TEA in ECB and CBC modes decryption failure

[guidovranken]

Prerequisites

• Checked the developer manual
• Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=repo%3Alibtom%2Flibtomcrypt
• Checked that your issue isn't related to TomsFastMath's limitation that PK operations can by default only be done with max. 2048bit keys

Description

The TEA cipher in ECB and CBC modes does not encrypt, then decrypt into the original plaintext.

Steps to Reproduce

This is a reproducer for TEA+ECB. It should decrypt into the original plaintext (16 zero bytes), but instead it decrypts into:

89 0B D3 76 28 BB E5 C2 89 0B D3 76 28 BB E5 C2

#include <tomcrypt.h>

#define CF_CHECK_EQ(expr, res) if ( (expr) != (res) ) { goto end; }
#define CF_CHECK_NE(expr, res) if ( (expr) == (res) ) { goto end; }

int main(void)
{
    const unsigned char in[16] = {0};
    const unsigned char key[16] = {0};
    unsigned char encrypted[16], decrypted[16];
    symmetric_ECB ecb1, ecb2;

    CF_CHECK_NE(register_all_ciphers(), -1);

    CF_CHECK_EQ(ecb_start(find_cipher("tea"), key, sizeof(key), 0, &ecb1), CRYPT_OK);
    CF_CHECK_EQ(ecb_encrypt(in, encrypted, sizeof(in), &ecb1), CRYPT_OK);
    CF_CHECK_EQ(ecb_done(&ecb1), CRYPT_OK);

    printf("Encrypted:\n");
    for (size_t i = 0; i < sizeof(encrypted); i++) {
        printf("%02X ", encrypted[i]);
    }
    printf("\n");

    CF_CHECK_EQ(ecb_start(find_cipher("tea"), key, sizeof(key), 0, &ecb2), CRYPT_OK);
    CF_CHECK_EQ(ecb_decrypt(encrypted, decrypted, sizeof(encrypted), &ecb2), CRYPT_OK);
    CF_CHECK_EQ(ecb_done(&ecb2), CRYPT_OK);

    printf("Decrypted:\n");
    for (size_t i = 0; i < sizeof(decrypted); i++) {
        printf("%02X ", decrypted[i]);
    }
    printf("\n");

end:
    return 0;
}

Version

Latest develop branch checkout, Clang, Linux 64 bit.

Additional Information

I've been testing all combinations of ciphers + modes for correctness. All operate as expected, the sole exceptions are TEA+ECB and TEA+CBC.