PolarSSL v1.3.2
xtea.c
Go to the documentation of this file.
1 /*
2  * An 32-bit implementation of the XTEA algorithm
3  *
4  * Copyright (C) 2006-2013, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 
26 #include "polarssl/config.h"
27 
28 #if defined(POLARSSL_XTEA_C)
29 
30 #include "polarssl/xtea.h"
31 
32 #if !defined(POLARSSL_XTEA_ALT)
33 
34 /*
35  * 32-bit integer manipulation macros (big endian)
36  */
37 #ifndef GET_UINT32_BE
38 #define GET_UINT32_BE(n,b,i) \
39 { \
40  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
41  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
42  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
43  | ( (uint32_t) (b)[(i) + 3] ); \
44 }
45 #endif
46 
47 #ifndef PUT_UINT32_BE
48 #define PUT_UINT32_BE(n,b,i) \
49 { \
50  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
51  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
52  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
53  (b)[(i) + 3] = (unsigned char) ( (n) ); \
54 }
55 #endif
56 
57 /*
58  * XTEA key schedule
59  */
60 void xtea_setup( xtea_context *ctx, const unsigned char key[16] )
61 {
62  int i;
63 
64  memset(ctx, 0, sizeof(xtea_context));
65 
66  for( i = 0; i < 4; i++ )
67  {
68  GET_UINT32_BE( ctx->k[i], key, i << 2 );
69  }
70 }
71 
72 /*
73  * XTEA encrypt function
74  */
75 int xtea_crypt_ecb( xtea_context *ctx, int mode,
76  const unsigned char input[8], unsigned char output[8])
77 {
78  uint32_t *k, v0, v1, i;
79 
80  k = ctx->k;
81 
82  GET_UINT32_BE( v0, input, 0 );
83  GET_UINT32_BE( v1, input, 4 );
84 
85  if( mode == XTEA_ENCRYPT )
86  {
87  uint32_t sum = 0, delta = 0x9E3779B9;
88 
89  for( i = 0; i < 32; i++ )
90  {
91  v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
92  sum += delta;
93  v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
94  }
95  }
96  else /* XTEA_DECRYPT */
97  {
98  uint32_t delta = 0x9E3779B9, sum = delta * 32;
99 
100  for( i = 0; i < 32; i++ )
101  {
102  v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
103  sum -= delta;
104  v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
105  }
106  }
107 
108  PUT_UINT32_BE( v0, output, 0 );
109  PUT_UINT32_BE( v1, output, 4 );
110 
111  return( 0 );
112 }
113 
114 #if defined(POLARSSL_CIPHER_MODE_CBC)
115 /*
116  * XTEA-CBC buffer encryption/decryption
117  */
118 int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length,
119  unsigned char iv[8], const unsigned char *input,
120  unsigned char *output)
121 {
122  int i;
123  unsigned char temp[8];
124 
125  if( length % 8 )
127 
128  if( mode == XTEA_DECRYPT )
129  {
130  while( length > 0 )
131  {
132  memcpy( temp, input, 8 );
133  xtea_crypt_ecb( ctx, mode, input, output );
134 
135  for(i = 0; i < 8; i++)
136  output[i] = (unsigned char)( output[i] ^ iv[i] );
137 
138  memcpy( iv, temp, 8 );
139 
140  input += 8;
141  output += 8;
142  length -= 8;
143  }
144  }
145  else
146  {
147  while( length > 0 )
148  {
149  for( i = 0; i < 8; i++ )
150  output[i] = (unsigned char)( input[i] ^ iv[i] );
151 
152  xtea_crypt_ecb( ctx, mode, output, output );
153  memcpy( iv, output, 8 );
154 
155  input += 8;
156  output += 8;
157  length -= 8;
158  }
159  }
160 
161  return( 0 );
162 }
163 #endif /* POLARSSL_CIPHER_MODE_CBC */
164 #endif /* !POLARSSL_XTEA_ALT */
165 
166 #if defined(POLARSSL_SELF_TEST)
167 
168 #include <string.h>
169 #include <stdio.h>
170 
171 /*
172  * XTEA tests vectors (non-official)
173  */
174 
175 static const unsigned char xtea_test_key[6][16] =
176 {
177  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
178  0x0c, 0x0d, 0x0e, 0x0f },
179  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
180  0x0c, 0x0d, 0x0e, 0x0f },
181  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
182  0x0c, 0x0d, 0x0e, 0x0f },
183  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184  0x00, 0x00, 0x00, 0x00 },
185  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186  0x00, 0x00, 0x00, 0x00 },
187  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
188  0x00, 0x00, 0x00, 0x00 }
189 };
190 
191 static const unsigned char xtea_test_pt[6][8] =
192 {
193  { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
194  { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
195  { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
196  { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
197  { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
198  { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
199 };
200 
201 static const unsigned char xtea_test_ct[6][8] =
202 {
203  { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
204  { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
205  { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
206  { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
207  { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
208  { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
209 };
210 
211 /*
212  * Checkup routine
213  */
214 int xtea_self_test( int verbose )
215 {
216  int i;
217  unsigned char buf[8];
218  xtea_context ctx;
219 
220  for( i = 0; i < 6; i++ )
221  {
222  if( verbose != 0 )
223  printf( " XTEA test #%d: ", i + 1 );
224 
225  memcpy( buf, xtea_test_pt[i], 8 );
226 
227  xtea_setup( &ctx, xtea_test_key[i] );
228  xtea_crypt_ecb( &ctx, XTEA_ENCRYPT, buf, buf );
229 
230  if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
231  {
232  if( verbose != 0 )
233  printf( "failed\n" );
234 
235  return( 1 );
236  }
237 
238  if( verbose != 0 )
239  printf( "passed\n" );
240  }
241 
242  if( verbose != 0 )
243  printf( "\n" );
244 
245  return( 0 );
246 }
247 
248 #endif
249 
250 #endif
#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH
The data input has an invalid length.
Definition: xtea.h:44
Configuration options (set of defines)
int xtea_crypt_ecb(xtea_context *ctx, int mode, const unsigned char input[8], unsigned char output[8])
XTEA cipher function.
void xtea_setup(xtea_context *ctx, const unsigned char key[16])
XTEA key schedule.
#define PUT_UINT32_BE(n, b, i)
XTEA block cipher (32-bit)
#define XTEA_DECRYPT
Definition: xtea.h:42
#define XTEA_ENCRYPT
Definition: xtea.h:41
int xtea_crypt_cbc(xtea_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output)
XTEA CBC cipher function.
#define GET_UINT32_BE(n, b, i)
XTEA context structure.
Definition: xtea.h:57
int xtea_self_test(int verbose)
Checkup routine.
uint32_t k[4]
Definition: xtea.h:59