blob: 34c1990681e7d760365af53d10eb4a2b692b4fac [file] [log] [blame]
Paul Bakker38119b12009-01-10 23:31:23 +00001/**
2 * \file camellia.h
3 *
Paul Bakker37ca75d2011-01-06 12:28:03 +00004 * \brief Camellia block cipher
5 *
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +02006 * Copyright (C) 2006-2014, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +00007 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +00009 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +000010 *
Paul Bakker77b385e2009-07-28 17:23:11 +000011 * All rights reserved.
Paul Bakker38119b12009-01-10 23:31:23 +000012 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27#ifndef POLARSSL_CAMELLIA_H
28#define POLARSSL_CAMELLIA_H
Paul Bakker477fd322009-10-04 13:22:13 +000029
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +020030#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker90995b52013-06-24 19:20:35 +020031#include "config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +020032#else
33#include POLARSSL_CONFIG_FILE
34#endif
Paul Bakker90995b52013-06-24 19:20:35 +020035
Paul Bakker23986e52011-04-24 08:57:21 +000036#include <string.h>
37
Paul Bakkerfa6a6202013-10-28 18:48:30 +010038#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
Paul Bakker477fd322009-10-04 13:22:13 +000039#include <basetsd.h>
40typedef UINT32 uint32_t;
Paul Bakker80ab9f52009-05-24 14:42:46 +000041#else
Paul Bakker477fd322009-10-04 13:22:13 +000042#include <inttypes.h>
Paul Bakker80ab9f52009-05-24 14:42:46 +000043#endif
Paul Bakkerc81f6c32009-05-03 13:09:15 +000044
Paul Bakker38119b12009-01-10 23:31:23 +000045#define CAMELLIA_ENCRYPT 1
46#define CAMELLIA_DECRYPT 0
47
Paul Bakker9d781402011-05-09 16:17:09 +000048#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */
49#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
Paul Bakker2b222c82009-07-27 21:03:45 +000050
Paul Bakker90995b52013-06-24 19:20:35 +020051#if !defined(POLARSSL_CAMELLIA_ALT)
52// Regular implementation
53//
54
Paul Bakker407a0da2013-06-27 14:29:21 +020055#ifdef __cplusplus
56extern "C" {
57#endif
58
Paul Bakker38119b12009-01-10 23:31:23 +000059/**
60 * \brief CAMELLIA context structure
61 */
62typedef struct
63{
64 int nr; /*!< number of rounds */
Paul Bakkerc81f6c32009-05-03 13:09:15 +000065 uint32_t rk[68]; /*!< CAMELLIA round keys */
Paul Bakker38119b12009-01-10 23:31:23 +000066}
67camellia_context;
68
Paul Bakker38119b12009-01-10 23:31:23 +000069/**
70 * \brief CAMELLIA key schedule (encryption)
71 *
72 * \param ctx CAMELLIA context to be initialized
73 * \param key encryption key
74 * \param keysize must be 128, 192 or 256
Paul Bakker9af723c2014-05-01 13:03:14 +020075 *
Paul Bakker2b222c82009-07-27 21:03:45 +000076 * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
Paul Bakker38119b12009-01-10 23:31:23 +000077 */
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +020078int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
79 unsigned int keysize );
Paul Bakker38119b12009-01-10 23:31:23 +000080
81/**
82 * \brief CAMELLIA key schedule (decryption)
83 *
84 * \param ctx CAMELLIA context to be initialized
85 * \param key decryption key
86 * \param keysize must be 128, 192 or 256
Paul Bakker9af723c2014-05-01 13:03:14 +020087 *
Paul Bakker2b222c82009-07-27 21:03:45 +000088 * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
Paul Bakker38119b12009-01-10 23:31:23 +000089 */
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +020090int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
91 unsigned int keysize );
Paul Bakker38119b12009-01-10 23:31:23 +000092
93/**
94 * \brief CAMELLIA-ECB block encryption/decryption
95 *
96 * \param ctx CAMELLIA context
97 * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
98 * \param input 16-byte input block
99 * \param output 16-byte output block
Paul Bakker9af723c2014-05-01 13:03:14 +0200100 *
Paul Bakker27caa8a2010-03-21 15:43:59 +0000101 * \return 0 if successful
Paul Bakker38119b12009-01-10 23:31:23 +0000102 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000103int camellia_crypt_ecb( camellia_context *ctx,
Paul Bakker38119b12009-01-10 23:31:23 +0000104 int mode,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000105 const unsigned char input[16],
Paul Bakker38119b12009-01-10 23:31:23 +0000106 unsigned char output[16] );
107
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200108#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker38119b12009-01-10 23:31:23 +0000109/**
110 * \brief CAMELLIA-CBC buffer encryption/decryption
Paul Bakker4c067eb2009-05-17 10:25:19 +0000111 * Length should be a multiple of the block
112 * size (16 bytes)
Paul Bakker38119b12009-01-10 23:31:23 +0000113 *
114 * \param ctx CAMELLIA context
115 * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
116 * \param length length of the input data
117 * \param iv initialization vector (updated after use)
118 * \param input buffer holding the input data
119 * \param output buffer holding the output data
Paul Bakker9af723c2014-05-01 13:03:14 +0200120 *
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200121 * \return 0 if successful, or
122 * POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
Paul Bakker38119b12009-01-10 23:31:23 +0000123 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000124int camellia_crypt_cbc( camellia_context *ctx,
Paul Bakker38119b12009-01-10 23:31:23 +0000125 int mode,
Paul Bakker23986e52011-04-24 08:57:21 +0000126 size_t length,
Paul Bakker38119b12009-01-10 23:31:23 +0000127 unsigned char iv[16],
Paul Bakkerff60ee62010-03-16 21:09:09 +0000128 const unsigned char *input,
Paul Bakker38119b12009-01-10 23:31:23 +0000129 unsigned char *output );
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200130#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker38119b12009-01-10 23:31:23 +0000131
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200132#if defined(POLARSSL_CIPHER_MODE_CFB)
Paul Bakker38119b12009-01-10 23:31:23 +0000133/**
134 * \brief CAMELLIA-CFB128 buffer encryption/decryption
135 *
Paul Bakkerca6f3e22011-10-06 13:11:08 +0000136 * Note: Due to the nature of CFB you should use the same key schedule for
137 * both encryption and decryption. So a context initialized with
138 * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
139 *
Paul Bakker38119b12009-01-10 23:31:23 +0000140 * \param ctx CAMELLIA context
141 * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
142 * \param length length of the input data
143 * \param iv_off offset in IV (updated after use)
144 * \param iv initialization vector (updated after use)
145 * \param input buffer holding the input data
146 * \param output buffer holding the output data
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200147 *
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200148 * \return 0 if successful, or
149 * POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
Paul Bakker38119b12009-01-10 23:31:23 +0000150 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000151int camellia_crypt_cfb128( camellia_context *ctx,
Paul Bakker38119b12009-01-10 23:31:23 +0000152 int mode,
Paul Bakker23986e52011-04-24 08:57:21 +0000153 size_t length,
Paul Bakker1ef71df2011-06-09 14:14:58 +0000154 size_t *iv_off,
Paul Bakker38119b12009-01-10 23:31:23 +0000155 unsigned char iv[16],
Paul Bakkerff60ee62010-03-16 21:09:09 +0000156 const unsigned char *input,
Paul Bakker38119b12009-01-10 23:31:23 +0000157 unsigned char *output );
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200158#endif /* POLARSSL_CIPHER_MODE_CFB */
Paul Bakker38119b12009-01-10 23:31:23 +0000159
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200160#if defined(POLARSSL_CIPHER_MODE_CTR)
Paul Bakker9a736322012-11-14 12:39:52 +0000161/**
Paul Bakker1ef71df2011-06-09 14:14:58 +0000162 * \brief CAMELLIA-CTR buffer encryption/decryption
163 *
164 * Warning: You have to keep the maximum use of your counter in mind!
165 *
Paul Bakkerca6f3e22011-10-06 13:11:08 +0000166 * Note: Due to the nature of CTR you should use the same key schedule for
167 * both encryption and decryption. So a context initialized with
168 * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT.
169 *
Paul Bakkerdcbfdcc2013-09-10 16:16:50 +0200170 * \param ctx CAMELLIA context
Paul Bakker1ef71df2011-06-09 14:14:58 +0000171 * \param length The length of the data
172 * \param nc_off The offset in the current stream_block (for resuming
173 * within current cipher stream). The offset pointer to
174 * should be 0 at the start of a stream.
175 * \param nonce_counter The 128-bit nonce and counter.
176 * \param stream_block The saved stream-block for resuming. Is overwritten
177 * by the function.
178 * \param input The input data stream
179 * \param output The output data stream
180 *
181 * \return 0 if successful
182 */
183int camellia_crypt_ctr( camellia_context *ctx,
184 size_t length,
185 size_t *nc_off,
186 unsigned char nonce_counter[16],
187 unsigned char stream_block[16],
188 const unsigned char *input,
189 unsigned char *output );
Manuel Pégourié-Gonnard92cb1d32013-09-13 16:24:20 +0200190#endif /* POLARSSL_CIPHER_MODE_CTR */
Paul Bakker1ef71df2011-06-09 14:14:58 +0000191
Paul Bakker90995b52013-06-24 19:20:35 +0200192#ifdef __cplusplus
193}
194#endif
195
196#else /* POLARSSL_CAMELLIA_ALT */
197#include "camellia_alt.h"
198#endif /* POLARSSL_CAMELLIA_ALT */
199
200#ifdef __cplusplus
201extern "C" {
202#endif
203
Paul Bakker38119b12009-01-10 23:31:23 +0000204/**
205 * \brief Checkup routine
206 *
207 * \return 0 if successful, or 1 if the test failed
208 */
209int camellia_self_test( int verbose );
210
211#ifdef __cplusplus
212}
213#endif
214
215#endif /* camellia.h */