diff options
Diffstat (limited to 'crypto/camellia.c')
-rw-r--r-- | crypto/camellia.c | 269 |
1 files changed, 135 insertions, 134 deletions
diff --git a/crypto/camellia.c b/crypto/camellia.c index 2e129ab1a6a2..9b1f068e45cc 100644 --- a/crypto/camellia.c +++ b/crypto/camellia.c | |||
@@ -310,6 +310,12 @@ static const u32 camellia_sp4404[256] = { | |||
310 | #define CAMELLIA_BLOCK_SIZE 16 | 310 | #define CAMELLIA_BLOCK_SIZE 16 |
311 | #define CAMELLIA_TABLE_BYTE_LEN 272 | 311 | #define CAMELLIA_TABLE_BYTE_LEN 272 |
312 | 312 | ||
313 | /* | ||
314 | * NB: L and R below stand for 'left' and 'right' as in written numbers. | ||
315 | * That is, in (xxxL,xxxR) pair xxxL holds most significant digits, | ||
316 | * _not_ least significant ones! | ||
317 | */ | ||
318 | |||
313 | 319 | ||
314 | /* key constants */ | 320 | /* key constants */ |
315 | 321 | ||
@@ -329,8 +335,7 @@ static const u32 camellia_sp4404[256] = { | |||
329 | /* | 335 | /* |
330 | * macros | 336 | * macros |
331 | */ | 337 | */ |
332 | 338 | #define GETU32(v, pt) \ | |
333 | # define GETU32(v, pt) \ | ||
334 | do { \ | 339 | do { \ |
335 | /* latest breed of gcc is clever enough to use move */ \ | 340 | /* latest breed of gcc is clever enough to use move */ \ |
336 | memcpy(&(v), (pt), 4); \ | 341 | memcpy(&(v), (pt), 4); \ |
@@ -363,64 +368,25 @@ static const u32 camellia_sp4404[256] = { | |||
363 | rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ | 368 | rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ |
364 | } while(0) | 369 | } while(0) |
365 | 370 | ||
366 | |||
367 | #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ | 371 | #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ |
368 | do { \ | 372 | do { \ |
369 | il = xl ^ kl; \ | 373 | il = xl ^ kl; \ |
370 | ir = xr ^ kr; \ | 374 | ir = xr ^ kr; \ |
371 | t0 = il >> 16; \ | 375 | t0 = il >> 16; \ |
372 | t1 = ir >> 16; \ | 376 | t1 = ir >> 16; \ |
373 | yl = camellia_sp1110[ir & 0xff] \ | 377 | yl = camellia_sp1110[(u8)(ir )] \ |
374 | ^ camellia_sp0222[(t1 >> 8) & 0xff] \ | 378 | ^ camellia_sp0222[ (t1 >> 8)] \ |
375 | ^ camellia_sp3033[t1 & 0xff] \ | 379 | ^ camellia_sp3033[(u8)(t1 )] \ |
376 | ^ camellia_sp4404[(ir >> 8) & 0xff]; \ | 380 | ^ camellia_sp4404[(u8)(ir >> 8)]; \ |
377 | yr = camellia_sp1110[(t0 >> 8) & 0xff] \ | 381 | yr = camellia_sp1110[ (t0 >> 8)] \ |
378 | ^ camellia_sp0222[t0 & 0xff] \ | 382 | ^ camellia_sp0222[(u8)(t0 )] \ |
379 | ^ camellia_sp3033[(il >> 8) & 0xff] \ | 383 | ^ camellia_sp3033[(u8)(il >> 8)] \ |
380 | ^ camellia_sp4404[il & 0xff]; \ | 384 | ^ camellia_sp4404[(u8)(il )]; \ |
381 | yl ^= yr; \ | 385 | yl ^= yr; \ |
382 | yr = ROR8(yr); \ | 386 | yr = ROR8(yr); \ |
383 | yr ^= yl; \ | 387 | yr ^= yl; \ |
384 | } while(0) | 388 | } while(0) |
385 | 389 | ||
386 | |||
387 | /* | ||
388 | * for speed up | ||
389 | * | ||
390 | */ | ||
391 | #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ | ||
392 | do { \ | ||
393 | t0 = kll; \ | ||
394 | t2 = krr; \ | ||
395 | t0 &= ll; \ | ||
396 | t2 |= rr; \ | ||
397 | rl ^= t2; \ | ||
398 | lr ^= ROL1(t0); \ | ||
399 | t3 = krl; \ | ||
400 | t1 = klr; \ | ||
401 | t3 &= rl; \ | ||
402 | t1 |= lr; \ | ||
403 | ll ^= t1; \ | ||
404 | rr ^= ROL1(t3); \ | ||
405 | } while(0) | ||
406 | |||
407 | #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ | ||
408 | do { \ | ||
409 | ir = camellia_sp1110[xr & 0xff]; \ | ||
410 | il = camellia_sp1110[(xl>>24) & 0xff]; \ | ||
411 | ir ^= camellia_sp0222[(xr>>24) & 0xff]; \ | ||
412 | il ^= camellia_sp0222[(xl>>16) & 0xff]; \ | ||
413 | ir ^= camellia_sp3033[(xr>>16) & 0xff]; \ | ||
414 | il ^= camellia_sp3033[(xl>>8) & 0xff]; \ | ||
415 | ir ^= camellia_sp4404[(xr>>8) & 0xff]; \ | ||
416 | il ^= camellia_sp4404[xl & 0xff]; \ | ||
417 | il ^= kl; \ | ||
418 | ir ^= il ^ kr; \ | ||
419 | yl ^= ir; \ | ||
420 | yr ^= ROR8(il) ^ ir; \ | ||
421 | } while(0) | ||
422 | |||
423 | |||
424 | #define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) | 390 | #define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) |
425 | #define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) | 391 | #define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) |
426 | 392 | ||
@@ -1000,6 +966,41 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey) | |||
1000 | } | 966 | } |
1001 | 967 | ||
1002 | 968 | ||
969 | /* | ||
970 | * Encrypt/decrypt | ||
971 | */ | ||
972 | #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ | ||
973 | do { \ | ||
974 | t0 = kll; \ | ||
975 | t2 = krr; \ | ||
976 | t0 &= ll; \ | ||
977 | t2 |= rr; \ | ||
978 | rl ^= t2; \ | ||
979 | lr ^= ROL1(t0); \ | ||
980 | t3 = krl; \ | ||
981 | t1 = klr; \ | ||
982 | t3 &= rl; \ | ||
983 | t1 |= lr; \ | ||
984 | ll ^= t1; \ | ||
985 | rr ^= ROL1(t3); \ | ||
986 | } while(0) | ||
987 | |||
988 | #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \ | ||
989 | do { \ | ||
990 | ir = camellia_sp1110[(u8)xr]; \ | ||
991 | il = camellia_sp1110[ (xl >> 24)]; \ | ||
992 | ir ^= camellia_sp0222[ (xr >> 24)]; \ | ||
993 | il ^= camellia_sp0222[(u8)(xl >> 16)]; \ | ||
994 | ir ^= camellia_sp3033[(u8)(xr >> 16)]; \ | ||
995 | il ^= camellia_sp3033[(u8)(xl >> 8)]; \ | ||
996 | ir ^= camellia_sp4404[(u8)(xr >> 8)]; \ | ||
997 | il ^= camellia_sp4404[(u8)xl]; \ | ||
998 | il ^= kl; \ | ||
999 | ir ^= il ^ kr; \ | ||
1000 | yl ^= ir; \ | ||
1001 | yr ^= ROR8(il) ^ ir; \ | ||
1002 | } while(0) | ||
1003 | |||
1003 | static void camellia_encrypt128(const u32 *subkey, u32 *io_text) | 1004 | static void camellia_encrypt128(const u32 *subkey, u32 *io_text) |
1004 | { | 1005 | { |
1005 | u32 il,ir,t0,t1; /* temporary variables */ | 1006 | u32 il,ir,t0,t1; /* temporary variables */ |
@@ -1015,22 +1016,22 @@ static void camellia_encrypt128(const u32 *subkey, u32 *io_text) | |||
1015 | /* main iteration */ | 1016 | /* main iteration */ |
1016 | CAMELLIA_ROUNDSM(io[0],io[1], | 1017 | CAMELLIA_ROUNDSM(io[0],io[1], |
1017 | SUBKEY_L(2),SUBKEY_R(2), | 1018 | SUBKEY_L(2),SUBKEY_R(2), |
1018 | io[2],io[3],il,ir,t0,t1); | 1019 | io[2],io[3],il,ir); |
1019 | CAMELLIA_ROUNDSM(io[2],io[3], | 1020 | CAMELLIA_ROUNDSM(io[2],io[3], |
1020 | SUBKEY_L(3),SUBKEY_R(3), | 1021 | SUBKEY_L(3),SUBKEY_R(3), |
1021 | io[0],io[1],il,ir,t0,t1); | 1022 | io[0],io[1],il,ir); |
1022 | CAMELLIA_ROUNDSM(io[0],io[1], | 1023 | CAMELLIA_ROUNDSM(io[0],io[1], |
1023 | SUBKEY_L(4),SUBKEY_R(4), | 1024 | SUBKEY_L(4),SUBKEY_R(4), |
1024 | io[2],io[3],il,ir,t0,t1); | 1025 | io[2],io[3],il,ir); |
1025 | CAMELLIA_ROUNDSM(io[2],io[3], | 1026 | CAMELLIA_ROUNDSM(io[2],io[3], |
1026 | SUBKEY_L(5),SUBKEY_R(5), | 1027 | SUBKEY_L(5),SUBKEY_R(5), |
1027 | io[0],io[1],il,ir,t0,t1); | 1028 | io[0],io[1],il,ir); |
1028 | CAMELLIA_ROUNDSM(io[0],io[1], | 1029 | CAMELLIA_ROUNDSM(io[0],io[1], |
1029 | SUBKEY_L(6),SUBKEY_R(6), | 1030 | SUBKEY_L(6),SUBKEY_R(6), |
1030 | io[2],io[3],il,ir,t0,t1); | 1031 | io[2],io[3],il,ir); |
1031 | CAMELLIA_ROUNDSM(io[2],io[3], | 1032 | CAMELLIA_ROUNDSM(io[2],io[3], |
1032 | SUBKEY_L(7),SUBKEY_R(7), | 1033 | SUBKEY_L(7),SUBKEY_R(7), |
1033 | io[0],io[1],il,ir,t0,t1); | 1034 | io[0],io[1],il,ir); |
1034 | 1035 | ||
1035 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1036 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1036 | SUBKEY_L(8),SUBKEY_R(8), | 1037 | SUBKEY_L(8),SUBKEY_R(8), |
@@ -1039,22 +1040,22 @@ static void camellia_encrypt128(const u32 *subkey, u32 *io_text) | |||
1039 | 1040 | ||
1040 | CAMELLIA_ROUNDSM(io[0],io[1], | 1041 | CAMELLIA_ROUNDSM(io[0],io[1], |
1041 | SUBKEY_L(10),SUBKEY_R(10), | 1042 | SUBKEY_L(10),SUBKEY_R(10), |
1042 | io[2],io[3],il,ir,t0,t1); | 1043 | io[2],io[3],il,ir); |
1043 | CAMELLIA_ROUNDSM(io[2],io[3], | 1044 | CAMELLIA_ROUNDSM(io[2],io[3], |
1044 | SUBKEY_L(11),SUBKEY_R(11), | 1045 | SUBKEY_L(11),SUBKEY_R(11), |
1045 | io[0],io[1],il,ir,t0,t1); | 1046 | io[0],io[1],il,ir); |
1046 | CAMELLIA_ROUNDSM(io[0],io[1], | 1047 | CAMELLIA_ROUNDSM(io[0],io[1], |
1047 | SUBKEY_L(12),SUBKEY_R(12), | 1048 | SUBKEY_L(12),SUBKEY_R(12), |
1048 | io[2],io[3],il,ir,t0,t1); | 1049 | io[2],io[3],il,ir); |
1049 | CAMELLIA_ROUNDSM(io[2],io[3], | 1050 | CAMELLIA_ROUNDSM(io[2],io[3], |
1050 | SUBKEY_L(13),SUBKEY_R(13), | 1051 | SUBKEY_L(13),SUBKEY_R(13), |
1051 | io[0],io[1],il,ir,t0,t1); | 1052 | io[0],io[1],il,ir); |
1052 | CAMELLIA_ROUNDSM(io[0],io[1], | 1053 | CAMELLIA_ROUNDSM(io[0],io[1], |
1053 | SUBKEY_L(14),SUBKEY_R(14), | 1054 | SUBKEY_L(14),SUBKEY_R(14), |
1054 | io[2],io[3],il,ir,t0,t1); | 1055 | io[2],io[3],il,ir); |
1055 | CAMELLIA_ROUNDSM(io[2],io[3], | 1056 | CAMELLIA_ROUNDSM(io[2],io[3], |
1056 | SUBKEY_L(15),SUBKEY_R(15), | 1057 | SUBKEY_L(15),SUBKEY_R(15), |
1057 | io[0],io[1],il,ir,t0,t1); | 1058 | io[0],io[1],il,ir); |
1058 | 1059 | ||
1059 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1060 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1060 | SUBKEY_L(16),SUBKEY_R(16), | 1061 | SUBKEY_L(16),SUBKEY_R(16), |
@@ -1063,22 +1064,22 @@ static void camellia_encrypt128(const u32 *subkey, u32 *io_text) | |||
1063 | 1064 | ||
1064 | CAMELLIA_ROUNDSM(io[0],io[1], | 1065 | CAMELLIA_ROUNDSM(io[0],io[1], |
1065 | SUBKEY_L(18),SUBKEY_R(18), | 1066 | SUBKEY_L(18),SUBKEY_R(18), |
1066 | io[2],io[3],il,ir,t0,t1); | 1067 | io[2],io[3],il,ir); |
1067 | CAMELLIA_ROUNDSM(io[2],io[3], | 1068 | CAMELLIA_ROUNDSM(io[2],io[3], |
1068 | SUBKEY_L(19),SUBKEY_R(19), | 1069 | SUBKEY_L(19),SUBKEY_R(19), |
1069 | io[0],io[1],il,ir,t0,t1); | 1070 | io[0],io[1],il,ir); |
1070 | CAMELLIA_ROUNDSM(io[0],io[1], | 1071 | CAMELLIA_ROUNDSM(io[0],io[1], |
1071 | SUBKEY_L(20),SUBKEY_R(20), | 1072 | SUBKEY_L(20),SUBKEY_R(20), |
1072 | io[2],io[3],il,ir,t0,t1); | 1073 | io[2],io[3],il,ir); |
1073 | CAMELLIA_ROUNDSM(io[2],io[3], | 1074 | CAMELLIA_ROUNDSM(io[2],io[3], |
1074 | SUBKEY_L(21),SUBKEY_R(21), | 1075 | SUBKEY_L(21),SUBKEY_R(21), |
1075 | io[0],io[1],il,ir,t0,t1); | 1076 | io[0],io[1],il,ir); |
1076 | CAMELLIA_ROUNDSM(io[0],io[1], | 1077 | CAMELLIA_ROUNDSM(io[0],io[1], |
1077 | SUBKEY_L(22),SUBKEY_R(22), | 1078 | SUBKEY_L(22),SUBKEY_R(22), |
1078 | io[2],io[3],il,ir,t0,t1); | 1079 | io[2],io[3],il,ir); |
1079 | CAMELLIA_ROUNDSM(io[2],io[3], | 1080 | CAMELLIA_ROUNDSM(io[2],io[3], |
1080 | SUBKEY_L(23),SUBKEY_R(23), | 1081 | SUBKEY_L(23),SUBKEY_R(23), |
1081 | io[0],io[1],il,ir,t0,t1); | 1082 | io[0],io[1],il,ir); |
1082 | 1083 | ||
1083 | /* post whitening but kw4 */ | 1084 | /* post whitening but kw4 */ |
1084 | io_text[0] = io[2] ^ SUBKEY_L(24); | 1085 | io_text[0] = io[2] ^ SUBKEY_L(24); |
@@ -1102,22 +1103,22 @@ static void camellia_decrypt128(const u32 *subkey, u32 *io_text) | |||
1102 | /* main iteration */ | 1103 | /* main iteration */ |
1103 | CAMELLIA_ROUNDSM(io[0],io[1], | 1104 | CAMELLIA_ROUNDSM(io[0],io[1], |
1104 | SUBKEY_L(23),SUBKEY_R(23), | 1105 | SUBKEY_L(23),SUBKEY_R(23), |
1105 | io[2],io[3],il,ir,t0,t1); | 1106 | io[2],io[3],il,ir); |
1106 | CAMELLIA_ROUNDSM(io[2],io[3], | 1107 | CAMELLIA_ROUNDSM(io[2],io[3], |
1107 | SUBKEY_L(22),SUBKEY_R(22), | 1108 | SUBKEY_L(22),SUBKEY_R(22), |
1108 | io[0],io[1],il,ir,t0,t1); | 1109 | io[0],io[1],il,ir); |
1109 | CAMELLIA_ROUNDSM(io[0],io[1], | 1110 | CAMELLIA_ROUNDSM(io[0],io[1], |
1110 | SUBKEY_L(21),SUBKEY_R(21), | 1111 | SUBKEY_L(21),SUBKEY_R(21), |
1111 | io[2],io[3],il,ir,t0,t1); | 1112 | io[2],io[3],il,ir); |
1112 | CAMELLIA_ROUNDSM(io[2],io[3], | 1113 | CAMELLIA_ROUNDSM(io[2],io[3], |
1113 | SUBKEY_L(20),SUBKEY_R(20), | 1114 | SUBKEY_L(20),SUBKEY_R(20), |
1114 | io[0],io[1],il,ir,t0,t1); | 1115 | io[0],io[1],il,ir); |
1115 | CAMELLIA_ROUNDSM(io[0],io[1], | 1116 | CAMELLIA_ROUNDSM(io[0],io[1], |
1116 | SUBKEY_L(19),SUBKEY_R(19), | 1117 | SUBKEY_L(19),SUBKEY_R(19), |
1117 | io[2],io[3],il,ir,t0,t1); | 1118 | io[2],io[3],il,ir); |
1118 | CAMELLIA_ROUNDSM(io[2],io[3], | 1119 | CAMELLIA_ROUNDSM(io[2],io[3], |
1119 | SUBKEY_L(18),SUBKEY_R(18), | 1120 | SUBKEY_L(18),SUBKEY_R(18), |
1120 | io[0],io[1],il,ir,t0,t1); | 1121 | io[0],io[1],il,ir); |
1121 | 1122 | ||
1122 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1123 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1123 | SUBKEY_L(17),SUBKEY_R(17), | 1124 | SUBKEY_L(17),SUBKEY_R(17), |
@@ -1126,22 +1127,22 @@ static void camellia_decrypt128(const u32 *subkey, u32 *io_text) | |||
1126 | 1127 | ||
1127 | CAMELLIA_ROUNDSM(io[0],io[1], | 1128 | CAMELLIA_ROUNDSM(io[0],io[1], |
1128 | SUBKEY_L(15),SUBKEY_R(15), | 1129 | SUBKEY_L(15),SUBKEY_R(15), |
1129 | io[2],io[3],il,ir,t0,t1); | 1130 | io[2],io[3],il,ir); |
1130 | CAMELLIA_ROUNDSM(io[2],io[3], | 1131 | CAMELLIA_ROUNDSM(io[2],io[3], |
1131 | SUBKEY_L(14),SUBKEY_R(14), | 1132 | SUBKEY_L(14),SUBKEY_R(14), |
1132 | io[0],io[1],il,ir,t0,t1); | 1133 | io[0],io[1],il,ir); |
1133 | CAMELLIA_ROUNDSM(io[0],io[1], | 1134 | CAMELLIA_ROUNDSM(io[0],io[1], |
1134 | SUBKEY_L(13),SUBKEY_R(13), | 1135 | SUBKEY_L(13),SUBKEY_R(13), |
1135 | io[2],io[3],il,ir,t0,t1); | 1136 | io[2],io[3],il,ir); |
1136 | CAMELLIA_ROUNDSM(io[2],io[3], | 1137 | CAMELLIA_ROUNDSM(io[2],io[3], |
1137 | SUBKEY_L(12),SUBKEY_R(12), | 1138 | SUBKEY_L(12),SUBKEY_R(12), |
1138 | io[0],io[1],il,ir,t0,t1); | 1139 | io[0],io[1],il,ir); |
1139 | CAMELLIA_ROUNDSM(io[0],io[1], | 1140 | CAMELLIA_ROUNDSM(io[0],io[1], |
1140 | SUBKEY_L(11),SUBKEY_R(11), | 1141 | SUBKEY_L(11),SUBKEY_R(11), |
1141 | io[2],io[3],il,ir,t0,t1); | 1142 | io[2],io[3],il,ir); |
1142 | CAMELLIA_ROUNDSM(io[2],io[3], | 1143 | CAMELLIA_ROUNDSM(io[2],io[3], |
1143 | SUBKEY_L(10),SUBKEY_R(10), | 1144 | SUBKEY_L(10),SUBKEY_R(10), |
1144 | io[0],io[1],il,ir,t0,t1); | 1145 | io[0],io[1],il,ir); |
1145 | 1146 | ||
1146 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1147 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1147 | SUBKEY_L(9),SUBKEY_R(9), | 1148 | SUBKEY_L(9),SUBKEY_R(9), |
@@ -1150,22 +1151,22 @@ static void camellia_decrypt128(const u32 *subkey, u32 *io_text) | |||
1150 | 1151 | ||
1151 | CAMELLIA_ROUNDSM(io[0],io[1], | 1152 | CAMELLIA_ROUNDSM(io[0],io[1], |
1152 | SUBKEY_L(7),SUBKEY_R(7), | 1153 | SUBKEY_L(7),SUBKEY_R(7), |
1153 | io[2],io[3],il,ir,t0,t1); | 1154 | io[2],io[3],il,ir); |
1154 | CAMELLIA_ROUNDSM(io[2],io[3], | 1155 | CAMELLIA_ROUNDSM(io[2],io[3], |
1155 | SUBKEY_L(6),SUBKEY_R(6), | 1156 | SUBKEY_L(6),SUBKEY_R(6), |
1156 | io[0],io[1],il,ir,t0,t1); | 1157 | io[0],io[1],il,ir); |
1157 | CAMELLIA_ROUNDSM(io[0],io[1], | 1158 | CAMELLIA_ROUNDSM(io[0],io[1], |
1158 | SUBKEY_L(5),SUBKEY_R(5), | 1159 | SUBKEY_L(5),SUBKEY_R(5), |
1159 | io[2],io[3],il,ir,t0,t1); | 1160 | io[2],io[3],il,ir); |
1160 | CAMELLIA_ROUNDSM(io[2],io[3], | 1161 | CAMELLIA_ROUNDSM(io[2],io[3], |
1161 | SUBKEY_L(4),SUBKEY_R(4), | 1162 | SUBKEY_L(4),SUBKEY_R(4), |
1162 | io[0],io[1],il,ir,t0,t1); | 1163 | io[0],io[1],il,ir); |
1163 | CAMELLIA_ROUNDSM(io[0],io[1], | 1164 | CAMELLIA_ROUNDSM(io[0],io[1], |
1164 | SUBKEY_L(3),SUBKEY_R(3), | 1165 | SUBKEY_L(3),SUBKEY_R(3), |
1165 | io[2],io[3],il,ir,t0,t1); | 1166 | io[2],io[3],il,ir); |
1166 | CAMELLIA_ROUNDSM(io[2],io[3], | 1167 | CAMELLIA_ROUNDSM(io[2],io[3], |
1167 | SUBKEY_L(2),SUBKEY_R(2), | 1168 | SUBKEY_L(2),SUBKEY_R(2), |
1168 | io[0],io[1],il,ir,t0,t1); | 1169 | io[0],io[1],il,ir); |
1169 | 1170 | ||
1170 | /* post whitening but kw4 */ | 1171 | /* post whitening but kw4 */ |
1171 | io_text[0] = io[2] ^ SUBKEY_L(0); | 1172 | io_text[0] = io[2] ^ SUBKEY_L(0); |
@@ -1189,22 +1190,22 @@ static void camellia_encrypt256(const u32 *subkey, u32 *io_text) | |||
1189 | /* main iteration */ | 1190 | /* main iteration */ |
1190 | CAMELLIA_ROUNDSM(io[0],io[1], | 1191 | CAMELLIA_ROUNDSM(io[0],io[1], |
1191 | SUBKEY_L(2),SUBKEY_R(2), | 1192 | SUBKEY_L(2),SUBKEY_R(2), |
1192 | io[2],io[3],il,ir,t0,t1); | 1193 | io[2],io[3],il,ir); |
1193 | CAMELLIA_ROUNDSM(io[2],io[3], | 1194 | CAMELLIA_ROUNDSM(io[2],io[3], |
1194 | SUBKEY_L(3),SUBKEY_R(3), | 1195 | SUBKEY_L(3),SUBKEY_R(3), |
1195 | io[0],io[1],il,ir,t0,t1); | 1196 | io[0],io[1],il,ir); |
1196 | CAMELLIA_ROUNDSM(io[0],io[1], | 1197 | CAMELLIA_ROUNDSM(io[0],io[1], |
1197 | SUBKEY_L(4),SUBKEY_R(4), | 1198 | SUBKEY_L(4),SUBKEY_R(4), |
1198 | io[2],io[3],il,ir,t0,t1); | 1199 | io[2],io[3],il,ir); |
1199 | CAMELLIA_ROUNDSM(io[2],io[3], | 1200 | CAMELLIA_ROUNDSM(io[2],io[3], |
1200 | SUBKEY_L(5),SUBKEY_R(5), | 1201 | SUBKEY_L(5),SUBKEY_R(5), |
1201 | io[0],io[1],il,ir,t0,t1); | 1202 | io[0],io[1],il,ir); |
1202 | CAMELLIA_ROUNDSM(io[0],io[1], | 1203 | CAMELLIA_ROUNDSM(io[0],io[1], |
1203 | SUBKEY_L(6),SUBKEY_R(6), | 1204 | SUBKEY_L(6),SUBKEY_R(6), |
1204 | io[2],io[3],il,ir,t0,t1); | 1205 | io[2],io[3],il,ir); |
1205 | CAMELLIA_ROUNDSM(io[2],io[3], | 1206 | CAMELLIA_ROUNDSM(io[2],io[3], |
1206 | SUBKEY_L(7),SUBKEY_R(7), | 1207 | SUBKEY_L(7),SUBKEY_R(7), |
1207 | io[0],io[1],il,ir,t0,t1); | 1208 | io[0],io[1],il,ir); |
1208 | 1209 | ||
1209 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1210 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1210 | SUBKEY_L(8),SUBKEY_R(8), | 1211 | SUBKEY_L(8),SUBKEY_R(8), |
@@ -1213,22 +1214,22 @@ static void camellia_encrypt256(const u32 *subkey, u32 *io_text) | |||
1213 | 1214 | ||
1214 | CAMELLIA_ROUNDSM(io[0],io[1], | 1215 | CAMELLIA_ROUNDSM(io[0],io[1], |
1215 | SUBKEY_L(10),SUBKEY_R(10), | 1216 | SUBKEY_L(10),SUBKEY_R(10), |
1216 | io[2],io[3],il,ir,t0,t1); | 1217 | io[2],io[3],il,ir); |
1217 | CAMELLIA_ROUNDSM(io[2],io[3], | 1218 | CAMELLIA_ROUNDSM(io[2],io[3], |
1218 | SUBKEY_L(11),SUBKEY_R(11), | 1219 | SUBKEY_L(11),SUBKEY_R(11), |
1219 | io[0],io[1],il,ir,t0,t1); | 1220 | io[0],io[1],il,ir); |
1220 | CAMELLIA_ROUNDSM(io[0],io[1], | 1221 | CAMELLIA_ROUNDSM(io[0],io[1], |
1221 | SUBKEY_L(12),SUBKEY_R(12), | 1222 | SUBKEY_L(12),SUBKEY_R(12), |
1222 | io[2],io[3],il,ir,t0,t1); | 1223 | io[2],io[3],il,ir); |
1223 | CAMELLIA_ROUNDSM(io[2],io[3], | 1224 | CAMELLIA_ROUNDSM(io[2],io[3], |
1224 | SUBKEY_L(13),SUBKEY_R(13), | 1225 | SUBKEY_L(13),SUBKEY_R(13), |
1225 | io[0],io[1],il,ir,t0,t1); | 1226 | io[0],io[1],il,ir); |
1226 | CAMELLIA_ROUNDSM(io[0],io[1], | 1227 | CAMELLIA_ROUNDSM(io[0],io[1], |
1227 | SUBKEY_L(14),SUBKEY_R(14), | 1228 | SUBKEY_L(14),SUBKEY_R(14), |
1228 | io[2],io[3],il,ir,t0,t1); | 1229 | io[2],io[3],il,ir); |
1229 | CAMELLIA_ROUNDSM(io[2],io[3], | 1230 | CAMELLIA_ROUNDSM(io[2],io[3], |
1230 | SUBKEY_L(15),SUBKEY_R(15), | 1231 | SUBKEY_L(15),SUBKEY_R(15), |
1231 | io[0],io[1],il,ir,t0,t1); | 1232 | io[0],io[1],il,ir); |
1232 | 1233 | ||
1233 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1234 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1234 | SUBKEY_L(16),SUBKEY_R(16), | 1235 | SUBKEY_L(16),SUBKEY_R(16), |
@@ -1237,22 +1238,22 @@ static void camellia_encrypt256(const u32 *subkey, u32 *io_text) | |||
1237 | 1238 | ||
1238 | CAMELLIA_ROUNDSM(io[0],io[1], | 1239 | CAMELLIA_ROUNDSM(io[0],io[1], |
1239 | SUBKEY_L(18),SUBKEY_R(18), | 1240 | SUBKEY_L(18),SUBKEY_R(18), |
1240 | io[2],io[3],il,ir,t0,t1); | 1241 | io[2],io[3],il,ir); |
1241 | CAMELLIA_ROUNDSM(io[2],io[3], | 1242 | CAMELLIA_ROUNDSM(io[2],io[3], |
1242 | SUBKEY_L(19),SUBKEY_R(19), | 1243 | SUBKEY_L(19),SUBKEY_R(19), |
1243 | io[0],io[1],il,ir,t0,t1); | 1244 | io[0],io[1],il,ir); |
1244 | CAMELLIA_ROUNDSM(io[0],io[1], | 1245 | CAMELLIA_ROUNDSM(io[0],io[1], |
1245 | SUBKEY_L(20),SUBKEY_R(20), | 1246 | SUBKEY_L(20),SUBKEY_R(20), |
1246 | io[2],io[3],il,ir,t0,t1); | 1247 | io[2],io[3],il,ir); |
1247 | CAMELLIA_ROUNDSM(io[2],io[3], | 1248 | CAMELLIA_ROUNDSM(io[2],io[3], |
1248 | SUBKEY_L(21),SUBKEY_R(21), | 1249 | SUBKEY_L(21),SUBKEY_R(21), |
1249 | io[0],io[1],il,ir,t0,t1); | 1250 | io[0],io[1],il,ir); |
1250 | CAMELLIA_ROUNDSM(io[0],io[1], | 1251 | CAMELLIA_ROUNDSM(io[0],io[1], |
1251 | SUBKEY_L(22),SUBKEY_R(22), | 1252 | SUBKEY_L(22),SUBKEY_R(22), |
1252 | io[2],io[3],il,ir,t0,t1); | 1253 | io[2],io[3],il,ir); |
1253 | CAMELLIA_ROUNDSM(io[2],io[3], | 1254 | CAMELLIA_ROUNDSM(io[2],io[3], |
1254 | SUBKEY_L(23),SUBKEY_R(23), | 1255 | SUBKEY_L(23),SUBKEY_R(23), |
1255 | io[0],io[1],il,ir,t0,t1); | 1256 | io[0],io[1],il,ir); |
1256 | 1257 | ||
1257 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1258 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1258 | SUBKEY_L(24),SUBKEY_R(24), | 1259 | SUBKEY_L(24),SUBKEY_R(24), |
@@ -1261,22 +1262,22 @@ static void camellia_encrypt256(const u32 *subkey, u32 *io_text) | |||
1261 | 1262 | ||
1262 | CAMELLIA_ROUNDSM(io[0],io[1], | 1263 | CAMELLIA_ROUNDSM(io[0],io[1], |
1263 | SUBKEY_L(26),SUBKEY_R(26), | 1264 | SUBKEY_L(26),SUBKEY_R(26), |
1264 | io[2],io[3],il,ir,t0,t1); | 1265 | io[2],io[3],il,ir); |
1265 | CAMELLIA_ROUNDSM(io[2],io[3], | 1266 | CAMELLIA_ROUNDSM(io[2],io[3], |
1266 | SUBKEY_L(27),SUBKEY_R(27), | 1267 | SUBKEY_L(27),SUBKEY_R(27), |
1267 | io[0],io[1],il,ir,t0,t1); | 1268 | io[0],io[1],il,ir); |
1268 | CAMELLIA_ROUNDSM(io[0],io[1], | 1269 | CAMELLIA_ROUNDSM(io[0],io[1], |
1269 | SUBKEY_L(28),SUBKEY_R(28), | 1270 | SUBKEY_L(28),SUBKEY_R(28), |
1270 | io[2],io[3],il,ir,t0,t1); | 1271 | io[2],io[3],il,ir); |
1271 | CAMELLIA_ROUNDSM(io[2],io[3], | 1272 | CAMELLIA_ROUNDSM(io[2],io[3], |
1272 | SUBKEY_L(29),SUBKEY_R(29), | 1273 | SUBKEY_L(29),SUBKEY_R(29), |
1273 | io[0],io[1],il,ir,t0,t1); | 1274 | io[0],io[1],il,ir); |
1274 | CAMELLIA_ROUNDSM(io[0],io[1], | 1275 | CAMELLIA_ROUNDSM(io[0],io[1], |
1275 | SUBKEY_L(30),SUBKEY_R(30), | 1276 | SUBKEY_L(30),SUBKEY_R(30), |
1276 | io[2],io[3],il,ir,t0,t1); | 1277 | io[2],io[3],il,ir); |
1277 | CAMELLIA_ROUNDSM(io[2],io[3], | 1278 | CAMELLIA_ROUNDSM(io[2],io[3], |
1278 | SUBKEY_L(31),SUBKEY_R(31), | 1279 | SUBKEY_L(31),SUBKEY_R(31), |
1279 | io[0],io[1],il,ir,t0,t1); | 1280 | io[0],io[1],il,ir); |
1280 | 1281 | ||
1281 | /* post whitening but kw4 */ | 1282 | /* post whitening but kw4 */ |
1282 | io_text[0] = io[2] ^ SUBKEY_L(32); | 1283 | io_text[0] = io[2] ^ SUBKEY_L(32); |
@@ -1300,22 +1301,22 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io_text) | |||
1300 | /* main iteration */ | 1301 | /* main iteration */ |
1301 | CAMELLIA_ROUNDSM(io[0],io[1], | 1302 | CAMELLIA_ROUNDSM(io[0],io[1], |
1302 | SUBKEY_L(31),SUBKEY_R(31), | 1303 | SUBKEY_L(31),SUBKEY_R(31), |
1303 | io[2],io[3],il,ir,t0,t1); | 1304 | io[2],io[3],il,ir); |
1304 | CAMELLIA_ROUNDSM(io[2],io[3], | 1305 | CAMELLIA_ROUNDSM(io[2],io[3], |
1305 | SUBKEY_L(30),SUBKEY_R(30), | 1306 | SUBKEY_L(30),SUBKEY_R(30), |
1306 | io[0],io[1],il,ir,t0,t1); | 1307 | io[0],io[1],il,ir); |
1307 | CAMELLIA_ROUNDSM(io[0],io[1], | 1308 | CAMELLIA_ROUNDSM(io[0],io[1], |
1308 | SUBKEY_L(29),SUBKEY_R(29), | 1309 | SUBKEY_L(29),SUBKEY_R(29), |
1309 | io[2],io[3],il,ir,t0,t1); | 1310 | io[2],io[3],il,ir); |
1310 | CAMELLIA_ROUNDSM(io[2],io[3], | 1311 | CAMELLIA_ROUNDSM(io[2],io[3], |
1311 | SUBKEY_L(28),SUBKEY_R(28), | 1312 | SUBKEY_L(28),SUBKEY_R(28), |
1312 | io[0],io[1],il,ir,t0,t1); | 1313 | io[0],io[1],il,ir); |
1313 | CAMELLIA_ROUNDSM(io[0],io[1], | 1314 | CAMELLIA_ROUNDSM(io[0],io[1], |
1314 | SUBKEY_L(27),SUBKEY_R(27), | 1315 | SUBKEY_L(27),SUBKEY_R(27), |
1315 | io[2],io[3],il,ir,t0,t1); | 1316 | io[2],io[3],il,ir); |
1316 | CAMELLIA_ROUNDSM(io[2],io[3], | 1317 | CAMELLIA_ROUNDSM(io[2],io[3], |
1317 | SUBKEY_L(26),SUBKEY_R(26), | 1318 | SUBKEY_L(26),SUBKEY_R(26), |
1318 | io[0],io[1],il,ir,t0,t1); | 1319 | io[0],io[1],il,ir); |
1319 | 1320 | ||
1320 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1321 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1321 | SUBKEY_L(25),SUBKEY_R(25), | 1322 | SUBKEY_L(25),SUBKEY_R(25), |
@@ -1324,22 +1325,22 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io_text) | |||
1324 | 1325 | ||
1325 | CAMELLIA_ROUNDSM(io[0],io[1], | 1326 | CAMELLIA_ROUNDSM(io[0],io[1], |
1326 | SUBKEY_L(23),SUBKEY_R(23), | 1327 | SUBKEY_L(23),SUBKEY_R(23), |
1327 | io[2],io[3],il,ir,t0,t1); | 1328 | io[2],io[3],il,ir); |
1328 | CAMELLIA_ROUNDSM(io[2],io[3], | 1329 | CAMELLIA_ROUNDSM(io[2],io[3], |
1329 | SUBKEY_L(22),SUBKEY_R(22), | 1330 | SUBKEY_L(22),SUBKEY_R(22), |
1330 | io[0],io[1],il,ir,t0,t1); | 1331 | io[0],io[1],il,ir); |
1331 | CAMELLIA_ROUNDSM(io[0],io[1], | 1332 | CAMELLIA_ROUNDSM(io[0],io[1], |
1332 | SUBKEY_L(21),SUBKEY_R(21), | 1333 | SUBKEY_L(21),SUBKEY_R(21), |
1333 | io[2],io[3],il,ir,t0,t1); | 1334 | io[2],io[3],il,ir); |
1334 | CAMELLIA_ROUNDSM(io[2],io[3], | 1335 | CAMELLIA_ROUNDSM(io[2],io[3], |
1335 | SUBKEY_L(20),SUBKEY_R(20), | 1336 | SUBKEY_L(20),SUBKEY_R(20), |
1336 | io[0],io[1],il,ir,t0,t1); | 1337 | io[0],io[1],il,ir); |
1337 | CAMELLIA_ROUNDSM(io[0],io[1], | 1338 | CAMELLIA_ROUNDSM(io[0],io[1], |
1338 | SUBKEY_L(19),SUBKEY_R(19), | 1339 | SUBKEY_L(19),SUBKEY_R(19), |
1339 | io[2],io[3],il,ir,t0,t1); | 1340 | io[2],io[3],il,ir); |
1340 | CAMELLIA_ROUNDSM(io[2],io[3], | 1341 | CAMELLIA_ROUNDSM(io[2],io[3], |
1341 | SUBKEY_L(18),SUBKEY_R(18), | 1342 | SUBKEY_L(18),SUBKEY_R(18), |
1342 | io[0],io[1],il,ir,t0,t1); | 1343 | io[0],io[1],il,ir); |
1343 | 1344 | ||
1344 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1345 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1345 | SUBKEY_L(17),SUBKEY_R(17), | 1346 | SUBKEY_L(17),SUBKEY_R(17), |
@@ -1348,22 +1349,22 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io_text) | |||
1348 | 1349 | ||
1349 | CAMELLIA_ROUNDSM(io[0],io[1], | 1350 | CAMELLIA_ROUNDSM(io[0],io[1], |
1350 | SUBKEY_L(15),SUBKEY_R(15), | 1351 | SUBKEY_L(15),SUBKEY_R(15), |
1351 | io[2],io[3],il,ir,t0,t1); | 1352 | io[2],io[3],il,ir); |
1352 | CAMELLIA_ROUNDSM(io[2],io[3], | 1353 | CAMELLIA_ROUNDSM(io[2],io[3], |
1353 | SUBKEY_L(14),SUBKEY_R(14), | 1354 | SUBKEY_L(14),SUBKEY_R(14), |
1354 | io[0],io[1],il,ir,t0,t1); | 1355 | io[0],io[1],il,ir); |
1355 | CAMELLIA_ROUNDSM(io[0],io[1], | 1356 | CAMELLIA_ROUNDSM(io[0],io[1], |
1356 | SUBKEY_L(13),SUBKEY_R(13), | 1357 | SUBKEY_L(13),SUBKEY_R(13), |
1357 | io[2],io[3],il,ir,t0,t1); | 1358 | io[2],io[3],il,ir); |
1358 | CAMELLIA_ROUNDSM(io[2],io[3], | 1359 | CAMELLIA_ROUNDSM(io[2],io[3], |
1359 | SUBKEY_L(12),SUBKEY_R(12), | 1360 | SUBKEY_L(12),SUBKEY_R(12), |
1360 | io[0],io[1],il,ir,t0,t1); | 1361 | io[0],io[1],il,ir); |
1361 | CAMELLIA_ROUNDSM(io[0],io[1], | 1362 | CAMELLIA_ROUNDSM(io[0],io[1], |
1362 | SUBKEY_L(11),SUBKEY_R(11), | 1363 | SUBKEY_L(11),SUBKEY_R(11), |
1363 | io[2],io[3],il,ir,t0,t1); | 1364 | io[2],io[3],il,ir); |
1364 | CAMELLIA_ROUNDSM(io[2],io[3], | 1365 | CAMELLIA_ROUNDSM(io[2],io[3], |
1365 | SUBKEY_L(10),SUBKEY_R(10), | 1366 | SUBKEY_L(10),SUBKEY_R(10), |
1366 | io[0],io[1],il,ir,t0,t1); | 1367 | io[0],io[1],il,ir); |
1367 | 1368 | ||
1368 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 1369 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], |
1369 | SUBKEY_L(9),SUBKEY_R(9), | 1370 | SUBKEY_L(9),SUBKEY_R(9), |
@@ -1372,22 +1373,22 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io_text) | |||
1372 | 1373 | ||
1373 | CAMELLIA_ROUNDSM(io[0],io[1], | 1374 | CAMELLIA_ROUNDSM(io[0],io[1], |
1374 | SUBKEY_L(7),SUBKEY_R(7), | 1375 | SUBKEY_L(7),SUBKEY_R(7), |
1375 | io[2],io[3],il,ir,t0,t1); | 1376 | io[2],io[3],il,ir); |
1376 | CAMELLIA_ROUNDSM(io[2],io[3], | 1377 | CAMELLIA_ROUNDSM(io[2],io[3], |
1377 | SUBKEY_L(6),SUBKEY_R(6), | 1378 | SUBKEY_L(6),SUBKEY_R(6), |
1378 | io[0],io[1],il,ir,t0,t1); | 1379 | io[0],io[1],il,ir); |
1379 | CAMELLIA_ROUNDSM(io[0],io[1], | 1380 | CAMELLIA_ROUNDSM(io[0],io[1], |
1380 | SUBKEY_L(5),SUBKEY_R(5), | 1381 | SUBKEY_L(5),SUBKEY_R(5), |
1381 | io[2],io[3],il,ir,t0,t1); | 1382 | io[2],io[3],il,ir); |
1382 | CAMELLIA_ROUNDSM(io[2],io[3], | 1383 | CAMELLIA_ROUNDSM(io[2],io[3], |
1383 | SUBKEY_L(4),SUBKEY_R(4), | 1384 | SUBKEY_L(4),SUBKEY_R(4), |
1384 | io[0],io[1],il,ir,t0,t1); | 1385 | io[0],io[1],il,ir); |
1385 | CAMELLIA_ROUNDSM(io[0],io[1], | 1386 | CAMELLIA_ROUNDSM(io[0],io[1], |
1386 | SUBKEY_L(3),SUBKEY_R(3), | 1387 | SUBKEY_L(3),SUBKEY_R(3), |
1387 | io[2],io[3],il,ir,t0,t1); | 1388 | io[2],io[3],il,ir); |
1388 | CAMELLIA_ROUNDSM(io[2],io[3], | 1389 | CAMELLIA_ROUNDSM(io[2],io[3], |
1389 | SUBKEY_L(2),SUBKEY_R(2), | 1390 | SUBKEY_L(2),SUBKEY_R(2), |
1390 | io[0],io[1],il,ir,t0,t1); | 1391 | io[0],io[1],il,ir); |
1391 | 1392 | ||
1392 | /* post whitening but kw4 */ | 1393 | /* post whitening but kw4 */ |
1393 | io_text[0] = io[2] ^ SUBKEY_L(0); | 1394 | io_text[0] = io[2] ^ SUBKEY_L(0); |
@@ -1399,7 +1400,7 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io_text) | |||
1399 | 1400 | ||
1400 | struct camellia_ctx { | 1401 | struct camellia_ctx { |
1401 | int key_length; | 1402 | int key_length; |
1402 | u32 key_table[CAMELLIA_TABLE_BYTE_LEN / 4]; | 1403 | u32 key_table[CAMELLIA_TABLE_BYTE_LEN / sizeof(u32)]; |
1403 | }; | 1404 | }; |
1404 | 1405 | ||
1405 | static int | 1406 | static int |