diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7e55df7ec..e725ea044 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -110,6 +110,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief This function sets the decryption key. * @@ -128,6 +129,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief This function performs an ARIA single-block encryption or diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 8033c13ff..74a8e3434 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -93,6 +93,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Perform a CAMELLIA key schedule operation for decryption. * @@ -108,6 +109,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index f445102d9..f10ac90d7 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -182,6 +182,7 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief DES key schedule (56-bit, decryption) * @@ -196,6 +197,7 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -213,6 +215,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (112-bit, decryption) * @@ -228,6 +231,7 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -245,6 +249,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (168-bit, decryption) * @@ -260,6 +265,7 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief DES-ECB block encryption/decryption diff --git a/library/aria.c b/library/aria.c index 098036225..0bd489e68 100644 --- a/library/aria.c +++ b/library/aria.c @@ -425,6 +425,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, /* * Set decryption key */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -454,6 +455,7 @@ int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, return 0; } +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /* * Encrypt a block @@ -884,12 +886,18 @@ int mbedtls_aria_self_test(int verbose) /* test ECB decryption */ if (verbose) { mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i); +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + mbedtls_printf("skipped\n"); +#endif } + +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i); mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk); ARIA_SELF_TEST_ASSERT( memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE) != 0); +#endif } if (verbose) { mbedtls_printf("\n"); diff --git a/library/camellia.c b/library/camellia.c index 409727d04..634978294 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -411,6 +411,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, /* * Camellia key schedule (decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits) @@ -456,6 +457,7 @@ exit: return ret; } +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /* * Camellia-ECB block encryption/decryption @@ -900,14 +902,26 @@ int mbedtls_camellia_self_test(int verbose) (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); } +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } + continue; + } +#endif + for (i = 0; i < CAMELLIA_TESTS_ECB; i++) { memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) if (v == MBEDTLS_CAMELLIA_DECRYPT) { mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); memcpy(src, camellia_test_ecb_cipher[u][i], 16); memcpy(dst, camellia_test_ecb_plain[i], 16); - } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ + } else +#endif + { /* MBEDTLS_CAMELLIA_ENCRYPT */ mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); memcpy(src, camellia_test_ecb_plain[i], 16); memcpy(dst, camellia_test_ecb_cipher[u][i], 16); diff --git a/library/des.c b/library/des.c index eaddf282a..a6a6b2fb8 100644 --- a/library/des.c +++ b/library/des.c @@ -483,6 +483,7 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE /* * DES key schedule (56-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; @@ -496,6 +497,7 @@ int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBE return 0; } +#endif static void des3_set2key(uint32_t esk[96], uint32_t dsk[96], @@ -538,6 +540,7 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (112-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { @@ -548,6 +551,7 @@ int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, return 0; } +#endif static void des3_set3key(uint32_t esk[96], uint32_t dsk[96], @@ -588,6 +592,7 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (168-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { @@ -598,6 +603,7 @@ int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, return 0; } +#endif /* * DES-ECB block encryption/decryption @@ -869,28 +875,43 @@ int mbedtls_des_self_test(int verbose) (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); } +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (v == MBEDTLS_DES_DECRYPT) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } + continue; + } +#endif + memcpy(buf, des3_test_buf, 8); switch (i) { +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 0: ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); break; +#endif case 1: ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); break; +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 2: ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); break; +#endif case 3: ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); break; +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 4: ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); break; +#endif case 5: ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys);