Subversion Repositories Kolibri OS

Rev

Blame | Last modification | View Log | Download | RSS feed

  1. /*
  2.  *  An 32-bit implementation of the XTEA algorithm
  3.  *
  4.  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  5.  *  SPDX-License-Identifier: GPL-2.0
  6.  *
  7.  *  This program is free software; you can redistribute it and/or modify
  8.  *  it under the terms of the GNU General Public License as published by
  9.  *  the Free Software Foundation; either version 2 of the License, or
  10.  *  (at your option) any later version.
  11.  *
  12.  *  This program is distributed in the hope that it will be useful,
  13.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15.  *  GNU General Public License for more details.
  16.  *
  17.  *  You should have received a copy of the GNU General Public License along
  18.  *  with this program; if not, write to the Free Software Foundation, Inc.,
  19.  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  20.  *
  21.  *  This file is part of mbed TLS (https://tls.mbed.org)
  22.  */
  23.  
  24. #if !defined(MBEDTLS_CONFIG_FILE)
  25. #include "mbedtls/config.h"
  26. #else
  27. #include MBEDTLS_CONFIG_FILE
  28. #endif
  29.  
  30. #if defined(MBEDTLS_XTEA_C)
  31.  
  32. #include "mbedtls/xtea.h"
  33. #include "mbedtls/platform_util.h"
  34.  
  35. #include <string.h>
  36.  
  37. #if defined(MBEDTLS_SELF_TEST)
  38. #if defined(MBEDTLS_PLATFORM_C)
  39. #include "mbedtls/platform.h"
  40. #else
  41. #include <stdio.h>
  42. #define mbedtls_printf printf
  43. #endif /* MBEDTLS_PLATFORM_C */
  44. #endif /* MBEDTLS_SELF_TEST */
  45.  
  46. #if !defined(MBEDTLS_XTEA_ALT)
  47.  
  48. /*
  49.  * 32-bit integer manipulation macros (big endian)
  50.  */
  51. #ifndef GET_UINT32_BE
  52. #define GET_UINT32_BE(n,b,i)                            \
  53. {                                                       \
  54.     (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
  55.         | ( (uint32_t) (b)[(i) + 1] << 16 )             \
  56.         | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
  57.         | ( (uint32_t) (b)[(i) + 3]       );            \
  58. }
  59. #endif
  60.  
  61. #ifndef PUT_UINT32_BE
  62. #define PUT_UINT32_BE(n,b,i)                            \
  63. {                                                       \
  64.     (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
  65.     (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
  66.     (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
  67.     (b)[(i) + 3] = (unsigned char) ( (n)       );       \
  68. }
  69. #endif
  70.  
  71. void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
  72. {
  73.     memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
  74. }
  75.  
  76. void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
  77. {
  78.     if( ctx == NULL )
  79.         return;
  80.  
  81.     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
  82. }
  83.  
  84. /*
  85.  * XTEA key schedule
  86.  */
  87. void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
  88. {
  89.     int i;
  90.  
  91.     memset( ctx, 0, sizeof(mbedtls_xtea_context) );
  92.  
  93.     for( i = 0; i < 4; i++ )
  94.     {
  95.         GET_UINT32_BE( ctx->k[i], key, i << 2 );
  96.     }
  97. }
  98.  
  99. /*
  100.  * XTEA encrypt function
  101.  */
  102. int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
  103.                     const unsigned char input[8], unsigned char output[8])
  104. {
  105.     uint32_t *k, v0, v1, i;
  106.  
  107.     k = ctx->k;
  108.  
  109.     GET_UINT32_BE( v0, input, 0 );
  110.     GET_UINT32_BE( v1, input, 4 );
  111.  
  112.     if( mode == MBEDTLS_XTEA_ENCRYPT )
  113.     {
  114.         uint32_t sum = 0, delta = 0x9E3779B9;
  115.  
  116.         for( i = 0; i < 32; i++ )
  117.         {
  118.             v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
  119.             sum += delta;
  120.             v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
  121.         }
  122.     }
  123.     else /* MBEDTLS_XTEA_DECRYPT */
  124.     {
  125.         uint32_t delta = 0x9E3779B9, sum = delta * 32;
  126.  
  127.         for( i = 0; i < 32; i++ )
  128.         {
  129.             v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
  130.             sum -= delta;
  131.             v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
  132.         }
  133.     }
  134.  
  135.     PUT_UINT32_BE( v0, output, 0 );
  136.     PUT_UINT32_BE( v1, output, 4 );
  137.  
  138.     return( 0 );
  139. }
  140.  
  141. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  142. /*
  143.  * XTEA-CBC buffer encryption/decryption
  144.  */
  145. int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
  146.                     unsigned char iv[8], const unsigned char *input,
  147.                     unsigned char *output)
  148. {
  149.     int i;
  150.     unsigned char temp[8];
  151.  
  152.     if( length % 8 )
  153.         return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
  154.  
  155.     if( mode == MBEDTLS_XTEA_DECRYPT )
  156.     {
  157.         while( length > 0 )
  158.         {
  159.             memcpy( temp, input, 8 );
  160.             mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
  161.  
  162.             for( i = 0; i < 8; i++ )
  163.                 output[i] = (unsigned char)( output[i] ^ iv[i] );
  164.  
  165.             memcpy( iv, temp, 8 );
  166.  
  167.             input  += 8;
  168.             output += 8;
  169.             length -= 8;
  170.         }
  171.     }
  172.     else
  173.     {
  174.         while( length > 0 )
  175.         {
  176.             for( i = 0; i < 8; i++ )
  177.                 output[i] = (unsigned char)( input[i] ^ iv[i] );
  178.  
  179.             mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
  180.             memcpy( iv, output, 8 );
  181.  
  182.             input  += 8;
  183.             output += 8;
  184.             length -= 8;
  185.         }
  186.     }
  187.  
  188.     return( 0 );
  189. }
  190. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  191. #endif /* !MBEDTLS_XTEA_ALT */
  192.  
  193. #if defined(MBEDTLS_SELF_TEST)
  194.  
  195. /*
  196.  * XTEA tests vectors (non-official)
  197.  */
  198.  
  199. static const unsigned char xtea_test_key[6][16] =
  200. {
  201.    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
  202.      0x0c, 0x0d, 0x0e, 0x0f },
  203.    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
  204.      0x0c, 0x0d, 0x0e, 0x0f },
  205.    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
  206.      0x0c, 0x0d, 0x0e, 0x0f },
  207.    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  208.      0x00, 0x00, 0x00, 0x00 },
  209.    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  210.      0x00, 0x00, 0x00, 0x00 },
  211.    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  212.      0x00, 0x00, 0x00, 0x00 }
  213. };
  214.  
  215. static const unsigned char xtea_test_pt[6][8] =
  216. {
  217.     { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
  218.     { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
  219.     { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
  220.     { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
  221.     { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
  222.     { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
  223. };
  224.  
  225. static const unsigned char xtea_test_ct[6][8] =
  226. {
  227.     { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
  228.     { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
  229.     { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
  230.     { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
  231.     { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
  232.     { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
  233. };
  234.  
  235. /*
  236.  * Checkup routine
  237.  */
  238. int mbedtls_xtea_self_test( int verbose )
  239. {
  240.     int i, ret = 0;
  241.     unsigned char buf[8];
  242.     mbedtls_xtea_context ctx;
  243.  
  244.     mbedtls_xtea_init( &ctx );
  245.     for( i = 0; i < 6; i++ )
  246.     {
  247.         if( verbose != 0 )
  248.             mbedtls_printf( "  XTEA test #%d: ", i + 1 );
  249.  
  250.         memcpy( buf, xtea_test_pt[i], 8 );
  251.  
  252.         mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
  253.         mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
  254.  
  255.         if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
  256.         {
  257.             if( verbose != 0 )
  258.                 mbedtls_printf( "failed\n" );
  259.  
  260.             ret = 1;
  261.             goto exit;
  262.         }
  263.  
  264.         if( verbose != 0 )
  265.             mbedtls_printf( "passed\n" );
  266.     }
  267.  
  268.     if( verbose != 0 )
  269.         mbedtls_printf( "\n" );
  270.  
  271. exit:
  272.     mbedtls_xtea_free( &ctx );
  273.  
  274.     return( ret );
  275. }
  276.  
  277. #endif /* MBEDTLS_SELF_TEST */
  278.  
  279. #endif /* MBEDTLS_XTEA_C */
  280.