PolarSSL v1.1.4
|
00001 /* 00002 * An 32-bit implementation of the XTEA algorithm 00003 * 00004 * Copyright (C) 2006-2010, Brainspark B.V. 00005 * 00006 * This file is part of PolarSSL (http://www.polarssl.org) 00007 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00008 * 00009 * All rights reserved. 00010 * 00011 * This program is free software; you can redistribute it and/or modify 00012 * it under the terms of the GNU General Public License as published by 00013 * the Free Software Foundation; either version 2 of the License, or 00014 * (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00019 * GNU General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU General Public License along 00022 * with this program; if not, write to the Free Software Foundation, Inc., 00023 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00024 */ 00025 00026 #include "polarssl/config.h" 00027 00028 #if defined(POLARSSL_XTEA_C) 00029 00030 #include "polarssl/xtea.h" 00031 00032 /* 00033 * 32-bit integer manipulation macros (big endian) 00034 */ 00035 #ifndef GET_ULONG_BE 00036 #define GET_ULONG_BE(n,b,i) \ 00037 { \ 00038 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 00039 | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 00040 | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 00041 | ( (unsigned long) (b)[(i) + 3] ); \ 00042 } 00043 #endif 00044 00045 #ifndef PUT_ULONG_BE 00046 #define PUT_ULONG_BE(n,b,i) \ 00047 { \ 00048 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00049 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00050 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00051 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00052 } 00053 #endif 00054 00055 /* 00056 * XTEA key schedule 00057 */ 00058 void xtea_setup( xtea_context *ctx, unsigned char key[16] ) 00059 { 00060 int i; 00061 00062 memset(ctx, 0, sizeof(xtea_context)); 00063 00064 for( i = 0; i < 4; i++ ) 00065 { 00066 GET_ULONG_BE( ctx->k[i], key, i << 2 ); 00067 } 00068 } 00069 00070 /* 00071 * XTEA encrypt function 00072 */ 00073 int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8], 00074 unsigned char output[8]) 00075 { 00076 uint32_t *k, v0, v1, i; 00077 00078 k = ctx->k; 00079 00080 GET_ULONG_BE( v0, input, 0 ); 00081 GET_ULONG_BE( v1, input, 4 ); 00082 00083 if( mode == XTEA_ENCRYPT ) 00084 { 00085 uint32_t sum = 0, delta = 0x9E3779B9; 00086 00087 for( i = 0; i < 32; i++ ) 00088 { 00089 v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); 00090 sum += delta; 00091 v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); 00092 } 00093 } 00094 else /* XTEA_DECRYPT */ 00095 { 00096 uint32_t delta = 0x9E3779B9, sum = delta * 32; 00097 00098 for( i = 0; i < 32; i++ ) 00099 { 00100 v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); 00101 sum -= delta; 00102 v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); 00103 } 00104 } 00105 00106 PUT_ULONG_BE( v0, output, 0 ); 00107 PUT_ULONG_BE( v1, output, 4 ); 00108 00109 return( 0 ); 00110 } 00111 00112 /* 00113 * XTEA-CBC buffer encryption/decryption 00114 */ 00115 int xtea_crypt_cbc( xtea_context *ctx, 00116 int mode, 00117 size_t length, 00118 unsigned char iv[8], 00119 unsigned char *input, 00120 unsigned char *output) 00121 { 00122 int i; 00123 unsigned char temp[8]; 00124 00125 if(length % 8) 00126 return( POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH ); 00127 00128 if( mode == XTEA_DECRYPT ) 00129 { 00130 while( length > 0 ) 00131 { 00132 memcpy( temp, input, 8 ); 00133 xtea_crypt_ecb( ctx, mode, input, output ); 00134 00135 for(i = 0; i < 8; i++) 00136 output[i] = (unsigned char)( output[i] ^ iv[i] ); 00137 00138 memcpy( iv, temp, 8 ); 00139 00140 input += 8; 00141 output += 8; 00142 length -= 8; 00143 } 00144 } 00145 else 00146 { 00147 while( length > 0 ) 00148 { 00149 for( i = 0; i < 8; i++ ) 00150 output[i] = (unsigned char)( input[i] ^ iv[i] ); 00151 00152 xtea_crypt_ecb( ctx, mode, output, output ); 00153 memcpy( iv, output, 8 ); 00154 00155 input += 8; 00156 output += 8; 00157 length -= 8; 00158 } 00159 } 00160 00161 return( 0 ); 00162 } 00163 00164 #if defined(POLARSSL_SELF_TEST) 00165 00166 #include <string.h> 00167 #include <stdio.h> 00168 00169 /* 00170 * XTEA tests vectors (non-official) 00171 */ 00172 00173 static const unsigned char xtea_test_key[6][16] = 00174 { 00175 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 00176 0x0c, 0x0d, 0x0e, 0x0f }, 00177 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 00178 0x0c, 0x0d, 0x0e, 0x0f }, 00179 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 00180 0x0c, 0x0d, 0x0e, 0x0f }, 00181 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 00182 0x00, 0x00, 0x00, 0x00 }, 00183 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 00184 0x00, 0x00, 0x00, 0x00 }, 00185 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 00186 0x00, 0x00, 0x00, 0x00 } 00187 }; 00188 00189 static const unsigned char xtea_test_pt[6][8] = 00190 { 00191 { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, 00192 { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, 00193 { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f }, 00194 { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, 00195 { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, 00196 { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 } 00197 }; 00198 00199 static const unsigned char xtea_test_ct[6][8] = 00200 { 00201 { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 }, 00202 { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 }, 00203 { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, 00204 { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 }, 00205 { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d }, 00206 { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 } 00207 }; 00208 00209 /* 00210 * Checkup routine 00211 */ 00212 int xtea_self_test( int verbose ) 00213 { 00214 int i; 00215 unsigned char buf[8]; 00216 xtea_context ctx; 00217 00218 for( i = 0; i < 6; i++ ) 00219 { 00220 if( verbose != 0 ) 00221 printf( " XTEA test #%d: ", i + 1 ); 00222 00223 memcpy( buf, xtea_test_pt[i], 8 ); 00224 00225 xtea_setup( &ctx, (unsigned char *) xtea_test_key[i] ); 00226 xtea_crypt_ecb( &ctx, XTEA_ENCRYPT, buf, buf ); 00227 00228 if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) 00229 { 00230 if( verbose != 0 ) 00231 printf( "failed\n" ); 00232 00233 return( 1 ); 00234 } 00235 00236 if( verbose != 0 ) 00237 printf( "passed\n" ); 00238 } 00239 00240 if( verbose != 0 ) 00241 printf( "\n" ); 00242 00243 return( 0 ); 00244 } 00245 00246 #endif 00247 00248 #endif