Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
camellia.h
00001 /** 00002 * \file camellia.h 00003 * 00004 * \brief Camellia block cipher 00005 */ 00006 /* 00007 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00008 * SPDX-License-Identifier: Apache-2.0 00009 * 00010 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00011 * not use this file except in compliance with the License. 00012 * You may obtain a copy of the License at 00013 * 00014 * http://www.apache.org/licenses/LICENSE-2.0 00015 * 00016 * Unless required by applicable law or agreed to in writing, software 00017 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00018 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00019 * See the License for the specific language governing permissions and 00020 * limitations under the License. 00021 * 00022 * This file is part of mbed TLS (https://tls.mbed.org) 00023 */ 00024 #ifndef MBEDTLS_CAMELLIA_H 00025 #define MBEDTLS_CAMELLIA_H 00026 00027 #if !defined(MBEDTLS_CONFIG_FILE) 00028 #include "config.h" 00029 #else 00030 #include MBEDTLS_CONFIG_FILE 00031 #endif 00032 00033 #include <stddef.h> 00034 #include <stdint.h> 00035 00036 #define MBEDTLS_CAMELLIA_ENCRYPT 1 00037 #define MBEDTLS_CAMELLIA_DECRYPT 0 00038 00039 #define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ 00040 #define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ 00041 #define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027 /**< Camellia hardware accelerator failed. */ 00042 00043 #ifdef __cplusplus 00044 extern "C" { 00045 #endif 00046 00047 #if !defined(MBEDTLS_CAMELLIA_ALT) 00048 // Regular implementation 00049 // 00050 00051 /** 00052 * \brief CAMELLIA context structure 00053 */ 00054 typedef struct 00055 { 00056 int nr ; /*!< number of rounds */ 00057 uint32_t rk[68]; /*!< CAMELLIA round keys */ 00058 } 00059 mbedtls_camellia_context; 00060 00061 #else /* MBEDTLS_CAMELLIA_ALT */ 00062 #include "camellia_alt.h" 00063 #endif /* MBEDTLS_CAMELLIA_ALT */ 00064 00065 /** 00066 * \brief Initialize CAMELLIA context 00067 * 00068 * \param ctx CAMELLIA context to be initialized 00069 */ 00070 void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); 00071 00072 /** 00073 * \brief Clear CAMELLIA context 00074 * 00075 * \param ctx CAMELLIA context to be cleared 00076 */ 00077 void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); 00078 00079 /** 00080 * \brief CAMELLIA key schedule (encryption) 00081 * 00082 * \param ctx CAMELLIA context to be initialized 00083 * \param key encryption key 00084 * \param keybits must be 128, 192 or 256 00085 * 00086 * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH 00087 */ 00088 int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, 00089 unsigned int keybits ); 00090 00091 /** 00092 * \brief CAMELLIA key schedule (decryption) 00093 * 00094 * \param ctx CAMELLIA context to be initialized 00095 * \param key decryption key 00096 * \param keybits must be 128, 192 or 256 00097 * 00098 * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH 00099 */ 00100 int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, 00101 unsigned int keybits ); 00102 00103 /** 00104 * \brief CAMELLIA-ECB block encryption/decryption 00105 * 00106 * \param ctx CAMELLIA context 00107 * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT 00108 * \param input 16-byte input block 00109 * \param output 16-byte output block 00110 * 00111 * \return 0 if successful 00112 */ 00113 int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, 00114 int mode, 00115 const unsigned char input[16], 00116 unsigned char output[16] ); 00117 00118 #if defined(MBEDTLS_CIPHER_MODE_CBC) 00119 /** 00120 * \brief CAMELLIA-CBC buffer encryption/decryption 00121 * Length should be a multiple of the block 00122 * size (16 bytes) 00123 * 00124 * \note Upon exit, the content of the IV is updated so that you can 00125 * call the function same function again on the following 00126 * block(s) of data and get the same result as if it was 00127 * encrypted in one call. This allows a "streaming" usage. 00128 * If on the other hand you need to retain the contents of the 00129 * IV, you should either save it manually or use the cipher 00130 * module instead. 00131 * 00132 * \param ctx CAMELLIA context 00133 * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT 00134 * \param length length of the input data 00135 * \param iv initialization vector (updated after use) 00136 * \param input buffer holding the input data 00137 * \param output buffer holding the output data 00138 * 00139 * \return 0 if successful, or 00140 * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH 00141 */ 00142 int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, 00143 int mode, 00144 size_t length, 00145 unsigned char iv[16], 00146 const unsigned char *input, 00147 unsigned char *output ); 00148 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 00149 00150 #if defined(MBEDTLS_CIPHER_MODE_CFB) 00151 /** 00152 * \brief CAMELLIA-CFB128 buffer encryption/decryption 00153 * 00154 * Note: Due to the nature of CFB you should use the same key schedule for 00155 * both encryption and decryption. So a context initialized with 00156 * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. 00157 * 00158 * \note Upon exit, the content of the IV is updated so that you can 00159 * call the function same function again on the following 00160 * block(s) of data and get the same result as if it was 00161 * encrypted in one call. This allows a "streaming" usage. 00162 * If on the other hand you need to retain the contents of the 00163 * IV, you should either save it manually or use the cipher 00164 * module instead. 00165 * 00166 * \param ctx CAMELLIA context 00167 * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT 00168 * \param length length of the input data 00169 * \param iv_off offset in IV (updated after use) 00170 * \param iv initialization vector (updated after use) 00171 * \param input buffer holding the input data 00172 * \param output buffer holding the output data 00173 * 00174 * \return 0 if successful, or 00175 * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH 00176 */ 00177 int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, 00178 int mode, 00179 size_t length, 00180 size_t *iv_off, 00181 unsigned char iv[16], 00182 const unsigned char *input, 00183 unsigned char *output ); 00184 #endif /* MBEDTLS_CIPHER_MODE_CFB */ 00185 00186 #if defined(MBEDTLS_CIPHER_MODE_CTR) 00187 /** 00188 * \brief CAMELLIA-CTR buffer encryption/decryption 00189 * 00190 * Note: Due to the nature of CTR you should use the same key schedule for 00191 * both encryption and decryption. So a context initialized with 00192 * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT. 00193 * 00194 * \warning You must never reuse a nonce value with the same key. Doing so 00195 * would void the encryption for the two messages encrypted with 00196 * the same nonce and key. 00197 * 00198 * There are two common strategies for managing nonces with CTR: 00199 * 00200 * 1. You can handle everything as a single message processed over 00201 * successive calls to this function. In that case, you want to 00202 * set \p nonce_counter and \p nc_off to 0 for the first call, and 00203 * then preserve the values of \p nonce_counter, \p nc_off and \p 00204 * stream_block across calls to this function as they will be 00205 * updated by this function. 00206 * 00207 * With this strategy, you must not encrypt more than 2**128 00208 * blocks of data with the same key. 00209 * 00210 * 2. You can encrypt separate messages by dividing the \p 00211 * nonce_counter buffer in two areas: the first one used for a 00212 * per-message nonce, handled by yourself, and the second one 00213 * updated by this function internally. 00214 * 00215 * For example, you might reserve the first 12 bytes for the 00216 * per-message nonce, and the last 4 bytes for internal use. In that 00217 * case, before calling this function on a new message you need to 00218 * set the first 12 bytes of \p nonce_counter to your chosen nonce 00219 * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p 00220 * stream_block to be ignored). That way, you can encrypt at most 00221 * 2**96 messages of up to 2**32 blocks each with the same key. 00222 * 00223 * The per-message nonce (or information sufficient to reconstruct 00224 * it) needs to be communicated with the ciphertext and must be unique. 00225 * The recommended way to ensure uniqueness is to use a message 00226 * counter. An alternative is to generate random nonces, but this 00227 * limits the number of messages that can be securely encrypted: 00228 * for example, with 96-bit random nonces, you should not encrypt 00229 * more than 2**32 messages with the same key. 00230 * 00231 * Note that for both stategies, sizes are measured in blocks and 00232 * that a CAMELLIA block is 16 bytes. 00233 * 00234 * \warning Upon return, \p stream_block contains sensitive data. Its 00235 * content must not be written to insecure storage and should be 00236 * securely discarded as soon as it's no longer needed. 00237 * 00238 * \param ctx CAMELLIA context 00239 * \param length The length of the data 00240 * \param nc_off The offset in the current stream_block (for resuming 00241 * within current cipher stream). The offset pointer to 00242 * should be 0 at the start of a stream. 00243 * \param nonce_counter The 128-bit nonce and counter. 00244 * \param stream_block The saved stream-block for resuming. Is overwritten 00245 * by the function. 00246 * \param input The input data stream 00247 * \param output The output data stream 00248 * 00249 * \return 0 if successful 00250 */ 00251 int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, 00252 size_t length, 00253 size_t *nc_off, 00254 unsigned char nonce_counter[16], 00255 unsigned char stream_block[16], 00256 const unsigned char *input, 00257 unsigned char *output ); 00258 #endif /* MBEDTLS_CIPHER_MODE_CTR */ 00259 00260 /** 00261 * \brief Checkup routine 00262 * 00263 * \return 0 if successful, or 1 if the test failed 00264 */ 00265 int mbedtls_camellia_self_test( int verbose ); 00266 00267 #ifdef __cplusplus 00268 } 00269 #endif 00270 00271 #endif /* camellia.h */
Generated on Tue Jul 12 2022 12:43:37 by
