Merge branch 'pascal-brand-st/xts' into develop

This closes #52

src/headers/tomcrypt_cipher.h

@@ -884,12 +884,12 @@ int xts_start(                int  cipher,
 int xts_encrypt(
    const unsigned char *pt, unsigned long ptlen,
          unsigned char *ct,
-   const unsigned char *tweak,
+         unsigned char *tweak,
          symmetric_xts *xts);
 int xts_decrypt(
    const unsigned char *ct, unsigned long ptlen,
          unsigned char *pt,
-   const unsigned char *tweak,
+         unsigned char *tweak,
          symmetric_xts *xts);
 
 void xts_done(symmetric_xts *xts);

src/modes/xts/xts_decrypt.c

@@ -60,7 +60,7 @@ static int tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned char
 */int xts_decrypt(
    const unsigned char *ct, unsigned long ptlen,
          unsigned char *pt,
-   const unsigned char *tweak,
+         unsigned char *tweak,
          symmetric_xts *xts)
 {
    unsigned char PP[16], CC[16], T[16];
@@ -130,6 +130,11 @@ static int tweak_uncrypt(const unsigned char *C, unsigned char *P, unsigned char
       }
    }
 
+   /* Decrypt the tweak back */
+   if ((err = cipher_descriptor[xts->cipher].ecb_decrypt(T, tweak, &xts->key2)) != CRYPT_OK) {
+      return err;
+   }
+
    return CRYPT_OK;
 }
 

src/modes/xts/xts_encrypt.c

@@ -63,7 +63,7 @@ static int tweak_crypt(const unsigned char *P, unsigned char *C, unsigned char *
 int xts_encrypt(
    const unsigned char *pt, unsigned long ptlen,
          unsigned char *ct,
-   const unsigned char *tweak,
+         unsigned char *tweak,
          symmetric_xts *xts)
 {
    unsigned char PP[16], CC[16], T[16];
@@ -131,6 +131,11 @@ int xts_encrypt(
       }
    }
 
+   /* Decrypt the tweak back */
+   if ((err = cipher_descriptor[xts->cipher].ecb_decrypt(T, tweak, &xts->key2)) != CRYPT_OK) {
+      return err;
+   }
+
    return err;
 }
 

src/modes/xts/xts_test.c

@@ -12,6 +12,10 @@
 
 #ifdef LTC_XTS_MODE
 
+#if defined(LTC_XTS_TEST_DBG) && !defined(LTC_NO_TEST)
+void print_hex(const char* what, const unsigned char* p, const unsigned long l);
+#endif
+
 /**
   Source donated by Elliptic Semiconductor Inc (www.ellipticsemi.com) to the LibTom Projects
   Returns CRYPT_OK upon success.
@@ -142,10 +146,11 @@ int xts_test(void)
 },
 
 };
-   unsigned char OUT[512], T[16];
+   unsigned char OUT[512], Torg[16], T[16];
    ulong64       seq;
    symmetric_xts xts;
-   int           i, err, idx;
+   int           i, j, err, idx;
+   unsigned long len;
 
    /* AES can be under rijndael or aes... try to find it */
    if ((idx = find_cipher("aes")) == -1) {
@@ -154,38 +159,92 @@ int xts_test(void)
       }
    }
 
-   for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
-       err = xts_start(idx, tests[i].key1, tests[i].key2, tests[i].keylen/2, 0, &xts);
-       if (err != CRYPT_OK) {
-          return err;
-       }
+   for (j = 0; j < 2; j++) {
+     for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
+         /* skip the cases where
+          * the length is smaller than 2*blocklen
+          * or the length is not a multiple of 32
+          */
+         if ((j == 1) && ((tests[i].PTLEN < 32) || (tests[i].PTLEN % 32))) {
+             continue;
+         }
+         len = tests[i].PTLEN/2;
 
-       seq = tests[i].seqnum;
-       STORE64L(seq,T);
-       XMEMSET(T+8, 0, 8);
+         err = xts_start(idx, tests[i].key1, tests[i].key2, tests[i].keylen/2, 0, &xts);
+         if (err != CRYPT_OK) {
+            return err;
+         }
 
-       err = xts_encrypt(tests[i].PTX, tests[i].PTLEN, OUT, T, &xts);
-       if (err != CRYPT_OK) {
-          xts_done(&xts);
-          return err;
-       }
+         seq = tests[i].seqnum;
+         STORE64L(seq,Torg);
+         XMEMSET(Torg+8, 0, 8);
 
-       if (XMEMCMP(OUT, tests[i].CTX, tests[i].PTLEN)) {
-          xts_done(&xts);
-          return CRYPT_FAIL_TESTVECTOR;
-       }
+         XMEMCPY(T, Torg, sizeof(T));
+         if (j == 0) {
+           err = xts_encrypt(tests[i].PTX, tests[i].PTLEN, OUT, T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+         }
+         else {
+#ifdef LTC_XTS_TEST_DBG
+           printf("\nTestcase #%d with original length %lu and half of it %lu\n", i, tests[i].PTLEN, len);
+#endif
+           err = xts_encrypt(tests[i].PTX, len, OUT, T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+           err = xts_encrypt(&tests[i].PTX[len], len, &OUT[len], T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+         }
 
-       err = xts_decrypt(tests[i].CTX, tests[i].PTLEN, OUT, T, &xts);
-       if (err != CRYPT_OK) {
-          xts_done(&xts);
-          return err;
-       }
+         if (XMEMCMP(OUT, tests[i].CTX, tests[i].PTLEN)) {
+#ifdef LTC_XTS_TEST_DBG
+            printf("\nencrypt\n");
+            print_hex("should", tests[i].CTX, tests[i].PTLEN);
+            print_hex("is", OUT, tests[i].PTLEN);
+#endif
+            xts_done(&xts);
+            return CRYPT_FAIL_TESTVECTOR;
+         }
 
-       if (XMEMCMP(OUT, tests[i].PTX, tests[i].PTLEN)) {
-          xts_done(&xts);
-          return CRYPT_FAIL_TESTVECTOR;
-       }
-       xts_done(&xts);
+         XMEMCPY(T, Torg, sizeof(T));
+         if (j == 0) {
+           err = xts_decrypt(tests[i].CTX, tests[i].PTLEN, OUT, T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+         }
+         else {
+           err = xts_decrypt(tests[i].CTX, len, OUT, T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+           err = xts_decrypt(&tests[i].CTX[len], len, &OUT[len], T, &xts);
+           if (err != CRYPT_OK) {
+              xts_done(&xts);
+              return err;
+           }
+         }
+
+         if (XMEMCMP(OUT, tests[i].PTX, tests[i].PTLEN)) {
+#ifdef LTC_XTS_TEST_DBG
+            printf("\ndecrypt\n");
+            print_hex("should", tests[i].PTX, tests[i].PTLEN);
+            print_hex("is", OUT, tests[i].PTLEN);
+#endif
+            xts_done(&xts);
+            return CRYPT_FAIL_TESTVECTOR;
+         }
+         xts_done(&xts);
+     }
    }
    return CRYPT_OK;
 #endif