- Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC

2011-04-19 14:29:23 +00:00 · 2011-04-19 14:29:23 +00:00 · b6ecaf5276
commit b6ecaf5276
parent 34953bbcd3
10 changed files with 551 additions and 3 deletions
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@ -127,6 +127,30 @@ int aes_crypt_cfb128( aes_context *ctx,
                       const unsigned char *input,
                       unsigned char *output );

+/*
+ * \brief               AES-CTR buffer encryption/decryption
+ *
+ * Warning: You have to keep the maximum use of your counter in mind!
+ *
+ * \param length        The length of the data
+ * \param nc_off        The offset in the current stream_block (for resuming
+ *                      within current cipher stream). The offset pointer to
+ *                      should be 0 at the start of a stream.
+ * \param nonce_counter The 128-bit nonce and counter.
+ * \param stream_block  The saved stream-block for resuming. Is overwritten
+ *                      by the function.
+ * \param input         The input data stream
+ * \param output        The output data stream
+ *
+ * \return         0 if successful
+ */
+int aes_crypt_ctr( aes_context *ctx,
+                       int length,
+                       int *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output );
 /**
 * \brief          Checkup routine
 *
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@ -98,7 +98,7 @@ typedef struct {
    /** Cipher key length, in bits (default length for variable sized ciphers) */
    int key_length;

-    /** Name of the message digest */
+    /** Name of the cipher */
    const char * name;

    /** IV size, in bytes */
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -105,6 +105,20 @@
 * \{
 */

+/**
+ * \def POLARSSL_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define POLARSSL_CIPHER_MODE_CFB
+
+/**
+ * \def POLARSSL_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define POLARSSL_CIPHER_MODE_CTR
+
 /**
 * \def POLARSSL_DEBUG_MSG
 *
@ -130,7 +144,7 @@
 /**
 * \def POLARSSL_GENPRIME
 *
- * Enable the prime-number generation code.
+ * Enable the RSA prime-number generation code.
 */
 #define POLARSSL_GENPRIME

--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@ -37,6 +37,7 @@ typedef UINT32 uint32_t;
 #define XTEA_ENCRYPT     1
 #define XTEA_DECRYPT     0

+#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH               -0x0820

 /**
 * \brief          XTEA context structure
@ -74,6 +75,26 @@ int xtea_crypt_ecb( xtea_context *ctx,
 		 unsigned char input[8],
 		 unsigned char output[8] );

+/**
+ * \brief          XTEA CBC cipher function
+ *
+ * \param ctx      XTEA context
+ * \param mode     XTEA_ENCRYPT or XTEA_DECRYPT
+ * \param length   the length of input, multiple of 8
+ * \param iv       initialization vector for CBC mode
+ * \param input    input block
+ * \param output   output block
+ *
+ * \return         0 if successful,
+ *                 POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
+ */
+int xtea_crypt_cbc( xtea_context *ctx,
+                    int mode,
+                    int length,
+                    unsigned char iv[8],
+                    unsigned char *input,
+                    unsigned char *output);
+
 /*
 * \brief          Checkup routine
 *