aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2007-11-23 08:14:24 -0500
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-10 16:16:21 -0500
commitdedcf8b0647572ca00547efef58dfab6b8dddf83 (patch)
tree88febb70f930871b46cde46848c0fc2484dc1017
parentacca79a664859e3ddaea87af86d4ccfb2e07cd65 (diff)
[CRYPTO] camellia: Move common code into camellia_setup_tail
Move "key XOR is end of F-function" code part into camellia_setup_tail(), it is sufficiently similar between camellia_setup128 and camellia_setup256. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat
-rw-r--r--crypto/camellia.c264
1 files changed, 104 insertions, 160 deletions
diff --git a/crypto/camellia.c b/crypto/camellia.c
index 0534e6b7a1aa..86af42e92916 100644
--- a/crypto/camellia.c
+++ b/crypto/camellia.c
@@ -390,10 +390,104 @@ static const u32 camellia_sp4404[256] = {
390#define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) 390#define SUBKEY_L(INDEX) (subkey[(INDEX)*2])
391#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) 391#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1])
392 392
393static void camellia_setup_tail(u32 *subkey, int max) 393static void camellia_setup_tail(u32 *subkey, u32 *subL, u32 *subR, int max)
394{ 394{
395 u32 dw; 395 u32 dw, tl, tr;
396 int i = 2; 396 int i;
397
398 /* key XOR is end of F-function */
399 SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */
400 SUBKEY_R(0) = subR[0] ^ subR[2];
401 SUBKEY_L(2) = subL[3]; /* round 1 */
402 SUBKEY_R(2) = subR[3];
403 SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */
404 SUBKEY_R(3) = subR[2] ^ subR[4];
405 SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */
406 SUBKEY_R(4) = subR[3] ^ subR[5];
407 SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */
408 SUBKEY_R(5) = subR[4] ^ subR[6];
409 SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */
410 SUBKEY_R(6) = subR[5] ^ subR[7];
411 tl = subL[10] ^ (subR[10] & ~subR[8]);
412 dw = tl & subL[8], /* FL(kl1) */
413 tr = subR[10] ^ ROL1(dw);
414 SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */
415 SUBKEY_R(7) = subR[6] ^ tr;
416 SUBKEY_L(8) = subL[8]; /* FL(kl1) */
417 SUBKEY_R(8) = subR[8];
418 SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */
419 SUBKEY_R(9) = subR[9];
420 tl = subL[7] ^ (subR[7] & ~subR[9]);
421 dw = tl & subL[9], /* FLinv(kl2) */
422 tr = subR[7] ^ ROL1(dw);
423 SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */
424 SUBKEY_R(10) = tr ^ subR[11];
425 SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */
426 SUBKEY_R(11) = subR[10] ^ subR[12];
427 SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */
428 SUBKEY_R(12) = subR[11] ^ subR[13];
429 SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */
430 SUBKEY_R(13) = subR[12] ^ subR[14];
431 SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */
432 SUBKEY_R(14) = subR[13] ^ subR[15];
433 tl = subL[18] ^ (subR[18] & ~subR[16]);
434 dw = tl & subL[16], /* FL(kl3) */
435 tr = subR[18] ^ ROL1(dw);
436 SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */
437 SUBKEY_R(15) = subR[14] ^ tr;
438 SUBKEY_L(16) = subL[16]; /* FL(kl3) */
439 SUBKEY_R(16) = subR[16];
440 SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */
441 SUBKEY_R(17) = subR[17];
442 tl = subL[15] ^ (subR[15] & ~subR[17]);
443 dw = tl & subL[17], /* FLinv(kl4) */
444 tr = subR[15] ^ ROL1(dw);
445 SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */
446 SUBKEY_R(18) = tr ^ subR[19];
447 SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */
448 SUBKEY_R(19) = subR[18] ^ subR[20];
449 SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */
450 SUBKEY_R(20) = subR[19] ^ subR[21];
451 SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */
452 SUBKEY_R(21) = subR[20] ^ subR[22];
453 SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */
454 SUBKEY_R(22) = subR[21] ^ subR[23];
455 if (max == 24) {
456 SUBKEY_L(23) = subL[22]; /* round 18 */
457 SUBKEY_R(23) = subR[22];
458 SUBKEY_L(24) = subL[24] ^ subL[23]; /* kw3 */
459 SUBKEY_R(24) = subR[24] ^ subR[23];
460 } else {
461 tl = subL[26] ^ (subR[26] & ~subR[24]);
462 dw = tl & subL[24], /* FL(kl5) */
463 tr = subR[26] ^ ROL1(dw);
464 SUBKEY_L(23) = subL[22] ^ tl; /* round 18 */
465 SUBKEY_R(23) = subR[22] ^ tr;
466 SUBKEY_L(24) = subL[24]; /* FL(kl5) */
467 SUBKEY_R(24) = subR[24];
468 SUBKEY_L(25) = subL[25]; /* FLinv(kl6) */
469 SUBKEY_R(25) = subR[25];
470 tl = subL[23] ^ (subR[23] & ~subR[25]);
471 dw = tl & subL[25], /* FLinv(kl6) */
472 tr = subR[23] ^ ROL1(dw);
473 SUBKEY_L(26) = tl ^ subL[27]; /* round 19 */
474 SUBKEY_R(26) = tr ^ subR[27];
475 SUBKEY_L(27) = subL[26] ^ subL[28]; /* round 20 */
476 SUBKEY_R(27) = subR[26] ^ subR[28];
477 SUBKEY_L(28) = subL[27] ^ subL[29]; /* round 21 */
478 SUBKEY_R(28) = subR[27] ^ subR[29];
479 SUBKEY_L(29) = subL[28] ^ subL[30]; /* round 22 */
480 SUBKEY_R(29) = subR[28] ^ subR[30];
481 SUBKEY_L(30) = subL[29] ^ subL[31]; /* round 23 */
482 SUBKEY_R(30) = subR[29] ^ subR[31];
483 SUBKEY_L(31) = subL[30]; /* round 24 */
484 SUBKEY_R(31) = subR[30];
485 SUBKEY_L(32) = subL[32] ^ subL[31]; /* kw3 */
486 SUBKEY_R(32) = subR[32] ^ subR[31];
487 }
488
489 /* apply the inverse of the last half of P-function */
490 i = 2;
397 do { 491 do {
398 dw = SUBKEY_L(i + 0) ^ SUBKEY_R(i + 0); dw = ROL8(dw);/* round 1 */ 492 dw = SUBKEY_L(i + 0) ^ SUBKEY_R(i + 0); dw = ROL8(dw);/* round 1 */
399 SUBKEY_R(i + 0) = SUBKEY_L(i + 0) ^ dw; SUBKEY_L(i + 0) = dw; 493 SUBKEY_R(i + 0) = SUBKEY_L(i + 0) ^ dw; SUBKEY_L(i + 0) = dw;
@@ -415,21 +509,19 @@ static void camellia_setup128(const unsigned char *key, u32 *subkey)
415{ 509{
416 u32 kll, klr, krl, krr; 510 u32 kll, klr, krl, krr;
417 u32 il, ir, t0, t1, w0, w1; 511 u32 il, ir, t0, t1, w0, w1;
418 u32 kw4l, kw4r, dw, tl, tr; 512 u32 kw4l, kw4r, dw;
419 u32 subL[26]; 513 u32 subL[26];
420 u32 subR[26]; 514 u32 subR[26];
421 515
422 /** 516 /**
423 * k == kll || klr || krl || krr (|| is concatination) 517 * k == kll || klr || krl || krr (|| is concatenation)
424 */ 518 */
425 GETU32(kll, key ); 519 GETU32(kll, key );
426 GETU32(klr, key + 4); 520 GETU32(klr, key + 4);
427 GETU32(krl, key + 8); 521 GETU32(krl, key + 8);
428 GETU32(krr, key + 12); 522 GETU32(krr, key + 12);
429 523
430 /** 524 /* generate KL dependent subkeys */
431 * generate KL dependent subkeys
432 */
433 /* kw1 */ 525 /* kw1 */
434 subL[0] = kll; subR[0] = klr; 526 subL[0] = kll; subR[0] = klr;
435 /* kw2 */ 527 /* kw2 */
@@ -574,70 +666,7 @@ static void camellia_setup128(const unsigned char *key, u32 *subkey)
574 /* kw1 */ 666 /* kw1 */
575 subL[0] ^= kw4l; subR[0] ^= kw4r; 667 subL[0] ^= kw4l; subR[0] ^= kw4r;
576 668
577 /* key XOR is end of F-function */ 669 camellia_setup_tail(subkey, subL, subR, 24);
578 SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */
579 SUBKEY_R(0) = subR[0] ^ subR[2];
580 SUBKEY_L(2) = subL[3]; /* round 1 */
581 SUBKEY_R(2) = subR[3];
582 SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */
583 SUBKEY_R(3) = subR[2] ^ subR[4];
584 SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */
585 SUBKEY_R(4) = subR[3] ^ subR[5];
586 SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */
587 SUBKEY_R(5) = subR[4] ^ subR[6];
588 SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */
589 SUBKEY_R(6) = subR[5] ^ subR[7];
590 tl = subL[10] ^ (subR[10] & ~subR[8]);
591 dw = tl & subL[8], /* FL(kl1) */
592 tr = subR[10] ^ ROL1(dw);
593 SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */
594 SUBKEY_R(7) = subR[6] ^ tr;
595 SUBKEY_L(8) = subL[8]; /* FL(kl1) */
596 SUBKEY_R(8) = subR[8];
597 SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */
598 SUBKEY_R(9) = subR[9];
599 tl = subL[7] ^ (subR[7] & ~subR[9]);
600 dw = tl & subL[9], /* FLinv(kl2) */
601 tr = subR[7] ^ ROL1(dw);
602 SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */
603 SUBKEY_R(10) = tr ^ subR[11];
604 SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */
605 SUBKEY_R(11) = subR[10] ^ subR[12];
606 SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */
607 SUBKEY_R(12) = subR[11] ^ subR[13];
608 SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */
609 SUBKEY_R(13) = subR[12] ^ subR[14];
610 SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */
611 SUBKEY_R(14) = subR[13] ^ subR[15];
612 tl = subL[18] ^ (subR[18] & ~subR[16]);
613 dw = tl & subL[16], /* FL(kl3) */
614 tr = subR[18] ^ ROL1(dw);
615 SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */
616 SUBKEY_R(15) = subR[14] ^ tr;
617 SUBKEY_L(16) = subL[16]; /* FL(kl3) */
618 SUBKEY_R(16) = subR[16];
619 SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */
620 SUBKEY_R(17) = subR[17];
621 tl = subL[15] ^ (subR[15] & ~subR[17]);
622 dw = tl & subL[17], /* FLinv(kl4) */
623 tr = subR[15] ^ ROL1(dw);
624 SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */
625 SUBKEY_R(18) = tr ^ subR[19];
626 SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */
627 SUBKEY_R(19) = subR[18] ^ subR[20];
628 SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */
629 SUBKEY_R(20) = subR[19] ^ subR[21];
630 SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */
631 SUBKEY_R(21) = subR[20] ^ subR[22];
632 SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */
633 SUBKEY_R(22) = subR[21] ^ subR[23];
634 SUBKEY_L(23) = subL[22]; /* round 18 */
635 SUBKEY_R(23) = subR[22];
636 SUBKEY_L(24) = subL[24] ^ subL[23]; /* kw3 */
637 SUBKEY_R(24) = subR[24] ^ subR[23];
638
639 /* apply the inverse of the last half of P-function */
640 camellia_setup_tail(subkey, 24);
641} 670}
642 671
643static void camellia_setup256(const unsigned char *key, u32 *subkey) 672static void camellia_setup256(const unsigned char *key, u32 *subkey)
@@ -645,13 +674,13 @@ static void camellia_setup256(const unsigned char *key, u32 *subkey)
645 u32 kll, klr, krl, krr; /* left half of key */ 674 u32 kll, klr, krl, krr; /* left half of key */
646 u32 krll, krlr, krrl, krrr; /* right half of key */ 675 u32 krll, krlr, krrl, krrr; /* right half of key */
647 u32 il, ir, t0, t1, w0, w1; /* temporary variables */ 676 u32 il, ir, t0, t1, w0, w1; /* temporary variables */
648 u32 kw4l, kw4r, dw, tl, tr; 677 u32 kw4l, kw4r, dw;
649 u32 subL[34]; 678 u32 subL[34];
650 u32 subR[34]; 679 u32 subR[34];
651 680
652 /** 681 /**
653 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) 682 * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
654 * (|| is concatination) 683 * (|| is concatenation)
655 */ 684 */
656 GETU32(kll, key ); 685 GETU32(kll, key );
657 GETU32(klr, key + 4); 686 GETU32(klr, key + 4);
@@ -862,92 +891,7 @@ static void camellia_setup256(const unsigned char *key, u32 *subkey)
862 /* kw1 */ 891 /* kw1 */
863 subL[0] ^= kw4l; subR[0] ^= kw4r; 892 subL[0] ^= kw4l; subR[0] ^= kw4r;
864 893
865 /* key XOR is end of F-function */ 894 camellia_setup_tail(subkey, subL, subR, 32);
866 SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */
867 SUBKEY_R(0) = subR[0] ^ subR[2];
868 SUBKEY_L(2) = subL[3]; /* round 1 */
869 SUBKEY_R(2) = subR[3];
870 SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */
871 SUBKEY_R(3) = subR[2] ^ subR[4];
872 SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */
873 SUBKEY_R(4) = subR[3] ^ subR[5];
874 SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */
875 SUBKEY_R(5) = subR[4] ^ subR[6];
876 SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */
877 SUBKEY_R(6) = subR[5] ^ subR[7];
878 tl = subL[10] ^ (subR[10] & ~subR[8]);
879 dw = tl & subL[8], /* FL(kl1) */
880 tr = subR[10] ^ ROL1(dw);
881 SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */
882 SUBKEY_R(7) = subR[6] ^ tr;
883 SUBKEY_L(8) = subL[8]; /* FL(kl1) */
884 SUBKEY_R(8) = subR[8];
885 SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */
886 SUBKEY_R(9) = subR[9];
887 tl = subL[7] ^ (subR[7] & ~subR[9]);
888 dw = tl & subL[9], /* FLinv(kl2) */
889 tr = subR[7] ^ ROL1(dw);
890 SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */
891 SUBKEY_R(10) = tr ^ subR[11];
892 SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */
893 SUBKEY_R(11) = subR[10] ^ subR[12];
894 SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */
895 SUBKEY_R(12) = subR[11] ^ subR[13];
896 SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */
897 SUBKEY_R(13) = subR[12] ^ subR[14];
898 SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */
899 SUBKEY_R(14) = subR[13] ^ subR[15];
900 tl = subL[18] ^ (subR[18] & ~subR[16]);
901 dw = tl & subL[16], /* FL(kl3) */
902 tr = subR[18] ^ ROL1(dw);
903 SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */
904 SUBKEY_R(15) = subR[14] ^ tr;
905 SUBKEY_L(16) = subL[16]; /* FL(kl3) */
906 SUBKEY_R(16) = subR[16];
907 SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */
908 SUBKEY_R(17) = subR[17];
909 tl = subL[15] ^ (subR[15] & ~subR[17]);
910 dw = tl & subL[17], /* FLinv(kl4) */
911 tr = subR[15] ^ ROL1(dw);
912 SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */
913 SUBKEY_R(18) = tr ^ subR[19];
914 SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */
915 SUBKEY_R(19) = subR[18] ^ subR[20];
916 SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */
917 SUBKEY_R(20) = subR[19] ^ subR[21];
918 SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */
919 SUBKEY_R(21) = subR[20] ^ subR[22];
920 SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */
921 SUBKEY_R(22) = subR[21] ^ subR[23];
922 tl = subL[26] ^ (subR[26] & ~subR[24]);
923 dw = tl & subL[24], /* FL(kl5) */
924 tr = subR[26] ^ ROL1(dw);
925 SUBKEY_L(23) = subL[22] ^ tl; /* round 18 */
926 SUBKEY_R(23) = subR[22] ^ tr;
927 SUBKEY_L(24) = subL[24]; /* FL(kl5) */
928 SUBKEY_R(24) = subR[24];
929 SUBKEY_L(25) = subL[25]; /* FLinv(kl6) */
930 SUBKEY_R(25) = subR[25];
931 tl = subL[23] ^ (subR[23] & ~subR[25]);
932 dw = tl & subL[25], /* FLinv(kl6) */
933 tr = subR[23] ^ ROL1(dw);
934 SUBKEY_L(26) = tl ^ subL[27]; /* round 19 */
935 SUBKEY_R(26) = tr ^ subR[27];
936 SUBKEY_L(27) = subL[26] ^ subL[28]; /* round 20 */
937 SUBKEY_R(27) = subR[26] ^ subR[28];
938 SUBKEY_L(28) = subL[27] ^ subL[29]; /* round 21 */
939 SUBKEY_R(28) = subR[27] ^ subR[29];
940 SUBKEY_L(29) = subL[28] ^ subL[30]; /* round 22 */
941 SUBKEY_R(29) = subR[28] ^ subR[30];
942 SUBKEY_L(30) = subL[29] ^ subL[31]; /* round 23 */
943 SUBKEY_R(30) = subR[29] ^ subR[31];
944 SUBKEY_L(31) = subL[30]; /* round 24 */
945 SUBKEY_R(31) = subR[30];
946 SUBKEY_L(32) = subL[32] ^ subL[31]; /* kw3 */
947 SUBKEY_R(32) = subR[32] ^ subR[31];
948
949 /* apply the inverse of the last half of P-function */
950 camellia_setup_tail(subkey, 32);
951} 895}
952 896
953static void camellia_setup192(const unsigned char *key, u32 *subkey) 897static void camellia_setup192(const unsigned char *key, u32 *subkey)
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-11 15:49:42 -0500