1 /* ====================================================================
2 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
55 #include <openssl/opensslconf.h>
56 #ifdef OPENSSL_NO_CAMELLIA
57 NON_EMPTY_TRANSLATION_UNIT
60 # include <openssl/evp.h>
61 # include <openssl/err.h>
64 # include <openssl/camellia.h>
65 # include "internal/evp_int.h"
66 # include "modes_lcl.h"
68 static int camellia_init_key(EVP_CIPHER_CTX
*ctx
, const unsigned char *key
,
69 const unsigned char *iv
, int enc
);
71 /* Camellia subkey Structure */
81 # define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
83 /* Attribute operation for Camellia */
84 # define data(ctx) EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
86 # if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
87 /* ---------^^^ this is not a typo, just a way to detect that
88 * assembler support was in general requested... */
89 # include "sparc_arch.h"
91 extern unsigned int OPENSSL_sparcv9cap_P
[];
93 # define SPARC_CMLL_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
95 void cmll_t4_set_key(const unsigned char *key
, int bits
, CAMELLIA_KEY
*ks
);
96 void cmll_t4_encrypt(const unsigned char *in
, unsigned char *out
,
97 const CAMELLIA_KEY
*key
);
98 void cmll_t4_decrypt(const unsigned char *in
, unsigned char *out
,
99 const CAMELLIA_KEY
*key
);
101 void cmll128_t4_cbc_encrypt(const unsigned char *in
, unsigned char *out
,
102 size_t len
, const CAMELLIA_KEY
*key
,
103 unsigned char *ivec
);
104 void cmll128_t4_cbc_decrypt(const unsigned char *in
, unsigned char *out
,
105 size_t len
, const CAMELLIA_KEY
*key
,
106 unsigned char *ivec
);
107 void cmll256_t4_cbc_encrypt(const unsigned char *in
, unsigned char *out
,
108 size_t len
, const CAMELLIA_KEY
*key
,
109 unsigned char *ivec
);
110 void cmll256_t4_cbc_decrypt(const unsigned char *in
, unsigned char *out
,
111 size_t len
, const CAMELLIA_KEY
*key
,
112 unsigned char *ivec
);
113 void cmll128_t4_ctr32_encrypt(const unsigned char *in
, unsigned char *out
,
114 size_t blocks
, const CAMELLIA_KEY
*key
,
115 unsigned char *ivec
);
116 void cmll256_t4_ctr32_encrypt(const unsigned char *in
, unsigned char *out
,
117 size_t blocks
, const CAMELLIA_KEY
*key
,
118 unsigned char *ivec
);
120 static int cmll_t4_init_key(EVP_CIPHER_CTX
*ctx
, const unsigned char *key
,
121 const unsigned char *iv
, int enc
)
124 EVP_CAMELLIA_KEY
*dat
= (EVP_CAMELLIA_KEY
*) EVP_CIPHER_CTX_cipher_data(ctx
);
126 mode
= EVP_CIPHER_CTX_mode(ctx
);
127 bits
= EVP_CIPHER_CTX_key_length(ctx
) * 8;
129 cmll_t4_set_key(key
, bits
, &dat
->ks
);
131 if ((mode
== EVP_CIPH_ECB_MODE
|| mode
== EVP_CIPH_CBC_MODE
)
134 dat
->block
= (block128_f
) cmll_t4_decrypt
;
137 dat
->stream
.cbc
= mode
== EVP_CIPH_CBC_MODE
?
138 (cbc128_f
) cmll128_t4_cbc_decrypt
: NULL
;
142 dat
->stream
.cbc
= mode
== EVP_CIPH_CBC_MODE
?
143 (cbc128_f
) cmll256_t4_cbc_decrypt
: NULL
;
150 dat
->block
= (block128_f
) cmll_t4_encrypt
;
153 if (mode
== EVP_CIPH_CBC_MODE
)
154 dat
->stream
.cbc
= (cbc128_f
) cmll128_t4_cbc_encrypt
;
155 else if (mode
== EVP_CIPH_CTR_MODE
)
156 dat
->stream
.ctr
= (ctr128_f
) cmll128_t4_ctr32_encrypt
;
158 dat
->stream
.cbc
= NULL
;
162 if (mode
== EVP_CIPH_CBC_MODE
)
163 dat
->stream
.cbc
= (cbc128_f
) cmll256_t4_cbc_encrypt
;
164 else if (mode
== EVP_CIPH_CTR_MODE
)
165 dat
->stream
.ctr
= (ctr128_f
) cmll256_t4_ctr32_encrypt
;
167 dat
->stream
.cbc
= NULL
;
175 EVPerr(EVP_F_CMLL_T4_INIT_KEY
, EVP_R_CAMELLIA_KEY_SETUP_FAILED
);
182 # define cmll_t4_cbc_cipher camellia_cbc_cipher
183 static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
184 const unsigned char *in
, size_t len
);
186 # define cmll_t4_ecb_cipher camellia_ecb_cipher
187 static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
188 const unsigned char *in
, size_t len
);
190 # define cmll_t4_ofb_cipher camellia_ofb_cipher
191 static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
192 const unsigned char *in
, size_t len
);
194 # define cmll_t4_cfb_cipher camellia_cfb_cipher
195 static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
196 const unsigned char *in
, size_t len
);
198 # define cmll_t4_cfb8_cipher camellia_cfb8_cipher
199 static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
200 const unsigned char *in
, size_t len
);
202 # define cmll_t4_cfb1_cipher camellia_cfb1_cipher
203 static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
204 const unsigned char *in
, size_t len
);
206 # define cmll_t4_ctr_cipher camellia_ctr_cipher
207 static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
208 const unsigned char *in
, size_t len
);
210 # define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
211 static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
212 nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
213 flags|EVP_CIPH_##MODE##_MODE, \
215 cmll_t4_##mode##_cipher, \
217 sizeof(EVP_CAMELLIA_KEY), \
218 NULL,NULL,NULL,NULL }; \
219 static const EVP_CIPHER camellia_##keylen##_##mode = { \
220 nid##_##keylen##_##nmode,blocksize, \
222 flags|EVP_CIPH_##MODE##_MODE, \
224 camellia_##mode##_cipher, \
226 sizeof(EVP_CAMELLIA_KEY), \
227 NULL,NULL,NULL,NULL }; \
228 const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
229 { return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }
233 # define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
234 static const EVP_CIPHER camellia_##keylen##_##mode = { \
235 nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
236 flags|EVP_CIPH_##MODE##_MODE, \
238 camellia_##mode##_cipher, \
240 sizeof(EVP_CAMELLIA_KEY), \
241 NULL,NULL,NULL,NULL }; \
242 const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
243 { return &camellia_##keylen##_##mode; }
247 # define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
248 BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
249 BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
250 BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
251 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
252 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
253 BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
254 BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
256 /* The subkey for Camellia is generated. */
257 static int camellia_init_key(EVP_CIPHER_CTX
*ctx
, const unsigned char *key
,
258 const unsigned char *iv
, int enc
)
261 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
263 ret
= Camellia_set_key(key
, EVP_CIPHER_CTX_key_length(ctx
) * 8, &dat
->ks
);
265 EVPerr(EVP_F_CAMELLIA_INIT_KEY
, EVP_R_CAMELLIA_KEY_SETUP_FAILED
);
269 mode
= EVP_CIPHER_CTX_mode(ctx
);
270 if ((mode
== EVP_CIPH_ECB_MODE
|| mode
== EVP_CIPH_CBC_MODE
)
272 dat
->block
= (block128_f
) Camellia_decrypt
;
273 dat
->stream
.cbc
= mode
== EVP_CIPH_CBC_MODE
?
274 (cbc128_f
) Camellia_cbc_encrypt
: NULL
;
276 dat
->block
= (block128_f
) Camellia_encrypt
;
277 dat
->stream
.cbc
= mode
== EVP_CIPH_CBC_MODE
?
278 (cbc128_f
) Camellia_cbc_encrypt
: NULL
;
284 static int camellia_cbc_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
285 const unsigned char *in
, size_t len
)
287 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
290 (*dat
->stream
.cbc
) (in
, out
, len
, &dat
->ks
,
291 EVP_CIPHER_CTX_iv_noconst(ctx
),
292 EVP_CIPHER_CTX_encrypting(ctx
));
293 else if (EVP_CIPHER_CTX_encrypting(ctx
))
294 CRYPTO_cbc128_encrypt(in
, out
, len
, &dat
->ks
,
295 EVP_CIPHER_CTX_iv_noconst(ctx
), dat
->block
);
297 CRYPTO_cbc128_decrypt(in
, out
, len
, &dat
->ks
,
298 EVP_CIPHER_CTX_iv_noconst(ctx
), dat
->block
);
303 static int camellia_ecb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
304 const unsigned char *in
, size_t len
)
306 size_t bl
= EVP_CIPHER_CTX_block_size(ctx
);
308 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
313 for (i
= 0, len
-= bl
; i
<= len
; i
+= bl
)
314 (*dat
->block
) (in
+ i
, out
+ i
, &dat
->ks
);
319 static int camellia_ofb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
320 const unsigned char *in
, size_t len
)
322 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
324 int num
= EVP_CIPHER_CTX_num(ctx
);
325 CRYPTO_ofb128_encrypt(in
, out
, len
, &dat
->ks
,
326 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, dat
->block
);
327 EVP_CIPHER_CTX_set_num(ctx
, num
);
331 static int camellia_cfb_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
332 const unsigned char *in
, size_t len
)
334 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
336 int num
= EVP_CIPHER_CTX_num(ctx
);
337 CRYPTO_cfb128_encrypt(in
, out
, len
, &dat
->ks
,
338 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, EVP_CIPHER_CTX_encrypting(ctx
), dat
->block
);
339 EVP_CIPHER_CTX_set_num(ctx
, num
);
343 static int camellia_cfb8_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
344 const unsigned char *in
, size_t len
)
346 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
348 int num
= EVP_CIPHER_CTX_num(ctx
);
349 CRYPTO_cfb128_8_encrypt(in
, out
, len
, &dat
->ks
,
350 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, EVP_CIPHER_CTX_encrypting(ctx
), dat
->block
);
351 EVP_CIPHER_CTX_set_num(ctx
, num
);
355 static int camellia_cfb1_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
356 const unsigned char *in
, size_t len
)
358 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
360 if (EVP_CIPHER_CTX_test_flags(ctx
, EVP_CIPH_FLAG_LENGTH_BITS
)) {
361 int num
= EVP_CIPHER_CTX_num(ctx
);
362 CRYPTO_cfb128_1_encrypt(in
, out
, len
, &dat
->ks
,
363 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, EVP_CIPHER_CTX_encrypting(ctx
), dat
->block
);
364 EVP_CIPHER_CTX_set_num(ctx
, num
);
368 while (len
>= MAXBITCHUNK
) {
369 int num
= EVP_CIPHER_CTX_num(ctx
);
370 CRYPTO_cfb128_1_encrypt(in
, out
, MAXBITCHUNK
* 8, &dat
->ks
,
371 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, EVP_CIPHER_CTX_encrypting(ctx
), dat
->block
);
373 EVP_CIPHER_CTX_set_num(ctx
, num
);
376 int num
= EVP_CIPHER_CTX_num(ctx
);
377 CRYPTO_cfb128_1_encrypt(in
, out
, len
* 8, &dat
->ks
,
378 EVP_CIPHER_CTX_iv_noconst(ctx
), &num
, EVP_CIPHER_CTX_encrypting(ctx
), dat
->block
);
379 EVP_CIPHER_CTX_set_num(ctx
, num
);
385 static int camellia_ctr_cipher(EVP_CIPHER_CTX
*ctx
, unsigned char *out
,
386 const unsigned char *in
, size_t len
)
388 unsigned int num
= EVP_CIPHER_CTX_num(ctx
);
389 EVP_CAMELLIA_KEY
*dat
= EVP_C_DATA(EVP_CAMELLIA_KEY
,ctx
);
392 CRYPTO_ctr128_encrypt_ctr32(in
, out
, len
, &dat
->ks
,
393 EVP_CIPHER_CTX_iv_noconst(ctx
),
394 EVP_CIPHER_CTX_buf_noconst(ctx
), &num
,
397 CRYPTO_ctr128_encrypt(in
, out
, len
, &dat
->ks
,
398 EVP_CIPHER_CTX_iv_noconst(ctx
),
399 EVP_CIPHER_CTX_buf_noconst(ctx
), &num
,
401 EVP_CIPHER_CTX_set_num(ctx
, num
);
405 BLOCK_CIPHER_generic_pack(NID_camellia
, 128, 0)
406 BLOCK_CIPHER_generic_pack(NID_camellia
, 192, 0)
407 BLOCK_CIPHER_generic_pack(NID_camellia
, 256, 0)