1/* rijndael - An implementation of the Rijndael cipher.
2 * Copyright (C) 2000 Rafael R. Sevilla <sevillar@team.ph.inter.net>
3 *
4 * Currently maintained by brian d foy, <bdfoy@cpan.org>
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14 * Library General Public License for more details.
15 *
16 * You should have received a copy of the GNU Library General Public
17 * License along with this library; if not, write to the Free
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
19 */
20
21/*
22 * Rijndael is a 128/192/256-bit block cipher that accepts key sizes of
23 * 128, 192, or 256 bits, designed by Joan Daemen and Vincent Rijmen.  See
24 * http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ for details.
25 */
26
27#if !defined(RIJNDAEL_H)
28#define RIJNDAEL_H
29
30#include <stdlib.h>
31#include <sys/types.h>
32
33#ifdef _CRYPT_RIJNDAEL_H_TYPES
34	#undef _CRYPT_RIJNDAEL_H_TYPES
35#endif
36
37/* Irix. We could include stdint.h and use uint8_t but that also
38 * requires that we specifically drive the compiler in C99 mode.
39 * Defining UINT8 as unsigned char is, ultimately, what stdint.h
40 * would do anyway.
41 */
42#if defined(_SGIAPI) || defined( __sgi )
43	#define _CRYPT_RIJNDAEL_H_TYPES
44	typedef __uint32_t    UINT32;
45	typedef unsigned char UINT8;
46#endif
47
48/* Solaris has sys/types.h, but doesn't act like everyone else
49 * GCC defines __sun__ and __sun (report from Todd Ross)
50 * Solaris cc defines __sun
51 * MirBSD defines the same types as Solaris
52 */
53#if defined( __sun__ ) || defined( __sun ) || defined( __MirBSD__ )
54	#define _CRYPT_RIJNDAEL_H_TYPES
55	typedef uint32_t UINT32;
56	typedef uint8_t  UINT8;
57#endif
58
59/* Mac OS X 10.3 defines things differently than most other
60systems */
61#if defined( __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ ) &&  __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__-0 < 1140
62	#define _CRYPT_RIJNDAEL_H_TYPES
63	typedef u_int32_t UINT32;
64	typedef u_char    UINT8;
65#endif
66
67/* Mac OS X 10.3 defines things differently than most other
68systems */
69#if defined(__APPLE__) && ! defined(__DARWIN_UNIX03)
70	#define _CRYPT_RIJNDAEL_H_TYPES
71	typedef u_int32_t UINT32;
72	typedef u_char    UINT8;
73#endif
74
75/* I expect this to be the usual case */
76#if ! defined(_CRYPT_RIJNDAEL_H_TYPES) && ( defined(_SYS_TYPES_H) || defined(_SYS_TYPES_H_) )
77	#define _CRYPT_RIJNDAEL_H_TYPES
78	typedef __uint32_t UINT32;
79	typedef __uint8_t  UINT8;
80#endif
81
82#if defined(__CYGWIN__) && ! defined(_CRYPT_RIJNDAEL_H_TYPES)
83	#define _CRYPT_RIJNDAEL_H_TYPES
84	typedef unsigned int  UINT32;
85	typedef unsigned char UINT8;
86#endif
87
88#if defined(__MINGW32__) && ! defined(_CRYPT_RIJNDAEL_H_TYPES)
89	#define _CRYPT_RIJNDAEL_H_TYPES
90	typedef unsigned int  UINT32;
91	typedef unsigned char UINT8;
92#endif
93
94#if defined(WIN32) && ! defined(_CRYPT_RIJNDAEL_H_TYPES)
95	#define _CRYPT_RIJNDAEL_H_TYPES
96	typedef unsigned int  UINT32;
97	typedef unsigned char UINT8;
98#endif
99
100#if ! defined(_CRYPT_RIJNDAEL_H_TYPES)
101	#define _CRYPT_RIJNDAEL_H_TYPES
102	typedef unsigned int  UINT32;
103	typedef unsigned char UINT8;
104#endif
105
106/* Other block sizes and key lengths are possible, but in the context of
107 * the ssh protocols, 256 bits is the default.
108 */
109#define RIJNDAEL_BLOCKSIZE 16
110#define RIJNDAEL_KEYSIZE   32
111
112#define     MODE_ECB        1    /*  Are we ciphering in ECB mode?   */
113#define     MODE_CBC        2    /*  Are we ciphering in CBC mode?   */
114#define     MODE_CFB        3    /*  Are we ciphering in 128-bit CFB mode? */
115#define     MODE_PCBC       4    /*  Are we ciphering in PCBC mode? */
116#define     MODE_OFB        5    /*  Are we ciphering in 128-bit OFB mode? */
117#define     MODE_CTR        6    /*  Are we ciphering in counter mode? */
118
119/* Allow keys of size 128 <= bits <= 256 */
120
121#define RIJNDAEL_MIN_KEYSIZE 16
122#define RIJNDAEL_MAX_KEYSIZE 32
123
124typedef struct {
125  UINT32 keys[60];		/* maximum size of key schedule */
126  UINT32 ikeys[60];		/* inverse key schedule */
127  int nrounds;			/* number of rounds to use for our key size */
128  int mode;			/* encryption mode */
129} RIJNDAEL_context;
130
131/* This basically performs Rijndael's key scheduling algorithm, as it's the
132 * only initialization required anyhow.   The key size is specified in bytes,
133 * but the only valid values are 16 (128 bits), 24 (192 bits), and 32 (256
134 * bits).  If a value other than these three is specified, the key will be
135 * truncated to the closest value less than the key size specified, e.g.
136 * specifying 7 will use only the first 6 bytes of the key given.  DO NOT
137 * PASS A VALUE LESS THAN 16 TO KEYSIZE!
138 */
139void
140rijndael_setup(RIJNDAEL_context *ctx, size_t keysize, const UINT8 *key);
141
142/*
143 * rijndael_encrypt()
144 *
145 * Encrypt 16 bytes of data with the Rijndael algorithm.  Before this
146 * function can be used, rijndael_setup must be used in order to initialize
147 * Rijndael's key schedule.
148 *
149 * This function always encrypts 16 bytes of plaintext to 16 bytes of
150 * ciphertext.  The memory areas of the plaintext and the ciphertext can
151 * overlap.
152 */
153
154void
155rijndael_encrypt(RIJNDAEL_context *context,
156		 const UINT8 *plaintext,
157		 UINT8 *ciphertext);
158
159/*
160 * rijndael_decrypt()
161 *
162 * Decrypt 16 bytes of data with the Rijndael algorithm.
163 *
164 * Before this function can be used, rijndael_setup() must be used in order
165 * to set up the key schedule required for the decryption algorithm.
166 *
167 * This function always decrypts 16 bytes of ciphertext to 16 bytes of
168 * plaintext.  The memory areas of the plaintext and the ciphertext can
169 * overlap.
170 */
171
172void
173rijndael_decrypt(RIJNDAEL_context *context,
174		 const UINT8 *ciphertext,
175		 UINT8 *plaintext);
176
177/* Encrypt a block of plaintext in a mode specified in the context */
178void
179block_encrypt(RIJNDAEL_context *ctx, UINT8 *input, int inputlen,
180	      UINT8 *output, UINT8 *iv);
181
182/* Decrypt a block of plaintext in a mode specified in the context */
183void
184block_decrypt(RIJNDAEL_context *ctx, UINT8 *input, int inputlen,
185	      UINT8 *output, UINT8 *iv);
186
187
188#endif /* RIJNDAEL_H */
189