projects / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Ensure allocation size fits into size_t
[openssl.git] / crypto / evp / e_camellia.c
1 /* ====================================================================
2  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  *
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in
13  *    the documentation and/or other materials provided with the
14  *    distribution.
15  *
16  * 3. All advertising materials mentioning features or use of this
17  *    software must display the following acknowledgment:
18  *    "This product includes software developed by the OpenSSL Project
19  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20  *
21  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22  *    endorse or promote products derived from this software without
23  *    prior written permission. For written permission, please contact
24  *    openssl-core@openssl.org.
25  *
26  * 5. Products derived from this software may not be called "OpenSSL"
27  *    nor may "OpenSSL" appear in their names without prior written
28  *    permission of the OpenSSL Project.
29  *
30  * 6. Redistributions of any form whatsoever must retain the following
31  *    acknowledgment:
32  *    "This product includes software developed by the OpenSSL Project
33  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34  *
35  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
39  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46  * OF THE POSSIBILITY OF SUCH DAMAGE.
47  * ====================================================================
48  *
49  * This product includes cryptographic software written by Eric Young
50  * (eay@cryptsoft.com).  This product includes software written by Tim
51  * Hudson (tjh@cryptsoft.com).
52  *
53  */
54
55 #include <openssl/opensslconf.h>
56 #ifdef OPENSSL_NO_CAMELLIA
57 NON_EMPTY_TRANSLATION_UNIT
58 #else
59
60 # include <openssl/evp.h>
61 # include <openssl/err.h>
62 # include <string.h>
63 # include <assert.h>
64 # include <openssl/camellia.h>
65 # include "internal/evp_int.h"
66 # include "modes_lcl.h"
67
68 static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
69                              const unsigned char *iv, int enc);
70
71 /* Camellia subkey Structure */
72 typedef struct {
73     CAMELLIA_KEY ks;
74     block128_f block;
75     union {
76         cbc128_f cbc;
77         ctr128_f ctr;
78     } stream;
79 } EVP_CAMELLIA_KEY;
80
81 # define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))
82
83 /* Attribute operation for Camellia */
84 # define data(ctx)       EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
85
86 # if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
87 /* ---------^^^ this is not a typo, just a way to detect that
88  * assembler support was in general requested... */
89 #  include "sparc_arch.h"
90
91 extern unsigned int OPENSSL_sparcv9cap_P[];
92
93 #  define SPARC_CMLL_CAPABLE      (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
94
95 void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
96 void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
97                      const CAMELLIA_KEY *key);
98 void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
99                      const CAMELLIA_KEY *key);
100
101 void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
102                             size_t len, const CAMELLIA_KEY *key,
103                             unsigned char *ivec);
104 void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
105                             size_t len, const CAMELLIA_KEY *key,
106                             unsigned char *ivec);
107 void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
108                             size_t len, const CAMELLIA_KEY *key,
109                             unsigned char *ivec);
110 void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
111                             size_t len, const CAMELLIA_KEY *key,
112                             unsigned char *ivec);
113 void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
114                               size_t blocks, const CAMELLIA_KEY *key,
115                               unsigned char *ivec);
116 void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
117                               size_t blocks, const CAMELLIA_KEY *key,
118                               unsigned char *ivec);
119
120 static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
121                             const unsigned char *iv, int enc)
122 {
123     int ret, mode, bits;
124     EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) EVP_CIPHER_CTX_cipher_data(ctx);
125
126     mode = EVP_CIPHER_CTX_mode(ctx);
127     bits = EVP_CIPHER_CTX_key_length(ctx) * 8;
128
129     cmll_t4_set_key(key, bits, &dat->ks);
130
131     if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
132         && !enc) {
133         ret = 0;
134         dat->block = (block128_f) cmll_t4_decrypt;
135         switch (bits) {
136         case 128:
137             dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
138                 (cbc128_f) cmll128_t4_cbc_decrypt : NULL;
139             break;
140         case 192:
141         case 256:
142             dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
143                 (cbc128_f) cmll256_t4_cbc_decrypt : NULL;
144             break;
145         default:
146             ret = -1;
147         }
148     } else {
149         ret = 0;
150         dat->block = (block128_f) cmll_t4_encrypt;
151         switch (bits) {
152         case 128:
153             if (mode == EVP_CIPH_CBC_MODE)
154                 dat->stream.cbc = (cbc128_f) cmll128_t4_cbc_encrypt;
155             else if (mode == EVP_CIPH_CTR_MODE)
156                 dat->stream.ctr = (ctr128_f) cmll128_t4_ctr32_encrypt;
157             else
158                 dat->stream.cbc = NULL;
159             break;
160         case 192:
161         case 256:
162             if (mode == EVP_CIPH_CBC_MODE)
163                 dat->stream.cbc = (cbc128_f) cmll256_t4_cbc_encrypt;
164             else if (mode == EVP_CIPH_CTR_MODE)
165                 dat->stream.ctr = (ctr128_f) cmll256_t4_ctr32_encrypt;
166             else
167                 dat->stream.cbc = NULL;
168             break;
169         default:
170             ret = -1;
171         }
172     }
173
174     if (ret < 0) {
175         EVPerr(EVP_F_CMLL_T4_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
176         return 0;
177     }
178
179     return 1;
180 }
181
182 #  define cmll_t4_cbc_cipher camellia_cbc_cipher
183 static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
184                               const unsigned char *in, size_t len);
185
186 #  define cmll_t4_ecb_cipher camellia_ecb_cipher
187 static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
188                               const unsigned char *in, size_t len);
189
190 #  define cmll_t4_ofb_cipher camellia_ofb_cipher
191 static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
192                               const unsigned char *in, size_t len);
193
194 #  define cmll_t4_cfb_cipher camellia_cfb_cipher
195 static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
196                               const unsigned char *in, size_t len);
197
198 #  define cmll_t4_cfb8_cipher camellia_cfb8_cipher
199 static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
200                                const unsigned char *in, size_t len);
201
202 #  define cmll_t4_cfb1_cipher camellia_cfb1_cipher
203 static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
204                                const unsigned char *in, size_t len);
205
206 #  define cmll_t4_ctr_cipher camellia_ctr_cipher
207 static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
208                               const unsigned char *in, size_t len);
209
210 #  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
211 static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
212         nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
213         flags|EVP_CIPH_##MODE##_MODE,   \
214         cmll_t4_init_key,               \
215         cmll_t4_##mode##_cipher,        \
216         NULL,                           \
217         sizeof(EVP_CAMELLIA_KEY),       \
218         NULL,NULL,NULL,NULL }; \
219 static const EVP_CIPHER camellia_##keylen##_##mode = { \
220         nid##_##keylen##_##nmode,blocksize,     \
221         keylen/8,ivlen, \
222         flags|EVP_CIPH_##MODE##_MODE,   \
223         camellia_init_key,              \
224         camellia_##mode##_cipher,       \
225         NULL,                           \
226         sizeof(EVP_CAMELLIA_KEY),       \
227         NULL,NULL,NULL,NULL }; \
228 const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
229 { return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }
230
231 # else
232
233 #  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
234 static const EVP_CIPHER camellia_##keylen##_##mode = { \
235         nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
236         flags|EVP_CIPH_##MODE##_MODE,   \
237         camellia_init_key,              \
238         camellia_##mode##_cipher,       \
239         NULL,                           \
240         sizeof(EVP_CAMELLIA_KEY),       \
241         NULL,NULL,NULL,NULL }; \
242 const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
243 { return &camellia_##keylen##_##mode; }
244
245 # endif
246
247 # define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
248         BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
249         BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
250         BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
251         BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
252         BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
253         BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)       \
254         BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
255
256 /* The subkey for Camellia is generated. */
257 static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
258                              const unsigned char *iv, int enc)
259 {
260     int ret, mode;
261     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
262
263     ret = Camellia_set_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, &dat->ks);
264     if (ret < 0) {
265         EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
266         return 0;
267     }
268
269     mode = EVP_CIPHER_CTX_mode(ctx);
270     if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
271         && !enc) {
272         dat->block = (block128_f) Camellia_decrypt;
273         dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
274             (cbc128_f) Camellia_cbc_encrypt : NULL;
275     } else {
276         dat->block = (block128_f) Camellia_encrypt;
277         dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
278             (cbc128_f) Camellia_cbc_encrypt : NULL;
279     }
280
281     return 1;
282 }
283
284 static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
285                                const unsigned char *in, size_t len)
286 {
287     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
288
289     if (dat->stream.cbc)
290         (*dat->stream.cbc) (in, out, len, &dat->ks,
291                             EVP_CIPHER_CTX_iv_noconst(ctx),
292                             EVP_CIPHER_CTX_encrypting(ctx));
293     else if (EVP_CIPHER_CTX_encrypting(ctx))
294         CRYPTO_cbc128_encrypt(in, out, len, &dat->ks,
295                               EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
296     else
297         CRYPTO_cbc128_decrypt(in, out, len, &dat->ks,
298                               EVP_CIPHER_CTX_iv_noconst(ctx), dat->block);
299
300     return 1;
301 }
302
303 static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
304                                const unsigned char *in, size_t len)
305 {
306     size_t bl = EVP_CIPHER_CTX_block_size(ctx);
307     size_t i;
308     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
309
310     if (len < bl)
311         return 1;
312
313     for (i = 0, len -= bl; i <= len; i += bl)
314         (*dat->block) (in + i, out + i, &dat->ks);
315
316     return 1;
317 }
318
319 static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
320                                const unsigned char *in, size_t len)
321 {
322     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
323
324     int num = EVP_CIPHER_CTX_num(ctx);
325     CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
326                           EVP_CIPHER_CTX_iv_noconst(ctx), &num, dat->block);
327     EVP_CIPHER_CTX_set_num(ctx, num);
328     return 1;
329 }
330
331 static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
332                                const unsigned char *in, size_t len)
333 {
334     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
335
336     int num = EVP_CIPHER_CTX_num(ctx);
337     CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
338                           EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
339     EVP_CIPHER_CTX_set_num(ctx, num);
340     return 1;
341 }
342
343 static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
344                                 const unsigned char *in, size_t len)
345 {
346     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
347
348     int num = EVP_CIPHER_CTX_num(ctx);
349     CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
350                             EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
351     EVP_CIPHER_CTX_set_num(ctx, num);
352     return 1;
353 }
354
355 static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
356                                 const unsigned char *in, size_t len)
357 {
358     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
359
360     if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS)) {
361         int num = EVP_CIPHER_CTX_num(ctx);
362         CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
363                                 EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
364         EVP_CIPHER_CTX_set_num(ctx, num);
365         return 1;
366     }
367
368     while (len >= MAXBITCHUNK) {
369         int num = EVP_CIPHER_CTX_num(ctx);
370         CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
371                                 EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
372         len -= MAXBITCHUNK;
373         EVP_CIPHER_CTX_set_num(ctx, num);
374     }
375     if (len) {
376         int num = EVP_CIPHER_CTX_num(ctx);
377         CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
378                                 EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx), dat->block);
379         EVP_CIPHER_CTX_set_num(ctx, num);
380     }
381
382     return 1;
383 }
384
385 static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
386                                const unsigned char *in, size_t len)
387 {
388     unsigned int num = EVP_CIPHER_CTX_num(ctx);
389     EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
390
391     if (dat->stream.ctr)
392         CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
393                                     EVP_CIPHER_CTX_iv_noconst(ctx),
394                                     EVP_CIPHER_CTX_buf_noconst(ctx), &num,
395                                     dat->stream.ctr);
396     else
397         CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
398                               EVP_CIPHER_CTX_iv_noconst(ctx),
399                               EVP_CIPHER_CTX_buf_noconst(ctx), &num,
400                               dat->block);
401     EVP_CIPHER_CTX_set_num(ctx, num);
402     return 1;
403 }
404
405 BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
406     BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
407     BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
408 #endif
Unnamed repository; edit this file 'description' to name the repository.