Kenji Arai
/
TYBLE16_mbedlized_os5_several_examples_1st
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: nRF51_Vdd TextLCD BME280
TYBLE16_os5_BASE/features/mbedtls/inc/mbedtls/camellia.h@6:6dd8c932bd56, 2019-12-19 (annotated)
- Committer:
- kenjiArai
- Date:
- Thu Dec 19 07:27:50 2019 +0000
- Revision:
- 6:6dd8c932bd56
- Parent:
- 4:e9dfb4ca4277
updated each main.cpp
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| kenjiArai | 4:e9dfb4ca4277 | 1 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 2 | * \file camellia.h |
| kenjiArai | 4:e9dfb4ca4277 | 3 | * |
| kenjiArai | 4:e9dfb4ca4277 | 4 | * \brief Camellia block cipher |
| kenjiArai | 4:e9dfb4ca4277 | 5 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 6 | /* |
| kenjiArai | 4:e9dfb4ca4277 | 7 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| kenjiArai | 4:e9dfb4ca4277 | 8 | * SPDX-License-Identifier: Apache-2.0 |
| kenjiArai | 4:e9dfb4ca4277 | 9 | * |
| kenjiArai | 4:e9dfb4ca4277 | 10 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| kenjiArai | 4:e9dfb4ca4277 | 11 | * not use this file except in compliance with the License. |
| kenjiArai | 4:e9dfb4ca4277 | 12 | * You may obtain a copy of the License at |
| kenjiArai | 4:e9dfb4ca4277 | 13 | * |
| kenjiArai | 4:e9dfb4ca4277 | 14 | * http://www.apache.org/licenses/LICENSE-2.0 |
| kenjiArai | 4:e9dfb4ca4277 | 15 | * |
| kenjiArai | 4:e9dfb4ca4277 | 16 | * Unless required by applicable law or agreed to in writing, software |
| kenjiArai | 4:e9dfb4ca4277 | 17 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| kenjiArai | 4:e9dfb4ca4277 | 18 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| kenjiArai | 4:e9dfb4ca4277 | 19 | * See the License for the specific language governing permissions and |
| kenjiArai | 4:e9dfb4ca4277 | 20 | * limitations under the License. |
| kenjiArai | 4:e9dfb4ca4277 | 21 | * |
| kenjiArai | 4:e9dfb4ca4277 | 22 | * This file is part of mbed TLS (https://tls.mbed.org) |
| kenjiArai | 4:e9dfb4ca4277 | 23 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 24 | #ifndef MBEDTLS_CAMELLIA_H |
| kenjiArai | 4:e9dfb4ca4277 | 25 | #define MBEDTLS_CAMELLIA_H |
| kenjiArai | 4:e9dfb4ca4277 | 26 | |
| kenjiArai | 4:e9dfb4ca4277 | 27 | #if !defined(MBEDTLS_CONFIG_FILE) |
| kenjiArai | 4:e9dfb4ca4277 | 28 | #include "config.h" |
| kenjiArai | 4:e9dfb4ca4277 | 29 | #else |
| kenjiArai | 4:e9dfb4ca4277 | 30 | #include MBEDTLS_CONFIG_FILE |
| kenjiArai | 4:e9dfb4ca4277 | 31 | #endif |
| kenjiArai | 4:e9dfb4ca4277 | 32 | |
| kenjiArai | 4:e9dfb4ca4277 | 33 | #include <stddef.h> |
| kenjiArai | 4:e9dfb4ca4277 | 34 | #include <stdint.h> |
| kenjiArai | 4:e9dfb4ca4277 | 35 | |
| kenjiArai | 4:e9dfb4ca4277 | 36 | #define MBEDTLS_CAMELLIA_ENCRYPT 1 |
| kenjiArai | 4:e9dfb4ca4277 | 37 | #define MBEDTLS_CAMELLIA_DECRYPT 0 |
| kenjiArai | 4:e9dfb4ca4277 | 38 | |
| kenjiArai | 4:e9dfb4ca4277 | 39 | #define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ |
| kenjiArai | 4:e9dfb4ca4277 | 40 | #define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ |
| kenjiArai | 4:e9dfb4ca4277 | 41 | #define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027 /**< Camellia hardware accelerator failed. */ |
| kenjiArai | 4:e9dfb4ca4277 | 42 | |
| kenjiArai | 4:e9dfb4ca4277 | 43 | #ifdef __cplusplus |
| kenjiArai | 4:e9dfb4ca4277 | 44 | extern "C" { |
| kenjiArai | 4:e9dfb4ca4277 | 45 | #endif |
| kenjiArai | 4:e9dfb4ca4277 | 46 | |
| kenjiArai | 4:e9dfb4ca4277 | 47 | #if !defined(MBEDTLS_CAMELLIA_ALT) |
| kenjiArai | 4:e9dfb4ca4277 | 48 | // Regular implementation |
| kenjiArai | 4:e9dfb4ca4277 | 49 | // |
| kenjiArai | 4:e9dfb4ca4277 | 50 | |
| kenjiArai | 4:e9dfb4ca4277 | 51 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 52 | * \brief CAMELLIA context structure |
| kenjiArai | 4:e9dfb4ca4277 | 53 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 54 | typedef struct mbedtls_camellia_context |
| kenjiArai | 4:e9dfb4ca4277 | 55 | { |
| kenjiArai | 4:e9dfb4ca4277 | 56 | int nr; /*!< number of rounds */ |
| kenjiArai | 4:e9dfb4ca4277 | 57 | uint32_t rk[68]; /*!< CAMELLIA round keys */ |
| kenjiArai | 4:e9dfb4ca4277 | 58 | } |
| kenjiArai | 4:e9dfb4ca4277 | 59 | mbedtls_camellia_context; |
| kenjiArai | 4:e9dfb4ca4277 | 60 | |
| kenjiArai | 4:e9dfb4ca4277 | 61 | #else /* MBEDTLS_CAMELLIA_ALT */ |
| kenjiArai | 4:e9dfb4ca4277 | 62 | #include "camellia_alt.h" |
| kenjiArai | 4:e9dfb4ca4277 | 63 | #endif /* MBEDTLS_CAMELLIA_ALT */ |
| kenjiArai | 4:e9dfb4ca4277 | 64 | |
| kenjiArai | 4:e9dfb4ca4277 | 65 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 66 | * \brief Initialize CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 67 | * |
| kenjiArai | 4:e9dfb4ca4277 | 68 | * \param ctx CAMELLIA context to be initialized |
| kenjiArai | 4:e9dfb4ca4277 | 69 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 70 | void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); |
| kenjiArai | 4:e9dfb4ca4277 | 71 | |
| kenjiArai | 4:e9dfb4ca4277 | 72 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 73 | * \brief Clear CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 74 | * |
| kenjiArai | 4:e9dfb4ca4277 | 75 | * \param ctx CAMELLIA context to be cleared |
| kenjiArai | 4:e9dfb4ca4277 | 76 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 77 | void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); |
| kenjiArai | 4:e9dfb4ca4277 | 78 | |
| kenjiArai | 4:e9dfb4ca4277 | 79 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 80 | * \brief CAMELLIA key schedule (encryption) |
| kenjiArai | 4:e9dfb4ca4277 | 81 | * |
| kenjiArai | 4:e9dfb4ca4277 | 82 | * \param ctx CAMELLIA context to be initialized |
| kenjiArai | 4:e9dfb4ca4277 | 83 | * \param key encryption key |
| kenjiArai | 4:e9dfb4ca4277 | 84 | * \param keybits must be 128, 192 or 256 |
| kenjiArai | 4:e9dfb4ca4277 | 85 | * |
| kenjiArai | 4:e9dfb4ca4277 | 86 | * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH |
| kenjiArai | 4:e9dfb4ca4277 | 87 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 88 | int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, |
| kenjiArai | 4:e9dfb4ca4277 | 89 | unsigned int keybits ); |
| kenjiArai | 4:e9dfb4ca4277 | 90 | |
| kenjiArai | 4:e9dfb4ca4277 | 91 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 92 | * \brief CAMELLIA key schedule (decryption) |
| kenjiArai | 4:e9dfb4ca4277 | 93 | * |
| kenjiArai | 4:e9dfb4ca4277 | 94 | * \param ctx CAMELLIA context to be initialized |
| kenjiArai | 4:e9dfb4ca4277 | 95 | * \param key decryption key |
| kenjiArai | 4:e9dfb4ca4277 | 96 | * \param keybits must be 128, 192 or 256 |
| kenjiArai | 4:e9dfb4ca4277 | 97 | * |
| kenjiArai | 4:e9dfb4ca4277 | 98 | * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH |
| kenjiArai | 4:e9dfb4ca4277 | 99 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 100 | int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, |
| kenjiArai | 4:e9dfb4ca4277 | 101 | unsigned int keybits ); |
| kenjiArai | 4:e9dfb4ca4277 | 102 | |
| kenjiArai | 4:e9dfb4ca4277 | 103 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 104 | * \brief CAMELLIA-ECB block encryption/decryption |
| kenjiArai | 4:e9dfb4ca4277 | 105 | * |
| kenjiArai | 4:e9dfb4ca4277 | 106 | * \param ctx CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 107 | * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT |
| kenjiArai | 4:e9dfb4ca4277 | 108 | * \param input 16-byte input block |
| kenjiArai | 4:e9dfb4ca4277 | 109 | * \param output 16-byte output block |
| kenjiArai | 4:e9dfb4ca4277 | 110 | * |
| kenjiArai | 4:e9dfb4ca4277 | 111 | * \return 0 if successful |
| kenjiArai | 4:e9dfb4ca4277 | 112 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 113 | int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, |
| kenjiArai | 4:e9dfb4ca4277 | 114 | int mode, |
| kenjiArai | 4:e9dfb4ca4277 | 115 | const unsigned char input[16], |
| kenjiArai | 4:e9dfb4ca4277 | 116 | unsigned char output[16] ); |
| kenjiArai | 4:e9dfb4ca4277 | 117 | |
| kenjiArai | 4:e9dfb4ca4277 | 118 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
| kenjiArai | 4:e9dfb4ca4277 | 119 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 120 | * \brief CAMELLIA-CBC buffer encryption/decryption |
| kenjiArai | 4:e9dfb4ca4277 | 121 | * Length should be a multiple of the block |
| kenjiArai | 4:e9dfb4ca4277 | 122 | * size (16 bytes) |
| kenjiArai | 4:e9dfb4ca4277 | 123 | * |
| kenjiArai | 4:e9dfb4ca4277 | 124 | * \note Upon exit, the content of the IV is updated so that you can |
| kenjiArai | 4:e9dfb4ca4277 | 125 | * call the function same function again on the following |
| kenjiArai | 4:e9dfb4ca4277 | 126 | * block(s) of data and get the same result as if it was |
| kenjiArai | 4:e9dfb4ca4277 | 127 | * encrypted in one call. This allows a "streaming" usage. |
| kenjiArai | 4:e9dfb4ca4277 | 128 | * If on the other hand you need to retain the contents of the |
| kenjiArai | 4:e9dfb4ca4277 | 129 | * IV, you should either save it manually or use the cipher |
| kenjiArai | 4:e9dfb4ca4277 | 130 | * module instead. |
| kenjiArai | 4:e9dfb4ca4277 | 131 | * |
| kenjiArai | 4:e9dfb4ca4277 | 132 | * \param ctx CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 133 | * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT |
| kenjiArai | 4:e9dfb4ca4277 | 134 | * \param length length of the input data |
| kenjiArai | 4:e9dfb4ca4277 | 135 | * \param iv initialization vector (updated after use) |
| kenjiArai | 4:e9dfb4ca4277 | 136 | * \param input buffer holding the input data |
| kenjiArai | 4:e9dfb4ca4277 | 137 | * \param output buffer holding the output data |
| kenjiArai | 4:e9dfb4ca4277 | 138 | * |
| kenjiArai | 4:e9dfb4ca4277 | 139 | * \return 0 if successful, or |
| kenjiArai | 4:e9dfb4ca4277 | 140 | * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH |
| kenjiArai | 4:e9dfb4ca4277 | 141 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 142 | int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, |
| kenjiArai | 4:e9dfb4ca4277 | 143 | int mode, |
| kenjiArai | 4:e9dfb4ca4277 | 144 | size_t length, |
| kenjiArai | 4:e9dfb4ca4277 | 145 | unsigned char iv[16], |
| kenjiArai | 4:e9dfb4ca4277 | 146 | const unsigned char *input, |
| kenjiArai | 4:e9dfb4ca4277 | 147 | unsigned char *output ); |
| kenjiArai | 4:e9dfb4ca4277 | 148 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
| kenjiArai | 4:e9dfb4ca4277 | 149 | |
| kenjiArai | 4:e9dfb4ca4277 | 150 | #if defined(MBEDTLS_CIPHER_MODE_CFB) |
| kenjiArai | 4:e9dfb4ca4277 | 151 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 152 | * \brief CAMELLIA-CFB128 buffer encryption/decryption |
| kenjiArai | 4:e9dfb4ca4277 | 153 | * |
| kenjiArai | 4:e9dfb4ca4277 | 154 | * Note: Due to the nature of CFB you should use the same key schedule for |
| kenjiArai | 4:e9dfb4ca4277 | 155 | * both encryption and decryption. So a context initialized with |
| kenjiArai | 4:e9dfb4ca4277 | 156 | * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. |
| kenjiArai | 4:e9dfb4ca4277 | 157 | * |
| kenjiArai | 4:e9dfb4ca4277 | 158 | * \note Upon exit, the content of the IV is updated so that you can |
| kenjiArai | 4:e9dfb4ca4277 | 159 | * call the function same function again on the following |
| kenjiArai | 4:e9dfb4ca4277 | 160 | * block(s) of data and get the same result as if it was |
| kenjiArai | 4:e9dfb4ca4277 | 161 | * encrypted in one call. This allows a "streaming" usage. |
| kenjiArai | 4:e9dfb4ca4277 | 162 | * If on the other hand you need to retain the contents of the |
| kenjiArai | 4:e9dfb4ca4277 | 163 | * IV, you should either save it manually or use the cipher |
| kenjiArai | 4:e9dfb4ca4277 | 164 | * module instead. |
| kenjiArai | 4:e9dfb4ca4277 | 165 | * |
| kenjiArai | 4:e9dfb4ca4277 | 166 | * \param ctx CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 167 | * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT |
| kenjiArai | 4:e9dfb4ca4277 | 168 | * \param length length of the input data |
| kenjiArai | 4:e9dfb4ca4277 | 169 | * \param iv_off offset in IV (updated after use) |
| kenjiArai | 4:e9dfb4ca4277 | 170 | * \param iv initialization vector (updated after use) |
| kenjiArai | 4:e9dfb4ca4277 | 171 | * \param input buffer holding the input data |
| kenjiArai | 4:e9dfb4ca4277 | 172 | * \param output buffer holding the output data |
| kenjiArai | 4:e9dfb4ca4277 | 173 | * |
| kenjiArai | 4:e9dfb4ca4277 | 174 | * \return 0 if successful, or |
| kenjiArai | 4:e9dfb4ca4277 | 175 | * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH |
| kenjiArai | 4:e9dfb4ca4277 | 176 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 177 | int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, |
| kenjiArai | 4:e9dfb4ca4277 | 178 | int mode, |
| kenjiArai | 4:e9dfb4ca4277 | 179 | size_t length, |
| kenjiArai | 4:e9dfb4ca4277 | 180 | size_t *iv_off, |
| kenjiArai | 4:e9dfb4ca4277 | 181 | unsigned char iv[16], |
| kenjiArai | 4:e9dfb4ca4277 | 182 | const unsigned char *input, |
| kenjiArai | 4:e9dfb4ca4277 | 183 | unsigned char *output ); |
| kenjiArai | 4:e9dfb4ca4277 | 184 | #endif /* MBEDTLS_CIPHER_MODE_CFB */ |
| kenjiArai | 4:e9dfb4ca4277 | 185 | |
| kenjiArai | 4:e9dfb4ca4277 | 186 | #if defined(MBEDTLS_CIPHER_MODE_CTR) |
| kenjiArai | 4:e9dfb4ca4277 | 187 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 188 | * \brief CAMELLIA-CTR buffer encryption/decryption |
| kenjiArai | 4:e9dfb4ca4277 | 189 | * |
| kenjiArai | 4:e9dfb4ca4277 | 190 | * Note: Due to the nature of CTR you should use the same key schedule for |
| kenjiArai | 4:e9dfb4ca4277 | 191 | * both encryption and decryption. So a context initialized with |
| kenjiArai | 4:e9dfb4ca4277 | 192 | * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT. |
| kenjiArai | 4:e9dfb4ca4277 | 193 | * |
| kenjiArai | 4:e9dfb4ca4277 | 194 | * \warning You must never reuse a nonce value with the same key. Doing so |
| kenjiArai | 4:e9dfb4ca4277 | 195 | * would void the encryption for the two messages encrypted with |
| kenjiArai | 4:e9dfb4ca4277 | 196 | * the same nonce and key. |
| kenjiArai | 4:e9dfb4ca4277 | 197 | * |
| kenjiArai | 4:e9dfb4ca4277 | 198 | * There are two common strategies for managing nonces with CTR: |
| kenjiArai | 4:e9dfb4ca4277 | 199 | * |
| kenjiArai | 4:e9dfb4ca4277 | 200 | * 1. You can handle everything as a single message processed over |
| kenjiArai | 4:e9dfb4ca4277 | 201 | * successive calls to this function. In that case, you want to |
| kenjiArai | 4:e9dfb4ca4277 | 202 | * set \p nonce_counter and \p nc_off to 0 for the first call, and |
| kenjiArai | 4:e9dfb4ca4277 | 203 | * then preserve the values of \p nonce_counter, \p nc_off and \p |
| kenjiArai | 4:e9dfb4ca4277 | 204 | * stream_block across calls to this function as they will be |
| kenjiArai | 4:e9dfb4ca4277 | 205 | * updated by this function. |
| kenjiArai | 4:e9dfb4ca4277 | 206 | * |
| kenjiArai | 4:e9dfb4ca4277 | 207 | * With this strategy, you must not encrypt more than 2**128 |
| kenjiArai | 4:e9dfb4ca4277 | 208 | * blocks of data with the same key. |
| kenjiArai | 4:e9dfb4ca4277 | 209 | * |
| kenjiArai | 4:e9dfb4ca4277 | 210 | * 2. You can encrypt separate messages by dividing the \p |
| kenjiArai | 4:e9dfb4ca4277 | 211 | * nonce_counter buffer in two areas: the first one used for a |
| kenjiArai | 4:e9dfb4ca4277 | 212 | * per-message nonce, handled by yourself, and the second one |
| kenjiArai | 4:e9dfb4ca4277 | 213 | * updated by this function internally. |
| kenjiArai | 4:e9dfb4ca4277 | 214 | * |
| kenjiArai | 4:e9dfb4ca4277 | 215 | * For example, you might reserve the first 12 bytes for the |
| kenjiArai | 4:e9dfb4ca4277 | 216 | * per-message nonce, and the last 4 bytes for internal use. In that |
| kenjiArai | 4:e9dfb4ca4277 | 217 | * case, before calling this function on a new message you need to |
| kenjiArai | 4:e9dfb4ca4277 | 218 | * set the first 12 bytes of \p nonce_counter to your chosen nonce |
| kenjiArai | 4:e9dfb4ca4277 | 219 | * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p |
| kenjiArai | 4:e9dfb4ca4277 | 220 | * stream_block to be ignored). That way, you can encrypt at most |
| kenjiArai | 4:e9dfb4ca4277 | 221 | * 2**96 messages of up to 2**32 blocks each with the same key. |
| kenjiArai | 4:e9dfb4ca4277 | 222 | * |
| kenjiArai | 4:e9dfb4ca4277 | 223 | * The per-message nonce (or information sufficient to reconstruct |
| kenjiArai | 4:e9dfb4ca4277 | 224 | * it) needs to be communicated with the ciphertext and must be unique. |
| kenjiArai | 4:e9dfb4ca4277 | 225 | * The recommended way to ensure uniqueness is to use a message |
| kenjiArai | 4:e9dfb4ca4277 | 226 | * counter. An alternative is to generate random nonces, but this |
| kenjiArai | 4:e9dfb4ca4277 | 227 | * limits the number of messages that can be securely encrypted: |
| kenjiArai | 4:e9dfb4ca4277 | 228 | * for example, with 96-bit random nonces, you should not encrypt |
| kenjiArai | 4:e9dfb4ca4277 | 229 | * more than 2**32 messages with the same key. |
| kenjiArai | 4:e9dfb4ca4277 | 230 | * |
| kenjiArai | 4:e9dfb4ca4277 | 231 | * Note that for both stategies, sizes are measured in blocks and |
| kenjiArai | 4:e9dfb4ca4277 | 232 | * that a CAMELLIA block is 16 bytes. |
| kenjiArai | 4:e9dfb4ca4277 | 233 | * |
| kenjiArai | 4:e9dfb4ca4277 | 234 | * \warning Upon return, \p stream_block contains sensitive data. Its |
| kenjiArai | 4:e9dfb4ca4277 | 235 | * content must not be written to insecure storage and should be |
| kenjiArai | 4:e9dfb4ca4277 | 236 | * securely discarded as soon as it's no longer needed. |
| kenjiArai | 4:e9dfb4ca4277 | 237 | * |
| kenjiArai | 4:e9dfb4ca4277 | 238 | * \param ctx CAMELLIA context |
| kenjiArai | 4:e9dfb4ca4277 | 239 | * \param length The length of the data |
| kenjiArai | 4:e9dfb4ca4277 | 240 | * \param nc_off The offset in the current stream_block (for resuming |
| kenjiArai | 4:e9dfb4ca4277 | 241 | * within current cipher stream). The offset pointer to |
| kenjiArai | 4:e9dfb4ca4277 | 242 | * should be 0 at the start of a stream. |
| kenjiArai | 4:e9dfb4ca4277 | 243 | * \param nonce_counter The 128-bit nonce and counter. |
| kenjiArai | 4:e9dfb4ca4277 | 244 | * \param stream_block The saved stream-block for resuming. Is overwritten |
| kenjiArai | 4:e9dfb4ca4277 | 245 | * by the function. |
| kenjiArai | 4:e9dfb4ca4277 | 246 | * \param input The input data stream |
| kenjiArai | 4:e9dfb4ca4277 | 247 | * \param output The output data stream |
| kenjiArai | 4:e9dfb4ca4277 | 248 | * |
| kenjiArai | 4:e9dfb4ca4277 | 249 | * \return 0 if successful |
| kenjiArai | 4:e9dfb4ca4277 | 250 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 251 | int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, |
| kenjiArai | 4:e9dfb4ca4277 | 252 | size_t length, |
| kenjiArai | 4:e9dfb4ca4277 | 253 | size_t *nc_off, |
| kenjiArai | 4:e9dfb4ca4277 | 254 | unsigned char nonce_counter[16], |
| kenjiArai | 4:e9dfb4ca4277 | 255 | unsigned char stream_block[16], |
| kenjiArai | 4:e9dfb4ca4277 | 256 | const unsigned char *input, |
| kenjiArai | 4:e9dfb4ca4277 | 257 | unsigned char *output ); |
| kenjiArai | 4:e9dfb4ca4277 | 258 | #endif /* MBEDTLS_CIPHER_MODE_CTR */ |
| kenjiArai | 4:e9dfb4ca4277 | 259 | |
| kenjiArai | 4:e9dfb4ca4277 | 260 | /** |
| kenjiArai | 4:e9dfb4ca4277 | 261 | * \brief Checkup routine |
| kenjiArai | 4:e9dfb4ca4277 | 262 | * |
| kenjiArai | 4:e9dfb4ca4277 | 263 | * \return 0 if successful, or 1 if the test failed |
| kenjiArai | 4:e9dfb4ca4277 | 264 | */ |
| kenjiArai | 4:e9dfb4ca4277 | 265 | int mbedtls_camellia_self_test( int verbose ); |
| kenjiArai | 4:e9dfb4ca4277 | 266 | |
| kenjiArai | 4:e9dfb4ca4277 | 267 | #ifdef __cplusplus |
| kenjiArai | 4:e9dfb4ca4277 | 268 | } |
| kenjiArai | 4:e9dfb4ca4277 | 269 | #endif |
| kenjiArai | 4:e9dfb4ca4277 | 270 | |
| kenjiArai | 4:e9dfb4ca4277 | 271 | #endif /* camellia.h */ |