[thirdparty/openssl.git] / crypto / evp / e_camellia.c

/* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_CAMELLIA
NON_EMPTY_TRANSLATION_UNIT
#else

# include <openssl/evp.h>
# include <openssl/err.h>
# include <string.h>
# include <assert.h>
# include <openssl/camellia.h>
# include "internal/evp_int.h"
# include "modes_lcl.h"

static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc);

/* Camellia subkey Structure */
typedef struct {
    CAMELLIA_KEY ks;
    block128_f block;
    union {
        cbc128_f cbc;
        ctr128_f ctr;
    } stream;
} EVP_CAMELLIA_KEY;

# define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))

/* Attribute operation for Camellia */
# define data(ctx)       EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)

# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
/* ---------^^^ this is not a typo, just a way to detect that
 * assembler support was in general requested... */
#  include "sparc_arch.h"

extern unsigned int OPENSSL_sparcv9cap_P[];

#  define SPARC_CMLL_CAPABLE      (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)

void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
                     const CAMELLIA_KEY *key);
void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
                     const CAMELLIA_KEY *key);

void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                              size_t blocks, const CAMELLIA_KEY *key,
                              unsigned char *ivec);
void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                              size_t blocks, const CAMELLIA_KEY *key,
                              unsigned char *ivec);

static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv, int enc)
{
    int ret, mode, bits;
    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) EVP_CIPHER_CTX_cipher_data(ctx);

    mode = EVP_CIPHER_CTX_mode(ctx);
    bits = EVP_CIPHER_CTX_key_length(ctx) * 8;

    cmll_t4_set_key(key, bits, &dat->ks);

    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
        && !enc) {
        ret = 0;
        dat->block = (block128_f) cmll_t4_decrypt;
        switch (bits) {
        case 128:
            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
                (cbc128_f) cmll128_t4_cbc_decrypt : NULL;
            break;
        case 192:
        case 256:
            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
                (cbc128_f) cmll256_t4_cbc_decrypt : NULL;
            break;
        default:
            ret = -1;
        }
    } else {
        ret = 0;
        dat->block = (block128_f) cmll_t4_encrypt;
        switch (bits) {
        case 128:
            if (mode == EVP_CIPH_CBC_MODE)
                dat->stream.cbc = (cbc128_f) cmll128_t4_cbc_encrypt;
            else if (mode == EVP_CIPH_CTR_MODE)
                dat->stream.ctr = (ctr128_f) cmll128_t4_ctr32_encrypt;
            else
                dat->stream.cbc = NULL;
            break;
        case 192:
        case 256:
            if (mode == EVP_CIPH_CBC_MODE)
                dat->stream.cbc = (cbc128_f) cmll256_t4_cbc_encrypt;
            else if (mode == EVP_CIPH_CTR_MODE)
                dat->stream.ctr = (ctr128_f) cmll256_t4_ctr32_encrypt;
            else
                dat->stream.cbc = NULL;
            break;
        default:
            ret = -1;
        }
    }

    if (ret < 0) {
        EVPerr(EVP_F_CMLL_T4_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
        return 0;
    }

    return 1;
}

#  define cmll_t4_cbc_cipher camellia_cbc_cipher
static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t len);

#  define cmll_t4_ecb_cipher camellia_ecb_cipher
static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t len);

#  define cmll_t4_ofb_cipher camellia_ofb_cipher
static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t len);

#  define cmll_t4_cfb_cipher camellia_cfb_cipher
static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t len);

#  define cmll_t4_cfb8_cipher camellia_cfb8_cipher
static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len);

#  define cmll_t4_cfb1_cipher camellia_cfb1_cipher
static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len);

#  define cmll_t4_ctr_cipher camellia_ctr_cipher
static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t len);

#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
        flags|EVP_CIPH_##MODE##_MODE,   \
        cmll_t4_init_key,               \
        cmll_t4_##mode##_cipher,        \
        NULL,                           \
        sizeof(EVP_CAMELLIA_KEY),       \
        NULL,NULL,NULL,NULL }; \
static const EVP_CIPHER camellia_##keylen##_##mode = { \
        nid##_##keylen##_##nmode,blocksize,     \
        keylen/8,ivlen, \
        flags|EVP_CIPH_##MODE##_MODE,   \
        camellia_init_key,              \
        camellia_##mode##_cipher,       \
        NULL,                           \
        sizeof(EVP_CAMELLIA_KEY),       \
        NULL,NULL,NULL,NULL }; \
const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
{ return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }

# else

#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
static const EVP_CIPHER camellia_##keylen##_##mode = { \
        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
        flags|EVP_CIPH_##MODE##_MODE,   \
        camellia_init_key,              \
        camellia_##mode##_cipher,       \
        NULL,                           \
        sizeof(EVP_CAMELLIA_KEY),       \
        NULL,NULL,NULL,NULL }; \
const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
{ return &camellia_##keylen##_##mode; }

# endif

# define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
        BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
        BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
        BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)       \
        BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)

/* The subkey for Camellia is generated. */
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc)
{
    int ret, mode;
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    ret = Camellia_set_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, &dat->ks);
    if (ret < 0) {
        EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
        return 0;
    }

    mode = EVP_CIPHER_CTX_mode(ctx);
    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
        && !enc) {
        dat->block = (block128_f) Camellia_decrypt;
        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
            (cbc128_f) Camellia_cbc_encrypt : NULL;
    } else {
        dat->block = (block128_f) Camellia_encrypt;
        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
            (cbc128_f) Camellia_cbc_encrypt : NULL;
    }

    return 1;
}

static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len)
{
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    if (dat->stream.cbc)
        (*dat->stream.cbc) (in, out, len, &dat->ks,
                            EVP_CIPHER_CTX_iv_noconst(ctx),
                            EVP_CIPHER_CTX_encrypting(ctx));
    else if (EVP_CIPHER_CTX_encrypting(ctx))
        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks,
                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
    else
        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks,
                              EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);

    return 1;
}

static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len)
{
    size_t bl = EVP_CIPHER_CTX_block_size(ctx);
    size_t i;
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    if (len < bl)
        return 1;

    for (i = 0, len -= bl; i <= len; i += bl)
        (*dat->block) (in + i, out + i, &dat->ks);

    return 1;
}

static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len)
{
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    int num = EVP_CIPHER_CTX_num(ctx);
    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
                          EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block);
    EVP_CIPHER_CTX_set_num(ctx, num);
    return 1;
}

static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len)
{
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    int num = EVP_CIPHER_CTX_num(ctx);
    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
                          EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
    EVP_CIPHER_CTX_set_num(ctx, num);
    return 1;
}

static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                                const unsigned char *in, size_t len)
{
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    int num = EVP_CIPHER_CTX_num(ctx);
    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
                            EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
    EVP_CIPHER_CTX_set_num(ctx, num);
    return 1;
}

static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                                const unsigned char *in, size_t len)
{
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) {
        int num = EVP_CIPHER_CTX_num(ctx);
        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
        EVP_CIPHER_CTX_set_num(ctx, num);
        return 1;
    }

    while (len >= MAXBITCHUNK) {
        int num = EVP_CIPHER_CTX_num(ctx);
        CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
        len -= MAXBITCHUNK;
        EVP_CIPHER_CTX_set_num(ctx, num);
    }
    if (len) {
        int num = EVP_CIPHER_CTX_num(ctx);
        CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
                                EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
        EVP_CIPHER_CTX_set_num(ctx, num);
    }

    return 1;
}

static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, size_t len)
{
    unsigned int num = EVP_CIPHER_CTX_num(ctx);
    EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);

    if (dat->stream.ctr)
        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
                                    EVP_CIPHER_CTX_iv_noconst(ctx),
                                    EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                                    dat->stream.ctr);
    else
        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
                              EVP_CIPHER_CTX_iv_noconst(ctx),
                              EVP_CIPHER_CTX_buf_noconst(ctx), &num,
                              dat->block);
    EVP_CIPHER_CTX_set_num(ctx, num);
    return 1;
}

BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
    BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
    BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
#endif
Commit	Line	Data
dd030860 BM	1	/* ====================================================================
	2	* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	*
	8	* 1. Redistributions of source code must retain the above copyright
0f113f3e	9	* notice, this list of conditions and the following disclaimer.
dd030860 BM	10	*
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in
	13	* the documentation and/or other materials provided with the
	14	* distribution.
	15	*
	16	* 3. All advertising materials mentioning features or use of this
	17	* software must display the following acknowledgment:
	18	* "This product includes software developed by the OpenSSL Project
	19	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	20	*
	21	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	22	* endorse or promote products derived from this software without
	23	* prior written permission. For written permission, please contact
	24	* openssl-core@openssl.org.
	25	*
	26	* 5. Products derived from this software may not be called "OpenSSL"
	27	* nor may "OpenSSL" appear in their names without prior written
	28	* permission of the OpenSSL Project.
	29	*
	30	* 6. Redistributions of any form whatsoever must retain the following
	31	* acknowledgment:
	32	* "This product includes software developed by the OpenSSL Project
	33	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	34	*
	35	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	36	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	37	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	38	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	39	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	40	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	41	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	42	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	43	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	44	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	45	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	46	* OF THE POSSIBILITY OF SUCH DAMAGE.
	47	* ====================================================================
	48	*
	49	* This product includes cryptographic software written by Eric Young
	50	* (eay@cryptsoft.com). This product includes software written by Tim
	51	* Hudson (tjh@cryptsoft.com).
	52	*
	53	*/
	54
	55	#include <openssl/opensslconf.h>
effaf4de RS	56	#ifdef OPENSSL_NO_CAMELLIA
	57	NON_EMPTY_TRANSLATION_UNIT
	58	#else
	59
0f113f3e MC	60	# include <openssl/evp.h>
	61	# include <openssl/err.h>
	62	# include <string.h>
	63	# include <assert.h>
	64	# include <openssl/camellia.h>
6435f0f6	65	# include "internal/evp_int.h"
0f113f3e	66	# include "modes_lcl.h"
dd030860 BM	67
dd030860 BM	68	static int camellia_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
0f113f3e	69	const unsigned char *iv, int enc);
dd030860 BM	70
dd030860 BM	71	/* Camellia subkey Structure */
0f113f3e MC	72	typedef struct {
	73	CAMELLIA_KEY ks;
	74	block128_f block;
	75	union {
	76	cbc128_f cbc;
	77	ctr128_f ctr;
	78	} stream;
	79	} EVP_CAMELLIA_KEY;
	80
	81	# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
4739ccdb	82
dd030860	83	/* Attribute operation for Camellia */
0f113f3e	84	# define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
dd030860	85
0f113f3e	86	# if defined(AES_ASM) && (defined(__sparc) \|\| defined(__sparc__))
4739ccdb AP	87	/* ---------^^^ this is not a typo, just a way to detect that
4739ccdb AP	88	* assembler support was in general requested... */
0f113f3e	89	# include "sparc_arch.h"
4739ccdb AP	90
	91	extern unsigned int OPENSSL_sparcv9cap_P[];
	92
0f113f3e MC	93	# define SPARC_CMLL_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
	94
	95	void cmll_t4_set_key(const unsigned char key, int bits, CAMELLIA_KEY ks);
	96	void cmll_t4_encrypt(const unsigned char in, unsigned char out,
	97	const CAMELLIA_KEY *key);
	98	void cmll_t4_decrypt(const unsigned char in, unsigned char out,
	99	const CAMELLIA_KEY *key);
	100
	101	void cmll128_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	102	size_t len, const CAMELLIA_KEY *key,
	103	unsigned char *ivec);
	104	void cmll128_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	105	size_t len, const CAMELLIA_KEY *key,
	106	unsigned char *ivec);
	107	void cmll256_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	108	size_t len, const CAMELLIA_KEY *key,
	109	unsigned char *ivec);
	110	void cmll256_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	111	size_t len, const CAMELLIA_KEY *key,
	112	unsigned char *ivec);
	113	void cmll128_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	114	size_t blocks, const CAMELLIA_KEY *key,
	115	unsigned char *ivec);
	116	void cmll256_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	117	size_t blocks, const CAMELLIA_KEY *key,
	118	unsigned char *ivec);
4739ccdb AP	119
4739ccdb AP	120	static int cmll_t4_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
0f113f3e MC	121	const unsigned char *iv, int enc)
	122	{
	123	int ret, mode, bits;
0b3a231e	124	EVP_CAMELLIA_KEY dat = (EVP_CAMELLIA_KEY ) EVP_CIPHER_CTX_cipher_data(ctx);
0f113f3e	125
0b3a231e RS	126	mode = EVP_CIPHER_CTX_mode(ctx);
0b3a231e RS	127	bits = EVP_CIPHER_CTX_key_length(ctx) * 8;
0f113f3e MC	128
	129	cmll_t4_set_key(key, bits, &dat->ks);
	130
	131	if ((mode == EVP_CIPH_ECB_MODE \|\| mode == EVP_CIPH_CBC_MODE)
	132	&& !enc) {
	133	ret = 0;
	134	dat->block = (block128_f) cmll_t4_decrypt;
	135	switch (bits) {
	136	case 128:
	137	dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
	138	(cbc128_f) cmll128_t4_cbc_decrypt : NULL;
	139	break;
	140	case 192:
	141	case 256:
	142	dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
	143	(cbc128_f) cmll256_t4_cbc_decrypt : NULL;
	144	break;
	145	default:
	146	ret = -1;
	147	}
	148	} else {
	149	ret = 0;
	150	dat->block = (block128_f) cmll_t4_encrypt;
	151	switch (bits) {
	152	case 128:
	153	if (mode == EVP_CIPH_CBC_MODE)
	154	dat->stream.cbc = (cbc128_f) cmll128_t4_cbc_encrypt;
	155	else if (mode == EVP_CIPH_CTR_MODE)
	156	dat->stream.ctr = (ctr128_f) cmll128_t4_ctr32_encrypt;
	157	else
	158	dat->stream.cbc = NULL;
	159	break;
	160	case 192:
	161	case 256:
	162	if (mode == EVP_CIPH_CBC_MODE)
	163	dat->stream.cbc = (cbc128_f) cmll256_t4_cbc_encrypt;
	164	else if (mode == EVP_CIPH_CTR_MODE)
	165	dat->stream.ctr = (ctr128_f) cmll256_t4_ctr32_encrypt;
	166	else
	167	dat->stream.cbc = NULL;
	168	break;
	169	default:
	170	ret = -1;
	171	}
	172	}
	173
	174	if (ret < 0) {
	175	EVPerr(EVP_F_CMLL_T4_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
	176	return 0;
	177	}
	178
	179	return 1;
	180	}
	181
	182	# define cmll_t4_cbc_cipher camellia_cbc_cipher
	183	static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	184	const unsigned char *in, size_t len);
	185
	186	# define cmll_t4_ecb_cipher camellia_ecb_cipher
	187	static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	188	const unsigned char *in, size_t len);
	189
	190	# define cmll_t4_ofb_cipher camellia_ofb_cipher
	191	static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
192	const unsigned char *in, size_t len);
193
194	# define cmll_t4_cfb_cipher camellia_cfb_cipher
195	static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
196	const unsigned char *in, size_t len);
197
198	# define cmll_t4_cfb8_cipher camellia_cfb8_cipher
199	static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
200	const unsigned char *in, size_t len);
201
202	# define cmll_t4_cfb1_cipher camellia_cfb1_cipher
203	static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
204	const unsigned char *in, size_t len);
205
206	# define cmll_t4_ctr_cipher camellia_ctr_cipher
4739ccdb	207	static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e	208	const unsigned char *in, size_t len);
4739ccdb	209
0f113f3e	210	# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
4739ccdb	211	static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
0f113f3e MC	212	nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
	213	flags\|EVP_CIPH_##MODE##_MODE, \
	214	cmll_t4_init_key, \
	215	cmll_t4_##mode##_cipher, \
	216	NULL, \
	217	sizeof(EVP_CAMELLIA_KEY), \
	218	NULL,NULL,NULL,NULL }; \
4739ccdb	219	static const EVP_CIPHER camellia_##keylen##_##mode = { \
0f113f3e MC	220	nid##_##keylen##_##nmode,blocksize, \
	221	keylen/8,ivlen, \
	222	flags\|EVP_CIPH_##MODE##_MODE, \
	223	camellia_init_key, \
	224	camellia_##mode##_cipher, \
	225	NULL, \
	226	sizeof(EVP_CAMELLIA_KEY), \
	227	NULL,NULL,NULL,NULL }; \
4739ccdb AP	228	const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
	229	{ return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }
	230
0f113f3e	231	# else
4739ccdb	232
0f113f3e	233	# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
4739ccdb	234	static const EVP_CIPHER camellia_##keylen##_##mode = { \
0f113f3e MC	235	nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
	236	flags\|EVP_CIPH_##MODE##_MODE, \
	237	camellia_init_key, \
	238	camellia_##mode##_cipher, \
	239	NULL, \
	240	sizeof(EVP_CAMELLIA_KEY), \
	241	NULL,NULL,NULL,NULL }; \
4739ccdb AP	242	const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
	243	{ return &camellia_##keylen##_##mode; }
	244
0f113f3e	245	# endif
dd030860	246
0f113f3e MC	247	# define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
	248	BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags\|EVP_CIPH_FLAG_DEFAULT_ASN1) \
	249	BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags\|EVP_CIPH_FLAG_DEFAULT_ASN1) \
	250	BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags\|EVP_CIPH_FLAG_DEFAULT_ASN1) \
	251	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags\|EVP_CIPH_FLAG_DEFAULT_ASN1) \
	252	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
dda81999 AP	253	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
	254	BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
	255
0f113f3e	256	/* The subkey for Camellia is generated. */
dd030860	257	static int camellia_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
0f113f3e	258	const unsigned char *iv, int enc)
4739ccdb	259	{
0f113f3e	260	int ret, mode;
6435f0f6	261	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
0f113f3e	262
6435f0f6	263	ret = Camellia_set_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, &dat->ks);
0f113f3e MC	264	if (ret < 0) {
	265	EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
	266	return 0;
	267	}
	268
6435f0f6	269	mode = EVP_CIPHER_CTX_mode(ctx);
0f113f3e MC	270	if ((mode == EVP_CIPH_ECB_MODE \|\| mode == EVP_CIPH_CBC_MODE)
	271	&& !enc) {
	272	dat->block = (block128_f) Camellia_decrypt;
	273	dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
	274	(cbc128_f) Camellia_cbc_encrypt : NULL;
	275	} else {
	276	dat->block = (block128_f) Camellia_encrypt;
	277	dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
	278	(cbc128_f) Camellia_cbc_encrypt : NULL;
	279	}
	280
	281	return 1;
	282	}
4739ccdb	283
0f113f3e MC	284	static int camellia_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
	285	const unsigned char *in, size_t len)
	286	{
6435f0f6	287	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
0f113f3e MC	288
0f113f3e MC	289	if (dat->stream.cbc)
6435f0f6 RL	290	(*dat->stream.cbc) (in, out, len, &dat->ks,
	291	EVP_CIPHER_CTX_iv_noconst(ctx),
	292	EVP_CIPHER_CTX_encrypting(ctx));
	293	else if (EVP_CIPHER_CTX_encrypting(ctx))
	294	CRYPTO_cbc128_encrypt(in, out, len, &dat->ks,
	295	EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
0f113f3e	296	else
6435f0f6 RL	297	CRYPTO_cbc128_decrypt(in, out, len, &dat->ks,
6435f0f6 RL	298	EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
4739ccdb	299
0f113f3e	300	return 1;
4739ccdb AP	301	}
4739ccdb AP	302
0f113f3e MC	303	static int camellia_ecb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	304	const unsigned char *in, size_t len)
4739ccdb	305	{
6435f0f6	306	size_t bl = EVP_CIPHER_CTX_block_size(ctx);
0f113f3e	307	size_t i;
6435f0f6	308	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
4739ccdb	309
0f113f3e MC	310	if (len < bl)
0f113f3e MC	311	return 1;
4739ccdb	312
0f113f3e MC	313	for (i = 0, len -= bl; i <= len; i += bl)
0f113f3e MC	314	(*dat->block) (in + i, out + i, &dat->ks);
4739ccdb	315
0f113f3e	316	return 1;
4739ccdb AP	317	}
4739ccdb AP	318
0f113f3e MC	319	static int camellia_ofb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	320	const unsigned char *in, size_t len)
4739ccdb	321	{
6435f0f6	322	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
4739ccdb	323
6435f0f6	324	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	325	CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
6435f0f6 RL	326	EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block);
6435f0f6 RL	327	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e	328	return 1;
4739ccdb AP	329	}
4739ccdb AP	330
0f113f3e MC	331	static int camellia_cfb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	332	const unsigned char *in, size_t len)
4739ccdb	333	{
6435f0f6	334	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
4739ccdb	335
6435f0f6	336	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	337	CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
6435f0f6 RL	338	EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
6435f0f6 RL	339	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e	340	return 1;
4739ccdb AP	341	}
4739ccdb AP	342
0f113f3e MC	343	static int camellia_cfb8_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	344	const unsigned char *in, size_t len)
4739ccdb	345	{
6435f0f6	346	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
4739ccdb	347
6435f0f6	348	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	349	CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
6435f0f6 RL	350	EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
6435f0f6 RL	351	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e	352	return 1;
4739ccdb AP	353	}
4739ccdb AP	354
0f113f3e MC	355	static int camellia_cfb1_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	356	const unsigned char *in, size_t len)
4739ccdb	357	{
6435f0f6	358	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
0f113f3e	359
6435f0f6 RL	360	if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) {
6435f0f6 RL	361	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	362	CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
6435f0f6 RL	363	EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
6435f0f6 RL	364	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e MC	365	return 1;
	366	}
	367
	368	while (len >= MAXBITCHUNK) {
6435f0f6	369	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	370	CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
6435f0f6	371	EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
0f113f3e	372	len -= MAXBITCHUNK;
6435f0f6	373	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e	374	}
6435f0f6 RL	375	if (len) {
6435f0f6 RL	376	int num = EVP_CIPHER_CTX_num(ctx);
0f113f3e	377	CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
6435f0f6 RL	378	EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
	379	EVP_CIPHER_CTX_set_num(ctx, num);
	380	}
0f113f3e MC	381
0f113f3e MC	382	return 1;
4739ccdb AP	383	}
4739ccdb AP	384
0f113f3e MC	385	static int camellia_ctr_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	386	const unsigned char *in, size_t len)
4739ccdb	387	{
6435f0f6 RL	388	unsigned int num = EVP_CIPHER_CTX_num(ctx);
6435f0f6 RL	389	EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
0f113f3e MC	390
	391	if (dat->stream.ctr)
	392	CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
6435f0f6 RL	393	EVP_CIPHER_CTX_iv_noconst(ctx),
	394	EVP_CIPHER_CTX_buf_noconst(ctx), &num,
	395	dat->stream.ctr);
0f113f3e MC	396	else
0f113f3e MC	397	CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
6435f0f6 RL	398	EVP_CIPHER_CTX_iv_noconst(ctx),
	399	EVP_CIPHER_CTX_buf_noconst(ctx), &num,
	400	dat->block);
	401	EVP_CIPHER_CTX_set_num(ctx, num);
0f113f3e	402	return 1;
4739ccdb	403	}
4739ccdb	404
0f113f3e MC	405	BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
	406	BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
	407	BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
dd030860	408	#endif