofenig	0:796d0f61a05b	636
HannesTschofenig	0:796d0f61a05b	637	return( 0 );
HannesTschofenig	0:796d0f61a05b	638	}
HannesTschofenig	0:796d0f61a05b	639	#endif /* POLARSSL_CIPHER_MODE_CFB */
HannesTschofenig	0:796d0f61a05b	640
HannesTschofenig	0:796d0f61a05b	641	#if defined(POLARSSL_CIPHER_MODE_CTR)
HannesTschofenig	0:796d0f61a05b	642	/*
HannesTschofenig	0:796d0f61a05b	643	* Camellia-CTR buffer encryption/decryption
HannesTschofenig	0:796d0f61a05b	644	*/
HannesTschofenig	0:796d0f61a05b	645	int camellia_crypt_ctr( camellia_context *ctx,
HannesTschofenig	0:796d0f61a05b	646	size_t length,
HannesTschofenig	0:796d0f61a05b	647	size_t *nc_off,
HannesTschofenig	0:796d0f61a05b	648	unsigned char nonce_counter[16],
HannesTschofenig	0:796d0f61a05b	649	unsigned char stream_block[16],
HannesTschofenig	0:796d0f61a05b	650	const unsigned char *input,
HannesTschofenig	0:796d0f61a05b	651	unsigned char *output )
HannesTschofenig	0:796d0f61a05b	652	{
HannesTschofenig	0:796d0f61a05b	653	int c, i;
HannesTschofenig	0:796d0f61a05b	654	size_t n = *nc_off;
HannesTschofenig	0:796d0f61a05b	655
HannesTschofenig	0:796d0f61a05b	656	while( length-- )
HannesTschofenig	0:796d0f61a05b	657	{
HannesTschofenig	0:796d0f61a05b	658	if( n == 0 ) {
HannesTschofenig	0:796d0f61a05b	659	camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter,
HannesTschofenig	0:796d0f61a05b	660	stream_block );
HannesTschofenig	0:796d0f61a05b	661
HannesTschofenig	0:796d0f61a05b	662	for( i = 16; i > 0; i-- )
HannesTschofenig	0:796d0f61a05b	663	if( ++nonce_counter[i - 1] != 0 )
HannesTschofenig	0:796d0f61a05b	664	break;
HannesTschofenig	0:796d0f61a05b	665	}
HannesTschofenig	0:796d0f61a05b	666	c = *input++;
HannesTschofenig	0:796d0f61a05b	667	*output++ = (unsigned char)( c ^ stream_block[n] );
HannesTschofenig	0:796d0f61a05b	668
HannesTschofenig	0:796d0f61a05b	669	n = (n + 1) & 0x0F;
HannesTschofenig	0:796d0f61a05b	670	}
HannesTschofenig	0:796d0f61a05b	671
HannesTschofenig	0:796d0f61a05b	672	*nc_off = n;
HannesTschofenig	0:796d0f61a05b	673
HannesTschofenig	0:796d0f61a05b	674	return( 0 );
HannesTschofenig	0:796d0f61a05b	675	}
HannesTschofenig	0:796d0f61a05b	676	#endif /* POLARSSL_CIPHER_MODE_CTR */
HannesTschofenig	0:796d0f61a05b	677	#endif /* !POLARSSL_CAMELLIA_ALT */
HannesTschofenig	0:796d0f61a05b	678
HannesTschofenig	0:796d0f61a05b	679	#if defined(POLARSSL_SELF_TEST)
HannesTschofenig	0:796d0f61a05b	680
HannesTschofenig	0:796d0f61a05b	681	#include <stdio.h>
HannesTschofenig	0:796d0f61a05b	682
HannesTschofenig	0:796d0f61a05b	683	/*
HannesTschofenig	0:796d0f61a05b	684	* Camellia test vectors from:
HannesTschofenig	0:796d0f61a05b	685	*
HannesTschofenig	0:796d0f61a05b	686	* http://info.isl.ntt.co.jp/crypt/eng/camellia/technology.html:
HannesTschofenig	0:796d0f61a05b	687	* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/intermediate.txt
HannesTschofenig	0:796d0f61a05b	688	* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/t_camellia.txt
HannesTschofenig	0:796d0f61a05b	689	* (For each bitlength: Key 0, Nr 39)
HannesTschofenig	0:796d0f61a05b	690	*/
HannesTschofenig	0:796d0f61a05b	691	#define CAMELLIA_TESTS_ECB 2
HannesTschofenig	0:796d0f61a05b	692
HannesTschofenig	0:796d0f61a05b	693	static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
HannesTschofenig	0:796d0f61a05b	694	{
HannesTschofenig	0:796d0f61a05b	695	{
HannesTschofenig	0:796d0f61a05b	696	{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
HannesTschofenig	0:796d0f61a05b	697	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
HannesTschofenig	0:796d0f61a05b	698	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	699	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
HannesTschofenig	0:796d0f61a05b	700	},
HannesTschofenig	0:796d0f61a05b	701	{
HannesTschofenig	0:796d0f61a05b	702	{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
HannesTschofenig	0:796d0f61a05b	703	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
HannesTschofenig	0:796d0f61a05b	704	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
HannesTschofenig	0:796d0f61a05b	705	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	706	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	707	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
HannesTschofenig	0:796d0f61a05b	708	},
HannesTschofenig	0:796d0f61a05b	709	{
HannesTschofenig	0:796d0f61a05b	710	{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
HannesTschofenig	0:796d0f61a05b	711	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
HannesTschofenig	0:796d0f61a05b	712	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
HannesTschofenig	0:796d0f61a05b	713	0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
HannesTschofenig	0:796d0f61a05b	714	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	715	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	716	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	717	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
HannesTschofenig	0:796d0f61a05b	718	},
HannesTschofenig	0:796d0f61a05b	719	};
HannesTschofenig	0:796d0f61a05b	720
HannesTschofenig	0:796d0f61a05b	721	static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] =
HannesTschofenig	0:796d0f61a05b	722	{
HannesTschofenig	0:796d0f61a05b	723	{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
HannesTschofenig	0:796d0f61a05b	724	0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
HannesTschofenig	0:796d0f61a05b	725	{ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	726	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
HannesTschofenig	0:796d0f61a05b	727	};
HannesTschofenig	0:796d0f61a05b	728
HannesTschofenig	0:796d0f61a05b	729	static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
HannesTschofenig	0:796d0f61a05b	730	{
HannesTschofenig	0:796d0f61a05b	731	{
HannesTschofenig	0:796d0f61a05b	732	{ 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
HannesTschofenig	0:796d0f61a05b	733	0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 },
HannesTschofenig	0:796d0f61a05b	734	{ 0x38, 0x3C, 0x6C, 0x2A, 0xAB, 0xEF, 0x7F, 0xDE,
HannesTschofenig	0:796d0f61a05b	735	0x25, 0xCD, 0x47, 0x0B, 0xF7, 0x74, 0xA3, 0x31 }
HannesTschofenig	0:796d0f61a05b	736	},
HannesTschofenig	0:796d0f61a05b	737	{
HannesTschofenig	0:796d0f61a05b	738	{ 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
HannesTschofenig	0:796d0f61a05b	739	0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 },
HannesTschofenig	0:796d0f61a05b	740	{ 0xD1, 0x76, 0x3F, 0xC0, 0x19, 0xD7, 0x7C, 0xC9,
HannesTschofenig	0:796d0f61a05b	741	0x30, 0xBF, 0xF2, 0xA5, 0x6F, 0x7C, 0x93, 0x64 }
HannesTschofenig	0:796d0f61a05b	742	},
HannesTschofenig	0:796d0f61a05b	743	{
HannesTschofenig	0:796d0f61a05b	744	{ 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
HannesTschofenig	0:796d0f61a05b	745	0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 },
HannesTschofenig	0:796d0f61a05b	746	{ 0x05, 0x03, 0xFB, 0x10, 0xAB, 0x24, 0x1E, 0x7C,
HannesTschofenig	0:796d0f61a05b	747	0xF4, 0x5D, 0x8C, 0xDE, 0xEE, 0x47, 0x43, 0x35 }
HannesTschofenig	0:796d0f61a05b	748	}
HannesTschofenig	0:796d0f61a05b	749	};
HannesTschofenig	0:796d0f61a05b	750
HannesTschofenig	0:796d0f61a05b	751	#if defined(POLARSSL_CIPHER_MODE_CBC)
HannesTschofenig	0:796d0f61a05b	752	#define CAMELLIA_TESTS_CBC 3
HannesTschofenig	0:796d0f61a05b	753
HannesTschofenig	0:796d0f61a05b	754	static const unsigned char camellia_test_cbc_key[3][32] =
HannesTschofenig	0:796d0f61a05b	755	{
HannesTschofenig	0:796d0f61a05b	756	{ 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
HannesTschofenig	0:796d0f61a05b	757	0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
HannesTschofenig	0:796d0f61a05b	758	,
HannesTschofenig	0:796d0f61a05b	759	{ 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
HannesTschofenig	0:796d0f61a05b	760	0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
HannesTschofenig	0:796d0f61a05b	761	0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
HannesTschofenig	0:796d0f61a05b	762	,
HannesTschofenig	0:796d0f61a05b	763	{ 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
HannesTschofenig	0:796d0f61a05b	764	0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
HannesTschofenig	0:796d0f61a05b	765	0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
HannesTschofenig	0:796d0f61a05b	766	0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
HannesTschofenig	0:796d0f61a05b	767	};
HannesTschofenig	0:796d0f61a05b	768
HannesTschofenig	0:796d0f61a05b	769	static const unsigned char camellia_test_cbc_iv[16] =
HannesTschofenig	0:796d0f61a05b	770
HannesTschofenig	0:796d0f61a05b	771	{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
HannesTschofenig	0:796d0f61a05b	772	0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
HannesTschofenig	0:796d0f61a05b	773	;
HannesTschofenig	0:796d0f61a05b	774
HannesTschofenig	0:796d0f61a05b	775	static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] =
HannesTschofenig	0:796d0f61a05b	776	{
HannesTschofenig	0:796d0f61a05b	777	{ 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
HannesTschofenig	0:796d0f61a05b	778	0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A },
HannesTschofenig	0:796d0f61a05b	779	{ 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
HannesTschofenig	0:796d0f61a05b	780	0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51 },
HannesTschofenig	0:796d0f61a05b	781	{ 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
HannesTschofenig	0:796d0f61a05b	782	0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF }
HannesTschofenig	0:796d0f61a05b	783
HannesTschofenig	0:796d0f61a05b	784	};
HannesTschofenig	0:796d0f61a05b	785
HannesTschofenig	0:796d0f61a05b	786	static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
HannesTschofenig	0:796d0f61a05b	787	{
HannesTschofenig	0:796d0f61a05b	788	{
HannesTschofenig	0:796d0f61a05b	789	{ 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
HannesTschofenig	0:796d0f61a05b	790	0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB },
HannesTschofenig	0:796d0f61a05b	791	{ 0xA2, 0xF2, 0xCF, 0x67, 0x16, 0x29, 0xEF, 0x78,
HannesTschofenig	0:796d0f61a05b	792	0x40, 0xC5, 0xA5, 0xDF, 0xB5, 0x07, 0x48, 0x87 },
HannesTschofenig	0:796d0f61a05b	793	{ 0x0F, 0x06, 0x16, 0x50, 0x08, 0xCF, 0x8B, 0x8B,
HannesTschofenig	0:796d0f61a05b	794	0x5A, 0x63, 0x58, 0x63, 0x62, 0x54, 0x3E, 0x54 }
HannesTschofenig	0:796d0f61a05b	795	},
HannesTschofenig	0:796d0f61a05b	796	{
HannesTschofenig	0:796d0f61a05b	797	{ 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
HannesTschofenig	0:796d0f61a05b	798	0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 },
HannesTschofenig	0:796d0f61a05b	799	{ 0x5D, 0x5A, 0x86, 0x9B, 0xD1, 0x4C, 0xE5, 0x42,
HannesTschofenig	0:796d0f61a05b	800	0x64, 0xF8, 0x92, 0xA6, 0xDD, 0x2E, 0xC3, 0xD5 },
HannesTschofenig	0:796d0f61a05b	801	{ 0x37, 0xD3, 0x59, 0xC3, 0x34, 0x98, 0x36, 0xD8,
HannesTschofenig	0:796d0f61a05b	802	0x84, 0xE3, 0x10, 0xAD, 0xDF, 0x68, 0xC4, 0x49 }
HannesTschofenig	0:796d0f61a05b	803	},
HannesTschofenig	0:796d0f61a05b	804	{
HannesTschofenig	0:796d0f61a05b	805	{ 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
HannesTschofenig	0:796d0f61a05b	806	0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA },
HannesTschofenig	0:796d0f61a05b	807	{ 0x36, 0xCB, 0xEB, 0x73, 0xBD, 0x50, 0x4B, 0x40,
HannesTschofenig	0:796d0f61a05b	808	0x70, 0xB1, 0xB7, 0xDE, 0x2B, 0x21, 0xEB, 0x50 },
HannesTschofenig	0:796d0f61a05b	809	{ 0xE3, 0x1A, 0x60, 0x55, 0x29, 0x7D, 0x96, 0xCA,
HannesTschofenig	0:796d0f61a05b	810	0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
HannesTschofenig	0:796d0f61a05b	811	}
HannesTschofenig	0:796d0f61a05b	812	};
HannesTschofenig	0:796d0f61a05b	813	#endif /* POLARSSL_CIPHER_MODE_CBC */
HannesTschofenig	0:796d0f61a05b	814
HannesTschofenig	0:796d0f61a05b	815	#if defined(POLARSSL_CIPHER_MODE_CTR)
HannesTschofenig	0:796d0f61a05b	816	/*
HannesTschofenig	0:796d0f61a05b	817	* Camellia-CTR test vectors from:
HannesTschofenig	0:796d0f61a05b	818	*
HannesTschofenig	0:796d0f61a05b	819	* http://www.faqs.org/rfcs/rfc5528.html
HannesTschofenig	0:796d0f61a05b	820	*/
HannesTschofenig	0:796d0f61a05b	821
HannesTschofenig	0:796d0f61a05b	822	static const unsigned char camellia_test_ctr_key[3][16] =
HannesTschofenig	0:796d0f61a05b	823	{
HannesTschofenig	0:796d0f61a05b	824	{ 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
HannesTschofenig	0:796d0f61a05b	825	0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
HannesTschofenig	0:796d0f61a05b	826	{ 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
HannesTschofenig	0:796d0f61a05b	827	0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
HannesTschofenig	0:796d0f61a05b	828	{ 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
HannesTschofenig	0:796d0f61a05b	829	0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
HannesTschofenig	0:796d0f61a05b	830	};
HannesTschofenig	0:796d0f61a05b	831
HannesTschofenig	0:796d0f61a05b	832	static const unsigned char camellia_test_ctr_nonce_counter[3][16] =
HannesTschofenig	0:796d0f61a05b	833	{
HannesTschofenig	0:796d0f61a05b	834	{ 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
HannesTschofenig	0:796d0f61a05b	835	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
HannesTschofenig	0:796d0f61a05b	836	{ 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
HannesTschofenig	0:796d0f61a05b	837	0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
HannesTschofenig	0:796d0f61a05b	838	{ 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
HannesTschofenig	0:796d0f61a05b	839	0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
HannesTschofenig	0:796d0f61a05b	840	};
HannesTschofenig	0:796d0f61a05b	841
HannesTschofenig	0:796d0f61a05b	842	static const unsigned char camellia_test_ctr_pt[3][48] =
HannesTschofenig	0:796d0f61a05b	843	{
HannesTschofenig	0:796d0f61a05b	844	{ 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
HannesTschofenig	0:796d0f61a05b	845	0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
HannesTschofenig	0:796d0f61a05b	846
HannesTschofenig	0:796d0f61a05b	847	{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
HannesTschofenig	0:796d0f61a05b	848	0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
HannesTschofenig	0:796d0f61a05b	849	0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
HannesTschofenig	0:796d0f61a05b	850	0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
HannesTschofenig	0:796d0f61a05b	851
HannesTschofenig	0:796d0f61a05b	852	{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
HannesTschofenig	0:796d0f61a05b	853	0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
HannesTschofenig	0:796d0f61a05b	854	0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
HannesTschofenig	0:796d0f61a05b	855	0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
HannesTschofenig	0:796d0f61a05b	856	0x20, 0x21, 0x22, 0x23 }
HannesTschofenig	0:796d0f61a05b	857	};
HannesTschofenig	0:796d0f61a05b	858
HannesTschofenig	0:796d0f61a05b	859	static const unsigned char camellia_test_ctr_ct[3][48] =
HannesTschofenig	0:796d0f61a05b	860	{
HannesTschofenig	0:796d0f61a05b	861	{ 0xD0, 0x9D, 0xC2, 0x9A, 0x82, 0x14, 0x61, 0x9A,
HannesTschofenig	0:796d0f61a05b	862	0x20, 0x87, 0x7C, 0x76, 0xDB, 0x1F, 0x0B, 0x3F },
HannesTschofenig	0:796d0f61a05b	863	{ 0xDB, 0xF3, 0xC7, 0x8D, 0xC0, 0x83, 0x96, 0xD4,
HannesTschofenig	0:796d0f61a05b	864	0xDA, 0x7C, 0x90, 0x77, 0x65, 0xBB, 0xCB, 0x44,
HannesTschofenig	0:796d0f61a05b	865	0x2B, 0x8E, 0x8E, 0x0F, 0x31, 0xF0, 0xDC, 0xA7,
HannesTschofenig	0:796d0f61a05b	866	0x2C, 0x74, 0x17, 0xE3, 0x53, 0x60, 0xE0, 0x48 },
HannesTschofenig	0:796d0f61a05b	867	{ 0xB1, 0x9D, 0x1F, 0xCD, 0xCB, 0x75, 0xEB, 0x88,
HannesTschofenig	0:796d0f61a05b	868	0x2F, 0x84, 0x9C, 0xE2, 0x4D, 0x85, 0xCF, 0x73,
HannesTschofenig	0:796d0f61a05b	869	0x9C, 0xE6, 0x4B, 0x2B, 0x5C, 0x9D, 0x73, 0xF1,
HannesTschofenig	0:796d0f61a05b	870	0x4F, 0x2D, 0x5D, 0x9D, 0xCE, 0x98, 0x89, 0xCD,
HannesTschofenig	0:796d0f61a05b	871	0xDF, 0x50, 0x86, 0x96 }
HannesTschofenig	0:796d0f61a05b	872	};
HannesTschofenig	0:796d0f61a05b	873
HannesTschofenig	0:796d0f61a05b	874	static const int camellia_test_ctr_len[3] =
HannesTschofenig	0:796d0f61a05b	875	{ 16, 32, 36 };
HannesTschofenig	0:796d0f61a05b	876	#endif /* POLARSSL_CIPHER_MODE_CTR */
HannesTschofenig	0:796d0f61a05b	877
HannesTschofenig	0:796d0f61a05b	878	/*
HannesTschofenig	0:796d0f61a05b	879	* Checkup routine
HannesTschofenig	0:796d0f61a05b	880	*/
HannesTschofenig	0:796d0f61a05b	881	int camellia_self_test( int verbose )
HannesTschofenig	0:796d0f61a05b	882	{
HannesTschofenig	0:796d0f61a05b	883	int i, j, u, v;
HannesTschofenig	0:796d0f61a05b	884	unsigned char key[32];
HannesTschofenig	0:796d0f61a05b	885	unsigned char buf[64];
HannesTschofenig	0:796d0f61a05b	886	unsigned char src[16];
HannesTschofenig	0:796d0f61a05b	887	unsigned char dst[16];
HannesTschofenig	0:796d0f61a05b	888	#if defined(POLARSSL_CIPHER_MODE_CBC)
HannesTschofenig	0:796d0f61a05b	889	unsigned char iv[16];
HannesTschofenig	0:796d0f61a05b	890	#endif
HannesTschofenig	0:796d0f61a05b	891	#if defined(POLARSSL_CIPHER_MODE_CTR)
HannesTschofenig	0:796d0f61a05b	892	size_t offset, len;
HannesTschofenig	0:796d0f61a05b	893	unsigned char nonce_counter[16];
HannesTschofenig	0:796d0f61a05b	894	unsigned char stream_block[16];
HannesTschofenig	0:796d0f61a05b	895	#endif
HannesTschofenig	0:796d0f61a05b	896
HannesTschofenig	0:796d0f61a05b	897	camellia_context ctx;
HannesTschofenig	0:796d0f61a05b	898
HannesTschofenig	0:796d0f61a05b	899	memset( key, 0, 32 );
HannesTschofenig	0:796d0f61a05b	900
HannesTschofenig	0:796d0f61a05b	901	for (j = 0; j < 6; j++) {
HannesTschofenig	0:796d0f61a05b	902	u = j >> 1;
HannesTschofenig	0:796d0f61a05b	903	v = j & 1;
HannesTschofenig	0:796d0f61a05b	904
HannesTschofenig	0:796d0f61a05b	905	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	906	polarssl_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
HannesTschofenig	0:796d0f61a05b	907	(v == CAMELLIA_DECRYPT) ? "dec" : "enc");
HannesTschofenig	0:796d0f61a05b	908
HannesTschofenig	0:796d0f61a05b	909	for (i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
HannesTschofenig	0:796d0f61a05b	910	memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u);
HannesTschofenig	0:796d0f61a05b	911
HannesTschofenig	0:796d0f61a05b	912	if (v == CAMELLIA_DECRYPT) {
HannesTschofenig	0:796d0f61a05b	913	camellia_setkey_dec(&ctx, key, 128 + u * 64);
HannesTschofenig	0:796d0f61a05b	914	memcpy(src, camellia_test_ecb_cipher[u][i], 16);
HannesTschofenig	0:796d0f61a05b	915	memcpy(dst, camellia_test_ecb_plain[i], 16);
HannesTschofenig	0:796d0f61a05b	916	} else { /* CAMELLIA_ENCRYPT */
HannesTschofenig	0:796d0f61a05b	917	camellia_setkey_enc(&ctx, key, 128 + u * 64);
HannesTschofenig	0:796d0f61a05b	918	memcpy(src, camellia_test_ecb_plain[i], 16);
HannesTschofenig	0:796d0f61a05b	919	memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
HannesTschofenig	0:796d0f61a05b	920	}
HannesTschofenig	0:796d0f61a05b	921
HannesTschofenig	0:796d0f61a05b	922	camellia_crypt_ecb(&ctx, v, src, buf);
HannesTschofenig	0:796d0f61a05b	923
HannesTschofenig	0:796d0f61a05b	924	if( memcmp( buf, dst, 16 ) != 0 )
HannesTschofenig	0:796d0f61a05b	925	{
HannesTschofenig	0:796d0f61a05b	926	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	927	polarssl_printf( "failed\n" );
HannesTschofenig	0:796d0f61a05b	928
HannesTschofenig	0:796d0f61a05b	929	return( 1 );
HannesTschofenig	0:796d0f61a05b	930	}
HannesTschofenig	0:796d0f61a05b	931	}
HannesTschofenig	0:796d0f61a05b	932
HannesTschofenig	0:796d0f61a05b	933	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	934	polarssl_printf( "passed\n" );
HannesTschofenig	0:796d0f61a05b	935	}
HannesTschofenig	0:796d0f61a05b	936
HannesTschofenig	0:796d0f61a05b	937	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	938	polarssl_printf( "\n" );
HannesTschofenig	0:796d0f61a05b	939
HannesTschofenig	0:796d0f61a05b	940	#if defined(POLARSSL_CIPHER_MODE_CBC)
HannesTschofenig	0:796d0f61a05b	941	/*
HannesTschofenig	0:796d0f61a05b	942	* CBC mode
HannesTschofenig	0:796d0f61a05b	943	*/
HannesTschofenig	0:796d0f61a05b	944	for( j = 0; j < 6; j++ )
HannesTschofenig	0:796d0f61a05b	945	{
HannesTschofenig	0:796d0f61a05b	946	u = j >> 1;
HannesTschofenig	0:796d0f61a05b	947	v = j & 1;
HannesTschofenig	0:796d0f61a05b	948
HannesTschofenig	0:796d0f61a05b	949	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	950	polarssl_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
HannesTschofenig	0:796d0f61a05b	951	( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
HannesTschofenig	0:796d0f61a05b	952
HannesTschofenig	0:796d0f61a05b	953	memcpy( src, camellia_test_cbc_iv, 16);
HannesTschofenig	0:796d0f61a05b	954	memcpy( dst, camellia_test_cbc_iv, 16);
HannesTschofenig	0:796d0f61a05b	955	memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u);
HannesTschofenig	0:796d0f61a05b	956
HannesTschofenig	0:796d0f61a05b	957	if (v == CAMELLIA_DECRYPT) {
HannesTschofenig	0:796d0f61a05b	958	camellia_setkey_dec(&ctx, key, 128 + u * 64);
HannesTschofenig	0:796d0f61a05b	959	} else {
HannesTschofenig	0:796d0f61a05b	960	camellia_setkey_enc(&ctx, key, 128 + u * 64);
HannesTschofenig	0:796d0f61a05b	961	}
HannesTschofenig	0:796d0f61a05b	962
HannesTschofenig	0:796d0f61a05b	963	for (i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
HannesTschofenig	0:796d0f61a05b	964
HannesTschofenig	0:796d0f61a05b	965	if (v == CAMELLIA_DECRYPT) {
HannesTschofenig	0:796d0f61a05b	966	memcpy( iv , src, 16 );
HannesTschofenig	0:796d0f61a05b	967	memcpy(src, camellia_test_cbc_cipher[u][i], 16);
HannesTschofenig	0:796d0f61a05b	968	memcpy(dst, camellia_test_cbc_plain[i], 16);
HannesTschofenig	0:796d0f61a05b	969	} else { /* CAMELLIA_ENCRYPT */
HannesTschofenig	0:796d0f61a05b	970	memcpy( iv , dst, 16 );
HannesTschofenig	0:796d0f61a05b	971	memcpy(src, camellia_test_cbc_plain[i], 16);
HannesTschofenig	0:796d0f61a05b	972	memcpy(dst, camellia_test_cbc_cipher[u][i], 16);
HannesTschofenig	0:796d0f61a05b	973	}
HannesTschofenig	0:796d0f61a05b	974
HannesTschofenig	0:796d0f61a05b	975	camellia_crypt_cbc(&ctx, v, 16, iv, src, buf);
HannesTschofenig	0:796d0f61a05b	976
HannesTschofenig	0:796d0f61a05b	977	if( memcmp( buf, dst, 16 ) != 0 )
HannesTschofenig	0:796d0f61a05b	978	{
HannesTschofenig	0:796d0f61a05b	979	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	980	polarssl_printf( "failed\n" );
HannesTschofenig	0:796d0f61a05b	981
HannesTschofenig	0:796d0f61a05b	982	return( 1 );
HannesTschofenig	0:796d0f61a05b	983	}
HannesTschofenig	0:796d0f61a05b	984	}
HannesTschofenig	0:796d0f61a05b	985
HannesTschofenig	0:796d0f61a05b	986	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	987	polarssl_printf( "passed\n" );
HannesTschofenig	0:796d0f61a05b	988	}
HannesTschofenig	0:796d0f61a05b	989	#endif /* POLARSSL_CIPHER_MODE_CBC */
HannesTschofenig	0:796d0f61a05b	990
HannesTschofenig	0:796d0f61a05b	991	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	992	polarssl_printf( "\n" );
HannesTschofenig	0:796d0f61a05b	993
HannesTschofenig	0:796d0f61a05b	994	#if defined(POLARSSL_CIPHER_MODE_CTR)
HannesTschofenig	0:796d0f61a05b	995	/*
HannesTschofenig	0:796d0f61a05b	996	* CTR mode
HannesTschofenig	0:796d0f61a05b	997	*/
HannesTschofenig	0:796d0f61a05b	998	for( i = 0; i < 6; i++ )
HannesTschofenig	0:796d0f61a05b	999	{
HannesTschofenig	0:796d0f61a05b	1000	u = i >> 1;
HannesTschofenig	0:796d0f61a05b	1001	v = i & 1;
HannesTschofenig	0:796d0f61a05b	1002
HannesTschofenig	0:796d0f61a05b	1003	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	1004	polarssl_printf( " CAMELLIA-CTR-128 (%s): ",
HannesTschofenig	0:796d0f61a05b	1005	( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
HannesTschofenig	0:796d0f61a05b	1006
HannesTschofenig	0:796d0f61a05b	1007	memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
HannesTschofenig	0:796d0f61a05b	1008	memcpy( key, camellia_test_ctr_key[u], 16 );
HannesTschofenig	0:796d0f61a05b	1009
HannesTschofenig	0:796d0f61a05b	1010	offset = 0;
HannesTschofenig	0:796d0f61a05b	1011	camellia_setkey_enc( &ctx, key, 128 );
HannesTschofenig	0:796d0f61a05b	1012
HannesTschofenig	0:796d0f61a05b	1013	if( v == CAMELLIA_DECRYPT )
HannesTschofenig	0:796d0f61a05b	1014	{
HannesTschofenig	0:796d0f61a05b	1015	len = camellia_test_ctr_len[u];
HannesTschofenig	0:796d0f61a05b	1016	memcpy( buf, camellia_test_ctr_ct[u], len );
HannesTschofenig	0:796d0f61a05b	1017
HannesTschofenig	0:796d0f61a05b	1018	camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
HannesTschofenig	0:796d0f61a05b	1019	buf, buf );
HannesTschofenig	0:796d0f61a05b	1020
HannesTschofenig	0:796d0f61a05b	1021	if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
HannesTschofenig	0:796d0f61a05b	1022	{
HannesTschofenig	0:796d0f61a05b	1023	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	1024	polarssl_printf( "failed\n" );
HannesTschofenig	0:796d0f61a05b	1025
HannesTschofenig	0:796d0f61a05b	1026	return( 1 );
HannesTschofenig	0:796d0f61a05b	1027	}
HannesTschofenig	0:796d0f61a05b	1028	}
HannesTschofenig	0:796d0f61a05b	1029	else
HannesTschofenig	0:796d0f61a05b	1030	{
HannesTschofenig	0:796d0f61a05b	1031	len = camellia_test_ctr_len[u];
HannesTschofenig	0:796d0f61a05b	1032	memcpy( buf, camellia_test_ctr_pt[u], len );
HannesTschofenig	0:796d0f61a05b	1033
HannesTschofenig	0:796d0f61a05b	1034	camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
HannesTschofenig	0:796d0f61a05b	1035	buf, buf );
HannesTschofenig	0:796d0f61a05b	1036
HannesTschofenig	0:796d0f61a05b	1037	if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
HannesTschofenig	0:796d0f61a05b	1038	{
HannesTschofenig	0:796d0f61a05b	1039	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	1040	polarssl_printf( "failed\n" );
HannesTschofenig	0:796d0f61a05b	1041
HannesTschofenig	0:796d0f61a05b	1042	return( 1 );
HannesTschofenig	0:796d0f61a05b	1043	}
HannesTschofenig	0:796d0f61a05b	1044	}
HannesTschofenig	0:796d0f61a05b	1045
HannesTschofenig	0:796d0f61a05b	1046	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	1047	polarssl_printf( "passed\n" );
HannesTschofenig	0:796d0f61a05b	1048	}
HannesTschofenig	0:796d0f61a05b	1049
HannesTschofenig	0:796d0f61a05b	1050	if( verbose != 0 )
HannesTschofenig	0:796d0f61a05b	1051	polarssl_printf( "\n" );
HannesTschofenig	0:796d0f61a05b	1052	#endif /* POLARSSL_CIPHER_MODE_CTR */
HannesTschofenig	0:796d0f61a05b	1053
HannesTschofenig	0:796d0f61a05b	1054	return ( 0 );
HannesTschofenig	0:796d0f61a05b	1055	}
HannesTschofenig	0:796d0f61a05b	1056
HannesTschofenig	0:796d0f61a05b	1057	#endif /* POLARSSL_SELF_TEST */
HannesTschofenig	0:796d0f61a05b	1058
HannesTschofenig	0:796d0f61a05b	1059	#endif /* POLARSSL_CAMELLIA_C */
HannesTschofenig	0:796d0f61a05b	1060
HannesTschofenig	0:796d0f61a05b	1061

Repository toolbox

Export to desktop IDE

Build repository

Repository details

Type:	Program
Mbed OS support:	Mbed 2 deprecated
Created:	27 Sep 2018
Imports:	11
Forks:	0
Commits:	1
Dependents:	0
Dependencies:	1
Followers:	1

The code in this repository is Apache licensed.

SSL/library/camellia.c@0:796d0f61a05b, 2018-09-27 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning