static void GetCryptoBlock(uchar *buffer) { static camellia_keyTable_t *cam_kt[4]; static uchar counter[16]; static uchar dest[16]; uint index; if(!cam_kt[0]) // 初期化 { uchar (*cam_seed)[SEEDSIZE] = (uchar (*)[SEEDSIZE])memAlloc(SEEDSIZE * 4); autoBlock_t gab; GetCryptoSeed(cam_seed[0], SEEDSIZE, SEED_FILE); GetCryptoSeed(cam_seed[1], SEEDSIZE, CA_SEED_FILE); GetCryptoSeed(cam_seed[2], SEEDSIZE, CA2_SEED_FILE); GetCryptoSeed(cam_seed[3], SEEDSIZE, CA3_SEED_FILE); sha512_localize(); for(index = 0; index < 4; index++) { sha512_makeHashBlock(gndBlockVar(cam_seed[index], SEEDSIZE, gab)); memcpy(cam_seed[index], sha512_hash, 32); cam_kt[index] = camellia_createKeyTable(gndBlockVar(cam_seed[index], 32, gab)); } sha512_unlocalize(); memFree(cam_seed); } else // カウンタ更新 { for(index = 0; ; index++) // for(index = 0; index < 16; index++) { if(counter[index] < 0xff) { counter[index]++; break; } counter[index] = 0x00; } } camellia_encrypt(cam_kt[0], counter, buffer, 1); counter[15] ^= 0x40; camellia_encrypt(cam_kt[1], counter, dest, 1); XorBlock(buffer, dest); counter[15] ^= 0xc0; camellia_encrypt(cam_kt[2], counter, dest, 1); XorBlock(buffer, dest); counter[15] ^= 0x40; camellia_encrypt(cam_kt[3], counter, dest, 1); XorBlock(buffer, dest); counter[15] ^= 0xc0; }
void CipherCamellia::Encrypt (byte *data) const { camellia_encrypt (data, data, ScheduledKey.Ptr()); }
static const char * selftest(void) { CAMELLIA_context ctx; byte scratch[16]; const char *r; /* These test vectors are from RFC-3713 */ static const byte plaintext[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10 }; static const byte key_128[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10 }; static const byte ciphertext_128[]= { 0x67,0x67,0x31,0x38,0x54,0x96,0x69,0x73, 0x08,0x57,0x06,0x56,0x48,0xea,0xbe,0x43 }; static const byte key_192[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98, 0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77 }; static const byte ciphertext_192[]= { 0xb4,0x99,0x34,0x01,0xb3,0xe9,0x96,0xf8, 0x4e,0xe5,0xce,0xe7,0xd7,0x9b,0x09,0xb9 }; static const byte key_256[]= { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba, 0x98,0x76,0x54,0x32,0x10,0x00,0x11,0x22,0x33,0x44,0x55, 0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff }; static const byte ciphertext_256[]= { 0x9a,0xcc,0x23,0x7d,0xff,0x16,0xd7,0x6c, 0x20,0xef,0x7c,0x91,0x9e,0x3a,0x75,0x09 }; camellia_setkey(&ctx,key_128,sizeof(key_128)); camellia_encrypt(&ctx,scratch,plaintext); if(memcmp(scratch,ciphertext_128,sizeof(ciphertext_128))!=0) return "CAMELLIA-128 test encryption failed."; camellia_decrypt(&ctx,scratch,scratch); if(memcmp(scratch,plaintext,sizeof(plaintext))!=0) return "CAMELLIA-128 test decryption failed."; camellia_setkey(&ctx,key_192,sizeof(key_192)); camellia_encrypt(&ctx,scratch,plaintext); if(memcmp(scratch,ciphertext_192,sizeof(ciphertext_192))!=0) return "CAMELLIA-192 test encryption failed."; camellia_decrypt(&ctx,scratch,scratch); if(memcmp(scratch,plaintext,sizeof(plaintext))!=0) return "CAMELLIA-192 test decryption failed."; camellia_setkey(&ctx,key_256,sizeof(key_256)); camellia_encrypt(&ctx,scratch,plaintext); if(memcmp(scratch,ciphertext_256,sizeof(ciphertext_256))!=0) return "CAMELLIA-256 test encryption failed."; camellia_decrypt(&ctx,scratch,scratch); if(memcmp(scratch,plaintext,sizeof(plaintext))!=0) return "CAMELLIA-256 test decryption failed."; if ( (r = selftest_ctr_128 ()) ) return r; if ( (r = selftest_cbc_128 ()) ) return r; if ( (r = selftest_cfb_128 ()) ) return r; return NULL; }
static void cml_encrypt(void *key, u_int8_t *blk) { camellia_encrypt(key, blk, blk); }
static void cml_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) { camellia_encrypt((camellia_ctx *) key, (u_char *) blk, (u_char *) blk); }
void camellia_cbc_encrypt(const u_char *src, u_char *dst, uint32_t srcbytes, camellia_ctx *ctx, u_char *iv, const int enc) { /* iv must be 16bytes */ /* enc: 1 is encrypt, 0 is decrypt */ u_char block[16]; u_char ivec[4][4]; int i, numb; numb = srcbytes/16; if (enc) { ((uint32_t *)block)[0] = ((uint32_t *)iv)[0] ^ ((uint32_t *)src)[0]; ((uint32_t *)block)[1] = ((uint32_t *)iv)[1] ^ ((uint32_t *)src)[1]; ((uint32_t *)block)[2] = ((uint32_t *)iv)[2] ^ ((uint32_t *)src)[2]; ((uint32_t *)block)[3] = ((uint32_t *)iv)[3] ^ ((uint32_t *)src)[3]; camellia_encrypt(ctx, block, dst); src += 16; for(i = numb - 1; i > 0; i--) { ((uint32_t *)block)[0] = ((uint32_t *)dst)[0] ^ ((uint32_t *)src)[0]; ((uint32_t *)block)[1] = ((uint32_t *)dst)[1] ^ ((uint32_t *)src)[1]; ((uint32_t *)block)[2] = ((uint32_t *)dst)[2] ^ ((uint32_t *)src)[2]; ((uint32_t *)block)[3] = ((uint32_t *)dst)[3] ^ ((uint32_t *)src)[3]; dst += 16; camellia_encrypt(ctx, block, dst); src += 16; } } else { *((uint32_t *)ivec[0]) = *((uint32_t *)iv ); *((uint32_t *)ivec[1]) = *((uint32_t *)(iv + 4)); *((uint32_t *)ivec[2]) = *((uint32_t *)(iv + 8)); *((uint32_t *)ivec[3]) = *((uint32_t *)(iv +12)); for(i = numb; i > 0; i--) { camellia_decrypt(ctx, src, block); ((uint32_t *)block)[0] ^= *((uint32_t *)ivec[0]); ((uint32_t *)block)[1] ^= *((uint32_t *)ivec[1]); ((uint32_t *)block)[2] ^= *((uint32_t *)ivec[2]); ((uint32_t *)block)[3] ^= *((uint32_t *)ivec[3]); *((uint32_t *)ivec[0]) = ((uint32_t *)src)[0]; *((uint32_t *)ivec[1]) = ((uint32_t *)src)[1]; *((uint32_t *)ivec[2]) = ((uint32_t *)src)[2]; *((uint32_t *)ivec[3]) = ((uint32_t *)src)[3]; ((uint32_t *)dst)[0] = ((uint32_t *)block)[0]; ((uint32_t *)dst)[1] = ((uint32_t *)block)[1]; ((uint32_t *)dst)[2] = ((uint32_t *)block)[2]; ((uint32_t *)dst)[3] = ((uint32_t *)block)[3]; src += 16; dst += 16; } } }