Implement Camellia-CTS-CMAC instead of Camellia-CCM

Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC.  Still not
compiled in by default since we don't have enctype assignments yet.

ticket: 6822
target_verion: 1.9
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 417 insertions, 220 deletions

diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in
index d9c1cdc3c1..e974da406f 100644
--- a/src/lib/crypto/openssl/enc_provider/Makefile.in
+++ b/src/lib/crypto/openssl/enc_provider/Makefile.in
@@ -21,7 +21,7 @@ STLIBOBJS= \
 	des3.o 	\
 	rc4.o 	\
 	aes.o   \
-	camellia_ctr.o
+	camellia.o
 
 OBJS= \
 	$(OUTPRE)des.$(OBJEXT) 	\
@@ -29,7 +29,6 @@ OBJS= \
 	$(OUTPRE)aes.$(OBJEXT) 	\
 	$(OUTPRE)aes_ctr.$(OBJEXT) 	\
 	$(OUTPRE)camellia.$(OBJEXT) 	\
-	$(OUTPRE)camellia_ctr.$(OBJEXT) 	\
 	$(OUTPRE)rc4.$(OBJEXT)
 
 SRCS= \
@@ -38,7 +37,6 @@ SRCS= \
 	$(srcdir)/aes.c 	\
 	$(srcdir)/aes_ctr.c 	\
 	$(srcdir)/camellia.c 	\
-	$(srcdir)/camellia_ctr.c\
 	$(srcdir)/rc4.c
 
 ##DOS##LIBOBJS = $(OBJS)
diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c
new file mode 100644
index 0000000000..6c0dafa4af
--- /dev/null
+++ b/src/lib/crypto/openssl/enc_provider/camellia.c
@@ -0,0 +1,413 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/*
+ * lib/crypto/openssl/enc_provider/camellia.c
+ *
+ * Copyright (C) 2003, 2007, 2008, 2009, 2010 by the Massachusetts Institute of
+ * Technology.  All rights reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#include "k5-int.h"
+#include "enc_provider.h"
+#include "rand2key.h"
+#include "aead.h"
+#include "hash_provider/hash_provider.h"
+#include <openssl/evp.h>
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+#ifdef CAMELLIA
+
+static krb5_error_code
+cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+        size_t num_data);
+static krb5_error_code
+cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data);
+static krb5_error_code
+cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data, size_t dlen);
+static krb5_error_code
+cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data, size_t dlen);
+
+#define BLOCK_SIZE 16
+#define NUM_BITS 8
+#define IV_CTS_BUF_SIZE 16 /* 16 - hardcoded in CRYPTO_cts128_en/decrypt */
+
+static void
+xorblock(unsigned char *out, const unsigned char *in)
+{
+    int z;
+    for (z = 0; z < CAMELLIA_BLOCK_SIZE / 4; z++) {
+        unsigned char *outptr = &out[z * 4];
+        unsigned char *inptr = (unsigned char *)&in[z * 4];
+        /*
+         * Use unaligned accesses.  On x86, this will probably still be faster
+         * than multiple byte accesses for unaligned data, and for aligned data
+         * should be far better.  (One test indicated about 2.4% faster
+         * encryption for 1024-byte messages.)
+         *
+         * If some other CPU has really slow unaligned-word or byte accesses,
+         * perhaps this function (or the load/store helpers?) should test for
+         * alignment first.
+         *
+         * If byte accesses are faster than unaligned words, we may need to
+         * conditionalize on CPU type, as that may be hard to determine
+         * automatically.
+         */
+        store_32_n(load_32_n(outptr) ^ load_32_n(inptr), outptr);
+    }
+}
+
+static const EVP_CIPHER *
+map_mode(unsigned int len)
+{
+    if (len==16)
+        return EVP_camellia_128_cbc();
+    if (len==32)
+        return EVP_camellia_256_cbc();
+    else
+        return NULL;
+}
+
+/* Encrypt one block using CBC. */
+static krb5_error_code
+cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+        size_t num_data)
+{
+    int             ret, olen = BLOCK_SIZE;
+    unsigned char   iblock[BLOCK_SIZE], oblock[BLOCK_SIZE];
+    EVP_CIPHER_CTX  ciph_ctx;
+    struct iov_block_state input_pos, output_pos;
+
+    EVP_CIPHER_CTX_init(&ciph_ctx);
+    ret = EVP_EncryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
+                             NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
+    if (ret == 0)
+        return KRB5_CRYPTO_INTERNAL;
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+    krb5int_c_iov_get_block(iblock, BLOCK_SIZE, data, num_data, &input_pos);
+    EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
+    ret = EVP_EncryptUpdate(&ciph_ctx, oblock, &olen, iblock, BLOCK_SIZE);
+    if (ret == 1) {
+        krb5int_c_iov_put_block(data, num_data, oblock, BLOCK_SIZE,
+                                &output_pos);
+    }
+    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+    zap(iblock, BLOCK_SIZE);
+    zap(oblock, BLOCK_SIZE);
+    return (ret == 1) ? 0 : KRB5_CRYPTO_INTERNAL;
+}
+
+/* Decrypt one block using CBC. */
+static krb5_error_code
+cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data)
+{
+    int              ret = 0, olen = BLOCK_SIZE;
+    unsigned char    iblock[BLOCK_SIZE], oblock[BLOCK_SIZE];
+    EVP_CIPHER_CTX   ciph_ctx;
+    struct iov_block_state input_pos, output_pos;
+
+    EVP_CIPHER_CTX_init(&ciph_ctx);
+    ret = EVP_DecryptInit_ex(&ciph_ctx, map_mode(key->keyblock.length),
+                             NULL, key->keyblock.contents, (ivec) ? (unsigned char*)ivec->data : NULL);
+    if (ret == 0)
+        return KRB5_CRYPTO_INTERNAL;
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+    krb5int_c_iov_get_block(iblock, BLOCK_SIZE, data, num_data, &input_pos);
+    EVP_CIPHER_CTX_set_padding(&ciph_ctx,0);
+    ret = EVP_DecryptUpdate(&ciph_ctx, oblock, &olen, iblock, BLOCK_SIZE);
+    if (ret == 1) {
+        krb5int_c_iov_put_block(data, num_data, oblock, BLOCK_SIZE,
+                                &output_pos);
+    }
+    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+    zap(iblock, BLOCK_SIZE);
+    zap(oblock, BLOCK_SIZE);
+    return (ret == 1) ? 0 : KRB5_CRYPTO_INTERNAL;
+}
+
+static krb5_error_code
+cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data, size_t dlen)
+{
+    int                    ret = 0;
+    size_t                 size = 0;
+    unsigned char         *oblock = NULL, *dbuf = NULL;
+    unsigned char          iv_cts[IV_CTS_BUF_SIZE];
+    struct iov_block_state input_pos, output_pos;
+    CAMELLIA_KEY           enck;
+
+    memset(iv_cts,0,sizeof(iv_cts));
+    if (ivec && ivec->data){
+        if (ivec->length != sizeof(iv_cts))
+            return KRB5_CRYPTO_INTERNAL;
+        memcpy(iv_cts, ivec->data,ivec->length);
+    }
+
+    oblock = OPENSSL_malloc(dlen);
+    if (!oblock){
+        return ENOMEM;
+    }
+    dbuf = OPENSSL_malloc(dlen);
+    if (!dbuf){
+        OPENSSL_free(oblock);
+        return ENOMEM;
+    }
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+
+    krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);
+
+    Camellia_set_key(key->keyblock.contents, NUM_BITS * key->keyblock.length,
+		     &enck);
+
+    size = CRYPTO_cts128_encrypt((unsigned char *)dbuf, oblock, dlen, &enck,
+                                 iv_cts, (cbc128_f)Camellia_cbc_encrypt);
+    if (size <= 0) {
+        ret = KRB5_CRYPTO_INTERNAL;
+    } else {
+        krb5int_c_iov_put_block(data, num_data,
+                                oblock, dlen, &output_pos);
+    }
+
+    if (!ret && ivec && ivec->data)
+        memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+    zap(oblock, dlen);
+    zap(dbuf, dlen);
+    OPENSSL_free(oblock);
+    OPENSSL_free(dbuf);
+
+    return ret;
+}
+
+static krb5_error_code
+cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data,
+         size_t num_data, size_t dlen)
+{
+    int                    ret = 0;
+    size_t                 size = 0;
+    unsigned char         *oblock = NULL;
+    unsigned char         *dbuf = NULL;
+    unsigned char          iv_cts[IV_CTS_BUF_SIZE];
+    struct iov_block_state input_pos, output_pos;
+    CAMELLIA_KEY           deck;
+
+    memset(iv_cts,0,sizeof(iv_cts));
+    if (ivec && ivec->data){
+        if (ivec->length != sizeof(iv_cts))
+            return KRB5_CRYPTO_INTERNAL;
+        memcpy(iv_cts, ivec->data,ivec->length);
+    }
+
+    IOV_BLOCK_STATE_INIT(&input_pos);
+    IOV_BLOCK_STATE_INIT(&output_pos);
+
+    oblock = OPENSSL_malloc(dlen);
+    if (!oblock)
+        return ENOMEM;
+    dbuf = OPENSSL_malloc(dlen);
+    if (!dbuf){
+        OPENSSL_free(oblock);
+        return ENOMEM;
+    }
+
+    Camellia_set_key(key->keyblock.contents, NUM_BITS * key->keyblock.length,
+		     &deck);
+
+    krb5int_c_iov_get_block(dbuf, dlen, data, num_data, &input_pos);
+
+    size = CRYPTO_cts128_decrypt((unsigned char *)dbuf, oblock,
+                                 dlen, &deck,
+                                 iv_cts, (cbc128_f)Camellia_cbc_encrypt);
+    if (size <= 0)
+        ret = KRB5_CRYPTO_INTERNAL;
+    else {
+        krb5int_c_iov_put_block(data, num_data, oblock, dlen, &output_pos);
+    }
+
+    if (!ret && ivec && ivec->data)
+        memcpy(ivec->data, iv_cts, sizeof(iv_cts));
+
+    zap(oblock, dlen);
+    zap(dbuf, dlen);
+    OPENSSL_free(oblock);
+    OPENSSL_free(dbuf);
+
+    return ret;
+}
+
+static krb5_error_code
+krb5int_camellia_encrypt(krb5_key key, const krb5_data *ivec,
+			 krb5_crypto_iov *data, size_t num_data)
+{
+    int    ret = 0;
+    int    nblocks = 0;
+    size_t input_length, i;
+
+    for (i = 0, input_length = 0; i < num_data; i++){
+        krb5_crypto_iov *iov = &data[i];
+
+        if (ENCRYPT_IOV(iov))
+            input_length += iov->data.length;
+    }
+
+    nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+    if (nblocks == 1) {
+        if (input_length != BLOCK_SIZE)
+            return KRB5_BAD_MSIZE;
+        ret = cbc_enc(key, ivec, data, num_data);
+    } else if (nblocks > 1) {
+        ret = cts_encr(key, ivec, data, num_data, input_length);
+    }
+
+    return ret;
+}
+
+static krb5_error_code
+krb5int_camellia_decrypt(krb5_key key, const krb5_data *ivec,
+			 krb5_crypto_iov *data, size_t num_data)
+{
+    int    ret = 0;
+    int    nblocks = 0;
+    size_t input_length, i;
+
+    for (i = 0, input_length = 0; i < num_data; i++) {
+        krb5_crypto_iov *iov = &data[i];
+
+        if (ENCRYPT_IOV(iov))
+            input_length += iov->data.length;
+    }
+
+    nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+    if (nblocks == 1) {
+        if (input_length != BLOCK_SIZE)
+            return KRB5_BAD_MSIZE;
+        ret = cbc_decr(key, ivec, data, num_data);
+    } else if (nblocks > 1) {
+        ret = cts_decr(key, ivec, data, num_data, input_length);
+    }
+
+    return ret;
+}
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+                         size_t num_data, const krb5_data *iv,
+			 krb5_data *output)
+{
+    CAMELLIA_KEY enck;
+    unsigned char blockY[CAMELLIA_BLOCK_SIZE];
+    struct iov_block_state iov_state;
+
+    if (output->length < CAMELLIA_BLOCK_SIZE)
+        return KRB5_BAD_MSIZE;
+
+    Camellia_set_key(key->keyblock.contents,
+                     NUM_BITS * key->keyblock.length, &enck);
+
+    if (iv != NULL)
+        memcpy(blockY, iv->data, CAMELLIA_BLOCK_SIZE);
+    else
+        memset(blockY, 0, CAMELLIA_BLOCK_SIZE);
+
+    IOV_BLOCK_STATE_INIT(&iov_state);
+
+    for (;;) {
+        unsigned char blockB[CAMELLIA_BLOCK_SIZE];
+
+        if (!krb5int_c_iov_get_block(blockB, CAMELLIA_BLOCK_SIZE, data,
+				     num_data, &iov_state))
+            break;
+
+        xorblock(blockB, blockY);
+
+        Camellia_ecb_encrypt(blockB, blockY, &enck, 1);
+    }
+
+    output->length = CAMELLIA_BLOCK_SIZE;
+    memcpy(output->data, blockY, CAMELLIA_BLOCK_SIZE);
+
+    return 0;
+}
+
+static krb5_error_code
+krb5int_camellia_init_state (const krb5_keyblock *key, krb5_keyusage usage,
+			     krb5_data *state)
+{
+    state->length = 16;
+    state->data = (void *) malloc(16);
+    if (state->data == NULL)
+        return ENOMEM;
+    memset(state->data, 0, state->length);
+    return 0;
+}
+const struct krb5_enc_provider krb5int_enc_camellia128 = {
+    16,
+    16, 16,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    krb5int_camellia_init_state,
+    krb5int_default_free_state
+};
+
+const struct krb5_enc_provider krb5int_enc_camellia256 = {
+    16,
+    32, 32,
+    krb5int_camellia_encrypt,
+    krb5int_camellia_decrypt,
+    krb5int_camellia_cbc_mac,
+    krb5int_camellia_make_key,
+    krb5int_camellia_init_state,
+    krb5int_default_free_state
+};
+
+#else /* CAMELLIA */
+
+/* These won't be used, but are still in the export table. */
+
+krb5_error_code
+krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
+                         size_t num_data, const krb5_data *iv,
+			 krb5_data *output)
+{
+    return EINVAL;
+}
+
+const struct krb5_enc_provider krb5int_enc_camellia128 = {
+};
+
+const struct krb5_enc_provider krb5int_enc_camellia256 = {
+};
+
+#endif /* CAMELLIA */
diff --git a/src/lib/crypto/openssl/enc_provider/camellia_ctr.c b/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
deleted file mode 100644
index 0b6eee7217..0000000000
--- a/src/lib/crypto/openssl/enc_provider/camellia_ctr.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/*
- * lib/crypto/openssl/enc_provider/camellia_ctr.c
- *
- * Copyright (C) 2003, 2007-2010 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#include "k5-int.h"
-#include "enc_provider.h"
-#include "rand2key.h"
-#include "aead.h"
-#include "hash_provider/hash_provider.h"
-#include <openssl/evp.h>
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-#ifdef CAMELLIA_CCM
-#define NUM_BITS 8
-
-static void
-xorblock(unsigned char *out, const unsigned char *in)
-{
-    int z;
-    for (z = 0; z < CAMELLIA_BLOCK_SIZE / 4; z++) {
-        unsigned char *outptr = &out[z * 4];
-        unsigned char *inptr = (unsigned char *)&in[z * 4];
-        /*
-         * Use unaligned accesses.  On x86, this will probably still be faster
-         * than multiple byte accesses for unaligned data, and for aligned data
-         * should be far better.  (One test indicated about 2.4% faster
-         * encryption for 1024-byte messages.)
-         *
-         * If some other CPU has really slow unaligned-word or byte accesses,
-         * perhaps this function (or the load/store helpers?) should test for
-         * alignment first.
-         *
-         * If byte accesses are faster than unaligned words, we may need to
-         * conditionalize on CPU type, as that may be hard to determine
-         * automatically.
-         */
-        store_32_n(load_32_n(outptr) ^ load_32_n(inptr), outptr);
-    }
-}
-
-/*
- * ivec must be a correctly formatted counter block per SP800-38C A.3
- */
-static krb5_error_code
-krb5int_camellia_encrypt_ctr(krb5_key key, const krb5_data *ivec,
-                             krb5_crypto_iov *data, size_t num_data)
-{
-    CAMELLIA_KEY enck;
-    unsigned char ctr[CAMELLIA_BLOCK_SIZE];
-    krb5_ui_8 blockno;
-    struct iov_block_state input_pos, output_pos;
-
-    Camellia_set_key(key->keyblock.contents,
-                     NUM_BITS * key->keyblock.length, &enck);
-
-    IOV_BLOCK_STATE_INIT(&input_pos);
-    IOV_BLOCK_STATE_INIT(&output_pos);
-
-    /* Don't encrypt the header (B0), and use zero instead of IOV padding */
-    input_pos.ignore_header = output_pos.ignore_header = 1;
-    input_pos.pad_to_boundary = output_pos.pad_to_boundary = 1;
-
-    assert(ivec != NULL);
-
-    if (ivec->length != CAMELLIA_BLOCK_SIZE)
-        return KRB5_BAD_MSIZE;
-
-    memcpy(ctr, ivec->data, CAMELLIA_BLOCK_SIZE);
-
-    for (blockno = 0; ; blockno++) {
-        unsigned char storage[CAMELLIA_BLOCK_SIZE], *block;
-        unsigned char ectr[CAMELLIA_BLOCK_SIZE];
-        unsigned int num = 0;
-
-        if (!krb5int_c_iov_get_block_nocopy(storage, CAMELLIA_BLOCK_SIZE,
-                                            data, num_data, &input_pos,
-					    &block))
-            break;
-
-        /* We should not need to initialise ectr because we're on a block
-	 * boundary. */
-        Camellia_ctr128_encrypt(block, block, CAMELLIA_BLOCK_SIZE, &enck, ctr,
-				ectr, &num);
-        assert(num == 0);
-        krb5int_c_iov_put_block_nocopy(data, num_data, storage,
-				       CAMELLIA_BLOCK_SIZE, &output_pos,
-				       block);
-    }
-
-    if (ivec != NULL)
-        memcpy(ivec->data, ctr, sizeof(ctr));
-
-    return 0;
-}
-
-static krb5_error_code
-krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
-                         size_t num_data, const krb5_data *iv,
-			 krb5_data *output)
-{
-    CAMELLIA_KEY enck;
-    unsigned char blockY[CAMELLIA_BLOCK_SIZE];
-    struct iov_block_state iov_state;
-
-    if (output->length < CAMELLIA_BLOCK_SIZE)
-        return KRB5_BAD_MSIZE;
-
-    Camellia_set_key(key->keyblock.contents,
-                     NUM_BITS * key->keyblock.length, &enck);
-
-    if (iv != NULL)
-        memcpy(blockY, iv->data, CAMELLIA_BLOCK_SIZE);
-    else
-        memset(blockY, 0, CAMELLIA_BLOCK_SIZE);
-
-    IOV_BLOCK_STATE_INIT(&iov_state);
-
-    /*
-     * The CCM header may not fit in a block, because it includes a variable
-     * length encoding of the associated data length. This encoding plus the
-     * associated data itself is padded to the block size.
-     */
-    iov_state.include_sign_only = 1;
-    iov_state.pad_to_boundary = 1;
-
-    for (;;) {
-        unsigned char blockB[CAMELLIA_BLOCK_SIZE];
-
-        if (!krb5int_c_iov_get_block(blockB, CAMELLIA_BLOCK_SIZE, data,
-				     num_data, &iov_state))
-            break;
-
-        xorblock(blockB, blockY);
-
-        Camellia_ecb_encrypt(blockB, blockY, &enck, 1);
-    }
-
-    output->length = CAMELLIA_BLOCK_SIZE;
-    memcpy(output->data, blockY, CAMELLIA_BLOCK_SIZE);
-
-    return 0;
-}
-
-static krb5_error_code
-krb5int_camellia_init_state_ctr (const krb5_keyblock *key, krb5_keyusage usage,
-                                 krb5_data *state)
-{
-    return alloc_data(state, 16);
-}
-
-const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
-    16,
-    16, 16,
-    krb5int_camellia_encrypt_ctr,
-    krb5int_camellia_encrypt_ctr,
-    krb5int_camellia_cbc_mac,
-    krb5int_camellia_make_key,
-    krb5int_camellia_init_state_ctr,
-    krb5int_default_free_state,
-    NULL
-};
-
-const struct krb5_enc_provider krb5int_enc_camellia256_ctr = {
-    16,
-    32, 32,
-    krb5int_camellia_encrypt_ctr,
-    krb5int_camellia_encrypt_ctr,
-    krb5int_camellia_cbc_mac,
-    krb5int_camellia_make_key,
-    krb5int_camellia_init_state_ctr,
-    krb5int_default_free_state,
-    NULL
-};
-
-#else /* CAMELLIA_CCM */
-
-/* These won't be used, but is still in the export table. */
-
-krb5_error_code
-krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data,
-                         size_t num_data, const krb5_data *iv,
-			 krb5_data *output)
-{
-    return EINVAL;
-}
-
-const struct krb5_enc_provider krb5int_enc_camellia128_ctr = {
-};
-
-#endif /* CAMELLIA_CCM */
diff --git a/src/lib/crypto/openssl/enc_provider/enc_provider.h b/src/lib/crypto/openssl/enc_provider/enc_provider.h
index e8b552e411..4365255ab4 100644
--- a/src/lib/crypto/openssl/enc_provider/enc_provider.h
+++ b/src/lib/crypto/openssl/enc_provider/enc_provider.h
@@ -34,8 +34,7 @@ extern const struct krb5_enc_provider krb5int_enc_aes128;
 extern const struct krb5_enc_provider krb5int_enc_aes256;
 extern const struct krb5_enc_provider krb5int_enc_aes128_ctr;
 extern const struct krb5_enc_provider krb5int_enc_aes256_ctr;
-#ifdef CAMELLIA_CCM
-extern const struct krb5_enc_provider krb5int_enc_camellia128_ctr;
-extern const struct krb5_enc_provider krb5int_enc_camellia256_ctr;
+#ifdef CAMELLIA
+extern const struct krb5_enc_provider krb5int_enc_camellia128;
+extern const struct krb5_enc_provider krb5int_enc_camellia256;
 #endif
-